github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/argo-cd/templates/argocd-repo-server/deployment.yaml (about) 1 apiVersion: apps/v1 2 kind: Deployment 3 metadata: 4 {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.repoServer.deploymentAnnotations) }} 5 annotations: 6 {{- range $key, $value := . }} 7 {{ $key }}: {{ $value | quote }} 8 {{- end }} 9 {{- end }} 10 name: {{ template "argo-cd.repoServer.fullname" . }} 11 namespace: {{ .Release.Namespace | quote }} 12 labels: 13 {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} 14 spec: 15 {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.repoServer.deploymentStrategy) }} 16 strategy: 17 {{- trim . | nindent 4 }} 18 {{- end }} 19 {{- if not .Values.repoServer.autoscaling.enabled }} 20 replicas: {{ .Values.repoServer.replicas }} 21 {{- end }} 22 revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} 23 selector: 24 matchLabels: 25 {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 6 }} 26 template: 27 metadata: 28 annotations: 29 checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} 30 {{- if .Values.repoServer.certificateSecret.enabled }} 31 checksum/repo-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-repo-server-tls-secret.yaml") . | sha256sum }} 32 {{- end }} 33 {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} 34 {{- range $key, $value := . }} 35 {{ $key }}: {{ $value | quote }} 36 {{- end }} 37 {{- end }} 38 labels: 39 {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 8 }} 40 {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.repoServer.podLabels) }} 41 {{- toYaml . | nindent 8 }} 42 {{- end }} 43 spec: 44 {{- with .Values.repoServer.imagePullSecrets | default .Values.global.imagePullSecrets }} 45 imagePullSecrets: 46 {{- toYaml . | nindent 8 }} 47 {{- end }} 48 {{- with .Values.global.hostAliases }} 49 hostAliases: 50 {{- toYaml . | nindent 8 }} 51 {{- end }} 52 {{- with .Values.global.securityContext }} 53 securityContext: 54 {{- toYaml . | nindent 8 }} 55 {{- end }} 56 {{- with .Values.repoServer.priorityClassName | default .Values.global.priorityClassName }} 57 priorityClassName: {{ . }} 58 {{- end }} 59 serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} 60 containers: 61 - name: {{ .Values.repoServer.name }} 62 image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} 63 imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} 64 args: 65 - /usr/local/bin/argocd-repo-server 66 - --port={{ .Values.repoServer.containerPorts.server }} 67 - --metrics-port={{ .Values.repoServer.containerPorts.metrics }} 68 {{- with .Values.repoServer.logFormat }} 69 - --logformat 70 - {{ . | quote }} 71 {{- end }} 72 {{- with .Values.repoServer.logLevel }} 73 - --loglevel 74 - {{ . | quote }} 75 {{- end }} 76 {{- with .Values.repoServer.extraArgs }} 77 {{- toYaml . | nindent 8 }} 78 {{- end }} 79 env: 80 {{- with (concat .Values.global.env .Values.repoServer.env) }} 81 {{- toYaml . | nindent 10 }} 82 {{- end }} 83 {{- if .Values.openshift.enabled }} 84 - name: USER_NAME 85 value: argocd 86 {{- end }} 87 - name: ARGOCD_RECONCILIATION_TIMEOUT 88 valueFrom: 89 configMapKeyRef: 90 name: argocd-cm 91 key: timeout.reconciliation 92 optional: true 93 - name: ARGOCD_REPO_SERVER_LOGFORMAT 94 valueFrom: 95 configMapKeyRef: 96 name: argocd-cmd-params-cm 97 key: reposerver.log.format 98 optional: true 99 - name: ARGOCD_REPO_SERVER_LOGLEVEL 100 valueFrom: 101 configMapKeyRef: 102 name: argocd-cmd-params-cm 103 key: reposerver.log.level 104 optional: true 105 - name: ARGOCD_REPO_SERVER_PARALLELISM_LIMIT 106 valueFrom: 107 configMapKeyRef: 108 name: argocd-cmd-params-cm 109 key: reposerver.parallelism.limit 110 optional: true 111 - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS 112 valueFrom: 113 configMapKeyRef: 114 name: argocd-cmd-params-cm 115 key: reposerver.listen.address 116 optional: true 117 - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS 118 valueFrom: 119 configMapKeyRef: 120 name: argocd-cmd-params-cm 121 key: reposerver.metrics.listen.address 122 optional: true 123 - name: ARGOCD_REPO_SERVER_DISABLE_TLS 124 valueFrom: 125 configMapKeyRef: 126 name: argocd-cmd-params-cm 127 key: reposerver.disable.tls 128 optional: true 129 - name: ARGOCD_TLS_MIN_VERSION 130 valueFrom: 131 configMapKeyRef: 132 name: argocd-cmd-params-cm 133 key: reposerver.tls.minversion 134 optional: true 135 - name: ARGOCD_TLS_MAX_VERSION 136 valueFrom: 137 configMapKeyRef: 138 name: argocd-cmd-params-cm 139 key: reposerver.tls.maxversion 140 optional: true 141 - name: ARGOCD_TLS_CIPHERS 142 valueFrom: 143 configMapKeyRef: 144 name: argocd-cmd-params-cm 145 key: reposerver.tls.ciphers 146 optional: true 147 - name: ARGOCD_REPO_CACHE_EXPIRATION 148 valueFrom: 149 configMapKeyRef: 150 name: argocd-cmd-params-cm 151 key: reposerver.repo.cache.expiration 152 optional: true 153 - name: REDIS_SERVER 154 valueFrom: 155 configMapKeyRef: 156 name: argocd-cmd-params-cm 157 key: redis.server 158 optional: true 159 - name: REDIS_COMPRESSION 160 valueFrom: 161 configMapKeyRef: 162 name: argocd-cmd-params-cm 163 key: redis.compression 164 optional: true 165 - name: REDISDB 166 valueFrom: 167 configMapKeyRef: 168 name: argocd-cmd-params-cm 169 key: redis.db 170 optional: true 171 - name: REDIS_USERNAME 172 valueFrom: 173 secretKeyRef: 174 name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} 175 key: redis-username 176 optional: true 177 - name: REDIS_PASSWORD 178 valueFrom: 179 secretKeyRef: 180 name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} 181 key: redis-password 182 optional: true 183 - name: ARGOCD_DEFAULT_CACHE_EXPIRATION 184 valueFrom: 185 configMapKeyRef: 186 name: argocd-cmd-params-cm 187 key: reposerver.default.cache.expiration 188 optional: true 189 - name: ARGOCD_REPO_SERVER_OTLP_ADDRESS 190 valueFrom: 191 configMapKeyRef: 192 name: argocd-cmd-params-cm 193 key: otlp.address 194 optional: true 195 - name: ARGOCD_REPO_SERVER_MAX_COMBINED_DIRECTORY_MANIFESTS_SIZE 196 valueFrom: 197 configMapKeyRef: 198 name: argocd-cmd-params-cm 199 key: reposerver.max.combined.directory.manifests.size 200 optional: true 201 - name: ARGOCD_REPO_SERVER_PLUGIN_TAR_EXCLUSIONS 202 valueFrom: 203 configMapKeyRef: 204 name: argocd-cmd-params-cm 205 key: reposerver.plugin.tar.exclusions 206 optional: true 207 - name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS 208 valueFrom: 209 configMapKeyRef: 210 key: reposerver.allow.oob.symlinks 211 name: argocd-cmd-params-cm 212 optional: true 213 - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_TAR_SIZE 214 valueFrom: 215 configMapKeyRef: 216 key: reposerver.streamed.manifest.max.tar.size 217 name: argocd-cmd-params-cm 218 optional: true 219 - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_EXTRACTED_SIZE 220 valueFrom: 221 configMapKeyRef: 222 key: reposerver.streamed.manifest.max.extracted.size 223 name: argocd-cmd-params-cm 224 optional: true 225 - name: ARGOCD_GIT_MODULES_ENABLED 226 valueFrom: 227 configMapKeyRef: 228 key: reposerver.enable.git.submodule 229 name: argocd-cmd-params-cm 230 optional: true 231 - name: HELM_CACHE_HOME 232 value: /helm-working-dir 233 - name: HELM_CONFIG_HOME 234 value: /helm-working-dir 235 - name: HELM_DATA_HOME 236 value: /helm-working-dir 237 {{- with .Values.repoServer.envFrom }} 238 envFrom: 239 {{- toYaml . | nindent 10 }} 240 {{- end }} 241 volumeMounts: 242 {{- if .Values.repoServer.volumeMounts }} 243 {{- toYaml .Values.repoServer.volumeMounts | nindent 8 }} 244 {{- end }} 245 - mountPath: /app/config/ssh 246 name: ssh-known-hosts 247 - mountPath: /app/config/tls 248 name: tls-certs 249 - mountPath: /app/config/gpg/source 250 name: gpg-keys 251 - mountPath: /app/config/gpg/keys 252 name: gpg-keyring 253 - mountPath: /app/config/reposerver/tls 254 name: argocd-repo-server-tls 255 - mountPath: /helm-working-dir 256 name: helm-working-dir 257 - mountPath: /home/argocd/cmp-server/plugins 258 name: plugins 259 - mountPath: /tmp 260 name: tmp 261 ports: 262 - name: repo-server 263 containerPort: {{ .Values.repoServer.containerPorts.server }} 264 protocol: TCP 265 - name: metrics 266 containerPort: {{ .Values.repoServer.containerPorts.metrics }} 267 protocol: TCP 268 livenessProbe: 269 httpGet: 270 path: /healthz?full=true 271 port: metrics 272 initialDelaySeconds: {{ .Values.repoServer.livenessProbe.initialDelaySeconds }} 273 periodSeconds: {{ .Values.repoServer.livenessProbe.periodSeconds }} 274 timeoutSeconds: {{ .Values.repoServer.livenessProbe.timeoutSeconds }} 275 successThreshold: {{ .Values.repoServer.livenessProbe.successThreshold }} 276 failureThreshold: {{ .Values.repoServer.livenessProbe.failureThreshold }} 277 readinessProbe: 278 httpGet: 279 path: /healthz 280 port: metrics 281 initialDelaySeconds: {{ .Values.repoServer.readinessProbe.initialDelaySeconds }} 282 periodSeconds: {{ .Values.repoServer.readinessProbe.periodSeconds }} 283 timeoutSeconds: {{ .Values.repoServer.readinessProbe.timeoutSeconds }} 284 successThreshold: {{ .Values.repoServer.readinessProbe.successThreshold }} 285 failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }} 286 resources: 287 {{- toYaml .Values.repoServer.resources | nindent 10 }} 288 {{- with .Values.repoServer.containerSecurityContext }} 289 securityContext: 290 {{- toYaml . | nindent 10 }} 291 {{- end }} 292 {{- with .Values.repoServer.lifecycle }} 293 lifecycle: 294 {{- toYaml . | nindent 10 }} 295 {{- end }} 296 {{- with .Values.repoServer.extraContainers }} 297 {{- tpl (toYaml .) $ | nindent 6 }} 298 {{- end }} 299 initContainers: 300 - command: 301 - /bin/cp 302 - -n 303 - /usr/local/bin/argocd 304 - /var/run/argocd/argocd-cmp-server 305 image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} 306 imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} 307 name: copyutil 308 {{- with .Values.repoServer.resources }} 309 resources: 310 {{- toYaml . | nindent 10 }} 311 {{- end }} 312 {{- with .Values.repoServer.containerSecurityContext }} 313 securityContext: 314 {{- toYaml . | nindent 10 }} 315 {{- end }} 316 volumeMounts: 317 - mountPath: /var/run/argocd 318 name: var-files 319 {{- with .Values.repoServer.initContainers }} 320 {{- tpl (toYaml .) $ | nindent 6 }} 321 {{- end }} 322 {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) }} 323 affinity: 324 {{- trim . | nindent 8 }} 325 {{- end }} 326 {{- with .Values.repoServer.nodeSelector | default .Values.global.nodeSelector }} 327 nodeSelector: 328 {{- toYaml . | nindent 8 }} 329 {{- end }} 330 {{- with .Values.repoServer.tolerations | default .Values.global.tolerations }} 331 tolerations: 332 {{- toYaml . | nindent 8 }} 333 {{- end }} 334 {{- with .Values.repoServer.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} 335 topologySpreadConstraints: 336 {{- range $constraint := . }} 337 - {{ toYaml $constraint | nindent 8 | trim }} 338 {{- if not $constraint.labelSelector }} 339 labelSelector: 340 matchLabels: 341 {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.repoServer.name) | nindent 12 }} 342 {{- end }} 343 {{- end }} 344 {{- end }} 345 volumes: 346 {{- with .Values.repoServer.volumes }} 347 {{- toYaml . | nindent 6 }} 348 {{- end }} 349 - name: helm-working-dir 350 emptyDir: {} 351 - name: plugins 352 emptyDir: {} 353 - name: var-files 354 emptyDir: {} 355 - name: tmp 356 emptyDir: {} 357 - name: ssh-known-hosts 358 configMap: 359 name: argocd-ssh-known-hosts-cm 360 - name: tls-certs 361 configMap: 362 name: argocd-tls-certs-cm 363 - name: gpg-keys 364 configMap: 365 name: argocd-gpg-keys-cm 366 - name: gpg-keyring 367 emptyDir: {} 368 - name: argocd-repo-server-tls 369 secret: 370 secretName: argocd-repo-server-tls 371 optional: true 372 items: 373 - key: tls.crt 374 path: tls.crt 375 - key: tls.key 376 path: tls.key 377 - key: ca.crt 378 path: ca.crt 379 {{- if .Values.repoServer.hostNetwork }} 380 hostNetwork: {{ .Values.repoServer.hostNetwork }} 381 {{- end }} 382 {{- with .Values.repoServer.dnsConfig }} 383 dnsConfig: 384 {{- toYaml . | nindent 8 }} 385 {{- end }} 386 dnsPolicy: {{ .Values.repoServer.dnsPolicy }}