{{- /* Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: name: {{ include "argo-workflows.controller.fullname" . }} namespace: {{ .Release.Namespace | quote }} {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.controller.image "chart" .Chart ) ) }} {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.commonLabels $versionLabel ) "context" . ) }} labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} app.kubernetes.io/component: controller app.kubernetes.io/part-of: argo-workflows {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: replicas: {{ .Values.controller.replicaCount }} {{- if .Values.controller.updateStrategy }} strategy: {{- toYaml .Values.controller.updateStrategy | nindent 4 }} {{- end }} {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.controller.podLabels .Values.commonLabels $versionLabel ) "context" . ) }} selector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} app.kubernetes.io/component: controller template: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} {{- if .Values.controller.podAnnotations }} {{- include "common.tplvalues.render" (dict "value" .Values.controller.podAnnotations "context" $) | nindent 8 }} {{- end }} {{- if .Values.commonAnnotations }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} app.kubernetes.io/component: controller app.kubernetes.io/part-of: argo-workflows spec: {{- if .Values.controller.schedulerName }} schedulerName: {{ .Values.controller.schedulerName | quote }} {{- end }} serviceAccountName: {{ include "argo-workflows.controller.serviceAccountName" . }} {{- include "argo-workflows.imagePullSecrets" . | nindent 6 }} automountServiceAccountToken: {{ .Values.controller.automountServiceAccountToken }} {{- if .Values.controller.hostAliases }} hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.controller.hostAliases "context" $) | nindent 8 }} {{- end }} {{- if .Values.controller.affinity }} affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.controller.affinity "context" $) | nindent 8 }} {{- else }} affinity: podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.controller.podAffinityPreset "component" "controller" "customLabels" $podLabels "context" $) | nindent 10 }} podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.controller.podAntiAffinityPreset "component" "controller" "customLabels" $podLabels "context" $) | nindent 10 }} nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.controller.nodeAffinityPreset.type "key" .Values.controller.nodeAffinityPreset.key "values" .Values.controller.nodeAffinityPreset.values) | nindent 10 }} {{- end }} {{- if .Values.controller.nodeSelector }} nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.controller.nodeSelector "context" $) | nindent 8 }} {{- end }} {{- if .Values.controller.tolerations }} tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.controller.tolerations "context" .) | nindent 8 }} {{- end }} {{- if .Values.controller.topologySpreadConstraints }} topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.controller.topologySpreadConstraints "context" $) | nindent 8 }} {{- end }} {{- if .Values.controller.priorityClassName }} priorityClassName: {{ .Values.controller.priorityClassName | quote }} {{- end }} {{- if .Values.controller.podSecurityContext.enabled }} securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.controller.podSecurityContext "context" $) | nindent 8 }} {{- end }} {{- if .Values.controller.initContainers }} initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.controller.initContainers "context" $) | nindent 8 }} {{- end }} containers: - name: controller image: {{ include "argo-workflows.controller.image" . }} imagePullPolicy: {{ .Values.controller.image.pullPolicy }} {{- if .Values.controller.containerSecurityContext.enabled }} securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.controller.containerSecurityContext "context" $) | nindent 12 }} {{- end }} {{- if .Values.controller.command }} command: {{- include "common.tplvalues.render" (dict "value" .Values.controller.command "context" $) | nindent 12 }} {{- end }} args: {{- if .Values.controller.args }} {{- include "common.tplvalues.render" (dict "value" .Values.controller.args "context" $) | nindent 12 }} {{- else }} - --configmap - {{ include "argo-workflows.controller.configMapName" . }} - --executor-image - {{ include "argo-workflows.executor.image" . }} - --executor-image-pull-policy - {{ .Values.executor.image.pullPolicy }} - --loglevel - {{ .Values.controller.logging.level }} - --gloglevel - {{ .Values.controller.logging.globalLevel | quote }} {{- if .Values.rbac.singleNamespace }} - --namespaced {{- end }} {{- if .Values.controller.workflowWorkers }} - --workflow-workers - {{ .Values.controller.workflowWorkers | quote }} {{- end }} {{- if .Values.controller.extraArgs }} {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraArgs "context" $) | nindent 12 }} {{- end }} {{- end }} env: - name: ARGO_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - name: LEADER_ELECTION_IDENTITY valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name {{- if .Values.controller.extraEnvVars }} {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraEnvVars "context" $) | nindent 12 }} {{- end }} envFrom: {{- if .Values.controller.extraEnvVarsCM }} - configMapRef: name: {{ include "common.tplvalues.render" (dict "value" .Values.controller.extraEnvVarsCM "context" $) }} {{- end }} {{- if .Values.controller.extraEnvVarsSecret }} - secretRef: name: {{ include "common.tplvalues.render" (dict "value" .Values.controller.extraEnvVarsSecret "context" $) }} {{- end }} ports: - name: metrics containerPort: {{ .Values.controller.containerPorts.metrics }} - name: controller # The controller port is hardcoded in the source code. # Ref: https://github.com/argoproj/argo-workflows/blob/b35aabe86be9fa5db80299cebcfb29c32be21047/cmd/workflow-controller/main.go#L116 containerPort: 6060 {{- if .Values.controller.resources }} resources: {{- toYaml .Values.controller.resources | nindent 12 }} {{- else if ne .Values.controller.resourcesPreset "none" }} resources: {{- include "common.resources.preset" (dict "type" .Values.controller.resourcesPreset) | nindent 12 }} {{- end }} {{- if .Values.controller.customLivenessProbe }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.controller.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.controller.livenessProbe.enabled }} livenessProbe: httpGet: port: 6060 path: /healthz initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }} successThreshold: {{ .Values.controller.livenessProbe.successThreshold }} failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }} {{- end }} {{- if .Values.controller.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.controller.customReadinessProbe "context" $) | nindent 12 }} {{- else if .Values.controller.readinessProbe.enabled }} readinessProbe: tcpSocket: port: 6060 initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.controller.readinessProbe.successThreshold }} failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} {{- end }} {{- if .Values.controller.customStartupProbe }} startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.controller.customStartupProbe "context" $) | nindent 12 }} {{- else if .Values.controller.startupProbe.enabled }} startupProbe: httpGet: path: {{ .Values.controller.startupProbe.path }} port: http initialDelaySeconds: {{ .Values.controller.startupProbe.initialDelaySeconds }} periodSeconds: {{ .Values.controller.startupProbe.periodSeconds }} timeoutSeconds: {{ .Values.controller.startupProbe.timeoutSeconds }} successThreshold: {{ .Values.controller.startupProbe.successThreshold }} failureThreshold: {{ .Values.controller.startupProbe.failureThreshold }} {{- end }} {{- if .Values.controller.lifecycleHooks }} lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.controller.lifecycleHooks "context" $) | nindent 12 }} {{- end }} volumeMounts: {{- if .Values.controller.extraVolumeMounts }} {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraVolumeMounts "context" $) | nindent 12 }} {{- end }} {{- if .Values.controller.sidecars }} {{- include "common.tplvalues.render" ( dict "value" .Values.controller.sidecars "context" $) | nindent 8 }} {{- end }} volumes: {{- if .Values.controller.extraVolumes }} {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraVolumes "context" $) | nindent 8 }} {{- end }}