Compare commits

...

3 Commits

Author SHA1 Message Date
e2b67b72a5 Revert "feat: remove sa2kubeconfig.sh aas vals support inCluster now"
All checks were successful
ZeroDownTime/zdt-argocd/pipeline/head This commit looks good
ZeroDownTime/zdt-argocd/pipeline/tag This commit looks good
This reverts commit 1a7f4722dfa91f496c5c43d3385e4283c7c917c5.
2025-03-20 19:43:23 +00:00
66f6ef4548 Merge pull request 'chore(deps): update all non-major dependencies' (#7) from renovate/all-minor-patch into main
All checks were successful
ZeroDownTime/zdt-argocd/pipeline/head This commit looks good
Reviewed-on: #7
2025-03-20 18:11:48 +00:00
c08a71b4a2 chore(deps): update all non-major dependencies
All checks were successful
ZeroDownTime/zdt-argocd/pipeline/pr-main This commit looks good
2025-03-20 03:03:56 +00:00
2 changed files with 34 additions and 2 deletions

View File

@ -1,9 +1,9 @@
FROM quay.io/argoproj/argocd:v2.14.5
FROM quay.io/argoproj/argocd:v2.14.7
# renovate: datasource=github-releases depName=sops packageName=getsops/sops
ARG SOPS_VERSION=v3.9.4
# renovate: datasource=github-releases depName=vals packageName=helmfile/vals
ARG VALS_VERSION=v0.39.3
ARG VALS_VERSION=v0.39.4
# renovate: datasource=github-releases depName=helm-secrets packageName=jkroepke/helm-secrets
ARG HELM_SECRETS_VERSION=v4.6.3
@ -39,6 +39,9 @@ RUN curl -fsSL https://github.com/helmfile/vals/releases/download/${VALS_VERSION
RUN ln -sf "$(helm env HELM_PLUGINS)/helm-secrets/scripts/wrapper/helm.sh" /usr/local/sbin/helm
# Add init script to convert SA token into kubeconfig for vals
ADD sa2kubeconfig.sh /usr/local/bin/sa2kubeconfig.sh
USER ${ARGOCD_USER_ID}
RUN helm plugin install --version ${HELM_SECRETS_VERSION#v} https://github.com/jkroepke/helm-secrets

29
sa2kubeconfig.sh Executable file
View File

@ -0,0 +1,29 @@
#!/bin/sh -e
KUBECONFIG=$1
SA_NAME=argo-argocd-repo-server
CA64=$(cat /run/secrets/kubernetes.io/serviceaccount/ca.crt | base64 -w0)
TOKEN=$(cat /run/secrets/kubernetes.io/serviceaccount/token)
cat > $KUBECONFIG << EOF
apiVersion: v1
kind: Config
clusters:
- name: local
cluster:
server: https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT_HTTPS
certificate-authority-data: $CA64
users:
- name: $SA_NAME
user:
token: "$TOKEN"
contexts:
- name: ${SA_NAME}_context
context:
cluster: local
user: $SA_NAME
current-context: ${SA_NAME}_context
EOF
chmod 600 $KUBECONFIG