diff --git a/README.md b/README.md index 81ce98c..78372c6 100644 --- a/README.md +++ b/README.md @@ -10,9 +10,9 @@ helm repo add edgelevel-public https://edgelevel.github.io/helm-charts ``` -| Name | Version | Description | -| ---- |:-------:| ----------- | -| argocd | 1.0.0-0 | [Argo CD](https://argoproj.github.io/argo-cd/) is a declarative, GitOps continuous delivery tool for Kubernetes | +| Name | Version | ArgoCD Version | Description | +| ---- |:-------:| -------------- | ----------- | +| argocd | v1.1.0-rc2| v1.1.0-rc2 | [Argo CD](https://argoproj.github.io/argo-cd/) is a declarative, GitOps continuous delivery tool for Kubernetes | ### Development diff --git a/argocd/Chart.yaml b/argocd/Chart.yaml index 49f1aaa..97a450b 100644 --- a/argocd/Chart.yaml +++ b/argocd/Chart.yaml @@ -1,5 +1,6 @@ apiVersion: v1 description: Argo CD Helm chart for Kubernetes name: argocd -# - -version: 1.0.0-0 +version: 1.1.0-rc2 +appVersion: 1.1.0-rc2 +icon: https://argoproj.github.io/argo-cd/assets/logo.png diff --git a/argocd/templates/_helpers.tpl b/argocd/templates/_helpers.tpl new file mode 100644 index 0000000..bd65c45 --- /dev/null +++ b/argocd/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "argo-cd.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "argo-cd.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "argo-cd.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/argocd/templates/application-controller-clusterrole.yaml b/argocd/templates/application-controller-clusterrole.yaml new file mode 100644 index 0000000..11f5abb --- /dev/null +++ b/argocd/templates/application-controller-clusterrole.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: application-controller + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' +- nonResourceURLs: + - '*' + verbs: + - '*' diff --git a/argocd/templates/application-controller-clusterrolebinding.yaml b/argocd/templates/application-controller-clusterrolebinding.yaml new file mode 100644 index 0000000..f5124a6 --- /dev/null +++ b/argocd/templates/application-controller-clusterrolebinding.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: application-controller + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argocd-application-controller +subjects: +- kind: ServiceAccount + name: argocd-application-controller + namespace: {{ .Release.Namespace }} diff --git a/argocd/templates/application-controller-deployment.yaml b/argocd/templates/application-controller-deployment.yaml new file mode 100644 index 0000000..e14ffdf --- /dev/null +++ b/argocd/templates/application-controller-deployment.yaml @@ -0,0 +1,86 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: application-controller + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + strategy: + type: Recreate + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: application-controller + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + spec: + serviceAccountName: argocd-application-controller + containers: + - command: + - argocd-application-controller + - --status-processors + - "20" + - --operation-processors + - "10" + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.applicationController.image.pullPolicy }} + name: argocd-application-controller + ports: + - containerPort: {{ .Values.applicationController.containerPort }} + readinessProbe: + httpGet: + path: /healthz + port: {{ .Values.applicationController.containerPort }} + initialDelaySeconds: 5 + periodSeconds: 10 + livenessProbe: + httpGet: + path: /healthz + port: {{ .Values.applicationController.containerPort }} + initialDelaySeconds: 5 + periodSeconds: 10 +{{- with .Values.applicationController.resources }} + resources: +{{ toYaml . | indent 12 }} +{{- end }} +{{- with .Values.applicationController.volumeMounts }} + volumeMounts: +{{ toYaml . | indent 12 }} +{{- end }} +{{- with .Values.applicationController.volumes }} + volumes: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.applicationController.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.applicationController.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.applicationController.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} +{{- if .Values.applicationController.podDnsPolicy }} + dnsPolicy: {{ .Values.applicationController.podDnsPolicy }} +{{- end }} +{{- if .Values.applicationController.podDnsConfig }} + dnsConfig: +{{ toYaml .Values.applicationController.podDnsConfig | indent 8 }} +{{- end }} diff --git a/argocd/templates/application-controller-metrics-service.yaml b/argocd/templates/application-controller-metrics-service.yaml new file mode 100644 index 0000000..1ef609f --- /dev/null +++ b/argocd/templates/application-controller-metrics-service.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-metrics-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: application-controller + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +spec: + ports: + - name: http + protocol: TCP + port: {{ .Values.applicationController.servicePort }} + targetPort: {{ .Values.applicationController.containerPort }} + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller \ No newline at end of file diff --git a/argocd/templates/application-controller-role.yaml b/argocd/templates/application-controller-role.yaml new file mode 100644 index 0000000..2b8b1b4 --- /dev/null +++ b/argocd/templates/application-controller-role.yaml @@ -0,0 +1,43 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: application-controller + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - list diff --git a/argocd/templates/application-controller-rolebinding.yaml b/argocd/templates/application-controller-rolebinding.yaml new file mode 100644 index 0000000..59d52e9 --- /dev/null +++ b/argocd/templates/application-controller-rolebinding.