diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7b0020fb..db0820a2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.3.3 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.4.1 +version: 4.5.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,5 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Set 'server.config.url' to empty string so logout function can calculate the right redirect URL" - - "[Fixed]: Do not create slack service account when notifications controller is disabled" + - "[Added]: New parameters to override Certificate duration and renewBefore" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f127299d..1933754c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -402,11 +402,13 @@ NAME: my-release | server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] | | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | | server.certificate.additionalHosts | list | `[]` | Certificate manager additional hosts | -| server.certificate.domain | string | `"argocd.example.com"` | Certificate manager domain | -| server.certificate.enabled | bool | `false` | Enables a certificate manager certificate | -| server.certificate.issuer.kind | string | `nil` | Certificate manager issuer | -| server.certificate.issuer.name | string | `nil` | Certificate manager name | -| server.certificate.secretName | string | `"argocd-server-tls"` | Certificate manager secret name | +| server.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | +| server.certificate.duration | string | `""` | The requested 'duration' (i.e. lifetime) of the Certificate. Value must be in units accepted by Go time.ParseDuration | +| server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | +| server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | +| server.certificate.issuer.name | string | `""` | Certificate isser name. Eg. `letsencrypt` | +| server.certificate.renewBefore | string | `""` | How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration | +| server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.config | object | See [values.yaml] | [General Argo CD configuration] | | server.configAnnotations | object | `{}` | Annotations to be added to Argo CD ConfigMap | diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 64241bfe..50780560 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -19,11 +19,17 @@ spec: commonName: {{ .Values.server.certificate.domain | quote }} dnsNames: - {{ .Values.server.certificate.domain | quote }} - {{- range .Values.server.certificate.additionalHosts }} + {{- range .Values.server.certificate.additionalHosts }} - {{ . | quote }} + {{- end }} + {{- with .Values.server.certificate.duration }} + duration: {{ . | quote }} {{- end }} issuerRef: kind: {{ .Values.server.certificate.issuer.kind | quote }} name: {{ .Values.server.certificate.issuer.name | quote }} + {{- with .Values.server.certificate.renewBefore }} + renewBefore: {{ . | quote }} + {{- end }} secretName: {{ .Values.server.certificate.secretName | quote }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 14cdf057..a52611c3 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -926,18 +926,22 @@ server: ## Certificate configuration certificate: - # -- Enables a certificate manager certificate + # -- Deploy a Certificate resource (requires cert-manager) enabled: false - # -- Certificate manager domain + # -- Certificate primary domain (commonName) domain: argocd.example.com + # -- The requested 'duration' (i.e. lifetime) of the Certificate. Value must be in units accepted by Go time.ParseDuration + duration: "" + # -- How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration + renewBefore: "" issuer: - # -- Certificate manager issuer - kind: # ClusterIssuer - # -- Certificate manager name - name: # letsencrypt + # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` + kind: "" + # -- Certificate isser name. Eg. `letsencrypt` + name: "" # -- Certificate manager additional hosts additionalHosts: [] - # -- Certificate manager secret name + # -- The name of the Secret that will be automatically created and managed by this Certificate resource secretName: argocd-server-tls ## Server service configuration