DevFW-CICD/argocd-helm
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(argo-cd): Add global domain configuration (#2499)

Browse source 
Signed-off-by: Petr Drastil <petr.drastil@gmail.com>
This commit is contained in:
Petr Drastil 2024-02-16 15:44:51 +01:00 committed by GitHub
parent ba20d95182
commit f8b1fecd81
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
11 changed files with 80 additions and 49 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
charts/argo-cd/Chart.yaml
View file

@ -3,7 +3,7 @@ appVersion: v2.10.1
kubeVersion: ">=1.23.0-0" kubeVersion: ">=1.23.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd name: argo-cd
version: 6.0.14 version: 6.1.0
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
sources: sources:
@ -26,5 +26,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: | artifacthub.io/changes: |
- kind: changed - kind: added
description: Bump argo-cd to v2.10.1 description: Configuration option global.domain that is tied to all components

44
charts/argo-cd/README.md
View file

@ -74,14 +74,15 @@ below corespond to their respective sections.
The `tls: true` option will expect that the `argocd-server-tls` secret exists as Argo CD server loads TLS certificates from this place. The `tls: true` option will expect that the `argocd-server-tls` secret exists as Argo CD server loads TLS certificates from this place.
```yaml ```yaml
global:
domain: argocd.example.com
certificate: certificate:
enabled: true enabled: true
domain: argocd.example.com
server: server:
ingress: ingress:
enabled: true enabled: true
hostname: argocd.example.com
ingressClassName: nginx ingressClassName: nginx
annotations: annotations:
nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
@ -92,6 +93,9 @@ server:
### SSL Termination at Ingress Controller ### SSL Termination at Ingress Controller
```yaml ```yaml
global:
domain: argocd.example.com
configs: configs:
params: params:
server.insecure: true server.insecure: true
@ -99,7 +103,6 @@ configs:
server: server:
ingress: ingress:
enabled: true enabled: true
hostname: argocd.example.com
ingressClassName: nginx ingressClassName: nginx
annotations: annotations:
nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
@ -119,6 +122,9 @@ server:
Use `ingressGrpc` section if your ingress controller supports only a single protocol per Ingress resource (i.e.: Contour). Use `ingressGrpc` section if your ingress controller supports only a single protocol per Ingress resource (i.e.: Contour).
```yaml ```yaml
global:
domain: argocd.example.com
configs: configs:
params: params:
server.insecure: true server.insecure: true
@ -126,7 +132,6 @@ configs:
server: server:
ingress: ingress:
enabled: true enabled: true
hostname: argocd.example.com
ingressClassName: contour-internal ingressClassName: contour-internal
extraTls: extraTls:
- hosts: - hosts:
@ -135,7 +140,6 @@ server:
ingressGrpc: ingressGrpc:
enabled: true enabled: true
hostname: grpc.argocd.example.com
ingressClassName: contour-internal ingressClassName: contour-internal
extraTls: extraTls:
- hosts: - hosts:
@ -146,10 +150,12 @@ server:
### Multiple ingress domains ### Multiple ingress domains
```yaml ```yaml
global:
domain: argocd.example.com
server: server:
ingress: ingress:
enabled: true enabled: true
hostname: argocd.example.com
ingressClassName: nginx ingressClassName: nginx
annotations: annotations:
cert-manager.io/cluster-issuer: "<my-issuer>" cert-manager.io/cluster-issuer: "<my-issuer>"
@ -169,6 +175,9 @@ The provided example assumes you are using TLS off-loading via AWS ACM service.
> Using `controller: aws` creates additional service for gRPC traffic and it's no longer need to use `ingressGrpc` configuration section. > Using `controller: aws` creates additional service for gRPC traffic and it's no longer need to use `ingressGrpc` configuration section.
```yaml ```yaml
global:
domain: argocd.example.com
configs: configs:
params: params:
server.insecure: true server.insecure: true
@ -176,7 +185,6 @@ configs:
server: server:
ingress: ingress:
enabled: true enabled: true
hostname: argocd.example.com
controller: aws controller: aws
ingressClassName: alb ingressClassName: alb
annotations: annotations:
@ -184,7 +192,7 @@ server:
alb.ingress.kubernetes.io/target-type: ip alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/backend-protocol: HTTP alb.ingress.kubernetes.io/backend-protocol: HTTP