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: application-controller + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-application-controller +subjects: +- kind: ServiceAccount + name: argocd-application-controller diff --git a/argocd/templates/application-controller-service.yaml b/argocd/templates/application-controller-service.yaml new file mode 100644 index 0000000..08c3df3 --- /dev/null +++ b/argocd/templates/application-controller-service.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: application-controller + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +spec: + ports: + - name: http + protocol: TCP + port: {{ .Values.applicationController.servicePort }} + targetPort: {{ .Values.applicationController.containerPort }} + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller diff --git a/argocd/templates/application-controller-serviceaccount.yaml b/argocd/templates/application-controller-serviceaccount.yaml new file mode 100644 index 0000000..0c8efbf --- /dev/null +++ b/argocd/templates/application-controller-serviceaccount.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-application-controller + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-application-controller + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: application-controller + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} diff --git a/argocd/templates/custom-resource-definition.yaml b/argocd/templates/application-crd.yaml similarity index 93% rename from argocd/templates/custom-resource-definition.yaml rename to argocd/templates/application-crd.yaml index 5fa321e..7aab4cb 100644 --- a/argocd/templates/custom-resource-definition.yaml +++ b/argocd/templates/application-crd.yaml @@ -125,6 +125,10 @@ spec: type: string type: object type: array + releaseName: + description: The Helm release name. If omitted it will use + the application name + type: string valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -162,6 +166,9 @@ spec: description: ApplicationSourceKustomize holds kustomize specific options properties: + commonLabels: + description: CommonLabels adds additional kustomize commonLabels + type: object imageTags: description: ImageTags are kustomize 1.0 image tag overrides items: @@ -290,6 +297,20 @@ spec: - jsonPointers type: object type: array + info: + description: Infos contains a list of useful information (URLs, email + addresses, and plain text) that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array project: description: Project is a application project name. Empty name means that application belongs to 'default' project. @@ -356,6 +377,10 @@ spec: type: string type: object type: array + releaseName: + description: The Helm release name. If omitted it will use the + application name + type: string valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -392,6 +417,9 @@ spec: description: ApplicationSourceKustomize holds kustomize specific options properties: + commonLabels: + description: CommonLabels adds additional kustomize commonLabels + type: object imageTags: description: ImageTags are kustomize 1.0 image tag overrides items: @@ -562,6 +590,10 @@ spec: type: string type: object type: array + releaseName: + description: The Helm release name. If omitted it will + use the application name + type: string valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -600,6 +632,9 @@ spec: description: ApplicationSourceKustomize holds kustomize specific options properties: + commonLabels: + description: CommonLabels adds additional kustomize commonLabels + type: object imageTags: description: ImageTags are kustomize 1.0 image tag overrides items: @@ -655,7 +690,6 @@ spec: - revision - deployedAt - id - - source type: object type: array observedAt: {} @@ -774,6 +808,10 @@ spec: type: string type: object type: array + releaseName: + description: The Helm release name. If omitted it + will use the application name + type: string valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -812,6 +850,10 @@ spec: description: ApplicationSourceKustomize holds kustomize specific options properties: + commonLabels: + description: CommonLabels adds additional kustomize + commonLabels + type: object imageTags: description: ImageTags are kustomize 1.0 image tag overrides @@ -918,18 +960,31 @@ spec: group: type: string hookPhase: + description: 'the state of any operation associated with + this resource OR hook note: can contain values for non-hook + resources' type: string hookType: + description: the type of the hook, empty for non-hook + resources type: string kind: type: string message: + description: message for the last sync OR operation type: string name: type: string namespace: type: string status: + description: the final result of the sync, this is be + empty if the resources is yet to be applied/pruned and + is always zero-value for hooks + type: string + syncPhase: + description: indicates the particular phase of the sync + that this is for type: string version: type: string @@ -1010,6 +1065,10 @@ spec: type: string type: object type: array + releaseName: + description: The Helm release name. If omitted it will + use the application name + type: string valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -1048,6 +1107,10 @@ spec: description: ApplicationSourceKustomize holds kustomize specific options properties: + commonLabels: + description: CommonLabels adds additional kustomize + commonLabels + type: object imageTags: description: ImageTags are kustomize 1.0 image tag overrides items: @@ -1101,7 +1164,6 @@ spec: type: object required: - revision - - source type: object required: - operation @@ -1240,6 +1302,10 @@ spec: type: string type: object type: array + releaseName: + description: The Helm release name. If omitted it will + use the application name + type: string valueFiles: description: ValuesFiles is a list of Helm value files to use when generating a template @@ -1278,6 +1344,10 @@ spec: description: ApplicationSourceKustomize holds kustomize specific options properties: + commonLabels: + description: CommonLabels adds additional kustomize + commonLabels + type: object imageTags: description: ImageTags are kustomize 1.0 image tag overrides items: @@ -1345,121 +1415,3 @@ spec: type: object type: object version: v1alpha1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/name: appprojects.argoproj.io - app.kubernetes.io/part-of: argocd - name: appprojects.argoproj.io -spec: - group: argoproj.io - names: - kind: AppProject - plural: appprojects - shortNames: - - appproj - - appprojs - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: {} - spec: - description: AppProjectSpec is the specification of an AppProject - properties: - clusterResourceWhitelist: - description: ClusterResourceWhitelist contains list of whitelisted cluster - level resources - items: {} - type: array - description: - description: Description contains optional project description - type: string - destinations: - description: Destinations contains list of destinations available for - deployment - items: - description: ApplicationDestination contains deployment destination - information - properties: - namespace: - description: Namespace overrides the environment namespace value - in the ksonnet app.yaml - type: string - server: - description: Server overrides the environment server value in - the ksonnet app.yaml - type: string - type: object - type: array - namespaceResourceBlacklist: - description: NamespaceResourceBlacklist contains list of blacklisted - namespace level resources - items: {} - type: array - roles: - description: Roles are user defined RBAC roles associated with this - project - items: - description: ProjectRole represents a role that has access to a project - properties: - description: - description: Description is a description of the role - type: string - groups: - description: Groups are a list of OIDC group claims bound to this - role - items: - type: string - type: array - jwtTokens: - description: JWTTokens are a list of generated JWT tokens bound - to this role - items: - description: JWTToken holds the issuedAt and expiresAt values - of a token - properties: - exp: - format: int64 - type: integer - iat: - format: int64 - type: integer - required: - - iat - type: object - type: array - name: - description: Name is a name for this role - type: string - policies: - description: Policies Stores a list of casbin formated strings - that define access policies for the role in the project - items: - type: string - type: array - required: - - name - type: object - type: array - sourceRepos: - description: SourceRepos contains list of git repository URLs which - can be used for deployment - items: - type: string - type: array - type: object - type: object - version: v1alpha1 diff --git a/argocd/templates/appproject-crd.yaml b/argocd/templates/appproject-crd.yaml new file mode 100644 index 0000000..f823bbd --- /dev/null +++ b/argocd/templates/appproject-crd.yaml @@ -0,0 +1,118 @@ +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: appprojects.argoproj.io + app.kubernetes.io/part-of: argocd + name: appprojects.argoproj.io +spec: + group: argoproj.io + names: + kind: AppProject + plural: appprojects + shortNames: + - appproj + - appprojs + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: {} + spec: + description: AppProjectSpec is the specification of an AppProject + properties: + clusterResourceWhitelist: + description: ClusterResourceWhitelist contains list of whitelisted cluster + level resources + items: {} + type: array + description: + description: Description contains optional project description + type: string + destinations: + description: Destinations contains list of destinations available for + deployment + items: + description: ApplicationDestination contains deployment destination + information + properties: + namespace: + description: Namespace overrides the environment namespace value + in the ksonnet app.yaml + type: string + server: + description: Server overrides the environment server value in + the ksonnet app.yaml + type: string + type: object + type: array + namespaceResourceBlacklist: + description: NamespaceResourceBlacklist contains list of blacklisted + namespace level resources + items: {} + type: array + roles: + description: Roles are user defined RBAC roles associated with this + project + items: + description: ProjectRole represents a role that has access to a project + properties: + description: + description: Description is a description of the role + type: string + groups: + description: Groups are a list of OIDC group claims bound to this + role + items: + type: string + type: array + jwtTokens: + description: JWTTokens are a list of generated JWT tokens bound + to this role + items: + description: JWTToken holds the issuedAt and expiresAt values + of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + required: + - iat + type: object + type: array + name: + description: Name is a name for this role + type: string + policies: + description: Policies Stores a list of casbin formated strings + that define access policies for the role in the project + items: + type: string + type: array + required: + - name + type: object + type: array + sourceRepos: + description: SourceRepos contains list of git repository URLs which + can be used for deployment + items: + type: string + type: array + type: object + type: object + version: v1alpha1 diff --git a/argocd/templates/argocd-configmap.yaml b/argocd/templates/argocd-configmap.yaml new file mode 100644 index 0000000..b1cbe8f --- /dev/null +++ b/argocd/templates/argocd-configmap.yaml @@ -0,0 +1,64 @@ + +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-cm + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: argocd + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +data: +{{- if .Values.config.sso.enabled }} + url: {{ tpl .Values.config.sso.url . }} + + {{- if .Values.config.sso.dexConfig }} + dex.config: | +{{ toYaml .Values.config.sso.dexConfig | indent 4 }} + {{- end }} + + {{- if .Values.config.sso.oidcConfig }} + oidc.config: | +{{ toYaml .Values.config.sso.oidcConfig | indent 4 }} + {{- end }} +{{- end }} + + {{- if .Values.config.github.repositories }} + repositories: | + {{- range .Values.config.github.repositories }} + - url: {{ .url }} + sshPrivateKeySecret: + name: {{ .sshPrivateKeySecretName }} + key: sshPrivateKey + {{- end }} + {{- end }} + + {{- if .Values.config.helm.repositories }} + helm.repositories: | + {{- range .Values.config.helm.repositories }} + - url: {{ .url }} + name: {{ .name }} + {{- end }} + {{- end }} + + {{- if .Values.config.resource.customizations }} + resource.customizations: | +{{ toYaml .Values.config.resource.customizations | indent 4 }} + {{- end }} + + {{- if .Values.config.resource.exclusions }} + resource.exclusions: | +{{ toYaml .Values.config.resource.exclusions | indent 4 }} + {{- end }} + + {{- if .Values.config.configManagementPlugins }} + configManagementPlugins: | +{{ toYaml .Values.config.configManagementPlugins | indent 4 }} + {{- end }} + + {{- if .Values.config.application.instanceLabelKey }} + application.instanceLabelKey: {{ .Values.config.application.instanceLabelKey }} + {{- end }} \ No newline at end of file diff --git a/argocd/templates/argocd-secret.yaml b/argocd/templates/argocd-secret.yaml new file mode 100644 index 0000000..7773fdd --- /dev/null +++ b/argocd/templates/argocd-secret.yaml @@ -0,0 +1,40 @@ +{{- if .Values.config.secret.create }} +apiVersion: v1 +kind: Secret +metadata: + name: argocd-secret + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: argocd + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +type: Opaque +data: +# # TLS certificate and private key for API server. +# # Autogenerated with a self-signed ceritificate if keys are missing. +# tls.crt: +# tls.key: +# +# # bcrypt hash of the admin password and it's last modified time. Autogenerated on initial +# # startup. To reset a forgotten password, delete both keys and restart argocd-server. + {{- if .Values.config.secret.admin.password }} + admin.password: {{ .Values.config.secret.admin.password | b64enc }} + {{- end }} + {{- if .Values.config.secret.admin.passwordMtime }} + admin.passwordMtime: {{ .Values.config.secret.admin.passwordMtime | b64enc }} + {{- end }} +# +# # random server signature key for session validation. Autogenerated on initial startup +# server.secretkey: +# +# # The following keys hold the shared secret for authenticating GitHub/GitLab/BitBucket webhook +# # events. To enable webhooks, configure one or more of the following keys with the shared git +# # provider webhook secret. The payload URL configured in the git provider should use the +# # /api/webhook endpoint of your Argo CD instance (e.g. https://argocd.example.com/api/webhook) +# github.webhook.secret: +# gitlab.webhook.secret: +# bitbucket.webhook.uuid: +{{- end }} \ No newline at end of file diff --git a/argocd/templates/cluster-role-binding.yaml b/argocd/templates/cluster-role-binding.yaml deleted file mode 100644 index 3878a16..0000000 --- a/argocd/templates/cluster-role-binding.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argocd-application-controller -subjects: -- kind: ServiceAccount - name: argocd-application-controller - namespace: argocd ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argocd-server -subjects: -- kind: ServiceAccount - name: argocd-server - namespace: argocd diff --git a/argocd/templates/cluster-role.yaml b/argocd/templates/cluster-role.yaml deleted file mode 100644 index 222323e..0000000 --- a/argocd/templates/cluster-role.yaml +++ /dev/null @@ -1,51 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -rules: -- apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' -- nonResourceURLs: - - '*' - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -rules: -- apiGroups: - - '*' - resources: - - '*' - verbs: - - delete - - get - - patch -- apiGroups: - - "" - resources: - - events - verbs: - - list -- apiGroups: - - "" - resources: - - pods - - pods/log - verbs: - - get diff --git a/argocd/templates/config-map.yaml b/argocd/templates/config-map.yaml deleted file mode 100644 index 04d15f8..0000000 --- a/argocd/templates/config-map.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-cm - app.kubernetes.io/part-of: argocd - name: argocd-cm ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-rbac-cm - app.kubernetes.io/part-of: argocd - name: argocd-rbac-cm diff --git a/argocd/templates/deployment.yaml b/argocd/templates/deployment.yaml deleted file mode 100644 index a8d3eeb..0000000 --- a/argocd/templates/deployment.yaml +++ /dev/null @@ -1,213 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/name: argocd-application-controller - spec: - containers: - - command: - - argocd-application-controller - - --status-processors - - "20" - - --operation-processors - - "10" - image: argoproj/argocd:v1.0.0 - imagePullPolicy: Always - name: argocd-application-controller - ports: - - containerPort: 8082 - readinessProbe: - initialDelaySeconds: 5 - periodSeconds: 10 - tcpSocket: - port: 8082 - serviceAccountName: argocd-application-controller ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-dex-server - template: - metadata: - labels: - app.kubernetes.io/name: argocd-dex-server - spec: - containers: - - command: - - /shared/argocd-util - - rundex - image: quay.io/dexidp/dex:v2.14.0 - imagePullPolicy: Always - name: dex - ports: - - containerPort: 5556 - - containerPort: 5557 - volumeMounts: - - mountPath: /shared - name: static-files - initContainers: - - command: - - cp - - /usr/local/bin/argocd-util - - /shared - image: argoproj/argocd:v1.0.0 - imagePullPolicy: Always - name: copyutil - volumeMounts: - - mountPath: /shared - name: static-files - serviceAccountName: argocd-dex-server - volumes: - - emptyDir: {} - name: static-files ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: redis - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/part-of: argocd - name: argocd-redis -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-redis - template: - metadata: - labels: - app.kubernetes.io/name: argocd-redis - spec: - containers: - - args: - - --save - - "" - - --appendonly - - "no" - image: redis:5.0.3 - imagePullPolicy: Always - name: redis - ports: - - containerPort: 6379 ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: repo-server - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/part-of: argocd - name: argocd-repo-server -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-repo-server - template: - metadata: - labels: - app.kubernetes.io/name: argocd-repo-server - spec: - automountServiceAccountToken: false - containers: - - command: - - argocd-repo-server - - --redis - - argocd-redis:6379 - image: argoproj/argocd:v1.0.0 - imagePullPolicy: Always - livenessProbe: - initialDelaySeconds: 5 - periodSeconds: 10 - tcpSocket: - port: 8081 - name: argocd-repo-server - ports: - - containerPort: 8081 - - containerPort: 8084 - readinessProbe: - initialDelaySeconds: 5 - periodSeconds: 10 - tcpSocket: - port: 8081 ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-server - template: - metadata: - labels: - app.kubernetes.io/name: argocd-server - spec: - containers: - - command: - - argocd-server - - --staticassets - - /shared/app - image: argoproj/argocd:v1.0.0 - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /healthz - port: 8080 - initialDelaySeconds: 3 - periodSeconds: 30 - name: argocd-server - ports: - - containerPort: 8080 - - containerPort: 8083 - readinessProbe: - httpGet: - path: /healthz - port: 8080 - initialDelaySeconds: 3 - periodSeconds: 30 - volumeMounts: - - mountPath: /shared - name: static-files - initContainers: - - command: - - cp - - -r - - /app - - /shared - image: argoproj/argocd-ui:v1.0.0 - imagePullPolicy: Always - name: ui - volumeMounts: - - mountPath: /shared - name: static-files - serviceAccountName: argocd-server - volumes: - - emptyDir: {} - name: static-files diff --git a/argocd/templates/dex-server-deployment.yaml b/argocd/templates/dex-server-deployment.yaml new file mode 100644 index 0000000..e8808fb --- /dev/null +++ b/argocd/templates/dex-server-deployment.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-dex-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: dex-server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: dex-server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + spec: + serviceAccountName: argocd-dex-server + initContainers: + - name: copyutil + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.dexServer.initImage.pullPolicy }} + command: [cp, /usr/local/bin/argocd-util, /shared] + volumeMounts: + - mountPath: /shared + name: static-files + containers: + - name: dex + image: {{ .Values.dexServer.image.repository }}:{{ .Values.dexServer.image.tag }} + imagePullPolicy: {{ .Values.dexServer.image.pullPolicy }} + command: [/shared/argocd-util, rundex] + ports: + - containerPort: {{ .Values.dexServer.containerPortHttp }} + - containerPort: {{ .Values.dexServer.containerPortGrpc }} + volumeMounts: + - mountPath: /shared + name: static-files + {{- if .Values.dexServer.volumeMounts }} + {{ toYaml .Values.dexServer.volumeMounts | nindent 8 | trim }} + {{- end }} +{{- with .Values.dexServer.resources }} + resources: +{{ toYaml . | indent 12 }} +{{- end }} + volumes: + - emptyDir: {} + name: static-files + {{- if .Values.dexServer.volumes }} + {{ toYaml .Values.dexServer.volumes | nindent 6 | trim }} + {{- end }} +{{- with .Values.dexServer.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.dexServer.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.dexServer.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} +{{- if .Values.dexServer.podDnsPolicy }} + dnsPolicy: {{ .Values.dexServer.podDnsPolicy }} +{{- end }} +{{- if .Values.dexServer.podDnsConfig }} + dnsConfig: +{{ toYaml .Values.dexServer.podDnsConfig | indent 8 }} +{{- end }} \ No newline at end of file diff --git a/argocd/templates/dex-server-role.yaml b/argocd/templates/dex-server-role.yaml new file mode 100644 index 0000000..72f75dc --- /dev/null +++ b/argocd/templates/dex-server-role.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-dex-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: dex-server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch diff --git a/argocd/templates/dex-server-rolebinding.yaml b/argocd/templates/dex-server-rolebinding.yaml new file mode 100644 index 0000000..422a190 --- /dev/null +++ b/argocd/templates/dex-server-rolebinding.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-dex-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: dex-server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-dex-server +subjects: +- kind: ServiceAccount + name: argocd-dex-server diff --git a/argocd/templates/dex-server-service.yaml b/argocd/templates/dex-server-service.yaml new file mode 100644 index 0000000..3857dc0 --- /dev/null +++ b/argocd/templates/dex-server-service.yaml @@ -0,0 +1,25 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-dex-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: dex-server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +spec: + ports: + - name: http + protocol: TCP + port: {{ .Values.dexServer.servicePortHttp }} + targetPort: {{ .Values.dexServer.containerPortHttp }} + - name: grpc + protocol: TCP + port: {{ .Values.dexServer.servicePortGrpc }} + targetPort: {{ .Values.dexServer.containerPortGrpc }} + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server diff --git a/argocd/templates/dex-server-serviceaccount.yaml b/argocd/templates/dex-server-serviceaccount.yaml new file mode 100644 index 0000000..7f22c5f --- /dev/null +++ b/argocd/templates/dex-server-serviceaccount.