refactor cf-argocd-extras

Author: mikhail-klimko

charts/gitops-runtime/templates/argo-api-gateway/_env.yaml

@@ -13,9 +13,7 @@ ARGO_CD_TOKEN_SECRET_KEY: "token"
   {{- end }}
 {{- end }}
 
-{{- with (index .Values "global" "external-argo-cd" "server" "rootpath") }}
-ARGOCD_SERVER_ROOTPATH: {{ . }}
-{{- end }}
+ARGOCD_SERVER_ROOTPATH: {{ dig "server" "rootpath" "/" (index .Values "global" "external-argo-cd") | quote }}
 
 {{- if or .Values.global.codefresh.tls.caCerts.secret.create (and .Values.global.codefresh.tls.caCerts.secretKeyRef.key .Values.global.codefresh.tls.caCerts.secretKeyRef.name) }}
   {{- $secretKey := .Values.global.codefresh.tls.caCerts.secret.create | ternary (default "ca-bundle.crt" .Values.global.codefresh.tls.caCerts.secret.key) .Values.global.codefresh.tls.caCerts.secretKeyRef.key }}

charts/gitops-runtime/templates/event-reporters/resources-reporter/_env.yaml

@@ -13,9 +13,7 @@ ARGO_CD_TOKEN_SECRET_KEY: "token"
   {{- end }}
 {{- end }}
 
-{{- with (index .Values "global" "external-argo-cd" "server" "rootpath") }}
-ARGOCD_SERVER_ROOTPATH: {{ . }}
-{{- end }}
+ARGOCD_SERVER_ROOTPATH: {{ dig "server" "rootpath" "/" (index .Values "global" "external-argo-cd") | quote }}
 
 {{- if or .Values.global.codefresh.tls.caCerts.secret.create (and .Values.global.codefresh.tls.caCerts.secretKeyRef.key .Values.global.codefresh.tls.caCerts.secretKeyRef.name) }}
   {{- $secretKey := .Values.global.codefresh.tls.caCerts.secret.create | ternary (default "ca-bundle.crt" .Values.global.codefresh.tls.caCerts.secret.key) .Values.global.codefresh.tls.caCerts.secretKeyRef.key }}

charts/gitops-runtime/templates/event-reporters/runtime-reporter/_env.yaml

@@ -13,9 +13,7 @@ ARGO_CD_TOKEN_SECRET_KEY: "token"
   {{- end }}
 {{- end }}
 
-{{- with (index .Values "global" "external-argo-cd" "server" "rootpath") }}
-ARGOCD_SERVER_ROOTPATH: {{ . }}
-{{- end }}
+ARGOCD_SERVER_ROOTPATH: {{ dig "server" "rootpath" "/" (index .Values "global" "external-argo-cd") | quote }}
 
 {{- if or .Values.global.codefresh.tls.caCerts.secret.create (and .Values.global.codefresh.tls.caCerts.secretKeyRef.key .Values.global.codefresh.tls.caCerts.secretKeyRef.name) }}
   {{- $secretKey := .Values.global.codefresh.tls.caCerts.secret.create | ternary (default "ca-bundle.crt" .Values.global.codefresh.tls.caCerts.secret.key) .Values.global.codefresh.tls.caCerts.secretKeyRef.key }}

charts/gitops-runtime/templates/hooks/pre-install/_env.yaml

@@ -15,7 +15,7 @@ NAMESPACE:
 {{- define "installer.validate-values.environment-variables.defaults" -}}
 ARGOCD_CHECK_VERSION: {{ not (get .Values "argo-cd").enabled | quote }}
 ARGOCD_LABELS: "{{ range $k, $v := .Values.installer.argoCdVersionCheck.argoServerLabels }}{{ $k }}={{ $v }},{{ end }}"
-ARGOCD_ROOT_PATH: {{ dig "external-argo-cd" "server" "rootpath" "/" dict (get .Values "global") }}
+ARGOCD_SERVER_ROOTPATH: {{ dig "server" "rootpath" "/" (index .Values "global" "external-argo-cd") | quote }}
 ARGOCD_VERSION_PATH: "/api/version"
 CHART_VERSION: {{ .Chart.Version }}
 NAMESPACE:

charts/gitops-runtime/tests/argo-api-gateway_test.yaml

@@ -0,0 +1,148 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
+suite: argo-api-gateway tests
+templates:
+  - argo-api-gateway/**
+tests:
+  - it: Argo Api Gateway ConfigMap should have valid data
+    template: argo-api-gateway/configmap.yaml
+    values:
+      - ./values/mandatory-values-ingress.yaml
+    asserts:
+      - equal:
+          path: data["argocd.server"]
+          value: argo-cd-server:80
+      - equal:
+          path: data["redis.server"]
+          value: argo-cd-redis:6379
+      - equal:
+          path: data["repo.server"]
+          value: argo-cd-repo-server:8081
+
+  - it: Argo Api Gateway Deployment should have valid matchLabel selectors
+    template: argo-api-gateway/deployment.yaml
+    values:
+      - ./values/mandatory-values-ingress.yaml
+    asserts:
+      - equal:
+          path: spec.selector.matchLabels
+          value:
+            app.kubernetes.io/name: argo-api-gateway
+            app.kubernetes.io/instance: RELEASE-NAME
+      - equal:
+          path: spec.template.metadata.labels
+          value:
+            app.kubernetes.io/name: argo-api-gateway
+            app.kubernetes.io/instance: RELEASE-NAME
+
+  - it: Argo Api Gateway Service should have valid matchLabel selectors
+    template: argo-api-gateway/service.yaml
+    values:
+      - ./values/mandatory-values-ingress.yaml
+    asserts:
+      - equal:
+          path: spec.selector
+          value:
+            app.kubernetes.io/name: argo-api-gateway
+            app.kubernetes.io/instance: RELEASE-NAME
+
+  - it: Argo Api Gateway should be deployed with forked ArgoCD
+    template: argo-api-gateway/deployment.yaml
+    values:
+      - ./values/mandatory-values-ingress.yaml
+    asserts:
+      - hasDocuments:
+          count: 1
+      - isKind:
+          of: Deployment
+      - equal:
+          path: metadata.name
+          value: argo-api-gateway
+
+  - it: Argo Api Gateway should be deployed with external OSS ArgoCD
+    template: argo-api-gateway/deployment.yaml
+    values:
+      - ./values/mandatory-values-ingress.yaml
+      - ./values/external-argocd-values.yaml
+    asserts:
+      - hasDocuments:
+          count: 1
+      - isKind:
+          of: Deployment
+      - equal:
+          path: metadata.name
+          value: argo-api-gateway
+
+  - it: Argo Api Gateway ConfigMap should have valid redis-ha url
+    template: argo-api-gateway/configmap.yaml
+    values:
+      - ./values/mandatory-values-ingress.yaml
+    set:
+      argo-cd:
+        redis-ha:
+          enabled: true
+    asserts:
+      - equal:
+          path: data["redis.server"]
+          value: RELEASE-NAME-redis-ha-haproxy:6379
+
+  - it: Argo Api Gateway should have CODEFRESH_SSL_CERT_PATH env var when .Values.global.codefresh.tls.caCerts.secret.create is true
+    template: argo-api-gateway/deployment.yaml
+    values:
+      - ./values/mandatory-values-ingress.yaml
+    set:
+      global:
+        codefresh:
+          tls:
+            caCerts:
+              secret:
+                create: true
+                key: ca-bundle.crt
+                content: |
+                  -----BEGIN CERTIFICATE-----
+                  MIID...
+                  -----END CERTIFICATE-----
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].env[?(@.name == 'CODEFRESH_SSL_CERT_PATH')].value
+          value: /app/config/codefresh-tls-certs/ca-bundle.crt
+      - contains:
+          path: spec.template.spec.volumes
+          content:
+            name: codefresh-tls-certs
+            secret:
+              secretName: codefresh-tls-certs
+      - contains:
+          path: spec.template.spec.containers[0].volumeMounts
+          content:
+            name: codefresh-tls-certs
+            mountPath: /app/config/codefresh-tls-certs
+            readOnly: true
+
+  - it: Argo Api Gateway should have CODEFRESH_SSL_CERT_PATH env var when .Values.global.codefresh.tls.caCerts.secretKeyRef is set
+    template: argo-api-gateway/deployment.yaml
+    values:
+      - ./values/mandatory-values-ingress.yaml
+    set:
+      global:
+        codefresh:
+          tls:
+            caCerts:
+              secretKeyRef:
+                name: my-codefresh-tls-certs
+                key: my-ca-bundle.crt
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].env[?(@.name == 'CODEFRESH_SSL_CERT_PATH')].value
+          value: /app/config/codefresh-tls-certs/my-ca-bundle.crt
+      - contains:
+          path: spec.template.spec.volumes
+          content:
+            name: codefresh-tls-certs
+            secret:
+              secretName: my-codefresh-tls-certs
+      - contains:
+          path: spec.template.spec.containers[0].volumeMounts
+          content:
+            name: codefresh-tls-certs
+            mountPath: /app/config/codefresh-tls-certs
+            readOnly: true

