feat(argo-cd): Add params to override Certificate duration and renewBefore (#1209)

* feat(argo-cd): New params to override Certificate duration and renewBefore Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * chore(argo-cd): Clarify existing certificate params Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
2022-04-03 11:13:56 +02:00 · 2022-04-03 11:13:56 +02:00 · 3befa82210
commit 3befa82210
parent d542b1e426
4 changed files with 27 additions and 16 deletions
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: v2.3.3
 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 4.4.1
+version: 4.5.0
 home: https://github.com/argoproj/argo-helm
 icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
 keywords:
@ -21,5 +21,4 @@ dependencies:
    condition: redis-ha.enabled
 annotations:
  artifacthub.io/changes: |
-    - "[Fixed]: Set 'server.config.url' to empty string so logout function can calculate the right redirect URL"
+    - "[Added]: New parameters to override Certificate duration and renewBefore"
    - "[Fixed]: Do not create slack service account when notifications controller is disabled"
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@ -402,11 +402,13 @@ NAME: my-release
 | server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] |
 | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] |
 | server.certificate.additionalHosts | list | `[]` | Certificate manager additional hosts |
-| server.certificate.domain | string | `"argocd.example.com"` | Certificate manager domain |
+| server.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) |
-| server.certificate.enabled | bool | `false` | Enables a certificate manager certificate |
+| server.certificate.duration | string | `""` | The requested 'duration' (i.e. lifetime) of the Certificate. Value must be in units accepted by Go time.ParseDuration |
-| server.certificate.issuer.kind | string | `nil` | Certificate manager issuer |
+| server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) |
-| server.certificate.issuer.name | string | `nil` | Certificate manager name |
+| server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` |
-| server.certificate.secretName | string | `"argocd-server-tls"` | Certificate manager secret name |
+| server.certificate.issuer.name | string | `""` | Certificate isser name. Eg. `letsencrypt` |
 | server.certificate.renewBefore | string | `""` | How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration |
 | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource |
 | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments |
 | server.config | object | See [values.yaml] | [General Argo CD configuration] |
 | server.configAnnotations | object | `{}` | Annotations to be added to Argo CD ConfigMap |
--- a/charts/argo-cd/templates/argocd-server/certificate.yaml
+++ b/charts/argo-cd/templates/argocd-server/certificate.yaml
@ -19,11 +19,17 @@ spec:
  commonName: {{ .Values.server.certificate.domain | quote }}
  dnsNames:
    - {{ .Values.server.certificate.domain | quote }}
-  {{- range .Values.server.certificate.additionalHosts }}
+    {{- range .Values.server.certificate.additionalHosts }}
    - {{ . | quote }}
    {{- end }}
  {{- with .Values.server.certificate.duration }}
  duration: {{ . | quote }}
  {{- end }}
  issuerRef:
    kind: {{ .Values.server.certificate.issuer.kind | quote }}
    name: {{ .Values.server.certificate.issuer.name | quote }}
  {{- with .Values.server.certificate.renewBefore }}
  renewBefore: {{ . | quote }}
  {{- end }}
  secretName: {{ .Values.server.certificate.secretName | quote }}
 {{- end }}
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@ -926,18 +926,22 @@ server:
  ## Certificate configuration
  certificate:
-    # -- Enables a certificate manager certificate
+    # -- Deploy a Certificate resource (requires cert-manager)
    enabled: false
-    # -- Certificate manager domain
+    # -- Certificate primary domain (commonName)
    domain: argocd.example.com
    # -- The requested 'duration' (i.e. lifetime) of the Certificate. Value must be in units accepted by Go time.ParseDuration
    duration: ""
    # -- How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration
    renewBefore: ""
    issuer:
-      # -- Certificate manager issuer
+      # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer`
-      kind: # ClusterIssuer
+      kind: ""
-      # -- Certificate manager name
+      # -- Certificate isser name. Eg. `letsencrypt`
-      name: # letsencrypt
+      name: ""
    # -- Certificate manager additional hosts
    additionalHosts: []
-    # -- Certificate manager secret name
+    # -- The name of the Secret that will be automatically created and managed by this Certificate resource
    secretName: argocd-server-tls
  ## Server service configuration