From a9d3428f467ed453d4d4453a9773f3dea3fb0510 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Mon, 24 Aug 2020 21:25:50 +0200 Subject: [PATCH] upgrade argo to 1.7rc --- argocd/argocd.yaml | 451 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 434 insertions(+), 17 deletions(-) diff --git a/argocd/argocd.yaml b/argocd/argocd.yaml index 406cdbb..8c4fb24 100644 --- a/argocd/argocd.yaml +++ b/argocd/argocd.yaml @@ -36,6 +36,56 @@ spec: operation: description: Operation contains requested operation parameters. properties: + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + initiatedBy: + description: OperationInitiator holds information about the operation + initiator + properties: + automated: + description: Automated is set to true if operation was initiated + automatically by the application controller. + type: boolean + username: + description: Name of a user who started operation. + type: string + type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default unit + is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed + for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying + a container + format: int64 + type: integer + type: object sync: description: SyncOperation contains sync operation details. properties: @@ -64,6 +114,8 @@ spec: type: string name: type: string + namespace: + type: string required: - kind - name @@ -104,6 +156,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: @@ -127,6 +184,21 @@ spec: helm: description: Helm holds helm specific options properties: + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter to + a helm template + properties: + name: + description: Name is the name of the helm parameter + type: string + path: + description: Path is the path value for the helm parameter + type: string + type: object + type: array parameters: description: Parameters are parameters to the helm template items: @@ -205,6 +277,9 @@ spec: description: NameSuffix is a suffix appended to resources for kustomize apps type: string + version: + description: Version contains optional Kustomize version + type: string type: object path: description: Path is a directory path within the Git repository @@ -242,6 +317,11 @@ spec: required: - repoURL type: object + syncOptions: + description: SyncOptions provide per-sync sync-options, e.g. Validate=false + items: + type: string + type: array syncStrategy: description: SyncStrategy describes how to perform the sync properties: @@ -279,6 +359,10 @@ spec: description: Destination overrides the kubernetes server and namespace defined in the environment ksonnet app.yaml properties: + name: + description: Name of the destination cluster which can be used instead + of server (url) field + type: string namespace: description: Namespace overrides the environment namespace value in the ksonnet app.yaml @@ -369,6 +453,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: @@ -392,6 +481,21 @@ spec: helm: description: Helm holds helm specific options properties: + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter to a helm + template + properties: + name: + description: Name is the name of the helm parameter + type: string + path: + description: Path is the path value for the helm parameter + type: string + type: object + type: array parameters: description: Parameters are parameters to the helm template items: @@ -469,6 +573,9 @@ spec: description: NameSuffix is a suffix appended to resources for kustomize apps type: string + version: + description: Version contains optional Kustomize version + type: string type: object path: description: Path is a directory path within the Git repository @@ -519,6 +626,38 @@ spec: description: 'SelfHeal enables auto-syncing if (default: false)' type: boolean type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default + unit is seconds, but could also be a duration (e.g. "2m", + "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration + after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed + for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when retrying + a container + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole app sync-options + items: + type: string + type: array type: object required: - destination @@ -556,6 +695,7 @@ spec: message: type: string status: + description: Represents resource health status type: string type: object history: @@ -565,13 +705,20 @@ spec: description: RevisionHistory contains information relevant to an application deployment properties: + deployStartedAt: + description: DeployStartedAt holds the time the deployment started + format: date-time + type: string deployedAt: + description: DeployedAt holds the time the deployment completed format: date-time type: string id: + description: ID is an auto incrementing identifier of the RevisionHistory format: int64 type: integer revision: + description: Revision holds the revision of the sync type: string source: description: ApplicationSource contains information about github @@ -604,6 +751,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments items: @@ -627,6 +779,22 @@ spec: helm: description: Helm holds helm specific options properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter to + a helm template + properties: + name: + description: Name is the name of the helm parameter + type: string + path: + description: Path is the path value for the helm + parameter + type: string + type: object + type: array parameters: description: Parameters are parameters to the helm template items: @@ -707,6 +875,9 @@ spec: description: NameSuffix is a suffix appended to resources for kustomize apps type: string + version: + description: Version contains optional Kustomize version + type: string type: object path: description: Path is a directory path within the Git repository @@ -770,6 +941,57 @@ spec: operation: description: Operation is the original requested operation properties: + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + initiatedBy: + description: OperationInitiator holds information about the + operation initiator + properties: + automated: + description: Automated is set to true if operation was initiated + automatically by the application controller. + type: boolean + username: + description: Name of a user who started operation. + type: string + type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. Default + unit is seconds, but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base + duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time + allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts when + retrying a container + format: int64 + type: integer + type: object sync: description: SyncOperation contains sync operation details. properties: @@ -799,6 +1021,8 @@ spec: type: string name: type: string + namespace: + type: string required: - kind - name @@ -842,6 +1066,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments @@ -866,6 +1095,23 @@ spec: helm: description: Helm holds helm specific options properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + to a helm template + properties: + name: + description: Name is the name of the helm + parameter + type: string + path: + description: Path is the path value for the + helm parameter + type: string + type: object + type: array parameters: description: Parameters are parameters to the helm template @@ -951,6 +1197,10 @@ spec: description: NameSuffix is a suffix appended to resources for kustomize apps type: string + version: + description: Version contains optional Kustomize + version + type: string type: object path: description: Path is a directory path within the Git @@ -989,6 +1239,12 @@ spec: required: - repoURL type: object + syncOptions: + description: SyncOptions provide per-sync sync-options, + e.g. Validate=false + items: + type: string + type: array syncStrategy: description: SyncStrategy describes how to perform the sync properties: @@ -1022,6 +1278,10 @@ spec: phase: description: Phase is the current phase of the operation type: string + retryCount: + description: RetryCount contains time of operation retries + format: int64 + type: integer startedAt: description: StartedAt contains time of operation start format: date-time @@ -1109,6 +1369,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments @@ -1133,6 +1398,22 @@ spec: helm: description: Helm holds helm specific options properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + to a helm template + properties: + name: + description: Name is the name of the helm parameter + type: string + path: + description: Path is the path value for the helm + parameter + type: string + type: object + type: array parameters: description: Parameters are parameters to the helm template items: @@ -1215,6 +1496,9 @@ spec: description: NameSuffix is a suffix appended to resources for kustomize apps type: string + version: + description: Version contains optional Kustomize version + type: string type: object path: description: Path is a directory path within the Git repository @@ -1277,6 +1561,7 @@ spec: message: type: string status: + description: Represents resource health status type: string type: object hook: @@ -1325,6 +1610,10 @@ spec: description: ApplicationDestination contains deployment destination information properties: + name: + description: Name of the destination cluster which can be + used instead of server (url) field + type: string namespace: description: Namespace overrides the environment namespace value in the ksonnet app.yaml @@ -1366,6 +1655,11 @@ spec: - value type: object type: array + libs: + description: Additional library search dirs + items: + type: string + type: array tlas: description: TLAS is a list of Jsonnet Top-level Arguments @@ -1390,6 +1684,22 @@ spec: helm: description: Helm holds helm specific options properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + to a helm template + properties: + name: + description: Name is the name of the helm parameter + type: string + path: + description: Path is the path value for the helm + parameter + type: string + type: object + type: array parameters: description: Parameters are parameters to the helm template items: @@ -1472,6 +1782,9 @@ spec: description: NameSuffix is a suffix appended to resources for kustomize apps type: string + version: + description: Version contains optional Kustomize version + type: string type: object path: description: Path is a