DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into fix/remove-secretname-certificate

Browse source 
Signed-off-by: Erwan Vallienne <135604788+erwanval@users.noreply.github.com>
This commit is contained in:
Erwan Vallienne 2024-06-20 10:03:22 +02:00 committed by GitHub
commit e40171b167
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
charts/argo-cd/README.md
View file

@ -967,6 +967,7 @@ NAME: my-release
| server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | | server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` |
| server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. |
| server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. |
| server.certificate.secretTemplateAnnotations | object | `{}` | Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources |
| server.certificate.usages | list | `[]` | Usages for the certificate | | server.certificate.usages | list | `[]` | Usages for the certificate |
| server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret | | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret |
| server.certificateSecret.crt | string | `""` | Certificate data | | server.certificateSecret.crt | string | `""` | Certificate data |

7
charts/argo-cd/templates/argocd-server/certificate.yaml
View file

@ -13,6 +13,13 @@ metadata:
labels: labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
spec: spec:
secretTemplate:
{{- with .Values.server.certificate.secretTemplateAnnotations }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
secretName: argocd-server-tls secretName: argocd-server-tls
commonName: {{ .Values.server.certificate.domain | default .Values.global.domain }} commonName: {{ .Values.server.certificate.domain | default .Values.global.domain }}
dnsNames: dnsNames:

2
charts/argo-cd/values.yaml
View file

@ -2027,6 +2027,8 @@ server:
# -- Usages for the certificate # -- Usages for the certificate
### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage ### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage
usages: [] usages: []
# -- Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources
secretTemplateAnnotations: {}
# TLS certificate configuration via Secret # TLS certificate configuration via Secret
## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server