feat(argo-cd): Add support for extension (#1050)

* add support for extension

Signed-off-by: Qing Ye <ye.qing@gojek.com>

* add volume mounts

Signed-off-by: Qing Ye <ye.qing@gojek.com>

* add RBAC

Signed-off-by: Qing Ye <ye.qing@gojek.com>

* add more control to extensions values and update readme

Signed-off-by: Qing Ye <ye.qing@gojek.com>

* remove trailing spaces in values file

Signed-off-by: Qing Ye <ye.qing@gojek.com>

* add missing extensions.enabled

Signed-off-by: Qing Ye <ye.qing@gojek.com>

* Update charts/argo-cd/Chart.yaml

Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
Signed-off-by: Qing Ye <ye.qing@gojek.com>

* add comment to extensions values

Signed-off-by: Qing Ye <ye.qing@gojek.com>

Co-authored-by: Qing Ye <ye.qing@gojek.com>
Co-authored-by: Marko Bevc <marko@scalefactory.com>
Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>

charts/argo-cd/templates/argocd-server/deployment.yaml

@@ -75,6 +75,10 @@ spec:
         {{- if .Values.server.volumeMounts }}
 {{- toYaml .Values.server.volumeMounts | nindent 8}}
         {{- end }}
+        {{- if .Values.server.extensions.enabled }}
+        - name: extensions
+          mountPath: /tmp/extensions/
+        {{- end }}
         {{- if .Values.configs.knownHosts }}
         - mountPath: /app/config/ssh
           name: ssh-known-hosts
@@ -132,6 +136,14 @@ spec:
       {{- with .Values.server.extraContainers }}
         {{- toYaml . | nindent 6 }}
       {{- end }}
+      {{- if .Values.server.extensions.enabled }}
+      - name: argocd-extensions
+        image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }}
+        imagePullPolicy: {{ .Values.server.extensions.image.imagePullPolicy }}
+        volumeMounts:
+          - name: extensions
+            mountPath: /tmp/extensions/
+      {{- end }}
     {{- if .Values.server.nodeSelector }}
       nodeSelector:
 {{- toYaml .Values.server.nodeSelector | nindent 8 }}
@@ -164,6 +176,10 @@ spec:
       {{- if .Values.server.volumes }}
 {{- toYaml .Values.server.volumes | nindent 6}}
       {{- end }}
+      {{- if .Values.server.extensions.enabled }}
+      - name: extensions
+        emptyDir: {}
+      {{- end }}
       - emptyDir: {}
         name: static-files
       - emptyDir: {}

charts/argo-cd/templates/argocd-server/extensions-rolebinding.yaml

@@ -0,0 +1,15 @@
+{{- if .Values.server.extensions.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
+  name: argocd-server-extensions
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: argocd-server-extensions
+subjects:
+- kind: ServiceAccount
+  name: argocd-server
+{{- end }}

charts/argo-cd/templates/argocd-server/extensions.yaml

@@ -0,0 +1,17 @@
+{{- if .Values.server.extensions.enabled }}
+{{- range $extension := .Values.server.extensions.contents }}
+---
+apiVersion: argoproj.io/v1alpha1
+kind: ArgoCDExtension
+metadata:
+  name: {{ $extension.name }}
+  finalizers:
+    - extensions-finalizer.argocd.argoproj.io
+  labels:
+    {{- include "argo-cd.labels" (dict "context" $ "component" $.Values.server.name "name" (printf "%s-extensions" $.Values.server.name)) | nindent 4 }}
+spec:
+  sources:
+  - web:
+      url: {{ $extension.url }}
+{{- end }}
+{{- end }}

charts/argo-cd/templates/argocd-server/extentions-role.yaml

@@ -0,0 +1,21 @@
+{{- if .Values.server.extensions.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
+  name: argocd-server-extensions
+rules:
+- apiGroups:
+  - argoproj.io
+  resources:
+  - argocdextensions
+  verbs:
+  - create
+  - get
+  - list
+  - watch
+  - update
+  - delete
+  - patch
+{{- end }}