diff options
| author | Saumit <justsaumit@protonmail.com> | 2025-10-11 02:34:38 +0530 |
|---|---|---|
| committer | Saumit <justsaumit@protonmail.com> | 2025-10-11 02:34:38 +0530 |
| commit | 88a326bacdffde9e065b08ba893a17149584e72e (patch) | |
| tree | 20e380438497afb8c4b33a932505602590721690 /astroshop-platform/argocd-helmchart/templates/argocd-applicationset | |
| parent | ef773bd27019ec6597bd12237e3b4f4f0f46f244 (diff) | |
platform: Adding argocd helm chart
Diffstat (limited to 'astroshop-platform/argocd-helmchart/templates/argocd-applicationset')
13 files changed, 867 insertions, 0 deletions
diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/certificate.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/certificate.yaml new file mode 100644 index 0000000..fce26bf --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/certificate.yaml @@ -0,0 +1,39 @@ +{{- if .Values.applicationSet.certificate.enabled -}} +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.applicationSet.certificate.annotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ include "argo-cd.namespace" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +spec: + secretName: argocd-applicationset-controller-tls + commonName: {{ .Values.applicationSet.certificate.domain | default .Values.global.domain }} + dnsNames: + - {{ .Values.applicationSet.certificate.domain | default .Values.global.domain }} + {{- range .Values.applicationSet.certificate.additionalHosts }} + - {{ . | quote }} + {{- end }} + {{- with .Values.applicationSet.certificate.duration }} + duration: {{ . | quote }} + {{- end }} + {{- with .Values.applicationSet.certificate.renewBefore }} + renewBefore: {{ . | quote }} + {{- end }} + issuerRef: + {{- with .Values.applicationSet.certificate.issuer.group }} + group: {{ . | quote }} + {{- end }} + kind: {{ .Values.applicationSet.certificate.issuer.kind | quote }} + name: {{ .Values.applicationSet.certificate.issuer.name | quote }} + {{- with .Values.applicationSet.certificate.privateKey }} + privateKey: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/clusterrole.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/clusterrole.yaml new file mode 100644 index 0000000..2723e3d --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/clusterrole.yaml @@ -0,0 +1,90 @@ +{{- if .Values.applicationSet.allowAnyNamespace }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.applicationSet.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +rules: + - apiGroups: + - argoproj.io + resources: + - applications + - applicationsets + - applicationsets/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - argoproj.io + resources: + - applicationsets/status + verbs: + - get + - patch + - update + - apiGroups: + - argoproj.io + resources: + - appprojects + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - update + - delete + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - deployments + verbs: + - get + - list + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +{{- end }} diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/clusterrolebinding.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/clusterrolebinding.yaml new file mode 100644 index 0000000..9dcae8d --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/clusterrolebinding.yaml @@ -0,0 +1,16 @@ +{{- if .Values.applicationSet.allowAnyNamespace }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "argo-cd.applicationSet.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "argo-cd.applicationSet.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "argo-cd.applicationSet.serviceAccountName" . }} + namespace: {{ include "argo-cd.namespace" . }} +{{- end }} diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/deployment.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/deployment.yaml new file mode 100644 index 0000000..42b17b6 --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/deployment.yaml @@ -0,0 +1,375 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.applicationSet.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ include "argo-cd.namespace" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentLabels) .Values.applicationSet.deploymentLabels) }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.applicationSet.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} + replicas: {{ .Values.applicationSet.replicas }} + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }} + template: + metadata: + annotations: + checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.applicationSet.podAnnotations) }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 8 }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.applicationSet.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.applicationSet.runtimeClassName | default .Values.global.runtimeClassName }} + runtimeClassName: {{ . }} + {{- end }} + {{- with .Values.applicationSet.imagePullSecrets | default .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.applicationSet.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + {{- if .Values.applicationSet.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.applicationSet.terminationGracePeriodSeconds }} + {{- end }} + serviceAccountName: {{ include "argo-cd.applicationSet.serviceAccountName" . }} + automountServiceAccountToken: {{ .Values.applicationSet.automountServiceAccountToken }} + containers: + - name: {{ .Values.applicationSet.name }} + image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} + args: + - /usr/local/bin/argocd-applicationset-controller + - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} + - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} + - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} + {{- with .Values.applicationSet.extraArgs }} + {{- toYaml . | nindent 12 }} + {{- end }} + env: + {{- with (concat .Values.global.env .Values.applicationSet.extraEnv) }} + {{- toYaml . | nindent 12 }} + {{- end }} + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.global.preserved.annotations + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_LABELS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.global.preserved.labels + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.leader.election + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + valueFrom: + configMapKeyRef: + key: repo.server + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.policy + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.policy.override + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.debug + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.format + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_LOG_FORMAT_TIMESTAMP + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: log.format.timestamp + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.dryrun + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_MODULES_ENABLED + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.git.submodule + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.progressive.syncs + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_TOKENREF_STRICT_MODE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.tokenref.strict.mode + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.new.git.file.globbing + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.plaintext + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.strict.tls + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.timeout.seconds + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.concurrent.reconciliations.max + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.namespaces + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.scm.root.ca.path + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.allowed.scm.providers + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.enable.scm.providers + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_GITHUB_API_METRICS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.enable.github.api.metrics + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_WEBHOOK_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.webhook.parallelism.limit + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REQUEUE_AFTER + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.requeue.after + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_MAX_RESOURCES_STATUS_COUNT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.status.max.resources.count + optional: true + {{- with .Values.applicationSet.extraEnvFrom }} + envFrom: + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: metrics + containerPort: {{ .Values.applicationSet.containerPorts.metrics }} + protocol: TCP + - name: probe + containerPort: {{ .Values.applicationSet.containerPorts.probe }} + protocol: TCP + - name: webhook + containerPort: {{ .Values.applicationSet.containerPorts.webhook }} + protocol: TCP + {{- if .Values.applicationSet.livenessProbe.enabled }} + livenessProbe: + tcpSocket: + port: probe + initialDelaySeconds: {{ .Values.applicationSet.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.applicationSet.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.applicationSet.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.applicationSet.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.applicationSet.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.applicationSet.readinessProbe.enabled }} + readinessProbe: + tcpSocket: + port: probe + initialDelaySeconds: {{ .Values.applicationSet.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.applicationSet.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.applicationSet.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.applicationSet.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.applicationSet.readinessProbe.failureThreshold }} + {{- end }} + resources: + {{- toYaml .Values.applicationSet.resources | nindent 12 }} + {{- with .Values.applicationSet.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + {{- with .Values.applicationSet.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + - mountPath: /app/config/ssh + name: ssh-known-hosts + - mountPath: /app/config/tls + name: tls-certs + - mountPath: /app/config/gpg/source + name: gpg-keys + - mountPath: /app/config/gpg/keys + name: gpg-keyring + - mountPath: /app/config/reposerver/tls + name: argocd-repo-server-tls + - mountPath: /tmp + name: tmp + {{- with .Values.applicationSet.extraContainers }} + {{- tpl (toYaml .) $ | nindent 8 }} + {{- end }} + {{- with .Values.applicationSet.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) }} + affinity: + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.applicationSet.nodeSelector | default .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.applicationSet.tolerations | default .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.applicationSet.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.applicationSet.name) | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} + volumes: + {{- with .Values.applicationSet.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: ssh-known-hosts + configMap: + name: argocd-ssh-known-hosts-cm + - name: tls-certs + configMap: + name: argocd-tls-certs-cm + - name: gpg-keys + configMap: + name: argocd-gpg-keys-cm + - name: gpg-keyring + {{- if .Values.applicationSet.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.applicationSet.emptyDir.sizeLimit }} + {{- else }} + emptyDir: {} + {{- end }} + - name: tmp + {{- if .Values.applicationSet.emptyDir.sizeLimit }} + emptyDir: + sizeLimit: {{ .Values.applicationSet.emptyDir.sizeLimit }} + {{- else }} + emptyDir: {} + {{- end }} + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + {{- with .Values.applicationSet.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.applicationSet.dnsPolicy }} diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/ingress.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/ingress.yaml new file mode 100644 index 0000000..5cdf0cf --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/ingress.yaml @@ -0,0 +1,62 @@ +{{- if .Values.applicationSet.ingress.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ include "argo-cd.namespace" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} + {{- with .Values.applicationSet.ingress.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.applicationSet.ingress.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + {{- with .Values.applicationSet.ingress.ingressClassName }} + ingressClassName: {{ . }} + {{- end }} + rules: + - host: {{ .Values.applicationSet.ingress.hostname | default .Values.global.domain }} + http: + paths: + {{- with .Values.applicationSet.ingress.extraPaths }} + {{- tpl (toYaml .) $ | nindent 10 }} + {{- end }} + - path: {{ .Values.applicationSet.ingress.path }} + pathType: {{ .Values.applicationSet.ingress.pathType }} + backend: + service: + name: {{ include "argo-cd.applicationSet.fullname" . }} + port: + number: {{ .Values.applicationSet.service.port }} + {{- range .Values.applicationSet.ingress.extraHosts }} + - host: {{ .name | quote }} + http: + paths: + - path: {{ default $.Values.applicationSet.ingress.path .path }} + pathType: {{ default $.Values.applicationSet.ingress.pathType .pathType }} + backend: + service: + name: {{ include "argo-cd.applicationSet.fullname" $ }} + port: + number: {{ $.Values.applicationSet.service.port }} + {{- end }} + {{- with .Values.applicationSet.ingress.extraRules }} + {{- tpl (toYaml .) $ | nindent 4 }} + {{- end }} + {{- if or .Values.applicationSet.ingress.tls .Values.applicationSet.ingress.extraTls }} + tls: + {{- if .Values.applicationSet.ingress.tls }} + - hosts: + - {{ .Values.applicationSet.ingress.hostname | default .Values.global.domain }} + secretName: argocd-applicationset-controller-tls + {{- end }} + {{- with .Values.applicationSet.ingress.extraTls }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/metrics.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/metrics.yaml new file mode 100644 index 0000000..de5638a --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/metrics.yaml @@ -0,0 +1,35 @@ +{{- if .Values.applicationSet.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "argo-cd.applicationSet.fullname" . }}-metrics + namespace: {{ include "argo-cd.namespace" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 4 }} + {{- with .Values.applicationSet.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if or .Values.applicationSet.metrics.service.annotations .Values.global.addPrometheusAnnotations }} + annotations: + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.applicationSet.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.applicationSet.metrics.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + type: {{ .Values.applicationSet.metrics.service.type }} + {{- if and .Values.applicationSet.metrics.service.clusterIP (eq .Values.applicationSet.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.applicationSet.metrics.service.clusterIP }} + {{- end }} + {{- include "argo-cd.dualStack" . | indent 2 }} + ports: + - name: {{ .Values.applicationSet.metrics.service.portName }} + protocol: TCP + port: {{ .Values.applicationSet.metrics.service.servicePort }} + targetPort: metrics + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 4 }} +{{- end }} diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/networkpolicy.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/networkpolicy.yaml new file mode 100644 index 0000000..f249cfc --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/networkpolicy.yaml @@ -0,0 +1,24 @@ +{{- if and (or .Values.applicationSet.networkPolicy.create .Values.global.networkPolicy.create) (or .Values.applicationSet.metrics.enabled .Values.applicationSet.ingress.enabled) }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ include "argo-cd.namespace" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +spec: + ingress: + {{- if .Values.applicationSet.ingress.enabled }} + - ports: + - port: webhook + {{- end }} + - from: + - namespaceSelector: {} + ports: + - port: metrics + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/pdb.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/pdb.yaml new file mode 100644 index 0000000..5d0ebc8 --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/pdb.yaml @@ -0,0 +1,27 @@ +{{- if .Values.applicationSet.pdb.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ include "argo-cd.namespace" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} + {{- with .Values.applicationSet.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.applicationSet.pdb.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + {{- with .Values.applicationSet.pdb.maxUnavailable }} + maxUnavailable: {{ . }} + {{- else }} + minAvailable: {{ .Values.applicationSet.pdb.minAvailable | default 0 }} + {{- end }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }} +{{- end }} diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/role.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/role.yaml new file mode 100644 index 0000000..d8cfed6 --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/role.yaml @@ -0,0 +1,89 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ include "argo-cd.namespace" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +rules: + - apiGroups: + - argoproj.io + resources: + - applications + - applicationsets + - applicationsets/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - argoproj.io + resources: + - applicationsets/status + verbs: + - get + - patch + - update + - apiGroups: + - argoproj.io + resources: + - appprojects + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - update + - delete + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - deployments + verbs: + - get + - list + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/rolebinding.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/rolebinding.yaml new file mode 100644 index 0000000..5d4f1e4 --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/rolebinding.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ include "argo-cd.namespace" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "argo-cd.applicationSet.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "argo-cd.applicationSet.serviceAccountName" . }} + namespace: {{ include "argo-cd.namespace" . }} diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/service.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/service.yaml new file mode 100644 index 0000000..bf58c6b --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/service.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.applicationSet.service.annotations }} + annotations: + {{- range $key, $value := .Values.applicationSet.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ include "argo-cd.namespace" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +{{- with .Values.applicationSet.service.labels }} +{{- toYaml . | nindent 4 }} +{{- end }} +spec: + type: {{ .Values.applicationSet.service.type }} + {{- include "argo-cd.dualStack" . | indent 2 }} + ports: + - name: {{ .Values.applicationSet.service.portName }} + port: {{ .Values.applicationSet.service.port }} + targetPort: webhook + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 4 }} diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/serviceaccount.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/serviceaccount.yaml new file mode 100644 index 0000000..4869cad --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/serviceaccount.yaml @@ -0,0 +1,19 @@ +{{- if .Values.applicationSet.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ include "argo-cd.applicationSet.serviceAccountName" . }} + namespace: {{ include "argo-cd.namespace" . }} + {{- with .Values.applicationSet.serviceAccount.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} + {{- with .Values.applicationSet.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/servicemonitor.yaml b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/servicemonitor.yaml new file mode 100644 index 0000000..52d7070 --- /dev/null +++ b/astroshop-platform/argocd-helmchart/templates/argocd-applicationset/servicemonitor.yaml @@ -0,0 +1,51 @@ +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ default (include "argo-cd.namespace" .) .Values.applicationSet.metrics.serviceMonitor.namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} + {{- with .Values.applicationSet.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.applicationSet.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.applicationSet.metrics.serviceMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: {{ .Values.applicationSet.metrics.service.portName }} + {{- with .Values.applicationSet.metrics.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} + {{- with .Values.applicationSet.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + path: /metrics + {{- with .Values.applicationSet.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.applicationSet.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + honorLabels: {{ .Values.applicationSet.metrics.serviceMonitor.honorLabels }} + {{- with .Values.applicationSet.metrics.serviceMonitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with .Values.applicationSet.metrics.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ include "argo-cd.namespace" . }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 6 }} +{{- end }} |