├── charts ├── argo-ci │ ├── templates │ │ ├── NOTES.txt │ │ ├── ci-service.yaml │ │ ├── _helpers.tpl │ │ └── ci-deployment.yaml │ ├── README.md │ ├── requirements.yaml │ ├── requirements.lock │ ├── Chart.yaml │ ├── values.yaml │ └── .helmignore ├── argo-cd │ ├── .helmignore │ ├── charts │ │ └── redis-ha │ │ │ ├── OWNERS │ │ │ ├── ci │ │ │ └── haproxy-enabled-values.yaml │ │ │ ├── templates │ │ │ ├── redis-ha-exporter-script-configmap.yaml │ │ │ ├── redis-auth-secret.yaml │ │ │ ├── redis-ha-serviceaccount.yaml │ │ │ ├── redis-haproxy-serviceaccount.yaml │ │ │ ├── redis-ha-pdb.yaml │ │ │ ├── redis-ha-role.yaml │ │ │ ├── redis-ha-rolebinding.yaml │ │ │ ├── tests │ │ │ │ ├── test-redis-ha-pod.yaml │ │ │ │ └── test-redis-ha-configmap.yaml │ │ │ ├── redis-ha-configmap.yaml │ │ │ ├── redis-ha-service.yaml │ │ │ ├── NOTES.txt │ │ │ ├── redis-ha-announce-service.yaml │ │ │ ├── redis-ha-servicemonitor.yaml │ │ │ ├── redis-haproxy-servicemonitor.yaml │ │ │ ├── redis-haproxy-service.yaml │ │ │ ├── _helpers.tpl │ │ │ └── redis-haproxy-deployment.yaml │ │ │ └── Chart.yaml │ ├── requirements.yaml │ ├── templates │ │ ├── crds.yaml │ │ ├── dex │ │ │ ├── serviceaccount.yaml │ │ │ ├── role.yaml │ │ │ ├── rolebinding.yaml │ │ │ ├── service.yaml │ │ │ ├── servicemonitor.yaml │ │ │ └── deployment.yaml │ │ ├── argocd-server │ │ │ ├── backendconfig.yaml │ │ │ ├── rolebinding.yaml │ │ │ ├── serviceaccount.yaml │ │ │ ├── clusterrolebinding.yaml │ │ │ ├── clusterrole.yaml │ │ │ ├── role.yaml │ │ │ ├── route.yaml │ │ │ ├── metrics-service.yaml │ │ │ ├── applications.yaml │ │ │ ├── certificate.yaml │ │ │ ├── hpa.yaml │ │ │ ├── servicemonitor.yaml │ │ │ ├── projects.yaml │ │ │ ├── service.yaml │ │ │ ├── ingress.yaml │ │ │ └── ingress-grpc.yaml │ │ ├── argocd-repo-server │ │ │ ├── repository-credentials-secret.yaml │ │ │ ├── role.yaml │ │ │ ├── serviceaccount.yaml │ │ │ ├── rolebinding.yaml │ │ │ ├── service.yaml │ │ │ ├── metrics-service.yaml │ │ │ ├── hpa.yaml │ │ │ └── servicemonitor.yaml │ │ ├── argocd-configs │ │ │ ├── argocd-cm.yaml │ │ │ ├── argocd-ssh-known-hosts-cm.yaml │ │ │ ├── argocd-rbac-cm.yaml │ │ │ ├── argocd-tls-certs-cm.yaml │ │ │ └── argocd-secret.yaml │ │ ├── argocd-application-controller │ │ │ ├── clusterrole.yaml │ │ │ ├── rolebinding.yaml │ │ │ ├── serviceaccount.yaml │ │ │ ├── clusterrolebinding.yaml │ │ │ ├── role.yaml │ │ │ ├── service.yaml │ │ │ ├── prometheusrule.yaml │ │ │ ├── metrics-service.yaml │ │ │ ├── servicemonitor.yaml │ │ │ └── deployment.yaml │ │ ├── redis │ │ │ ├── service.yaml │ │ │ └── deployment.yaml │ │ ├── NOTES.txt │ │ └── _helpers.tpl │ ├── requirements.lock │ └── Chart.yaml ├── argo │ ├── requirements.yaml │ ├── templates │ │ ├── workflow-controller-sa.yaml │ │ ├── server-sa.yaml │ │ ├── workflow-sa.yaml │ │ ├── cron-workflow-crd.yaml │ │ ├── workflow-template-crd.yaml │ │ ├── workflow-role.yaml │ │ ├── cluster-workflow-template-crd.yaml │ │ ├── _helpers.tpl │ │ ├── worfkflow-controller-secrets-access.yaml │ │ ├── workflow-rb.yaml │ │ ├── NOTES.txt │ │ ├── workflow-crd.yaml │ │ ├── workflow-controller-deployment-pdb.yaml │ │ ├── server-deployment-pdb.yaml │ │ ├── workflow-controller-minio-secret-crb.yaml │ │ ├── server-crb.yaml │ │ ├── workflow-controller-servicemonitor.yaml │ │ ├── server-service.yaml │ │ ├── workflow-controller-crb.yaml │ │ ├── server-ingress.yaml │ │ ├── workflow-controller-service.yaml │ │ ├── server-cluster-roles.yaml │ │ ├── workflow-aggregate-roles.yaml │ │ ├── workflow-controller-cluster-roles.yaml │ │ ├── workflow-controller-deployment.yaml │ │ ├── server-deployment.yaml │ │ └── workflow-controller-config-map.yaml │ ├── requirements.lock │ ├── Chart.yaml │ ├── .helmignore │ ├── crds │ │ ├── cron-workflow-crd.yaml │ │ ├── workflow-template-crd.yaml │ │ ├── cluster-workflow-template-crd.yaml │ │ └── workflow-crd.yaml │ └── README.md ├── argo-events │ ├── ci │ │ └── test-values.yaml │ ├── crds │ │ ├── eventbus-crd.yml │ │ ├── sensor-crd.yml │ │ └── eventsource-crd.yml │ ├── .helmignore │ ├── Chart.yaml │ ├── templates │ │ ├── eventsource-crd.yaml │ │ ├── sensor-crd.yaml │ │ ├── _helpers.tpl │ │ ├── argo-events-sa.yaml │ │ ├── eventbus-crd.yaml │ │ ├── sensor-controller-deployment.yaml │ │ ├── eventsource-controller-deployment.yaml │ │ ├── eventbus-controller-deployment.yaml │ │ ├── argo-events-cluster-roles.yaml │ │ └── argo-events-roles.yaml │ ├── README.md │ └── values.yaml ├── argocd-notifications │ ├── templates │ │ ├── serviceaccount.yaml │ │ ├── bots │ │ │ └── slack │ │ │ │ ├── serviceaccount.yaml │ │ │ │ ├── rolebinding.yaml │ │ │ │ ├── role.yaml │ │ │ │ ├── service.yaml │ │ │ │ └── deployment.yaml │ │ ├── rolebinding.yaml │ │ ├── service-metrics.yaml │ │ ├── configmap.yaml │ │ ├── role.yaml │ │ ├── servicemonitor.yaml │ │ ├── secret.yaml │ │ ├── deployment.yaml │ │ └── _helpers.tpl │ ├── README.md │ ├── .helmignore │ └── Chart.yaml └── argo-rollouts │ ├── templates │ ├── argo-rollouts-sa.yaml │ ├── argo-rollouts-rolebinding.yaml │ ├── argo-rollouts-metrics-service.yaml │ ├── argo-rollouts-clusterrolebinding.yaml │ ├── _helpers.tpl │ ├── argo-rollouts-role.yaml │ ├── argo-rollouts-aggregate-roles.yaml │ ├── argo-rollouts-deployment.yaml │ └── argo-rollouts-clusterrole.yaml │ ├── Chart.yaml │ ├── .helmignore │ ├── values.yaml │ └── README.md ├── .github ├── stale.yml ├── no-response.yml ├── pull_request_template.md └── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md ├── .gitignore ├── .circleci ├── chart-testing.yaml ├── lintconf.yaml └── config.yml ├── OWNERS ├── README.md ├── CODEOWNERS ├── .argo ├── argo-checkout.yaml └── publish.yaml ├── scripts ├── lint.sh └── publish.sh └── CONTRIBUTING.md /charts/argo-ci/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /charts/argo-cd/.helmignore: -------------------------------------------------------------------------------- 1 | *.tgz 2 | output 3 | -------------------------------------------------------------------------------- /.github/stale.yml: -------------------------------------------------------------------------------- 1 | # See https://github.com/probot/stale 2 | -------------------------------------------------------------------------------- /.github/no-response.yml: -------------------------------------------------------------------------------- 1 | # See https://github.com/probot/no-response 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | output 2 | .vscode 3 | .DS_Store 4 | .idea 5 | **/*.tgz 6 | **/charts/*/charts 7 | -------------------------------------------------------------------------------- /.circleci/chart-testing.yaml: -------------------------------------------------------------------------------- 1 | chart-repos: 2 | - argo=https://argoproj.github.io/argo-helm 3 | -------------------------------------------------------------------------------- /charts/argo-ci/README.md: -------------------------------------------------------------------------------- 1 | # Argo CI Chart 2 | 3 | This is a **community maintained** chart. 4 | -------------------------------------------------------------------------------- /OWNERS: -------------------------------------------------------------------------------- 1 | owners: 2 | - alexec 3 | - alexmt 4 | - jessesuen 5 | 6 | approvers: 7 | - alexec 8 | - alexmt 9 | - jessesuen 10 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - ssalaues 3 | - dandydeveloper 4 | reviewers: 5 | - ssalaues 6 | - dandydeveloper -------------------------------------------------------------------------------- /charts/argo-ci/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: argo 3 | version: 0.2.1 4 | repository: https://argoproj.github.io/argo-helm 5 | -------------------------------------------------------------------------------- /charts/argo-cd/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: redis-ha 3 | version: 4.4.2 4 | repository: https://kubernetes-charts.storage.googleapis.com 5 | condition: redis-ha.enabled -------------------------------------------------------------------------------- /charts/argo/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: minio 3 | version: 5.0.6 4 | repository: https://kubernetes-charts.storage.googleapis.com/ 5 | condition: minio.install 6 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/crds.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.installCRDs }} 2 | {{- range $path, $_ := .Files.Glob "crds/*.yaml" }} 3 | {{ $.Files.Get $path }} 4 | --- 5 | {{- end }} 6 | {{- end }} 7 | -------------------------------------------------------------------------------- /charts/argo-events/ci/test-values.yaml: -------------------------------------------------------------------------------- 1 | serviceAccount: argo-events-sa-test 2 | additionalSaNamespaces: 3 | - nsone 4 | - nstwo 5 | instanceID: test-argo-events 6 | singleNamespace: false 7 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-controller-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: {{ .Values.controller.serviceAccount }} 5 | annotations: 6 | {{ toYaml .Values.controller.serviceAccountAnnotations | indent 4 }} 7 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Argo Helm Charts 2 | 3 | Argo Helm is a collection of **community maintained** charts for http://argoproj.io/ projects. the charts can be added using following command: 4 | 5 | ``` 6 | helm repo add argo https://argoproj.github.io/argo-helm 7 | ``` 8 | -------------------------------------------------------------------------------- /charts/argo-ci/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: argo 3 | repository: https://argoproj.github.io/argo-helm 4 | version: 0.2.1 5 | digest: sha256:af0f837200061b1720c0e05168dfc4a9537582f3004de62eeb5ef01b4c78db64 6 | generated: 2018-10-23T14:50:47.570677461-07:00 7 | -------------------------------------------------------------------------------- /charts/argo/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: minio 3 | repository: https://kubernetes-charts.storage.googleapis.com/ 4 | version: 5.0.6 5 | digest: sha256:373b459c6232e9fd4dd86fa0af01e024372f686a0cdfbfed69d3cd41859e8ad4 6 | generated: "2020-02-06T00:16:52.211425292Z" 7 | -------------------------------------------------------------------------------- /charts/argo/templates/server-sa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ .Values.server.serviceAccount }} 6 | annotations: 7 | {{ toYaml .Values.server.serviceAccountAnnotations | indent 4 }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/ci/haproxy-enabled-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ## Enable HAProxy to manage Load Balancing 3 | haproxy: 4 | enabled: true 5 | annotations: 6 | any.domain/key: "value" 7 | serviceAccount: 8 | create: true 9 | metrics: 10 | enabled: true 11 | -------------------------------------------------------------------------------- /charts/argo-cd/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: redis-ha 3 | repository: https://kubernetes-charts.storage.googleapis.com 4 | version: 4.4.2 5 | digest: sha256:70fdd035c3aa3b7185882f12a73143c58ab32f04262dda2cf34a2b1a52116d96 6 | generated: "2020-03-29T14:37:59.349371452+01:00" 7 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "argocd-notifications.serviceAccountName" . }} 6 | labels: 7 | {{- include "argocd-notifications.labels" . | nindent 4 }} 8 | {{- end }} 9 | -------------------------------------------------------------------------------- /charts/argo-rollouts/templates/argo-rollouts-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: {{ .Values.serviceAccount.name }} 5 | labels: 6 | app.kubernetes.io/component: {{ .Values.controller.component }} 7 | app.kubernetes.io/name: {{ .Release.Name }} 8 | app.kubernetes.io/part-of: {{ .Release.Name }} 9 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/bots/slack/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.bots.slack.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "argocd-notifications.bots.slack.serviceAccountName" . }} 6 | labels: 7 | {{- include "argocd-notifications.bots.slack.labels" . | nindent 4 }} 8 | {{ end }} 9 | -------------------------------------------------------------------------------- /charts/argo-ci/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: A Helm chart for Argo-CI 3 | name: argo-ci 4 | version: 0.1.7 5 | icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png 6 | appVersion: v1.0.0-alpha2 7 | home: https://github.com/argoproj/argo-helm 8 | maintainers: 9 | - name: alexec 10 | - name: alexmt 11 | - name: jessesuen 12 | -------------------------------------------------------------------------------- /charts/argo-rollouts/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "0.8.3" 3 | description: A Helm chart for Argo Rollouts 4 | name: argo-rollouts 5 | version: 0.3.6 6 | icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png 7 | home: https://github.com/argoproj/argo-helm 8 | maintainers: 9 | - name: alexmt 10 | - name: dthomson25 11 | - name: jessesuen 12 | -------------------------------------------------------------------------------- /charts/argo/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: v2.8.0 3 | description: A Helm chart for Argo Workflows 4 | name: argo 5 | version: 0.12.1 6 | icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png 7 | home: https://github.com/argoproj/argo-helm 8 | maintainers: 9 | - name: alexec 10 | - name: alexmt 11 | - name: jessesuen 12 | - name: benjaminws 13 | -------------------------------------------------------------------------------- /charts/argo-events/crds/eventbus-crd.yml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1beta1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | name: eventbus.argoproj.io 5 | spec: 6 | group: argoproj.io 7 | names: 8 | kind: EventBus 9 | listKind: EventBusList 10 | plural: eventbus 11 | shortNames: 12 | - eb 13 | singular: eventbus 14 | scope: Namespaced 15 | version: v1alpha1 16 | -------------------------------------------------------------------------------- /charts/argo-events/crds/sensor-crd.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.k8s.io/v1beta1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: sensors.argoproj.io 6 | spec: 7 | group: argoproj.io 8 | names: 9 | kind: Sensor 10 | listKind: SensorList 11 | plural: sensors 12 | singular: sensor 13 | shortNames: 14 | - sn 15 | scope: Namespaced 16 | version: "v1alpha1" 17 | 18 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-ha-exporter-script-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.exporter.script }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "redis-ha.fullname" . }}-exporter-script-configmap 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{ include "labels.standard" . | indent 4 }} 9 | data: 10 | script: {{ toYaml .Values.exporter.script | indent 2 }} 11 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-ci/values.yaml: -------------------------------------------------------------------------------- 1 | imageNamespace: argoproj 2 | ciImage: argoci 3 | imageTag: v1.0.0-alpha2 4 | imagePullPolicy: Always 5 | # Secrets with credentials to pull images from a private registry 6 | imagePullSecrets: [] 7 | # - name: argo-pull-secret 8 | workflowNamespace: default 9 | 10 | argo: 11 | imagesNamespace: argoproj 12 | installMinio: true 13 | minioBucketName: argo-artifacts 14 | useReleaseAsInstanceID: true 15 | -------------------------------------------------------------------------------- /charts/argocd-notifications/README.md: -------------------------------------------------------------------------------- 1 | ## ArgoCD Notifications Chart 2 | 3 | This is a **community maintained** chart. It installs the [argocd-notifications](https://github.com/argoproj-labs/argocd-notifications) application. This application comes packaged with: 4 | - Notifications Controller Deployment 5 | - Notifications Controller ConfigMap 6 | - Notifications Controller Secret 7 | - Service Account 8 | - Roles 9 | - Role Bindings 10 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-auth-secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.auth (not .Values.existingSecret) -}} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ template "redis-ha.fullname" . }} 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{ include "labels.standard" . | indent 4 }} 9 | type: Opaque 10 | data: 11 | {{ .Values.authKey }}: {{ .Values.redisPassword | b64enc | quote }} 12 | {{- end -}} 13 | -------------------------------------------------------------------------------- /charts/argo-events/crds/eventsource-crd.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apiextensions.k8s.io/v1beta1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: eventsources.argoproj.io 6 | spec: 7 | group: argoproj.io 8 | scope: Namespaced 9 | names: 10 | kind: EventSource 11 | plural: eventsources 12 | singular: eventsource 13 | listKind: EventSourceList 14 | shortNames: 15 | - es 16 | version: "v1alpha1" 17 | 18 | 19 | -------------------------------------------------------------------------------- /charts/argo/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/argo-ci/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/argo-events/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/argo-rollouts/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners 2 | 3 | # Argo Workflows 4 | /charts/argo @benjaminws @stefansedich @paguos 5 | 6 | # Argo CD 7 | /charts/argo-cd @seanson @spencergilbert 8 | 9 | # Argo Events 10 | /charts/argo-events @jbehling 11 | 12 | # Argo Rollouts 13 | /charts/argo-rollouts @cabrinha 14 | 15 | # Argo CD Notifications 16 | /charts/argocd-notifications @alexmt @andyfeller 17 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-sa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.workflow.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ .Values.workflow.serviceAccount.name }} 6 | {{- if .Values.workflow.namespace }} 7 | namespace: {{ .Values.workflow.namespace }} 8 | {{- end }} 9 | {{- with .Values.workflow.serviceAccount.annotations }} 10 | annotations: 11 | {{- toYaml . | nindent 4 }} 12 | {{- end }} 13 | {{- end }} 14 | -------------------------------------------------------------------------------- /charts/argocd-notifications/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-ha-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "redis-ha.serviceAccountName" . }} 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 11 | app: {{ template "redis-ha.fullname" . }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/argo/crds/cron-workflow-crd.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1beta1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | name: cronworkflows.argoproj.io 5 | annotations: 6 | helm.sh/hook: crd-install 7 | helm.sh/hook-delete-policy: before-hook-creation 8 | spec: 9 | group: argoproj.io 10 | names: 11 | kind: CronWorkflow 12 | plural: cronworkflows 13 | shortNames: 14 | - cronwf 15 | - cwf 16 | scope: Namespaced 17 | version: v1alpha1 -------------------------------------------------------------------------------- /charts/argo-ci/templates/ci-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ .Release.Name }}-ci 5 | labels: 6 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 7 | release: {{ .Release.Name }} 8 | heritage: {{ .Release.Service }} 9 | spec: 10 | ports: 11 | - port: 80 12 | protocol: TCP 13 | targetPort: 8001 14 | selector: 15 | app: {{ .Release.Name }}-ci 16 | sessionAffinity: None 17 | type: LoadBalancer 18 | -------------------------------------------------------------------------------- /charts/argo/crds/workflow-template-crd.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1beta1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | name: workflowtemplates.argoproj.io 5 | annotations: 6 | helm.sh/hook: crd-install 7 | helm.sh/hook-delete-policy: before-hook-creation 8 | spec: 9 | group: argoproj.io 10 | version: v1alpha1 11 | scope: Namespaced 12 | names: 13 | kind: WorkflowTemplate 14 | plural: workflowtemplates 15 | shortNames: 16 | - wftmpl 17 | -------------------------------------------------------------------------------- /charts/argocd-notifications/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | appVersion: 0.7.0 3 | description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD. 4 | name: argocd-notifications 5 | type: application 6 | version: 1.0.11 7 | home: https://github.com/argoproj/argo-helm 8 | icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png 9 | keywords: 10 | - argoproj 11 | - argocd 12 | - argocd-notifications 13 | maintainers: 14 | - name: alexmt 15 | - name: andyfeller 16 | -------------------------------------------------------------------------------- /charts/argo-cd/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: 1.7.6 3 | description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. 4 | name: argo-cd 5 | version: 2.7.5 6 | home: https://github.com/argoproj/argo-helm 7 | icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png 8 | keywords: 9 | - argoproj 10 | - argocd 11 | - gitops 12 | maintainers: 13 | - name: alexec 14 | - name: alexmt 15 | - name: jessesuen 16 | - name: seanson 17 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/bots/slack/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.bots.slack.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: {{ include "argocd-notifications.name" . }}-bot 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: Role 9 | name: {{ include "argocd-notifications.name" . }}-bot 10 | subjects: 11 | - kind: ServiceAccount 12 | name: {{ include "argocd-notifications.bots.slack.serviceAccountName" . }} 13 | {{ end }} 14 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-haproxy-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.haproxy.serviceAccount.create .Values.haproxy.enabled }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "redis-ha.serviceAccountName" . }}-haproxy 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 11 | app: {{ template "redis-ha.fullname" . }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: {{ include "argocd-notifications.name" . }}-controller 5 | labels: 6 | {{- include "argocd-notifications.labels" . | nindent 4 }} 7 | roleRef: 8 | apiGroup: rbac.authorization.k8s.io 9 | kind: Role 10 | name: {{ include "argocd-notifications.name" . }}-controller 11 | subjects: 12 | - kind: ServiceAccount 13 | name: {{ include "argocd-notifications.serviceAccountName" . }} 14 | -------------------------------------------------------------------------------- /charts/argo/crds/cluster-workflow-template-crd.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1beta1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | name: clusterworkflowtemplates.argoproj.io 5 | annotations: 6 | helm.sh/hook: crd-install 7 | helm.sh/hook-delete-policy: before-hook-creation 8 | spec: 9 | group: argoproj.io 10 | version: v1alpha1 11 | scope: Cluster 12 | names: 13 | kind: ClusterWorkflowTemplate 14 | plural: clusterworkflowtemplates 15 | shortNames: 16 | - clusterwftmpl 17 | - cwft 18 | -------------------------------------------------------------------------------- /charts/argo/templates/cron-workflow-crd.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.installCRD }} 2 | apiVersion: apiextensions.k8s.io/v1beta1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: cronworkflows.argoproj.io 6 | annotations: 7 | helm.sh/hook: crd-install 8 | helm.sh/hook-delete-policy: before-hook-creation 9 | spec: 10 | group: argoproj.io 11 | names: 12 | kind: CronWorkflow 13 | plural: cronworkflows 14 | shortNames: 15 | - cronwf 16 | - cwf 17 | scope: Namespaced 18 | version: v1alpha1 19 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-ha-pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.podDisruptionBudget -}} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: {{ template "redis-ha.fullname" . }}-pdb 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{ include "labels.standard" . | indent 4 }} 9 | spec: 10 | selector: 11 | matchLabels: 12 | release: {{ .Release.Name }} 13 | app: {{ template "redis-ha.name" . }} 14 | {{ toYaml .Values.podDisruptionBudget | indent 2 }} 15 | {{- end -}} 16 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/service-metrics.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.metrics.enabled }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ include "argocd-notifications.name" . }}-metrics 6 | labels: 7 | {{- include "argocd-notifications.metrics.labels" . | nindent 4 }} 8 | spec: 9 | selector: 10 | {{- include "argocd-notifications.selectorLabels" . | nindent 4 }} 11 | ports: 12 | - name: metrics 13 | port: {{ .Values.metrics.port }} 14 | targetPort: {{ .Values.metrics.port }} 15 | {{- end }} 16 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-template-crd.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.installCRD }} 2 | apiVersion: apiextensions.k8s.io/v1beta1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: workflowtemplates.argoproj.io 6 | annotations: 7 | helm.sh/hook: crd-install 8 | helm.sh/hook-delete-policy: before-hook-creation 9 | spec: 10 | group: argoproj.io 11 | version: v1alpha1 12 | scope: Namespaced 13 | names: 14 | kind: WorkflowTemplate 15 | plural: workflowtemplates 16 | shortNames: 17 | - wftmpl 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-role.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.workflow.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: {{ .Release.Name }}-workflow 6 | {{- if .Values.workflow.namespace }} 7 | namespace: {{ .Values.workflow.namespace }} 8 | {{- end }} 9 | rules: 10 | - apiGroups: 11 | - "" 12 | resources: 13 | - pods 14 | verbs: 15 | - get 16 | - watch 17 | - patch 18 | - apiGroups: 19 | - "" 20 | resources: 21 | - pods/log 22 | verbs: 23 | - get 24 | - watch 25 | {{- end }} 26 | -------------------------------------------------------------------------------- /charts/argo-events/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: A Helm chart to install Argo-Events in k8s Cluster 3 | name: argo-events 4 | version: 1.0.0 5 | keywords: 6 | - argo-events 7 | - sensor-controller 8 | - eventsource-controller 9 | - eventbus-controller 10 | sources: 11 | - https://github.com/argoproj/argo-events 12 | maintainers: 13 | - name: VaibhavPage 14 | - name: whynowy 15 | appVersion: 1.0.0 16 | icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png 17 | home: https://github.com/argoproj/argo-helm 18 | -------------------------------------------------------------------------------- /.argo/argo-checkout.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | type: container 3 | version: 1 4 | name: argo-checkout 5 | description: Checks out a source repository to /src 6 | resources: 7 | mem_mib: 500 8 | cpu_cores: 0.1 9 | image: argoproj/argoscm:v2.0 10 | command: ["axscm"] 11 | args: ["clone", "%%inputs.parameters.REPO%%", "/src", "--commit", "%%inputs.parameters.COMMIT%%"] 12 | inputs: 13 | parameters: 14 | COMMIT: 15 | default: "%%session.commit%%" 16 | REPO: 17 | default: "%%session.repo%%" 18 | outputs: 19 | artifacts: 20 | CODE: 21 | path: /src 22 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ include "argocd-notifications.name" . }}-cm 5 | labels: 6 | {{- include "argocd-notifications.labels" . | nindent 4 }} 7 | data: 8 | config.yaml: | 9 | context: 10 | argocdUrl: {{ .Values.argocdUrl | quote }} 11 | subscriptions: 12 | {{- toYaml .Values.subscriptions | nindent 6 }} 13 | templates: 14 | {{- toYaml .Values.templates | nindent 6 }} 15 | triggers: 16 | {{- toYaml .Values.triggers | nindent 6 }} 17 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/bots/slack/role.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.bots.slack.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: {{ include "argocd-notifications.name" . }}-bot 6 | rules: 7 | - apiGroups: 8 | - argoproj.io 9 | resources: 10 | - applications 11 | - appprojects 12 | verbs: 13 | - get 14 | - list 15 | - watch 16 | - update 17 | - patch 18 | - apiGroups: 19 | - "" 20 | resources: 21 | - secrets 22 | - configmaps 23 | verbs: 24 | - get 25 | - list 26 | - watch 27 | {{ end }} 28 | -------------------------------------------------------------------------------- /.github/pull_request_template.md: -------------------------------------------------------------------------------- 1 | Checklist: 2 | 3 | * [ ] I have update the chart version in `Chart.yaml` following Semantic Versioning. 4 | * [ ] Any new values are backwards compatible and/or have sensible default. 5 | * [ ] I have followed the testing instructions in the [contributing guide](https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md). 6 | * [ ] I have signed the CLA and the build is green. 7 | * [ ] I will test my changes again once merged to master and published. 8 | 9 | Changes are automatically published when merged to `master`. They are not published on branches. -------------------------------------------------------------------------------- /charts/argo-rollouts/templates/argo-rollouts-rolebinding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: {{ .Release.Name }}-role-binding 5 | labels: 6 | app.kubernetes.io/component: {{ .Values.controller.component }} 7 | app.kubernetes.io/name: {{ .Release.Name }}-role-binding 8 | app.kubernetes.io/part-of: {{ .Release.Name }} 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: Role 12 | name: {{ .Release.Name }}-role 13 | subjects: 14 | - kind: ServiceAccount 15 | name: {{ .Values.serviceAccount.name }} 16 | -------------------------------------------------------------------------------- /charts/argo/templates/cluster-workflow-template-crd.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.installCRD }} 2 | apiVersion: apiextensions.k8s.io/v1beta1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: clusterworkflowtemplates.argoproj.io 6 | annotations: 7 | helm.sh/hook: crd-install 8 | helm.sh/hook-delete-policy: before-hook-creation 9 | spec: 10 | group: argoproj.io 11 | version: v1alpha1 12 | scope: Cluster 13 | names: 14 | kind: ClusterWorkflowTemplate 15 | plural: clusterworkflowtemplates 16 | shortNames: 17 | - clusterwftmpl 18 | - cwft 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /charts/argo-events/templates/eventsource-crd.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.installCRD }} 2 | apiVersion: apiextensions.k8s.io/v1beta1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: eventsources.argoproj.io 6 | annotations: 7 | helm.sh/hook: crd-install 8 | helm.sh/hook-delete-policy: before-hook-creation 9 | spec: 10 | group: argoproj.io 11 | scope: Namespaced 12 | names: 13 | kind: EventSource 14 | plural: eventsources 15 | singular: eventsource 16 | listKind: EventSourceList 17 | shortNames: 18 | - es 19 | version: "v1alpha1" 20 | {{- end }} 21 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/dex/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.dex.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "argo-cd.dexServiceAccountName" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.dex.name }} 13 | {{- end }} 14 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | name: {{ include "argocd-notifications.name" . }}-controller 5 | labels: 6 | {{- include "argocd-notifications.labels" . | nindent 4 }} 7 | rules: 8 | - apiGroups: 9 | - argoproj.io 10 | resources: 11 | - applications 12 | - appprojects 13 | verbs: 14 | - get 15 | - list 16 | - watch 17 | - update 18 | - patch 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - secrets 23 | - configmaps 24 | verbs: 25 | - get 26 | - list 27 | - watch 28 | -------------------------------------------------------------------------------- /scripts/lint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -eux 3 | 4 | SRCROOT="$(cd "$(dirname "$0")/.." && pwd)" 5 | 6 | for dir in $(find $SRCROOT/charts -mindepth 1 -maxdepth 1 -type d); 7 | do 8 | rm -rf $dir/charts 9 | name=$(basename $dir) 10 | echo "Running Helm linting for $name" 11 | docker run \ 12 | -v "$SRCROOT:/workdir" \ 13 | gcr.io/kubernetes-charts-ci/test-image:v3.1.0 \ 14 | ct \ 15 | lint \ 16 | --config .circleci/chart-testing.yaml \ 17 | --lint-conf .circleci/lintconf.yaml \ 18 | --charts "/workdir/charts/${name}" 19 | done 20 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-ha-role.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.serviceAccount.create .Values.rbac.create }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: {{ template "redis-ha.fullname" . }} 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 11 | app: {{ template "redis-ha.fullname" . }} 12 | rules: 13 | - apiGroups: 14 | - "" 15 | resources: 16 | - endpoints 17 | verbs: 18 | - get 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /charts/argo-events/templates/sensor-crd.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.installCRD }} 2 | # Define a "sensor" custom resource definition 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: sensors.argoproj.io 7 | annotations: 8 | helm.sh/hook: crd-install 9 | helm.sh/hook-delete-policy: before-hook-creation 10 | spec: 11 | group: argoproj.io 12 | names: 13 | kind: Sensor 14 | listKind: SensorList 15 | plural: sensors 16 | singular: sensor 17 | shortNames: 18 | - sn 19 | scope: Namespaced 20 | version: v1alpha1 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /charts/argo/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | */}} 13 | {{- define "fullname" -}} 14 | {{- $name := default .Chart.Name .Values.nameOverride -}} 15 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 16 | {{- end -}} 17 | -------------------------------------------------------------------------------- /charts/argo-ci/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | */}} 13 | {{- define "fullname" -}} 14 | {{- $name := default .Chart.Name .Values.nameOverride -}} 15 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 16 | {{- end -}} 17 | -------------------------------------------------------------------------------- /charts/argo-events/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | */}} 13 | {{- define "fullname" -}} 14 | {{- $name := default .Chart.Name .Values.nameOverride -}} 15 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 16 | {{- end -}} 17 | -------------------------------------------------------------------------------- /charts/argo-events/templates/argo-events-sa.yaml: -------------------------------------------------------------------------------- 1 | # All argo-events services are bound to the "argo-events" service account. 2 | # In RBAC enabled setups, this SA is bound to specific roles. 3 | apiVersion: v1 4 | kind: ServiceAccount 5 | metadata: 6 | name: {{ .Values.serviceAccount }} 7 | namespace: {{ .Release.Namespace }} 8 | {{- if .Values.additionalSaNamespaces }} 9 | {{ $sa := .Values.serviceAccount }} 10 | {{- range $namespace := .Values.additionalSaNamespaces }} 11 | --- 12 | apiVersion: v1 13 | kind: ServiceAccount 14 | metadata: 15 | name: {{ $sa }} 16 | namespace: {{ $namespace }} 17 | {{- end }} 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /charts/argo/templates/worfkflow-controller-secrets-access.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.minio.install }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: {{ .Release.Name }}-{{ .Values.controller.name}}-minio-secret 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - secrets 11 | resourceNames: 12 | - {{ .Values.artifactRepository.s3.accessKeySecret.name | default (printf "%s-%s" .Release.Name "minio") | quote }} 13 | - {{ .Values.artifactRepository.s3.secretKeySecret.name | default (printf "%s-%s" .Release.Name "minio") | quote }} 14 | verbs: 15 | - get 16 | - watch 17 | - list 18 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ .Release.Name }}-metrics 5 | labels: 6 | app.kubernetes.io/component: server 7 | app.kubernetes.io/name: {{ .Release.Name }}-metrics 8 | app.kubernetes.io/part-of: {{ .Release.Name }} 9 | annotations: 10 | {{- range $key, $value := .Values.serviceAnnotations }} 11 | {{ $key }}: {{ $value | quote }} 12 | {{- end }} 13 | spec: 14 | ports: 15 | - name: metrics 16 | protocol: TCP 17 | port: 8090 18 | targetPort: 8090 19 | selector: 20 | app.kubernetes.io/name: {{ .Release.Name }} 21 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-rb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.workflow.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: {{ .Release.Name }}-workflow 6 | {{- if .Values.workflow.namespace }} 7 | namespace: {{ .Values.workflow.namespace }} 8 | {{- end }} 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: Role 12 | name: {{ .Release.Name }}-workflow 13 | subjects: 14 | - kind: ServiceAccount 15 | name: {{ .Values.workflow.serviceAccount.name }} 16 | {{- if .Values.workflow.namespace }} 17 | namespace: {{ .Values.workflow.namespace }} 18 | {{- end }} 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /charts/argo-events/templates/eventbus-crd.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.installCRD }} 2 | apiVersion: apiextensions.k8s.io/v1beta1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: eventbus.argoproj.io 6 | annotations: 7 | helm.sh/hook: crd-install 8 | helm.sh/hook-delete-policy: before-hook-creation 9 | spec: 10 | group: argoproj.io 11 | names: 12 | kind: EventBus 13 | listKind: EventBusList 14 | plural: eventbus 15 | shortNames: 16 | - eb 17 | singular: eventbus 18 | scope: Namespaced 19 | version: v1alpha1 20 | versions: 21 | - name: v1alpha1 22 | served: true 23 | storage: true 24 | {{- end }} 25 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/bots/slack/service.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.bots.slack.enabled }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ include "argocd-notifications.name" . }}-bot 6 | {{- if .Values.bots.slack.service.annotations }} 7 | annotations: 8 | {{- toYaml .Values.bots.slack.service.annotations | nindent 4 }} 9 | {{- end }} 10 | spec: 11 | ports: 12 | - name: http 13 | port: {{ .Values.bots.slack.service.port }} 14 | protocol: TCP 15 | targetPort: http 16 | selector: 17 | {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 4 }} 18 | type: {{ .Values.bots.slack.service.type }} 19 | {{ end }} 20 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: '' 5 | labels: 'bug' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Describe the bug** 11 | A clear and concise description of what the bug is. 12 | 13 | **To Reproduce** 14 | Steps to reproduce the behavior: 15 | 1. Go to '...' 16 | 2. Click on '....' 17 | 3. Scroll down to '....' 18 | 4. See error 19 | 20 | **Expected behavior** 21 | A clear and concise description of what you expected to happen. 22 | 23 | **Screenshots** 24 | If applicable, add screenshots to help explain your problem. 25 | 26 | **Additional context** 27 | Add any other context about the problem here. 28 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/backendconfig.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.GKEbackendConfig.enabled }} 2 | apiVersion: cloud.google.com/v1beta1 3 | kind: BackendConfig 4 | metadata: 5 | name: {{ template "argo-cd.server.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.server.name }} 13 | spec: 14 | {{- toYaml .Values.server.GKEbackendConfig.spec | nindent 2 }} 15 | {{- end }} 16 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: 5.0.6 3 | description: Highly available Kubernetes implementation of Redis 4 | engine: gotpl 5 | home: http://redis.io/ 6 | icon: https://upload.wikimedia.org/wikipedia/en/thumb/6/6b/Redis_Logo.svg/1200px-Redis_Logo.svg.png 7 | keywords: 8 | - redis 9 | - keyvalue 10 | - database 11 | maintainers: 12 | - email: salimsalaues@gmail.com 13 | name: ssalaues 14 | - email: aaron.layfield@gmail.com 15 | name: dandydeveloper 16 | name: redis-ha 17 | sources: 18 | - https://redis.io/download 19 | - https://github.com/scality/Zenko/tree/development/1.0/kubernetes/zenko/charts/redis-ha 20 | - https://github.com/oliver006/redis_exporter 21 | version: 4.4.2 22 | -------------------------------------------------------------------------------- /charts/argo-rollouts/templates/argo-rollouts-clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.clusterInstall }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | name: {{ .Release.Name }}-clusterrolebinding 6 | labels: 7 | app.kubernetes.io/component: {{ .Values.controller.component }} 8 | app.kubernetes.io/name: {{ .Release.Name }}-clusterrolebinding 9 | app.kubernetes.io/part-of: {{ .Release.Name }} 10 | roleRef: 11 | apiGroup: rbac.authorization.k8s.io 12 | kind: ClusterRole 13 | name: {{ .Release.Name }}-clusterrole 14 | subjects: 15 | - kind: ServiceAccount 16 | name: {{ .Values.serviceAccount.name }} 17 | namespace: {{ .Release.Namespace }} 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: '' 5 | labels: 'enhancement' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Is your feature request related to a problem? Please describe.** 11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 12 | 13 | **Describe the solution you'd like** 14 | A clear and concise description of what you want to happen. 15 | 16 | **Describe alternatives you've considered** 17 | A clear and concise description of any alternative solutions or features you've considered. 18 | 19 | **Additional context** 20 | Add any other context or screenshots about the feature request here. 21 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/dex/role.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.dex.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: {{ template "argo-cd.dex.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.dex.name }} 13 | rules: 14 | - apiGroups: 15 | - "" 16 | resources: 17 | - secrets 18 | - configmaps 19 | verbs: 20 | - get 21 | - list 22 | - watch 23 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-ha-rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.serviceAccount.create .Values.rbac.create }} 2 | kind: RoleBinding 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | metadata: 5 | name: {{ template "redis-ha.fullname" . }} 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 11 | app: {{ template "redis-ha.fullname" . }} 12 | subjects: 13 | - kind: ServiceAccount 14 | name: {{ template "redis-ha.serviceAccountName" . }} 15 | roleRef: 16 | apiGroup: rbac.authorization.k8s.io 17 | kind: Role 18 | name: {{ template "redis-ha.fullname" . }} 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.configs.repositoryCredentials }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: argocd-repository-credentials 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.server.name }} 13 | type: Opaque 14 | data: 15 | {{- range $key, $value := .Values.configs.repositoryCredentials }} 16 | {{ $key }}: {{ $value | b64enc }} 17 | {{- end }} 18 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-repo-server/role.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.repoServer.serviceAccount.create }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: {{ template "argo-cd.repoServer.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.repoServer.name }} 13 | rules: 14 | {{- if .Values.repoServer.rbac }} 15 | {{toYaml .Values.repoServer.rbac }} 16 | {{- end }} 17 | {{- end }} 18 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/tests/test-redis-ha-pod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: {{ template "redis-ha.fullname" . }}-service-test 5 | labels: 6 | {{ include "labels.standard" . | indent 4 }} 7 | annotations: 8 | "helm.sh/hook": test-success 9 | spec: 10 | containers: 11 | - name: "{{ .Release.Name }}-service-test" 12 | image: {{ .Values.image.repository }}:{{ .Values.image.tag }} 13 | command: 14 | - sh 15 | - -c 16 | - redis-cli -h {{ template "redis-ha.fullname" . }} -p {{ .Values.redis.port }} info server 17 | {{- if .Values.imagePullSecrets }} 18 | imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 4 }} 19 | {{- end }} 20 | restartPolicy: Never 21 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-configs/argocd-cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: argocd-cm 5 | labels: 6 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-cm 7 | helm.sh/chart: {{ include "argo-cd.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | app.kubernetes.io/part-of: argocd 11 | app.kubernetes.io/component: {{ .Values.server.name }} 12 | {{- if .Values.server.configAnnotations }} 13 | annotations: 14 | {{- range $key, $value := .Values.server.configAnnotations }} 15 | {{ $key }}: {{ $value | quote }} 16 | {{- end }} 17 | {{- end }} 18 | data: 19 | {{- toYaml .Values.server.config | nindent 4 }} -------------------------------------------------------------------------------- /charts/argo/crds/workflow-crd.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1beta1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | name: workflows.argoproj.io 5 | annotations: 6 | helm.sh/hook: crd-install 7 | helm.sh/hook-delete-policy: before-hook-creation 8 | spec: 9 | additionalPrinterColumns: 10 | - JSONPath: .status.phase 11 | description: Status of the workflow 12 | name: Status 13 | type: string 14 | - JSONPath: .status.startedAt 15 | description: When the workflow was started 16 | format: date-time 17 | name: Age 18 | type: date 19 | group: argoproj.io 20 | names: 21 | kind: Workflow 22 | plural: workflows 23 | shortNames: 24 | - wf 25 | scope: Namespaced 26 | version: v1alpha1 27 | -------------------------------------------------------------------------------- /charts/argo/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get Argo Server external IP/domain by running: 2 | 3 | kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-{{ .Values.server.name }} 4 | 5 | 2. Submit the hello-world workflow by running: 6 | 7 | argo submit https://raw.githubusercontent.com/argoproj/argo/master/examples/hello-world.yaml --watch 8 | 9 | {{ if .Values.minio.install }} 10 | 11 | 3. Access Minio UI and create bucket '{{ .Values.minio.defaultBucket.name }}'. Minio UI is available on port 9000 and available via external URL. URL might be retrieved using following 12 | command: 13 | 14 | kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ .Release.Name }}-minio-svc 15 | 16 | {{ end }} 17 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | {{- toYaml .Values.configs.knownHosts | nindent 0 }} 3 | kind: ConfigMap 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-ssh-known-hosts-cm 7 | helm.sh/chart: {{ include "argo-cd.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | app.kubernetes.io/part-of: argocd 11 | app.kubernetes.io/component: {{ .Values.server.name }} 12 | {{- if .Values.configs.knownHostsAnnotations }} 13 | annotations: 14 | {{- range $key, $value := .Values.configs.knownHostsAnnotations }} 15 | {{ $key }}: {{ $value | quote }} 16 | {{- end }} 17 | {{- end }} 18 | name: argocd-ssh-known-hosts-cm -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-ha-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ template "redis-ha.fullname" . }}-configmap 5 | namespace: {{ .Release.Namespace }} 6 | labels: 7 | heritage: {{ .Release.Service }} 8 | release: {{ .Release.Name }} 9 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 10 | app: {{ template "redis-ha.fullname" . }} 11 | data: 12 | redis.conf: | 13 | {{- include "config-redis.conf" . }} 14 | 15 | sentinel.conf: | 16 | {{- include "config-sentinel.conf" . }} 17 | 18 | init.sh: | 19 | {{- include "config-init.sh" . }} 20 | {{ if .Values.haproxy.enabled }} 21 | haproxy.cfg: |- 22 | {{- include "config-haproxy.cfg" . }} 23 | {{- end }} 24 | haproxy_init.sh: | 25 | {{- include "config-haproxy_init.sh" . }} 26 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-crd.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.installCRD }} 2 | apiVersion: apiextensions.k8s.io/v1beta1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: workflows.argoproj.io 6 | annotations: 7 | helm.sh/hook: crd-install 8 | helm.sh/hook-delete-policy: before-hook-creation 9 | spec: 10 | additionalPrinterColumns: 11 | - JSONPath: .status.phase 12 | description: Status of the workflow 13 | name: Status 14 | type: string 15 | - JSONPath: .status.startedAt 16 | description: When the workflow was started 17 | format: date-time 18 | name: Age 19 | type: date 20 | group: argoproj.io 21 | names: 22 | kind: Workflow 23 | plural: workflows 24 | shortNames: 25 | - wf 26 | scope: Namespaced 27 | version: v1alpha1 28 | {{- end }} 29 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.controller.clusterAdminAccess.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: {{ template "argo-cd.controller.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.controller.name }} 13 | rules: 14 | - apiGroups: 15 | - '*' 16 | resources: 17 | - '*' 18 | verbs: 19 | - '*' 20 | - nonResourceURLs: 21 | - '*' 22 | verbs: 23 | - '*' 24 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: argocd-rbac-cm 5 | labels: 6 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-rbac-cm 7 | helm.sh/chart: {{ include "argo-cd.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | app.kubernetes.io/part-of: argocd 11 | app.kubernetes.io/component: {{ .Values.server.name }} 12 | {{- if .Values.server.rbacConfigAnnotations }} 13 | annotations: 14 | {{- range $key, $value := .Values.server.rbacConfigAnnotations }} 15 | {{ $key }}: {{ $value | quote }} 16 | {{- end }} 17 | {{- end }} 18 | {{- if .Values.server.rbacConfig }} 19 | data: 20 | {{- toYaml .Values.server.rbacConfig | nindent 4 }} 21 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | {{- if .Values.configs.tlsCerts }} 3 | {{- toYaml .Values.configs.tlsCerts | nindent 0 }} 4 | {{- end }} 5 | kind: ConfigMap 6 | metadata: 7 | labels: 8 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-tls-certs-cm 9 | helm.sh/chart: {{ include "argo-cd.chart" . }} 10 | app.kubernetes.io/instance: {{ .Release.Name }} 11 | app.kubernetes.io/managed-by: {{ .Release.Service }} 12 | app.kubernetes.io/part-of: argocd 13 | app.kubernetes.io/component: {{ .Values.server.name }} 14 | {{- if .Values.configs.tlsCertsAnnotations }} 15 | annotations: 16 | {{- range $key, $value := .Values.configs.tlsCertsAnnotations }} 17 | {{ $key }}: {{ $value | quote }} 18 | {{- end }} 19 | {{- end }} 20 | name: argocd-tls-certs-cm -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: {{ template "argo-cd.server.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 7 | helm.sh/chart: {{ include "argo-cd.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | app.kubernetes.io/part-of: argocd 11 | app.kubernetes.io/component: {{ .Values.server.name }} 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: Role 15 | name: {{ template "argo-cd.server.fullname" . }} 16 | subjects: 17 | - kind: ServiceAccount 18 | name: {{ template "argo-cd.serverServiceAccountName" . }} 19 | namespace: {{ .Release.Namespace }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "argo-cd.serverServiceAccountName" . }} 6 | {{- if .Values.server.serviceAccount.annotations }} 7 | annotations: 8 | {{- range $key, $value := .Values.server.serviceAccount.annotations }} 9 | {{ $key }}: {{ $value | quote }} 10 | {{- end }} 11 | {{- end }} 12 | labels: 13 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 14 | helm.sh/chart: {{ include "argo-cd.chart" . }} 15 | app.kubernetes.io/instance: {{ .Release.Name }} 16 | app.kubernetes.io/managed-by: {{ .Release.Service }} 17 | app.kubernetes.io/part-of: argocd 18 | app.kubernetes.io/component: {{ .Values.server.name }} 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/tests/test-redis-ha-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: {{ template "redis-ha.fullname" . }}-configmap-test 5 | labels: 6 | {{ include "labels.standard" . | indent 4 }} 7 | annotations: 8 | "helm.sh/hook": test-success 9 | spec: 10 | containers: 11 | - name: check-init 12 | image: koalaman/shellcheck:v0.5.0 13 | args: 14 | - --shell=sh 15 | - /readonly-config/init.sh 16 | volumeMounts: 17 | - name: config 18 | mountPath: /readonly-config 19 | readOnly: true 20 | {{- if .Values.imagePullSecrets }} 21 | imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 4 }} 22 | {{- end }} 23 | restartPolicy: Never 24 | volumes: 25 | - name: config 26 | configMap: 27 | name: {{ template "redis-ha.fullname" . }}-configmap 28 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/dex/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.dex.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: {{ template "argo-cd.dex.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.dex.name }} 13 | roleRef: 14 | apiGroup: rbac.authorization.k8s.io 15 | kind: Role 16 | name: {{ template "argo-cd.dex.fullname" . }} 17 | subjects: 18 | - kind: ServiceAccount 19 | name: {{ template "argo-cd.dexServiceAccountName" . }} 20 | namespace: {{ .Release.Namespace }} 21 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: {{ template "argo-cd.controller.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} 7 | helm.sh/chart: {{ include "argo-cd.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | app.kubernetes.io/part-of: argocd 11 | app.kubernetes.io/component: {{ .Values.controller.name }} 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: Role 15 | name: {{ template "argo-cd.controller.fullname" . }} 16 | subjects: 17 | - kind: ServiceAccount 18 | name: {{ template "argo-cd.controllerServiceAccountName" . }} 19 | namespace: {{ .Release.Namespace }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.repoServer.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "argo-cd.repoServerServiceAccountName" . }} 6 | {{- if .Values.repoServer.serviceAccount.annotations }} 7 | annotations: 8 | {{- range $key, $value := .Values.repoServer.serviceAccount.annotations }} 9 | {{ $key }}: {{ $value | quote }} 10 | {{- end }} 11 | {{- end }} 12 | labels: 13 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} 14 | helm.sh/chart: {{ include "argo-cd.chart" . }} 15 | app.kubernetes.io/instance: {{ .Release.Name }} 16 | app.kubernetes.io/managed-by: {{ .Release.Service }} 17 | app.kubernetes.io/part-of: argocd 18 | app.kubernetes.io/component: {{ .Values.repoServer.name }} 19 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/redis/service.yaml: -------------------------------------------------------------------------------- 1 | {{- $redisHa := (index .Values "redis-ha") -}} 2 | {{- if and .Values.redis.enabled (not $redisHa.enabled) -}} 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | name: {{ template "argo-cd.redis.fullname" . }} 7 | labels: 8 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} 9 | helm.sh/chart: {{ include "argo-cd.chart" . }} 10 | app.kubernetes.io/instance: {{ .Release.Name }} 11 | app.kubernetes.io/managed-by: {{ .Release.Service }} 12 | app.kubernetes.io/part-of: argocd 13 | app.kubernetes.io/component: {{ .Values.redis.name }} 14 | spec: 15 | ports: 16 | - port: {{ .Values.redis.servicePort }} 17 | targetPort: {{ .Values.redis.servicePort }} 18 | selector: 19 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} 20 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.controller.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "argo-cd.controllerServiceAccountName" . }} 6 | {{- if .Values.controller.serviceAccount.annotations }} 7 | annotations: 8 | {{- range $key, $value := .Values.controller.serviceAccount.annotations }} 9 | {{ $key }}: {{ $value | quote }} 10 | {{- end }} 11 | {{- end }} 12 | labels: 13 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} 14 | helm.sh/chart: {{ include "argo-cd.chart" . }} 15 | app.kubernetes.io/instance: {{ .Release.Name }} 16 | app.kubernetes.io/managed-by: {{ .Release.Service }} 17 | app.kubernetes.io/part-of: argocd 18 | app.kubernetes.io/component: {{ .Values.controller.name }} 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /charts/argo-events/README.md: -------------------------------------------------------------------------------- 1 | # Argo-Events Chart 2 | 3 | This is a **community maintained** chart. It installs the [argo-events](https://github.com/argoproj/argo-events) application. This application comes packaged with: 4 | - Sensor Custom Resource Definition (See CRD Notes) 5 | - EventSource Custom Resource Definition (See CRD Notes) 6 | - EventBus Custom Resource Definition (See CRD Notes) 7 | - Sensor Controller Deployment 8 | - EventSource Controller Deployment 9 | - EventBus Controller Deployment 10 | - Service Account 11 | - Roles 12 | - Role Bindings 13 | - Cluster Roles 14 | - Cluster Role Bindings 15 | 16 | ## Notes on CRD Installation 17 | 18 | Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set installCRD=false` when installing the chart. 19 | 20 | You can install the CRDs manually from `crds` folder. -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.clusterAdminAccess.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | name: {{ template "argo-cd.server.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.server.name }} 13 | roleRef: 14 | apiGroup: rbac.authorization.k8s.io 15 | kind: ClusterRole 16 | name: {{ template "argo-cd.server.fullname" . }} 17 | subjects: 18 | - kind: ServiceAccount 19 | name: {{ template "argo-cd.serverServiceAccountName" . }} 20 | namespace: {{ .Release.Namespace }} 21 | {{- end }} -------------------------------------------------------------------------------- /charts/argo/templates/workflow-controller-deployment-pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.controller.pdb.enabled }} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: {{ .Release.Name }}-{{ .Values.controller.name}} 6 | labels: 7 | app: {{ .Release.Name }}-{{ .Values.controller.name}} 8 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | spec: 12 | {{- if .Values.controller.pdb.minAvailable }} 13 | minAvailable: {{ .Values.controller.pdb.minAvailable }} 14 | {{- else if .Values.controller.pdb.maxUnavailable }} 15 | maxUnavailable: {{ .Values.controller.pdb.maxUnavailable }} 16 | {{- else }} 17 | minAvailable: 0 18 | {{- end }} 19 | selector: 20 | matchLabels: 21 | app: {{ .Release.Name }}-{{ .Values.controller.name}} 22 | release: {{ .Release.Name }} 23 | {{- end }} 24 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.repoServer.serviceAccount.create }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: {{ template "argo-cd.repoServer.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.repoServer.name }} 13 | roleRef: 14 | apiGroup: rbac.authorization.k8s.io 15 | kind: Role 16 | name: {{ template "argo-cd.repoServer.fullname" . }} 17 | subjects: 18 | - kind: ServiceAccount 19 | name: {{ template "argo-cd.repoServerServiceAccountName" . }} 20 | namespace: {{ .Release.Namespace }} 21 | {{- end }} -------------------------------------------------------------------------------- /charts/argo/templates/server-deployment-pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | {{- if .Values.server.pdb.enabled -}} 3 | apiVersion: policy/v1beta1 4 | kind: PodDisruptionBudget 5 | metadata: 6 | name: {{ .Release.Name }}-{{ .Values.server.name}} 7 | labels: 8 | app: {{ .Release.Name }}-{{ .Values.server.name}} 9 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 10 | release: {{ .Release.Name }} 11 | heritage: {{ .Release.Service }} 12 | spec: 13 | {{- if .Values.server.pdb.minAvailable }} 14 | minAvailable: {{ .Values.server.pdb.minAvailable }} 15 | {{- else if .Values.server.pdb.maxUnavailable }} 16 | maxUnavailable: {{ .Values.server.pdb.maxUnavailable }} 17 | {{- else }} 18 | minAvailable: 0 19 | {{- end }} 20 | selector: 21 | matchLabels: 22 | app: {{ .Release.Name }}-{{ .Values.server.name}} 23 | release: {{ .Release.Name }} 24 | {{- end -}} 25 | {{- end -}} 26 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-controller-minio-secret-crb.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.minio.install }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: {{ .Release.Name }}-{{ .Values.controller.name}}-minio-binding 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: Role 9 | name: {{ .Release.Name }}-{{ .Values.controller.name}}-minio-secret 10 | subjects: 11 | - kind: ServiceAccount 12 | name: {{ .Values.controller.serviceAccount }} 13 | namespace: {{ .Release.Namespace }} 14 | {{- if .Values.controller.workflowNamespaces }} 15 | {{- $uiServiceAccount := .Values.controller.serviceAccount }} 16 | {{- $namespace := .Release.Namespace }} 17 | {{- range $key := .Values.controller.workflowNamespaces }} 18 | {{- if not (eq $key $namespace) }} 19 | - kind: ServiceAccount 20 | name: {{ $uiServiceAccount }} 21 | namespace: {{ $key }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.controller.clusterAdminAccess.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | name: {{ template "argo-cd.controller.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.controller.name }} 13 | roleRef: 14 | apiGroup: rbac.authorization.k8s.io 15 | kind: ClusterRole 16 | name: {{ template "argo-cd.controller.fullname" . }} 17 | subjects: 18 | - kind: ServiceAccount 19 | name: {{ template "argo-cd.controllerServiceAccountName" . }} 20 | namespace: {{ .Release.Namespace }} 21 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.clusterAdminAccess.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: {{ template "argo-cd.server.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.server.name }} 13 | rules: 14 | - apiGroups: 15 | - '*' 16 | resources: 17 | - '*' 18 | verbs: 19 | - delete 20 | - get 21 | - patch 22 | - apiGroups: 23 | - "" 24 | resources: 25 | - events 26 | verbs: 27 | - list 28 | - apiGroups: 29 | - "" 30 | resources: 31 | - pods 32 | - pods/log 33 | verbs: 34 | - get 35 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-application-controller/role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | name: {{ template "argo-cd.controller.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} 7 | helm.sh/chart: {{ include "argo-cd.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | app.kubernetes.io/part-of: argocd 11 | app.kubernetes.io/component: {{ .Values.controller.name }} 12 | rules: 13 | - apiGroups: 14 | - "" 15 | resources: 16 | - secrets 17 | - configmaps 18 | verbs: 19 | - get 20 | - list 21 | - watch 22 | - apiGroups: 23 | - argoproj.io 24 | resources: 25 | - applications 26 | - appprojects 27 | verbs: 28 | - create 29 | - get 30 | - list 31 | - watch 32 | - update 33 | - patch 34 | - delete 35 | - apiGroups: 36 | - "" 37 | resources: 38 | - events 39 | verbs: 40 | - create 41 | - list -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | name: {{ template "argo-cd.server.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 7 | helm.sh/chart: {{ include "argo-cd.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | app.kubernetes.io/part-of: argocd 11 | app.kubernetes.io/component: {{ .Values.server.name }} 12 | rules: 13 | - apiGroups: 14 | - "" 15 | resources: 16 | - secrets 17 | - configmaps 18 | verbs: 19 | - create 20 | - get 21 | - list 22 | - watch 23 | - update 24 | - patch 25 | - delete 26 | - apiGroups: 27 | - argoproj.io 28 | resources: 29 | - applications 30 | - appprojects 31 | verbs: 32 | - create 33 | - get 34 | - list 35 | - watch 36 | - update 37 | - delete 38 | - patch 39 | - apiGroups: 40 | - "" 41 | resources: 42 | - events 43 | verbs: 44 | - create 45 | - list -------------------------------------------------------------------------------- /charts/argo-cd/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | In order to access the server UI you have the following options: 2 | 3 | 1. kubectl port-forward service/{{include "argo-cd.fullname" . }}-server -n {{ .Release.Namespace }} 8080:443 4 | 5 | and then open the browser on http://localhost:8080 and accept the certificate 6 | 7 | 2. enable ingress in the values file `service.ingress.enabled` and either 8 | - Add the annotation for ssl passthrough: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-1-ssl-passthrough 9 | - Add the `--insecure` flag to `server.extraArgs` in the values file and terminate SSL at your ingress: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-2-multiple-ingress-objects-and-hosts 10 | 11 | 12 | After reaching the UI the first time you can login with username: admin and the password will be the 13 | name of the server pod. You can get the pod name by running: 14 | 15 | kubectl get pods -n {{ .Release.Namespace }} -l app.kubernetes.io/name={{ include "argo-cd.name" . }}-server -o name | cut -d'/' -f 2 16 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-ha-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "redis-ha.fullname" . }} 5 | namespace: {{ .Release.Namespace }} 6 | labels: 7 | {{ include "labels.standard" . | indent 4 }} 8 | {{- if and ( .Values.exporter.enabled ) ( .Values.exporter.serviceMonitor.enabled ) }} 9 | servicemonitor: enabled 10 | {{- end }} 11 | annotations: 12 | {{- if .Values.serviceAnnotations }} 13 | {{ toYaml .Values.serviceAnnotations | indent 4 }} 14 | {{- end }} 15 | spec: 16 | type: ClusterIP 17 | clusterIP: None 18 | ports: 19 | - name: server 20 | port: {{ .Values.redis.port }} 21 | protocol: TCP 22 | targetPort: redis 23 | - name: sentinel 24 | port: {{ .Values.sentinel.port }} 25 | protocol: TCP 26 | targetPort: sentinel 27 | {{- if .Values.exporter.enabled }} 28 | - name: exporter-port 29 | port: {{ .Values.exporter.port }} 30 | protocol: TCP 31 | targetPort: exporter-port 32 | {{- end }} 33 | selector: 34 | release: {{ .Release.Name }} 35 | app: {{ template "redis-ha.name" . }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-repo-server/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | {{- if .Values.repoServer.service.annotations }} 5 | annotations: 6 | {{- range $key, $value := .Values.repoServer.service.annotations }} 7 | {{ $key }}: {{ $value | quote }} 8 | {{- end }} 9 | {{- end }} 10 | labels: 11 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} 12 | helm.sh/chart: {{ include "argo-cd.chart" . }} 13 | app.kubernetes.io/instance: {{ .Release.Name }} 14 | app.kubernetes.io/managed-by: {{ .Release.Service }} 15 | app.kubernetes.io/part-of: argocd 16 | app.kubernetes.io/component: {{ .Values.repoServer.name }} 17 | name: {{ template "argo-cd.repoServer.fullname" . }} 18 | spec: 19 | ports: 20 | - name: {{ .Values.repoServer.service.portName }} 21 | protocol: TCP 22 | port: {{ .Values.repoServer.service.port }} 23 | targetPort: repo-server 24 | selector: 25 | app.kubernetes.io/instance: {{ .Release.Name }} 26 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} -------------------------------------------------------------------------------- /charts/argo-rollouts/values.yaml: -------------------------------------------------------------------------------- 1 | installCRDs: true 2 | 3 | clusterInstall: true 4 | 5 | controller: 6 | name: argo-rollouts 7 | component: rollouts-controller 8 | ## Node selectors and tolerations for server scheduling to nodes with taints 9 | ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ 10 | ## 11 | nodeSelector: {} 12 | tolerations: [] 13 | affinity: {} 14 | image: 15 | repository: argoproj/argo-rollouts 16 | tag: v0.8.3 17 | pullPolicy: IfNotPresent 18 | 19 | resources: {} 20 | # limits: 21 | # cpu: 100m 22 | # memory: 128Mi 23 | # requests: 24 | # cpu: 50m 25 | # memory: 64Mi 26 | 27 | 28 | serviceAccount: 29 | name: argo-rollouts 30 | 31 | ## Annotations to be added to the Rollout pods 32 | ## 33 | podAnnotations: {} 34 | 35 | ## Annotations to be added to the Rollout service 36 | ## 37 | serviceAnnotations: {} 38 | 39 | ## Labels to be added to the Rollout pods 40 | ## 41 | podLabels: {} 42 | 43 | # Secrets with credentials to pull images from a private registry 44 | imagePullSecrets: [] 45 | # - name: argo-pull-secret 46 | -------------------------------------------------------------------------------- /charts/argo/templates/server-crb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | {{- if .Values.singleNamespace }} 4 | kind: RoleBinding 5 | metadata: 6 | name: {{ .Release.Name }}-{{ .Values.server.name}} 7 | {{ else }} 8 | kind: ClusterRoleBinding 9 | metadata: 10 | name: {{ .Release.Name }}-{{ .Values.server.name}} 11 | {{- end }} 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: ClusterRole 15 | name: {{ .Release.Name }}-{{ .Values.server.name}} 16 | subjects: 17 | - kind: ServiceAccount 18 | name: {{ .Values.server.serviceAccount }} 19 | namespace: {{ .Release.Namespace }} 20 | --- 21 | apiVersion: rbac.authorization.k8s.io/v1 22 | kind: ClusterRoleBinding 23 | metadata: 24 | name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-template 25 | roleRef: 26 | apiGroup: rbac.authorization.k8s.io 27 | kind: ClusterRole 28 | name: {{ .Release.Name }}-{{ .Values.server.name}}-cluster-template 29 | subjects: 30 | - kind: ServiceAccount 31 | name: {{ .Values.server.serviceAccount }} 32 | namespace: {{ .Release.Namespace }} 33 | {{- end -}} 34 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-application-controller/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | {{- if .Values.controller.service.annotations }} 5 | annotations: 6 | {{- range $key, $value := .Values.controller.service.annotations }} 7 | {{ $key }}: {{ $value | quote }} 8 | {{- end }} 9 | {{- end }} 10 | name: {{ template "argo-cd.controller.fullname" . }} 11 | labels: 12 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} 13 | helm.sh/chart: {{ include "argo-cd.chart" . }} 14 | app.kubernetes.io/instance: {{ .Release.Name }} 15 | app.kubernetes.io/managed-by: {{ .Release.Service }} 16 | app.kubernetes.io/part-of: argocd 17 | app.kubernetes.io/component: {{ .Values.controller.name }} 18 | spec: 19 | ports: 20 | - name: {{ .Values.controller.service.portName }} 21 | port: {{ .Values.controller.service.port }} 22 | targetPort: {{ .Values.controller.containerPort }} 23 | selector: 24 | app.kubernetes.io/instance: {{ .Release.Name }} 25 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/dex/service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.dex.enabled }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ template "argo-cd.dex.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.dex.name }} 13 | spec: 14 | ports: 15 | - name: http 16 | protocol: TCP 17 | port: {{ .Values.dex.servicePortHttp }} 18 | targetPort: http 19 | - name: grpc 20 | protocol: TCP 21 | port: {{ .Values.dex.servicePortGrpc }} 22 | targetPort: grpc 23 | {{- if .Values.dex.metrics.enabled }} 24 | - name: metrics 25 | protocol: TCP 26 | port: {{ .Values.dex.servicePortMetrics }} 27 | targetPort: metrics 28 | {{- end }} 29 | selector: 30 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} 31 | app.kubernetes.io/instance: {{ .Release.Name }} 32 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/route.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.route.enabled -}} 2 | apiVersion: route.openshift.io/v1 3 | kind: Route 4 | metadata: 5 | name: {{ template "argo-cd.server.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.server.name }} 13 | {{- with .Values.server.route.annotations }} 14 | annotations: 15 | {{ toYaml . | indent 4 }} 16 | {{- end }} 17 | spec: 18 | host: {{ .Values.server.route.hostname | quote }} 19 | to: 20 | kind: Service 21 | name: {{ template "argo-cd.server.fullname" . }} 22 | weight: 100 23 | port: 24 | targetPort: https 25 | tls: 26 | termination: {{ .Values.server.route.termination_type | default "passthrough" }} 27 | insecureEdgeTerminationPolicy: {{ .Values.server.route.termination_policy | default "None" }} 28 | wildcardPolicy: None 29 | {{- end }} 30 | -------------------------------------------------------------------------------- /.circleci/lintconf.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | rules: 3 | braces: 4 | min-spaces-inside: 0 5 | max-spaces-inside: 0 6 | min-spaces-inside-empty: -1 7 | max-spaces-inside-empty: -1 8 | brackets: 9 | min-spaces-inside: 0 10 | max-spaces-inside: 0 11 | min-spaces-inside-empty: -1 12 | max-spaces-inside-empty: -1 13 | colons: 14 | max-spaces-before: 0 15 | max-spaces-after: 1 16 | commas: 17 | max-spaces-before: 0 18 | min-spaces-after: 1 19 | max-spaces-after: 1 20 | comments: 21 | require-starting-space: true 22 | min-spaces-from-content: 1 23 | document-end: disable 24 | document-start: disable # No --- to start a file 25 | empty-lines: 26 | max: 2 27 | max-start: 0 28 | max-end: 0 29 | hyphens: 30 | max-spaces-after: 1 31 | indentation: 32 | spaces: consistent 33 | indent-sequences: whatever # - list indentation will handle both indentation and without 34 | check-multi-line-strings: false 35 | key-duplicates: enable 36 | line-length: disable # Lines can be any length 37 | new-line-at-end-of-file: enable 38 | new-lines: 39 | type: unix 40 | trailing-spaces: enable 41 | truthy: 42 | level: warning 43 | -------------------------------------------------------------------------------- /charts/argo-rollouts/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "argo-rollouts.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "argo-rollouts.