From f508a0347e123ae958a6b83019608cb87c680e60 Mon Sep 17 00:00:00 2001
From: "Ims, Julie" <juliebergeims@gmail.com>
Date: Wed, 19 Jun 2024 12:46:23 +0200
Subject: [PATCH 1/6] Add secrettemplate to argo-cd server certificate

Signed-off-by: Ims, Julie <juliebergeims@gmail.com>
---
 charts/argo-cd/Chart.yaml                               | 2 +-
 charts/argo-cd/README.md                                | 1 +
 charts/argo-cd/templates/argocd-server/certificate.yaml | 7 +++++++
 charts/argo-cd/values.yaml                              | 2 ++
 4 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml
index 6d1a40413..9de3857c5 100644
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@@ -3,7 +3,7 @@ appVersion: v2.11.3
 kubeVersion: ">=1.23.0-0"
 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 7.1.4
+version: 7.1.5
 home: https://github.com/argoproj/argo-helm
 icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
 sources:
diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md
index f89a222c1..88da4d34e 100644
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@@ -969,6 +969,7 @@ NAME: my-release
 | server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. |
 | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource |
 | server.certificate.usages | list | `[]` | Usages for the certificate |
+| server.certificate.secretTemplateAnnotations | object | `{}` | Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources |
 | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret |
 | server.certificateSecret.crt | string | `""` | Certificate data |
 | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret |
diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml
index 629d0e95c..4376bd5ca 100644
--- a/charts/argo-cd/templates/argocd-server/certificate.yaml
+++ b/charts/argo-cd/templates/argocd-server/certificate.yaml
@@ -13,6 +13,13 @@ metadata:
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}
 spec:
+  secretTemplate:
+    {{- with .Values.server.certificate.secretTemplateAnnotations }}
+    annotations:
+      {{- range $key, $value := . }}
+      {{ $key }}: {{ $value | quote }}
+      {{- end }}
+    {{- end }} 
   secretName: {{ .Values.server.certificate.secretName }}
   commonName: {{ .Values.server.certificate.domain | default .Values.global.domain }}
   dnsNames:
diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml
index 6d9923e66..fb41ee10f 100644
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@@ -2029,6 +2029,8 @@ server:
     # -- Usages for the certificate
     ### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage
     usages: []
+    # Allows the certificate to be composed from data residing in existing Kubernetes Resources, including other Secrets.
+    secretTemplateAnnotations: {}
 
   # TLS certificate configuration via Secret
   ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server

From 8528816d0f1371d6a75683114f482dc4d24fdc78 Mon Sep 17 00:00:00 2001
From: "Ims, Julie" <juliebergeims@gmail.com>
Date: Wed, 19 Jun 2024 13:09:56 +0200
Subject: [PATCH 2/6] refactor documentation

Signed-off-by: Ims, Julie <juliebergeims@gmail.com>
---
 charts/argo-cd/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md
index 88da4d34e..884aa9003 100644
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@@ -967,9 +967,9 @@ NAME: my-release
 | server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` |
 | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. |
 | server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. |
+| server.certificate.secretTemplateAnnotations | object | `{}` | Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources |
 | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource |
 | server.certificate.usages | list | `[]` | Usages for the certificate |
-| server.certificate.secretTemplateAnnotations | object | `{}` | Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources |
 | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret |
 | server.certificateSecret.crt | string | `""` | Certificate data |
 | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret |

From 9bd025cb68c3439da13503cae95c590df724a727 Mon Sep 17 00:00:00 2001
From: "Ims, Julie" <juliebergeims@gmail.com>
Date: Wed, 19 Jun 2024 13:57:08 +0200
Subject: [PATCH 3/6] added changelog

Signed-off-by: Ims, Julie <juliebergeims@gmail.com>
---
 charts/argo-cd/Chart.yaml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml
index 9de3857c5..0aca139f0 100644
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@@ -26,5 +26,6 @@ annotations:
     fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
     url: https://argoproj.github.io/argo-helm/pgp_keys.asc
   artifacthub.io/changes: |
-    - kind: changed
-      description: add loadBalancerClass field for Service resources
+    - kind: added
+      description: Added secrettemplateAnnotation field for argocd server certificate
+

From bf823590604423fdf0b810e14afc946d25042838 Mon Sep 17 00:00:00 2001
From: "Ims, Julie" <juliebergeims@gmail.com>
Date: Wed, 19 Jun 2024 14:57:52 +0200
Subject: [PATCH 4/6] remove empty line

Signed-off-by: Ims, Julie <juliebergeims@gmail.com>
---
 charts/argo-cd/Chart.yaml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml
index 0aca139f0..408a69893 100644
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@@ -28,4 +28,3 @@ annotations:
   artifacthub.io/changes: |
     - kind: added
       description: Added secrettemplateAnnotation field for argocd server certificate
-

From 2acc8ae349d3eb6ffdc2c4e6a1de3f6e42a0e2d2 Mon Sep 17 00:00:00 2001
From: "Ims, Julie" <juliebergeims@gmail.com>
Date: Wed, 19 Jun 2024 15:08:21 +0200
Subject: [PATCH 5/6] correct comment in values file

Signed-off-by: Ims, Julie <juliebergeims@gmail.com>
---
 charts/argo-cd/values.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml
index fb41ee10f..332523050 100644
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@@ -2029,7 +2029,7 @@ server:
     # -- Usages for the certificate
     ### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage
     usages: []
-    # Allows the certificate to be composed from data residing in existing Kubernetes Resources, including other Secrets.
+    # -- Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources
     secretTemplateAnnotations: {}
 
   # TLS certificate configuration via Secret

From 2cc0778962b2d400f62c57733d4d979bd34c2ea5 Mon Sep 17 00:00:00 2001
From: "Ims, Julie" <juliebergeims@gmail.com>
Date: Wed, 19 Jun 2024 15:20:34 +0200
Subject: [PATCH 6/6] move documentation comment according to test results

Signed-off-by: Ims, Julie <juliebergeims@gmail.com>
---
 charts/argo-cd/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md
index 884aa9003..6b7c2fdd9 100644
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@@ -967,8 +967,8 @@ NAME: my-release
 | server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` |
 | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. |
 | server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. |
-| server.certificate.secretTemplateAnnotations | object | `{}` | Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources |
 | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource |
+| server.certificate.secretTemplateAnnotations | object | `{}` | Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources |
 | server.certificate.usages | list | `[]` | Usages for the certificate |
 | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret |
 | server.certificateSecret.crt | string | `""` | Certificate data |