Adds support for Helm 1st-class. Closes argoproj#1145 (argoproj#1865)

.golangci.yml

@@ -5,18 +5,12 @@ run:
   skip-dirs:
     - pkg/client
     - vendor
-linter-settings:
-  goimports:
-    local-prefixes: github.com/argoproj/argo-cd
 linters:
   enable:
     - vet
-    - gofmt
-    - goimports
     - deadcode
     - varcheck
     - structcheck
     - ineffassign
     - unconvert
-    - misspell
     - unparam

assets/swagger.json

@@ -1936,7 +1936,7 @@
     },
     "repositoryHelmAppSpec": {
       "type": "object",
-      "title": "HelmAppSpec contains helm app name and path in source repo",
+      "title": "HelmAppSpec contains helm app name  in source repo",
       "properties": {
         "name": {
           "type": "string"
@@ -1948,9 +1948,6 @@
             "$ref": "#/definitions/v1alpha1HelmParameter"
           }
         },
-        "path": {
-          "type": "string"
-        },
         "valueFiles": {
           "type": "array",
           "items": {
@@ -1989,9 +1986,6 @@
           "items": {
             "$ref": "#/definitions/v1alpha1KsonnetParameter"
           }
-        },
-        "path": {
-          "type": "string"
         }
       }
     },
@@ -2008,10 +2002,6 @@
         "name": {
           "type": "string",
           "title": "Name is the user defined name of an environment"
-        },
-        "path": {
-          "description": "Path is the relative project path containing metadata for this environment.",
-          "type": "string"
         }
       }
     },
@@ -2030,17 +2020,14 @@
     },
     "repositoryKustomizeAppSpec": {
       "type": "object",
-      "title": "KustomizeAppSpec contains kustomize app name and path in source repo",
+      "title": "KustomizeAppSpec contains kustomize images",
       "properties": {
         "images": {
           "description": "images is a list of available images.",
           "type": "array",
           "items": {
             "type": "string"
           }
-        },
-        "path": {
-          "type": "string"
         }
       }
     },
@@ -2713,7 +2700,7 @@
         },
         "sourceRepos": {
           "type": "array",
-          "title": "SourceRepos contains list of git repository URLs which can be used for deployment",
+          "title": "SourceRepos contains list of repository URLs which can be used for deployment",
           "items": {
             "type": "string"
           }
@@ -2806,7 +2793,7 @@
         },
         "repoURL": {
           "type": "string",
-          "title": "RepoURL is the git repository URL of the application manifests"
+          "title": "RepoURL is the repository URL of the application manifests"
         },
         "targetRevision": {
           "type": "string",
@@ -3350,7 +3337,7 @@
     },
     "v1alpha1Repository": {
       "type": "object",
-      "title": "Repository is a Git repository holding application configurations",
+      "title": "Repository is a repository holding application configurations",
       "properties": {
         "connectionState": {
           "$ref": "#/definitions/v1alpha1ConnectionState"
@@ -3368,7 +3355,11 @@
         "insecureIgnoreHostKey": {
           "type": "boolean",
           "format": "boolean",
-          "title": "InsecureIgnoreHostKey should not be used anymore, Insecure is favoured"
+          "title": "InsecureIgnoreHostKey should not be used anymore, Insecure is favoured\nonly for Git repos"
+        },
+        "name": {
+          "type": "string",
+          "title": "only for Helm repos"
         },
         "password": {
           "type": "string",
@@ -3380,7 +3371,11 @@
         },
         "sshPrivateKey": {
           "type": "string",
-          "title": "SSH private key data for authenticating at the repo server"
+          "title": "SSH private key data for authenticating at the repo server\nonly for Git repos"
+        },
+        "tlsClientCaData": {
+          "type": "string",
+          "title": "only for Helm repos"
         },
         "tlsClientCertData": {
           "type": "string",
@@ -3390,6 +3385,10 @@
           "type": "string",
           "title": "TLS client cert key for authenticating at the repo server"
         },
+        "type": {
+          "type": "string",
+          "title": "type of the repo, maybe \"git or \"helm, \"git\" is assumed if empty or absent"
+        },
         "username": {
           "type": "string",
           "title": "Username for authenticating at the repo server"
@@ -3800,7 +3799,7 @@
           }
         },
         "revision": {
-          "description": "Revision is the git revision in which to sync the application to.\nIf omitted, will use the revision specified in app spec.",
+          "description": "Revision is the revision in which to sync the application to.\nIf omitted, will use the revision specified in app spec.",
           "type": "string"
         },
         "source": {
@@ -3839,7 +3838,7 @@
         },
         "revision": {
           "type": "string",
-          "title": "Revision holds the git commit SHA of the sync"
+          "title": "Revision holds the revision of the sync"
         },
         "source": {
           "$ref": "#/definitions/v1alpha1ApplicationSource"

cmd/argocd-repo-server/main.go

@@ -17,7 +17,7 @@ import (
 	"github.com/argoproj/argo-cd/reposerver"
 	"github.com/argoproj/argo-cd/util/cache"
 	"github.com/argoproj/argo-cd/util/cli"
-	"github.com/argoproj/argo-cd/util/git"
+	"github.com/argoproj/argo-cd/util/repo/factory"
 	"github.com/argoproj/argo-cd/util/stats"
 	"github.com/argoproj/argo-cd/util/tls"
 )
@@ -48,7 +48,7 @@ func newCommand() *cobra.Command {
 			cache, err := cacheSrc()
 			errors.CheckError(err)
 
-			metricsServer := metrics.NewMetricsServer(git.NewFactory())
+			metricsServer := metrics.NewMetricsServer(factory.NewFactory())
 			server, err := reposerver.NewServer(metricsServer, cache, tlsConfigCustomizer, parallelismLimit)
 			errors.CheckError(err)
 

cmd/argocd-util/main.go

@@ -447,27 +447,8 @@ func getReferencedSecrets(un unstructured.Unstructured) map[string]bool {
 			if cred.TLSClientCertKeySecret != nil {
 				referencedSecrets[cred.TLSClientCertKeySecret.Name] = true
 			}
-		}
-	}
-	if helmReposRAW, ok := cm.Data["helm.repositories"]; ok {
-		helmRepoCreds := make([]settings.HelmRepoCredentials, 0)
-		err := yaml.Unmarshal([]byte(helmReposRAW), &helmRepoCreds)
-		errors.CheckError(err)
-		for _, cred := range helmRepoCreds {
-			if cred.CASecret != nil {
-				referencedSecrets[cred.CASecret.Name] = true
-			}
-			if cred.CertSecret != nil {
-				referencedSecrets[cred.CertSecret.Name] = true
-			}
-			if cred.KeySecret != nil {
-				referencedSecrets[cred.KeySecret.Name] = true
-			}
-			if cred.UsernameSecret != nil {
-				referencedSecrets[cred.UsernameSecret.Name] = true
-			}
-			if cred.PasswordSecret != nil {
-				referencedSecrets[cred.PasswordSecret.Name] = true
+			if cred.TLSClientCASecret != nil {
+				referencedSecrets[cred.TLSClientCASecret.Name] = true
 			}
 		}
 	}

cmd/argocd/commands/app.go

@@ -11,7 +11,6 @@ import (
 	"os"
 	"os/exec"
 	"path"
-	"path/filepath"
 	"reflect"
 	"sort"
 	"strconv"
@@ -104,7 +103,7 @@ func NewApplicationCreateCommand(clientOpts *argocdclient.ClientOptions) *cobra.
 	)
 	var command = &cobra.Command{
 		Use:   "create APPNAME",
-		Short: "Create an application from a git location",
+		Short: "Create an application",
 		Run: func(c *cobra.Command, args []string) {
 			var app argoappv1.Application
 			argocdClient := argocdclient.NewClientOrDie(clientOpts)
@@ -592,7 +591,7 @@ func addAppFlags(command *cobra.Command, opts *appOptions) {
 	command.Flags().StringVar(&opts.repoURL, "repo", "", "Repository URL, ignored if a file is set")
 	command.Flags().StringVar(&opts.appPath, "path", "", "Path in repository to the ksonnet app directory, ignored if a file is set")
 	command.Flags().StringVar(&opts.env, "env", "", "Application environment to monitor")
-	command.Flags().StringVar(&opts.revision, "revision", "HEAD", "The tracking source branch, tag, or commit the application will sync to")
+	command.Flags().StringVar(&opts.revision, "revision", "", "The tracking source branch, tag, or commit the application will sync to")
 	command.Flags().StringVar(&opts.destServer, "dest-server", "", "K8s cluster URL (overrides the server URL specified in the ksonnet app.yaml)")
 	command.Flags().StringVar(&opts.destNamespace, "dest-namespace", "", "K8s target namespace (overrides the namespace specified in the ksonnet app.yaml)")
 	command.Flags().StringArrayVarP(&opts.parameters, "parameter", "p", []string{}, "set a parameter override (e.g. -p guestbook=image=example/guestbook:latest)")
@@ -726,7 +725,7 @@ func getLocalObjects(app *argoappv1.Application, local string, appLabelKey strin
 }
 
 func getLocalObjectsString(app *argoappv1.Application, local string, appLabelKey string, kustomizeOptions *argoappv1.KustomizeOptions) []string {
-	res, err := repository.GenerateManifests(filepath.Dir(local), filepath.Base(local), &repoapiclient.ManifestRequest{
+	res, err := repository.GenerateManifests(local, &repoapiclient.ManifestRequest{
 		ApplicationSource: &app.Spec.Source,
 		AppLabelKey:       appLabelKey,
 		AppLabelValue:     app.Name,
@@ -1214,10 +1213,6 @@ func NewApplicationSyncCommand(clientOpts *argocdclient.ClientOptions) *cobra.Co
 			if len(selectedLabels) > 0 {
 				ctx := context.Background()
 
-				if revision == "" {
-					revision = "HEAD"
-				}
-
 				q := applicationpkg.ApplicationManifestQuery{
 					Name:     &appName,
 					Revision: revision,

cmd/argocd/commands/project.go

@@ -92,7 +92,7 @@ func addProjFlags(command *cobra.Command, opts *projectOpts) {
 	command.Flags().StringVarP(&opts.description, "description", "", "", "Project description")
 	command.Flags().StringArrayVarP(&opts.destinations, "dest", "d", []string{},
 		"Permitted destination server and namespace (e.g. https://192.168.99.100:8443,default)")
-	command.Flags().StringArrayVarP(&opts.sources, "src", "s", []string{}, "Permitted git source repository URL")
+	command.Flags().StringArrayVarP(&opts.sources, "src", "s", []string{}, "Permitted source repository URL")
 	command.Flags().BoolVar(&opts.orphanedResourcesEnabled, "orphaned-resources", false, "Enables orphaned resources monitoring")
 	command.Flags().BoolVar(&opts.orphanedResourcesWarn, "orphaned-resources-warn", false, "Specifies if applications should be a warning condition when orphaned resources detected")
 }

cmd/argocd/commands/repo.go

@@ -23,7 +23,7 @@ import (
 func NewRepoCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command {
 	var command = &cobra.Command{
 		Use:   "repo",
-		Short: "Manage git repository connection parameters",
+		Short: "Manage repository connection parameters",
 		Run: func(c *cobra.Command, args []string) {
 			c.HelpFunc()(c, args)
 			os.Exit(1)
@@ -127,6 +127,8 @@ Add a HTTPS repository using username/password without verifying the server's TL
 			// that were supplied, we bail out.
 			repoAccessReq := repositorypkg.RepoAccessQuery{
 				Repo:              repo.Repo,
+				Type:              repo.Type,
+				Name:              repo.Name,
 				Username:          repo.Username,
 				Password:          repo.Password,
 				SshPrivateKey:     repo.SSHPrivateKey,
@@ -146,6 +148,8 @@ Add a HTTPS repository using username/password without verifying the server's TL
 			fmt.Printf("repository '%s' added\n", createdRepo.Repo)
 		},
 	}
+	command.Flags().StringVar(&repo.Type, "type", "", "type of the repository, \"git\" or \"helm\"")
+	command.Flags().StringVar(&repo.Name, "name", "", "name of the repository")
 	command.Flags().StringVar(&repo.Username, "username", "", "username to the repository")
 	command.Flags().StringVar(&repo.Password, "password", "", "password to the repository")
 	command.Flags().StringVar(&sshPrivateKeyPath, "ssh-private-key-path", "", "path to the private ssh key (e.g. ~/.ssh/id_rsa)")
@@ -162,7 +166,7 @@ Add a HTTPS repository using username/password without verifying the server's TL
 func NewRepoRemoveCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command {
 	var command = &cobra.Command{
 		Use:   "rm REPO",
-		Short: "Remove git repository credentials",
+		Short: "Remove repository credentials",
 		Run: func(c *cobra.Command, args []string) {
 			if len(args) == 0 {
 				c.HelpFunc()(c, args)
@@ -180,23 +184,23 @@ func NewRepoRemoveCommand(clientOpts *argocdclient.ClientOptions) *cobra.Command
 }
 
 // Print table of repo info
-func printRepoTable(repos []appsv1.Repository) {
+func printRepoTable(repos appsv1.Repositories) {
 	w := tabwriter.NewWriter(os.Stdout, 0, 0, 2, ' ', 0)
-	fmt.Fprintf(w, "REPO\tINSECURE\tLFS\tUSER\tSTATUS\tMESSAGE\n")
+	_, _ = fmt.Fprintf(w, "TYPE\nNAME\nREPO\tINSECURE\tLFS\tUSER\tSTATUS\tMESSAGE\n")
 	for _, r := range repos {
 		var username string
 		if r.Username == "" {
 			username = "-"
 		} else {
 			username = r.Username
 		}
-		fmt.Fprintf(w, "%s\t%v\t%v\t%s\t%s\t%s\n", r.Repo, r.IsInsecure(), r.EnableLFS, username, r.ConnectionState.Status, r.ConnectionState.Message)
+		_, _ = fmt.Fprintf(w, "%s\t%s\t%s\t%v\t%v\t%s\t%s\t%s\n", r.Type, r.Name, r.Repo, r.IsInsecure(), r.EnableLFS, username, r.ConnectionState.Status, r.ConnectionState.Message)
 	}
 	_ = w.Flush()
 }
 
 // Print list of repo urls
-func printRepoUrls(repos []appsv1.Repository) {
+func printRepoUrls(repos appsv1.Repositories) {
 	for _, r := range repos {
 		fmt.Println(r.Repo)
 	}

controller/appcontroller.go

@@ -774,7 +774,7 @@ func (ctrl *ApplicationController) processAppRefreshQueueItem() (processNext boo
 
 	compareResult := ctrl.appStateManager.CompareAppState(app, revision, app.Spec.Source, refreshType == appv1.RefreshTypeHard, localManifests)
 
-	ctrl.normalizeApplication(origApp, app, compareResult.appSourceType)
+	ctrl.normalizeApplication(origApp, app)
 
 	app.Status.Conditions = append(app.Status.Conditions, compareResult.conditions...)
 
@@ -872,9 +872,9 @@ func (ctrl *ApplicationController) refreshAppConditions(app *appv1.Application)
 }
 
 // normalizeApplication normalizes an application.spec and additionally persists updates if it changed
-func (ctrl *ApplicationController) normalizeApplication(orig, app *appv1.Application, sourceType appv1.ApplicationSourceType) {
+func (ctrl *ApplicationController) normalizeApplication(orig, app *appv1.Application) {
 	logCtx := log.WithFields(log.Fields{"application": app.Name})
-	app.Spec = *argo.NormalizeApplicationSpec(&app.Spec, sourceType)
+	app.Spec = *argo.NormalizeApplicationSpec(&app.Spec)
 	patch, modified, err := diff.CreateTwoWayMergePatch(orig, app, appv1.Application{})
 	if err != nil {
 		logCtx.Errorf("error constructing app spec patch: %v", err)

controller/state.go

@@ -88,7 +88,7 @@ type appStateManager struct {
 }
 
 func (m *appStateManager) getRepoObjs(app *v1alpha1.Application, source v1alpha1.ApplicationSource, appLabelKey, revision string, noCache bool) ([]*unstructured.Unstructured, []*unstructured.Unstructured, *apiclient.ManifestResponse, error) {
-	helmRepos, err := m.db.ListHelmRepos(context.Background())
+	repos, err := m.db.ListRepositories(context.Background())
 	if err != nil {
 		return nil, nil, nil, err
 	}
@@ -122,7 +122,7 @@ func (m *appStateManager) getRepoObjs(app *v1alpha1.Application, source v1alpha1
 	}
 	manifestInfo, err := repoClient.GenerateManifest(context.Background(), &apiclient.ManifestRequest{
 		Repo:              repo,
-		HelmRepos:         helmRepos,
+		Repos:             repos,
 		Revision:          revision,
 		NoCache:           noCache,
 		AppLabelKey:       appLabelKey,

controller/state_test.go

@@ -38,7 +38,7 @@ func TestCompareAppStateEmpty(t *testing.T) {
 	assert.Equal(t, 0, len(compRes.conditions))
 }
 
-// TestCompareAppStateMissing tests when there is a manifest defined in git which doesn't exist in live
+// TestCompareAppStateMissing tests when there is a manifest defined in the repo which doesn't exist in live
 func TestCompareAppStateMissing(t *testing.T) {
 	app := newFakeApp()
 	data := fakeData{

docs/faq.md

@@ -54,8 +54,9 @@ uses only internally available Helm repositories. Even if the chart uses only de
 
 ```yaml
 data:
-  helm.repositories: |
-    - url: http://<internal-helm-repo-host>:8080
+  repositories: |
+    - type: helm
+      url: http://<internal-helm-repo-host>:8080
       name: stable
 ```