Add secrettemplate to argo-cd server certificate

Signed-off-by: Ims, Julie <juliebergeims@gmail.com>
2024-06-19 12:46:23 +02:00 · 2024-06-19 12:46:23 +02:00 · f508a0347e
commit f508a0347e
parent 8130224b3b
4 changed files with 11 additions and 1 deletions
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@ -3,7 +3,7 @@ appVersion: v2.11.3
 kubeVersion: ">=1.23.0-0"
 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 7.1.4
+version: 7.1.5
 home: https://github.com/argoproj/argo-helm
 icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
 sources:
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@ -969,6 +969,7 @@ NAME: my-release
 | server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. |
 | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource |
 | server.certificate.usages | list | `[]` | Usages for the certificate |
+| server.certificate.secretTemplateAnnotations | object | `{}` | Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources |
 | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret |
 | server.certificateSecret.crt | string | `""` | Certificate data |
 | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret |
--- a/charts/argo-cd/templates/argocd-server/certificate.yaml
+++ b/charts/argo-cd/templates/argocd-server/certificate.yaml
@ -13,6 +13,13 @@ metadata:
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
 spec:
+  secretTemplate:
+    {{- with .Values.server.certificate.secretTemplateAnnotations }}
+    annotations:
+      {{- range $key, $value := . }}
+      {{ $key }}: {{ $value | quote }}
+      {{- end }}
+    {{- end }} 
  secretName: {{ .Values.server.certificate.secretName }}
  commonName: {{ .Values.server.certificate.domain | default .Values.global.domain }}
  dnsNames:
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@ -2029,6 +2029,8 @@ server:
    # -- Usages for the certificate
    ### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage
    usages: []
+    # Allows the certificate to be composed from data residing in existing Kubernetes Resources, including other Secrets.
+    secretTemplateAnnotations: {}

  # TLS certificate configuration via Secret
  ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server