diff --git a/charts/gitops-runtime/templates/_components/cap-app-proxy/_config.yaml b/charts/gitops-runtime/templates/_components/cap-app-proxy/_config.yaml index 15798be8..172d4f9f 100644 --- a/charts/gitops-runtime/templates/_components/cap-app-proxy/_config.yaml +++ b/charts/gitops-runtime/templates/_components/cap-app-proxy/_config.yaml @@ -1,18 +1,11 @@ -{{- define "cap-app-proxy.resources.configmap-documented-configs"}} -argoCdUrl: {{ .Values.config.argoCdUrl }} -argoCdUsername: {{ .Values.config.argoCdUsername }} +{{- define "cap-app-proxy.resources.configmap-documented-configs" }} argoWorkflowsInsecure: {{ .Values.config.argoWorkflowsInsecure | quote }} -argoWorkflowsUrl: {{ default "" .Values.config.argoWorkflowsUrl }} +clusterChunkSize: {{ .Values.config.clusterChunkSize | quote }} cors: {{ .Values.global.codefresh.url }} - {{- with .Values.config.clusterChunkSize }} -clusterChunkSize: {{ . | quote }} - {{- end }} -env: {{ .Values.config.env | quote}} isConfigurationRuntime: {{ .Values.global.runtime.isConfigurationRuntime | quote }} isExternalArgoCD: {{ .Values.global.runtime.isExternalArgoCD | quote }} runtimeName: {{ required "global.runtime.name is required" .Values.global.runtime.name | quote}} isNamespacedRuntime: {{ .Values.global.runtime.singleNamespace | quote }} -skipGitPermissionValidation: {{ .Values.config.skipGitPermissionValidation | quote }} logLevel: {{ .Values.config.logLevel | quote }} {{- $enrichmentValues := get .Values "image-enrichment" }} {{- if $enrichmentValues.enabled }} @@ -31,7 +24,7 @@ enrichmentJiraEnrichmentImage: {{ printf "%s/%s:%s" $enrichmentValues.config.ima {{- define "cap-app-proxy.resources.configmap" }} {{- $documentedConfigs := (include "cap-app-proxy.resources.configmap-documented-configs" . | fromYaml ) }} -{{- $overrides := omit .Values.config "clusterChunkSize" }} +{{- $overrides := omit .Values.config "argoWorkflowsInsecure" "clusterChunkSize" "cors" }} {{- $mergedConfig := mergeOverwrite $documentedConfigs $overrides }} apiVersion: v1 kind: ConfigMap diff --git a/charts/gitops-runtime/templates/_components/cap-app-proxy/environment-variables/_main-container.yaml b/charts/gitops-runtime/templates/_components/cap-app-proxy/environment-variables/_main-container.yaml index 87a1d836..e9683489 100644 --- a/charts/gitops-runtime/templates/_components/cap-app-proxy/environment-variables/_main-container.yaml +++ b/charts/gitops-runtime/templates/_components/cap-app-proxy/environment-variables/_main-container.yaml @@ -5,9 +5,6 @@ ARGO_CD_URL: name: cap-app-proxy-cm key: argoCdUrl optional: true -ARGO_CD_TOKEN: {{ include "codefresh-gitops-runtime.argocd.server.token" . | nindent 2 }} -ARGO_CD_USERNAME: {{ include "codefresh-gitops-runtime.argocd.server.username-env-var" . | nindent 2 }} -ARGO_CD_PASSWORD: {{ include "codefresh-gitops-runtime.argocd.server.password" . | nindent 2 }} ARGO_WORKFLOWS_INSECURE: valueFrom: configMapKeyRef: @@ -231,8 +228,9 @@ LEADER_ID: Read defaults from the template above and merge with the values provided in values file */}} {{- define "cap-app-proxy.environment-variables" -}} -{{- $defaults := (include "cap-app-proxy.environment-variables.defaults" . | fromYaml) }} -{{- $overrides := .Values.env }} -{{- $mergedValues := mergeOverwrite $defaults $overrides }} -{{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" $mergedValues }} + {{- $defaults := (include "cap-app-proxy.environment-variables.defaults" . | fromYaml) }} + {{- $argoCdAuth := (include "codefresh-gitops-runtime.argocd-auth" . | fromYaml) }} + {{- $overrides := .Values.env }} + {{- $mergedValues := mergeOverwrite $defaults $argoCdAuth $overrides }} + {{- include "codefresh-gitops-runtime.components.common_helpers.container-templates.env-vars" $mergedValues }} {{- end -}} diff --git a/charts/gitops-runtime/templates/_components/cf-argocd-extras/event-reporter/_statefulset.yaml b/charts/gitops-runtime/templates/_components/cf-argocd-extras/event-reporter/_statefulset.yaml index ccbadd63..3d2d2031 100644 --- a/charts/gitops-runtime/templates/_components/cf-argocd-extras/event-reporter/_statefulset.yaml +++ b/charts/gitops-runtime/templates/_components/cf-argocd-extras/event-reporter/_statefulset.yaml @@ -15,13 +15,16 @@ {{- $_ := set $context.Values.container.env.REDIS_PASSWORD.valueFrom.secretKeyRef "key" (default "redis-password" $vals.externalRedis.existingSecretKeyRef.key) }} {{- end }} -{{- if and (eq (index $context.Values "global" "external-argo-cd" "auth" "type") "token") }} - {{- if not (index $context.Values "global" "external-argo-cd" "auth" "token") }} - {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_NAME" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.name is required" (index $context.Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" "name")) }} - {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_KEY" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.key is required" (index $context.Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" "key" )) }} +{{- $argoCdAuth := (index .Values "global" "external-argo-cd" "auth") }} +{{- if (eq $argoCdAuth.type "token") }} + {{- if $argoCdAuth.token }} + {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_NAME" "gitops-runtime-argo-cd-token" }} + {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_KEY" "token" }} + {{- else if $argoCdAuth.tokenSecretKeyRef }} + {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_NAME" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.name is required" $argoCdAuth.tokenSecretKeyRef.name) }} + {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_KEY" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.key is required" $argoCdAuth.tokenSecretKeyRef.key) }} {{- else }} - {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_NAME" "gitops-runtime-argo-cd-token" }} - {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_KEY" "token" }} + {{ fail ".Values.global.external-argo-cd.auth.type is 'token' and .Values.global.external-argo-cd.auth.token or .Values.global.external-argo-cd.auth.tokenSecretKeyRef are not set" }} {{- end }} {{- end }} diff --git a/charts/gitops-runtime/templates/_components/cf-argocd-extras/sources-server/_deployment.yaml b/charts/gitops-runtime/templates/_components/cf-argocd-extras/sources-server/_deployment.yaml index 16c67b92..16a38003 100644 --- a/charts/gitops-runtime/templates/_components/cf-argocd-extras/sources-server/_deployment.yaml +++ b/charts/gitops-runtime/templates/_components/cf-argocd-extras/sources-server/_deployment.yaml @@ -15,13 +15,16 @@ {{- $_ := set $context.Values.container.env.REDIS_PASSWORD.valueFrom.secretKeyRef "key" (default "redis-password" $vals.externalRedis.existingSecretKeyRef.key) }} {{- end }} -{{- if and (eq (index $context.Values "global" "external-argo-cd" "auth" "type") "token") }} - {{- if not (index $context.Values "global" "external-argo-cd" "auth" "token") }} - {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_NAME" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.name is required" (index $context.Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" "name")) }} - {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_KEY" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.key is required" (index $context.Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" "key" )) }} +{{- $argoCdAuth := (index .Values "global" "external-argo-cd" "auth") }} +{{- if (eq $argoCdAuth.type "token") }} + {{- if $argoCdAuth.token }} + {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_NAME" "gitops-runtime-argo-cd-token" }} + {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_KEY" "token" }} + {{- else if $argoCdAuth.tokenSecretKeyRef }} + {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_NAME" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.name is required" $argoCdAuth.tokenSecretKeyRef.name) }} + {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_KEY" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.key is required" $argoCdAuth.tokenSecretKeyRef.key) }} {{- else }} - {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_NAME" "gitops-runtime-argo-cd-token" }} - {{- $_ := set $context.Values.container.env "ARGO_CD_TOKEN_SECRET_KEY" "token" }} + {{ fail ".Values.global.external-argo-cd.auth.type is 'token' and .Values.global.external-argo-cd.auth.token or .Values.global.external-argo-cd.auth.tokenSecretKeyRef are not set" }} {{- end }} {{- end }} diff --git a/charts/gitops-runtime/templates/_helpers.tpl b/charts/gitops-runtime/templates/_helpers.tpl index da01d6fe..4eb07819 100644 --- a/charts/gitops-runtime/templates/_helpers.tpl +++ b/charts/gitops-runtime/templates/_helpers.tpl @@ -94,7 +94,7 @@ Determine argocd repo server service name. Must be called with chart root contex */}} {{- define "codefresh-gitops-runtime.argocd.reposerver.servicename" -}} {{/* For now use template from ArgoCD chart until better approach */}} - {{- if and (index .Subcharts "argo-cd") }} + {{- if (index .Subcharts "argo-cd") }} {{- template "argo-cd.repoServer.fullname" (dict "Values" (get .Values "argo-cd") "Release" .Release ) }} {{- else }} {{- $repoServer := index .Values "global" "external-argo-cd" "repoServer" }} @@ -108,7 +108,7 @@ Determine argocd argocd repo server port */}} {{- define "codefresh-gitops-runtime.argocd.reposerver.serviceport" -}} {{/* For now use template from ArgoCD chart until better approach */}} - {{- if and (index .Subcharts "argo-cd") }} + {{- if (index .Subcharts "argo-cd") }} {{- index .Values "argo-cd" "repoServer" "service" "port" }} {{- else }} {{- $repoServer := index .Values "global" "external-argo-cd" "repoServer" }} @@ -123,11 +123,11 @@ Determine argocd repoServer url */}} {{- define "codefresh-gitops-runtime.argocd.reposerver.url" -}} {{- $argoCDValues := (get .Values "argo-cd") }} -{{- if and (index .Values "argo-cd" "enabled") }} +{{- if (index .Values "argo-cd" "enabled") }} {{- $serviceName := include "codefresh-gitops-runtime.argocd.reposerver.servicename" . }} {{- $port := include "codefresh-gitops-runtime.argocd.reposerver.serviceport" . }} {{- printf "%s:%s" $serviceName $port }} -{{- else if and (index .Values "global" "external-argo-cd" "repoServer") }} +{{- else if (index .Values "global" "external-argo-cd" "repoServer") }} {{- $repoServer := (index .Values "global" "external-argo-cd" "repoServer") }} {{- $svc := required "ArgoCD is not enabled and .Values.global.external-argo-cd.repoServer.svc is not set" $repoServer.svc }} {{- $port := required "ArgoCD is not enabled and .Values.global.external-argo-cd.repoServer.port is not set" $repoServer.port }} @@ -150,7 +150,7 @@ Determine argocd servicename. Must be called with chart root context Determine rollouts name */}} {{- define "codefresh-gitops-runtime.argo-rollouts.name" -}} - {{- if and (index .Values "argo-rollouts" "enabled") }} + {{- if (index .Values "argo-rollouts" "enabled") }} {{/* For now use template from rollouts chart until better approach */}} {{- template "argo-rollouts.fullname" (dict "Values" (get .Values "argo-rollouts")) }} {{- else }} @@ -190,7 +190,7 @@ Determine argocd redis service port. Must be called with chart