diff --git a/bitnami/argo-cd/CHANGELOG.md b/bitnami/argo-cd/CHANGELOG.md
index 26b94eacff46cd..4db3942f8b6bbc 100644
--- a/bitnami/argo-cd/CHANGELOG.md
+++ b/bitnami/argo-cd/CHANGELOG.md
@@ -1,8 +1,12 @@
# Changelog
-## 6.5.8 (2024-07-08)
+## 6.6.0 (2024-07-11)
-* [bitnami/argo-cd] fix: Use the right port name for livenessProbe. ([#27253](https://github.com/bitnami/charts/pull/27253))
+* [bitnami/argo-cd] Make it possible to run ArgoCD in HA mode ([#27585](https://github.com/bitnami/charts/pull/27585))
+
+## 6.5.8 (2024-07-08)
+
+* [bitnami/argo-cd] fix: Use the right port name for livenessProbe. (#27253) ([516d67a](https://github.com/bitnami/charts/commit/516d67a0e6c7f6a24fab5d6c000c0c0de27bdd58)), closes [#27253](https://github.com/bitnami/charts/issues/27253)
## 6.5.7 (2024-07-05)
diff --git a/bitnami/argo-cd/Chart.yaml b/bitnami/argo-cd/Chart.yaml
index 1fc372a394c2de..3856f68b4a7b61 100644
--- a/bitnami/argo-cd/Chart.yaml
+++ b/bitnami/argo-cd/Chart.yaml
@@ -39,4 +39,4 @@ maintainers:
name: argo-cd
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/argo-cd
-version: 6.5.8
+version: 6.6.0
diff --git a/bitnami/argo-cd/README.md b/bitnami/argo-cd/README.md
index b6588285aa42c4..6b7c4059a2c40f 100644
--- a/bitnami/argo-cd/README.md
+++ b/bitnami/argo-cd/README.md
@@ -330,6 +330,7 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| Name | Description | Value |
| -------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
+| `controller.kind` | Kind to deploy ArgoCD application controller in. | `Deployment` |
| `controller.replicaCount` | Number of Argo CD replicas to deploy | `1` |
| `controller.startupProbe.enabled` | Enable startupProbe on Argo CD nodes | `false` |
| `controller.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` |
@@ -429,6 +430,8 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `controller.defaultArgs.selfHealTimeout` | Default self heal timeout for Argo CD controller | `5` |
| `controller.args` | Override default container args (useful when using custom images). Overrides the defaultArgs. | `[]` |
| `controller.extraArgs` | Add extra arguments to the default arguments for the Argo CD controller | `[]` |
+| `controller.dynamicClusterDistribution.enabled` | Whether dynamic cluster distribution is enabled. | `false` |
+| `controller.dynamicClusterDistribution.heartbeatDuration` | Time to update the cluster sharding (defaults to 10 seconds). | `""` |
| `controller.automountServiceAccountToken` | Mount Service Account token in pod | `true` |
| `controller.hostAliases` | Argo CD pods host aliases | `[]` |
| `controller.podLabels` | Extra labels for Argo CD pods | `{}` |
@@ -448,6 +451,7 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `controller.priorityClassName` | Argo CD pods' priorityClassName | `""` |
| `controller.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` |
| `controller.lifecycleHooks` | for the Argo CD container(s) to automate configuration before or after startup | `{}` |
+| `controller.podManagementPolicy` | podManagementPolicy to manage scaling operation of pods (only in StatefulSet mode) | `""` |
| `controller.extraEnvVars` | Array with extra environment variables to add to Argo CD nodes | `[]` |
| `controller.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Argo CD nodes | `""` |
| `controller.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Argo CD nodes | `""` |
diff --git a/bitnami/argo-cd/templates/_helpers.tpl b/bitnami/argo-cd/templates/_helpers.tpl
index d7db8ff9186c3b..e49287dd4ff8df 100644
--- a/bitnami/argo-cd/templates/_helpers.tpl
+++ b/bitnami/argo-cd/templates/_helpers.tpl
@@ -256,6 +256,19 @@ Return the Redis® port
{{- end -}}
{{- end -}}
+{{/*
+Validate Application Controller config
+*/}}
+{{- define "argocd.validateValues.controller.config" -}}
+{{- if gt (int .Values.controller.replicaCount) 1 }}
+ {{- if and .Values.controller.dynamicClusterDistribution.enabled (not (eq .Values.controller.kind "Deployment")) }}
+Argo CD: When running in HA mode with dynamic cluster distribution enabled, the application controller must be installed as a Deployment.
