feat(argocd client): Add handling of argocd-api-plaintext option (#274)

fixes #168 Signed-off-by: Grzegorz Głąb <grzesuav@gmail.com>
zapier · Sep 12, 2024 · 135f381 · 135f381
1 parent e17621c
commit 135f381
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 2 deletions.
diff --git a/cmd/root.go b/cmd/root.go
@@ -59,10 +59,11 @@ func init() {
 	stringFlag(flags, "argocd-api-server-addr", "ArgoCD API Server Address.",
 		newStringOpts().
 			withDefault("argocd-server"))
-	boolFlag(flags, "argocd-api-insecure", "Enable to use insecure connections to the ArgoCD API server.")
+	boolFlag(flags, "argocd-api-insecure", "Enable to use insecure connections over TLS to the ArgoCD API server.")
 	stringFlag(flags, "argocd-api-namespace", "ArgoCD namespace where the application watcher will read Custom Resource Definitions (CRD) for Application and ApplicationSet resources.",
 		newStringOpts().
 			withDefault("argocd"))
+	boolFlag(flags, "argocd-api-plaintext", "Enable to use plaintext connections without TLS.")
 	stringFlag(flags, "kubernetes-type", "Kubernetes Type One of eks, or local. Defaults to local.",
 		newStringOpts().
 			withChoices("eks", "local").

diff --git a/docs/usage.md b/docs/usage.md
@@ -36,8 +36,9 @@ The full list of supported environment variables is described below:
 
 |Env Var|Description|Default Value|
 |-----------|-------------|------|
-|`KUBECHECKS_ARGOCD_API_INSECURE`|Enable to use insecure connections to the ArgoCD API server.|`false`|
+|`KUBECHECKS_ARGOCD_API_INSECURE`|Enable to use insecure connections over TLS to the ArgoCD API server.|`false`|
 |`KUBECHECKS_ARGOCD_API_NAMESPACE`|ArgoCD namespace where the application watcher will read Custom Resource Definitions (CRD) for Application and ApplicationSet resources.|`argocd`|
+|`KUBECHECKS_ARGOCD_API_PLAINTEXT`|Enable to use plaintext connections without TLS.|`false`|
 |`KUBECHECKS_ARGOCD_API_SERVER_ADDR`|ArgoCD API Server Address.|`argocd-server`|
 |`KUBECHECKS_ARGOCD_API_TOKEN`|ArgoCD API token.||
 |`KUBECHECKS_ENABLE_CONFTEST`|Set to true to enable conftest policy checking of manifests.|`false`|

diff --git a/pkg/argo_client/client.go b/pkg/argo_client/client.go
@@ -27,6 +27,7 @@ func NewArgoClient(cfg config.ServerConfig) (*ArgoClient, error) {
 		AuthToken:       cfg.ArgoCDToken,
 		GRPCWebRootPath: cfg.ArgoCDPathPrefix,
 		Insecure:        cfg.ArgoCDInsecure,
+		PlainText:       cfg.ArgoCDPlainText,
 	}
 
 	log.Info().

diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -22,6 +22,7 @@ type ServerConfig struct {
 	ArgoCDPathPrefix    string `mapstructure:"argocd-api-path-prefix"`
 	ArgoCDInsecure      bool   `mapstructure:"argocd-api-insecure"`
 	ArgoCDNamespace     string `mapstructure:"argocd-api-namespace"`
+	ArgoCDPlainText     bool   `mapstructure:"argocd-api-plaintext"`
 	KubernetesConfig    string `mapstructure:"kubernetes-config"`
 	KubernetesType      string `mapstructure:"kubernetes-type"`
 	KubernetesClusterID string `mapstructure:"kubernetes-clusterid"`

diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go
@@ -16,13 +16,15 @@ func TestNew(t *testing.T) {
 	v := viper.New()
 	v.Set("log-level", "info")
 	v.Set("argocd-api-insecure", "true")
+	v.Set("argocd-api-plaintext", "true")
 	v.Set("worst-conftest-state", "warning")
 	v.Set("repo-refresh-interval", "10m")
 
 	cfg, err := NewWithViper(v)
 	require.NoError(t, err)
 	assert.Equal(t, zerolog.InfoLevel, cfg.LogLevel)
 	assert.Equal(t, true, cfg.ArgoCDInsecure)
+	assert.Equal(t, true, cfg.ArgoCDPlainText)
 	assert.Equal(t, pkg.StateWarning, cfg.WorstConfTestState, "worst states can be overridden")
 	assert.Equal(t, time.Minute*10, cfg.RepoRefreshInterval)
 }