mirror of
https://github.com/argoproj/argo-cd.git
synced 2026-03-28 03:18:52 +01:00
Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
791b036d98 | ||
|
|
60c62a944b | ||
|
|
fe6efec8f4 | ||
|
|
6de4f7739b | ||
|
|
ed9149beea | ||
|
|
20447f7f57 | ||
|
|
7982a74600 | ||
|
|
b3ad040b2c | ||
|
|
30d8ce66e2 |
@@ -3,12 +3,11 @@ package pull_request
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http"
|
||||
|
||||
bitbucketv1 "github.com/gfleury/go-bitbucket-v1"
|
||||
log "github.com/sirupsen/logrus"
|
||||
|
||||
"github.com/argoproj/argo-cd/v3/applicationset/utils"
|
||||
"github.com/argoproj/argo-cd/v3/applicationset/services"
|
||||
)
|
||||
|
||||
type BitbucketService struct {
|
||||
@@ -49,15 +48,10 @@ func NewBitbucketServiceNoAuth(ctx context.Context, url, projectKey, repositoryS
|
||||
}
|
||||
|
||||
func newBitbucketService(ctx context.Context, bitbucketConfig *bitbucketv1.Configuration, projectKey, repositorySlug string, scmRootCAPath string, insecure bool, caCerts []byte) (PullRequestService, error) {
|
||||
bitbucketConfig.BasePath = utils.NormalizeBitbucketBasePath(bitbucketConfig.BasePath)
|
||||
tlsConfig := utils.GetTlsConfig(scmRootCAPath, insecure, caCerts)
|
||||
bitbucketConfig.HTTPClient = &http.Client{Transport: &http.Transport{
|
||||
TLSClientConfig: tlsConfig,
|
||||
}}
|
||||
bitbucketClient := bitbucketv1.NewAPIClient(ctx, bitbucketConfig)
|
||||
bbClient := services.SetupBitbucketClient(ctx, bitbucketConfig, scmRootCAPath, insecure, caCerts)
|
||||
|
||||
return &BitbucketService{
|
||||
client: bitbucketClient,
|
||||
client: bbClient,
|
||||
projectKey: projectKey,
|
||||
repositorySlug: repositorySlug,
|
||||
}, nil
|
||||
|
||||
@@ -10,7 +10,7 @@ import (
|
||||
bitbucketv1 "github.com/gfleury/go-bitbucket-v1"
|
||||
log "github.com/sirupsen/logrus"
|
||||
|
||||
"github.com/argoproj/argo-cd/v3/applicationset/utils"
|
||||
"github.com/argoproj/argo-cd/v3/applicationset/services"
|
||||
)
|
||||
|
||||
type BitbucketServerProvider struct {
|
||||
@@ -49,15 +49,10 @@ func NewBitbucketServerProviderNoAuth(ctx context.Context, url, projectKey strin
|
||||
}
|
||||
|
||||
func newBitbucketServerProvider(ctx context.Context, bitbucketConfig *bitbucketv1.Configuration, projectKey string, allBranches bool, scmRootCAPath string, insecure bool, caCerts []byte) (*BitbucketServerProvider, error) {
|
||||
bitbucketConfig.BasePath = utils.NormalizeBitbucketBasePath(bitbucketConfig.BasePath)
|
||||
tlsConfig := utils.GetTlsConfig(scmRootCAPath, insecure, caCerts)
|
||||
bitbucketConfig.HTTPClient = &http.Client{Transport: &http.Transport{
|
||||
TLSClientConfig: tlsConfig,
|
||||
}}
|
||||
bitbucketClient := bitbucketv1.NewAPIClient(ctx, bitbucketConfig)
|
||||
bbClient := services.SetupBitbucketClient(ctx, bitbucketConfig, scmRootCAPath, insecure, caCerts)
|
||||
|
||||
return &BitbucketServerProvider{
|
||||
client: bitbucketClient,
|
||||
client: bbClient,
|
||||
projectKey: projectKey,
|
||||
allBranches: allBranches,
|
||||
}, nil
|
||||
|
||||
22
applicationset/services/util.go
Normal file
22
applicationset/services/util.go
Normal file
@@ -0,0 +1,22 @@
|
||||
package services
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
|
||||
bitbucketv1 "github.com/gfleury/go-bitbucket-v1"
|
||||
|
||||
"github.com/argoproj/argo-cd/v3/applicationset/utils"
|
||||
)
|
||||
|
||||
// SetupBitbucketClient configures and creates a Bitbucket API client with TLS settings
|
||||
func SetupBitbucketClient(ctx context.Context, config *bitbucketv1.Configuration, scmRootCAPath string, insecure bool, caCerts []byte) *bitbucketv1.APIClient {
|
||||
config.BasePath = utils.NormalizeBitbucketBasePath(config.BasePath)
|
||||
tlsConfig := utils.GetTlsConfig(scmRootCAPath, insecure, caCerts)
|
||||
|
||||
transport := http.DefaultTransport.(*http.Transport).Clone()
|
||||
transport.TLSClientConfig = tlsConfig
|
||||
config.HTTPClient = &http.Client{Transport: transport}
|
||||
|
||||
return bitbucketv1.NewAPIClient(ctx, config)
|
||||
}
|
||||
36
applicationset/services/util_test.go
Normal file
36
applicationset/services/util_test.go
Normal file
@@ -0,0 +1,36 @@
|
||||
package services
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"net/http"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
bitbucketv1 "github.com/gfleury/go-bitbucket-v1"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestSetupBitbucketClient(t *testing.T) {
|
||||
ctx := t.Context()
|
||||
cfg := &bitbucketv1.Configuration{}
|
||||
|
||||
// Act
|
||||
client := SetupBitbucketClient(ctx, cfg, "", false, nil)
|
||||
|
||||
// Assert
|
||||
require.NotNil(t, client, "expected client to be created")
|
||||
require.NotNil(t, cfg.HTTPClient, "expected HTTPClient to be set")
|
||||
|
||||
// The transport should be a clone of DefaultTransport
|
||||
tr, ok := cfg.HTTPClient.Transport.(*http.Transport)
|
||||
require.True(t, ok, "expected HTTPClient.Transport to be *http.Transport")
|
||||
require.NotSame(t, http.DefaultTransport, tr, "transport should be a clone, not the global DefaultTransport")
|
||||
|
||||
// Ensure TLSClientConfig is set
|
||||
require.IsType(t, &tls.Config{}, tr.TLSClientConfig)
|
||||
|
||||
// Defaults from http.DefaultTransport.Clone() should be preserved
|
||||
require.Greater(t, tr.IdleConnTimeout, time.Duration(0), "IdleConnTimeout should be non-zero")
|
||||
require.Positive(t, tr.MaxIdleConns, "MaxIdleConns should be non-zero")
|
||||
require.Greater(t, tr.TLSHandshakeTimeout, time.Duration(0), "TLSHandshakeTimeout should be non-zero")
|
||||
}
|
||||
@@ -7,6 +7,7 @@
|
||||
# p, <role/user/group>, <resource>, <action>, <object>, <allow/deny>
|
||||
|
||||
p, role:readonly, applications, get, */*, allow
|
||||
p, role:readonly, applicationsets, get, */*, allow
|
||||
p, role:readonly, certificates, get, *, allow
|
||||
p, role:readonly, clusters, get, *, allow
|
||||
p, role:readonly, repositories, get, *, allow
|
||||
|
||||
|
@@ -11,4 +11,12 @@ Eg, `https://github.com/argoproj/argo-cd/manifests/ha/cluster-install?ref=v2.14.
|
||||
## Upgraded Helm Version
|
||||
|
||||
Helm was upgraded to 3.16.2 and the skipSchemaValidation Flag was added to
|
||||
the [CLI and Application CR](https://argo-cd.readthedocs.io/en/latest/user-guide/helm/#helm-skip-schema-validation).
|
||||
the [CLI and Application CR](https://argo-cd.readthedocs.io/en/latest/user-guide/helm/#helm-skip-schema-validation).
|
||||
|
||||
## Breaking Changes
|
||||
|
||||
## Sanitized project API response
|
||||
|
||||
Due to security reasons ([GHSA-786q-9hcg-v9ff](https://github.com/argoproj/argo-cd/security/advisories/GHSA-786q-9hcg-v9ff)),
|
||||
the project API response was sanitized to remove sensitive information. This includes
|
||||
credentials of project-scoped repositories and clusters.
|
||||
|
||||
@@ -492,3 +492,9 @@ resource.customizations.ignoreDifferences.apiextensions.k8s.io_CustomResourceDef
|
||||
```
|
||||
|
||||
More details for ignored resource updates in the [Diffing customization](../../user-guide/diffing.md) documentation.
|
||||
|
||||
### Sanitized project API response
|
||||
|
||||
Due to security reasons ([GHSA-786q-9hcg-v9ff](https://github.com/argoproj/argo-cd/security/advisories/GHSA-786q-9hcg-v9ff)),
|
||||
the project API response was sanitized to remove sensitive information. This includes
|
||||
credentials of project-scoped repositories and clusters.
|
||||
@@ -55,3 +55,11 @@ Argo CD v3.1 upgrades the bundled Helm version to 3.18.4. There are no breaking
|
||||
|
||||
Argo CD v3.1 upgrades the bundled Kustomize version to 5.7.0. There are no breaking changes in Kustomize 5.7 according
|
||||
to the [release notes](https://github.com/kubernetes-sigs/kustomize/releases/tag/kustomize%2Fv5.7.0).
|
||||
|
||||
## Breaking Changes
|
||||
|
||||
## Sanitized project API response
|
||||
|
||||
Due to security reasons ([GHSA-786q-9hcg-v9ff](https://github.com/argoproj/argo-cd/security/advisories/GHSA-786q-9hcg-v9ff)),
|
||||
the project API response was sanitized to remove sensitive information. This includes
|
||||
credentials of project-scoped repositories and clusters.
|
||||
|
||||
5
go.mod
5
go.mod
@@ -33,8 +33,9 @@ require (
|
||||
github.com/felixge/httpsnoop v1.0.4
|
||||
github.com/fsnotify/fsnotify v1.9.0
|
||||
github.com/gfleury/go-bitbucket-v1 v0.0.0-20240917142304-df385efaac68
|
||||
github.com/go-git/go-git/v5 v5.16.2
|
||||
github.com/go-jose/go-jose/v4 v4.1.0
|
||||
// DO NOT BUMP UNTIL go-git/go-git#1551 is fixed
|
||||
github.com/go-git/go-git/v5 v5.14.0
|
||||
github.com/go-jose/go-jose/v4 v4.1.2
|
||||
github.com/go-logr/logr v1.4.3
|
||||
github.com/go-openapi/loads v0.22.0
|
||||
github.com/go-openapi/runtime v0.28.0
|
||||
|
||||
8
go.sum
8
go.sum
@@ -301,13 +301,13 @@ github.com/go-git/go-billy/v5 v5.6.2 h1:6Q86EsPXMa7c3YZ3aLAQsMA0VlWmy43r6FHqa/UN
|
||||
github.com/go-git/go-billy/v5 v5.6.2/go.mod h1:rcFC2rAsp/erv7CMz9GczHcuD0D32fWzH+MJAU+jaUU=
|
||||
github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4=
|
||||
github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII=
|
||||
github.com/go-git/go-git/v5 v5.16.2 h1:fT6ZIOjE5iEnkzKyxTHK1W4HGAsPhqEqiSAssSO77hM=
|
||||
github.com/go-git/go-git/v5 v5.16.2/go.mod h1:4Ge4alE/5gPs30F2H1esi2gPd69R0C39lolkucHBOp8=
|
||||
github.com/go-git/go-git/v5 v5.14.0 h1:/MD3lCrGjCen5WfEAzKg00MJJffKhC8gzS80ycmCi60=
|
||||
github.com/go-git/go-git/v5 v5.14.0/go.mod h1:Z5Xhoia5PcWA3NF8vRLURn9E5FRhSl7dGj9ItW3Wk5k=
|
||||
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
|
||||
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
|
||||
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
|
||||
github.com/go-jose/go-jose/v4 v4.1.0 h1:cYSYxd3pw5zd2FSXk2vGdn9igQU2PS8MuxrCOCl0FdY=
|
||||
github.com/go-jose/go-jose/v4 v4.1.0/go.mod h1:GG/vqmYm3Von2nYiB2vGTXzdoNKE5tix5tuc6iAd+sw=
|
||||
github.com/go-jose/go-jose/v4 v4.1.2 h1:TK/7NqRQZfgAh+Td8AlsrvtPoUyiHh0LqVvokh+1vHI=
|
||||
github.com/go-jose/go-jose/v4 v4.1.2/go.mod h1:22cg9HWM1pOlnRiY+9cQYJ9XHmya1bYW8OeDM6Ku6Oo=
|
||||
github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
|
||||
github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
|
||||
github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
|
||||
|
||||
@@ -12,4 +12,4 @@ resources:
|
||||
images:
|
||||
- name: quay.io/argoproj/argocd
|
||||
newName: quay.io/argoproj/argocd
|
||||
newTag: v3.1.1
|
||||
newTag: v3.1.2
|
||||
|
||||
@@ -5,7 +5,7 @@ kind: Kustomization
|
||||
images:
|
||||
- name: quay.io/argoproj/argocd
|
||||
newName: quay.io/argoproj/argocd
|
||||
newTag: v3.1.1
|
||||
newTag: v3.1.2
|
||||
resources:
|
||||
- ./application-controller
|
||||
- ./dex
|
||||
|
||||
12
manifests/core-install-with-hydrator.yaml
generated
12
manifests/core-install-with-hydrator.yaml
generated
@@ -24699,7 +24699,7 @@ spec:
|
||||
key: applicationsetcontroller.requeue.after
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -24825,7 +24825,7 @@ spec:
|
||||
key: log.format.timestamp
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -24953,7 +24953,7 @@ spec:
|
||||
- argocd
|
||||
- admin
|
||||
- redis-initial-password
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: secret-init
|
||||
securityContext:
|
||||
@@ -25244,7 +25244,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -25296,7 +25296,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -25638,7 +25638,7 @@ spec:
|
||||
optional: true
|
||||
- name: KUBECACHEDIR
|
||||
value: /tmp/kubecache
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
|
||||
10
manifests/core-install.yaml
generated
10
manifests/core-install.yaml
generated
@@ -24667,7 +24667,7 @@ spec:
|
||||
key: applicationsetcontroller.requeue.after
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -24787,7 +24787,7 @@ spec:
|
||||
- argocd
|
||||
- admin
|
||||
- redis-initial-password
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: secret-init
|
||||
securityContext:
|
||||
@@ -25078,7 +25078,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -25130,7 +25130,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -25472,7 +25472,7 @@ spec:
|
||||
optional: true
|
||||
- name: KUBECACHEDIR
|
||||
value: /tmp/kubecache
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
|
||||
@@ -12,4 +12,4 @@ resources:
|
||||
images:
|
||||
- name: quay.io/argoproj/argocd
|
||||
newName: quay.io/argoproj/argocd
|
||||
newTag: v3.1.1
|
||||
newTag: v3.1.2
|
||||
|
||||
@@ -12,7 +12,7 @@ patches:
|
||||
images:
|
||||
- name: quay.io/argoproj/argocd
|
||||
newName: quay.io/argoproj/argocd
|
||||
newTag: v3.1.1
|
||||
newTag: v3.1.2
|
||||
resources:
|
||||
- ../../base/application-controller
|
||||
- ../../base/applicationset-controller
|
||||
|
||||
18
manifests/ha/install-with-hydrator.yaml
generated
18
manifests/ha/install-with-hydrator.yaml
generated
@@ -26065,7 +26065,7 @@ spec:
|
||||
key: applicationsetcontroller.requeue.after
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -26191,7 +26191,7 @@ spec:
|
||||
key: log.format.timestamp
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -26342,7 +26342,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: copyutil
|
||||
securityContext:
|
||||
@@ -26438,7 +26438,7 @@ spec:
|
||||
key: notificationscontroller.repo.server.plaintext
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
@@ -26562,7 +26562,7 @@ spec:
|
||||
- argocd
|
||||
- admin
|
||||
- redis-initial-password
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: secret-init
|
||||
securityContext:
|
||||
@@ -26879,7 +26879,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -26931,7 +26931,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -27305,7 +27305,7 @@ spec:
|
||||
key: server.sync.replace.allowed
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
@@ -27683,7 +27683,7 @@ spec:
|
||||
optional: true
|
||||
- name: KUBECACHEDIR
|
||||
value: /tmp/kubecache
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
|
||||
16
manifests/ha/install.yaml
generated
16
manifests/ha/install.yaml
generated
@@ -26035,7 +26035,7 @@ spec:
|
||||
key: applicationsetcontroller.requeue.after
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -26178,7 +26178,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: copyutil
|
||||
securityContext:
|
||||
@@ -26274,7 +26274,7 @@ spec:
|
||||
key: notificationscontroller.repo.server.plaintext
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
@@ -26398,7 +26398,7 @@ spec:
|
||||
- argocd
|
||||
- admin
|
||||
- redis-initial-password
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: secret-init
|
||||
securityContext:
|
||||
@@ -26715,7 +26715,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -26767,7 +26767,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -27141,7 +27141,7 @@ spec:
|
||||
key: server.sync.replace.allowed
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
@@ -27519,7 +27519,7 @@ spec:
|
||||
optional: true
|
||||
- name: KUBECACHEDIR
|
||||
value: /tmp/kubecache
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
|
||||
18
manifests/ha/namespace-install-with-hydrator.yaml
generated
18
manifests/ha/namespace-install-with-hydrator.yaml
generated
@@ -1868,7 +1868,7 @@ spec:
|
||||
key: applicationsetcontroller.requeue.after
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -1994,7 +1994,7 @@ spec:
|
||||
key: log.format.timestamp
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -2145,7 +2145,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: copyutil
|
||||
securityContext:
|
||||
@@ -2241,7 +2241,7 @@ spec:
|
||||
key: notificationscontroller.repo.server.plaintext
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
@@ -2365,7 +2365,7 @@ spec:
|
||||
- argocd
|
||||
- admin
|
||||
- redis-initial-password
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: secret-init
|
||||
securityContext:
|
||||
@@ -2682,7 +2682,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -2734,7 +2734,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -3108,7 +3108,7 @@ spec:
|
||||
key: server.sync.replace.allowed
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
@@ -3486,7 +3486,7 @@ spec:
|
||||
optional: true
|
||||
- name: KUBECACHEDIR
|
||||
value: /tmp/kubecache
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
|
||||
16
manifests/ha/namespace-install.yaml
generated
16
manifests/ha/namespace-install.yaml
generated
@@ -1838,7 +1838,7 @@ spec:
|
||||
key: applicationsetcontroller.requeue.after
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -1981,7 +1981,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: copyutil
|
||||
securityContext:
|
||||
@@ -2077,7 +2077,7 @@ spec:
|
||||
key: notificationscontroller.repo.server.plaintext
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
@@ -2201,7 +2201,7 @@ spec:
|
||||
- argocd
|
||||
- admin
|
||||
- redis-initial-password
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: secret-init
|
||||
securityContext:
|
||||
@@ -2518,7 +2518,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -2570,7 +2570,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -2944,7 +2944,7 @@ spec:
|
||||
key: server.sync.replace.allowed
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
@@ -3322,7 +3322,7 @@ spec:
|
||||
optional: true
|
||||
- name: KUBECACHEDIR
|
||||
value: /tmp/kubecache
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
|
||||
18
manifests/install-with-hydrator.yaml
generated
18
manifests/install-with-hydrator.yaml
generated
@@ -25159,7 +25159,7 @@ spec:
|
||||
key: applicationsetcontroller.requeue.after
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -25285,7 +25285,7 @@ spec:
|
||||
key: log.format.timestamp
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -25436,7 +25436,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: copyutil
|
||||
securityContext:
|
||||
@@ -25532,7 +25532,7 @@ spec:
|
||||
key: notificationscontroller.repo.server.plaintext
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
@@ -25634,7 +25634,7 @@ spec:
|
||||
- argocd
|
||||
- admin
|
||||
- redis-initial-password
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: secret-init
|
||||
securityContext:
|
||||
@@ -25925,7 +25925,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -25977,7 +25977,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -26349,7 +26349,7 @@ spec:
|
||||
key: server.sync.replace.allowed
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
@@ -26727,7 +26727,7 @@ spec:
|
||||
optional: true
|
||||
- name: KUBECACHEDIR
|
||||
value: /tmp/kubecache
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
|
||||
16
manifests/install.yaml
generated
16
manifests/install.yaml
generated
@@ -25127,7 +25127,7 @@ spec:
|
||||
key: applicationsetcontroller.requeue.after
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -25270,7 +25270,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: copyutil
|
||||
securityContext:
|
||||
@@ -25366,7 +25366,7 @@ spec:
|
||||
key: notificationscontroller.repo.server.plaintext
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
@@ -25468,7 +25468,7 @@ spec:
|
||||
- argocd
|
||||
- admin
|
||||
- redis-initial-password
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: secret-init
|
||||
securityContext:
|
||||
@@ -25759,7 +25759,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -25811,7 +25811,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -26183,7 +26183,7 @@ spec:
|
||||
key: server.sync.replace.allowed
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
@@ -26561,7 +26561,7 @@ spec:
|
||||
optional: true
|
||||
- name: KUBECACHEDIR
|
||||
value: /tmp/kubecache
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
|
||||
18
manifests/namespace-install-with-hydrator.yaml
generated
18
manifests/namespace-install-with-hydrator.yaml
generated
@@ -962,7 +962,7 @@ spec:
|
||||
key: applicationsetcontroller.requeue.after
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -1088,7 +1088,7 @@ spec:
|
||||
key: log.format.timestamp
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -1239,7 +1239,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: copyutil
|
||||
securityContext:
|
||||
@@ -1335,7 +1335,7 @@ spec:
|
||||
key: notificationscontroller.repo.server.plaintext
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
@@ -1437,7 +1437,7 @@ spec:
|
||||
- argocd
|
||||
- admin
|
||||
- redis-initial-password
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: secret-init
|
||||
securityContext:
|
||||
@@ -1728,7 +1728,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -1780,7 +1780,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -2152,7 +2152,7 @@ spec:
|
||||
key: server.sync.replace.allowed
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
@@ -2530,7 +2530,7 @@ spec:
|
||||
optional: true
|
||||
- name: KUBECACHEDIR
|
||||
value: /tmp/kubecache
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
|
||||
16
manifests/namespace-install.yaml
generated
16
manifests/namespace-install.yaml
generated
@@ -930,7 +930,7 @@ spec:
|
||||
key: applicationsetcontroller.requeue.after
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-applicationset-controller
|
||||
ports:
|
||||
@@ -1073,7 +1073,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /shared/argocd-dex
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: copyutil
|
||||
securityContext:
|
||||
@@ -1169,7 +1169,7 @@ spec:
|
||||
key: notificationscontroller.repo.server.plaintext
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
@@ -1271,7 +1271,7 @@ spec:
|
||||
- argocd
|
||||
- admin
|
||||
- redis-initial-password
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: secret-init
|
||||
securityContext:
|
||||
@@ -1562,7 +1562,7 @@ spec:
|
||||
value: /helm-working-dir
|
||||
- name: HELM_DATA_HOME
|
||||
value: /helm-working-dir
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
@@ -1614,7 +1614,7 @@ spec:
|
||||
- -n
|
||||
- /usr/local/bin/argocd
|
||||
- /var/run/argocd/argocd-cmp-server
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
name: copyutil
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -1986,7 +1986,7 @@ spec:
|
||||
key: server.sync.replace.allowed
|
||||
name: argocd-cmd-params-cm
|
||||
optional: true
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
@@ -2364,7 +2364,7 @@ spec:
|
||||
optional: true
|
||||
- name: KUBECACHEDIR
|
||||
value: /tmp/kubecache
|
||||
image: quay.io/argoproj/argocd:v3.1.1
|
||||
image: quay.io/argoproj/argocd:v3.1.2
|
||||
imagePullPolicy: Always
|
||||
name: argocd-application-controller
|
||||
ports:
|
||||
|
||||
@@ -347,7 +347,6 @@ func (repo *Repository) Sanitized() *Repository {
|
||||
Repo: repo.Repo,
|
||||
Type: repo.Type,
|
||||
Name: repo.Name,
|
||||
Username: repo.Username,
|
||||
Insecure: repo.IsInsecure(),
|
||||
EnableLFS: repo.EnableLFS,
|
||||
EnableOCI: repo.EnableOCI,
|
||||
|
||||
@@ -2234,6 +2234,32 @@ type Cluster struct {
|
||||
Annotations map[string]string `json:"annotations,omitempty" protobuf:"bytes,13,opt,name=annotations"`
|
||||
}
|
||||
|
||||
func (c *Cluster) Sanitized() *Cluster {
|
||||
return &Cluster{
|
||||
ID: c.ID,
|
||||
Server: c.Server,
|
||||
Name: c.Name,
|
||||
Project: c.Project,
|
||||
Namespaces: c.Namespaces,
|
||||
Shard: c.Shard,
|
||||
Labels: c.Labels,
|
||||
Annotations: c.Annotations,
|
||||
ClusterResources: c.ClusterResources,
|
||||
ConnectionState: c.ConnectionState,
|
||||
ServerVersion: c.ServerVersion,
|
||||
Info: c.Info,
|
||||
RefreshRequestedAt: c.RefreshRequestedAt,
|
||||
Config: ClusterConfig{
|
||||
AWSAuthConfig: c.Config.AWSAuthConfig,
|
||||
ProxyUrl: c.Config.ProxyUrl,
|
||||
DisableCompression: c.Config.DisableCompression,
|
||||
TLSClientConfig: TLSClientConfig{
|
||||
Insecure: c.Config.Insecure,
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
// Equals returns true if two cluster objects are considered to be equal
|
||||
func (c *Cluster) Equals(other *Cluster) bool {
|
||||
if c.Server != other.Server {
|
||||
|
||||
@@ -4543,3 +4543,58 @@ func TestCluster_ParseProxyUrl(t *testing.T) {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestSanitized(t *testing.T) {
|
||||
now := metav1.Now()
|
||||
cluster := &Cluster{
|
||||
ID: "123",
|
||||
Server: "https://example.com",
|
||||
Name: "example",
|
||||
ServerVersion: "v1.0.0",
|
||||
Namespaces: []string{"default", "kube-system"},
|
||||
Project: "default",
|
||||
Labels: map[string]string{
|
||||
"env": "production",
|
||||
},
|
||||
Annotations: map[string]string{
|
||||
"annotation-key": "annotation-value",
|
||||
},
|
||||
ConnectionState: ConnectionState{
|
||||
Status: ConnectionStatusSuccessful,
|
||||
Message: "Connection successful",
|
||||
ModifiedAt: &now,
|
||||
},
|
||||
Config: ClusterConfig{
|
||||
Username: "admin",
|
||||
Password: "password123",
|
||||
BearerToken: "abc",
|
||||
TLSClientConfig: TLSClientConfig{
|
||||
Insecure: true,
|
||||
},
|
||||
ExecProviderConfig: &ExecProviderConfig{
|
||||
Command: "test",
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
assert.Equal(t, &Cluster{
|
||||
ID: "123",
|
||||
Server: "https://example.com",
|
||||
Name: "example",
|
||||
ServerVersion: "v1.0.0",
|
||||
Namespaces: []string{"default", "kube-system"},
|
||||
Project: "default",
|
||||
Labels: map[string]string{"env": "production"},
|
||||
Annotations: map[string]string{"annotation-key": "annotation-value"},
|
||||
ConnectionState: ConnectionState{
|
||||
Status: ConnectionStatusSuccessful,
|
||||
Message: "Connection successful",
|
||||
ModifiedAt: &now,
|
||||
},
|
||||
Config: ClusterConfig{
|
||||
TLSClientConfig: TLSClientConfig{
|
||||
Insecure: true,
|
||||
},
|
||||
},
|
||||
}, cluster.Sanitized())
|
||||
}
|
||||
|
||||
@@ -15,4 +15,7 @@ end
|
||||
if forcePromote then
|
||||
actions["force-promote"]["disabled"] = false
|
||||
else
|
||||
actions["force-promote"]["disabled"] = true
|
||||
actions["force-promote"]["disabled"] = true
|
||||
end
|
||||
|
||||
return actions
|
||||
@@ -7,4 +7,28 @@ actionTests:
|
||||
expectedOutputPath: testdata/monovertex.yaml
|
||||
- action: force-promote
|
||||
inputPath: testdata/monovertex.yaml
|
||||
expectedOutputPath: testdata/monovertex-force-promote.yaml
|
||||
expectedOutputPath: testdata/monovertex-force-promote.yaml
|
||||
|
||||
discoveryTests:
|
||||
- inputPath: testdata/monovertex.yaml
|
||||
result:
|
||||
- name: pause
|
||||
disabled: false
|
||||
iconClass: 'fa-solid fa-fw fa-pause'
|
||||
- name: unpause
|
||||
disabled: true
|
||||
iconClass: 'fa-solid fa-fw fa-play'
|
||||
- name: force-promote
|
||||
disabled: false
|
||||
iconClass: 'fa-solid fa-fw fa-forward'
|
||||
- inputPath: testdata/monovertex-paused.yaml
|
||||
result:
|
||||
- name: pause
|
||||
disabled: true
|
||||
iconClass: 'fa-solid fa-fw fa-pause'
|
||||
- name: unpause
|
||||
disabled: false
|
||||
iconClass: 'fa-solid fa-fw fa-play'
|
||||
- name: force-promote
|
||||
disabled: false
|
||||
iconClass: 'fa-solid fa-fw fa-forward'
|
||||
|
||||
@@ -34,4 +34,7 @@ end
|
||||
if forcePromote then
|
||||
actions["force-promote"]["disabled"] = false
|
||||
else
|
||||
actions["force-promote"]["disabled"] = true
|
||||
actions["force-promote"]["disabled"] = true
|
||||
end
|
||||
|
||||
return actions
|
||||
@@ -7,4 +7,28 @@ actionTests:
|
||||
expectedOutputPath: testdata/pipeline.yaml
|
||||
- action: force-promote
|
||||
inputPath: testdata/pipeline.yaml
|
||||
expectedOutputPath: testdata/pipeline-force-promote.yaml
|
||||
expectedOutputPath: testdata/pipeline-force-promote.yaml
|
||||
|
||||
discoveryTests:
|
||||
- inputPath: testdata/pipeline.yaml
|
||||
result:
|
||||
- name: pause
|
||||
disabled: false
|
||||
iconClass: 'fa-solid fa-fw fa-pause'
|
||||
- name: unpause
|
||||
disabled: true
|
||||
iconClass: 'fa-solid fa-fw fa-play'
|
||||
- name: force-promote
|
||||
disabled: false
|
||||
iconClass: 'fa-solid fa-fw fa-forward'
|
||||
- inputPath: testdata/pipeline-paused.yaml
|
||||
result:
|
||||
- name: pause
|
||||
disabled: true
|
||||
iconClass: 'fa-solid fa-fw fa-pause'
|
||||
- name: unpause
|
||||
disabled: false
|
||||
iconClass: 'fa-solid fa-fw fa-play'
|
||||
- name: force-promote
|
||||
disabled: false
|
||||
iconClass: 'fa-solid fa-fw fa-forward'
|
||||
|
||||
@@ -34,4 +34,7 @@ end
|
||||
if forcePromote then
|
||||
actions["force-promote"]["disabled"] = false
|
||||
else
|
||||
actions["force-promote"]["disabled"] = true
|
||||
actions["force-promote"]["disabled"] = true
|
||||
end
|
||||
|
||||
return actions
|
||||
@@ -4,6 +4,13 @@ if obj.spec.suspend ~= nil and obj.spec.suspend == true then
|
||||
hs.status = "Suspended"
|
||||
return hs
|
||||
end
|
||||
-- Helm repositories of type "oci" do not contain any information in the status
|
||||
-- https://fluxcd.io/flux/components/source/helmrepositories/#helmrepository-status
|
||||
if obj.spec.type ~= nil and obj.spec.type == "oci" then
|
||||
hs.message = "Helm repositories of type 'oci' do not contain any information in the status."
|
||||
hs.status = "Healthy"
|
||||
return hs
|
||||
end
|
||||
if obj.status ~= nil then
|
||||
if obj.status.conditions ~= nil then
|
||||
local numProgressing = 0
|
||||
|
||||
@@ -11,3 +11,7 @@ tests:
|
||||
status: Healthy
|
||||
message: Succeeded
|
||||
inputPath: testdata/healthy.yaml
|
||||
- healthStatus:
|
||||
status: Healthy
|
||||
message: "Helm repositories of type 'oci' do not contain any information in the status."
|
||||
inputPath: testdata/oci.yaml
|
||||
|
||||
10
resource_customizations/source.toolkit.fluxcd.io/HelmRepository/testdata/oci.yaml
vendored
Normal file
10
resource_customizations/source.toolkit.fluxcd.io/HelmRepository/testdata/oci.yaml
vendored
Normal file
@@ -0,0 +1,10 @@
|
||||
apiVersion: source.toolkit.fluxcd.io/v1
|
||||
kind: HelmRepository
|
||||
metadata:
|
||||
name: podinfo
|
||||
namespace: default
|
||||
spec:
|
||||
type: "oci"
|
||||
interval: 5m0s
|
||||
url: oci://ghcr.io/stefanprodan/charts
|
||||
status: {}
|
||||
@@ -471,19 +471,8 @@ func (s *Server) RotateAuth(ctx context.Context, q *cluster.ClusterQuery) (*clus
|
||||
}
|
||||
|
||||
func (s *Server) toAPIResponse(clust *appv1.Cluster) *appv1.Cluster {
|
||||
clust = clust.Sanitized()
|
||||
_ = s.cache.GetClusterInfo(clust.Server, &clust.Info)
|
||||
|
||||
clust.Config.Password = ""
|
||||
clust.Config.BearerToken = ""
|
||||
clust.Config.KeyData = nil
|
||||
if clust.Config.ExecProviderConfig != nil {
|
||||
// We can't know what the user has put into args or
|
||||
// env vars on the exec provider that might be sensitive
|
||||
// (e.g. --private-key=XXX, PASSWORD=XXX)
|
||||
// Implicitly assumes the command executable name is non-sensitive
|
||||
clust.Config.ExecProviderConfig.Env = make(map[string]string)
|
||||
clust.Config.ExecProviderConfig.Args = nil
|
||||
}
|
||||
// populate deprecated fields for backward compatibility
|
||||
//nolint:staticcheck
|
||||
clust.ServerVersion = clust.Info.ServerVersion
|
||||
|
||||
@@ -310,12 +310,20 @@ func (s *Server) GetDetailedProject(ctx context.Context, q *project.ProjectQuery
|
||||
}
|
||||
proj.NormalizeJWTTokens()
|
||||
globalProjects := argo.GetGlobalProjects(proj, listersv1alpha1.NewAppProjectLister(s.projInformer.GetIndexer()), s.settingsMgr)
|
||||
var apiRepos []*v1alpha1.Repository
|
||||
for _, repo := range repositories {
|
||||
apiRepos = append(apiRepos, repo.Normalize().Sanitized())
|
||||
}
|
||||
var apiClusters []*v1alpha1.Cluster
|
||||
for _, cluster := range clusters {
|
||||
apiClusters = append(apiClusters, cluster.Sanitized())
|
||||
}
|
||||
|
||||
return &project.DetailedProjectsResponse{
|
||||
GlobalProjects: globalProjects,
|
||||
Project: proj,
|
||||
Repositories: repositories,
|
||||
Clusters: clusters,
|
||||
Repositories: apiRepos,
|
||||
Clusters: apiClusters,
|
||||
}, err
|
||||
}
|
||||
|
||||
|
||||
@@ -313,7 +313,7 @@ func TestRepositoryServer(t *testing.T) {
|
||||
testRepo := &appsv1.Repository{
|
||||
Repo: url,
|
||||
Type: "git",
|
||||
Username: "foo",
|
||||
Username: "",
|
||||
InheritedCreds: true,
|
||||
}
|
||||
db.On("ListRepositories", t.Context()).Return([]*appsv1.Repository{testRepo}, nil)
|
||||
|
||||
@@ -12,7 +12,7 @@ FROM docker.io/library/golang:1.24.6@sha256:2c89c41fb9efc3807029b59af69645867cfe
|
||||
|
||||
FROM docker.io/library/registry:3.0@sha256:1fc7de654f2ac1247f0b67e8a459e273b0993be7d2beda1f3f56fbf1001ed3e7 AS registry
|
||||
|
||||
FROM docker.io/bitnami/kubectl:1.32@sha256:493d1b871556d48d6b25d471f192c2427571cd6f78523eebcaf4d263353c7487 AS kubectl
|
||||
FROM docker.io/bitnamilegacy/kubectl:1.32@sha256:493d1b871556d48d6b25d471f192c2427571cd6f78523eebcaf4d263353c7487 AS kubectl
|
||||
|
||||
FROM docker.io/library/ubuntu:24.04@sha256:1e622c5f073b4f6bfad6632f2616c7f59ef256e96fe78bf6a595d1dc4376ac02
|
||||
|
||||
|
||||
@@ -548,65 +548,73 @@ export const deletePopup = async (
|
||||
};
|
||||
|
||||
export async function getResourceActionsMenuItems(resource: ResourceTreeNode, metadata: models.ObjectMeta, apis: ContextApis): Promise<ActionMenuItem[]> {
|
||||
return services.applications.getResourceActions(metadata.name, metadata.namespace, resource).then(actions => {
|
||||
return actions.map(action => ({
|
||||
title: action.displayName ?? action.name,
|
||||
disabled: !!action.disabled,
|
||||
iconClassName: action.iconClass,
|
||||
action: async () => {
|
||||
const confirmed = false;
|
||||
const title = action.params ? `Enter input parameters for action: ${action.name}` : `Perform ${action.name} action?`;
|
||||
await apis.popup.prompt(
|
||||
title,
|
||||
api => (
|
||||
<div>
|
||||
{!action.params && (
|
||||
<div className='argo-form-row'>
|
||||
<div> Are you sure you want to perform {action.name} action?</div>
|
||||
</div>
|
||||
)}
|
||||
{action.params &&
|
||||
action.params.map((param, index) => (
|
||||
<div className='argo-form-row' key={index}>
|
||||
<FormField label={param.name} field={param.name} formApi={api} component={Text} />
|
||||
// Don't call API for missing resources
|
||||
if (!resource.uid) {
|
||||
return [];
|
||||
}
|
||||
|
||||
return services.applications
|
||||
.getResourceActions(metadata.name, metadata.namespace, resource)
|
||||
.then(actions => {
|
||||
return actions.map(action => ({
|
||||
title: action.displayName ?? action.name,
|
||||
disabled: !!action.disabled,
|
||||
iconClassName: action.iconClass,
|
||||
action: async () => {
|
||||
const confirmed = false;
|
||||
const title = action.params ? `Enter input parameters for action: ${action.name}` : `Perform ${action.name} action?`;
|
||||
await apis.popup.prompt(
|
||||
title,
|
||||
api => (
|
||||
<div>
|
||||
{!action.params && (
|
||||
<div className='argo-form-row'>
|
||||
<div> Are you sure you want to perform {action.name} action?</div>
|
||||
</div>
|
||||
))}
|
||||
</div>
|
||||
),
|
||||
{
|
||||
submit: async (vals, _, close) => {
|
||||
try {
|
||||
const resourceActionParameters = action.params
|
||||
? action.params.map(param => ({
|
||||
name: param.name,
|
||||
value: vals[param.name] || param.default,
|
||||
type: param.type,
|
||||
default: param.default
|
||||
}))
|
||||
: [];
|
||||
await services.applications.runResourceAction(metadata.name, metadata.namespace, resource, action.name, resourceActionParameters);
|
||||
close();
|
||||
} catch (e) {
|
||||
apis.notifications.show({
|
||||
content: <ErrorNotification title='Unable to execute resource action' e={e} />,
|
||||
type: NotificationType.Error
|
||||
});
|
||||
)}
|
||||
{action.params &&
|
||||
action.params.map((param, index) => (
|
||||
<div className='argo-form-row' key={index}>
|
||||
<FormField label={param.name} field={param.name} formApi={api} component={Text} />
|
||||
</div>
|
||||
))}
|
||||
</div>
|
||||
),
|
||||
{
|
||||
submit: async (vals, _, close) => {
|
||||
try {
|
||||
const resourceActionParameters = action.params
|
||||
? action.params.map(param => ({
|
||||
name: param.name,
|
||||
value: vals[param.name] || param.default,
|
||||
type: param.type,
|
||||
default: param.default
|
||||
}))
|
||||
: [];
|
||||
await services.applications.runResourceAction(metadata.name, metadata.namespace, resource, action.name, resourceActionParameters);
|
||||
close();
|
||||
} catch (e) {
|
||||
apis.notifications.show({
|
||||
content: <ErrorNotification title='Unable to execute resource action' e={e} />,
|
||||
type: NotificationType.Error
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
null,
|
||||
null,
|
||||
action.params
|
||||
? action.params.reduce((acc, res) => {
|
||||
acc[res.name] = res.default;
|
||||
return acc;
|
||||
}, {} as any)
|
||||
: {}
|
||||
);
|
||||
return confirmed;
|
||||
}
|
||||
}));
|
||||
});
|
||||
},
|
||||
null,
|
||||
null,
|
||||
action.params
|
||||
? action.params.reduce((acc, res) => {
|
||||
acc[res.name] = res.default;
|
||||
return acc;
|
||||
}, {} as any)
|
||||
: {}
|
||||
);
|
||||
return confirmed;
|
||||
}
|
||||
}));
|
||||
})
|
||||
.catch(() => [] as ActionMenuItem[]);
|
||||
}
|
||||
|
||||
function getActionItems(
|
||||
@@ -694,20 +702,22 @@ function getActionItems(
|
||||
|
||||
const resourceActions = getResourceActionsMenuItems(resource, application.metadata, apis);
|
||||
|
||||
const links = services.applications
|
||||
.getResourceLinks(application.metadata.name, application.metadata.namespace, resource)
|
||||
.then(data => {
|
||||
return (data.items || []).map(
|
||||
link =>
|
||||
({
|
||||
title: link.title,
|
||||
iconClassName: `fa fa-fw ${link.iconClass ? link.iconClass : 'fa-external-link'}`,
|
||||
action: () => window.open(link.url, '_blank'),
|
||||
tooltip: link.description
|
||||
}) as MenuItem
|
||||
);
|
||||
})
|
||||
.catch(() => [] as MenuItem[]);
|
||||
const links = !resource.uid
|
||||
? Promise.resolve([])
|
||||
: services.applications
|
||||
.getResourceLinks(application.metadata.name, application.metadata.namespace, resource)
|
||||
.then(data => {
|
||||
return (data.items || []).map(
|
||||
link =>
|
||||
({
|
||||
title: link.title,
|
||||
iconClassName: `fa fa-fw ${link.iconClass ? link.iconClass : 'fa-external-link'}`,
|
||||
action: () => window.open(link.url, '_blank'),
|
||||
tooltip: link.description
|
||||
}) as MenuItem
|
||||
);
|
||||
})
|
||||
.catch(() => [] as MenuItem[]);
|
||||
|
||||
return combineLatest(
|
||||
from([items]), // this resolves immediately
|
||||
|
||||
190
util/helm/testdata/redis/README.md
vendored
190
util/helm/testdata/redis/README.md
vendored
@@ -49,101 +49,101 @@ The command removes all the Kubernetes components associated with the chart and
|
||||
|
||||
The following table lists the configurable parameters of the Redis chart and their default values.
|
||||
|
||||
| Parameter | Description | Default |
|
||||
|--------------------------------------------|----------------------------------------------------------------------------------------------------------------|--------------------------------------|
|
||||
| `image.registry` | Redis Image registry | `docker.io` |
|
||||
| `image.repository` | Redis Image name | `bitnami/redis` |
|
||||
| `image.tag` | Redis Image tag | `{VERSION}` |
|
||||
| `image.pullPolicy` | Image pull policy | `Always` |
|
||||
| `image.pullSecrets` | Specify docker-registry secret names as an array | `nil` |
|
||||
| `cluster.enabled` | Use master-slave topology | `true` |
|
||||
| `cluster.slaveCount` | Number of slaves | 1 |
|
||||
| `existingSecret` | Name of existing secret object (for password authentication) | `nil` |
|
||||
| `usePassword` | Use password | `true` |
|
||||
| `password` | Redis password (ignored if existingSecret set) | Randomly generated |
|
||||
| `networkPolicy.enabled` | Enable NetworkPolicy | `false` |
|
||||
| `networkPolicy.allowExternal` | Don't require client label for connections | `true` |
|
||||
| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` |
|
||||
| `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the fullname template |
|
||||
| `rbac.create` | Specifies whether RBAC resources should be created | `false` |
|
||||
| `rbac.role.rules` | Rules to create | `[]` |
|
||||
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
|
||||
| `metrics.image.registry` | Redis exporter image registry | `docker.io` |
|
||||
| `metrics.image.repository` | Redis exporter image name | `bitnami/redis` |
|
||||
| `metrics.image.tag` | Redis exporter image tag | `v0.20.2` |
|
||||
| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` |
|
||||
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `nil` |
|
||||
| `metrics.podLabels` | Additional labels for Metrics exporter pod | {} |
|
||||
| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | {} |
|
||||
| `master.service.type` | Kubernetes Service type (redis metrics) | `LoadBalancer` |
|
||||
| `metrics.service.annotations` | Annotations for the services to monitor (redis master and redis slave service) | {} |
|
||||
| `metrics.service.loadBalancerIP` | loadBalancerIP if redis metrics service type is `LoadBalancer` | `nil` |
|
||||
| `metrics.resources` | Exporter resource requests/limit | Memory: `256Mi`, CPU: `100m` |
|
||||
| `persistence.existingClaim` | Provide an existing PersistentVolumeClaim | `nil` |
|
||||
| `master.persistence.enabled` | Use a PVC to persist data (master node) | `true` |
|
||||
| `master.persistence.path` | Path to mount the volume at, to use other images | `/bitnami` |
|
||||
| `master.persistence.subPath` | Subdirectory of the volume to mount at | `""` |
|
||||
| `master.persistence.storageClass` | Storage class of backing PVC | `generic` |
|
||||
| `master.persistence.accessModes` | Persistent Volume Access Modes | `[ReadWriteOnce]` |
|
||||
| `master.persistence.size` | Size of data volume | `8Gi` |
|
||||
| `master.statefulset.updateStrategy` | Update strategy for StatefulSet | onDelete |
|
||||
| `master.statefulset.rollingUpdatePartition`| Partition update strategy | `nil` |
|
||||
| `master.podLabels` | Additional labels for Redis master pod | {} |
|
||||
| `master.podAnnotations` | Additional annotations for Redis master pod | {} |
|
||||
| `master.port` | Redis master port | 6379 |
|
||||
| `master.args` | Redis master command-line args | [] |
|
||||
| `master.disableCommands` | Comma-separated list of Redis commands to disable (master) | `FLUSHDB,FLUSHALL` |
|
||||
| `master.extraFlags` | Redis master additional command line flags | [] |
|
||||
| `master.nodeSelector` | Redis master Node labels for pod assignment | {"kubernetes.io/arch": "amd64"} |
|
||||
| `master.tolerations` | Toleration labels for Redis master pod assignment | [] |
|
||||
| `master.affinity ` | Affinity settings for Redis master pod assignment | [] |
|
||||
| `master.schedulerName` | Name of an alternate scheduler | `nil` |
|
||||
| `master.service.type` | Kubernetes Service type (redis master) | `ClusterIP` |
|
||||
| `master.service.annotations` | annotations for redis master service | {} |
|
||||
| `master.service.loadBalancerIP` | loadBalancerIP if redis master service type is `LoadBalancer` | `nil` |
|
||||
| `master.securityContext.enabled` | Enable security context (redis master pod) | `true` |
|
||||
| `master.securityContext.fsGroup` | Group ID for the container (redis master pod) | `1001` |
|
||||
| `master.securityContext.runAsUser` | User ID for the container (redis master pod) | `1001` |
