From 74af92fd95499d6aace679ce2104e38ce292df0c Mon Sep 17 00:00:00 2001 From: Nathanael Liechti Date: Tue, 20 Aug 2024 15:37:02 +0200 Subject: [PATCH] feat: add proxy to kustomize build operations (#18551) Signed-off-by: Nathanael Liechti --- docs/operator-manual/declarative-setup.md | 2 +- docs/operator-manual/upgrading/2.12-2.13.md | 3 +++ reposerver/repository/repository.go | 4 ++-- util/kustomize/kustomize.go | 7 ++++++- util/kustomize/kustomize_test.go | 16 ++++++++-------- 5 files changed, 20 insertions(+), 12 deletions(-) diff --git a/docs/operator-manual/declarative-setup.md b/docs/operator-manual/declarative-setup.md index 324e6dc74620b..38fc19cafae72 100644 --- a/docs/operator-manual/declarative-setup.md +++ b/docs/operator-manual/declarative-setup.md @@ -468,7 +468,7 @@ data: ### Configure repositories with proxy -Proxy for your repository can be specified in the `proxy` field of the repository secret, along with other repository configurations. Argo CD uses this proxy to access the repository. Argo CD looks for the standard proxy environment variables in the repository server if the custom proxy is absent. +Proxy for your repository can be specified in the `proxy` field of the repository secret, along with other repository configurations. Argo CD uses this proxy to access the repository and do related helm/kustomize operations. Argo CD looks for the standard proxy environment variables in the repository server if the custom proxy is absent. An example repository with proxy: diff --git a/docs/operator-manual/upgrading/2.12-2.13.md b/docs/operator-manual/upgrading/2.12-2.13.md index a632d019c3faa..c98845f9e5927 100644 --- a/docs/operator-manual/upgrading/2.12-2.13.md +++ b/docs/operator-manual/upgrading/2.12-2.13.md @@ -64,3 +64,6 @@ The default extension for log files generated by Argo CD when using the "Downloa - Consistency with standard log file conventions. If you have any custom scripts or tools that depend on the `.txt` extension, please update them accordingly. +## Added proxy to kustomize + +Proxy config set on repository credentials / repository templates is now passed down to the `kustomie build` command. diff --git a/reposerver/repository/repository.go b/reposerver/repository/repository.go index a729ca1b1af51..803df7337aad2 100644 --- a/reposerver/repository/repository.go +++ b/reposerver/repository/repository.go @@ -1436,7 +1436,7 @@ func GenerateManifests(ctx context.Context, appPath, repoRoot, revision string, if q.KustomizeOptions != nil { kustomizeBinary = q.KustomizeOptions.BinaryPath } - k := kustomize.NewKustomizeApp(repoRoot, appPath, q.Repo.GetGitCreds(gitCredsStore), repoURL, kustomizeBinary) + k := kustomize.NewKustomizeApp(repoRoot, appPath, q.Repo.GetGitCreds(gitCredsStore), repoURL, kustomizeBinary, q.Repo.Proxy) targetObjs, _, commands, err = k.Build(q.ApplicationSource.Kustomize, q.KustomizeOptions, env, &kustomize.BuildOpts{ KubeVersion: text.SemVer(q.ApplicationSource.GetKubeVersionOrDefault(q.KubeVersion)), APIVersions: q.ApplicationSource.GetAPIVersionsOrDefault(q.ApiVersions), @@ -2180,7 +2180,7 @@ func populateKustomizeAppDetails(res *apiclient.RepoAppDetailsResponse, q *apicl if q.KustomizeOptions != nil { kustomizeBinary = q.KustomizeOptions.BinaryPath } - k := kustomize.NewKustomizeApp(repoRoot, appPath, q.Repo.GetGitCreds(credsStore), q.Repo.Repo, kustomizeBinary) + k := kustomize.NewKustomizeApp(repoRoot, appPath, q.Repo.GetGitCreds(credsStore), q.Repo.Repo, kustomizeBinary, q.Repo.Proxy) fakeManifestRequest := apiclient.ManifestRequest{ AppName: q.AppName, Namespace: "", // FIXME: omit it for now diff --git a/util/kustomize/kustomize.go b/util/kustomize/kustomize.go index 5a31180d989db..32ba18509da18 100644 --- a/util/kustomize/kustomize.go +++ b/util/kustomize/kustomize.go @@ -22,6 +22,7 @@ import ( certutil "github.com/argoproj/argo-cd/v2/util/cert" executil "github.com/argoproj/argo-cd/v2/util/exec" "github.com/argoproj/argo-cd/v2/util/git" + "github.com/argoproj/argo-cd/v2/util/proxy" ) // represents a Docker image in the format NAME[:TAG]. @@ -39,13 +40,14 @@ type Kustomize interface { } // NewKustomizeApp create a new wrapper to run commands on the `kustomize` command-line tool. -func NewKustomizeApp(repoRoot string, path string, creds git.Creds, fromRepo string, binaryPath string) Kustomize { +func NewKustomizeApp(repoRoot string, path string, creds git.Creds, fromRepo string, binaryPath string, proxy string) Kustomize { return &kustomize{ repoRoot: repoRoot, path: path, creds: creds, repo: fromRepo, binaryPath: binaryPath, + proxy: proxy, } } @@ -60,6 +62,8 @@ type kustomize struct { repo string // optional kustomize binary path binaryPath string + // HTTP/HTTPS proxy used to access repository + proxy string } var _ Kustomize = &kustomize{} @@ -322,6 +326,7 @@ func (k *kustomize) Build(opts *v1alpha1.ApplicationSourceKustomize, kustomizeOp cmd = exec.Command(k.getBinaryPath(), "build", k.path) } cmd.Env = env + cmd.Env = proxy.UpsertEnv(cmd, k.proxy) cmd.Dir = k.repoRoot commands = append(commands, executil.GetCommandArgsToLog(cmd)) out, err := executil.Run(cmd) diff --git a/util/kustomize/kustomize_test.go b/util/kustomize/kustomize_test.go index bd341fa3e2f9d..912b859643dff 100644 --- a/util/kustomize/kustomize_test.go +++ b/util/kustomize/kustomize_test.go @@ -43,7 +43,7 @@ func TestKustomizeBuild(t *testing.T) { namePrefix := "namePrefix-" nameSuffix := "-nameSuffix" namespace := "custom-namespace" - kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "") + kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "", "") env := &v1alpha1.Env{ &v1alpha1.EnvEntry{Name: "ARGOCD_APP_NAME", Value: "argo-cd-tests"}, } @@ -128,7 +128,7 @@ func TestKustomizeBuild(t *testing.T) { func TestFailKustomizeBuild(t *testing.T) { appPath, err := testDataDir(t, kustomization1) require.NoError(t, err) - kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "") + kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "", "") kustomizeSource := v1alpha1.ApplicationSourceKustomize{ Replicas: []v1alpha1.KustomizeReplica{ { @@ -231,7 +231,7 @@ func TestKustomizeBuildForceCommonLabels(t *testing.T) { for _, tc := range testCases { appPath, err := testDataDir(t, tc.TestData) require.NoError(t, err) - kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "") + kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "", "") objs, _, _, err := kustomize.Build(&tc.KustomizeSource, nil, tc.Env, nil) switch tc.ExpectErr { case true: @@ -323,7 +323,7 @@ func TestKustomizeBuildForceCommonAnnotations(t *testing.T) { for _, tc := range testCases { appPath, err := testDataDir(t, tc.TestData) require.NoError(t, err) - kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "") + kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "", "") objs, _, _, err := kustomize.Build(&tc.KustomizeSource, nil, tc.Env, nil) switch tc.ExpectErr { case true: @@ -390,7 +390,7 @@ func TestKustomizeLabelWithoutSelector(t *testing.T) { for _, tc := range testCases { appPath, err := testDataDir(t, tc.TestData) require.NoError(t, err) - kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "") + kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "", "") objs, _, _, err := kustomize.Build(&tc.KustomizeSource, nil, tc.Env, nil) switch tc.ExpectErr { @@ -420,7 +420,7 @@ func TestKustomizeCustomVersion(t *testing.T) { kustomizePath, err := testDataDir(t, kustomization4) require.NoError(t, err) envOutputFile := kustomizePath + "/env_output" - kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", kustomizePath+"/kustomize.special") + kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", kustomizePath+"/kustomize.special", "") kustomizeSource := v1alpha1.ApplicationSourceKustomize{ Version: "special", } @@ -442,7 +442,7 @@ func TestKustomizeCustomVersion(t *testing.T) { func TestKustomizeBuildComponents(t *testing.T) { appPath, err := testDataDir(t, kustomization6) require.NoError(t, err) - kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "") + kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "", "") kustomizeSource := v1alpha1.ApplicationSourceKustomize{ Components: []string{"./components"}, @@ -463,7 +463,7 @@ func TestKustomizeBuildComponents(t *testing.T) { func TestKustomizeBuildPatches(t *testing.T) { appPath, err := testDataDir(t, kustomization5) require.NoError(t, err) - kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "") + kustomize := NewKustomizeApp(appPath, appPath, git.NopCreds{}, "", "", "") kustomizeSource := v1alpha1.ApplicationSourceKustomize{ Patches: []v1alpha1.KustomizePatch{