fix(argo-workflows): artifactRepository will not be configured by default (#2132) (#2134)

2023-06-25 07:28:46 +09:00 · 2023-06-25 07:28:46 +09:00 · f1526ec558
parent 4ff88759c9
commit f1526ec558
4 changed files with 64 additions and 16 deletions
--- a/charts/argo-workflows/Chart.yaml
+++ b/charts/argo-workflows/Chart.yaml
@ -3,7 +3,7 @@ appVersion: v3.4.8
 name: argo-workflows
 description: A Helm chart for Argo Workflows
 type: application
-version: 0.29.3
+version: 0.30.0
 icon: https://argoproj.github.io/argo-workflows/assets/logo.png
 home: https://github.com/argoproj/argo-helm
 sources:
@ -17,4 +17,4 @@ annotations:
    url: https://argoproj.github.io/argo-helm/pgp_keys.asc
  artifacthub.io/changes: |
    - kind: fixed
-      description: Modify to allow ClusterRoleBinding to be created even if the server's ServiceAccount is not created
+      description: artifactRepository will not be configured by default
--- a/charts/argo-workflows/ci/enable-artifact-repo-values.yaml
+++ b/charts/argo-workflows/ci/enable-artifact-repo-values.yaml
@ -0,0 +1,46 @@
+# Test with artifact repository
+crds:
+  keep: false
+
+useStaticCredentials: true
+artifactRepository:
+  archiveLogs: false
+  s3:
+    accessKeySecret:
+      name: "{{ .Release.Name }}-minio"
+      key: accesskey
+    secretKeySecret:
+      name: "{{ .Release.Name }}-minio"
+      key: secretkey
+    insecure: false
+    bucket:
+    endpoint:
+    region:
+    roleARN:
+    useSDKCreds: true
+    encryptionOptions:
+      enableEncryption: true
+  gcs:
+    bucket: project-argo
+    keyFormat: "{{ `{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}` }}"
+    serviceAccountKeySecret:
+      name: my-gcs-credentials
+      key: serviceAccountKey
+  azure:
+    endpoint: https://mystorageaccountname.blob.core.windows.net
+    container: my-container-name
+    blobNameFormat: path/in/container
+    useSDKCreds: true
+    accountKeySecret:
+      name: my-azure-storage-credentials
+      key: account-access-key
+
+customArtifactRepository:
+  artifactory:
+    repoUrl: https://artifactory.example.com/raw
+    usernameSecret:
+      name: artifactory-creds
+      key: username
+    passwordSecret:
+      name: artifactory-creds
+      key: password
--- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml
@ -55,6 +55,7 @@ data:
      securityContext: {{- toYaml . | nindent 8 }}
      {{- end }}
    {{- end }}
+    {{- if or .Values.artifactRepository.s3 .Values.artifactRepository.gcs .Values.artifactRepository.azure .Values.customArtifactRepository }}
    artifactRepository:
      {{- if .Values.artifactRepository.archiveLogs }}
      archiveLogs: {{ .Values.artifactRepository.archiveLogs }}
@ -65,7 +66,7 @@ data:
      {{- with .Values.artifactRepository.azure }}
      azure: {{- tpl (toYaml .) $ | nindent 8 }}
      {{- end }}
-      {{- if and  (not .Values.artifactRepository.gcs) (not .Values.artifactRepository.azure) }}
+      {{- if .Values.artifactRepository.s3 }}
      s3:
        {{- if .Values.useStaticCredentials }}
        accessKeySecret:
@ -95,8 +96,9 @@ data:
          {{- toYaml . | nindent 10 }}
        {{- end }}
      {{- end }}
-    {{- if .Values.customArtifactRepository }}
-    {{- toYaml .Values.customArtifactRepository | nindent 6 }}
+      {{- if .Values.customArtifactRepository }}
+      {{- toYaml .Values.customArtifactRepository | nindent 6 }}
+      {{- end }}
    {{- end }}
    {{- if .Values.controller.metricsConfig.enabled }}
    metricsConfig:
--- a/charts/argo-workflows/values.yaml
+++ b/charts/argo-workflows/values.yaml
@ -705,17 +705,17 @@ artifactRepository:
  archiveLogs: false
  # -- Store artifact in a S3-compliant object store
  # @default -- See [values.yaml]
-  s3:
-    # Note the `key` attribute is not the actual secret, it's the PATH to
-    # the contents in the associated secret, as defined by the `name` attribute.
-    accessKeySecret:
-      name: "{{ .Release.Name }}-minio"
-      key: accesskey
-    secretKeySecret:
-      name: "{{ .Release.Name }}-minio"
-      key: secretkey
-    # insecure will disable TLS. Primarily used for minio installs not configured with TLS
-    insecure: false
+  s3: {}
+    # # Note the `key` attribute is not the actual secret, it's the PATH to
+    # # the contents in the associated secret, as defined by the `name` attribute.
+    # accessKeySecret:
+    #   name: "{{ .Release.Name }}-minio"
+    #   key: accesskey
+    # secretKeySecret:
+    #   name: "{{ .Release.Name }}-minio"
+    #   key: secretkey
+    # # insecure will disable TLS. Primarily used for minio installs not configured with TLS
+    # insecure: false
    # bucket:
    # endpoint:
    # region: