Renaming, addition of draft cert-manager, templating

charts/kubezero-app/templates/calico.yaml

@@ -1,23 +0,0 @@
-{{- if .Values.calico.enabled }}
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: calico
-  namespace: argocd
-  labels:
-    app.kubernetes.io/name: {{ .Chart.Name }}-calico
-    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: kubezero
-spec:
-  project: kubezero
-
-  source:
-    repoURL: {{ default .Values.defaultSource.repoURL }}
-    targetRevision: {{ default .Values.defaultSource.targetRevision }}
-    path: {{ default .Values.defaultSource.pathPrefix }}artifacts/calico
-
-  destination:
-    server: {{ default .Values.defaultDestination.server }}
-    namespace: kube-system
-{{- end }}

charts/kubezero-app/templates/cert-manager.yaml

@@ -1,23 +0,0 @@
-{{- if .Values.certManager.enabled }}
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: cert-manager
-  namespace: argocd
-  labels:
-    app.kubernetes.io/name: {{ .Chart.Name }}-cert-manager
-    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: kubezero
-spec:
-  project: kubezero
-
-  source:
-    repoURL: {{ default .Values.defaultSource.repoURL }}
-    targetRevision: {{ default .Values.defaultSource.targetRevision }}
-    path: {{ default .Values.defaultSource.pathPrefix }}artifacts/cert-manager
-
-  destination:
-    server: {{ default .Values.defaultDestination.server }}
-    namespace: kube-system
-{{- end }}

charts/kubezero-app/templates/local-volume-provisioner.yaml

@@ -1,25 +0,0 @@
-{{- if .Values.localVolumeProvisioner.enabled }}
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: local-volume-provisioner
-  namespace: argocd
-  labels:
-    app.kubernetes.io/name: {{ .Chart.Name }}-localVolumeProvisioner
-    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: kubezero
-  finalizers:
-    - resources-finalizer.argocd.argoproj.io
-spec:
-  project: kubezero
-
-  source:
-    repoURL: {{ default .Values.defaultSource.repoURL }}
-    targetRevision: {{ default .Values.defaultSource.targetRevision }}
-    path: {{ default .Values.defaultSource.pathPrefix }}artifacts/local-volume-provisioner
-
-  destination:
-    server: {{ default .Values.defaultDestination.server }}
-    namespace: kube-system
-{{- end }}

charts/kubezero/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: argo-cd
+  repository: https://argoproj.github.io/argo-helm
+  version: 2.2.13
+digest: sha256:f27e25c51f555fd32ccb9c29ac5351938c78fc7b0bce1eb26acbc21a261caabf
+generated: "2020-05-04T23:48:08.109493489+01:00"

charts/kubezero/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 description: KubeZero Helm chart to install Zero Down Time Kuberenetes platform
 name: kubezero
-version: 0.1.8
+version: 0.2.0
 home: https://kubezero.com
 keywords:
   - kubezero
@@ -11,5 +11,5 @@ maintainers:
   - name: Quarky9
 dependencies:
   - name: argo-cd
-    version: 2.2.12
+    version: 2.2.13
     repository: https://argoproj.github.io/argo-helm

charts/kubezero/README.md

@@ -2,7 +2,7 @@ kubezero
 ========
 KubeZero Helm chart to install Zero Down Time Kuberenetes platform
 
-Current chart version is `0.1.8`
+Current chart version is `0.2.0`
 
 Source code can be found [here](https://kubezero.com)
 
@@ -10,7 +10,7 @@ Source code can be found [here](https://kubezero.com)
 
 | Repository | Name | Version |
 |------------|------|---------|
-| https://argoproj.github.io/argo-helm | argo-cd | 2.2.12 |
+| https://argoproj.github.io/argo-helm | argo-cd | 2.2.13 |
 
 ## Chart Values
 
@@ -33,7 +33,6 @@ Source code can be found [here](https://kubezero.com)
 | argo-cd.server.service.servicePortHttpsName | string | `"grpc"` |  |
 | argo-cd.server.tolerations[0].effect | string | `"NoSchedule"` |  |
 | argo-cd.server.tolerations[0].key | string | `"node-role.kubernetes.io/master"` |  |
-| bootstrap | bool | `true` | Wether to install the root-app `kubezero-app` |
-| config | object | `{}` | Kubezero configuration to be passed into kubezero-app |
 | istio.enabled | bool | `false` | Deploy Istio VirtualService to expose ArgoCD |
 | istio.gateway | string | `"ingressgateway.istio-system.svc.cluster.local"` | Name of the Istio gateway to add the VirtualService to |
+| kubezero | object | `{}` | Kubezero configuration, values.yaml please see kubezeroApp |

charts/kubezero/charts/argo-cd/.helmignore

@@ -1,2 +0,0 @@
-*.tgz
-output

charts/kubezero/charts/argo-cd/Chart.yaml

@@ -1,16 +0,0 @@
-apiVersion: v1
-appVersion: "1.5.2"
-description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
-name: argo-cd
-version: 2.2.12
-home: https://github.com/argoproj/argo-helm
-icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
-keywords:
-  - argoproj
-  - argocd
-  - gitops
-maintainers:
-  - name: alexec
-  - name: alexmt
-  - name: jessesuen
-  - name: seanson

charts/kubezero/charts/argo-cd/README.md

@@ -1,308 +0,0 @@
-# Argo CD Chart
-
-A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
-
-Source code can be found [here](https://argoproj.github.io/argo-cd/)
-
-## Additional Information
-
-This is a **community maintained** chart. This chart installs [argo-cd](https://argoproj.github.io/argo-cd/), a declarative, GitOps continuous delivery tool for Kubernetes.
-
-The default installation is intended to be similar to the provided ArgoCD [releases](https://github.com/argoproj/argo-cd/releases).
-
-This chart currently installs the non-HA version of ArgoCD.
-
-## Upgrading
-
-### 1.8.7 to 2.x.x
-
-`controller.extraArgs`, `repoServer.extraArgs` and `server.extraArgs`  are not arrays of strings intead of a map
-
-What was
-```yaml
-server:
-  extraArgs:
-    insecure: ""
-```
-
-is now
-
-```yaml
-server:
-  extraArgs:
-  - --insecure
-```
-
-## Prerequisites
-
-- Kubernetes 1.7+
-
-## Installing the Chart
-
-To install the chart with the release name `my-release`:
-
-```console
-$ helm repo add argo https://argoproj.github.io/argo-helm
-"argo" has been added to your repositories
-
-$ helm install --name my-release argo/argo-cd
-NAME: my-release
-...
-```
-
-### Helm v3 Compatability
-
-Requires chart version 1.5.2 or newer.
-
-Helm v3 has removed the `install-crds` hook so CRDs are now populated by files in the [crds](./crds) directory. Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings about nonexistant webhooks.
-
-## Chart Values
-
-| Parameter | Description | Default |
-|-----|------|---------|
-| global.image.imagePullPolicy | If defined, a imagePullPolicy applied to all ArgoCD deployments. | `"IfNotPresent"` |
-| global.image.repository | If defined, a repository applied to all ArgoCD deployments. | `"argoproj/argocd"` |
-| global.image.tag | If defined, a tag applied to all ArgoCD deployments. | `"v1.5.2"` |
-| global.securityContext | Toggle and define securityContext | See [values.yaml](values.yaml) |
-| global.imagePullSecrets | If defined, uses a Secret to pull an image from a private Docker registry or repository. | `[]` |
-| global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` |
-| nameOverride | Provide a name in place of `argocd` | `"argocd"` |
-| installCRDs | Install CRDs if you are using Helm2. | `true` |
-| configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) |
-| configs.secret.annotations | Annotations for argocd-secret | `{}` |
-| configs.secret.argocdServerAdminPassword | Admin password | `null` |
-| configs.secret.argocdServerAdminPasswordMtime | Admin password modification time | `date "2006-01-02T15:04:05Z" now` if configs.secret.argocdServerAdminPassword is set |
-| configs.secret.bitbucketSecret | BitBucket incoming webhook secret | `""` |
-| configs.secret.createSecret | Create the argocd-secret. | `true` |
-| configs.secret.githubSecret | GitHub incoming webhook secret | `""` |
-| configs.secret.gitlabSecret | GitLab incoming webhook secret | `""` |
-| configs.tlsCerts.data."argocd.example.com" | TLS certificate | See [values.yaml](values.yaml) |
-| configs.secret.extra | add additional secrets to be added to argocd-secret | `{}` |
-| openshift.enabled | enables using arbitrary uid for argo repo server | `false` |
-
-## ArgoCD Controller
-
-| Parameter | Description | Default |
-|-----|---------|-------------|
-| controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` |
-| controller.args.operationProcessors | define the controller `--operation-processors` | `"10"` |
-| controller.args.statusProcessors | define the controller `--status-processors` | `"20"` |
-| controller.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` |
-| controller.containerPort | Controller listening port. | `8082` |
-| controller.extraArgs | Additional arguments for the controller. A list of flags | `[]` |
-| controller.env | Environment variables for the controller. | `[]` |
-| controller.image.repository | Repository to use for the controller | `global.image.repository` |
-| controller.image.imagePullPolicy | Image pull policy for the controller | `global.image.imagePullPolicy` |
-| controller.image.tag | Tag to use for the controller | `global.image.tag` |
-| controller.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
-| controller.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
-| controller.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
-| controller.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
-| controller.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
-| controller.logLevel | Controller log level | `"info"` |
-| controller.metrics.enabled | Deploy metrics service | `false` |
-| controller.metrics.service.annotations | Metrics service annotations | `{}` |
-| controller.metrics.service.labels | Metrics service labels | `{}` |
-| controller.metrics.service.servicePort | Metrics service port | `8082` |
-| controller.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` |
-| controller.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` |
-| controller.name | Controller name string. | `"application-controller"` |
-| controller.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
-| controller.podAnnotations | Annotations for the controller pods | `{}` |
-| controller.podLabels | Labels for the controller pods | `{}` |
-| controller.priorityClassName | Priority class for the controller pods | `""` |
-| controller.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
-| controller.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
-| controller.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
-| controller.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
-| controller.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
-| controller.resources | Resource limits and requests for the controller pods. | `{}` |
-| controller.service.annotations | Controller service annotations. | `{}` |
-| controller.service.labels | Controller service labels. | `{}` |
-| controller.service.port | Controller service port. | `8082` |
-| controller.serviceAccount.create | Create a service account for the controller | `true` |
-| controller.serviceAccount.name | Service account name. | `"argocd-application-controller"` |
-| controller.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
-| controller.volumeMounts | Controller volume mounts | `[]` |
-| controller.volumes | Controller volumes | `[]` |
-
-## Argo Repo Server
-
-| Property | Description | Default |
-|-----|---------|-------------|
-| repoServer.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` |
-| repoServer.autoscaling.enabled | Enable Horizontal Pod Autoscaler ([HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/)) for the repo server | `false` |
-| repoServer.autoscaling.minReplicas | Minimum number of replicas for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `1` |
-| repoServer.autoscaling.maxReplicas | Maximum number of replicas for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `5` |
-| repoServer.autoscaling.targetCPUUtilizationPercentage | Average CPU utilization percentage for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` |
-| repoServer.autoscaling.targetMemoryUtilizationPercentage | Average memory utilization percentage for the repo server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` |
-| repoServer.containerPort | Repo server port | `8081` |
-| repoServer.extraArgs | Additional arguments for the repo server. A  list of flags. | `[]` |
-| repoServer.env | Environment variables for the repo server. | `[]` |
-| repoServer.image.repository | Repository to use for the repo server | `global.image.repository` |
-| repoServer.image.imagePullPolicy | Image pull policy for the repo server | `global.image.imagePullPolicy` |
-| repoServer.image.tag | Tag to use for the repo server | `global.image.tag` |
-| repoServer.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
-| repoServer.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
-| repoServer.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
-| repoServer.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
-| repoServer.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
-| repoServer.logLevel | Log level | `"info"` |
-| repoServer.metrics.enabled | Deploy metrics service | `false` |
-| repoServer.metrics.service.annotations | Metrics service annotations | `{}` |
-| repoServer.metrics.service.labels | Metrics service labels | `{}` |
-| repoServer.metrics.service.servicePort | Metrics service port | `8082` |
-| repoServer.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` |
-| repoServer.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` |
-| repoServer.name | Repo server name | `"repo-server"` |
-| repoServer.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
-| repoServer.podAnnotations | Annotations for the repo server pods | `{}` |
-| repoServer.podLabels | Labels for the repo server pods | `{}` |
-| repoServer.priorityClassName | Priority class for the repo server | `""` |
-| repoServer.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
-| repoServer.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
-| repoServer.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
-| repoServer.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
-| repoServer.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
-| repoServer.replicas | The number of repo server pods to run | `1` |
-| repoServer.resources | Resource limits and requests for the repo server pods. | `{}` |
-| repoServer.service.annotations | Repo server service annotations. | `{}` |
-| repoServer.service.labels | Repo server service labels. | `{}` |
-| repoServer.service.port | Repo server service port. | `8081` |
-| repoServer.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
-| repoServer.volumeMounts | Repo server volume mounts | `[]` |
-| repoServer.volumes | Repo server volumes | `[]` |
-
-## Argo Server
-
-| Parameter | Description | Default |
-|-----|---------|-------------|
-| server.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` |
-| server.autoscaling.enabled | Enable Horizontal Pod Autoscaler ([HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/)) for the server | `false` |
-| server.autoscaling.minReplicas | Minimum number of replicas for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `1` |
-| server.autoscaling.maxReplicas | Maximum number of replicas for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `5` |
-| server.autoscaling.targetCPUUtilizationPercentage | Average CPU utilization percentage for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` |
-| server.autoscaling.targetMemoryUtilizationPercentage | Average memory utilization percentage for the server [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) | `50` |
-| server.GKEbackendConfig.enabled | Enable BackendConfig custom resource for Google Kubernetes Engine. | `false` |
-| server.GKEbackendConfig.spec | [BackendConfigSpec](https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom) | `{}` |
-| server.certificate.additionalHosts | Certificate manager additional hosts | `[]` |
-| server.certificate.domain | Certificate manager domain | `"argocd.example.com"` |
-| server.certificate.enabled | Enables a certificate manager certificate. | `false` |
-| server.certificate.issuer | Certificate manager issuer | `{}` |
-| server.clusterAdminAccess.enabled | Enable RBAC for local cluster deployments. | `true` |
-| server.config | [General Argo CD configuration](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#repositories) | See [values.yaml](values.yaml) |
-| server.containerPort | Server container port. | `8080` |
-| server.extraArgs | Additional arguments for the server. A list of flags. | `[]` |
-| server.env | Environment variables for the server. | `[]` |
-| server.image.repository | Repository to use for the server | `global.image.repository` |
-| server.image.imagePullPolicy | Image pull policy for the server | `global.image.imagePullPolicy` |
-| server.image.tag | Tag to use for the server | `global.image.tag` |
-| server.ingress.annotations | Additional ingress annotations | `{}` |
-| server.ingress.enabled | Enable an ingress resource for the server | `false` |
-| server.ingress.hosts | List of ingress hosts | `[]` |
-| server.ingress.labels | Additional ingress labels. | `{}` |
-| server.ingress.tls | Ingress TLS configuration. | `[]` |
-| server.route.enabled | Enable a OpenShift route for the server | `false` |
-| server.route.hostname | Hostname of OpenShift route | `""` |
-| server.livenessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
-| server.livenessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
-| server.livenessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
-| server.livenessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
-| server.livenessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
-| server.logLevel | Log level | `"info"` |
-| server.metrics.enabled | Deploy metrics service | `false` |
-| server.metrics.service.annotations | Metrics service annotations | `{}` |
-| server.metrics.service.labels | Metrics service labels | `{}` |
-| server.metrics.service.servicePort | Metrics service port | `8082` |
-| server.metrics.serviceMonitor.enabled | Enable a prometheus ServiceMonitor. | `false` |
-| server.metrics.serviceMonitor.selector | Prometheus ServiceMonitor selector. | `{}` |
-| server.name | Argo CD server name | `"server"` |
-| server.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
-| server.podAnnotations | Annotations for the server pods | `{}` |
-| server.podLabels | Labels for the server pods | `{}` |
-| server.priorityClassName | Priority class for the server | `""` |
-| server.rbacConfig | [Argo CD RBAC policy](https://argoproj.github.io/argo-cd/operator-manual/rbac/) | `{}` |
-| server.readinessProbe.failureThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `3` |
-| server.readinessProbe.initialDelaySeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
-| server.readinessProbe.periodSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `10` |
-| server.readinessProbe.successThreshold | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
-| server.readinessProbe.timeoutSeconds | [Kubernetes probe configuration](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) | `1` |
-| server.replicas | The number of server pods to run | `1` |
-| server.resources | Resource limits and requests for the server | `{}` |
-| server.service.annotations | Server service annotations | `{}` |
-| server.service.labels | Server service labels | `{}` |
-| server.service.servicePortHttp | Server service http port | `80` |
-| server.service.servicePortHttps | Server service https port | `443` |
-| server.service.servicePortHttpName | Server service http port name, can be used to route traffic via istio | `http` |
-| server.service.servicePortHttpsName | Server service https port name, can be used to route traffic via istio | `https` |
-| server.service.loadBalancerSourceRanges | Source IP ranges to allow access to service from. | `[]` |
-| server.service.type | Server service type | `"ClusterIP"` |
-| server.serviceAccount.create | Create server service account | `true` |
-| server.serviceAccount.name | Server service account name | `"argocd-server"` |
-| server.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
-| server.volumeMounts | Server volume mounts | `[]` |
-| server.volumes | Server volumes | `[]` |
-
-## Dex
-
-| Property | Description | Default |
-|-----|---------|-------------|
-| dex.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` |
-| dex.containerPortGrpc | GRPC container port | `5557` |
-| dex.containerPortHttp | HTTP container port | `5556` |
-| dex.enabled | Enable dex | `true` |
-| dex.image.imagePullPolicy | Dex imagePullPolicy | `"IfNotPresent"` |
-| dex.image.repository | Dex image repository | `"quay.io/dexidp/dex"` |
-| dex.image.tag | Dex image tag | `"v2.14.0"` |
-| dex.initImage.repository | Argo CD init image repository. | `global.image.repository` |
-| dex.initImage.imagePullPolicy | Argo CD init image imagePullPolicy | `global.image.imagePullPolicy` |
-| dex.initImage.tag | Argo CD init image tag | `global.image.tag` |
-| dex.name | Dex name | `"dex-server"` |
-| dex.env | Environment variables for the Dex server. | `[]` |
-| dex.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
-| dex.podAnnotations | Annotations for the Dex server pods | `{}` |
-| dex.podLabels | Labels for the Dex server pods | `{}` |
-| dex.priorityClassName | Priority class for dex | `""` |
-| dex.resources | Resource limits and requests for dex | `{}` |
-| dex.serviceAccount.create | Create dex service account | `true` |
-| dex.serviceAccount.name | Dex service account name | `"argocd-dex-server"` |
-| dex.servicePortGrpc | Server GRPC port | `5557` |
-| dex.servicePortHttp | Server HTTP port | `5556` |
-| dex.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
-| dex.volumeMounts | Dex volume mounts | `"/shared"` |
-| dex.volumes | Dex volumes | `{}` |
-
-## Redis
-
-When Redis is completely disabled from the chart (`redis.enabled=false`) and
-an external Redis instance wants to be used or
-when Redis HA subcart is enabled (`redis.enabled=true and redis-ha.enabled=true`)
-but HA proxy is disabled `redis-ha.haproxy.enabled=false` Redis flags need to be specified
-through `xxx.extraArgs`
-
-| Parameter | Description | Default |
-|-----|---------|-------------|
-| redis.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` |
-| redis.containerPort | Redis container port | `6379` |
-| redis.enabled | Enable redis | `true` |
-| redis.image.imagePullPolicy | Redis imagePullPolicy | `"IfNotPresent"` |
-| redis.image.repository | Redis repository | `"redis"` |
-| redis.image.tag | Redis tag | `"5.0.3"` |
-| redis.name | Redis name | `"redis"` |
-| redis.env | Environment variables for the Redis server. | `[]` |
-| redis.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` |
-| redis.podAnnotations | Annotations for the Redis server pods | `{}` |
-| redis.podLabels | Labels for the Redis server pods | `{}` |
-| redis.priorityClassName | Priority class for redis | `""` |
-| redis.resources | Resource limits and requests for redis | `{}` |
-| redis.servicePort | Redis service port | `6379` |
-| redis.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` |
-| redis-ha | Configures [Redis HA subchart](https://github.com/helm/charts/tree/master/stable/redis-ha) The properties below have been changed from the subchart defaults | |
-| redis-ha.enabled | Enables the Redis HA subchart and disables the custom Redis single node deployment| `false` |
-| redis-ha.exporter.enabled | If `true`, the prometheus exporter sidecar is enabled | `true` |
-| redis-ha.persistentVolume.enabled | Configures persistency on Redis nodes | `false`
-| redis-ha.redis.masterGroupName | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | `argocd`
-| redis-ha.redis.config | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | `` |
-| redis-ha.redis.config.save | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""`  is disabled | `""` |
-| redis-ha.haproxy.enabled | Enabled HAProxy LoadBalancing/Proxy | `true` |
-| redis-ha.haproxy.metrics.enabled | HAProxy enable prometheus metric scraping | `true` |

charts/kubezero/charts/argo-cd/crds/crd-project.yaml

@@ -1,209 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1beta1
-kind: CustomResourceDefinition
-metadata:
-  labels:
-    app.kubernetes.io/name: appprojects.argoproj.io
-    app.kubernetes.io/part-of: argocd
-  name: appprojects.argoproj.io
-  annotations:
-    helm.sh/hook: crd-install
-spec:
-  group: argoproj.io
-  names:
-    kind: AppProject
-    listKind: AppProjectList
-    plural: appprojects
-    shortNames:
-    - appproj
-    - appprojs
-    singular: appproject
-  scope: Namespaced
-  validation:
-    openAPIV3Schema:
-      description: 'AppProject provides a logical grouping of applications, providing
-        controls for: * where the apps may deploy to (cluster whitelist) * what may
-        be deployed (repository whitelist, resource whitelist/blacklist) * who can
-        access these applications (roles, OIDC group claims bindings) * and what they
-        can do (RBAC policies) * automation access to these roles (JWT tokens)'
-      properties:
-        apiVersion:
-          description: 'APIVersion defines the versioned schema of this representation
-            of an object. Servers should convert recognized schemas to the latest
-            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-          type: string
-        kind:
-          description: 'Kind is a string value representing the REST resource this
-            object represents. Servers may infer this from the endpoint the client
-            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-          type: string
-        metadata:
-          type: object
-        spec:
-          description: AppProjectSpec is the specification of an AppProject
-          properties:
-            clusterResourceWhitelist:
-              description: ClusterResourceWhitelist contains list of whitelisted cluster
-                level resources
-              items:
-                description: GroupKind specifies a Group and a Kind, but does not
-                  force a version.  This is useful for identifying concepts during
-                  lookup stages without having partially valid types
-                properties:
-                  group:
-                    type: string
-                  kind:
-                    type: string
-                required:
-                - group
-                - kind
-                type: object
-              type: array
-            description:
-              description: Description contains optional project description
-              type: string
-            destinations:
-              description: Destinations contains list of destinations available for
-                deployment
-              items:
-                description: ApplicationDestination contains deployment destination
-                  information
-                properties:
-                  namespace:
-                    description: Namespace overrides the environment namespace value
-                      in the ksonnet app.yaml
-                    type: string
-                  server:
-                    description: Server overrides the environment server value in
-                      the ksonnet app.yaml
-                    type: string
-                type: object
-              type: array
-            namespaceResourceBlacklist:
-              description: NamespaceResourceBlacklist contains list of blacklisted
-                namespace level resources
-              items:
-                description: GroupKind specifies a Group and a Kind, but does not
-                  force a version.  This is useful for identifying concepts during
-                  lookup stages without having partially valid types
-                properties:
-                  group:
-                    type: string
-                  kind:
-                    type: string
-                required:
-                - group
-                - kind
-                type: object
-              type: array
-            orphanedResources:
-              description: OrphanedResources specifies if controller should monitor
-                orphaned resources of apps in this project
-              properties:
-                warn:
-                  description: Warn indicates if warning condition should be created
-                    for apps which have orphaned resources
-                  type: boolean
-              type: object
-            roles:
-              description: Roles are user defined RBAC roles associated with this
-                project
-              items:
-                description: ProjectRole represents a role that has access to a project
-                properties:
-                  description:
-                    description: Description is a description of the role
-                    type: string
-                  groups:
-                    description: Groups are a list of OIDC group claims bound to this
-                      role
-                    items:
-                      type: string
-                    type: array
-                  jwtTokens:
-                    description: JWTTokens are a list of generated JWT tokens bound
-                      to this role
-                    items:
-                      description: JWTToken holds the issuedAt and expiresAt values
-                        of a token
-                      properties:
-                        exp:
-                          format: int64
-                          type: integer
-                        iat:
-                          format: int64
-                          type: integer
-                      required:
-                      - iat
-                      type: object
-                    type: array
-                  name:
-                    description: Name is a name for this role
-                    type: string
-                  policies:
-                    description: Policies Stores a list of casbin formated strings
-                      that define access policies for the role in the project
-                    items:
-                      type: string
-                    type: array
-                required:
-                - name
-                type: object
-              type: array
-            sourceRepos:
-              description: SourceRepos contains list of repository URLs which can
-                be used for deployment
-              items:
-                type: string
-              type: array
-            syncWindows:
-              description: SyncWindows controls when syncs can be run for apps in
-                this project
-              items:
-                description: SyncWindow contains the kind, time, duration and attributes
-                  that are used to assign the syncWindows to apps
-                properties:
-                  applications:
-                    description: Applications contains a list of applications that
-                      the window will apply to
-                    items:
-                      type: string
-                    type: array
-                  clusters:
-                    description: Clusters contains a list of clusters that the window
-                      will apply to
-                    items:
-                      type: string
-                    type: array
-                  duration:
-                    description: Duration is the amount of time the sync window will
-                      be open
-                    type: string
-                  kind:
-                    description: Kind defines if the window allows or blocks syncs
-                    type: string
-                  manualSync:
-                    description: ManualSync enables manual syncs when they would otherwise
-                      be blocked
-                    type: boolean
-                  namespaces:
-                    description: Namespaces contains a list of namespaces that the
-                      window will apply to
-                    items:
-                      type: string
-                    type: array
-                  schedule:
-                    description: Schedule is the time the window will begin, specified
-                      in cron format
-                    type: string
-                type: object
-              type: array
-          type: object
-      required:
-      - metadata
-      - spec
-      type: object
-  version: v1alpha1
-  versions:
-  - name: v1alpha1
-    served: true
-    storage: true

