diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index a6cb94ac..c719d45d 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -27,12 +27,12 @@ jobs: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0 + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 with: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0 + uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0 with: python-version: 3.9 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index f475808f..f6dcec99 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -24,7 +24,7 @@ jobs: fetch-depth: 0 - name: Install Helm - uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0 + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 with: version: v3.10.1 # Also update in lint-and-test.yaml @@ -66,7 +66,7 @@ jobs: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - name: Login to GHCR - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index fed176cb..9460d792 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5 # v2.0.2 + uses: actions/create-github-app-token@0d564482f06ca65fa9e77e2510873638c82206f2 # v1.11.5 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} @@ -26,11 +26,11 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@fdbe2b88946ea8b6fb5785a5267b46677d13a4d2 # v41.0.21 + uses: renovatebot/github-action@e084b5ac6fd201023db6dd7743aec023babb02c8 # v41.0.13 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 39.229.0 + renovate-version: 39.153.2 token: '${{ steps.get_token.outputs.token }}' mount-docker-socket: true env: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index d11a8dd2..29f267d3 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1 + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 with: results_file: results.sarif results_format: sarif @@ -46,7 +46,7 @@ jobs: # - you want to enable the Branch-Protection check on a *public* repository, or # - you are installing Scorecard on a *private* repository # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. - # repo_token: ${{ secrets.SCORECARD_TOKEN }} + repo_token: ${{ secrets.SCORECARD_TOKEN }} # Public repositories: # - Publish results to OpenSSF REST API for easy access by consumers @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: SARIF file path: results.sarif @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15 + uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 with: sarif_file: results.sarif diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 0e96099e..36656a14 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.33.2 -digest: sha256:1ce334c23fe53427c771277cc7cecd4143226aba04c8a6c52513042a96e7ff5d -generated: "2025-03-27T09:46:27.113833-07:00" + version: 4.29.4 +digest: sha256:1257baf1c5e0db036af659d44095223e28ac0c9ec1ed8300a02d5def2281c9c7 +generated: "2024-11-13T09:07:36.494128+09:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cc50ebc3..5d12006a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.14.11 +appVersion: v2.14.2 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.8.28 +version: 7.8.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,7 +18,7 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.33.2 + version: 4.29.4 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.14.11 + description: Bump dex version to v2.42.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f7687880..25760a5f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -685,8 +685,6 @@ NAME: my-release ## Global Configs -NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm ConfigMap. - | Key | Type | Default | Description | |-----|------|---------|-------------| | global.addPrometheusAnnotations | bool | `false` | Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors. | @@ -752,7 +750,6 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf | configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. | | configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts | | configs.params."controller.status.processors" | int | `20` | Number of application status processors | -| configs.params."controller.sync.timeout.seconds" | int | `0` | Specifies the timeout after which a sync would be terminated. 0 means no timeout | | configs.params."otlp.address" | string | `""` | Open-Telemetry collector address: (e.g. "otel-collector:4317") | | configs.params."reposerver.parallelism.limit" | int | `0` | Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. | | configs.params."server.basehref" | string | `"/"` | Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / | @@ -1173,7 +1170,7 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.42.1"` | Dex image tag | +| dex.image.tag | string | `"v2.42.0"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | @@ -1189,6 +1186,8 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf | dex.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | dex.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | dex.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| dex.logFormat | string | `""` (defaults to global.logging.format) | Dex log format. Either `text` or `json` | +| dex.logLevel | string | `""` (defaults to global.logging.level) | Dex log level. One of: `debug`, `info`, `warn`, `error` | | dex.metrics.enabled | bool | `false` | Deploy metrics service | | dex.metrics.service.annotations | object | `{}` | Metrics service annotations | | dex.metrics.service.labels | object | `{}` | Metrics service labels | @@ -1261,8 +1260,8 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf | redis.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | -| redis.exporter.image.repository | string | `"ghcr.io/oliver006/redis_exporter"` | Repository to use for the redis-exporter | -| redis.exporter.image.tag | string | `"v1.70.0"` | Tag to use for the redis-exporter | +| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | +| redis.exporter.image.tag | string | `"1.67.0"` | Tag to use for the redis-exporter | | redis.exporter.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis exporter | | redis.exporter.livenessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | redis.exporter.livenessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated | @@ -1354,8 +1353,8 @@ The main options are listed here: | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.existingSecret | string | `"argocd-redis"` | Existing Secret to use for redis-ha authentication. By default the redis-secret-init Job is generating this Secret. | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | -| redis-ha.exporter.image | string | `"ghcr.io/oliver006/redis_exporter"` | Repository to use for the redis-exporter | -| redis-ha.exporter.tag | string | `"v1.69.0"` | Tag to use for the redis-exporter | +| redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | +| redis-ha.exporter.tag | string | `"1.58.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | | redis-ha.haproxy.affinity | string | `""` | Assign custom [affinity] rules to the haproxy pods. | | redis-ha.haproxy.containerSecurityContext | object | See [values.yaml] | HAProxy container-level security context | @@ -1568,6 +1567,8 @@ If you use an External Redis (See Option 3 above), this Job is not deployed. | notifications.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | notifications.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | notifications.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` | +| notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` | | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | | notifications.metrics.port | int | `9001` | Metrics port | | notifications.metrics.service.annotations | object | `{}` | Metrics service annotations | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 2449115f..d2862792 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -679,8 +679,6 @@ NAME: my-release ## Global Configs -NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm ConfigMap. - | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} diff --git a/charts/argo-cd/ci/default-values.yaml b/charts/argo-cd/ci/default-values.yaml index 499cba25..ffc41c8a 100644 --- a/charts/argo-cd/ci/default-values.yaml +++ b/charts/argo-cd/ci/default-values.yaml @@ -1,7 +1,3 @@ # Test with default values crds: keep: false - -redis: - exporter: - enabled: true diff --git a/charts/argo-cd/ci/ha-autoscaling-values.yaml b/charts/argo-cd/ci/ha-autoscaling-values.yaml index dbbe6695..6e994e3f 100644 --- a/charts/argo-cd/ci/ha-autoscaling-values.yaml +++ b/charts/argo-cd/ci/ha-autoscaling-values.yaml @@ -4,8 +4,6 @@ crds: redis-ha: enabled: true - exporter: - enabled: true server: autoscaling: diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 78c38b4b..8821ab75 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -1,15 +1,3 @@ -{{- if .Values.notifications.logLevel }} -DEPRECATED option notifications.logLevel - Use `configs.params."notificationscontroller.log.level"` -{{- end }} -{{- if .Values.notifications.logFormat }} -DEPRECATED option notifications.logFormat - Use `configs.params."notificationscontroller.log.format"` -{{- end }} -{{- if .Values.dex.logLevel }} -DEPRECATED option dex.logLevel - Use `configs.params."dexserver.log.level"` -{{- end }} -{{- if .Values.dex.logFormat }} -DEPRECATED option dex.logFormat - Use `configs.params."dexserver.log.format"` -{{- end }} In order to access the server UI you have the following options: 1. kubectl port-forward service/{{ include "argo-cd.fullname" . }}-server -n {{ include "argo-cd.namespace" . }} 8080:443 diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index d13928a8..aeaf3df8 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -238,7 +238,7 @@ NOTE: Configuration keys must be stored as dict because YAML treats dot as separ {{- $_ := set $presets "server.dex.server" (include "argo-cd.dex.server" .) -}} {{- $_ := set $presets "server.dex.server.strict.tls" .Values.dex.certificateSecret.enabled -}} {{- end -}} -{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" "notificationscontroller" "dexserver" -}} +{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" -}} {{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} {{- $_ := set $presets (printf "%s.log.level" $component) $.Values.global.logging.level -}} {{- end -}} @@ -275,43 +275,3 @@ ipFamilyPolicy: {{ . }} ipFamilies: {{ toYaml . | nindent 4 }} {{- end }} {{- end }} - -{{/* -secretKeyRef of env variable REDIS_USERNAME -*/}} -{{- define "argo-cd.redisUsernameSecretRef" -}} - {{- if and .Values.externalRedis.host -}} -name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} -key: redis-username -optional: true - {{- else -}} -name: {{ include "argo-cd.redis.fullname" . }} -key: redis-username -optional: true - {{- end -}} -{{- end -}} - -{{/* -secretKeyRef of env variable REDIS_PASSWORD -*/}} -{{- define "argo-cd.redisPasswordSecretRef" -}} - {{- if .Values.externalRedis.host -}} - {{- /* External Redis use case */ -}} - {{- /* Secret is required when specifying existingSecret or a password, otherwise it is optional */ -}} -name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} -key: redis-password -optional: {{ if or .Values.externalRedis.existingSecret .Values.externalRedis.password }}false{{ else }}true{{ end }} - - {{- else if and .Values.redisSecretInit.enabled -}} - {{- /* Default case where Secret is generated by the Job with Helm pre-install hooks */ -}} -name: "argocd-redis" # hard-coded in Job command and embedded Redis deployments (standalone and redis-ha) -key: auth -optional: false # Secret is not optional in this case ! - - {{- else -}} - {{- /* All other use cases (e.g. disabled pre-install Job) */ -}} -name: "argocd-redis" -key: auth -optional: true - {{- end -}} -{{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml index 2f6abd43..0b8285b7 100644 --- a/charts/argo-cd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/deployment.yaml @@ -226,11 +226,19 @@ spec: - name: REDIS_USERNAME valueFrom: secretKeyRef: - {{- include "argo-cd.redisUsernameSecretRef" . | nindent 16 }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + key: redis-username + optional: true - name: REDIS_PASSWORD valueFrom: secretKeyRef: - {{- include "argo-cd.redisPasswordSecretRef" . | nindent 16 }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + {{- if .Values.externalRedis.host }} + key: redis-password + {{- else }} + key: auth + {{- end }} + optional: true - name: REDIS_SENTINEL_USERNAME valueFrom: secretKeyRef: diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 6c03426c..733290d1 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -225,11 +225,19 @@ spec: - name: REDIS_USERNAME valueFrom: secretKeyRef: - {{- include "argo-cd.redisUsernameSecretRef" . | nindent 16 }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + key: redis-username + optional: true - name: REDIS_PASSWORD valueFrom: secretKeyRef: - {{- include "argo-cd.redisPasswordSecretRef" . | nindent 16 }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + {{- if .Values.externalRedis.host }} + key: redis-password + {{- else }} + key: auth + {{- end }} + optional: true - name: REDIS_SENTINEL_USERNAME valueFrom: secretKeyRef: diff --git a/charts/argo-cd/templates/argocd-commit-server/deployment.yaml b/charts/argo-cd/templates/argocd-commit-server/deployment.yaml index d0ab14d4..96cf6575 100644 --- a/charts/argo-cd/templates/argocd-commit-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-commit-server/deployment.yaml @@ -223,7 +223,7 @@ spec: {{- if not $constraint.labelSelector }} labelSelector: matchLabels: - {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.commitServer.name) | nindent 12 }} + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 12 }} {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index db96a93c..cee627d5 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -66,15 +66,11 @@ spec: args: - /usr/local/bin/argocd-notifications - --metrics-port={{ .Values.notifications.containerPorts.metrics }} + - --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }} + - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} - --namespace={{ include "argo-cd.namespace" . }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - --secret-name={{ .Values.notifications.secret.name }} - {{- with .Values.notifications.logLevel }} - - --loglevel={{ . }} - {{- end }} - {{- with .Values.notifications.logFormat }} - - --logformat={{ . }} - {{- end }} {{- range .Values.notifications.extraArgs }} - {{ . | squote }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 2abc4adb..f12332e9 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -178,11 +178,19 @@ spec: - name: REDIS_USERNAME valueFrom: secretKeyRef: - {{- include "argo-cd.redisUsernameSecretRef" . | nindent 16 }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + key: redis-username + optional: true - name: REDIS_PASSWORD valueFrom: secretKeyRef: - {{- include "argo-cd.redisPasswordSecretRef" . | nindent 16 }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + {{- if .Values.externalRedis.host }} + key: redis-password + {{- else }} + key: auth + {{- end }} + optional: true - name: REDIS_SENTINEL_USERNAME valueFrom: secretKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 74d67376..0b75f062 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -246,11 +246,19 @@ spec: - name: REDIS_USERNAME valueFrom: secretKeyRef: - {{- include "argo-cd.redisUsernameSecretRef" . | nindent 16 }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + key: redis-username + optional: true - name: REDIS_PASSWORD valueFrom: secretKeyRef: - {{- include "argo-cd.redisPasswordSecretRef" . | nindent 16 }} + name: {{ default "argocd-redis" .Values.externalRedis.existingSecret }} + {{- if .Values.externalRedis.host }} + key: redis-password + {{- else }} + key: auth + {{- end }} + optional: true - name: REDIS_SENTINEL_USERNAME valueFrom: secretKeyRef: diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 0e253867..4c6209ad 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -72,12 +72,8 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.image.imagePullPolicy }} command: - /shared/argocd-dex - {{- with .Values.dex.logLevel }} - - --loglevel={{ . }} - {{- end }} - {{- with .Values.dex.logFormat }} - - --logformat={{ . }} - {{- end }} + - --logformat={{ default .Values.global.logging.format .Values.dex.logFormat }} + - --loglevel={{ default .Values.global.logging.level .Values.dex.logLevel }} args: - rundex {{- with .Values.dex.extraArgs }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5580049b..f1213daf 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -164,7 +164,7 @@ global: ## Argo Configs configs: - # General Argo CD configuration. Any values you put under `.configs.cm` are passed to argocd-cm ConfigMap. + # General Argo CD configuration ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml cm: # -- Create the argocd-cm configmap for [declarative setup] @@ -275,8 +275,6 @@ configs: controller.self.heal.timeout.seconds: 5 # -- Repo server RPC call timeout seconds. controller.repo.server.timeout.seconds: 60 - # -- Specifies the timeout after which a sync would be terminated. 