From 59c226c2cafa4f2c343ce136e94dadc94eafbb43 Mon Sep 17 00:00:00 2001 From: Tristan Duverger Date: Fri, 4 Oct 2024 10:55:11 +0200 Subject: [PATCH] feat(argo-cd): add gateway creation and gke objects Signed-off-by: Tristan Duverger --- .../argocd-server/gateway-httproute.yaml | 22 +-- .../templates/argocd-server/gateway.yaml | 27 ++++ .../argocd-server/gke/backend-policy.yaml | 27 ++++ .../argocd-server/gke/gateway-policy.yaml | 27 ++++ .../argocd-server/gke/healthcheck-policy.yaml | 27 ++++ charts/argo-cd/values.yaml | 133 +++++++++++++----- 6 files changed, 217 insertions(+), 46 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-server/gateway.yaml create mode 100644 charts/argo-cd/templates/argocd-server/gke/backend-policy.yaml create mode 100644 charts/argo-cd/templates/argocd-server/gke/gateway-policy.yaml create mode 100644 charts/argo-cd/templates/argocd-server/gke/healthcheck-policy.yaml diff --git a/charts/argo-cd/templates/argocd-server/gateway-httproute.yaml b/charts/argo-cd/templates/argocd-server/gateway-httproute.yaml index 6e4d5768..d944a487 100644 --- a/charts/argo-cd/templates/argocd-server/gateway-httproute.yaml +++ b/charts/argo-cd/templates/argocd-server/gateway-httproute.yaml @@ -1,4 +1,4 @@ -{{- if .Values.server.gatewayAPI.enabled }} +{{- if eq (tpl (toString .Values.server.gateway.httpRoute.enabled) .) "true" }} apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: @@ -6,10 +6,10 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- with .Values.server.gatewayAPI.labels }} + {{- with .Values.server.gateway.httpRoute.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.server.gatewayAPI.annotations }} + {{- with .Values.server.gateway.httpRoute.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} @@ -19,13 +19,13 @@ spec: parentRefs: - group: gateway.networking.k8s.io kind: Gateway - name: {{ .Values.server.gatewayAPI.gateway }} - {{- with .Values.server.gatewayAPI.gatewaySection }} + name: {{ tpl .Values.server.gateway.name . }} + {{- with .Values.server.gateway.httpRoute.gatewaySection }} sectionName: {{ . }} {{- end }} hostnames: - - {{ .Values.server.gatewayAPI.hostname | default .Values.global.domain }} - {{- with .Values.server.gatewayAPI.extraHosts }} + - {{ .Values.server.gateway.httpRoute.hostname | default .Values.global.domain }} + {{- with .Values.server.gateway.httpRoute.extraHosts }} {{- toYaml . | nindent 4 }} {{- end }} rules: @@ -34,11 +34,11 @@ spec: {{- end }} - matches: - path: - type: {{ .Values.server.gatewayAPI.pathType }} - value: {{ .Values.server.gatewayAPI.path }} - {{- range .Values.server.gatewayAPI.extraPaths }} + type: {{ .Values.server.gateway.httpRoute.pathType }} + value: {{ .Values.server.gateway.httpRoute.path }} + {{- range .Values.server.gateway.httpRoute.extraPaths }} - path: - type: {{ .type | default $.Values.gatewayAPI.pathType }} + type: {{ .type | default $.Values.server.gateway.httpRoute.pathType }} value: {{ .value }} {{- end }} backendRefs: diff --git a/charts/argo-cd/templates/argocd-server/gateway.yaml b/charts/argo-cd/templates/argocd-server/gateway.yaml new file mode 100644 index 00000000..8f452018 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/gateway.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.server.gateway.enabled (eq .Values.server.gateway.controller "gke") }} +kind: Gateway +apiVersion: gateway.networking.k8s.io/v1 +metadata: + name: {{ tpl .Values.server.gateway.name . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + {{- with .Values.server.gateway.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.server.gateway.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + {{- if not .Values.server.gateway.gatewayClassName }} + {{- fail ".Values.server.gateway.gatewayClassName must be defined" }} + {{- end }} + gatewayClassName: {{ .Values.server.gateway.gatewayClassName }} + listeners: + {{- with .Values.server.gateway.listeners }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/gke/backend-policy.yaml b/charts/argo-cd/templates/argocd-server/gke/backend-policy.yaml new file mode 100644 index 00000000..f2e1368f --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/gke/backend-policy.yaml @@ -0,0 +1,27 @@ +{{- if and (eq .Values.server.gateway.controller "gke") (eq (tpl (toString .Values.server.gateway.httpRoute.enabled) .) "true") }} +apiVersion: networking.gke.io/v1 +kind: GCPBackendPolicy +metadata: + name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + {{- with .Values.server.gateway.gke.GCPBackendPolicy.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.server.gateway.gke.GCPBackendPolicy.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + default: + {{- with .Values.server.gateway.gke.GCPBackendPolicy.spec.default }} + {{- toYaml . | nindent 6 }} + {{- end }} + targetRef: + group: "" + kind: Service + name: {{ template "argo-cd.server.fullname" . }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/gke/gateway-policy.yaml b/charts/argo-cd/templates/argocd-server/gke/gateway-policy.yaml new file mode 100644 index 00000000..4d46ae96 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/gke/gateway-policy.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.server.gateway.enabled (eq .Values.server.gateway.controller "gke") }} +apiVersion: networking.gke.io/v1 +kind: GCPGatewayPolicy +metadata: + name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + {{- with .Values.server.gateway.gke.GCPGatewayPolicy.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.server.gateway.gke.GCPGatewayPolicy.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + default: + {{- with .Values.server.gateway.gke.GCPGatewayPolicy.spec.default }} + {{- toYaml . | nindent 6 }} + {{- end }} + targetRef: + group: gateway.networking.k8s.io + kind: Gateway + name: {{ include "argo-cd.server.fullname" . }} +{{- end }} diff --git a/charts/argo-cd/templates/argocd-server/gke/healthcheck-policy.yaml b/charts/argo-cd/templates/argocd-server/gke/healthcheck-policy.yaml new file mode 100644 index 00000000..6c766ab1 --- /dev/null +++ b/charts/argo-cd/templates/argocd-server/gke/healthcheck-policy.yaml @@ -0,0 +1,27 @@ +{{- if and (eq .Values.server.gateway.controller "gke") (eq (tpl (toString .Values.server.gateway.httpRoute.enabled) .) "true") }} +apiVersion: networking.gke.io/v1 +kind: HealthCheckPolicy +metadata: + name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + {{- with .Values.server.gateway.gke.HealthCheckPolicy.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.server.gateway.gke.HealthCheckPolicy.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + default: + {{- with .Values.server.gateway.gke.HealthCheckPolicy.spec.default }} + {{- toYaml . | nindent 6 }} + {{- end }} + targetRef: + group: "" + kind: Service + name: {{ template "argo-cd.server.fullname" . }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e6c949f3..fdff5964 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2151,53 +2151,116 @@ server: # -- Automount API credentials for the Service Account automountServiceAccountToken: true - # Argo CD server Gateway API HTTPRoute configuration + # Argo CD server Gateway API configuration # NOTE: Alpha feature, gRPC & TLS pass-through will not work - gatewayAPI: - # -- Enable a Gateway API resources for the Argo CD server + gateway: + # -- enable a gateway resource for ArgoCD + ## Note: you can already have an existing Gateway and just wanted to add a route and backend policy to that Gateway, let false in that case enabled: false - # -- Additional route labels + name: '{{ include "argo-cd.server.fullname" . }}' + # -- Specific implementation for gateway controller. Only `None` and `gke` are supported. + ## With `None`, the gateway is supposed to already exist and no specific object will be created + ## Additional configuration might be required in related configuration sections for `gke` + controller: None + # Argo CD server Gateway API HTTPRoute configuration + # NOTE: Alpha feature, gRPC & TLS pass-through will not work + # -- Additional gateway labels labels: {} - # -- Additional route annotations + # -- Additional gateway annotations annotations: {} + # networking.gke.io/certmap: "CERTIFICATE_MAP" + gatewayClassName: "" + # @default -- `""` (See [values.yaml]) + # gatewayClassName: gke-l7-global-external-managed + # gatewayClassName: gke-l7-rilb + listeners: + - name: http + protocol: HTTP + port: 80 + allowedRoutes: + namespaces: + from: Same + # - name: https + # protocol: HTTPS + # port: 443 + # allowedRoutes: + # namespaces: + # from: Same + gke: + GCPGatewayPolicy: + # -- Additional gateway labels + labels: {} + # -- Additional gateway annotations + annotations: {} + spec: + default: {} + GCPBackendPolicy: + # -- Additional gateway labels + labels: {} + # -- Additional gateway annotations + annotations: {} + spec: + default: {} + HealthCheckPolicy: + # -- Additional gateway labels + labels: {} + # -- Additional gateway annotations + annotations: {} + spec: + default: + logConfig: + enabled: true + config: + type: HTTP + httpHealthCheck: + port: '{{ .Values.server.service.servicePortHttp }}' + requestPath: "/" - # -- Defines which Gateway will implement the resource - gateway: "" + httpRoute: + # -- Enable a Gateway HTTP route resources for the Argo CD server + enabled: "{{ .Values.server.gateway.enabled | default false }}" + # -- Additional route labels + labels: {} + # -- Additional route annotations + annotations: {} - # -- Defines which Gateway section will implement the resource - gatewaySection: "" + # -- Defines which Gateway will implement the resource + gateway: "" - # -- Argo CD server hostname - # @default -- `""` (defaults to global.domain) - hostname: "" + # -- Defines which Gateway section will implement the resource + gatewaySection: "" - # -- The path to Argo CD server - path: / + # -- Argo CD server hostname + # @default -- `""` (defaults to global.domain) + hostname: "" - # -- HTTP reoute path type. Either 'Exact' or `PathPrefix` - pathType: PathPrefix + # -- The path to Argo CD server + path: / - # -- The list of additional hostnames to be covered by API Gateway record - extraHosts: [] + # -- HTTP reoute path type. Either 'Exact' or `PathPrefix` + pathType: PathPrefix - # -- Additional API Gateway paths - # @default -- `[]` (See [values.yaml]) - ## Note: Supports use of custom Helm templates - extraPaths: [] - # - type: PathPrefix - # value: /* + # -- The list of additional hostnames to be covered by API Gateway record + extraHosts: [] - # -- Additional routing rules - # @default -- `[]` (See [values.yaml]) - ## Note: Supports use of custom Helm templates - extraRules: [] - # - matches: - # - path: - # type: PathPrefix - # value: / - # backendRefs: - # - name: '{{ include "argo-cd.server.fullname" . }}' - # port: '{{ .Values.server.service.servicePortHttpName }}' + # -- Additional API Gateway paths + # @default -- `[]` (See [values.yaml]) + ## Note: Supports use of custom Helm templates + extraPaths: [] + # - type: PathPrefix + # value: /* + + # -- Additional routing rules + # @default -- `[]` (See [values.yaml]) + ## Note: Supports use of custom Helm templates + extraRules: [] + # - matches: + # - path: + # type: PathPrefix + # value: / + # backendRefs: + # - name: '{{ include "argo-cd.server.fullname" . }}' + # port: '{{ .Values.server.service.servicePortHttpName }}' # Argo CD server ingress configuration