fix(argo-applicationset): Fix deployment issue with AppSet v0.1.0 (#650)

* fix: Add supports for private repos configured using SSH Signed-off-by: Matteo Ruina <matteo.ruina@gmail.com> * fix(argo-applicationset): Allow to select with volumes to mount Signed-off-by: Matteo Ruina <matteo.ruina@gmail.com> * Fix RBAC rules Signed-off-by: Matteo Ruina <matteo.ruina@gmail.com> * Fix linting issue Signed-off-by: Matteo Ruina <matteo.ruina@gmail.com> * Fix chart version Signed-off-by: Matteo Ruina <matteo.ruina@gmail.com> Co-authored-by: Jonathan West <jgwest@users.noreply.github.com>
2021-04-13 14:59:29 +02:00 · 2021-04-13 14:59:29 +02:00 · 4b9c281711
commit 4b9c281711
parent b8f483fb73
5 changed files with 81 additions and 50 deletions
--- a/charts/argo-applicationset/Chart.yaml
+++ b/charts/argo-applicationset/Chart.yaml
@ -2,8 +2,8 @@ apiVersion: v2
 name: argocd-applicationset
 description: A Helm chart for installing ArgoCD ApplicationSet
 type: application
-version: 0.1.0
-appVersion: "v0.1.0-prerelease"
+version: 0.1.1
+appVersion: "v0.1.0"
 home: https://github.com/argoproj/argo-helm
 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
 keywords:
--- a/charts/argo-applicationset/README.md
+++ b/charts/argo-applicationset/README.md
@ -46,6 +46,10 @@ Users of Helm v3 should set the `installCRDs` value to `false` to avoid warnings
 | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
 | imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. |
 | installCRDs | bool | `true` | Install Custom Resource Definition |
+| mountSSHKnownHostsVolume | bool | `true` | Mount the `argocd-ssh-known-hosts-cm` volume |
+| mountTLSCertsVolume | bool | `true` | Mount the `argocd-tls-certs-cm` volume |
+| mountGPGKeysVolume | bool | `false` | Mount the `argocd-gpg-keys-cm` volume |
+| mountGPGKeyringVolume | bool | `true` | Mount an emptyDir volume for `gpg-keyring` |
 | nameOverride | string | `""` | Provide a name in place of `argo-applicationset` |
 | nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/user-guide/node-selection/) |
 | podAnnotations | object | `{}` | Annotations for the controller pods |
--- a/charts/argo-applicationset/templates/deployment.yaml
+++ b/charts/argo-applicationset/templates/deployment.yaml
@ -49,6 +49,43 @@ spec:
              protocol: TCP
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+            {{- if .Values.mountSSHKnownHostsVolume }}
+            - mountPath: /app/config/ssh
+              name: ssh-known-hosts
+            {{- end }}
+            {{- if .Values.mountTLSCertsVolume }}
+            - mountPath: /app/config/tls
+              name: tls-certs
+            {{- end }}
+            {{- if .Values.mountGPGKeysVolume }}
+            - mountPath: /app/config/gpg/source
+              name: gpg-keys
+            {{- end }}
+            {{- if .Values.mountGPGKeyringVolume }}
+            - mountPath: /app/config/gpg/keys
+              name: gpg-keyring
+            {{- end }}
+      volumes:
+      {{- if .Values.mountSSHKnownHostsVolume }}
+      - configMap:
+          name: argocd-ssh-known-hosts-cm
+        name: ssh-known-hosts
+      {{- end }}
+      {{- if .Values.mountTLSCertsVolume }}
+      - configMap:
+          name: argocd-tls-certs-cm
+        name: tls-certs
+      {{- end }}
+      {{- if .Values.mountGPGKeysVolume }}
+      - configMap:
+          name: argocd-gpg-keys-cm
+        name: gpg-keys
+      {{- end }}
+      {{- if .Values.mountGPGKeyringVolume }}
+      - emptyDir: {}
+        name: gpg-keyring
+      {{- end }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
--- a/charts/argo-applicationset/templates/rbac.yaml
+++ b/charts/argo-applicationset/templates/rbac.yaml
@ -9,6 +9,7 @@ rules:
    - argoproj.io
    resources:
    - applications
+    - appprojects
    - applicationsets
    - applicationsets/finalizers
    verbs:
@ -28,7 +29,7 @@ rules:
    - patch
    - update
  - apiGroups:
-      - ''
+    - ""
    resources:
    - events
    verbs:
@ -40,39 +41,23 @@ rules:
    - update
    - watch
  - apiGroups:
-      - ''
+    - ""
    resources:
    - secrets
-    verbs:
-      - get
-      - list
-      - watch
-  - apiGroups:
-    - ''
-    resources:
    - configmaps
    verbs:
    - get
    - list
    - watch
-    - create
-    - update
-    - patch
-    - delete
  - apiGroups:
-    - ''
+    - apps
+    - extensions
    resources:
-    - configmaps/status
+    - deployments
    verbs:
    - get
-    - update
-    - patch
-  - apiGroups:
-    - ''
-    resources:
-    - events
-    verbs:
-    - create
+    - list
+    - watch
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
--- a/charts/argo-applicationset/values.yaml
+++ b/charts/argo-applicationset/values.yaml
@ -70,3 +70,8 @@ nodeSelector: {}
 tolerations: []

 affinity: {}
+
+mountSSHKnownHostsVolume: true
+mountTLSCertsVolume: true
+mountGPGKeysVolume: false
+mountGPGKeyringVolume: true