github.com/argoproj/argo-cd/v3@v3.2.1/manifests/base/repo-server/argocd-repo-server-deployment.yaml (about) 1 apiVersion: apps/v1 2 kind: Deployment 3 metadata: 4 labels: 5 app.kubernetes.io/name: argocd-repo-server 6 app.kubernetes.io/part-of: argocd 7 app.kubernetes.io/component: repo-server 8 name: argocd-repo-server 9 spec: 10 selector: 11 matchLabels: 12 app.kubernetes.io/name: argocd-repo-server 13 template: 14 metadata: 15 labels: 16 app.kubernetes.io/name: argocd-repo-server 17 spec: 18 serviceAccountName: argocd-repo-server 19 automountServiceAccountToken: false 20 containers: 21 - name: argocd-repo-server 22 image: quay.io/argoproj/argocd:latest 23 imagePullPolicy: Always 24 args: 25 - /usr/local/bin/argocd-repo-server 26 env: 27 - name: REDIS_PASSWORD 28 valueFrom: 29 secretKeyRef: 30 key: auth 31 name: argocd-redis 32 - name: ARGOCD_RECONCILIATION_TIMEOUT 33 valueFrom: 34 configMapKeyRef: 35 name: argocd-cm 36 key: timeout.reconciliation 37 optional: true 38 - name: ARGOCD_REPO_SERVER_LOGFORMAT 39 valueFrom: 40 configMapKeyRef: 41 name: argocd-cmd-params-cm 42 key: reposerver.log.format 43 optional: true 44 - name: ARGOCD_REPO_SERVER_LOGLEVEL 45 valueFrom: 46 configMapKeyRef: 47 name: argocd-cmd-params-cm 48 key: reposerver.log.level 49 optional: true 50 - name: ARGOCD_LOG_FORMAT_TIMESTAMP 51 valueFrom: 52 configMapKeyRef: 53 name: argocd-cmd-params-cm 54 key: log.format.timestamp 55 optional: true 56 - name: ARGOCD_REPO_SERVER_PARALLELISM_LIMIT 57 valueFrom: 58 configMapKeyRef: 59 name: argocd-cmd-params-cm 60 key: reposerver.parallelism.limit 61 optional: true 62 - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS 63 valueFrom: 64 configMapKeyRef: 65 name: argocd-cmd-params-cm 66 key: reposerver.listen.address 67 optional: true 68 - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS 69 valueFrom: 70 configMapKeyRef: 71 name: argocd-cmd-params-cm 72 key: reposerver.metrics.listen.address 73 optional: true 74 - name: ARGOCD_REPO_SERVER_DISABLE_TLS 75 valueFrom: 76 configMapKeyRef: 77 name: argocd-cmd-params-cm 78 key: reposerver.disable.tls 79 optional: true 80 - name: ARGOCD_TLS_MIN_VERSION 81 valueFrom: 82 configMapKeyRef: 83 name: argocd-cmd-params-cm 84 key: reposerver.tls.minversion 85 optional: true 86 - name: ARGOCD_TLS_MAX_VERSION 87 valueFrom: 88 configMapKeyRef: 89 name: argocd-cmd-params-cm 90 key: reposerver.tls.maxversion 91 optional: true 92 - name: ARGOCD_TLS_CIPHERS 93 valueFrom: 94 configMapKeyRef: 95 name: argocd-cmd-params-cm 96 key: reposerver.tls.ciphers 97 optional: true 98 - name: ARGOCD_REPO_CACHE_EXPIRATION 99 valueFrom: 100 configMapKeyRef: 101 name: argocd-cmd-params-cm 102 key: reposerver.repo.cache.expiration 103 optional: true 104 - name: REDIS_SERVER 105 valueFrom: 106 configMapKeyRef: 107 name: argocd-cmd-params-cm 108 key: redis.server 109 optional: true 110 - name: REDIS_COMPRESSION 111 valueFrom: 112 configMapKeyRef: 113 name: argocd-cmd-params-cm 114 key: redis.compression 115 optional: true 116 - name: REDISDB 117 valueFrom: 118 configMapKeyRef: 119 name: argocd-cmd-params-cm 120 key: redis.db 121 optional: true 122 - name: ARGOCD_DEFAULT_CACHE_EXPIRATION 123 valueFrom: 124 configMapKeyRef: 125 name: argocd-cmd-params-cm 126 key: reposerver.default.cache.expiration 127 optional: true 128 - name: ARGOCD_REPO_SERVER_OTLP_ADDRESS 129 valueFrom: 130 configMapKeyRef: 131 name: argocd-cmd-params-cm 132 key: otlp.address 133 optional: true 134 - name: ARGOCD_REPO_SERVER_OTLP_INSECURE 135 valueFrom: 136 configMapKeyRef: 137 name: argocd-cmd-params-cm 138 key: otlp.insecure 139 optional: true 140 - name: ARGOCD_REPO_SERVER_OTLP_HEADERS 141 valueFrom: 142 configMapKeyRef: 143 name: argocd-cmd-params-cm 144 key: otlp.headers 145 optional: true 146 - name: ARGOCD_REPO_SERVER_OTLP_ATTRS 147 valueFrom: 148 configMapKeyRef: 149 name: argocd-cmd-params-cm 150 key: otlp.attrs 151 optional: true 152 - name: ARGOCD_REPO_SERVER_MAX_COMBINED_DIRECTORY_MANIFESTS_SIZE 153 valueFrom: 154 configMapKeyRef: 155 name: argocd-cmd-params-cm 156 key: reposerver.max.combined.directory.manifests.size 157 optional: true 158 - name: ARGOCD_REPO_SERVER_PLUGIN_TAR_EXCLUSIONS 159 valueFrom: 160 configMapKeyRef: 161 name: argocd-cmd-params-cm 162 key: reposerver.plugin.tar.exclusions 163 optional: true 164 - name: ARGOCD_REPO_SERVER_PLUGIN_USE_MANIFEST_GENERATE_PATHS 165 valueFrom: 166 configMapKeyRef: 167 key: reposerver.plugin.use.manifest.generate.paths 168 name: argocd-cmd-params-cm 169 optional: true 170 - name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS 171 valueFrom: 172 configMapKeyRef: 173 key: reposerver.allow.oob.symlinks 174 name: argocd-cmd-params-cm 175 optional: true 176 - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_TAR_SIZE 177 valueFrom: 178 configMapKeyRef: 179 key: reposerver.streamed.manifest.max.tar.size 180 name: argocd-cmd-params-cm 181 optional: true 182 - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_EXTRACTED_SIZE 183 valueFrom: 184 configMapKeyRef: 185 key: reposerver.streamed.manifest.max.extracted.size 186 name: argocd-cmd-params-cm 187 optional: true 188 - name: ARGOCD_REPO_SERVER_HELM_MANIFEST_MAX_EXTRACTED_SIZE 189 valueFrom: 190 configMapKeyRef: 191 key: reposerver.helm.manifest.max.extracted.size 192 name: argocd-cmd-params-cm 193 optional: true 194 - name: ARGOCD_REPO_SERVER_DISABLE_HELM_MANIFEST_MAX_EXTRACTED_SIZE 195 valueFrom: 196 configMapKeyRef: 197 name: argocd-cmd-params-cm 198 key: reposerver.disable.helm.manifest.max.extracted.size 199 optional: true 200 - name: ARGOCD_REPO_SERVER_OCI_MANIFEST_MAX_EXTRACTED_SIZE 201 valueFrom: 202 configMapKeyRef: 203 key: reposerver.oci.manifest.max.extracted.size 204 name: argocd-cmd-params-cm 205 optional: true 206 - name: ARGOCD_REPO_SERVER_DISABLE_OCI_MANIFEST_MAX_EXTRACTED_SIZE 207 valueFrom: 208 configMapKeyRef: 209 key: reposerver.disable.oci.manifest.max.extracted.size 210 name: argocd-cmd-params-cm 211 optional: true 212 - name: ARGOCD_REPO_SERVER_OCI_LAYER_MEDIA_TYPES 213 valueFrom: 214 configMapKeyRef: 215 key: reposerver.oci.layer.media.types 216 name: argocd-cmd-params-cm 217 optional: true 218 - name: ARGOCD_REVISION_CACHE_LOCK_TIMEOUT 219 valueFrom: 220 configMapKeyRef: 221 key: reposerver.revision.cache.lock.timeout 222 name: argocd-cmd-params-cm 223 optional: true 224 - name: ARGOCD_GIT_MODULES_ENABLED 225 valueFrom: 226 configMapKeyRef: 227 key: reposerver.enable.git.submodule 228 name: argocd-cmd-params-cm 229 optional: true 230 - name: ARGOCD_GIT_LS_REMOTE_PARALLELISM_LIMIT 231 valueFrom: 232 configMapKeyRef: 233 key: reposerver.git.lsremote.parallelism.limit 234 name: argocd-cmd-params-cm 235 optional: true 236 - name: ARGOCD_GIT_REQUEST_TIMEOUT 237 valueFrom: 238 configMapKeyRef: 239 key: reposerver.git.request.timeout 240 name: argocd-cmd-params-cm 241 optional: true 242 - name: ARGOCD_REPO_SERVER_ENABLE_BUILTIN_GIT_CONFIG 243 valueFrom: 244 configMapKeyRef: 245 name: argocd-cmd-params-cm 246 key: reposerver.enable.builtin.git.config 247 optional: true 248 - name: ARGOCD_GRPC_MAX_SIZE_MB 249 valueFrom: 250 configMapKeyRef: 251 key: reposerver.grpc.max.size 252 name: argocd-cmd-params-cm 253 optional: true 254 - name: ARGOCD_REPO_SERVER_INCLUDE_HIDDEN_DIRECTORIES 255 valueFrom: 256 configMapKeyRef: 257 key: reposerver.include.hidden.directories 258 name: argocd-cmd-params-cm 259 optional: true 260 - name: HELM_CACHE_HOME 261 value: /helm-working-dir 262 - name: HELM_CONFIG_HOME 263 value: /helm-working-dir 264 - name: HELM_DATA_HOME 265 value: /helm-working-dir 266 ports: 267 - containerPort: 8081 268 - containerPort: 8084 269 livenessProbe: 270 httpGet: 271 path: /healthz?full=true 272 port: 8084 273 initialDelaySeconds: 30 274 periodSeconds: 30 275 failureThreshold: 3 276 timeoutSeconds: 5 277 readinessProbe: 278 httpGet: 279 path: /healthz 280 port: 8084 281 initialDelaySeconds: 5 282 periodSeconds: 10 283 securityContext: 284 runAsNonRoot: true 285 readOnlyRootFilesystem: true 286 allowPrivilegeEscalation: false 287 capabilities: 288 drop: 289 - ALL 290 seccompProfile: 291 type: RuntimeDefault 292 volumeMounts: 293 - name: ssh-known-hosts 294 mountPath: /app/config/ssh 295 - name: tls-certs 296 mountPath: /app/config/tls 297 - name: gpg-keys 298 mountPath: /app/config/gpg/source 299 - name: gpg-keyring 300 mountPath: /app/config/gpg/keys 301 - name: argocd-repo-server-tls 302 mountPath: /app/config/reposerver/tls 303 - name: tmp 304 mountPath: /tmp 305 - mountPath: /helm-working-dir 306 name: helm-working-dir 307 - mountPath: /home/argocd/cmp-server/plugins 308 name: plugins 309 initContainers: 310 - command: 311 - /bin/cp 312 - -n 313 - /usr/local/bin/argocd 314 - /var/run/argocd/argocd-cmp-server 315 image: quay.io/argoproj/argocd:latest 316 name: copyutil 317 securityContext: 318 runAsNonRoot: true 319 readOnlyRootFilesystem: true 320 allowPrivilegeEscalation: false 321 capabilities: 322 drop: 323 - ALL 324 seccompProfile: 325 type: RuntimeDefault 326 volumeMounts: 327 - mountPath: /var/run/argocd 328 name: var-files 329 volumes: 330 - name: ssh-known-hosts 331 configMap: 332 name: argocd-ssh-known-hosts-cm 333 - name: tls-certs 334 configMap: 335 name: argocd-tls-certs-cm 336 - name: gpg-keys 337 configMap: 338 name: argocd-gpg-keys-cm 339 - name: gpg-keyring 340 emptyDir: {} 341 - name: tmp 342 emptyDir: {} 343 - name: helm-working-dir 344 emptyDir: {} 345 - name: argocd-repo-server-tls 346 secret: 347 secretName: argocd-repo-server-tls 348 optional: true 349 items: 350 - key: tls.crt 351 path: tls.crt 352 - key: tls.key 353 path: tls.key 354 - key: ca.crt 355 path: ca.crt 356 - emptyDir: {} 357 name: var-files 358 - emptyDir: {} 359 name: plugins 360 affinity: 361 podAntiAffinity: 362 preferredDuringSchedulingIgnoredDuringExecution: 363 - weight: 100 364 podAffinityTerm: 365 labelSelector: 366 matchLabels: 367 app.kubernetes.io/name: argocd-repo-server 368 topologyKey: kubernetes.io/hostname 369 - weight: 5 370 podAffinityTerm: 371 labelSelector: 372 matchLabels: 373 app.kubernetes.io/part-of: argocd 374 topologyKey: kubernetes.io/hostname 375 nodeSelector: 376 kubernetes.io/os: linux