chore(argo-cd): Remove deprecated features and redesign Ingress (#2407)

* chore(argo-cd): Remove deprecated features Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Remove wildcard catch all ingress rule Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Add ingress extra rules Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Remove unnecessary ingress variables Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Improve documentation Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Replace ingress paths and hosts with single backend service Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Use only port number to support all ingress controllers Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Minor gRPC fixes Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Simplify TLS configuration Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Decouple AWS and GKE ALB from generic ingress Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Remove map nesting for ApplicationSet ingress Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Use example.com domain Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Remove fallback for argocd-cm checksum annotation Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Add revisionHistoryLimit for controller Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update README Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update README Signed-off-by: Petr Drastil <petr.drastil@gmail.com> --------- Signed-off-by: Petr Drastil <petr.drastil@gmail.com>
2024-02-07 22:40:05 +01:00 · 2024-02-07 22:40:05 +01:00 · b8212e0b30
commit b8212e0b30
parent 0b79f5e5c1
33 changed files with 685 additions and 634 deletions
--- a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml
+++ b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml
@ -1,11 +1,13 @@
-{{- if .Values.server.GKEbackendConfig.enabled }}
-apiVersion: {{ include "argo-cd.apiVersions.cloudgoogle" . }}
+{{- if and .Values.server.ingress.enabled (eq .Values.server.ingress.controller "gke") .Values.server.ingress.gke.backendConfig }}
+apiVersion: cloud.google.com/v1
 kind: BackendConfig
 metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
+  name: {{ include "argo-cd.server.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
+{{- with .Values.server.ingress.gke.backendConfig }}
 spec:
-  {{- toYaml .Values.server.GKEbackendConfig.spec | nindent 2 }}
+  {{- toYaml . | nindent 2 }}
+{{- end }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml
+++ b/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml
@ -1,11 +1,13 @@
-{{- if .Values.server.GKEfrontendConfig.enabled }}
+{{- if and .Values.server.ingress.enabled (eq .Values.server.ingress.controller "gke") .Values.server.ingress.gke.frontendConfig }}
 apiVersion: networking.gke.io/v1beta1
 kind: FrontendConfig
 metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
+  name: {{ include "argo-cd.server.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
+{{- with .Values.server.ingress.gke.frontendConfig }}
 spec:
-  {{- toYaml .Values.server.GKEfrontendConfig.spec | nindent 2 }}
+  {{- toYaml . | nindent 2 }}
+{{- end }}
 {{- end }}
--- a/charts/argo-cd/templates/argocd-server/gke/ingress.yaml
+++ b/charts/argo-cd/templates/argocd-server/gke/ingress.yaml
@ -0,0 +1,69 @@
+{{- if and .Values.server.ingress.enabled (eq .Values.server.ingress.controller "gke") }}
+{{- $insecure := index .Values.configs.params "server.insecure" | toString -}}
+{{- $servicePort := eq $insecure "true" | ternary .Values.server.service.servicePortHttp .Values.server.service.servicePortHttps -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ include "argo-cd.server.fullname" . }}
+  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
+    {{- with .Values.server.ingress.labels }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  annotations:
+    ingressClassName: "gce"
+    {{- if .Values.server.ingress.gke.managedCertificate.create }}
+    networking.gke.io/managed-certificates: {{ include "argo-cd.server.fullname" . }}
+    {{- end }}
+    {{- if .Values.server.ingress.gke.frontendConfig }}
+    networking.gke.io/v1beta1.FrontendConfig: {{ include "argo-cd.server.fullname" . }}
+    {{- end }}
+    {{- range $key, $value := .Values.server.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  {{- with .Values.server.ingress.ingressClassName }}
+  ingressClassName: {{ . }}
+  {{- end }}
+  rules:
+    - host: {{ .Values.server.ingress.hostname }}
+      http:
+        paths:
+          {{- with .Values.server.ingress.extraPaths }}
+            {{- toYaml . | nindent 10 }}
+          {{- end }}
+          - path: {{ .Values.server.ingress.path }}
+            pathType: {{ .Values.server.ingress.pathType }}
+            backend:
+              service:
+                name: {{ include "argo-cd.server.fullname" . }}
+                port:
+                  number: {{ $servicePort }}
+    {{- range .Values.server.ingress.extraHosts }}
+    - host: {{ .name | quote }}
+      http:
+        paths:
+          - path: {{ default .Values.server.ingress.path .path }}
+            pathType: {{ default .Values.server.ingress.pathType .pathType }}
+            backend:
+              service:
+                name: {{ include "argo-cd.server.fullname" . }}
+                port:
+                  number: {{ $servicePort }}
+    {{- end }}
+    {{- with .Values.server.ingress.extraRules }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- if or .Values.server.ingress.tls .Values.server.ingress.extraTls }}
+  tls:
+    {{- if .Values.server.ingress.tls }}
+    - hosts:
+      - {{ .Values.server.ingress.hostname }}
+      secretName: argocd-server-tls
+    {{- end }}
+    {{- with .Values.server.ingress.extraTls }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- end }}
+{{- end }}
--- a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml
+++ b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml
@ -1,12 +1,15 @@
-{{- if .Values.server.GKEmanagedCertificate.enabled }}
+{{- if and .Values.server.ingress.enabled (eq .Values.server.ingress.controller "gke") .Values.server.ingress.gke.managedCertificate.create }}
 apiVersion: networking.gke.io/v1
 kind: ManagedCertificate
 metadata:
-  name: {{ template "argo-cd.server.fullname" . }}
+  name: {{ include "argo-cd.server.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
 spec:
  domains:
-    {{- with .Values.server.GKEmanagedCertificate.domains }}
-    {{- toYaml . | nindent 4 }}
+    - {{ .Values.server.ingress.hostname }}
+    {{- with .Values.server.ingress.gke.managedCertificate.extraDomains }}
+      {{- toYaml . | nindent 4 }}
    {{- end }}
 {{- end }}