Merge branch 'master' into add-prometheus-rules

charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml

@@ -13,7 +13,9 @@ metadata:
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: argocd
     app.kubernetes.io/component: {{ .Values.controller.name }}
+    {{- if .Values.controller.metrics.serviceMonitor.selector }}
 {{- toYaml .Values.controller.metrics.serviceMonitor.selector | nindent 4 }}
+    {{- end }}
     {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }}
 {{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }}
     {{- end }}
@@ -29,4 +31,5 @@ spec:
     matchLabels:
       app.kubernetes.io/name: {{ include "argo-cd.name" . }}-metrics
       app.kubernetes.io/component: {{ .Values.controller.name }}
-{{- end }}
+{{- end }}
+

charts/argo-cd/templates/argocd-configs/argocd-secret.yaml

@@ -11,17 +11,31 @@ metadata:
     app.kubernetes.io/part-of: argocd
     app.kubernetes.io/component: {{ .Values.server.name }}
 type: Opaque
-{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketSecret) }}
+{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig) }}
 # Setting a blank data again will wipe admin password/key/cert
 data:
   {{- if .Values.configs.secret.githubSecret }}
-  github.webhook.secret: {{ .Values.configs.secret.githubSecret | b64enc }}
+  webhook.github.secret: {{ .Values.configs.secret.githubSecret | b64enc }}
   {{- end }}
   {{- if .Values.configs.secret.gitlabSecret }}
-  gitlab.webhook.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }}
+  webhook.gitlab.secret: {{ .Values.configs.secret.gitlabSecret | b64enc }}
   {{- end }}
-  {{- if .Values.configs.secret.bitbucketSecret }}
-  bitbucket.webhook.uuid: {{ .Values.configs.secret.bitbucketSecret | b64enc }}
+  {{- if .Values.configs.secret.bitbucketServerSecret }}
+  webhook.bitbucketserver.secret: {{ .Values.configs.secret.bitbucketServerSecret | b64enc }}
+  {{- end }}
+  {{- if .Values.configs.secret.bitbucketUUID }}
+  webhook.bitbucket.uuid: {{ .Values.configs.secret.bitbucketUUID | b64enc }}
+  {{- end }}
+  {{- if .Values.configs.secret.gogsSecret }}
+  webhook.gogs.secret: {{ .Values.configs.secret.gogsSecret | b64enc }}
+  {{- end }}
+  {{- if .Values.configs.secret.argocdServerTlsConfig }}
+  tls.key: {{ .Values.configs.secret.argocdServerTlsConfig.key | b64enc }}
+  tls.crt: {{ .Values.configs.secret.argocdServerTlsConfig.crt | b64enc }}
+  {{- end }}
+  {{- if .Values.configs.secret.argocdServerAdminPassword }}
+  admin.password: {{ .Values.configs.secret.argocdServerAdminPassword | b64enc }}
+  admin.passwordMtime: {{ date "2006-01-02T15:04:05Z" now | b64enc }}
   {{- end }}
 {{- end }}
-{{- end }}
+{{- end }}

charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml

@@ -13,7 +13,9 @@ metadata:
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: argocd
     app.kubernetes.io/component: {{ .Values.repoServer.name }}
+    {{- if .Values.repoServer.metrics.serviceMonitor.selector }}
 {{- toYaml .Values.repoServer.metrics.serviceMonitor.selector | nindent 4 }}
+    {{- end }}
     {{- if .Values.repoServer.metrics.serviceMonitor.additionalLabels }}
 {{- toYaml .Values.repoServer.metrics.serviceMonitor.additionalLabels | nindent 4 }}
     {{- end }}
@@ -30,4 +32,5 @@ spec:
       app.kubernetes.io/instance: {{ .Release.Name }}
       app.kubernetes.io/name: {{ template "argo-cd.repoServer.fullname" . }}-metrics
       app.kubernetes.io/component: {{ .Values.repoServer.name }}
-{{- end }}
+{{- end }}
+

charts/argo-cd/templates/argocd-server/certificate.yaml

@@ -14,11 +14,11 @@ spec:
   commonName: {{ .Values.server.certificate.domain | quote }}
   dnsNames:
     - {{ .Values.server.certificate.domain | quote }}
-  {{- range .Values.ingress.additionalHosts }}
+  {{- range .Values.server.certificate.additionalHosts }}
     - {{ . | quote }}
   {{- end }}
   issuerRef:
-    kind: {{ .Values.certificate.issuer.kind | quote }}
-    name: {{ .Values.certificate.issuer.name | quote }}
+    kind: {{ .Values.server.certificate.issuer.kind | quote }}
+    name: {{ .Values.server.certificate.issuer.name | quote }}
   secretName: argocd-secret
 {{- end }}

charts/argo-cd/templates/argocd-server/servicemonitor.yaml

@@ -13,7 +13,9 @@ metadata:
     app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/part-of: argocd
     app.kubernetes.io/component: {{ .Values.server.name }}
+    {{- if .Values.server.metrics.serviceMonitor.selector }}
 {{- toYaml .Values.server.metrics.serviceMonitor.selector | nindent 4 }}
+    {{- end }}
     {{- if .Values.server.metrics.serviceMonitor.additionalLabels }}
 {{- toYaml .Values.server.metrics.serviceMonitor.additionalLabels | nindent 4 }}
     {{- end }}
@@ -30,4 +32,5 @@ spec:
       app.kubernetes.io/instance: {{ .Release.Name }}
       app.kubernetes.io/name: {{ include "argo-cd.name" . }}-{{ .Values.server.name }}-metrics
       app.kubernetes.io/component: {{ .Values.server.name }}
-{{- end }}
+{{- end }}
+

charts/argo-cd/values.yaml

@@ -636,6 +636,25 @@ configs:
     # -----END RSA PRIVATE KEY-----
   secret:
     createSecret: true
+
+    # Webhook Configs
     githubSecret: ""
     gitlabSecret: ""
-    bitbucketSecret: ""
+    bitbucketServerSecret: ""
+    bitbucketUUÌD: ""
+    gogsSecret: ""
+
+# Argo TLS Data.
+  argocdServerTlsConfig: {}
+    # key:
+    # crt: |
+    #   -----BEGIN CERTIFICATE-----
+    #   <cert data>
+    #   -----END CERTIFICATE-----
+    #   -----BEGIN CERTIFICATE-----
+    #   <ca cert data>
+    #   -----END CERTIFICATE-----
+
+  # Argo expects the password in the secret to be bcrypt hashed. You can create this hash with
+  # `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'`
+  # argocdServerAdminPassword: