diff --git a/charts/kargo/templates/_helpers.tpl b/charts/kargo/templates/_helpers.tpl index d9f258d131..ba9cc8d69c 100644 --- a/charts/kargo/templates/_helpers.tpl +++ b/charts/kargo/templates/_helpers.tpl @@ -44,11 +44,25 @@ Generate base URL for a service. {{- end -}} {{- end -}} +{{/* +Generate the base HOST for the API service. +*/}} +{{- define "kargo.api.baseHost" -}} +{{- (tpl .Values.api.host .) -}} +{{- end -}} + {{/* Generate the base URL for the API service. */}} {{- define "kargo.api.baseURL" -}} -{{- include "kargo.baseURL" (dict "service" .Values.api "host" .Values.api.host) -}} +{{- include "kargo.baseURL" (dict "service" .Values.api "host" (include "kargo.api.baseHost" .)) -}} +{{- end -}} + +{{/* +Generate the base HOST for the external webhook server. +*/}} +{{- define "kargo.externalWebhooksServer.baseHost" -}} +{{- (tpl .Values.externalWebhooksServer.host .) -}} {{- end -}} {{/* @@ -60,7 +74,7 @@ Generate the base URL for the external webhook server. {{- if and (not $webhookService.ingress.enabled) $apiService.enabled $apiService.ingress.enabled -}} {{- printf "%s/webhooks" (include "kargo.api.baseURL" .) -}} {{- else -}} -{{- include "kargo.baseURL" (dict "service" $webhookService "host" $webhookService.host) -}} +{{- include "kargo.baseURL" (dict "service" $webhookService "host" (include "kargo.externalWebhooksServer.baseHost" .)) -}} {{- end -}} {{- end -}} diff --git a/charts/kargo/templates/api/cert.yaml b/charts/kargo/templates/api/cert.yaml index d29d0aad50..ae5ba9275b 100644 --- a/charts/kargo/templates/api/cert.yaml +++ b/charts/kargo/templates/api/cert.yaml @@ -9,7 +9,7 @@ metadata: {{- include "kargo.api.labels" . | nindent 4 }} spec: dnsNames: - - {{ quote .Values.api.host }} + - {{ include "kargo.api.baseHost" . | quote }} issuerRef: kind: Issuer name: kargo-selfsigned-cert-issuer diff --git a/charts/kargo/templates/api/configmap.yaml b/charts/kargo/templates/api/configmap.yaml index 82d4ed3d5f..ac7d873d9b 100644 --- a/charts/kargo/templates/api/configmap.yaml +++ b/charts/kargo/templates/api/configmap.yaml @@ -28,7 +28,7 @@ data: {{- if .Values.api.adminAccount.enabled }} ADMIN_ACCOUNT_ENABLED: "true" ADMIN_ACCOUNT_TOKEN_ISSUER: {{ include "kargo.api.baseURL" . }} - ADMIN_ACCOUNT_TOKEN_AUDIENCE: {{ quote .Values.api.host }} + ADMIN_ACCOUNT_TOKEN_AUDIENCE: {{ include "kargo.api.baseHost" . | quote }} ADMIN_ACCOUNT_TOKEN_TTL: {{ quote .Values.api.adminAccount.tokenTTL }} {{- end }} {{- if .Values.api.oidc.enabled }} @@ -41,8 +41,8 @@ data: {{- end }} {{- if .Values.api.oidc.dex.enabled }} OIDC_ISSUER_URL: {{ include "kargo.api.baseURL" . }}/dex - OIDC_CLIENT_ID: {{ quote .Values.api.host }} - OIDC_CLI_CLIENT_ID: {{ .Values.api.host }}-cli + OIDC_CLIENT_ID: {{ include "kargo.api.baseHost" . | quote }} + OIDC_CLI_CLIENT_ID: {{ include "kargo.api.baseHost" . }}-cli DEX_ENABLED: "true" DEX_SERVER_ADDRESS: https://kargo-dex-server.{{ .Release.Namespace }}.svc DEX_CA_CERT_PATH: /etc/kargo/idp-ca.crt @@ -57,7 +57,7 @@ data: {{- end }} {{- if .Values.api.argocd.urls }} ARGOCD_NAMESPACE: {{ .Values.controller.argocd.namespace | default "argocd" }} - ARGOCD_URLS: {{ range $key, $val := .Values.api.argocd.urls }}{{ $key }}={{ $val }},{{- end }} + ARGOCD_URLS: {{ range $key, $val := .Values.api.argocd.urls }}{{ $key }}={{ tpl $val $ }},{{- end }} {{- end }} ROLLOUTS_INTEGRATION_ENABLED: {{ quote .Values.api.rollouts.integrationEnabled }} {{- if and .Values.api.rollouts.integrationEnabled .Values.api.rollouts.logs.enabled }} diff --git a/charts/kargo/templates/api/ingress-cert.yaml b/charts/kargo/templates/api/ingress-cert.yaml index b074059b50..49fba8dbda 100644 --- a/charts/kargo/templates/api/ingress-cert.yaml +++ b/charts/kargo/templates/api/ingress-cert.yaml @@ -9,7 +9,7 @@ metadata: {{- include "kargo.api.labels" . | nindent 4 }} spec: dnsNames: - - {{ quote .Values.api.host }} + - {{ include "kargo.api.baseHost" . | quote }} issuerRef: kind: Issuer name: kargo-selfsigned-cert-issuer diff --git a/charts/kargo/templates/api/ingress.yaml b/charts/kargo/templates/api/ingress.yaml index efe0d7eb8b..2573f797c1 100644 --- a/charts/kargo/templates/api/ingress.yaml +++ b/charts/kargo/templates/api/ingress.yaml @@ -18,7 +18,7 @@ spec: ingressClassName: {{ .Values.api.ingress.ingressClassName }} {{- end }} rules: - - host: {{ quote .Values.api.host }} + - host: {{ include "kargo.api.baseHost" . | quote }} http: paths: - pathType: {{ .Values.api.ingress.pathType | default "ImplementationSpecific" }} @@ -48,7 +48,7 @@ spec: {{- if .Values.api.ingress.tls.enabled }} tls: - hosts: - - {{ quote .Values.api.host }} + - {{ include "kargo.api.baseHost" . | quote }} secretName: {{ .Values.api.ingress.tls.secretName }} {{- end }} {{- end }} diff --git a/charts/kargo/templates/dex-server/secret.yaml b/charts/kargo/templates/dex-server/secret.yaml index fbeb8a9570..bd6d667a9c 100644 --- a/charts/kargo/templates/dex-server/secret.yaml +++ b/charts/kargo/templates/dex-server/secret.yaml @@ -26,17 +26,17 @@ stringData: skipApprovalScreen: {{ .Values.api.oidc.dex.skipApprovalScreen | default "true" }} staticClients: - - id: {{ quote .Values.api.host }} + - id: {{ include "kargo.api.baseHost" . | quote }} name: Kargo public: true - {{- if not (hasPrefix "localhost:" .Values.api.host) }} + {{- if not (hasPrefix "localhost:" (include "kargo.api.baseHost" .)) }} redirectURIs: - {{ include "kargo.api.baseURL" . }}/login {{- end }} - - id: {{ .Values.api.host }}-cli + - id: {{ include "kargo.api.baseHost" . }}-cli name: Kargo CLI public: true connectors: - {{- toYaml .Values.api.oidc.dex.connectors | nindent 4 }} + {{- tpl (toYaml .Values.api.oidc.dex.connectors) . | nindent 4 }} {{- end }} diff --git a/charts/kargo/templates/external-webhooks-server/cert.yaml b/charts/kargo/templates/external-webhooks-server/cert.yaml index d0cb39c92c..99fa229e16 100644 --- a/charts/kargo/templates/external-webhooks-server/cert.yaml +++ b/charts/kargo/templates/external-webhooks-server/cert.yaml @@ -9,7 +9,7 @@ metadata: {{- include "kargo.externalWebhooksServer.labels" . | nindent 4 }} spec: dnsNames: - - {{ quote .Values.externalWebhooksServer.host }} + - {{ include "kargo.externalWebhooksServer.baseHost" . | quote }} issuerRef: kind: Issuer name: kargo-selfsigned-cert-issuer diff --git a/charts/kargo/templates/external-webhooks-server/ingress-cert.yaml b/charts/kargo/templates/external-webhooks-server/ingress-cert.yaml index ee0dd6e1e5..7b0ac1aa6a 100644 --- a/charts/kargo/templates/external-webhooks-server/ingress-cert.yaml +++ b/charts/kargo/templates/external-webhooks-server/ingress-cert.yaml @@ -9,7 +9,7 @@ metadata: {{- include "kargo.externalWebhooksServer.labels" . | nindent 4 }} spec: dnsNames: - - {{ quote .Values.externalWebhooksServer.host }} + - {{ include "kargo.externalWebhooksServer.baseHost" . | quote }} issuerRef: kind: Issuer name: kargo-selfsigned-cert-issuer diff --git a/charts/kargo/templates/external-webhooks-server/ingress.yaml b/charts/kargo/templates/external-webhooks-server/ingress.yaml index 5f3e63cd36..728b4950b3 100644 --- a/charts/kargo/templates/external-webhooks-server/ingress.yaml +++ b/charts/kargo/templates/external-webhooks-server/ingress.yaml @@ -18,7 +18,7 @@ spec: ingressClassName: {{ .Values.externalWebhooksServer.ingress.ingressClassName }} {{- end }} rules: - - host: {{ quote .Values.externalWebhooksServer.host }} + - host: {{ include "kargo.externalWebhooksServer.baseHost" . | quote }} http: paths: - pathType: {{ .Values.externalWebhooksServer.ingress.pathType | default "ImplementationSpecific" }} @@ -35,7 +35,7 @@ spec: {{- if .Values.externalWebhooksServer.ingress.tls.enabled }} tls: - hosts: - - {{ quote .Values.externalWebhooksServer.host }} + - {{ include "kargo.externalWebhooksServer.baseHost" . | quote }} secretName: {{ .Values.externalWebhooksServer.ingress.tls.secretName }} {{- end }} {{- end }}