charts/kubezero/charts/argo-cd/requirements.lock

@@ -1,6 +0,0 @@
-dependencies:
-- name: redis-ha
-  repository: https://kubernetes-charts.storage.googleapis.com
-  version: 4.4.2
-digest: sha256:70fdd035c3aa3b7185882f12a73143c58ab32f04262dda2cf34a2b1a52116d96
-generated: "2020-03-29T14:37:59.349371452+01:00"

charts/kubezero/charts/argo-cd/requirements.yaml

@@ -1,5 +0,0 @@
-dependencies:
-- name: redis-ha
-  version: 4.4.2
-  repository: https://kubernetes-charts.storage.googleapis.com
-  condition: redis-ha.enabled

charts/kubezero/charts/argo-cd/templates/NOTES.txt

@@ -1,15 +0,0 @@
-In order to access the server UI you have the following options:
-
-1. kubectl port-forward service/{{include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443
-
-    and then open the browser on http://localhost:8080 and accept the certificate
-
-2. enable ingress in the values file `service.ingress.enabled` and either
-      - Add the annotation for ssl passthrough: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-1-ssl-passthrough
-      - Add the `--insecure` flag to `server.extraArgs` in the values file and terminate SSL at your ingress: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-2-multiple-ingress-objects-and-hosts
-
-
-After reaching the UI the first time you can login with username: admin and the password will be the
-name of the server pod. You can get the pod name by running:
-
-kubectl get pods -n {{ .Release.Namespace }} -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2

charts/kubezero/charts/argo-cd/templates/_helpers.tpl

@@ -1,118 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "argo-cd.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "argo-cd.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create controller name and version as used by the chart label.
-*/}}
-{{- define "argo-cd.controller.fullname" -}}
-{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create dex name and version as used by the chart label.
-*/}}
-{{- define "argo-cd.dex.fullname" -}}
-{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.dex.name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create redis name and version as used by the chart label.
-*/}}
-{{- define "argo-cd.redis.fullname" -}}
-{{ $redisHa := (index .Values "redis-ha") }}
-{{- if $redisHa.enabled -}}
-    {{- if $redisHa.haproxy.enabled -}}
-        {{- printf "%s-redis-ha-haproxy" .Release.Name | trunc 63 | trimSuffix "-" -}}
-    {{- end -}}
-{{- else -}}
-{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.redis.name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create argocd server name and version as used by the chart label.
-*/}}
-{{- define "argo-cd.server.fullname" -}}
-{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create argocd repo-server name and version as used by the chart label.
-*/}}
-{{- define "argo-cd.repoServer.fullname" -}}
-{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create the name of the controller service account to use
-*/}}
-{{- define "argo-cd.controllerServiceAccountName" -}}
-{{- if .Values.controller.serviceAccount.create -}}
-    {{ default (include "argo-cd.fullname" .) .Values.controller.serviceAccount.name }}
-{{- else -}}
-    {{ default "default" .Values.controller.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the dex service account to use
-*/}}
-{{- define "argo-cd.dexServiceAccountName" -}}
-{{- if .Values.dex.serviceAccount.create -}}
-    {{ default (include "argo-cd.fullname" .) .Values.dex.serviceAccount.name }}
-{{- else -}}
-    {{ default "default" .Values.dex.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the ArgoCD server service account to use
-*/}}
-{{- define "argo-cd.serverServiceAccountName" -}}
-{{- if .Values.server.serviceAccount.create -}}
-    {{ default (include "argo-cd.fullname" .) .Values.server.serviceAccount.name }}
-{{- else -}}
-    {{ default "default" .Values.server.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the repo-server service account to use
-*/}}
-{{- define "argo-cd.repoServerServiceAccountName" -}}
-{{- if .Values.repoServer.serviceAccount.create -}}
-    {{ default (include "argo-cd.fullname" .) .Values.repoServer.serviceAccount.name }}
-{{- else -}}
-    {{ default "default" .Values.repoServer.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "argo-cd.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}

charts/kubezero/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml

@@ -1,24 +0,0 @@
-{{- if .Values.controller.clusterAdminAccess.enabled }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: {{ template "argo-cd.controller.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.controller.name }}
-rules:
-- apiGroups:
-  - '*'
-  resources:
-  - '*'
-  verbs:
-  - '*'
-- nonResourceURLs:
-  - '*'
-  verbs:
-  - '*'
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml

@@ -1,21 +0,0 @@
-{{- if .Values.controller.clusterAdminAccess.enabled }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: {{ template "argo-cd.controller.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.controller.name }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: {{ template "argo-cd.controller.fullname" . }}
-subjects:
-- kind: ServiceAccount
-  name: {{ template "argo-cd.controllerServiceAccountName" . }}
-  namespace: {{ .Release.Namespace }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-application-controller/deployment.yaml

@@ -1,123 +0,0 @@
-{{- $redisHa := (index .Values "redis-ha") -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ template "argo-cd.controller.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.controller.name }}
-    app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }}
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller
-      app.kubernetes.io/instance: {{ .Release.Name }}
-  revisionHistoryLimit: 5
-  replicas: 1
-  template:
-    metadata:
-      {{- if .Values.controller.podAnnotations }}
-      annotations:
-      {{- range $key, $value := .Values.controller.podAnnotations }}
-        {{ $key }}: {{ $value | quote }}
-      {{- end }}
-      {{- end }}
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: argocd
-        app.kubernetes.io/component: {{ .Values.controller.name }}
-        app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }}
-        {{- if .Values.controller.podLabels }}
-{{- toYaml .Values.controller.podLabels | nindent 8 }}
-        {{- end }}
-    spec:
-      {{- with .Values.global.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- if .Values.global.securityContext }}
-      securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
-      {{- end }}
-      containers:
-      - command:
-        - argocd-application-controller
-        - --status-processors
-        - {{ .Values.controller.args.statusProcessors | quote }}
-        - --operation-processors
-        - {{ .Values.controller.args.operationProcessors | quote }}
-        - --repo-server
-        - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
-        - --loglevel
-        - {{ .Values.controller.logLevel }}
-        {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }}
-        - --redis
-        - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
-        {{- end }}
-        {{- with .Values.controller.extraArgs }}
-        {{- . | toYaml | nindent 8 }}
-        {{- end }}
-        image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default .Values.global.image.tag .Values.controller.image.tag }}
-        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }}
-        name: {{ .Values.controller.name }}
-        {{- if .Values.controller.containerSecurityContext }}
-        securityContext: {{- toYaml .Values.controller.containerSecurityContext | nindent 10 }}
-        {{- end }}
-        {{- if .Values.controller.env }}
-        env:
-{{- toYaml .Values.controller.env | nindent 8 }}
-        {{- end }}
-        ports:
-        - name: controller
-          containerPort: {{ .Values.controller.containerPort }}
-          protocol: TCP
-        livenessProbe:
-          httpGet:
-            path: /healthz
-            port: {{ .Values.controller.containerPort }}
-          initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }}
-          periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }}
-          timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }}
-          successThreshold: {{ .Values.controller.livenessProbe.successThreshold }}
-          failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }}
-        readinessProbe:
-          tcpSocket:
-            port: {{ .Values.controller.containerPort }}
-          initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }}
-          periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }}
-          timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }}
-          successThreshold: {{ .Values.controller.readinessProbe.successThreshold }}
-          failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }}
-{{- if .Values.controller.volumeMounts }}
-        volumeMounts:
-{{- toYaml .Values.controller.volumeMounts | nindent 10}}
-{{- end }}
-        resources:
-{{- toYaml .Values.controller.resources | nindent 10 }}
-    {{- if .Values.controller.nodeSelector }}
-      nodeSelector:
-{{- toYaml .Values.controller.nodeSelector | nindent 8 }}
-    {{- end }}
-    {{- if .Values.controller.tolerations }}
-      tolerations:
-{{- toYaml .Values.controller.tolerations | nindent 8 }}
-    {{- end }}
-    {{- if .Values.controller.affinity }}
-      affinity:
-{{- toYaml .Values.controller.affinity | nindent 8 }}
-    {{- end }}
-      serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }}
-{{- with .Values.global.hostAliases }}
-      hostAliases:
-{{ toYaml . | indent 6 }}
-{{- end }}
-{{- if .Values.controller.volumes }}
-      volumes:
-{{- toYaml .Values.controller.volumes | nindent 8 }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml

@@ -1,31 +0,0 @@
-{{- if .Values.controller.metrics.enabled}}
-apiVersion: v1
-kind: Service
-metadata:
-{{- if .Values.controller.metrics.service.annotations }}
-  annotations:
-  {{- range $key, $value := .Values.controller.metrics.service.annotations }}
-    {{ $key }}: {{ $value | quote }}
-  {{- end }}
-{{- end }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.controller.name }}
-{{- if .Values.controller.metrics.service.labels }}
-{{- toYaml .Values.controller.metrics.service.labels | nindent 4 }}
-{{- end }}
-  name: {{ template "argo-cd.controller.fullname" . }}-metrics
-spec:
-  ports:
-  - name: metrics
-    protocol: TCP
-    port: {{ .Values.controller.metrics.service.servicePort }}
-    targetPort: controller
-  selector:
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml

@@ -1,27 +0,0 @@
-{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.rules.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: PrometheusRule
-metadata:
-  name: {{ template "argo-cd.controller.fullname" . }}
-  {{- if .Values.controller.metrics.rules.namespace }}
-  namespace: {{ .Values.controller.metrics.rules.namespace }}
-  {{- end }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.controller.name }}
-    {{- if .Values.controller.metrics.rules.selector }}
-{{- toYaml .Values.controller.metrics.rules.selector | nindent 4 }}
-    {{- end }}
-    {{- if .Values.controller.metrics.rules.additionalLabels }}
-{{- toYaml .Values.controller.metrics.rules.additionalLabels | nindent 4 }}
-    {{- end }}
-spec:
-  groups:
-  - name: argocd
-    rules:
-{{- toYaml .Values.controller.metrics.rules.spec | nindent 4 }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-application-controller/role.yaml

@@ -1,41 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: {{ template "argo-cd.controller.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.controller.name }}
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - secrets
-  - configmaps
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - argoproj.io
-  resources:
-  - applications
-  - appprojects
-  verbs:
-  - create
-  - get
-  - list
-  - watch
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - ""
-  resources:
-  - events
-  verbs:
-  - create
-  - list

charts/kubezero/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml

@@ -1,19 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: {{ template "argo-cd.controller.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.controller.name }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: {{ template "argo-cd.controller.fullname" . }}
-subjects:
-- kind: ServiceAccount
-  name: {{ template "argo-cd.controllerServiceAccountName" . }}
-  namespace: {{ .Release.Namespace }}

charts/kubezero/charts/argo-cd/templates/argocd-application-controller/service.yaml

@@ -1,25 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-{{- if .Values.controller.service.annotations }}
-  annotations:
-  {{- range $key, $value := .Values.controller.service.annotations }}
-    {{ $key }}: {{ $value | quote }}
-  {{- end }}
-{{- end }}
-  name: {{ template "argo-cd.controller.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.controller.name }}
-spec:
-  ports:
-  - name: {{ .Values.controller.service.portName }}
-    port: {{ .Values.controller.service.port }}
-    targetPort: {{ .Values.controller.containerPort }}
-  selector:
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}

charts/kubezero/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml

@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ template "argo-cd.controllerServiceAccountName" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.controller.name }}

charts/kubezero/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml

@@ -1,35 +0,0 @@
-{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
-  name: {{ template "argo-cd.controller.fullname" . }}
-  {{- if .Values.controller.metrics.serviceMonitor.namespace }}
-  namespace: {{ .Values.controller.metrics.serviceMonitor.namespace }}
-  {{- end }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.controller.name }}
-    {{- if .Values.controller.metrics.serviceMonitor.selector }}
-{{- toYaml .Values.controller.metrics.serviceMonitor.selector | nindent 4 }}
-    {{- end }}
-    {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }}
-{{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }}
-    {{- end }}
-spec:
-  endpoints:
-    - port: metrics
-      interval: 30s
-      path: /metrics
-  namespaceSelector:
-    matchNames:
-      - {{ .Release.Namespace }}
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics
-      app.kubernetes.io/component: {{ .Values.controller.name }}
-{{- end }}
-

charts/kubezero/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml

@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: argocd-cm
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-cm
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-data:
-{{- toYaml .Values.server.config | nindent 4 }}

charts/kubezero/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml

@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: argocd-rbac-cm
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-rbac-cm
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-{{- if .Values.server.rbacConfig }}
-data:
-{{- toYaml .Values.server.rbacConfig | nindent 4 }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml

@@ -1,50 +0,0 @@
-{{- if .Values.configs.secret.createSecret }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: argocd-secret
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-  {{- if .Values.configs.secret.annotations }}
-  annotations:
-  {{- range $key, $value := .Values.configs.secret.annotations }}
-    {{ $key }}: {{ $value | quote }}
-  {{- end }}
-  {{- end }}
-type: Opaque
-{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig .Values.configs.secret.extra) }}
-# Setting a blank data again will wipe admin password/key/cert
-data:
-  {{- if .Values.configs.secret.githubSecret }}
-  webhook.github.secret: {{ .Values.configs.secret.githubSecret | b64enc }}
-  {{- end }}
-  {{- if .Values.configs.secret.gitlabSecret }}
-  webhook.gitlab.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }}
-  {{- end }}
-  {{- if .Values.configs.secret.bitbucketServerSecret }}
-  webhook.bitbucketserver.secret: {{ .Values.configs.secret.bitbucketServerSecret | b64enc }}
-  {{- end }}
-  {{- if .Values.configs.secret.bitbucketUUID }}
-  webhook.bitbucket.uuid: {{ .Values.configs.secret.bitbucketUUID | b64enc }}
-  {{- end }}
-  {{- if .Values.configs.secret.gogsSecret }}
-  webhook.gogs.secret: {{ .Values.configs.secret.gogsSecret | b64enc }}
-  {{- end }}
-  {{- if .Values.configs.secret.argocdServerTlsConfig }}
-  tls.key: {{ .Values.configs.secret.argocdServerTlsConfig.key | b64enc }}
-  tls.crt: {{ .Values.configs.secret.argocdServerTlsConfig.crt | b64enc }}
-  {{- end }}
-  {{- if .Values.configs.secret.argocdServerAdminPassword }}
-  admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }}
-  admin.passwordMtime: {{ default (date "2006-01-02T15:04:05Z" now) .Values.configs.secret.argocdServerAdminPasswordMtime | b64enc }}
-  {{- end }}
-  {{- range $key, $value := .Values.configs.secret.extra }}
-  {{ $key }}: {{ $value | b64enc }}
-  {{- end }}
-{{- end }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml

@@ -1,12 +0,0 @@
-apiVersion: v1
-{{- toYaml .Values.configs.knownHosts | nindent 0 }}
-kind: ConfigMap
-metadata:
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-ssh-known-hosts-cm
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-  name: argocd-ssh-known-hosts-cm

charts/kubezero/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-{{- if .Values.configs.tlsCerts }}
-{{- toYaml .Values.configs.tlsCerts | nindent 0 }}
-{{- end }}
-kind: ConfigMap
-metadata:
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-tls-certs-cm
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-  name: argocd-tls-certs-cm

charts/kubezero/charts/argo-cd/templates/argocd-repo-server/deployment.yaml

@@ -1,154 +0,0 @@
-{{- $redisHa := (index .Values "redis-ha") -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ template "argo-cd.repoServer.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.repoServer.name }}
-    app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }}
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
-      app.kubernetes.io/instance: {{ .Release.Name }}
-  revisionHistoryLimit: 5
-  {{- if (ne .Values.repoServer.autoscaling.enabled true) }}
-  replicas: {{ .Values.repoServer.replicas }}
-  {{- end }}
-  template:
-    metadata:
-      {{- if .Values.repoServer.podAnnotations }}
-      annotations:
-      {{- range $key, $value := .Values.repoServer.podAnnotations }}
-        {{ $key }}: {{ $value | quote }}
-      {{- end }}
-      {{- end }}
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: argocd
-        app.kubernetes.io/component: {{ .Values.repoServer.name }}
-        app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.repoServer.image.tag | quote }}
-        {{- if .Values.repoServer.podLabels }}
-{{- toYaml .Values.repoServer.podLabels | nindent 8 }}
-        {{- end }}
-    spec:
-      {{- with .Values.global.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- if .Values.global.securityContext }}
-      securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
-      {{- end }}
-      containers:
-      - name: {{ .Values.repoServer.name }}
-        image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default .Values.global.image.tag .Values.repoServer.image.tag }}
-        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }}
-        command:
-        {{- if .Values.openshift.enabled }}
-        - uid_entrypoint.sh
-        {{- end }}
-        - argocd-repo-server
-        {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }}
-        - --redis
-        - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
-        {{- end }}
-        - --loglevel
-        - {{ .Values.repoServer.logLevel }}
-        {{- with .Values.repoServer.extraArgs }}
-        {{- . | toYaml | nindent 8 }}
-        {{- end }}
-        {{- if .Values.repoServer.containerSecurityContext }}
-        securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }}
-        {{- end }}
-{{- if or (.Values.repoServer.env) (.Values.openshift.enabled) }}
-        env:
-{{- if .Values.repoServer.env }}
-{{- toYaml .Values.repoServer.env | nindent 8 }}
-{{- end }}
-{{- if .Values.openshift.enabled }}
-        - name: USER_NAME
-          value: argocd
-{{- end }}
-{{- end }}
-        volumeMounts:
-        {{- if .Values.repoServer.volumeMounts }}
-{{- toYaml .Values.repoServer.volumeMounts | nindent 8}}
-        {{- end }}
-        {{- if .Values.configs.knownHosts }}
-        - mountPath: /app/config/ssh
-          name: ssh-known-hosts
-        {{- end }}
-        {{- if .Values.configs.tlsCerts }}
-        - mountPath: /app/config/tls
-          name: tls-certs
-        {{- end }}
-        ports:
-        - name: repo-server
-          containerPort: {{ .Values.repoServer.containerPort }}
-          protocol: TCP
-        {{ if .Values.repoServer.metrics.enabled }}
-        - name: metrics
-          containerPort: 8084
-          protocol: TCP
-        {{- end }}
-        livenessProbe:
-          tcpSocket:
-            port: {{ .Values.repoServer.containerPort }}
-          initialDelaySeconds: {{ .Values.repoServer.livenessProbe.initialDelaySeconds }}
-          periodSeconds: {{ .Values.repoServer.livenessProbe.periodSeconds }}
-          timeoutSeconds: {{ .Values.repoServer.livenessProbe.timeoutSeconds }}
-          successThreshold: {{ .Values.repoServer.livenessProbe.successThreshold }}
-          failureThreshold: {{ .Values.repoServer.livenessProbe.failureThreshold }}
-        readinessProbe:
-          tcpSocket:
-            port: {{ .Values.repoServer.containerPort }}
-          initialDelaySeconds: {{ .Values.repoServer.readinessProbe.initialDelaySeconds }}
-          periodSeconds: {{ .Values.repoServer.readinessProbe.periodSeconds }}
-          timeoutSeconds: {{ .Values.repoServer.readinessProbe.timeoutSeconds }}
-          successThreshold: {{ .Values.repoServer.readinessProbe.successThreshold }}
-          failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }}
-        resources:
-{{- toYaml .Values.repoServer.resources | nindent 10 }}
-    {{- if .Values.repoServer.nodeSelector }}
-      nodeSelector:
-{{- toYaml .Values.repoServer.nodeSelector | nindent 8 }}
-    {{- end }}
-    {{- if .Values.repoServer.tolerations }}
-      tolerations:
-{{- toYaml .Values.repoServer.tolerations | nindent 8 }}
-    {{- end }}
-    {{- if .Values.repoServer.affinity }}
-      affinity:
-{{- toYaml .Values.repoServer.affinity | nindent 8 }}
-    {{- end }}
-      serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }}
-{{- with .Values.global.hostAliases }}
-      hostAliases:
-{{ toYaml . | indent 6 }}
-{{- end }}
-      volumes:
-      {{- if .Values.repoServer.volumes }}
-{{- toYaml .Values.repoServer.volumes | nindent 6}}
-      {{- end }}
-      {{- if .Values.configs.knownHosts }}
-      - configMap:
-          name: argocd-ssh-known-hosts-cm
-        name: ssh-known-hosts
-      {{- end }}
-      {{- if .Values.configs.tlsCerts }}
-      - configMap:
-          name: argocd-tls-certs-cm
-        name: tls-certs
-      {{- end }}
-      {{- if .Values.repoServer.initContainers }}
-      initContainers:
-{{- toYaml .Values.repoServer.initContainers | nindent 6 }}
-      {{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-repo-server/hpa.yaml

@@ -1,33 +0,0 @@
-{{- if .Values.repoServer.autoscaling.enabled }}
-apiVersion: autoscaling/v2beta1
-kind: HorizontalPodAutoscaler
-metadata:
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}-hpa
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.repoServer.name }}
-  name: {{ template "argo-cd.repoServer.fullname" . }}-hpa
-spec:
-  scaleTargetRef:
-    apiVersion: apps/v1
-    kind: Deployment
-    name: {{ template "argo-cd.repoServer.fullname" . }}
-  minReplicas: {{ .Values.repoServer.autoscaling.minReplicas }}
-  maxReplicas: {{ .Values.repoServer.autoscaling.maxReplicas }}
-  metrics:
-{{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }}
-    - type: Resource
-      resource:
-        name: memory
-        targetAverageUtilization: {{ . }}
-{{- end }}
-{{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }}
-    - type: Resource
-      resource:
-        name: cpu
-        targetAverageUtilization: {{ . }}
-{{- end }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml

@@ -1,31 +0,0 @@
-{{- if .Values.repoServer.metrics.enabled}}
-apiVersion: v1
-kind: Service
-metadata:
-{{- if .Values.repoServer.metrics.service.annotations }}
-  annotations:
-  {{- range $key, $value := .Values.repoServer.metrics.service.annotations }}
-    {{ $key }}: {{ $value | quote }}
-  {{- end }}
-{{- end }}
-  labels:
-    app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.repoServer.name }}
-{{- if .Values.repoServer.metrics.service.labels }}
-{{- toYaml .Values.repoServer.metrics.service.labels | nindent 4 }}
-{{- end }}
-  name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
-spec:
-  ports:
-  - name: metrics
-    protocol: TCP
-    port: {{ .Values.repoServer.metrics.service.servicePort }}
-    targetPort: metrics
-  selector:
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml

@@ -1,18 +0,0 @@
-{{- if .Values.configs.repositoryCredentials }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: argocd-repository-credentials
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-type: Opaque
-data:
-{{- range $key, $value := .Values.configs.repositoryCredentials }}
-  {{ $key }}: {{ $value | b64enc }}
-{{- end }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-repo-server/role.yaml

@@ -1,17 +0,0 @@
-{{- if .Values.repoServer.serviceAccount.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: {{ template "argo-cd.repoServer.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.repoServer.name }}
-rules:
-{{- if .Values.repoServer.rbac }}
-{{toYaml .Values.repoServer.rbac }}
-{{- end }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml

@@ -1,21 +0,0 @@
-{{- if .Values.repoServer.serviceAccount.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: {{ template "argo-cd.repoServer.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.repoServer.name }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: {{ template "argo-cd.repoServer.fullname" . }}
-subjects:
-- kind: ServiceAccount
-  name: {{ template "argo-cd.repoServerServiceAccountName" . }}
-  namespace: {{ .Release.Namespace }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-repo-server/service.yaml

@@ -1,26 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-{{- if .Values.repoServer.service.annotations }}
-  annotations:
-  {{- range $key, $value := .Values.repoServer.service.annotations }}
-    {{ $key }}: {{ $value | quote }}
-  {{- end }}
-{{- end }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.repoServer.name }}
-  name: {{ template "argo-cd.repoServer.fullname" . }}
-spec:
-  ports:
-  - name: {{ .Values.repoServer.service.portName }}
-    protocol: TCP
-    port: {{ .Values.repoServer.service.port }}
-    targetPort: repo-server
-  selector:
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}

charts/kubezero/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml

@@ -1,19 +0,0 @@
-{{- if .Values.repoServer.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ template "argo-cd.repoServerServiceAccountName" . }}
-{{- if .Values.repoServer.serviceAccount.annotations }}
-  annotations:
-  {{- range $key, $value := .Values.repoServer.serviceAccount.annotations }}
-    {{ $key }}: {{ $value | quote }}
-  {{- end }}
-{{- end }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.repoServer.name }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml

@@ -1,36 +0,0 @@
-{{- if and .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
-  name: {{ template "argo-cd.repoServer.fullname" . }}
-  {{- if .Values.repoServer.metrics.serviceMonitor.namespace }}
-  namespace: {{ .Values.repoServer.metrics.serviceMonitor.namespace }}
-  {{- end }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.repoServer.name }}
-    {{- if .Values.repoServer.metrics.serviceMonitor.selector }}
-{{- toYaml .Values.repoServer.metrics.serviceMonitor.selector | nindent 4 }}
-    {{- end }}
-    {{- if .Values.repoServer.metrics.serviceMonitor.additionalLabels }}
-{{- toYaml .Values.repoServer.metrics.serviceMonitor.additionalLabels | nindent 4 }}
-    {{- end }}
-spec:
-  endpoints:
-    - port: metrics
-      interval: 30s
-      path: /metrics
-  namespaceSelector:
-    matchNames:
-      - {{ .Release.Namespace }}
-  selector:
-    matchLabels:
-      app.kubernetes.io/instance: {{ .Release.Name }}
-      app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
-      app.kubernetes.io/component: {{ .Values.repoServer.name }}
-{{- end }}
-

charts/kubezero/charts/argo-cd/templates/argocd-server/applications.yaml

@@ -1,42 +0,0 @@
-{{- if .Values.server.additionalApplications }}
-apiVersion: v1
-kind: List
-items:
-{{- range .Values.server.additionalApplications }}
-  - apiVersion: argoproj.io/v1alpha1
-    kind: Application
-    metadata:
-      {{- if .additionalAnnotations }}
-      annotations:
-      {{- range $key, $value := .additionalAnnotations }}
-        {{ $key }}: {{ $value | quote }}
-      {{- end }}
-      {{- end }}
-      {{- if .additionalLabels }}
-      labels:
-{{- toYaml .additionalLabels | nindent 8 }}
-      {{- end }}
-      name: {{ .name }}
-      {{- if .namespace }}
-      namespace: {{ .namespace }}
-      {{- end }}
-      {{- if .finalizers }}
-      finalizers:
-{{- toYaml .finalizers | nindent 8 }}
-      {{- end }}
-    spec:
-      project: {{ tpl .project $ }}
-      source:
-{{- toYaml .source | nindent 8 }}
-      destination:
-{{- toYaml .destination | nindent 8 }}
-      {{- if .syncPolicy }}
-      syncPolicy:
-{{- toYaml .syncPolicy | nindent 8 }}
-      {{- end }}
-      {{- if .ignoreDifferences }}
-      ignoreDifferences:
-{{- toYaml .ignoreDifferences | nindent 8 }}
-      {{- end }}
-{{- end }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-server/backendconfig.yaml