+ {{- else if and (not .Values.controller.dynamicClusterDistribution.enabled) (not (eq .Values.controller.kind "StatefulSet")) }}
+Argo CD: When running in HA mode, the application controller must be installed as a StatefulSet.
+ {{- end -}}
+{{- end -}}
+{{- end -}}
+
{{/*
Validate Redis config
*/}}
@@ -316,10 +329,15 @@ Compile all warnings into a single message.
*/}}
{{- define "argocd.validateValues" -}}
{{- $messages := list -}}
+{{- $messages := append $messages (include "argocd.validateValues.controller.config" .) -}}
{{- $messages := append $messages (include "argocd.validateValues.dex.config" .) -}}
{{- $messages := append $messages (include "argocd.validateValues.clusterCredentials" .) -}}
{{- $messages := append $messages (include "argocd.validateValues.externalRedis" .) -}}
{{- $messages := append $messages (include "argocd.validateValues.redis" .) -}}
{{- $messages := without $messages "" -}}
{{- $message := join "\n" $messages -}}
+
+{{- if $message -}}
+{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
+{{- end -}}
{{- end -}}
diff --git a/bitnami/argo-cd/templates/application-controller/_pod.tpl b/bitnami/argo-cd/templates/application-controller/_pod.tpl
new file mode 100644
index 00000000000000..bf45a9521401cb
--- /dev/null
+++ b/bitnami/argo-cd/templates/application-controller/_pod.tpl
@@ -0,0 +1,263 @@
+{{/*
+Copyright Broadcom, Inc. All Rights Reserved.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{/*
+Pod Spec
+*/}}
+{{- define "argocd.pod" -}}
+serviceAccountName: {{ include "argocd.application-controller.serviceAccountName" . }}
+{{- include "argocd.imagePullSecrets" . | nindent 6 }}
+automountServiceAccountToken: {{ .Values.controller.automountServiceAccountToken }}
+{{- if .Values.controller.hostAliases }}
+hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.controller.hostAliases "context" $) | nindent 2 }}
+{{- end }}
+{{- if .Values.controller.affinity }}
+affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.controller.affinity "context" $) | nindent 2 }}
+{{- else }}
+affinity:
+ {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.controller.podLabels .Values.commonLabels ) "context" . ) }}
+ podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.controller.podAffinityPreset "component" "controller" "customLabels" $podLabels "context" $) | nindent 4 }}
+ podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.controller.podAntiAffinityPreset "component" "controller" "customLabels" $podLabels "context" $) | nindent 4 }}
+ nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.controller.nodeAffinityPreset.type "key" .Values.controller.nodeAffinityPreset.key "values" .Values.controller.nodeAffinityPreset.values) | nindent 4 }}
+{{- end }}
+{{- if .Values.controller.nodeSelector }}
+nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.controller.nodeSelector "context" $) | nindent 2 }}
+{{- end }}
+{{- if .Values.controller.tolerations }}
+tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.controller.tolerations "context" .) | nindent 2 }}
+{{- end }}
+{{- if .Values.controller.schedulerName }}
+schedulerName: {{ .Values.controller.schedulerName }}
+{{- end }}
+{{- if .Values.controller.shareProcessNamespace }}
+shareProcessNamespace: {{ .Values.controller.shareProcessNamespace }}
+{{- end }}
+{{- if .Values.controller.topologySpreadConstraints }}
+topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.controller.topologySpreadConstraints "context" .) | nindent 2 }}
+{{- end }}
+{{- if .Values.controller.priorityClassName }}
+priorityClassName: {{ .Values.controller.priorityClassName | quote }}
+{{- end }}
+{{- if .Values.controller.runtimeClassName }}
+runtimeClassName: {{ .Values.controller.runtimeClassName }}
+{{- end }}
+{{- if .Values.controller.podSecurityContext.enabled }}
+securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.controller.podSecurityContext "context" $) | nindent 2 }}
+{{- end }}
+initContainers:
+ {{- if .Values.redisWait.enabled }}
+ - name: wait-for-redis
+ image: {{ include "argocd.redis.image" . }}
+ imagePullPolicy: {{ .Values.redis.image.pullPolicy | quote }}
+ {{- if .Values.redisWait.securityContext }}
+ # Deprecated: use redisWait.containerSecurityContext
+ securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.redisWait.securityContext "context" $) | nindent 6 }}
+ {{- else if .Values.redisWait.containerSecurityContext.enabled }}
+ securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.redisWait.containerSecurityContext "context" $) | nindent 6 }}
+ {{- end }}
+ command:
+ - /bin/bash
+ args:
+ - -ec
+ - |
+ #!/bin/bash
+
+ set -o errexit
+ set -o nounset
+ set -o pipefail
+
+ . /opt/bitnami/scripts/libos.sh
+ . /opt/bitnami/scripts/liblog.sh
+
+ check_redis_connection() {
+ local result="$(redis-cli -h {{ include "argocd.redisHost" . }} -p {{ include "argocd.redisPort" . }} {{ .Values.redisWait.extraArgs }} PING)"
+ if [[ "$result" != "PONG" ]]; then
+ false
+ fi
+ }
+
+ info "Checking redis connection..."
