From b0d4648471aef30a1a849a82c84dcb37ed7b504d Mon Sep 17 00:00:00 2001
From: Erwan Vallienne <135604788+erwanval@users.noreply.github.com>
Date: Thu, 20 Jun 2024 12:25:27 +0200
Subject: [PATCH] fix(argo-cd): remove secretName for server and applicationSet
 Certificates (#2741)

* Remove Certificate's secretName because expected names by server and applicationset are static

Signed-off-by: Erwan Vallienne <erwan@fgtech.fr>

* Apply suggestions from code review

Signed-off-by: Marco Maurer (-Kilchhofer) <mkilchhofer@users.noreply.github.com>

* Fix lint

Signed-off-by: Erwan Vallienne <erwan@fgtech.fr>

---------

Signed-off-by: Erwan Vallienne <erwan@fgtech.fr>
Signed-off-by: Marco Maurer (-Kilchhofer) <mkilchhofer@users.noreply.github.com>
Signed-off-by: Erwan Vallienne <135604788+erwanval@users.noreply.github.com>
Co-authored-by: Marco Maurer (-Kilchhofer) <mkilchhofer@users.noreply.github.com>
---
 charts/argo-cd/Chart.yaml                                 | 8 +++++---
 charts/argo-cd/README.md                                  | 2 --
 .../templates/argocd-applicationset/certificate.yaml      | 2 +-
 charts/argo-cd/templates/argocd-server/certificate.yaml   | 2 +-
 charts/argo-cd/values.yaml                                | 4 ----
 5 files changed, 7 insertions(+), 11 deletions(-)

diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml
index 408a69893..1d1b03afa 100644
--- a/charts/argo-cd/Chart.yaml
+++ b/charts/argo-cd/Chart.yaml
@@ -3,7 +3,7 @@ appVersion: v2.11.3
 kubeVersion: ">=1.23.0-0"
 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 7.1.5
+version: 7.2.0
 home: https://github.com/argoproj/argo-helm
 icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
 sources:
@@ -26,5 +26,7 @@ annotations:
     fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
     url: https://argoproj.github.io/argo-helm/pgp_keys.asc
   artifacthub.io/changes: |
-    - kind: added
-      description: Added secrettemplateAnnotation field for argocd server certificate
+    - kind: removed
+      description: Remove `server.certificate.secretName`, as the expected secret name is static (argocd-server-tls)
+    - kind: removed
+      description: Remove `applicationSet.certificate.secretName`, as the expected secret name is static (argocd-applicationset-controller-tls)
diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md
index 6b7c2fdd9..8ef969744 100644
--- a/charts/argo-cd/README.md
+++ b/charts/argo-cd/README.md
@@ -967,7 +967,6 @@ NAME: my-release
 | server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` |
 | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. |
 | server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. |
-| server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource |
 | server.certificate.secretTemplateAnnotations | object | `{}` | Annotations that allow the certificate to be composed from data residing in existing Kubernetes Resources |
 | server.certificate.usages | list | `[]` | Usages for the certificate |
 | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret |
@@ -1402,7 +1401,6 @@ If you use an External Redis (See Option 3 above), this Job is not deployed.
 | applicationSet.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` |
 | applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. |
 | applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. |
-| applicationSet.certificate.secretName | string | `"argocd-applicationset-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource |
 | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port |
 | applicationSet.containerPorts.probe | int | `8081` | Probe container port |
 | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port |
diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml
index c2d2b279c..fce26bf55 100644
--- a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml
@@ -13,7 +13,7 @@ metadata:
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
 spec:
-  secretName: {{ .Values.applicationSet.certificate.secretName }}
+  secretName: argocd-applicationset-controller-tls
   commonName: {{ .Values.applicationSet.certificate.domain | default .Values.global.domain }}
   dnsNames:
     - {{ .Values.applicationSet.certificate.domain | default .Values.global.domain }}
diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml
index 4376bd5ca..803452f63 100644
--- a/charts/argo-cd/templates/argocd-server/certificate.yaml
+++ b/charts/argo-cd/templates/argocd-server/certificate.yaml
@@ -20,7 +20,7 @@ spec:
       {{ $key }}: {{ $value | quote }}
       {{- end }}
     {{- end }} 
-  secretName: {{ .Values.server.certificate.secretName }}
+  secretName: argocd-server-tls
   commonName: {{ .Values.server.certificate.domain | default .Values.global.domain }}
   dnsNames:
     - {{ .Values.server.certificate.domain | default .Values.global.domain }}
diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml
index 332523050..001a3d970 100644
--- a/charts/argo-cd/values.yaml
+++ b/charts/argo-cd/values.yaml
@@ -1990,8 +1990,6 @@ server:
   certificate:
     # -- Deploy a Certificate resource (requires cert-manager)
     enabled: false
-    # -- The name of the Secret that will be automatically created and managed by this Certificate resource
-    secretName: argocd-server-tls
     # -- Certificate primary domain (commonName)
     # @default -- `""` (defaults to global.domain)
     domain: ""
@@ -2998,8 +2996,6 @@ applicationSet:
   certificate:
     # -- Deploy a Certificate resource (requires cert-manager)
     enabled: false
-    # -- The name of the Secret that will be automatically created and managed by this Certificate resource
-    secretName: argocd-applicationset-controller-tls
     # -- Certificate primary domain (commonName)
     # @default -- `""` (defaults to global.domain)
     domain: ""