|
||||
| `master.resources` | Redis master CPU/Memory resource requests/limits | Memory: `256Mi`, CPU: `100m` |
|
||||
| `master.livenessProbe.enabled` | Turn on and off liveness probe (redis master pod) | `true` |
|
||||
| `master.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (redis master pod) | `30` |
|
||||
| `master.livenessProbe.periodSeconds` | How often to perform the probe (redis master pod) | `30` |
|
||||
| `master.livenessProbe.timeoutSeconds` | When the probe times out (redis master pod) | `5` |
|
||||
| `master.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis master pod) | `1` |
|
||||
| `master.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` |
|
||||
| `master.readinessProbe.enabled` | Turn on and off readiness probe (redis master pod) | `true` |
|
||||
| `master.readinessProbe.initialDelaySeconds`| Delay before readiness probe is initiated (redis master pod) | `5` |
|
||||
| `master.readinessProbe.periodSeconds` | How often to perform the probe (redis master pod) | `10` |
|
||||
| `master.readinessProbe.timeoutSeconds` | When the probe times out (redis master pod) | `1` |
|
||||
| `master.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis master pod) | `1` |
|
||||
| `master.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` |
|
||||
| `slave.serviceType` | Kubernetes Service type (redis slave) | `LoadBalancer` |
|
||||
| `slave.service.annotations` | annotations for redis slave service | {} |
|
||||
| `slave.service.loadBalancerIP` | LoadBalancerIP if Redis slave service type is `LoadBalancer` | `nil` |
|
||||
| `slave.port` | Redis slave port | `master.port` |
|
||||
| `slave.args` | Redis slave command-line args | `master.args` |
|
||||
| `slave.disableCommands` | Comma-separated list of Redis commands to disable (slave) | `master.disableCommands` |
|
||||
| `slave.extraFlags` | Redis slave additional command line flags | `master.extraFlags` |
|
||||
| `slave.livenessProbe.enabled` | Turn on and off liveness probe (redis slave pod) | `master.livenessProbe.enabled` |
|
||||
| `slave.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (redis slave pod) | `master.livenessProbe.initialDelaySeconds` |
|
||||
| `slave.livenessProbe.periodSeconds` | How often to perform the probe (redis slave pod) | `master.livenessProbe.periodSeconds` |
|
||||
| `slave.livenessProbe.timeoutSeconds` | When the probe times out (redis slave pod) | `master.livenessProbe.timeoutSeconds` |
|
||||
| `slave.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis slave pod) | `master.livenessProbe.successThreshold` |
|
||||
| `slave.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `master.livenessProbe.failureThreshold` |
|
||||
| `slave.readinessProbe.enabled` | Turn on and off slave.readiness probe (redis slave pod) | `master.readinessProbe.enabled` |
|
||||
| `slave.readinessProbe.initialDelaySeconds` | Delay before slave.readiness probe is initiated (redis slave pod) | `master.readinessProbe.initialDelaySeconds` |
|
||||
| `slave.readinessProbe.periodSeconds` | How often to perform the probe (redis slave pod) | `master.readinessProbe.periodSeconds` |
|
||||
| `slave.readinessProbe.timeoutSeconds` | When the probe times out (redis slave pod) | `master.readinessProbe.timeoutSeconds` |
|
||||
| `slave.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis slave pod) | `master.readinessProbe.successThreshold` |
|
||||
| `slave.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. (redis slave pod) | `master.readinessProbe.failureThreshold` |
|
||||
| `slave.podLabels` | Additional labels for Redis slave pod | `master.podLabels` |
|
||||
| `slave.podAnnotations` | Additional annotations for Redis slave pod | `master.podAnnotations` |
|
||||
| `slave.schedulerName` | Name of an alternate scheduler | `nil` |
|
||||
| `slave.securityContext.enabled` | Enable security context (redis slave pod) | `master.securityContext.enabled` |
|
||||
| `slave.securityContext.fsGroup` | Group ID for the container (redis slave pod) | `master.securityContext.fsGroup` |
|
||||
| `slave.securityContext.runAsUser` | User ID for the container (redis slave pod) | `master.securityContext.runAsUser` |
|
||||
| `slave.resources` | Redis slave CPU/Memory resource requests/limits | `master.resources` |
|
||||
| `slave.affinity` | Enable node/pod affinity for slaves | {} |
|
||||
| Parameter | Description | Default |
|
||||
|--------------------------------------------|----------------------------------------------------------------------------------------------------------------|---------------------------------------------|
|
||||
| `image.registry` | Redis Image registry | `docker.io` |
|
||||
| `image.repository` | Redis Image name | `bitnamilegacy/redis` |
|
||||
| `image.tag` | Redis Image tag | `{VERSION}` |
|
||||
| `image.pullPolicy` | Image pull policy | `Always` |
|
||||
| `image.pullSecrets` | Specify docker-registry secret names as an array | `nil` |
|
||||
| `cluster.enabled` | Use master-slave topology | `true` |
|
||||
| `cluster.slaveCount` | Number of slaves | 1 |
|
||||
| `existingSecret` | Name of existing secret object (for password authentication) | `nil` |
|
||||
| `usePassword` | Use password | `true` |
|
||||
| `password` | Redis password (ignored if existingSecret set) | Randomly generated |
|
||||
| `networkPolicy.enabled` | Enable NetworkPolicy | `false` |
|
||||
| `networkPolicy.allowExternal` | Don't require client label for connections | `true` |
|
||||
| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` |
|
||||
| `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the fullname template |
|
||||
| `rbac.create` | Specifies whether RBAC resources should be created | `false` |
|
||||
| `rbac.role.rules` | Rules to create | `[]` |
|
||||
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
|
||||
| `metrics.image.registry` | Redis exporter image registry | `docker.io` |
|
||||
| `metrics.image.repository` | Redis exporter image name | `bitnamilegacy/redis` |
|
||||
| `metrics.image.tag` | Redis exporter image tag | `v0.20.2` |
|
||||
| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` |
|
||||
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `nil` |
|
||||
| `metrics.podLabels` | Additional labels for Metrics exporter pod | {} |
|
||||
| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | {} |
|
||||
| `master.service.type` | Kubernetes Service type (redis metrics) | `LoadBalancer` |
|
||||
| `metrics.service.annotations` | Annotations for the services to monitor (redis master and redis slave service) | {} |
|
||||
| `metrics.service.loadBalancerIP` | loadBalancerIP if redis metrics service type is `LoadBalancer` | `nil` |
|
||||
| `metrics.resources` | Exporter resource requests/limit | Memory: `256Mi`, CPU: `100m` |
|
||||
| `persistence.existingClaim` | Provide an existing PersistentVolumeClaim | `nil` |
|
||||
| `master.persistence.enabled` | Use a PVC to persist data (master node) | `true` |
|
||||
| `master.persistence.path` | Path to mount the volume at, to use other images | `/bitnami` |
|
||||
| `master.persistence.subPath` | Subdirectory of the volume to mount at | `""` |