+ if ! retry_while "check_redis_connection"; then
+ error "Could not connect to the Redis server"
+ return 1
+ else
+ info "Connected to the Redis instance"
+ fi
+ {{- if include "argocd.redis.auth.enabled" . }}
+ env:
+ - name: REDISCLI_AUTH
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "argocd.redis.secretName" . }}
+ key: {{ include "argocd.redis.secretPasswordKey" . }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.controller.initContainers }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.controller.initContainers "context" $) | nindent 2 }}
+ {{- end }}
+containers:
+ - name: controller
+ image: {{ include "argocd.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ {{- if .Values.controller.lifecycleHooks }}
+ lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.controller.lifecycleHooks "context" $) | nindent 6 }}
+ {{- end }}
+ {{- if .Values.controller.containerSecurityContext.enabled }}
+ securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.controller.containerSecurityContext "context" $) | nindent 6 }}
+ {{- end }}
+ {{- if .Values.controller.command }}
+ command: {{- include "common.tplvalues.render" (dict "value" .Values.controller.command "context" $) | nindent 6 }}
+ {{- end }}
+ {{- if .Values.controller.args }}
+ args: {{- include "common.tplvalues.render" (dict "value" .Values.controller.args "context" $) | nindent 6 }}
+ {{- else }}
+ args:
+ - argocd-application-controller
+ - --status-processors
+ - {{ .Values.controller.defaultArgs.statusProcessors | quote }}
+ - --operation-processors
+ - {{ .Values.controller.defaultArgs.operationProcessors | quote }}
+ - --app-resync
+ - {{ .Values.controller.defaultArgs.appResyncPeriod | quote }}
+ - --self-heal-timeout-seconds
+ - {{ .Values.controller.defaultArgs.selfHealTimeout | quote }}
+ - --repo-server
+ - {{ include "argocd.repo-server" . }}:{{ coalesce .Values.repoServer.service.port .Values.repoServer.service.ports.repoServer }}
+ - --logformat
+ - {{ .Values.controller.logFormat | quote }}
+ - --loglevel
+ - {{ .Values.controller.logLevel | quote }}
+ - --metrics-port={{ .Values.controller.containerPorts.metrics }}
+ # TODO(miguelaeh): Test the chart using redis sentinel enabled: https://github.com/argoproj/argo-cd/blob/2a410187565e15633b6f2a8c8d8da22cf02b257d/util/cache/cache.go#L40
+ - --redis
+ - {{ include "argocd.redisHost" . }}:{{ include "argocd.redisPort" . }}
+ {{- if .Values.controller.extraArgs }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraArgs "context" $) | nindent 6 }}
+ {{- end }}
+ {{- end }}
+ ports:
+ - name: metrics
+ containerPort: {{ .Values.controller.containerPorts.metrics }}
+ protocol: TCP
+ env:
+ - name: ARGOCD_APPLICATION_CONTROLLER_NAME
+ value: {{ include "argocd.application-controller" . }}
+ {{- if gt (int .Values.server.replicaCount) 1 }}
+ - name: ARGOCD_CONTROLLER_REPLICAS
+ value: {{ .Values.controller.replicaCount | quote }}
+ {{- end }}
+ {{- if .Values.controller.dynamicClusterDistribution.enabled }}
+ - name: ARGOCD_ENABLE_DYNAMIC_CLUSTER_DISTRIBUTION
+ value: "true"
+ {{- if .Values.controller.dynamicClusterDistribution.heartbeatDuration }}
+ - name: ARGOCD_CONTROLLER_HEARTBEAT_TIME
+ value: {{ .Values.controller.dynamicClusterDistribution.heartbeatDuration | quote }}
+ {{- end }}
+ {{- end }}
+ {{- if and .Values.redis.enabled (include "argocd.redis.auth.enabled" .) }}
+ - name: REDIS_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "argocd.redis.secretName" . }}
+ key: {{ include "argocd.redis.secretPasswordKey" . }}
+ {{- else if .Values.externalRedis.enabled }}
+ - name: REDIS_PASSWORD
+ {{- if not ( eq "" .Values.externalRedis.password ) }}
+ value: {{ .Values.externalRedis.password }}
+ {{- else }}
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Values.externalRedis.existingSecret }}
+ key: {{ .Values.externalRedis.existingSecretPasswordKey }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.controller.extraEnvVars }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraEnvVars "context" $) | nindent 6 }}
+ {{- end }}
+ envFrom:
+ {{- if .Values.controller.extraEnvVarsCM }}
+ - configMapRef:
+ name: {{ include "common.tplvalues.render" (dict "value" .Values.controller.extraEnvVarsCM "context" $) }}
+ {{- end }}
+ {{- if .Values.controller.extraEnvVarsSecret }}
+ - secretRef:
+ name: {{ include "common.tplvalues.render" (dict "value" .Values.controller.extraEnvVarsSecret "context" $) }}
+ {{- end }}
+ {{- if .Values.controller.resources }}
+ resources: {{- toYaml .Values.controller.resources | nindent 6 }}
+ {{- else if ne .Values.controller.resourcesPreset "none" }}
+ resources: {{- include "common.resources.preset" (dict "type" .Values.controller.resourcesPreset) | nindent 6 }}
+ {{- end }}
+ {{- if .Values.controller.customStartupProbe }}
+ startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.controller.customStartupProbe "context" $) | nindent 6 }}
+ {{- else if .Values.controller.startupProbe.enabled }}
+ startupProbe:
+ httpGet:
+ path: /healthz
+ port: metrics
+ initialDelaySeconds: {{ .Values.controller.startupProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.controller.startupProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.controller.startupProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.controller.startupProbe.successThreshold }}
+ failureThreshold: {{ .Values.controller.startupProbe.failureThreshold }}
+ {{- end }}
+ {{- if .Values.controller.customLivenessProbe }}
+ livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.controller.customLivenessProbe "context" $) | nindent 6 }}
+ {{- else if .Values.controller.livenessProbe.enabled }}
+ livenessProbe:
+ httpGet:
+ path: /healthz
+ port: metrics
+ initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.controller.livenessProbe.successThreshold }}
+ failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }}
+ {{- end }}
+ {{- if .Values.controller.customReadinessProbe }}
+ readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.controller.customReadinessProbe "context" $) | nindent 6 }}
+ {{- else if .Values.controller.readinessProbe.enabled }}
+ readinessProbe:
+ tcpSocket:
+ port: metrics
+ initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.controller.readinessProbe.successThreshold }}
+ failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }}
+ {{- end }}
+ volumeMounts:
+ # Mounting into a path that will be read by Argo CD.
+ # This secret will be autogenerated by Argo CD repo server unless it already exists. Users can create its own certificate to override it.
+ # Ref: https://argoproj.github.io/argo-cd/operator-manual/tls/#inbound-tls-certificates-used-by-argocd-repo-sever
+ - mountPath: /app/config/server/tls
+ name: argocd-repo-server-tls
+ - name: empty-dir
+ mountPath: /tmp
+ subPath: tmp-dir
+ {{- if .Values.controller.extraVolumeMounts }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraVolumeMounts "context" $) | nindent 6 }}
+ {{- end }}
+ {{- if .Values.controller.sidecars }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.controller.sidecars "context" $) | nindent 2 }}
+ {{- end }}
+volumes:
+ - name: empty-dir
+ emptyDir: {}
+ - name: argocd-repo-server-tls
+ secret:
+ items:
+ - key: tls.crt
+ path: tls.crt
+ - key: tls.key
+ path: tls.key
+ - key: ca.crt
+ path: ca.crt
+ optional: true
+ secretName: argocd-repo-server-tls
+ {{- if .Values.controller.extraVolumes }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraVolumes "context" $) | nindent 2 }}
+ {{- end }}
+ {{- end }}
diff --git a/bitnami/argo-cd/templates/application-controller/deployment.yaml b/bitnami/argo-cd/templates/application-controller/deployment.yaml
index 38ca83d43b8244..090bb4efee7281 100644
--- a/bitnami/argo-cd/templates/application-controller/deployment.yaml
+++ b/bitnami/argo-cd/templates/application-controller/deployment.yaml
@@ -3,6 +3,7 @@ Copyright Broadcom, Inc. All Rights Reserved.
