argoproj
/
argo-helm
mirror of https://github.com/argoproj/argo-helm.git
1
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity

chore(argo-workflows): Update doc for Argo Workflows server authentication (#2411)

pull/2404/head^2 argo-workflows-0.40.4
Aikawa 2024-01-06 13:17:33 +09:00 committed by GitHub
parent 51bb7f9806
commit d1389a90b9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 18 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
charts/argo-workflows/Chart.yaml
View File

@ -3,7 +3,7 @@ appVersion: v3.5.2
name: argo-workflows
description: A Helm chart for Argo Workflows
type: application
version: 0.40.3
version: 0.40.4
icon: https://argoproj.github.io/argo-workflows/assets/logo.png
home: https://github.com/argoproj/argo-helm
sources:
@ -16,5 +16,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: added
description: Add instruction for SSO
- kind: changed
description: Update doc for Argo Workflows server authentication

15
charts/argo-workflows/README.md
View File

@ -56,11 +56,6 @@ spec:
args: [ "hello world" ]
```
### Argo Workflows Server SSO
In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`.
In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details.
## Installing the Chart
To install the chart with the release name `my-release`:
@ -89,9 +84,12 @@ Please see the upstream [Operator Manual's High Availability page](https://argop
This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs.
### Workflow server authentication
### Argo Workflows server authentication
By default, the chart requires some kind of authentication mechanism. This adopts the [default behaviour from the Argo project](https://github.com/argoproj/argo-workflows/pull/5211) itself. However, for local development purposes, or cases where your gateway authentication is covered by some other means, you can set the authentication mode for the Argo server by setting the `server.extraArgs: [--auth-mode=server]`. There are a few additional comments in the values.yaml file itself, including commented-out settings to disable authentication on the server UI itself using the same `--auth-mode=server` setting.
Argo Workflows server provides some choices for authentication mechanism and you can configure `.Values.server.authModes`. By default, authentication mode is `[server]`, for local development purposes or cases where your gateway authentication is covered by some other means.
Please refer to [Argo Server Auth Mode] for more details.
Argo Workflows server also supports SSO and you can enable it to configure `.Values.server.sso` and `.Values.server.authModes`. In order to manage access levels, you can optionally add RBAC to SSO. Please refer to [SSO RBAC] for more details.
## Values
@ -392,4 +390,5 @@ Fields to note:
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[values.yaml]: values.yaml
[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog
[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac
[SSO RBAC]: https://argo-workflows.readthedocs.io/en/latest/argo-server-sso/
[Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/latest/argo-server-auth-mode/

16
charts/argo-workflows/README.md.gotmpl
View File

@ -56,11 +56,6 @@ spec:
args: [ "hello world" ]
```
### Argo Workflows Server SSO
In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`.
In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details.
## Installing the Chart
To install the chart with the release name `my-release`:
@ -89,9 +84,13 @@ Please see the upstream [Operator Manual's High Availability page](https://argop
This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs.
### Workflow server authentication
### Argo Workflows server authentication
Argo Workflows server provides some choices for authentication mechanism and you can configure `.Values.server.authModes`. By default, authentication mode is `[server]`, for local development purposes or cases where your gateway authentication is covered by some other means.
Please refer to [Argo Server Auth Mode] for more details.
Argo Workflows server also supports SSO and you can enable it to configure `.Values.server.sso` and `.Values.server.authModes`. In order to manage access levels, you can optionally add RBAC to SSO. Please refer to [SSO RBAC] for more details.
By default, the chart requires some kind of authentication mechanism. This adopts the [default behaviour from the Argo project](https://github.com/argoproj/argo-workflows/pull/5211) itself. However, for local development purposes, or cases where your gateway authentication is covered by some other means, you can set the authentication mode for the Argo server by setting the `server.extraArgs: [--auth-mode=server]`. There are a few additional comments in the values.yaml file itself, including commented-out settings to disable authentication on the server UI itself using the same `--auth-mode=server` setting.
## Values
@ -209,4 +208,5 @@ Fields to note:
[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
[values.yaml]: values.yaml
[changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog
[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac
[SSO RBAC]: https://argo-workflows.readthedocs.io/en/latest/argo-server-sso/
[Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/latest/argo-server-auth-mode/