diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index c719d45d..a9550799 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -27,7 +27,7 @@ jobs: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 + uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0 with: version: v3.10.1 # Also update in publish.yaml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index f6dcec99..f475808f 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -24,7 +24,7 @@ jobs: fetch-depth: 0 - name: Install Helm - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 + uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0 with: version: v3.10.1 # Also update in lint-and-test.yaml @@ -66,7 +66,7 @@ jobs: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - name: Login to GHCR - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 + uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 9460d792..42e17239 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Get token - uses: actions/create-github-app-token@0d564482f06ca65fa9e77e2510873638c82206f2 # v1.11.5 + uses: actions/create-github-app-token@af35edadc00be37caa72ed9f3e6d5f7801bfdf09 # v1.11.7 id: get_token with: app-id: ${{ vars.RENOVATE_APP_ID }} @@ -26,11 +26,11 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Self-hosted Renovate - uses: renovatebot/github-action@e084b5ac6fd201023db6dd7743aec023babb02c8 # v41.0.13 + uses: renovatebot/github-action@08ed9fa83e24bfe6222557f9e221395c57972127 # v41.0.16 with: configurationFile: .github/configs/renovate-config.js # renovate: datasource=docker depName=ghcr.io/renovatebot/renovate - renovate-version: 39.153.2 + renovate-version: 39.185.0 token: '${{ steps.get_token.outputs.token }}' mount-docker-socket: true env: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 29f267d3..537b6c90 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 + uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1 with: results_file: results.sarif results_format: sarif @@ -46,7 +46,7 @@ jobs: # - you want to enable the Branch-Protection check on a *public* repository, or # - you are installing Scorecard on a *private* repository # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. - repo_token: ${{ secrets.SCORECARD_TOKEN }} + # repo_token: ${{ secrets.SCORECARD_TOKEN }} # Public repositories: # - Publish results to OpenSSF REST API for easy access by consumers @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: SARIF file path: results.sarif @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 + uses: github/codeql-action/upload-sarif@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12 with: sarif_file: results.sarif diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5d12006a..90e2ed2e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.14.2 +appVersion: v2.14.8 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.8.3 +version: 7.8.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump dex version to v2.42.0 + description: Bump argo-cd to v2.14.8 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 25760a5f..c3af2b45 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -685,6 +685,8 @@ NAME: my-release ## Global Configs +NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm ConfigMap. + | Key | Type | Default | Description | |-----|------|---------|-------------| | global.addPrometheusAnnotations | bool | `false` | Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors. | @@ -750,6 +752,7 @@ NAME: my-release | configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. | | configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts | | configs.params."controller.status.processors" | int | `20` | Number of application status processors | +| configs.params."controller.sync.timeout.seconds" | int | `0` | Specifies the timeout after which a sync would be terminated. 0 means no timeout | | configs.params."otlp.address" | string | `""` | Open-Telemetry collector address: (e.g. "otel-collector:4317") | | configs.params."reposerver.parallelism.limit" | int | `0` | Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. | | configs.params."server.basehref" | string | `"/"` | Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / | @@ -1261,7 +1264,7 @@ NAME: my-release | redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis.exporter.image.tag | string | `"1.67.0"` | Tag to use for the redis-exporter | +| redis.exporter.image.tag | string | `"1.69.0"` | Tag to use for the redis-exporter | | redis.exporter.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis exporter | | redis.exporter.livenessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | redis.exporter.livenessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index d2862792..2449115f 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -679,6 +679,8 @@ NAME: my-release ## Global Configs +NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm ConfigMap. + | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} diff --git a/charts/argo-cd/templates/argocd-commit-server/deployment.yaml b/charts/argo-cd/templates/argocd-commit-server/deployment.yaml index 96cf6575..d0ab14d4 100644 --- a/charts/argo-cd/templates/argocd-commit-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-commit-server/deployment.yaml @@ -223,7 +223,7 @@ spec: {{- if not $constraint.labelSelector }} labelSelector: matchLabels: - {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.commitServer.name) | nindent 12 }} + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.commitServer.name) | nindent 12 }} {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f1213daf..59f3e21d 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -164,7 +164,7 @@ global: ## Argo Configs configs: - # General Argo CD configuration + # General Argo CD configuration. Any values you put under `.configs.cm` are passed to argocd-cm ConfigMap. ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml cm: # -- Create the argocd-cm configmap for [declarative setup] @@ -275,6 +275,8 @@ configs: controller.self.heal.timeout.seconds: 5 # -- Repo server RPC call timeout seconds. controller.repo.server.timeout.seconds: 60 + # -- Specifies the timeout after which a sync would be terminated. 0 means no timeout + controller.sync.timeout.seconds: 0 ## Server properties # -- Run server without TLS @@ -1305,7 +1307,7 @@ redis: # -- Repository to use for the redis-exporter repository: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.67.0 + tag: 1.69.0 # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index a184cb91..d5a6bb61 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.9.5 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.13 +version: 2.4.14 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-events to v1.9.5 + - kind: added + description: Add revisionHistoryLimit to values diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 7e9f6e37..bc1ad5e8 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -180,6 +180,7 @@ done | controller.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | controller.replicas | int | `1` | The number of events controller pods to run. | | controller.resources | object | `{}` | Resource limits and requests for the events controller pods | +| controller.revisionHistoryLimit | int | `5` | The number of replicasets history to keep | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | controller.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | controller.serviceAccount.create | bool | `true` | Create a service account for the events controller | @@ -222,6 +223,7 @@ done | webhook.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | webhook.replicas | int | `1` | The number of webhook pods to run. | | webhook.resources | object | `{}` | Resource limits and requests for the event controller pods | +| webhook.revisionHistoryLimit | int | `5` | The number of replicasets history to keep | | webhook.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | webhook.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | webhook.serviceAccount.create | bool | `true` | Create a service account for the admission webhook | diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 17bf0a6a..12f1faf9 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -10,7 +10,7 @@ spec: selector: matchLabels: {{- include "argo-events.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} - revisionHistoryLimit: 5 + revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }} replicas: {{ .Values.controller.replicas }} template: metadata: diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml index 0b995ba2..82a1ab59 100644 --- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -11,7 +11,7 @@ spec: selector: matchLabels: {{- include "argo-events.selectorLabels" (dict "context" . "name" .Values.webhook.name) | nindent 6 }} - revisionHistoryLimit: 5 + revisionHistoryLimit: {{ .Values.webhook.revisionHistoryLimit }} replicas: {{ .Values.webhook.replicas }} template: metadata: diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index fb9878c9..03429b50 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -201,6 +201,9 @@ controller: # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" + # -- The number of replicasets history to keep + revisionHistoryLimit: 5 + # -- The number of events controller pods to run. replicas: 1 @@ -363,6 +366,9 @@ webhook: # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" + # -- The number of replicasets history to keep + revisionHistoryLimit: 5 + # -- The number of webhook pods to run. replicas: 1 diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a9ed74ee..770b82f4 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.8.0 +appVersion: v1.8.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.39.0 +version: 2.39.