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-dex-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-dex-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: dex-server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} diff --git a/argocd/templates/namespace.yaml b/argocd/templates/namespace.yaml new file mode 100644 index 0000000..f24c0e9 --- /dev/null +++ b/argocd/templates/namespace.yaml @@ -0,0 +1,14 @@ +{{- if .Values.namespace.create }} +apiVersion: v1 +kind: Namespace +metadata: + name: argocd + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }} + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: argocd + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +{{- end -}} \ No newline at end of file diff --git a/argocd/templates/redis-deployment.yaml b/argocd/templates/redis-deployment.yaml new file mode 100644 index 0000000..d22fd6d --- /dev/null +++ b/argocd/templates/redis-deployment.yaml @@ -0,0 +1,70 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-redis + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: redis + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: redis + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + spec: + containers: + - name: redis + image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} + imagePullPolicy: {{ .Values.redis.image.pullPolicy }} + args: + - "--save" + - "" + - "--appendonly" + - "no" + ports: + - containerPort: {{ .Values.redis.containerPort }} +{{- with .Values.redis.resources }} + resources: +{{ toYaml . | indent 12 }} +{{- end }} +{{- with .Values.redis.volumeMounts }} + volumeMounts: +{{ toYaml . | indent 12 }} +{{- end }} +{{- with .Values.redis.volumes }} + volumes: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.redis.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.redis.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.redis.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} +{{- if .Values.redis.podDnsPolicy }} + dnsPolicy: {{ .Values.redis.podDnsPolicy }} +{{- end }} +{{- if .Values.redis.podDnsConfig }} + dnsConfig: +{{ toYaml .Values.redis.podDnsConfig | indent 8 }} +{{- end }} diff --git a/argocd/templates/redis-service.yaml b/argocd/templates/redis-service.yaml new file mode 100644 index 0000000..8c2a427 --- /dev/null +++ b/argocd/templates/redis-service.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-redis + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: redis + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +spec: + ports: + - name: tcp-redis + protocol: TCP + port: {{ .Values.redis.containerPort }} + targetPort: {{ .Values.redis.containerPort }} + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-redis diff --git a/argocd/templates/repo-server-deployment.yaml b/argocd/templates/repo-server-deployment.yaml new file mode 100644 index 0000000..36eec99 --- /dev/null +++ b/argocd/templates/repo-server-deployment.yaml @@ -0,0 +1,81 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-repo-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: repo-server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: repo-server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + spec: + automountServiceAccountToken: false + containers: + - name: argocd-repo-server + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.repoServer.image.pullPolicy }} + command: + - argocd-repo-server + - --redis + - argocd-redis:6379 + ports: + - containerPort: {{ .Values.repoServer.containerPortHttp }} + - containerPort: {{ .Values.repoServer.containerPortMetrics }} + readinessProbe: + tcpSocket: + port: {{ .Values.repoServer.containerPortHttp }} + initialDelaySeconds: 5 + periodSeconds: 10 + livenessProbe: + tcpSocket: + port: {{ .Values.repoServer.containerPortHttp }} + initialDelaySeconds: 5 + periodSeconds: 10 +{{- with .Values.repoServer.resources }} + resources: +{{ toYaml . | indent 12 }} +{{- end }} +{{- with .Values.repoServer.volumeMounts }} + volumeMounts: +{{ toYaml . | indent 12 }} +{{- end }} +{{- with .Values.repoServer.volumes }} + volumes: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.repoServer.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.repoServer.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.repoServer.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} +{{- if .Values.repoServer.podDnsPolicy }} + dnsPolicy: {{ .Values.repoServer.podDnsPolicy }} +{{- end }} +{{- if .Values.repoServer.podDnsConfig }} + dnsConfig: +{{ toYaml .Values.repoServer.podDnsConfig | indent 8 }} +{{- end }} diff --git a/argocd/templates/repo-server-service.yaml b/argocd/templates/repo-server-service.yaml new file mode 100644 index 0000000..afbb9ba --- /dev/null +++ b/argocd/templates/repo-server-service.yaml @@ -0,0 +1,25 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-repo-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: repo-server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +spec: + ports: + - name: server + protocol: TCP + port: {{ .Values.repoServer.containerPortHttp }} + targetPort: {{ .Values.repoServer.containerPortHttp }} + - name: metrics + protocol: TCP + port: {{ .Values.repoServer.containerPortMetrics }} + targetPort: {{ .Values.repoServer.containerPortMetrics }} + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-repo-server \ No newline at end of file diff --git a/argocd/templates/role-binding.yaml b/argocd/templates/role-binding.yaml deleted file mode 100644 index a13debf..0000000 --- a/argocd/templates/role-binding.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-application-controller -subjects: -- kind: ServiceAccount - name: argocd-application-controller ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-dex-server -subjects: -- kind: ServiceAccount - name: argocd-dex-server ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-server -subjects: -- kind: ServiceAccount - name: argocd-server diff --git a/argocd/templates/role.yaml b/argocd/templates/role.yaml deleted file mode 100644 index 8c9281f..0000000 --- a/argocd/templates/role.yaml +++ /dev/null @@ -1,101 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - list ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - create - - get - - list - - watch - - update - - delete - - patch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - list diff --git a/argocd/templates/secret.yaml b/argocd/templates/secret.yaml deleted file mode 100644 index 8633f06..0000000 --- a/argocd/templates/secret.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -apiVersion: v1 -kind: Secret -metadata: - labels: - app.kubernetes.io/name: argocd-secret - app.kubernetes.io/part-of: argocd - name: argocd-secret -type: Opaque diff --git a/argocd/templates/server-clusterrole.yaml b/argocd/templates/server-clusterrole.yaml new file mode 100644 index 0000000..e43c2eb --- /dev/null +++ b/argocd/templates/server-clusterrole.yaml @@ -0,0 +1,35 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - delete + - get + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - list +- apiGroups: + - "" + resources: + - pods + - pods/log + verbs: + - get diff --git a/argocd/templates/server-clusterrolebinding.yaml b/argocd/templates/server-clusterrolebinding.yaml new file mode 100644 index 0000000..1dca3de --- /dev/null +++ b/argocd/templates/server-clusterrolebinding.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argocd-server +subjects: +- kind: ServiceAccount + name: argocd-server + namespace: argocd diff --git a/argocd/templates/server-deployment.yaml b/argocd/templates/server-deployment.yaml new file mode 100644 index 0000000..c5696d6 --- /dev/null +++ b/argocd/templates/server-deployment.yaml @@ -0,0 +1,93 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} + spec: + serviceAccountName: argocd-server + initContainers: + - name: ui + image: {{ .Values.server.init.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.server.init.pullPolicy }} + command: [cp, -r, /app, /shared] + volumeMounts: + - mountPath: /shared + name: static-files + containers: + - name: argocd-server + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.server.image.pullPolicy }} + command: [argocd-server, --staticassets, /shared/app] + ports: + - containerPort: {{ .Values.server.containerPortHttp }} + - containerPort: {{ .Values.server.containerPortMetrics }} + readinessProbe: + httpGet: + path: /healthz + port: {{ .Values.server.containerPortHttp }} + initialDelaySeconds: 3 + periodSeconds: 30 + livenessProbe: + httpGet: + path: /healthz + port: {{ .Values.server.containerPortHttp }} + initialDelaySeconds: 3 + periodSeconds: 30 +{{- with .Values.server.resources }} + resources: +{{ toYaml . | indent 12 }} +{{- end }} + volumeMounts: + - mountPath: /shared + name: static-files +{{- with .Values.server.volumeMounts }} +{{ toYaml . | indent 12 }} +{{- end }} + volumes: + - emptyDir: {} + name: static-files +{{- with .Values.server.volumes }} + volumes: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.server.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.server.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.server.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} +{{- if .Values.server.podDnsPolicy }} + dnsPolicy: {{ .Values.podDnsPolicy }} +{{- end }} +{{- if .Values.server.podDnsConfig }} + dnsConfig: +{{ toYaml .Values.server.podDnsConfig | indent 8 }} +{{- end }} diff --git a/argocd/templates/server-role.yaml b/argocd/templates/server-role.yaml new file mode 100644 index 0000000..1c893af --- /dev/null +++ b/argocd/templates/server-role.yaml @@ -0,0 +1,47 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - create + - get + - list + - watch + - update + - delete + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - list diff --git a/argocd/templates/server-rolebinding.yaml b/argocd/templates/server-rolebinding.yaml new file mode 100644 index 0000000..f17a621 --- /dev/null +++ b/argocd/templates/server-rolebinding.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-server +subjects: +- kind: ServiceAccount + name: argocd-server diff --git a/argocd/templates/server-service.yaml b/argocd/templates/server-service.yaml new file mode 100644 index 0000000..3511723 --- /dev/null +++ b/argocd/templates/server-service.yaml @@ -0,0 +1,46 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +spec: + ports: + - name: http + protocol: TCP + port: 80 + targetPort: {{ .Values.server.containerPortHttp }} + - name: https + protocol: TCP + port: 443 + targetPort: {{ .Values.server.containerPortHttp }} + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-server-metrics + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} +spec: + ports: + - name: metrics + protocol: TCP + port: {{ .Values.server.containerPortMetrics }} + targetPort: {{ .Values.server.containerPortMetrics }} + selector: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server diff --git a/argocd/templates/server-serviceaccount.yaml b/argocd/templates/server-serviceaccount.yaml new file mode 100644 index 0000000..10bb5c5 --- /dev/null +++ b/argocd/templates/server-serviceaccount.