From ec49668fedb809b74e3596cda1face40035689f4 Mon Sep 17 00:00:00 2001 From: Ludovic Cleroux Date: Thu, 14 Nov 2024 15:35:49 +0100 Subject: [PATCH] Add additional argoCD parameters for Central CRs --- .../pkg/central/reconciler/reconciler.go | 48 ++++++++++++++++++- 1 file changed, 46 insertions(+), 2 deletions(-) diff --git a/fleetshard/pkg/central/reconciler/reconciler.go b/fleetshard/pkg/central/reconciler/reconciler.go index c5e862462..d12603921 100644 --- a/fleetshard/pkg/central/reconciler/reconciler.go +++ b/fleetshard/pkg/central/reconciler/reconciler.go @@ -1833,7 +1833,7 @@ func (r *CentralReconciler) isTenantResourcesChartObject(existingObject *unstruc func (r *CentralReconciler) ensureArgoCdApplicationExists(ctx context.Context, remoteCentral private.ManagedCentral) error { const lastAppliedHashLabel = "last-applied-hash" - want, err := r.makeDesiredArgoCDApplication(remoteCentral) + want, err := r.makeDesiredArgoCDApplication(ctx, remoteCentral) if err != nil { return fmt.Errorf("getting ArgoCD application: %w", err) } @@ -1869,9 +1869,41 @@ func (r *CentralReconciler) ensureArgoCdApplicationExists(ctx context.Context, r return nil } -func (r *CentralReconciler) makeDesiredArgoCDApplication(remoteCentral private.ManagedCentral) (*argocd.Application, error) { +func (r *CentralReconciler) makeDesiredArgoCDApplication(ctx context.Context, remoteCentral private.ManagedCentral) (*argocd.Application, error) { + + expiredAt := "" + if remoteCentral.Metadata.ExpiredAt != nil { + expiredAt = remoteCentral.Metadata.ExpiredAt.Format(time.RFC3339) + } + + additionalCAs := []map[string]interface{}{} + if r.managedDBEnabled { + dbCA, err := postgres.GetDatabaseCACertificates() + if err != nil { + glog.Warningf("Could not read DB server CA bundle: %v", err) + } else { + additionalCAs = append(additionalCAs, map[string]interface{}{ + "name": postgres.CentralDatabaseCACertificateBaseName, + "content": string(dbCA), + }) + } + } values := map[string]interface{}{ + "environment": r.environment, + "clusterName": r.clusterName, + "organizationId": remoteCentral.Spec.Auth.OwnerOrgId, + "organizationName": remoteCentral.Spec.Auth.OwnerOrgName, + "instanceId": remoteCentral.Id, + "instanceName": remoteCentral.Metadata.Name, + "instanceType": remoteCentral.Spec.InstanceType, + "instanceExpiredAt": expiredAt, + "isInternal": remoteCentral.Metadata.Internal, + "additionalCAs": additionalCAs, + "telemetryStorageKey": r.telemetry.StorageKey, + "telemetryStorageEndpoint": r.telemetry.StorageEndpoint, + "centralAdminPasswordEnabled": !r.wantsAuthProvider, + "centralDbSecretName": centralDbSecretName, "tenant": map[string]interface{}{ "organizationId": remoteCentral.Spec.Auth.OwnerOrgId, "organizationName": remoteCentral.Spec.Auth.OwnerOrgName, @@ -1887,6 +1919,18 @@ func (r *CentralReconciler) makeDesiredArgoCDApplication(remoteCentral private.M }, } + if r.managedDBEnabled { + centralDBConnectionString, err := r.getCentralDBConnectionString(ctx, &remoteCentral) + if err != nil { + return nil, fmt.Errorf("getting Central DB connection string: %w", err) + } + values["centralDbConnectionString"] = centralDBConnectionString + } + + if remoteCentral.Metadata.Internal || r.telemetry.StorageKey == "" { + values["telemetryStorageKey"] = "DISABLED" + } + valuesBytes, err := json.Marshal(values) if err != nil { return nil, fmt.Errorf("marshalling values: %w", err)