Skip to content

Commit

Permalink
feat(dex): add optional env field
Browse files Browse the repository at this point in the history
Signed-off-by: Robert Deusser <[email protected]>
  • Loading branch information
rdeusser committed Sep 27, 2023
1 parent aa6ab4e commit 7939729
Show file tree
Hide file tree
Showing 13 changed files with 1,376 additions and 115 deletions.
3 changes: 3 additions & 0 deletions api/v1alpha1/argocd_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -200,6 +200,9 @@ type ArgoCDDexSpec struct {
// Version is the Dex container image tag.
//+operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Version",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:fieldGroup:Dex","urn:alm:descriptor:com.tectonic.ui:text"}
Version string `json:"version,omitempty"`

// Env lets you specify environment variables for Dex.
Env []corev1.EnvVar `json:"env,omitempty"`
}

// ArgoCDGrafanaSpec defines the desired state for the Grafana component.
Expand Down
7 changes: 7 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions api/v1beta1/argocd_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -203,6 +203,9 @@ type ArgoCDDexSpec struct {
// Version is the Dex container image tag.
//+operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Version",xDescriptors={"urn:alm:descriptor:com.tectonic.ui:fieldGroup:Dex","urn:alm:descriptor:com.tectonic.ui:text"}
Version string `json:"version,omitempty"`

// Env lets you specify environment variables for Dex.
Env []corev1.EnvVar `json:"env,omitempty"`
}

// ArgoCDGrafanaSpec defines the desired state for the Grafana component.
Expand Down
7 changes: 7 additions & 0 deletions api/v1beta1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

340 changes: 340 additions & 0 deletions bundle/manifests/argoproj.io_argocds.yaml

Large diffs are not rendered by default.

340 changes: 340 additions & 0 deletions config/crd/bases/argoproj.io_argocds.yaml

Large diffs are not rendered by default.

11 changes: 6 additions & 5 deletions controllers/argocd/dex.go
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,6 @@ func (r *ReconcileArgoCD) reconcileDexConfiguration(cm *corev1.ConfigMap, cr *ar

// getOpenShiftDexConfig will return the configuration for the Dex server running on OpenShift.
func (r *ReconcileArgoCD) getOpenShiftDexConfig(cr *argoproj.ArgoCD) (string, error) {

groups := []string{}

// Allow override of groups from CR
Expand Down Expand Up @@ -167,7 +166,6 @@ func (r *ReconcileArgoCD) getOpenShiftDexConfig(cr *argoproj.ArgoCD) (string, er

// reconcileDexServiceAccount will ensure that the Dex ServiceAccount is configured properly for OpenShift OAuth.
func (r *ReconcileArgoCD) reconcileDexServiceAccount(cr *argoproj.ArgoCD) error {

// if openShiftOAuth set to false in `.spec.sso.dex`, no need to configure it
if cr.Spec.SSO == nil || cr.Spec.SSO.Dex == nil || !cr.Spec.SSO.Dex.OpenShiftOAuth {
return nil // OpenShift OAuth not enabled, move along...
Expand Down Expand Up @@ -207,14 +205,19 @@ func (r *ReconcileArgoCD) reconcileDexDeployment(cr *argoproj.ArgoCD) error {

AddSeccompProfileForOpenShift(r.Client, &deploy.Spec.Template.Spec)

dexEnv := proxyEnvVars()
if cr.Spec.SSO != nil && cr.Spec.SSO.Dex != nil {
dexEnv = append(dexEnv, cr.Spec.SSO.Dex.Env...)
}

deploy.Spec.Template.Spec.Containers = []corev1.Container{{
Command: []string{
"/shared/argocd-dex",
"rundex",
},
Image: getDexContainerImage(cr),
Name: "dex",
Env: proxyEnvVars(),
Env: dexEnv,
LivenessProbe: &corev1.Probe{
ProbeHandler: corev1.ProbeHandler{
HTTPGet: &corev1.HTTPGetAction{
Expand Down Expand Up @@ -397,7 +400,6 @@ func (r *ReconcileArgoCD) reconcileDexService(cr *argoproj.ArgoCD) error {
// reconcileDexResources consolidates all dex resources reconciliation calls. It serves as the single place to trigger both creation
// and deletion of dex resources based on the specified configuration of dex
func (r *ReconcileArgoCD) reconcileDexResources(cr *argoproj.ArgoCD) error {

if _, err := r.reconcileRole(common.ArgoCDDexServerComponent, policyRuleForDexServer(), cr); err != nil {
log.Error(err, "error reconciling dex role")
}
Expand Down Expand Up @@ -441,7 +443,6 @@ func (r *ReconcileArgoCD) reconcileDexResources(cr *argoproj.ArgoCD) error {
// Deployment and RoleBinding must be deleted before the role and sa. deleteDexResources will only be called during
// delete events, so we don't need to worry about duplicate, recurring reconciliation calls
func (r *ReconcileArgoCD) deleteDexResources(cr *argoproj.ArgoCD) error {

sa := &corev1.ServiceAccount{}
role := &rbacv1.Role{}

Expand Down
Loading

0 comments on commit 7939729

Please sign in to comment.