Skip to content

Commit cc89beb

Browse files
authored
chore: move argo-cd auth values to global.integrations.argo-cd.server.auth (#768)
* fix: update app-proxy image tags to 1.3798.0 (app-proxy does not monitor and re-create the argocd-token if it was already created before the Pod started (codefresh-io/argo-platform#6710)) * inject username/password OR token into app-proxy env * fixed component-tests gitea to not depend on bitnami images
1 parent 370f6ea commit cc89beb

File tree

16 files changed

+459
-303
lines changed

16 files changed

+459
-303
lines changed

charts/gitops-runtime/templates/_components/cap-app-proxy/_config.yaml

Lines changed: 4 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,11 @@
1-
{{- define "cap-app-proxy.resources.configmap-documented-configs"}}
2-
argoCdUrl: {{ .Values.config.argoCdUrl }}
3-
argoCdUsername: {{ .Values.config.argoCdUsername }}
1+
{{- define "cap-app-proxy.resources.configmap-documented-configs" }}
42
argoWorkflowsInsecure: {{ .Values.config.argoWorkflowsInsecure | quote }}
5-
argoWorkflowsUrl: {{ default "" .Values.config.argoWorkflowsUrl }}
3+
clusterChunkSize: {{ .Values.config.clusterChunkSize | quote }}
64
cors: {{ .Values.global.codefresh.url }}
7-
{{- with .Values.config.clusterChunkSize }}
8-
clusterChunkSize: {{ . | quote }}
9-
{{- end }}
10-
env: {{ .Values.config.env | quote}}
115
isConfigurationRuntime: {{ .Values.global.runtime.isConfigurationRuntime | quote }}
126
isExternalArgoCD: {{ .Values.global.runtime.isExternalArgoCD | quote }}
137
runtimeName: {{ required "global.runtime.name is required" .Values.global.runtime.name | quote}}
14-
skipGitPermissionValidation: {{ .Values.config.skipGitPermissionValidation | quote }}
8+
isNamespacedRuntime: {{ .Values.global.runtime.singleNamespace | quote }}
159
logLevel: {{ .Values.config.logLevel | quote }}
1610
{{- $enrichmentValues := get .Values "image-enrichment" }}
1711
{{- if $enrichmentValues.enabled }}
@@ -30,7 +24,7 @@ enrichmentJiraEnrichmentImage: {{ printf "%s/%s:%s" $enrichmentValues.config.ima
3024

3125
{{- define "cap-app-proxy.resources.configmap" }}
3226
{{- $documentedConfigs := (include "cap-app-proxy.resources.configmap-documented-configs" . | fromYaml ) }}
33-
{{- $overrides := omit .Values.config "clusterChunkSize" }}
27+
{{- $overrides := omit .Values.config "argoWorkflowsInsecure" "clusterChunkSize" "cors" }}
3428
{{- $mergedConfig := mergeOverwrite $documentedConfigs $overrides }}
3529
apiVersion: v1
3630
kind: ConfigMap

charts/gitops-runtime/templates/_components/cap-app-proxy/environment-variables/_main-container.yaml

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -5,9 +5,6 @@ ARGO_CD_URL:
55
name: cap-app-proxy-cm
66
key: argoCdUrl
77
optional: true
8-
ARGO_CD_TOKEN: {{ include "codefresh-gitops-runtime.argocd.server.token" . | nindent 2 }}
9-
ARGO_CD_USERNAME: {{ include "codefresh-gitops-runtime.argocd.server.username-env-var" . | nindent 2 }}
10-
ARGO_CD_PASSWORD: {{ include "codefresh-gitops-runtime.argocd.server.password" . | nindent 2 }}
118
ARGO_WORKFLOWS_INSECURE:
129
valueFrom:
1310
configMapKeyRef:
@@ -224,8 +221,9 @@ LEADER_ID:
224221
Read defaults from the template above and merge with the values provided in values file
225222
*/}}
226223
{{- define "cap-app-proxy.environment-variables" -}}
227-
{{- $defaults := (include "cap-app-proxy.environment-variables.defaults" . | fromYaml) }}
228-
{{- $overrides := .Values.env }}
229-
{{- $mergedValues := mergeOverwrite $defaults $overrides }}
230-
{{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" $mergedValues }}
224+
{{- $defaults := (include "cap-app-proxy.environment-variables.defaults" . | fromYaml) }}
225+
{{- $argoCdAuth := (include "codefresh-gitops-runtime.argocd-auth" . | fromYaml) }}
226+
{{- $overrides := .Values.env }}
227+
{{- $mergedValues := mergeOverwrite $defaults $argoCdAuth $overrides }}
228+
{{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" $mergedValues }}
231229
{{- end -}}

charts/gitops-runtime/templates/_components/cf-argocd-extras/_default-values.tpl

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
{{- define "cf-argocd-extras.default-values" }}
2+
{{- $argoCdAuth := (include "codefresh-gitops-runtime.argocd-token-auth" . | fromYaml) }}
23
global: {}
34

45
externalRedis:
@@ -84,8 +85,7 @@ eventReporter:
8485
name: argocd-cmd-params-cm
8586
key: server.rootpath
8687
optional: true
87-
ARGO_CD_TOKEN_SECRET_NAME: argocd-token
88-
ARGO_CD_TOKEN_SECRET_KEY: token
88+
{{ $argoCdAuth | toYaml | indent 6 }}
8989
BINARY_NAME: event-reporter
9090
CODEFRESH_SSL_CERT_PATH: ""
9191
CODEFRESH_TLS_INSECURE:
@@ -392,8 +392,7 @@ sourcesServer:
392392
configMapKeyRef:
393393
name: sources-server-cmd-params-cm
394394
key: argocd.server
395-
ARGO_CD_TOKEN_SECRET_NAME: argocd-token
396-
ARGO_CD_TOKEN_SECRET_KEY: token
395+
{{ $argoCdAuth | toYaml | indent 6}}
397396
ARGOCD_SERVER_ROOTPATH:
398397
valueFrom:
399398
configMapKeyRef:

charts/gitops-runtime/templates/_components/cf-argocd-extras/event-reporter/_statefulset.yaml

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -15,16 +15,6 @@
1515
{{- $_ := set $context.Values.container.env.REDIS_PASSWORD.valueFrom.secretKeyRef "key" (default "redis-password" $vals.externalRedis.existingSecretKeyRef.key) }}
1616
{{- end }}
1717

18-
{{- if and (eq (index $context.Values "global" "external-argo-cd" "auth" "type") "token") }}
19-
{{- if not (index $context.Values "global" "external-argo-cd" "auth" "token") }}
20-
{{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_NAME" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.name is required" (index $context.Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" "name")) }}
21-
{{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_KEY" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.key is required" (index $context.Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" "key" )) }}
22-
{{- else }}
23-
{{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_NAME" "gitops-runtime-argo-cd-token" }}
24-
{{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_KEY" "token" }}
25-
{{- end }}
26-
{{- end }}
27-
2818
{{- if and (index $context.Values "global" "external-argo-cd" "server" "rootpath") }}
2919
{{- $_ := set $context.Values.container.env "ARGOCD_SERVER_ROOTPATH" (index $context.Values "global" "external-argo-cd" "server" "rootpath") }}
3020
{{- end }}

charts/gitops-runtime/templates/_components/cf-argocd-extras/sources-server/_deployment.yaml

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -15,16 +15,6 @@
1515
{{- $_ := set $context.Values.container.env.REDIS_PASSWORD.valueFrom.secretKeyRef "key" (default "redis-password" $vals.externalRedis.existingSecretKeyRef.key) }}
1616
{{- end }}
1717

18-
{{- if and (eq (index $context.Values "global" "external-argo-cd" "auth" "type") "token") }}
19-
{{- if not (index $context.Values "global" "external-argo-cd" "auth" "token") }}
20-
{{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_NAME" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.name is required" (index $context.Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" "name")) }}
21-
{{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_KEY" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.key is required" (index $context.Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" "key" )) }}
22-
{{- else }}
23-
{{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_NAME" "gitops-runtime-argo-cd-token" }}
24-
{{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_KEY" "token" }}
25-
{{- end }}
26-
{{- end }}
27-
2818
{{- if and (index $context.Values "global" "external-argo-cd" "server" "rootpath") }}
2919
{{- $_ := set $context.Values.container.env "ARGOCD_SERVER_ROOTPATH" (index $context.Values "global" "external-argo-cd" "server" "rootpath") }}
3020
{{- end }}

charts/gitops-runtime/templates/_components/gitops-operator/_env.yaml

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -3,33 +3,36 @@ Some environment variables are determined by values provided in other components
33
to keep the separation of components as pseudo library charts, they are defined here to be merged when components are generated.
44
*/}}
55
{{- define "gitops-operator.resources.environment-variables.calculated" }}
6+
{{- include "codefresh-gitops-runtime.argocd-token-auth" . }}
67
{{/* if custom certificates are provided */}}
78
{{- if .Values.global.codefresh.tls.caCerts.secretKeyRef }}
89
CF_CA_CERT: {{ printf "/app/config/codefresh-tls/%s" .Values.global.codefresh.tls.caCerts.secretKeyRef.key }}
910
{{- end }}
1011
CF_URL: {{ .Values.global.codefresh.url }}
12+
COMMIT_STATUS_POLLING_INTERVAL: {{ .Values.config.commitStatusPollingInterval }}
1113
GITOPS_OPERATOR_VERSION: {{ .Values.image.tag }}
14+
{{- if (gt (int .Values.replicaCount) 1 ) }}
15+
LEADER_ELECT: true
16+
{{- else }}
17+
LEADER_ELECT: false
18+
{{- end }}
19+
MAX_CONCURRENT_RELEASES: {{ .Values.config.maxConcurrentReleases }}
20+
PROMOTION_WRAPPER_TEMPLATE: {{ .Values.config.promotionWrapperTemplate | quote }}
1221
RUNTIME: {{ .Values.global.runtime.name }}
1322
TASK_POLLING_INTERVAL: {{ .Values.config.taskPollingInterval }}
14-
COMMIT_STATUS_POLLING_INTERVAL: {{ .Values.config.commitStatusPollingInterval }}
1523
WORKFLOW_MONITOR_POLLING_INTERVAL: {{ .Values.config.workflowMonitorPollingInterval }}
16-
MAX_CONCURRENT_RELEASES: {{ .Values.config.maxConcurrentReleases }}
17-
PROMOTION_WRAPPER_TEMPLATE: {{ .Values.config.promotionWrapperTemplate | quote }}
1824
{{- end }}
1925

2026
{{- define "gitops-operator.resources.environment-variables.defaults" -}}
2127
AP_URL: http://cap-app-proxy:3017
2228
ARGO_CD_URL: argo-cd-server:80
23-
ARGO_CD_TOKEN_SECRET_NAME: argocd-token
24-
ARGO_CD_TOKEN_SECRET_KEY: token
2529
ARGO_WF_URL: http://argo-server:2746
2630
CF_TOKEN:
2731
valueFrom:
2832
secretKeyRef:
2933
name: codefresh-token
3034
key: token
3135
HEALTH_PROBE_BIND_ADDRESS: :8081
32-
LEADER_ELECT: true
3336
METRICS_BIND_ADDRESS: :8080
3437
METRICS_SECURE: false
3538
NAMESPACE:

0 commit comments

Comments
 (0)