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "argo-rollouts.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | Redis can be accessed via port {{ .Values.redis.port }} and Sentinel can be accessed via port {{ .Values.sentinel.port }} on the following DNS name from within your cluster: 2 | {{ template "redis-ha.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local 3 | 4 | To connect to your Redis server: 5 | 6 | {{- if .Values.auth }} 7 | 1. To retrieve the redis password: 8 | echo $(kubectl get secret {{ template "redis-ha.fullname" . }} -o "jsonpath={.data['auth']}" | base64 --decode) 9 | 10 | 2. Connect to the Redis master pod that you can use as a client. By default the {{ template "redis-ha.fullname" . }}-server-0 pod is configured as the master: 11 | 12 | kubectl exec -it {{ template "redis-ha.fullname" . }}-server-0 sh -n {{ .Release.Namespace }} 13 | 14 | 3. Connect using the Redis CLI (inside container): 15 | 16 | redis-cli -a 17 | {{- else }} 18 | 1. Run a Redis pod that you can use as a client: 19 | 20 | kubectl exec -it {{ template "redis-ha.fullname" . }}-server-0 sh -n {{ .Release.Namespace }} 21 | 22 | 2. Connect using the Redis CLI: 23 | 24 | redis-cli -h {{ template "redis-ha.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local 25 | {{- end }} 26 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/servicemonitor.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} 2 | apiVersion: monitoring.coreos.com/v1 3 | kind: ServiceMonitor 4 | metadata: 5 | name: {{ include "argocd-notifications.name" . }}-metrics 6 | {{- if .Values.metrics.serviceMonitor.namespace }} 7 | namespace: {{ .Values.metrics.serviceMonitor.namespace }} 8 | {{- end }} 9 | labels: 10 | {{- include "argocd-notifications.metrics.labels" . | nindent 4 }} 11 | {{- if .Values.metrics.serviceMonitor.additionalLabels }} 12 | {{- toYaml .Values.metrics.serviceMonitor.additionalLabels | nindent 4 }} 13 | {{- end }} 14 | spec: 15 | endpoints: 16 | - port: metrics 17 | path: /metrics 18 | {{- if .Values.metrics.serviceMonitor.interval }} 19 | interval: {{ .Values.metrics.serviceMonitor.interval }} 20 | {{- end }} 21 | {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} 22 | scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} 23 | {{- end }} 24 | namespaceSelector: 25 | matchNames: 26 | - {{ .Release.Namespace }} 27 | selector: 28 | matchLabels: 29 | {{- include "argocd-notifications.metrics.selectorLabels" . | nindent 6 }} 30 | {{- end }} 31 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.controller.metrics.enabled .Values.controller.metrics.rules.enabled }} 2 | apiVersion: monitoring.coreos.com/v1 3 | kind: PrometheusRule 4 | metadata: 5 | name: {{ template "argo-cd.controller.fullname" . }} 6 | {{- if .Values.controller.metrics.rules.namespace }} 7 | namespace: {{ .Values.controller.metrics.rules.namespace }} 8 | {{- end }} 9 | labels: 10 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} 11 | helm.sh/chart: {{ include "argo-cd.chart" . }} 12 | app.kubernetes.io/instance: {{ .Release.Name }} 13 | app.kubernetes.io/managed-by: {{ .Release.Service }} 14 | app.kubernetes.io/part-of: argocd 15 | app.kubernetes.io/component: {{ .Values.controller.name }} 16 | {{- if .Values.controller.metrics.rules.selector }} 17 | {{- toYaml .Values.controller.metrics.rules.selector | nindent 4 }} 18 | {{- end }} 19 | {{- if .Values.controller.metrics.rules.additionalLabels }} 20 | {{- toYaml .Values.controller.metrics.rules.additionalLabels | nindent 4 }} 21 | {{- end }} 22 | spec: 23 | groups: 24 | - name: argocd 25 | rules: 26 | {{- toYaml .Values.controller.metrics.rules.spec | nindent 4 }} 27 | {{- end }} 28 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/metrics-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.metrics.enabled }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | {{- if .Values.server.metrics.service.annotations }} 6 | annotations: 7 | {{- range $key, $value := .Values.server.metrics.service.annotations }} 8 | {{ $key }}: {{ $value | quote }} 9 | {{- end }} 10 | {{- end }} 11 | labels: 12 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics 13 | helm.sh/chart: {{ include "argo-cd.chart" . }} 14 | app.kubernetes.io/instance: {{ .Release.Name }} 15 | app.kubernetes.io/managed-by: {{ .Release.Service }} 16 | app.kubernetes.io/part-of: argocd 17 | app.kubernetes.io/component: {{ .Values.server.name }} 18 | {{- if .Values.server.metrics.service.labels }} 19 | {{- toYaml .Values.server.metrics.service.labels | nindent 4 }} 20 | {{- end }} 21 | name: {{ template "argo-cd.server.fullname" . }}-metrics 22 | spec: 23 | ports: 24 | - name: metrics 25 | protocol: TCP 26 | port: {{ .Values.server.metrics.service.servicePort }} 27 | targetPort: metrics 28 | selector: 29 | app.kubernetes.io/instance: {{ .Release.Name }} 30 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 31 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-application-controller/metrics-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.controller.metrics.enabled}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | {{- if .Values.controller.metrics.service.annotations }} 6 | annotations: 7 | {{- range $key, $value := .Values.controller.metrics.service.annotations }} 8 | {{ $key }}: {{ $value | quote }} 9 | {{- end }} 10 | {{- end }} 11 | labels: 12 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics 13 | helm.sh/chart: {{ include "argo-cd.chart" . }} 14 | app.kubernetes.io/instance: {{ .Release.Name }} 15 | app.kubernetes.io/managed-by: {{ .Release.Service }} 16 | app.kubernetes.io/part-of: argocd 17 | app.kubernetes.io/component: {{ .Values.controller.name }} 18 | {{- if .Values.controller.metrics.service.labels }} 19 | {{- toYaml .Values.controller.metrics.service.labels | nindent 4 }} 20 | {{- end }} 21 | name: {{ template "argo-cd.controller.fullname" . }}-metrics 22 | spec: 23 | ports: 24 | - name: metrics 25 | protocol: TCP 26 | port: {{ .Values.controller.metrics.service.servicePort }} 27 | targetPort: controller 28 | selector: 29 | app.kubernetes.io/instance: {{ .Release.Name }} 30 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} 31 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-repo-server/metrics-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.repoServer.metrics.enabled}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | {{- if .Values.repoServer.metrics.service.annotations }} 6 | annotations: 7 | {{- range $key, $value := .Values.repoServer.metrics.service.annotations }} 8 | {{ $key }}: {{ $value | quote }} 9 | {{- end }} 10 | {{- end }} 11 | labels: 12 | app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics 13 | helm.sh/chart: {{ include "argo-cd.chart" . }} 14 | app.kubernetes.io/instance: {{ .Release.Name }} 15 | app.kubernetes.io/managed-by: {{ .Release.Service }} 16 | app.kubernetes.io/part-of: argocd 17 | app.kubernetes.io/component: {{ .Values.repoServer.name }} 18 | {{- if .Values.repoServer.metrics.service.labels }} 19 | {{- toYaml .Values.repoServer.metrics.service.labels | nindent 4 }} 20 | {{- end }} 21 | name: {{ template "argo-cd.repoServer.fullname" . }}-metrics 22 | spec: 23 | ports: 24 | - name: metrics 25 | protocol: TCP 26 | port: {{ .Values.repoServer.metrics.service.servicePort }} 27 | targetPort: metrics 28 | selector: 29 | app.kubernetes.io/instance: {{ .Release.Name }} 30 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} 31 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/applications.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.additionalApplications }} 2 | apiVersion: v1 3 | kind: List 4 | items: 5 | {{- range .Values.server.additionalApplications }} 6 | - apiVersion: argoproj.io/v1alpha1 7 | kind: Application 8 | metadata: 9 | {{- if .additionalAnnotations }} 10 | annotations: 11 | {{- range $key, $value := .additionalAnnotations }} 12 | {{ $key }}: {{ $value | quote }} 13 | {{- end }} 14 | {{- end }} 15 | {{- if .additionalLabels }} 16 | labels: 17 | {{- toYaml .additionalLabels | nindent 8 }} 18 | {{- end }} 19 | name: {{ .name }} 20 | {{- if .namespace }} 21 | namespace: {{ .namespace }} 22 | {{- end }} 23 | {{- if .finalizers }} 24 | finalizers: 25 | {{- toYaml .finalizers | nindent 8 }} 26 | {{- end }} 27 | spec: 28 | project: {{ tpl .project $ }} 29 | source: 30 | {{- toYaml .source | nindent 8 }} 31 | destination: 32 | {{- toYaml .destination | nindent 8 }} 33 | {{- if .syncPolicy }} 34 | syncPolicy: 35 | {{- toYaml .syncPolicy | nindent 8 }} 36 | {{- end }} 37 | {{- if .ignoreDifferences }} 38 | ignoreDifferences: 39 | {{- toYaml .ignoreDifferences | nindent 8 }} 40 | {{- end }} 41 | {{- end }} 42 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/certificate.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.certificate.enabled -}} 2 | {{- if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" }} 3 | apiVersion: cert-manager.io/v1alpha3 4 | {{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" }} 5 | apiVersion: cert-manager.io/v1alpha2 6 | {{- else }} 7 | apiVersion: certmanager.k8s.io/v1alpha1 8 | {{- end }} 9 | kind: Certificate 10 | metadata: 11 | name: {{ template "argo-cd.server.fullname" . }} 12 | labels: 13 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 14 | helm.sh/chart: {{ include "argo-cd.chart" . }} 15 | app.kubernetes.io/instance: {{ .Release.Name }} 16 | app.kubernetes.io/managed-by: {{ .Release.Service }} 17 | app.kubernetes.io/part-of: argocd 18 | app.kubernetes.io/component: {{ .Values.server.name }} 19 | spec: 20 | commonName: {{ .Values.server.certificate.domain | quote }} 21 | dnsNames: 22 | - {{ .Values.server.certificate.domain | quote }} 23 | {{- range .Values.server.certificate.additionalHosts }} 24 | - {{ . | quote }} 25 | {{- end }} 26 | issuerRef: 27 | kind: {{ .Values.server.certificate.issuer.kind | quote }} 28 | name: {{ .Values.server.certificate.issuer.name | quote }} 29 | secretName: argocd-secret 30 | {{- end }} 31 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.autoscaling.enabled }} 2 | apiVersion: autoscaling/v2beta1 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-hpa 7 | helm.sh/chart: {{ include "argo-cd.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | app.kubernetes.io/part-of: argocd 11 | app.kubernetes.io/component: {{ .Values.server.name }} 12 | name: {{ template "argo-cd.server.fullname" . }}-hpa 13 | spec: 14 | scaleTargetRef: 15 | apiVersion: apps/v1 16 | kind: Deployment 17 | name: {{ template "argo-cd.server.fullname" . }} 18 | minReplicas: {{ .Values.server.autoscaling.minReplicas }} 19 | maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} 20 | metrics: 21 | {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} 22 | - type: Resource 23 | resource: 24 | name: memory 25 | targetAverageUtilization: {{ . }} 26 | {{- end }} 27 | {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} 28 | - type: Resource 29 | resource: 30 | name: cpu 31 | targetAverageUtilization: {{ . }} 32 | {{- end }} 33 | {{- end }} 34 | -------------------------------------------------------------------------------- /.circleci/config.yml: -------------------------------------------------------------------------------- 1 | version: 2.1 2 | jobs: 3 | lint: 4 | docker: 5 | - image: gcr.io/kubernetes-charts-ci/test-image:v3.1.0 6 | steps: 7 | - checkout 8 | - run: ct lint --config .circleci/chart-testing.yaml --lint-conf .circleci/lintconf.yaml 9 | # Technically this only needs to be run on master, but it's good to have it run on every PR 10 | # so that it is regularly tested. 11 | publish: 12 | docker: 13 | # We just need an image with `helm` on it. Handily we know of one already. 14 | - image: gcr.io/kubernetes-charts-ci/test-image:v3.1.0 15 | steps: 16 | # install the additional keys needed to push to Github. Alex Collins owns these keys. 17 | - add_ssh_keys 18 | - run: git config --global user.email "nobody@circleci.com" 19 | - run: git config --global user.name "Circle CI Build" 20 | - checkout 21 | - run: helm init --client-only 22 | # Only actually publish charts on master. 23 | - run: | 24 | set -x 25 | if [ "$CIRCLE_BRANCH" = "master" ]; then 26 | export GIT_PUSH=true 27 | else 28 | export GIT_PUSH=false 29 | fi 30 | sh ./scripts/publish.sh 31 | workflows: 32 | version: 2 33 | workflow: 34 | jobs: 35 | - lint 36 | - publish: 37 | requires: 38 | - lint -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-repo-server/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.repoServer.autoscaling.enabled }} 2 | apiVersion: autoscaling/v2beta1 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }}-hpa 7 | helm.sh/chart: {{ include "argo-cd.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | app.kubernetes.io/part-of: argocd 11 | app.kubernetes.io/component: {{ .Values.repoServer.name }} 12 | name: {{ template "argo-cd.repoServer.fullname" . }}-hpa 13 | spec: 14 | scaleTargetRef: 15 | apiVersion: apps/v1 16 | kind: Deployment 17 | name: {{ template "argo-cd.repoServer.fullname" . }} 18 | minReplicas: {{ .Values.repoServer.autoscaling.minReplicas }} 19 | maxReplicas: {{ .Values.repoServer.autoscaling.maxReplicas }} 20 | metrics: 21 | {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} 22 | - type: Resource 23 | resource: 24 | name: memory 25 | targetAverageUtilization: {{ . }} 26 | {{- end }} 27 | {{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }} 28 | - type: Resource 29 | resource: 30 | name: cpu 31 | targetAverageUtilization: {{ . }} 32 | {{- end }} 33 | {{- end }} 34 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-controller-servicemonitor.yaml: -------------------------------------------------------------------------------- 1 | {{- if and (or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled) .Values.controller.serviceMonitor.enabled }} 2 | apiVersion: monitoring.coreos.com/v1 3 | kind: ServiceMonitor 4 | metadata: 5 | name: {{ .Release.Name }}-{{ .Values.controller.name }} 6 | labels: 7 | app: {{ .Release.Name }}-{{ .Values.controller.name}} 8 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | {{- if .Values.controller.serviceMonitor.additionalLabels }} 12 | {{ toYaml .Values.controller.serviceMonitor.additionalLabels | indent 4 }} 13 | {{- end }} 14 | spec: 15 | endpoints: 16 | {{- if .Values.controller.metricsConfig.enabled }} 17 | - port: metrics 18 | path: {{ .Values.controller.metricsConfig.path }} 19 | interval: 30s 20 | {{- end }} 21 | {{- if .Values.controller.telemetryConfig.enabled }} 22 | - port: telemetry 23 | path: {{ .Values.controller.telemetryConfig.path }} 24 | interval: 30s 25 | {{- end }} 26 | namespaceSelector: 27 | matchNames: 28 | - {{ .Release.Namespace }} 29 | selector: 30 | matchLabels: 31 | app: {{ .Release.Name }}-{{ .Values.controller.name}} 32 | release: {{ .Release.Name }} 33 | {{- end }} 34 | -------------------------------------------------------------------------------- /charts/argo/templates/server-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ .Release.Name }}-{{ .Values.server.name }} 6 | labels: 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | {{- if .Values.server.serviceLabels }} 11 | {{- toYaml .Values.server.serviceLabels | nindent 4 }} 12 | {{- end }} 13 | {{- if .Values.server.serviceAnnotations }} 14 | annotations: 15 | {{ toYaml .Values.server.serviceAnnotations | indent 4}}{{- end }} 16 | spec: 17 | ports: 18 | - port: {{ .Values.server.servicePort }} 19 | {{- if .Values.server.servicePortName }} 20 | name: {{ .Values.server.servicePortName }} 21 | {{- end }} 22 | targetPort: 2746 23 | selector: 24 | app: {{ .Release.Name }}-{{ .Values.server.name }} 25 | sessionAffinity: None 26 | type: {{ .Values.server.serviceType }} 27 | {{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerIP }} 28 | loadBalancerIP: {{ .Values.server.loadBalancerIP | quote }} 29 | {{- end }} 30 | {{- if and (eq .Values.server.serviceType "LoadBalancer") .Values.server.loadBalancerSourceRanges }} 31 | loadBalancerSourceRanges: 32 | {{ toYaml .Values.server.loadBalancerSourceRanges | indent 4 }}{{- end }} 33 | {{- end -}} 34 | -------------------------------------------------------------------------------- /charts/argo-ci/templates/ci-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ .Release.Name }}-ci 5 | labels: 6 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 7 | release: {{ .Release.Name }} 8 | heritage: {{ .Release.Service }} 9 | spec: 10 | selector: 11 | matchLabels: 12 | app: {{ .Release.Name }}-ci 13 | release: {{ .Release.Name }} 14 | template: 15 | metadata: 16 | labels: 17 | app: {{ .Release.Name }}-ci 18 | release: {{ .Release.Name }} 19 | spec: 20 | containers: 21 | - name: ci 22 | image: "{{ .Values.imageNamespace }}/{{ .Values.ciImage }}:{{ .Values.imageTag }}" 23 | imagePullPolicy: {{ .Values.imagePullPolicy }} 24 | env: 25 | - name: IN_CLUSTER 26 | value: "true" 27 | - name: NAMESPACE 28 | value: {{ .Values.workflowNamespace }} 29 | - name: ARGO_CI_IMAGE 30 | value: "{{ .Values.imageNamespace }}/{{ .Values.ciImage }}:{{ .Values.imageTag }}" 31 | - name: CONTROLLER_INSTANCE_ID 32 | value: {{ .Release.Name }} 33 | ports: 34 | - containerPort: 8001 35 | - containerPort: 8002 36 | {{- with .Values.imagePullSecrets }} 37 | imagePullSecrets: 38 | {{- toYaml . | nindent 8 }} 39 | {{- end }} 40 | -------------------------------------------------------------------------------- /scripts/publish.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -eux 3 | 4 | SRCROOT="$(cd "$(dirname "$0")/.." && pwd)" 5 | GIT_PUSH=${GIT_PUSH:-false} 6 | 7 | rm -rf $SRCROOT/output && git clone -b gh-pages git@github.com:argoproj/argo-helm.git $SRCROOT/output 8 | 9 | helm repo add stable https://kubernetes-charts.storage.googleapis.com 10 | helm repo add argoproj https://argoproj.github.io/argo-helm 11 | 12 | for dir in $(find $SRCROOT/charts -mindepth 1 -maxdepth 1 -type d); 13 | do 14 | rm -rf $dir/charts 15 | 16 | name=$(basename $dir) 17 | 18 | if [ $(helm dep list $dir 2>/dev/null| wc -l) -gt 1 ] 19 | then 20 | # Bug with Helm subcharts with hyphen on them 21 | # https://github.com/argoproj/argo-helm/pull/270#issuecomment-608695684 22 | if [ "$name" == "argo-cd" ] 23 | then 24 | echo "Restore ArgoCD RedisHA subchart" 25 | git checkout $dir 26 | fi 27 | echo "Processing chart dependencies" 28 | helm --debug dep build $dir 29 | fi 30 | 31 | echo "Processing $dir" 32 | helm --debug package $dir 33 | done 34 | 35 | cp $SRCROOT/*.tgz output/ 36 | cd $SRCROOT/output && helm repo index . 37 | 38 | cd $SRCROOT/output && git status 39 | 40 | if [ "$GIT_PUSH" == "true" ] 41 | then 42 | cd $SRCROOT/output && git add . && git commit -m "Publish charts" && git push git@github.com:argoproj/argo-helm.git gh-pages 43 | fi 44 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-ha-announce-service.yaml: -------------------------------------------------------------------------------- 1 | {{- $fullName := include "redis-ha.fullname" . }} 2 | {{- $namespace := .Release.Namespace -}} 3 | {{- $replicas := int (toString .Values.replicas) }} 4 | {{- $root := . }} 5 | {{- range $i := until $replicas }} 6 | --- 7 | apiVersion: v1 8 | kind: Service 9 | metadata: 10 | name: {{ $fullName }}-announce-{{ $i }} 11 | namespace: {{ $namespace }} 12 | labels: 13 | {{ include "labels.standard" $root | indent 4 }} 14 | annotations: 15 | service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" 16 | {{- if $root.Values.serviceAnnotations }} 17 | {{ toYaml $root.Values.serviceAnnotations | indent 4 }} 18 | {{- end }} 19 | spec: 20 | publishNotReadyAddresses: true 21 | type: ClusterIP 22 | ports: 23 | - name: server 24 | port: {{ $root.Values.redis.port }} 25 | protocol: TCP 26 | targetPort: redis 27 | - name: sentinel 28 | port: {{ $root.Values.sentinel.port }} 29 | protocol: TCP 30 | targetPort: sentinel 31 | {{- if $root.Values.exporter.enabled }} 32 | - name: exporter 33 | port: {{ $root.Values.exporter.port }} 34 | protocol: TCP 35 | targetPort: exporter-port 36 | {{- end }} 37 | selector: 38 | release: {{ $root.Release.Name }} 39 | app: {{ include "redis-ha.name" $root }} 40 | "statefulset.kubernetes.io/pod-name": {{ $fullName }}-server-{{ $i }} 41 | {{- end }} 42 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-controller-crb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | {{- if .Values.singleNamespace }} 3 | kind: RoleBinding 4 | {{ else }} 5 | kind: ClusterRoleBinding 6 | {{- end }} 7 | metadata: 8 | name: {{ .Release.Name }}-{{ .Values.controller.name }} 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: ClusterRole 12 | name: {{ .Release.Name }}-{{ .Values.controller.name }} 13 | subjects: 14 | - kind: ServiceAccount 15 | name: {{ .Values.controller.serviceAccount }} 16 | namespace: {{ .Release.Namespace }} 17 | {{- if .Values.controller.workflowNamespaces }} 18 | {{- $uiServiceAccount := .Values.controller.serviceAccount }} 19 | {{- $namespace := .Release.Namespace }} 20 | {{- range $key := .Values.controller.workflowNamespaces }} 21 | {{- if not (eq $key $namespace) }} 22 | - kind: ServiceAccount 23 | name: {{ $uiServiceAccount }} 24 | namespace: {{ $key }} 25 | {{- end }} 26 | {{- end }} 27 | {{- end }} 28 | --- 29 | apiVersion: rbac.authorization.k8s.io/v1 30 | kind: ClusterRoleBinding 31 | metadata: 32 | name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template 33 | roleRef: 34 | apiGroup: rbac.authorization.k8s.io 35 | kind: ClusterRole 36 | name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template 37 | subjects: 38 | - kind: ServiceAccount 39 | name: {{ .Values.controller.serviceAccount }} 40 | namespace: {{ .Release.Namespace }} 41 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-ha-servicemonitor.yaml: -------------------------------------------------------------------------------- 1 | {{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) ( .Values.exporter.serviceMonitor.enabled ) ( .Values.exporter.enabled ) }} 2 | apiVersion: monitoring.coreos.com/v1 3 | kind: ServiceMonitor 4 | metadata: 5 | {{- if .Values.exporter.serviceMonitor.labels }} 6 | labels: 7 | {{ toYaml .Values.exporter.serviceMonitor.labels | indent 4}} 8 | {{- end }} 9 | name: {{ template "redis-ha.fullname" . }} 10 | namespace: {{ .Release.Namespace }} 11 | {{- if .Values.exporter.serviceMonitor.namespace }} 12 | namespace: {{ .Values.exporter.serviceMonitor.namespace }} 13 | {{- end }} 14 | spec: 15 | endpoints: 16 | - targetPort: {{ .Values.exporter.port }} 17 | {{- if .Values.exporter.serviceMonitor.interval }} 18 | interval: {{ .Values.exporter.serviceMonitor.interval }} 19 | {{- end }} 20 | {{- if .Values.exporter.serviceMonitor.telemetryPath }} 21 | path: {{ .Values.exporter.serviceMonitor.telemetryPath }} 22 | {{- end }} 23 | {{- if .Values.exporter.serviceMonitor.timeout }} 24 | scrapeTimeout: {{ .Values.exporter.serviceMonitor.timeout }} 25 | {{- end }} 26 | jobLabel: {{ template "redis-ha.fullname" . }} 27 | namespaceSelector: 28 | matchNames: 29 | - {{ .Release.Namespace }} 30 | selector: 31 | matchLabels: 32 | app: {{ template "redis-ha.name" . }} 33 | release: {{ .Release.Name }} 34 | servicemonitor: enabled 35 | {{- end }} 36 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/dex/servicemonitor.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} 2 | apiVersion: monitoring.coreos.com/v1 3 | kind: ServiceMonitor 4 | metadata: 5 | name: {{ template "argo-cd.dex.fullname" . }} 6 | {{- if .Values.dex.metrics.serviceMonitor.namespace }} 7 | namespace: {{ .Values.dex.metrics.serviceMonitor.namespace }} 8 | {{- end }} 9 | labels: 10 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} 11 | helm.sh/chart: {{ include "argo-cd.chart" . }} 12 | app.kubernetes.io/instance: {{ .Release.Name }} 13 | app.kubernetes.io/managed-by: {{ .Release.Service }} 14 | app.kubernetes.io/part-of: argocd 15 | app.kubernetes.io/component: {{ .Values.dex.name }} 16 | {{- if .Values.dex.metrics.serviceMonitor.selector }} 17 | {{- toYaml .Values.dex.metrics.serviceMonitor.selector | nindent 4 }} 18 | {{- end }} 19 | {{- if .Values.dex.metrics.serviceMonitor.additionalLabels }} 20 | {{- toYaml .Values.dex.metrics.serviceMonitor.additionalLabels | nindent 4 }} 21 | {{- end }} 22 | spec: 23 | endpoints: 24 | - port: metrics 25 | interval: 30s 26 | path: /metrics 27 | namespaceSelector: 28 | matchNames: 29 | - {{ .Release.Namespace }} 30 | selector: 31 | matchLabels: 32 | app.kubernetes.io/instance: {{ .Release.Name }} 33 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} 34 | app.kubernetes.io/component: {{ .Values.dex.name }} 35 | {{- end }} -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-haproxy-servicemonitor.yaml: -------------------------------------------------------------------------------- 1 | {{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) ( .Values.haproxy.metrics.serviceMonitor.enabled ) ( .Values.haproxy.metrics.enabled ) }} 2 | apiVersion: monitoring.coreos.com/v1 3 | kind: ServiceMonitor 4 | metadata: 5 | {{- with .Values.haproxy.metrics.serviceMonitor.labels }} 6 | labels: {{ toYaml . | nindent 4}} 7 | {{- end }} 8 | name: {{ template "redis-ha.fullname" . }}-haproxy 9 | namespace: {{ .Release.Namespace }} 10 | {{- if .Values.haproxy.metrics.serviceMonitor.namespace }} 11 | namespace: {{ .Values.haproxy.metrics.serviceMonitor.namespace }} 12 | {{- end }} 13 | spec: 14 | endpoints: 15 | - targetPort: {{ .Values.haproxy.metrics.port }} 16 | {{- if .Values.haproxy.metrics.serviceMonitor.interval }} 17 | interval: {{ .Values.haproxy.metrics.serviceMonitor.interval }} 18 | {{- end }} 19 | {{- if .Values.haproxy.metrics.serviceMonitor.telemetryPath }} 20 | path: {{ .Values.haproxy.metrics.serviceMonitor.telemetryPath }} 21 | {{- end }} 22 | {{- if .Values.haproxy.metrics.serviceMonitor.timeout }} 23 | scrapeTimeout: {{ .Values.haproxy.metrics.serviceMonitor.timeout }} 24 | {{- end }} 25 | jobLabel: {{ template "redis-ha.fullname" . }}-haproxy 26 | namespaceSelector: 27 | matchNames: 28 | - {{ .Release.Namespace }} 29 | selector: 30 | matchLabels: 31 | app: {{ template "redis-ha.name" . }} 32 | release: {{ .Release.Name }} 33 | component: {{ template "redis-ha.fullname" . }}-haproxy 34 | {{- end }} 35 | -------------------------------------------------------------------------------- /charts/argo/templates/server-ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | {{- if .Values.server.ingress.enabled -}} 3 | {{- $serviceName := printf "%s-%s" .Release.Name .Values.server.name -}} 4 | {{- $servicePort := .Values.server.servicePort -}} 5 | {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} 6 | apiVersion: networking.k8s.io/v1beta1 7 | {{ else }} 8 | apiVersion: extensions/v1beta1 9 | {{ end -}} 10 | kind: Ingress 11 | metadata: 12 | name: {{ .Release.Name }}-{{ .Values.server.name }} 13 | labels: 14 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 15 | release: {{ .Release.Name }} 16 | heritage: {{ .Release.Service }} 17 | annotations: 18 | {{- range $key, $value := .Values.server.ingress.annotations }} 19 | {{ $key }}: {{ $value | quote }} 20 | {{- end }} 21 | spec: 22 | rules: 23 | {{- range .Values.server.ingress.hosts }} 24 | - host: {{ . }} 25 | http: 26 | paths: 27 | {{- if $.Values.server.ingress.paths }} 28 | {{- range $.Values.server.ingress.paths }} 29 | - backend: 30 | serviceName: {{ .serviceName }} 31 | servicePort: {{ .servicePort }} 32 | {{- end }} 33 | {{- end }} 34 | - backend: 35 | serviceName: {{ $serviceName }} 36 | servicePort: {{ $servicePort }} 37 | {{- end -}} 38 | {{- if .Values.server.ingress.tls }} 39 | tls: 40 | {{ toYaml .Values.server.ingress.tls | indent 4 }} 41 | {{- end -}} 42 | {{- end -}} 43 | {{- end -}} 44 | -------------------------------------------------------------------------------- /.argo/publish.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | type: workflow 3 | version: 1 4 | name: Publish Charts 5 | inputs: 6 | parameters: 7 | COMMIT: 8 | default: "%%session.commit%%" 9 | REPO: 10 | default: "%%session.repo%%" 11 | steps: 12 | - CHECKOUT: 13 | template: argo-checkout 14 | - PREPARE: 15 | image: hypnoglow/kubernetes-helm:v2.6.1 16 | resources: 17 | mem_mib: 500 18 | cpu_cores: 0.1 19 | command: ["sh", "-c"] 20 | args: [cd /src && helm init --client-only && ./scripts/publish.sh] 21 | inputs: 22 | artifacts: 23 | CODE: 24 | from: "%%steps.CHECKOUT.outputs.artifacts.CODE%%" 25 | path: /src 26 | outputs: 27 | artifacts: 28 | CODE: 29 | path: /src/output 30 | - PUBLISH: 31 | image: argoproj/argoscm:v2.0 32 | command: ["sh", "-c"] 33 | args: [ 34 | axscm clone %%inputs.parameters.REPO%% --commit gh-pages /src && cd /src && cp -r /output/* . && 35 | git add . && git commit -m "Build on `date`" && 36 | axscm clone %%inputs.parameters.REPO%% /src --commit gh-pages --merge=gh-pages --push] 37 | resources: 38 | mem_mib: 500 39 | cpu_cores: 0.1 40 | inputs: 41 | artifacts: 42 | CODE: 43 | from: "%%steps.PREPARE.outputs.artifacts.CODE%%" 44 | path: /output 45 | 46 | --- 47 | type: policy 48 | version: 1 49 | name: Publish Charts Policy 50 | template: Publish Charts 51 | notifications: 52 | - when: 53 | - on_failure 54 | whom: 55 | - committer 56 | - author 57 | when: 58 | - event: on_push 59 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} 2 | apiVersion: monitoring.coreos.com/v1 3 | kind: ServiceMonitor 4 | metadata: 5 | name: {{ template "argo-cd.controller.fullname" . }} 6 | {{- if .Values.controller.metrics.serviceMonitor.namespace }} 7 | namespace: {{ .Values.controller.metrics.serviceMonitor.namespace }} 8 | {{- end }} 9 | labels: 10 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} 11 | helm.sh/chart: {{ include "argo-cd.chart" . }} 12 | app.kubernetes.io/instance: {{ .Release.Name }} 13 | app.kubernetes.io/managed-by: {{ .Release.Service }} 14 | app.kubernetes.io/part-of: argocd 15 | app.kubernetes.io/component: {{ .Values.controller.name }} 16 | {{- if .Values.controller.metrics.serviceMonitor.selector }} 17 | {{- toYaml .Values.controller.metrics.serviceMonitor.selector | nindent 4 }} 18 | {{- end }} 19 | {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }} 20 | {{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }} 21 | {{- end }} 22 | spec: 23 | endpoints: 24 | - port: metrics 25 | interval: 30s 26 | path: /metrics 27 | namespaceSelector: 28 | matchNames: 29 | - {{ .Release.Namespace }} 30 | selector: 31 | matchLabels: 32 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics 33 | app.kubernetes.io/component: {{ .Values.controller.name }} 34 | {{- end }} 35 | 36 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/servicemonitor.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }} 2 | apiVersion: monitoring.coreos.com/v1 3 | kind: ServiceMonitor 4 | metadata: 5 | name: {{ template "argo-cd.server.fullname" . }} 6 | {{- if .Values.server.metrics.serviceMonitor.namespace }} 7 | namespace: {{ .Values.server.metrics.serviceMonitor.namespace }} 8 | {{- end }} 9 | labels: 10 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 11 | helm.sh/chart: {{ include "argo-cd.chart" . }} 12 | app.kubernetes.io/instance: {{ .Release.Name }} 13 | app.kubernetes.io/managed-by: {{ .Release.Service }} 14 | app.kubernetes.io/part-of: argocd 15 | app.kubernetes.io/component: {{ .Values.server.name }} 16 | {{- if .Values.server.metrics.serviceMonitor.selector }} 17 | {{- toYaml .Values.server.metrics.serviceMonitor.selector | nindent 4 }} 18 | {{- end }} 19 | {{- if .Values.server.metrics.serviceMonitor.additionalLabels }} 20 | {{- toYaml .Values.server.metrics.serviceMonitor.additionalLabels | nindent 4 }} 21 | {{- end }} 22 | spec: 23 | endpoints: 24 | - port: metrics 25 | interval: 30s 26 | path: /metrics 27 | namespaceSelector: 28 | matchNames: 29 | - {{ .Release.Namespace }} 30 | selector: 31 | matchLabels: 32 | app.kubernetes.io/instance: {{ .Release.Name }} 33 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics 34 | app.kubernetes.io/component: {{ .Values.server.name }} 35 | {{- end }} 36 | 37 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.secret.create }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ include "argocd-notifications.name" . }}-secret 6 | labels: 7 | {{- include "argocd-notifications.labels" . | nindent 4 }} 8 | type: Opaque 9 | stringData: 10 | notifiers.yaml: | 11 | {{- if .Values.secret.notifiers.slack.enabled }} 12 | slack: 13 | token: {{ .Values.secret.notifiers.slack.token }} 14 | username: {{ .Values.secret.notifiers.slack.username }} 15 | icon: {{ .Values.secret.notifiers.slack.icon | quote }} 16 | signingSecret: {{ .Values.secret.notifiers.slack.signingSecret }} 17 | {{- end }} 18 | {{- if .Values.secret.notifiers.grafana.enabled }} 19 | grafana: 20 | apiUrl: {{ .Values.secret.notifiers.grafana.apiUrl }} 21 | apiKey: {{ .Values.secret.notifiers.grafana.apiKey }} 22 | {{- end }} 23 | {{- if .Values.secret.notifiers.webhooks }} 24 | webhook: 25 | {{- range $k, $v := .Values.secret.notifiers.webhooks }} 26 | - name: {{ $k }} 27 | {{- $v | toYaml | nindent 8 }} 28 | {{- end }} 29 | {{- end }} 30 | {{- if .Values.secret.notifiers.email.enabled }} 31 | email: 32 | host: {{ .Values.secret.notifiers.email.host | quote }} 33 | port: {{ .Values.secret.notifiers.email.port }} 34 | insecure_skip_verify: {{ .Values.secret.notifiers.email.insecure_skip_verify }} 35 | username: {{ .Values.secret.notifiers.email.username | quote }} 36 | password: {{ .Values.secret.notifiers.email.password | quote }} 37 | from: {{ .Values.secret.notifiers.email.from | quote }} 38 | {{- end }} 39 | {{ end }} 40 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-haproxy-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.haproxy.enabled }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ template "redis-ha.fullname" . }}-haproxy 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{ include "labels.standard" . | indent 4 }} 9 | component: {{ template "redis-ha.fullname" . }}-haproxy 10 | annotations: 11 | {{- if .Values.haproxy.service.annotations }} 12 | {{ toYaml .Values.haproxy.service.annotations | indent 4 }} 13 | {{- end }} 14 | spec: 15 | type: {{ default "ClusterIP" .Values.haproxy.service.type }} 16 | {{- if and (eq .Values.haproxy.service.type "LoadBalancer") .Values.haproxy.service.loadBalancerIP }} 17 | loadBalancerIP: {{ .Values.haproxy.service.loadBalancerIP }} 18 | {{- end }} 19 | ports: 20 | - name: haproxy 21 | port: {{ .Values.redis.port }} 22 | protocol: TCP 23 | targetPort: redis 24 | {{- if and (eq .Values.haproxy.service.type "NodePort") .Values.haproxy.service.nodePort }} 25 | nodePort: {{ .Values.haproxy.service.nodePort }} 26 | {{- end }} 27 | {{- if .Values.haproxy.readOnly.enabled }} 28 | - name: haproxyreadonly 29 | port: {{ .Values.haproxy.readOnly.port }} 30 | protocol: TCP 31 | targetPort: {{ .Values.haproxy.readOnly.port }} 32 | {{- end }} 33 | {{- if .Values.haproxy.metrics.enabled }} 34 | - name: {{ .Values.haproxy.metrics.portName }} 35 | port: {{ .Values.haproxy.metrics.port }} 36 | protocol: TCP 37 | targetPort: metrics-port 38 | {{- end }} 39 | selector: 40 | release: {{ .Release.Name }} 41 | app: {{ template "redis-ha.name" . }}-haproxy 42 | {{- end }} 43 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }} 2 | apiVersion: monitoring.coreos.com/v1 3 | kind: ServiceMonitor 4 | metadata: 5 | name: {{ template "argo-cd.repoServer.fullname" . }} 6 | {{- if .Values.repoServer.metrics.serviceMonitor.namespace }} 7 | namespace: {{ .Values.repoServer.metrics.serviceMonitor.namespace }} 8 | {{- end }} 9 | labels: 10 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.repoServer.name }} 11 | helm.sh/chart: {{ include "argo-cd.chart" . }} 12 | app.kubernetes.io/instance: {{ .Release.Name }} 13 | app.kubernetes.io/managed-by: {{ .Release.Service }} 14 | app.kubernetes.io/part-of: argocd 15 | app.kubernetes.io/component: {{ .Values.repoServer.name }} 16 | {{- if .Values.repoServer.metrics.serviceMonitor.selector }} 17 | {{- toYaml .Values.repoServer.metrics.serviceMonitor.selector | nindent 4 }} 18 | {{- end }} 19 | {{- if .Values.repoServer.metrics.serviceMonitor.additionalLabels }} 20 | {{- toYaml .Values.repoServer.metrics.serviceMonitor.additionalLabels | nindent 4 }} 21 | {{- end }} 22 | spec: 23 | endpoints: 24 | - port: metrics 25 | interval: 30s 26 | path: /metrics 27 | namespaceSelector: 28 | matchNames: 29 | - {{ .Release.Namespace }} 30 | selector: 31 | matchLabels: 32 | app.kubernetes.io/instance: {{ .Release.Name }} 33 | app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics 34 | app.kubernetes.io/component: {{ .Values.repoServer.name }} 35 | {{- end }} 36 | 37 | -------------------------------------------------------------------------------- /charts/argo-events/templates/sensor-controller-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ .Release.Name }}-{{ .Values.sensorController.name }} 5 | labels: 6 | app: {{ .Release.Name }}-{{ .Values.sensorController.name }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | spec: 11 | replicas: {{ .Values.sensorController.replicaCount }} 12 | selector: 13 | matchLabels: 14 | app: {{ .Release.Name }}-{{ .Values.sensorController.name }} 15 | release: {{ .Release.Name }} 16 | template: 17 | metadata: 18 | labels: 19 | app: {{ .Release.Name }}-{{ .Values.sensorController.name }} 20 | release: {{ .Release.Name }} 21 | spec: 22 | serviceAccountName: {{ .Values.serviceAccount }} 23 | containers: 24 | - name: {{ .Values.sensorController.name }} 25 | image: "{{ .Values.registry }}/{{ .Values.sensorController.image }}:{{ .Values.sensorController.tag }}" 26 | imagePullPolicy: {{ .Values.imagePullPolicy }} 27 | {{- if .Values.singleNamespace }} 28 | args: 29 | - --namespaced 30 | {{- end }} 31 | env: 32 | - name: NAMESPACE 33 | valueFrom: 34 | fieldRef: 35 | fieldPath: metadata.namespace 36 | - name: SENSOR_IMAGE 37 | value: "{{ .Values.registry }}/{{ .Values.sensorController.sensorImage }}:{{ .Values.sensorController.tag }}" 38 | {{- with .Values.imagePullSecrets }} 39 | imagePullSecrets: 40 | {{- toYaml . | nindent 8 }} 41 | {{- end }} 42 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-controller-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if or .Values.controller.metricsConfig.enabled .Values.controller.telemetryConfig.enabled }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ .Release.Name }}-{{ .Values.controller.name }} 6 | labels: 7 | app: {{ .Release.Name }}-{{ .Values.controller.name}} 8 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | {{- if .Values.controller.serviceLabels }} 12 | {{ toYaml .Values.controller.serviceLabels | nindent 4}} 13 | {{- end }} 14 | {{- if .Values.controller.serviceAnnotations }} 15 | annotations: 16 | {{ toYaml .Values.controller.serviceAnnotations | indent 4}}{{- end }} 17 | spec: 18 | ports: 19 | {{- if .Values.controller.metricsConfig.enabled }} 20 | - name: {{ .Values.controller.metricsServicePortName }} 21 | port: {{ .Values.controller.metricsServicePort }} 22 | protocol: TCP 23 | targetPort: {{ .Values.controller.metricsConfig.port }} 24 | {{- end }} 25 | {{- if .Values.controller.telemetryConfig.enabled }} 26 | - name: {{ .Values.controller.telemetryServicePortName }} 27 | port: {{ .Values.controller.telemetryServicePort }} 28 | protocol: TCP 29 | targetPort: {{ .Values.controller.telemetryConfig.port }} 30 | {{- end }} 31 | selector: 32 | app: {{ .Release.Name }}-{{ .Values.controller.name }} 33 | sessionAffinity: None 34 | type: {{ .Values.controller.serviceType }} 35 | {{- if and (eq .Values.controller.serviceType "LoadBalancer") .Values.controller.loadBalancerSourceRanges }} 36 | loadBalancerSourceRanges: 37 | {{ toYaml .Values.controller.loadBalancerSourceRanges | indent 4 }}{{- end }} 38 | {{- end -}} 39 | -------------------------------------------------------------------------------- /charts/argo-events/templates/eventsource-controller-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} 5 | labels: 6 | app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | spec: 11 | replicas: {{ .Values.eventsourceController.replicaCount }} 12 | selector: 13 | matchLabels: 14 | app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} 15 | release: {{ .Release.Name }} 16 | template: 17 | metadata: 18 | labels: 19 | app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} 20 | release: {{ .Release.Name }} 21 | spec: 22 | serviceAccountName: {{ .Values.serviceAccount }} 23 | containers: 24 | - name: {{ .Values.eventsourceController.name }} 25 | image: "{{ .Values.registry }}/{{ .Values.eventsourceController.image }}:{{ .Values.eventsourceController.tag }}" 26 | imagePullPolicy: {{ .Values.imagePullPolicy }} 27 | {{- if .Values.singleNamespace }} 28 | args: 29 | - --namespaced 30 | {{- end }} 31 | env: 32 | - name: NAMESPACE 33 | valueFrom: 34 | fieldRef: 35 | fieldPath: metadata.namespace 36 | - name: EVENTSOURCE_IMAGE 37 | value: "{{ .Values.registry }}/{{ .Values.eventsourceController.eventsourceImage }}:{{ .Values.eventsourceController.tag }}" 38 | {{- with .Values.imagePullSecrets }} 39 | imagePullSecrets: 40 | {{- toYaml . | nindent 8 }} 41 | {{- end }} 42 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/projects.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.additionalProjects }} 2 | apiVersion: v1 3 | kind: List 4 | items: 5 | {{- range .Values.server.additionalProjects }} 6 | - apiVersion: argoproj.io/v1alpha1 7 | kind: AppProject 8 | metadata: 9 | {{- if .additionalAnnotations }} 10 | annotations: 11 | {{- range $key, $value := .additionalAnnotations }} 12 | {{ $key }}: {{ $value | quote }} 13 | {{- end }} 14 | {{- end }} 15 | {{- if .additionalLabels }} 16 | labels: 17 | {{- toYaml .additionalLabels | nindent 8 }} 18 | {{- end }} 19 | name: {{ .name }} 20 | {{- if .namespace }} 21 | namespace: {{ .namespace }} 22 | {{- end }} 23 | spec: 24 | description: {{ .description }} 25 | sourceRepos: 26 | {{- toYaml .sourceRepos | nindent 8 }} 27 | destinations: 28 | {{- toYaml .destinations | nindent 8 }} 29 | {{- if .clusterResourceWhitelist }} 30 | clusterResourceWhitelist: 31 | {{- toYaml .clusterResourceWhitelist | nindent 8 }} 32 | {{- end }} 33 | {{- if .namespaceResourceBlacklist }} 34 | namespaceResourceBlacklist: 35 | {{- toYaml .namespaceResourceBlacklist | nindent 8 }} 36 | {{- end }} 37 | {{- if .namespaceResourceWhitelist }} 38 | namespaceResourceWhitelist: 39 | {{- toYaml .namespaceResourceWhitelist | nindent 8 }} 40 | {{- end }} 41 | {{- if .orphanedResources }} 42 | orphanedResources: 43 | {{- toYaml .orphanedResources | nindent 8 }} 44 | {{- end }} 45 | {{- if .roles }} 46 | roles: 47 | {{- toYaml .roles | nindent 8 }} 48 | {{- end }} 49 | {{- if .syncWindows }} 50 | syncWindows: 51 | {{- toYaml .syncWindows | nindent 8 }} 52 | {{- end }} 53 | {{- end }} 54 | {{- end }} 55 | -------------------------------------------------------------------------------- /charts/argo-events/templates/eventbus-controller-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ .Release.Name }}-{{ .Values.eventbusController.name }} 5 | labels: 6 | app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | spec: 11 | replicas: {{ .Values.eventbusController.replicaCount }} 12 | selector: 13 | matchLabels: 14 | app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} 15 | release: {{ .Release.Name }} 16 | template: 17 | metadata: 18 | labels: 19 | app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} 20 | release: {{ .Release.Name }} 21 | spec: 22 | serviceAccountName: {{ .Values.serviceAccount }} 23 | containers: 24 | - name: {{ .Values.eventbusController.name }} 25 | image: "{{ .Values.registry }}/{{ .Values.eventbusController.image }}:{{ .Values.eventbusController.tag }}" 26 | imagePullPolicy: {{ .Values.imagePullPolicy }} 27 | {{- if .Values.singleNamespace }} 28 | args: 29 | - --namespaced 30 | {{- end }} 31 | env: 32 | - name: NAMESPACE 33 | valueFrom: 34 | fieldRef: 35 | fieldPath: metadata.namespace 36 | - name: NATS_STREAMING_IMAGE 37 | value: {{ .Values.eventbusController.natsStreamingImage }} 38 | - name: NATS_METRICS_EXPORTER_IMAGE 39 | value: {{ .Values.eventbusController.natsMetricsExporterImage }} 40 | {{- with .Values.imagePullSecrets }} 41 | imagePullSecrets: 42 | {{- toYaml . | nindent 8 }} 43 | {{- end }} 44 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | {{- if .Values.server.service.annotations }} 5 | annotations: 6 | {{- range $key, $value := .Values.server.service.annotations }} 7 | {{ $key }}: {{ $value | quote }} 8 | {{- end }} 9 | {{- end }} 10 | name: {{ template "argo-cd.server.fullname" . }} 11 | labels: 12 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 13 | helm.sh/chart: {{ include "argo-cd.chart" . }} 14 | app.kubernetes.io/instance: {{ .Release.Name }} 15 | app.kubernetes.io/managed-by: {{ .Release.Service }} 16 | app.kubernetes.io/part-of: argocd 17 | app.kubernetes.io/component: {{ .Values.server.name }} 18 | {{- if .Values.server.service.labels }} 19 | {{- toYaml .Values.server.service.labels | nindent 4 }} 20 | {{- end }} 21 | spec: 22 | type: {{ .Values.server.service.type }} 23 | ports: 24 | - name: {{ .Values.server.service.servicePortHttpName }} 25 | protocol: TCP 26 | port: {{ .Values.server.service.servicePortHttp }} 27 | targetPort: {{ .Values.server.name }} 28 | - name: {{ .Values.server.service.servicePortHttpsName }} 29 | protocol: TCP 30 | port: {{ .Values.server.service.servicePortHttps }} 31 | targetPort: {{ .Values.server.name }} 32 | selector: 33 | app.kubernetes.io/instance: {{ .Release.Name }} 34 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 35 | {{- if eq .Values.server.service.type "LoadBalancer" }} 36 | {{- if .Values.server.service.loadBalancerIP }} 37 | loadBalancerIP: {{ .Values.server.service.loadBalancerIP | quote }} 38 | {{- end }} 39 | {{- if .Values.server.service.loadBalancerSourceRanges }} 40 | loadBalancerSourceRanges: 41 | {{ toYaml .Values.server.service.loadBalancerSourceRanges | indent 4 }} 42 | {{- end }} 43 | {{- end -}} 44 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/bots/slack/deployment.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.bots.slack.enabled }} 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{ include "argocd-notifications.name" . }}-bot 6 | labels: 7 | {{- include "argocd-notifications.bots.slack.labels" . | nindent 4 }} 8 | spec: 9 | strategy: 10 | {{- .Values.bots.slack.updateStrategy | toYaml | nindent 4 }} 11 | selector: 12 | matchLabels: 13 | {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 6 }} 14 | template: 15 | metadata: 16 | labels: 17 | {{- include "argocd-notifications.bots.slack.selectorLabels" . | nindent 8 }} 18 | spec: 19 | {{- with .Values.bots.slack.imagePullSecrets }} 20 | imagePullSecrets: 21 | {{- toYaml . | nindent 8 }} 22 | {{- end }} 23 | serviceAccountName: {{ include "argocd-notifications.bots.slack.serviceAccountName" . }} 24 | containers: 25 | - name: {{ include "argocd-notifications.name" . }}-bot 26 | image: "{{ .Values.bots.slack.image.repository }}:{{ .Values.bots.slack.image.tag }}" 27 | imagePullPolicy: {{ .Values.bots.slack.image.pullPolicy }} 28 | resources: 29 | {{- toYaml .Values.bots.slack.resources | nindent 12 }} 30 | command: 31 | - /app/argocd-notifications 32 | - bot 33 | ports: 34 | - containerPort: 8080 35 | name: http 36 | {{- with .Values.bots.slack.nodeSelector }} 37 | nodeSelector: 38 | {{- toYaml . | nindent 8 }} 39 | {{- end }} 40 | {{- with .Values.bots.slack.affinity }} 41 | affinity: 42 | {{- toYaml . | nindent 8 }} 43 | {{- end }} 44 | {{- with .Values.bots.slack.tolerations }} 45 | tolerations: 46 | {{- toYaml . | nindent 8 }} 47 | {{- end }} 48 | {{ end }} 49 | -------------------------------------------------------------------------------- /charts/argo-events/values.yaml: -------------------------------------------------------------------------------- 1 | # docker registry 2 | registry: argoproj 3 | 4 | # The image pull policy 5 | imagePullPolicy: Always 6 | 7 | # Secrets with credentials to pull images from a private registry 8 | imagePullSecrets: [] 9 | # - name: argo-pull-secret 10 | 11 | # If set to false, skip installing the CRDs. Requires user to have them installed prior to helm chart installation. 12 | installCRD: true 13 | 14 | # ServiceAccount to use for running controller. 15 | serviceAccount: argo-events-sa 16 | 17 | # Create service accounts in additional namespaces specified 18 | # The SA will always be created in the release namespaces 19 | additionalSaNamespaces: [] 20 | # - argo-prod 21 | additionalServiceAccountRules: 22 | - apiGroups: 23 | - apiextensions.k8s.io 24 | - apiextensions.k8s.io/v1beta1 25 | verbs: 26 | - create 27 | - delete 28 | - deletecollection 29 | - get 30 | - list 31 | - patch 32 | - update 33 | - watch 34 | resources: 35 | - customresourcedefinitions 36 | 37 | instanceID: argo-events 38 | 39 | # set `singleNamespace` to false to have the controllers 40 | # listen on all namespaces. Otherwise the controllers will listen 41 | # on the namespace provided 42 | namespace: argo-events 43 | singleNamespace: true 44 | 45 | # sensor controller 46 | sensorController: 47 | name: sensor-controller 48 | image: sensor-controller 49 | tag: v1.0.0 50 | replicaCount: 1 51 | sensorImage: sensor 52 | 53 | eventsourceController: 54 | name: eventsource-controller 55 | image: eventsource-controller 56 | tag: v1.0.0 57 | replicaCount: 1 58 | eventsourceImage: eventsource 59 | 60 | eventbusController: 61 | name: eventbus-controller 62 | image: eventbus-controller 63 | tag: v1.0.0 64 | replicaCount: 1 65 | natsStreamingImage: nats-streaming:0.17.0 66 | natsMetricsExporterImage: synadia/prometheus-nats-exporter:0.6.2 67 | -------------------------------------------------------------------------------- /charts/argo/templates/server-cluster-roles.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: {{ .Release.Name }}-{{ .Values.server.name }} 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - configmaps 11 | - events 12 | verbs: 13 | - get 14 | - watch 15 | - list 16 | - apiGroups: 17 | - "" 18 | resources: 19 | - secrets 20 | verbs: 21 | - get 22 | - apiGroups: 23 | - "" 24 | resources: 25 | - pods 26 | - pods/exec 27 | - pods/log 28 | verbs: 29 | - get 30 | - list 31 | - watch 32 | - delete 33 | {{- if .Values.controller.persistence }} 34 | - apiGroups: 35 | - "" 36 | resources: 37 | - secrets 38 | resourceNames: 39 | {{- if .Values.controller.persistence.postgresql }} 40 | - {{ .Values.controller.persistence.postgresql.userNameSecret.name }} 41 | - {{ .Values.controller.persistence.postgresql.passwordSecret.name }} 42 | {{- end}} 43 | {{- if .Values.controller.persistence.mysql }} 44 | - {{ .Values.controller.persistence.mysql.userNameSecret.name }} 45 | - {{ .Values.controller.persistence.mysql.passwordSecret.name }} 46 | {{- end}} 47 | verbs: 48 | - get 49 | {{- end}} 50 | - apiGroups: 51 | - argoproj.io 52 | resources: 53 | - workflows 54 | - workflowtemplates 55 | - cronworkflows 56 | verbs: 57 | - create 58 | - get 59 | - list 60 | - watch 61 | - update 62 | - patch 63 | - delete 64 | --- 65 | apiVersion: rbac.authorization.k8s.io/v1 66 | kind: ClusterRole 67 | metadata: 68 | name: {{ .Release.Name }}-{{ .Values.server.name }}-cluster-template 69 | rules: 70 | - apiGroups: 71 | - argoproj.io 72 | resources: 73 | - clusterworkflowtemplates 74 | verbs: 75 | - get 76 | - list 77 | - watch 78 | {{- if .Values.server.clusterWorkflowTemplates.enableEditing }} 79 | - create 80 | - update 81 | - patch 82 | - delete 83 | {{- end }} 84 | {{- end }} 85 | -------------------------------------------------------------------------------- /charts/argo-rollouts/templates/argo-rollouts-role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | name: {{ .Release.Name }}-role 5 | labels: 6 | app.kubernetes.io/component: {{ .Values.controller.component }} 7 | app.kubernetes.io/name: {{ .Release.Name }}-role 8 | app.kubernetes.io/part-of: {{ .Release.Name }} 9 | rules: 10 | - apiGroups: 11 | - apps 12 | resources: 13 | - replicasets 14 | verbs: 15 | - create 16 | - get 17 | - list 18 | - watch 19 | - update 20 | - patch 21 | - delete 22 | - apiGroups: 23 | - "" 24 | resources: 25 | - services 26 | verbs: 27 | - get 28 | - list 29 | - watch 30 | - patch 31 | - apiGroups: 32 | - argoproj.io 33 | resources: 34 | - rollouts 35 | verbs: 36 | - get 37 | - list 38 | - watch 39 | - update 40 | - patch 41 | - apiGroups: 42 | - argoproj.io 43 | resources: 44 | - analysisruns 45 | - experiments 46 | verbs: 47 | - create 48 | - get 49 | - list 50 | - watch 51 | - update 52 | - patch 53 | - delete 54 | - apiGroups: 55 | - argoproj.io 56 | resources: 57 | - analysistemplates 58 | verbs: 59 | - get 60 | - list 61 | - watch 62 | - apiGroups: 63 | - batch 64 | resources: 65 | - jobs 66 | verbs: 67 | - create 68 | - get 69 | - list 70 | - watch 71 | - update 72 | - patch 73 | - delete 74 | - apiGroups: 75 | - extensions 76 | resources: 77 | - ingresses 78 | verbs: 79 | - create 80 | - get 81 | - list 82 | - watch 83 | - patch 84 | - apiGroups: 85 | - "" 86 | resources: 87 | - events 88 | verbs: 89 | - create 90 | - update 91 | - patch 92 | - apiGroups: 93 | - "" 94 | resources: 95 | - secrets 96 | verbs: 97 | - get 98 | - list 99 | - watch 100 | - apiGroups: 101 | - "" 102 | resources: 103 | - pods 104 | verbs: 105 | - list 106 | - delete 107 | -------------------------------------------------------------------------------- /charts/argo-rollouts/templates/argo-rollouts-aggregate-roles.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: {{ .Release.Name }}-aggregate-to-view 5 | labels: 6 | rbac.authorization.k8s.io/aggregate-to-view: "true" 7 | app.kubernetes.io/component: aggregate-cluster-role 8 | app.kubernetes.io/name: {{ .Release.Name }}-aggregate-to-view 9 | app.kubernetes.io/part-of: {{ .Release.Name }} 10 | rules: 11 | - apiGroups: 12 | - argoproj.io 13 | resources: 14 | - rollouts 15 | - experiments 16 | - analysistemplates 17 | - analysisruns 18 | verbs: 19 | - get 20 | - list 21 | - watch 22 | 23 | --- 24 | apiVersion: rbac.authorization.k8s.io/v1 25 | kind: ClusterRole 26 | metadata: 27 | name: {{ .Release.Name }}-aggregate-to-edit 28 | labels: 29 | rbac.authorization.k8s.io/aggregate-to-edit: "true" 30 | app.kubernetes.io/component: aggregate-cluster-role 31 | app.kubernetes.io/name: {{ .Release.Name }}-aggregate-to-edit 32 | app.kubernetes.io/part-of: {{ .Release.Name }} 33 | rules: 34 | - apiGroups: 35 | - argoproj.io 36 | resources: 37 | - rollouts 38 | - experiments 39 | - analysistemplates 40 | - analysisruns 41 | verbs: 42 | - create 43 | - delete 44 | - deletecollection 45 | - get 46 | - list 47 | - patch 48 | - update 49 | - watch 50 | 51 | --- 52 | apiVersion: rbac.authorization.k8s.io/v1 53 | kind: ClusterRole 54 | metadata: 55 | name: {{ .Release.Name }}-aggregate-to-admin 56 | labels: 57 | rbac.authorization.k8s.io/aggregate-to-admin: "true" 58 | app.kubernetes.io/component: aggregate-cluster-role 59 | app.kubernetes.io/name: {{ .Release.Name }}-aggregate-to-admin 60 | app.kubernetes.io/part-of: {{ .Release.Name }} 61 | rules: 62 | - apiGroups: 63 | - argoproj.io 64 | resources: 65 | - rollouts 66 | - experiments 67 | - analysistemplates 68 | - analysisruns 69 | verbs: 70 | - create 71 | - delete 72 | - deletecollection 73 | - get 74 | - list 75 | - patch 76 | - update 77 | - watch 78 | -------------------------------------------------------------------------------- /charts/argo-rollouts/README.md: -------------------------------------------------------------------------------- 1 | Argo Rollouts Chart 2 | ============= 3 | A Helm chart for Argo Rollouts, progressive delivery for Kubernetes. 4 | 5 | Current chart version is `0.3.0` 6 | 7 | Source code can be found [here](https://github.com/argoproj/argo-rollouts) 8 | 9 | ## Additional Information 10 | This is a **community maintained** chart. This chart installs [argo-rollouts](https://argoproj.github.io/argo-rollouts/), progressive delivery for Kubernetes. 11 | 12 | The default installation is intended to be similar to the provided Argo Rollouts [releases](https://github.com/argoproj/argo-rollouts/releases). 13 | 14 | ## Prerequisites 15 | 16 | - Kubernetes 1.7+ 17 | 18 | 19 | ## Installing the Chart 20 | 21 | To install the chart with the release name `my-release`: 22 | 23 | ```console 24 | $ helm repo add argo https://argoproj.github.io/argo-helm 25 | $ helm install --name my-release argo/argo-rollouts 26 | ``` 27 | 28 | ## Chart Values 29 | 30 | | Key | Type | Default | Description | 31 | |-----|------|---------|-------------| 32 | | clusterInstall | bool | `true` | | 33 | | controller.component | string | `"rollouts-controller"` | | 34 | | controller.image.pullPolicy | string | `"IfNotPresent"` | | 35 | | controller.image.repository | string | `"argoproj/argo-rollouts"` | | 36 | | controller.image.tag | string | `"v0.8.0"` | | 37 | | controller.name | string | `"argo-rollouts"` | | 38 | | controller.resources | Resource limits and requests for the controller pods. | `{}` | 39 | | controller.tolerations | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | 40 | | controller.affinity | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | `{}` | 41 | | controller.nodeSelector | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | `{}` | 42 | | imagePullSecrets | list | `[]` | | 43 | | installCRDs | bool | `true` | | 44 | | podAnnotations | object | `{}` | | 45 | | podLabels | object | `{}` | | 46 | | serviceAccount.name | string | `"argo-rollouts"` | | 47 | -------------------------------------------------------------------------------- /charts/argo-rollouts/templates/argo-rollouts-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ .Release.Name }} 5 | {{- if .Values.podAnnotations }} 6 | annotations: 7 | {{- range $key, $value := .Values.podAnnotations }} 8 | {{ $key }}: {{ $value | quote }} 9 | {{- end }} 10 | {{- end }} 11 | labels: 12 | app.kubernetes.io/component: {{ .Values.controller.component }} 13 | app.kubernetes.io/name: {{ .Release.Name }} 14 | app.kubernetes.io/part-of: {{ .Release.Name }} 15 | {{- if .Values.podLabels }} 16 | {{- toYaml .Values.podLabels | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | selector: 20 | matchLabels: 21 | app.kubernetes.io/name: {{ .Release.Name }} 22 | template: 23 | metadata: 24 | labels: 25 | app.kubernetes.io/name: {{ .Release.Name }} 26 | spec: 27 | {{- with .Values.imagePullSecrets }} 28 | imagePullSecrets: 29 | {{- toYaml . | nindent 8 }} 30 | {{- end }} 31 | serviceAccountName: {{ .Values.serviceAccount.name }} 32 | containers: 33 | - command: 34 | - "/bin/rollouts-controller" 35 | image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}" 36 | imagePullPolicy: {{ .Values.controller.image.pullPolicy }} 37 | name: {{ .Values.controller.name }} 38 | volumeMounts: 39 | - name: tmp 40 | mountPath: /tmp 41 | resources: 42 | {{- toYaml .Values.controller.resources | nindent 10 }} 43 | {{- if .Values.controller.nodeSelector }} 44 | nodeSelector: 45 | {{- toYaml .Values.controller.nodeSelector | nindent 8 }} 46 | {{- end }} 47 | {{- if .Values.controller.tolerations }} 48 | tolerations: 49 | {{- toYaml .Values.controller.tolerations | nindent 8 }} 50 | {{- end }} 51 | {{- if .Values.controller.affinity }} 52 | affinity: 53 | {{- toYaml .Values.controller.affinity | nindent 8 }} 54 | {{- end }} 55 | volumes: 56 | - name: tmp 57 | emptyDir: {} 58 | strategy: 59 | type: Recreate 60 | -------------------------------------------------------------------------------- /charts/argo-rollouts/templates/argo-rollouts-clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.clusterInstall }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: {{ .Release.Name }}-clusterrole 6 | labels: 7 | app.kubernetes.io/component: {{ .Values.controller.component }} 8 | app.kubernetes.io/name: {{ .Release.Name }}-clusterrole 9 | app.kubernetes.io/part-of: {{ .Release.Name }} 10 | rules: 11 | - apiGroups: 12 | - apps 13 | resources: 14 | - replicasets 15 | verbs: 16 | - create 17 | - get 18 | - list 19 | - watch 20 | - update 21 | - patch 22 | - delete 23 | - apiGroups: 24 | - "" 25 | resources: 26 | - services 27 | verbs: 28 | - get 29 | - list 30 | - watch 31 | - patch 32 | - apiGroups: 33 | - "" 34 | resources: 35 | - secrets 36 | verbs: 37 | - get 38 | - list 39 | - watch 40 | - apiGroups: 41 | - argoproj.io 42 | resources: 43 | - rollouts 44 | verbs: 45 | - get 46 | - list 47 | - watch 48 | - update 49 | - patch 50 | - apiGroups: 51 | - argoproj.io 52 | resources: 53 | - analysisruns 54 | - experiments 55 | verbs: 56 | - create 57 | - get 58 | - list 59 | - watch 60 | - update 61 | - patch 62 | - delete 63 | - apiGroups: 64 | - argoproj.io 65 | resources: 66 | - analysistemplates 67 | verbs: 68 | - get 69 | - list 70 | - watch 71 | - apiGroups: 72 | - batch 73 | resources: 74 | - jobs 75 | verbs: 76 | - create 77 | - get 78 | - list 79 | - watch 80 | - update 81 | - patch 82 | - delete 83 | - apiGroups: 84 | - extensions 85 | resources: 86 | - ingresses 87 | verbs: 88 | - create 89 | - get 90 | - list 91 | - watch 92 | - patch 93 | - apiGroups: 94 | - "" 95 | resources: 96 | - events 97 | verbs: 98 | - create 99 | - update 100 | - patch 101 | - apiGroups: 102 | - networking.istio.io 103 | resources: 104 | - virtualservices 105 | verbs: 106 | - watch 107 | - get 108 | - update 109 | - apiGroups: 110 | - "" 111 | resources: 112 | - pods 113 | verbs: 114 | - list 115 | - delete 116 | {{- end }} 117 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-aggregate-roles.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.createAggregateRoles }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | annotations: 6 | helm.sh/hook: pre-install 7 | helm.sh/hook-delete-policy: before-hook-creation 8 | name: argo-aggregate-to-view 9 | labels: 10 | rbac.authorization.k8s.io/aggregate-to-view: "true" 11 | rules: 12 | - apiGroups: 13 | - argoproj.io 14 | resources: 15 | - workflows 16 | - workflows/finalizers 17 | - workflowtemplates 18 | - workflowtemplates/finalizers 19 | - cronworkflows 20 | - cronworkflows/finalizers 21 | - clusterworkflowtemplates 22 | - clusterworkflowtemplates/finalizers 23 | verbs: 24 | - get 25 | - list 26 | - watch 27 | --- 28 | apiVersion: rbac.authorization.k8s.io/v1 29 | kind: ClusterRole 30 | metadata: 31 | annotations: 32 | helm.sh/hook: pre-install 33 | helm.sh/hook-delete-policy: before-hook-creation 34 | name: argo-aggregate-to-edit 35 | labels: 36 | rbac.authorization.k8s.io/aggregate-to-edit: "true" 37 | rules: 38 | - apiGroups: 39 | - argoproj.io 40 | resources: 41 | - workflows 42 | - workflows/finalizers 43 | - workflowtemplates 44 | - workflowtemplates/finalizers 45 | - cronworkflows 46 | - cronworkflows/finalizers 47 | - clusterworkflowtemplates 48 | - clusterworkflowtemplates/finalizers 49 | verbs: 50 | - create 51 | - delete 52 | - deletecollection 53 | - get 54 | - list 55 | - patch 56 | - update 57 | - watch 58 | --- 59 | apiVersion: rbac.authorization.k8s.io/v1 60 | kind: ClusterRole 61 | metadata: 62 | annotations: 63 | helm.sh/hook: pre-install 64 | helm.sh/hook-delete-policy: before-hook-creation 65 | name: argo-aggregate-to-admin 66 | labels: 67 | rbac.authorization.k8s.io/aggregate-to-admin: "true" 68 | rules: 69 | - apiGroups: 70 | - argoproj.io 71 | resources: 72 | - workflows 73 | - workflows/finalizers 74 | - workflowtemplates 75 | - workflowtemplates/finalizers 76 | - cronworkflows 77 | - cronworkflows/finalizers 78 | - clusterworkflowtemplates 79 | - clusterworkflowtemplates/finalizers 80 | verbs: 81 | - create 82 | - delete 83 | - deletecollection 84 | - get 85 | - list 86 | - patch 87 | - update 88 | - watch 89 | {{- end }} 90 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "argocd-notifications.name" . }}-controller 5 | labels: 6 | {{- include "argocd-notifications.labels" . | nindent 4 }} 7 | spec: 8 | strategy: 9 | {{- .Values.updateStrategy | toYaml | nindent 4 }} 10 | selector: 11 | matchLabels: 12 | {{- include "argocd-notifications.selectorLabels" . | nindent 6 }} 13 | template: 14 | metadata: 15 | {{- if .Values.podAnnotations }} 16 | annotations: 17 | {{- range $key, $value := .Values.podAnnotations }} 18 | {{ $key }}: {{ $value | quote }} 19 | {{- end }} 20 | {{- end }} 21 | labels: 22 | {{- include "argocd-notifications.selectorLabels" . | nindent 8 }} 23 | spec: 24 | {{- with .Values.imagePullSecrets }} 25 | imagePullSecrets: 26 | {{- toYaml . | nindent 8 }} 27 | {{- end }} 28 | serviceAccountName: {{ include "argocd-notifications.serviceAccountName" . }} 29 | containers: 30 | - name: {{ include "argocd-notifications.name" . }}-controller 31 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" 32 | imagePullPolicy: {{ .Values.image.pullPolicy }} 33 | resources: 34 | {{- toYaml .Values.resources | nindent 12 }} 35 | command: 36 | - /app/argocd-notifications 37 | - controller 38 | - --loglevel={{ .Values.logLevel }} 39 | {{- if .Values.metrics.enabled }} 40 | - --metrics-port={{ .Values.metrics.port }} 41 | {{- end }} 42 | {{- range .Values.extraArgs }} 43 | - {{ . | squote }} 44 | {{- end }} 45 | ports: 46 | {{- if .Values.metrics.enabled }} 47 | - containerPort: {{ .Values.metrics.port }} 48 | name: metrics 49 | protocol: TCP 50 | {{- end }} 51 | {{- with .Values.nodeSelector }} 52 | nodeSelector: 53 | {{- toYaml . | nindent 8 }} 54 | {{- end }} 55 | {{- with .Values.affinity }} 56 | affinity: 57 | {{- toYaml . | nindent 8 }} 58 | {{- end }} 59 | {{- with .Values.tolerations }} 60 | tolerations: 61 | {{- toYaml . | nindent 8 }} 62 | {{- end }} 63 | -------------------------------------------------------------------------------- /charts/argo-events/templates/argo-events-cluster-roles.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.singleNamespace }} 2 | 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | kind: ClusterRoleBinding 5 | metadata: 6 | name: argo-events-binding 7 | roleRef: 8 | apiGroup: rbac.authorization.k8s.io 9 | kind: ClusterRole 10 | name: argo-events-role 11 | subjects: 12 | - kind: ServiceAccount 13 | name: {{ .Values.serviceAccount }} 14 | namespace: {{ .Release.Namespace }} 15 | {{- if .Values.additionalSaNamespaces }} 16 | {{ $sa := .Values.serviceAccount }} 17 | {{- range $namespace := .Values.additionalSaNamespaces }} 18 | - kind: ServiceAccount 19 | name: {{ $sa }} 20 | namespace: {{ $namespace }} 21 | {{- end }} 22 | {{- end }} 23 | --- 24 | apiVersion: rbac.authorization.k8s.io/v1 25 | kind: ClusterRole 26 | metadata: 27 | name: argo-events-role 28 | rules: 29 | {{- if .Values.additionalServiceAccountRules }} 30 | {{ .Values.additionalServiceAccountRules | toYaml | nindent 2}} 31 | {{- end }} 32 | - apiGroups: 33 | - argoproj.io 34 | verbs: 35 | - create 36 | - delete 37 | - deletecollection 38 | - get 39 | - list 40 | - patch 41 | - update 42 | - watch 43 | resources: 44 | - workflows 45 | - workflows/finalizers 46 | - workflowtemplates 47 | - workflowtemplates/finalizers 48 | - sensors 49 | - sensors/finalizers 50 | - eventsources 51 | - eventsources/finalizers 52 | - eventbus 53 | - eventbus/finalizers 54 | - apiGroups: 55 | - "" 56 | resources: 57 | - pods 58 | - pods/exec 59 | - configmaps 60 | - secrets 61 | - services 62 | - events 63 | - persistentvolumeclaims 64 | verbs: 65 | - create 66 | - get 67 | - list 68 | - watch 69 | - update 70 | - patch 71 | - delete 72 | - apiGroups: 73 | - "batch" 74 | resources: 75 | - jobs 76 | verbs: 77 | - create 78 | - get 79 | - list 80 | - watch 81 | - update 82 | - patch 83 | - delete 84 | - apiGroups: 85 | - "apps" 86 | resources: 87 | - deployments 88 | - statefulsets 89 | verbs: 90 | - create 91 | - get 92 | - list 93 | - watch 94 | - update 95 | - patch 96 | - delete 97 | 98 | {{- end }} 99 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.ingress.enabled -}} 2 | {{- $serviceName := include "argo-cd.server.fullname" . -}} 3 | {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} 4 | {{- $paths := .Values.server.ingress.paths -}} 5 | {{- $extraPaths := .Values.server.ingress.extraPaths -}} 6 | {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} 7 | apiVersion: networking.k8s.io/v1beta1 8 | {{ else }} 9 | apiVersion: extensions/v1beta1 10 | {{ end -}} 11 | kind: Ingress 12 | metadata: 13 | {{- if .Values.server.ingress.annotations }} 14 | annotations: 15 | {{- range $key, $value := .Values.server.ingress.annotations }} 16 | {{ $key }}: {{ $value | quote }} 17 | {{- end }} 18 | {{- end }} 19 | name: {{ template "argo-cd.server.fullname" . }} 20 | labels: 21 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 22 | helm.sh/chart: {{ include "argo-cd.chart" . }} 23 | app.kubernetes.io/instance: {{ .Release.Name }} 24 | app.kubernetes.io/managed-by: {{ .Release.Service }} 25 | app.kubernetes.io/part-of: argocd 26 | app.kubernetes.io/component: {{ .Values.server.name }} 27 | {{- if .Values.server.ingress.labels }} 28 | {{- toYaml .Values.server.ingress.labels | nindent 4 }} 29 | {{- end }} 30 | spec: 31 | rules: 32 | {{- if .Values.server.ingress.hosts }} 33 | {{- range $host := .Values.server.ingress.hosts }} 34 | - host: {{ $host }} 35 | http: 36 | paths: 37 | {{- if $extraPaths }} 38 | {{- toYaml $extraPaths | nindent 10 }} 39 | {{- end }} 40 | {{- range $p := $paths }} 41 | - path: {{ $p }} 42 | backend: 43 | serviceName: {{ $serviceName }} 44 | servicePort: {{ $servicePort }} 45 | {{- end -}} 46 | {{- end -}} 47 | {{- else }} 48 | - http: 49 | paths: 50 | {{- if $extraPaths }} 51 | {{- toYaml $extraPaths | nindent 10 }} 52 | {{- end }} 53 | {{- range $p := $paths }} 54 | - path: {{ $p }} 55 | backend: 56 | serviceName: {{ $serviceName }} 57 | servicePort: {{ $servicePort }} 58 | {{- end -}} 59 | {{- end -}} 60 | {{- if .Values.server.ingress.tls }} 61 | tls: 62 | {{- toYaml .Values.server.ingress.tls | nindent 4 }} 63 | {{- end -}} 64 | {{- end -}} 65 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-server/ingress-grpc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.ingressGrpc.enabled -}} 2 | {{- $serviceName := include "argo-cd.server.fullname" . -}} 3 | {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} 4 | {{- $paths := .Values.server.ingressGrpc.paths -}} 5 | {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} 6 | {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} 7 | apiVersion: networking.k8s.io/v1beta1 8 | {{ else }} 9 | apiVersion: extensions/v1beta1 10 | {{ end -}} 11 | kind: Ingress 12 | metadata: 13 | {{- if .Values.server.ingressGrpc.annotations }} 14 | annotations: 15 | {{- range $key, $value := .Values.server.ingressGrpc.annotations }} 16 | {{ $key }}: {{ $value | quote }} 17 | {{- end }} 18 | {{- end }} 19 | name: {{ template "argo-cd.server.fullname" . }}-grpc 20 | labels: 21 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }} 22 | helm.sh/chart: {{ include "argo-cd.chart" . }} 23 | app.kubernetes.io/instance: {{ .Release.Name }} 24 | app.kubernetes.io/managed-by: {{ .Release.Service }} 25 | app.kubernetes.io/part-of: argocd 26 | app.kubernetes.io/component: {{ .Values.server.name }} 27 | {{- if .Values.server.ingressGrpc.labels }} 28 | {{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }} 29 | {{- end }} 30 | spec: 31 | rules: 32 | {{- if .Values.server.ingressGrpc.hosts }} 33 | {{- range $host := .Values.server.ingressGrpc.hosts }} 34 | - host: {{ $host }} 35 | http: 36 | paths: 37 | {{- if $extraPaths }} 38 | {{- toYaml $extraPaths | nindent 10 }} 39 | {{- end -}} 40 | {{- range $p := $paths }} 41 | - path: {{ $p }} 42 | backend: 43 | serviceName: {{ $serviceName }} 44 | servicePort: {{ $servicePort }} 45 | {{- end -}} 46 | {{- end -}} 47 | {{- else }} 48 | - http: 49 | paths: 50 | {{- if $extraPaths }} 51 | {{- toYaml $extraPaths | nindent 10 }} 52 | {{- end -}} 53 | {{- range $p := $paths }} 54 | - path: {{ $p }} 55 | backend: 56 | serviceName: {{ $serviceName }} 57 | servicePort: {{ $servicePort }} 58 | {{- end -}} 59 | {{- end -}} 60 | {{- if .Values.server.ingressGrpc.tls }} 61 | tls: 62 | {{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }} 63 | {{- end -}} 64 | {{- end -}} 65 | -------------------------------------------------------------------------------- /charts/argo-events/templates/argo-events-roles.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.singleNamespace }} 2 | 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | kind: RoleBinding 5 | metadata: 6 | name: argo-events-binding 7 | namespace: {{ .Release.Namespace }} 8 | roleRef: 9 | apiGroup: rbac.authorization.k8s.io 10 | kind: Role 11 | name: argo-events-role 12 | subjects: 13 | - kind: ServiceAccount 14 | name: {{ .Values.serviceAccount }} 15 | namespace: {{ .Release.Namespace }} 16 | {{- if .Values.additionalSaNamespaces }} 17 | {{ $sa := .Values.serviceAccount }} 18 | {{- range $namespace := .Values.additionalSaNamespaces }} 19 | - kind: ServiceAccount 20 | name: {{ $sa }} 21 | namespace: {{ $namespace }} 22 | {{- end }} 23 | {{- end }} 24 | --- 25 | apiVersion: rbac.authorization.k8s.io/v1 26 | kind: Role 27 | metadata: 28 | name: argo-events-role 29 | namespace: {{ .Release.Namespace }} 30 | rules: 31 | {{- if .Values.additionalServiceAccountRules }} 32 | {{ .Values.additionalServiceAccountRules | toYaml | nindent 2}} 33 | {{- end }} 34 | - apiGroups: 35 | - argoproj.io 36 | verbs: 37 | - create 38 | - delete 39 | - deletecollection 40 | - get 41 | - list 42 | - patch 43 | - update 44 | - watch 45 | resources: 46 | - workflows 47 | - workflows/finalizers 48 | - workflowtemplates 49 | - workflowtemplates/finalizers 50 | - sensors 51 | - sensors/finalizers 52 | - eventsources 53 | - eventsources/finalizers 54 | - eventbus 55 | - eventbus/finalizers 56 | - apiGroups: 57 | - "" 58 | resources: 59 | - pods 60 | - pods/exec 61 | - configmaps 62 | - secrets 63 | - services 64 | - events 65 | - persistentvolumeclaims 66 | verbs: 67 | - create 68 | - get 69 | - list 70 | - watch 71 | - update 72 | - patch 73 | - delete 74 | - apiGroups: 75 | - "batch" 76 | resources: 77 | - jobs 78 | verbs: 79 | - create 80 | - get 81 | - list 82 | - watch 83 | - update 84 | - patch 85 | - delete 86 | - apiGroups: 87 | - "apps" 88 | resources: 89 | - deployments 90 | - statefulsets 91 | verbs: 92 | - create 93 | - get 94 | - list 95 | - watch 96 | - update 97 | - patch 98 | - delete 99 | 100 | {{- end }} 101 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-configs/argocd-secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.configs.secret.createSecret }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: argocd-secret 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.server.name }} 13 | {{- if .Values.configs.secret.annotations }} 14 | annotations: 15 | {{- range $key, $value := .Values.configs.secret.annotations }} 16 | {{ $key }}: {{ $value | quote }} 17 | {{- end }} 18 | {{- end }} 19 | type: Opaque 20 | {{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig .Values.configs.secret.extra) }} 21 | # Setting a blank data again will wipe admin password/key/cert 22 | data: 23 | {{- if .Values.configs.secret.githubSecret }} 24 | webhook.github.secret: {{ .Values.configs.secret.githubSecret | b64enc }} 25 | {{- end }} 26 | {{- if .Values.configs.secret.gitlabSecret }} 27 | webhook.gitlab.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }} 28 | {{- end }} 29 | {{- if .Values.configs.secret.bitbucketServerSecret }} 30 | webhook.bitbucketserver.secret: {{ .Values.configs.secret.bitbucketServerSecret | b64enc }} 31 | {{- end }} 32 | {{- if .Values.configs.secret.bitbucketUUID }} 33 | webhook.bitbucket.uuid: {{ .Values.configs.secret.bitbucketUUID | b64enc }} 34 | {{- end }} 35 | {{- if .Values.configs.secret.gogsSecret }} 36 | webhook.gogs.secret: {{ .Values.configs.secret.gogsSecret | b64enc }} 37 | {{- end }} 38 | {{- if .Values.configs.secret.argocdServerTlsConfig }} 39 | tls.key: {{ .Values.configs.secret.argocdServerTlsConfig.key | b64enc }} 40 | tls.crt: {{ .Values.configs.secret.argocdServerTlsConfig.crt | b64enc }} 41 | {{- end }} 42 | {{- if .Values.configs.secret.argocdServerAdminPassword }} 43 | admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }} 44 | admin.passwordMtime: {{ default (date "2006-01-02T15:04:05Z" now) .Values.configs.secret.argocdServerAdminPasswordMtime | b64enc }} 45 | {{- end }} 46 | {{- range $key, $value := .Values.configs.secret.extra }} 47 | {{ $key }}: {{ $value | b64enc }} 48 | {{- end }} 49 | {{- end }} 50 | {{- end }} 51 | -------------------------------------------------------------------------------- /charts/argo/README.md: -------------------------------------------------------------------------------- 1 | ## Argo Workflows Chart 2 | 3 | This is a **community maintained** chart. It is used to set up argo and it's needed dependencies through one command. This is used in conjunction with [helm](https://github.com/kubernetes/helm). 4 | 5 | If you want your deployment of this helm chart to most closely match the [argo CLI](https://github.com/argoproj/argo), you should deploy it in the `kube-system` namespace. 6 | 7 | ## Pre-Requisites 8 | This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to do create these. 9 | 10 | A few options are: 11 | - Setup the CRD yourself manually and use `--set installCRD=false` when installing the helm chart. Find the CRDs in the [argo codebase](https://raw.githubusercontent.com/argoproj/argo/master/manifests/base/crds/workflow-crd.yaml) 12 | - Manually create a ServiceAccount in the Namespace which your release will be deployed w/ appropriate bindings to perform this action and set the `init.serviceAccount` attribute 13 | - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions 14 | 15 | ## Usage Notes: 16 | This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of it's configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. 17 | 18 | ## Values 19 | 20 | The `values.yaml` contains items used to tweak a deployment of this chart. 21 | Fields to note: 22 | * `controller.instanceID.enabled`: If set to true, the Argo Controller will **ONLY** monitor Workflow submissions with a `--instanceid` attribute 23 | * `controller.instanceID.useReleaseName`: If set to true then chart set controller instance id to release name 24 | * `controller.instanceID.explicitID`: Allows customization of an instance id for the workflow controller to monitor 25 | * `controller.workflowNamespaces`: This is a list of namespaces where workflows will be ran 26 | * `minio.install`: If this is true, we'll install [minio](https://github.com/kubernetes/charts/tree/master/stable/minio) and build out the artifactRepository section in workflow controller config map. 27 | * `artifactRepository.s3.accessKeySecret` and `artifactRepository.s3.secretKeySecret` These by default link to minio default credentials stored in the secret deployed by the minio chart. 28 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-controller-cluster-roles.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: {{ .Release.Name }}-{{ .Values.controller.name }} 5 | rules: 6 | - apiGroups: 7 | - "" 8 | resources: 9 | - pods 10 | - pods/exec 11 | verbs: 12 | - create 13 | - get 14 | - list 15 | - watch 16 | - update 17 | - patch 18 | - delete 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - configmaps 23 | verbs: 24 | - get 25 | - watch 26 | - list 27 | - apiGroups: 28 | - "" 29 | resources: 30 | - persistentvolumeclaims 31 | verbs: 32 | - create 33 | - delete 34 | - apiGroups: 35 | - argoproj.io 36 | resources: 37 | - workflows 38 | - workflows/finalizers 39 | verbs: 40 | - get 41 | - list 42 | - watch 43 | - update 44 | - patch 45 | - delete 46 | - create 47 | - apiGroups: 48 | - argoproj.io 49 | resources: 50 | - workflowtemplates 51 | - workflowtemplates/finalizers 52 | - clusterworkflowtemplates 53 | - clusterworkflowtemplates/finalizers 54 | verbs: 55 | - get 56 | - list 57 | - watch 58 | - apiGroups: 59 | - argoproj.io 60 | resources: 61 | - cronworkflows 62 | - cronworkflows/finalizers 63 | verbs: 64 | - get 65 | - list 66 | - watch 67 | - update 68 | - patch 69 | - delete 70 | - apiGroups: 71 | - "" 72 | resources: 73 | - events 74 | verbs: 75 | - create 76 | - patch 77 | - apiGroups: 78 | - "" 79 | resources: 80 | - serviceaccounts 81 | verbs: 82 | - get 83 | - list 84 | - apiGroups: 85 | - "policy" 86 | resources: 87 | - poddisruptionbudgets 88 | verbs: 89 | - create 90 | - get 91 | - delete 92 | {{- if .Values.controller.persistence }} 93 | - apiGroups: 94 | - "" 95 | resources: 96 | - secrets 97 | resourceNames: 98 | {{- if .Values.controller.persistence.postgresql }} 99 | - {{ .Values.controller.persistence.postgresql.userNameSecret.name }} 100 | - {{ .Values.controller.persistence.postgresql.passwordSecret.name }} 101 | {{- end}} 102 | {{- if .Values.controller.persistence.mysql }} 103 | - {{ .Values.controller.persistence.mysql.userNameSecret.name }} 104 | - {{ .Values.controller.persistence.mysql.passwordSecret.name }} 105 | {{- end}} 106 | verbs: 107 | - get 108 | {{- end}} 109 | --- 110 | apiVersion: rbac.authorization.k8s.io/v1 111 | kind: ClusterRole 112 | metadata: 113 | name: {{ .Release.Name }}-{{ .Values.controller.name }}-cluster-template 114 | rules: 115 | - apiGroups: 116 | - argoproj.io 117 | resources: 118 | - clusterworkflowtemplates 119 | - clusterworkflowtemplates/finalizers 120 | verbs: 121 | - get 122 | - list 123 | - watch 124 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | 3 | {{/* 4 | Create a default fully qualified app name. 5 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 6 | */}} 7 | {{- define "redis-ha.name" -}} 8 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 9 | {{- end -}} 10 | 11 | {{/* 12 | Create a default fully qualified app name. 13 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 14 | */}} 15 | {{- define "redis-ha.fullname" -}} 16 | {{- if .Values.fullnameOverride -}} 17 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 18 | {{- else -}} 19 | {{- $name := default .Chart.Name .Values.nameOverride -}} 20 | {{- if contains $name .Release.Name -}} 21 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 22 | {{- else -}} 23 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 24 | {{- end -}} 25 | {{- end -}} 26 | {{- end -}} 27 | 28 | 29 | {{/* 30 | Return sysctl image 31 | */}} 32 | {{- define "redis.sysctl.image" -}} 33 | {{- $registryName := default "docker.io" .Values.sysctlImage.registry -}} 34 | {{- $tag := default "latest" .Values.sysctlImage.tag | toString -}} 35 | {{- printf "%s/%s:%s" $registryName .Values.sysctlImage.repository $tag -}} 36 | {{- end -}} 37 | 38 | {{- /* 39 | Credit: @technosophos 40 | https://github.com/technosophos/common-chart/ 41 | labels.standard prints the standard Helm labels. 42 | The standard labels are frequently used in metadata. 43 | */ -}} 44 | {{- define "labels.standard" -}} 45 | app: {{ template "redis-ha.name" . }} 46 | heritage: {{ .Release.Service | quote }} 47 | release: {{ .Release.Name | quote }} 48 | chart: {{ template "chartref" . }} 49 | {{- end -}} 50 | 51 | {{- /* 52 | Credit: @technosophos 53 | https://github.com/technosophos/common-chart/ 54 | chartref prints a chart name and version. 55 | It does minimal escaping for use in Kubernetes labels. 56 | Example output: 57 | zookeeper-1.2.3 58 | wordpress-3.2.1_20170219 59 | */ -}} 60 | {{- define "chartref" -}} 61 | {{- replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name -}} 62 | {{- end -}} 63 | 64 | {{/* 65 | Create the name of the service account to use 66 | */}} 67 | {{- define "redis-ha.serviceAccountName" -}} 68 | {{- if .Values.serviceAccount.create -}} 69 | {{ default (include "redis-ha.fullname" .) .Values.serviceAccount.name }} 70 | {{- else -}} 71 | {{ default "default" .Values.serviceAccount.name }} 72 | {{- end -}} 73 | {{- end -}} 74 | 75 | {{- define "redis-ha.masterGroupName" -}} 76 | {{- $masterGroupName := tpl ( .Values.redis.masterGroupName | default "") . -}} 77 | {{- $validMasterGroupName := regexMatch "^[\\w-\\.]+$" $masterGroupName -}} 78 | {{- if $validMasterGroupName -}} 79 | {{ $masterGroupName }} 80 | {{- else -}} 81 | {{ required "A valid .Values.redis.masterGroupName entry is required (matching ^[\\w-\\.]+$)" ""}} 82 | {{- end -}} 83 | {{- end -}} 84 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-controller-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ .Release.Name }}-{{ .Values.controller.name}} 5 | labels: 6 | app: {{ .Release.Name }}-{{ .Values.controller.name}} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | spec: 11 | replicas: {{ .Values.controller.replicas }} 12 | selector: 13 | matchLabels: 14 | app: {{ .Release.Name }}-{{ .Values.controller.name}} 15 | release: {{ .Release.Name }} 16 | template: 17 | metadata: 18 | labels: 19 | app: {{ .Release.Name }}-{{ .Values.controller.name}} 20 | release: {{ .Release.Name }} 21 | {{- if .Values.controller.podLabels }} 22 | {{ toYaml .Values.controller.podLabels | nindent 8}} 23 | {{- end }} 24 | {{- if .Values.controller.podAnnotations }} 25 | annotations: 26 | {{ toYaml .Values.controller.podAnnotations | indent 8}}{{- end }} 27 | spec: 28 | serviceAccountName: {{ .Values.controller.serviceAccount | quote }} 29 | {{- if .Values.controller.podSecurityContext }} 30 | securityContext: 31 | {{- toYaml .Values.controller.podSecurityContext | nindent 8 }} 32 | {{- end }} 33 | containers: 34 | - name: controller 35 | image: "{{ .Values.images.namespace }}/{{ .Values.images.controller }}:{{ default .Values.images.tag .Values.controller.image.tag }}" 36 | imagePullPolicy: {{ .Values.images.pullPolicy }} 37 | command: [ "workflow-controller" ] 38 | args: 39 | - "--configmap" 40 | - "{{ .Release.Name }}-{{ .Values.controller.name}}-configmap" 41 | - "--executor-image" 42 | - "{{ .Values.images.namespace }}/{{ .Values.images.executor }}:{{ default .Values.images.tag .Values.executor.image.tag }}" 43 | - "--loglevel" 44 | - "{{ .Values.controller.logging.level }}" 45 | - "--gloglevel" 46 | - "{{ .Values.controller.logging.globallevel }}" 47 | {{- if .Values.singleNamespace }} 48 | - "--namespaced" 49 | {{- end }} 50 | {{- with .Values.controller.workflowWorkers }} 51 | - "--workflow-workers" 52 | - {{ . | quote }} 53 | {{- end }} 54 | {{- if .Values.controller.podWorkers }} 55 | - "--pod-workers" 56 | - {{ . | quote }} 57 | {{- end }} 58 | env: 59 | - name: ARGO_NAMESPACE 60 | valueFrom: 61 | fieldRef: 62 | apiVersion: v1 63 | fieldPath: metadata.namespace 64 | resources: 65 | {{- toYaml .Values.controller.resources | nindent 12 }} 66 | {{- if .Values.controller.metricsConfig.enabled }} 67 | ports: 68 | - containerPort: 8080 69 | {{- end }} 70 | {{- with .Values.images.pullSecrets }} 71 | imagePullSecrets: 72 | {{- toYaml . | nindent 8 }} 73 | {{- end }} 74 | {{- with .Values.controller.nodeSelector }} 75 | nodeSelector: 76 | {{- toYaml . | nindent 8 }} 77 | {{- end }} 78 | {{- with .Values.controller.tolerations }} 79 | tolerations: 80 | {{- toYaml . | nindent 8 }} 81 | {{- end }} 82 | {{- with .Values.controller.affinity }} 83 | affinity: 84 | {{- toYaml . | nindent 8 }} 85 | {{- end }} 86 | -------------------------------------------------------------------------------- /charts/argo/templates/server-deployment.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{ .Release.Name }}-{{ .Values.server.name}} 6 | labels: 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | spec: 11 | replicas: {{ .Values.server.replicas }} 12 | selector: 13 | matchLabels: 14 | app: {{ .Release.Name }}-{{ .Values.server.name}} 15 | release: {{ .Release.Name }} 16 | template: 17 | metadata: 18 | labels: 19 | app: {{ .Release.Name }}-{{ .Values.server.name}} 20 | release: {{ .Release.Name }} 21 | {{- if .Values.server.podLabels }} 22 | {{- toYaml .Values.server.podLabels | nindent 8 }} 23 | {{- end }} 24 | {{- if .Values.server.podAnnotations }} 25 | annotations: 26 | {{ toYaml .Values.server.podAnnotations | indent 8}}{{- end }} 27 | spec: 28 | serviceAccountName: {{ .Values.server.serviceAccount | quote }} 29 | {{- if .Values.server.podSecurityContext }} 30 | securityContext: 31 | {{- toYaml .Values.server.podSecurityContext | nindent 8 }} 32 | {{- end }} 33 | containers: 34 | - name: argo-server 35 | args: 36 | - server 37 | - --configmap={{ .Release.Name }}-{{ .Values.controller.name }}-configmap 38 | {{- if .Values.server.extraArgs }} 39 | {{- toYaml .Values.server.extraArgs | nindent 10 }} 40 | {{- end }} 41 | {{- if .Values.singleNamespace }} 42 | - "--namespaced" 43 | {{- end }} 44 | image: "{{ .Values.images.namespace }}/{{ .Values.images.server }}:{{ default .Values.images.tag .Values.server.image.tag }}" 45 | imagePullPolicy: {{ .Values.images.pullPolicy }} 46 | {{- if .Values.server.podPortName }} 47 | ports: 48 | - name: {{ .Values.server.podPortName }} 49 | containerPort: 2746 50 | {{- end }} 51 | readinessProbe: 52 | httpGet: 53 | path: / 54 | port: 2746 55 | scheme: HTTP 56 | initialDelaySeconds: 10 57 | periodSeconds: 20 58 | env: 59 | - name: IN_CLUSTER 60 | value: "true" 61 | - name: ARGO_NAMESPACE 62 | valueFrom: 63 | fieldRef: 64 | apiVersion: v1 65 | fieldPath: metadata.namespace 66 | - name: BASE_HREF 67 | value: {{ .Values.server.baseHref | quote }} 68 | resources: 69 | {{- toYaml .Values.server.resources | nindent 12 }} 70 | {{- with .Values.server.volumeMounts }} 71 | volumeMounts: 72 | {{- toYaml . | nindent 12}} 73 | {{- end }} 74 | {{- with .Values.images.pullSecrets }} 75 | imagePullSecrets: 76 | {{- toYaml . | nindent 8 }} 77 | {{- end }} 78 | {{- with .Values.server.volumes }} 79 | volumes: 80 | {{- toYaml . | nindent 8}} 81 | {{- end }} 82 | {{- with .Values.server.nodeSelector }} 83 | nodeSelector: 84 | {{- toYaml . | nindent 8 }} 85 | {{- end }} 86 | {{- with .Values.server.tolerations }} 87 | tolerations: 88 | {{- toYaml . | nindent 8 }} 89 | {{- end }} 90 | {{- with .Values.server.affinity }} 91 | affinity: 92 | {{- toYaml . | nindent 8 }} 93 | {{- end }} 94 | 95 | {{- end -}} 96 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/redis/deployment.yaml: -------------------------------------------------------------------------------- 1 | {{- $redisHa := (index .Values "redis-ha") -}} 2 | {{- if and .Values.redis.enabled (not $redisHa.enabled) -}} 3 | apiVersion: apps/v1 4 | kind: Deployment 5 | metadata: 6 | name: {{ template "argo-cd.redis.fullname" . }} 7 | labels: 8 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} 9 | helm.sh/chart: {{ include "argo-cd.chart" . }} 10 | app.kubernetes.io/instance: {{ .Release.Name }} 11 | app.kubernetes.io/managed-by: {{ .Release.Service }} 12 | app.kubernetes.io/part-of: argocd 13 | app.kubernetes.io/component: {{ .Values.redis.name }} 14 | app.kubernetes.io/version: {{ .Values.redis.image.tag }} 15 | spec: 16 | selector: 17 | matchLabels: 18 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} 19 | template: 20 | metadata: 21 | {{- if .Values.redis.podAnnotations }} 22 | annotations: 23 | {{- range $key, $value := .Values.redis.podAnnotations }} 24 | {{ $key }}: {{ $value | quote }} 25 | {{- end }} 26 | {{- end }} 27 | labels: 28 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.redis.name }} 29 | helm.sh/chart: {{ include "argo-cd.chart" . }} 30 | app.kubernetes.io/instance: {{ .Release.Name }} 31 | app.kubernetes.io/managed-by: {{ .Release.Service }} 32 | app.kubernetes.io/part-of: argocd 33 | app.kubernetes.io/component: {{ .Values.redis.name }} 34 | app.kubernetes.io/version: {{ .Values.redis.image.tag }} 35 | {{- if .Values.redis.podLabels }} 36 | {{- toYaml .Values.redis.podLabels | nindent 8 }} 37 | {{- end }} 38 | spec: 39 | {{- with .Values.global.imagePullSecrets }} 40 | imagePullSecrets: 41 | {{- toYaml . | nindent 8 }} 42 | {{- end }} 43 | automountServiceAccountToken: false 44 | {{- if .Values.redis.securityContext }} 45 | securityContext: {{- toYaml .Values.redis.securityContext | nindent 8 }} 46 | {{- end }} 47 | containers: 48 | - name: {{ template "argo-cd.redis.fullname" . }} 49 | args: 50 | - --save 51 | - "" 52 | - --appendonly 53 | - "no" 54 | image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} 55 | imagePullPolicy: {{ .Values.redis.image.imagePullPolicy}} 56 | {{- if .Values.redis.containerSecurityContext }} 57 | securityContext: {{- toYaml .Values.redis.containerSecurityContext | nindent 10 }} 58 | {{- end }} 59 | {{- if .Values.redis.env }} 60 | env: 61 | {{- toYaml .Values.redis.env | nindent 8 }} 62 | {{- end }} 63 | ports: 64 | - containerPort: {{ .Values.redis.containerPort }} 65 | {{- if .Values.redis.volumeMounts }} 66 | 67 | volumeMounts: 68 | {{- toYaml .Values.redis.volumeMounts | nindent 10 }} 69 | {{- end }} 70 | resources: 71 | {{- toYaml .Values.redis.resources | nindent 10 }} 72 | {{- if .Values.redis.nodeSelector }} 73 | nodeSelector: 74 | {{- toYaml .Values.redis.nodeSelector | nindent 8 }} 75 | {{- end }} 76 | {{- if .Values.redis.tolerations }} 77 | tolerations: 78 | {{- toYaml .Values.redis.tolerations | nindent 8 }} 79 | {{- end }} 80 | {{- if .Values.redis.affinity }} 81 | affinity: 82 | {{- toYaml .Values.redis.affinity | nindent 8 }} 83 | {{- end }} 84 | {{- if .Values.redis.volumes }} 85 | volumes: 86 | {{- toYaml .Values.redis.volumes | nindent 8}} 87 | {{- end }} 88 | {{- if .Values.redis.priorityClassName }} 89 | priorityClassName: {{ .Values.redis.priorityClassName }} 90 | {{- end }} 91 | {{- end }} 92 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | Argo Helm is a collection of **community maintained** charts. Therefore we rely on you to test your changes sufficiently. 4 | 5 | ## Testing Argo Workflows Changes 6 | 7 | Minimally: 8 | 9 | ``` 10 | helm install charts/argo -n argo 11 | argo version 12 | ``` 13 | 14 | Follow this instructions for running a hello world workflow. 15 | 16 | ## Testing Argo CD Changes 17 | 18 | Clean-up: 19 | 20 | ``` 21 | helm delete argo-cd --purge 22 | kubectl delete crd -l app.kubernetes.io/part-of=argocd 23 | ``` 24 | 25 | Minimally: 26 | 27 | ``` 28 | helm install charts/argo-cd --namespace argocd -n argo-cd 29 | kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443 30 | ``` 31 | 32 | In a new terminal: 33 | 34 | ``` 35 | argocd version --server localhost:8080 --insecure 36 | # reset password to 'Password1!' 37 | kubectl -n argocd patch secret argocd-secret \ 38 | -p '{"stringData": { 39 | "admin.password": "$2a$10$hDj12Tw9xVmvybSahN1Y0.f9DZixxN8oybyA32Uy/eqWklFU4Mo8O", 40 | "admin.passwordMtime": "'$(date +%FT%T%Z)'" 41 | }}' 42 | argocd login localhost:8080 --username admin --password 'Password1!' 43 | 44 | # WARNING: server certificate had error: x509: certificate signed by unknown authority. Proceed insecurely (y/n)? y 45 | ``` 46 | 47 | Create and sync app: 48 | 49 | ``` 50 | argocd app create guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --path guestbook --project default --repo https://github.com/argoproj/argocd-example-apps.git 51 | argocd app sync guestbook 52 | ``` 53 | 54 | ## Testing Argo CD Notification Changes 55 | 56 | Thorough testing of argocd-notifications would require one or more notification services (Slack, OpsGenie, etc), however 57 | minimal testing mostly consists of successful Helm chart installation and the argocd-notifications controller having 58 | access to the `Application` resources in the same namespace that Argo CD is installed. 59 | 60 | ``` 61 | helm install argocd-notifications charts/argocd-notifications --namespace argocd 62 | ``` 63 | 64 | ## New Application Versions 65 | 66 | When raising application versions ensure you make the following changes: 67 | 68 | - `values.yaml`: Bump all instances of the container image version 69 | - `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version` 70 | 71 | Please ensure chart version changes adhere to semantic versioning standards: 72 | 73 | - Patch: App version patch updates, backwards compatible optional chart features 74 | - Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes 75 | - Major: Large chart rewrites, major non-backwards compatible or destructive changes 76 | 77 | ## Testing Charts 78 | 79 | As part of the Continous Intergration system we run Helm's [Chart Testing](https://github.com/helm/chart-testing) tool. 80 | 81 | The checks for this tool are stricter than the standard Helm requirements, where fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames. 82 | 83 | Linting configuration can be found in [lintconf.yaml](.circleci/lintconf.yaml) 84 | 85 | The linting can be invoked manually with the following command: 86 | 87 | ``` 88 | ./scripts/lint.sh 89 | ``` 90 | 91 | ## Publishing Changes 92 | 93 | Changes are automatically publish whenever a commit is merged to master. The CI job (see `.circleci/config.yaml`) runs this: 94 | 95 | ``` 96 | GIT_PUSH=true ./scripts/publish.sh 97 | ``` 98 | 99 | Script generates tar file for each chart in `charts` directory and push changes to `gh-pages` branch. 100 | Write access to https://github.com/argoproj/argo-helm.git is required to publish changes. 101 | -------------------------------------------------------------------------------- /charts/argo/templates/workflow-controller-config-map.