From 5e0dcfe117d7513b25b786ad43e17164b21f01fb Mon Sep 17 00:00:00 2001 From: Abhishek Jaisingh Date: Tue, 26 Nov 2019 04:25:05 +0530 Subject: [PATCH 1/6] ArgoCD: Configure Repository Credentials in Values (#167) * ArgoCD: Configure Repository Credentials in Values * Argo CD Helm Chart: Add a Secret Resource in Repo Server for configuring Repository Credentials Change-Id: I64c343d3558a939d0faef795e62d4e258810bc67 * Minor formatting fix, add documentation. --- charts/argo-cd/Chart.yaml | 2 +- .../repository-credentials-secret.yaml | 18 ++++++++++++++++++ charts/argo-cd/values.yaml | 19 +++++++++++++++++++ 3 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a9b28699..f3e351ec 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.3.0" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.2.0 +version: 1.2.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml new file mode 100644 index 00000000..aed7700f --- /dev/null +++ b/charts/argo-cd/templates/argocd-repo-server/repository-credentials-secret.yaml @@ -0,0 +1,18 @@ +{{- if .Values.configs.repositoryCredentials }} +apiVersion: v1 +kind: Secret +metadata: + name: argocd-repository-credentials + labels: + app.kubernetes.io/name: {{ include "argo-cd.name" . }}-secret + helm.sh/chart: {{ include "argo-cd.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: {{ .Values.server.name }} +type: Opaque +data: +{{- range $key, $value := .Values.configs.repositoryCredentials }} + {{ $key }}: {{ $value | b64enc }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 19ace947..f697c192 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -584,6 +584,25 @@ configs: # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK # XWyb96wrUlv+E8I= # -----END CERTIFICATE----- + # Creates a secret with optional repository credentials + repositoryCredentials: + {} + # sample-ssh-key: | + # -----BEGIN RSA PRIVATE KEY----- + # MIICXAIBAAKBgQCcmiVJXGUvL8zqWmRRETbCKgFadtjJ9WDQpSwiZzMiktpYBo0N + # z0cThzGQfWqvdiJYEy72MrKCaSYssV3eHP5zTffk4VBDktNfdl1kgkOpqnh7tQO4 + # nBONRLzcK6KEbKUsmiTbW8Jb4UFYDhyyyveby7y3vYePmaRQIrlEenVfKwIDAQAB + # AoGAbbg+WZjnt9jYzHWKhZX29LDzg8ty9oT6URT4yB3gIOAdJMFqQHuyg8cb/e0x + # O0AcrfK623oHwgEj4vpeFwnfaBdtM5GfH9zaj6pnXV7VZc3oBHrBnHUgFT3NEYUe + # tt6rtatIguBH61Aj/pyij9sOfF0xDj0s1nwFTbdHtZR/31kCQQDIwcVTqhKkDNW6 + # cvdz+Wt3v9x1wNg+VhZhyA/pKILz3+qtn3GogLrQqhpVi+Y7tdvEv9FvgKaCjUp8 + # 6Lfp6dDFAkEAx7HpQbXFdrtcveOi9kosKRDX1PT4zdhB08jAXGlV8jr0jkrZazVM + # hV5rVCuu35Vh6x1fiyGwwiVsqhgWE+KPLwJAWrDemasM/LsnmjDxhJy6ZcBwsWlK + # xu5Q8h9UwLmiXtVayNBsofh1bGpLtzWZ7oN7ImidDkgJ8JQvgDoJS0xrGQJBALPJ + # FkMFnrjtqGqBVkc8shNqyZY90v6oM2OzupO4dht2PpUZCDPAMZtlTWXjSjabbCPc + # NxexBk1UmkdtFftjHxsCQGjG+nhRYH92MsmrbvZyFzgxg9SIOu6xel7D3Dq9l5Le + # XG+bpHPF4SiCpAxthP5WNa17zuvk+CDsMZgZNuhYNMo= + # -----END RSA PRIVATE KEY----- secret: createSecret: true githubSecret: "" From 26aea348312d37f8de7bae9bcade3510a55a7eaf Mon Sep 17 00:00:00 2001 From: Ryota Date: Mon, 25 Nov 2019 23:01:18 +0000 Subject: [PATCH 2/6] Correct the values.yaml comment for extra arg (#174) Extra arg handling changed in v1 release, and expects map rather than list --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/values.yaml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f3e351ec..5ce46ded 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.3.0" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.2.1 +version: 1.2.2 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f697c192..dfd95c9b 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -31,7 +31,7 @@ controller: logLevel: info ## Additional command line arguments to pass to argocd-controller - ## - key: value + ## key: value extraArgs: [] ## Annotations to be added to controller pods @@ -207,9 +207,9 @@ server: imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-server - ## - key: value + ## key: value # extraArgs: [] - # - insecure: true + # insecure: true extraArgs: [] ## Argo server log level @@ -439,7 +439,7 @@ repoServer: imagePullPolicy: # IfNotPresent ## Additional command line arguments to pass to argocd-repo-server - ## - key: value + ## key: value extraArgs: [] ## Argo repoServer log level From 5330efa6d8401074e250f3ecd2741c0bfbb6b692 Mon Sep 17 00:00:00 2001 From: Alex Collins Date: Tue, 26 Nov 2019 13:12:54 -0800 Subject: [PATCH 3/6] Update CODEOWNERS (#175) --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 28539881..a4ca6084 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,7 +1,7 @@ # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners # Argo CD -/charts/argo-cd @seanson +/charts/argo-cd @seanson @spencergilbert # Argo Events /charts/argo-events @jbehling From 7503f29192e7c5a6e832b224531a2b5447964688 Mon Sep 17 00:00:00 2001 From: Antoine Date: Thu, 5 Dec 2019 03:25:45 +0100 Subject: [PATCH 4/6] added option to set admin.password, tls.key and tls.cert in argocd-secret via values (#158) - Added option to set admin.password, tls.key and tls.cert in argocd-secret via values - Bumped chart version --- charts/argo-cd/Chart.yaml | 2 +- .../templates/argocd-configs/argocd-secret.yaml | 13 +++++++++++-- charts/argo-cd/values.yaml | 15 +++++++++++++++ 3 files changed, 27 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5ce46ded..8eba12b3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.3.0" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.2.2 +version: 1.2.4 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 6d4c3901..dcacb081 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -11,7 +11,7 @@ metadata: app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} type: Opaque -{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketSecret) }} +{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketSecret .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig) }} # Setting a blank data again will wipe admin password/key/cert data: {{- if .Values.configs.secret.githubSecret }} @@ -23,5 +23,14 @@ data: {{- if .Values.configs.secret.bitbucketSecret }} bitbucket.webhook.uuid: {{ .Values.configs.secret.bitbucketSecret | b64enc }} {{- end }} + {{- if .Values.configs.secret.argocdServerTlsConfig }} + tls.key: {{ .Values.configs.secret.argocdServerTlsConfig.key | b64enc }} + tls.crt: {{ .Values.configs.secret.argocdServerTlsConfig.crt | b64enc }} + {{- end }} + + {{- if .Values.configs.secret.argocdServerAdminPassword }} + admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }} + admin.passwordMtime: {{ date "2006-01-02T15:04:05Z" now | b64enc }} + {{- end }} +{{- end }} {{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index dfd95c9b..20f619ba 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -608,3 +608,18 @@ configs: githubSecret: "" gitlabSecret: "" bitbucketSecret: "" + +# Argo TLS Data. + argocdServerTlsConfig: {} + # key: + # crt: | + # -----BEGIN CERTIFICATE----- + # + # -----END CERTIFICATE----- + # -----BEGIN CERTIFICATE----- + # + # -----END CERTIFICATE----- + + # Argo expects the password in the secret to be bcrypt hashed. You can create this hash with + # `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'` + # argocdServerAdminPassword: From 149049293f710015af9ba448ec1aef5448bec2fd Mon Sep 17 00:00:00 2001 From: Konstantin <34882943+nouseforaname@users.noreply.github.com> Date: Thu, 5 Dec 2019 03:52:22 +0100 Subject: [PATCH 5/6] Fix webhook secret properties (#176) - Bumped chart version to 1.3.0 due to breaking change (bitbucket uuid / bitbucket server secret) --- charts/argo-cd/Chart.yaml | 2 +- .../templates/argocd-configs/argocd-secret.yaml | 17 +++++++++++------ charts/argo-cd/values.yaml | 6 +++++- 3 files changed, 17 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8eba12b3..b757833c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.3.0" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.2.4 +version: 1.3.0 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index dcacb081..ba9e6627 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -11,23 +11,28 @@ metadata: app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} type: Opaque -{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketSecret .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig) }} +{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig) }} # Setting a blank data again will wipe admin password/key/cert data: {{- if .Values.configs.secret.githubSecret }} - github.webhook.secret: {{ .Values.configs.secret.githubSecret | b64enc }} + webhook.github.secret: {{ .Values.configs.secret.githubSecret | b64enc }} {{- end }} {{- if .Values.configs.secret.gitlabSecret }} - gitlab.webhook.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }} + webhook.gitlab.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }} {{- end }} - {{- if .Values.configs.secret.bitbucketSecret }} - bitbucket.webhook.uuid: {{ .Values.configs.secret.bitbucketSecret | b64enc }} + {{- if .Values.configs.secret.bitbucketServerSecret }} + webhook.bitbucketserver.secret: {{ .Values.configs.secret.bitbucketServerSecret | b64enc }} + {{- end }} + {{- if .Values.configs.secret.bitbucketUUID }} + webhook.bitbucket.uuid: {{ .Values.configs.secret.bitbucketUUID | b64enc }} + {{- end }} + {{- if .Values.configs.secret.gogsSecret }} + webhook.gogs.secret: {{ .Values.configs.secret.gogsSecret | b64enc }} {{- end }} {{- if .Values.configs.secret.argocdServerTlsConfig }} tls.key: {{ .Values.configs.secret.argocdServerTlsConfig.key | b64enc }} tls.crt: {{ .Values.configs.secret.argocdServerTlsConfig.crt | b64enc }} {{- end }} - {{- if .Values.configs.secret.argocdServerAdminPassword }} admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }} admin.passwordMtime: {{ date "2006-01-02T15:04:05Z" now | b64enc }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 20f619ba..5af2ad69 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -605,9 +605,13 @@ configs: # -----END RSA PRIVATE KEY----- secret: createSecret: true + + # Webhook Configs githubSecret: "" gitlabSecret: "" - bitbucketSecret: "" + bitbucketServerSecret: "" + bitbucketUUÌD: "" + gogsSecret: "" # Argo TLS Data. argocdServerTlsConfig: {} From ed873508eccadac94f7831af6e73c87f8c01efef Mon Sep 17 00:00:00 2001 From: Igor Churmeev Date: Thu, 5 Dec 2019 05:47:15 +0200 Subject: [PATCH 6/6] [charts/argo-cd] Fix servicemonitors (#180) * Fixed servicemonitor templates * Bump chart version Signed-off-by: Igor Churmeev --- charts/argo-cd/Chart.yaml | 2 +- .../argocd-application-controller/servicemonitor.yaml | 5 ++++- .../argo-cd/templates/argocd-repo-server/servicemonitor.yaml | 5 ++++- charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 5 ++++- 4 files changed, 13 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b757833c..3c5c02b2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "1.3.0" description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 1.3.0 +version: 1.3.1 home: https://github.com/argoproj/argo-helm icon: https://raw.githubusercontent.com/argoproj/argo/master/argo.png keywords: diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index c820e3bb..3fb538e3 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -13,7 +13,9 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.controller.name }} + {{- if .Values.controller.metrics.serviceMonitor.selector }} {{- toYaml .Values.controller.metrics.serviceMonitor.selector | nindent 4 }} + {{- end }} {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }} {{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }} {{- end }} @@ -29,4 +31,5 @@ spec: matchLabels: app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics app.kubernetes.io/component: {{ .Values.controller.name }} -{{- end }} \ No newline at end of file +{{- end }} + diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index bd064f17..c07769f9 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -13,7 +13,9 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.repoServer.name }} + {{- if .Values.repoServer.metrics.serviceMonitor.selector }} {{- toYaml .Values.repoServer.metrics.serviceMonitor.selector | nindent 4 }} + {{- end }} {{- if .Values.repoServer.metrics.serviceMonitor.additionalLabels }} {{- toYaml .Values.repoServer.metrics.serviceMonitor.additionalLabels | nindent 4 }} {{- end }} @@ -30,4 +32,5 @@ spec: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics app.kubernetes.io/component: {{ .Values.repoServer.name }} -{{- end }} \ No newline at end of file +{{- end }} + diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index 6d995ff7..7be1f2f4 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -13,7 +13,9 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argocd app.kubernetes.io/component: {{ .Values.server.name }} + {{- if .Values.server.metrics.serviceMonitor.selector }} {{- toYaml .Values.server.metrics.serviceMonitor.selector | nindent 4 }} + {{- end }} {{- if .Values.server.metrics.serviceMonitor.additionalLabels }} {{- toYaml .Values.server.metrics.serviceMonitor.additionalLabels | nindent 4 }} {{- end }} @@ -30,4 +32,5 @@ spec: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics app.kubernetes.io/component: {{ .Values.server.name }} -{{- end }} \ No newline at end of file +{{- end }} +