DevFW-CICD/argocd-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(argo-cd): Remove wildcard catch all ingress rule

Browse source 
Signed-off-by: Petr Drastil <petr.drastil@gmail.com>
This commit is contained in:
Petr Drastil 2024-01-06 22:34:03 +01:00
parent 9892e505f1
commit f8dd7e0a4d
No known key found for this signature in database
GPG key ID: B147517F4051E6ED
4 changed files with 24 additions and 87 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
charts/argo-cd/Chart.yaml
View file

@ -3,7 +3,7 @@ appVersion: v2.9.3
kubeVersion: ">=1.23.0-0" kubeVersion: ">=1.23.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd name: argo-cd
version: 5.52.1 version: 5.53.0
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
sources: sources:
@ -26,5 +26,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: | artifacthub.io/changes: |
- kind: changed - kind: removed
description: DRY cleanup of ServiceAccounts description: Wildcard catch all ingress rule

31
charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml
View file

@ -1,4 +1,4 @@
{{- if and .Values.applicationSet.enabled .Values.applicationSet.webhook.ingress.enabled -}} {{- if and .Values.applicationSet.enabled (and .Values.applicationSet.webhook.ingress.enabled .Values.applicationSet.webhook.ingress.hosts) -}}
{{- $servicePort := .Values.applicationSet.service.portName -}} {{- $servicePort := .Values.applicationSet.service.portName -}}
{{- $paths := .Values.applicationSet.webhook.ingress.paths -}} {{- $paths := .Values.applicationSet.webhook.ingress.paths -}}
{{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}} {{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}}
@ -24,13 +24,12 @@ spec:
ingressClassName: {{ . }} ingressClassName: {{ . }}
{{- end }} {{- end }}
rules: rules:
{{- if .Values.applicationSet.webhook.ingress.hosts }} {{- range .Values.applicationSet.webhook.ingress.hosts }}
{{- range $host := .Values.applicationSet.webhook.ingress.hosts }} - host: {{ . }}
- host: {{ $host }}
http: http:
paths: paths:
{{- with $extraPaths }} {{- with $extraPaths }}
{{- toYaml . | nindent 10 }} {{- toYaml . | nindent 10 }}
{{- end }} {{- end }}
{{- range $p := $paths }} {{- range $p := $paths }}
- path: {{ $p }} - path: {{ $p }}
@ -44,28 +43,8 @@ spec:
{{- else }} {{- else }}
name: {{ $servicePort }} name: {{ $servicePort }}
{{- end }} {{- end }}
{{- end -}}
{{- end -}}
{{- else }}
- http:
paths:
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }} {{- end }}
{{- range $p := $paths }} {{- end }}
- path: {{ $p }}
pathType: {{ $pathType }}
backend:
service:
name: {{ include "argo-cd.applicationSet.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- with .Values.applicationSet.webhook.ingress.tls }} {{- with .Values.applicationSet.webhook.ingress.tls }}
tls: tls:
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 4 }}

35
charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
View file

@ -1,4 +1,4 @@
{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}} {{- if and (and .Values.server.ingressGrpc.enabled .Values.server.ingressGrpc.hosts) (not .Values.server.ingressGrpc.isAWSALB) -}}
{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}}
{{- $paths := .Values.server.ingressGrpc.paths -}} {{- $paths := .Values.server.ingressGrpc.paths -}}
{{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}}
@ -24,13 +24,12 @@ spec:
ingressClassName: {{ . }} ingressClassName: {{ . }}
{{- end }} {{- end }}
rules: rules:
{{- if .Values.server.ingressGrpc.hosts }} {{- range .Values.server.ingressGrpc.hosts }}
{{- range $host := .Values.server.ingressGrpc.hosts }} - host: {{ . }}
- host: {{ $host }}
http: http:
paths: paths:
{{- with $extraPaths }} {{- with $extraPaths }}
{{- toYaml . | nindent 10 }} {{- toYaml . | nindent 10 }}
{{- end }} {{- end }}
{{- range $p := $paths }} {{- range $p := $paths }}
- path: {{ $p }} - path: {{ $p }}
@ -44,30 +43,10 @@ spec:
{{- else }} {{- else }}
name: {{ $servicePort }} name: {{ $servicePort }}
{{- end }} {{- end }}
{{- end -}}
{{- end -}}
{{- else }}
- http:
paths:
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }} {{- end }}
{{- range $p := $paths }} {{- end }}
- path: {{ $p }}
pathType: {{ $pathType }}
backend:
service:
name: {{ include "argo-cd.server.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- with .Values.server.ingressGrpc.tls }} {{- with .Values.server.ingressGrpc.tls }}
tls: tls:
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 4 }}
{{- end -}} {{- end }}
{{- end -}} {{- end }}

39
charts/argo-cd/templates/argocd-server/ingress.yaml
View file

@ -1,4 +1,4 @@
{{- if .Values.server.ingress.enabled -}} {{- if and .Values.server.ingress.enabled .Values.server.ingress.hosts -}}
{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}}
{{- $paths := .Values.server.ingress.paths -}} {{- $paths := .Values.server.ingress.paths -}}
{{- $extraPaths := .Values.server.ingress.extraPaths -}} {{- $extraPaths := .Values.server.ingress.extraPaths -}}
@ -28,13 +28,12 @@ spec:
ingressClassName: {{ . }} ingressClassName: {{ . }}
{{- end }} {{- end }}
rules: rules:
{{- if .Values.server.ingress.hosts }} {{- range .Values.server.ingress.hosts }}
{{- range $host := .Values.server.ingress.hosts }} - host: {{ . }}
- host: {{ $host | quote }}
http: http:
paths: paths:
{{- with $extraPaths }} {{- with $extraPaths }}
{{- toYaml . | nindent 10 }} {{- toYaml . | nindent 10 }}
{{- end }} {{- end }}
{{- range $p := $paths }} {{- range $p := $paths }}
{{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }}
@ -42,34 +41,14 @@ spec:
pathType: {{ $.Values.server.ingressGrpc.pathType }} pathType: {{ $.Values.server.ingressGrpc.pathType }}
backend: backend:
service: service:
name: {{ template "argo-cd.server.fullname" $ }}-grpc name: {{ include "argo-cd.server.fullname" $ }}-grpc
port: port:
{{- if kindIs "float64" $servicePort }} {{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }} number: {{ $servicePort }}
{{- else }} {{- else }}
name: {{ $servicePort }} name: {{ $servicePort }}
{{- end }} {{- end }}
{{- end }}
- path: {{ $p }}
pathType: {{ $pathType }}
backend:
service:
name: {{ include "argo-cd.server.fullname" $ }}
port:
{{- if kindIs "float64" $servicePort }}
number: {{ $servicePort }}
{{- else }}
name: {{ $servicePort }}
{{- end }}
{{- end -}}
{{- end -}}
{{- else }}
- http:
paths:
{{- with $extraPaths }}
{{- toYaml . | nindent 10 }}
{{- end }} {{- end }}
{{- range $p := $paths }}
- path: {{ $p }} - path: {{ $p }}
pathType: {{ $pathType }} pathType: {{ $pathType }}
backend: backend:
@ -81,10 +60,10 @@ spec:
{{- else }} {{- else }}
name: {{ $servicePort }} name: {{ $servicePort }}
{{- end }} {{- end }}
{{- end -}} {{- end }}
{{- end -}} {{- end }}
{{- with .Values.server.ingress.tls }} {{- with .Values.server.ingress.tls }}
tls: tls:
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 4 }}
{{- end -}} {{- end }}
{{- end -}} {{- end }}