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ .Release.Name }}-{{ .Values.controller.name }}-configmap 5 | labels: 6 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 7 | release: {{ .Release.Name }} 8 | heritage: {{ .Release.Service }} 9 | data: 10 | config: | 11 | {{- if .Values.controller.instanceID.enabled }} 12 | {{- if .Values.controller.instanceID.useReleaseName }} 13 | instanceID: {{ .Release.Name }} 14 | {{- else }} 15 | instanceID: {{ .Values.controller.instanceID.explicitID }} 16 | {{- end }} 17 | {{- end }} 18 | containerRuntimeExecutor: {{ .Values.controller.containerRuntimeExecutor }} 19 | {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} 20 | executor: 21 | {{- with .Values.executor.resources }} 22 | resources: {{- toYaml . | nindent 8 }} 23 | {{- end }} 24 | {{- with .Values.executor.env }} 25 | env: {{- toYaml . | nindent 8 }} 26 | {{- end }} 27 | {{- with .Values.executor.securityContext }} 28 | securityContext: {{- toYaml . | nindent 8 }} 29 | {{- end }} 30 | {{- end }} 31 | {{- if or .Values.minio.install .Values.useDefaultArtifactRepo }} 32 | artifactRepository: 33 | {{- if .Values.artifactRepository.archiveLogs }} 34 | archiveLogs: {{ .Values.artifactRepository.archiveLogs }} 35 | {{- end }} 36 | {{- if .Values.artifactRepository.gcs }} 37 | gcs: 38 | {{ toYaml .Values.artifactRepository.gcs | indent 8}} 39 | {{- else }} 40 | s3: 41 | {{- if .Values.useStaticCredentials }} 42 | accessKeySecret: 43 | key: {{ .Values.artifactRepository.s3.accessKeySecret.key }} 44 | name: {{ .Values.artifactRepository.s3.accessKeySecret.name | default (printf "%s-%s" .Release.Name "minio") }} 45 | secretKeySecret: 46 | key: {{ .Values.artifactRepository.s3.secretKeySecret.key }} 47 | name: {{ .Values.artifactRepository.s3.secretKeySecret.name | default (printf "%s-%s" .Release.Name "minio") }} 48 | {{- end }} 49 | bucket: {{ .Values.artifactRepository.s3.bucket | default .Values.minio.defaultBucket.name }} 50 | endpoint: {{ .Values.artifactRepository.s3.endpoint | default (printf "%s-%s" .Release.Name "minio:9000") }} 51 | insecure: {{ .Values.artifactRepository.s3.insecure }} 52 | {{- if .Values.artifactRepository.s3.keyFormat }} 53 | keyFormat: {{ .Values.artifactRepository.s3.keyFormat }} 54 | {{- end }} 55 | {{- if .Values.artifactRepository.s3.region }} 56 | region: {{ .Values.artifactRepository.s3.region }} 57 | {{- end }} 58 | {{- if .Values.artifactRepository.s3.roleARN }} 59 | roleARN: {{ .Values.artifactRepository.s3.roleARN }} 60 | {{- end }} 61 | {{- if .Values.artifactRepository.s3.useSDKCreds }} 62 | useSDKCreds: {{ .Values.artifactRepository.s3.useSDKCreds }} 63 | {{- end }} 64 | {{- end }} 65 | {{- end}} 66 | {{- if .Values.controller.metricsConfig.enabled }} 67 | metricsConfig: 68 | {{ toYaml .Values.controller.metricsConfig | indent 6}}{{- end }} 69 | {{- if .Values.controller.telemetryConfig.enabled }} 70 | telemetryConfig: 71 | {{ toYaml .Values.controller.telemetryConfig | indent 6}}{{- end }} 72 | {{- if .Values.controller.persistence }} 73 | persistence: 74 | {{ toYaml .Values.controller.persistence | indent 6 }}{{- end }} 75 | {{- if .Values.controller.workflowDefaults }} 76 | workflowDefaults: 77 | {{ toYaml .Values.controller.workflowDefaults | indent 6 }}{{- end }} 78 | {{- with .Values.server.sso }} 79 | sso: {{- toYaml . | nindent 6 }} 80 | {{- end }} 81 | {{- with .Values.controller.workflowRestrictions }} 82 | workflowRestrictions: {{- toYaml . | nindent 6 }} 83 | {{- end }} 84 | -------------------------------------------------------------------------------- /charts/argocd-notifications/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "argocd-notifications.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "argocd-notifications.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "argocd-notifications.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Common labels 36 | */}} 37 | {{- define "argocd-notifications.labels" -}} 38 | helm.sh/chart: {{ include "argocd-notifications.chart" . }} 39 | {{ include "argocd-notifications.selectorLabels" . }} 40 | {{- if .Chart.AppVersion }} 41 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 42 | {{- end }} 43 | app.kubernetes.io/managed-by: {{ .Release.Service }} 44 | {{- end -}} 45 | 46 | {{/* 47 | Common metrics labels 48 | */}} 49 | {{- define "argocd-notifications.metrics.labels" -}} 50 | helm.sh/chart: {{ include "argocd-notifications.chart" . }} 51 | {{ include "argocd-notifications.metrics.selectorLabels" . }} 52 | {{- if .Chart.AppVersion }} 53 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 54 | {{- end }} 55 | app.kubernetes.io/managed-by: {{ .Release.Service }} 56 | {{- end -}} 57 | 58 | 59 | {{/* 60 | Common slack bot labels 61 | */}} 62 | {{- define "argocd-notifications.bots.slack.labels" -}} 63 | helm.sh/chart: {{ include "argocd-notifications.chart" . }} 64 | {{ include "argocd-notifications.bots.slack.selectorLabels" . }} 65 | {{- if .Chart.AppVersion }} 66 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 67 | {{- end }} 68 | app.kubernetes.io/managed-by: {{ .Release.Service }} 69 | {{- end -}} 70 | 71 | {{/* 72 | Selector labels 73 | */}} 74 | {{- define "argocd-notifications.selectorLabels" -}} 75 | app.kubernetes.io/name: {{ include "argocd-notifications.name" . }} 76 | app.kubernetes.io/instance: {{ .Release.Name }} 77 | {{- end -}} 78 | 79 | {{/* 80 | Selector metrics labels 81 | */}} 82 | {{- define "argocd-notifications.metrics.selectorLabels" -}} 83 | app.kubernetes.io/name: {{ include "argocd-notifications.name" . }}-metrics 84 | app.kubernetes.io/instance: {{ .Release.Name }} 85 | {{- end -}} 86 | 87 | {{/* 88 | Selector slack bot labels 89 | */}} 90 | {{- define "argocd-notifications.bots.slack.selectorLabels" -}} 91 | app.kubernetes.io/name: {{ include "argocd-notifications.name" . }}-bot 92 | app.kubernetes.io/instance: {{ .Release.Name }} 93 | {{- end -}} 94 | 95 | {{/* 96 | Create the name of the service account to use 97 | */}} 98 | {{- define "argocd-notifications.serviceAccountName" -}} 99 | {{- if .Values.serviceAccount.create -}} 100 | {{ default (include "argocd-notifications.fullname" .) .Values.serviceAccount.name }} 101 | {{- else -}} 102 | {{ default "default" .Values.serviceAccount.name }} 103 | {{- end -}} 104 | {{- end -}} 105 | 106 | {{/* 107 | Create the name of the bot service account to use 108 | */}} 109 | {{- define "argocd-notifications.bots.slack.serviceAccountName" -}} 110 | {{- if .Values.bots.slack.serviceAccount.create -}} 111 | {{ default (printf "%s-bot" (include "argocd-notifications.fullname" .)) .Values.bots.slack.serviceAccount.name }} 112 | {{- else -}} 113 | {{ default "default" .Values.bots.slack.serviceAccount.name }} 114 | {{- end -}} 115 | {{- end -}} 116 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "argo-cd.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "argo-cd.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create controller name and version as used by the chart label. 29 | */}} 30 | {{- define "argo-cd.controller.fullname" -}} 31 | {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Create dex name and version as used by the chart label. 36 | */}} 37 | {{- define "argo-cd.dex.fullname" -}} 38 | {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.dex.name | trunc 63 | trimSuffix "-" -}} 39 | {{- end -}} 40 | 41 | {{/* 42 | Create redis name and version as used by the chart label. 43 | */}} 44 | {{- define "argo-cd.redis.fullname" -}} 45 | {{ $redisHa := (index .Values "redis-ha") }} 46 | {{- if $redisHa.enabled -}} 47 | {{- if $redisHa.haproxy.enabled -}} 48 | {{- printf "%s-redis-ha-haproxy" .Release.Name | trunc 63 | trimSuffix "-" -}} 49 | {{- end -}} 50 | {{- else -}} 51 | {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.redis.name | trunc 63 | trimSuffix "-" -}} 52 | {{- end -}} 53 | {{- end -}} 54 | 55 | {{/* 56 | Create argocd server name and version as used by the chart label. 57 | */}} 58 | {{- define "argo-cd.server.fullname" -}} 59 | {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}} 60 | {{- end -}} 61 | 62 | {{/* 63 | Create argocd repo-server name and version as used by the chart label. 64 | */}} 65 | {{- define "argo-cd.repoServer.fullname" -}} 66 | {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}} 67 | {{- end -}} 68 | 69 | {{/* 70 | Create the name of the controller service account to use 71 | */}} 72 | {{- define "argo-cd.controllerServiceAccountName" -}} 73 | {{- if .Values.controller.serviceAccount.create -}} 74 | {{ default (include "argo-cd.fullname" .) .Values.controller.serviceAccount.name }} 75 | {{- else -}} 76 | {{ default "default" .Values.controller.serviceAccount.name }} 77 | {{- end -}} 78 | {{- end -}} 79 | 80 | {{/* 81 | Create the name of the dex service account to use 82 | */}} 83 | {{- define "argo-cd.dexServiceAccountName" -}} 84 | {{- if .Values.dex.serviceAccount.create -}} 85 | {{ default (include "argo-cd.fullname" .) .Values.dex.serviceAccount.name }} 86 | {{- else -}} 87 | {{ default "default" .Values.dex.serviceAccount.name }} 88 | {{- end -}} 89 | {{- end -}} 90 | 91 | {{/* 92 | Create the name of the ArgoCD server service account to use 93 | */}} 94 | {{- define "argo-cd.serverServiceAccountName" -}} 95 | {{- if .Values.server.serviceAccount.create -}} 96 | {{ default (include "argo-cd.fullname" .) .Values.server.serviceAccount.name }} 97 | {{- else -}} 98 | {{ default "default" .Values.server.serviceAccount.name }} 99 | {{- end -}} 100 | {{- end -}} 101 | 102 | {{/* 103 | Create the name of the repo-server service account to use 104 | */}} 105 | {{- define "argo-cd.repoServerServiceAccountName" -}} 106 | {{- if .Values.repoServer.serviceAccount.create -}} 107 | {{ default (include "argo-cd.fullname" .) .Values.repoServer.serviceAccount.name }} 108 | {{- else -}} 109 | {{ default "default" .Values.repoServer.serviceAccount.name }} 110 | {{- end -}} 111 | {{- end -}} 112 | 113 | {{/* 114 | Create chart name and version as used by the chart label. 115 | */}} 116 | {{- define "argo-cd.chart" -}} 117 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 118 | {{- end -}} -------------------------------------------------------------------------------- /charts/argo-cd/templates/dex/deployment.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.dex.enabled }} 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{ template "argo-cd.dex.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.dex.name }} 13 | app.kubernetes.io/version: {{ .Values.dex.image.tag }} 14 | spec: 15 | selector: 16 | matchLabels: 17 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} 18 | app.kubernetes.io/instance: {{ .Release.Name }} 19 | template: 20 | metadata: 21 | {{- if .Values.dex.podAnnotations }} 22 | annotations: 23 | {{- range $key, $value := .Values.dex.podAnnotations }} 24 | {{ $key }}: {{ $value | quote }} 25 | {{- end }} 26 | {{- end }} 27 | labels: 28 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.dex.name }} 29 | helm.sh/chart: {{ include "argo-cd.chart" . }} 30 | app.kubernetes.io/instance: {{ .Release.Name }} 31 | app.kubernetes.io/managed-by: {{ .Release.Service }} 32 | app.kubernetes.io/part-of: argocd 33 | app.kubernetes.io/component: {{ .Values.dex.name }} 34 | app.kubernetes.io/version: {{ .Values.dex.image.tag }} 35 | {{- if .Values.dex.podLabels }} 36 | {{- toYaml .Values.dex.podLabels | nindent 8 }} 37 | {{- end }} 38 | spec: 39 | {{- with .Values.global.imagePullSecrets }} 40 | imagePullSecrets: 41 | {{- toYaml . | nindent 8 }} 42 | {{- end }} 43 | {{- if .Values.global.securityContext }} 44 | securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }} 45 | {{- end }} 46 | initContainers: 47 | - name: copyutil 48 | image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default .Values.global.image.tag .Values.dex.initImage.tag }} 49 | imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} 50 | resources: 51 | {{- toYaml .Values.dex.resources | nindent 10 }} 52 | {{- if .Values.dex.containerSecurityContext }} 53 | securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} 54 | {{- end }} 55 | command: 56 | - cp 57 | - /usr/local/bin/argocd-util 58 | - /shared 59 | volumeMounts: 60 | - mountPath: /shared 61 | name: static-files 62 | containers: 63 | - name: {{ .Values.dex.name }} 64 | image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} 65 | imagePullPolicy: {{ .Values.dex.image.imagePullPolicy }} 66 | command: 67 | - /shared/argocd-util 68 | - rundex 69 | {{- if .Values.dex.containerSecurityContext }} 70 | securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} 71 | {{- end }} 72 | {{- if .Values.dex.env }} 73 | env: 74 | {{- toYaml .Values.dex.env | nindent 8 }} 75 | {{- end }} 76 | ports: 77 | - name: http 78 | containerPort: {{ .Values.dex.containerPortHttp }} 79 | protocol: TCP 80 | - name: grpc 81 | containerPort: {{ .Values.dex.containerPortGrpc }} 82 | protocol: TCP 83 | {{- if .Values.dex.metrics.enabled }} 84 | - name: metrics 85 | containerPort: {{ .Values.dex.containerPortMetrics }} 86 | protocol: TCP 87 | {{- end }} 88 | {{- if .Values.dex.volumeMounts }} 89 | volumeMounts: 90 | {{- toYaml .Values.dex.volumeMounts | nindent 10 }} 91 | {{- end }} 92 | resources: 93 | {{- toYaml .Values.dex.resources | nindent 10 }} 94 | {{- if .Values.dex.nodeSelector }} 95 | nodeSelector: 96 | {{- toYaml .Values.dex.nodeSelector | nindent 8 }} 97 | {{- end }} 98 | {{- if .Values.dex.tolerations }} 99 | tolerations: 100 | {{- toYaml .Values.dex.tolerations | nindent 8 }} 101 | {{- end }} 102 | {{- if .Values.dex.affinity }} 103 | affinity: 104 | {{- toYaml .Values.dex.affinity | nindent 8 }} 105 | {{- end }} 106 | serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} 107 | {{- if .Values.dex.volumes }} 108 | volumes: 109 | {{- toYaml .Values.dex.volumes | nindent 8}} 110 | {{- end }} 111 | {{- if .Values.dex.priorityClassName }} 112 | priorityClassName: {{ .Values.dex.priorityClassName }} 113 | {{- end }} 114 | {{- end }} 115 | -------------------------------------------------------------------------------- /charts/argo-cd/charts/redis-ha/templates/redis-haproxy-deployment.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.haproxy.enabled }} 2 | kind: Deployment 3 | apiVersion: apps/v1 4 | metadata: 5 | name: {{ template "redis-ha.fullname" . }}-haproxy 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{ include "labels.standard" . | indent 4 }} 9 | spec: 10 | strategy: 11 | type: RollingUpdate 12 | revisionHistoryLimit: 1 13 | replicas: {{ .Values.haproxy.replicas }} 14 | selector: 15 | matchLabels: 16 | app: {{ template "redis-ha.name" . }}-haproxy 17 | release: {{ .Release.Name }} 18 | template: 19 | metadata: 20 | name: {{ template "redis-ha.fullname" . }}-haproxy 21 | labels: 22 | app: {{ template "redis-ha.name" . }}-haproxy 23 | release: {{ .Release.Name }} 24 | annotations: 25 | {{- if .Values.haproxy.metrics.enabled }} 26 | prometheus.io/port: "{{ .Values.haproxy.metrics.port }}" 27 | prometheus.io/scrape: "true" 28 | prometheus.io/path: "{{ .Values.haproxy.metrics.scrapePath }}" 29 | {{- end }} 30 | checksum/config: {{ print (include "config-haproxy.cfg" .) (include "config-haproxy_init.sh" .) | sha256sum }} 31 | {{- if .Values.haproxy.annotations }} 32 | {{ toYaml .Values.haproxy.annotations | indent 8 }} 33 | {{- end }} 34 | spec: 35 | # Needed when using unmodified rbac-setup.yml 36 | {{ if .Values.haproxy.serviceAccount.create }} 37 | serviceAccountName: {{ template "redis-ha.serviceAccountName" . }}-haproxy 38 | {{ end }} 39 | nodeSelector: 40 | {{ toYaml .Values.nodeSelector | indent 8 }} 41 | tolerations: 42 | {{ toYaml .Values.tolerations | indent 8 }} 43 | affinity: 44 | {{- if .Values.haproxy.affinity }} 45 | {{- with .Values.haproxy.affinity }} 46 | {{ tpl . $ | indent 8 }} 47 | {{- end }} 48 | {{- else }} 49 | {{- if .Values.haproxy.additionalAffinities }} 50 | {{ toYaml .Values.haproxy.additionalAffinities | indent 8 }} 51 | {{- end }} 52 | podAntiAffinity: 53 | {{- if .Values.haproxy.hardAntiAffinity }} 54 | requiredDuringSchedulingIgnoredDuringExecution: 55 | - labelSelector: 56 | matchLabels: 57 | app: {{ template "redis-ha.name" . }}-haproxy 58 | release: {{ .Release.Name }} 59 | topologyKey: kubernetes.io/hostname 60 | {{- else }} 61 | preferredDuringSchedulingIgnoredDuringExecution: 62 | - labelSelector: 63 | matchLabels: 64 | app: {{ template "redis-ha.name" . }}-haproxy 65 | release: {{ .Release.Name }} 66 | topologyKey: kubernetes.io/hostname 67 | {{- end }} 68 | preferredDuringSchedulingIgnoredDuringExecution: 69 | - weight: 100 70 | podAffinityTerm: 71 | labelSelector: 72 | matchLabels: 73 | app: {{ template "redis-ha.name" . }}-haproxy 74 | release: {{ .Release.Name }} 75 | topologyKey: failure-domain.beta.kubernetes.io/zone 76 | {{- end }} 77 | initContainers: 78 | - name: config-init 79 | image: {{ .Values.haproxy.image.repository }}:{{ .Values.haproxy.image.tag }} 80 | imagePullPolicy: {{ .Values.haproxy.image.pullPolicy }} 81 | resources: 82 | {{ toYaml .Values.haproxy.init.resources | indent 10 }} 83 | command: 84 | - sh 85 | args: 86 | - /readonly/haproxy_init.sh 87 | {{- if .Values.auth }} 88 | env: 89 | - name: AUTH 90 | valueFrom: 91 | secretKeyRef: 92 | {{- if .Values.existingSecret }} 93 | name: {{ .Values.existingSecret }} 94 | {{- else }} 95 | name: {{ template "redis-ha.fullname" . }} 96 | {{- end }} 97 | key: {{ .Values.authKey }} 98 | {{- end }} 99 | volumeMounts: 100 | - name: config-volume 101 | mountPath: /readonly 102 | readOnly: true 103 | - name: data 104 | mountPath: /data 105 | {{- if .Values.haproxy.imagePullSecrets }} 106 | imagePullSecrets: {{ toYaml .Values.haproxy.imagePullSecrets | nindent 8 }} 107 | {{- end }} 108 | securityContext: 109 | {{ toYaml .Values.haproxy.securityContext | indent 8 }} 110 | containers: 111 | - name: haproxy 112 | image: {{ .Values.haproxy.image.repository }}:{{ .Values.haproxy.image.tag }} 113 | imagePullPolicy: {{ .Values.haproxy.image.pullPolicy }} 114 | livenessProbe: 115 | httpGet: 116 | path: /healthz 117 | port: 8888 118 | initialDelaySeconds: 5 119 | periodSeconds: 3 120 | ports: 121 | - name: redis 122 | containerPort: {{ default "6379" .Values.redis.port }} 123 | {{- if .Values.haproxy.readOnly.enabled }} 124 | - name: readonlyport 125 | containerPort: {{ default "6380" .Values.haproxy.readOnly.port }} 126 | {{- end }} 127 | {{- if .Values.haproxy.metrics.enabled }} 128 | - name: metrics-port 129 | containerPort: {{ default "9101" .Values.haproxy.metrics.port }} 130 | {{- end }} 131 | resources: 132 | {{ toYaml .Values.haproxy.resources | indent 10 }} 133 | volumeMounts: 134 | - name: data 135 | mountPath: /usr/local/etc/haproxy 136 | - name: shared-socket 137 | mountPath: /run/haproxy 138 | {{- if .Values.haproxy.priorityClassName }} 139 | priorityClassName: {{ .Values.haproxy.priorityClassName }} 140 | {{- end }} 141 | volumes: 142 | - name: config-volume 143 | configMap: 144 | name: {{ template "redis-ha.fullname" . }}-configmap 145 | - name: shared-socket 146 | emptyDir: 147 | {{ toYaml .Values.haproxy.emptyDir | indent 10 }} 148 | - name: data 149 | emptyDir: 150 | {{ toYaml .Values.haproxy.emptyDir | indent 10 }} 151 | {{- end }} 152 | -------------------------------------------------------------------------------- /charts/argo-cd/templates/argocd-application-controller/deployment.yaml: -------------------------------------------------------------------------------- 1 | {{- $redisHa := (index .Values "redis-ha") -}} 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{ template "argo-cd.controller.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} 8 | helm.sh/chart: {{ include "argo-cd.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/part-of: argocd 12 | app.kubernetes.io/component: {{ .Values.controller.name }} 13 | app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }} 14 | spec: 15 | selector: 16 | matchLabels: 17 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller 18 | app.kubernetes.io/instance: {{ .Release.Name }} 19 | revisionHistoryLimit: 5 20 | replicas: 1 21 | template: 22 | metadata: 23 | {{- if .Values.controller.podAnnotations }} 24 | annotations: 25 | {{- range $key, $value := .Values.controller.podAnnotations }} 26 | {{ $key }}: {{ $value | quote }} 27 | {{- end }} 28 | {{- end }} 29 | labels: 30 | app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.controller.name }} 31 | helm.sh/chart: {{ include "argo-cd.chart" . }} 32 | app.kubernetes.io/instance: {{ .Release.Name }} 33 | app.kubernetes.io/managed-by: {{ .Release.Service }} 34 | app.kubernetes.io/part-of: argocd 35 | app.kubernetes.io/component: {{ .Values.controller.name }} 36 | app.kubernetes.io/version: {{ default .Values.global.image.tag .Values.controller.image.tag | quote }} 37 | {{- if .Values.controller.podLabels }} 38 | {{- toYaml .Values.controller.podLabels | nindent 8 }} 39 | {{- end }} 40 | spec: 41 | {{- with .Values.global.imagePullSecrets }} 42 | imagePullSecrets: 43 | {{- toYaml . | nindent 8 }} 44 | {{- end }} 45 | {{- if .Values.global.securityContext }} 46 | securityContext: {{- toYaml .Values.global.securityContext | nindent 8 }} 47 | {{- end }} 48 | containers: 49 | - command: 50 | - argocd-application-controller 51 | - --status-processors 52 | - {{ .Values.controller.args.statusProcessors | quote }} 53 | - --operation-processors 54 | - {{ .Values.controller.args.operationProcessors | quote }} 55 | - --app-resync 56 | - {{ .Values.controller.args.appResyncPeriod | quote }} 57 | - --repo-server 58 | - {{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} 59 | - --loglevel 60 | - {{ .Values.controller.logLevel }} 61 | {{- if or (and .Values.redis.enabled (not $redisHa.enabled)) (and $redisHa.enabled $redisHa.haproxy.enabled) }} 62 | - --redis 63 | - {{ template "argo-cd.redis.fullname" . }}:{{ .Values.redis.servicePort }} 64 | {{- end }} 65 | {{- with .Values.controller.extraArgs }} 66 | {{- . | toYaml | nindent 8 }} 67 | {{- end }} 68 | image: {{ default .Values.global.image.repository .Values.controller.image.repository }}:{{ default .Values.global.image.tag .Values.controller.image.tag }} 69 | imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }} 70 | name: {{ .Values.controller.name }} 71 | {{- if .Values.controller.containerSecurityContext }} 72 | securityContext: {{- toYaml .Values.controller.containerSecurityContext | nindent 10 }} 73 | {{- end }} 74 | {{- if .Values.controller.env }} 75 | env: 76 | {{- toYaml .Values.controller.env | nindent 8 }} 77 | {{- end }} 78 | ports: 79 | - name: controller 80 | containerPort: {{ .Values.controller.containerPort }} 81 | protocol: TCP 82 | livenessProbe: 83 | httpGet: 84 | path: /healthz 85 | port: {{ .Values.controller.containerPort }} 86 | initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }} 87 | periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }} 88 | timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }} 89 | successThreshold: {{ .Values.controller.livenessProbe.successThreshold }} 90 | failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }} 91 | readinessProbe: 92 | tcpSocket: 93 | port: {{ .Values.controller.containerPort }} 94 | initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }} 95 | periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }} 96 | timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }} 97 | successThreshold: {{ .Values.controller.readinessProbe.successThreshold }} 98 | failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} 99 | {{- if .Values.controller.volumeMounts }} 100 | volumeMounts: 101 | {{- toYaml .Values.controller.volumeMounts | nindent 10}} 102 | {{- end }} 103 | resources: 104 | {{- toYaml .Values.controller.resources | nindent 10 }} 105 | {{- if .Values.controller.nodeSelector }} 106 | nodeSelector: 107 | {{- toYaml .Values.controller.nodeSelector | nindent 8 }} 108 | {{- end }} 109 | {{- if .Values.controller.tolerations }} 110 | tolerations: 111 | {{- toYaml .Values.controller.tolerations | nindent 8 }} 112 | {{- end }} 113 | {{- if .Values.controller.affinity }} 114 | affinity: 115 | {{- toYaml .Values.controller.affinity | nindent 8 }} 116 | {{- end }} 117 | serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }} 118 | {{- with .Values.global.hostAliases }} 119 | hostAliases: 120 | {{ toYaml . | indent 6 }} 121 | {{- end }} 122 | {{- if .Values.controller.volumes }} 123 | volumes: 124 | {{- toYaml .Values.controller.volumes | nindent 8 }} 125 | {{- end }} 126 | {{- if .Values.controller.priorityClassName }} 127 | priorityClassName: {{ .Values.controller.priorityClassName }} 128 | {{- end }} 129 | --------------------------------------------------------------------------------