charts/gitops-runtime/tests/argo-projects-templates-integration_test.yaml

@@ -105,18 +105,3 @@ tests:
   - equal:
       path: data.argoWorkflowsUrl
       value: https://argo-test-server:2746
-# ------------------------------------------------------------------------------------------
-# Argo rollouts
-# Affected templates - rollouts reporter clusterrolebinding
-# ------------------------------------------------------------------------------------------
-- it: test rollout reporter ClusterRoleBinding to argo rollouts role
-  template: 'event-reporters/rollout-reporter/clusterrolebinding.yaml'
-  values:
-  - ./values/mandatory-values.yaml
-  set:
-    argo-rollouts.enabled: true
-    argo-rollouts.fullnameOverride: rollouts-test
-  asserts:
-  - equal:
-      path: roleRef.name
-      value: rollouts-test

charts/gitops-runtime/tests/custom-ca_test.yaml

@@ -4,8 +4,6 @@ templates:
   - tls-custom-ca/codefresh-tls-certs.yaml
   - tls-custom-ca/workflow-pipelines-git-webhooks.yaml
   - app-proxy/deployment.yaml
-  - event-reporters/workflow-reporter/sensor.yaml
-  - event-reporters/rollout-reporter/sensor.yaml
   - hooks/pre-uninstall/delete-runtime-from-platform.yaml
   - gitops-operator/*
   - _components/gitops-operator/*
@@ -213,129 +211,6 @@ tests:
         name: SSL_CERT_FILE
         value:  /app/config/codefresh-tls-certs/ca-bundle.crt
 
-- it: rollout reporter sensor - check chart created secret with default key
-  template: event-reporters/rollout-reporter/sensor.yaml
-  values:
-  - ./values/mandatory-values.yaml
-  set:
-    global.codefresh.tls.caCerts.secret.annotations.test: 'test'
-    global.codefresh.tls.caCerts.secret.create: true
-    global.codefresh.tls.caCerts.secret.content: |
-      -----BEGIN CERTIFICATE-----
-      ... encoded certificate data here ...
-      -----END CERTIFICATE-----
-  asserts:
-  - equal:
-      path: spec.triggers[0].template.http.tls
-      value:
-        caCertSecret:
-          name: codefresh-tls-certs
-          key: ca-bundle.crt
-
-- it: workflow reporter sensor - check chart created secret with default key
-  template: event-reporters/workflow-reporter/sensor.yaml
-  values:
-  - ./values/mandatory-values.yaml
-  set:
-    global.codefresh.tls.caCerts.secret.annotations.test: 'test'
-    global.codefresh.tls.caCerts.secret.create: true
-    global.codefresh.tls.caCerts.secret.content: |
-      -----BEGIN CERTIFICATE-----
-      ... encoded certificate data here ...
-      -----END CERTIFICATE-----
-  asserts:
-  - equal:
-      path: spec.triggers[0].template.http.tls
-      value:
-        caCertSecret:
-          name: codefresh-tls-certs
-          key: ca-bundle.crt
-
-- it: rollout reporter sensor - secretKeyRef
-  template: event-reporters/rollout-reporter/sensor.yaml
-  values:
-  - ./values/mandatory-values.yaml
-  set:
-    global.codefresh.tls.caCerts.secretKeyRef.name: my-secret
-    global.codefresh.tls.caCerts.secretKeyRef.key: my-key
-  asserts:
-  - equal:
-      path: spec.triggers[0].template.http.tls
-      value:
-        caCertSecret:
-          name: my-secret
-          key: my-key
-
-- it: workflow reporter sensor - secretKeyRef
-  template: event-reporters/workflow-reporter/sensor.yaml
-  values:
-  - ./values/mandatory-values.yaml
-  set:
-    global.codefresh.tls.caCerts.secretKeyRef.name: my-secret
-    global.codefresh.tls.caCerts.secretKeyRef.key: my-key
-  asserts:
-  - equal:
-      path: spec.triggers[0].template.http.tls
-      value:
-        caCertSecret:
-          name: my-secret
-          key: my-key
-
-- it: rollout reporter sensor - check chart created secret with custom key
-  template: event-reporters/rollout-reporter/sensor.yaml
-  values:
-  - ./values/mandatory-values.yaml
-  set:
-    global.codefresh.tls.caCerts.secret.annotations.test: 'test'
-    global.codefresh.tls.caCerts.secret.create: true
-    global.codefresh.tls.caCerts.secret.key: my-key
-    global.codefresh.tls.caCerts.secret.content: |
-      -----BEGIN CERTIFICATE-----
-      ... encoded certificate data here ...
-      -----END CERTIFICATE-----
-  asserts:
-  - equal:
-      path: spec.triggers[0].template.http.tls
-      value:
-        caCertSecret:
-          name: codefresh-tls-certs
-          key: my-key
-
-- it: workflow reporter sensor - check chart created secret with custom key
-  template: event-reporters/workflow-reporter/sensor.yaml
-  values:
-  - ./values/mandatory-values.yaml
-  set:
-    global.codefresh.tls.caCerts.secret.annotations.test: 'test'
-    global.codefresh.tls.caCerts.secret.create: true
-    global.codefresh.tls.caCerts.secret.key: my-key
-    global.codefresh.tls.caCerts.secret.content: |
-      -----BEGIN CERTIFICATE-----
-      ... encoded certificate data here ...
-      -----END CERTIFICATE-----
-  asserts:
-  - equal:
-      path: spec.triggers[0].template.http.tls
-      value:
-        caCertSecret:
-          name: codefresh-tls-certs
-          key: my-key
-
-- it: rollout reporter sensor - no tls
-  template: event-reporters/rollout-reporter/sensor.yaml
-  values:
-  - ./values/mandatory-values.yaml
-  asserts:
-  - notExists:
-      path: spec.triggers[0].template.http.tls
-
-- it: workflow reporter sensor - no tls
-  template: event-reporters/workflow-reporter/sensor.yaml
-  values:
-  - ./values/mandatory-values.yaml
-  asserts:
-  - notExists:
-      path: spec.triggers[0].template.http.tls
 # --------------------------------------------------------
 # workflowPipelinesGitWebhooks
 # --------------------------------------------------------