diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 115eb88d..79e8a9e2 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 0.1.62 +appVersion: 0.1.64 description: A Helm chart for Codefresh gitops runtime name: gitops-runtime version: 0.0.0 @@ -16,7 +16,7 @@ annotations: dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm - version: 7.4.7-5-cap-2.12.3-2024.10.28-20100fc54 + version: 7.4.7-6-cap-2.12.3-2024.11.14-d7a4c4e7e - name: argo-events repository: https://codefresh-io.github.io/argo-helm version: 2.4.7-1-cap-CR-24607 @@ -31,18 +31,19 @@ dependencies: - name: sealed-secrets repository: https://bitnami-labs.github.io/sealed-secrets/ version: 2.16.1 + condition: sealed-secrets.enabled - name: codefresh-tunnel-client repository: oci://quay.io/codefresh/charts - version: 0.1.17 + version: 0.1.18 alias: tunnel-client condition: tunnel-client.enabled - name: codefresh-gitops-operator - repository: oci://quay.io/codefresh/charts - version: 0.3.6 + repository: oci://quay.io/codefresh/charts/dev + version: 0.0.0-feat-cr-24670-namespaced-install alias: gitops-operator condition: gitops-operator.enabled - name: garage repository: https://codefresh-io.github.io/garage alias: garage-workflows-artifact-storage - version: 0.5.0-cf.1 + version: 0.5.0-cf.2 condition: garage-workflows-artifact-storage.enabled diff --git a/charts/gitops-runtime/templates/_helpers.tpl b/charts/gitops-runtime/templates/_helpers.tpl index 82219aed..67c3b9bf 100644 --- a/charts/gitops-runtime/templates/_helpers.tpl +++ b/charts/gitops-runtime/templates/_helpers.tpl @@ -135,15 +135,24 @@ Determine argocd server service port. Must be called with chart root context Determine argocd server url. Must be called with chart root context */}} {{- define "codefresh-gitops-runtime.argocd.server.url" -}} -{{- $argoCDValues := (get .Values "argo-cd") }} {{- $protocol := "https" }} -{{- $serverName := include "codefresh-gitops-runtime.argocd.server.servicename" . }} {{- $port := include "codefresh-gitops-runtime.argocd.server.serviceport" . }} -{{- $path := (get $argoCDValues.configs.params "server.rootpath") }} {{- if (eq $port "80") }} {{- $protocol = "http" }} {{- end }} -{{- printf "%s://%s:%s%s" $protocol $serverName $port $path }} +{{- $url := include "codefresh-gitops-runtime.argocd.server.no-protocol-url" . }} +{{- printf "%s://%s" $protocol $url }} +{{- end}} + +{{/* +Determine argocd server url witout the protocol. Must be called with chart root context +*/}} +{{- define "codefresh-gitops-runtime.argocd.server.no-protocol-url" -}} +{{- $argoCDValues := (get .Values "argo-cd") }} +{{- $serverName := include "codefresh-gitops-runtime.argocd.server.servicename" . }} +{{- $port := include "codefresh-gitops-runtime.argocd.server.serviceport" . }} +{{- $path := (get $argoCDValues.configs.params "server.rootpath") }} +{{- printf "%s:%s%s" $serverName $port $path }} {{- end}} {{/* @@ -233,10 +242,13 @@ Output comma separated list of installed runtime components {{- define "codefresh-gitops-runtime.component-list"}} {{- $argoCD := dict "name" "argocd" "version" (get .Subcharts "argo-cd").Chart.AppVersion }} {{- $argoEvents := dict "name" "argo-events" "version" (get .Subcharts "argo-events").Chart.AppVersion }} - {{- $sealedSecrets := dict "name" "sealed-secrets" "version" (get .Subcharts "sealed-secrets").Chart.AppVersion }} {{- $internalRouter := dict "name" "internal-router" "version" .Chart.AppVersion }} {{- $appProxy := dict "name" "app-proxy" "version" (index (get .Values "app-proxy") "image" "tag") }} - {{- $comptList := list $argoCD $argoEvents $appProxy $sealedSecrets $internalRouter}} + {{- $comptList := list $argoCD $argoEvents $appProxy $internalRouter}} + {{- if index (get .Values "sealed-secrets") "enabled" }} + {{- $sealedSecrets := dict "name" "sealed-secrets" "version" (get .Subcharts "sealed-secrets").Chart.AppVersion }} + {{- $comptList = append $comptList $sealedSecrets }} + {{- end }} {{- if index (get .Values "argo-rollouts") "enabled" }} {{- $rolloutReporter := dict "name" "rollout-reporter" "version" .Chart.AppVersion }} {{- $argoRollouts := dict "name" "argo-rollouts" "version" (get .Subcharts "argo-rollouts").Chart.AppVersion }} diff --git a/charts/gitops-runtime/templates/app-proxy/workflows-crb.yaml b/charts/gitops-runtime/templates/app-proxy/workflows-crb.yaml index 2b46fb47..d317c19c 100644 --- a/charts/gitops-runtime/templates/app-proxy/workflows-crb.yaml +++ b/charts/gitops-runtime/templates/app-proxy/workflows-crb.yaml @@ -4,15 +4,18 @@ {{- $_ := set $appProxyContext "Values" (get .Values "app-proxy") }} {{- $_ := set $appProxyContext.Values "global" (get .Values "global") }} apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding +kind: {{ $appProxyContext.Values.singleNamespace | ternary "RoleBinding" "ClusterRoleBinding" }} metadata: name: cap-app-proxy-argo-workflows + {{- if $appProxyContext.Values.singleNamespace }} + namespace: {{ .Release.Namespace }} + {{- end }} roleRef: apiGroup: rbac.authorization.k8s.io - kind: ClusterRole + kind: {{ $appProxyContext.Values.singleNamespace | ternary "Role" "ClusterRole" }} name: {{ include "codefresh-gitops-runtime.argo-workflows.server.name" . }} subjects: - kind: ServiceAccount name: {{ include "cap-app-proxy.serviceAccountName" $appProxyContext }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/gitops-runtime/templates/gitops-operator.yaml b/charts/gitops-runtime/templates/gitops-operator.yaml index 500d7107..1c2138a5 100644 --- a/charts/gitops-runtime/templates/gitops-operator.yaml +++ b/charts/gitops-runtime/templates/gitops-operator.yaml @@ -1,4 +1,4 @@ -{{- if index (get .Values "gitops-operator") "libraryMode" }} +{{- if and (index (get .Values "gitops-operator") "libraryMode") (index (get .Values "gitops-operator") "enabled") }} {{- $gitopsOperatorContext := (index .Subcharts "gitops-operator")}} {{- $argoCDImageDict := index .Subcharts "argo-cd" "Values" "global" "image" }} {{- if not $argoCDImageDict.tag }} @@ -18,7 +18,7 @@ {{/* Set argo-cd-server service and port */}} {{ if not (index .Values "gitops-operator").env.ARGO_CD_URL }} - {{- $_ := set $gitopsOperatorContext.Values.env "ARGO_CD_URL" (include "codefresh-gitops-runtime.argocd.server.url" . ) }} + {{- $_ := set $gitopsOperatorContext.Values.env "ARGO_CD_URL" (include "codefresh-gitops-runtime.argocd.server.no-protocol-url" . ) }} {{- end }} {{/* Set workflows url */}} diff --git a/charts/gitops-runtime/tests/gitops-controller-misc_test.yaml b/charts/gitops-runtime/tests/gitops-controller-misc_test.yaml index e3d1ea42..1a0dd999 100644 --- a/charts/gitops-runtime/tests/gitops-controller-misc_test.yaml +++ b/charts/gitops-runtime/tests/gitops-controller-misc_test.yaml @@ -329,7 +329,7 @@ tests: path: spec.template.spec.containers[1].env content: name: ARGO_CD_URL - value: http://myargocd-server:80/some-path + value: myargocd-server:80/some-path - it: contains all resources for notifications controller template: gitops-operator.yaml @@ -371,11 +371,11 @@ tests: argo-cd.configs.params: server.rootpath: /some-path argo-cd.fullnameOverride: myargocd - gitops-operator.env.ARGO_CD_URL: http://some-other-url + gitops-operator.env.ARGO_CD_URL: some-other-url:123 asserts: - contains: path: spec.template.spec.containers[1].env content: name: ARGO_CD_URL - value: http://some-other-url + value: some-other-url:123 diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index f557cad3..5b03311f 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -124,6 +124,7 @@ installer: # Sealed secrets # ----------------------------------------------------------------------------------------------------------------------- sealed-secrets: + enabled: true fullnameOverride: sealed-secrets-controller keyrenewperiod: "720h" image: @@ -383,6 +384,7 @@ tunnel-client: #----------------------------------------------------------------------------------------------------------------------- app-proxy: replicaCount: 1 + singleNamespace: false # -- Image enrichment process configuration image-enrichment: # -- Enable or disable enrichment process. Please note that for enrichemnt, argo-workflows has to be enabled as well. @@ -428,7 +430,7 @@ app-proxy: tag: 1.1.11-main image: repository: quay.io/codefresh/cap-app-proxy - tag: 1.3142.0 + tag: 1.3146.0 pullPolicy: IfNotPresent # -- Extra volume mounts for main container extraVolumeMounts: [] @@ -436,7 +438,7 @@ app-proxy: initContainer: image: repository: quay.io/codefresh/cap-app-proxy-init - tag: 1.3142.0 + tag: 1.3146.0 pullPolicy: IfNotPresent command: - ./init.sh @@ -562,11 +564,12 @@ gitops-operator: # -- Additional labels for gitops operator CRDs additionalLabels: {} + singleNamespace: false env: {} - image: {} - # -- defaults - # repository: quay.io/codefresh/codefresh-gitops-operator - # tag: 'v{{ .Chart.AppVersion }}' + image: + # -- defaults + # repository: quay.io/codefresh/codefresh-gitops-operator + tag: feat-cr-24670-namespaced-install-cdc9a73 serviceAccount: create: true @@ -649,3 +652,6 @@ garage-workflows-artifact-storage: size: 100Mi # -- Resources for garage pods. For smaller deployments at least 100m CPU and 1024Mi memory is reccommended. For larger deployments double this size. resources: {} + # -- Helm tests + tests: + enabled: false diff --git a/installer-image/Dockerfile b/installer-image/Dockerfile index 1f69935c..07ab65e8 100644 --- a/installer-image/Dockerfile +++ b/installer-image/Dockerfile @@ -1,7 +1,7 @@ FROM debian:bullseye-slim -ARG CF_CLI_VERSION=v0.1.60 -ARG KUBECTL_VERSION=v1.27.2 +ARG CF_CLI_VERSION=v0.1.68 +ARG KUBECTL_VERSION=v1.28.12 ARG TARGETARCH RUN apt-get update && apt-get install curl -y diff --git a/scripts/get-all-images.sh b/scripts/get-all-images.sh index a2426b9b..ca1ffb41 100755 --- a/scripts/get-all-images.sh +++ b/scripts/get-all-images.sh @@ -11,4 +11,4 @@ helm template release-name $CHARTDIR -f $VALUESFILE \ | awk -F ': ' '{print $2}' | awk NF \ | tr -d '"' | tr -d ',' | cut -f1 -d"@" \ | sort -u \ - > $OUTPUTFILE \ No newline at end of file + > $OUTPUTFILE