@@ -1,15 +0,0 @@
-{{- if .Values.server.GKEbackendConfig.enabled }}
-apiVersion: cloud.google.com/v1beta1
-kind: BackendConfig
-metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-spec:
-  {{- toYaml .Values.server.GKEbackendConfig.spec | nindent 2 }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-server/certificate.yaml

@@ -1,30 +0,0 @@
-{{- if .Values.server.certificate.enabled -}}
-{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }}
-apiVersion: cert-manager.io/v1alpha3
-{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" }}
-apiVersion: cert-manager.io/v1alpha2
-{{- else }}
-apiVersion: certmanager.k8s.io/v1alpha1
-{{- end }}
-kind: Certificate
-metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-spec:
-  commonName: {{ .Values.server.certificate.domain | quote }}
-  dnsNames:
-    - {{ .Values.server.certificate.domain | quote }}
-  {{- range .Values.server.certificate.additionalHosts }}
-    - {{ . | quote }}
-  {{- end }}
-  issuerRef:
-    kind: {{ .Values.server.certificate.issuer.kind | quote }}
-    name: {{ .Values.server.certificate.issuer.name | quote }}
-  secretName: argocd-secret
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-server/clusterrole.yaml

@@ -1,35 +0,0 @@
-{{- if .Values.server.clusterAdminAccess.enabled }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-rules:
-  - apiGroups:
-      - '*'
-    resources:
-      - '*'
-    verbs:
-      - delete
-      - get
-      - patch
-  - apiGroups:
-      - ""
-    resources:
-      - events
-    verbs:
-      - list
-  - apiGroups:
-      - ""
-    resources:
-      - pods
-      - pods/log
-    verbs:
-      - get
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml

@@ -1,21 +0,0 @@
-{{- if .Values.server.clusterAdminAccess.enabled }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: {{ template "argo-cd.server.fullname" . }}
-subjects:
-- kind: ServiceAccount
-  name: {{ template "argo-cd.serverServiceAccountName" . }}
-  namespace: {{ .Release.Namespace }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-server/deployment.yaml

@@ -1,153 +0,0 @@
-{{- $redisHa := (index .Values "redis-ha") -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-    app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.server.image.tag | quote }}
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-      app.kubernetes.io/instance: {{ .Release.Name }}
-  revisionHistoryLimit: 5
-  {{- if (ne .Values.server.autoscaling.enabled true) }}
-  replicas: {{ .Values.server.replicas }}
-  {{- end }}
-  template:
-    metadata:
-      {{- if .Values.server.podAnnotations }}
-      annotations:
-      {{- range $key, $value := .Values.server.podAnnotations }}
-        {{ $key }}: {{ $value | quote }}
-      {{- end }}
-      {{- end }}
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: argocd
-        app.kubernetes.io/component: {{ .Values.server.name }}
-        app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.server.image.tag | quote }}
-        {{- if .Values.server.podLabels }}
-{{- toYaml .Values.server.podLabels | nindent 8 }}
-        {{- end }}
-    spec:
-      {{- with .Values.global.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- if .Values.global.securityContext }}
-      securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
-      {{- end }}
-      containers:
-      - name: {{ .Values.server.name }}
-        image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default .Values.global.image.tag .Values.server.image.tag }}
-        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }}
-        command:
-        - argocd-server
-        - --staticassets
-        - /shared/app
-        - --repo-server
-        - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
-        {{- if .Values.dex.enabled }}
-        - --dex-server
-        - http://{{ template "argo-cd.dex.fullname" . }}:{{ .Values.dex.servicePortHttp }}
-        {{- end }}
-        - --loglevel
-        - {{ .Values.server.logLevel }}
-        {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }}
-        - --redis
-        - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }}
-        {{- end }}
-        {{- with .Values.server.extraArgs }}
-        {{- . | toYaml | nindent 8 }}
-        {{- end }}
-        {{- if .Values.server.containerSecurityContext }}
-        securityContext: {{- toYaml .Values.server.containerSecurityContext | nindent 10 }}
-        {{- end }}
-        {{- if .Values.server.env }}
-        env:
-{{- toYaml .Values.server.env | nindent 8 }}
-        {{- end }}
-        volumeMounts:
-        {{- if .Values.server.volumeMounts }}
-{{- toYaml .Values.server.volumeMounts | nindent 8}}
-        {{- end }}
-        {{- if .Values.configs.knownHosts }}
-        - mountPath: /app/config/ssh
-          name: ssh-known-hosts
-        {{- end }}
-        {{- if .Values.configs.tlsCerts }}
-        - mountPath: /app/config/tls
-          name: tls-certs
-        {{- end }}
-        ports:
-        - name: {{ .Values.server.name }}
-          containerPort: {{ .Values.server.containerPort }}
-          protocol: TCP
-        {{ if .Values.server.metrics.enabled }}
-        - name: metrics
-          containerPort: 8083
-          protocol: TCP
-        {{- end }}
-        livenessProbe:
-          httpGet:
-            path: /healthz
-            port: {{ .Values.server.containerPort }}
-          initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }}
-          periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }}
-          timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }}
-          successThreshold: {{ .Values.server.livenessProbe.successThreshold }}
-          failureThreshold: {{ .Values.server.livenessProbe.failureThreshold }}
-        readinessProbe:
-          httpGet:
-            path: /healthz
-            port: {{ .Values.server.containerPort }}
-          initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }}
-          periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }}
-          timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }}
-          successThreshold: {{ .Values.server.readinessProbe.successThreshold }}
-          failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }}
-        resources:
-{{- toYaml .Values.server.resources | nindent 10 }}
-    {{- if .Values.server.nodeSelector }}
-      nodeSelector:
-{{- toYaml .Values.server.nodeSelector | nindent 8 }}
-    {{- end }}
-    {{- if .Values.server.tolerations }}
-      tolerations:
-{{- toYaml .Values.server.tolerations | nindent 8 }}
-    {{- end }}
-    {{- if .Values.server.affinity }}
-      affinity:
-{{- toYaml .Values.server.affinity | nindent 8 }}
-    {{- end }}
-      serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }}
-{{- with .Values.global.hostAliases }}
-      hostAliases:
-{{ toYaml . | indent 6 }}
-{{- end }}
-      volumes:
-      {{- if .Values.server.volumes }}
-{{- toYaml .Values.server.volumes | nindent 6}}
-      {{- end }}
-      - emptyDir: {}
-        name: static-files
-      {{- if .Values.configs.knownHosts }}
-      - configMap:
-          name: argocd-ssh-known-hosts-cm
-        name: ssh-known-hosts
-      {{- end }}
-      {{- if .Values.configs.tlsCerts }}
-      - configMap:
-          name: argocd-tls-certs-cm
-        name: tls-certs
-      {{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-server/hpa.yaml

@@ -1,33 +0,0 @@
-{{- if .Values.server.autoscaling.enabled }}
-apiVersion: autoscaling/v2beta1
-kind: HorizontalPodAutoscaler
-metadata:
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-hpa
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-  name: {{ template "argo-cd.server.fullname" . }}-hpa
-spec:
-  scaleTargetRef:
-    apiVersion: apps/v1
-    kind: Deployment
-    name: {{ template "argo-cd.server.fullname" . }}
-  minReplicas: {{ .Values.server.autoscaling.minReplicas }}
-  maxReplicas: {{ .Values.server.autoscaling.maxReplicas }}
-  metrics:
-{{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }}
-    - type: Resource
-      resource:
-        name: memory
-        targetAverageUtilization: {{ . }}
-{{- end }}
-{{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }}
-    - type: Resource
-      resource:
-        name: cpu
-        targetAverageUtilization: {{ . }}
-{{- end }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-server/ingress.yaml

@@ -1,57 +0,0 @@
-{{- if .Values.server.ingress.enabled -}}
-{{- $serviceName := include "argo-cd.server.fullname" . -}}
-{{- $servicePort := .Values.server.service.servicePortHttp -}}
-{{- $paths := .Values.server.ingress.paths -}}
-{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
-apiVersion: networking.k8s.io/v1beta1
-{{ else }}
-apiVersion: extensions/v1beta1
-{{ end -}}
-kind: Ingress
-metadata:
-{{- if .Values.server.ingress.annotations }}
-  annotations:
-  {{- range $key, $value := .Values.server.ingress.annotations }}
-    {{ $key }}: {{ $value | quote }}
-  {{- end }}
-{{- end }}
-  name: {{ template "argo-cd.server.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-{{- if .Values.server.ingress.labels }}
-{{- toYaml .Values.server.ingress.labels | nindent 4 }}
-{{- end }}
-spec:
-  rules:
-  {{- if .Values.server.ingress.hosts }}
-  {{- range $host := .Values.server.ingress.hosts }}
-    - host: {{ $host }}
-      http:
-        paths:
-  {{- range $p := $paths }}
-          - path: {{ $p }}
-            backend:
-              serviceName: {{ $serviceName }}
-              servicePort: {{ $servicePort }}
-  {{- end -}}
-  {{- end -}}
-  {{- else }}
-    - http:
-        paths:
-  {{- range $p := $paths }}
-          - path: {{ $p }}
-            backend:
-              serviceName: {{ $serviceName }}
-              servicePort: {{ $servicePort }}
-  {{- end -}}
-  {{- end -}}
-  {{- if .Values.server.ingress.tls }}
-  tls:
-{{- toYaml .Values.server.ingress.tls | nindent 4 }}
-  {{- end -}}
-{{- end -}}

charts/kubezero/charts/argo-cd/templates/argocd-server/metrics-service.yaml

@@ -1,31 +0,0 @@
-{{- if .Values.server.metrics.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  {{- if .Values.server.metrics.service.annotations }}
-  annotations:
-  {{- range $key, $value := .Values.server.metrics.service.annotations }}
-    {{ $key }}: {{ $value | quote }}
-  {{- end }}
-{{- end }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-{{- if .Values.server.metrics.service.labels }}
-{{- toYaml .Values.server.metrics.service.labels | nindent 4 }}
-{{- end }}
-  name: {{ template "argo-cd.server.fullname" . }}-metrics
-spec:
-  ports:
-  - name: metrics
-    protocol: TCP
-    port: {{ .Values.server.metrics.service.servicePort }}
-    targetPort: metrics
-  selector:
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-server/projects.yaml

@@ -1,46 +0,0 @@
-{{- if .Values.server.additionalProjects }}
-apiVersion: v1
-kind: List
-items:
-{{- range .Values.server.additionalProjects }}
-  - apiVersion: argoproj.io/v1alpha1
-    kind: AppProject
-    metadata:
-      {{- if .additionalAnnotations }}
-      annotations:
-      {{- range $key, $value := .additionalAnnotations }}
-        {{ $key }}: {{ $value | quote }}
-      {{- end }}
-      {{- end }}
-      {{- if .additionalLabels }}
-      labels:
-{{- toYaml .additionalLabels | nindent 8 }}
-      {{- end }}
-      name: {{ .name }}
-      {{- if .namespace }}
-      namespace: {{ .namespace }}
-      {{- end }}
-    spec:
-      description: {{ .description }}
-      sourceRepos:
-{{- toYaml .sourceRepos | nindent 8 }}
-      destinations:
-{{- toYaml .destinations | nindent 8 }}
-      {{- if .clusterResourceWhitelist }}
-      clusterResourceWhitelist:
-{{- toYaml .clusterResourceWhitelist | nindent 8 }}
-      {{- end }}
-      {{- if .namespaceResourceBlacklist }}
-      namespaceResourceBlacklist:
-{{- toYaml .namespaceResourceBlacklist | nindent 8 }}
-      {{- end }}
-      {{- if .orphanedResources }}
-      orphanedResources:
-{{- toYaml .orphanedResources | nindent 8 }}
-      {{- end }}
-      {{- if .roles }}
-      roles:
-{{- toYaml .roles | nindent 8 }}
-      {{- end }}
-{{- end }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-server/role.yaml

