feat(argo-cd): Add ability to handle cluster credentials (#632)

* feat(argo-cd): Add ability to handle cluster credentials Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Apply review changes Co-authored-by: Oliver Bähler <oliverbaehler@hotmail.com> Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * fix: use stringData in cluster secret Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> Co-authored-by: Oliver Bähler <oliverbaehler@hotmail.com> Co-authored-by: Spencer Gilbert <Spencer.Gilbert@gmail.com>
2021-04-14 03:10:04 +02:00 · 2021-04-14 03:10:04 +02:00 · 84120e6da3
commit 84120e6da3
parent 4b9c281711
4 changed files with 48 additions and 1 deletions
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: 2.0.0
 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 3.0.0
+version: 3.1.0
 home: https://github.com/argoproj/argo-helm
 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
 keywords:
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@ -80,6 +80,7 @@ Helm v3 has removed the `install-crds` hook so CRDs are now populated by files i
 | global.hostAliases | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | `[]` |
 | nameOverride | Provide a name in place of `argocd` | `"argocd"` |
 | installCRDs | Install CRDs if you are using Helm2. | `true` |
+| configs.clusterCredentials | Provide one or multiple [external cluster credentials](https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters) | `[]` (See [values.yaml](values.yaml)) |
 | configs.knownHostsAnnotations | Known Hosts configmap annotations | `{}` |
 | configs.knownHosts.data.ssh_known_hosts | Known Hosts | See [values.yaml](values.yaml) |
 | configs.secret.annotations | Annotations for argocd-secret | `{}` |
--- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml
+++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml
@ -0,0 +1,23 @@
+{{- range .Values.configs.clusterCredentials }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "argo-cd.name" $ }}-cluster-{{ .name }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }}
+    argocd.argoproj.io/secret-type: cluster
+  {{- with .annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+type: Opaque
+stringData:
+  name: {{ required "A valid .Values.configs.clusterCredentials[].name entry is required!" .name }}
+  server: {{ required "A valid .Values.configs.clusterCredentials[].server entry is required!" .server }}
+  {{- with .namespaces }}
+  namespaces: {{ . }}
+  {{- end }}
+  config: |
+    {{- required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toPrettyJson | nindent 4 }}
+{{- end }}
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@ -872,6 +872,29 @@ repoServer:

 ## Argo Configs
 configs:
+  ## External Cluster Credentials
+  ## reference:
+  ## - https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters
+  ## - https://argoproj.github.io/argo-cd/operator-manual/security/#external-cluster-credentials
+  clusterCredentials: []
+    # - name: mycluster
+    #   server: https://mycluster.com
+    #   annotations: {}
+    #   config:
+    #     bearerToken: "<authentication token>"
+    #     tlsClientConfig:
+    #       insecure: false
+    #       caData: "<base64 encoded certificate>"
+    # - name: mycluster2
+    #   server: https://mycluster2.com
+    #   annotations: {}
+    #   namespaces: namespace1,namespace2
+    #   config:
+    #     bearerToken: "<authentication token>"
+    #     tlsClientConfig:
+    #       insecure: false
+    #       caData: "<base64 encoded certificate>"
+
  knownHostsAnnotations: {}
  knownHosts:
    data: