github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/argo-cd/templates/dex/deployment.yaml (about) 1 {{- if .Values.dex.enabled }} 2 apiVersion: apps/v1 3 kind: Deployment 4 metadata: 5 {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.dex.deploymentAnnotations) }} 6 annotations: 7 {{- range $key, $value := . }} 8 {{ $key }}: {{ $value | quote }} 9 {{- end }} 10 {{- end }} 11 name: {{ template "argo-cd.dex.fullname" . }} 12 namespace: {{ .Release.Namespace | quote }} 13 labels: 14 {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} 15 spec: 16 {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.dex.deploymentStrategy) }} 17 strategy: 18 {{- trim . | nindent 4 }} 19 {{- end }} 20 replicas: 1 21 revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} 22 selector: 23 matchLabels: 24 {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.dex.name) | nindent 6 }} 25 template: 26 metadata: 27 annotations: 28 checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} 29 {{- if .Values.dex.certificateSecret.enabled }} 30 checksum/dex-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-dex-server-tls-secret.yaml") . | sha256sum }} 31 {{- end }} 32 {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.dex.podAnnotations) }} 33 {{- range $key, $value := . }} 34 {{ $key }}: {{ $value | quote }} 35 {{- end }} 36 {{- end }} 37 labels: 38 {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 8 }} 39 {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.dex.podLabels) }} 40 {{- toYaml . | nindent 8 }} 41 {{- end }} 42 spec: 43 {{- with .Values.dex.imagePullSecrets | default .Values.global.imagePullSecrets }} 44 imagePullSecrets: 45 {{- toYaml . | nindent 8 }} 46 {{- end }} 47 {{- with .Values.global.hostAliases }} 48 hostAliases: 49 {{- toYaml . | nindent 8 }} 50 {{- end }} 51 {{- with.Values.global.securityContext }} 52 securityContext: 53 {{- toYaml . | nindent 8 }} 54 {{- end }} 55 {{- with .Values.dex.priorityClassName | default .Values.global.priorityClassName }} 56 priorityClassName: {{ . }} 57 {{- end }} 58 serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} 59 containers: 60 - name: {{ .Values.dex.name }} 61 image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} 62 imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.image.imagePullPolicy }} 63 command: 64 - /shared/argocd-dex 65 - --logformat={{ default .Values.global.logging.format .Values.dex.logFormat }} 66 - --loglevel={{ default .Values.global.logging.level .Values.dex.logLevel }} 67 args: 68 - rundex 69 {{- with .Values.dex.extraArgs }} 70 {{- toYaml . | nindent 8 }} 71 {{- end }} 72 env: 73 {{- with (concat .Values.global.env .Values.dex.env) }} 74 {{- toYaml . | nindent 10 }} 75 {{- end }} 76 - name: ARGOCD_DEX_SERVER_DISABLE_TLS 77 valueFrom: 78 configMapKeyRef: 79 name: argocd-cmd-params-cm 80 key: dexserver.disable.tls 81 optional: true 82 {{- with .Values.dex.envFrom }} 83 envFrom: 84 {{- toYaml . | nindent 10 }} 85 {{- end }} 86 ports: 87 - name: http 88 containerPort: {{ .Values.dex.containerPorts.http }} 89 protocol: TCP 90 - name: grpc 91 containerPort: {{ .Values.dex.containerPorts.grpc }} 92 protocol: TCP 93 - name: metrics 94 containerPort: {{ .Values.dex.containerPorts.metrics }} 95 protocol: TCP 96 {{- if .Values.dex.livenessProbe.enabled }} 97 livenessProbe: 98 httpGet: 99 path: /healthz/live 100 port: metrics 101 initialDelaySeconds: {{ .Values.dex.livenessProbe.initialDelaySeconds }} 102 periodSeconds: {{ .Values.dex.livenessProbe.periodSeconds }} 103 timeoutSeconds: {{ .Values.dex.livenessProbe.timeoutSeconds }} 104 successThreshold: {{ .Values.dex.livenessProbe.successThreshold }} 105 failureThreshold: {{ .Values.dex.livenessProbe.failureThreshold }} 106 {{- end }} 107 {{- if .Values.dex.readinessProbe.enabled }} 108 readinessProbe: 109 httpGet: 110 path: /healthz/ready 111 port: metrics 112 initialDelaySeconds: {{ .Values.dex.readinessProbe.initialDelaySeconds }} 113 periodSeconds: {{ .Values.dex.readinessProbe.periodSeconds }} 114 timeoutSeconds: {{ .Values.dex.readinessProbe.timeoutSeconds }} 115 successThreshold: {{ .Values.dex.readinessProbe.successThreshold }} 116 failureThreshold: {{ .Values.dex.readinessProbe.failureThreshold }} 117 {{- end }} 118 resources: 119 {{- toYaml .Values.dex.resources | nindent 10 }} 120 {{- with .Values.dex.containerSecurityContext }} 121 securityContext: 122 {{- toYaml . | nindent 10 }} 123 {{- end }} 124 volumeMounts: 125 {{- with .Values.dex.volumeMounts }} 126 {{- toYaml . | nindent 8 }} 127 {{- end }} 128 - name: static-files 129 mountPath: /shared 130 - name: dexconfig 131 mountPath: /tmp 132 - name: argocd-dex-server-tls 133 mountPath: /tls 134 {{- with .Values.dex.extraContainers }} 135 {{- tpl (toYaml .) $ | nindent 6 }} 136 {{- end }} 137 initContainers: 138 - name: copyutil 139 image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} 140 imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} 141 command: 142 - /bin/cp 143 - -n 144 - /usr/local/bin/argocd 145 - /shared/argocd-dex 146 volumeMounts: 147 - mountPath: /shared 148 name: static-files 149 - mountPath: /tmp 150 name: dexconfig 151 resources: 152 {{- toYaml (default .Values.dex.resources .Values.dex.initImage.resources) | nindent 10 }} 153 {{- with .Values.dex.containerSecurityContext }} 154 securityContext: 155 {{- toYaml . | nindent 10 }} 156 {{- end }} 157 {{- with .Values.dex.initContainers }} 158 {{- tpl (toYaml .) $ | nindent 6 }} 159 {{- end }} 160 {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.dex) }} 161 affinity: 162 {{- trim . | nindent 8 }} 163 {{- end }} 164 {{- with .Values.dex.nodeSelector | default .Values.global.nodeSelector }} 165 nodeSelector: 166 {{- toYaml . | nindent 8 }} 167 {{- end }} 168 {{- with .Values.dex.tolerations | default .Values.global.tolerations }} 169 tolerations: 170 {{- toYaml . | nindent 8 }} 171 {{- end }} 172 {{- with .Values.dex.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} 173 topologySpreadConstraints: 174 {{- range $constraint := . }} 175 - {{ toYaml $constraint | nindent 8 | trim }} 176 {{- if not $constraint.labelSelector }} 177 labelSelector: 178 matchLabels: 179 {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.dex.name) | nindent 12 }} 180 {{- end }} 181 {{- end }} 182 {{- end }} 183 volumes: 184 - name: static-files 185 emptyDir: {} 186 - name: dexconfig 187 emptyDir: {} 188 - name: argocd-dex-server-tls 189 secret: 190 secretName: argocd-dex-server-tls 191 optional: true 192 items: 193 - key: tls.crt 194 path: tls.crt 195 - key: tls.key 196 path: tls.key 197 - key: ca.crt 198 path: ca.crt 199 {{- with .Values.dex.volumes }} 200 {{- toYaml . | nindent 6 }} 201 {{- end }} 202 {{- with .Values.dex.dnsConfig }} 203 dnsConfig: 204 {{- toYaml . | nindent 8 }} 205 {{- end }} 206 dnsPolicy: {{ .Values.dex.dnsPolicy }} 207 {{- end }}