@@ -1,45 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - secrets
-  - configmaps
-  verbs:
-  - create
-  - get
-  - list
-  - watch
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - argoproj.io
-  resources:
-  - applications
-  - appprojects
-  verbs:
-  - create
-  - get
-  - list
-  - watch
-  - update
-  - delete
-  - patch
-- apiGroups:
-  - ""
-  resources:
-  - events
-  verbs:
-  - create
-  - list

charts/kubezero/charts/argo-cd/templates/argocd-server/rolebinding.yaml

@@ -1,19 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: {{ template "argo-cd.server.fullname" . }}
-subjects:
-- kind: ServiceAccount
-  name: {{ template "argo-cd.serverServiceAccountName" . }}
-  namespace: {{ .Release.Namespace }}

charts/kubezero/charts/argo-cd/templates/argocd-server/route.yaml

@@ -1,31 +0,0 @@
-{{- if .Values.server.route.enabled -}}
-apiVersion: route.openshift.io/v1
-kind: Route
-metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-{{- with .Values.server.route.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-  host: {{ .Values.server.route.hostname | quote }}
-  to:
-    kind: Service
-    name: {{ template "argo-cd.server.fullname" . }}
-    weight: 100
-  port:
-    targetPort: https
-  tls:
-    termination: {{ .Values.server.route.termination_type | default "passthrough" }}
-    insecureEdgeTerminationPolicy: {{ .Values.server.route.termination_policy | default "None" }} 
-  wildcardPolicy: None
-status:
-  ingress: []
-{{- end }}

charts/kubezero/charts/argo-cd/templates/argocd-server/service.yaml

@@ -1,43 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-{{- if .Values.server.service.annotations }}
-  annotations:
-  {{- range $key, $value := .Values.server.service.annotations }}
-    {{ $key }}: {{ $value | quote }}
-  {{- end }}
-{{- end }}
-  name: {{ template "argo-cd.server.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-{{- if .Values.server.service.labels }}
-{{- toYaml .Values.server.service.labels | nindent 4 }}
-{{- end }}
-spec:
-  type: {{ .Values.server.service.type }}
-  ports:
-  - name: {{ .Values.server.service.servicePortHttpName }}
-    protocol: TCP
-    port: {{ .Values.server.service.servicePortHttp }}
-    targetPort: {{ .Values.server.name }}
-  - name: {{ .Values.server.service.servicePortHttpsName }}
-    protocol: TCP
-    port: {{ .Values.server.service.servicePortHttps }}
-    targetPort: {{ .Values.server.name }}
-  selector:
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-{{- if eq .Values.server.service.type "LoadBalancer" }}
-{{- if .Values.server.service.loadBalancerIP }}
-  loadBalancerIP: {{ .Values.server.service.loadBalancerIP | quote }}
-{{- end }}
-{{- if .Values.server.service.loadBalancerSourceRanges }}
-  loadBalancerSourceranges:
-{{ toYaml .Values.server.service.loadBalancerSourceRanges | indent 4 }}
-{{- end }}
-{{- end -}}

charts/kubezero/charts/argo-cd/templates/argocd-server/serviceaccount.yaml

@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ template "argo-cd.serverServiceAccountName" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}

charts/kubezero/charts/argo-cd/templates/argocd-server/servicemonitor.yaml

@@ -1,36 +0,0 @@
-{{- if and .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
-  {{- if .Values.server.metrics.serviceMonitor.namespace }}
-  namespace: {{ .Values.server.metrics.serviceMonitor.namespace }}
-  {{- end }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.server.name }}
-    {{- if .Values.server.metrics.serviceMonitor.selector }}
-{{- toYaml .Values.server.metrics.serviceMonitor.selector | nindent 4 }}
-    {{- end }}
-    {{- if .Values.server.metrics.serviceMonitor.additionalLabels }}
-{{- toYaml .Values.server.metrics.serviceMonitor.additionalLabels | nindent 4 }}
-    {{- end }}
-spec:
-  endpoints:
-    - port: metrics
-      interval: 30s
-      path: /metrics
-  namespaceSelector:
-    matchNames:
-      - {{ .Release.Namespace }}
-  selector:
-    matchLabels:
-      app.kubernetes.io/instance: {{ .Release.Name }}
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics
-      app.kubernetes.io/component: {{ .Values.server.name }}
-{{- end }}
-

charts/kubezero/charts/argo-cd/templates/crds.yaml

@@ -1,6 +0,0 @@
-{{- if .Values.installCRDs }}
-{{- range $path, $_ := .Files.Glob "crds/*.yaml" }}
-{{ $.Files.Get $path }}
----
-{{- end }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/dex/deployment.yaml

@@ -1,106 +0,0 @@
-{{- if .Values.dex.enabled }}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ template "argo-cd.dex.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.dex.name }}
-    app.kubernetes.io/version: {{ .Values.dex.image.tag }}
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
-      app.kubernetes.io/instance: {{ .Release.Name }}
-  template:
-    metadata:
-      {{- if .Values.dex.podAnnotations }}
-      annotations:
-      {{- range $key, $value := .Values.dex.podAnnotations }}
-        {{ $key }}: {{ $value | quote }}
-      {{- end }}
-      {{- end }}
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: argocd
-        app.kubernetes.io/component: {{ .Values.dex.name }}
-        app.kubernetes.io/version: {{ .Values.dex.image.tag }}
-        {{- if .Values.dex.podLabels }}
-{{- toYaml .Values.dex.podLabels | nindent 8 }}
-        {{- end }}
-    spec:
-      {{- with .Values.global.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- if .Values.global.securityContext }}
-      securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
-      {{- end }}
-      initContainers:
-      - name: copyutil
-        image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default .Values.global.image.tag .Values.dex.initImage.tag }}
-        imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }}
-        resources:
-{{- toYaml .Values.dex.resources | nindent 10 }}
-        {{- if .Values.dex.containerSecurityContext }}
-        securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
-        {{- end }}
-        command:
-        - cp
-        - /usr/local/bin/argocd-util
-        - /shared
-        volumeMounts:
-        - mountPath: /shared
-          name: static-files
-      containers:
-      - name: {{ .Values.dex.name }}
-        image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }}
-        imagePullPolicy: {{ .Values.dex.image.imagePullPolicy }}
-        command:
-        - /shared/argocd-util
-        - rundex
-        {{- if .Values.dex.containerSecurityContext }}
-        securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
-        {{- end }}
-        {{- if .Values.dex.env }}
-        env:
-{{- toYaml .Values.dex.env | nindent 8 }}
-        {{- end }}
-        ports:
-        - name: http
-          containerPort: {{ .Values.dex.containerPortHttp }}
-          protocol: TCP
-        - name: grpc
-          containerPort: {{ .Values.dex.containerPortGrpc }}
-          protocol: TCP
-{{- if .Values.dex.volumeMounts }}
-        volumeMounts:
-{{- toYaml .Values.dex.volumeMounts | nindent 10 }}
-{{- end }}
-        resources:
-{{- toYaml .Values.dex.resources | nindent 10 }}
-    {{- if .Values.dex.nodeSelector }}
-      nodeSelector:
-{{- toYaml .Values.dex.nodeSelector | nindent 8 }}
-    {{- end }}
-    {{- if .Values.dex.tolerations }}
-      tolerations:
-{{- toYaml .Values.dex.tolerations | nindent 8 }}
-    {{- end }}
-    {{- if .Values.dex.affinity }}
-      affinity:
-{{- toYaml .Values.dex.affinity | nindent 8 }}
-    {{- end }}
-      serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }}
-{{- if .Values.dex.volumes }}
-      volumes:
-{{- toYaml .Values.dex.volumes | nindent 8}}
-{{- end }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/dex/role.yaml

@@ -1,23 +0,0 @@
-{{- if .Values.dex.enabled }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: {{ template "argo-cd.dex.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.dex.name }}
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - secrets
-  - configmaps
-  verbs:
-  - get
-  - list
-  - watch
-{{- end }}

charts/kubezero/charts/argo-cd/templates/dex/rolebinding.yaml

@@ -1,21 +0,0 @@
-{{- if .Values.dex.enabled }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: {{ template "argo-cd.dex.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.dex.name }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: {{ template "argo-cd.dex.fullname" . }}
-subjects:
-- kind: ServiceAccount
-  name: {{ template "argo-cd.dexServiceAccountName" . }}
-  namespace: {{ .Release.Namespace }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/dex/service.yaml

@@ -1,26 +0,0 @@
-{{- if .Values.dex.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "argo-cd.dex.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.dex.name }}
-spec:
-  ports:
-  - name: http
-    protocol: TCP
-    port: {{ .Values.dex.servicePortHttp }}
-    targetPort: http
-  - name: grpc
-    protocol: TCP
-    port: {{ .Values.dex.servicePortGrpc }}
-    targetPort: grpc
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/dex/serviceaccount.yaml

@@ -1,13 +0,0 @@
-{{- if .Values.dex.enabled }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ template "argo-cd.dexServiceAccountName" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.dex.name }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/redis/deployment.yaml

@@ -1,88 +0,0 @@
-{{- $redisHa := (index .Values "redis-ha") -}}
-{{- if and .Values.redis.enabled (not $redisHa.enabled) -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ template "argo-cd.redis.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.redis.name }}
-    app.kubernetes.io/version: {{ .Values.redis.image.tag }}    
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
-  template:
-    metadata:
-      {{- if .Values.redis.podAnnotations }}
-      annotations:
-      {{- range $key, $value := .Values.redis.podAnnotations }}
-        {{ $key }}: {{ $value | quote }}
-      {{- end }}
-      {{- end }}
-      labels:
-        app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
-        helm.sh/chart: {{ include "argo-cd.chart" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/managed-by: {{ .Release.Service }}
-        app.kubernetes.io/part-of: argocd
-        app.kubernetes.io/component: {{ .Values.redis.name }}
-        app.kubernetes.io/version: {{ .Values.redis.image.tag }}
-        {{- if .Values.redis.podLabels }}
-{{- toYaml .Values.redis.podLabels | nindent 8 }}
-        {{- end }}
-    spec:
-      {{- with .Values.global.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      automountServiceAccountToken: false
-      {{- if .Values.global.securityContext }}
-      securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }}
-      {{- end }}
-      containers:
-      - name: {{ template "argo-cd.redis.fullname" . }}
-        args:
-        - --save
-        - ""
-        - --appendonly
-        - "no"
-        image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}
-        imagePullPolicy: {{ .Values.redis.image.imagePullPolicy}}
-        {{- if .Values.redis.containerSecurityContext }}
-        securityContext: {{- toYaml .Values.redis.containerSecurityContext | nindent 10 }}
-        {{- end }}          
-        {{- if .Values.redis.env }}
-        env:
-{{- toYaml .Values.redis.env | nindent 8 }}
-        {{- end }}
-        ports:
-        - containerPort: {{ .Values.redis.containerPort }}
-{{- if .Values.redis.volumeMounts }}
-
-        volumeMounts:
-{{- toYaml .Values.redis.volumeMounts | nindent 10 }}
-{{- end }}
-        resources:
-{{- toYaml .Values.redis.resources | nindent 10 }}
-    {{- if .Values.redis.nodeSelector }}
-      nodeSelector:
-{{- toYaml .Values.redis.nodeSelector | nindent 8 }}
-    {{- end }}
-    {{- if .Values.redis.tolerations }}
-      tolerations:
-{{- toYaml .Values.redis.tolerations | nindent 8 }}
-    {{- end }}
-    {{- if .Values.redis.affinity }}
-      affinity:
-{{- toYaml .Values.redis.affinity | nindent 8 }}
-    {{- end }}
-{{- if .Values.redis.volumes }}
-      volumes:
-{{- toYaml .Values.redis.volumes | nindent 8}}
-{{- end }}
-{{- end }}

charts/kubezero/charts/argo-cd/templates/redis/service.yaml

@@ -1,20 +0,0 @@
-{{- $redisHa := (index .Values "redis-ha") -}}
-{{- if and .Values.redis.enabled (not $redisHa.enabled) -}}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "argo-cd.redis.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
-    helm.sh/chart: {{ include "argo-cd.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-    app.kubernetes.io/part-of: argocd
-    app.kubernetes.io/component: {{ .Values.redis.name }}
-spec:
-  ports:
-  - port: {{ .Values.redis.servicePort }}
-    targetPort: {{ .Values.redis.servicePort }}
-  selector:
-    app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }}
-{{- end }}

charts/kubezero/charts/argo-cd/values.yaml

@@ -1,830 +0,0 @@
-## ArgoCD configuration
-## Ref: https://github.com/argoproj/argo-cd
-##
-nameOverride: argocd
-fullnameOverride: ""
-
-# Optional CRD installation for those without Helm hooks
-installCRDs: true
-
-global:
-  image:
-    repository: argoproj/argocd
-    tag: v1.5.2
-    imagePullPolicy: IfNotPresent
-  securityContext: {}
-  #  runAsUser: 999
-  #  runAsGroup: 999
-  #  fsGroup: 999
-  imagePullSecrets: []
-  hostAliases: []
-  # - ip: 10.20.30.40
-  #   hostnames:
-  #   - git.myhostname
-
-## Controller
-controller:
-  name: application-controller
-
-  image:
-    repository: # argoproj/argocd
-    tag: # v1.5.2
-    imagePullPolicy: # IfNotPresent
-
-  ## Argo controller commandline flags
-  args:
-    statusProcessors: "20"
-    operationProcessors: "10"
-
-  ## Argo controller log level
-  logLevel: info
-
-  ## Additional command line arguments to pass to argocd-controller
-  ##
-  extraArgs: []
-
-  ## Environment variables to pass to argocd-controller
-  ##
-  env: []
-
-  ## Annotations to be added to controller pods
-  ##
-  podAnnotations: {}
-
-  ## Labels to be added to controller pods
-  ##
-  podLabels: {}
-
-  ## Labels to set container specific security contexts
-  containerSecurityContext: {}
-    # capabilities:
-    #   drop:
-    #     - all
-
-  ## Configures the controller port
-  containerPort: 8082
-
-  ## Readiness and liveness probes for default backend
-  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
-  ##
-  readinessProbe:
-    failureThreshold: 3
-    initialDelaySeconds: 10
-    periodSeconds: 10
-    successThreshold: 1
-    timeoutSeconds: 1
-  livenessProbe:
-    failureThreshold: 3
-    initialDelaySeconds: 10
-    periodSeconds: 10
-    successThreshold: 1
-    timeoutSeconds: 1
-
-  ## Additional volumeMounts to the controller main container.
-  volumeMounts: []
-
-  ## Additional volumes to the controller pod.
-  volumes: []
-
-  ## Controller service configuration
-  service:
-    annotations: {}
-    labels: {}
-    port: 8082
-    portName: https-controller
-
-  ## Node selectors and tolerations for server scheduling to nodes with taints
-  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
-  ##
-  nodeSelector: {}
-  tolerations: []
-  affinity: {}
-
-  priorityClassName: ""
-
-  resources: {}
-  #  limits:
-  #    cpu: 500m
-  #    memory: 512Mi
-  #  requests:
-  #    cpu: 250m
-  #    memory: 256Mi
-
-  serviceAccount:
-    create: true
-    name: argocd-application-controller
-
-  ## Server metrics controller configuration
-  metrics:
-    enabled: false
-    service:
-      annotations: {}
-      labels: {}
-      servicePort: 8082
-    serviceMonitor:
-      enabled: false
-    #   selector:
-    #     prometheus: kube-prometheus
-    #   namespace: monitoring
-    #   additionalLabels: {}
-    rules:
-      enabled: false
-      spec: []
-      # - alert: ArgoAppMissing
-      #   expr: |
-      #     absent(argocd_app_info)
-      #   for: 15m
-      #   labels:
-      #     severity: critical
-      #   annotations:
-      #     summary: "[ArgoCD] No reported applications"
-      #     description: >
-      #       ArgoCD has not reported any applications data for the past 15 minutes which
-      #       means that it must be down or not functioning properly.  This needs to be
-      #       resolved for this cloud to continue to maintain state.
-      # - alert: ArgoAppNotSynced
-      #   expr: |
-      #     argocd_app_sync_status{sync_status!="Synced"} == 1
-      #   for: 12h
-      #   labels:
-      #     severity: warning
-      #   annotations:
-      #     summary: "[{{`{{$labels.name}}`}}] Application not synchronized"
-      #     description: >
-      #       The application [{{`{{$labels.name}}`}} has not been synchronized for over
-      #       12 hours which means that the state of this cloud has drifted away from the
-      #       state inside Git.
-    #   selector:
-    #     prometheus: kube-prometheus
-    #   namespace: monitoring
-    #   additionalLabels: {}
-
-  ## Enable Admin ClusterRole resources.
-  ## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster.
-  clusterAdminAccess:
-    enabled: true
-
-## Dex
-dex:
-  enabled: true
-  name: dex-server
-
-  image:
-    repository: quay.io/dexidp/dex
-    tag: v2.22.0
-    imagePullPolicy: IfNotPresent
-  initImage:
-    repository:
-    tag:
-    imagePullPolicy:
-
-  ## Environment variables to pass to the Dex server
-  ##
-  env: []
-
-  ## Annotations to be added to the Dex server pods
-  ##
-  podAnnotations: {}
-
-  ## Labels to be added to the Dex server pods
-  ##
-  podLabels: {}
-
-  serviceAccount:
-    create: true
-    name: argocd-dex-server
-
-  ## Additional volumeMounts to the controller main container.
-  volumeMounts:
-    - name: static-files
-      mountPath: /shared
-
-  ## Additional volumes to the controller pod.
-  volumes:
-    - name: static-files
-      emptyDir: {}
-
-  ## Dex deployment container ports
-  containerPortHttp: 5556
-  servicePortHttp: 5556
-  containerPortGrpc: 5557
-  servicePortGrpc: 5557
-
-  ## Node selectors and tolerations for server scheduling to nodes with taints
-  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
-  ##
-  nodeSelector: {}
-  tolerations: []
-  affinity: {}
-
-  priorityClassName: ""
-
-  ## Labels to set container specific security contexts
-  containerSecurityContext: {}
-    # capabilities:
-    #   drop:
-    #     - all
-
-
-  resources: {}
-  #  limits:
-  #    cpu: 50m
-  #    memory: 64Mi
-  #  requests:
-  #    cpu: 10m
-  #    memory: 32Mi
-
-## Redis
-redis:
-  enabled: true
-  name: redis
-
-  image:
-    repository: redis
-    tag: 5.0.3
-    imagePullPolicy: IfNotPresent
-
-  containerPort: 6379
-  servicePort: 6379
-
-  ## Environment variables to pass to the Redis server
-  ##
-  env: []
-
-  ## Annotations to be added to the Redis server pods
-  ##
-  podAnnotations: {}
-
-  ## Labels to be added to the Redis server pods
-  ##
-  podLabels: {}
-
-  ## Node selectors and tolerations for server scheduling to nodes with taints
-  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
-  ##
-  nodeSelector: {}
-  tolerations: []
-  affinity: {}
-
-  priorityClassName: ""
-
-  ## Labels to set container specific security contexts
-  containerSecurityContext: {}
-    # capabilities:
-    #   drop:
-    #     - all
-
-
-  resources: {}
-  #  limits:
-  #    cpu: 200m
-  #    memory: 128Mi
-  #  requests:
-  #    cpu: 100m
-  #    memory: 64Mi
-
-  volumeMounts: []
-  volumes: []
-
-# This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true)
-# the custom redis deployment is omitted
-redis-ha:
-  enabled: false
-  # Check the redis-ha chart for more properties
-  exporter:
-    enabled: true
-  persistentVolume:
-    enabled: false
-  redis:
-    masterGroupName: argocd
-    config:
-      save: "\"\""
-  haproxy:
-    enabled: true
-    metrics:
-      enabled: true
-
-## Server
-server:
-  name: server
-
-  replicas: 1
-
-  autoscaling:
-    enabled: false
-    minReplicas: 1
-    maxReplicas: 5
-    targetCPUUtilizationPercentage: 50
-    targetMemoryUtilizationPercentage: 50
-
-  image:
-    repository: # argoproj/argocd
-    tag: # v1.5.2
-    imagePullPolicy: # IfNotPresent
-
-  ## Additional command line arguments to pass to argocd-server
-  ##
-  extraArgs: []
-  #  - --insecure
-
-  ## Environment variables to pass to argocd-server
-  ##
-  env: []
-
-  ## Argo server log level
-  logLevel: info
-
-  ## Annotations to be added to controller pods
-  ##
-  podAnnotations: {}
-
-  ## Labels to be added to controller pods
-  ##
-  podLabels: {}
-
-  ## Configures the server port
-  containerPort: 8080
-
-  ## Readiness and liveness probes for default backend
-  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
-  ##
-  readinessProbe:
-    failureThreshold: 3
-    initialDelaySeconds: 10
-    periodSeconds: 10
-    successThreshold: 1
-    timeoutSeconds: 1
-  livenessProbe:
-    failureThreshold: 3
-    initialDelaySeconds: 10
-    periodSeconds: 10
-    successThreshold: 1
-    timeoutSeconds: 1
-
-  ## Additional volumeMounts to the server main container.
-  volumeMounts: []
-
-  ## Additional volumes to the controller pod.
-  volumes: []
-
-  ## Node selectors and tolerations for server scheduling to nodes with taints
-  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
-  ##
-  nodeSelector: {}
-  tolerations: []
-  affinity: {}
-
-  priorityClassName: ""
-
-  ## Labels to set container specific security contexts
-  containerSecurityContext: {}
-    # capabilities:
-    #   drop:
-    #     - all
-
-  resources: {}
-  #  limits:
-  #    cpu: 100m
-  #    memory: 128Mi
-  #  requests:
-  #    cpu: 50m
-  #    memory: 64Mi
-
-  ## Certificate configuration
-  certificate:
-    enabled: false
-    domain: argocd.example.com
-    issuer: {}
-    additionalHosts: []
-
-  ## Server service configuration
-  service:
-    annotations: {}
-    labels: {}
-    type: ClusterIP
-    servicePortHttp: 80
-    servicePortHttps: 443
-    servicePortHttpName: http
-    servicePortHttpsName: https
-    loadBalancerIP: ""
-    loadBalancerSourceRanges: []
-
-  ## Server metrics service configuration
-  metrics:
-    enabled: false
-    service:
-      annotations: {}
-      labels: {}
-      servicePort: 8083
-    serviceMonitor:
-      enabled: false
-    #   selector:
-    #     prometheus: kube-prometheus
-    #   namespace: monitoring
-    #   additionalLabels: {}
-
-  serviceAccount:
-    create: true
-    name: argocd-server
-
-  ingress:
-    enabled: false
-    annotations: {}
-    labels: {}
-
-    ## Argo Ingress.
-    ## Hostnames must be provided if Ingress is enabled.
-    ## Secrets must be manually created in the namespace
-    ##
-    hosts:
-      []
-      # - argocd.example.com
-    paths:
-      - /
-    tls:
-      []
-      # - secretName: argocd-example-tls
-      #   hosts:
-      #     - argocd.example.com
-
-  # Create a OpenShift Route with SSL passthrough for UI and CLI
-  # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain
-  # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain:
-  # If 'hostname' is an empty string "" OpenShift will create a hostname for you.
-  route:
-    enabled: false
-    hostname: ""
-
-  ## ArgoCD config
-  ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml
-  config:
-    # Argo CD's externally facing base URL (optional). Required when configuring SSO
-    url: https://argocd.example.com
-    # Argo CD instance label key
-    application.instanceLabelKey: argocd.argoproj.io/instance
-    # repositories: |
-    #   - url: git@github.com:group/repo.git
-    #     sshPrivateKeySecret:
-    #       name: secret-name
-    #       key: sshPrivateKey
-    #   - type: helm
-    #     url: https://kubernetes-charts.storage.googleapis.com
-    #     name: stable
-    #   - type: helm
-    #     url: https://argoproj.github.io/argo-helm
-    #     name: argo
-    # oidc.config: |
-    #   name: AzureAD
-    #   issuer: https://login.microsoftonline.com/TENANT_ID/v2.0
-    #   clientID: CLIENT_ID
-    #   clientSecret: $oidc.azuread.clientSecret
-    #   requestedIDTokenClaims:
-    #     groups:
-    #       essential: true
-    #   requestedScopes:
-    #     - openid
-    #     - profile
-    #     - email
-
-  ## ArgoCD rbac config
-  ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md
-  rbacConfig:
-    {}
-    # policy.csv is an file containing user-defined RBAC policies and role definitions (optional).
-    # Policy rules are in the form:
-    #   p, subject, resource, action, object, effect
-    # Role definitions and bindings are in the form:
-    #   g, subject, inherited-subject
-    # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information.
-    # policy.csv: |
-    #   # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project'
-    #   p, my-org:team-alpha, applications, sync, my-project/*, allow
-    #   # Grant all members of 'my-org:team-beta' admins
-    #   g, my-org:team-beta, role:admin
-    # policy.default is the name of the default role which Argo CD will falls back to, when
-    # authorizing API requests (optional). If omitted or empty, users may be still be able to login,
-    # but will see no apps, projects, etc...
-    # policy.default: role:readonly
-    # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope).
-    # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings.
-    # scopes: '[cognito:groups, email]'
-
-  ## Not well tested and not well supported on release v1.0.0.
-  ## Applications
-  ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/
-  additionalApplications: []
-  # - name: guestbook
-  #   namespace: argocd
-  #   additionalLabels: {}
-  #   additionalAnnotations: {}
-  #   project: guestbook
-  #   source:
-  #     repoURL: https://github.com/argoproj/argocd-example-apps.git
-  #     targetRevision: HEAD
-  #     path: guestbook
-  #     directory:
-  #       recurse: true
-  #  destination:
-  #     server: https://kubernetes.default.svc
-  #     namespace: guestbook
-  #  syncPolicy:
-  #    automated:
-  #      prune: false
-  #      selfHeal: false
-
-  ## Projects
-  ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/
-  additionalProjects: []
-  # - name: guestbook
-  #   namespace: argocd
-  #   additionalLabels: {}
-  #   additionalAnnotations: {}
-  #   description: Example Project
-  #   sourceRepos:
-  #   - '*'
-  #   destinations:
-  #   - namespace: guestbook
-  #     server: https://kubernetes.default.svc
-  #   clusterResourceWhitelist: []
-  #   namespaceResourceBlacklist:
-  #   - group: ''
-  #     kind: ResourceQuota
-  #   - group: ''
-  #     kind: LimitRange
-  #   - group: ''
-  #     kind: NetworkPolicy
-  #     orphanedResources: {}
-  #     roles: []
-  #   orphanedResources: {}
-  #   roles: []
-
-  ## Enable Admin ClusterRole resources.
-  ## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster.
-  clusterAdminAccess:
-    enabled: true
-
-  ## Enable BackendConfig custom resource for Google Kubernetes Engine
-  GKEbackendConfig:
-    enabled: false
-    spec: {}
-  #  spec:
-  #    iap:
-  #      enabled: true
-  #      oauthclientCredentials:
-  #        secretName: argocd-secret
-
-## Repo Server
-repoServer:
-  name: repo-server
-
-  replicas: 1
-
-  autoscaling:
-    enabled: false
-    minReplicas: 1
-    maxReplicas: 5
-    targetCPUUtilizationPercentage: 50
-    targetMemoryUtilizationPercentage: 50
-
-  image:
-    repository: # argoproj/argocd
-    tag: # v1.5.2
-    imagePullPolicy: # IfNotPresent
-
-  ## Additional command line arguments to pass to argocd-repo-server
-  ##
-  extraArgs: []
-
-  ## Environment variables to pass to argocd-repo-server
-  ##
-  env: []
-
-  ## Argo repoServer log level
-  logLevel: info
-
-  ## Annotations to be added to repo server pods
-  ##
-  podAnnotations: {}
-
-  ## Labels to be added to repo server pods
-  ##
-  podLabels: {}
-
-  ## Configures the repo server port
-  containerPort: 8081
-
-  ## Readiness and liveness probes for default backend
-  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
-  ##
-  readinessProbe:
-    failureThreshold: 3
-    initialDelaySeconds: 10
-    periodSeconds: 10
-    successThreshold: 1
-    timeoutSeconds: 1
-  livenessProbe:
-    failureThreshold: 3
-    initialDelaySeconds: 10
-    periodSeconds: 10
-    successThreshold: 1
-    timeoutSeconds: 1
-
-  ## Additional volumeMounts to the repo server main container.
-  volumeMounts: []
-
-  ## Additional volumes to the repo server pod.
-  volumes: []
-
-  ## Node selectors and tolerations for server scheduling to nodes with taints
-  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
-  ##
-  nodeSelector: {}
-  tolerations: []
-  affinity: {}
-
-  priorityClassName: ""
-
-  ## Labels to set container specific security contexts
-  containerSecurityContext: {}
-    # capabilities:
-    #   drop:
-    #     - all
-
-  resources: {}
-  #  limits:
-  #    cpu: 50m
-  #    memory: 128Mi
-  #  requests:
-  #    cpu: 10m
-  #    memory: 64Mi
-
-  ## Repo server service configuration
-  service:
-    annotations: {}
-    labels: {}
-    port: 8081
-    portName: https-repo-server
-
-  ## Repo server metrics service configuration
-  metrics:
-    enabled: false
-    service:
-      annotations: {}
-      labels: {}
-      servicePort: 8084
-    serviceMonitor:
-      enabled: false
-    #   selector:
-    #     prometheus: kube-prometheus
-    #   namespace: monitoring
-    #   additionalLabels: {}
-
-  ## Repo server service account
-  ## If create is set to true, make sure to uncomment the name and update the rbac section below
-  serviceAccount:
-    create: false
-    #  name: argocd-repo-server
-    ## Annotations applied to created service account
-    annotations: {}
-
-  ## Repo server rbac rules
-  # rbac:
-  #   - apiGroups:
-  #     - argoproj.io
-  #     resources:
-  #     - applications
-  #     verbs:
-  #     - get
-  #     - list
-  #     - watch
-
-  ## Use init containers to configure custom tooling
-  ## https://argoproj.github.io/argo-cd/operator-manual/custom_tools/
-  ## When using the volumes & volumeMounts section bellow, please comment out those above.
- #  volumes:
- #  - name: custom-tools
- #    emptyDir: {}
- #
- #  initContainers:
- #  - name: download-tools
- #    image: alpine:3.8
- #    command: [sh, -c]
- #    args:
- #      - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - &&
- #        mv linux-amd64/helm /custom-tools/
- #    volumeMounts:
- #      - mountPath: /custom-tools
- #        name: custom-tools
- #  volumeMounts:
- #  - mountPath: /usr/local/bin/helm
- #    name: custom-tools
- #    subPath: helm
-
-## Argo Configs
-configs:
-  knownHosts:
-    data:
-      ssh_known_hosts: |
-        bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
-        github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
-        gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=
-        gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf
-        gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9
-        ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
-        vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
-  tlsCerts:
-    {}
-    # data:
-    #   argocd.example.com: |
-    #     -----BEGIN CERTIFICATE-----
-    #     MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL
-    #     BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE
-    #     BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0
-    #     c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda
-    #     Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT
-    #     YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES
-    #     MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi
-    #     MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5
-    #     NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc
-    #     CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u
-    #     P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G
-    #     ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+
-    #     YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E
-    #     Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko
-    #     Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J
-    #     kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u
-    #     kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO
-    #     gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7
-    #     bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86
-    #     r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/
-    #     BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn
-    #     Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx
-    #     CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2
-    #     XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT
-    #     +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr
-    #     d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO
-    #     OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so
-    #     6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr
-    #     jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8
-    #     9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W
-    #     +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK
-    #     XWyb96wrUlv+E8I=
-    #     -----END CERTIFICATE-----
-  # Creates a secret with optional repository credentials
-  repositoryCredentials:
-    {}
-    # sample-ssh-key: |
-    # -----BEGIN RSA PRIVATE KEY-----
-    # MIICXAIBAAKBgQCcmiVJXGUvL8zqWmRRETbCKgFadtjJ9WDQpSwiZzMiktpYBo0N
-    # z0cThzGQfWqvdiJYEy72MrKCaSYssV3eHP5zTffk4VBDktNfdl1kgkOpqnh7tQO4
-    # nBONRLzcK6KEbKUsmiTbW8Jb4UFYDhyyyveby7y3vYePmaRQIrlEenVfKwIDAQAB
-    # AoGAbbg+WZjnt9jYzHWKhZX29LDzg8ty9oT6URT4yB3gIOAdJMFqQHuyg8cb/e0x
-    # O0AcrfK623oHwgEj4vpeFwnfaBdtM5GfH9zaj6pnXV7VZc3oBHrBnHUgFT3NEYUe
-    # tt6rtatIguBH61Aj/pyij9sOfF0xDj0s1nwFTbdHtZR/31kCQQDIwcVTqhKkDNW6
-    # cvdz+Wt3v9x1wNg+VhZhyA/pKILz3+qtn3GogLrQqhpVi+Y7tdvEv9FvgKaCjUp8
-    # 6Lfp6dDFAkEAx7HpQbXFdrtcveOi9kosKRDX1PT4zdhB08jAXGlV8jr0jkrZazVM
-    # hV5rVCuu35Vh6x1fiyGwwiVsqhgWE+KPLwJAWrDemasM/LsnmjDxhJy6ZcBwsWlK
-    # xu5Q8h9UwLmiXtVayNBsofh1bGpLtzWZ7oN7ImidDkgJ8JQvgDoJS0xrGQJBALPJ
-    # FkMFnrjtqGqBVkc8shNqyZY90v6oM2OzupO4dht2PpUZCDPAMZtlTWXjSjabbCPc
-    # NxexBk1UmkdtFftjHxsCQGjG+nhRYH92MsmrbvZyFzgxg9SIOu6xel7D3Dq9l5Le
-    # XG+bpHPF4SiCpAxthP5WNa17zuvk+CDsMZgZNuhYNMo=
-    # -----END RSA PRIVATE KEY-----
-  secret:
-    createSecret: true
-    ## Annotations to be added to argocd-secret
-    ##
-    annotations: {}
-
-    # Webhook Configs
-    githubSecret: ""
-    gitlabSecret: ""
-    bitbucketServerSecret: ""
-    bitbucketUUID: ""
-    gogsSecret: ""
-
-    # Custom secrets. Useful for injecting SSO secrets into environment variables.
-    # Ref: https://argoproj.github.io/argo-cd/operator-manual/sso/
-    # Note that all values must be non-empty.
-    extra: {}
-      # LDAP_PASSWORD: "mypassword"
-
-  # Argo TLS Data.
-    argocdServerTlsConfig:
-      {}
-      # key:
-      # crt: |
-      #   -----BEGIN CERTIFICATE-----
-      #   <cert data>
-      #   -----END CERTIFICATE-----
-      #   -----BEGIN CERTIFICATE-----
-      #   <ca cert data>
-      #   -----END CERTIFICATE-----
-
-    # Argo expects the password in the secret to be bcrypt hashed. You can create this hash with
-    # `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'`
-    # argocdServerAdminPassword:
-    # Password modification time defaults to current time if not set
-    # argocdServerAdminPasswordMtime: "2006-01-02T15:04:05Z"
-
-openshift:
-  enabled: false