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-server + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-server + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: server + app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} diff --git a/argocd/templates/service-account.yaml b/argocd/templates/service-account.yaml deleted file mode 100644 index 63c4904..0000000 --- a/argocd/templates/service-account.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server diff --git a/argocd/templates/service.yaml b/argocd/templates/service.yaml deleted file mode 100644 index 19151ec..0000000 --- a/argocd/templates/service.yaml +++ /dev/null @@ -1,113 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server -spec: - ports: - - name: http - port: 5556 - protocol: TCP - targetPort: 5556 - - name: grpc - port: 5557 - protocol: TCP - targetPort: 5557 - selector: - app.kubernetes.io/name: argocd-dex-server ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/name: argocd-metrics - app.kubernetes.io/part-of: argocd - name: argocd-metrics -spec: - ports: - - name: metrics - port: 8082 - protocol: TCP - targetPort: 8082 - selector: - app.kubernetes.io/name: argocd-application-controller ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: redis - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/part-of: argocd - name: argocd-redis -spec: - ports: - - name: tcp-redis - port: 6379 - targetPort: 6379 - selector: - app.kubernetes.io/name: argocd-redis ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: repo-server - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/part-of: argocd - name: argocd-repo-server -spec: - ports: - - name: server - port: 8081 - protocol: TCP - targetPort: 8081 - - name: metrics - port: 8084 - protocol: TCP - targetPort: 8084 - selector: - app.kubernetes.io/name: argocd-repo-server ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server-metrics - app.kubernetes.io/part-of: argocd - name: argocd-server-metrics -spec: - ports: - - name: metrics - port: 8083 - protocol: TCP - targetPort: 8083 - selector: - app.kubernetes.io/name: argocd-server ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: https - port: 443 - protocol: TCP - targetPort: 8080 - selector: - app.kubernetes.io/name: argocd-server diff --git a/argocd/values.yaml b/argocd/values.yaml index e69de29..343dc1d 100644 --- a/argocd/values.yaml +++ b/argocd/values.yaml @@ -0,0 +1,123 @@ +image: + repository: argoproj/argocd + tag: v1.1.0-rc2 + +applicationController: + containerPort: 8082 + servicePort: 8082 + image: + # repository and tag set through the global image setting + pullPolicy: Always + +dexServer: + containerPortHttp: 5556 + containerPortGrpc: 5557 + servicePortHttp: 5556 + servicePortGrpc: 5557 + image: + repository: quay.io/dexidp/dex + tag: v2.12.0 + pullPolicy: Always + initImage: + # repository and tag set through the global image setting + pullPolicy: Always + +server: + containerPortHttp: 8080 + containerPortMetrics: 8083 + init: + repository: argoproj/argocd-ui + # tag set through the global image setting + pullPolicy: Always + image: + # repository and tag set through the global image setting + pullPolicy: Always + +repoServer: + containerPortHttp: 8081 + containerPortMetrics: 8084 + image: + # repository and tag set through the global image setting + pullPolicy: Always + +redis: + containerPort: 6379 + image: + repository: redis + tag: 5.0.3 + pullPolicy: Always + +namespace: + create: false + labels: {} + +config: + + secret: + create: true + admin: + password: + passwordMtime: + + rbacPolicy: + csv: + # default: role:admin + default: + + sso: + enabled: false + + # Argo CD's externally facing base URL. Required for configuring SSO + url: + + # A dex connector configuration. See documentation on how to configure SSO: + # https://github.com/argoproj/argo-cd/blob/master/docs/sso.md#2-configure-argocd-for-sso + dexConfig: {} + # connectors: + # - type: github + # id: github + # name: GitHub + # config: + # clientID: aabbccddeeff00112233 + # clientSecret: aaaaahhhhhheeeee55555544444ooooooo + + # To configure Argo CD to delegate authenticate to your OIDC provider + # https://github.com/argoproj/argo-cd/blob/master/docs/sso.md#existing-oidc-provider + oidcConfig: {} + # name: Okta + # issuer: https://dev-123456.oktapreview.com + # clientID: aabbccddeeff00112233 + # clientSecret: aaaaahhhhhheeeee55555544444ooooooo + + + # https://github.com/argoproj/argo-cd/blob/master/docs/declarative-setup.md#repositories + github: + repositories: [] + # - url: git@github.com:saksdirect/hbc-common-k8s.git + # sshPrivateKeySecretName: github-hbc-common-k8s + + # https://github.com/argoproj/argo-cd/blob/master/docs/declarative-setup.md#helm-chart-repositories + helm: + repositories: [] + # - url: "https://saksdirect.github.io/helm-charts" + + + resource: + # Configuration to customize resource behavior (optional). Keys are in the form: group/Kind. + customizations: {} + # Configuration to completely ignore entire classes of resource group/kinds (optional). + # Excluding high-volume resources improves performance and memory usage, and reduces load and + # bandwidth to the Kubernetes API server. + # These are globs, so a "*" will match all values. + # If you omit groups/kinds/clusters then they will match all groups/kind/clusters. + # NOTE: events.k8s.io and metrics.k8s.io are excluded by default + exclustions: {} + + # Configuration to add a config management plugin. + configManagementPlugins: + + application: + # The metadata.label key name where Argo CD injects the app name as a tracking label (optional). + # Tracking labels are used to determine which resources need to be deleted when pruning. + # If omitted, Argo CD injects the app name into the label: 'app.kubernetes.io/instance' + instanceLabelKey: