github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/argo-cd/templates/argocd-server/deployment.yaml (about) 1 apiVersion: apps/v1 2 kind: Deployment 3 metadata: 4 {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.server.deploymentAnnotations) }} 5 annotations: 6 {{- range $key, $value := . }} 7 {{ $key }}: {{ $value | quote }} 8 {{- end }} 9 {{- end }} 10 name: {{ template "argo-cd.server.fullname" . }} 11 namespace: {{ .Release.Namespace | quote }} 12 labels: 13 {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} 14 spec: 15 {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.server.deploymentStrategy) }} 16 strategy: 17 {{- trim . | nindent 4 }} 18 {{- end }} 19 {{- if not .Values.server.autoscaling.enabled }} 20 replicas: {{ .Values.server.replicas }} 21 {{- end }} 22 revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} 23 selector: 24 matchLabels: 25 {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} 26 template: 27 metadata: 28 annotations: 29 checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} 30 {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.server.podAnnotations) }} 31 {{- range $key, $value := . }} 32 {{ $key }}: {{ $value | quote }} 33 {{- end }} 34 {{- end }} 35 labels: 36 {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 8 }} 37 {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.server.podLabels) }} 38 {{- toYaml . | nindent 8 }} 39 {{- end }} 40 spec: 41 {{- with .Values.server.imagePullSecrets | default .Values.global.imagePullSecrets }} 42 imagePullSecrets: 43 {{- toYaml . | nindent 8 }} 44 {{- end }} 45 {{- with .Values.global.hostAliases }} 46 hostAliases: 47 {{- toYaml . | nindent 8 }} 48 {{- end }} 49 {{- with .Values.global.securityContext }} 50 securityContext: 51 {{- toYaml . | nindent 8 }} 52 {{- end }} 53 {{- with .Values.server.priorityClassName | default .Values.global.priorityClassName }} 54 priorityClassName: {{ . }} 55 {{- end }} 56 serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} 57 containers: 58 - name: {{ .Values.server.name }} 59 image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }} 60 imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} 61 args: 62 - /usr/local/bin/argocd-server 63 - --port={{ .Values.server.containerPorts.server }} 64 - --metrics-port={{ .Values.server.containerPorts.metrics }} 65 {{- with .Values.server.logFormat }} 66 - --logformat 67 - {{ . | quote }} 68 {{- end }} 69 {{- with .Values.server.logLevel }} 70 - --loglevel 71 - {{ . | quote }} 72 {{- end }} 73 {{- with .Values.server.extraArgs }} 74 {{- toYaml . | nindent 8 }} 75 {{- end }} 76 env: 77 {{- with (concat .Values.global.env .Values.server.env) }} 78 {{- toYaml . | nindent 10 }} 79 {{- end }} 80 - name: ARGOCD_SERVER_INSECURE 81 valueFrom: 82 configMapKeyRef: 83 name: argocd-cmd-params-cm 84 key: server.insecure 85 optional: true 86 - name: ARGOCD_SERVER_BASEHREF 87 valueFrom: 88 configMapKeyRef: 89 name: argocd-cmd-params-cm 90 key: server.basehref 91 optional: true 92 - name: ARGOCD_SERVER_ROOTPATH 93 valueFrom: 94 configMapKeyRef: 95 name: argocd-cmd-params-cm 96 key: server.rootpath 97 optional: true 98 - name: ARGOCD_SERVER_LOGFORMAT 99 valueFrom: 100 configMapKeyRef: 101 name: argocd-cmd-params-cm 102 key: server.log.format 103 optional: true 104 - name: ARGOCD_SERVER_LOG_LEVEL 105 valueFrom: 106 configMapKeyRef: 107 name: argocd-cmd-params-cm 108 key: server.log.level 109 optional: true 110 - name: ARGOCD_SERVER_REPO_SERVER 111 valueFrom: 112 configMapKeyRef: 113 name: argocd-cmd-params-cm 114 key: repo.server 115 optional: true 116 - name: ARGOCD_SERVER_DEX_SERVER 117 valueFrom: 118 configMapKeyRef: 119 name: argocd-cmd-params-cm 120 key: server.dex.server 121 optional: true 122 - name: ARGOCD_SERVER_DISABLE_AUTH 123 valueFrom: 124 configMapKeyRef: 125 name: argocd-cmd-params-cm 126 key: server.disable.auth 127 optional: true 128 - name: ARGOCD_SERVER_ENABLE_GZIP 129 valueFrom: 130 configMapKeyRef: 131 name: argocd-cmd-params-cm 132 key: server.enable.gzip 133 optional: true 134 - name: ARGOCD_SERVER_REPO_SERVER_TIMEOUT_SECONDS 135 valueFrom: 136 configMapKeyRef: 137 name: argocd-cmd-params-cm 138 key: server.repo.server.timeout.seconds 139 optional: true 140 - name: ARGOCD_SERVER_X_FRAME_OPTIONS 141 valueFrom: 142 configMapKeyRef: 143 name: argocd-cmd-params-cm 144 key: server.x.frame.options 145 optional: true 146 - name: ARGOCD_SERVER_CONTENT_SECURITY_POLICY 147 valueFrom: 148 configMapKeyRef: 149 name: argocd-cmd-params-cm 150 key: server.content.security.policy 151 optional: true 152 - name: ARGOCD_SERVER_REPO_SERVER_PLAINTEXT 153 valueFrom: 154 configMapKeyRef: 155 name: argocd-cmd-params-cm 156 key: server.repo.server.plaintext 157 optional: true 158 - name: ARGOCD_SERVER_REPO_SERVER_STRICT_TLS 159 valueFrom: 160 configMapKeyRef: 161 name: argocd-cmd-params-cm 162 key: server.repo.server.strict.tls 163 optional: true 164 - name: ARGOCD_SERVER_DEX_SERVER_PLAINTEXT 165 valueFrom: 166 configMapKeyRef: 167 name: argocd-cmd-params-cm 168 key: server.dex.server.plaintext 169 optional: true 170 - name: ARGOCD_SERVER_DEX_SERVER_STRICT_TLS 171 valueFrom: 172 configMapKeyRef: 173 name: argocd-cmd-params-cm 174 key: server.dex.server.strict.tls 175 optional: true 176 - name: ARGOCD_TLS_MIN_VERSION 177 valueFrom: 178 configMapKeyRef: 179 name: argocd-cmd-params-cm 180 key: server.tls.minversion 181 optional: true 182 - name: ARGOCD_TLS_MAX_VERSION 183 valueFrom: 184 configMapKeyRef: 185 name: argocd-cmd-params-cm 186 key: server.tls.maxversion 187 optional: true 188 - name: ARGOCD_TLS_CIPHERS 189 valueFrom: 190 configMapKeyRef: 191 name: argocd-cmd-params-cm 192 key: server.tls.ciphers 193 optional: true 194 - name: ARGOCD_SERVER_CONNECTION_STATUS_CACHE_EXPIRATION 195 valueFrom: 196 configMapKeyRef: 197 name: argocd-cmd-params-cm 198 key: server.connection.status.cache.expiration 199 optional: true 200 - name: ARGOCD_SERVER_OIDC_CACHE_EXPIRATION 201 valueFrom: 202 configMapKeyRef: 203 name: argocd-cmd-params-cm 204 key: server.oidc.cache.expiration 205 optional: true 206 - name: ARGOCD_SERVER_LOGIN_ATTEMPTS_EXPIRATION 207 valueFrom: 208 configMapKeyRef: 209 name: argocd-cmd-params-cm 210 key: server.login.attempts.expiration 211 optional: true 212 - name: ARGOCD_SERVER_STATIC_ASSETS 213 valueFrom: 214 configMapKeyRef: 215 name: argocd-cmd-params-cm 216 key: server.staticassets 217 optional: true 218 - name: ARGOCD_APP_STATE_CACHE_EXPIRATION 219 valueFrom: 220 configMapKeyRef: 221 name: argocd-cmd-params-cm 222 key: server.app.state.cache.expiration 223 optional: true 224 - name: REDIS_SERVER 225 valueFrom: 226 configMapKeyRef: 227 name: argocd-cmd-params-cm 228 key: redis.server 229 optional: true 230 - name: REDIS_COMPRESSION 231 valueFrom: 232 configMapKeyRef: 233 name: argocd-cmd-params-cm 234 key: redis.compression 235 optional: true 236 - name: REDISDB 237 valueFrom: 238 configMapKeyRef: 239 name: argocd-cmd-params-cm 240 key: redis.db 241 optional: true 242 - name: REDIS_USERNAME 243 valueFrom: 244 secretKeyRef: 245 name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} 246 key: redis-username 247 optional: true 248 - name: REDIS_PASSWORD 249 valueFrom: 250 secretKeyRef: 251 name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} 252 key: redis-password 253 optional: true 254 - name: ARGOCD_DEFAULT_CACHE_EXPIRATION 255 valueFrom: 256 configMapKeyRef: 257 name: argocd-cmd-params-cm 258 key: server.default.cache.expiration 259 optional: true 260 - name: ARGOCD_MAX_COOKIE_NUMBER 261 valueFrom: 262 configMapKeyRef: 263 name: argocd-cmd-params-cm 264 key: server.http.cookie.maxnumber 265 optional: true 266 - name: ARGOCD_SERVER_LISTEN_ADDRESS 267 valueFrom: 268 configMapKeyRef: 269 name: argocd-cmd-params-cm 270 key: server.listen.address 271 optional: true 272 - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS 273 valueFrom: 274 configMapKeyRef: 275 name: argocd-cmd-params-cm 276 key: server.metrics.listen.address 277 optional: true 278 - name: ARGOCD_SERVER_OTLP_ADDRESS 279 valueFrom: 280 configMapKeyRef: 281 name: argocd-cmd-params-cm 282 key: otlp.address 283 optional: true 284 - name: ARGOCD_APPLICATION_NAMESPACES 285 valueFrom: 286 configMapKeyRef: 287 name: argocd-cmd-params-cm 288 key: application.namespaces 289 optional: true 290 - name: ARGOCD_SERVER_ENABLE_PROXY_EXTENSION 291 valueFrom: 292 configMapKeyRef: 293 name: argocd-cmd-params-cm 294 key: server.enable.proxy.extension 295 optional: true 296 {{- with .Values.server.envFrom }} 297 envFrom: 298 {{- toYaml . | nindent 10 }} 299 {{- end }} 300 volumeMounts: 301 {{- with .Values.server.volumeMounts }} 302 {{- toYaml . | nindent 8 }} 303 {{- end }} 304 - mountPath: /app/config/ssh 305 name: ssh-known-hosts 306 - mountPath: /app/config/tls 307 name: tls-certs 308 - mountPath: /app/config/server/tls 309 name: argocd-repo-server-tls 310 - mountPath: /app/config/dex/tls 311 name: argocd-dex-server-tls 312 - mountPath: /home/argocd 313 name: plugins-home 314 - mountPath: /shared/app/custom 315 name: styles 316 - mountPath: /tmp 317 name: tmp 318 {{- if .Values.server.extensions.enabled }} 319 - mountPath: /tmp/extensions 320 name: extensions 321 {{- end }} 322 ports: 323 - name: server 324 containerPort: {{ .Values.server.containerPorts.server }} 325 protocol: TCP 326 - name: metrics 327 containerPort: {{ .Values.server.containerPorts.metrics }} 328 protocol: TCP 329 livenessProbe: 330 httpGet: 331 path: /healthz?full=true 332 port: server 333 initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }} 334 periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }} 335 timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }} 336 successThreshold: {{ .Values.server.livenessProbe.successThreshold }} 337 failureThreshold: {{ .Values.server.livenessProbe.failureThreshold }} 338 readinessProbe: 339 httpGet: 340 path: /healthz 341 port: server 342 initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }} 343 periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }} 344 timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }} 345 successThreshold: {{ .Values.server.readinessProbe.successThreshold }} 346 failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }} 347 resources: 348 {{- toYaml .Values.server.resources | nindent 10 }} 349 {{- with .Values.server.containerSecurityContext }} 350 securityContext: 351 {{- toYaml . | nindent 10 }} 352 {{- end }} 353 {{- with .Values.server.lifecycle }} 354 lifecycle: 355 {{- toYaml . | nindent 10 }} 356 {{- end }} 357 {{- if .Values.server.extensions.enabled }} 358 - name: argocd-extensions 359 image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }} 360 imagePullPolicy: {{ .Values.server.extensions.image.imagePullPolicy }} 361 resources: 362 {{- toYaml .Values.server.extensions.resources | nindent 10 }} 363 {{- with .Values.server.extensions.containerSecurityContext }} 364 securityContext: 365 {{- toYaml . | nindent 10 }} 366 {{- end }} 367 volumeMounts: 368 - name: extensions 369 mountPath: /tmp/extensions/ 370 - name: tmp 371 mountPath: /tmp 372 {{- end }} 373 {{- with .Values.server.extraContainers }} 374 {{- tpl (toYaml .) $ | nindent 6 }} 375 {{- end }} 376 {{- with .Values.server.initContainers }} 377 initContainers: 378 {{- tpl (toYaml .) $ | nindent 6 }} 379 {{- end }} 380 {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.server) }} 381 affinity: 382 {{- trim . | nindent 8 }} 383 {{- end }} 384 {{- with .Values.server.nodeSelector | default .Values.global.nodeSelector }} 385 nodeSelector: 386 {{- toYaml . | nindent 8 }} 387 {{- end }} 388 {{- with .Values.server.tolerations | default .Values.global.tolerations }} 389 tolerations: 390 {{- toYaml . | nindent 8 }} 391 {{- end }} 392 {{- with .Values.server.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} 393 topologySpreadConstraints: 394 {{- range $constraint := . }} 395 - {{ toYaml $constraint | nindent 8 | trim }} 396 {{- if not $constraint.labelSelector }} 397 labelSelector: 398 matchLabels: 399 {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.server.name) | nindent 12 }} 400 {{- end }} 401 {{- end }} 402 {{- end }} 403 volumes: 404 {{- with .Values.server.volumes }} 405 {{- toYaml . | nindent 6}} 406 {{- end }} 407 {{- if .Values.server.extensions.enabled }} 408 - name: extensions 409 emptyDir: {} 410 {{- end }} 411 - name: plugins-home 412 emptyDir: {} 413 - name: tmp 414 emptyDir: {} 415 - name: ssh-known-hosts 416 configMap: 417 name: argocd-ssh-known-hosts-cm 418 - name: tls-certs 419 configMap: 420 name: argocd-tls-certs-cm 421 - name: styles 422 configMap: 423 name: argocd-styles-cm 424 optional: true 425 - name: argocd-repo-server-tls 426 secret: 427 secretName: argocd-repo-server-tls 428 optional: true 429 items: 430 - key: tls.crt 431 path: tls.crt 432 - key: tls.key 433 path: tls.key 434 - key: ca.crt 435 path: ca.crt 436 - name: argocd-dex-server-tls 437 secret: 438 secretName: argocd-dex-server-tls 439 optional: true 440 items: 441 - key: tls.crt 442 path: tls.crt 443 - key: ca.crt 444 path: ca.crt 445 {{- if .Values.server.hostNetwork }} 446 hostNetwork: {{ .Values.server.hostNetwork }} 447 {{- end }} 448 {{- with .Values.server.dnsConfig }} 449 dnsConfig: 450 {{- toYaml . | nindent 8 }} 451 {{- end }} 452 dnsPolicy: {{ .Values.server.dnsPolicy }}