argoproj
/
argo-helm
mirror of https://github.com/argoproj/argo-helm.git
1
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity

feat(argo-cd): prepare (dex) for readOnlyRootFilesystem (#623)

pull/626/head
Marco Kilchhofer 2021-03-10 11:16:21 +01:00 committed by GitHub
parent eb16df15da
commit 650abd1eb1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
charts/argo-cd/Chart.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v1
appVersion: 1.8.4 appVersion: 1.8.4
description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd name: argo-cd
version: 2.16.1 version: 2.17.0
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm
icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
keywords: keywords:

16
charts/argo-cd/templates/dex/deployment.yaml
View File

@ -86,10 +86,12 @@ spec:
containerPort: {{ .Values.dex.containerPortMetrics }} containerPort: {{ .Values.dex.containerPortMetrics }}
protocol: TCP protocol: TCP
{{- end }} {{- end }}
{{- if .Values.dex.volumeMounts }}
volumeMounts: volumeMounts:
{{- toYaml .Values.dex.volumeMounts | nindent 10 }} - mountPath: /tmp
{{- end }} name: tmp-dir
{{- if .Values.dex.volumeMounts }}
{{- toYaml .Values.dex.volumeMounts | nindent 8 }}
{{- end }}
resources: resources:
{{- toYaml .Values.dex.resources | nindent 10 }} {{- toYaml .Values.dex.resources | nindent 10 }}
{{- if .Values.dex.nodeSelector }} {{- if .Values.dex.nodeSelector }}
@ -105,10 +107,12 @@ spec:
{{- toYaml .Values.dex.affinity | nindent 8 }} {{- toYaml .Values.dex.affinity | nindent 8 }}
{{- end }} {{- end }}
serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }}
{{- if .Values.dex.volumes }}
volumes: volumes:
{{- toYaml .Values.dex.volumes | nindent 8}} - emptyDir: {}
{{- end }} name: tmp-dir
{{- if .Values.dex.volumes }}
{{- toYaml .Values.dex.volumes | nindent 6 }}
{{- end }}
{{- if .Values.dex.priorityClassName }} {{- if .Values.dex.priorityClassName }}
priorityClassName: {{ .Values.dex.priorityClassName }} priorityClassName: {{ .Values.dex.priorityClassName }}
{{- end }} {{- end }}

5
charts/argo-cd/values.yaml
View File

@ -75,6 +75,7 @@ controller:
# capabilities: # capabilities:
# drop: # drop:
# - all # - all
# readOnlyRootFilesystem: true
## Configures the controller port ## Configures the controller port
containerPort: 8082 containerPort: 8082
@ -254,6 +255,7 @@ dex:
# capabilities: # capabilities:
# drop: # drop:
# - all # - all
# readOnlyRootFilesystem: true
resources: {} resources: {}
# limits: # limits:
@ -303,6 +305,7 @@ redis:
# capabilities: # capabilities:
# drop: # drop:
# - all # - all
# readOnlyRootFilesystem: true
## Redis Pod specific security context ## Redis Pod specific security context
securityContext: securityContext:
@ -426,6 +429,7 @@ server:
# capabilities: # capabilities:
# drop: # drop:
# - all # - all
# readOnlyRootFilesystem: true
resources: {} resources: {}
# limits: # limits:
@ -786,6 +790,7 @@ repoServer:
# capabilities: # capabilities:
# drop: # drop:
# - all # - all
# readOnlyRootFilesystem: true
resources: {} resources: {}
# limits: # limits: