feat(chart)!: major update of dependencies on argocd chart

README.adoc

@@ -231,10 +231,10 @@ The following providers are used by this module:
 
 - [[provider_random]] <<provider_random,random>> (>= 3)
 
-- [[provider_utils]] <<provider_utils,utils>> (>= 1.6)
-
 - [[provider_argocd]] <<provider_argocd,argocd>> (>= 5)
 
+- [[provider_utils]] <<provider_utils,utils>> (>= 1.6)
+
 === Resources
 
 The following resources are used by this module:
@@ -310,7 +310,7 @@ Description: Override of target revision of the application chart.
 
 Type: `string`
 
-Default: `"v4.4.1"`
+Default: `"v4.5.0"`
 
 ==== [[input_cluster_issuer]] <<input_cluster_issuer,cluster_issuer>>
 
@@ -692,12 +692,12 @@ Description: Map of extra accounts that were created and their tokens.
 [cols="a,a",options="header,autowidth"]
 |===
 |Name |Version
-|[[provider_null]] <<provider_null,null>> |>= 3
 |[[provider_jwt]] <<provider_jwt,jwt>> |>= 1.1
 |[[provider_time]] <<provider_time,time>> |>= 0.9
 |[[provider_random]] <<provider_random,random>> |>= 3
-|[[provider_argocd]] <<provider_argocd,argocd>> |>= 5
 |[[provider_utils]] <<provider_utils,utils>> |>= 1.6
+|[[provider_argocd]] <<provider_argocd,argocd>> |>= 5
+|[[provider_null]] <<provider_null,null>> |>= 3
 |===
 
 = Resources
@@ -753,7 +753,7 @@ Description: Map of extra accounts that were created and their tokens.
 |[[input_target_revision]] <<input_target_revision,target_revision>>
 |Override of target revision of the application chart.
 |`string`
-|`"v4.4.1"`
+|`"v4.5.0"`
 |no
 
 |[[input_cluster_issuer]] <<input_cluster_issuer,cluster_issuer>>

bootstrap/README.adoc

@@ -79,12 +79,12 @@ The following requirements are needed by this module:
 
 The following providers are used by this module:
 
+- [[provider_random]] <<provider_random,random>> (>= 3)
+
 - [[provider_jwt]] <<provider_jwt,jwt>> (>= 1.1)
 
 - [[provider_time]] <<provider_time,time>> (>= 0.9)
 
-- [[provider_random]] <<provider_random,random>> (>= 3)
-
 - [[provider_helm]] <<provider_helm,helm>> (>= 2)
 
 - [[provider_argocd]] <<provider_argocd,argocd>> (>= 6)
@@ -201,9 +201,9 @@ Description: The Argo CD accounts pipeline tokens.
 [cols="a,a",options="header,autowidth"]
 |===
 |Name |Version
+|[[provider_random]] <<provider_random,random>> |>= 3
 |[[provider_jwt]] <<provider_jwt,jwt>> |>= 1.1
 |[[provider_time]] <<provider_time,time>> |>= 0.9
-|[[provider_random]] <<provider_random,random>> |>= 3
 |[[provider_helm]] <<provider_helm,helm>> |>= 2
 |[[provider_argocd]] <<provider_argocd,argocd>> |>= 6
 |[[provider_utils]] <<provider_utils,utils>> |>= 1.6

bootstrap/locals.tf

@@ -85,11 +85,8 @@ locals {
           }
         }
       ]
-      server = {
-        extraArgs = [
-          "--insecure",
-        ]
-        config = {
+      configs = {
+        cm = {
           "admin.enabled"           = "true" # autogenerates password, see `argocd-initial-admin-secret`
           "accounts.pipeline"       = "apiKey"
           "resource.customizations" = <<-EOT
@@ -114,8 +111,9 @@ locals {
                 return hs
           EOT
         }
-      }
-      configs = {
+        params = {
+          "server.insecure" = "true"
+        }
         rbac = {
           scopes           = "[groups, cognito:groups, roles]"
           "policy.default" = ""

chart-version.yaml

@@ -1,17 +1,17 @@
 annotations:
   artifacthub.io/changes: |
     - kind: changed
-      description: Upgrade argo-cd to v2.10.0
+      description: Represent cluster credentials as a map
   artifacthub.io/signKey: |
     fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
     url: https://argoproj.github.io/argo-helm/pgp_keys.asc
 apiVersion: v2
-appVersion: v2.10.0
+appVersion: v2.11.2
 dependencies:
 - condition: redis-ha.enabled
   name: redis-ha
   repository: https://dandydeveloper.github.io/charts/
-  version: 4.23.0
+  version: 4.26.1
 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool
   for Kubernetes.
 home: https://github.com/argoproj/argo-helm
@@ -28,4 +28,4 @@ name: argo-cd
 sources:
 - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd
 - https://github.com/argoproj/argo-cd
-version: 5.55.0
+version: 7.0.0

charts/argocd/Chart.lock

@@ -1,6 +1,6 @@
 dependencies:
 - name: argo-cd
   repository: https://argoproj.github.io/argo-helm
-  version: 5.55.0
-digest: sha256:54aa42aa2491c56092cae2e50a8570df79d2ae3473b9645e33f0956326e9d270
-generated: "2024-02-23T07:02:05.88750407Z"
+  version: 7.0.0
+digest: sha256:375ea1dfd74fe52d1dd335854ac29a7b6d8c7b0858fbaf522d433fab5a72323c
+generated: "2024-05-31T07:01:59.963242028Z"

charts/argocd/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 dependencies:
 - name: argo-cd
   repository: https://argoproj.github.io/argo-helm
-  version: 5.55.0
+  version: 7.0.0
 description: |
   This chart installs and configures:
 

locals.tf

@@ -147,9 +147,46 @@ locals {
 
   helm_values = [{
     argo-cd = {
+      global = {
+        domain = local.argocd_hostname
+      }
       configs = merge(length(var.repositories) > 0 ? {
         repositories = var.repositories
         } : null, {
+        cm = merge({ for account in var.extra_accounts : format("accounts.%s", account) => "apiKey" }, {
+          "url"                           = "https://${local.argocd_hostname_withclustername}"
+          "accounts.pipeline"             = "apiKey"
+          "admin.enabled"                 = var.admin_enabled
+          "exec.enabled"                  = var.exec_enabled
+          "oidc.config"                   = <<-EOT
+            ${yamlencode(merge(var.oidc, { clientSecret = "$oidc.default.clientSecret" }))}
+          EOT
+          "oidc.tls.insecure.skip.verify" = var.cluster_issuer != "letsencrypt-prod"
+          "resource.customizations"       = <<-EOT
+            argoproj.io/Application: # https://argo-cd.readthedocs.io/en/stable/operator-manual/health/#argocd-app
+              health.lua: |
+                hs = {}
+                hs.status = "Progressing"
+                hs.message = ""
+                if obj.status ~= nil then
+                  if obj.status.health ~= nil then
+                    hs.status = obj.status.health.status
+                    if obj.status.health.message ~= nil then
+                      hs.message = obj.status.health.message
+                    end
+                  end
+                end
+                return hs
+            networking.k8s.io/Ingress: # https://argo-cd.readthedocs.io/en/stable/faq/#why-is-my-application-stuck-in-progressing-state
+              health.lua: |
+                hs = {}
+                hs.status = "Healthy"
+                return hs
+          EOT
+        })
+        params = {
+          "server.insecure" = true # We terminate the SSL connection at the Traefik Ingress Controller
+        }
         ssh = {
           knownHosts = var.ssh_known_hosts
         }
@@ -225,59 +262,28 @@ locals {
           requests = { for k, v in var.resources.server.requests : k => v if v != null }
           limits   = { for k, v in var.resources.server.limits : k => v if v != null }
         }
-        extraArgs = [
-          "--insecure",
-        ]
-        config = merge({ for account in var.extra_accounts : format("accounts.%s", account) => "apiKey" }, {
-          "url"                           = "https://${local.argocd_hostname_withclustername}"
-          "admin.enabled"                 = tostring(var.admin_enabled)
-          "exec.enabled"                  = tostring(var.exec_enabled)
-          "accounts.pipeline"             = "apiKey"
-          "oidc.config"                   = <<-EOT
-            ${yamlencode(merge(var.oidc, { clientSecret = "$oidc.default.clientSecret" }))}
-          EOT
-          "oidc.tls.insecure.skip.verify" = tostring(var.cluster_issuer != "letsencrypt-prod")
-          "resource.customizations"       = <<-EOT
-            argoproj.io/Application: # https://argo-cd.readthedocs.io/en/stable/operator-manual/health/#argocd-app
-              health.lua: |
-                hs = {}
-                hs.status = "Progressing"
-                hs.message = ""
-                if obj.status ~= nil then
-                  if obj.status.health ~= nil then
-                    hs.status = obj.status.health.status
-                    if obj.status.health.message ~= nil then
-                      hs.message = obj.status.health.message
-                    end
-                  end
-                end
-                return hs
-            networking.k8s.io/Ingress: # https://argo-cd.readthedocs.io/en/stable/faq/#why-is-my-application-stuck-in-progressing-state
-              health.lua: |
-                hs = {}
-                hs.status = "Healthy"
-                return hs
-          EOT
-        })
         ingress = {
           enabled = true
           annotations = {
             "cert-manager.io/cluster-issuer"                   = "${var.cluster_issuer}"
             "traefik.ingress.kubernetes.io/router.entrypoints" = "websecure"
             "traefik.ingress.kubernetes.io/router.tls"         = "true"
           }
-          hosts = [
-            local.argocd_hostname_withclustername,
-            local.argocd_hostname
+          hostname = local.argocd_hostname_withclustername
+          extraHosts = [
+            {
+              name = local.argocd_hostname
+              path = "/"
+            }
           ]
-          tls = [
+          extraTls = [
             {
-              secretName = "argocd-tls"
               hosts = [
-                local.argocd_hostname_withclustername,
-                local.argocd_hostname
+                local.argocd_hostname,
+                local.argocd_hostname_withclustername
               ]
-            },
+              secretName = "argocd-tls"
+            }
           ]
         }
         metrics = {