diff --git a/charts/argo-rollouts/.helmignore b/charts/argo-rollouts/.helmignore index f0c131944..b4af6c204 100644 --- a/charts/argo-rollouts/.helmignore +++ b/charts/argo-rollouts/.helmignore @@ -19,3 +19,4 @@ .project .idea/ *.tmproj +ci/ diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index c92e4c622..7bdb6ea90 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "v1.0.2" description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 1.0.4 +version: 2.0.0 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png home: https://github.com/argoproj/argo-helm maintainers: @@ -11,5 +11,4 @@ maintainers: - name: jessesuen annotations: artifacthub.io/changes: | - - "[Fixed]: Add missing liveness and readiness probes" - - "[Changed]: Fix icon url" + - "[Added]: Dashboard manifests" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 8916a86c6..9fcd862ac 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -25,6 +25,9 @@ $ helm repo add argo https://argoproj.github.io/argo-helm $ helm install my-release argo/argo-rollouts ``` +If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-rollouts dashboard by +`kubectl port-forward service/argo-rollouts-dashboard 31000:3100` and pointing the browser to `localhost:31000` + ## Chart Values | Key | Type | Default | Description | @@ -53,9 +56,30 @@ $ helm install my-release argo/argo-rollouts | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level | | containerSecurityContext | object | `{}` | Security Context to set on container level | +| dashboard.enabled | bool | `false` | Deploy dashboard server | +| dashboard.component | string | `"rollouts-dashboard"` | Value of label `app.kubernetes.io/component` | +| dashboard.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | +| dashboard.image.registry | string | `quay.io` | Registry to use | +| dashboard.image.repository | string | `"argoproj/kubectl-argo-rollouts"` | Repository to use | +| dashboard.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | +| dashboard.resources | object | `{}` | Resource limits and requests for the dashboard pods. | +| dashboard.tolerations | list | `[]` | [Tolerations for use with node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | +| dashboard.affinity | object | `{}` | [Assign custom affinity rules to the deployment](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) | +| dashboard.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) | +| dashboard.podSecurityContext | object | `{"runAsNonRoot": true}` | Security Context to set on pod level | +| dashboard.containerSecurityContext | object | `{}` | Security Context to set on container level | +| dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created | +| dashboard.serviceAccount.annotations | object | `{}` | Annotations to add to the dashboard service account | +| dashboard.serviceAccount.name | string | `""` | The name of the dashboard service account to use. If not set and create is true, a name is generated using the fullname template | ## Upgrading +### To 2.0.0 + +* The argo-rollouts dashboard is added to the template and can be enabled by setting `dashboard.enabled=true`. +* There is a breaking change where the selector label `app.kubernetes.io/component: {{ .Values.controller.component }}` is added to rollout's deployment and service in order to distinguish between the controller and the dashboard component. + To upgrade an existing installation, please **add the `--force` parameter** to the `helm upgrade` command or **delete the Deployment and Service resource** before you upgrade. This is necessary because Deployment's label selector is immutable. + ### To 1.0.0 * This is a breaking change which only supports Helm v3.0.0+ now. If you still use Helm v2, please consider upgrading because v2 is EOL since November 2020. diff --git a/charts/argo-rollouts/ci/test-values.yaml b/charts/argo-rollouts/ci/test-values.yaml new file mode 100644 index 000000000..7ea0c4c8e --- /dev/null +++ b/charts/argo-rollouts/ci/test-values.yaml @@ -0,0 +1,2 @@ +dashboard: + enabled: true diff --git a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml index 4acb0cee4..71d733529 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-deployment.yaml @@ -8,6 +8,7 @@ metadata: spec: selector: matchLabels: + app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} strategy: type: Recreate @@ -19,6 +20,7 @@ spec: {{- end }} labels: {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: {{ .Values.controller.component }} {{- range $key, $value := .Values.podLabels }} {{ $key }}: {{ $value | quote }} {{- end }} diff --git a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml index 6f2c975f1..5e3803474 100644 --- a/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml +++ b/charts/argo-rollouts/templates/argo-rollouts-metrics-service.yaml @@ -4,7 +4,7 @@ kind: Service metadata: name: {{ include "argo-rollouts.fullname" . }}-metrics labels: - app.kubernetes.io/component: server + app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} {{- with .Values.serviceAnnotations }} annotations: @@ -17,5 +17,6 @@ spec: port: 8090 targetPort: 8090 selector: - {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.selectorLabels" . | nindent 4 }} {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml new file mode 100644 index 000000000..071ba9620 --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -0,0 +1,58 @@ +{{- if and .Values.dashboard.enabled .Values.clusterInstall }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-rollouts.fullname" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +rules: + - apiGroups: + - argoproj.io + resources: + - rollouts + - rollouts/status + - rollouts/finalizers + verbs: + - get + - list + - watch + - update + - patch + - apiGroups: + - argoproj.io + resources: + - analysisruns + - analysisruns/finalizers + - experiments + - experiments/finalizers + verbs: + - create + - get + - list + - watch + - apiGroups: + - argoproj.io + resources: + - analysistemplates + - clusteranalysistemplates + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - replicasets + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - watch +{{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml new file mode 100644 index 000000000..331fbe4ed --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.dashboard.enabled .Values.clusterInstall }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "argo-rollouts.fullname" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "argo-rollouts.fullname" . }}-dashboard +subjects: +- kind: ServiceAccount + name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml new file mode 100644 index 000000000..483645875 --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -0,0 +1,59 @@ +{{- if .Values.dashboard.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "argo-rollouts.fullname" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "argo-rollouts.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ .Values.dashboard.component }} + strategy: + type: Recreate + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- range $key, $value := .Values.podLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard + containers: + - image: "{{ .Values.dashboard.image.registry }}/{{ .Values.dashboard.image.repository }}:{{ default .Chart.AppVersion .Values.dashboard.image.tag }}" + imagePullPolicy: {{ .Values.dashboard.image.pullPolicy }} + name: argo-rollouts-dashboard + ports: + - containerPort: 3100 + name: dashboard + securityContext: + {{- toYaml .Values.dashboard.containerSecurityContext | nindent 10 }} + resources: + {{- toYaml .Values.dashboard.resources | nindent 10 }} + {{- if .Values.dashboard.nodeSelector }} + nodeSelector: + {{- toYaml .Values.dashboard.nodeSelector | nindent 8 }} + {{- end }} + securityContext: + {{- toYaml .Values.dashboard.podSecurityContext | nindent 8 }} + {{- if .Values.dashboard.tolerations }} + tolerations: + {{- toYaml .Values.dashboard.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.dashboard.affinity }} + affinity: + {{- toYaml .Values.dashboard.affinity | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-rollouts/templates/dashboard/sa.yaml b/charts/argo-rollouts/templates/dashboard/sa.yaml new file mode 100644 index 000000000..ff0c73005 --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/sa.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.dashboard.enabled .Values.dashboard.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.dashboard.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/service.yaml b/charts/argo-rollouts/templates/dashboard/service.yaml new file mode 100644 index 000000000..d2bd432b5 --- /dev/null +++ b/charts/argo-rollouts/templates/dashboard/service.yaml @@ -0,0 +1,22 @@ +{{- if .Values.dashboard.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "argo-rollouts.fullname" . }}-dashboard + labels: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} + {{- with .Values.serviceAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + ports: + - name: dashboard + protocol: TCP + port: 3100 + targetPort: 3100 + selector: + app.kubernetes.io/component: {{ .Values.dashboard.component }} + {{- include "argo-rollouts.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e52e89026..4c288b984 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -94,3 +94,28 @@ podLabels: {} # Secrets with credentials to pull images from a private registry imagePullSecrets: [] # - name: argo-pull-secret + +dashboard: + enabled: false + component: rollouts-dashboard + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + image: + registry: quay.io + repository: argoproj/kubectl-argo-rollouts + tag: "" + pullPolicy: IfNotPresent + resources: {} + podSecurityContext: + runAsNonRoot: true + containerSecurityContext: {} + serviceAccount: + create: true + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: ""