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-rollouts to v1.8.0 + description: Bump argo-rollouts to v1.8.2 diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index aa09ca14..01cd75e0 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -126,6 +126,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.readinessProbe | object | See [values.yaml] | Configure readiness [probe] for the controller | | controller.replicas | int | `2` | The number of controller pods to run | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | +| controller.stepPlugins | list | `[]` | Configures 3rd party stepPlugins for controller | | controller.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | diff --git a/charts/argo-rollouts/templates/controller/configmap.yaml b/charts/argo-rollouts/templates/controller/configmap.yaml index a1971ab9..42f84775 100644 --- a/charts/argo-rollouts/templates/controller/configmap.yaml +++ b/charts/argo-rollouts/templates/controller/configmap.yaml @@ -11,6 +11,10 @@ data: metricProviderPlugins: |- {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.controller.stepPlugins }} + stepPlugins: |- + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.controller.trafficRouterPlugins }} trafficRouterPlugins: |- {{- toYaml . | nindent 4 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 26633455..6bed0d57 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -217,6 +217,12 @@ controller: # - name: "argoproj-labs/sample-prometheus" # name of the plugin, it must match the name required by the plugin so that it can find its configuration # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + # -- Configures 3rd party stepPlugins for controller + ## Ref: https://argo-rollouts.readthedocs.io/en/stable/features/canary/plugins/ + stepPlugins: [] + # - name: "argoproj-labs/step-exec" # name of the plugin, it must match the name required by the plugin so it can find it's configuration + # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + # -- Configures 3rd party traffic router plugins for controller ## Ref: https://argo-rollouts.readthedocs.io/en/stable/features/traffic-management/plugins/ trafficRouterPlugins: [] diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c1f8df1a..02e5e506 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.6.4 +appVersion: v3.6.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.45.7 +version: 0.45.11 icon: https://argo-workflows.readthedocs.io/en/stable/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Update the SSO configuration instructions to reflect the correct field name + - kind: changed + description: Bump argo-workflows to v3.6.5 diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 6e400596..ac437149 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -116,7 +116,7 @@ Fields to note: | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | -| createAggregateRoles | bool | `true` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | +| createAggregateRoles | bool | `true` | Create ClusterRoles that extend existing ClusterRoles to interact with Argo Workflows CRDs. | | emissary.images | list | `[]` | The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. | | extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `nil` | String to fully override "argo-workflows.fullname" template | @@ -136,6 +136,7 @@ Fields to note: | workflow.rbac.agentPermissions | bool | `false` | Allows permissions for the Argo Agent. Only required if using http/plugin templates | | workflow.rbac.artifactGC | bool | `false` | Allows permissions for the Argo Artifact GC pod. Only required if using artifact gc | | workflow.rbac.create | bool | `true` | Adds Role and RoleBinding for the above specified service account to be able to run workflows. A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) | +| workflow.rbac.rules | list | `[]` | Additional rules for the service account that runs the workflows. | | workflow.rbac.serviceAccounts | list | `[]` | Extra service accounts to be added to the RoleBinding | | workflow.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | workflow.serviceAccount.create | bool | `false` | Specifies whether a service account should be created | @@ -310,6 +311,14 @@ Fields to note: | server.ingress.paths | list | `["/"]` | List of ingress paths | | server.ingress.tls | list | `[]` | Ingress TLS configuration | | server.lifecycle | object | `{}` | Specify postStart and preStop lifecycle hooks for server container | +| server.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for server | +| server.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| server.livenessProbe.httpGet.path | string | `"/"` | Http path to use for the liveness probe | +| server.livenessProbe.httpGet.port | int | `2746` | Http port to use for the liveness probe | +| server.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| server.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| server.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| server.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | server.loadBalancerClass | string | `""` | The class of the load balancer implementation | | server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` | | server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | diff --git a/charts/argo-workflows/ci/enable-server-liveness-probe-values.yaml b/charts/argo-workflows/ci/enable-server-liveness-probe-values.yaml new file mode 100644 index 00000000..3a5892b8 --- /dev/null +++ b/charts/argo-workflows/ci/enable-server-liveness-probe-values.yaml @@ -0,0 +1,6 @@ +crds: + keep: false + +server: + livenessProbe: + enabled: true diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 81c20048..1c3e0338 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -18,6 +18,9 @@ rules: verbs: - create - patch + {{- with $.Values.workflow.rbac.rules }} + {{- toYaml . | nindent 2 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index b9a2541b..9d3e8c20 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -87,6 +87,22 @@ spec: {{- end }} initialDelaySeconds: 10 periodSeconds: 20 + {{- if .Values.server.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: {{ .Values.server.livenessProbe.httpGet.path }} + port: {{ .Values.server.livenessProbe.httpGet.port }} + {{- if .Values.server.secure }} + scheme: HTTPS + {{- else }} + scheme: HTTP + {{- end }} + initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }} + timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }} + periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }} + successThreshold: {{ .Values.server.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.server.livenessProbe.failureThreshold }} + {{- end }} env: - name: IN_CLUSTER value: "true" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 0c044454..bf849dbc 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -16,7 +16,7 @@ crds: # -- Annotations to be added to all CRDs annotations: {} -# -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds +# -- Create ClusterRoles that extend existing ClusterRoles to interact with Argo Workflows CRDs. ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles createAggregateRoles: true @@ -77,6 +77,8 @@ workflow: serviceAccounts: [] # - name: my-service-account # namespace: my-namespace + # -- Additional rules for the service account that runs the workflows. + rules: [] controller: image: @@ -776,6 +778,27 @@ server: # -- terminationGracePeriodSeconds for container lifecycle hook terminationGracePeriodSeconds: 30 + ## livenessProbe for server + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ + livenessProbe: + # -- Enable Kubernetes liveness probe for server + enabled: false + httpGet: + # -- Http port to use for the liveness probe + port: 2746 + # -- Http path to use for the liveness probe + path: / + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Array of extra K8s manifests to deploy extraObjects: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 diff --git a/renovate.json b/renovate.json index 1ee051f5..10c39a9a 100644 --- a/renovate.json +++ b/renovate.json @@ -87,7 +87,8 @@ "argoproj-labs/argocd-image-updater", "argoprojlabs/argocd-extension-installer", "public.ecr.aws/bitnami/redis-exporter", - "public.ecr.aws/docker/library/redis" + "public.ecr.aws/docker/library/redis", + "ghcr.io/dexidp/dex" ], "commitMessagePrefix": "chore({{parentDir}}):", "postUpgradeTasks": { diff --git a/scripts/release-analysis/README.md b/scripts/release-analysis/README.md index ab746cee..aefce0c7 100644 --- a/scripts/release-analysis/README.md +++ b/scripts/release-analysis/README.md @@ -4,7 +4,7 @@ Compare the time of the upstream release to the time of the equivalent Helm Char ## How to run -This is quite github-api-intensive, so you'll need a github PAT +This is quite github-api-intensive, so you'll need a github PAT. The PAT only requires public read (to fetch the data from the public repos without being too rate limited). ```bash # Build the container diff --git a/scripts/release-analysis/argo_helm_releases.csv b/scripts/release-analysis/argo_helm_releases.csv index 58046fc1..9912d8e8 100644 --- a/scripts/release-analysis/argo_helm_releases.csv +++ b/scripts/release-analysis/argo_helm_releases.csv @@ -1,4 +1,26 @@ Release Name,Release Date,Release Time,App Version +argo-workflows-0.45.9,2025-03-03,06:08:58,v3.6.4 +argo-cd-7.8.7,2025-03-01,03:07:42,v2.14.3 +argo-cd-7.8.6,2025-02-28,21:33:58,v2.14.3 +argo-workflows-0.45.8,2025-02-24,09:32:08,v3.6.4 +argo-cd-7.8.5,2025-02-23,21:45:52,v2.14.2 +argo-cd-7.8.4,2025-02-21,16:03:22,v2.14.2 +argo-cd-7.8.3,2025-02-20,00:42:29,v2.14.2 +argo-workflows-0.45.7,2025-02-15,10:11:36,v3.6.4 +argo-workflows-0.45.6,2025-02-10,14:30:33,v3.6.4 +argo-workflows-0.45.5,2025-02-08,05:59:05,v3.6.3 +argo-cd-7.8.2,2025-02-06,10:35:47,v2.14.2 +argo-cd-7.8.1,2025-02-06,10:07:58,v2.14.2 +argo-cd-7.8.0,2025-02-04,11:26:11,v2.14.1 +argo-cd-7.7.23,2025-02-03,09:39:31,v2.13.4 +argo-rollouts-2.39.0,2025-01-31,01:54:56,v1.8.0 +argo-cd-7.7.22,2025-01-29,22:47:19,v2.13.4 +argo-cd-7.7.21,2025-01-28,09:58:06,v2.13.3 +argo-cd-7.7.20,2025-01-28,08:14:34,v2.13.3 +argo-cd-7.7.19,2025-01-28,08:00:25,v2.13.3 +argo-cd-7.7.18,2025-01-27,15:32:10,v2.13.3 +argocd-image-updater-0.12.0,2025-01-25,13:31:56,v0.15.2 +argo-cd-7.7.17,2025-01-24,13:04:38,v2.13.3 argo-cd-7.7.16,2025-01-14,10:17:50,v2.13.3 argo-events-2.4.13,2025-01-11,10:22:47,v1.9.5 argo-workflows-0.45.4,2025-01-10,10:23:52,v3.6.2 diff --git a/scripts/release-analysis/argo_releases.csv b/scripts/release-analysis/argo_releases.csv index f630abe7..a0b2b714 100644 --- a/scripts/release-analysis/argo_releases.csv +++ b/scripts/release-analysis/argo_releases.csv @@ -1,4 +1,13 @@ Repository,Release Tag,Release Date,Release Time +argo-cd,v2.14.3,2025-02-28,19:39:18 +argo-cd,v2.14.2,2025-02-06,00:23:26 +argo-cd,v2.13.5,2025-02-05,22:13:35 +argo-cd,v2.14.1,2025-02-03,22:02:42 +argo-cd,v2.14.0,2025-02-03,20:22:37 +argo-cd,v2.14.0-rc7,2025-01-29,21:36:23 +argo-cd,v2.13.4,2025-01-29,21:30:00 +argo-cd,v2.12.10,2025-01-29,21:29:19 +argo-cd,v2.11.13,2025-01-29,21:29:02 argo-cd,v2.14.0-rc6,2025-01-21,21:40:31 argo-cd,v2.14.0-rc5,2025-01-08,20:16:38 argo-cd,v2.13.3,2025-01-03,19:23:42 @@ -438,6 +447,9 @@ argo-cd,v0.3.1,2018-04-24,23:32:12 argo-cd,v0.3.0,2018-04-23,08:29:14 argo-cd,v0.2.0,2018-04-03,18:19:24 argo-cd,v0.1.0,2018-03-13,00:38:20 +argo-workflows,v3.6.4,2025-02-10,12:56:26 +argo-workflows,v3.6.3,2025-02-07,15:02:18 +argo-workflows,v3.5.14,2025-01-31,09:01:29 argo-workflows,v3.6.2,2024-12-02,14:12:44 argo-workflows,v3.5.13,2024-12-02,13:09:39 argo-workflows,v3.6.0,2024-11-14,19:02:01 @@ -802,6 +814,7 @@ argo-events,v0.6,2018-11-27,11:46:02 argo-events,v0.5,2018-10-18,19:51:19 argo-events,v0.5-beta1,2018-07-27,15:00:03 argo-events,v0.5-alpha1,2018-06-20,19:23:36 +argo-rollouts,v1.8.0,2025-01-30,18:24:03 argo-rollouts,v1.8.0-rc2,2025-01-16,19:43:44 argo-rollouts,v1.8.0-rc1,2024-12-09,14:28:35 argo-rollouts,v1.7.2,2024-08-13,18:42:47 diff --git a/scripts/release-analysis/merged_releases.csv b/scripts/release-analysis/merged_releases.csv index a4c13445..b17fb720 100644 --- a/scripts/release-analysis/merged_releases.csv +++ b/scripts/release-analysis/merged_releases.csv @@ -1,4 +1,11 @@ Repository,Release Tag,Release Date,Release Time,App Version,Release Name,Release Date 2,Release Time 2,Time Difference +argo-workflows,v3.6.4,2025-02-10,12:56:26,v3.6.4,argo-workflows-0.45.6,2025-02-10,14:30:33,1.5686111111111112 +argo-cd,v2.14.3,2025-02-28,19:39:18,v2.14.3,argo-cd-7.8.6,2025-02-28,21:33:58,1.9111111111111112 +argo-cd,v2.14.2,2025-02-06,00:23:26,v2.14.2,argo-cd-7.8.1,2025-02-06,10:07:58,9.742222222222223 +argo-workflows,v3.6.3,2025-02-07,15:02:18,v3.6.3,argo-workflows-0.45.5,2025-02-08,05:59:05,14.946388888888889 +argo-cd,v2.14.1,2025-02-03,22:02:42,v2.14.1,argo-cd-7.8.0,2025-02-04,11:26:11,13.391388888888889 +argo-cd,v2.13.4,2025-01-29,21:30:00,v2.13.4,argo-cd-7.7.22,2025-01-29,22:47:19,1.2886111111111112 +argo-rollouts,v1.8.0,2025-01-30,18:24:03,v1.8.0,argo-rollouts-2.39.0,2025-01-31,01:54:56,7.514722222222222 argo-cd,v2.13.3,2025-01-03,19:23:42,v2.13.3,argo-cd-7.7.13,2025-01-04,00:07:55,4.736944444444444 argo-events,v1.9.5,2025-01-10,18:11:20,v1.9.5,argo-events-2.4.13,2025-01-11,10:22:47,16.190833333333334 argo-workflows,v3.6.2,2024-12-02,14:12:44,v3.6.2,argo-workflows-0.45.1,2024-12-02,17:39:46,3.4505555555555554 diff --git a/scripts/release-analysis/time_difference_plot_argo-cd.png b/scripts/release-analysis/time_difference_plot_argo-cd.png index 738c0b98..d47a0a02 100644 Binary files a/scripts/release-analysis/time_difference_plot_argo-cd.png and b/scripts/release-analysis/time_difference_plot_argo-cd.png differ diff --git a/scripts/release-analysis/time_difference_plot_argo-events.png b/scripts/release-analysis/time_difference_plot_argo-events.png index 7e6c6431..9af37f92 100644 Binary files a/scripts/release-analysis/time_difference_plot_argo-events.png and b/scripts/release-analysis/time_difference_plot_argo-events.png differ diff --git a/scripts/release-analysis/time_difference_plot_argo-rollouts.png b/scripts/release-analysis/time_difference_plot_argo-rollouts.png index 4a24f491..0dd8a5e4 100644 Binary files a/scripts/release-analysis/time_difference_plot_argo-rollouts.png and b/scripts/release-analysis/time_difference_plot_argo-rollouts.png differ diff --git a/scripts/release-analysis/time_difference_plot_argo-workflows.png b/scripts/release-analysis/time_difference_plot_argo-workflows.png index eb0dcf25..ecab8b5f 100644 Binary files a/scripts/release-analysis/time_difference_plot_argo-workflows.png and b/scripts/release-analysis/time_difference_plot_argo-workflows.png differ