From 1e689a4356cb49846beafa335bbce214bf22c677 Mon Sep 17 00:00:00 2001
From: Aikawa <yuki.kita22@gmail.com>
Date: Wed, 8 Jun 2022 15:03:58 +0900
Subject: [PATCH] feat(argo-cd): Support annotations in argocd-configs secrets
 (#1314)

* feat(argo-cd): support annotations in argocd-configs secrets
Signed-off-by: yu-croco <yuki.kita22@gmail.com>

* fix(argo-cd): align to exitsing format

Signed-off-by: yu-croco <yuki.kita22@gmail.com>
---
 charts/argo-cd/Chart.yaml                                 | 4 ++--
 charts/argo-cd/README.md                                  | 3 +++
 .../templates/argocd-configs/externalredis-secret.yaml    | 4 ++++
 .../argocd-configs/repository-credentials-secret.yaml     | 4 ++++
 .../templates/argocd-configs/repository-secret.yaml       | 4 ++++
 charts/argo-cd/values.yaml                                | 8 ++++++++
 6 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml
index 541cac77..f46e2921 100644
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: v2.3.4
 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 4.8.2
+version: 4.8.3
 home: https://github.com/argoproj/argo-helm
 icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
 keywords:
@@ -21,4 +21,4 @@ dependencies:
     condition: redis-ha.enabled
 annotations:
   artifacthub.io/changes: |
-    - "[Added]: Support separate imagePullSecrets"
+    - "[Added]: Support annotations in argocd-configs secrets"
diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md
index cae52658..d5ccf50c 100644
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@@ -213,11 +213,13 @@ NAME: my-release
 | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart |
 | configs.clusterCredentials | list | `[]` (See [values.yaml]) | Provide one or multiple [external cluster credentials] |
 | configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos |
+| configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret |
 | configs.gpgKeys | object | `{}` (See [values.yaml]) | [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring |
 | configs.gpgKeysAnnotations | object | `{}` | GnuPG key ring annotations |
 | configs.knownHosts.data.ssh_known_hosts | string | See [values.yaml] | Known Hosts |
 | configs.knownHostsAnnotations | object | `{}` | Known Hosts configmap annotations |
 | configs.repositories | object | `{}` | Repositories list to be used by applications |
+| configs.repositoriesAnnotations | object | `{}` | Annotations to be added to `configs.repositories` Secret |
 | configs.repositoryCredentials | object | `{}` | *DEPRECATED:* Instead, use `configs.credentialTemplates` and/or `configs.repositories` |
 | configs.secret.annotations | object | `{}` | Annotations to be added to argocd-secret |
 | configs.secret.argocdServerAdminPassword | string | `""` | Bcrypt hashed admin password |
@@ -716,6 +718,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
 | externalRedis.host | string | `""` | External Redis server host |
 | externalRedis.password | string | `""` | External Redis password |
 | externalRedis.port | int | `6379` | External Redis server port |
+| externalRedis.secretAnnotations | object | `{}` | External Redis Secret annotations |
 
 ## ApplicationSet
 
diff --git a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml
index 3d806902..d2b1887f 100644
--- a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml
+++ b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml
@@ -5,6 +5,10 @@ metadata:
   name: {{ template "argo-cd.redis.fullname" . }}
   labels:
     {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }}
+  {{- with .Values.externalRedis.secretAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4}}
+  {{- end }}
 type: Opaque
 data:
   redis-password: {{ .Values.externalRedis.password | b64enc }}
diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml
index f9165d5d..060ef579 100644
--- a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml
+++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml
@@ -7,6 +7,10 @@ metadata:
   labels:
     argocd.argoproj.io/secret-type: repo-creds
     {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }}
+  {{- with $.Values.configs.credentialTemplatesAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4}}
+  {{- end }}
 data:
   {{- range $key, $value := $repo_cred_value }}
   {{ $key }}: {{ $value | toString | b64enc }}
diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml
index 2c0d4f08..4b49811e 100644
--- a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml
+++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml
@@ -7,6 +7,10 @@ metadata:
   labels:
     argocd.argoproj.io/secret-type: repository
     {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }}
+  {{- with $.Values.configs.repositoriesAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 data:
   {{- range $key, $value := $repo_value }}
   {{ $key }}: {{ $value | b64enc }}
diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml
index 6dc6342a..f90f362a 100755
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@@ -845,6 +845,8 @@ externalRedis:
   # -- The name of an existing secret with Redis credentials (must contain key `redis-password`).
   # When it's set, the `externalRedis.password` parameter is ignored
   existingSecret: ""
+  # -- External Redis Secret annotations
+  secretAnnotations: {}
 
 ## Server
 server:
@@ -1878,6 +1880,9 @@ configs:
     #    ...
     #    -----END OPENSSH PRIVATE KEY-----
 
+  # -- Annotations to be added to `configs.credentialTemplates` Secret
+  credentialTemplatesAnnotations: {}
+
   # -- Repositories list to be used by applications
   ## Creates a secret for each key/value specified below to create repositories
   ## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials".
@@ -1895,6 +1900,9 @@ configs:
     # private-repo:
     #   url: https://github.com/argoproj/private-repo
 
+  # -- Annotations to be added to `configs.repositories` Secret
+  repositoriesAnnotations: {}
+
   secret:
     # -- Create the argocd-secret
     createSecret: true