From 3c3fbb7fbfbea1dc22fb0144bf80b6c2db8451c5 Mon Sep 17 00:00:00 2001
From: Stefan Reimer <stefan@zero-downtime.net>
Date: Mon, 9 Dec 2024 12:39:33 +0000
Subject: [PATCH] feat: enabled network policies for ArgoCD

---
 charts/kubezero-argo/Chart.yaml        | 2 +-
 charts/kubezero-argo/values.yaml       | 8 +++++---
 charts/kubezero/templates/storage.yaml | 4 +++-
 3 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/charts/kubezero-argo/Chart.yaml b/charts/kubezero-argo/Chart.yaml
index 32643215..2804a852 100644
--- a/charts/kubezero-argo/Chart.yaml
+++ b/charts/kubezero-argo/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 description: KubeZero Argo - Events, Workflow, CD
 name: kubezero-argo
-version: 0.2.6
+version: 0.2.7
 home: https://kubezero.com
 icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
 keywords:
diff --git a/charts/kubezero-argo/values.yaml b/charts/kubezero-argo/values.yaml
index 45da539e..79e994df 100644
--- a/charts/kubezero-argo/values.yaml
+++ b/charts/kubezero-argo/values.yaml
@@ -45,7 +45,9 @@ argo-cd:
       format: json
     image:
       repository: public.ecr.aws/zero-downtime/zdt-argocd
-      tag: v2.13.0
+      tag: v2.13.1
+    networkPolicy:
+      create: true
 
   configs:
     styles: |
@@ -54,8 +56,8 @@ argo-cd:
       .sidebar { background: linear-gradient(to bottom, #6A4D79, #493558, #2D1B30, #0D0711); }
 
     cm:
-      ui.bannercontent: "KubeZero v1.30 - Release notes"
-      ui.bannerurl: "https://kubezero.com/releases/v1.30"
+      ui.bannercontent: "KubeZero v1.31 - Release notes"
+      ui.bannerurl: "https://kubezero.com/releases/v1.31"
       ui.bannerpermanent: "true"
       ui.bannerposition: "bottom"
 
diff --git a/charts/kubezero/templates/storage.yaml b/charts/kubezero/templates/storage.yaml
index b8e54cf4..2eb5467e 100644
--- a/charts/kubezero/templates/storage.yaml
+++ b/charts/kubezero/templates/storage.yaml
@@ -57,11 +57,13 @@ aws-efs-csi-driver:
   enabled: {{ default false (index .Values "storage" "aws-efs-csi-driver" "enabled")}}
   replicaCount: {{ ternary 2 1 .Values.global.highAvailable }}
   controller:
+    {{- with index .Values "storage" "aws-efs-csi-driver" "IamArn" }}
     extraEnv:
     - name: AWS_ROLE_ARN
-      value: {{ index .Values "storage" "aws-efs-csi-driver" "IamArn" | quote }}
+      value: {{ . | quote }}
     - name: AWS_WEB_IDENTITY_TOKEN_FILE
       value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
+    {{- end }}
 
     # The EFS controller steel needs hostnetwork and cannot update on single node control planes otherwise
     {{- if not .Values.global.highAvailable }}