SPDX-License-Identifier: APACHE-2.0
*/}}
+{{- if eq .Values.controller.kind "Deployment" }}
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
@@ -29,244 +30,5 @@ spec:
{{- end }}
labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }}
app.kubernetes.io/component: controller
- spec:
- serviceAccountName: {{ include "argocd.application-controller.serviceAccountName" . }}
- {{- include "argocd.imagePullSecrets" . | nindent 6 }}
- automountServiceAccountToken: {{ .Values.controller.automountServiceAccountToken }}
- {{- if .Values.controller.hostAliases }}
- hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.controller.hostAliases "context" $) | nindent 8 }}
- {{- end }}
- {{- if .Values.controller.affinity }}
- affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.controller.affinity "context" $) | nindent 8 }}
- {{- else }}
- affinity:
- podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.controller.podAffinityPreset "component" "controller" "customLabels" $podLabels "context" $) | nindent 10 }}
- podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.controller.podAntiAffinityPreset "component" "controller" "customLabels" $podLabels "context" $) | nindent 10 }}
- nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.controller.nodeAffinityPreset.type "key" .Values.controller.nodeAffinityPreset.key "values" .Values.controller.nodeAffinityPreset.values) | nindent 10 }}
- {{- end }}
- {{- if .Values.controller.nodeSelector }}
- nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.controller.nodeSelector "context" $) | nindent 8 }}
- {{- end }}
- {{- if .Values.controller.tolerations }}
- tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.controller.tolerations "context" .) | nindent 8 }}
- {{- end }}
- {{- if .Values.controller.schedulerName }}
- schedulerName: {{ .Values.controller.schedulerName }}
- {{- end }}
- {{- if .Values.controller.shareProcessNamespace }}
- shareProcessNamespace: {{ .Values.controller.shareProcessNamespace }}
- {{- end }}
- {{- if .Values.controller.topologySpreadConstraints }}
- topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.controller.topologySpreadConstraints "context" .) | nindent 8 }}
- {{- end }}
- {{- if .Values.controller.priorityClassName }}
- priorityClassName: {{ .Values.controller.priorityClassName | quote }}
- {{- end }}
- {{- if .Values.controller.runtimeClassName }}
- runtimeClassName: {{ .Values.controller.runtimeClassName }}
- {{- end }}
- {{- if .Values.controller.podSecurityContext.enabled }}
- securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.controller.podSecurityContext "context" $) | nindent 8 }}
- {{- end }}
- initContainers:
- {{- if .Values.redisWait.enabled }}
- - name: wait-for-redis
- image: {{ include "argocd.redis.image" . }}
- imagePullPolicy: {{ .Values.redis.image.pullPolicy | quote }}
- {{- if .Values.redisWait.securityContext }}
- # Deprecated: use redisWait.containerSecurityContext
- securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.redisWait.securityContext "context" $) | nindent 12 }}
- {{- else if .Values.redisWait.containerSecurityContext.enabled }}
- securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.redisWait.containerSecurityContext "context" $) | nindent 12 }}
- {{- end }}
- command:
- - /bin/bash
- args:
- - -ec
- - |
- #!/bin/bash
-
- set -o errexit
- set -o nounset
- set -o pipefail
-
- . /opt/bitnami/scripts/libos.sh
- . /opt/bitnami/scripts/liblog.sh
-
- check_redis_connection() {
- local result="$(redis-cli -h {{ include "argocd.redisHost" . }} -p {{ include "argocd.redisPort" . }} {{ .Values.redisWait.extraArgs }} PING)"
- if [[ "$result" != "PONG" ]]; then
- false
- fi
- }
-
- info "Checking redis connection..."
