DevFW-CICD/argocd-helm
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(argo-cd): Fix secret name for applicationset webhook ingress (#2511)

Browse source 
Signed-off-by: Petr Drastil <petr.drastil@gmail.com>
Co-authored-by: Aikawa <yu.croco@gmail.com>
This commit is contained in:
Petr Drastil 2024-02-14 11:52:32 +01:00 committed by GitHub
parent d8c64b80fe
commit 5915340fc7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 9 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
charts/argo-cd/Chart.yaml
View file

@ -3,7 +3,7 @@ appVersion: v2.10.0
kubeVersion: ">=1.23.0-0" kubeVersion: ">=1.23.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd name: argo-cd
version: 6.0.12 version: 6.0.13
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
sources: sources:
@ -26,5 +26,7 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: | artifacthub.io/changes: |
- kind: security - kind: fixed
description: Argo CD repo-server cluster role is not deployed by default description: Use argocd-applicationset-controller-tls secret for ApplicationSet certificate
- kind: fixed
description: Use argocd-applicationset-controller-tls secret for ApplicationSet webhook ingress

2
charts/argo-cd/README.md
View file

@ -1283,7 +1283,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| applicationSet.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | | applicationSet.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` |
| applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. |
| applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. |
| applicationSet.certificate.secretName | string | `"argocd-application-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | | applicationSet.certificate.secretName | string | `"argocd-applicationset-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource |
| applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port |
| applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port |
| applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port |

2
charts/argo-cd/templates/argocd-applicationset/ingress.yaml
View file

@ -55,7 +55,7 @@ spec:
{{- if .Values.applicationSet.ingress.tls }} {{- if .Values.applicationSet.ingress.tls }}
- hosts: - hosts:
- {{ .Values.applicationSet.ingress.hostname }} - {{ .Values.applicationSet.ingress.hostname }}
secretName: argocd-application-controller-tls secretName: argocd-applicationset-controller-tls
{{- end }} {{- end }}
{{- with .Values.applicationSet.ingress.extraTls }} {{- with .Values.applicationSet.ingress.extraTls }}
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 4 }}

4
charts/argo-cd/values.yaml
View file

@ -2790,7 +2790,7 @@ applicationSet:
# -- Deploy a Certificate resource (requires cert-manager) # -- Deploy a Certificate resource (requires cert-manager)
enabled: false enabled: false
# -- The name of the Secret that will be automatically created and managed by this Certificate resource # -- The name of the Secret that will be automatically created and managed by this Certificate resource
secretName: argocd-application-controller-tls secretName: argocd-applicationset-controller-tls
# -- Certificate primary domain (commonName) # -- Certificate primary domain (commonName)
domain: argocd.example.com domain: argocd.example.com
# -- Certificate Subject Alternate Names (SANs) # -- Certificate Subject Alternate Names (SANs)
@ -2849,7 +2849,7 @@ applicationSet:
pathType: Prefix pathType: Prefix
# -- Enable TLS configuration for the hostname defined at `applicationSet.webhook.ingress.hostname` # -- Enable TLS configuration for the hostname defined at `applicationSet.webhook.ingress.hostname`
## TLS certificate will be retrieved from a TLS secret with name:`argocd-application-controller-tls` ## TLS certificate will be retrieved from a TLS secret with name:`argocd-applicationset-controller-tls`
tls: false tls: false
# -- The list of additional hostnames to be covered by ingress record # -- The list of additional hostnames to be covered by ingress record