|
||||
| `master.persistence.storageClass` | Storage class of backing PVC | `generic` |
|
||||
| `master.persistence.accessModes` | Persistent Volume Access Modes | `[ReadWriteOnce]` |
|
||||
| `master.persistence.size` | Size of data volume | `8Gi` |
|
||||
| `master.statefulset.updateStrategy` | Update strategy for StatefulSet | onDelete |
|
||||
| `master.statefulset.rollingUpdatePartition`| Partition update strategy | `nil` |
|
||||
| `master.podLabels` | Additional labels for Redis master pod | {} |
|
||||
| `master.podAnnotations` | Additional annotations for Redis master pod | {} |
|
||||
| `master.port` | Redis master port | 6379 |
|
||||
| `master.args` | Redis master command-line args | [] |
|
||||
| `master.disableCommands` | Comma-separated list of Redis commands to disable (master) | `FLUSHDB,FLUSHALL` |
|
||||
| `master.extraFlags` | Redis master additional command line flags | [] |
|
||||
| `master.nodeSelector` | Redis master Node labels for pod assignment | {"kubernetes.io/arch": "amd64"} |
|
||||
| `master.tolerations` | Toleration labels for Redis master pod assignment | [] |
|
||||
| `master.affinity ` | Affinity settings for Redis master pod assignment | [] |
|
||||
| `master.schedulerName` | Name of an alternate scheduler | `nil` |
|
||||
| `master.service.type` | Kubernetes Service type (redis master) | `ClusterIP` |
|
||||
| `master.service.annotations` | annotations for redis master service | {} |
|
||||
| `master.service.loadBalancerIP` | loadBalancerIP if redis master service type is `LoadBalancer` | `nil` |
|
||||
| `master.securityContext.enabled` | Enable security context (redis master pod) | `true` |
|
||||
| `master.securityContext.fsGroup` | Group ID for the container (redis master pod) | `1001` |
|
||||
| `master.securityContext.runAsUser` | User ID for the container (redis master pod) | `1001` |
|
||||
| `master.resources` | Redis master CPU/Memory resource requests/limits | Memory: `256Mi`, CPU: `100m` |
|
||||
| `master.livenessProbe.enabled` | Turn on and off liveness probe (redis master pod) | `true` |
|
||||
| `master.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (redis master pod) | `30` |
|
||||
| `master.livenessProbe.periodSeconds` | How often to perform the probe (redis master pod) | `30` |
|
||||
| `master.livenessProbe.timeoutSeconds` | When the probe times out (redis master pod) | `5` |
|
||||
| `master.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis master pod) | `1` |
|
||||
| `master.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` |
|
||||
| `master.readinessProbe.enabled` | Turn on and off readiness probe (redis master pod) | `true` |
|
||||
| `master.readinessProbe.initialDelaySeconds`| Delay before readiness probe is initiated (redis master pod) | `5` |
|
||||
| `master.readinessProbe.periodSeconds` | How often to perform the probe (redis master pod) | `10` |
|
||||
| `master.readinessProbe.timeoutSeconds` | When the probe times out (redis master pod) | `1` |
|
||||
| `master.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis master pod) | `1` |
|
||||
| `master.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` |
|
||||
| `slave.serviceType` | Kubernetes Service type (redis slave) | `LoadBalancer` |
|
||||
| `slave.service.annotations` | annotations for redis slave service | {} |
|
||||
| `slave.service.loadBalancerIP` | LoadBalancerIP if Redis slave service type is `LoadBalancer` | `nil` |
|
||||
| `slave.port` | Redis slave port | `master.port` |
|
||||
| `slave.args` | Redis slave command-line args | `master.args` |
|
||||
| `slave.disableCommands` | Comma-separated list of Redis commands to disable (slave) | `master.disableCommands` |
|
||||
| `slave.extraFlags` | Redis slave additional command line flags | `master.extraFlags` |
|
||||
| `slave.livenessProbe.enabled` | Turn on and off liveness probe (redis slave pod) | `master.livenessProbe.enabled` |
|
||||
| `slave.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (redis slave pod) | `master.livenessProbe.initialDelaySeconds` |
|
||||
| `slave.livenessProbe.periodSeconds` | How often to perform the probe (redis slave pod) | `master.livenessProbe.periodSeconds` |
|
||||
| `slave.livenessProbe.timeoutSeconds` | When the probe times out (redis slave pod) | `master.livenessProbe.timeoutSeconds` |
|
||||
| `slave.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis slave pod) | `master.livenessProbe.successThreshold` |
|
||||
| `slave.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `master.livenessProbe.failureThreshold` |
|
||||
| `slave.readinessProbe.enabled` | Turn on and off slave.readiness probe (redis slave pod) | `master.readinessProbe.enabled` |
|
||||
| `slave.readinessProbe.initialDelaySeconds` | Delay before slave.readiness probe is initiated (redis slave pod) | `master.readinessProbe.initialDelaySeconds` |
|
||||
| `slave.readinessProbe.periodSeconds` | How often to perform the probe (redis slave pod) | `master.readinessProbe.periodSeconds` |
|
||||
| `slave.readinessProbe.timeoutSeconds` | When the probe times out (redis slave pod) | `master.readinessProbe.timeoutSeconds` |
|
||||
| `slave.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis slave pod) | `master.readinessProbe.successThreshold` |
|
||||
| `slave.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. (redis slave pod) | `master.readinessProbe.failureThreshold` |
|
||||
| `slave.podLabels` | Additional labels for Redis slave pod | `master.podLabels` |
|
||||
| `slave.podAnnotations` | Additional annotations for Redis slave pod | `master.podAnnotations` |
|
||||
| `slave.schedulerName` | Name of an alternate scheduler | `nil` |
|
||||
| `slave.securityContext.enabled` | Enable security context (redis slave pod) | `master.securityContext.enabled` |
|
||||
| `slave.securityContext.fsGroup` | Group ID for the container (redis slave pod) | `master.securityContext.fsGroup` |
|
||||
| `slave.securityContext.runAsUser` | User ID for the container (redis slave pod) | `master.securityContext.runAsUser` |
|
||||
| `slave.resources` | Redis slave CPU/Memory resource requests/limits | `master.resources` |
|
||||
| `slave.affinity` | Enable node/pod affinity for slaves | {} |
|
||||
|
||||
The above parameters map to the env variables defined in [bitnami/redis](https://github.com/bitnami/bitnami-docker-redis). For more information please refer to the [bitnami/redis](https://github.com/bitnami/bitnami-docker-redis) image documentation.
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
##
|
||||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/redis
|
||||
repository: bitnamilegacy/redis
|
||||
tag: 4.0.10-debian-9
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets.
|
||||
|
||||
2
util/helm/testdata/redis/values.yaml
vendored
2
util/helm/testdata/redis/values.yaml
vendored
@@ -3,7 +3,7 @@
|
||||
##
|
||||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/redis
|
||||
repository: bitnamilegacy/redis
|
||||
tag: 4.0.10-debian-9
|
||||
## Specify a imagePullPolicy
|
||||
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
||||
|
||||
Reference in New Issue
Block a user