Take certificate, route and ingress host from Argo CD server URL config

2019-11-22 20:19:17 +01:00 · 2019-11-22 20:19:17 +01:00 · c897af9535
commit c897af9535
parent 1e2038adca
4 changed files with 26 additions and 43 deletions
--- a/charts/argo-cd/templates/argocd-server/certificate.yaml
+++ b/charts/argo-cd/templates/argocd-server/certificate.yaml
@ -1,4 +1,5 @@
 {{- if .Values.server.certificate.enabled -}}
+{{- $commonName := regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.server.config.url "${1}" }}
 apiVersion: certmanager.k8s.io/v1alpha1
 kind: Certificate
 metadata:
@ -11,14 +12,14 @@ metadata:
    app.kubernetes.io/part-of: argocd
    app.kubernetes.io/component: {{ .Values.server.name }}
 spec:
-  commonName: {{ .Values.server.certificate.domain | quote }}
+  commonName: {{ $commonName | quote }}
  dnsNames:
-    - {{ .Values.server.certificate.domain | quote }}
-  {{- range .Values.ingress.additionalHosts }}
-    - {{ . | quote }}
+    - {{ $commonName | quote }}
+  {{- range $dnsName := .Values.server.ingress.additionalHosts }}
+    - {{ $dnsName | quote }}
  {{- end }}
  issuerRef:
-    kind: {{ .Values.certificate.issuer.kind | quote }}
-    name: {{ .Values.certificate.issuer.name | quote }}
-  secretName: argocd-secret
+    kind: {{ .Values.server.certificate.issuer.kind | quote }}
+    name: {{ .Values.server.certificate.issuer.name | quote }}
+  secretName: "argocd-secret"
 {{- end }}
--- a/charts/argo-cd/templates/argocd-server/ingress.yaml
+++ b/charts/argo-cd/templates/argocd-server/ingress.yaml
@ -1,7 +1,8 @@
 {{- if .Values.server.ingress.enabled -}}
+{{- $host := regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.server.config.url "${1}" }}
+{{- $path := default "/" (regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.server.config.url "${2}") }}
 {{- $serviceName := include "argo-cd.server.fullname" . -}}
 {{- $servicePort := .Values.server.service.servicePortHttp -}}
-{{- $paths := .Values.server.ingress.paths -}}
 apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
@ -24,30 +25,17 @@ metadata:
 {{- end }}
 spec:
  rules:
-  {{- if .Values.server.ingress.hosts }}
-  {{- range $host := .Values.server.ingress.hosts }}
-    - host: {{ $host }}
+  {{- range $host := prepend .Values.server.ingress.additionalHosts $host }}
+    - host: {{ $host | quote }}
      http:
        paths:
-  {{- range $p := $paths }}
-          - path: {{ $p }}
+          - path: {{ $path | quote }}
            backend:
-              serviceName: {{ $serviceName }}
+              serviceName: {{ $serviceName | quote }}
              servicePort: {{ $servicePort }}
  {{- end -}}
-  {{- end -}}
-  {{- else }}
-    - http:
-        paths:
-  {{- range $p := $paths }}
-          - path: {{ $p }}
-            backend:
-              serviceName: {{ $serviceName }}
-              servicePort: {{ $servicePort }}
-  {{- end -}}
-  {{- end -}}
  {{- if .Values.server.ingress.tls }}
  tls:
 {{- toYaml .Values.server.ingress.tls | nindent 4 }}
  {{- end -}}
-{{- end -}}
+{{- end -}}
--- a/charts/argo-cd/templates/argocd-server/route.yaml
+++ b/charts/argo-cd/templates/argocd-server/route.yaml
@ -1,4 +1,5 @@
 {{- if .Values.server.route.enabled -}}
+{{- $host := regexReplaceAll "^https?://([^/]+)(/.*)?$" .Values.server.config.url "${1}" }}
 apiVersion: route.openshift.io/v1
 kind: Route
 metadata:
@ -15,16 +16,16 @@ metadata:
 {{ toYaml . | indent 4 }}
 {{- end }}
 spec:
-  host: {{ .Values.server.route.hostname | quote }}
+  host: {{ $host | quote }}
  subdomain: ''
  to:
-    kind: Service
-    name: {{ template "argo-cd.server.fullname" . }}
+    kind: "Service"
+    name: {{ include "argo-cd.server.fullname" . | quote }}
    weight: 100
  port:
-    targetPort: https
+    targetPort: "https"
  tls:
-    termination: passthrough
-    insecureEdgeTerminationPolicy: None
-  wildcardPolicy: None
+    termination: "passthrough"
+    insecureEdgeTerminationPolicy: "None"
+  wildcardPolicy: "None"
 {{- end }}
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@ -268,9 +268,9 @@ server:
  ## Certificate configuration
  certificate:
    enabled: false
-    domain: argocd.example.com
    issuer: {}
-    additionalHosts: []
+    #  kind: ClusterIssuer
+    #  name: letsencrypt

  ## Server service configuration
  service:
@ -304,14 +304,11 @@ server:
    labels: {}

    ## Argo Ingress.
-    ## Hostnames must be provided if Ingress is enabled.
    ## Secrets must be manually created in the namespace
    ##
-    hosts:
+    additionalHosts:
      []
      # - argocd.example.com
-    paths:
-      - /
    tls:
      []
      # - secretName: argocd-example-tls
@ -319,12 +316,8 @@ server:
      #     - argocd.example.com

  # Create a OpenShift Route with SSL passthrough for UI and CLI
-  # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain
-  # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain:
-  # If 'hostname' is an empty string "" OpenShift will create a hostname for you.
  route:
    enabled: false
-    hostname: ""

  ## ArgoCD config
  ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml