fix: [CDS-87155]: Fix Configs for GitOps Agent (#5)

.gitignore

@@ -1,3 +1,2 @@
 
 .idea/workspace.xml
-output.yaml

Chart.yaml

@@ -1,8 +1,9 @@
 apiVersion: v2
-name: harness-gitops
+name: gitops-helm
 description: A Helm chart for Harness GitOps Agent - for more information, please visit https://developer.harness.io/docs/category/gitops.
 version: 1.0.0
 dependencies:
   - name: argo-cd
     version: 5.51.6
     repository: https://argoproj.github.io/argo-helm
+    condition: argo-cd.enabled

templates/_common.tpl

@@ -27,7 +27,7 @@ Common labels
 helm.sh/chart: {{ include "harness.chart" .context }}
 {{ include "harness.selectorLabels" (dict "context" .context "component" .component "name" .name) }}
 app.kubernetes.io/managed-by: {{ .context.Release.Service }}
-app.kubernetes.io/part-of: argocd
+app.kubernetes.io/part-of: harness-gitops
 app.kubernetes.io/version: {{ include "harness.versionLabelValue" .context }}
 {{- with .context.Values.global.additionalLabels }}
 {{ toYaml . }}
@@ -41,7 +41,7 @@ Selector labels
 {{- if .name -}}
 app.kubernetes.io/name: {{ include "harness.name" .context }}-{{ .name }}
 {{ end -}}
-app.kubernetes.io/instance: {{ .context.Release.Name }}
+app.kubernetes.io/instance: gitops
 {{- if .component }}
 app.kubernetes.io/component: {{ .component }}
 {{- end }}

templates/argocd-application-controller/networkpolicy.yaml

@@ -3,18 +3,18 @@ apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
   labels:
-    {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
+    {{- include "harness.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
   name: {{ template "argo-cd.controller.fullname" . }}
   namespace: {{ .Release.Namespace | quote }}
 spec:
   ingress:
-    - from:
-        - namespaceSelector: {}
-      ports:
-        - port: metrics
+  - from:
+    - namespaceSelector: {}
+    ports:
+    - port: metrics
   podSelector:
     matchLabels:
-      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }}
+      {{- include "harness.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }}
   policyTypes:
-    - Ingress
+  - Ingress
 {{- end }}

templates/argocd-applicationset/networkpolicy.yaml

@@ -6,22 +6,22 @@ metadata:
   name: {{ template "argo-cd.applicationSet.fullname" . }}
   namespace: {{ .Release.Namespace | quote }}
   labels:
-    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+    {{- include "harness.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
 spec:
   ingress:
   {{- if $argo.applicationSet.webhook.ingress.enabled }}
-    - ports:
-        - port: webhook
+  - ports:
+    - port: webhook
   {{- end }}
   {{- if $argo.applicationSet.metrics.enabled }}
-    - from:
-        - namespaceSelector: {}
-      ports:
-        - port: metrics
+  - from:
+    - namespaceSelector: {}
+    ports:
+    - port: metrics
   {{- end }}
   podSelector:
     matchLabels:
-      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }}
+      {{- include "harness.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }}
   policyTypes:
-    - Ingress
+  - Ingress
 {{- end }}

templates/argocd-repo-server/networkpolicy.yaml

@@ -4,40 +4,35 @@ apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
   labels:
-    {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
+    {{- include "harness.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
   name: {{ template "argo-cd.repoServer.fullname" . }}
   namespace: {{ .Release.Namespace | quote }}
 spec:
   ingress:
-    - from:
-        - podSelector:
-            matchLabels:
-          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.agent.name) | nindent 10 }}
-        - podSelector:
-            matchLabels:
-          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }}
-    {{- if $argo.notifications.enabled }}
-        - podSelector:
-            matchLabels:
-          {{- include "argo-cd.selectorLabels" (dict "context" . "name" $argo.notifications.name) | nindent 10 }}
-    {{- end }}
+  - from:
+    - podSelector:
+        matchLabels:
+          {{- include "harness.selectorLabels" (dict "context" . "name" .Values.agent.name) | nindent 10 }}
+    - podSelector:
+        matchLabels:
+          {{- include "harness.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }}
     {{- if $argo.applicationSet.enabled }}
-        - podSelector:
-            matchLabels:
-          {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 10 }}
+    - podSelector:
+        matchLabels:
+          {{- include "harness.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 10 }}
     {{- end }}
-      ports:
-        - port: repo-server
-          protocol: TCP
+    ports:
+    - port: repo-server
+      protocol: TCP
   {{- if $argo.repoServer.metrics.enabled }}
-    - from:
-        - namespaceSelector: {}
-      ports:
-        - port: metrics
+  - from:
+    - namespaceSelector: {}
+    ports:
+    - port: metrics
   {{- end }}
   podSelector:
     matchLabels:
-      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 6 }}
+      {{- include "harness.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 6 }}
   policyTypes:
-    - Ingress
+  - Ingress
 {{- end }}

templates/gitops-agent/clusterrole.yaml

@@ -3,9 +3,9 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: .Values.agent.name
+  name: {{ .Values.agent.name }}
   labels:
-    {{- include "harness.labels" (dict "context" . "component" $argo.server.name "name" .Values.agent.name) | nindent 4 }}
+    {{- include "harness.labels" (dict "context" . "component" .Values.agent.name "name" .Values.agent.name) | nindent 4 }}
 rules:
   - apiGroups:
       - '*'
@@ -46,6 +46,7 @@ rules:
     resources:
       - applications
       - applicationsets
+      - appprojects
     verbs:
       - get
       - list

templates/gitops-agent/clusterrolebinding.yaml

@@ -3,13 +3,13 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: .Values.agent.name
+  name: {{ .Values.agent.name }}
   labels:
-    {{- include "harness.labels" (dict "context" . "component" $argo.server.name "name" .Values.agent.name) | nindent 4 }}
+    {{- include "harness.labels" (dict "context" . "component" .Values.agent.name "name" .Values.agent.name) | nindent 4 }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: .Values.agent.name
+  name: {{ .Values.agent.name }}
 subjects:
 - kind: ServiceAccount
   name: {{ include "harness.agentServiceAccountName" . }}

templates/gitops-agent/configmap.yaml

@@ -0,0 +1,37 @@
+apiVersion: v1
+data:
+  GITOPS_ACCOUNT_IDENTIFIER: {{ .Values.harness.identity.accountId }}
+  GITOPS_AGENT_IDENTIFIER: {{ .Values.harness.identity.agentId }}
+  {{- if ne .Values.harness.identity.orgId "" }}
+  GITOPS_ORG_IDENTIFIER: {{ .Values.harness.identity.orgId }}
+  {{- end }}
+  {{- if ne .Values.harness.identity.projectId "" }}
+  GITOPS_PROJECT_IDENTIFIER: {{ .Values.harness.identity.projectId }}
+  {{- end }}
+  {{- if .Values.harness.disasterRecovery.enabled }}
+  GITOPS_DISASTER_RECOVERY_IDENTIFIER: {{ .Values.harness.disasterRecovery.identifier }}
+  {{- end }}
+  GITOPS_SERVICE_HTTP_TLS_ENABLED: "{{ .Values.harness.configMap.http.tlsEnabled }}"
+  GITOPS_SERVICE_HTTP_CERT_FILES: {{ .Values.harness.configMap.http.certPath }}
+  AGENT_HTTP_TARGET: {{ .Values.harness.configMap.http.agentHttpTarget }}
+  AGENT_GRPC_TARGET: {{ .Values.harness.configMap.grpc.agentGrpcTarget }}
+  AGENT_GRPC_AUTHORITY: {{ .Values.harness.configMap.grpc.agentGrpcAuthority }}
+  GITOPS_SERVICE_GRPC_INSECURE: "{{ .Values.harness.configMap.grpc.serviceGrpcInsecure }}"
+  GITOPS_SERVICE_PROTOCOL: {{ .Values.harness.configMap.agentProtocol }}
+  GITOPS_AGENT_ENABLE_RECONCILE: "{{ .Values.harness.configMap.reconcile.enabled }}"
+  GITOPS_AGENT_RECONCILE_INTERVAL: "{{ .Values.harness.configMap.reconcile.interval }}"
+  GITOPS_AGENT_DISCOVER_APPLICATION_PODS_DURATION_IN_SECS: "{{ .Values.harness.configMap.reconcile.podsDiscovery }}"
+  LOG_LEVEL: {{ .Values.harness.configMap.logLevel }}
+  GITOPS_AGENT_FETCH_TYPE: "{{ .Values.harness.configMap.agentFetchType }}"
+  REDIS_COMPRESSION: "{{ .Values.harness.configMap.redisCompression }}"
+  {{-  if .Values.agent.proxy.enabled }}
+  HTTPS_PROXY: {{ .Values.agent.proxy.httpsProxy }}
+  HTTP_PROXY: {{ .Values.agent.proxy.httpProxy }}
+  NO_PROXY: localhost,argocd-repo-server,argocd-redis,127.0.0.1,argocd-redis-ha-haproxy,$(KUBERNETES_SERVICE_HOST),kubernetes.default.svc,{{ .Values.agent.name }}
+  {{- end }}
+kind: ConfigMap
+metadata:
+  labels:
+      {{- include "harness.labels" (dict "context" . "component" .Values.agent.name "name" (printf "%s-cm" .Values.agent.name)) | nindent 4 }}
+  name: {{ .Values.agent.name }}
+  namespace: {{ .Release.Namespace }}