0 means no timeout - controller.sync.timeout.seconds: 0 ## Server properties # -- Run server without TLS @@ -731,9 +729,8 @@ controller: # image: alpine:3 # command: [sh, -c] # args: - # - wget -qO /custom-tools/kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.2.7/kubelogin-linux-amd64.zip && - # mkdir /custom-tools/tmp && unzip -d /custom-tools/tmp /custom-tools/kubelogin.zip && - # mv /custom-tools/tmp/bin/linux_amd64/kubelogin /custom-tools/ && rm -rf custom-tools/tmp && rm /custom-tools/kubelogin.zip + # - wget -qO kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.0.25/kubelogin-linux-amd64.zip && + # unzip kubelogin.zip && mv bin/linux_amd64/kubelogin /custom-tools/ # volumeMounts: # - mountPath: /custom-tools # name: custom-tools @@ -1028,7 +1025,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.42.1 + tag: v2.42.0 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1253,13 +1250,12 @@ dex: # maxSurge: 25% # maxUnavailable: 25% - # DEPRECATED - Use configs.params to override # -- Dex log format. Either `text` or `json` # @default -- `""` (defaults to global.logging.format) - # logFormat: "" + logFormat: "" # -- Dex log level. One of: `debug`, `info`, `warn`, `error` # @default -- `""` (defaults to global.logging.level) - # logLevel: "" + logLevel: "" ## Redis redis: @@ -1307,9 +1303,9 @@ redis: ## Prometheus redis-exporter image image: # -- Repository to use for the redis-exporter - repository: ghcr.io/oliver006/redis_exporter + repository: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: v1.70.0 + tag: 1.67.0 # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1585,9 +1581,9 @@ redis-ha: # -- Enable Prometheus redis-exporter sidecar enabled: false # -- Repository to use for the redis-exporter - image: ghcr.io/oliver006/redis_exporter + image: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: v1.69.0 + tag: 1.58.0 persistentVolume: # -- Configures persistence on Redis nodes enabled: false @@ -1933,9 +1929,8 @@ server: # image: alpine:3 # command: [sh, -c] # args: - # - wget -qO /custom-tools/kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.2.7/kubelogin-linux-amd64.zip && - # mkdir /custom-tools/tmp && unzip -d /custom-tools/tmp /custom-tools/kubelogin.zip && - # mv /custom-tools/tmp/bin/linux_amd64/kubelogin /custom-tools/ && rm -rf custom-tools/tmp && rm /custom-tools/kubelogin.zip + # - wget -qO kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.0.25/kubelogin-linux-amd64.zip && + # unzip kubelogin.zip && mv bin/linux_amd64/kubelogin /custom-tools/ # volumeMounts: # - mountPath: /custom-tools # name: custom-tools @@ -3239,13 +3234,12 @@ notifications: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] - # DEPRECATED - Use configs.params to override # -- Notifications controller log format. Either `text` or `json` # @default -- `""` (defaults to global.logging.format) - # logFormat: "" + logFormat: "" # -- Notifications controller log level. One of: `debug`, `info`, `warn`, `error` # @default -- `""` (defaults to global.logging.level) - # logLevel: "" + logLevel: "" # -- Extra arguments to provide to the notifications controller extraArgs: [] diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 32965599..a184cb91 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.9.6 +appVersion: v1.9.5 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.15 +version: 2.4.13 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-events to v1.9.6 + description: Bump argo-events to v1.9.5 diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index bc1ad5e8..7e9f6e37 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -180,7 +180,6 @@ done | controller.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | controller.replicas | int | `1` | The number of events controller pods to run. | | controller.resources | object | `{}` | Resource limits and requests for the events controller pods | -| controller.revisionHistoryLimit | int | `5` | The number of replicasets history to keep | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | controller.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | controller.serviceAccount.create | bool | `true` | Create a service account for the events controller | @@ -223,7 +222,6 @@ done | webhook.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | webhook.replicas | int | `1` | The number of webhook pods to run. | | webhook.resources | object | `{}` | Resource limits and requests for the event controller pods | -| webhook.revisionHistoryLimit | int | `5` | The number of replicasets history to keep | | webhook.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | webhook.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | webhook.serviceAccount.create | bool | `true` | Create a service account for the admission webhook | diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 12f1faf9..17bf0a6a 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -10,7 +10,7 @@ spec: selector: matchLabels: {{- include "argo-events.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} - revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }} + revisionHistoryLimit: 5 replicas: {{ .Values.controller.replicas }} template: metadata: diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml index 82a1ab59..0b995ba2 100644 --- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -11,7 +11,7 @@ spec: selector: matchLabels: {{- include "argo-events.selectorLabels" (dict "context" . "name" .Values.webhook.name) | nindent 6 }} - revisionHistoryLimit: {{ .Values.webhook.revisionHistoryLimit }} + revisionHistoryLimit: 5 replicas: {{ .Values.webhook.replicas }} template: metadata: diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 03429b50..fb9878c9 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -201,9 +201,6 @@ controller: # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" - # -- The number of replicasets history to keep - revisionHistoryLimit: 5 - # -- The number of events controller pods to run. replicas: 1 @@ -366,9 +363,6 @@ webhook: # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" - # -- The number of replicasets history to keep - revisionHistoryLimit: 5 - # -- The number of webhook pods to run. replicas: 1 diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 878bc54d..a9ed74ee 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.8.2 +appVersion: v1.8.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.39.5 +version: 2.39.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: argo-rollouts will re-deploy if changes are made to the argo-rollouts configmap. + - kind: changed + description: Bump argo-rollouts to v1.8.0 diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 01cd75e0..aa09ca14 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -126,7 +126,6 @@ For full list of changes please check ArtifactHub [changelog]. | controller.readinessProbe | object | See [values.yaml] | Configure readiness [probe] for the controller | | controller.replicas | int | `2` | The number of controller pods to run | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | -| controller.stepPlugins | list | `[]` | Configures 3rd party stepPlugins for controller | | controller.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | diff --git a/charts/argo-rollouts/templates/controller/configmap.yaml b/charts/argo-rollouts/templates/controller/configmap.yaml index 42f84775..a1971ab9 100644 --- a/charts/argo-rollouts/templates/controller/configmap.yaml +++ b/charts/argo-rollouts/templates/controller/configmap.yaml @@ -11,10 +11,6 @@ data: metricProviderPlugins: |- {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.controller.stepPlugins }} - stepPlugins: |- - {{- toYaml . | nindent 4 }} - {{- end }} {{- with .Values.controller.trafficRouterPlugins }} trafficRouterPlugins: |- {{- toYaml . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 0449fabc..7aea72a4 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -26,13 +26,12 @@ spec: revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} template: metadata: + {{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.controller.podAnnotations) }} annotations: - {{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.controller.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} - {{- end }} - checksum/cm: {{ include (print $.Template.BasePath "/controller/configmap.yaml") . | sha256sum }} + {{- end }} labels: {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} app.kubernetes.io/component: {{ .Values.controller.component }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 6bed0d57..26633455 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -217,12 +217,6 @@ controller: # - name: "argoproj-labs/sample-prometheus" # name of the plugin, it must match the name required by the plugin so that it can find its configuration # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// - # -- Configures 3rd party stepPlugins for controller - ## Ref: https://argo-rollouts.readthedocs.io/en/stable/features/canary/plugins/ - stepPlugins: [] - # - name: "argoproj-labs/step-exec" # name of the plugin, it must match the name required by the plugin so it can find it's configuration - # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// - # -- Configures 3rd party traffic router plugins for controller ## Ref: https://argo-rollouts.readthedocs.io/en/stable/features/traffic-management/plugins/ trafficRouterPlugins: [] diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 32f40053..c1f8df1a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.6.5 +appVersion: v3.6.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.45.12 +version: 0.45.7 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fix yamllint error 'trailing spaces' + description: Update the SSO configuration instructions to reflect the correct field name diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index ac437149..6e400596 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -116,7 +116,7 @@ Fields to note: | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | -| createAggregateRoles | bool | `true` | Create ClusterRoles that extend existing ClusterRoles to interact with Argo Workflows CRDs. | +| createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | | emissary.images | list | `[]` | The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. | | extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `nil` | String to fully override "argo-workflows.fullname" template | @@ -136,7 +136,6 @@ Fields to note: | workflow.rbac.agentPermissions | bool | `false` | Allows permissions for the Argo Agent. Only required if using http/plugin templates | | workflow.rbac.artifactGC | bool | `false` | Allows permissions for the Argo Artifact GC pod. Only required if using artifact gc | | workflow.rbac.create | bool | `true` | Adds Role and RoleBinding for the above specified service account to be able to run workflows. A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) | -| workflow.rbac.rules | list | `[]` | Additional rules for the service account that runs the workflows. | | workflow.rbac.serviceAccounts | list | `[]` | Extra service accounts to be added to the RoleBinding | | workflow.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | workflow.serviceAccount.create | bool | `false` | Specifies whether a service account should be created | @@ -311,14 +310,6 @@ Fields to note: | server.ingress.paths | list | `["/"]` | List of ingress paths | | server.ingress.tls | list | `[]` | Ingress TLS configuration | | server.lifecycle | object | `{}` | Specify postStart and preStop lifecycle hooks for server container | -| server.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for server | -| server.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | -| server.livenessProbe.httpGet.path | string | `"/"` | Http path to use for the liveness probe | -| server.livenessProbe.httpGet.port | int | `2746` | Http port to use for the liveness probe | -| server.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | -| server.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | -| server.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | -| server.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | server.loadBalancerClass | string | `""` | The class of the load balancer implementation | | server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` | | server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | diff --git a/charts/argo-workflows/ci/enable-server-liveness-probe-values.yaml b/charts/argo-workflows/ci/enable-server-liveness-probe-values.yaml deleted file mode 100644 index 3a5892b8..00000000 --- a/charts/argo-workflows/ci/enable-server-liveness-probe-values.yaml +++ /dev/null @@ -1,6 +0,0 @@ -crds: - keep: false - -server: - livenessProbe: - enabled: true diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index de7d84be..ebbba978 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -90,7 +90,7 @@ Selector labels {{- define "argo-workflows.selectorLabels" -}} {{- if .name -}} app.kubernetes.io/name: {{ include "argo-workflows.name" .context }}-{{ .name }} -{{- end }} +{{ end -}} app.kubernetes.io/instance: {{ .context.Release.Name }} {{- if .component }} app.kubernetes.io/component: {{ .component }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 9329895a..1e8f764c 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -174,7 +174,7 @@ rules: verbs: - get resourceNames: - {{- /* for HTTP templates */}} + {{/* for HTTP templates */}} - argo-workflows-agent-ca-certificates {{- with .Values.controller.rbac.secretWhitelist }} - apiGroups: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml index 2e259983..93e0557b 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 {{- if .Values.singleNamespace }} kind: RoleBinding -{{- else }} +{{ else }} kind: ClusterRoleBinding {{- end }} metadata: @@ -16,7 +16,7 @@ roleRef: apiGroup: rbac.authorization.k8s.io {{- if .Values.singleNamespace }} kind: Role - {{- else }} + {{ else }} kind: ClusterRole {{- end }} name: {{ template "argo-workflows.controller.fullname" . }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index ad3eea10..b3db5f4e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -106,8 +106,7 @@ spec: - name: {{ .Values.controller.metricsConfig.portName }} containerPort: {{ .Values.controller.metricsConfig.port }} - containerPort: 6060 - livenessProbe: - {{- .Values.controller.livenessProbe | toYaml | nindent 12 }} + livenessProbe: {{ .Values.controller.livenessProbe | toYaml | nindent 12 }} {{- with .Values.controller.extraContainers }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml index e4f10443..fd1db89f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -9,7 +9,7 @@ metadata: {{- with .Values.controller.serviceAccount.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.controller.serviceAccount.annotations }} + {{ with .Values.controller.serviceAccount.annotations }} annotations: {{- toYaml .| nindent 4 }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 1c3e0338..81c20048 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -18,9 +18,6 @@ rules: verbs: - create - patch - {{- with $.Values.workflow.rbac.rules }} - {{- toYaml . | nindent 2 }} - {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/extra-manifests.yaml b/charts/argo-workflows/templates/extra-manifests.yaml index 3b28ed34..fc9a76b8 100644 --- a/charts/argo-workflows/templates/extra-manifests.yaml +++ b/charts/argo-workflows/templates/extra-manifests.yaml @@ -1,8 +1,8 @@ -{{- range .Values.extraObjects }} +{{ range .Values.extraObjects }} --- -{{- if typeIs "string" . }} +{{ if typeIs "string" . }} {{- tpl . $ }} {{- else }} {{- tpl (toYaml .) $ }} {{- end }} -{{- end }} +{{ end }} diff --git a/charts/argo-workflows/templates/server/server-crb.yaml b/charts/argo-workflows/templates/server/server-crb.yaml index 0aeb8136..4ffb9107 100644 --- a/charts/argo-workflows/templates/server/server-crb.yaml +++ b/charts/argo-workflows/templates/server/server-crb.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 {{- if .Values.singleNamespace }} kind: RoleBinding -{{- else }} +{{ else }} kind: ClusterRoleBinding {{- end }} metadata: @@ -16,7 +16,7 @@ roleRef: apiGroup: rbac.authorization.k8s.io {{- if .Values.singleNamespace }} kind: Role - {{- else }} + {{ else }} kind: ClusterRole {{- end }} name: {{ template "argo-workflows.server.fullname" . }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 9d3e8c20..b9a2541b 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -87,22 +87,6 @@ spec: {{- end }} initialDelaySeconds: 10 periodSeconds: 20 - {{- if .Values.server.livenessProbe.enabled }} - livenessProbe: - httpGet: - path: {{ .Values.server.livenessProbe.httpGet.path }} - port: {{ .Values.server.livenessProbe.httpGet.port }} - {{- if .Values.server.secure }} - scheme: HTTPS - {{- else }} - scheme: HTTP - {{- end }} - initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }} - timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }} - periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }} - successThreshold: {{ .Values.server.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.server.livenessProbe.failureThreshold }} - {{- end }} env: - name: IN_CLUSTER value: "true" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index bf849dbc..0c044454 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -16,7 +16,7 @@ crds: # -- Annotations to be added to all CRDs annotations: {} -# -- Create ClusterRoles that extend existing ClusterRoles to interact with Argo Workflows CRDs. +# -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles createAggregateRoles: true @@ -77,8 +77,6 @@ workflow: serviceAccounts: [] # - name: my-service-account # namespace: my-namespace - # -- Additional rules for the service account that runs the workflows. - rules: [] controller: image: @@ -778,27 +776,6 @@ server: # -- terminationGracePeriodSeconds for container lifecycle hook terminationGracePeriodSeconds: 30 - ## livenessProbe for server - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ - livenessProbe: - # -- Enable Kubernetes liveness probe for server - enabled: false - httpGet: - # -- Http port to use for the liveness probe - port: 2746 - # -- Http path to use for the liveness probe - path: / - # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded - failureThreshold: 3 - # -- Number of seconds after the container has started before [probe] is initiated - initialDelaySeconds: 10 - # -- How often (in seconds) to perform the [probe] - periodSeconds: 10 - # -- Number of seconds after which the [probe] times out - timeoutSeconds: 1 - # -- Minimum consecutive successes for the [probe] to be considered successful after having failed - successThreshold: 1 - # -- Array of extra K8s manifests to deploy extraObjects: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index a04f5c6f..02438363 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.12.1 -appVersion: v0.16.0 +version: 0.12.0 +appVersion: v0.15.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argocd-image-updater to v0.16.0 + description: ConfigMap and Secret names are now configurable diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index fefb5ac5..87f1fbf4 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -94,6 +94,12 @@ spec: key: git.email name: {{ .Values.config.name }} optional: true + - name: IMAGE_UPDATER_KUBE_EVENTS + valueFrom: + configMapKeyRef: + key: kube.events + name: {{ .Values.config.name }} + optional: true - name: GIT_COMMIT_SIGNING_KEY valueFrom: configMapKeyRef: @@ -112,18 +118,6 @@ spec: key: git.commit-sign-off name: {{ .Values.config.name }} optional: true - - name: IMAGE_UPDATER_KUBE_EVENTS - valueFrom: - configMapKeyRef: - key: kube.events - name: {{ .Values.config.name }} - optional: true - - name: ARGOCD_LOGLEVEL - valueFrom: - configMapKeyRef: - key: log.level - name: {{ .Values.config.name }} - optional: true {{- with .Values.extraEnv }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/renovate.json b/renovate.json index 9bed3166..1ee051f5 100644 --- a/renovate.json +++ b/renovate.json @@ -86,9 +86,8 @@ "argoproj/argo-rollouts", "argoproj-labs/argocd-image-updater", "argoprojlabs/argocd-extension-installer", - "public.ecr.aws/docker/library/redis", - "ghcr.io/dexidp/dex", - "ghcr.io/oliver006/redis_exporter" + "public.ecr.aws/bitnami/redis-exporter", + "public.ecr.aws/docker/library/redis" ], "commitMessagePrefix": "chore({{parentDir}}):", "postUpgradeTasks": { diff --git a/scripts/release-analysis/README.md b/scripts/release-analysis/README.md index aefce0c7..ab746cee 100644 --- a/scripts/release-analysis/README.md +++ b/scripts/release-analysis/README.md @@ -4,7 +4,7 @@ Compare the time of the upstream release to the time of the equivalent Helm Char ## How to run -This is quite github-api-intensive, so you'll need a github PAT. The PAT only requires public read (to fetch the data from the public repos without being too rate limited). +This is quite github-api-intensive, so you'll need a github PAT ```bash # Build the container diff --git a/scripts/release-analysis/argo_helm_releases.csv b/scripts/release-analysis/argo_helm_releases.csv index 937ae76d..58046fc1 100644 --- a/scripts/release-analysis/argo_helm_releases.csv +++ b/scripts/release-analysis/argo_helm_releases.csv @@ -1,39 +1,4 @@ Release Name,Release Date,Release Time,App Version -argo-cd-7.8.14,2025-03-25,00:08:57,v2.14.8 -argo-rollouts-2.39.3,2025-03-23,12:51:36,v1.8.2 -argo-rollouts-2.39.2,2025-03-21,07:13:50,v1.8.1 -argo-cd-7.8.13,2025-03-19,18:35:57,v2.14.7 -argo-cd-7.8.12,2025-03-18,16:35:25,v2.14.6 -argo-cd-7.8.11,2025-03-15,08:35:05,v2.14.5 -argo-rollouts-2.39.1,2025-03-13,14:56:21,v1.8.0 -argo-events-2.4.14,2025-03-13,14:59:31,v1.9.5 -argo-workflows-0.45.11,2025-03-11,11:52:08,v3.6.5 -argo-cd-7.8.10,2025-03-11,07:25:23,v2.14.5 -argo-cd-7.8.9,2025-03-08,06:30:05,v2.14.4 -argo-workflows-0.45.10,2025-03-06,12:00:38,v3.6.4 -argo-cd-7.8.8,2025-03-05,00:15:58,v2.14.4 -argo-workflows-0.45.9,2025-03-03,06:08:58,v3.6.4 -argo-cd-7.8.7,2025-03-01,03:07:42,v2.14.3 -argo-cd-7.8.6,2025-02-28,21:33:58,v2.14.3 -argo-workflows-0.45.8,2025-02-24,09:32:08,v3.6.4 -argo-cd-7.8.5,2025-02-23,21:45:52,v2.14.2 -argo-cd-7.8.4,2025-02-21,16:03:22,v2.14.2 -argo-cd-7.8.3,2025-02-20,00:42:29,v2.14.2 -argo-workflows-0.45.7,2025-02-15,10:11:36,v3.6.4 -argo-workflows-0.45.6,2025-02-10,14:30:33,v3.6.4 -argo-workflows-0.45.5,2025-02-08,05:59:05,v3.6.3 -argo-cd-7.8.2,2025-02-06,10:35:47,v2.14.2 -argo-cd-7.8.1,2025-02-06,10:07:58,v2.14.2 -argo-cd-7.8.0,2025-02-04,11:26:11,v2.14.1 -argo-cd-7.7.23,2025-02-03,09:39:31,v2.13.4 -argo-rollouts-2.39.0,2025-01-31,01:54:56,v1.8.0 -argo-cd-7.7.22,2025-01-29,22:47:19,v2.13.4 -argo-cd-7.7.21,2025-01-28,09:58:06,v2.13.3 -argo-cd-7.7.20,2025-01-28,08:14:34,v2.13.3 -argo-cd-7.7.19,2025-01-28,08:00:25,v2.13.3 -argo-cd-7.7.18,2025-01-27,15:32:10,v2.13.3 -argocd-image-updater-0.12.0,2025-01-25,13:31:56,v0.15.2 -argo-cd-7.7.17,2025-01-24,13:04:38,v2.13.3 argo-cd-7.7.16,2025-01-14,10:17:50,v2.13.3 argo-events-2.4.13,2025-01-11,10:22:47,v1.9.5 argo-workflows-0.45.4,2025-01-10,10:23:52,v3.6.2 diff --git a/scripts/release-analysis/argo_releases.csv b/scripts/release-analysis/argo_releases.csv index a13ebd7f..f630abe7 100644 --- a/scripts/release-analysis/argo_releases.csv +++ b/scripts/release-analysis/argo_releases.csv @@ -1,23 +1,4 @@ Repository,Release Tag,Release Date,Release Time -argo-cd,v3.0.0-rc3,2025-03-24,21:36:25 -argo-cd,v2.14.8,2025-03-24,21:36:01 -argo-cd,v2.13.6,2025-03-24,21:35:38 -argo-cd,v2.12.11,2025-03-24,21:36:05 -argo-cd,v3.0.0-rc2,2025-03-19,17:57:41 -argo-cd,v2.14.7,2025-03-19,17:49:46 -argo-cd,v2.14.6,2025-03-18,14:17:14 -argo-cd,v3.0.0-rc1,2025-03-17,20:38:40 -argo-cd,v2.14.5,2025-03-11,03:57:34 -argo-cd,v2.14.4,2025-03-04,21:39:08 -argo-cd,v2.14.3,2025-02-28,19:39:18 -argo-cd,v2.14.2,2025-02-06,00:23:26 -argo-cd,v2.13.5,2025-02-05,22:13:35 -argo-cd,v2.14.1,2025-02-03,22:02:42 -argo-cd,v2.14.0,2025-02-03,20:22:37 -argo-cd,v2.14.0-rc7,2025-01-29,21:36:23 -argo-cd,v2.13.4,2025-01-29,21:30:00 -argo-cd,v2.12.10,2025-01-29,21:29:19 -argo-cd,v2.11.13,2025-01-29,21:29:02 argo-cd,v2.14.0-rc6,2025-01-21,21:40:31 argo-cd,v2.14.0-rc5,2025-01-08,20:16:38 argo-cd,v2.13.3,2025-01-03,19:23:42 @@ -457,10 +438,6 @@ argo-cd,v0.3.1,2018-04-24,23:32:12 argo-cd,v0.3.0,2018-04-23,08:29:14 argo-cd,v0.2.0,2018-04-03,18:19:24 argo-cd,v0.1.0,2018-03-13,00:38:20 -argo-workflows,v3.6.5,2025-03-11,08:59:16 -argo-workflows,v3.6.4,2025-02-10,12:56:26 -argo-workflows,v3.6.3,2025-02-07,15:02:18 -argo-workflows,v3.5.14,2025-01-31,09:01:29 argo-workflows,v3.6.2,2024-12-02,14:12:44 argo-workflows,v3.5.13,2024-12-02,13:09:39 argo-workflows,v3.6.0,2024-11-14,19:02:01 @@ -825,9 +802,6 @@ argo-events,v0.6,2018-11-27,11:46:02 argo-events,v0.5,2018-10-18,19:51:19 argo-events,v0.5-beta1,2018-07-27,15:00:03 argo-events,v0.5-alpha1,2018-06-20,19:23:36 -argo-rollouts,v1.8.2,2025-03-21,20:37:43 -argo-rollouts,v1.8.1,2025-03-20,16:40:33 -argo-rollouts,v1.8.0,2025-01-30,18:24:03 argo-rollouts,v1.8.0-rc2,2025-01-16,19:43:44 argo-rollouts,v1.8.0-rc1,2024-12-09,14:28:35 argo-rollouts,v1.7.2,2024-08-13,18:42:47 diff --git a/scripts/release-analysis/merged_releases.csv b/scripts/release-analysis/merged_releases.csv index 269106d7..a4c13445 100644 --- a/scripts/release-analysis/merged_releases.csv +++ b/scripts/release-analysis/merged_releases.csv @@ -1,21 +1,6 @@ Repository,Release Tag,Release Date,Release Time,App Version,Release Name,Release Date 2,Release Time 2,Time Difference -argo-cd,v2.14.8,2025-03-24,21:36:01,v2.14.8,argo-cd-7.8.14,2025-03-25,00:08:57,2.548888888888889 -argo-rollouts,v1.8.2,2025-03-21,20:37:43,v1.8.2,argo-rollouts-2.39.3,2025-03-23,12:51:36,40.23138888888889 -argo-rollouts,v1.8.1,2025-03-20,16:40:33,v1.8.1,argo-rollouts-2.39.2,2025-03-21,07:13:50,14.554722222222223 -argo-cd,v2.14.7,2025-03-19,17:49:46,v2.14.7,argo-cd-7.8.13,2025-03-19,18:35:57,0.7697222222222222 -argo-cd,v2.14.6,2025-03-18,14:17:14,v2.14.6,argo-cd-7.8.12,2025-03-18,16:35:25,2.3030555555555554 -argo-cd,v2.14.5,2025-03-11,03:57:34,v2.14.5,argo-cd-7.8.10,2025-03-11,07:25:23,3.463611111111111 -argo-rollouts,v1.8.0,2025-01-30,18:24:03,v1.8.0,argo-rollouts-2.39.0,2025-01-31,01:54:56,7.514722222222222 -argo-events,v1.9.5,2025-01-10,18:11:20,v1.9.5,argo-events-2.4.13,2025-01-11,10:22:47,16.190833333333334 -argo-workflows,v3.6.5,2025-03-11,08:59:16,v3.6.5,argo-workflows-0.45.11,2025-03-11,11:52:08,2.881111111111111 -argo-cd,v2.14.4,2025-03-04,21:39:08,v2.14.4,argo-cd-7.8.8,2025-03-05,00:15:58,2.613888888888889 -argo-workflows,v3.6.4,2025-02-10,12:56:26,v3.6.4,argo-workflows-0.45.6,2025-02-10,14:30:33,1.5686111111111112 -argo-cd,v2.14.3,2025-02-28,19:39:18,v2.14.3,argo-cd-7.8.6,2025-02-28,21:33:58,1.9111111111111112 -argo-cd,v2.14.2,2025-02-06,00:23:26,v2.14.2,argo-cd-7.8.1,2025-02-06,10:07:58,9.742222222222223 -argo-workflows,v3.6.3,2025-02-07,15:02:18,v3.6.3,argo-workflows-0.45.5,2025-02-08,05:59:05,14.946388888888889 -argo-cd,v2.14.1,2025-02-03,22:02:42,v2.14.1,argo-cd-7.8.0,2025-02-04,11:26:11,13.391388888888889 -argo-cd,v2.13.4,2025-01-29,21:30:00,v2.13.4,argo-cd-7.7.22,2025-01-29,22:47:19,1.2886111111111112 argo-cd,v2.13.3,2025-01-03,19:23:42,v2.13.3,argo-cd-7.7.13,2025-01-04,00:07:55,4.736944444444444 +argo-events,v1.9.5,2025-01-10,18:11:20,v1.9.5,argo-events-2.4.13,2025-01-11,10:22:47,16.190833333333334 argo-workflows,v3.6.2,2024-12-02,14:12:44,v3.6.2,argo-workflows-0.45.1,2024-12-02,17:39:46,3.4505555555555554 argo-events,v1.9.4,2025-01-08,07:48:18,v1.9.4,argo-events-2.4.12,2025-01-08,08:37:01,0.8119444444444445 argo-events,v1.9.3,2024-11-27,06:51:10,v1.9.3,argo-events-2.4.9,2024-11-27,20:44:06,13.882222222222222 diff --git a/scripts/release-analysis/time_difference_plot_argo-cd.png b/scripts/release-analysis/time_difference_plot_argo-cd.png index da7f0d5a..738c0b98 100644 Binary files a/scripts/release-analysis/time_difference_plot_argo-cd.png and b/scripts/release-analysis/time_difference_plot_argo-cd.png differ diff --git a/scripts/release-analysis/time_difference_plot_argo-events.png b/scripts/release-analysis/time_difference_plot_argo-events.png index 9af37f92..7e6c6431 100644 Binary files a/scripts/release-analysis/time_difference_plot_argo-events.png and b/scripts/release-analysis/time_difference_plot_argo-events.png differ diff --git a/scripts/release-analysis/time_difference_plot_argo-rollouts.png b/scripts/release-analysis/time_difference_plot_argo-rollouts.png index 402a49cf..4a24f491 100644 Binary files a/scripts/release-analysis/time_difference_plot_argo-rollouts.png and b/scripts/release-analysis/time_difference_plot_argo-rollouts.png differ diff --git a/scripts/release-analysis/time_difference_plot_argo-workflows.png b/scripts/release-analysis/time_difference_plot_argo-workflows.png index d7ebd974..eb0dcf25 100644 Binary files a/scripts/release-analysis/time_difference_plot_argo-workflows.png and b/scripts/release-analysis/time_difference_plot_argo-workflows.png differ