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]' alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]'
alb.ingress.kubernetes.io/ssl-redirect" '443' alb.ingress.kubernetes.io/ssl-redirect: '443'
aws: aws:
serviceType: ClusterIP # <- Used with target-type: ip serviceType: ClusterIP # <- Used with target-type: ip
backendProtocolVersion: GRPC backendProtocolVersion: GRPC
@ -196,6 +204,9 @@ The implementation will populate `ingressClassName`, `networking.gke.io/managed-
automatically if you provide configuration for GKE resources. automatically if you provide configuration for GKE resources.
```yaml ```yaml
global:
domain: argocd.example.com
configs: configs:
params: params:
server.insecure: true server.insecure: true
@ -208,7 +219,6 @@ server:
ingress: ingress:
enabled: true enabled: true
hostname: argocd.example.com
controller: gke controller: gke
gke: gke:
backendConfig: backendConfig:
@ -268,6 +278,10 @@ For full list of changes please check ArtifactHub [changelog].
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
### 6.1.0
Added support for global domain used by all components.
### 6.0.0 ### 6.0.0
This version **removes support for**: This version **removes support for**:
@ -610,6 +624,7 @@ NAME: my-release
| global.certificateAnnotations | object | `{}` | Annotations for the all deployed Certificates | | global.certificateAnnotations | object | `{}` | Annotations for the all deployed Certificates |
| global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments |
| global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments |
| global.domain | string | `"argocd.example.com"` | Default domain used by all components |
| global.env | list | `[]` | Environment variables to pass to all deployed Deployments | | global.env | list | `[]` | Environment variables to pass to all deployed Deployments |
| global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files |
| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments |
@ -643,7 +658,6 @@ NAME: my-release
| configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | | configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository |
| configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap |
| configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] | | configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] |
| configs.cm.url | string | `""` | Argo CD's externally facing base URL (optional). Required when configuring SSO |
| configs.cmp.annotations | object | `{}` | Annotations to be added to argocd-cmp-cm configmap | | configs.cmp.annotations | object | `{}` | Annotations to be added to argocd-cmp-cm configmap |
| configs.cmp.create | bool | `false` | Create the argocd-cmp-cm configmap | | configs.cmp.create | bool | `false` | Create the argocd-cmp-cm configmap |
| configs.cmp.plugins | object | `{}` | Plugin yaml files to be added to argocd-cmp-cm | | configs.cmp.plugins | object | `{}` | Plugin yaml files to be added to argocd-cmp-cm |
@ -884,7 +898,7 @@ NAME: my-release
| server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] |
| server.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | | server.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) |
| server.certificate.annotations | object | `{}` | Annotations to be applied to the Server Certificate | | server.certificate.annotations | object | `{}` | Annotations to be applied to the Server Certificate |
| server.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | | server.certificate.domain | string | `""` (defaults to global.domain) | Certificate primary domain (commonName) |
| server.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | server.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. |
| server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | | server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) |
| server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | | server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` |
@ -938,7 +952,7 @@ NAME: my-release
| server.ingress.gke.frontendConfig | object | `{}` (See [values.yaml]) | Google [FrontendConfig] resource, for use with the GKE Ingress Controller | | server.ingress.gke.frontendConfig | object | `{}` (See [values.yaml]) | Google [FrontendConfig] resource, for use with the GKE Ingress Controller |
| server.ingress.gke.managedCertificate.create | bool | `true` | Create ManagedCertificate resource and annotations for Google Load balancer | | server.ingress.gke.managedCertificate.create | bool | `true` | Create ManagedCertificate resource and annotations for Google Load balancer |
| server.ingress.gke.managedCertificate.extraDomains | list | `[]` | Additional domains for ManagedCertificate resource | | server.ingress.gke.managedCertificate.extraDomains | list | `[]` | Additional domains for ManagedCertificate resource |
| server.ingress.hostname | string | `"argocd.example.com"` | Argo CD server hostname | | server.ingress.hostname | string | `""` (defaults to global.domain) | Argo CD server hostname |
| server.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | | server.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource |
| server.ingress.labels | object | `{}` | Additional ingress labels | | server.ingress.labels | object | `{}` | Additional ingress labels |
| server.ingress.path | string | `"/"` | The path to Argo CD server | | server.ingress.path | string | `"/"` | The path to Argo CD server |
@ -1272,7 +1286,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
| applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | | applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) |
| applicationSet.certificate.annotations | object | `{}` | Annotations to be applied to the ApplicationSet Certificate | | applicationSet.certificate.annotations | object | `{}` | Annotations to be applied to the ApplicationSet Certificate |
| applicationSet.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | | applicationSet.certificate.domain | string | `""` (defaults to global.domain) | Certificate primary domain (commonName) |
| applicationSet.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | applicationSet.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. |
| applicationSet.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | | applicationSet.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) |
| applicationSet.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | | applicationSet.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` |
@ -1309,7 +1323,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| applicationSet.ingress.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths | | applicationSet.ingress.extraPaths | list | `[]` (See [values.yaml]) | Additional ingress paths |
| applicationSet.ingress.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules | | applicationSet.ingress.extraRules | list | `[]` (See [values.yaml]) | Additional ingress rules |
| applicationSet.ingress.extraTls | list | `[]` (See [values.yaml]) | Additional ingress TLS configuration | | applicationSet.ingress.extraTls | list | `[]` (See [values.yaml]) | Additional ingress TLS configuration |
| applicationSet.ingress.hostname | string | `"argocd.example.com"` | Argo CD ApplicationSet hostname | | applicationSet.ingress.hostname | string | `""` (defaults to global.domain) | Argo CD ApplicationSet hostname |
| applicationSet.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource | | applicationSet.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource |
| applicationSet.ingress.labels | object | `{}` | Additional ingress labels | | applicationSet.ingress.labels | object | `{}` | Additional ingress labels |
| applicationSet.ingress.path | string | `"/api/webhook"` | List of ingress paths | | applicationSet.ingress.path | string | `"/api/webhook"` | List of ingress paths |
@ -1377,7 +1391,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| Key | Type | Default | Description | | Key | Type | Default | Description |
|-----|------|---------|-------------| |-----|------|---------|-------------|
| notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
| notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | | notifications.argocdUrl | string | `""` (defaults to https://`global.domain`) | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates |
| notifications.clusterRoleRules.rules | list | `[]` | List of custom rules for the notifications controller's ClusterRole resource | | notifications.clusterRoleRules.rules | list | `[]` | List of custom rules for the notifications controller's ClusterRole resource |
| notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map |
| notifications.containerPorts.metrics | int | `9001` | Metrics container port | | notifications.containerPorts.metrics | int | `9001` | Metrics container port |

32
charts/argo-cd/README.md.gotmpl
View file

@ -73,14 +73,15 @@ below corespond to their respective sections.
The `tls: true` option will expect that the `argocd-server-tls` secret exists as Argo CD server loads TLS certificates from this place. The `tls: true` option will expect that the `argocd-server-tls` secret exists as Argo CD server loads TLS certificates from this place.
```yaml ```yaml
global:
domain: argocd.example.com
certificate: certificate:
enabled: true enabled: true
domain: argocd.example.com
server: server:
ingress: ingress:
enabled: true enabled: true
hostname: argocd.example.com
ingressClassName: nginx ingressClassName: nginx
annotations: annotations:
nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
@ -91,6 +92,9 @@ server:
### SSL Termination at Ingress Controller ### SSL Termination at Ingress Controller
```yaml ```yaml
global:
domain: argocd.example.com
configs: configs:
params: params:
server.insecure: true server.insecure: true
@ -98,7 +102,6 @@ configs:
server: server:
ingress: ingress:
enabled: true enabled: true
hostname: argocd.example.com
ingressClassName: nginx ingressClassName: nginx
annotations: annotations:
nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
@ -118,6 +121,9 @@ server:
Use `ingressGrpc` section if your ingress controller supports only a single protocol per Ingress resource (i.e.: Contour). Use `ingressGrpc` section if your ingress controller supports only a single protocol per Ingress resource (i.e.: Contour).
```yaml ```yaml
global:
domain: argocd.example.com
configs: configs:
params: params:
server.insecure: true server.insecure: true
@ -125,7 +131,6 @@ configs:
server: server:
ingress: ingress:
enabled: true enabled: true
hostname: argocd.example.com
ingressClassName: contour-internal ingressClassName: contour-internal
extraTls: extraTls:
- hosts: - hosts:
@ -134,7 +139,6 @@ server:
ingressGrpc: ingressGrpc:
enabled: true enabled: true
hostname: grpc.argocd.example.com
ingressClassName: contour-internal ingressClassName: contour-internal
extraTls: extraTls:
- hosts: - hosts:
@ -145,10 +149,12 @@ server:
### Multiple ingress domains ### Multiple ingress domains
```yaml ```yaml
global:
domain: argocd.example.com
server: server:
ingress: ingress:
enabled: true enabled: true
hostname: argocd.example.com
ingressClassName: nginx ingressClassName: nginx
annotations: annotations:
cert-manager.io/cluster-issuer: "<my-issuer>" cert-manager.io/cluster-issuer: "<my-issuer>"
@ -168,6 +174,9 @@ The provided example assumes you are using TLS off-loading via AWS ACM service.
> Using `controller: aws` creates additional service for gRPC traffic and it's no longer need to use `ingressGrpc` configuration section. > Using `controller: aws` creates additional service for gRPC traffic and it's no longer need to use `ingressGrpc` configuration section.
```yaml ```yaml
global:
domain: argocd.example.com
configs: configs:
params: params:
server.insecure: true server.insecure: true
@ -175,7 +184,6 @@ configs:
server: server:
ingress: ingress:
enabled: true enabled: true
hostname: argocd.example.com
controller: aws controller: aws
ingressClassName: alb ingressClassName: alb
annotations: annotations:
@ -183,7 +191,7 @@ server:
alb.ingress.kubernetes.io/target-type: ip alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/backend-protocol: HTTP alb.ingress.kubernetes.io/backend-protocol: HTTP
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]' alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":80}, {"HTTPS":443}]'
alb.ingress.kubernetes.io/ssl-redirect" '443' alb.ingress.kubernetes.io/ssl-redirect: '443'
aws: aws:
serviceType: ClusterIP # <- Used with target-type: ip serviceType: ClusterIP # <- Used with target-type: ip
backendProtocolVersion: GRPC backendProtocolVersion: GRPC
@ -195,6 +203,9 @@ The implementation will populate `ingressClassName`, `networking.gke.io/managed-
automatically if you provide configuration for GKE resources. automatically if you provide configuration for GKE resources.
```yaml ```yaml
global:
domain: argocd.example.com
configs: configs:
params: params:
server.insecure: true server.insecure: true
@ -207,7 +218,6 @@ server:
ingress: ingress:
enabled: true enabled: true
hostname: argocd.example.com
controller: gke controller: gke
gke: gke:
backendConfig: backendConfig:
@ -268,6 +278,10 @@ For full list of changes please check ArtifactHub [changelog].
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
### 6.1.0
Added support for global domain used by all components.
### 6.0.0 ### 6.0.0
This version **removes support for**: This version **removes support for**:

1
charts/argo-cd/templates/_helpers.tpl
View file

@ -163,6 +163,7 @@ Argo Configuration Preset Values (Incluenced by Values configuration)
*/}} */}}
{{- define "argo-cd.config.cm.presets" -}} {{- define "argo-cd.config.cm.presets" -}}
{{- $presets := dict -}} {{- $presets := dict -}}
{{- $_ := set $presets "url" (printf "https://%s" .Values.global.domain) -}}
{{- if .Values.configs.styles -}} {{- if .Values.configs.styles -}}
{{- $_ := set $presets "ui.cssurl" "./custom/custom.styles.css" -}} {{- $_ := set $presets "ui.cssurl" "./custom/custom.styles.css" -}}
{{- end -}} {{- end -}}

4
charts/argo-cd/templates/argocd-applicationset/certificate.yaml
View file

@ -14,9 +14,9 @@ metadata:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
spec: spec:
secretName: {{ .Values.applicationSet.certificate.secretName }} secretName: {{ .Values.applicationSet.certificate.secretName }}
commonName: {{ .Values.applicationSet.certificate.domain | quote }} commonName: {{ .Values.applicationSet.certificate.domain | default .Values.global.domain }}
dnsNames: dnsNames:
- {{ .Values.applicationSet.certificate.domain | quote }} - {{ .Values.applicationSet.certificate.domain | default .Values.global.domain }}
{{- range .Values.applicationSet.certificate.additionalHosts }} {{- range .Values.applicationSet.certificate.additionalHosts }}
- {{ . | quote }} - {{ . | quote }}
{{- end }} {{- end }}

4
charts/argo-cd/templates/argocd-applicationset/ingress.yaml
View file

@ -20,8 +20,7 @@ spec:
ingressClassName: {{ . }} ingressClassName: {{ . }}
{{- end }} {{- end }}
rules: rules:
{{- if .Values.applicationSet.ingress.hostname }} - host: {{ .Values.applicationSet.ingress.hostname | default .Values.global.domain }}
- host: {{ .Values.applicationSet.ingress.hostname }}
http: http:
paths: paths:
{{- with .Values.applicationSet.ingress.extraPaths }} {{- with .Values.applicationSet.ingress.extraPaths }}
@ -34,7 +33,6 @@ spec:
name: {{ include "argo-cd.applicationSet.fullname" . }} name: {{ include "argo-cd.applicationSet.fullname" . }}
port: port:
number: {{ .Values.applicationSet.service.port }} number: {{ .Values.applicationSet.service.port }}
{{- end }}
{{- range .Values.applicationSet.ingress.extraHosts }} {{- range .Values.applicationSet.ingress.extraHosts }}
- host: {{ .name | quote }} - host: {{ .name | quote }}
http: http:

2
charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml
View file

@ -8,7 +8,7 @@ metadata:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
data: data:
context: | context: |
argocdUrl: {{ .Values.notifications.argocdUrl | quote }} argocdUrl: {{ .Values.notifications.argocdUrl | default (printf "https://%s" .Values.global.domain) }}
{{- with .Values.notifications.context }} {{- with .Values.notifications.context }}
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 4 }}
{{- end }} {{- end }}

4
charts/argo-cd/templates/argocd-server/certificate.yaml
View file

@ -14,9 +14,9 @@ metadata:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
spec: spec:
secretName: {{ .Values.server.certificate.secretName }} secretName: {{ .Values.server.certificate.secretName }}
commonName: {{ .Values.server.certificate.domain | quote }} commonName: {{ .Values.server.certificate.domain | default .Values.global.domain }}
dnsNames: dnsNames:
- {{ .Values.server.certificate.domain | quote }} - {{ .Values.server.certificate.domain | default .Values.global.domain }}
{{- range .Values.server.certificate.additionalHosts }} {{- range .Values.server.certificate.additionalHosts }}
- {{ . | quote }} - {{ . | quote }}
{{- end }} {{- end }}

4
charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
View file

@ -1,5 +1,5 @@
{{- if and .Values.server.ingressGrpc.enabled (eq .Values.server.ingress.controller "generic") -}} {{- if and .Values.server.ingressGrpc.enabled (eq .Values.server.ingress.controller "generic") -}}
{{- $hostname := .Values.server.ingressGrpc.hostname | default (printf "grpc.%s" .Values.server.ingress.hostname) -}} {{- $hostname := printf "grpc.%s" (.Values.server.ingress.hostname | default .Values.global.domain) -}}
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
@ -21,7 +21,7 @@ spec:
ingressClassName: {{ . }} ingressClassName: {{ . }}
{{- end }} {{- end }}
rules: rules:
- host: {{ $hostname }} - host: {{ .Values.server.ingressGrpc.hostname | default $hostname }}
http: http:
paths: paths:
{{- with .Values.server.ingressGrpc.extraPaths }} {{- with .Values.server.ingressGrpc.extraPaths }}

2
charts/argo-cd/templates/argocd-server/ingress.yaml
View file

@ -22,7 +22,7 @@ spec:
ingressClassName: {{ . }} ingressClassName: {{ . }}
{{- end }} {{- end }}
rules: rules:
- host: {{ .Values.server.ingress.hostname }} - host: {{ .Values.server.ingress.hostname | default .Values.global.domain }}
http: http:
paths: paths:
{{- with .Values.server.ingress.extraPaths }} {{- with .Values.server.ingress.extraPaths }}

24
charts/argo-cd/values.yaml
View file

@ -37,6 +37,10 @@ crds:
## Globally shared configuration ## Globally shared configuration
global: global:
# -- Default domain used by all components
## Used for ingresses, certificates, SSO, notifications, etc.
domain: argocd.example.com
# -- Common labels for the all resources # -- Common labels for the all resources
additionalLabels: {} additionalLabels: {}
# app: argo-cd # app: argo-cd
@ -155,9 +159,6 @@ configs:
# -- Annotations to be added to argocd-cm configmap # -- Annotations to be added to argocd-cm configmap
annotations: {} annotations: {}
# -- Argo CD's externally facing base URL (optional). Required when configuring SSO
url: ""
# -- The name of tracking label used by Argo CD for resource pruning # -- The name of tracking label used by Argo CD for resource pruning
application.instanceLabelKey: argocd.argoproj.io/instance application.instanceLabelKey: argocd.argoproj.io/instance
@ -1828,7 +1829,8 @@ server:
# -- The name of the Secret that will be automatically created and managed by this Certificate resource # -- The name of the Secret that will be automatically created and managed by this Certificate resource
secretName: argocd-server-tls secretName: argocd-server-tls
# -- Certificate primary domain (commonName) # -- Certificate primary domain (commonName)
domain: argocd.example.com # @default -- `""` (defaults to global.domain)
domain: ""
# -- Certificate Subject Alternate Names (SANs) # -- Certificate Subject Alternate Names (SANs)
additionalHosts: [] additionalHosts: []
# -- The requested 'duration' (i.e. lifetime) of the certificate. # -- The requested 'duration' (i.e. lifetime) of the certificate.
@ -1985,8 +1987,8 @@ server:
ingressClassName: "" ingressClassName: ""
# -- Argo CD server hostname # -- Argo CD server hostname
## NOTE: Hostname must be provided if Ingress is enabled # @default -- `""` (defaults to global.domain)
hostname: argocd.example.com hostname: ""
# -- The path to Argo CD server # -- The path to Argo CD server
path: / path: /
@ -2792,7 +2794,8 @@ applicationSet:
# -- The name of the Secret that will be automatically created and managed by this Certificate resource # -- The name of the Secret that will be automatically created and managed by this Certificate resource
secretName: argocd-applicationset-controller-tls secretName: argocd-applicationset-controller-tls
# -- Certificate primary domain (commonName) # -- Certificate primary domain (commonName)
domain: argocd.example.com # @default -- `""` (defaults to global.domain)
domain: ""
# -- Certificate Subject Alternate Names (SANs) # -- Certificate Subject Alternate Names (SANs)
additionalHosts: [] additionalHosts: []
# -- The requested 'duration' (i.e. lifetime) of the certificate. # -- The requested 'duration' (i.e. lifetime) of the certificate.
@ -2839,8 +2842,8 @@ applicationSet:
ingressClassName: "" ingressClassName: ""
# -- Argo CD ApplicationSet hostname # -- Argo CD ApplicationSet hostname
## NOTE: Hostname must be provided if Ingress is enabled # @default -- `""` (defaults to global.domain)
hostname: argocd.example.com hostname: ""
# -- List of ingress paths # -- List of ingress paths
path: /api/webhook path: /api/webhook
@ -2897,7 +2900,8 @@ notifications:
name: notifications-controller name: notifications-controller
# -- Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates # -- Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates
argocdUrl: # @default -- `""` (defaults to https://`global.domain`)
argocdUrl: ""
## Notifications controller Pod Disruption Budget ## Notifications controller Pod Disruption Budget
## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/