Renaming, addition of draft cert-manager, templating
This commit is contained in:
parent
d0852fb193
commit
889731ec66
@ -1,23 +0,0 @@
|
||||
{{- if .Values.calico.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: calico
|
||||
namespace: argocd
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Chart.Name }}-calico
|
||||
helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: kubezero
|
||||
spec:
|
||||
project: kubezero
|
||||
|
||||
source:
|
||||
repoURL: {{ default .Values.defaultSource.repoURL }}
|
||||
targetRevision: {{ default .Values.defaultSource.targetRevision }}
|
||||
path: {{ default .Values.defaultSource.pathPrefix }}artifacts/calico
|
||||
|
||||
destination:
|
||||
server: {{ default .Values.defaultDestination.server }}
|
||||
namespace: kube-system
|
||||
{{- end }}
|
@ -1,23 +0,0 @@
|
||||
{{- if .Values.certManager.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cert-manager
|
||||
namespace: argocd
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Chart.Name }}-cert-manager
|
||||
helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: kubezero
|
||||
spec:
|
||||
project: kubezero
|
||||
|
||||
source:
|
||||
repoURL: {{ default .Values.defaultSource.repoURL }}
|
||||
targetRevision: {{ default .Values.defaultSource.targetRevision }}
|
||||
path: {{ default .Values.defaultSource.pathPrefix }}artifacts/cert-manager
|
||||
|
||||
destination:
|
||||
server: {{ default .Values.defaultDestination.server }}
|
||||
namespace: kube-system
|
||||
{{- end }}
|
@ -1,25 +0,0 @@
|
||||
{{- if .Values.localVolumeProvisioner.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: local-volume-provisioner
|
||||
namespace: argocd
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Chart.Name }}-localVolumeProvisioner
|
||||
helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: kubezero
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: kubezero
|
||||
|
||||
source:
|
||||
repoURL: {{ default .Values.defaultSource.repoURL }}
|
||||
targetRevision: {{ default .Values.defaultSource.targetRevision }}
|
||||
path: {{ default .Values.defaultSource.pathPrefix }}artifacts/local-volume-provisioner
|
||||
|
||||
destination:
|
||||
server: {{ default .Values.defaultDestination.server }}
|
||||
namespace: kube-system
|
||||
{{- end }}
|
6
charts/kubezero/Chart.lock
Normal file
6
charts/kubezero/Chart.lock
Normal file
@ -0,0 +1,6 @@
|
||||
dependencies:
|
||||
- name: argo-cd
|
||||
repository: https://argoproj.github.io/argo-helm
|
||||
version: 2.2.13
|
||||
digest: sha256:f27e25c51f555fd32ccb9c29ac5351938c78fc7b0bce1eb26acbc21a261caabf
|
||||
generated: "2020-05-04T23:48:08.109493489+01:00"
|
@ -1,7 +1,7 @@
|
||||
apiVersion: v2
|
||||
description: KubeZero Helm chart to install Zero Down Time Kuberenetes platform
|
||||
name: kubezero
|
||||
version: 0.1.8
|
||||
version: 0.2.0
|
||||
home: https://kubezero.com
|
||||
keywords:
|
||||
- kubezero
|
||||
@ -11,5 +11,5 @@ maintainers:
|
||||
- name: Quarky9
|
||||
dependencies:
|
||||
- name: argo-cd
|
||||
version: 2.2.12
|
||||
version: 2.2.13
|
||||
repository: https://argoproj.github.io/argo-helm
|
||||
|
@ -2,7 +2,7 @@ kubezero
|
||||
========
|
||||
KubeZero Helm chart to install Zero Down Time Kuberenetes platform
|
||||
|
||||
Current chart version is `0.1.8`
|
||||
Current chart version is `0.2.0`
|
||||
|
||||
Source code can be found [here](https://kubezero.com)
|
||||
|
||||
@ -10,7 +10,7 @@ Source code can be found [here](https://kubezero.com)
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://argoproj.github.io/argo-helm | argo-cd | 2.2.12 |
|
||||
| https://argoproj.github.io/argo-helm | argo-cd | 2.2.13 |
|
||||
|
||||
## Chart Values
|
||||
|
||||
@ -33,7 +33,6 @@ Source code can be found [here](https://kubezero.com)
|
||||
| argo-cd.server.service.servicePortHttpsName | string | `"grpc"` | |
|
||||
| argo-cd.server.tolerations[0].effect | string | `"NoSchedule"` | |
|
||||
| argo-cd.server.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
|
||||
| bootstrap | bool | `true` | Wether to install the root-app `kubezero-app` |
|
||||
| config | object | `{}` | Kubezero configuration to be passed into kubezero-app |
|
||||
| istio.enabled | bool | `false` | Deploy Istio VirtualService to expose ArgoCD |
|
||||
| istio.gateway | string | `"ingressgateway.istio-system.svc.cluster.local"` | Name of the Istio gateway to add the VirtualService to |
|
||||
| kubezero | object | `{}` | Kubezero configuration, values.yaml please see kubezeroApp |
|
||||
|
@ -1,2 +0,0 @@
|
||||
*.tgz
|
||||
output
|
@ -1,16 +0,0 @@
|
||||
apiVersion: v1
|
||||
appVersion: "1.5.2"
|
||||
description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
|
||||
name: argo-cd
|
||||
version: 2.2.12
|
||||
home: https://github.com/argoproj/argo-helm
|
||||
icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
|
||||
keywords:
|
||||
- argoproj
|
||||
- argocd
|
||||
- gitops
|
||||
maintainers:
|
||||
- name: alexec
|
||||
- name: alexmt
|
||||
- name: jessesuen
|
||||
- name: seanson
|
@ -1,308 +0,0 @@
|
||||
# Argo CD Chart
|
||||
|
||||
A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
|
||||
|
||||
Source code can be found [here](https://argoproj.github.io/argo-cd/)
|
||||
|
||||
## Additional Information
|
||||
|
||||
This is a **community maintained** chart. This chart installs [argo-cd](https://argoproj.github.io/argo-cd/), a declarative, GitOps continuous delivery tool for Kubernetes.
|
||||
|
||||
The default installation is intended to be similar to the provided ArgoCD [releases](https://github.com/argoproj/argo-cd/releases).
|
||||
|
||||
This chart currently installs the non-HA version of ArgoCD.
|
||||
|
||||
## Upgrading
|
||||
|
||||
### 1.8.7 to 2.x.x
|
||||
|
||||
`controller.extraArgs`, `repoServer.extraArgs` and `server.extraArgs` are not arrays of strings intead of a map
|
||||
|
||||
What was
|
||||
```yaml
|
||||
server:
|
||||
extraArgs:
|
||||
insecure: ""
|
||||
```
|
||||
|
||||
is now
|
||||
|
||||
```yaml
|
||||
server:
|
||||
extraArgs:
|
||||
- --insecure
|
||||
```
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes 1.7+
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
To install the chart with the release name `my-release`:
|
||||
|
||||
```console
|
||||
$ helm repo add argo https://argoproj.github.io/argo-helm
|
||||
"argo" has been added to your repositories
|
||||
|
||||
$ helm install --name my-release argo/argo-cd
|
||||
NAME: my-release
|
||||
...
|
||||
```
|
||||
|
||||
### Helm v3 Compatability
|
||||
|
||||
Requires chart version 1.5.2 or newer.
|
||||
|
||||
Helm v3 has removed the `install-crds` hook so CRDs are now populated by files in the [crds](./crds) directory. Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistant webhooks.
|
||||
|
||||
## Chart Values
|
||||
|
||||
| Parameter | Description | Default |
|
||||
|-----|------|---------|
|
||||
| global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` |
|
||||
| global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` |
|
||||
| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.5.2"` |
|
||||
| global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) |
|
||||
| global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` |
|
||||
| global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` |
|
||||
| nameOverride | Provide a name in place of `argocd` | `"argocd"` |
|
||||
| installCRDs | Install CRDs if you are using Helm2. | `true` |
|
||||
| configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) |
|
||||
| configs.secret.annotations | Annotations for argocd-secret | `{}` |
|
||||
| configs.secret.argocdServerAdminPassword | Admin password | `null` |
|
||||
| configs.secret.argocdServerAdminPasswordMtime | Admin password modification time | `date "2006-01-02T15:04:05Z" now` if configs.secret.argocdServerAdminPassword is set |
|
||||
| configs.secret.bitbucketSecret | BitBucket incoming webhook secret | `""` |
|
||||
| configs.secret.createSecret | Create the argocd-secret. | `true` |
|
||||
| configs.secret.githubSecret | GitHub incoming webhook secret | `""` |
|
||||
| configs.secret.gitlabSecret | GitLab incoming webhook secret | `""` |
|
||||
| configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) |
|
||||
| configs.secret.extra | add additional secrets to be added to argocd-secret | `{}` |
|
||||
| openshift.enabled | enables using arbitrary uid for argo repo server | `false` |
|
||||
|
||||
## ArgoCD Controller
|
||||
|
||||
| Parameter | Description | Default |
|
||||
|-----|---------|-------------|
|
||||
| controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` |
|
||||
| controller.args.operationProcessors | define the controller `--operation-processors` | `"10"` |
|
||||
| controller.args.statusProcessors | define the controller `--status-processors` | `"20"` |
|
||||
| controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` |
|
||||
| controller.containerPort | Controller listening port. | `8082` |
|
||||
| controller.extraArgs | Additional arguments for the controller. A list of flags | `[]` |
|
||||
| controller.env | Environment variables for the controller. | `[]` |
|
||||
| controller.image.repository | Repository to use for the controller | `global.image.repository` |
|
||||
| controller.image.imagePullPolicy | Image pull policy for the controller | `global.image.imagePullPolicy` |
|
||||
| controller.image.tag | Tag to use for the controller | `global.image.tag` |
|
||||
| controller.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
|
||||
| controller.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
|
||||
| controller.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
|
||||
| controller.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
|
||||
| controller.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
|
||||
| controller.logLevel | Controller log level | `"info"` |
|
||||
| controller.metrics.enabled | Deploy metrics service | `false` |
|
||||
| controller.metrics.service.annotations | Metrics service annotations | `{}` |
|
||||
| controller.metrics.service.labels | Metrics service labels | `{}` |
|
||||
| controller.metrics.service.servicePort | Metrics service port | `8082` |
|
||||
| controller.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` |
|
||||
| controller.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` |
|
||||
| controller.name | Controller name string. | `"application-controller"` |
|
||||
| controller.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
|
||||
| controller.podAnnotations | Annotations for the controller pods | `{}` |
|
||||
| controller.podLabels | Labels for the controller pods | `{}` |
|
||||
| controller.priorityClassName | Priority class for the controller pods | `""` |
|
||||
| controller.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
|
||||
| controller.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
|
||||
| controller.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
|
||||
| controller.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
|
||||
| controller.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
|
||||
| controller.resources | Resource limits and requests for the controller pods. | `{}` |
|
||||
| controller.service.annotations | Controller service annotations. | `{}` |
|
||||
| controller.service.labels | Controller service labels. | `{}` |
|
||||
| controller.service.port | Controller service port. | `8082` |
|
||||
| controller.serviceAccount.create | Create a service account for the controller | `true` |
|
||||
| controller.serviceAccount.name | Service account name. | `"argocd-application-controller"` |
|
||||
| controller.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
|
||||
| controller.volumeMounts | Controller volume mounts | `[]` |
|
||||
| controller.volumes | Controller volumes | `[]` |
|
||||
|
||||
## Argo Repo Server
|
||||
|
||||
| Property | Description | Default |
|
||||
|-----|---------|-------------|
|
||||
| repoServer.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` |
|
||||
| repoServer.autoscaling.enabled | Enable Horizontal Pod Autoscaler ([HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/)) for the repo server | `false` |
|
||||
| repoServer.autoscaling.minReplicas | Minimum number of replicas for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `1` |
|
||||
| repoServer.autoscaling.maxReplicas | Maximum number of replicas for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `5` |
|
||||
| repoServer.autoscaling.targetCPUUtilizationPercentage | Average CPU utilization percentage for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` |
|
||||
| repoServer.autoscaling.targetMemoryUtilizationPercentage | Average memory utilization percentage for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` |
|
||||
| repoServer.containerPort | Repo server port | `8081` |
|
||||
| repoServer.extraArgs | Additional arguments for the repo server. A list of flags. | `[]` |
|
||||
| repoServer.env | Environment variables for the repo server. | `[]` |
|
||||
| repoServer.image.repository | Repository to use for the repo server | `global.image.repository` |
|
||||
| repoServer.image.imagePullPolicy | Image pull policy for the repo server | `global.image.imagePullPolicy` |
|
||||
| repoServer.image.tag | Tag to use for the repo server | `global.image.tag` |
|
||||
| repoServer.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
|
||||
| repoServer.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
|
||||
| repoServer.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
|
||||
| repoServer.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
|
||||
| repoServer.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
|
||||
| repoServer.logLevel | Log level | `"info"` |
|
||||
| repoServer.metrics.enabled | Deploy metrics service | `false` |
|
||||
| repoServer.metrics.service.annotations | Metrics service annotations | `{}` |
|
||||
| repoServer.metrics.service.labels | Metrics service labels | `{}` |
|
||||
| repoServer.metrics.service.servicePort | Metrics service port | `8082` |
|
||||
| repoServer.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` |
|
||||
| repoServer.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` |
|
||||
| repoServer.name | Repo server name | `"repo-server"` |
|
||||
| repoServer.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
|
||||
| repoServer.podAnnotations | Annotations for the repo server pods | `{}` |
|
||||
| repoServer.podLabels | Labels for the repo server pods | `{}` |
|
||||
| repoServer.priorityClassName | Priority class for the repo server | `""` |
|
||||
| repoServer.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
|
||||
| repoServer.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
|
||||
| repoServer.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
|
||||
| repoServer.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
|
||||
| repoServer.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
|
||||
| repoServer.replicas | The number of repo server pods to run | `1` |
|
||||
| repoServer.resources | Resource limits and requests for the repo server pods. | `{}` |
|
||||
| repoServer.service.annotations | Repo server service annotations. | `{}` |
|
||||
| repoServer.service.labels | Repo server service labels. | `{}` |
|
||||
| repoServer.service.port | Repo server service port. | `8081` |
|
||||
| repoServer.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
|
||||
| repoServer.volumeMounts | Repo server volume mounts | `[]` |
|
||||
| repoServer.volumes | Repo server volumes | `[]` |
|
||||
|
||||
## Argo Server
|
||||
|
||||
| Parameter | Description | Default |
|
||||
|-----|---------|-------------|
|
||||
| server.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` |
|
||||
| server.autoscaling.enabled | Enable Horizontal Pod Autoscaler ([HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/)) for the server | `false` |
|
||||
| server.autoscaling.minReplicas | Minimum number of replicas for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `1` |
|
||||
| server.autoscaling.maxReplicas | Maximum number of replicas for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `5` |
|
||||
| server.autoscaling.targetCPUUtilizationPercentage | Average CPU utilization percentage for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` |
|
||||
| server.autoscaling.targetMemoryUtilizationPercentage | Average memory utilization percentage for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` |
|
||||
| server.GKEbackendConfig.enabled | Enable BackendConfig custom resource for Google Kubernetes Engine. | `false` |
|
||||
| server.GKEbackendConfig.spec | [BackendConfigSpec](https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom) | `{}` |
|
||||
| server.certificate.additionalHosts | Certificate manager additional hosts | `[]` |
|
||||
| server.certificate.domain | Certificate manager domain | `"argocd.example.com"` |
|
||||
| server.certificate.enabled | Enables a certificate manager certificate. | `false` |
|
||||
| server.certificate.issuer | Certificate manager issuer | `{}` |
|
||||
| server.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` |
|
||||
| server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) |
|
||||
| server.containerPort | Server container port. | `8080` |
|
||||
| server.extraArgs | Additional arguments for the server. A list of flags. | `[]` |
|
||||
| server.env | Environment variables for the server. | `[]` |
|
||||
| server.image.repository | Repository to use for the server | `global.image.repository` |
|
||||
| server.image.imagePullPolicy | Image pull policy for the server | `global.image.imagePullPolicy` |
|
||||
| server.image.tag | Tag to use for the server | `global.image.tag` |
|
||||
| server.ingress.annotations | Additional ingress annotations | `{}` |
|
||||
| server.ingress.enabled | Enable an ingress resource for the server | `false` |
|
||||
| server.ingress.hosts | List of ingress hosts | `[]` |
|
||||
| server.ingress.labels | Additional ingress labels. | `{}` |
|
||||
| server.ingress.tls | Ingress TLS configuration. | `[]` |
|
||||
| server.route.enabled | Enable a OpenShift route for the server | `false` |
|
||||
| server.route.hostname | Hostname of OpenShift route | `""` |
|
||||
| server.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
|
||||
| server.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
|
||||
| server.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
|
||||
| server.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
|
||||
| server.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
|
||||
| server.logLevel | Log level | `"info"` |
|
||||
| server.metrics.enabled | Deploy metrics service | `false` |
|
||||
| server.metrics.service.annotations | Metrics service annotations | `{}` |
|
||||
| server.metrics.service.labels | Metrics service labels | `{}` |
|
||||
| server.metrics.service.servicePort | Metrics service port | `8082` |
|
||||
| server.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` |
|
||||
| server.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` |
|
||||
| server.name | Argo CD server name | `"server"` |
|
||||
| server.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
|
||||
| server.podAnnotations | Annotations for the server pods | `{}` |
|
||||
| server.podLabels | Labels for the server pods | `{}` |
|
||||
| server.priorityClassName | Priority class for the server | `""` |
|
||||
| server.rbacConfig | [Argo CD RBAC policy](https://argoproj.github.io/argo-cd/operator-manual/rbac/) | `{}` |
|
||||
| server.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
|
||||
| server.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
|
||||
| server.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
|
||||
| server.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
|
||||
| server.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
|
||||
| server.replicas | The number of server pods to run | `1` |
|
||||
| server.resources | Resource limits and requests for the server | `{}` |
|
||||
| server.service.annotations | Server service annotations | `{}` |
|
||||
| server.service.labels | Server service labels | `{}` |
|
||||
| server.service.servicePortHttp | Server service http port | `80` |
|
||||
| server.service.servicePortHttps | Server service https port | `443` |
|
||||
| server.service.servicePortHttpName | Server service http port name, can be used to route traffic via istio | `http` |
|
||||
| server.service.servicePortHttpsName | Server service https port name, can be used to route traffic via istio | `https` |
|
||||
| server.service.loadBalancerSourceRanges | Source IP ranges to allow access to service from. | `[]` |
|
||||
| server.service.type | Server service type | `"ClusterIP"` |
|
||||
| server.serviceAccount.create | Create server service account | `true` |
|
||||
| server.serviceAccount.name | Server service account name | `"argocd-server"` |
|
||||
| server.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
|
||||
| server.volumeMounts | Server volume mounts | `[]` |
|
||||
| server.volumes | Server volumes | `[]` |
|
||||
|
||||
## Dex
|
||||
|
||||
| Property | Description | Default |
|
||||
|-----|---------|-------------|
|
||||
| dex.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` |
|
||||
| dex.containerPortGrpc | GRPC container port | `5557` |
|
||||
| dex.containerPortHttp | HTTP container port | `5556` |
|
||||
| dex.enabled | Enable dex | `true` |
|
||||
| dex.image.imagePullPolicy | Dex imagePullPolicy | `"IfNotPresent"` |
|
||||
| dex.image.repository | Dex image repository | `"quay.io/dexidp/dex"` |
|
||||
| dex.image.tag | Dex image tag | `"v2.14.0"` |
|
||||
| dex.initImage.repository | Argo CD init image repository. | `global.image.repository` |
|
||||
| dex.initImage.imagePullPolicy | Argo CD init image imagePullPolicy | `global.image.imagePullPolicy` |
|
||||
| dex.initImage.tag | Argo CD init image tag | `global.image.tag` |
|
||||
| dex.name | Dex name | `"dex-server"` |
|
||||
| dex.env | Environment variables for the Dex server. | `[]` |
|
||||
| dex.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
|
||||
| dex.podAnnotations | Annotations for the Dex server pods | `{}` |
|
||||
| dex.podLabels | Labels for the Dex server pods | `{}` |
|
||||
| dex.priorityClassName | Priority class for dex | `""` |
|
||||
| dex.resources | Resource limits and requests for dex | `{}` |
|
||||
| dex.serviceAccount.create | Create dex service account | `true` |
|
||||
| dex.serviceAccount.name | Dex service account name | `"argocd-dex-server"` |
|
||||
| dex.servicePortGrpc | Server GRPC port | `5557` |
|
||||
| dex.servicePortHttp | Server HTTP port | `5556` |
|
||||
| dex.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
|
||||
| dex.volumeMounts | Dex volume mounts | `"/shared"` |
|
||||
| dex.volumes | Dex volumes | `{}` |
|
||||
|
||||
## Redis
|
||||
|
||||
When Redis is completely disabled from the chart (`redis.enabled=false`) and
|
||||
an external Redis instance wants to be used or
|
||||
when Redis HA subcart is enabled (`redis.enabled=true and redis-ha.enabled=true`)
|
||||
but HA proxy is disabled `redis-ha.haproxy.enabled=false` Redis flags need to be specified
|
||||
through `xxx.extraArgs`
|
||||
|
||||
| Parameter | Description | Default |
|
||||
|-----|---------|-------------|
|
||||
| redis.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` |
|
||||
| redis.containerPort | Redis container port | `6379` |
|
||||
| redis.enabled | Enable redis | `true` |
|
||||
| redis.image.imagePullPolicy | Redis imagePullPolicy | `"IfNotPresent"` |
|
||||
| redis.image.repository | Redis repository | `"redis"` |
|
||||
| redis.image.tag | Redis tag | `"5.0.3"` |
|
||||
| redis.name | Redis name | `"redis"` |
|
||||
| redis.env | Environment variables for the Redis server. | `[]` |
|
||||
| redis.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
|
||||
| redis.podAnnotations | Annotations for the Redis server pods | `{}` |
|
||||
| redis.podLabels | Labels for the Redis server pods | `{}` |
|
||||
| redis.priorityClassName | Priority class for redis | `""` |
|
||||
| redis.resources | Resource limits and requests for redis | `{}` |
|
||||
| redis.servicePort | Redis service port | `6379` |
|
||||
| redis.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
|
||||
| redis-ha | Configures [Redis HA subchart](https://github.com/helm/charts/tree/master/stable/redis-ha) The properties below have been changed from the subchart defaults | |
|
||||
| redis-ha.enabled | Enables the Redis HA subchart and disables the custom Redis single node deployment| `false` |
|
||||
| redis-ha.exporter.enabled | If `true`, the prometheus exporter sidecar is enabled | `true` |
|
||||
| redis-ha.persistentVolume.enabled | Configures persistency on Redis nodes | `false`
|
||||
| redis-ha.redis.masterGroupName | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | `argocd`
|
||||
| redis-ha.redis.config | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | `` |
|
||||
| redis-ha.redis.config.save | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | `""` |
|
||||
| redis-ha.haproxy.enabled | Enabled HAProxy LoadBalancing/Proxy | `true` |
|
||||
| redis-ha.haproxy.metrics.enabled | HAProxy enable prometheus metric scraping | `true` |
|
File diff suppressed because it is too large
Load Diff
@ -1,209 +0,0 @@
|
||||
apiVersion: apiextensions.k8s.io/v1beta1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: appprojects.argoproj.io
|
||||
app.kubernetes.io/part-of: argocd
|
||||
name: appprojects.argoproj.io
|
||||
annotations:
|
||||
helm.sh/hook: crd-install
|
||||
spec:
|
||||
group: argoproj.io
|
||||
names:
|
||||
kind: AppProject
|
||||
listKind: AppProjectList
|
||||
plural: appprojects
|
||||
shortNames:
|
||||
- appproj
|
||||
- appprojs
|
||||
singular: appproject
|
||||
scope: Namespaced
|
||||
validation:
|
||||
openAPIV3Schema:
|
||||
description: 'AppProject provides a logical grouping of applications, providing
|
||||
controls for: * where the apps may deploy to (cluster whitelist) * what may
|
||||
be deployed (repository whitelist, resource whitelist/blacklist) * who can
|
||||
access these applications (roles, OIDC group claims bindings) * and what they
|
||||
can do (RBAC policies) * automation access to these roles (JWT tokens)'
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
spec:
|
||||
description: AppProjectSpec is the specification of an AppProject
|
||||
properties:
|
||||
clusterResourceWhitelist:
|
||||
description: ClusterResourceWhitelist contains list of whitelisted cluster
|
||||
level resources
|
||||
items:
|
||||
description: GroupKind specifies a Group and a Kind, but does not
|
||||
force a version. This is useful for identifying concepts during
|
||||
lookup stages without having partially valid types
|
||||
properties:
|
||||
group:
|
||||
type: string
|
||||
kind:
|
||||
type: string
|
||||
required:
|
||||
- group
|
||||
- kind
|
||||
type: object
|
||||
type: array
|
||||
description:
|
||||
description: Description contains optional project description
|
||||
type: string
|
||||
destinations:
|
||||
description: Destinations contains list of destinations available for
|
||||
deployment
|
||||
items:
|
||||
description: ApplicationDestination contains deployment destination
|
||||
information
|
||||
properties:
|
||||
namespace:
|
||||
description: Namespace overrides the environment namespace value
|
||||
in the ksonnet app.yaml
|
||||
type: string
|
||||
server:
|
||||
description: Server overrides the environment server value in
|
||||
the ksonnet app.yaml
|
||||
type: string
|
||||
type: object
|
||||
type: array
|
||||
namespaceResourceBlacklist:
|
||||
description: NamespaceResourceBlacklist contains list of blacklisted
|
||||
namespace level resources
|
||||
items:
|
||||
description: GroupKind specifies a Group and a Kind, but does not
|
||||
force a version. This is useful for identifying concepts during
|
||||
lookup stages without having partially valid types
|
||||
properties:
|
||||
group:
|
||||
type: string
|
||||
kind:
|
||||
type: string
|
||||
required:
|
||||
- group
|
||||
- kind
|
||||
type: object
|
||||
type: array
|
||||
orphanedResources:
|
||||
description: OrphanedResources specifies if controller should monitor
|
||||
orphaned resources of apps in this project
|
||||
properties:
|
||||
warn:
|
||||
description: Warn indicates if warning condition should be created
|
||||
for apps which have orphaned resources
|
||||
type: boolean
|
||||
type: object
|
||||
roles:
|
||||
description: Roles are user defined RBAC roles associated with this
|
||||
project
|
||||
items:
|
||||
description: ProjectRole represents a role that has access to a project
|
||||
properties:
|
||||
description:
|
||||
description: Description is a description of the role
|
||||
type: string
|
||||
groups:
|
||||
description: Groups are a list of OIDC group claims bound to this
|
||||
role
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
jwtTokens:
|
||||
description: JWTTokens are a list of generated JWT tokens bound
|
||||
to this role
|
||||
items:
|
||||
description: JWTToken holds the issuedAt and expiresAt values
|
||||
of a token
|
||||
properties:
|
||||
exp:
|
||||
format: int64
|
||||
type: integer
|
||||
iat:
|
||||
format: int64
|
||||
type: integer
|
||||
required:
|
||||
- iat
|
||||
type: object
|
||||
type: array
|
||||
name:
|
||||
description: Name is a name for this role
|
||||
type: string
|
||||
policies:
|
||||
description: Policies Stores a list of casbin formated strings
|
||||
that define access policies for the role in the project
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- name
|
||||
type: object
|
||||
type: array
|
||||
sourceRepos:
|
||||
description: SourceRepos contains list of repository URLs which can
|
||||
be used for deployment
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
syncWindows:
|
||||
description: SyncWindows controls when syncs can be run for apps in
|
||||
this project
|
||||
items:
|
||||
description: SyncWindow contains the kind, time, duration and attributes
|
||||
that are used to assign the syncWindows to apps
|
||||
properties:
|
||||
applications:
|
||||
description: Applications contains a list of applications that
|
||||
the window will apply to
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
clusters:
|
||||
description: Clusters contains a list of clusters that the window
|
||||
will apply to
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
duration:
|
||||
description: Duration is the amount of time the sync window will
|
||||
be open
|
||||
type: string
|
||||
kind:
|
||||
description: Kind defines if the window allows or blocks syncs
|
||||
type: string
|
||||
manualSync:
|
||||
description: ManualSync enables manual syncs when they would otherwise
|
||||
be blocked
|
||||
type: boolean
|
||||
namespaces:
|
||||
description: Namespaces contains a list of namespaces that the
|
||||
window will apply to
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
schedule:
|
||||
description: Schedule is the time the window will begin, specified
|
||||
in cron format
|
||||
type: string
|
||||
type: object
|
||||
type: array
|
||||
type: object
|
||||
required:
|
||||
- metadata
|
||||
- spec
|
||||
type: object
|
||||
version: v1alpha1
|
||||
versions:
|
||||
- name: v1alpha1
|
||||
served: true
|
||||
storage: true
|
@ -1,6 +0,0 @@
|
||||
dependencies:
|
||||
- name: redis-ha
|
||||
repository: https://kubernetes-charts.storage.googleapis.com
|
||||
version: 4.4.2
|
||||
digest: sha256:70fdd035c3aa3b7185882f12a73143c58ab32f04262dda2cf34a2b1a52116d96
|
||||
generated: "2020-03-29T14:37:59.349371452+01:00"
|
@ -1,5 +0,0 @@
|
||||
dependencies:
|
||||
- name: redis-ha
|
||||
version: 4.4.2
|
||||
repository: https://kubernetes-charts.storage.googleapis.com
|
||||
condition: redis-ha.enabled
|
@ -1,15 +0,0 @@
|
||||
In order to access the server UI you have the following options:
|
||||
|
||||
1. kubectl port-forward service/{{include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443
|
||||
|
||||
and then open the browser on http://localhost:8080 and accept the certificate
|
||||
|
||||
2. enable ingress in the values file `service.ingress.enabled` and either
|
||||
- Add the annotation for ssl passthrough: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-1-ssl-passthrough
|
||||
- Add the `--insecure` flag to `server.extraArgs` in the values file and terminate SSL at your ingress: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-2-multiple-ingress-objects-and-hosts
|
||||
|
||||
|
||||
After reaching the UI the first time you can login with username: admin and the password will be the
|
||||
name of the server pod. You can get the pod name by running:
|
||||
|
||||
kubectl get pods -n {{ .Release.Namespace }} -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2
|
@ -1,118 +0,0 @@
|
||||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "argo-cd.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "argo-cd.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create controller name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.controller.fullname" -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create dex name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.dex.fullname" -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.dex.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create redis name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.redis.fullname" -}}
|
||||
{{ $redisHa := (index .Values "redis-ha") }}
|
||||
{{- if $redisHa.enabled -}}
|
||||
{{- if $redisHa.haproxy.enabled -}}
|
||||
{{- printf "%s-redis-ha-haproxy" .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.redis.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create argocd server name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.server.fullname" -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create argocd repo-server name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.repoServer.fullname" -}}
|
||||
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the controller service account to use
|
||||
*/}}
|
||||
{{- define "argo-cd.controllerServiceAccountName" -}}
|
||||
{{- if .Values.controller.serviceAccount.create -}}
|
||||
{{ default (include "argo-cd.fullname" .) .Values.controller.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.controller.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the dex service account to use
|
||||
*/}}
|
||||
{{- define "argo-cd.dexServiceAccountName" -}}
|
||||
{{- if .Values.dex.serviceAccount.create -}}
|
||||
{{ default (include "argo-cd.fullname" .) .Values.dex.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.dex.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the ArgoCD server service account to use
|
||||
*/}}
|
||||
{{- define "argo-cd.serverServiceAccountName" -}}
|
||||
{{- if .Values.server.serviceAccount.create -}}
|
||||
{{ default (include "argo-cd.fullname" .) .Values.server.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.server.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the repo-server service account to use
|
||||
*/}}
|
||||
{{- define "argo-cd.repoServerServiceAccountName" -}}
|
||||
{{- if .Values.repoServer.serviceAccount.create -}}
|
||||
{{ default (include "argo-cd.fullname" .) .Values.repoServer.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.repoServer.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "argo-cd.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
@ -1,24 +0,0 @@
|
||||
{{- if .Values.controller.clusterAdminAccess.enabled }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.controller.name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- '*'
|
||||
resources:
|
||||
- '*'
|
||||
verbs:
|
||||
- '*'
|
||||
- nonResourceURLs:
|
||||
- '*'
|
||||
verbs:
|
||||
- '*'
|
||||
{{- end }}
|
@ -1,21 +0,0 @@
|
||||
{{- if .Values.controller.clusterAdminAccess.enabled }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.controller.name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "argo-cd.controllerServiceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
{{- end }}
|
@ -1,123 +0,0 @@
|
||||
{{- $redisHa := (index .Values "redis-ha") -}}
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.controller.name }}
|
||||
app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
revisionHistoryLimit: 5
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
{{- if .Values.controller.podAnnotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.controller.podAnnotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.controller.name }}
|
||||
app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }}
|
||||
{{- if .Values.controller.podLabels }}
|
||||
{{- toYaml .Values.controller.podLabels | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- with .Values.global.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.global.securityContext }}
|
||||
securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- command:
|
||||
- argocd-application-controller
|
||||
- --status-processors
|
||||
- {{ .Values.controller.args.statusProcessors | quote }}
|
||||
- --operation-processors
|
||||
- {{ .Values.controller.args.operationProcessors | quote }}
|
||||
- --repo-server
|
||||
- {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
|
||||
- --loglevel
|
||||
- {{ .Values.controller.logLevel }}
|
||||
{{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }}
|
||||
- --redis
|
||||
- {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.extraArgs }}
|
||||
{{- . | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default .Values.global.image.tag .Values.controller.image.tag }}
|
||||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }}
|
||||
name: {{ .Values.controller.name }}
|
||||
{{- if .Values.controller.containerSecurityContext }}
|
||||
securityContext: {{- toYaml .Values.controller.containerSecurityContext | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.env }}
|
||||
env:
|
||||
{{- toYaml .Values.controller.env | nindent 8 }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: controller
|
||||
containerPort: {{ .Values.controller.containerPort }}
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: {{ .Values.controller.containerPort }}
|
||||
initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }}
|
||||
successThreshold: {{ .Values.controller.livenessProbe.successThreshold }}
|
||||
failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }}
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.controller.containerPort }}
|
||||
initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }}
|
||||
successThreshold: {{ .Values.controller.readinessProbe.successThreshold }}
|
||||
failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }}
|
||||
{{- if .Values.controller.volumeMounts }}
|
||||
volumeMounts:
|
||||
{{- toYaml .Values.controller.volumeMounts | nindent 10}}
|
||||
{{- end }}
|
||||
resources:
|
||||
{{- toYaml .Values.controller.resources | nindent 10 }}
|
||||
{{- if .Values.controller.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml .Values.controller.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml .Values.controller.tolerations | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.affinity }}
|
||||
affinity:
|
||||
{{- toYaml .Values.controller.affinity | nindent 8 }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{ toYaml . | indent 6 }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.volumes }}
|
||||
volumes:
|
||||
{{- toYaml .Values.controller.volumes | nindent 8 }}
|
||||
{{- end }}
|
@ -1,31 +0,0 @@
|
||||
{{- if .Values.controller.metrics.enabled}}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
{{- if .Values.controller.metrics.service.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.controller.metrics.service.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.controller.name }}
|
||||
{{- if .Values.controller.metrics.service.labels }}
|
||||
{{- toYaml .Values.controller.metrics.service.labels | nindent 4 }}
|
||||
{{- end }}
|
||||
name: {{ template "argo-cd.controller.fullname" . }}-metrics
|
||||
spec:
|
||||
ports:
|
||||
- name: metrics
|
||||
protocol: TCP
|
||||
port: {{ .Values.controller.metrics.service.servicePort }}
|
||||
targetPort: controller
|
||||
selector:
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
|
||||
{{- end }}
|
@ -1,27 +0,0 @@
|
||||
{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.rules.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PrometheusRule
|
||||
metadata:
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
{{- if .Values.controller.metrics.rules.namespace }}
|
||||
namespace: {{ .Values.controller.metrics.rules.namespace }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.controller.name }}
|
||||
{{- if .Values.controller.metrics.rules.selector }}
|
||||
{{- toYaml .Values.controller.metrics.rules.selector | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.rules.additionalLabels }}
|
||||
{{- toYaml .Values.controller.metrics.rules.additionalLabels | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
groups:
|
||||
- name: argocd
|
||||
rules:
|
||||
{{- toYaml .Values.controller.metrics.rules.spec | nindent 4 }}
|
||||
{{- end }}
|
@ -1,41 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.controller.name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- secrets
|
||||
- configmaps
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- argoproj.io
|
||||
resources:
|
||||
- applications
|
||||
- appprojects
|
||||
verbs:
|
||||
- create
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- update
|
||||
- patch
|
||||
- delete
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- events
|
||||
verbs:
|
||||
- create
|
||||
- list
|
@ -1,19 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.controller.name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "argo-cd.controllerServiceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
@ -1,25 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
{{- if .Values.controller.service.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.controller.service.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.controller.name }}
|
||||
spec:
|
||||
ports:
|
||||
- name: {{ .Values.controller.service.portName }}
|
||||
port: {{ .Values.controller.service.port }}
|
||||
targetPort: {{ .Values.controller.containerPort }}
|
||||
selector:
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
|
@ -1,11 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ template "argo-cd.controllerServiceAccountName" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.controller.name }}
|
@ -1,35 +0,0 @@
|
||||
{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ template "argo-cd.controller.fullname" . }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.namespace }}
|
||||
namespace: {{ .Values.controller.metrics.serviceMonitor.namespace }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.controller.name }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.selector }}
|
||||
{{- toYaml .Values.controller.metrics.serviceMonitor.selector | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.additionalLabels }}
|
||||
{{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
endpoints:
|
||||
- port: metrics
|
||||
interval: 30s
|
||||
path: /metrics
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ .Release.Namespace }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics
|
||||
app.kubernetes.io/component: {{ .Values.controller.name }}
|
||||
{{- end }}
|
||||
|
@ -1,13 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: argocd-cm
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-cm
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
data:
|
||||
{{- toYaml .Values.server.config | nindent 4 }}
|
@ -1,15 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: argocd-rbac-cm
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-rbac-cm
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
{{- if .Values.server.rbacConfig }}
|
||||
data:
|
||||
{{- toYaml .Values.server.rbacConfig | nindent 4 }}
|
||||
{{- end }}
|
@ -1,50 +0,0 @@
|
||||
{{- if .Values.configs.secret.createSecret }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: argocd-secret
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
{{- if .Values.configs.secret.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.configs.secret.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
type: Opaque
|
||||
{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig .Values.configs.secret.extra) }}
|
||||
# Setting a blank data again will wipe admin password/key/cert
|
||||
data:
|
||||
{{- if .Values.configs.secret.githubSecret }}
|
||||
webhook.github.secret: {{ .Values.configs.secret.githubSecret | b64enc }}
|
||||
{{- end }}
|
||||
{{- if .Values.configs.secret.gitlabSecret }}
|
||||
webhook.gitlab.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }}
|
||||
{{- end }}
|
||||
{{- if .Values.configs.secret.bitbucketServerSecret }}
|
||||
webhook.bitbucketserver.secret: {{ .Values.configs.secret.bitbucketServerSecret | b64enc }}
|
||||
{{- end }}
|
||||
{{- if .Values.configs.secret.bitbucketUUID }}
|
||||
webhook.bitbucket.uuid: {{ .Values.configs.secret.bitbucketUUID | b64enc }}
|
||||
{{- end }}
|
||||
{{- if .Values.configs.secret.gogsSecret }}
|
||||
webhook.gogs.secret: {{ .Values.configs.secret.gogsSecret | b64enc }}
|
||||
{{- end }}
|
||||
{{- if .Values.configs.secret.argocdServerTlsConfig }}
|
||||
tls.key: {{ .Values.configs.secret.argocdServerTlsConfig.key | b64enc }}
|
||||
tls.crt: {{ .Values.configs.secret.argocdServerTlsConfig.crt | b64enc }}
|
||||
{{- end }}
|
||||
{{- if .Values.configs.secret.argocdServerAdminPassword }}
|
||||
admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }}
|
||||
admin.passwordMtime: {{ default (date "2006-01-02T15:04:05Z" now) .Values.configs.secret.argocdServerAdminPasswordMtime | b64enc }}
|
||||
{{- end }}
|
||||
{{- range $key, $value := .Values.configs.secret.extra }}
|
||||
{{ $key }}: {{ $value | b64enc }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,12 +0,0 @@
|
||||
apiVersion: v1
|
||||
{{- toYaml .Values.configs.knownHosts | nindent 0 }}
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-ssh-known-hosts-cm
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
name: argocd-ssh-known-hosts-cm
|
@ -1,14 +0,0 @@
|
||||
apiVersion: v1
|
||||
{{- if .Values.configs.tlsCerts }}
|
||||
{{- toYaml .Values.configs.tlsCerts | nindent 0 }}
|
||||
{{- end }}
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-tls-certs-cm
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
name: argocd-tls-certs-cm
|
@ -1,154 +0,0 @@
|
||||
{{- $redisHa := (index .Values "redis-ha") -}}
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "argo-cd.repoServer.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.repoServer.name }}
|
||||
app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
revisionHistoryLimit: 5
|
||||
{{- if (ne .Values.repoServer.autoscaling.enabled true) }}
|
||||
replicas: {{ .Values.repoServer.replicas }}
|
||||
{{- end }}
|
||||
template:
|
||||
metadata:
|
||||
{{- if .Values.repoServer.podAnnotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.repoServer.podAnnotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.repoServer.name }}
|
||||
app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }}
|
||||
{{- if .Values.repoServer.podLabels }}
|
||||
{{- toYaml .Values.repoServer.podLabels | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- with .Values.global.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.global.securityContext }}
|
||||
securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ .Values.repoServer.name }}
|
||||
image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default .Values.global.image.tag .Values.repoServer.image.tag }}
|
||||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }}
|
||||
command:
|
||||
{{- if .Values.openshift.enabled }}
|
||||
- uid_entrypoint.sh
|
||||
{{- end }}
|
||||
- argocd-repo-server
|
||||
{{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }}
|
||||
- --redis
|
||||
- {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
|
||||
{{- end }}
|
||||
- --loglevel
|
||||
- {{ .Values.repoServer.logLevel }}
|
||||
{{- with .Values.repoServer.extraArgs }}
|
||||
{{- . | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.repoServer.containerSecurityContext }}
|
||||
securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if or (.Values.repoServer.env) (.Values.openshift.enabled) }}
|
||||
env:
|
||||
{{- if .Values.repoServer.env }}
|
||||
{{- toYaml .Values.repoServer.env | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.openshift.enabled }}
|
||||
- name: USER_NAME
|
||||
value: argocd
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
{{- if .Values.repoServer.volumeMounts }}
|
||||
{{- toYaml .Values.repoServer.volumeMounts | nindent 8}}
|
||||
{{- end }}
|
||||
{{- if .Values.configs.knownHosts }}
|
||||
- mountPath: /app/config/ssh
|
||||
name: ssh-known-hosts
|
||||
{{- end }}
|
||||
{{- if .Values.configs.tlsCerts }}
|
||||
- mountPath: /app/config/tls
|
||||
name: tls-certs
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: repo-server
|
||||
containerPort: {{ .Values.repoServer.containerPort }}
|
||||
protocol: TCP
|
||||
{{ if .Values.repoServer.metrics.enabled }}
|
||||
- name: metrics
|
||||
containerPort: 8084
|
||||
protocol: TCP
|
||||
{{- end }}
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.repoServer.containerPort }}
|
||||
initialDelaySeconds: {{ .Values.repoServer.livenessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.repoServer.livenessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.repoServer.livenessProbe.timeoutSeconds }}
|
||||
successThreshold: {{ .Values.repoServer.livenessProbe.successThreshold }}
|
||||
failureThreshold: {{ .Values.repoServer.livenessProbe.failureThreshold }}
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.repoServer.containerPort }}
|
||||
initialDelaySeconds: {{ .Values.repoServer.readinessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.repoServer.readinessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.repoServer.readinessProbe.timeoutSeconds }}
|
||||
successThreshold: {{ .Values.repoServer.readinessProbe.successThreshold }}
|
||||
failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }}
|
||||
resources:
|
||||
{{- toYaml .Values.repoServer.resources | nindent 10 }}
|
||||
{{- if .Values.repoServer.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml .Values.repoServer.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.repoServer.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml .Values.repoServer.tolerations | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.repoServer.affinity }}
|
||||
affinity:
|
||||
{{- toYaml .Values.repoServer.affinity | nindent 8 }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{ toYaml . | indent 6 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- if .Values.repoServer.volumes }}
|
||||
{{- toYaml .Values.repoServer.volumes | nindent 6}}
|
||||
{{- end }}
|
||||
{{- if .Values.configs.knownHosts }}
|
||||
- configMap:
|
||||
name: argocd-ssh-known-hosts-cm
|
||||
name: ssh-known-hosts
|
||||
{{- end }}
|
||||
{{- if .Values.configs.tlsCerts }}
|
||||
- configMap:
|
||||
name: argocd-tls-certs-cm
|
||||
name: tls-certs
|
||||
{{- end }}
|
||||
{{- if .Values.repoServer.initContainers }}
|
||||
initContainers:
|
||||
{{- toYaml .Values.repoServer.initContainers | nindent 6 }}
|
||||
{{- end }}
|
@ -1,33 +0,0 @@
|
||||
{{- if .Values.repoServer.autoscaling.enabled }}
|
||||
apiVersion: autoscaling/v2beta1
|
||||
kind: HorizontalPodAutoscaler
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}-hpa
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.repoServer.name }}
|
||||
name: {{ template "argo-cd.repoServer.fullname" . }}-hpa
|
||||
spec:
|
||||
scaleTargetRef:
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
name: {{ template "argo-cd.repoServer.fullname" . }}
|
||||
minReplicas: {{ .Values.repoServer.autoscaling.minReplicas }}
|
||||
maxReplicas: {{ .Values.repoServer.autoscaling.maxReplicas }}
|
||||
metrics:
|
||||
{{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: memory
|
||||
targetAverageUtilization: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: cpu
|
||||
targetAverageUtilization: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,31 +0,0 @@
|
||||
{{- if .Values.repoServer.metrics.enabled}}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
{{- if .Values.repoServer.metrics.service.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.repoServer.metrics.service.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.repoServer.name }}
|
||||
{{- if .Values.repoServer.metrics.service.labels }}
|
||||
{{- toYaml .Values.repoServer.metrics.service.labels | nindent 4 }}
|
||||
{{- end }}
|
||||
name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
|
||||
spec:
|
||||
ports:
|
||||
- name: metrics
|
||||
protocol: TCP
|
||||
port: {{ .Values.repoServer.metrics.service.servicePort }}
|
||||
targetPort: metrics
|
||||
selector:
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
|
||||
{{- end }}
|
@ -1,18 +0,0 @@
|
||||
{{- if .Values.configs.repositoryCredentials }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: argocd-repository-credentials
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
type: Opaque
|
||||
data:
|
||||
{{- range $key, $value := .Values.configs.repositoryCredentials }}
|
||||
{{ $key }}: {{ $value | b64enc }}
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,17 +0,0 @@
|
||||
{{- if .Values.repoServer.serviceAccount.create }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ template "argo-cd.repoServer.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.repoServer.name }}
|
||||
rules:
|
||||
{{- if .Values.repoServer.rbac }}
|
||||
{{toYaml .Values.repoServer.rbac }}
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,21 +0,0 @@
|
||||
{{- if .Values.repoServer.serviceAccount.create }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ template "argo-cd.repoServer.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.repoServer.name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: {{ template "argo-cd.repoServer.fullname" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "argo-cd.repoServerServiceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
{{- end }}
|
@ -1,26 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
{{- if .Values.repoServer.service.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.repoServer.service.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.repoServer.name }}
|
||||
name: {{ template "argo-cd.repoServer.fullname" . }}
|
||||
spec:
|
||||
ports:
|
||||
- name: {{ .Values.repoServer.service.portName }}
|
||||
protocol: TCP
|
||||
port: {{ .Values.repoServer.service.port }}
|
||||
targetPort: repo-server
|
||||
selector:
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
|
@ -1,19 +0,0 @@
|
||||
{{- if .Values.repoServer.serviceAccount.create }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ template "argo-cd.repoServerServiceAccountName" . }}
|
||||
{{- if .Values.repoServer.serviceAccount.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.repoServer.serviceAccount.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.repoServer.name }}
|
||||
{{- end }}
|
@ -1,36 +0,0 @@
|
||||
{{- if and .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ template "argo-cd.repoServer.fullname" . }}
|
||||
{{- if .Values.repoServer.metrics.serviceMonitor.namespace }}
|
||||
namespace: {{ .Values.repoServer.metrics.serviceMonitor.namespace }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.repoServer.name }}
|
||||
{{- if .Values.repoServer.metrics.serviceMonitor.selector }}
|
||||
{{- toYaml .Values.repoServer.metrics.serviceMonitor.selector | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.repoServer.metrics.serviceMonitor.additionalLabels }}
|
||||
{{- toYaml .Values.repoServer.metrics.serviceMonitor.additionalLabels | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
endpoints:
|
||||
- port: metrics
|
||||
interval: 30s
|
||||
path: /metrics
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ .Release.Namespace }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
|
||||
app.kubernetes.io/component: {{ .Values.repoServer.name }}
|
||||
{{- end }}
|
||||
|
@ -1,42 +0,0 @@
|
||||
{{- if .Values.server.additionalApplications }}
|
||||
apiVersion: v1
|
||||
kind: List
|
||||
items:
|
||||
{{- range .Values.server.additionalApplications }}
|
||||
- apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
{{- if .additionalAnnotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .additionalAnnotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .additionalLabels }}
|
||||
labels:
|
||||
{{- toYaml .additionalLabels | nindent 8 }}
|
||||
{{- end }}
|
||||
name: {{ .name }}
|
||||
{{- if .namespace }}
|
||||
namespace: {{ .namespace }}
|
||||
{{- end }}
|
||||
{{- if .finalizers }}
|
||||
finalizers:
|
||||
{{- toYaml .finalizers | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
project: {{ tpl .project $ }}
|
||||
source:
|
||||
{{- toYaml .source | nindent 8 }}
|
||||
destination:
|
||||
{{- toYaml .destination | nindent 8 }}
|
||||
{{- if .syncPolicy }}
|
||||
syncPolicy:
|
||||
{{- toYaml .syncPolicy | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .ignoreDifferences }}
|
||||
ignoreDifferences:
|
||||
{{- toYaml .ignoreDifferences | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,15 +0,0 @@
|
||||
{{- if .Values.server.GKEbackendConfig.enabled }}
|
||||
apiVersion: cloud.google.com/v1beta1
|
||||
kind: BackendConfig
|
||||
metadata:
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
spec:
|
||||
{{- toYaml .Values.server.GKEbackendConfig.spec | nindent 2 }}
|
||||
{{- end }}
|
@ -1,30 +0,0 @@
|
||||
{{- if .Values.server.certificate.enabled -}}
|
||||
{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }}
|
||||
apiVersion: cert-manager.io/v1alpha3
|
||||
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" }}
|
||||
apiVersion: cert-manager.io/v1alpha2
|
||||
{{- else }}
|
||||
apiVersion: certmanager.k8s.io/v1alpha1
|
||||
{{- end }}
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
spec:
|
||||
commonName: {{ .Values.server.certificate.domain | quote }}
|
||||
dnsNames:
|
||||
- {{ .Values.server.certificate.domain | quote }}
|
||||
{{- range .Values.server.certificate.additionalHosts }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
issuerRef:
|
||||
kind: {{ .Values.server.certificate.issuer.kind | quote }}
|
||||
name: {{ .Values.server.certificate.issuer.name | quote }}
|
||||
secretName: argocd-secret
|
||||
{{- end }}
|
@ -1,35 +0,0 @@
|
||||
{{- if .Values.server.clusterAdminAccess.enabled }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- '*'
|
||||
resources:
|
||||
- '*'
|
||||
verbs:
|
||||
- delete
|
||||
- get
|
||||
- patch
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- events
|
||||
verbs:
|
||||
- list
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- pods
|
||||
- pods/log
|
||||
verbs:
|
||||
- get
|
||||
{{- end }}
|
@ -1,21 +0,0 @@
|
||||
{{- if .Values.server.clusterAdminAccess.enabled }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "argo-cd.serverServiceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
{{- end }}
|
@ -1,153 +0,0 @@
|
||||
{{- $redisHa := (index .Values "redis-ha") -}}
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.server.image.tag | quote }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
revisionHistoryLimit: 5
|
||||
{{- if (ne .Values.server.autoscaling.enabled true) }}
|
||||
replicas: {{ .Values.server.replicas }}
|
||||
{{- end }}
|
||||
template:
|
||||
metadata:
|
||||
{{- if .Values.server.podAnnotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.server.podAnnotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.server.image.tag | quote }}
|
||||
{{- if .Values.server.podLabels }}
|
||||
{{- toYaml .Values.server.podLabels | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- with .Values.global.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.global.securityContext }}
|
||||
securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ .Values.server.name }}
|
||||
image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default .Values.global.image.tag .Values.server.image.tag }}
|
||||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }}
|
||||
command:
|
||||
- argocd-server
|
||||
- --staticassets
|
||||
- /shared/app
|
||||
- --repo-server
|
||||
- {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
|
||||
{{- if .Values.dex.enabled }}
|
||||
- --dex-server
|
||||
- http://{{ template "argo-cd.dex.fullname" . }}:{{ .Values.dex.servicePortHttp }}
|
||||
{{- end }}
|
||||
- --loglevel
|
||||
- {{ .Values.server.logLevel }}
|
||||
{{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }}
|
||||
- --redis
|
||||
- {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
|
||||
{{- end }}
|
||||
{{- with .Values.server.extraArgs }}
|
||||
{{- . | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.server.containerSecurityContext }}
|
||||
securityContext: {{- toYaml .Values.server.containerSecurityContext | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.server.env }}
|
||||
env:
|
||||
{{- toYaml .Values.server.env | nindent 8 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
{{- if .Values.server.volumeMounts }}
|
||||
{{- toYaml .Values.server.volumeMounts | nindent 8}}
|
||||
{{- end }}
|
||||
{{- if .Values.configs.knownHosts }}
|
||||
- mountPath: /app/config/ssh
|
||||
name: ssh-known-hosts
|
||||
{{- end }}
|
||||
{{- if .Values.configs.tlsCerts }}
|
||||
- mountPath: /app/config/tls
|
||||
name: tls-certs
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: {{ .Values.server.name }}
|
||||
containerPort: {{ .Values.server.containerPort }}
|
||||
protocol: TCP
|
||||
{{ if .Values.server.metrics.enabled }}
|
||||
- name: metrics
|
||||
containerPort: 8083
|
||||
protocol: TCP
|
||||
{{- end }}
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: {{ .Values.server.containerPort }}
|
||||
initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }}
|
||||
successThreshold: {{ .Values.server.livenessProbe.successThreshold }}
|
||||
failureThreshold: {{ .Values.server.livenessProbe.failureThreshold }}
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: {{ .Values.server.containerPort }}
|
||||
initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }}
|
||||
successThreshold: {{ .Values.server.readinessProbe.successThreshold }}
|
||||
failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }}
|
||||
resources:
|
||||
{{- toYaml .Values.server.resources | nindent 10 }}
|
||||
{{- if .Values.server.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml .Values.server.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.server.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml .Values.server.tolerations | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.server.affinity }}
|
||||
affinity:
|
||||
{{- toYaml .Values.server.affinity | nindent 8 }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{ toYaml . | indent 6 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- if .Values.server.volumes }}
|
||||
{{- toYaml .Values.server.volumes | nindent 6}}
|
||||
{{- end }}
|
||||
- emptyDir: {}
|
||||
name: static-files
|
||||
{{- if .Values.configs.knownHosts }}
|
||||
- configMap:
|
||||
name: argocd-ssh-known-hosts-cm
|
||||
name: ssh-known-hosts
|
||||
{{- end }}
|
||||
{{- if .Values.configs.tlsCerts }}
|
||||
- configMap:
|
||||
name: argocd-tls-certs-cm
|
||||
name: tls-certs
|
||||
{{- end }}
|
@ -1,33 +0,0 @@
|
||||
{{- if .Values.server.autoscaling.enabled }}
|
||||
apiVersion: autoscaling/v2beta1
|
||||
kind: HorizontalPodAutoscaler
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-hpa
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
name: {{ template "argo-cd.server.fullname" . }}-hpa
|
||||
spec:
|
||||
scaleTargetRef:
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
minReplicas: {{ .Values.server.autoscaling.minReplicas }}
|
||||
maxReplicas: {{ .Values.server.autoscaling.maxReplicas }}
|
||||
metrics:
|
||||
{{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: memory
|
||||
targetAverageUtilization: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: cpu
|
||||
targetAverageUtilization: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,57 +0,0 @@
|
||||
{{- if .Values.server.ingress.enabled -}}
|
||||
{{- $serviceName := include "argo-cd.server.fullname" . -}}
|
||||
{{- $servicePort := .Values.server.service.servicePortHttp -}}
|
||||
{{- $paths := .Values.server.ingress.paths -}}
|
||||
{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
|
||||
apiVersion: networking.k8s.io/v1beta1
|
||||
{{ else }}
|
||||
apiVersion: extensions/v1beta1
|
||||
{{ end -}}
|
||||
kind: Ingress
|
||||
metadata:
|
||||
{{- if .Values.server.ingress.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.server.ingress.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
{{- if .Values.server.ingress.labels }}
|
||||
{{- toYaml .Values.server.ingress.labels | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
rules:
|
||||
{{- if .Values.server.ingress.hosts }}
|
||||
{{- range $host := .Values.server.ingress.hosts }}
|
||||
- host: {{ $host }}
|
||||
http:
|
||||
paths:
|
||||
{{- range $p := $paths }}
|
||||
- path: {{ $p }}
|
||||
backend:
|
||||
serviceName: {{ $serviceName }}
|
||||
servicePort: {{ $servicePort }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- else }}
|
||||
- http:
|
||||
paths:
|
||||
{{- range $p := $paths }}
|
||||
- path: {{ $p }}
|
||||
backend:
|
||||
serviceName: {{ $serviceName }}
|
||||
servicePort: {{ $servicePort }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.server.ingress.tls }}
|
||||
tls:
|
||||
{{- toYaml .Values.server.ingress.tls | nindent 4 }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
@ -1,31 +0,0 @@
|
||||
{{- if .Values.server.metrics.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
{{- if .Values.server.metrics.service.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.server.metrics.service.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
{{- if .Values.server.metrics.service.labels }}
|
||||
{{- toYaml .Values.server.metrics.service.labels | nindent 4 }}
|
||||
{{- end }}
|
||||
name: {{ template "argo-cd.server.fullname" . }}-metrics
|
||||
spec:
|
||||
ports:
|
||||
- name: metrics
|
||||
protocol: TCP
|
||||
port: {{ .Values.server.metrics.service.servicePort }}
|
||||
targetPort: metrics
|
||||
selector:
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
{{- end }}
|
@ -1,46 +0,0 @@
|
||||
{{- if .Values.server.additionalProjects }}
|
||||
apiVersion: v1
|
||||
kind: List
|
||||
items:
|
||||
{{- range .Values.server.additionalProjects }}
|
||||
- apiVersion: argoproj.io/v1alpha1
|
||||
kind: AppProject
|
||||
metadata:
|
||||
{{- if .additionalAnnotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .additionalAnnotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .additionalLabels }}
|
||||
labels:
|
||||
{{- toYaml .additionalLabels | nindent 8 }}
|
||||
{{- end }}
|
||||
name: {{ .name }}
|
||||
{{- if .namespace }}
|
||||
namespace: {{ .namespace }}
|
||||
{{- end }}
|
||||
spec:
|
||||
description: {{ .description }}
|
||||
sourceRepos:
|
||||
{{- toYaml .sourceRepos | nindent 8 }}
|
||||
destinations:
|
||||
{{- toYaml .destinations | nindent 8 }}
|
||||
{{- if .clusterResourceWhitelist }}
|
||||
clusterResourceWhitelist:
|
||||
{{- toYaml .clusterResourceWhitelist | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .namespaceResourceBlacklist }}
|
||||
namespaceResourceBlacklist:
|
||||
{{- toYaml .namespaceResourceBlacklist | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .orphanedResources }}
|
||||
orphanedResources:
|
||||
{{- toYaml .orphanedResources | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .roles }}
|
||||
roles:
|
||||
{{- toYaml .roles | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,45 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- secrets
|
||||
- configmaps
|
||||
verbs:
|
||||
- create
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- update
|
||||
- patch
|
||||
- delete
|
||||
- apiGroups:
|
||||
- argoproj.io
|
||||
resources:
|
||||
- applications
|
||||
- appprojects
|
||||
verbs:
|
||||
- create
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- update
|
||||
- delete
|
||||
- patch
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- events
|
||||
verbs:
|
||||
- create
|
||||
- list
|
@ -1,19 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "argo-cd.serverServiceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
@ -1,31 +0,0 @@
|
||||
{{- if .Values.server.route.enabled -}}
|
||||
apiVersion: route.openshift.io/v1
|
||||
kind: Route
|
||||
metadata:
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
{{- with .Values.server.route.annotations }}
|
||||
annotations:
|
||||
{{ toYaml . | indent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
host: {{ .Values.server.route.hostname | quote }}
|
||||
to:
|
||||
kind: Service
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
weight: 100
|
||||
port:
|
||||
targetPort: https
|
||||
tls:
|
||||
termination: {{ .Values.server.route.termination_type | default "passthrough" }}
|
||||
insecureEdgeTerminationPolicy: {{ .Values.server.route.termination_policy | default "None" }}
|
||||
wildcardPolicy: None
|
||||
status:
|
||||
ingress: []
|
||||
{{- end }}
|
@ -1,43 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
{{- if .Values.server.service.annotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.server.service.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
{{- if .Values.server.service.labels }}
|
||||
{{- toYaml .Values.server.service.labels | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: {{ .Values.server.service.type }}
|
||||
ports:
|
||||
- name: {{ .Values.server.service.servicePortHttpName }}
|
||||
protocol: TCP
|
||||
port: {{ .Values.server.service.servicePortHttp }}
|
||||
targetPort: {{ .Values.server.name }}
|
||||
- name: {{ .Values.server.service.servicePortHttpsName }}
|
||||
protocol: TCP
|
||||
port: {{ .Values.server.service.servicePortHttps }}
|
||||
targetPort: {{ .Values.server.name }}
|
||||
selector:
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
{{- if eq .Values.server.service.type "LoadBalancer" }}
|
||||
{{- if .Values.server.service.loadBalancerIP }}
|
||||
loadBalancerIP: {{ .Values.server.service.loadBalancerIP | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.server.service.loadBalancerSourceRanges }}
|
||||
loadBalancerSourceranges:
|
||||
{{ toYaml .Values.server.service.loadBalancerSourceRanges | indent 4 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
@ -1,11 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ template "argo-cd.serverServiceAccountName" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
@ -1,36 +0,0 @@
|
||||
{{- if and .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ template "argo-cd.server.fullname" . }}
|
||||
{{- if .Values.server.metrics.serviceMonitor.namespace }}
|
||||
namespace: {{ .Values.server.metrics.serviceMonitor.namespace }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
{{- if .Values.server.metrics.serviceMonitor.selector }}
|
||||
{{- toYaml .Values.server.metrics.serviceMonitor.selector | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.server.metrics.serviceMonitor.additionalLabels }}
|
||||
{{- toYaml .Values.server.metrics.serviceMonitor.additionalLabels | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
endpoints:
|
||||
- port: metrics
|
||||
interval: 30s
|
||||
path: /metrics
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ .Release.Namespace }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics
|
||||
app.kubernetes.io/component: {{ .Values.server.name }}
|
||||
{{- end }}
|
||||
|
@ -1,6 +0,0 @@
|
||||
{{- if .Values.installCRDs }}
|
||||
{{- range $path, $_ := .Files.Glob "crds/*.yaml" }}
|
||||
{{ $.Files.Get $path }}
|
||||
---
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,106 +0,0 @@
|
||||
{{- if .Values.dex.enabled }}
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "argo-cd.dex.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.dex.name }}
|
||||
app.kubernetes.io/version: {{ .Values.dex.image.tag }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
{{- if .Values.dex.podAnnotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.dex.podAnnotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.dex.name }}
|
||||
app.kubernetes.io/version: {{ .Values.dex.image.tag }}
|
||||
{{- if .Values.dex.podLabels }}
|
||||
{{- toYaml .Values.dex.podLabels | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- with .Values.global.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.global.securityContext }}
|
||||
securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
|
||||
{{- end }}
|
||||
initContainers:
|
||||
- name: copyutil
|
||||
image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default .Values.global.image.tag .Values.dex.initImage.tag }}
|
||||
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }}
|
||||
resources:
|
||||
{{- toYaml .Values.dex.resources | nindent 10 }}
|
||||
{{- if .Values.dex.containerSecurityContext }}
|
||||
securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
|
||||
{{- end }}
|
||||
command:
|
||||
- cp
|
||||
- /usr/local/bin/argocd-util
|
||||
- /shared
|
||||
volumeMounts:
|
||||
- mountPath: /shared
|
||||
name: static-files
|
||||
containers:
|
||||
- name: {{ .Values.dex.name }}
|
||||
image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }}
|
||||
imagePullPolicy: {{ .Values.dex.image.imagePullPolicy }}
|
||||
command:
|
||||
- /shared/argocd-util
|
||||
- rundex
|
||||
{{- if .Values.dex.containerSecurityContext }}
|
||||
securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dex.env }}
|
||||
env:
|
||||
{{- toYaml .Values.dex.env | nindent 8 }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: {{ .Values.dex.containerPortHttp }}
|
||||
protocol: TCP
|
||||
- name: grpc
|
||||
containerPort: {{ .Values.dex.containerPortGrpc }}
|
||||
protocol: TCP
|
||||
{{- if .Values.dex.volumeMounts }}
|
||||
volumeMounts:
|
||||
{{- toYaml .Values.dex.volumeMounts | nindent 10 }}
|
||||
{{- end }}
|
||||
resources:
|
||||
{{- toYaml .Values.dex.resources | nindent 10 }}
|
||||
{{- if .Values.dex.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml .Values.dex.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dex.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml .Values.dex.tolerations | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dex.affinity }}
|
||||
affinity:
|
||||
{{- toYaml .Values.dex.affinity | nindent 8 }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }}
|
||||
{{- if .Values.dex.volumes }}
|
||||
volumes:
|
||||
{{- toYaml .Values.dex.volumes | nindent 8}}
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,23 +0,0 @@
|
||||
{{- if .Values.dex.enabled }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ template "argo-cd.dex.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.dex.name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- secrets
|
||||
- configmaps
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
{{- end }}
|
@ -1,21 +0,0 @@
|
||||
{{- if .Values.dex.enabled }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ template "argo-cd.dex.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.dex.name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: {{ template "argo-cd.dex.fullname" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "argo-cd.dexServiceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
{{- end }}
|
@ -1,26 +0,0 @@
|
||||
{{- if .Values.dex.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "argo-cd.dex.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.dex.name }}
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
protocol: TCP
|
||||
port: {{ .Values.dex.servicePortHttp }}
|
||||
targetPort: http
|
||||
- name: grpc
|
||||
protocol: TCP
|
||||
port: {{ .Values.dex.servicePortGrpc }}
|
||||
targetPort: grpc
|
||||
selector:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
@ -1,13 +0,0 @@
|
||||
{{- if .Values.dex.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ template "argo-cd.dexServiceAccountName" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.dex.name }}
|
||||
{{- end }}
|
@ -1,88 +0,0 @@
|
||||
{{- $redisHa := (index .Values "redis-ha") -}}
|
||||
{{- if and .Values.redis.enabled (not $redisHa.enabled) -}}
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "argo-cd.redis.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.redis.name }}
|
||||
app.kubernetes.io/version: {{ .Values.redis.image.tag }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
|
||||
template:
|
||||
metadata:
|
||||
{{- if .Values.redis.podAnnotations }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.redis.podAnnotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.redis.name }}
|
||||
app.kubernetes.io/version: {{ .Values.redis.image.tag }}
|
||||
{{- if .Values.redis.podLabels }}
|
||||
{{- toYaml .Values.redis.podLabels | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- with .Values.global.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
automountServiceAccountToken: false
|
||||
{{- if .Values.global.securityContext }}
|
||||
securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ template "argo-cd.redis.fullname" . }}
|
||||
args:
|
||||
- --save
|
||||
- ""
|
||||
- --appendonly
|
||||
- "no"
|
||||
image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}
|
||||
imagePullPolicy: {{ .Values.redis.image.imagePullPolicy}}
|
||||
{{- if .Values.redis.containerSecurityContext }}
|
||||
securityContext: {{- toYaml .Values.redis.containerSecurityContext | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.redis.env }}
|
||||
env:
|
||||
{{- toYaml .Values.redis.env | nindent 8 }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- containerPort: {{ .Values.redis.containerPort }}
|
||||
{{- if .Values.redis.volumeMounts }}
|
||||
|
||||
volumeMounts:
|
||||
{{- toYaml .Values.redis.volumeMounts | nindent 10 }}
|
||||
{{- end }}
|
||||
resources:
|
||||
{{- toYaml .Values.redis.resources | nindent 10 }}
|
||||
{{- if .Values.redis.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml .Values.redis.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.redis.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml .Values.redis.tolerations | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.redis.affinity }}
|
||||
affinity:
|
||||
{{- toYaml .Values.redis.affinity | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.redis.volumes }}
|
||||
volumes:
|
||||
{{- toYaml .Values.redis.volumes | nindent 8}}
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,20 +0,0 @@
|
||||
{{- $redisHa := (index .Values "redis-ha") -}}
|
||||
{{- if and .Values.redis.enabled (not $redisHa.enabled) -}}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "argo-cd.redis.fullname" . }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
|
||||
helm.sh/chart: {{ include "argo-cd.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/component: {{ .Values.redis.name }}
|
||||
spec:
|
||||
ports:
|
||||
- port: {{ .Values.redis.servicePort }}
|
||||
targetPort: {{ .Values.redis.servicePort }}
|
||||
selector:
|
||||
app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
|
||||
{{- end }}
|
@ -1,830 +0,0 @@
|
||||
## ArgoCD configuration
|
||||
## Ref: https://github.com/argoproj/argo-cd
|
||||
##
|
||||
nameOverride: argocd
|
||||
fullnameOverride: ""
|
||||
|
||||
# Optional CRD installation for those without Helm hooks
|
||||
installCRDs: true
|
||||
|
||||
global:
|
||||
image:
|
||||
repository: argoproj/argocd
|
||||
tag: v1.5.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext: {}
|
||||
# runAsUser: 999
|
||||
# runAsGroup: 999
|
||||
# fsGroup: 999
|
||||
imagePullSecrets: []
|
||||
hostAliases: []
|
||||
# - ip: 10.20.30.40
|
||||
# hostnames:
|
||||
# - git.myhostname
|
||||
|
||||
## Controller
|
||||
controller:
|
||||
name: application-controller
|
||||
|
||||
image:
|
||||
repository: # argoproj/argocd
|
||||
tag: # v1.5.2
|
||||
imagePullPolicy: # IfNotPresent
|
||||
|
||||
## Argo controller commandline flags
|
||||
args:
|
||||
statusProcessors: "20"
|
||||
operationProcessors: "10"
|
||||
|
||||
## Argo controller log level
|
||||
logLevel: info
|
||||
|
||||
## Additional command line arguments to pass to argocd-controller
|
||||
##
|
||||
extraArgs: []
|
||||
|
||||
## Environment variables to pass to argocd-controller
|
||||
##
|
||||
env: []
|
||||
|
||||
## Annotations to be added to controller pods
|
||||
##
|
||||
podAnnotations: {}
|
||||
|
||||
## Labels to be added to controller pods
|
||||
##
|
||||
podLabels: {}
|
||||
|
||||
## Labels to set container specific security contexts
|
||||
containerSecurityContext: {}
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - all
|
||||
|
||||
## Configures the controller port
|
||||
containerPort: 8082
|
||||
|
||||
## Readiness and liveness probes for default backend
|
||||
## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
|
||||
##
|
||||
readinessProbe:
|
||||
failureThreshold: 3
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
|
||||
## Additional volumeMounts to the controller main container.
|
||||
volumeMounts: []
|
||||
|
||||
## Additional volumes to the controller pod.
|
||||
volumes: []
|
||||
|
||||
## Controller service configuration
|
||||
service:
|
||||
annotations: {}
|
||||
labels: {}
|
||||
port: 8082
|
||||
portName: https-controller
|
||||
|
||||
## Node selectors and tolerations for server scheduling to nodes with taints
|
||||
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
|
||||
##
|
||||
nodeSelector: {}
|
||||
tolerations: []
|
||||
affinity: {}
|
||||
|
||||
priorityClassName: ""
|
||||
|
||||
resources: {}
|
||||
# limits:
|
||||
# cpu: 500m
|
||||
# memory: 512Mi
|
||||
# requests:
|
||||
# cpu: 250m
|
||||
# memory: 256Mi
|
||||
|
||||
serviceAccount:
|
||||
create: true
|
||||
name: argocd-application-controller
|
||||
|
||||
## Server metrics controller configuration
|
||||
metrics:
|
||||
enabled: false
|
||||
service:
|
||||
annotations: {}
|
||||
labels: {}
|
||||
servicePort: 8082
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
# selector:
|
||||
# prometheus: kube-prometheus
|
||||
# namespace: monitoring
|
||||
# additionalLabels: {}
|
||||
rules:
|
||||
enabled: false
|
||||
spec: []
|
||||
# - alert: ArgoAppMissing
|
||||
# expr: |
|
||||
# absent(argocd_app_info)
|
||||
# for: 15m
|
||||
# labels:
|
||||
# severity: critical
|
||||
# annotations:
|
||||
# summary: "[ArgoCD] No reported applications"
|
||||
# description: >
|
||||
# ArgoCD has not reported any applications data for the past 15 minutes which
|
||||
# means that it must be down or not functioning properly. This needs to be
|
||||
# resolved for this cloud to continue to maintain state.
|
||||
# - alert: ArgoAppNotSynced
|
||||
# expr: |
|
||||
# argocd_app_sync_status{sync_status!="Synced"} == 1
|
||||
# for: 12h
|
||||
# labels:
|
||||
# severity: warning
|
||||
# annotations:
|
||||
# summary: "[{{`{{$labels.name}}`}}] Application not synchronized"
|
||||
# description: >
|
||||
# The application [{{`{{$labels.name}}`}} has not been synchronized for over
|
||||
# 12 hours which means that the state of this cloud has drifted away from the
|
||||
# state inside Git.
|
||||
# selector:
|
||||
# prometheus: kube-prometheus
|
||||
# namespace: monitoring
|
||||
# additionalLabels: {}
|
||||
|
||||
## Enable Admin ClusterRole resources.
|
||||
## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster.
|
||||
clusterAdminAccess:
|
||||
enabled: true
|
||||
|
||||
## Dex
|
||||
dex:
|
||||
enabled: true
|
||||
name: dex-server
|
||||
|
||||
image:
|
||||
repository: quay.io/dexidp/dex
|
||||
tag: v2.22.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
initImage:
|
||||
repository:
|
||||
tag:
|
||||
imagePullPolicy:
|
||||
|
||||
## Environment variables to pass to the Dex server
|
||||
##
|
||||
env: []
|
||||
|
||||
## Annotations to be added to the Dex server pods
|
||||
##
|
||||
podAnnotations: {}
|
||||
|
||||
## Labels to be added to the Dex server pods
|
||||
##
|
||||
podLabels: {}
|
||||
|
||||
serviceAccount:
|
||||
create: true
|
||||
name: argocd-dex-server
|
||||
|
||||
## Additional volumeMounts to the controller main container.
|
||||
volumeMounts:
|
||||
- name: static-files
|
||||
mountPath: /shared
|
||||
|
||||
## Additional volumes to the controller pod.
|
||||
volumes:
|
||||
- name: static-files
|
||||
emptyDir: {}
|
||||
|
||||
## Dex deployment container ports
|
||||
containerPortHttp: 5556
|
||||
servicePortHttp: 5556
|
||||
containerPortGrpc: 5557
|
||||
servicePortGrpc: 5557
|
||||
|
||||
## Node selectors and tolerations for server scheduling to nodes with taints
|
||||
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
|
||||
##
|
||||
nodeSelector: {}
|
||||
tolerations: []
|
||||
affinity: {}
|
||||
|
||||
priorityClassName: ""
|
||||
|
||||
## Labels to set container specific security contexts
|
||||
containerSecurityContext: {}
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - all
|
||||
|
||||
|
||||
resources: {}
|
||||
# limits:
|
||||
# cpu: 50m
|
||||
# memory: 64Mi
|
||||
# requests:
|
||||
# cpu: 10m
|
||||
# memory: 32Mi
|
||||
|
||||
## Redis
|
||||
redis:
|
||||
enabled: true
|
||||
name: redis
|
||||
|
||||
image:
|
||||
repository: redis
|
||||
tag: 5.0.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
|
||||
containerPort: 6379
|
||||
servicePort: 6379
|
||||
|
||||
## Environment variables to pass to the Redis server
|
||||
##
|
||||
env: []
|
||||
|
||||
## Annotations to be added to the Redis server pods
|
||||
##
|
||||
podAnnotations: {}
|
||||
|
||||
## Labels to be added to the Redis server pods
|
||||
##
|
||||
podLabels: {}
|
||||
|
||||
## Node selectors and tolerations for server scheduling to nodes with taints
|
||||
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
|
||||
##
|
||||
nodeSelector: {}
|
||||
tolerations: []
|
||||
affinity: {}
|
||||
|
||||
priorityClassName: ""
|
||||
|
||||
## Labels to set container specific security contexts
|
||||
containerSecurityContext: {}
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - all
|
||||
|
||||
|
||||
resources: {}
|
||||
# limits:
|
||||
# cpu: 200m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 100m
|
||||
# memory: 64Mi
|
||||
|
||||
volumeMounts: []
|
||||
volumes: []
|
||||
|
||||
# This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true)
|
||||
# the custom redis deployment is omitted
|
||||
redis-ha:
|
||||
enabled: false
|
||||
# Check the redis-ha chart for more properties
|
||||
exporter:
|
||||
enabled: true
|
||||
persistentVolume:
|
||||
enabled: false
|
||||
redis:
|
||||
masterGroupName: argocd
|
||||
config:
|
||||
save: "\"\""
|
||||
haproxy:
|
||||
enabled: true
|
||||
metrics:
|
||||
enabled: true
|
||||
|
||||
## Server
|
||||
server:
|
||||
name: server
|
||||
|
||||
replicas: 1
|
||||
|
||||
autoscaling:
|
||||
enabled: false
|
||||
minReplicas: 1
|
||||
maxReplicas: 5
|
||||
targetCPUUtilizationPercentage: 50
|
||||
targetMemoryUtilizationPercentage: 50
|
||||
|
||||
image:
|
||||
repository: # argoproj/argocd
|
||||
tag: # v1.5.2
|
||||
imagePullPolicy: # IfNotPresent
|
||||
|
||||
## Additional command line arguments to pass to argocd-server
|
||||
##
|
||||
extraArgs: []
|
||||
# - --insecure
|
||||
|
||||
## Environment variables to pass to argocd-server
|
||||
##
|
||||
env: []
|
||||
|
||||
## Argo server log level
|
||||
logLevel: info
|
||||
|
||||
## Annotations to be added to controller pods
|
||||
##
|
||||
podAnnotations: {}
|
||||
|
||||
## Labels to be added to controller pods
|
||||
##
|
||||
podLabels: {}
|
||||
|
||||
## Configures the server port
|
||||
containerPort: 8080
|
||||
|
||||
## Readiness and liveness probes for default backend
|
||||
## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
|
||||
##
|
||||
readinessProbe:
|
||||
failureThreshold: 3
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
|
||||
## Additional volumeMounts to the server main container.
|
||||
volumeMounts: []
|
||||
|
||||
## Additional volumes to the controller pod.
|
||||
volumes: []
|
||||
|
||||
## Node selectors and tolerations for server scheduling to nodes with taints
|
||||
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
|
||||
##
|
||||
nodeSelector: {}
|
||||
tolerations: []
|
||||
affinity: {}
|
||||
|
||||
priorityClassName: ""
|
||||
|
||||
## Labels to set container specific security contexts
|
||||
containerSecurityContext: {}
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - all
|
||||
|
||||
resources: {}
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 50m
|
||||
# memory: 64Mi
|
||||
|
||||
## Certificate configuration
|
||||
certificate:
|
||||
enabled: false
|
||||
domain: argocd.example.com
|
||||
issuer: {}
|
||||
additionalHosts: []
|
||||
|
||||
## Server service configuration
|
||||
service:
|
||||
annotations: {}
|
||||
labels: {}
|
||||
type: ClusterIP
|
||||
servicePortHttp: 80
|
||||
servicePortHttps: 443
|
||||
servicePortHttpName: http
|
||||
servicePortHttpsName: https
|
||||
loadBalancerIP: ""
|
||||
loadBalancerSourceRanges: []
|
||||
|
||||
## Server metrics service configuration
|
||||
metrics:
|
||||
enabled: false
|
||||
service:
|
||||
annotations: {}
|
||||
labels: {}
|
||||
servicePort: 8083
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
# selector:
|
||||
# prometheus: kube-prometheus
|
||||
# namespace: monitoring
|
||||
# additionalLabels: {}
|
||||
|
||||
serviceAccount:
|
||||
create: true
|
||||
name: argocd-server
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
annotations: {}
|
||||
labels: {}
|
||||
|
||||
## Argo Ingress.
|
||||
## Hostnames must be provided if Ingress is enabled.
|
||||
## Secrets must be manually created in the namespace
|
||||
##
|
||||
hosts:
|
||||
[]
|
||||
# - argocd.example.com
|
||||
paths:
|
||||
- /
|
||||
tls:
|
||||
[]
|
||||
# - secretName: argocd-example-tls
|
||||
# hosts:
|
||||
# - argocd.example.com
|
||||
|
||||
# Create a OpenShift Route with SSL passthrough for UI and CLI
|
||||
# Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain
|
||||
# Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain:
|
||||
# If 'hostname' is an empty string "" OpenShift will create a hostname for you.
|
||||
route:
|
||||
enabled: false
|
||||
hostname: ""
|
||||
|
||||
## ArgoCD config
|
||||
## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml
|
||||
config:
|
||||
# Argo CD's externally facing base URL (optional). Required when configuring SSO
|
||||
url: https://argocd.example.com
|
||||
# Argo CD instance label key
|
||||
application.instanceLabelKey: argocd.argoproj.io/instance
|
||||
# repositories: |
|
||||
# - url: git@github.com:group/repo.git
|
||||
# sshPrivateKeySecret:
|
||||
# name: secret-name
|
||||
# key: sshPrivateKey
|
||||
# - type: helm
|
||||
# url: https://kubernetes-charts.storage.googleapis.com
|
||||
# name: stable
|
||||
# - type: helm
|
||||
# url: https://argoproj.github.io/argo-helm
|
||||
# name: argo
|
||||
# oidc.config: |
|
||||
# name: AzureAD
|
||||
# issuer: https://login.microsoftonline.com/TENANT_ID/v2.0
|
||||
# clientID: CLIENT_ID
|
||||
# clientSecret: $oidc.azuread.clientSecret
|
||||
# requestedIDTokenClaims:
|
||||
# groups:
|
||||
# essential: true
|
||||
# requestedScopes:
|
||||
# - openid
|
||||
# - profile
|
||||
# - email
|
||||
|
||||
## ArgoCD rbac config
|
||||
## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md
|
||||
rbacConfig:
|
||||
{}
|
||||
# policy.csv is an file containing user-defined RBAC policies and role definitions (optional).
|
||||
# Policy rules are in the form:
|
||||
# p, subject, resource, action, object, effect
|
||||
# Role definitions and bindings are in the form:
|
||||
# g, subject, inherited-subject
|
||||
# See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information.
|
||||
# policy.csv: |
|
||||
# # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project'
|
||||
# p, my-org:team-alpha, applications, sync, my-project/*, allow
|
||||
# # Grant all members of 'my-org:team-beta' admins
|
||||
# g, my-org:team-beta, role:admin
|
||||
# policy.default is the name of the default role which Argo CD will falls back to, when
|
||||
# authorizing API requests (optional). If omitted or empty, users may be still be able to login,
|
||||
# but will see no apps, projects, etc...
|
||||
# policy.default: role:readonly
|
||||
# scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope).
|
||||
# If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings.
|
||||
# scopes: '[cognito:groups, email]'
|
||||
|
||||
## Not well tested and not well supported on release v1.0.0.
|
||||
## Applications
|
||||
## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/
|
||||
additionalApplications: []
|
||||
# - name: guestbook
|
||||
# namespace: argocd
|
||||
# additionalLabels: {}
|
||||
# additionalAnnotations: {}
|
||||
# project: guestbook
|
||||
# source:
|
||||
# repoURL: https://github.com/argoproj/argocd-example-apps.git
|
||||
# targetRevision: HEAD
|
||||
# path: guestbook
|
||||
# directory:
|
||||
# recurse: true
|
||||
# destination:
|
||||
# server: https://kubernetes.default.svc
|
||||
# namespace: guestbook
|
||||
# syncPolicy:
|
||||
# automated:
|
||||
# prune: false
|
||||
# selfHeal: false
|
||||
|
||||
## Projects
|
||||
## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/
|
||||
additionalProjects: []
|
||||
# - name: guestbook
|
||||
# namespace: argocd
|
||||
# additionalLabels: {}
|
||||
# additionalAnnotations: {}
|
||||
# description: Example Project
|
||||
# sourceRepos:
|
||||
# - '*'
|
||||
# destinations:
|
||||
# - namespace: guestbook
|
||||
# server: https://kubernetes.default.svc
|
||||
# clusterResourceWhitelist: []
|
||||
# namespaceResourceBlacklist:
|
||||
# - group: ''
|
||||
# kind: ResourceQuota
|
||||
# - group: ''
|
||||
# kind: LimitRange
|
||||
# - group: ''
|
||||
# kind: NetworkPolicy
|
||||
# orphanedResources: {}
|
||||
# roles: []
|
||||
# orphanedResources: {}
|
||||
# roles: []
|
||||
|
||||
## Enable Admin ClusterRole resources.
|
||||
## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster.
|
||||
clusterAdminAccess:
|
||||
enabled: true
|
||||
|
||||
## Enable BackendConfig custom resource for Google Kubernetes Engine
|
||||
GKEbackendConfig:
|
||||
enabled: false
|
||||
spec: {}
|
||||
# spec:
|
||||
# iap:
|
||||
# enabled: true
|
||||
# oauthclientCredentials:
|
||||
# secretName: argocd-secret
|
||||
|
||||
## Repo Server
|
||||
repoServer:
|
||||
name: repo-server
|
||||
|
||||
replicas: 1
|
||||
|
||||
autoscaling:
|
||||
enabled: false
|
||||
minReplicas: 1
|
||||
maxReplicas: 5
|
||||
targetCPUUtilizationPercentage: 50
|
||||
targetMemoryUtilizationPercentage: 50
|
||||
|
||||
image:
|
||||
repository: # argoproj/argocd
|
||||
tag: # v1.5.2
|
||||
imagePullPolicy: # IfNotPresent
|
||||
|
||||
## Additional command line arguments to pass to argocd-repo-server
|
||||
##
|
||||
extraArgs: []
|
||||
|
||||
## Environment variables to pass to argocd-repo-server
|
||||
##
|
||||
env: []
|
||||
|
||||
## Argo repoServer log level
|
||||
logLevel: info
|
||||
|
||||
## Annotations to be added to repo server pods
|
||||
##
|
||||
podAnnotations: {}
|
||||
|
||||
## Labels to be added to repo server pods
|
||||
##
|
||||
podLabels: {}
|
||||
|
||||
## Configures the repo server port
|
||||
containerPort: 8081
|
||||
|
||||
## Readiness and liveness probes for default backend
|
||||
## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
|
||||
##
|
||||
readinessProbe:
|
||||
failureThreshold: 3
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 1
|
||||
|
||||
## Additional volumeMounts to the repo server main container.
|
||||
volumeMounts: []
|
||||
|
||||
## Additional volumes to the repo server pod.
|
||||
volumes: []
|
||||
|
||||
## Node selectors and tolerations for server scheduling to nodes with taints
|
||||
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
|
||||
##
|
||||
nodeSelector: {}
|
||||
tolerations: []
|
||||
affinity: {}
|
||||
|
||||
priorityClassName: ""
|
||||
|
||||
## Labels to set container specific security contexts
|
||||
containerSecurityContext: {}
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - all
|
||||
|
||||
resources: {}
|
||||
# limits:
|
||||
# cpu: 50m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 10m
|
||||
# memory: 64Mi
|
||||
|
||||
## Repo server service configuration
|
||||
service:
|
||||
annotations: {}
|
||||
labels: {}
|
||||
port: 8081
|
||||
portName: https-repo-server
|
||||
|
||||
## Repo server metrics service configuration
|
||||
metrics:
|
||||
enabled: false
|
||||
service:
|
||||
annotations: {}
|
||||
labels: {}
|
||||
servicePort: 8084
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
# selector:
|
||||
# prometheus: kube-prometheus
|
||||
# namespace: monitoring
|
||||
# additionalLabels: {}
|
||||
|
||||
## Repo server service account
|
||||
## If create is set to true, make sure to uncomment the name and update the rbac section below
|
||||
serviceAccount:
|
||||
create: false
|
||||
# name: argocd-repo-server
|
||||
## Annotations applied to created service account
|
||||
annotations: {}
|
||||
|
||||
## Repo server rbac rules
|
||||
# rbac:
|
||||
# - apiGroups:
|
||||
# - argoproj.io
|
||||
# resources:
|
||||
# - applications
|
||||
# verbs:
|
||||
# - get
|
||||
# - list
|
||||
# - watch
|
||||
|
||||
## Use init containers to configure custom tooling
|
||||
## https://argoproj.github.io/argo-cd/operator-manual/custom_tools/
|
||||
## When using the volumes & volumeMounts section bellow, please comment out those above.
|
||||
# volumes:
|
||||
# - name: custom-tools
|
||||
# emptyDir: {}
|
||||
#
|
||||
# initContainers:
|
||||
# - name: download-tools
|
||||
# image: alpine:3.8
|
||||
# command: [sh, -c]
|
||||
# args:
|
||||
# - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - &&
|
||||
# mv linux-amd64/helm /custom-tools/
|
||||
# volumeMounts:
|
||||
# - mountPath: /custom-tools
|
||||
# name: custom-tools
|
||||
# volumeMounts:
|
||||
# - mountPath: /usr/local/bin/helm
|
||||
# name: custom-tools
|
||||
# subPath: helm
|
||||
|
||||
## Argo Configs
|
||||
configs:
|
||||
knownHosts:
|
||||
data:
|
||||
ssh_known_hosts: |
|
||||
bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
|
||||
github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
|
||||
gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=
|
||||
gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf
|
||||
gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9
|
||||
ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
|
||||
vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
|
||||
tlsCerts:
|
||||
{}
|
||||
# data:
|
||||
# argocd.example.com: |
|
||||
# -----BEGIN CERTIFICATE-----
|
||||
# MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL
|
||||
# BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE
|
||||
# BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0
|
||||
# c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda
|
||||
# Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT
|
||||
# YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES
|
||||
# MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi
|
||||
# MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5
|
||||
# NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc
|
||||
# CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u
|
||||
# P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G
|
||||
# ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+
|
||||
# YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E
|
||||
# Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko
|
||||
# Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J
|
||||
# kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u
|
||||
# kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO
|
||||
# gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7
|
||||
# bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86
|
||||
# r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/
|
||||
# BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn
|
||||
# Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx
|
||||
# CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2
|
||||
# XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT
|
||||
# +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr
|
||||
# d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO
|
||||
# OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so
|
||||
# 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr
|
||||
# jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8
|
||||
# 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W
|
||||
# +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK
|
||||
# XWyb96wrUlv+E8I=
|
||||
# -----END CERTIFICATE-----
|
||||
# Creates a secret with optional repository credentials
|
||||
repositoryCredentials:
|
||||
{}
|
||||
# sample-ssh-key: |
|
||||
# -----BEGIN RSA PRIVATE KEY-----
|
||||
# MIICXAIBAAKBgQCcmiVJXGUvL8zqWmRRETbCKgFadtjJ9WDQpSwiZzMiktpYBo0N
|
||||
# z0cThzGQfWqvdiJYEy72MrKCaSYssV3eHP5zTffk4VBDktNfdl1kgkOpqnh7tQO4
|
||||
# nBONRLzcK6KEbKUsmiTbW8Jb4UFYDhyyyveby7y3vYePmaRQIrlEenVfKwIDAQAB
|
||||
# AoGAbbg+WZjnt9jYzHWKhZX29LDzg8ty9oT6URT4yB3gIOAdJMFqQHuyg8cb/e0x
|
||||
# O0AcrfK623oHwgEj4vpeFwnfaBdtM5GfH9zaj6pnXV7VZc3oBHrBnHUgFT3NEYUe
|
||||
# tt6rtatIguBH61Aj/pyij9sOfF0xDj0s1nwFTbdHtZR/31kCQQDIwcVTqhKkDNW6
|
||||
# cvdz+Wt3v9x1wNg+VhZhyA/pKILz3+qtn3GogLrQqhpVi+Y7tdvEv9FvgKaCjUp8
|
||||
# 6Lfp6dDFAkEAx7HpQbXFdrtcveOi9kosKRDX1PT4zdhB08jAXGlV8jr0jkrZazVM
|
||||
# hV5rVCuu35Vh6x1fiyGwwiVsqhgWE+KPLwJAWrDemasM/LsnmjDxhJy6ZcBwsWlK
|
||||
# xu5Q8h9UwLmiXtVayNBsofh1bGpLtzWZ7oN7ImidDkgJ8JQvgDoJS0xrGQJBALPJ
|
||||
# FkMFnrjtqGqBVkc8shNqyZY90v6oM2OzupO4dht2PpUZCDPAMZtlTWXjSjabbCPc
|
||||
# NxexBk1UmkdtFftjHxsCQGjG+nhRYH92MsmrbvZyFzgxg9SIOu6xel7D3Dq9l5Le
|
||||
# XG+bpHPF4SiCpAxthP5WNa17zuvk+CDsMZgZNuhYNMo=
|
||||
# -----END RSA PRIVATE KEY-----
|
||||
secret:
|
||||
createSecret: true
|
||||
## Annotations to be added to argocd-secret
|
||||
##
|
||||
annotations: {}
|
||||
|
||||
# Webhook Configs
|
||||
githubSecret: ""
|
||||
gitlabSecret: ""
|
||||
bitbucketServerSecret: ""
|
||||
bitbucketUUID: ""
|
||||
gogsSecret: ""
|
||||
|
||||
# Custom secrets. Useful for injecting SSO secrets into environment variables.
|
||||
# Ref: https://argoproj.github.io/argo-cd/operator-manual/sso/
|
||||
# Note that all values must be non-empty.
|
||||
extra: {}
|
||||
# LDAP_PASSWORD: "mypassword"
|
||||
|
||||
# Argo TLS Data.
|
||||
argocdServerTlsConfig:
|
||||
{}
|
||||
# key:
|
||||
# crt: |
|
||||
# -----BEGIN CERTIFICATE-----
|
||||
# <cert data>
|
||||
# -----END CERTIFICATE-----
|
||||
# -----BEGIN CERTIFICATE-----
|
||||
# <ca cert data>
|
||||
# -----END CERTIFICATE-----
|
||||
|
||||
# Argo expects the password in the secret to be bcrypt hashed. You can create this hash with
|
||||
# `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'`
|
||||
# argocdServerAdminPassword:
|
||||
# Password modification time defaults to current time if not set
|
||||
# argocdServerAdminPasswordMtime: "2006-01-02T15:04:05Z"
|
||||
|
||||
openshift:
|
||||
enabled: false
|
@ -1,11 +1,10 @@
|
||||
{{- if .Values.bootstrap }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: kubezero
|
||||
namespace: argocd
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Chart.Name }}-argocd-application
|
||||
app.kubernetes.io/name: kubezero
|
||||
helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
@ -14,12 +13,12 @@ spec:
|
||||
source:
|
||||
repoURL: https://github.com/Zero-Down-Time/kubezero
|
||||
targetRevision: HEAD
|
||||
path: charts/kubezero-app
|
||||
path: charts/kubezeroApp
|
||||
|
||||
{{- if .Values.config }}
|
||||
helm:
|
||||
values: |
|
||||
{{- toYaml .Values.config | nindent 8 }}
|
||||
{{- toYaml .Values.kubezero | nindent 8 }}
|
||||
{{- end }}
|
||||
|
||||
destination:
|
||||
@ -29,4 +28,3 @@ spec:
|
||||
automated:
|
||||
prune: true
|
||||
selfHeal: false
|
||||
{{- end }}
|
||||
|
@ -1,4 +1,3 @@
|
||||
{{- if .Values.bootstrap }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: AppProject
|
||||
metadata:
|
||||
@ -28,4 +27,3 @@ spec:
|
||||
clusterResourceWhitelist:
|
||||
- group: '*'
|
||||
kind: '*'
|
||||
{{- end }}
|
||||
|
@ -1,8 +1,5 @@
|
||||
# bootstrap -- Wether to install the root-app `kubezero-app`
|
||||
bootstrap: true
|
||||
|
||||
# config -- Kubezero configuration to be passed into kubezero-app
|
||||
config: {}
|
||||
# kubezero -- Kubezero configuration, values.yaml please see kubezeroApp
|
||||
kubezero: {}
|
||||
|
||||
argo-cd:
|
||||
installCRDs: false
|
||||
|
@ -1,8 +1,8 @@
|
||||
apiVersion: v2
|
||||
name: kubezero-app
|
||||
name: kubezeroApp
|
||||
description: KubeZero ArgoCD Application - Root chart of the KubeZero
|
||||
type: application
|
||||
version: 0.1.3
|
||||
version: 0.1.4
|
||||
home: https://kubezero.com
|
||||
keywords:
|
||||
- kubezero
|
@ -1,8 +1,8 @@
|
||||
kubezero-app
|
||||
============
|
||||
kubezeroApp
|
||||
===========
|
||||
KubeZero ArgoCD Application - Root chart of the KubeZero
|
||||
|
||||
Current chart version is `0.1.3`
|
||||
Current chart version is `0.1.4`
|
||||
|
||||
Source code can be found [here](https://kubezero.com)
|
||||
|
27
charts/kubezeroApp/templates/_apps_common.yaml
Normal file
27
charts/kubezeroApp/templates/_apps_common.yaml
Normal file
@ -0,0 +1,27 @@
|
||||
{{- define "kubezero.app" }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: {{ .name }}
|
||||
namespace: argocd
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .name }}
|
||||
helm.sh/chart: {{ .root.Chart.Name }}-{{ .root.Chart.Version | replace "+" "_" }}
|
||||
app.kubernetes.io/managed-by: {{ .root.Release.Service }}
|
||||
app.kubernetes.io/part-of: kubezero
|
||||
spec:
|
||||
project: kubezero
|
||||
|
||||
source:
|
||||
repoURL: {{ default .root.Values.defaultSource.repoURL }}
|
||||
targetRevision: {{ default .root.Values.defaultSource.targetRevision }}
|
||||
{{- if eq .type "helm" }}
|
||||
path: {{ default .root.Values.defaultSource.pathPrefix }}charts/{{ .name }}
|
||||
{{- else }}
|
||||
path: {{ default .root.Values.defaultSource.pathPrefix }}artifacts/{{ .name }}
|
||||
{{- end }}
|
||||
|
||||
destination:
|
||||
server: {{ default .root.Values.defaultDestination.server }}
|
||||
namespace: kube-system
|
||||
{{- end }}
|
3
charts/kubezeroApp/templates/calico.yaml
Normal file
3
charts/kubezeroApp/templates/calico.yaml
Normal file
@ -0,0 +1,3 @@
|
||||
{{- if .Values.calico.enabled }}
|
||||
{{ template "kubezero.app" dict "root" . "name" "calico" "type" "kustomize" }}
|
||||
{{- end }}
|
10
charts/kubezeroApp/templates/cert-manager.yaml
Normal file
10
charts/kubezeroApp/templates/cert-manager.yaml
Normal file
@ -0,0 +1,10 @@
|
||||
{{- if .Values.certManager.enabled }}
|
||||
{{ template "kubezero.app" dict "root" . "name" "kubezeroCertManager" "type" "helm" }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: cert-manager
|
||||
annotations:
|
||||
iam.amazonaws.com/permitted: ".*CertManagerRole.*"
|
||||
{{- end }}
|
@ -0,0 +1,3 @@
|
||||
{{- if .Values.localVolumeProvisioner.enabled }}
|
||||
{{ template "kubezero.app" dict "root" . "name" "localVolumeProvisioner" "type" "kustomize" }}
|
||||
{{- end }}
|
23
charts/kubezeroCertManager/.helmignore
Normal file
23
charts/kubezeroCertManager/.helmignore
Normal file
@ -0,0 +1,23 @@
|
||||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
6
charts/kubezeroCertManager/Chart.lock
Normal file
6
charts/kubezeroCertManager/Chart.lock
Normal file
@ -0,0 +1,6 @@
|
||||
dependencies:
|
||||
- name: cert-manager
|
||||
repository: https://charts.jetstack.io
|
||||
version: v0.14.3
|
||||
digest: sha256:b99f220fe708253be29daba252bac3a4c4ae7bfe70f9a518fabe9a6e306d8a84
|
||||
generated: "2020-05-04T16:55:09.668227657+01:00"
|
15
charts/kubezeroCertManager/Chart.yaml
Normal file
15
charts/kubezeroCertManager/Chart.yaml
Normal file
@ -0,0 +1,15 @@
|
||||
apiVersion: v2
|
||||
name: kubezeroCertManager
|
||||
description: KubeZero Umbrella Chart for cert-manager
|
||||
type: application
|
||||
version: 0.1.0
|
||||
home: https://kubezero.com
|
||||
keywords:
|
||||
- kubezero
|
||||
- cert-manager
|
||||
maintainers:
|
||||
- name: Quarky9
|
||||
dependencies:
|
||||
- name: cert-manager
|
||||
version: 0.14.3
|
||||
repository: https://charts.jetstack.io
|
5877
charts/kubezeroCertManager/crds/cert-manager-crds.yaml
Normal file
5877
charts/kubezeroCertManager/crds/cert-manager-crds.yaml
Normal file
File diff suppressed because it is too large
Load Diff
3
charts/kubezeroCertManager/update_crds.sh
Executable file
3
charts/kubezeroCertManager/update_crds.sh
Executable file
@ -0,0 +1,3 @@
|
||||
#!/bin/bash
|
||||
|
||||
curl -Lso crds/cert-manager-crds.yaml https://github.com/jetstack/cert-manager/releases/download/v0.14.3/cert-manager.crds.yaml
|
28
charts/kubezeroCertManager/values.yaml
Normal file
28
charts/kubezeroCertManager/values.yaml
Normal file
@ -0,0 +1,28 @@
|
||||
cert-manager:
|
||||
tolerations:
|
||||
- key: node-role.kubernetes.io/master
|
||||
effect: NoSchedule
|
||||
nodeSelector:
|
||||
node-role.kubernetes.io/master: ""
|
||||
ingressShim:
|
||||
defaultIssuerName: letsencrypt-dns-prod
|
||||
defaultIssuerKind: ClusterIssuer
|
||||
webhook:
|
||||
tolerations:
|
||||
- key: node-role.kubernetes.io/master
|
||||
effect: NoSchedule
|
||||
nodeSelector:
|
||||
node-role.kubernetes.io/master: ""
|
||||
cainjector:
|
||||
tolerations:
|
||||
- key: node-role.kubernetes.io/master
|
||||
effect: NoSchedule
|
||||
nodeSelector:
|
||||
node-role.kubernetes.io/master: ""
|
||||
extraArgs:
|
||||
- "--dns01-recursive-nameservers-only"
|
||||
prometheus:
|
||||
servicemonitor:
|
||||
enabled: false
|
||||
#podAnnotations:
|
||||
# iam.amazonaws.com/role: "INSERT_CLOUDFORMATION_OUTPUT_CertManagerRoleArn"
|
Loading…
Reference in New Issue
Block a user