- if ! retry_while "check_redis_connection"; then
- error "Could not connect to the Redis server"
- return 1
- else
- info "Connected to the Redis instance"
- fi
- {{- if include "argocd.redis.auth.enabled" . }}
- env:
- - name: REDISCLI_AUTH
- valueFrom:
- secretKeyRef:
- name: {{ include "argocd.redis.secretName" . }}
- key: {{ include "argocd.redis.secretPasswordKey" . }}
- {{- end }}
- {{- end }}
- {{- if .Values.controller.initContainers }}
- {{- include "common.tplvalues.render" (dict "value" .Values.controller.initContainers "context" $) | nindent 8 }}
- {{- end }}
- containers:
- - name: controller
- image: {{ include "argocd.image" . }}
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- {{- if .Values.controller.lifecycleHooks }}
- lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.controller.lifecycleHooks "context" $) | nindent 12 }}
- {{- end }}
- {{- if .Values.controller.containerSecurityContext.enabled }}
- securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.controller.containerSecurityContext "context" $) | nindent 12 }}
- {{- end }}
- {{- if .Values.controller.command }}
- command: {{- include "common.tplvalues.render" (dict "value" .Values.controller.command "context" $) | nindent 12 }}
- {{- end }}
- {{- if .Values.controller.args }}
- args: {{- include "common.tplvalues.render" (dict "value" .Values.controller.args "context" $) | nindent 12 }}
- {{- else }}
- args:
- - argocd-application-controller
- - --status-processors
- - {{ .Values.controller.defaultArgs.statusProcessors | quote }}
- - --operation-processors
- - {{ .Values.controller.defaultArgs.operationProcessors | quote }}
- - --app-resync
- - {{ .Values.controller.defaultArgs.appResyncPeriod | quote }}
- - --self-heal-timeout-seconds
- - {{ .Values.controller.defaultArgs.selfHealTimeout | quote }}
- - --repo-server
- - {{ include "argocd.repo-server" . }}:{{ coalesce .Values.repoServer.service.port .Values.repoServer.service.ports.repoServer }}
- - --logformat
- - {{ .Values.controller.logFormat | quote }}
- - --loglevel
- - {{ .Values.controller.logLevel | quote }}
- - --metrics-port={{ .Values.controller.containerPorts.metrics }}
- # TODO(miguelaeh): Test the chart using redis sentinel enabled: https://github.com/argoproj/argo-cd/blob/2a410187565e15633b6f2a8c8d8da22cf02b257d/util/cache/cache.go#L40
- - --redis
- - {{ include "argocd.redisHost" . }}:{{ include "argocd.redisPort" . }}
- {{- if .Values.controller.extraArgs }}
- {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraArgs "context" $) | nindent 12 }}
- {{- end }}
- {{- end }}
- ports:
- - name: metrics
- containerPort: {{ .Values.controller.containerPorts.metrics }}
- protocol: TCP
- env:
- - name: ARGOCD_APPLICATION_CONTROLLER_NAME
- value: {{ include "argocd.application-controller" . }}
- {{- if and .Values.redis.enabled (include "argocd.redis.auth.enabled" .) }}
- - name: REDIS_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "argocd.redis.secretName" . }}
- key: {{ include "argocd.redis.secretPasswordKey" . }}
- {{- else if .Values.externalRedis.enabled }}
- - name: REDIS_PASSWORD
- {{- if not ( eq "" .Values.externalRedis.password ) }}
- value: {{ .Values.externalRedis.password }}
- {{- else }}
- valueFrom:
- secretKeyRef:
- name: {{ .Values.externalRedis.existingSecret }}
- key: {{ .Values.externalRedis.existingSecretPasswordKey }}
- {{- end }}
- {{- end }}
- {{- if .Values.controller.extraEnvVars }}
- {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraEnvVars "context" $) | nindent 12 }}
- {{- end }}
- envFrom:
- {{- if .Values.controller.extraEnvVarsCM }}
- - configMapRef:
- name: {{ include "common.tplvalues.render" (dict "value" .Values.controller.extraEnvVarsCM "context" $) }}
- {{- end }}
- {{- if .Values.controller.extraEnvVarsSecret }}
- - secretRef:
- name: {{ include "common.tplvalues.render" (dict "value" .Values.controller.extraEnvVarsSecret "context" $) }}
- {{- end }}
- {{- if .Values.controller.resources }}
- resources: {{- toYaml .Values.controller.resources | nindent 12 }}
- {{- else if ne .Values.controller.resourcesPreset "none" }}
- resources: {{- include "common.resources.preset" (dict "type" .Values.controller.resourcesPreset) | nindent 12 }}
- {{- end }}
- {{- if .Values.controller.customStartupProbe }}
- startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.controller.customStartupProbe "context" $) | nindent 12 }}
- {{- else if .Values.controller.startupProbe.enabled }}
- startupProbe:
- httpGet:
- path: /healthz
- port: metrics
- initialDelaySeconds: {{ .Values.controller.startupProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.controller.startupProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.controller.startupProbe.timeoutSeconds }}
- successThreshold: {{ .Values.controller.startupProbe.successThreshold }}
- failureThreshold: {{ .Values.controller.startupProbe.failureThreshold }}
- {{- end }}
- {{- if .Values.controller.customLivenessProbe }}
- livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.controller.customLivenessProbe "context" $) | nindent 12 }}
- {{- else if .Values.controller.livenessProbe.enabled }}
- livenessProbe:
- httpGet:
- path: /healthz
- port: metrics
- initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }}
- successThreshold: {{ .Values.controller.livenessProbe.successThreshold }}
- failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }}
- {{- end }}
- {{- if .Values.controller.customReadinessProbe }}
- readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.controller.customReadinessProbe "context" $) | nindent 12 }}
- {{- else if .Values.controller.readinessProbe.enabled }}
- readinessProbe:
- tcpSocket:
- port: metrics
- initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }}
- periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }}
- timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }}
- successThreshold: {{ .Values.controller.readinessProbe.successThreshold }}
- failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }}
- {{- end }}
- volumeMounts:
- # Mounting into a path that will be read by Argo CD.
- # This secret will be autogenerated by Argo CD repo server unless it already exists. Users can create its own certificate to override it.
- # Ref: https://argoproj.github.io/argo-cd/operator-manual/tls/#inbound-tls-certificates-used-by-argocd-repo-sever
- - mountPath: /app/config/server/tls
- name: argocd-repo-server-tls
- - name: empty-dir
- mountPath: /tmp
- subPath: tmp-dir
- {{- if .Values.controller.extraVolumeMounts }}
- {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraVolumeMounts "context" $) | nindent 12 }}
- {{- end }}
- {{- if .Values.controller.sidecars }}
- {{- include "common.tplvalues.render" ( dict "value" .Values.controller.sidecars "context" $) | nindent 8 }}
- {{- end }}
- volumes:
- - name: empty-dir
- emptyDir: {}
- - name: argocd-repo-server-tls
- secret:
- items:
- - key: tls.crt
- path: tls.crt
- - key: tls.key
- path: tls.key
- - key: ca.crt
- path: ca.crt
- optional: true
- secretName: argocd-repo-server-tls
- {{- if .Values.controller.extraVolumes }}
- {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraVolumes "context" $) | nindent 8 }}
- {{- end }}
+ spec: {{- include "argocd.pod" . | nindent 6 }}
+{{- end -}}
diff --git a/bitnami/argo-cd/templates/application-controller/service-headless.yaml b/bitnami/argo-cd/templates/application-controller/service-headless.yaml
new file mode 100644
index 00000000000000..4b7227d1ee8d4c
--- /dev/null
+++ b/bitnami/argo-cd/templates/application-controller/service-headless.yaml
@@ -0,0 +1,24 @@
+{{- /*
+Copyright Broadcom, Inc. All Rights Reserved.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{- if eq .Values.controller.kind "StatefulSet" }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "argocd.application-controller" . }}-headless
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
+ app.kubernetes.io/component: controller
+ {{- if or .Values.commonAnnotations .Values.controller.service.annotations }}
+ {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.controller.service.annotations .Values.commonAnnotations ) "context" . ) }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
+ {{- end }}
+spec:
+ clusterIP: None
+ type: ClusterIP
+ {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.controller.podLabels .Values.commonLabels ) "context" . ) }}
+ selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }}
+ app.kubernetes.io/component: controller
+{{- end }}
diff --git a/bitnami/argo-cd/templates/application-controller/statefulset.yaml b/bitnami/argo-cd/templates/application-controller/statefulset.yaml
new file mode 100644
index 00000000000000..e3b7b80d360e70
--- /dev/null
+++ b/bitnami/argo-cd/templates/application-controller/statefulset.yaml
@@ -0,0 +1,39 @@
+{{- /*
+Copyright Broadcom, Inc. All Rights Reserved.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{- if eq .Values.controller.kind "StatefulSet" }}
+apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }}
+kind: StatefulSet
+metadata:
+ name: {{ include "argocd.application-controller" . }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
+ app.kubernetes.io/component: controller
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.controller.replicaCount }}
+ {{- if .Values.controller.podManagementPolicy }}
+ podManagementPolicy: {{ .Values.controller.podManagementPolicy }}
+ {{- end }}
+ {{- if .Values.controller.updateStrategy }}
+ updateStrategy: {{- toYaml .Values.controller.updateStrategy | nindent 4 }}
+ {{- end }}
+ serviceName: {{ include "argocd.application-controller" . }}-headless
+ {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.controller.podLabels .Values.commonLabels ) "context" . ) }}
+ selector:
+ matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }}
+ app.kubernetes.io/component: controller
+ template:
+ metadata:
+ {{- if .Values.controller.podAnnotations }}
+ annotations: {{- include "common.tplvalues.render" (dict "value" .Values.controller.podAnnotations "context" $) | nindent 8 }}
+ {{- end }}
+ labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }}
+ app.kubernetes.io/component: controller
+ spec: {{- include "argocd.pod" . | nindent 6 }}
+ volumeClaimTemplates: []
+{{- end -}}
diff --git a/bitnami/argo-cd/templates/server/deployment.yaml b/bitnami/argo-cd/templates/server/deployment.yaml
index fef12983836a7e..f77d5487f67643 100644
--- a/bitnami/argo-cd/templates/server/deployment.yaml
+++ b/bitnami/argo-cd/templates/server/deployment.yaml
@@ -169,6 +169,10 @@ spec:
containerPort: {{ .Values.server.containerPorts.metrics }}
protocol: TCP
env:
+ {{- if gt (int .Values.server.replicaCount) 1 }}
+ - name: ARGOCD_API_SERVER_REPLICAS
+ value: {{ .Values.server.replicaCount | quote }}
+ {{- end }}
{{- if and .Values.redis.enabled (include "argocd.redis.auth.enabled" .) }}
- name: REDIS_PASSWORD
valueFrom:
diff --git a/bitnami/argo-cd/values.yaml b/bitnami/argo-cd/values.yaml
index befd47de3b496f..debfed9426b16b 100644
--- a/bitnami/argo-cd/values.yaml
+++ b/bitnami/argo-cd/values.yaml
@@ -88,6 +88,11 @@ image:
## Argo CD Controller
##
controller:
+ ## @param controller.kind Kind to deploy ArgoCD application controller in.
+ ## Use either StatefulSet or Deployment (default). StatefulSet is required when running in HA mode.
+ ## ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/high_availability/
+ ##
+ kind: Deployment
## @param controller.replicaCount Number of Argo CD replicas to deploy
##
replicaCount: 1
@@ -505,6 +510,16 @@ controller:
## @param controller.extraArgs Add extra arguments to the default arguments for the Argo CD controller
##
extraArgs: []
+ ## ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution/
+ ##
+ dynamicClusterDistribution:
+ ## @param controller.dynamicClusterDistribution.enabled Whether dynamic cluster distribution is enabled.
+ ##
+ enabled: false
+ ## @param controller.dynamicClusterDistribution.heartbeatDuration Time to update the cluster sharding (defaults to 10 seconds).
+ ## ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/dynamic-cluster-distribution/#working-of-dynamic-distribution
+ ##
+ heartbeatDuration: ""
## @param controller.automountServiceAccountToken Mount Service Account token in pod
##
automountServiceAccountToken: true
@@ -593,6 +608,10 @@ controller:
## @param controller.lifecycleHooks for the Argo CD container(s) to automate configuration before or after startup
##
lifecycleHooks: {}
+ ## @param controller.podManagementPolicy podManagementPolicy to manage scaling operation of pods (only in StatefulSet mode)
+ ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies
+ ##
+ podManagementPolicy: ""
## @param controller.extraEnvVars Array with extra environment variables to add to Argo CD nodes
## e.g:
## extraEnvVars: