argo-rollouts
Helm chart
Request a free trial
Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.
Tag:
1
# -- Install and upgrade CRDs
2
installCRDs: true
3
# -- Keep CRD's on helm uninstall
4
keepCRDs: true
5
# -- `false` runs controller in namespaced mode (does not require cluster RBAC)
6
clusterInstall: true
7
# -- flag to enable creation of cluster aggregate roles (requires cluster RBAC)
8
createClusterAggregateRoles: true
9
# -- String to partially override "argo-rollouts.fullname" template
10
nameOverride:
11
# -- String to fully override "argo-rollouts.fullname" template
12
fullnameOverride:
13
# -- Override the namespace
14
# @default -- `.Release.Namespace`
15
namespaceOverride: ""
16
## Override APIVersions
17
## If you want to template helm charts but cannot access k8s API server
18
## you can set api versions here
19
apiVersionOverrides:
20
# -- String to override apiVersion of ingresses rendered by this helm chart
21
ingress: "" # networking.k8s.io/v1beta1
22
# -- Override the Kubernetes version, which is used to evaluate certain manifests
23
kubeVersionOverride: ""
24
# -- Additional manifests to deploy within the chart. A list of objects.
25
## Can be used to add secrets for Analysis with 3rd-party monitoring solutions.
26
extraObjects: []
27
# - apiVersion: v1
28
# kind: Secret
29
# metadata:
30
# name: datadog
31
# type: Opaque
32
# data:
33
# address: https://api.datadoghq.com
34
# api-key: <datadog-api-key>
35
# app-key: <datadog-app-key>
36
37
global:
38
# -- Annotations for all deployed Deployments
39
deploymentAnnotations: {}
40
# -- Labels for all deployed Deployments
41
deploymentLabels: {}
42
# -- Number of old deployment ReplicaSets to retain. The rest will be garbage collected.
43
revisionHistoryLimit: 10
44
# -- Specifies the deployment DNS configuration for controller and dashboard.
45
dnsConfig: {}
46
# nameservers:
47
# - 1.2.3.4
48
# searches:
49
# - ns1.svc.cluster-domain.example
50
# - my.dns.search.suffix
51
# options:
52
# - name: ndots
53
# value: "1"
54
# - name: attempts
55
# value: "3"
56
controller:
57
# -- Value of label `app.kubernetes.io/component`
58
component: rollouts-controller
59
# -- Annotations to be added to the controller deployment
60
deploymentAnnotations: {}
61
# -- Labels to be added to the controller deployment
62
deploymentLabels: {}
63
# -- Annotations to be added to application controller pods
64
podAnnotations: {}
65
# -- Labels to be added to the application controller pods
66
podLabels: {}
67
# -- [Node selector]
68
nodeSelector: {}
69
# -- [Tolerations] for use with node taints
70
tolerations: []
71
# -- Assign custom [affinity] rules to the deployment
72
affinity: {}
73
logging:
74
# -- Set the logging level (one of: `debug`, `info`, `warn`, `error`)
75
level: info
76
# -- Set the klog logging level
77
kloglevel: "0"
78
# -- Set the logging format (one of: `text`, `json`)
79
format: "text"
80
# -- Assign custom [TopologySpreadConstraints] rules to the controller
81
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
82
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
83
topologySpreadConstraints: []
84
# - maxSkew: 1
85
# topologyKey: topology.kubernetes.io/zone
86
# whenUnsatisfiable: DoNotSchedule
87
88
# -- terminationGracePeriodSeconds for container lifecycle hook
89
terminationGracePeriodSeconds: 30
90
# -- Specify lifecycle hooks for the controller
91
lifecycle: {}
92
# -- [priorityClassName] for the controller
93
priorityClassName: ""
94
# -- The number of controller pods to run
95
replicas: 2
96
image:
97
# -- Registry to use
98
registry: cgr.dev
99
# -- Repository to use
100
repository: chainguard-private/argo-rollouts
101
# -- Overrides the image tag (default is the chart appVersion)
102
tag: latest@sha256:c0de2e195bdbb564a1d4f5775652e4a40d9299064504d3632ce2a5182b0a9947
103
# -- Image pull policy
104
pullPolicy: IfNotPresent
105
# -- Enable AWS target group verification before progressing through steps (requires AWS privileges)
106
awsVerifyTargetGroup: false
107
# -- Set the AWS TargetGroupBinding apiVersion (e.g. `elbv2.k8s.aws/v1beta1` for standard EKS, `eks.amazonaws.com/v1` for EKS Auto Mode)
108
awsTargetGroupBindingAPIVersion: ""
109
# -- Set the ALB tag key for resource ID (e.g. `ingress.k8s.aws/resource` for standard EKS, `ingress.eks.amazonaws.com` for EKS Auto Mode)
110
albTagKeyResourceID: ""
111
# -- Enable self-service notification support, allowing the controller to pull notification config from the rollout's namespace
112
selfServiceNotification: false
113
# -- Enable pprof profiling on the controller by specifying a listen address (e.g. `:6060` or `localhost:6060`)
114
pprofAddress: ""
115
# -- Additional command line arguments to pass to rollouts-controller. A list of flags.
116
extraArgs: []
117
# -- Additional environment variables for rollouts-controller. A list of name/value maps.
118
extraEnv: []
119
# - name: AWS_REGION
120
# value: us-east-1
121
122
# -- Literal yaml for extra containers to be added to controller deployment.
123
## Additional containers to add to the rollouts controller deployment
124
## This will be rendered as the literal yaml
125
extraContainers: []
126
# -- Init containers to add to the rollouts controller pod
127
## This will be rendered as the literal yaml
128
initContainers: []
129
# - name: download-tools
130
# image: alpine:3.8
131
# command: [sh, -c]
132
# args:
133
# - ls
134
135
# -- Resource limits and requests for the controller pods.
136
resources: {}
137
# limits:
138
# cpu: 100m
139
# memory: 128Mi
140
# ephemeral-storage: 1Gi
141
# requests:
142
# cpu: 50m
143
# memory: 64Mi
144
145
# -- flag to enable creation of cluster controller role (requires cluster RBAC)
146
createClusterRole: true
147
# Controller container ports
148
containerPorts:
149
# -- Metrics container port
150
metrics: 8090
151
# -- Healthz container port
152
healthz: 8080
153
metrics:
154
# -- Deploy metrics service
155
enabled: false
156
service:
157
# -- Metrics service port name
158
portName: metrics
159
# -- Metrics service port
160
port: 8090
161
# -- Service annotations
162
annotations: {}
163
serviceMonitor:
164
# -- Enable a prometheus ServiceMonitor
165
enabled: false
166
# -- Namespace to be used for the ServiceMonitor
167
namespace: ""
168
# -- Labels to be added to the ServiceMonitor
169
additionalLabels: {}
170
# -- Annotations to be added to the ServiceMonitor
171
additionalAnnotations: {}
172
# -- RelabelConfigs to apply to samples before scraping
173
relabelings: []
174
# -- MetricRelabelConfigs to apply to samples before ingestion
175
metricRelabelings: []
176
# -- TLS configuration for the ServiceMonitor. When set, scheme will be https
177
tlsConfig: {}
178
# caFile: /etc/istio-certs/root-cert.pem
179
# certFile: /etc/istio-certs/cert-chain.pem
180
# insecureSkipVerify: true
181
# keyFile: /etc/istio-certs/key.pem
182
# -- Configure liveness [probe] for the controller
183
# @default -- See [values.yaml]
184
livenessProbe:
185
httpGet:
186
path: /healthz
187
port: healthz
188
initialDelaySeconds: 30
189
periodSeconds: 20
190
failureThreshold: 3
191
successThreshold: 1
192
timeoutSeconds: 10
193
# -- Configure readiness [probe] for the controller
194
# @default -- See [values.yaml]
195
readinessProbe:
196
httpGet:
197
path: /metrics
198
port: metrics
199
initialDelaySeconds: 15
200
periodSeconds: 5
201
failureThreshold: 3
202
successThreshold: 1
203
timeoutSeconds: 4
204
## Configure Pod Disruption Budget for the controller
205
pdb:
206
# -- Labels to be added to controller [Pod Disruption Budget]
207
labels: {}
208
# -- Annotations to be added to controller [Pod Disruption Budget]
209
annotations: {}
210
# -- Deploy a [Pod Disruption Budget] for the controller
211
enabled: false
212
# -- Minimum number / percentage of pods that should remain scheduled
213
minAvailable: # 1
214
# -- Maximum number / percentage of pods that may be made unavailable
215
maxUnavailable: # 0
216
# -- Additional volumes to add to the controller pod
217
volumes: []
218
# - configMap:
219
# name: my-certs-cm
220
# name: my-certs
221
222
# -- Additional volumeMounts to add to the controller container
223
volumeMounts: []
224
# - mountPath: /etc/ssl/certs
225
# name: my-certs
226
227
# -- Configures 3rd party metric providers for controller
228
## Ref: https://argo-rollouts.readthedocs.io/en/stable/analysis/plugins/
229
metricProviderPlugins: []
230
# - name: "argoproj-labs/sample-prometheus" # name of the plugin, it must match the name required by the plugin so that it can find its configuration
231
# location: "file://./my-custom-plugin" # supports http(s):// urls and file://
232
233
# -- Configures 3rd party stepPlugins for controller
234
## Ref: https://argo-rollouts.readthedocs.io/en/stable/features/canary/plugins/
235
stepPlugins: []
236
# - name: "argoproj-labs/step-exec" # name of the plugin, it must match the name required by the plugin so it can find it's configuration
237
# location: "file://./my-custom-plugin" # supports http(s):// urls and file://
238
239
# -- Configures 3rd party traffic router plugins for controller
240
## Ref: https://argo-rollouts.readthedocs.io/en/stable/features/traffic-management/plugins/
241
trafficRouterPlugins: []
242
# - name: "argoproj-labs/sample-nginx" # name of the plugin, it must match the name required by the plugin so it can find it's configuration
243
# location: "file://./my-custom-plugin" # supports http(s):// urls and file://
244
245
# -- Whether to create the argo-rollouts-config ConfigMap. Set to false when running multiple
246
# controller instances in the same namespace (e.g. with different --instance-id values) to
247
# avoid Helm ownership conflicts; each secondary instance will read the ConfigMap created by
248
# the primary release.
249
createConfigmap: true
250
serviceAccount:
251
# -- Specifies whether a service account should be created
252
create: true
253
# -- Annotations to add to the service account
254
annotations: {}
255
# -- The name of the service account to use.
256
# If not set and create is true, a name is generated using the fullname template
257
name: ""
258
# -- Annotations to be added to all CRDs
259
crdAnnotations: {}
260
# -- Annotations for the all deployed pods
261
podAnnotations: {}
262
# -- Security Context to set on pod level
263
podSecurityContext:
264
runAsNonRoot: true
265
# -- Security Context to set on container level
266
containerSecurityContext:
267
allowPrivilegeEscalation: false
268
capabilities:
269
drop:
270
- ALL
271
readOnlyRootFilesystem: true
272
seccompProfile:
273
type: RuntimeDefault
274
# -- Annotations to be added to the Rollout service
275
serviceAnnotations: {}
276
# -- Labels to be added to the Rollout pods
277
podLabels: {}
278
# -- Secrets with credentials to pull images from a private registry. Registry secret names as an array.
279
imagePullSecrets: []
280
# - name: argo-pull-secret
281
282
providerRBAC:
283
# -- Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole
284
enabled: true
285
# providerRBAC.enabled must be true in order to toggle the individual providers
286
providers:
287
# -- Adds RBAC rules for the Istio provider
288
istio: true
289
# -- Adds RBAC rules for the SMI provider
290
smi: true
291
# -- Adds RBAC rules for the Ambassador provider
292
ambassador: true
293
# -- Adds RBAC rules for the AWS Load Balancer Controller provider
294
awsLoadBalancerController: true
295
# -- Adds RBAC rules for the AWS App Mesh provider
296
awsAppMesh: true
297
# -- Adds RBAC rules for the Traefik provider
298
traefik: true
299
# -- Adds RBAC rules for the Apisix provider
300
apisix: true
301
# -- Adds RBAC rules for the Contour provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-contour/blob/main/README.md`
302
contour: true
303
# -- Adds RBAC rules for the Gloo Platform provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-glooplatform/blob/main/README.md`
304
glooPlatform: true
305
# -- Adds RBAC rules for the Gateway API provider
306
gatewayAPI: true
307
# -- Additional RBAC rules for others providers
308
additionalRules: []
309
dashboard:
310
# -- Deploy dashboard server
311
enabled: false
312
# -- Set cluster role to readonly
313
readonly: false
314
# -- Value of label `app.kubernetes.io/component`
315
component: rollouts-dashboard
316
# -- Annotations to be added to the dashboard deployment
317
deploymentAnnotations: {}
318
# -- Labels to be added to the dashboard deployment
319
deploymentLabels: {}
320
# -- Annotations to be added to application dashboard pods
321
podAnnotations: {}
322
# -- Labels to be added to the application dashboard pods
323
podLabels: {}
324
# -- [Node selector]
325
nodeSelector: {}
326
# -- [Tolerations] for use with node taints
327
tolerations: []
328
# -- Assign custom [affinity] rules to the deployment
329
affinity: {}
330
logging:
331
# -- Set the logging level (one of: `debug`, `info`, `warn`, `error`)
332
level: info
333
# -- Set the klog logging level
334
kloglevel: "0"
335
# -- Assign custom [TopologySpreadConstraints] rules to the dashboard server
336
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
337
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
338
topologySpreadConstraints: []
339
# - maxSkew: 1
340
# topologyKey: topology.kubernetes.io/zone
341
# whenUnsatisfiable: DoNotSchedule
342
343
# -- [priorityClassName] for the dashboard server
344
priorityClassName: ""
345
# -- flag to enable creation of dashbord cluster role (requires cluster RBAC)
346
createClusterRole: true
347
# -- The number of dashboard pods to run
348
replicas: 1
349
image:
350
# -- Registry to use
351
registry: cgr.dev
352
# -- Repository to use
353
repository: chainguard-private/kubectl-argo-rollouts
354
# -- Overrides the image tag (default is the chart appVersion)
355
tag: latest@sha256:beece2ad9395036846adcf27f32a28b55eeb8c0df4dc6f7fcedb7eb9c0ba0243
356
# -- Image pull policy
357
pullPolicy: IfNotPresent
358
# -- Set the root path of the dashboard (e.g. `/rollouts`). Useful when running behind a reverse proxy with a path prefix.
359
rootPath: ""
360
# -- Additional command line arguments to pass to rollouts-dashboard. A list of flags.
361
extraArgs: []
362
# -- Additional environment variables for rollouts-dashboard. A list of name/value maps.
363
extraEnv: []
364
# - name: FOO
365
# value: bar
366
# -- Resource limits and requests for the dashboard pods.
367
resources: {}
368
# -- Security Context to set on pod level
369
podSecurityContext:
370
runAsNonRoot: true
371
# -- Security Context to set on container level
372
containerSecurityContext: {}
373
service:
374
# -- Sets the type of the Service
375
type: ClusterIP
376
# -- The class of the load balancer implementation
377
loadBalancerClass: ""
378
# -- LoadBalancer will get created with the IP specified in this field
379
loadBalancerIP: ""
380
# -- Source IP ranges to allow access to service from
381
loadBalancerSourceRanges: []
382
# -- Dashboard service external IPs
383
externalIPs: []
384
# -- Service annotations
385
annotations: {}
386
# -- Service labels
387
labels: {}
388
# -- Service port name
389
portName: dashboard
390
# -- Service port
391
port: 3100
392
# -- Service target port
393
targetPort: 3100
394
# -- (int) Service nodePort
395
nodePort:
396
serviceAccount:
397
# -- Specifies whether a dashboard service account should be created
398
create: true
399
# -- Annotations to add to the dashboard service account
400
annotations: {}
401
# -- The name of the service account to use.
402
# If not set and create is true, a name is generated using the fullname template
403
name: ""
404
## Configure Pod Disruption Budget for the dashboard
405
pdb:
406
# -- Labels to be added to dashboard [Pod Disruption Budget]
407
labels: {}
408
# -- Annotations to be added to dashboard [Pod Disruption Budget]
409
annotations: {}
410
# -- Deploy a [Pod Disruption Budget] for the dashboard
411
enabled: false
412
# -- Minimum number / percentage of pods that should remain scheduled
413
minAvailable: # 1
414
# -- Maximum number / percentage of pods that may be made unavailable
415
maxUnavailable: # 0
416
## Ingress configuration.
417
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
418
##
419
ingress:
420
# -- Enable dashboard ingress support
421
enabled: false
422
# -- Dashboard ingress annotations
423
annotations: {}
424
# -- Dashboard ingress labels
425
labels: {}
426
# -- Dashboard ingress class name
427
ingressClassName: ""
428
# -- Dashboard ingress hosts
429
## Argo Rollouts Dashboard Ingress.
430
## Hostnames must be provided if Ingress is enabled.
431
## Secrets must be manually created in the namespace
432
hosts: []
433
# - argorollouts.example.com
434
435
# -- Dashboard ingress paths
436
paths:
437
- /
438
# -- Dashboard ingress path type
439
pathType: Prefix
440
# -- Dashboard ingress extra paths
441
extraPaths: []
442
# - path: /*
443
# backend:
444
# serviceName: ssl-redirect
445
# servicePort: use-annotation
446
## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used)
447
# - path: /*
448
# pathType: Prefix
449
# backend:
450
# service
451
# name: ssl-redirect
452
# port:
453
# name: use-annotation
454
455
# -- Dashboard ingress tls
456
tls: []
457
# - secretName: argorollouts-example-tls
458
# hosts:
459
# - argorollouts.example.com
460
# -- Additional volumes to add to the dashboard pod
461
volumes: []
462
# -- Additional volumeMounts to add to the dashboard container
463
volumeMounts: []
464
notifications:
465
configmap:
466
# -- Whether to create notifications configmap
467
create: true
468
secret:
469
# -- Whether to create notifications secret.
470
## If you want to manually create secret, do not forget to add proper label to it: "app.kubernetes.io/component: {{ .Values.controller.component }}".
471
create: false
472
# -- Generic key:value pairs to be inserted into the notifications secret
473
items: {}
474
# slack-token:
475
# -- Annotations to be added to the notifications secret
476
annotations: {}
477
# -- Configures notification services
478
notifiers: {}
479
# service.slack: |
480
# token: $slack-token
481
482
# -- Notification templates
483
templates: {}
484
# template.my-purple-template: |
485
# message: |
486
# Rollout {{.rollout.metadata.name}} has purple image
487
# slack:
488
# attachments: |
489
# [{
490
# "title": "{{ .rollout.metadata.name}}",
491
# "color": "#800080"
492
# }]
493
494
# -- The trigger defines the condition when the notification should be sent
495
triggers: {}
496
# trigger.on-purple: |
497
# - send: [my-purple-template]
498
# when: rollout.spec.template.spec.containers[0].image == 'argoproj/rollouts-demo:purple'
499
500
# -- The subscriptions define the subscriptions to the triggers in a general way for all rollouts
501
subscriptions: []
502
# - recipients:
503
# - slack:<channel>
504
# triggers:
505
# - on-rollout-completed
506
# - on-rollout-aborted
507
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.