Abstract
A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
Argo CD Chart#
A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
Source code can be found here:
This is a community maintained chart. This chart installs argo-cd, a declarative, GitOps continuous delivery tool for Kubernetes.
The default installation is intended to be similar to the provided Argo CD releases.
If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the declarative setup of Argo CD. For instance, rather than adding repositories and their keys in your Helm values, you could deploy SealedSecrets with contents as seen in this repositories section or any other secrets manager service (i.e. HashiCorp Vault, AWS/GCP Secrets Manager, etc.).
High Availability#
This chart installs the non-HA version of Argo CD by default. If you want to run Argo CD in HA mode, you can use one of the example values in the next sections. Please also have a look into the upstream Operator Manual regarding High Availability to understand how scaling of Argo CD works in detail.
Warning
You need at least 3 worker nodes as the HA mode of redis enforces Pods to run on separate nodes.
HA mode with autoscaling#
redis-ha:
enabled: true
controller:
replicas: 1
server:
autoscaling:
enabled: true
minReplicas: 2
repoServer:
autoscaling:
enabled: true
minReplicas: 2
applicationSet:
replicas: 2
HA mode without autoscaling#
redis-ha:
enabled: true
controller:
replicas: 1
server:
replicas: 2
repoServer:
replicas: 2
applicationSet:
replicas: 2
Ingress configuration#
Please refer to the Operator Manual for details as the samples below correspond to their respective sections.
SSL-Passthrough#
The tls: true
option will expect that the argocd-server-tls
secret exists as
Argo CD server loads TLS certificates from this place.
global:
domain: argocd.example.com
certificate:
enabled: true
server:
ingress:
enabled: true
ingressClassName: nginx
annotations:
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
tls: true
SSL Termination at Ingress Controller#
global:
domain: argocd.example.com
configs:
params:
server.insecure: true
server:
ingress:
enabled: true
ingressClassName: nginx
annotations:
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
extraTls:
- hosts:
- argocd.example.com
# Based on the ingress controller used secret might be optional
secretName: wildcard-tls
Note: If you don’t plan on using a wildcard certificate it’s also possible to use
tls: true
withoutextraTls
section.
Multiple ingress resources for gRPC protocol support#
Use ingressGrpc
section if your ingress controller supports only a single protocol per Ingress resource (i.e.: Contour).
global:
domain: argocd.example.com
configs:
params:
server.insecure: true
server:
ingress:
enabled: true
ingressClassName: contour-internal
extraTls:
- hosts:
- argocd.example.com
secretName: wildcard-tls
ingressGrpc:
enabled: true
ingressClassName: contour-internal
extraTls:
- hosts:
- grpc.argocd.example.com
secretName: wildcard-tls
Multiple ingress domains#
global:
domain: argocd.example.com
server:
ingress:
enabled: true
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: "<my-issuer>"
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
tls: true
extraHosts:
- name: argocd-alias.example.com
path: /
AWS Application Load Balancer#
Refer to the Operator Manual for AWS Application Load Balancer mode. The provided example assumes you are using TLS off-loading via AWS ACM service.
Note
Using controller: aws
creates additional service for gRPC traffic
and it’s no longer need to use ingressGrpc
configuration section.
global:
domain: argocd.example.com
configs:
params:
server.insecure: true
server:
ingress:
enabled: true
controller: aws
ingressClassName: alb
annotations:
alb.ingress.kubernetes.io/scheme: internal
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/backend-protocol: HTTP
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]'
alb.ingress.kubernetes.io/ssl-redirect: '443'
aws:
serviceType: ClusterIP # <- Used with target-type: ip
backendProtocolVersion: GRPC
GKE Application Load Balancer#
The implementation will populate ingressClassName
,
networking.gke.io/managed-certificates
and networking.gke.io/v1beta1.FrontendConfig
annotations
automatically if you provide configuration for GKE resources.
global:
domain: argocd.example.com
configs:
params:
server.insecure: true
server:
service:
annotations:
cloud.google.com/neg: '{"ingress": true}'
cloud.google.com/backend-config: '{"ports": {"http":"argocd-server"}}'
ingress:
enabled: true
controller: gke
gke:
backendConfig:
healthCheck:
checkIntervalSec: 30
timeoutSec: 5
healthyThreshold: 1
unhealthyThreshold: 2
type: HTTP
requestPath: /healthz
port: 8080
frontendConfig:
redirectToHttps:
enabled: true
managedCertificate:
enabled: true
Synchronizing Changes from Original Repository#
In the original Argo CD repository an
manifests/install.yaml
is generated using kustomize
. It’s the basis for the installation as described in the docs.
When installing Argo CD using this helm chart the user should have a similar experience and configuration rolled out.
Hence, it makes sense to try to achieve a similar output of rendered .yaml
resources when calling helm template
using the default settings in values.yaml
.
To update the templates and default settings in values.yaml
it may come in
handy to look up the diff of the manifests/install.yaml
between two versions
accordingly. This can either be done directly via github and look for
manifests/install.yaml
Or you clone the repository and do a local git-diff
:
git clone https://github.com/argoproj/argo-cd.git
cd argo-cd
git diff v1.8.7 v2.0.0 -- manifests/install.yaml
Changes in the CustomResourceDefinition
resources shall be fixed easily by
copying 1:1 from the
manifests/crds
folder
into this
charts/argo-cd/templates/crds
folder.
Custom resource definitions#
Some users would prefer to install the CRDs outside of the chart. You can
disable the CRD installation of this chart
by using --set crds.install=false
when installing the chart.
Helm cannot upgrade custom resource definitions in the <chart>/crds
folder
by design.
Starting with 5.2.0, the CRDs have been moved to <chart>/templates
to address this design decision.
If you are using Argo CD chart version prior to 5.2.0 or have elected to
manage the Argo CD CRDs outside of the chart,
please use kubectl
to upgrade CRDs manually from templates/crds
folder or
via the manifests from the upstream project repo:
kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=<appVersion>"
# Eg. version v2.4.9
kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=v2.4.9"
Prerequisites#
Kubernetes:
>=1.25.0-0
We align with Amazon EKS calendar because there are many AWS users and it’s a conservative approach.
Please check Support Matrix of Argo CD for official info.
Helm v3.0.0+
Installing the Chart#
To install the chart with the release name my-release
:
helm repo add argo https://argoproj.github.io/argo-helm
"argo" has been added to your repositories
$ helm install my-release argo/argo-cd
NAME: my-release
...
General parameters#
Key |
Type |
Default |
Description |
---|---|---|---|
apiVersionOverrides |
object |
|
Override the apiVersion setting |
crds.additionalLabels |
object |
|
Additional labels to be added to all CRDs |
crds.annotations |
object |
|
Annotations to be added to all CRDs |
crds.install |
bool |
|
Install and upgrade CRDs |
crds.keep |
bool |
|
Keep CRDs on chart uninstall |
createAggregateRoles |
bool |
|
Create aggregated roles that extend existing cluster roles to interact with argo-cd resources |
createClusterRoles |
bool |
|
Create cluster roles for cluster-wide installation. |
extraObjects |
list |
|
Array of extra K8s manifests to deploy |
fullnameOverride |
string |
|
String to fully override |
kubeVersionOverride |
string |
|
Override the Kubernetes version, which is used to evaluate certain manifests |
nameOverride |
string |
|
Provide a name in place of |
namespaceOverride |
string |
|
Override the namespace |
openshift.enabled |
bool |
|
enables using arbitrary uid for argo repo server |
Global Configs#
Key |
Type |
Default |
Description |
---|---|---|---|
global.addPrometheusAnnotations |
bool |
|
Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors. |
global.additionalLabels |
object |
|
Common labels for the all resources |
global.affinity.nodeAffinity.matchExpressions |
list |
|
Default match expressions for node affinity |
global.affinity.nodeAffinity.type |
string |
|
Default node affinity rules. Either: |
global.affinity.podAntiAffinity |
string |
|
Default pod anti-affinity rules. Either: |
global.certificateAnnotations |
object |
|
Annotations for the all deployed Certificates |
global.deploymentAnnotations |
object |
|
Annotations for the all deployed Deployments |
global.deploymentStrategy |
object |
|
Deployment strategy for the all deployed Deployments |
global.domain |
string |
|
Default domain used by all components |
global.dualStack.ipFamilies |
list |
|
IP families that should be supported and the order in which they should be applied to ClusterIP as well. Can be IPv4 and/or IPv6. |
global.dualStack.ipFamilyPolicy |
string |
|
IP family policy to configure dual-stack see Configure dual-stack |
global.env |
list |
|
Environment variables to pass to all deployed Deployments |
global.hostAliases |
list |
|
Mapping between IP and hostnames that will be injected as entries in the pod’s hosts files |
global.image.imagePullPolicy |
string |
|
If defined, a imagePullPolicy applied to all Argo CD deployments |
global.image.repository |
string |
|
If defined, a repository applied to all Argo CD deployments |
global.image.tag |
string |
|
Overrides the global Argo CD image tag whose default is the chart appVersion |
global.imagePullSecrets |
list |
|
Secrets with credentials to pull images from a private registry |
global.logging.format |
string |
|
Set the global logging format. Either: |
global.logging.level |
string |
|
Set the global logging level. One of: |
global.networkPolicy.create |
bool |
|
Create NetworkPolicy objects for all components |
global.networkPolicy.defaultDenyIngress |
bool |
|
Default deny all ingress traffic |
global.nodeSelector |
object |
|
Default node selector for all components |
global.podAnnotations |
object |
|
Annotations for the all deployed pods |
global.podLabels |
object |
|
Labels for the all deployed pods |
global.priorityClassName |
string |
|
Default priority class for all components |
global.revisionHistoryLimit |
int |
|
Number of old deployment ReplicaSets to retain. The rest will be garbage collected. |
global.securityContext |
object |
|
Toggle and define pod-level security context. |
global.statefulsetAnnotations |
object |
|
Annotations for the all deployed Statefulsets |
global.tolerations |
list |
|
Default tolerations for all components |
global.topologySpreadConstraints |
list |
|
Default TopologySpreadConstraints rules for all components |
Argo CD Configs#
Key |
Type |
Default |
Description |
---|---|---|---|
configs.clusterCredentials |
object |
|
Provide one or multiple external cluster credentials |
configs.cm.“admin.enabled” |
bool |
|
Enable local admin user |
configs.cm.“application.instanceLabelKey” |
string |
|
The name of tracking label used by Argo CD for resource pruning |
configs.cm.“exec.enabled” |
bool |
|
Enable exec feature in Argo UI |
configs.cm.“server.rbac.log.enforce.enable” |
bool |
|
Enable logs RBAC enforcement |
configs.cm.“statusbadge.enabled” |
bool |
|
Enable Status Badge |
configs.cm.“timeout.hard.reconciliation” |
string |
|
Timeout to refresh application data as well as target manifests cache |
configs.cm.“timeout.reconciliation” |
string |
|
Timeout to discover if a new manifests version got published to the repository |
configs.cm.annotations |
object |
|
Annotations to be added to argocd-cm configmap |
configs.cm.create |
bool |
|
Create the argocd-cm configmap for declarative setup |
configs.cmp.annotations |
object |
|
Annotations to be added to argocd-cmp-cm configmap |
configs.cmp.create |
bool |
|
Create the argocd-cmp-cm configmap |
configs.cmp.plugins |
object |
|
Plugin yaml files to be added to argocd-cmp-cm |
configs.credentialTemplates |
object |
|
Repository credentials to be used as Templates for other repos |
configs.credentialTemplatesAnnotations |
object |
|
Annotations to be added to |
configs.gpg.annotations |
object |
|
Annotations to be added to argocd-gpg-keys-cm configmap |
configs.gpg.keys |
object |
|
GnuPG public keys to add to the keyring |
configs.params.“application.namespaces” |
string |
|
Enables Applications in any namespace |
configs.params.“applicationsetcontroller.enable.progressive.syncs” |
bool |
|
Enables use of the Progressive Syncs capability |
configs.params.“applicationsetcontroller.policy” |
string |
|
Modify how application is synced between the generator and the cluster. One of: |
configs.params.“controller.ignore.normalizer.jq.timeout” |
string |
|
JQ Path expression timeout |
configs.params.“controller.operation.processors” |
int |
|
Number of application operation processors |
configs.params.“controller.repo.server.timeout.seconds” |
int |
|
Repo server RPC call timeout seconds. |
configs.params.“controller.self.heal.timeout.seconds” |
int |
|
Specifies timeout between application self heal attempts |
configs.params.“controller.status.processors” |
int |
|
Number of application status processors |
configs.params.“otlp.address” |
string |
|
Open-Telemetry collector address: (e.g. “otel-collector:4317”) |
configs.params.“reposerver.parallelism.limit” |
int |
|
Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. |
configs.params.“server.basehref” |
string |
|
Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / |
configs.params.“server.disable.auth” |
bool |
|
Disable Argo CD RBAC for user authentication |
configs.params.“server.enable.gzip” |
bool |
|
Enable GZIP compression |
configs.params.“server.insecure” |
bool |
|
Run server without TLS |
configs.params.“server.rootpath” |
string |
|
Used if Argo CD is running behind reverse proxy under subpath different from / |
configs.params.“server.staticassets” |
string |
|
Directory path that contains additional static assets |
configs.params.“server.x.frame.options” |
string |
|
Set X-Frame-Options header in HTTP responses to value. To disable, set to “”. |
configs.params.annotations |
object |
|
Annotations to be added to the argocd-cmd-params-cm ConfigMap |
configs.params.create |
bool |
|
Create the argocd-cmd-params-cm configmap If false, it is expected the configmap will be created by something else. |
configs.rbac.“policy.csv” |
string |
|
File containing user-defined policies and role definitions. |
configs.rbac.“policy.default” |
string |
|
The name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc… |
configs.rbac.“policy.matchMode” |
string |
|
Matcher function for Casbin, |
configs.rbac.annotations |
object |
|
Annotations to be added to argocd-rbac-cm configmap |
configs.rbac.create |
bool |
|
Create the argocd-rbac-cm configmap with (Argo CD RBAC policy) definitions. If false, it is expected the configmap will be created by something else. Argo CD will not work if there is no configmap created with the name above. |
configs.rbac.scopes |
string |
|
OIDC scopes to examine during rbac enforcement (in addition to |
configs.repositories |
object |
|
Repositories list to be used by applications |
configs.repositoriesAnnotations |
object |
|
Annotations to be added to |
configs.secret.annotations |
object |
|
Annotations to be added to argocd-secret |
configs.secret.argocdServerAdminPassword |
string |
|
Bcrypt hashed admin password |
configs.secret.argocdServerAdminPasswordMtime |
string |
|
Admin password modification time. Eg. |
configs.secret.azureDevops.password |
string |
|
Shared secret password for authenticating Azure DevOps webhook events |
configs.secret.azureDevops.username |
string |
|
Shared secret username for authenticating Azure DevOps webhook events |
configs.secret.bitbucketServerSecret |
string |
|
Shared secret for authenticating BitbucketServer webhook events |
configs.secret.bitbucketUUID |
string |
|
UUID for authenticating Bitbucket webhook events |
configs.secret.createSecret |
bool |
|
Create the argocd-secret |
configs.secret.extra |
object |
|
add additional secrets to be added to argocd-secret |
configs.secret.githubSecret |
string |
|
Shared secret for authenticating GitHub webhook events |
configs.secret.gitlabSecret |
string |
|
Shared secret for authenticating GitLab webhook events |
configs.secret.gogsSecret |
string |
|
Shared secret for authenticating Gogs webhook events |
configs.secret.labels |
object |
|
Labels to be added to argocd-secret |
configs.ssh.annotations |
object |
|
Annotations to be added to argocd-ssh-known-hosts-cm configmap |
configs.ssh.extraHosts |
string |
|
Additional known hosts for private repositories |
configs.ssh.knownHosts |
string |
See values.yaml |
Known hosts to be added to the known host list by default. |
configs.styles |
string |
|
Define custom CSS styles for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. |
configs.tls.annotations |
object |
|
Annotations to be added to argocd-tls-certs-cm configmap |
configs.tls.certificates |
object |
|
TLS certificates for Git repositories |
Argo CD Controller#
Key |
Type |
Default |
Description |
---|---|---|---|
controller.affinity |
object |
|
Assign custom affinity rules to the deployment |
controller.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account into the pod. |
controller.clusterRoleRules.enabled |
bool |
|
Enable custom rules for the application controller’s ClusterRole resource |
controller.clusterRoleRules.rules |
list |
|
List of custom rules for the application controller’s ClusterRole resource |
controller.containerPorts.metrics |
int |
|
Metrics container port |
controller.containerSecurityContext |
object |
See values.yaml |
Application controller container-level security context |
controller.deploymentAnnotations |
object |
|
Annotations for the application controller Deployment |
controller.dnsConfig |
object |
|
|
controller.dnsPolicy |
string |
|
Alternative DNS policy for application controller pods |
controller.dynamicClusterDistribution |
bool |
|
Enable dynamic cluster distribution (alpha) Ref |
controller.emptyDir.sizeLimit |
string |
|
EmptyDir size limit for application controller |
controller.env |
list |
|
Environment variables to pass to application controller |
controller.envFrom |
list |
|
envFrom to pass to application controller |
controller.extraArgs |
list |
|
Additional command line arguments to pass to application controller |
controller.extraContainers |
list |
|
Additional containers to be added to the application controller pod |
controller.heartbeatTime |
int |
|
Application controller heartbeat time Ref |
controller.hostNetwork |
bool |
|
Host Network for application controller pods |
controller.image.imagePullPolicy |
string |
|
Image pull policy for the application controller |
controller.image.repository |
string |
|
Repository to use for the application controller |
controller.image.tag |
string |
|
Tag to use for the application controller |
controller.imagePullSecrets |
list |
|
Secrets with credentials to pull images from a private registry |
controller.initContainers |
list |
|
Init containers to add to the application controller pod |
controller.metrics.applicationLabels.enabled |
bool |
|
Enables additional labels in argocd_app_labels metric |
controller.metrics.applicationLabels.labels |
list |
|
Additional labels |
controller.metrics.enabled |
bool |
|
Deploy metrics service |
controller.metrics.rules.additionalLabels |
object |
|
PrometheusRule labels |
controller.metrics.rules.annotations |
object |
|
PrometheusRule annotations |
controller.metrics.rules.enabled |
bool |
|
Deploy a PrometheusRule for the application controller |
controller.metrics.rules.namespace |
string |
|
PrometheusRule namespace |
controller.metrics.rules.selector |
object |
|
PrometheusRule selector |
controller.metrics.rules.spec |
list |
|
PrometheusRule.Spec for the application controller |
controller.metrics.scrapeTimeout |
string |
|
Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target’s scrape interval value in which the latter is used. |
controller.metrics.service.annotations |
object |
|
Metrics service annotations |
controller.metrics.service.clusterIP |
string |
|
Metrics service clusterIP. |
controller.metrics.service.labels |
object |
|
Metrics service labels |
controller.metrics.service.portName |
string |
|
Metrics service port name |
controller.metrics.service.servicePort |
int |
|
Metrics service port |
controller.metrics.service.type |
string |
|
Metrics service type |
controller.metrics.serviceMonitor.additionalLabels |
object |
|
Prometheus ServiceMonitor labels |
controller.metrics.serviceMonitor.annotations |
object |
|
Prometheus ServiceMonitor annotations |
controller.metrics.serviceMonitor.enabled |
bool |
|
Enable a prometheus ServiceMonitor |
controller.metrics.serviceMonitor.interval |
string |
|
Prometheus ServiceMonitor interval |
controller.metrics.serviceMonitor.metricRelabelings |
list |
|
Prometheus MetricRelabelConfigs to apply to samples before ingestion |
controller.metrics.serviceMonitor.namespace |
string |
|
Prometheus ServiceMonitor namespace |
controller.metrics.serviceMonitor.relabelings |
list |
|
Prometheus RelabelConfigs to apply to samples before scraping |
controller.metrics.serviceMonitor.scheme |
string |
|
Prometheus ServiceMonitor scheme |
controller.metrics.serviceMonitor.selector |
object |
|
Prometheus ServiceMonitor selector |
controller.metrics.serviceMonitor.tlsConfig |
object |
|
Prometheus ServiceMonitor tlsConfig |
string |
|
Application controller name string |
|
controller.nodeSelector |
object |
|
|
controller.pdb.annotations |
object |
|
Annotations to be added to application controller pdb |
controller.pdb.enabled |
bool |
|
Deploy a PodDisruptionBudget for the application controller |
controller.pdb.labels |
object |
|
Labels to be added to application controller pdb |
controller.pdb.maxUnavailable |
string |
|
Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
controller.pdb.minAvailable |
string |
|
Number of pods that are available after eviction as number or percentage (eg.: 50%) |
controller.podAnnotations |
object |
|
Annotations to be added to application controller pods |
controller.podLabels |
object |
|
Labels to be added to application controller pods |
controller.priorityClassName |
string |
|
Priority class for the application controller pods |
controller.readinessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
controller.readinessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
controller.readinessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
controller.readinessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
controller.readinessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
controller.replicas |
int |
|
The number of application controller pods to run. Additional replicas will cause sharding of managed clusters across number of replicas. |
controller.resources |
object |
|
Resource limits and requests for the application controller pods |
controller.revisionHistoryLimit |
int |
|
Maximum number of controller revisions that will be maintained in StatefulSet history |
controller.serviceAccount.annotations |
object |
|
Annotations applied to created service account |
controller.serviceAccount.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account |
controller.serviceAccount.create |
bool |
|
Create a service account for the application controller |
controller.serviceAccount.labels |
object |
|
Labels applied to created service account |
string |
|
Service account name |
|
controller.statefulsetAnnotations |
object |
|
Annotations for the application controller StatefulSet |
controller.terminationGracePeriodSeconds |
int |
|
terminationGracePeriodSeconds for container lifecycle hook |
controller.tolerations |
list |
|
Tolerations for use with node taints |
controller.topologySpreadConstraints |
list |
|
Assign custom TopologySpreadConstraints rules to the application controller |
controller.volumeMounts |
list |
|
Additional volumeMounts to the application controller main container |
controller.volumes |
list |
|
Additional volumes to the application controller pod |
Argo Repo Server#
Key |
Type |
Default |
Description |
---|---|---|---|
repoServer.affinity |
object |
|
Assign custom affinity rules to the deployment |
repoServer.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account into the pod. |
repoServer.autoscaling.behavior |
object |
|
Configures the scaling behavior of the target in both Up and Down directions. |
repoServer.autoscaling.enabled |
bool |
|
Enable Horizontal Pod Autoscaler (HPA) for the repo server |
repoServer.autoscaling.maxReplicas |
int |
|
Maximum number of replicas for the repo server HPA |
repoServer.autoscaling.metrics |
list |
|
Configures custom HPA metrics for the Argo CD repo server Ref |
repoServer.autoscaling.minReplicas |
int |
|
Minimum number of replicas for the repo server HPA |
repoServer.autoscaling.targetCPUUtilizationPercentage |
int |
|
Average CPU utilization percentage for the repo server HPA |
repoServer.autoscaling.targetMemoryUtilizationPercentage |
int |
|
Average memory utilization percentage for the repo server HPA |
repoServer.certificateSecret.annotations |
object |
|
Annotations to be added to argocd-repo-server-tls secret |
string |
|
Certificate authority. Required for self-signed certificates. |
|
repoServer.certificateSecret.crt |
string |
|
Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) |
repoServer.certificateSecret.enabled |
bool |
|
Create argocd-repo-server-tls secret |
repoServer.certificateSecret.key |
string |
|
Certificate private key |
repoServer.certificateSecret.labels |
object |
|
Labels to be added to argocd-repo-server-tls secret |
repoServer.clusterRoleRules.enabled |
bool |
|
Enable custom rules for the Repo server’s Cluster Role resource |
repoServer.clusterRoleRules.rules |
list |
|
List of custom rules for the Repo server’s Cluster Role resource |
repoServer.containerPorts.metrics |
int |
|
Metrics container port |
repoServer.containerPorts.server |
int |
|
Repo server container port |
repoServer.containerSecurityContext |
object |
See values.yaml |
Repo server container-level security context |
repoServer.deploymentAnnotations |
object |
|
Annotations to be added to repo server Deployment |
repoServer.deploymentStrategy |
object |
|
Deployment strategy to be added to the repo server Deployment |
repoServer.dnsConfig |
object |
|
|
repoServer.dnsPolicy |
string |
|
Alternative DNS policy for Repo server pods |
repoServer.emptyDir.sizeLimit |
string |
|
EmptyDir size limit for repo server |
repoServer.env |
list |
|
Environment variables to pass to repo server |
repoServer.envFrom |
list |
|
envFrom to pass to repo server |
repoServer.existingVolumes |
object |
|
Volumes to be used in replacement of emptydir on default volumes |
repoServer.extraArgs |
list |
|
Additional command line arguments to pass to repo server |
repoServer.extraContainers |
list |
|
Additional containers to be added to the repo server pod |
repoServer.hostNetwork |
bool |
|
Host Network for Repo server pods |
repoServer.image.imagePullPolicy |
string |
|
Image pull policy for the repo server |
repoServer.image.repository |
string |
|
Repository to use for the repo server |
repoServer.image.tag |
string |
|
Tag to use for the repo server |
repoServer.imagePullSecrets |
list |
|
Secrets with credentials to pull images from a private registry |
repoServer.initContainers |
list |
|
Init containers to add to the repo server pods |
repoServer.lifecycle |
object |
|
Specify postStart and preStop lifecycle hooks for your argo-repo-server container |
repoServer.livenessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
repoServer.livenessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
repoServer.livenessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
repoServer.livenessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
repoServer.livenessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
repoServer.metrics.enabled |
bool |
|
Deploy metrics service |
repoServer.metrics.service.annotations |
object |
|
Metrics service annotations |
repoServer.metrics.service.clusterIP |
string |
|
Metrics service clusterIP. |
repoServer.metrics.service.labels |
object |
|
Metrics service labels |
repoServer.metrics.service.portName |
string |
|
Metrics service port name |
repoServer.metrics.service.servicePort |
int |
|
Metrics service port |
repoServer.metrics.service.type |
string |
|
Metrics service type |
repoServer.metrics.serviceMonitor.additionalLabels |
object |
|
Prometheus ServiceMonitor labels |
repoServer.metrics.serviceMonitor.annotations |
object |
|
Prometheus ServiceMonitor annotations |
repoServer.metrics.serviceMonitor.enabled |
bool |
|
Enable a prometheus ServiceMonitor |
repoServer.metrics.serviceMonitor.interval |
string |
|
Prometheus ServiceMonitor interval |
repoServer.metrics.serviceMonitor.metricRelabelings |
list |
|
Prometheus MetricRelabelConfigs to apply to samples before ingestion |
repoServer.metrics.serviceMonitor.namespace |
string |
|
Prometheus ServiceMonitor namespace |
repoServer.metrics.serviceMonitor.relabelings |
list |
|
Prometheus RelabelConfigs to apply to samples before scraping |
repoServer.metrics.serviceMonitor.scheme |
string |
|
Prometheus ServiceMonitor scheme |
repoServer.metrics.serviceMonitor.scrapeTimeout |
string |
|
Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target’s scrape interval value in which the latter is used. |
repoServer.metrics.serviceMonitor.selector |
object |
|
Prometheus ServiceMonitor selector |
repoServer.metrics.serviceMonitor.tlsConfig |
object |
|
Prometheus ServiceMonitor tlsConfig |
string |
|
Repo server name |
|
repoServer.nodeSelector |
object |
|
|
repoServer.pdb.annotations |
object |
|
Annotations to be added to repo server pdb |
repoServer.pdb.enabled |
bool |
|
Deploy a PodDisruptionBudget for the repo server |
repoServer.pdb.labels |
object |
|
Labels to be added to repo server pdb |
repoServer.pdb.maxUnavailable |
string |
|
Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
repoServer.pdb.minAvailable |
string |
|
Number of pods that are available after eviction as number or percentage (eg.: 50%) |
repoServer.podAnnotations |
object |
|
Annotations to be added to repo server pods |
repoServer.podLabels |
object |
|
Labels to be added to repo server pods |
repoServer.priorityClassName |
string |
|
Priority class for the repo server pods |
repoServer.rbac |
list |
|
Repo server rbac rules |
repoServer.readinessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
repoServer.readinessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
repoServer.readinessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
repoServer.readinessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
repoServer.readinessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
repoServer.replicas |
int |
|
The number of repo server pods to run |
repoServer.resources |
object |
|
Resource limits and requests for the repo server pods |
repoServer.service.annotations |
object |
|
Repo server service annotations |
repoServer.service.labels |
object |
|
Repo server service labels |
repoServer.service.port |
int |
|
Repo server service port |
repoServer.service.portName |
string |
|
Repo server service port name |
repoServer.serviceAccount.annotations |
object |
|
Annotations applied to created service account |
repoServer.serviceAccount.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account |
repoServer.serviceAccount.create |
bool |
|
Create repo server service account |
repoServer.serviceAccount.labels |
object |
|
Labels applied to created service account |
string |
|
Repo server service account name |
|
repoServer.terminationGracePeriodSeconds |
int |
|
terminationGracePeriodSeconds for container lifecycle hook |
repoServer.tolerations |
list |
|
Tolerations for use with node taints |
repoServer.topologySpreadConstraints |
list |
|
Assign custom TopologySpreadConstraints rules to the repo server |
repoServer.useEphemeralHelmWorkingDir |
bool |
|
Toggle the usage of a ephemeral Helm working directory |
repoServer.volumeMounts |
list |
|
Additional volumeMounts to the repo server main container |
repoServer.volumes |
list |
|
Additional volumes to the repo server pod |
Argo Server#
Key |
Type |
Default |
Description |
---|---|---|---|
server.affinity |
object |
|
Assign custom affinity rules to the deployment |
server.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account into the pod. |
server.autoscaling.behavior |
object |
|
Configures the scaling behavior of the target in both Up and Down directions. |
server.autoscaling.enabled |
bool |
|
Enable Horizontal Pod Autoscaler (HPA) for the Argo CD server |
server.autoscaling.maxReplicas |
int |
|
Maximum number of replicas for the Argo CD server HPA |
server.autoscaling.metrics |
list |
|
Configures custom HPA metrics for the Argo CD server Ref |
server.autoscaling.minReplicas |
int |
|
Minimum number of replicas for the Argo CD server HPA |
server.autoscaling.targetCPUUtilizationPercentage |
int |
|
Average CPU utilization percentage for the Argo CD server HPA |
server.autoscaling.targetMemoryUtilizationPercentage |
int |
|
Average memory utilization percentage for the Argo CD server HPA |
server.certificate.additionalHosts |
list |
|
Certificate Subject Alternate Names (SANs) |
server.certificate.annotations |
object |
|
Annotations to be applied to the Server Certificate |
server.certificate.domain |
string |
|
Certificate primary domain (commonName) |
server.certificate.duration |
string |
|
The requested ‘duration’ (i.e. lifetime) of the certificate. |
server.certificate.enabled |
bool |
|
Deploy a Certificate resource (requires cert-manager) |
server.certificate.issuer.group |
string |
|
Certificate issuer group. Set if using an external issuer. Eg. |
server.certificate.issuer.kind |
string |
|
Certificate issuer kind. Either |
string |
|
Certificate issuer name. Eg. |
|
server.certificate.privateKey.algorithm |
string |
|
Algorithm used to generate certificate private key. One of: |
server.certificate.privateKey.encoding |
string |
|
The private key cryptography standards (PKCS) encoding for private key. Either: |
server.certificate.privateKey.rotationPolicy |
string |
|
Rotation policy of private key when certificate is re-issued. Either: |
server.certificate.privateKey.size |
int |
|
Key bit size of the private key. If algorithm is set to |
server.certificate.renewBefore |
string |
|
How long before the expiry a certificate should be renewed. |
server.certificate.secretTemplateAnnotations |
object |
|
Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources |
server.certificate.usages |
list |
|
Usages for the certificate |
server.certificateSecret.annotations |
object |
|
Annotations to be added to argocd-server-tls secret |
server.certificateSecret.crt |
string |
|
Certificate data |
server.certificateSecret.enabled |
bool |
|
Create argocd-server-tls secret |
server.certificateSecret.key |
string |
|
Private Key of the certificate |
server.certificateSecret.labels |
object |
|
Labels to be added to argocd-server-tls secret |
server.clusterRoleRules.enabled |
bool |
|
Enable custom rules for the server’s ClusterRole resource |
server.clusterRoleRules.rules |
list |
|
List of custom rules for the server’s ClusterRole resource |
server.containerPorts.metrics |
int |
|
Metrics container port |
server.containerPorts.server |
int |
|
Server container port |
server.containerSecurityContext |
object |
See values.yaml |
Server container-level security context |
server.deploymentAnnotations |
object |
|
Annotations to be added to server Deployment |
server.deploymentStrategy |
object |
|
Deployment strategy to be added to the server Deployment |
server.dnsConfig |
object |
|
|
server.dnsPolicy |
string |
|
Alternative DNS policy for Server pods |
server.emptyDir.sizeLimit |
string |
|
EmptyDir size limit for the Argo CD server |
server.env |
list |
|
Environment variables to pass to Argo CD server |
server.envFrom |
list |
|
envFrom to pass to Argo CD server |
server.extensions.containerSecurityContext |
object |
See values.yaml |
Server UI extensions container-level security context |
server.extensions.enabled |
bool |
|
Enable support for Argo CD extensions |
server.extensions.extensionList |
list |
|
Extensions for Argo CD |
server.extensions.image.imagePullPolicy |
string |
|
Image pull policy for extensions |
server.extensions.image.repository |
string |
|
Repository to use for extension installer image |
server.extensions.image.tag |
string |
|
Tag to use for extension installer image |
server.extensions.resources |
object |
|
Resource limits and requests for the argocd-extensions container |
server.extraArgs |
list |
|
Additional command line arguments to pass to Argo CD server |
server.extraContainers |
list |
|
Additional containers to be added to the server pod |
server.hostNetwork |
bool |
|
Host Network for Server pods |
server.image.imagePullPolicy |
string |
|
Image pull policy for the Argo CD server |
server.image.repository |
string |
|
Repository to use for the Argo CD server |
server.image.tag |
string |
|
Tag to use for the Argo CD server |
server.imagePullSecrets |
list |
|
Secrets with credentials to pull images from a private registry |
server.ingress.annotations |
object |
|
Additional ingress annotations |
server.ingress.aws.backendProtocolVersion |
string |
|
Backend protocol version for the AWS ALB gRPC service |
server.ingress.aws.serviceType |
string |
|
Service type for the AWS ALB gRPC service |
server.ingress.controller |
string |
|
Specific implementation for ingress controller. One of |
server.ingress.enabled |
bool |
|
Enable an ingress resource for the Argo CD server |
server.ingress.extraHosts |
list |
|
The list of additional hostnames to be covered by ingress record |
server.ingress.extraPaths |
list |
|
Additional ingress paths |
server.ingress.extraRules |
list |
|
Additional ingress rules |
server.ingress.extraTls |
list |
|
Additional TLS configuration |
server.ingress.gke.backendConfig |
object |
|
Google [BackendConfig] resource, for use with the GKE Ingress Controller |
server.ingress.gke.frontendConfig |
object |
|
Google [FrontendConfig] resource, for use with the GKE Ingress Controller |
server.ingress.gke.managedCertificate.create |
bool |
|
Create ManagedCertificate resource and annotations for Google Load balancer |
server.ingress.gke.managedCertificate.extraDomains |
list |
|
Additional domains for ManagedCertificate resource |
server.ingress.hostname |
string |
|
Argo CD server hostname |
server.ingress.ingressClassName |
string |
|
Defines which ingress controller will implement the resource |
server.ingress.labels |
object |
|
Additional ingress labels |
server.ingress.path |
string |
|
The path to Argo CD server |
server.ingress.pathType |
string |
|
Ingress path type. One of |
server.ingress.tls |
bool |
|
Enable TLS configuration for the hostname defined at |
server.ingressGrpc.annotations |
object |
|
Additional ingress annotations for dedicated gRPC-ingress |
server.ingressGrpc.enabled |
bool |
|
Enable an ingress resource for the Argo CD server for dedicated gRPC-ingress |
server.ingressGrpc.extraHosts |
list |
|
The list of additional hostnames to be covered by ingress record |
server.ingressGrpc.extraPaths |
list |
|
Additional ingress paths for dedicated gRPC-ingress |
server.ingressGrpc.extraRules |
list |
|
Additional ingress rules |
server.ingressGrpc.extraTls |
list |
|
Additional TLS configuration for dedicated gRPC-ingress |
server.ingressGrpc.hostname |
string |
|
Argo CD server hostname for dedicated gRPC-ingress |
server.ingressGrpc.ingressClassName |
string |
|
Defines which ingress controller will implement the resource gRPC-ingress |
server.ingressGrpc.labels |
object |
|
Additional ingress labels for dedicated gRPC-ingress |
server.ingressGrpc.path |
string |
|
Argo CD server ingress path for dedicated gRPC-ingress |
server.ingressGrpc.pathType |
string |
|
Ingress path type for dedicated gRPC-ingress. One of |
server.ingressGrpc.tls |
bool |
|
Enable TLS configuration for the hostname defined at |
server.initContainers |
list |
|
Init containers to add to the server pod |
server.lifecycle |
object |
|
Specify postStart and preStop lifecycle hooks for your argo-cd-server container |
server.livenessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
server.livenessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
server.livenessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
server.livenessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
server.livenessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
server.metrics.enabled |
bool |
|
Deploy metrics service |
server.metrics.service.annotations |
object |
|
Metrics service annotations |
server.metrics.service.clusterIP |
string |
|
Metrics service clusterIP. |
server.metrics.service.labels |
object |
|
Metrics service labels |
server.metrics.service.portName |
string |
|
Metrics service port name |
server.metrics.service.servicePort |
int |
|
Metrics service port |
server.metrics.service.type |
string |
|
Metrics service type |
server.metrics.serviceMonitor.additionalLabels |
object |
|
Prometheus ServiceMonitor labels |
server.metrics.serviceMonitor.annotations |
object |
|
Prometheus ServiceMonitor annotations |
server.metrics.serviceMonitor.enabled |
bool |
|
Enable a prometheus ServiceMonitor |
server.metrics.serviceMonitor.interval |
string |
|
Prometheus ServiceMonitor interval |
server.metrics.serviceMonitor.metricRelabelings |
list |
|
Prometheus MetricRelabelConfigs to apply to samples before ingestion |
server.metrics.serviceMonitor.namespace |
string |
|
Prometheus ServiceMonitor namespace |
server.metrics.serviceMonitor.relabelings |
list |
|
Prometheus RelabelConfigs to apply to samples before scraping |
server.metrics.serviceMonitor.scheme |
string |
|
Prometheus ServiceMonitor scheme |
server.metrics.serviceMonitor.scrapeTimeout |
string |
|
Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target’s scrape interval value in which the latter is used. |
server.metrics.serviceMonitor.selector |
object |
|
Prometheus ServiceMonitor selector |
server.metrics.serviceMonitor.tlsConfig |
object |
|
Prometheus ServiceMonitor tlsConfig |
string |
|
Argo CD server name |
|
server.nodeSelector |
object |
|
|
server.pdb.annotations |
object |
|
Annotations to be added to Argo CD server pdb |
server.pdb.enabled |
bool |
|
Deploy a PodDisruptionBudget for the Argo CD server |
server.pdb.labels |
object |
|
Labels to be added to Argo CD server pdb |
server.pdb.maxUnavailable |
string |
|
Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
server.pdb.minAvailable |
string |
|
Number of pods that are available after eviction as number or percentage (eg.: 50%) |
server.podAnnotations |
object |
|
Annotations to be added to server pods |
server.podLabels |
object |
|
Labels to be added to server pods |
server.priorityClassName |
string |
|
Priority class for the Argo CD server pods |
server.readinessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
server.readinessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
server.readinessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
server.readinessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
server.readinessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
server.replicas |
int |
|
The number of server pods to run |
server.resources |
object |
|
Resource limits and requests for the Argo CD server |
server.route.annotations |
object |
|
Openshift Route annotations |
server.route.enabled |
bool |
|
Enable an OpenShift Route for the Argo CD server |
server.route.hostname |
string |
|
Hostname of OpenShift Route |
server.route.termination_policy |
string |
|
Termination policy of Openshift Route |
server.route.termination_type |
string |
|
Termination type of Openshift Route |
server.service.annotations |
object |
|
Server service annotations |
server.service.externalIPs |
list |
|
Server service external IPs |
server.service.externalTrafficPolicy |
string |
|
Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints |
server.service.labels |
object |
|
Server service labels |
server.service.loadBalancerClass |
string |
|
The class of the load balancer implementation |
server.service.loadBalancerIP |
string |
|
LoadBalancer will get created with the IP specified in this field |
server.service.loadBalancerSourceRanges |
list |
|
Source IP ranges to allow access to service from |
server.service.nodePortHttp |
int |
|
Server service http port for NodePort service type (only if |
server.service.nodePortHttps |
int |
|
Server service https port for NodePort service type (only if |
server.service.servicePortHttp |
int |
|
Server service http port |
server.service.servicePortHttpName |
string |
|
Server service http port name, can be used to route traffic via istio |
server.service.servicePortHttps |
int |
|
Server service https port |
server.service.servicePortHttpsAppProtocol |
string |
|
Server service https port appProtocol |
server.service.servicePortHttpsName |
string |
|
Server service https port name, can be used to route traffic via istio |
server.service.sessionAffinity |
string |
|
Used to maintain session affinity. Supports |
server.service.type |
string |
|
Server service type |
server.serviceAccount.annotations |
object |
|
Annotations applied to created service account |
server.serviceAccount.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account |
server.serviceAccount.create |
bool |
|
Create server service account |
server.serviceAccount.labels |
object |
|
Labels applied to created service account |
string |
|
Server service account name |
|
server.terminationGracePeriodSeconds |
int |
|
terminationGracePeriodSeconds for container lifecycle hook |
server.tolerations |
list |
|
Tolerations for use with node taints |
server.topologySpreadConstraints |
list |
|
Assign custom TopologySpreadConstraints rules to the Argo CD server |
server.volumeMounts |
list |
|
Additional volumeMounts to the server main container |
server.volumes |
list |
|
Additional volumes to the server pod |
Dex#
Key |
Type |
Default |
Description |
---|---|---|---|
dex.affinity |
object |
|
Assign custom affinity rules to the deployment |
dex.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account into the pod. |
dex.certificateSecret.annotations |
object |
|
Annotations to be added to argocd-dex-server-tls secret |
string |
|
Certificate authority. Required for self-signed certificates. |
|
dex.certificateSecret.crt |
string |
|
Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) |
dex.certificateSecret.enabled |
bool |
|
Create argocd-dex-server-tls secret |
dex.certificateSecret.key |
string |
|
Certificate private key |
dex.certificateSecret.labels |
object |
|
Labels to be added to argocd-dex-server-tls secret |
dex.containerPorts.grpc |
int |
|
gRPC container port |
dex.containerPorts.http |
int |
|
HTTP container port |
dex.containerPorts.metrics |
int |
|
Metrics container port |
dex.containerSecurityContext |
object |
See values.yaml |
Dex container-level security context |
dex.deploymentAnnotations |
object |
|
Annotations to be added to the Dex server Deployment |
dex.deploymentStrategy |
object |
|
Deployment strategy to be added to the Dex server Deployment |
dex.dnsConfig |
object |
|
|
dex.dnsPolicy |
string |
|
Alternative DNS policy for Dex server pods |
dex.emptyDir.sizeLimit |
string |
|
EmptyDir size limit for Dex server |
dex.enabled |
bool |
|
Enable dex |
dex.env |
list |
|
Environment variables to pass to the Dex server |
dex.envFrom |
list |
|
envFrom to pass to the Dex server |
dex.extraArgs |
list |
|
Additional command line arguments to pass to the Dex server |
dex.extraContainers |
list |
|
Additional containers to be added to the dex pod |
dex.image.imagePullPolicy |
string |
|
Dex imagePullPolicy |
dex.image.repository |
string |
|
Dex image repository |
dex.image.tag |
string |
|
Dex image tag |
dex.imagePullSecrets |
list |
|
Secrets with credentials to pull images from a private registry |
dex.initContainers |
list |
|
Init containers to add to the dex pod |
dex.initImage.imagePullPolicy |
string |
|
Argo CD init image imagePullPolicy |
dex.initImage.repository |
string |
|
Argo CD init image repository |
dex.initImage.resources |
object |
|
Argo CD init image resources |
dex.initImage.tag |
string |
|
Argo CD init image tag |
dex.livenessProbe.enabled |
bool |
|
Enable Kubernetes liveness probe for Dex >= 2.28.0 |
dex.livenessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
dex.livenessProbe.httpPath |
string |
|
Http path to use for the liveness probe |
dex.livenessProbe.httpPort |
string |
|
Http port to use for the liveness probe |
dex.livenessProbe.httpScheme |
string |
|
Scheme to use for for the liveness probe (can be HTTP or HTTPS) |
dex.livenessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
dex.livenessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
dex.livenessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
dex.livenessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
dex.logFormat |
string |
|
Dex log format. Either |
dex.logLevel |
string |
|
Dex log level. One of: |
dex.metrics.enabled |
bool |
|
Deploy metrics service |
dex.metrics.service.annotations |
object |
|
Metrics service annotations |
dex.metrics.service.labels |
object |
|
Metrics service labels |
dex.metrics.service.portName |
string |
|
Metrics service port name |
dex.metrics.serviceMonitor.additionalLabels |
object |
|
Prometheus ServiceMonitor labels |
dex.metrics.serviceMonitor.annotations |
object |
|
Prometheus ServiceMonitor annotations |
dex.metrics.serviceMonitor.enabled |
bool |
|
Enable a prometheus ServiceMonitor |
dex.metrics.serviceMonitor.interval |
string |
|
Prometheus ServiceMonitor interval |
dex.metrics.serviceMonitor.metricRelabelings |
list |
|
Prometheus MetricRelabelConfigs to apply to samples before ingestion |
dex.metrics.serviceMonitor.namespace |
string |
|
Prometheus ServiceMonitor namespace |
dex.metrics.serviceMonitor.relabelings |
list |
|
Prometheus RelabelConfigs to apply to samples before scraping |
dex.metrics.serviceMonitor.scheme |
string |
|
Prometheus ServiceMonitor scheme |
dex.metrics.serviceMonitor.selector |
object |
|
Prometheus ServiceMonitor selector |
dex.metrics.serviceMonitor.tlsConfig |
object |
|
Prometheus ServiceMonitor tlsConfig |
string |
|
Dex name |
|
dex.nodeSelector |
object |
|
|
dex.pdb.annotations |
object |
|
Annotations to be added to Dex server pdb |
dex.pdb.enabled |
bool |
|
Deploy a PodDisruptionBudget for the Dex server |
dex.pdb.labels |
object |
|
Labels to be added to Dex server pdb |
dex.pdb.maxUnavailable |
string |
|
Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
dex.pdb.minAvailable |
string |
|
Number of pods that are available after eviction as number or percentage (eg.: 50%) |
dex.podAnnotations |
object |
|
Annotations to be added to the Dex server pods |
dex.podLabels |
object |
|
Labels to be added to the Dex server pods |
dex.priorityClassName |
string |
|
Priority class for the dex pods |
dex.readinessProbe.enabled |
bool |
|
Enable Kubernetes readiness probe for Dex >= 2.28.0 |
dex.readinessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
dex.readinessProbe.httpPath |
string |
|
Http path to use for the readiness probe |
dex.readinessProbe.httpPort |
string |
|
Http port to use for the readiness probe |
dex.readinessProbe.httpScheme |
string |
|
Scheme to use for for the liveness probe (can be HTTP or HTTPS) |
dex.readinessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
dex.readinessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
dex.readinessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
dex.readinessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
dex.resources |
object |
|
Resource limits and requests for dex |
dex.serviceAccount.annotations |
object |
|
Annotations applied to created service account |
dex.serviceAccount.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account |
dex.serviceAccount.create |
bool |
|
Create dex service account |
string |
|
Dex service account name |
|
dex.servicePortGrpc |
int |
|
Service port for gRPC access |
dex.servicePortGrpcName |
string |
|
Service port name for gRPC access |
dex.servicePortHttp |
int |
|
Service port for HTTP access |
dex.servicePortHttpName |
string |
|
Service port name for HTTP access |
dex.servicePortMetrics |
int |
|
Service port for metrics access |
dex.terminationGracePeriodSeconds |
int |
|
terminationGracePeriodSeconds for container lifecycle hook |
dex.tolerations |
list |
|
Tolerations for use with node taints |
dex.topologySpreadConstraints |
list |
|
Assign custom TopologySpreadConstraints rules to dex |
dex.volumeMounts |
list |
|
Additional volumeMounts to the dex main container |
dex.volumes |
list |
|
Additional volumes to the dex pod |
Redis#
Option 1 - Single Redis instance (default option)#
Key |
Type |
Default |
Description |
---|---|---|---|
redis.affinity |
object |
|
Assign custom affinity rules to the deployment |
redis.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account into the pod. |
redis.containerPorts.metrics |
int |
|
Metrics container port |
redis.containerPorts.redis |
int |
|
Redis container port |
redis.containerSecurityContext |
object |
See values.yaml |
Redis container-level security context |
redis.deploymentAnnotations |
object |
|
Annotations to be added to the Redis server Deployment |
redis.dnsConfig |
object |
|
|
redis.dnsPolicy |
string |
|
Alternative DNS policy for Redis server pods |
redis.enabled |
bool |
|
Enable redis |
redis.env |
list |
|
Environment variables to pass to the Redis server |
redis.envFrom |
list |
|
envFrom to pass to the Redis server |
redis.exporter.containerSecurityContext |
object |
See values.yaml |
Redis exporter security context |
redis.exporter.enabled |
bool |
|
Enable Prometheus redis-exporter sidecar |
redis.exporter.env |
list |
|
Environment variables to pass to the Redis exporter |
redis.exporter.image.imagePullPolicy |
string |
|
Image pull policy for the redis-exporter |
redis.exporter.image.repository |
string |
|
Repository to use for the redis-exporter |
redis.exporter.image.tag |
string |
|
Tag to use for the redis-exporter |
redis.exporter.livenessProbe.enabled |
bool |
|
Enable Kubernetes liveness probe for Redis exporter |
redis.exporter.livenessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
redis.exporter.livenessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
redis.exporter.livenessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
redis.exporter.livenessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
redis.exporter.livenessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
redis.exporter.readinessProbe.enabled |
bool |
|
Enable Kubernetes liveness probe for Redis exporter (optional) |
redis.exporter.readinessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
redis.exporter.readinessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
redis.exporter.readinessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
redis.exporter.readinessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
redis.exporter.readinessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
redis.exporter.resources |
object |
|
Resource limits and requests for redis-exporter sidecar |
redis.extraArgs |
list |
|
Additional command line arguments to pass to redis-server |
redis.extraContainers |
list |
|
Additional containers to be added to the redis pod |
redis.image.imagePullPolicy |
string |
|
Redis image pull policy |
redis.image.repository |
string |
|
Redis repository |
redis.image.tag |
string |
|
Redis tag |
redis.imagePullSecrets |
list |
|
Secrets with credentials to pull images from a private registry |
redis.initContainers |
list |
|
Init containers to add to the redis pod |
redis.livenessProbe.enabled |
bool |
|
Enable Kubernetes liveness probe for Redis server |
redis.livenessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
redis.livenessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
redis.livenessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
redis.livenessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
redis.livenessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
redis.metrics.enabled |
bool |
|
Deploy metrics service |
redis.metrics.service.annotations |
object |
|
Metrics service annotations |
redis.metrics.service.clusterIP |
string |
|
Metrics service clusterIP. |
redis.metrics.service.labels |
object |
|
Metrics service labels |
redis.metrics.service.portName |
string |
|
Metrics service port name |
redis.metrics.service.servicePort |
int |
|
Metrics service port |
redis.metrics.service.type |
string |
|
Metrics service type |
redis.metrics.serviceMonitor.additionalLabels |
object |
|
Prometheus ServiceMonitor labels |
redis.metrics.serviceMonitor.annotations |
object |
|
Prometheus ServiceMonitor annotations |
redis.metrics.serviceMonitor.enabled |
bool |
|
Enable a prometheus ServiceMonitor |
redis.metrics.serviceMonitor.interval |
string |
|
Interval at which metrics should be scraped |
redis.metrics.serviceMonitor.metricRelabelings |
list |
|
Prometheus MetricRelabelConfigs to apply to samples before ingestion |
redis.metrics.serviceMonitor.namespace |
string |
|
Prometheus ServiceMonitor namespace |
redis.metrics.serviceMonitor.relabelings |
list |
|
Prometheus RelabelConfigs to apply to samples before scraping |
redis.metrics.serviceMonitor.scheme |
string |
|
Prometheus ServiceMonitor scheme |
redis.metrics.serviceMonitor.selector |
object |
|
Prometheus ServiceMonitor selector |
redis.metrics.serviceMonitor.tlsConfig |
object |
|
Prometheus ServiceMonitor tlsConfig |
string |
|
Redis name |
|
redis.nodeSelector |
object |
|
|
redis.pdb.annotations |
object |
|
Annotations to be added to Redis pdb |
redis.pdb.enabled |
bool |
|
Deploy a PodDisruptionBudget for the Redis |
redis.pdb.labels |
object |
|
Labels to be added to Redis pdb |
redis.pdb.maxUnavailable |
string |
|
Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
redis.pdb.minAvailable |
string |
|
Number of pods that are available after eviction as number or percentage (eg.: 50%) |
redis.podAnnotations |
object |
|
Annotations to be added to the Redis server pods |
redis.podLabels |
object |
|
Labels to be added to the Redis server pods |
redis.priorityClassName |
string |
|
Priority class for redis pods |
redis.readinessProbe.enabled |
bool |
|
Enable Kubernetes liveness probe for Redis server |
redis.readinessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
redis.readinessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
redis.readinessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
redis.readinessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
redis.readinessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
redis.resources |
object |
|
Resource limits and requests for redis |
redis.securityContext |
object |
See values.yaml |
Redis pod-level security context |
redis.service.annotations |
object |
|
Redis service annotations |
redis.service.labels |
object |
|
Additional redis service labels |
redis.serviceAccount.annotations |
object |
|
Annotations applied to created service account |
redis.serviceAccount.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account |
redis.serviceAccount.create |
bool |
|
Create a service account for the redis pod |
string |
|
Service account name for redis pod |
|
redis.servicePort |
int |
|
Redis service port |
redis.terminationGracePeriodSeconds |
int |
|
terminationGracePeriodSeconds for container lifecycle hook |
redis.tolerations |
list |
|
Tolerations for use with node taints |
redis.topologySpreadConstraints |
list |
|
Assign custom TopologySpreadConstraints rules to redis |
redis.volumeMounts |
list |
|
Additional volumeMounts to the redis container |
redis.volumes |
list |
|
Additional volumes to the redis pod |
Option 2 - Redis HA#
This option uses the following third-party chart to bootstrap a clustered Redis. For all available configuration options, please read upstream README and/or chart source. The main options are listed here:
Key |
Type |
Default |
Description |
---|---|---|---|
redis-ha.additionalAffinities |
object |
|
Additional affinities to add to the Redis server pods. |
redis-ha.affinity |
string |
|
Assign custom affinity rules to the Redis pods. |
redis-ha.auth |
bool |
|
Configures redis-ha with AUTH |
redis-ha.containerSecurityContext |
object |
See values.yaml |
Redis HA statefulset container-level security context |
redis-ha.enabled |
bool |
|
Enables the Redis HA subchart and disables the custom Redis single node deployment |
redis-ha.existingSecret |
string |
|
Existing Secret to use for redis-ha authentication. By default the redis-secret-init Job is generating this Secret. |
redis-ha.exporter.enabled |
bool |
|
Enable Prometheus redis-exporter sidecar |
redis-ha.exporter.image |
string |
|
Repository to use for the redis-exporter |
redis-ha.exporter.tag |
string |
|
Tag to use for the redis-exporter |
redis-ha.haproxy.additionalAffinities |
object |
|
Additional affinities to add to the haproxy pods. |
redis-ha.haproxy.affinity |
string |
|
Assign custom affinity rules to the haproxy pods. |
redis-ha.haproxy.containerSecurityContext |
object |
See values.yaml |
HAProxy container-level security context |
redis-ha.haproxy.enabled |
bool |
|
Enabled HAProxy LoadBalancing/Proxy |
redis-ha.haproxy.hardAntiAffinity |
bool |
|
Whether the haproxy pods should be forced to run on separate nodes. |
redis-ha.haproxy.labels |
object |
|
Custom labels for the haproxy pod. This is relevant for Argo CD CLI. |
redis-ha.haproxy.metrics.enabled |
bool |
|
HAProxy enable prometheus metric scraping |
redis-ha.haproxy.tolerations |
list |
|
Tolerations for use with node taints for haproxy pods. |
redis-ha.hardAntiAffinity |
bool |
|
Whether the Redis server pods should be forced to run on separate nodes. |
redis-ha.image.repository |
string |
|
Redis repository |
redis-ha.image.tag |
string |
|
Redis tag |
redis-ha.persistentVolume.enabled |
bool |
|
Configures persistence on Redis nodes |
redis-ha.redis.config |
object |
See values.yaml |
Any valid redis config options in this section will be applied to each server (see |
redis-ha.redis.config.save |
string |
|
Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. |
redis-ha.redis.masterGroupName |
string |
|
Redis convention for naming the cluster group: must match |
redis-ha.tolerations |
list |
|
Tolerations for use with node taints for Redis pods. |
redis-ha.topologySpreadConstraints |
object |
|
Assign custom TopologySpreadConstraints rules to the Redis pods. |
redis-ha.topologySpreadConstraints.enabled |
bool |
|
Enable Redis HA topology spread constraints |
redis-ha.topologySpreadConstraints.maxSkew |
string |
|
Max skew of pods tolerated |
redis-ha.topologySpreadConstraints.topologyKey |
string |
|
Topology key for spread |
redis-ha.topologySpreadConstraints.whenUnsatisfiable |
string |
|
Enforcement policy, hard or soft |
redis-ha.exporter.image |
string |
|
Exporter image |
redis-ha.exporter.tag |
string |
|
Exporter tag |
redis-ha.haproxy.image.repository |
string |
|
HAProxy Image Repository |
redis-ha.haproxy.image.tag |
string |
|
HAProxy Image Tag |
redis-ha.image.repository |
string |
|
Redis image repository |
Option 3 - External Redis#
If you want to use an existing Redis (eg. a managed service from a cloud provider), you can use these parameters:
Key |
Type |
Default |
Description |
---|---|---|---|
externalRedis.existingSecret |
string |
|
The name of an existing secret with Redis (must contain key |
externalRedis.host |
string |
|
External Redis server host |
externalRedis.password |
string |
|
External Redis password |
externalRedis.port |
int |
|
External Redis server port |
externalRedis.secretAnnotations |
object |
|
External Redis Secret annotations |
externalRedis.username |
string |
|
External Redis username |
Redis secret-init#
The helm chart deploys a Job to setup a random password which is used to secure the Redis. The Redis password is stored in Kubernetes secret argocd-redis
with key auth
in the namespace where Argo CD is installed.
If you use an External Redis (See Option 3 above), this Job is not deployed.
Key |
Type |
Default |
Description |
---|---|---|---|
redisSecretInit.containerSecurityContext |
object |
See values.yaml |
Application controller container-level security context |
redisSecretInit.enabled |
bool |
|
Enable Redis secret initialization. If disabled, secret must be provisioned by alternative methods |
redisSecretInit.image.imagePullPolicy |
string |
|
Image pull policy for the Redis secret-init Job |
redisSecretInit.image.repository |
string |
|
Repository to use for the Redis secret-init Job |
redisSecretInit.image.tag |
string |
|
Tag to use for the Redis secret-init Job |
redisSecretInit.imagePullSecrets |
list |
|
Secrets with credentials to pull images from a private registry |
redisSecretInit.jobAnnotations |
object |
|
Annotations to be added to the Redis secret-init Job |
string |
|
Redis secret-init name |
|
redisSecretInit.nodeSelector |
object |
|
Node selector to be added to the Redis secret-init Job |
redisSecretInit.podAnnotations |
object |
|
Annotations to be added to the Redis secret-init Job |
redisSecretInit.podLabels |
object |
|
Labels to be added to the Redis secret-init Job |
redisSecretInit.priorityClassName |
string |
|
Priority class for Redis secret-init Job |
redisSecretInit.resources |
object |
|
Resource limits and requests for Redis secret-init Job |
redisSecretInit.securityContext |
object |
|
Redis secret-init Job pod-level security context |
redisSecretInit.serviceAccount.annotations |
object |
|
Annotations applied to created service account |
redisSecretInit.serviceAccount.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account |
redisSecretInit.serviceAccount.create |
bool |
|
Create a service account for the redis pod |
string |
|
Service account name for redis pod |
|
redisSecretInit.tolerations |
list |
|
Tolerations to be added to the Redis secret-init Job |
ApplicationSet#
Key |
Type |
Default |
Description |
---|---|---|---|
applicationSet.affinity |
object |
|
Assign custom affinity rules |
applicationSet.allowAnyNamespace |
bool |
|
Enable ApplicationSet in any namespace feature |
applicationSet.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account into the pod. |
applicationSet.certificate.additionalHosts |
list |
|
Certificate Subject Alternate Names (SANs) |
applicationSet.certificate.annotations |
object |
|
Annotations to be applied to the ApplicationSet Certificate |
applicationSet.certificate.domain |
string |
|
Certificate primary domain (commonName) |
applicationSet.certificate.duration |
string |
|
The requested ‘duration’ (i.e. lifetime) of the certificate. |
applicationSet.certificate.enabled |
bool |
|
Deploy a Certificate resource (requires cert-manager) |
applicationSet.certificate.issuer.group |
string |
|
Certificate issuer group. Set if using an external issuer. Eg. |
applicationSet.certificate.issuer.kind |
string |
|
Certificate issuer kind. Either |
string |
|
Certificate issuer name. Eg. |
|
applicationSet.certificate.privateKey.algorithm |
string |
|
Algorithm used to generate certificate private key. One of: |
applicationSet.certificate.privateKey.encoding |
string |
|
The private key cryptography standards (PKCS) encoding for private key. Either: |
applicationSet.certificate.privateKey.rotationPolicy |
string |
|
Rotation policy of private key when certificate is re-issued. Either: |
applicationSet.certificate.privateKey.size |
int |
|
Key bit size of the private key. If algorithm is set to |
applicationSet.certificate.renewBefore |
string |
|
How long before the expiry a certificate should be renewed. |
applicationSet.containerPorts.metrics |
int |
|
Metrics container port |
applicationSet.containerPorts.probe |
int |
|
Probe container port |
applicationSet.containerPorts.webhook |
int |
|
Webhook container port |
applicationSet.containerSecurityContext |
object |
See values.yaml |
ApplicationSet controller container-level security context |
applicationSet.deploymentAnnotations |
object |
|
Annotations to be added to ApplicationSet controller Deployment |
applicationSet.deploymentStrategy |
object |
|
Deployment strategy to be added to the ApplicationSet controller Deployment |
applicationSet.dnsConfig |
object |
|
|
applicationSet.dnsPolicy |
string |
|
Alternative DNS policy for ApplicationSet controller pods |
applicationSet.emptyDir.sizeLimit |
string |
|
EmptyDir size limit for applicationSet controller |
applicationSet.extraArgs |
list |
|
ApplicationSet controller command line flags |
applicationSet.extraContainers |
list |
|
Additional containers to be added to the ApplicationSet controller pod |
applicationSet.extraEnv |
list |
|
Environment variables to pass to the ApplicationSet controller |
applicationSet.extraEnvFrom |
list |
|
envFrom to pass to the ApplicationSet controller |
applicationSet.extraVolumeMounts |
list |
|
List of extra mounts to add (normally used with extraVolumes) |
applicationSet.extraVolumes |
list |
|
List of extra volumes to add |
applicationSet.image.imagePullPolicy |
string |
|
Image pull policy for the ApplicationSet controller |
applicationSet.image.repository |
string |
|
Repository to use for the ApplicationSet controller |
applicationSet.image.tag |
string |
|
Tag to use for the ApplicationSet controller |
applicationSet.imagePullSecrets |
list |
|
If defined, uses a Secret to pull an image from a private Docker registry or repository. |
applicationSet.ingress.annotations |
object |
|
Additional ingress annotations |
applicationSet.ingress.enabled |
bool |
|
Enable an ingress resource for ApplicationSet webhook |
applicationSet.ingress.extraHosts |
list |
|
The list of additional hostnames to be covered by ingress record |
applicationSet.ingress.extraPaths |
list |
|
Additional ingress paths |
applicationSet.ingress.extraRules |
list |
|
Additional ingress rules |
applicationSet.ingress.extraTls |
list |
|
Additional ingress TLS configuration |
applicationSet.ingress.hostname |
string |
|
Argo CD ApplicationSet hostname |
applicationSet.ingress.ingressClassName |
string |
|
Defines which ingress ApplicationSet controller will implement the resource |
applicationSet.ingress.labels |
object |
|
Additional ingress labels |
applicationSet.ingress.path |
string |
|
List of ingress paths |
applicationSet.ingress.pathType |
string |
|
Ingress path type. One of |
applicationSet.ingress.tls |
bool |
|
Enable TLS configuration for the hostname defined at |
applicationSet.initContainers |
list |
|
Init containers to add to the ApplicationSet controller pod |
applicationSet.livenessProbe.enabled |
bool |
|
Enable Kubernetes liveness probe for ApplicationSet controller |
applicationSet.livenessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
applicationSet.livenessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
applicationSet.livenessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
applicationSet.livenessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
applicationSet.livenessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
applicationSet.metrics.enabled |
bool |
|
Deploy metrics service |
applicationSet.metrics.service.annotations |
object |
|
Metrics service annotations |
applicationSet.metrics.service.clusterIP |
string |
|
Metrics service clusterIP. |
applicationSet.metrics.service.labels |
object |
|
Metrics service labels |
applicationSet.metrics.service.portName |
string |
|
Metrics service port name |
applicationSet.metrics.service.servicePort |
int |
|
Metrics service port |
applicationSet.metrics.service.type |
string |
|
Metrics service type |
applicationSet.metrics.serviceMonitor.additionalLabels |
object |
|
Prometheus ServiceMonitor labels |
applicationSet.metrics.serviceMonitor.annotations |
object |
|
Prometheus ServiceMonitor annotations |
applicationSet.metrics.serviceMonitor.enabled |
bool |
|
Enable a prometheus ServiceMonitor |
applicationSet.metrics.serviceMonitor.interval |
string |
|
Prometheus ServiceMonitor interval |
applicationSet.metrics.serviceMonitor.metricRelabelings |
list |
|
Prometheus MetricRelabelConfigs to apply to samples before ingestion |
applicationSet.metrics.serviceMonitor.namespace |
string |
|
Prometheus ServiceMonitor namespace |
applicationSet.metrics.serviceMonitor.relabelings |
list |
|
Prometheus RelabelConfigs to apply to samples before scraping |
applicationSet.metrics.serviceMonitor.scheme |
string |
|
Prometheus ServiceMonitor scheme |
applicationSet.metrics.serviceMonitor.scrapeTimeout |
string |
|
Prometheus ServiceMonitor scrapeTimeout. If empty, Prometheus uses the global scrape timeout unless it is less than the target’s scrape interval value in which the latter is used. |
applicationSet.metrics.serviceMonitor.selector |
object |
|
Prometheus ServiceMonitor selector |
applicationSet.metrics.serviceMonitor.tlsConfig |
object |
|
Prometheus ServiceMonitor tlsConfig |
string |
|
ApplicationSet controller name string |
|
applicationSet.nodeSelector |
object |
|
|
applicationSet.pdb.annotations |
object |
|
Annotations to be added to ApplicationSet controller pdb |
applicationSet.pdb.enabled |
bool |
|
Deploy a PodDisruptionBudget for the ApplicationSet controller |
applicationSet.pdb.labels |
object |
|
Labels to be added to ApplicationSet controller pdb |
applicationSet.pdb.maxUnavailable |
string |
|
Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
applicationSet.pdb.minAvailable |
string |
|
Number of pods that are available after eviction as number or percentage (eg.: 50%) |
applicationSet.podAnnotations |
object |
|
Annotations for the ApplicationSet controller pods |
applicationSet.podLabels |
object |
|
Labels for the ApplicationSet controller pods |
applicationSet.priorityClassName |
string |
|
Priority class for the ApplicationSet controller pods |
applicationSet.readinessProbe.enabled |
bool |
|
Enable Kubernetes liveness probe for ApplicationSet controller |
applicationSet.readinessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
applicationSet.readinessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
applicationSet.readinessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
applicationSet.readinessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
applicationSet.readinessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
applicationSet.replicas |
int |
|
The number of ApplicationSet controller pods to run |
applicationSet.resources |
object |
|
Resource limits and requests for the ApplicationSet controller pods. |
applicationSet.service.annotations |
object |
|
ApplicationSet service annotations |
applicationSet.service.labels |
object |
|
ApplicationSet service labels |
applicationSet.service.port |
int |
|
ApplicationSet service port |
applicationSet.service.portName |
string |
|
ApplicationSet service port name |
applicationSet.service.type |
string |
|
ApplicationSet service type |
applicationSet.serviceAccount.annotations |
object |
|
Annotations applied to created service account |
applicationSet.serviceAccount.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account |
applicationSet.serviceAccount.create |
bool |
|
Create ApplicationSet controller service account |
applicationSet.serviceAccount.labels |
object |
|
Labels applied to created service account |
string |
|
ApplicationSet controller service account name |
|
applicationSet.terminationGracePeriodSeconds |
int |
|
terminationGracePeriodSeconds for container lifecycle hook |
applicationSet.tolerations |
list |
|
Tolerations for use with node taints |
applicationSet.topologySpreadConstraints |
list |
|
Assign custom TopologySpreadConstraints rules to the ApplicationSet controller |
Notifications#
Key |
Type |
Default |
Description |
---|---|---|---|
|
object |
|
Assign custom affinity rules |
|
string |
|
Argo CD dashboard url; used in place of |
notifications.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account into the pod. |
notifications.clusterRoleRules.rules |
list |
|
List of custom rules for the notifications controller’s ClusterRole resource |
notifications.cm.create |
bool |
|
Whether helm chart creates notifications controller config map |
notifications.containerPorts.metrics |
int |
|
Metrics container port |
notifications.containerSecurityContext |
object |
See values.yaml |
Notification controller container-level security Context |
notifications.context |
object |
|
Define user-defined context |
notifications.deploymentAnnotations |
object |
|
Annotations to be applied to the notifications controller Deployment |
notifications.deploymentStrategy |
object |
|
Deployment strategy to be added to the notifications controller Deployment |
notifications.dnsConfig |
object |
|
|
notifications.dnsPolicy |
string |
|
Alternative DNS policy for notifications controller Pods |
notifications.enabled |
bool |
|
Enable notifications controller |
notifications.extraArgs |
list |
|
Extra arguments to provide to the notifications controller |
notifications.extraContainers |
list |
|
Additional containers to be added to the notifications controller pod |
notifications.extraEnv |
list |
|
Additional container environment variables |
notifications.extraEnvFrom |
list |
|
envFrom to pass to the notifications controller |
notifications.extraVolumeMounts |
list |
|
List of extra mounts to add (normally used with extraVolumes) |
notifications.extraVolumes |
list |
|
List of extra volumes to add |
notifications.image.imagePullPolicy |
string |
|
Image pull policy for the notifications controller |
notifications.image.repository |
string |
|
Repository to use for the notifications controller |
notifications.image.tag |
string |
|
Tag to use for the notifications controller |
notifications.imagePullSecrets |
list |
|
Secrets with credentials to pull images from a private registry |
notifications.initContainers |
list |
|
Init containers to add to the notifications controller pod |
notifications.livenessProbe.enabled |
bool |
|
Enable Kubernetes liveness probe for notifications controller Pods |
notifications.livenessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
notifications.livenessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
notifications.livenessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
notifications.livenessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
notifications.livenessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
notifications.logFormat |
string |
|
Notifications controller log format. Either |
notifications.logLevel |
string |
|
Notifications controller log level. One of: |
notifications.metrics.enabled |
bool |
|
Enables prometheus metrics server |
notifications.metrics.port |
int |
|
Metrics port |
notifications.metrics.service.annotations |
object |
|
Metrics service annotations |
notifications.metrics.service.clusterIP |
string |
|
Metrics service clusterIP. |
notifications.metrics.service.labels |
object |
|
Metrics service labels |
notifications.metrics.service.portName |
string |
|
Metrics service port name |
notifications.metrics.service.type |
string |
|
Metrics service type |
notifications.metrics.serviceMonitor.additionalLabels |
object |
|
Prometheus ServiceMonitor labels |
notifications.metrics.serviceMonitor.annotations |
object |
|
Prometheus ServiceMonitor annotations |
notifications.metrics.serviceMonitor.enabled |
bool |
|
Enable a prometheus ServiceMonitor |
notifications.metrics.serviceMonitor.metricRelabelings |
list |
|
Prometheus MetricRelabelConfigs to apply to samples before ingestion |
notifications.metrics.serviceMonitor.relabelings |
list |
|
Prometheus RelabelConfigs to apply to samples before scraping |
notifications.metrics.serviceMonitor.scheme |
string |
|
Prometheus ServiceMonitor scheme |
notifications.metrics.serviceMonitor.selector |
object |
|
Prometheus ServiceMonitor selector |
notifications.metrics.serviceMonitor.tlsConfig |
object |
|
Prometheus ServiceMonitor tlsConfig |
string |
|
Notifications controller name string |
|
notifications.nodeSelector |
object |
|
|
notifications.notifiers |
object |
See values.yaml |
Configures notification services such as slack, email or custom webhook |
notifications.pdb.annotations |
object |
|
Annotations to be added to notifications controller pdb |
notifications.pdb.enabled |
bool |
|
Deploy a PodDisruptionBudget for the notifications controller |
notifications.pdb.labels |
object |
|
Labels to be added to notifications controller pdb |
notifications.pdb.maxUnavailable |
string |
|
Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
notifications.pdb.minAvailable |
string |
|
Number of pods that are available after eviction as number or percentage (eg.: 50%) |
notifications.podAnnotations |
object |
|
Annotations to be applied to the notifications controller Pods |
notifications.podLabels |
object |
|
Labels to be applied to the notifications controller Pods |
notifications.priorityClassName |
string |
|
Priority class for the notifications controller pods |
notifications.readinessProbe.enabled |
bool |
|
Enable Kubernetes liveness probe for notifications controller Pods |
notifications.readinessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded |
notifications.readinessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before probe is initiated |
notifications.readinessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe |
notifications.readinessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed |
notifications.readinessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out |
notifications.resources |
object |
|
Resource limits and requests for the notifications controller |
notifications.secret.annotations |
object |
|
key:value pairs of annotations to be added to the secret |
notifications.secret.create |
bool |
|
Whether helm chart creates notifications controller secret |
notifications.secret.items |
object |
|
Generic key:value pairs to be inserted into the secret |
notifications.secret.labels |
object |
|
key:value pairs of labels to be added to the secret |
string |
|
notifications controller Secret name |
|
notifications.serviceAccount.annotations |
object |
|
Annotations applied to created service account |
notifications.serviceAccount.automountServiceAccountToken |
bool |
|
Automount API credentials for the Service Account |
notifications.serviceAccount.create |
bool |
|
Create notifications controller service account |
notifications.serviceAccount.labels |
object |
|
Labels applied to created service account |
string |
|
Notification controller service account name |
|
notifications.subscriptions |
list |
|
Contains centrally managed global application subscriptions |
notifications.templates |
object |
|
The notification template is used to generate the notification content |
notifications.terminationGracePeriodSeconds |
int |
|
terminationGracePeriodSeconds for container lifecycle hook |
notifications.tolerations |
list |
|
Tolerations for use with node taints |
notifications.topologySpreadConstraints |
list |
|
Assign custom TopologySpreadConstraints rules to the application controller |
notifications.triggers |
object |
|
The trigger defines the condition when the notification should be sent |
Autogenerated from chart metadata using helm-docs