diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 20423dc0..2d342eb3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -36,4 +36,3 @@ annotations: description: Dedicated ingress implementation for AWS and GKE Application Load Balancers - kind: changed description: Support for multiple ingress hosts and paths refactored into `extraHosts` and `extraPaths` - diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 1a91651c..3c694cf2 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -813,7 +813,7 @@ NAME: my-release | server.ingress.aws.backendProtocolVersion | string | `"HTTP2"` | Backend protocol version for the AWS ALB gRPC service | | server.ingress.aws.serviceType | string | `"NodePort"` | Service type for the AWS ALB gRPC service | | server.ingress.controller | string | `"generic"` | Specific implementation for ingress controller. One of `generic`, `aws` or `gke` | -| server.ingress.enabled | bool | `true` | Enable an ingress resource for the Argo CD server | +| server.ingress.enabled | bool | `false` | Enable an ingress resource for the Argo CD server | | server.ingress.extraHosts | list | `[]` (See [values.yaml]) | The list of additional hostnames to be covered by ingress record | | server.ingress.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths | | server.ingress.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules | @@ -1185,6 +1185,18 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the ApplicationSet controller | | applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the ApplicationSet controller | | applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| applicationSet.ingress.annotations | object | `{}` | Additional ingress annotations | +| applicationSet.ingress.enabled | bool | `false` | Enable an ingress resource for ApplicationSet webhook | +| applicationSet.ingress.extraHosts | list | `[]` (See [values.yaml]) | The list of additional hostnames to be covered by ingress record | +| applicationSet.ingress.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths | +| applicationSet.ingress.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules | +| applicationSet.ingress.extraTls | list | `[]` (See [values.yaml]) | Additional ingress TLS configuration | +| applicationSet.ingress.hostname | string | `"argocd.server.local"` | Argo CD ApplicationSet hostname | +| applicationSet.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource | +| applicationSet.ingress.labels | object | `{}` | Additional ingress labels | +| applicationSet.ingress.path | string | `"/api/webhook"` | List of ingress paths | +| applicationSet.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | +| applicationSet.ingress.tls | bool | `false` | Enable TLS configuration for the hostname defined at `applicationSet.webhook.ingress.hostname` | | applicationSet.initContainers | list | `[]` | Init containers to add to the ApplicationSet controller pod | | applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | @@ -1240,18 +1252,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | applicationSet.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller | -| applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | -| applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | -| applicationSet.webhook.ingress.extraHosts | list | `[]` | The list of additional hostnames to be covered by ingress record | -| applicationSet.webhook.ingress.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths | -| applicationSet.webhook.ingress.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules | -| applicationSet.webhook.ingress.extraTls | list | `[]` (See [values.yaml]) | Additional ingress TLS configuration | -| applicationSet.webhook.ingress.hostname | string | `""` | Argo CD ApplicationSet hostname | -| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource | -| applicationSet.webhook.ingress.labels | object | `{}` | Additional ingress labels | -| applicationSet.webhook.ingress.path | string | `"/api/webhook"` | List of ingress paths | -| applicationSet.webhook.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | -| applicationSet.webhook.ingress.tls | bool | `false` | Enable TLS configuration for the hostname defined at `applicationSet.webhook.ingress.hostname` | ## Notifications diff --git a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml similarity index 60% rename from charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml rename to charts/argo-cd/templates/argocd-applicationset/ingress.yaml index 628f63b5..ce01e7c6 100644 --- a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/ingress.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.applicationSet.enabled .Values.applicationSet.webhook.ingress.enabled -}} +{{- if and .Values.applicationSet.enabled .Values.applicationSet.ingress.enabled -}} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -6,29 +6,29 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} - {{- with .Values.applicationSet.webhook.ingress.labels }} + {{- with .Values.applicationSet.ingress.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.applicationSet.webhook.ingress.annotations }} + {{- with .Values.applicationSet.ingress.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: - {{- with .Values.applicationSet.webhook.ingress.ingressClassName }} + {{- with .Values.applicationSet.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} rules: - {{- if .Values.applicationSet.webhook.ingress.hostname }} - - host: {{ .Values.applicationSet.webhook.ingress.hostname }} + {{- if .Values.applicationSet.ingress.hostname }} + - host: {{ .Values.applicationSet.ingress.hostname }} http: paths: - {{- with .Values.applicationSet.webhook.ingress.extraPaths }} + {{- with .Values.applicationSet.ingress.extraPaths }} {{- toYaml . | nindent 10 }} {{- end }} - - path: {{ .Values.applicationSet.webhook.ingress.path }} - pathType: {{ $.Values.applicationSet.webhook.ingress.pathType }} + - path: {{ .Values.applicationSet.ingress.path }} + pathType: {{ $.Values.applicationSet.ingress.pathType }} backend: service: name: {{ include "argo-cd.applicationSet.fullname" $ }} @@ -47,17 +47,17 @@ spec: port: number: {{ .Values.applicationSet.service.port }} {{- end }} - {{- with .Values.applicationSet.webhook.ingress.extraRules }} + {{- with .Values.applicationSet.ingress.extraRules }} {{- toYaml . | nindent 4 }} {{- end }} - {{- if or .Values.applicationSet.webhook.ingress.tls .Values.applicationSet.webhook.ingress.extraTls }} + {{- if or .Values.applicationSet.ingress.tls .Values.applicationSet.ingress.extraTls }} tls: - {{- if .Values.applicationSet.webhook.ingress.tls }} + {{- if .Values.applicationSet.ingress.tls }} - hosts: - - {{ .Values.applicationSet.webhook.ingress.hostname }} - secretName: {{ printf "%s-tls" .Values.applicationSet.webhook.ingress.hostname }} + - {{ .Values.applicationSet.ingress.hostname }} + secretName: argocd-application-controller-tls {{- end }} - {{- with .Values.applicationSet.webhook.ingress.extraTls }} + {{- with .Values.applicationSet.ingress.extraTls }} {{- toYaml . | nindent 4 }} {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 05343e7c..7a97317b 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1901,7 +1901,7 @@ server: # Argo CD server ingress configuration ingress: # -- Enable an ingress resource for the Argo CD server - enabled: true #false + enabled: false # -- Specific implementation for ingress controller. One of `generic`, `aws` or `gke` ## Additional configuration might be required in related configuration sections controller: generic @@ -2713,68 +2713,6 @@ applicationSet: # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" - ## Webhook for the Git Generator - ## Ref: https://argocd-applicationset.readthedocs.io/en/master/Generators-Git/#webhook-configuration) - webhook: - ingress: - # -- Enable an ingress resource for Webhooks - enabled: false - # -- Additional ingress labels - labels: {} - # -- Additional ingress annotations - annotations: {} - - # -- Defines which ingress ApplicationSet controller will implement the resource - ingressClassName: "" - - # -- Argo CD ApplicationSet hostname - hostname: "" - - # -- List of ingress paths - path: /api/webhook - - # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` - pathType: Prefix - - # -- Enable TLS configuration for the hostname defined at `applicationSet.webhook.ingress.hostname` - ## TLS certificate will be retrieved from a TLS secret with name: `-tls` - tls: false - - # -- The list of additional hostnames to be covered by ingress record - extraHosts: [] - # - name: argocd.server.local - # path: / - - # -- Additional ingress paths - # @default -- `[]` (See [values.yaml]) - extraPaths: [] - # - path: /* - # pathType: Prefix - # backend: - # service: - # name: ssl-redirect - # port: - # name: use-annotation - - # -- Additional ingress rules - # @default -- `[]` (See [values.yaml]) - extraRules: [] - # - host: example.server.local - # http: - # path: / - # backend: - # service: - # name: example-svc - # port: - # name: http - - # -- Additional ingress TLS configuration - # @default -- `[]` (See [values.yaml]) - extraTls: [] - # - secretName: argocd-applicationset-tls - # hosts: - # - argocd-applicationset.example.com - # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-configuration certificate: @@ -2816,6 +2754,69 @@ applicationSet: # -- Annotations to be applied to the ApplicationSet Certificate annotations: {} + ## Ingress for the Git Generator webhook + ## Ref: https://argocd-applicationset.readthedocs.io/en/master/Generators-Git/#webhook-configuration) + ingress: + # -- Enable an ingress resource for ApplicationSet webhook + enabled: false + # -- Additional ingress labels + labels: {} + # -- Additional ingress annotations + annotations: {} + + # -- Defines which ingress ApplicationSet controller will implement the resource + ingressClassName: "" + + # -- Argo CD ApplicationSet hostname + ## NOTE: Hostname must be provided if Ingress is enabled + hostname: argocd.server.local + + # -- List of ingress paths + path: /api/webhook + + # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` + pathType: Prefix + + # -- Enable TLS configuration for the hostname defined at `applicationSet.webhook.ingress.hostname` + ## TLS certificate will be retrieved from a TLS secret with name:`argocd-application-controller-tls` + tls: false + + # -- The list of additional hostnames to be covered by ingress record + # @default -- `[]` (See [values.yaml]) + extraHosts: [] + # - name: argocd.server.local + # path: / + + # -- Additional ingress paths + # @default -- `[]` (See [values.yaml]) + extraPaths: [] + # - path: /* + # pathType: Prefix + # backend: + # service: + # name: ssl-redirect + # port: + # name: use-annotation + + # -- Additional ingress rules + # @default -- `[]` (See [values.yaml]) + extraRules: [] + # - host: example.server.local + # http: + # path: / + # backend: + # service: + # name: example-svc + # port: + # name: http + + # -- Additional ingress TLS configuration + # @default -- `[]` (See [values.yaml]) + extraTls: [] + # - secretName: argocd-applicationset-tls + # hosts: + # - argocd-applicationset.example.com + ## Notifications controller notifications: # -- Enable notifications controller