charts/kubezero/templates/app.yaml

@@ -1,11 +1,10 @@
-{{- if .Values.bootstrap }}
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
   name: kubezero
   namespace: argocd
   labels:
-    app.kubernetes.io/name: {{ .Chart.Name }}-argocd-application
+    app.kubernetes.io/name: kubezero
     helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
     app.kubernetes.io/instance: {{ .Release.Name }}
     app.kubernetes.io/managed-by: {{ .Release.Service }}
@@ -14,12 +13,12 @@ spec:
   source:
     repoURL: https://github.com/Zero-Down-Time/kubezero
     targetRevision: HEAD
-    path: charts/kubezero-app
+    path: charts/kubezeroApp
 
     {{- if .Values.config }}
     helm:
       values: |
-{{- toYaml .Values.config | nindent 8 }}
+{{- toYaml .Values.kubezero | nindent 8 }}
     {{- end }}
 
   destination:
@@ -29,4 +28,3 @@ spec:
     automated:
       prune: true
       selfHeal: false
-{{- end }}

charts/kubezero/templates/project.yaml

@@ -1,4 +1,3 @@
-{{- if .Values.bootstrap }}
 apiVersion: argoproj.io/v1alpha1
 kind: AppProject
 metadata:
@@ -28,4 +27,3 @@ spec:
   clusterResourceWhitelist:
   - group: '*'
     kind: '*'
-{{- end }}

charts/kubezero/values.yaml

@@ -1,8 +1,5 @@
-# bootstrap -- Wether to install the root-app `kubezero-app`
-bootstrap: true
-
-# config -- Kubezero configuration to be passed into kubezero-app
-config: {}
+# kubezero -- Kubezero configuration, values.yaml please see kubezeroApp
+kubezero: {}
 
 argo-cd:
   installCRDs: false

charts/kubezeroApp/Chart.yaml

@@ -1,8 +1,8 @@
 apiVersion: v2
-name: kubezero-app
+name: kubezeroApp
 description: KubeZero ArgoCD Application - Root chart of the KubeZero
 type: application
-version: 0.1.3
+version: 0.1.4
 home: https://kubezero.com
 keywords:
   - kubezero

charts/kubezeroApp/README.md

@@ -1,8 +1,8 @@
-kubezero-app
-============
+kubezeroApp
+===========
 KubeZero ArgoCD Application - Root chart of the KubeZero
 
-Current chart version is `0.1.3`
+Current chart version is `0.1.4`
 
 Source code can be found [here](https://kubezero.com)
 

charts/kubezeroApp/templates/_apps_common.yaml

@@ -0,0 +1,27 @@
+{{- define "kubezero.app" }}
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: {{ .name }}
+  namespace: argocd
+  labels:
+    app.kubernetes.io/name: {{ .name }}
+    helm.sh/chart: {{ .root.Chart.Name }}-{{ .root.Chart.Version | replace "+" "_" }}
+    app.kubernetes.io/managed-by: {{ .root.Release.Service }}
+    app.kubernetes.io/part-of: kubezero
+spec:
+  project: kubezero
+
+  source:
+    repoURL: {{ default .root.Values.defaultSource.repoURL }}
+    targetRevision: {{ default .root.Values.defaultSource.targetRevision }}
+    {{- if eq .type "helm" }}
+    path: {{ default .root.Values.defaultSource.pathPrefix }}charts/{{ .name }}
+    {{- else }}
+    path: {{ default .root.Values.defaultSource.pathPrefix }}artifacts/{{ .name }}
+    {{- end }}
+
+  destination:
+    server: {{ default .root.Values.defaultDestination.server }}
+    namespace: kube-system
+{{- end }}

charts/kubezeroApp/templates/calico.yaml

@@ -0,0 +1,3 @@
+{{- if .Values.calico.enabled }}
+{{ template "kubezero.app" dict "root" . "name" "calico" "type" "kustomize" }}
+{{- end }}

charts/kubezeroApp/templates/cert-manager.yaml

@@ -0,0 +1,10 @@
+{{- if .Values.certManager.enabled }}
+{{ template "kubezero.app" dict "root" . "name" "kubezeroCertManager" "type" "helm" }}
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: cert-manager
+  annotations:
+    iam.amazonaws.com/permitted: ".*CertManagerRole.*"
+{{- end }}

charts/kubezeroApp/templates/local-volume-provisioner.yaml

@@ -0,0 +1,3 @@
+{{- if .Values.localVolumeProvisioner.enabled }}
+{{ template "kubezero.app" dict "root" . "name" "localVolumeProvisioner" "type" "kustomize" }}
+{{- end }}

charts/kubezeroCertManager/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/kubezeroCertManager/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: cert-manager
+  repository: https://charts.jetstack.io
+  version: v0.14.3
+digest: sha256:b99f220fe708253be29daba252bac3a4c4ae7bfe70f9a518fabe9a6e306d8a84
+generated: "2020-05-04T16:55:09.668227657+01:00"

charts/kubezeroCertManager/Chart.yaml

@@ -0,0 +1,15 @@
+apiVersion: v2
+name: kubezeroCertManager
+description: KubeZero Umbrella Chart for cert-manager
+type: application
+version: 0.1.0
+home: https://kubezero.com
+keywords:
+  - kubezero
+  - cert-manager
+maintainers:
+  - name: Quarky9
+dependencies:
+  - name: cert-manager
+    version: 0.14.3
+    repository: https://charts.jetstack.io

charts/kubezeroCertManager/update_crds.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+curl -Lso crds/cert-manager-crds.yaml https://github.com/jetstack/cert-manager/releases/download/v0.14.3/cert-manager.crds.yaml

charts/kubezeroCertManager/values.yaml

@@ -0,0 +1,28 @@
+cert-manager:
+  tolerations:
+  - key: node-role.kubernetes.io/master
+    effect: NoSchedule
+  nodeSelector:
+    node-role.kubernetes.io/master: ""
+  ingressShim:
+    defaultIssuerName: letsencrypt-dns-prod
+    defaultIssuerKind: ClusterIssuer
+  webhook:
+    tolerations:
+    - key: node-role.kubernetes.io/master
+      effect: NoSchedule
+    nodeSelector:
+      node-role.kubernetes.io/master: ""
+  cainjector:
+    tolerations:
+    - key: node-role.kubernetes.io/master
+      effect: NoSchedule
+    nodeSelector:
+      node-role.kubernetes.io/master: ""
+  extraArgs:
+    - "--dns01-recursive-nameservers-only"
+  prometheus:
+    servicemonitor:
+      enabled: false
+  #podAnnotations:
+  #  iam.amazonaws.com/role: "INSERT_CLOUDFORMATION_OUTPUT_CertManagerRoleArn"