devtron-labs · YashasviDevtron · Sep 25, 2025 · Sep 25, 2025 · Sep 25, 2025 · Sep 25, 2025
diff --git a/charts/devtron-utilities/Chart.lock b/charts/devtron-utilities/Chart.lock
@@ -0,0 +1,39 @@
+dependencies:
+- name: ingress-nginx
+  repository: https://kubernetes.github.io/ingress-nginx
+  version: 4.12.0
+- name: cluster-autoscaler
+  repository: https://kubernetes.github.io/autoscaler
+  version: 9.46.0
+- name: karpenter
+  repository: oci://public.ecr.aws/karpenter
+  version: 1.4.0
+- name: aws-load-balancer-controller
+  repository: https://aws.github.io/eks-charts
+  version: 1.11.0
+- name: aws-node-termination-handler
+  repository: https://aws.github.io/eks-charts
+  version: 0.21.0
+- name: minio
+  repository: https://charts.min.io/
+  version: 5.4.0
+- name: kcert
+  repository: https://nabsul.github.io/helm
+  version: 1.0.7
+- name: argocd-certificate-refresh
+  repository: https://helm.devtron.ai/
+  version: 0.10.8
+- name: k8s-shield
+  repository: https://helm.devtron.ai/
+  version: 0.1.0
+- name: devtron-backups
+  repository: https://helm.devtron.ai/
+  version: 0.2.5
+- name: devtron-generic-helm
+  repository: https://helm.devtron.ai/
+  version: 0.10.1
+- name: holmes
+  repository: https://robusta-charts.storage.googleapis.com
+  version: 0.8.1
+digest: sha256:a496eecb07ba3de9d4def3cb2afbc652f95ded26af0745559bb6b7da033b33f8
+generated: "2025-07-07T17:13:45.33696+05:30"
diff --git a/charts/devtron-utilities/Chart.yaml b/charts/devtron-utilities/Chart.yaml
@@ -1,69 +1,68 @@
 apiVersion: v2
-name: devtron-utilities
-description: Provides essential infrastructure and security utilities such as Nginx/AWS Load Balancer, Devtron Backup, Minio (Blob Storage), Network Policy, Cluster Auto Scaler (Karpenter), and more.  
-
-type: application
-version: 0.0.2
-appVersion: "0.0.1"
-sources:
-- https://github.com/kubernetes/ingress-nginx
-- https://aws.github.io/eks-charts
-- https://charts.min.io/
+appVersion: 0.0.1
 dependencies:
-- name: ingress-nginx
-  version: "4.12.0"
+- condition: ingress-nginx.enabled
+  name: ingress-nginx
   repository: https://kubernetes.github.io/ingress-nginx
-  condition: ingress-nginx.enabled
-- name: cluster-autoscaler
-  version: "9.46.0"
+  version: 4.12.0
+- condition: cluster-autoscaler.enabled
+  name: cluster-autoscaler
   repository: https://kubernetes.github.io/autoscaler
-  condition: cluster-autoscaler.enabled
-- name: karpenter
-  version:  "1.2.1"
+  version: 9.46.0
+- condition: karpenter.enabled
+  name: karpenter
   repository: oci://public.ecr.aws/karpenter
-  condition: karpenter.enabled
-- name: aws-load-balancer-controller
-  version: "1.11.0"
+  version: 1.4.0
+- condition: aws-load-balancer-controller.enabled
+  name: aws-load-balancer-controller
   repository: https://aws.github.io/eks-charts
-  condition: aws-load-balancer-controller.enabled
-- name: aws-node-termination-handler
-  version: "0.21.0"
+  version: 1.11.0
+- condition: aws-node-termination-handler.enabled
+  name: aws-node-termination-handler
   repository: https://aws.github.io/eks-charts
-  condition: aws-node-termination-handler.enabled
-- name: minio
-  version: "5.4.0"
+  version: 0.21.0
+- condition: minio.enabled
+  name: minio
   repository: https://charts.min.io/
-  condition: minio.enabled
-- name: kcert
-  version: "1.0.7"
+  version: 5.4.0
+- condition: kcert.enabled
+  name: kcert
   repository: https://nabsul.github.io/helm
-  condition: kcert.enabled
-- name: argocd-certificate-refresh
-  version: "0.10.8"
+  version: 1.0.7
+- condition: argocd-certificate-refresh.enabled
+  name: argocd-certificate-refresh
   repository: https://helm.devtron.ai/
-  condition: argocd-certificate-refresh.enabled
-- name: k8s-shield
-  version: "0.1.0"
+  version: 0.10.8
+- condition: k8s-shield.enabled
+  name: k8s-shield
   repository: https://helm.devtron.ai/
-  condition: k8s-shield.enabled
-- name: devtron-backups
-  version: "0.2.5"
-  repository: https://helm.devtron.ai/
-  condition: devtron-backups.enabled
-- name: devtron-generic-helm
-  version: "0.10.1"
+  version: 0.1.0
+- condition: devtron-backups.enabled
+  name: devtron-backups
   repository: https://helm.devtron.ai/
+  version: 0.2.5
+- alias: nodepool
   condition: nodepool.enabled
-  alias: nodepool
-- name: holmes
-  version: "0.8.1"
-  repository: https://robusta-charts.storage.googleapis.com
+  name: devtron-generic-helm
+  repository: https://helm.devtron.ai/
+  version: 0.10.1
+- alias: holmes-ai
   condition: holmes-ai.enabled
-  alias: holmes-ai
-
-
+  name: holmes
+  repository: https://robusta-charts.storage.googleapis.com
+  version: 0.8.1
+description: Provides essential infrastructure and security utilities such as Nginx/AWS
+  Load Balancer, Devtron Backup, Minio (Blob Storage), Network Policy, Cluster Auto
+  Scaler (Karpenter), and more.
 maintainers:
 - email: [email protected]
   name: Badal Kumar
 - email: [email protected]
   name: Pawan Kumar
+name: devtron-utilities
+sources:
+- https://github.com/kubernetes/ingress-nginx
+- https://aws.github.io/eks-charts
+- https://charts.min.io/
+type: application
+version: 0.0.4
diff --git a/charts/devtron-utilities/charts/argocd-certificate-refresh/Chart.yaml b/charts/devtron-utilities/charts/argocd-certificate-refresh/Chart.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+appVersion: 0.1.0
+description: Helm chart to deploy argocd certificate refresh CronJob.
+maintainers:
+- email: [email protected]
+  name: Ajay
+- email: [email protected]
+  name: Badal Kumar
+name: argocd-certificate-refresh
+version: 0.10.8
diff --git a/charts/devtron-utilities/charts/argocd-certificate-refresh/README.md b/charts/devtron-utilities/charts/argocd-certificate-refresh/README.md
@@ -0,0 +1,3 @@
+# Devtron helm chart to deploy argocd certificate refresh cronjob
+
+To get the script, please follow this link-:  https://github.com/devtron-labs/devtron-utilities/tree/main/scripts/argo-cert-refresh
diff --git a/...ron-utilities/charts/argocd-certificate-refresh/templates/argo-cert-expire-alert-job.yaml b/...ron-utilities/charts/argocd-certificate-refresh/templates/argo-cert-expire-alert-job.yaml
@@ -0,0 +1,44 @@
+{{- if $.Values.alert.enabled -}}
+{{- if .Capabilities.APIVersions.Has "batch/v1/CronJob" }}
+apiVersion: batch/v1
+{{- else -}}
+apiVersion: batch/v1beta1
+{{- end }}
+kind: CronJob
+metadata:
+  name: argocd-cert-alert
+  namespace: {{ $.Values.argocdNamespace| default .Release.Namespace }}
+spec:
+  schedule: {{ $.Values.alert.schedule | quote }}
+  concurrencyPolicy: Forbid
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          {{- if  $.Values.podSecurityContext }}
+          securityContext: 
+{{ toYaml $.Values.podSecurityContext | indent 12 }}      
+          {{- end }}
+          serviceAccountName: argocd-cert-sa
+          serviceAccount: argocd-cert-sa
+          containers:
+          - name: argocd-alert-container
+            image:  {{ $.Values.alert.image }}
+            imagePullPolicy: IfNotPresent
+            env:
+              - name: devtronNamespace
+                value: {{ $.Values.devtronNamespace| default .Release.Namespace }}
+              - name: argocdNamespace
+                value: {{ $.Values.argocdNamespace| default .Release.Namespace }}
+              - name: discordUrl
+                value: {{ $.Values.alert.discordUrl | quote }}
+              - name: alertBefore
+                value: {{ $.Values.alert.alertBefore | quote }}
+              - name: cronJobRunAfter
+                value: {{ $.Values.alert.cronJobRunAfter | quote }}
+            {{- if $.Values.containerSecurityContext }}
+            securityContext: 
+{{ toYaml $.Values.containerSecurityContext | indent 14 }}         
+            {{- end}}
+          restartPolicy: OnFailure
+{{- end }}
diff --git a/charts/devtron-utilities/charts/argocd-certificate-refresh/templates/clusterrole.yaml b/charts/devtron-utilities/charts/argocd-certificate-refresh/templates/clusterrole.yaml
@@ -0,0 +1,22 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: argocd-cert-role
+rules:
+- apiGroups: 
+    - ""
+    - batch
+    - apps
+  resources:
+  - pods
+  - secrets
+  - cronjobs
+  - deployments
+  verbs:
+  - create
+  - get
+  - watch
+  - list
+  - delete
+  - update
+  - patch
diff --git a/charts/devtron-utilities/charts/argocd-certificate-refresh/templates/clusterrolebinding.yaml b/charts/devtron-utilities/charts/argocd-certificate-refresh/templates/clusterrolebinding.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: argocd-cert-rolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: argocd-cert-role
+subjects:
+- kind: ServiceAccount
+  name: argocd-cert-sa
+  namespace: {{ $.Values.argocdNamespace| default .Release.Namespace }}
diff --git a/charts/devtron-utilities/charts/argocd-certificate-refresh/templates/cronjob.yaml b/charts/devtron-utilities/charts/argocd-certificate-refresh/templates/cronjob.yaml
@@ -0,0 +1,40 @@
+{{- if .Capabilities.APIVersions.Has "batch/v1/CronJob" }}
+apiVersion: batch/v1
+{{- else -}}
+apiVersion: batch/v1beta1
+{{- end }}
+kind: CronJob
+metadata:
+  name: argocd-cert-cronjob
+  namespace: {{ $.Values.argocdNamespace| default .Release.Namespace }}
+spec:
+  schedule: {{ $.Values.cronjob.schedule | quote }}
+  concurrencyPolicy: Forbid
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          {{- if  $.Values.podSecurityContext }}
+          securityContext: 
+{{ toYaml $.Values.podSecurityContext | indent 12 }}      
+          {{- end }}
+          serviceAccountName: argocd-cert-sa
+          serviceAccount: argocd-cert-sa
+          containers:
+          - name: argocd-cert-cron
+            image: {{ $.Values.image }}
+            env:
+              - name: devtronNamespace
+                value: {{ $.Values.devtronNamespace| default .Release.Namespace }}
+              - name: argocdNamespace
+                value: {{ $.Values.argocdNamespace| default .Release.Namespace }}
+              - name: clusterType
+                value: {{ $.Values.clusterType | default "ENTERPRISE"  | quote }}
+            imagePullPolicy: IfNotPresent
+            command: ["/bin/bash", "-c", "chmod +x argocd.sh && bash argocd.sh"]
+            {{- if $.Values.containerSecurityContext }}
+            securityContext: 
+{{ toYaml $.Values.containerSecurityContext | indent 14 }}         
+            {{- end}}
+          restartPolicy: OnFailure
+
diff --git a/charts/devtron-utilities/charts/argocd-certificate-refresh/templates/serviceaccount.yaml b/charts/devtron-utilities/charts/argocd-certificate-refresh/templates/serviceaccount.yaml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: argocd-cert-sa
+  namespace: {{ .Release.Namespace }}
+
+
diff --git a/charts/devtron-utilities/charts/argocd-certificate-refresh/values.yaml b/charts/devtron-utilities/charts/argocd-certificate-refresh/values.yaml
@@ -0,0 +1,45 @@
+# Default values for argocd-certificate-refresh.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+
+# docker image information
+image: quay.io/devtron/argocd-cert-refresh:v10
+#accepted values are ENTERPRISE & OSS 
+# clusterType: ENTERPRISE
+# If not namespace is provided then by default it will take in which namespace it will deploy
+# devtronNamespace: devtroncd
+# argocdNamespace: devtroncd
+
+
+
+
+# values for cronjob
+#currently it will run At 23:59 on 1st day-of-month in every 6th month
+cronjob:
+  schedule: "59 23 1 */6 *"
+
+
+
+
+#set up this If you need alert for argocd cert expire
+alert:
+  enabled: false
+  image: quay.io/devtron/argocd-cert-refresh:alert-v9
+  discordUrl: "" 
+  #Daily At 07:00AM GMT so it will be 12:30PM in IST
+  schedule: "0 7 * * *"
+  # if the certificate will expire after 10 days you will get alert
+  alertBefore: 10
+  # if the next cron will be run after 2 days you will get alert
+  cronJobRunAfter: 2
+
+
+
+podSecurityContext: {}
+  # runAsGroup: 1000
+  # runAsUser: 1000
+containerSecurityContext: {}
+    # allowPrivilegeEscalation: false
+    # runAsUser: 1000
+    # runAsNonRoot: true
diff --git a/charts/devtron-utilities/charts/aws-load-balancer-controller/.helmignore b/charts/devtron-utilities/charts/aws-load-balancer-controller/.helmignore
@@ -0,0 +1,25 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+crds/kustomization.yaml
+test.yaml
diff --git a/charts/devtron-utilities/charts/aws-load-balancer-controller/Chart.yaml b/charts/devtron-utilities/charts/aws-load-balancer-controller/Chart.yaml
@@ -0,0 +1,22 @@
+apiVersion: v2
+appVersion: v2.11.0
+description: AWS Load Balancer Controller Helm chart for Kubernetes
+home: https://github.com/aws/eks-charts
+icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png
+keywords:
+- eks
+- alb
+- load balancer
+- ingress
+- nlb
+maintainers:
+- email: [email protected]
+  name: kishorj
+  url: https://github.com/kishorj
+- email: [email protected]
+  name: m00nf1sh
+  url: https://github.com/m00nf1sh
+name: aws-load-balancer-controller
+sources:
+- https://github.com/aws/eks-charts
+version: 1.11.0
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		# Devtron helm chart to deploy argocd certificate refresh cronjob

		To get the script, please follow this link-: https://github.com/devtron-labs/devtron-utilities/tree/main/scripts/argo-cert-refresh