From 445348f9a26a40fc7621314ca4789a971a98f128 Mon Sep 17 00:00:00 2001
From: chgl <chgl@users.noreply.github.com>
Date: Sat, 8 May 2021 22:07:06 +0200
Subject: [PATCH] aligned serviceAccount configuration with argo-cd values

Signed-off-by: chgl <chgl@users.noreply.github.com>
---
 .../ci/enable-metrics-values.yaml             |  2 ++
 charts/argo-workflows/templates/_helpers.tpl  | 14 +++++-----
 .../controller/workflow-controller-crb.yaml   |  6 ++---
 .../controller/workflow-controller-sa.yaml    |  2 +-
 .../workflow-controller-service.yaml          |  8 +++---
 .../workflow-controller-servicemonitor.yaml   |  8 +++---
 .../templates/server/server-crb.yaml          |  6 ++---
 .../templates/server/server-deployment.yaml   |  2 +-
 .../templates/server/server-sa.yaml           |  4 +--
 charts/argo-workflows/values.yaml             | 26 +++++++++----------
 10 files changed, 40 insertions(+), 38 deletions(-)

diff --git a/charts/argo-workflows/ci/enable-metrics-values.yaml b/charts/argo-workflows/ci/enable-metrics-values.yaml
index 949ed73b..9818ebe5 100644
--- a/charts/argo-workflows/ci/enable-metrics-values.yaml
+++ b/charts/argo-workflows/ci/enable-metrics-values.yaml
@@ -3,3 +3,5 @@ controller:
     enabled: true
   metricsConfig:
     enabled: true
+  telemetryConfig:
+    enabled: true
diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl
index a62f314b..c76b55ac 100644
--- a/charts/argo-workflows/templates/_helpers.tpl
+++ b/charts/argo-workflows/templates/_helpers.tpl
@@ -64,10 +64,10 @@ app.kubernetes.io/component: {{ .component }}
 Create the name of the server service account to use
 */}}
 {{- define "argo-workflows.serverServiceAccountName" -}}
-{{- if .Values.server.createServiceAccount -}}
-    {{ default (include "argo-workflows.fullname" .) .Values.server.serviceAccount }}
+{{- if .Values.server.serviceAccount.create -}}
+    {{ default (include "argo-workflows.fullname" .) .Values.server.serviceAccount.name }}
 {{- else -}}
-    {{ default "default" .Values.server.serviceAccount }}
+    {{ default "default" .Values.server.serviceAccount.name }}
 {{- end -}}
 {{- end -}}
 
@@ -75,10 +75,10 @@ Create the name of the server service account to use
 Create the name of the controller service account to use
 */}}
 {{- define "argo-workflows.controllerServiceAccountName" -}}
-{{- if .Values.controller.createServiceAccount -}}
-    {{ default (include "argo-workflows.fullname" .) .Values.controller.serviceAccount }}
+{{- if .Values.controller.serviceAccount.create -}}
+    {{ default (include "argo-workflows.fullname" .) .Values.controller.serviceAccount.name }}
 {{- else -}}
-    {{ default "default" .Values.controller.serviceAccount }}
+    {{ default "default" .Values.controller.serviceAccount.name }}
 {{- end -}}
 {{- end -}}
 
@@ -107,7 +107,7 @@ Return the appropriate service layout for ingress
 - backend:
     service:
       name: {{ .serviceName }}
-      port: 
+      port:
         number: {{ .servicePort }}
   pathType: ImplementationSpecific
 {{- end -}}
diff --git a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml
index e99f0fcf..6879d282 100644
--- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml
@@ -18,10 +18,10 @@ roleRef:
   name: {{ template "argo-workflows.controller.fullname" . }}
 subjects:
   - kind: ServiceAccount
-    name: {{ .Values.controller.serviceAccount }}
+    name: {{ template "argo-workflows.controllerServiceAccountName" . }}
     namespace: {{ .Release.Namespace }}
 {{- if .Values.controller.workflowNamespaces }}
-{{- $uiServiceAccount := .Values.controller.serviceAccount }}
+{{- $uiServiceAccount := (include "argo-workflows.controllerServiceAccountName" .) }}
 {{- $namespace := .Release.Namespace }}
 {{- range $key := .Values.controller.workflowNamespaces }}
   {{- if not (eq $key $namespace) }}
@@ -44,5 +44,5 @@ roleRef:
   name: {{ template "argo-workflows.controller.fullname" . }}-cluster-template
 subjects:
   - kind: ServiceAccount
-    name: {{ .Values.controller.serviceAccount }}
+    name: {{ template "argo-workflows.controllerServiceAccountName" . }}
     namespace: {{ .Release.Namespace }}
diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml
index 77000ef9..e917bb41 100644
--- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: {{ template "argo-workflows.controllerServiceAccountName" . }}
-  {{ with .Values.controller.serviceAccountAnnotations }}
+  {{ with .Values.controller.serviceAccount.annotations }}
   annotations:
     {{- toYaml .| nindent 4 }}
   {{- end }}
diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml
index abde6aad..5c248f49 100644
--- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml
@@ -16,14 +16,14 @@ metadata:
 spec:
   ports:
   {{- if .Values.controller.metricsConfig.enabled }}
-  - name: {{ .Values.controller.metricsServicePortName }}
-    port: {{ .Values.controller.metricsServicePort }}
+  - name: {{ .Values.controller.metricsConfig.servicePortName }}
+    port: {{ .Values.controller.metricsConfig.servicePort }}
     protocol: TCP
     targetPort: {{ .Values.controller.metricsConfig.port }}
   {{- end }}
   {{- if .Values.controller.telemetryConfig.enabled }}
-  - name: {{ .Values.controller.telemetryServicePortName }}
-    port: {{ .Values.controller.telemetryServicePort }}
+  - name: {{ .Values.controller.telemetryConfig.servicePortName }}
+    port: {{ .Values.controller.telemetryConfig.servicePort }}
     protocol: TCP
     targetPort: {{ .Values.controller.telemetryConfig.port }}
   {{- end }}
diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml
index 78c16ec4..54cf1b31 100644
--- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml
+++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml
@@ -10,14 +10,14 @@ metadata:
     {{- end }}
 spec:
   endpoints:
-  {{- with .Values.controller.metricsConfig.enabled }}
+  {{- if .Values.controller.metricsConfig.enabled }}
     - port: metrics
-      path: {{ . }}
+      path: {{ .Values.controller.metricsConfig.path }}
       interval: 30s
   {{- end }}
-  {{- with .Values.controller.telemetryConfig.enabled }}
+  {{- if .Values.controller.telemetryConfig.enabled }}
     - port: telemetry
-      path: {{ . }}
+      path: {{ .Values.controller.telemetryConfig.path }}
       interval: 30s
   {{- end }}
   namespaceSelector:
diff --git a/charts/argo-workflows/templates/server/server-crb.yaml b/charts/argo-workflows/templates/server/server-crb.yaml
index d6f35da1..fd9450d5 100644
--- a/charts/argo-workflows/templates/server/server-crb.yaml
+++ b/charts/argo-workflows/templates/server/server-crb.yaml
@@ -1,4 +1,4 @@
-{{- if and .Values.server.enabled .Values.server.createServiceAccount -}}
+{{- if and .Values.server.enabled .Values.server.serviceAccount.create -}}
 apiVersion: rbac.authorization.k8s.io/v1
 {{- if .Values.singleNamespace }}
 kind: RoleBinding
@@ -19,7 +19,7 @@ roleRef:
   name: {{ template "argo-workflows.server.fullname" . }}
 subjects:
 - kind: ServiceAccount
-  name: {{ .Values.server.serviceAccount }}
+  name: {{ template "argo-workflows.serverServiceAccountName" . }}
   namespace: {{ .Release.Namespace }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
@@ -34,6 +34,6 @@ roleRef:
   name: {{ template "argo-workflows.server.fullname" . }}-cluster-template
 subjects:
 - kind: ServiceAccount
-  name: {{ .Values.server.serviceAccount }}
+  name: {{ template "argo-workflows.serverServiceAccountName" . }}
   namespace: {{ .Release.Namespace }}
 {{- end -}}
diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml
index 5cccb706..9d1696dd 100644
--- a/charts/argo-workflows/templates/server/server-deployment.yaml
+++ b/charts/argo-workflows/templates/server/server-deployment.yaml
@@ -24,7 +24,7 @@ spec:
         {{- toYaml .Values.server.podAnnotations | nindent 8 }}
       {{- end }}
     spec:
-      serviceAccountName: {{ .Values.server.serviceAccount | quote }}
+      serviceAccountName: {{ template "argo-workflows.serverServiceAccountName" . }}
       {{- with .Values.server.podSecurityContext }}
       securityContext:
         {{- toYaml . | nindent 8 }}
diff --git a/charts/argo-workflows/templates/server/server-sa.yaml b/charts/argo-workflows/templates/server/server-sa.yaml
index 1c9d20dc..10e03d0e 100644
--- a/charts/argo-workflows/templates/server/server-sa.yaml
+++ b/charts/argo-workflows/templates/server/server-sa.yaml
@@ -1,9 +1,9 @@
-{{- if and .Values.server.enabled .Values.server.createServiceAccount -}}
+{{- if and .Values.server.enabled .Values.server.serviceAccount.create -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: {{ template "argo-workflows.serverServiceAccountName" . }}
-  {{- with .Values.server.serviceAccountAnnotations  }}
+  {{- with .Values.server.serviceAccount.annotations  }}
   annotations:
     {{- toYaml . | indent 4 }}
   {{- end }}
diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml
index 31a40fe4..375c5eb1 100644
--- a/charts/argo-workflows/values.yaml
+++ b/charts/argo-workflows/values.yaml
@@ -44,6 +44,8 @@ controller:
     enabled: false
     path: /metrics
     port: 9090
+    servicePort: 8080
+    servicePortName: metrics
   # the controller container's securityContext
   securityContext:
     readOnlyRootFilesystem: true
@@ -84,12 +86,16 @@ controller:
     enabled: false
     path: /telemetry
     port: 8081
+    servicePort: 8081
+    servicePortName: telemetry
   serviceMonitor:
     enabled: false
     additionalLabels: {}
-  serviceAccount: argo
-  # Service account annotations
-  serviceAccountAnnotations: {}
+  serviceAccount:
+    create: true
+    name: argo
+    # Annotations applied to created service account
+    annotations: {}
   name: workflow-controller
   workflowNamespaces:
     - default
@@ -106,10 +112,6 @@ controller:
     level: info
     globallevel: "0"
   serviceType: ClusterIP
-  metricsServicePort: 8080
-  metricsServicePortName: metrics
-  telemetryServicePort: 8081
-  telemetryServicePortName: telemetry
   # Annotations to be applied to the controller Service
   serviceAnnotations: {}
   # Optional labels to add to the controller Service
@@ -183,12 +185,10 @@ server:
   serviceType: ClusterIP
   servicePort: 2746
   # servicePortName: http
-  serviceAccount: argo-server
-  # Whether to create the service account with the name specified in
-  # server.serviceAccount and bind it to the server role.
-  createServiceAccount: true
-  # Service account annotations
-  serviceAccountAnnotations: {}
+  serviceAccount:
+    create: true
+    name: argo-server
+    annotations: {}
   # Annotations to be applied to the UI Service
   serviceAnnotations: {}
   # Optional labels to add to the UI Service