-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Chanwit Kaewkasi <chanwit@gmail.com>
- Loading branch information
Showing
19 changed files
with
9,872 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
name: build_v27 | ||
on: | ||
workflow_dispatch: | ||
pull_request: | ||
push: | ||
branches: | ||
- main | ||
paths: | ||
- patches-argo-cd-v2.7/** | ||
- patches-gitops-engine-v2.0.0/** | ||
- VERSION_27 | ||
- .github/workflows/build_v27.yaml | ||
|
||
permissions: | ||
contents: write | ||
id-token: write | ||
packages: write | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v2 | ||
- name: install stgit | ||
shell: bash | ||
run: | | ||
sudo apt-get install -y stgit | ||
git config --global user.name "Chanwit Kaewkasi" | ||
git config --global user.email "chanwit@gmail.com" | ||
- name: Get branch names | ||
id: branch-name | ||
uses: tj-actions/branch-names@v5.1 | ||
- name: Prepare | ||
id: prep | ||
run: | | ||
VERSION="${{ steps.branch-name.outputs.current_branch }}-${GITHUB_SHA::8}" | ||
echo ::set-output name=VERSION::${VERSION} | ||
- name: Login to GitHub Container Registry | ||
uses: docker/login-action@v1 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
- name: Build v2.7 | ||
run: | | ||
ln -s VERSION_27 VERSION | ||
ln -s patches-argo-cd-v2.7 patches-argo-cd | ||
ln -s patches-gitops-engine-v2.0.0 patches-gitops-engine | ||
rm -rf argo-cd || true | ||
bash -x ./init.sh | ||
source ./VERSION | ||
VERSION=${BASE_VERSION}-${SUFFIX_VERSION}-${{ steps.prep.outputs.VERSION }} | ||
( cd argo-cd && IMAGE_NAMESPACE=ghcr.io/flux-subsystem-argo/fsa IMAGE_TAG=$VERSION DOCKER_PUSH=true make image ) | ||
unlink patches-argo-cd | ||
unlink VERSION |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
BASE_VERSION=v2.7.2 | ||
SUFFIX_VERSION=fl.6 | ||
GITOPS_ENGINE_VERSION=ed70eac8b7bd6b2f276502398fdbccccab5d189a |
63 changes: 63 additions & 0 deletions
63
patches-argo-cd-v2.7/01-build-with-local-gitops-engine.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
build with local gitops engine | ||
|
||
From: Chanwit Kaewkasi <chanwit@gmail.com> | ||
|
||
Signed-off-by: Chanwit Kaewkasi <chanwit@gmail.com> | ||
--- | ||
.gitignore | 2 ++ | ||
Dockerfile | 9 +++++++++ | ||
go.mod | 2 ++ | ||
3 files changed, 13 insertions(+) | ||
|
||
diff --git a/.gitignore b/.gitignore | ||
index 869bb876f..e05fdda3e 100644 | ||
--- a/.gitignore | ||
+++ b/.gitignore | ||
@@ -24,3 +24,5 @@ cmd/argocd/argocd | ||
cmd/argocd-application-controller/argocd-application-controller | ||
cmd/argocd-repo-server/argocd-repo-server | ||
cmd/argocd-server/argocd-server | ||
+ | ||
+gitops-engine/ | ||
diff --git a/Dockerfile b/Dockerfile | ||
index 3a434bc3b..6d69cfc51 100644 | ||
--- a/Dockerfile | ||
+++ b/Dockerfile | ||
@@ -103,7 +103,9 @@ FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.18 AS argocd-build | ||
|
||
WORKDIR /go/src/github.com/argoproj/argo-cd | ||
|
||
+COPY ./gitops-engine ./gitops-engine | ||
COPY go.* ./ | ||
+ | ||
RUN go mod download | ||
|
||
# Perform the build | ||
@@ -117,9 +119,16 @@ RUN GOOS=$TARGETOS GOARCH=$TARGETARCH make argocd-all | ||
# Final image | ||
#################################################################################################### | ||
FROM argocd-base | ||
+ | ||
+LABEL org.opencontainers.image.source https://github.com/flux-subsystem-argo/fsa | ||
+ | ||
COPY --from=argocd-build /go/src/github.com/argoproj/argo-cd/dist/argocd* /usr/local/bin/ | ||
|
||
USER root | ||
+ | ||
+RUN chmod +x /usr/local/bin/gpg-wrapper.sh && \ | ||
+ chmod +x /usr/local/bin/git-verify-wrapper.sh | ||
+ | ||
RUN ln -s /usr/local/bin/argocd /usr/local/bin/argocd-server && \ | ||
ln -s /usr/local/bin/argocd /usr/local/bin/argocd-repo-server && \ | ||
ln -s /usr/local/bin/argocd /usr/local/bin/argocd-cmp-server && \ | ||
diff --git a/go.mod b/go.mod | ||
index 9a3876f4f..9a26192c5 100644 | ||
--- a/go.mod | ||
+++ b/go.mod | ||
@@ -296,4 +296,6 @@ replace ( | ||
k8s.io/mount-utils => k8s.io/mount-utils v0.24.2 | ||
k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.24.2 | ||
k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.24.2 | ||
+ | ||
+ github.com/argoproj/gitops-engine v0.7.1-0.20221208230615-917f5a0f16d5 => ./gitops-engine | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,183 @@ | ||
implement loopback reconciliation | ||
|
||
From: Chanwit Kaewkasi <chanwit@gmail.com> | ||
|
||
Signed-off-by: Chanwit Kaewkasi <chanwit@gmail.com> | ||
--- | ||
controller/state.go | 16 ++++- | ||
controller/state_fsa.go | 139 +++++++++++++++++++++++++++++++++++++++++++++++ | ||
2 files changed, 150 insertions(+), 5 deletions(-) | ||
create mode 100644 controller/state_fsa.go | ||
|
||
diff --git a/controller/state.go b/controller/state.go | ||
index 4f2a8d2f6..20cfe89a7 100644 | ||
--- a/controller/state.go | ||
+++ b/controller/state.go | ||
@@ -411,11 +411,17 @@ func (m *appStateManager) CompareAppState(app *v1alpha1.Application, project *ap | ||
} | ||
} | ||
|
||
- targetObjs, manifestInfoMap, err = m.getRepoObjs(app, sources, appLabelKey, revisions, noCache, noRevisionCache, verifySignature, project) | ||
- if err != nil { | ||
- targetObjs = make([]*unstructured.Unstructured, 0) | ||
- conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) | ||
- failedToLoadObjs = true | ||
+ if isFluxSubsystemEnabled(app) && app.Spec.Source.IsHelm() { | ||
+ targetObjs, conditions, failedToLoadObjs = m.getFluxHelmTargetObjects(app, conditions, now) | ||
+ } else if isFluxSubsystemEnabled(app) && !app.Spec.Source.IsHelm() { | ||
+ targetObjs, conditions, failedToLoadObjs = m.getFluxKustomizeTargetObjects(app, conditions, now) | ||
+ } else { | ||
+ targetObjs, manifestInfoMap, err = m.getRepoObjs(app, sources, appLabelKey, revisions, noCache, noRevisionCache, verifySignature, project) | ||
+ if err != nil { | ||
+ targetObjs = make([]*unstructured.Unstructured, 0) | ||
+ conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) | ||
+ failedToLoadObjs = true | ||
+ } | ||
} | ||
} else { | ||
// Prevent applying local manifests for now when signature verification is enabled | ||
diff --git a/controller/state_fsa.go b/controller/state_fsa.go | ||
new file mode 100644 | ||
index 000000000..f795c6a75 | ||
--- /dev/null | ||
+++ b/controller/state_fsa.go | ||
@@ -0,0 +1,139 @@ | ||
+package controller | ||
+ | ||
+import ( | ||
+ "context" | ||
+ "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" | ||
+ "k8s.io/apimachinery/pkg/apis/meta/v1" | ||
+ "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" | ||
+ "k8s.io/apimachinery/pkg/runtime/schema" | ||
+) | ||
+ | ||
+func isFluxSubsystemEnabled(app *v1alpha1.Application) bool { | ||
+ if app == nil { | ||
+ return false | ||
+ } | ||
+ if app.Spec.SyncPolicy == nil { | ||
+ return false | ||
+ } | ||
+ if app.Spec.SyncPolicy.SyncOptions == nil { | ||
+ return false | ||
+ } | ||
+ if app.Spec.SyncPolicy.SyncOptions.HasOption("FluxSubsystem=true") == false { | ||
+ return false | ||
+ } | ||
+ return true | ||
+} | ||
+ | ||
+func (m *appStateManager) getFluxHelmTargetObjects(app *v1alpha1.Application, conditions []v1alpha1.ApplicationCondition, now v1.Time) ([]*unstructured.Unstructured, []v1alpha1.ApplicationCondition, bool) { | ||
+ var ( | ||
+ targetObjs []*unstructured.Unstructured | ||
+ failedToLoadObjs bool | ||
+ ) | ||
+ | ||
+ cluster, err := m.db.GetCluster(context.TODO(), app.Spec.Destination.Server) | ||
+ if err != nil { | ||
+ targetObjs = make([]*unstructured.Unstructured, 0) | ||
+ conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) | ||
+ failedToLoadObjs = true | ||
+ } | ||
+ config := cluster.RESTConfig() | ||
+ | ||
+ var hl *unstructured.Unstructured | ||
+ hl, err = m.kubectl.GetResource(context.TODO(), config, schema.GroupVersionKind{ | ||
+ Group: "helm.toolkit.fluxcd.io", | ||
+ Version: "v2beta1", | ||
+ Kind: "HelmRelease", | ||
+ }, app.Name, app.Spec.Destination.Namespace) | ||
+ if err != nil { | ||
+ targetObjs = make([]*unstructured.Unstructured, 0) | ||
+ conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) | ||
+ failedToLoadObjs = true | ||
+ } | ||
+ | ||
+ if hl == nil { | ||
+ targetObjs = make([]*unstructured.Unstructured, 0) | ||
+ conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) | ||
+ failedToLoadObjs = true | ||
+ } else { | ||
+ var source *unstructured.Unstructured | ||
+ if sourceKind, found, err := unstructured.NestedString(hl.Object, "spec", "chart", "spec", "sourceRef", "kind"); found && err == nil { | ||
+ if sourceName, found, err := unstructured.NestedString(hl.Object, "spec", "chart", "spec", "sourceRef", "name"); found && err == nil { | ||
+ if sourceNS, found, err := unstructured.NestedString(hl.Object, "spec", "chart", "spec", "sourceRef", "namespace"); err == nil { | ||
+ if !found { | ||
+ sourceNS = hl.GetNamespace() | ||
+ } | ||
+ source, err = m.kubectl.GetResource(context.Background(), config, schema.GroupVersionKind{ | ||
+ Group: "source.toolkit.fluxcd.io", | ||
+ Version: "v1beta1", | ||
+ Kind: sourceKind, | ||
+ }, sourceName, sourceNS) | ||
+ } | ||
+ } | ||
+ } | ||
+ if source != nil { | ||
+ targetObjs = []*unstructured.Unstructured{hl, source} | ||
+ } else { | ||
+ targetObjs = make([]*unstructured.Unstructured, 0) | ||
+ conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) | ||
+ failedToLoadObjs = true | ||
+ } | ||
+ } | ||
+ return targetObjs, conditions, failedToLoadObjs | ||
+} | ||
+ | ||
+func (m *appStateManager) getFluxKustomizeTargetObjects(app *v1alpha1.Application, conditions []v1alpha1.ApplicationCondition, now v1.Time) ([]*unstructured.Unstructured, []v1alpha1.ApplicationCondition, bool) { | ||
+ var ( | ||
+ targetObjs []*unstructured.Unstructured | ||
+ failedToLoadObjs bool | ||
+ ) | ||
+ | ||
+ cluster, err := m.db.GetCluster(context.TODO(), app.Spec.Destination.Server) | ||
+ if err != nil { | ||
+ targetObjs = make([]*unstructured.Unstructured, 0) | ||
+ conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) | ||
+ failedToLoadObjs = true | ||
+ } | ||
+ config := cluster.RESTConfig() | ||
+ | ||
+ var ks *unstructured.Unstructured | ||
+ ks, err = m.kubectl.GetResource(context.TODO(), config, schema.GroupVersionKind{ | ||
+ Group: "kustomize.toolkit.fluxcd.io", | ||
+ Version: "v1beta2", | ||
+ Kind: "Kustomization", | ||
+ }, app.Name, app.Spec.Destination.Namespace) | ||
+ if err != nil { | ||
+ targetObjs = make([]*unstructured.Unstructured, 0) | ||
+ conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) | ||
+ failedToLoadObjs = true | ||
+ } | ||
+ | ||
+ if ks == nil { | ||
+ targetObjs = make([]*unstructured.Unstructured, 0) | ||
+ conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) | ||
+ failedToLoadObjs = true | ||
+ } else { | ||
+ var source *unstructured.Unstructured | ||
+ if sourceKind, found, err := unstructured.NestedString(ks.Object, "spec", "sourceRef", "kind"); found && err == nil { | ||
+ if sourceName, found, err := unstructured.NestedString(ks.Object, "spec", "sourceRef", "name"); found && err == nil { | ||
+ if sourceNS, found, err := unstructured.NestedString(ks.Object, "spec", "sourceRef", "namespace"); err == nil { | ||
+ if !found { | ||
+ sourceNS = ks.GetNamespace() | ||
+ } | ||
+ source, err = m.kubectl.GetResource(context.Background(), config, schema.GroupVersionKind{ | ||
+ Group: "source.toolkit.fluxcd.io", | ||
+ Version: "v1beta1", | ||
+ Kind: sourceKind, | ||
+ }, sourceName, sourceNS) | ||
+ } | ||
+ } | ||
+ } | ||
+ if source != nil { | ||
+ targetObjs = []*unstructured.Unstructured{ks, source} | ||
+ } else { | ||
+ targetObjs = make([]*unstructured.Unstructured, 0) | ||
+ conditions = append(conditions, v1alpha1.ApplicationCondition{Type: v1alpha1.ApplicationConditionComparisonError, Message: err.Error(), LastTransitionTime: &now}) | ||
+ failedToLoadObjs = true | ||
+ } | ||
+ } | ||
+ return targetObjs, conditions, failedToLoadObjs | ||
+} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
allow flux and oci schemes | ||
|
||
From: Chanwit Kaewkasi <chanwit@gmail.com> | ||
|
||
Signed-off-by: Chanwit Kaewkasi <chanwit@gmail.com> | ||
--- | ||
reposerver/repository/repository.go | 5 +++++ | ||
server/application/application.go | 4 ++++ | ||
util/argo/argo.go | 5 +++++ | ||
3 files changed, 14 insertions(+) | ||
|
||
diff --git a/reposerver/repository/repository.go b/reposerver/repository/repository.go | ||
index ad5a7ab2c..81b842060 100644 | ||
--- a/reposerver/repository/repository.go | ||
+++ b/reposerver/repository/repository.go | ||
@@ -2435,6 +2435,11 @@ func (s *Service) TestRepository(ctx context.Context, q *apiclient.TestRepositor | ||
} | ||
check := checks[repo.Type] | ||
apiResp := &apiclient.TestRepositoryResponse{VerifiedRepository: false} | ||
+ | ||
+ // Flux or OCI scheme are special cases | ||
+ if strings.HasPrefix(repo.Repo, "flux://") || strings.HasPrefix(repo.Repo, "oci://") { | ||
+ return apiResp, nil | ||
+ } | ||
err := check() | ||
if err != nil { | ||
return apiResp, fmt.Errorf("error testing repository connectivity: %w", err) | ||
diff --git a/server/application/application.go b/server/application/application.go | ||
index 1ae8412fc..8c8113e81 100644 | ||
--- a/server/application/application.go | ||
+++ b/server/application/application.go | ||
@@ -1857,6 +1857,10 @@ func (s *Server) resolveRevision(ctx context.Context, app *appv1.Application, sy | ||
// If it's already a commit SHA, then no need to look it up | ||
return ambiguousRevision, ambiguousRevision, nil | ||
} | ||
+ if strings.HasPrefix(app.Spec.Source.RepoURL, "flux://") || strings.HasPrefix(app.Spec.Source.RepoURL, "oci://") { | ||
+ // Flux or OCI scheme are special cases | ||
+ return ambiguousRevision, ambiguousRevision, nil | ||
+ } | ||
} | ||
|
||
resolveRevisionResponse, err := repoClient.ResolveRevision(ctx, &apiclient.ResolveRevisionRequest{ | ||
diff --git a/util/argo/argo.go b/util/argo/argo.go | ||
index e8384bcf7..388ce92c4 100644 | ||
--- a/util/argo/argo.go | ||
+++ b/util/argo/argo.go | ||
@@ -190,6 +190,11 @@ func ValidateRepo( | ||
|
||
conditions := make([]argoappv1.ApplicationCondition, 0) | ||
|
||
+ // Flux or OCI scheme are special cases | ||
+ if strings.HasPrefix(spec.Source.RepoURL, "flux://") || strings.HasPrefix(spec.Source.RepoURL, "oci://") { | ||
+ return conditions, nil | ||
+ } | ||
+ | ||
// Test the repo | ||
conn, repoClient, err := repoClientset.NewRepoServerClient() | ||
if err != nil { |
Oops, something went wrong.