chore(argo-cd): Remove deprecated features and redesign Ingress (#2407)

* chore(argo-cd): Remove deprecated features Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Remove wildcard catch all ingress rule Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Add ingress extra rules Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Remove unnecessary ingress variables Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Improve documentation Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Replace ingress paths and hosts with single backend service Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Use only port number to support all ingress controllers Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Minor gRPC fixes Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Simplify TLS configuration Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Decouple AWS and GKE ALB from generic ingress Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Remove map nesting for ApplicationSet ingress Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Use example.com domain Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Remove fallback for argocd-cm checksum annotation Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Add revisionHistoryLimit for controller Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update README Signed-off-by: Petr Drastil <petr.drastil@gmail.com> * Update README Signed-off-by: Petr Drastil <petr.drastil@gmail.com> --------- Signed-off-by: Petr Drastil <petr.drastil@gmail.com>
2024-02-07 22:40:05 +01:00 · 2024-02-07 22:40:05 +01:00 · b8212e0b30
commit b8212e0b30
parent 0b79f5e5c1
33 changed files with 685 additions and 634 deletions
--- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
+++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
@ -1,8 +1,7 @@
-{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}}
-{{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}}
-{{- $paths := .Values.server.ingressGrpc.paths -}}
-{{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}}
-{{- $pathType := .Values.server.ingressGrpc.pathType -}}
+{{- if and .Values.server.ingressGrpc.enabled (eq .Values.server.ingress.controller "generic") -}}
+{{- $hostname := .Values.server.ingressGrpc.hostname | default (printf "grpc.%s" .Values.server.ingress.hostname) -}}
+{{- $insecure := index .Values.configs.params "server.insecure" | toString -}}
+{{- $servicePort := eq $insecure "true" | ternary .Values.server.service.servicePortHttp .Values.server.service.servicePortHttps -}}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@ -24,50 +23,43 @@ spec:
  ingressClassName: {{ . }}
  {{- end }}
  rules:
-  {{- if .Values.server.ingressGrpc.hosts }}
-    {{- range $host := .Values.server.ingressGrpc.hosts }}
-    - host: {{ $host }}
+    - host: {{ $hostname }}
      http:
        paths:
-          {{- with $extraPaths }}
-          {{- toYaml . | nindent 10 }}
+          {{- with .Values.server.ingressGrpc.extraPaths }}
+            {{- toYaml . | nindent 10 }}
          {{- end }}
-          {{- range $p := $paths }}
-          - path: {{ $p }}
-            pathType: {{ $pathType }}
+          - path: {{ .Values.server.ingressGrpc.path }}
+            pathType: {{ .Values.server.ingressGrpc.pathType }}
            backend:
              service:
-                name: {{ include "argo-cd.server.fullname" $ }}
+                name: {{ include "argo-cd.server.fullname" . }}
                port:
-                  {{- if kindIs "float64" $servicePort }}
                  number: {{ $servicePort }}
-                  {{- else }}
-                  name: {{ $servicePort }}
-                  {{- end }}
-          {{- end -}}
-    {{- end -}}
-  {{- else }}
-    - http:
+    {{- range .Values.server.ingressGrpc.extraHosts }}
+    - host: {{ .name | quote }}
+      http:
        paths:
-          {{- with $extraPaths }}
-          {{- toYaml . | nindent 10 }}
-          {{- end }}
-          {{- range $p := $paths }}
-          - path: {{ $p }}
-            pathType: {{ $pathType }}
+          - path: {{ default .Values.server.ingressGrpc.path .path }}
+            pathType: {{ default .Values.server.ingressGrpc.pathType .pathType }}
            backend:
              service:
-                name: {{ include "argo-cd.server.fullname" $ }}
+                name: {{ include "argo-cd.server.fullname" . }}
                port:
-                  {{- if kindIs "float64" $servicePort }}
                  number: {{ $servicePort }}
-                  {{- else }}
-                  name: {{ $servicePort }}
-                  {{- end }}
-          {{- end -}}
-  {{- end -}}
-  {{- with .Values.server.ingressGrpc.tls }}
+    {{- end }}
+    {{- with .Values.server.ingressGrpc.extraRules }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- if or .Values.server.ingressGrpc.tls .Values.server.ingressGrpc.extraTls }}
  tls:
-    {{- toYaml . | nindent 4 }}
-  {{- end -}}
-{{- end -}}
+    {{- if .Values.server.ingressGrpc.tls }}
+    - hosts:
+      - {{ $hostname }}
+      secretName: {{ printf "%s-tls" $hostname }}
+    {{- end }}
+    {{- with .Values.server.ingressGrpc.tls }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- end }}
+{{- end }}