feat(argo-cd): Add secrettemplate to argo-cd server certificate (#2780)

* Add secrettemplate to argo-cd server certificate Signed-off-by: Ims, Julie <juliebergeims@gmail.com> * refactor documentation Signed-off-by: Ims, Julie <juliebergeims@gmail.com> * added changelog Signed-off-by: Ims, Julie <juliebergeims@gmail.com> * remove empty line Signed-off-by: Ims, Julie <juliebergeims@gmail.com> * correct comment in values file Signed-off-by: Ims, Julie <juliebergeims@gmail.com> * move documentation comment according to test results Signed-off-by: Ims, Julie <juliebergeims@gmail.com> --------- Signed-off-by: Ims, Julie <juliebergeims@gmail.com>
argoproj · Jun 19, 2024 · e34b45b · e34b45b
1 parent 8130224
commit e34b45b
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 3 deletions.
diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml
@@ -3,7 +3,7 @@ appVersion: v2.11.3
 kubeVersion: ">=1.23.0-0"
 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 7.1.4
+version: 7.1.5
 home: https://github.com/argoproj/argo-helm
 icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
 sources:
@@ -26,5 +26,5 @@ annotations:
     fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
     url: https://argoproj.github.io/argo-helm/pgp_keys.asc
   artifacthub.io/changes: |
-    - kind: changed
-      description: add loadBalancerClass field for Service resources
+    - kind: added
+      description: Added secrettemplateAnnotation field for argocd server certificate
diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md
@@ -968,6 +968,7 @@ NAME: my-release
 | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. |
 | server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. |
 | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource |
+| server.certificate.secretTemplateAnnotations | object | `{}` | Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources |
 | server.certificate.usages | list | `[]` | Usages for the certificate |
 | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret |
 | server.certificateSecret.crt | string | `""` | Certificate data |

diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml
@@ -13,6 +13,13 @@ metadata:
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
 spec:
+  secretTemplate:
+    {{- with .Values.server.certificate.secretTemplateAnnotations }}
+    annotations:
+      {{- range $key, $value := . }}
+      {{ $key }}: {{ $value | quote }}
+      {{- end }}
+    {{- end }} 
   secretName: {{ .Values.server.certificate.secretName }}
   commonName: {{ .Values.server.certificate.domain | default .Values.global.domain }}
   dnsNames:

diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml
@@ -2029,6 +2029,8 @@ server:
     # -- Usages for the certificate
     ### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage
     usages: []
+    # -- Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources
+    secretTemplateAnnotations: {}
 
   # TLS certificate configuration via Secret
   ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server