directory path within the Git repository @@ -1574,6 +1887,23 @@ spec: spec: description: AppProjectSpec is the specification of an AppProject properties: + clusterResourceBlacklist: + description: ClusterResourceBlacklist contains list of blacklisted cluster + level resources + items: + description: GroupKind specifies a Group and a Kind, but does not + force a version. This is useful for identifying concepts during + lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array clusterResourceWhitelist: description: ClusterResourceWhitelist contains list of whitelisted cluster level resources @@ -1601,6 +1931,10 @@ spec: description: ApplicationDestination contains deployment destination information properties: + name: + description: Name of the destination cluster which can be used + instead of server (url) field + type: string namespace: description: Namespace overrides the environment namespace value in the ksonnet app.yaml @@ -1628,10 +1962,38 @@ spec: - kind type: object type: array + namespaceResourceWhitelist: + description: NamespaceResourceWhitelist contains list of whitelisted + namespace level resources + items: + description: GroupKind specifies a Group and a Kind, but does not + force a version. This is useful for identifying concepts during + lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array orphanedResources: description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project properties: + ignore: + items: + properties: + group: + type: string + kind: + type: string + name: + type: string + type: object + type: array warn: description: Warn indicates if warning condition should be created for apps which have orphaned resources @@ -1665,6 +2027,8 @@ spec: iat: format: int64 type: integer + id: + type: string required: - iat type: object @@ -1682,6 +2046,20 @@ spec: - name type: object type: array + signatureKeys: + description: List of PGP key IDs that commits to be synced to must be + signed with + items: + description: SignatureKey is the specification of a key required to + verify commit signatures with + properties: + keyID: + description: The ID of the key in hexadecimal notation + type: string + required: + - keyID + type: object + type: array sourceRepos: description: SourceRepos contains list of repository URLs which can be used for deployment @@ -1731,6 +2109,32 @@ spec: type: object type: array type: object + status: + description: AppProjectStatus contains information about appproj + properties: + jwtTokensByRole: + additionalProperties: + properties: + items: + items: + description: JWTToken holds the issuedAt and expiresAt values + of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + type: object + type: object + type: object required: - metadata - spec @@ -2012,6 +2416,14 @@ metadata: --- apiVersion: v1 kind: ConfigMap +metadata: + labels: + app.kubernetes.io/name: argocd-gpg-keys-cm + app.kubernetes.io/part-of: argocd + name: argocd-gpg-keys-cm +--- +apiVersion: v1 +kind: ConfigMap metadata: labels: app.kubernetes.io/name: argocd-rbac-cm @@ -2071,6 +2483,10 @@ spec: port: 5557 protocol: TCP targetPort: 5557 + - name: metrics + port: 5558 + protocol: TCP + targetPort: 5558 selector: app.kubernetes.io/name: argocd-dex-server --- @@ -2192,7 +2608,7 @@ spec: - "20" - --operation-processors - "10" - image: argoproj/argocd:v1.6.2 + image: argoproj/argocd:v1.7.0-rc1 imagePullPolicy: Always livenessProbe: httpGet: @@ -2232,21 +2648,23 @@ spec: - command: - /shared/argocd-util - rundex - image: quay.io/dexidp/dex:v2.24.0 + image: quay.io/dexidp/dex:v2.22.0 imagePullPolicy: Always name: dex ports: - containerPort: 5556 - containerPort: 5557 + - containerPort: 5558 volumeMounts: - mountPath: /shared name: static-files initContainers: - command: - cp + - -n - /usr/local/bin/argocd-util - /shared - image: argoproj/argocd:v1.6.2 + image: argoproj/argocd:v1.7.0-rc1 imagePullPolicy: Always name: copyutil volumeMounts: @@ -2280,11 +2698,16 @@ spec: - "" - --appendonly - "no" - image: redis:5.0.9 + image: redis:5.0.8 imagePullPolicy: Always name: redis ports: - containerPort: 6379 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 --- apiVersion: apps/v1 kind: Deployment @@ -2310,13 +2733,8 @@ spec: - argocd-repo-server - --redis - argocd-redis:6379 - image: argoproj/argocd:v1.6.2 + image: argoproj/argocd:v1.7.0-rc1 imagePullPolicy: Always - livenessProbe: - initialDelaySeconds: 5 - periodSeconds: 10 - tcpSocket: - port: 8081 name: argocd-repo-server ports: - containerPort: 8081 @@ -2331,6 +2749,8 @@ spec: name: ssh-known-hosts - mountPath: /app/config/tls name: tls-certs + - mountPath: /app/config/gpg/source + name: gpg-keys volumes: - configMap: name: argocd-ssh-known-hosts-cm @@ -2338,6 +2758,9 @@ spec: - configMap: name: argocd-tls-certs-cm name: tls-certs + - configMap: + name: argocd-gpg-keys-cm + name: gpg-keys --- apiVersion: apps/v1 kind: Deployment @@ -2361,14 +2784,8 @@ spec: - argocd-server - --staticassets - /shared/app - image: argoproj/argocd:v1.6.2 + image: argoproj/argocd:v1.7.0-rc1 imagePullPolicy: Always - livenessProbe: - httpGet: - path: /healthz - port: 8080 - initialDelaySeconds: 3 - periodSeconds: 30 name: argocd-server ports: - containerPort: 8080