Merge pull request #51 from vince-riv/fix/server-config

fix: expose api client opts in env vars

charts/argo-diff/Chart.yaml

@@ -15,10 +15,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.1
+version: 0.6.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.9.1"
+appVersion: "0.10.0"

charts/argo-diff/README.md

@@ -25,9 +25,12 @@ $ helm install my-release oci://ghcr.io/vince-riv/chart/argo-diff
 | autoscaling.maxReplicas | int | `100` |  |
 | autoscaling.minReplicas | int | `1` |  |
 | autoscaling.targetCPUUtilizationPercentage | int | `80` |  |
-| config.argocdBaseURL | string | `""` | The base URL of the ArgoCD server. Through which the argo-diff app can communicate with argocd server. |
+| command[0] | string | `"/app/argo-diff"` |  |
+| config.argocdServerAddr | string | `""` | REQUIRED: hostname and/or port of the ArgoCD server (eg: argocd.domain.tld or argocd.domain.tld:8080) |
+| config.argocdServerInsecure | string | `"false"` | flag to enable/disable TLS verification when communicating to the ArgoCD server |
+| config.argocdServerPlainText | string | `"false"` | flag to enable/disable TLS negotiation (ie: set to true when the ArgoCD server does not have TLS/SSL) |
 | config.argocdUIBaseURL | string | `""` | The base URL of the ArgoCD UI. Used for link generation in comments |
-| config.secretName | string | `""` | The name of the secret that contains the argocd credentials. Should contain the following keys ARGOCD_AUTH_TOKEN, GITHUB_PERSONAL_ACCESS_TOKEN, GITHUB_WEBHOOK_SECRET |
+| config.secretName | string | `""` | REQUIRED: The name of the secret that contains the argocd credentials. Should contain the following keys ARGOCD_AUTH_TOKEN, GITHUB_PERSONAL_ACCESS_TOKEN, GITHUB_WEBHOOK_SECRET |
 | fullnameOverride | string | `""` |  |
 | image.pullPolicy | string | `"IfNotPresent"` |  |
 | image.repository | string | `"ghcr.io/vince-riv/argo-diff"` |  |
@@ -41,6 +44,7 @@ $ helm install my-release oci://ghcr.io/vince-riv/chart/argo-diff
 | ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
 | ingress.tls | list | `[]` |  |
 | livenessProbe | object | `{"httpGet":{"path":"/healthz","port":"http"},"initialDelaySeconds":2,"periodSeconds":10}` | Configuration for liveness check. (See https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) |
+| logLevel | string | `"info"` |  |
 | nameOverride | string | `""` |  |
 | nodeSelector | object | `{}` |  |
 | podAnnotations | object | `{}` |  |

charts/argo-diff/templates/deployment.yaml

@@ -45,10 +45,16 @@ spec:
               containerPort: {{ .Values.service.port }}
               protocol: TCP
           env:
-          - name: ARGOCD_BASE_URL
-            value: {{ .Values.config.argocdBaseURL }}
+          - name: ARGOCD_SERVER_ADDR
+            value: "{{ .Values.config.argocdServerAddr }}"
+          - name: ARGOCD_SERVER_INSECURE
+            value: "{{ .Values.config.argocdServerInsecure }}"
+          - name: ARGOCD_SERVER_PLAINTEXT
+            value: "{{ .Values.config.argocdServerPlainText }}"
           - name: ARGOCD_UI_BASE_URL
-            value: {{ .Values.config.argocdUIBaseURL }}
+            value: "{{ .Values.config.argocdUIBaseURL }}"
+          - name: LOG_LEVEL
+            value: "{{ .Values.logLevel }}"
           envFrom:
             - secretRef:
                 name: {{ .Values.config.secretName }}

charts/argo-diff/values.yaml

@@ -11,16 +11,22 @@ image:
   tag: ""
 
 config:
-  # config.argocdBaseURL -- The base URL of the ArgoCD server. Through which the argo-diff app can communicate with argocd server.
-  argocdBaseURL: ""
+  # config.argocdServerAddr -- REQUIRED: hostname and/or port of the ArgoCD server (eg: argocd.domain.tld or argocd.domain.tld:8080)
+  argocdServerAddr: ""
+  # config.argocdServerInsecure -- flag to enable/disable TLS verification when communicating to the ArgoCD server
+  argocdServerInsecure: "false"
+  # config.argocdServerPlainText -- flag to enable/disable TLS negotiation (ie: set to true when the ArgoCD server does not have TLS/SSL)
+  argocdServerPlainText: "false"
   # config.argocdUIBaseURL -- The base URL of the ArgoCD UI. Used for link generation in comments
   argocdUIBaseURL: ""
-  # config.secretName -- The name of the secret that contains the argocd credentials.
+  # config.secretName -- REQUIRED: The name of the secret that contains the argocd credentials.
   # Should contain the following keys ARGOCD_AUTH_TOKEN, GITHUB_PERSONAL_ACCESS_TOKEN, GITHUB_WEBHOOK_SECRET
   secretName: ""
 
 command: ["/app/argo-diff"]
 
+logLevel: info
+
 imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""

cmd/main.go

@@ -8,6 +8,7 @@ import (
 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"
 
+	"github.com/vince-riv/argo-diff/internal/argocd"
 	"github.com/vince-riv/argo-diff/internal/server"
 )
 
@@ -70,12 +71,16 @@ func main() {
 	if os.Getenv("ARGOCD_AUTH_TOKEN") == "" {
 		log.Fatal().Msg("ARGOCD_AUTH_TOKEN environment variable not set")
 	}
-	if os.Getenv("ARGOCD_BASE_URL") == "" {
-		log.Fatal().Msg("ARGOCD_BASE_URL environment variable not set")
+	if os.Getenv("ARGOCD_SERVER_ADDR") == "" {
+		log.Fatal().Msg("ARGOCD_SERVER_ADDR environment variable not set")
 	}
 	if os.Getenv("GITHUB_PERSONAL_ACCESS_TOKEN") == "" {
 		log.Fatal().Msg("GITHUB_PERSONAL_ACCESS_TOKEN environment variable not set")
 	}
 
+	if err := argocd.ConnectivityCheck(); err != nil {
+		log.Fatal().Err(err).Msg("Connectivity check failed")
+	}
+
 	server.StartWebhookProcessor("", 8080, githubWebhookSecret, devMode)
 }

internal/argocd/http_client.go

@@ -10,8 +10,9 @@ package argocd
 
 import (
 	"context"
-	"net/url"
 	"os"
+	"strings"
+	"time"
 
 	"github.com/argoproj/argo-cd/v2/pkg/apiclient"
 	applicationpkg "github.com/argoproj/argo-cd/v2/pkg/apiclient/application"
@@ -31,28 +32,37 @@ var (
 )
 
 func init() {
-	baseUrl := os.Getenv("ARGOCD_BASE_URL")
+	serverAddr := os.Getenv("ARGOCD_SERVER_ADDR")
+	insecure := strings.ToLower(os.Getenv("ARGOCD_SERVER_INSECURE")) == "true"
+	plaintext := strings.ToLower(os.Getenv("ARGOCD_SERVER_PLAINTEXT")) == "true"
 	httpBearerToken = os.Getenv("ARGOCD_AUTH_TOKEN")
-	if baseUrl != "" && httpBearerToken != "" {
-		setArgoClients(baseUrl, httpBearerToken)
+	if serverAddr != "" && httpBearerToken != "" {
+		setArgoClients(serverAddr, insecure, plaintext, httpBearerToken)
+	} else {
+		log.Warn().Msg("Initialized without ArgoCD server config")
 	}
 }
 
-func setArgoClients(baseUrl, token string) {
-	u, err := url.Parse(baseUrl)
-	if err != nil {
-		log.Fatal().Err(err).Msgf("Failed to parse ARGOCD_BASE_URL '%s'", baseUrl)
-	}
-	argoInsecure := u.Scheme != "https"
+func setArgoClients(serverAddr string, insecure, plaintext bool, token string) {
+	log.Info().Msgf("Creating new ArgoCD API Client; ServerAddr %s, Insecure %t, PlainText %t", serverAddr, insecure, plaintext)
 	argocdApiClient = apiclient.NewClientOrDie(&apiclient.ClientOptions{
-		ServerAddr: u.Host,
-		Insecure:   argoInsecure,
-		PlainText:  argoInsecure,
+		ServerAddr: serverAddr,
+		Insecure:   insecure,
+		PlainText:  plaintext,
 		AuthToken:  token,
 	})
 	_, applicationIf = argocdApiClient.NewApplicationClientOrDie()
 	_, settingsIf = argocdApiClient.NewSettingsClientOrDie()
 	_, projIf = argocdApiClient.NewProjectClientOrDie()
+	log.Debug().Msg("ArgoCD API clients created")
+}
+
+func ConnectivityCheck() error {
+	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+	defer cancel()
+	log.Info().Msg("Calling ArgoCD to list applications for a connectivity test")
+	_, err := listApplications(ctx)
+	return err
 }
 
 func listApplications(ctx context.Context) (*v1alpha1.ApplicationList, error) {