root context Determine argocd server url. Must be called with chart root context */}} {{- define "codefresh-gitops-runtime.argocd.server.url" -}} - {{- if and (index .Values "argo-cd" "enabled") }} + {{- if (index .Values "argo-cd" "enabled") }} {{- $protocol := "https" }} {{- $port := include "codefresh-gitops-runtime.argocd.server.serviceport" . }} {{- if (eq $port "80") }} @@ -198,13 +198,13 @@ Determine argocd server url. Must be called with chart root context {{- end }} {{- $url := include "codefresh-gitops-runtime.argocd.server.no-protocol-url" . }} {{- printf "%s://%s" $protocol $url }} - {{- else if and (index .Values "global" "external-argo-cd" "server") }} + {{- else if (index .Values "global" "external-argo-cd" "server") }} {{- $argoCDSrv := (index .Values "global" "external-argo-cd" "server") }} {{- $protocol := "http" }} {{- $svc := required "ArgoCD is not enabled and .Values.global.external-argo-cd.server.svc is not set" $argoCDSrv.svc }} {{- $port := (required "ArgoCD is not enabled and .Values.global.external-argo-cd.server.port is not port" $argoCDSrv.port) | toString }} {{- $rootpath := (index .Values "global" "external-argo-cd" "server" "rootpath") }} - {{- if and (eq $port "80") }} + {{- if (eq $port "80") }} {{- printf "%s://%s%s" $protocol $svc $rootpath }} {{- else }} {{- printf "%s://%s:%s%s" $protocol $svc $port $rootpath }} @@ -219,12 +219,12 @@ Determine argocd server url witout the protocol. Must be called with chart root */}} {{- define "codefresh-gitops-runtime.argocd.server.no-protocol-url" -}} {{- $argoCDValues := (get .Values "argo-cd") }} -{{- if and (index .Values "argo-cd" "enabled") }} +{{- if (index .Values "argo-cd" "enabled") }} {{- $serverName := include "codefresh-gitops-runtime.argocd.server.servicename" . }} {{- $port := include "codefresh-gitops-runtime.argocd.server.serviceport" . }} {{- $path := (get $argoCDValues.configs.params "server.rootpath") }} {{- printf "%s:%s%s" $serverName $port $path }} -{{- else if and (index .Values "global" "external-argo-cd" "server") }} +{{- else if (index .Values "global" "external-argo-cd" "server") }} {{- $argoCDSrv := (index .Values "global" "external-argo-cd" "server") }} {{- $svc := required "ArgoCD is not enabled and .Values.global.external-argo-cd.server.svc is not set" $argoCDSrv.svc }} {{- $port := required "ArgoCD is not enabled and .Values.global.external-argo-cd.server.port is not set" $argoCDSrv.port }} @@ -235,95 +235,49 @@ Determine argocd server url witout the protocol. Must be called with chart root {{- end }} {{- end}} -{{/* -Determine argocd server password. -*/}} -{{- define "codefresh-gitops-runtime.argocd.server.password" }} - {{- if and (index .Values "argo-cd" "enabled") }} -valueFrom: - secretKeyRef: - name: argocd-initial-admin-secret - key: password - {{- else if and (eq (index .Values "global" "external-argo-cd" "auth" "type") "password") (index .Values "global" "external-argo-cd" "auth" "passwordSecretKeyRef") }} -valueFrom: - secretKeyRef: -{{- index .Values "global" "external-argo-cd" "auth" "passwordSecretKeyRef" | toYaml | nindent 4 }} - {{- else if and (eq (index .Values "global" "external-argo-cd" "auth" "type") "password") (index .Values "global" "external-argo-cd" "auth" "password") }} -valueFrom: - secretKeyRef: - name: gitops-runtime-argo-cd-password - key: token - {{- else if and (eq (index .Values "global" "external-argo-cd" "auth" "type") "token") (index .Values "global" "external-argo-cd" "auth" "token") }} -valueFrom: - secretKeyRef: - name: gitops-runtime-argo-cd-token - key: token - {{- else if and (eq (index .Values "global" "external-argo-cd" "auth" "type") "token") (index .Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef") }} -valueFrom: - secretKeyRef: -{{- index .Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" | toYaml | nindent 4 }} - optional: true - {{- else }} -{{ fail "ArgoCD is not enabled and .Values.global.external-argo-cd.auth.password or .Values.global.external-argo-cd.auth.passwordSecretKeyRef is not set" }} - {{- end }} -{{- end }} - - -{{/* -Determine argocd token password. -*/}} -{{- define "codefresh-gitops-runtime.argocd.server.token" }} - {{- if and (eq (index .Values "global" "external-argo-cd" "auth" "type") "token") (index .Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" "name") (index .Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" "key")}} -valueFrom: - secretKeyRef: -{{- index .Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" | toYaml | nindent 4 }} - {{- else if and (eq (index .Values "global" "external-argo-cd" "auth" "type") "token") (index .Values "global" "external-argo-cd" "auth" "token") }} -valueFrom: - secretKeyRef: - name: gitops-runtime-argo-cd-token - key: token - {{- else if or (eq (index .Values "global" "external-argo-cd" "auth" "type") "password") }} -valueFrom: - secretKeyRef: - name: argocd-token - key: token - optional: true - {{- else }} - {{ fail (printf "Invalid value for .Values.global.external-argo-cd.auth.type: %s. Allowed values are: [password token]" (index .Values "global" "external-argo-cd" "auth" "type")) }} - {{- end }} -{{- end }} - -{{/* -Determine argocd server password. -*/}} -{{- define "codefresh-gitops-runtime.argocd.server.username-env-var" }} - {{- if and (index .Values "argo-cd" "enabled") }} -valueFrom: - configMapKeyRef: - name: cap-app-proxy-cm - key: argoCdUsername - optional: true - {{- else if and (index .Values "global" "external-argo-cd" "auth" "usernameSecretKeyRef") }} -valueFrom: - secretKeyRef: -{{- index .Values "global" "external-argo-cd" "auth" "usernameSecretKeyRef" | toYaml | nindent 4 }} - {{- else if and (index .Values "global" "external-argo-cd" "auth" "username") }} -{{- printf "%s" (index .Values "global" "external-argo-cd" "auth" "username") }} +{{- define "codefresh-gitops-runtime.argocd-auth" -}} + {{- $authValues := (index .Values "global" "external-argo-cd" "auth") }} + {{- if (eq $authValues.type "password") }} +ARGO_CD_USERNAME: + valueFrom: + configMapKeyRef: + name: cap-app-proxy-cm + key: argoCdUsername +ARGO_CD_PASSWORD: + valueFrom: + secretKeyRef: + {{- if $authValues.password }} + name: gitops-runtime-argo-cd-password + key: token + {{- else if $authValues.passwordSecretKeyRef }} + {{- $authValues.passwordSecretKeyRef | toYaml | nindent 6 }} + {{- end }} + {{- else if (eq $authValues.type "token") }} +ARGO_CD_TOKEN: + valueFrom: + secretKeyRef: + {{- if $authValues.token }} + name: gitops-runtime-argo-cd-token + key: token + {{- else if $authValues.tokenSecretKeyRef }} + {{- if and (hasKey $authValues.tokenSecretKeyRef "name") (hasKey $authValues.tokenSecretKeyRef "key") }} + {{- $authValues.tokenSecretKeyRef | toYaml | nindent 6 }} + {{- else }} + {{- fail "Both 'name' and 'key' must be set in .Values.global.external-argo-cd.auth.tokenSecretKeyRef" }} + {{- end }} + {{- end }} {{- else }} -{{ fail "ArgoCD is not enabled and .Values.global.external-argo-cd.auth.username or .Values.global.external-argo-cd.auth.usernameSecretKeyRef is not set" }} + {{ fail (printf "Invalid value for .Values.global.external-argo-cd.auth.type: %s. Allowed values are: [password token]" $authValues.type) }} {{- end }} {{- end }} {{/* -Determine argocd server password. +Determine argocd server username ConfigMap. */}} {{- define "codefresh-gitops-runtime.argocd.server.username-cm" }} - {{- if and (index .Values "argo-cd" "enabled") }} - {{- printf "%s" (index .Values "app-proxy" "config" "argoCdUsername") }} - {{- else if and (index .Values "global" "external-argo-cd" "auth" "username") }} - {{- printf "%s" (index .Values "global" "external-argo-cd" "auth" "username") }} - {{- else }} - {{- fail "ArgoCD is not enabled and .Values.global.external-argo-cd.auth.username is not set" }} + {{- $externalArgoCDValues := (index .Values "global" "external-argo-cd" "auth") }} + {{- if (eq $externalArgoCDValues.type "password") }} + {{- coalesce (index .Values "app-proxy" "config" "argoCdUsername") (index .Values "global" "external-argo-cd" "auth" "username") "" }} {{- end }} {{- end }} @@ -332,11 +286,11 @@ Determine argocd redis url */}} {{- define "codefresh-gitops-runtime.argocd.redis.url" -}} {{- $argoCDValues := (get .Values "argo-cd") }} -{{- if and (index .Values "argo-cd" "enabled") }} +{{- if (index .Values "argo-cd" "enabled") }} {{- $serviceName := include "codefresh-gitops-runtime.argocd.redis.servicename" . }} {{- $port := include "codefresh-gitops-runtime.argocd.redis.serviceport" . }} {{- printf "%s:%s" $serviceName $port }} -{{- else if and (index .Values "global" "external-argo-cd" "redis") }} +{{- else if (index .Values "global" "external-argo-cd" "redis") }} {{- $redis := (index .Values "global" "external-argo-cd" "redis") }} {{- $svc := required "ArgoCD is not enabled and .Values.global.external-argo-cd.redis.svc is not set" $redis.svc }} {{- $port := required "ArgoCD is not enabled and .Values.global.external-argo-cd.redis.port is not set" $redis.port }} diff --git a/charts/gitops-runtime/templates/app-proxy/config.yaml b/charts/gitops-runtime/templates/app-proxy/config.yaml index 7cbfb544..4da5a020 100644 --- a/charts/gitops-runtime/templates/app-proxy/config.yaml +++ b/charts/gitops-runtime/templates/app-proxy/config.yaml @@ -7,7 +7,11 @@ {{- if not $appProxyContext.Values.config.argoCdUrl }} {{ $_ := set $appProxyContext.Values.config "argoCdUrl" $argoCdUrl }} {{- end }} -{{- $_ := set $appProxyContext.Values.config "argoCdUsername" $argoCdUsername }} +{{- if $argoCdUsername }} + {{- $_ := set $appProxyContext.Values.config "argoCdUsername" $argoCdUsername }} +{{- else }} + {{ $_ := unset $appProxyContext.Values.config "argoCdUsername" }} +{{- end }} {{- if index (get .Values "argo-workflows") "enabled" }} {{- if not $appProxyContext.Values.config.argoWorkflowsUrl }} {{- $argoWorkflowsUrl := include "codefresh-gitops-runtime.argo-workflows.server.url" . }} diff --git a/charts/gitops-runtime/templates/app-proxy/external-argocd-token.yaml b/charts/gitops-runtime/templates/app-proxy/external-argocd-token.yaml index f96892a4..8d1669eb 100644 --- a/charts/gitops-runtime/templates/app-proxy/external-argocd-token.yaml +++ b/charts/gitops-runtime/templates/app-proxy/external-argocd-token.yaml @@ -1,5 +1,5 @@ {{- $externalArgoCDValues := (index .Values "global" "external-argo-cd" "auth") }} -{{- if $externalArgoCDValues.password -}} +{{- if $externalArgoCDValues.password }} --- apiVersion: v1 kind: Secret @@ -12,7 +12,7 @@ stringData: token: {{ $externalArgoCDValues.password }} {{- end }} -{{- if $externalArgoCDValues.token -}} +{{- if $externalArgoCDValues.token }} --- apiVersion: v1 kind: Secret diff --git a/charts/gitops-runtime/templates/gitops-operator/deployment.yaml b/charts/gitops-runtime/templates/gitops-operator/deployment.yaml index 1124f109..cbf50fc8 100644 --- a/charts/gitops-runtime/templates/gitops-operator/deployment.yaml +++ b/charts/gitops-runtime/templates/gitops-operator/deployment.yaml @@ -8,16 +8,17 @@ {{- $_ := set $context.Values "global" (deepCopy (get .Values "global")) }} {{- $_ := set $context.Values "app-proxy" (deepCopy (get .Values "app-proxy")) }} -{{- if and (not (index .Values "argo-cd" "enabled")) }} - {{- if and (eq (index .Values "global" "external-argo-cd" "auth" "type") "token") }} - {{- if not (index $context.Values "global" "external-argo-cd" "auth" "token") }} - {{- $_ := set $context.Values.env "ARGO_CD_TOKEN_SECRET_NAME" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.name is required" (index $context.Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" "name")) }} - {{- $_ := set $context.Values.env "ARGO_CD_TOKEN_SECRET_KEY" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.key is required" (index $context.Values "global" "external-argo-cd" "auth" "tokenSecretKeyRef" "key")) }} - {{- else }} - {{- $_ := set $context.Values.env "ARGO_CD_TOKEN_SECRET_NAME" "gitops-runtime-argo-cd-token" }} - {{- $_ := set $context.Values.env "ARGO_CD_TOKEN_SECRET_KEY" "token" }} - {{- end }} - {{- end }} +{{- $argoCdAuth := (index .Values "global" "external-argo-cd" "auth") }} +{{- if (eq $argoCdAuth.type "token") }} + {{- if $argoCdAuth.token }} + {{- $_ := set $context.Values.env "ARGO_CD_TOKEN_SECRET_NAME" "gitops-runtime-argo-cd-token" }} + {{- $_ := set $context.Values.env "ARGO_CD_TOKEN_SECRET_KEY" "token" }} + {{- else if $argoCdAuth.tokenSecretKeyRef }} + {{- $_ := set $context.Values.env "ARGO_CD_TOKEN_SECRET_NAME" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.name is required" $argoCdAuth.tokenSecretKeyRef.name) }} + {{- $_ := set $context.Values.env "ARGO_CD_TOKEN_SECRET_KEY" (required ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.key is required" $argoCdAuth.tokenSecretKeyRef.key) }} + {{- else }} + {{ fail ".Values.global.external-argo-cd.auth.type is 'token' and .Values.global.external-argo-cd.auth.token or .Values.global.external-argo-cd.auth.tokenSecretKeyRef are not set" }} + {{- end }} {{- end }} {{/* Set argo-cd-server service and port */}} @@ -27,22 +28,22 @@ {{/* Set workflows url */}} {{- if index .Values "argo-workflows" "enabled" }} - {{- if not $context.Values.env.ARGO_WF_URL }} - {{- $argoWorkflowsUrl := include "codefresh-gitops-runtime.argo-workflows.server.url" . }} - {{- $_ := set $context.Values.env "ARGO_WF_URL" $argoWorkflowsUrl }} - {{- end }} + {{- if not $context.Values.env.ARGO_WF_URL }} + {{- $argoWorkflowsUrl := include "codefresh-gitops-runtime.argo-workflows.server.url" . }} + {{- $_ := set $context.Values.env "ARGO_WF_URL" $argoWorkflowsUrl }} + {{- end }} {{- end}} {{/* Set certificates */}} {{- if or $context.Values.global.codefresh.tls.caCerts.secret.create $context.Values.global.codefresh.tls.caCerts.secretKeyRef}} - {{- $_ := set $context.Values.global.codefresh.tls.caCerts.secretKeyRef "name" ($context.Values.global.codefresh.tls.caCerts.secret.create | ternary "codefresh-tls-certs" $context.Values.global.codefresh.tls.caCerts.secretKeyRef.name) }} - {{- $_ := set $context.Values.global.codefresh.tls.caCerts.secretKeyRef "key" ($context.Values.global.codefresh.tls.caCerts.secret.create | ternary (default "ca-bundle.crt" $context.Values.global.codefresh.tls.caCerts.secret.key) $context.Values.global.codefresh.tls.caCerts.secretKeyRef.key) }} + {{- $_ := set $context.Values.global.codefresh.tls.caCerts.secretKeyRef "name" ($context.Values.global.codefresh.tls.caCerts.secret.create | ternary "codefresh-tls-certs" $context.Values.global.codefresh.tls.caCerts.secretKeyRef.name) }} + {{- $_ := set $context.Values.global.codefresh.tls.caCerts.secretKeyRef "key" ($context.Values.global.codefresh.tls.caCerts.secret.create | ternary (default "ca-bundle.crt" $context.Values.global.codefresh.tls.caCerts.secret.key) $context.Values.global.codefresh.tls.caCerts.secretKeyRef.key) }} {{- end }} {{- if and (gt (int $context.Values.replicaCount) 1 ) }} -{{- $_ := set $context.Values.env "LEADER_ELECT" "true" }} + {{- $_ := set $context.Values.env "LEADER_ELECT" "true" }} {{- else }} -{{- $_ := set $context.Values.env "LEADER_ELECT" "false" }} + {{- $_ := set $context.Values.env "LEADER_ELECT" "false" }} {{- end }} {{- include "gitops-operator.resources.deployment" $context }} diff --git a/charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml b/charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml index 7b79c4fc..3f496141 100644 --- a/charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml +++ b/charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml @@ -29,12 +29,15 @@ tests: values: - ./values/mandatory-values.yaml set: - argo-cd.fullnameOverride: argo-cd-test - argo-cd.configs.params.server\.insecure: false + argo-cd: + fullnameOverride: argo-cd-testasd + configs: + params: + "server.insecure": false asserts: - equal: path: data.argoCdUrl - value: https://argo-cd-test-server:443 + value: https://argo-cd-testasd-server:443 # ------------------------------------------------------------------------------------------ # Argo Workflows diff --git a/charts/gitops-runtime/tests/external_argocd_test.yaml b/charts/gitops-runtime/tests/external_argocd_test.yaml index a8bee393..c1eb7c13 100644 --- a/charts/gitops-runtime/tests/external_argocd_test.yaml +++ b/charts/gitops-runtime/tests/external_argocd_test.yaml @@ -19,7 +19,7 @@ tests: path: data.argoCdUrl value: http://my-argocd-server - - it: app-proxy ConfigMap should have valid ArgoCd Username + - it: app-proxy ConfigMap should have valid default ArgoCd Username values: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml @@ -35,25 +35,74 @@ tests: - ./values/external-argocd-values.yaml template: app-proxy/config.yaml set: - global.external-argo-cd.auth.username: adminoverride + global: + external-argo-cd: + auth: + username: adminoverride asserts: - equal: path: data.argoCdUsername value: adminoverride - - it: app-proxy ConfigMap should have isExternalArgoCD key set to true + - it: app-proxy ConfigMap override priority should prefer value from app-proxy.config (for backward compatibility) values: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml template: app-proxy/config.yaml set: - global.external-argo-cd.auth.username: adminoverride + global: + external-argo-cd: + auth: + username: external-adminoverride + app-proxy: + config: + argoCdUsername: app-proxy-adminoverride + asserts: + - equal: + path: data.argoCdUsername + value: app-proxy-adminoverride + + - it: app-proxy ConfigMap should *not* have username, if auth.type is token + values: + - ./values/mandatory-values-ingress.yaml + - ./values/external-argocd-values.yaml + template: app-proxy/config.yaml + set: + global: + external-argo-cd: + auth: + type: token + token: some-token + asserts: + - notExists: + path: data.argoCdUsername + + - it: app-proxy ConfigMap should have isExternalArgoCD key set to true + values: + - ./values/mandatory-values-ingress.yaml + - ./values/external-argocd-values.yaml + template: app-proxy/config.yaml asserts: - equal: path: data.isExternalArgoCD value: "true" - - it: app-proxy Deployment should have valid ARGO_CD_PASSWORD env var set via passwordSecretKeyRef + - it: app-proxy Deployment should have valid deafult ARGO_CD_USERNAME env var if auth.type is password + values: + - ./values/mandatory-values-ingress.yaml + - ./values/external-argocd-values.yaml + template: app-proxy/deployment.yaml + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: ARGO_CD_USERNAME + valueFrom: + configMapKeyRef: + key: argoCdUsername + name: cap-app-proxy-cm + + - it: app-proxy Deployment should have valid deafult ARGO_CD_PASSWORD env var set via passwordSecretKeyRef values: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml @@ -68,14 +117,38 @@ tests: key: password name: argocd-initial-admin-secret + - it: app-proxy Deployment should have valid ARGO_CD_PASSWORD env var set via passwordSecretKeyRef override + values: + - ./values/mandatory-values-ingress.yaml + - ./values/external-argocd-values.yaml + template: app-proxy/deployment.yaml + set: + global: + external-argo-cd: + auth: + passwordSecretKeyRef: + name: name-override + key: key-override + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: ARGO_CD_PASSWORD + valueFrom: + secretKeyRef: + key: key-override + name: name-override + - it: app-proxy Deploymeny should have valid ARGO_CD_PASSWORD env var set via plaintext password values: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml template: app-proxy/deployment.yaml set: - global.external-argo-cd.auth.passwordSecretKeyRef: [] - global.external-argo-cd.auth.password: token + global: + external-argo-cd: + auth: + password: token asserts: - contains: path: spec.template.spec.containers[0].env @@ -86,29 +159,65 @@ tests: key: token name: gitops-runtime-argo-cd-password - - it: app-proxy Deployment should have valid ARGO_CD_USERNAME env var set via plaintext username + - it: app-proxy Deployment should *not* have ARGO_CD_TOKEN env var if auth.type is password values: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml template: app-proxy/deployment.yaml - set: - global.external-argo-cd.auth.username: adminoverride asserts: - - contains: + - notContains: + any: true + path: spec.template.spec.containers[0].env + content: + name: ARGO_CD_TOKEN + + - it: app-proxy Deployment should *not* have ARGO_CD_USERNAME env var if auth.type is token + values: + - ./values/mandatory-values-ingress.yaml + - ./values/external-argocd-values.yaml + template: app-proxy/deployment.yaml + set: + global: + external-argo-cd: + auth: + type: token + token: plaintexttoken + asserts: + - notContains: + any: true path: spec.template.spec.containers[0].env content: name: ARGO_CD_USERNAME - value: adminoverride - - it: app-proxy Deployment should have valid ARGO_CD_TOKEN env var set via tokenSecretKeyRef + - it: app-proxy Deployment should *not* have ARGO_CD_PASSWORD env var if auth.type is token values: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml template: app-proxy/deployment.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.tokenSecretKeyRef.name: my-argocd-secret - global.external-argo-cd.auth.tokenSecretKeyRef.key: my-token + global: + external-argo-cd: + auth: + type: token + token: plaintexttoken + asserts: + - notContains: + any: true + path: spec.template.spec.containers[0].env + content: + name: ARGO_CD_PASSWORD + + - it: app-proxy Deployment should have valid ARGO_CD_TOKEN env var set via plaintext token + values: + - ./values/mandatory-values-ingress.yaml + - ./values/external-argocd-values.yaml + template: app-proxy/deployment.yaml + set: + global: + external-argo-cd: + auth: + type: token + token: plaintexttoken asserts: - contains: path: spec.template.spec.containers[0].env @@ -116,17 +225,22 @@ tests: name: ARGO_CD_TOKEN valueFrom: secretKeyRef: - key: my-token - name: my-argocd-secret + key: token + name: gitops-runtime-argo-cd-token - - it: app-proxy Deployment should have valid ARGO_CD_TOKEN env var set via plaintext token + - it: app-proxy Deployment should have valid ARGO_CD_TOKEN env var set via tokenSecretKeyRef values: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml template: app-proxy/deployment.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.token: "plaintexttoken" + global: + external-argo-cd: + auth: + type: token + tokenSecretKeyRef: + name: my-argocd-secret + key: my-token asserts: - contains: path: spec.template.spec.containers[0].env @@ -134,8 +248,8 @@ tests: name: ARGO_CD_TOKEN valueFrom: secretKeyRef: - key: token - name: gitops-runtime-argo-cd-token + name: my-argocd-secret + key: my-token - it: gitops-operator Deployment should have valid ARGO_CD_TOKEN_SECRET_NAME env var set via tokenSecretKeyRef values: @@ -143,15 +257,19 @@ tests: - ./values/external-argocd-values.yaml template: gitops-operator/deployment.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.tokenSecretKeyRef.name: my-argocd-token-secret - global.external-argo-cd.auth.tokenSecretKeyRef.key: my-token + global: + external-argo-cd: + auth: + type: token + tokenSecretKeyRef: + name: my-argocd-secret + key: my-token asserts: - contains: path: spec.template.spec.containers[0].env content: name: ARGO_CD_TOKEN_SECRET_NAME - value: my-argocd-token-secret + value: my-argocd-secret - it: gitops-operator Deployment should have valid ARGO_CD_TOKEN_SECRET_KEY env var set via tokenSecretKeyRef values: @@ -159,9 +277,13 @@ tests: - ./values/external-argocd-values.yaml template: gitops-operator/deployment.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.tokenSecretKeyRef.name: my-argocd-token-secret - global.external-argo-cd.auth.tokenSecretKeyRef.key: my-token + global: + external-argo-cd: + auth: + type: token + tokenSecretKeyRef: + name: my-argocd-secret + key: my-token asserts: - contains: path: spec.template.spec.containers[0].env @@ -175,8 +297,11 @@ tests: - ./values/external-argocd-values.yaml template: gitops-operator/deployment.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.token: "plaintexttoken" + global: + external-argo-cd: + auth: + type: token + token: "plaintexttoken" asserts: - contains: path: spec.template.spec.containers[0].env @@ -190,8 +315,11 @@ tests: - ./values/external-argocd-values.yaml template: gitops-operator/deployment.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.token: "plaintexttoken" + global: + external-argo-cd: + auth: + type: token + token: "plaintexttoken" asserts: - contains: path: spec.template.spec.containers[0].env @@ -305,15 +433,19 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.tokenSecretKeyRef.name: my-argocd-token-secret - global.external-argo-cd.auth.tokenSecretKeyRef.key: my-token + global: + external-argo-cd: + auth: + type: token + tokenSecretKeyRef: + name: my-argocd-token + key: my-token asserts: - contains: path: spec.template.spec.containers[0].env content: name: ARGO_CD_TOKEN_SECRET_NAME - value: my-argocd-token-secret + value: my-argocd-token - it: event-reporter StatefulSet should have valid ARGO_CD_TOKEN_SECRET_KEY env var set via tokenSecretKeyRef template: cf-argocd-extras/event-reporter/statefulset.yaml @@ -321,9 +453,13 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.tokenSecretKeyRef.name: my-argocd-token-secret - global.external-argo-cd.auth.tokenSecretKeyRef.key: my-token + global: + external-argo-cd: + auth: + type: token + tokenSecretKeyRef: + name: my-argocd-token + key: my-token asserts: - contains: path: spec.template.spec.containers[0].env @@ -337,8 +473,11 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.token: "plaintexttoken" + global: + external-argo-cd: + auth: + type: token + token: "plaintexttoken" asserts: - contains: path: spec.template.spec.containers[0].env @@ -352,8 +491,11 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.token: "plaintexttoken" + global: + external-argo-cd: + auth: + type: token + token: "plaintexttoken" asserts: - contains: path: spec.template.spec.containers[0].env @@ -421,15 +563,19 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.tokenSecretKeyRef.name: my-argocd-token-secret - global.external-argo-cd.auth.tokenSecretKeyRef.key: my-token + global: + external-argo-cd: + auth: + type: token + tokenSecretKeyRef: + name: my-argocd-token + key: my-token asserts: - contains: path: spec.template.spec.containers[0].env content: name: ARGO_CD_TOKEN_SECRET_NAME - value: my-argocd-token-secret + value: my-argocd-token - it: sources-server Deployment should have valid ARGO_CD_TOKEN_SECRET_KEY env var set via tokenSecretKeyRef template: cf-argocd-extras/sources-server/deployment.yaml @@ -437,9 +583,13 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.tokenSecretKeyRef.name: my-argocd-token-secret - global.external-argo-cd.auth.tokenSecretKeyRef.key: my-token + global: + external-argo-cd: + auth: + type: token + tokenSecretKeyRef: + name: my-argocd-token + key: my-token asserts: - contains: path: spec.template.spec.containers[0].env @@ -453,8 +603,11 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.token: "plaintexttoken" + global: + external-argo-cd: + auth: + type: token + token: "plaintexttoken" asserts: - contains: path: spec.template.spec.containers[0].env @@ -468,8 +621,11 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.token: "plaintexttoken" + global: + external-argo-cd: + auth: + type: token + token: "plaintexttoken" asserts: - contains: path: spec.template.spec.containers[0].env @@ -477,26 +633,15 @@ tests: name: ARGO_CD_TOKEN_SECRET_KEY value: token - - it: should require ArgoCd password if auth.type=password is set and no password is provided - values: - - ./values/mandatory-values-ingress.yaml - - ./values/external-argocd-values.yaml - template: app-proxy/deployment.yaml - set: - global.external-argo-cd.auth.type: password - global.external-argo-cd.auth.password: null - global.external-argo-cd.auth.passwordSecretKeyRef: [] - asserts: - - failedTemplate: - errorMessage: "ArgoCD is not enabled and .Values.global.external-argo-cd.auth.password or .Values.global.external-argo-cd.auth.passwordSecretKeyRef is not set" - - it: should require ArgoCd redis address if it's not provided template: cf-argocd-extras/sources-server/deployment.yaml values: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.redis: null + global: + external-argo-cd: + redis: null asserts: - failedTemplate: errorMessage: "ArgoCD is not enabled and .Values.global.external-argo-cd.redis is not set" @@ -507,7 +652,9 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.repoServer: null + global: + external-argo-cd: + repoServer: null asserts: - failedTemplate: errorMessage: "ArgoCD is not enabled and .Values.global.external-argo-cd.repoServer is not set" @@ -518,7 +665,10 @@ tests: - ./values/external-argocd-values.yaml template: app-proxy/deployment.yaml set: - global.external-argo-cd.auth.type: invalid + global: + external-argo-cd: + auth: + type: invalid asserts: - failedTemplate: errorMessage: "Invalid value for .Values.global.external-argo-cd.auth.type: invalid. Allowed values are: [password token]" @@ -529,7 +679,10 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.server.rootpath: /argocd + global: + external-argo-cd: + server: + rootpath: /argocd asserts: - contains: path: spec.template.spec.containers[0].env @@ -543,7 +696,10 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.server.rootpath: /argocd + global: + external-argo-cd: + server: + rootpath: /argocd asserts: - contains: path: spec.template.spec.containers[0].env @@ -557,7 +713,10 @@ tests: - ./values/external-argocd-values.yaml template: app-proxy/config.yaml set: - global.external-argo-cd.server.rootpath: /argocd + global: + external-argo-cd: + server: + rootpath: /argocd asserts: - equal: path: data.argoCdUrl @@ -569,7 +728,10 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.server.rootpath: /argocd + global: + external-argo-cd: + server: + rootpath: /argocd asserts: - contains: path: spec.template.spec.containers[0].env @@ -583,8 +745,11 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.token: mytoken + global: + external-argo-cd: + auth: + type: token + token: mytoken asserts: - isKind: of: Secret @@ -600,8 +765,11 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.auth.type: password - global.external-argo-cd.auth.password: mypassword + global: + external-argo-cd: + auth: + type: password + password: mypassword asserts: - isKind: of: Secret @@ -630,10 +798,14 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.auth.type: token - global.external-argo-cd.auth.token: null - global.external-argo-cd.auth.tokenSecretKeyRef.name: null - global.external-argo-cd.auth.tokenSecretKeyRef.key: null + global: + external-argo-cd: + auth: + type: token + token: null + tokenSecretKeyRef: + name: null + key: null asserts: - failedTemplate: errorMessage: ".Values.global.external-argo-cd.auth.type is set to 'token' therefore .Values.global.external-argo-cd.auth.tokenSecretKeyRef.name is required" @@ -644,7 +816,9 @@ tests: - ./values/mandatory-values-ingress.yaml - ./values/external-argocd-values.yaml set: - global.external-argo-cd.server: null + global: + external-argo-cd: + server: null asserts: - failedTemplate: errorMessage: "ArgoCD is not enabled and .Values.global.external-argo-cd.server is not set" diff --git a/charts/gitops-runtime/tests/values/external-argocd-values.yaml b/charts/gitops-runtime/tests/values/external-argocd-values.yaml index 5bc63344..db86d10d 100644 --- a/charts/gitops-runtime/tests/values/external-argocd-values.yaml +++ b/charts/gitops-runtime/tests/values/external-argocd-values.yaml @@ -13,20 +13,6 @@ global: repoServer: svc: my-argocd-repo-server port: 8081 - auth: - type: password - - username: "admin" - password: "" - passwordSecretKeyRef: - name: argocd-initial-admin-secret - key: password - - token: "" - tokenSecretKeyRef: - name: "" - key: "" argo-cd: enabled: false - diff --git a/charts/gitops-runtime/values.yaml b/charts/gitops-runtime/values.yaml index 14877098..391f81dc 100644 --- a/charts/gitops-runtime/values.yaml +++ b/charts/gitops-runtime/values.yaml @@ -565,14 +565,14 @@ app-proxy: tag: 1.1.17-main image: repository: quay.io/codefresh/cap-app-proxy - tag: eab83ae + tag: 788a8d5 pullPolicy: IfNotPresent # -- Extra volume mounts for main container extraVolumeMounts: [] initContainer: image: repository: quay.io/codefresh/cap-app-proxy-init - tag: 1.3750.0 + tag: 1.3791.0 pullPolicy: IfNotPresent command: - ./init.sh @@ -614,8 +614,8 @@ app-proxy: nameOverride: "" fullnameOverride: "cap-app-proxy" config: - # -- ArgoCD user to be used by app-proxy - argoCdUsername: "admin" + # -- deprecated. use `global.external-argo-cd.auth.username` instead + argoCdUsername: "" # -- ArgoCD Url. determined by chart logic. Do not change unless you are certain you need to argoCdUrl: # -- Workflows server url. Determined by chart logic. Do not change unless you are certain you need to diff --git a/scripts/helm-unittests.sh b/scripts/helm-unittests.sh index b33be9f8..e8c30d09 100755 --- a/scripts/helm-unittests.sh +++ b/scripts/helm-unittests.sh @@ -5,4 +5,4 @@ CHART_DIR="$(cd "$(dirname "$0")/.." && pwd)" echo "$CHART_DIR" echo "Running Helm unittests" -docker run --entrypoint "/bin/sh" -it --rm -v $CHART_DIR/charts:/charts alpine/helm:3.14.4 -c 'helm plugin install https://github.com/helm-unittest/helm-unittest.git --version 0.5.1 && helm unittest /charts/gitops-runtime' +docker run --entrypoint "/bin/sh" -it --rm -v $CHART_DIR/charts:/charts alpine/helm:3.19.0 -c 'helm plugin install https://github.com/helm-unittest/helm-unittest.git --version 1.0.2 && helm unittest /charts/gitops-runtime'