fix(argocd): possibility to add credentials through boom.yaml (#99)

* fix(argocd): added possbility to add repository.credentials

Signed-off-by: Stefan Benz <[email protected]>

* docs(argocd): added possibility to define credentials

Signed-off-by: Stefan Benz <[email protected]>

api/v1beta1/argocd.go

@@ -7,6 +7,7 @@ type Argocd struct {
 	Auth         *ArgocdAuth         `json:"auth,omitempty" yaml:"auth,omitempty"`
 	Rbac         *Rbac               `json:"rbacConfig,omitempty" yaml:"rbacConfig,omitempty"`
 	Repositories []*ArgocdRepository `json:"repositories,omitempty" yaml:"repositories,omitempty"`
+	Credentials  []*ArgocdRepository `json:"credentials,omitempty" yaml:"credentials,omitempty"`
 	KnownHosts   []string            `json:"knownHosts,omitempty" yaml:"knownHosts,omitempty"`
 }
 

docs/argocd-credentials.md

@@ -0,0 +1,14 @@
+# Credentials
+
+| Parameter                          | Description                                                                     | Default                           |
+| ---------------------------------- | ------------------------------------------------------------------------------- | --------------------------------- |
+| `url`                              | Used URL for the repository, (starting "git@" or "https://" )                   |                                   |
+| `usernameSecret`                   | Attributes for username in a secret                                             |                                   |
+| `usernameSecret.name`              | Name of the secret                                                              |                                   |
+| `usernameSecret.key`               | Key in the secret which contains the username                                   |                                   |
+| `passwordSecret`                   | Attributes for username in a secret                                             |                                   |
+| `passwordSecret.name`              | Name of the secret                                                              |                                   |
+| `passwordSecret.key`               | Key in the secret which contains the password                                   |                                   |
+| `certificateSecret`                | Attributes for username in a secret                                             |                                   |
+| `certificateSecret.name`           | Name of the secret                                                              |                                   |
+| `certificateSecret.key`            | Key in the secret which contains the certificate                                |                                   |

docs/argocd-repositories.md

@@ -4,8 +4,7 @@ For a repository there are two types, with ssh-connection where an url and a cer
 
 | Parameter                          | Description                                                                     | Default                           |
 | ---------------------------------- | ------------------------------------------------------------------------------- | --------------------------------- |
-| `name`                             | Name of the repository in the Argocd-UI                                         |                                   |
-| `url`                              | Used URL for the repository, (starting "git@" or "https://" )                   |                                   |
+| `url`                              | Prefix where the credential should be used (starting "git@" or "https://" )                   |                                   |
 | `usernameSecret`                   | Attributes for username in a secret                                             |                                   |
 | `usernameSecret.name`              | Name of the secret                                                              |                                   |
 | `usernameSecret.key`               | Key in the secret which contains the username                                   |                                   |

docs/crd.md

@@ -122,6 +122,7 @@
 | `network`                          | Network configuration, [here](network.md)                                       | nil                               |
 | `auth`                             | Authorization and Authentication configuration for SSO, [here](sso-examples.md) | nil                               |
 | `repositories`                     | Repositories used by argocd, [here](argocd-repositories.md)                     | nil                               |
+| `credentials`                      | Credentials used by argocd, [here](argocd-credentials.md)                       | nil                               |
 | `knownHosts`                       | List of known_hosts as strings for argocd                                       | nil                               |
 
 ### Prometheus

internal/bundle/application/applications/argocd/config/config.go

@@ -3,6 +3,7 @@ package config
 import (
 	toolsetsv1beta1 "github.com/caos/boom/api/v1beta1"
 	"github.com/caos/boom/internal/bundle/application/applications/argocd/config/auth"
+	"github.com/caos/boom/internal/bundle/application/applications/argocd/config/credential"
 	"github.com/caos/boom/internal/bundle/application/applications/argocd/config/plugin"
 	"github.com/caos/boom/internal/bundle/application/applications/argocd/config/repository"
 	"github.com/caos/orbiter/mntr"
@@ -11,6 +12,7 @@ import (
 
 type Config struct {
 	Repositories            string `yaml:"repositories,omitempty"`
+	Credentials             string `yaml:"repository.credentials,omitempty"`
 	Connectors              string `yaml:"connectors,omitempty"`
 	OIDC                    string `yaml:"oidc,omitempty"`
 	ConfigManagementPlugins string `yaml:"configManagementPlugins,omitempty"`
@@ -24,12 +26,19 @@ func GetFromSpec(monitor mntr.Monitor, spec *toolsetsv1beta1.Argocd) *Config {
 	if err == nil {
 		conf.Connectors = string(data)
 	}
+
 	repos := repository.GetFromSpec(monitor, spec)
 	data2, err := yaml.Marshal(repos)
 	if err == nil {
 		conf.Repositories = string(data2)
 	}
 
+	creds := credential.GetFromSpec(monitor, spec)
+	data3, err := yaml.Marshal(creds)
+	if err == nil {
+		conf.Credentials = string(data3)
+	}
+
 	oidc, err := auth.GetOIDC(spec)
 	if err == nil {
 		conf.OIDC = oidc

internal/bundle/application/applications/argocd/config/credential/credential.go

@@ -0,0 +1,58 @@
+package credential
+
+import (
+	toolsetsv1beta1 "github.com/caos/boom/api/v1beta1"
+	"github.com/caos/orbiter/mntr"
+)
+
+type Credential struct {
+	URL                 string
+	UsernameSecret      *secret `yaml:"usernameSecret,omitempty"`
+	PasswordSecret      *secret `yaml:"passwordSecret,omitempty"`
+	SSHPrivateKeySecret *secret `yaml:"sshPrivateKeySecret,omitempty"`
+}
+
+type secret struct {
+	Name string
+	Key  string
+}
+
+func GetFromSpec(monitor mntr.Monitor, spec *toolsetsv1beta1.Argocd) []*Credential {
+	creds := make([]*Credential, 0)
+
+	if spec.Credentials == nil || len(spec.Credentials) == 0 {
+		return creds
+	}
+
+	for _, v := range spec.Credentials {
+		var us, ps, ssh *secret
+		if v.UsernameSecret != nil {
+			us = &secret{
+				Name: v.UsernameSecret.Name,
+				Key:  v.UsernameSecret.Key,
+			}
+		}
+		if v.PasswordSecret != nil {
+			ps = &secret{
+				Name: v.PasswordSecret.Name,
+				Key:  v.PasswordSecret.Key,
+			}
+		}
+		if v.CertificateSecret != nil {
+			ssh = &secret{
+				Name: v.CertificateSecret.Name,
+				Key:  v.CertificateSecret.Key,
+			}
+		}
+
+		cred := &Credential{
+			URL:                 v.URL,
+			UsernameSecret:      us,
+			PasswordSecret:      ps,
+			SSHPrivateKeySecret: ssh,
+		}
+		creds = append(creds, cred)
+	}
+
+	return creds
+}