diff --git a/chart/chart-index/Chart.yaml b/chart/chart-index/Chart.yaml index 212504d134..e6cc8d5b05 100644 --- a/chart/chart-index/Chart.yaml +++ b/chart/chart-index/Chart.yaml @@ -6,7 +6,7 @@ version: 0.1.0 dependencies: - name: argo-cd alias: argocd - version: 8.0.9 + version: 8.1.0 repository: https://argoproj.github.io/argo-helm - name: cert-manager version: v1.17.1 diff --git a/charts/argocd/Chart.lock b/charts/argocd/Chart.lock index 0e96099e7d..21d9303d8b 100644 --- a/charts/argocd/Chart.lock +++ b/charts/argocd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.33.2 -digest: sha256:1ce334c23fe53427c771277cc7cecd4143226aba04c8a6c52513042a96e7ff5d -generated: "2025-03-27T09:46:27.113833-07:00" + version: 4.33.7 +digest: sha256:a3eba6bba484e9fbfaca33e7f1ea3e6daed74014df7e7b077c496c2201b01996 +generated: "2025-05-25T11:18:29.356017-05:00" diff --git a/charts/argocd/Chart.yaml b/charts/argocd/Chart.yaml index e9a0549986..c0f4e22466 100644 --- a/charts/argocd/Chart.yaml +++ b/charts/argocd/Chart.yaml @@ -1,17 +1,17 @@ annotations: artifacthub.io/changes: | - - kind: changed - description: Bump dex to v2.43.1 + - kind: added + description: trafficDistribution to repo server service artifacthub.io/signKey: | fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc apiVersion: v2 -appVersion: v3.0.3 +appVersion: v3.0.6 dependencies: - condition: redis-ha.enabled name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.33.2 + version: 4.33.7 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. home: https://github.com/argoproj/argo-helm @@ -28,4 +28,4 @@ name: argo-cd sources: - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd - https://github.com/argoproj/argo-cd -version: 8.0.9 +version: 8.1.0 diff --git a/charts/argocd/README.md b/charts/argocd/README.md index 91824a72eb..93fb6b7f9b 100644 --- a/charts/argocd/README.md +++ b/charts/argocd/README.md @@ -798,6 +798,7 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf | configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts | | configs.params."controller.status.processors" | int | `20` | Number of application status processors | | configs.params."controller.sync.timeout.seconds" | int | `0` | Specifies the timeout after which a sync would be terminated. 0 means no timeout | +| configs.params."hydrator.enabled" | bool | `false` | Enable the hydrator feature (hydrator is in Alpha phase) | | configs.params."otlp.address" | string | `""` | Open-Telemetry collector address: (e.g. "otel-collector:4317") | | configs.params."reposerver.parallelism.limit" | int | `0` | Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. | | configs.params."server.basehref" | string | `"/"` | Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / | @@ -1012,6 +1013,7 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf | repoServer.service.labels | object | `{}` | Repo server service labels | | repoServer.service.port | int | `8081` | Repo server service port | | repoServer.service.portName | string | `"tcp-repo-server"` | Repo server service port name | +| repoServer.service.trafficDistribution | string | `""` | Traffic distribution preference for the repo server service. If the field is not set, the implementation will apply its default routing strategy. | | repoServer.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | repoServer.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | repoServer.serviceAccount.create | bool | `true` | Create repo server service account | @@ -1307,7 +1309,7 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf | redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"ghcr.io/oliver006/redis_exporter"` | Repository to use for the redis-exporter | -| redis.exporter.image.tag | string | `"v1.73.0"` | Tag to use for the redis-exporter | +| redis.exporter.image.tag | string | `"v1.74.0"` | Tag to use for the redis-exporter | | redis.exporter.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Redis exporter | | redis.exporter.livenessProbe.failureThreshold | int | `5` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | redis.exporter.livenessProbe.initialDelaySeconds | int | `30` | Number of seconds after the container has started before [probe] is initiated | @@ -1324,7 +1326,7 @@ NOTE: Any values you put under `.Values.configs.cm` are passed to argocd-cm Conf | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | -| redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | +| redis.image.repository | string | `"ecr-public.aws.com/docker/library/redis"` | Redis repository | | redis.image.tag | string | `"7.2.8-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | @@ -1406,11 +1408,12 @@ The main options are listed here: | redis-ha.haproxy.containerSecurityContext | object | See [values.yaml] | HAProxy container-level security context | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | +| redis-ha.haproxy.image.repository | string | `"ecr-public.aws.com/docker/library/haproxy"` | HAProxy Image Repository | | redis-ha.haproxy.labels | object | `{"app.kubernetes.io/name":"argocd-redis-ha-haproxy"}` | Custom labels for the haproxy pod. This is relevant for Argo CD CLI. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | | redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | -| redis-ha.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | +| redis-ha.image.repository | string | `"ecr-public.aws.com/docker/library/redis"` | Redis repository | | redis-ha.image.tag | string | `"7.2.8-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | @@ -1434,7 +1437,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| -| externalRedis.existingSecret | string | `""` | The name of an existing secret with Redis (must contain key `redis-password`) and Sentinel credentials. When it's set, the `externalRedis.password` parameter is ignored | +| externalRedis.existingSecret | string | `""` | The name of an existing secret with Redis (must contain key `redis-password`. And should contain `redis-username` if username is not `default`) and Sentinel credentials. When it's set, the `externalRedis.username` and `externalRedis.password` parameters are ignored | | externalRedis.host | string | `""` | External Redis server host | | externalRedis.password | string | `""` | External Redis password | | externalRedis.port | int | `6379` | External Redis server port | diff --git a/charts/argocd/charts/redis-ha/Chart.yaml b/charts/argocd/charts/redis-ha/Chart.yaml index 43f997fa5b..ee7119fcc4 100644 --- a/charts/argocd/charts/redis-ha/Chart.yaml +++ b/charts/argocd/charts/redis-ha/Chart.yaml @@ -16,4 +16,4 @@ sources: - https://redis.io/download - https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha - https://github.com/oliver006/redis_exporter -version: 4.33.2 +version: 4.33.7 diff --git a/charts/argocd/charts/redis-ha/README.md b/charts/argocd/charts/redis-ha/README.md index 584d76a7a0..e1562b08db 100644 --- a/charts/argocd/charts/redis-ha/README.md +++ b/charts/argocd/charts/redis-ha/README.md @@ -78,7 +78,7 @@ The following table lists the configurable parameters of the Redis chart and the | `extraInitContainers` | Extra init containers to include in StatefulSet | list | `[]` | | `extraLabels` | Labels added here are applied to all created resources | object | `{}` | | `extraVolumes` | Extra volumes to include in StatefulSet | list | `[]` | -| `fullNameOverride` | Full name of the Redis HA Resources | string | `""` | +| `fullnameOverride` | Full name of the Redis HA Resources | string | `""` | | `global.compatibility` | Openshift compatibility options | object | `{"openshift":{"adaptSecurityContext":"auto"}}` | | `global.priorityClassName` | Default priority class for all components | string | `""` | | `hardAntiAffinity` | Whether the Redis server pods should be forced to run on separate nodes. # This is accomplished by setting their AntiAffinity with requiredDuringSchedulingIgnoredDuringExecution as opposed to preferred. # Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity-beta-feature | bool | `true` | @@ -165,7 +165,7 @@ The following table lists the configurable parameters of the Redis chart and the | `schedulerName` | Use an alternate scheduler, e.g. "stork". ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ | string | `""` | | `securityContext` | Security context to be added to the Redis StatefulSet. | object | `{"fsGroup":1000,"runAsNonRoot":true,"runAsUser":1000}` | | `serviceAccount.annotations` | Annotations to be added to the service account for the redis statefulset | object | `{}` | -| `serviceAccount.automountToken` | opt in/out of automounting API credentials into container. Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ | bool | `false` | +| `serviceAccount.automountToken` | opt in/out of automounting API credentials into container. Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ | bool | `true` | | `serviceAccount.create` | Specifies whether a ServiceAccount should be created | bool | `true` | | `serviceAccount.name` | The name of the ServiceAccount to use. If not set and create is true, a name is generated using the redis-ha.fullname template | string | `""` | | `serviceLabels` | Custom labels for redis service | object | `{}` | diff --git a/charts/argocd/charts/redis-ha/templates/redis-ha-pdb.yaml b/charts/argocd/charts/redis-ha/templates/redis-ha-pdb.yaml index 82506938f8..fbcb5062bb 100644 --- a/charts/argocd/charts/redis-ha/templates/redis-ha-pdb.yaml +++ b/charts/argocd/charts/redis-ha/templates/redis-ha-pdb.yaml @@ -12,9 +12,6 @@ metadata: spec: selector: matchLabels: - # The replica label is set on StatefulSet pods but not the Test pods - # We want to avoid including the Test pods in the budget - {{ template "redis-ha.fullname" . }}: replica release: {{ .Release.Name }} app: {{ template "redis-ha.name" . }} {{ toYaml .Values.podDisruptionBudget | indent 2 }} diff --git a/charts/argocd/charts/redis-ha/values.yaml b/charts/argocd/charts/redis-ha/values.yaml index 8fd8f2f48f..e857f158fb 100644 --- a/charts/argocd/charts/redis-ha/values.yaml +++ b/charts/argocd/charts/redis-ha/values.yaml @@ -19,7 +19,7 @@ image: pullPolicy: IfNotPresent # -- Full name of the Redis HA Resources -fullNameOverride: "" +fullnameOverride: "" # -- Name override for Redis HA resources nameOverride: "" @@ -127,7 +127,7 @@ haproxy: # -- HAProxy Image Repository repository: public.ecr.aws/docker/library/haproxy # -- HAProxy Image Tag - tag: 3.0.7-alpine + tag: 3.0.8-alpine # -- HAProxy Image PullPolicy pullPolicy: IfNotPresent @@ -185,7 +185,7 @@ haproxy: serviceAccount: # -- Specifies whether a ServiceAccount should be created create: true - automountToken: false + automountToken: true ## Official HAProxy embedded prometheus metrics settings. ## Ref: https://github.com/haproxy/haproxy/tree/master/contrib/prometheus-exporter @@ -418,15 +418,15 @@ redis: # -- Enable Startup Probe enabled: true # -- Initial delay in seconds for startup probe - initialDelaySeconds: 5 + initialDelaySeconds: 30 # -- Period in seconds after which startup probe will be repeated - periodSeconds: 10 + periodSeconds: 15 # -- Timeout seconds for startup probe timeoutSeconds: 15 # -- Success threshold for startup probe successThreshold: 1 # -- Failure threshold for startup probe - failureThreshold: 3 + failureThreshold: 5 # -- Array with commands to disable disableCommands: diff --git a/charts/argocd/templates/argocd-application-controller/deployment.yaml b/charts/argocd/templates/argocd-application-controller/deployment.yaml index aacba1b4a9..5246bac94a 100644 --- a/charts/argocd/templates/argocd-application-controller/deployment.yaml +++ b/charts/argocd/templates/argocd-application-controller/deployment.yaml @@ -181,6 +181,12 @@ spec: name: argocd-cmd-params-cm key: controller.self.heal.backoff.cap.seconds optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_COOLDOWN_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.backoff.cooldown.seconds + optional: true - name: ARGOCD_APPLICATION_CONTROLLER_SYNC_TIMEOUT valueFrom: configMapKeyRef: diff --git a/charts/argocd/templates/argocd-application-controller/statefulset.yaml b/charts/argocd/templates/argocd-application-controller/statefulset.yaml index 128a10d04b..02c5180617 100644 --- a/charts/argocd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argocd/templates/argocd-application-controller/statefulset.yaml @@ -180,6 +180,12 @@ spec: name: argocd-cmd-params-cm key: controller.self.heal.backoff.cap.seconds optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_COOLDOWN_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.self.heal.backoff.cooldown.seconds + optional: true - name: ARGOCD_APPLICATION_CONTROLLER_SYNC_TIMEOUT valueFrom: configMapKeyRef: diff --git a/charts/argocd/templates/argocd-repo-server/service.yaml b/charts/argocd/templates/argocd-repo-server/service.yaml index 24ca10ef5a..7e20c86481 100644 --- a/charts/argocd/templates/argocd-repo-server/service.yaml +++ b/charts/argocd/templates/argocd-repo-server/service.yaml @@ -23,3 +23,6 @@ spec: targetPort: repo-server selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 4 }} + {{- if .Values.repoServer.service.trafficDistribution }} + trafficDistribution: {{ .Values.repoServer.service.trafficDistribution }} + {{- end }} diff --git a/charts/argocd/values.yaml b/charts/argocd/values.yaml index 86cd1c7545..9018bcc00f 100644 --- a/charts/argocd/values.yaml +++ b/charts/argocd/values.yaml @@ -419,6 +419,8 @@ configs: server.enable.gzip: true # -- Enable proxy extension feature. (proxy extension is in Alpha phase) server.enable.proxy.extension: false + # -- Enable the hydrator feature (hydrator is in Alpha phase) + hydrator.enabled: false # -- Set X-Frame-Options header in HTTP responses to value. To disable, set to "". server.x.frame.options: sameorigin @@ -1416,7 +1418,7 @@ redis: ## Redis image image: # -- Redis repository - repository: public.ecr.aws/docker/library/redis + repository: ecr-public.aws.com/docker/library/redis # -- Redis tag ## Do not upgrade to >= 7.4.0, otherwise you are no longer using an open source version of Redis tag: 7.2.8-alpine @@ -1435,7 +1437,7 @@ redis: # -- Repository to use for the redis-exporter repository: ghcr.io/oliver006/redis_exporter # -- Tag to use for the redis-exporter - tag: v1.73.0 + tag: v1.74.0 # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1703,7 +1705,7 @@ redis-ha: ## Redis image image: # -- Redis repository - repository: public.ecr.aws/docker/library/redis + repository: ecr-public.aws.com/docker/library/redis # -- Redis tag ## Do not upgrade to >= 7.4.0, otherwise you are no longer using an open source version of Redis tag: 7.2.8-alpine @@ -1735,6 +1737,9 @@ redis-ha: # -- Custom labels for the haproxy pod. This is relevant for Argo CD CLI. labels: app.kubernetes.io/name: argocd-redis-ha-haproxy + image: + # -- HAProxy Image Repository + repository: ecr-public.aws.com/docker/library/haproxy metrics: # -- HAProxy enable prometheus metric scraping enabled: true @@ -1799,8 +1804,8 @@ externalRedis: password: "" # -- External Redis server port port: 6379 - # -- The name of an existing secret with Redis (must contain key `redis-password`) and Sentinel credentials. - # When it's set, the `externalRedis.password` parameter is ignored + # -- The name of an existing secret with Redis (must contain key `redis-password`. And should contain `redis-username` if username is not `default`) and Sentinel credentials. + # When it's set, the `externalRedis.username` and `externalRedis.password` parameters are ignored existingSecret: "" # -- External Redis Secret annotations secretAnnotations: {} @@ -2866,6 +2871,8 @@ repoServer: port: 8081 # -- Repo server service port name portName: tcp-repo-server + # -- Traffic distribution preference for the repo server service. If the field is not set, the implementation will apply its default routing strategy. + trafficDistribution: "" ## Repo server metrics service configuration metrics: