added insecure option to repo-bootstrap, removed namespaced installat…

…ion (#145)

* added insecure option to repo-bootstrap, removed namespaced installation

* codegen

Makefile

@@ -5,11 +5,11 @@ CLI_NAME?=argocd-autopilot
 IMAGE_REPOSITORY?=quay.io
 IMAGE_NAMESPACE?=argoprojlabs
 
-INSTALLATION_MANIFESTS_URL="github.com/argoproj-labs/argocd-autopilot/manifests?ref=$(VERSION)"
-INSTALLATION_MANIFESTS_NAMESPACED_URL="github.com/argoproj-labs/argocd-autopilot/manifests/namespace-install?ref=$(VERSION)"
+INSTALLATION_MANIFESTS_URL="github.com/argoproj-labs/argocd-autopilot/manifests/base?ref=$(VERSION)"
+INSTALLATION_MANIFESTS_INSECURE_URL="github.com/argoproj-labs/argocd-autopilot/manifests/insecure?ref=$(VERSION)"
 
-DEV_INSTALLATION_MANIFESTS_URL="manifests/"
-DEV_INSTALLATION_MANIFESTS_NAMESPACED_URL="manifests/namespace-install"
+DEV_INSTALLATION_MANIFESTS_URL="manifests/base"
+DEV_INSTALLATION_MANIFESTS_INSECURE_URL="manifests/insecure"
 
 CLI_SRCS := $(shell find . -name '*.go')
 

cmd/commands/repo.go

@@ -50,9 +50,9 @@ type (
 		InstallationMode string
 		Namespace        string
 		KubeConfig       string
-		Namespaced       bool
 		DryRun           bool
 		HidePassword     bool
+		Insecure         bool
 		Timeout          time.Duration
 		KubeFactory      kube.Factory
 		CloneOptions     *git.CloneOptions
@@ -97,9 +97,9 @@ func NewRepoCommand() *cobra.Command {
 func NewRepoBootstrapCommand() *cobra.Command {
 	var (
 		appSpecifier     string
-		namespaced       bool
 		dryRun           bool
 		hidePassword     bool
+		insecure         bool
 		installationMode string
 		cloneOpts        *git.CloneOptions
 		f                kube.Factory
@@ -135,9 +135,9 @@ func NewRepoBootstrapCommand() *cobra.Command {
 				InstallationMode: installationMode,
 				Namespace:        cmd.Flag("namespace").Value.String(),
 				KubeConfig:       cmd.Flag("kubeconfig").Value.String(),
-				Namespaced:       namespaced,
 				DryRun:           dryRun,
 				HidePassword:     hidePassword,
+				Insecure:         insecure,
 				Timeout:          util.MustParseDuration(cmd.Flag("request-timeout").Value.String()),
 				KubeFactory:      f,
 				CloneOptions:     cloneOpts,
@@ -146,9 +146,9 @@ func NewRepoBootstrapCommand() *cobra.Command {
 	}
 
 	cmd.Flags().StringVar(&appSpecifier, "app", "", "The application specifier (e.g. github.com/argoproj-labs/argocd-autopilot/manifests?ref=v0.2.5), overrides the default installation argo-cd manifests")
-	cmd.Flags().BoolVar(&namespaced, "namespaced", false, "If true, install a namespaced version of argo-cd (no need for cluster-role)")
 	cmd.Flags().BoolVar(&dryRun, "dry-run", false, "If true, print manifests instead of applying them to the cluster (nothing will be commited to git)")
 	cmd.Flags().BoolVar(&hidePassword, "hide-password", false, "If true, will not print initial argo cd password")
+	cmd.Flags().BoolVar(&insecure, "insecure", false, "Run Argo-CD server without TLS")
 	cmd.Flags().StringVar(&installationMode, "installation-mode", "normal", "One of: normal|flat. "+
 		"If flat, will commit the bootstrap manifests, otherwise will commit the bootstrap kustomization.yaml")
 
@@ -270,6 +270,7 @@ func RunRepoBootstrap(ctx context.Context, opts *RepoBootstrapOptions) error {
 		Username:   "admin",
 		Password:   passwd,
 		KubeConfig: opts.KubeConfig,
+		Insecure:   opts.Insecure,
 	})
 	if err != nil {
 		return err
@@ -407,7 +408,11 @@ func setBootstrapOptsDefaults(opts RepoBootstrapOptions) (*RepoBootstrapOptions,
 	}
 
 	if opts.AppSpecifier == "" {
-		opts.AppSpecifier = getBootstrapAppSpecifier(opts.Namespaced)
+		opts.AppSpecifier = getBootstrapAppSpecifier(opts.Insecure)
+	} else {
+		if opts.Insecure {
+			return nil, fmt.Errorf("cannot use flag '--insecure' in combination with '--app' flag")
+		}
 	}
 
 	if _, err := os.Stat(opts.AppSpecifier); err == nil {
@@ -478,9 +483,9 @@ func getInitialPassword(ctx context.Context, f kube.Factory, namespace string) (
 	return string(passwd), nil
 }
 
-func getBootstrapAppSpecifier(namespaced bool) string {
-	if namespaced {
-		return store.Get().InstallationManifestsNamespacedURL
+func getBootstrapAppSpecifier(insecure bool) string {
+	if insecure {
+		return store.Get().InstallationManifestsInsecureURL
 	}
 
 	return store.Get().InstallationManifestsURL

cmd/commands/repo_test.go

@@ -50,8 +50,8 @@ func Test_setBootstrapOptsDefaults(t *testing.T) {
 			assertFn: func(t *testing.T, opts *RepoBootstrapOptions, ret error) {
 				assert.NoError(t, ret)
 				assert.Equal(t, "argocd", opts.Namespace)
-				assert.Equal(t, false, opts.Namespaced)
-				assert.Equal(t, "manifests", opts.AppSpecifier)
+				assert.Equal(t, false, opts.Insecure)
+				assert.Equal(t, "manifests/base", opts.AppSpecifier)
 			},
 		},
 		"With App specifier": {
@@ -62,24 +62,36 @@ func Test_setBootstrapOptsDefaults(t *testing.T) {
 			assertFn: func(t *testing.T, opts *RepoBootstrapOptions, ret error) {
 				assert.NoError(t, ret)
 				assert.Equal(t, "argocd", opts.Namespace)
-				assert.Equal(t, false, opts.Namespaced)
+				assert.Equal(t, false, opts.Insecure)
 				assert.Equal(t, installationModeNormal, opts.InstallationMode)
 				assert.Equal(t, "https://github.com/foo/bar", opts.AppSpecifier)
 			},
 		},
-		"Namespaced": {
+		"Insecure": {
 			opts: &RepoBootstrapOptions{
 				CloneOptions:     &git.CloneOptions{},
 				InstallationMode: installationModeFlat,
-				Namespaced:       true,
+				Insecure:         true,
 				Namespace:        "bar",
 			},
 			assertFn: func(t *testing.T, opts *RepoBootstrapOptions, ret error) {
 				assert.NoError(t, ret)
 				assert.Equal(t, "bar", opts.Namespace)
-				assert.Equal(t, true, opts.Namespaced)
+				assert.Equal(t, true, opts.Insecure)
 				assert.Equal(t, installationModeFlat, opts.InstallationMode)
-				assert.Equal(t, "manifests/namespace-install", opts.AppSpecifier)
+				assert.Equal(t, "manifests/insecure", opts.AppSpecifier)
+			},
+		},
+		"InsecureWithAppSpecifier": {
+			opts: &RepoBootstrapOptions{
+				CloneOptions:     &git.CloneOptions{},
+				InstallationMode: installationModeFlat,
+				Insecure:         true,
+				Namespace:        "bar",
+				AppSpecifier:     "https://github.com/foo/bar",
+			},
+			assertFn: func(t *testing.T, opts *RepoBootstrapOptions, ret error) {
+				assert.EqualError(t, ret, "cannot use flag '--insecure' in combination with '--app' flag")
 			},
 		},
 	}

docs/commands/argocd-autopilot_project_create.md

@@ -29,12 +29,21 @@ argocd-autopilot project create [PROJECT] [flags]
 ### Options
 
 ```
+      --as string                          Username to impersonate for the operation
+      --as-group stringArray               Group to impersonate for the operation, this flag can be repeated to specify multiple groups.
       --auth-token string                  Authentication token
       --aws-cluster-name string            AWS Cluster name if set then aws cli eks token command will be used to access cluster
       --aws-role-arn string                Optional AWS role arn. If set then AWS IAM Authenticator assumes a role to perform cluster operations instead of the default AWS credential provider chain.
+      --certificate-authority string       Path to a cert file for the certificate authority
+      --client-certificate string          Path to a client certificate file for TLS
       --client-crt string                  Client certificate file
       --client-crt-key string              Client certificate key file
+      --client-key string                  Path to a client key file for TLS
+      --cluster string                     The name of the kubeconfig cluster to use
+      --cluster-resources                  Indicates if cluster level resources should be managed. The setting is used only if list of managed namespaces is not empty.
       --config string                      Path to Argo CD config (default "/home/user/.argocd/config")
+      --context string                     The name of the kubeconfig context to use
+      --core                               If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server
       --dest-kube-context string           The default destination kubernetes context for applications in this project
       --dry-run                            If true, print manifests instead of applying them to the cluster (nothing will be commited to git)
       --exec-command string                Command to run to provide client credentials to the cluster. You may need to build a custom ArgoCD image to ensure the command is available at runtime.
@@ -46,18 +55,27 @@ argocd-autopilot project create [PROJECT] [flags]
       --grpc-web-root-path string          Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root.
   -H, --header strings                     Sets additional header to all requests made by Argo CD CLI. (Can be repeated multiple times to add multiple headers, also supports comma separated headers)
   -h, --help                               help for create
+      --http-retry-max int                 Maximum number of retries to establish http connection to Argo CD server
       --in-cluster                         Indicates Argo CD resides inside this cluster and should connect using the internal k8s hostname (kubernetes.default.svc)
       --insecure                           Skip server certificate and domain verification
+      --insecure-skip-tls-verify           If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
       --name string                        Overwrite the cluster name
+      --password string                    Password for basic authentication to the API server
       --plaintext                          Disable TLS
       --port-forward                       Connect to a random argocd-server port using port forwarding
       --port-forward-namespace string      Namespace name which should be used for port forwarding
-      --server string                      Argo CD server address
+      --request-timeout string             The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+      --server string                      The address and port of the Kubernetes API server
       --server-crt string                  Server certificate file
       --service-account string             System namespace service account to use for kubernetes resource management. If not set then default "argocd-manager" SA will be created
       --shard int                          Cluster shard number; inferred from hostname if not set (default -1)
       --system-namespace string            Use different system namespace (default "kube-system")
+      --tls-server-name string             If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used.
+      --token string                       Bearer token for authentication to the API server
       --upsert                             Override an existing cluster with the same name even if the spec differs
+      --user string                        The name of the kubeconfig user to use
+      --username string                    Username for basic authentication to the API server
+  -y, --yes                                Skip explicit confirmation
 ```
 
 ### Options inherited from parent commands

docs/commands/argocd-autopilot_repo_bootstrap.md

@@ -39,10 +39,10 @@ argocd-autopilot repo bootstrap [flags]
   -t, --git-token string           Your git provider api token [GIT_TOKEN]
   -h, --help                       help for bootstrap
       --hide-password              If true, will not print initial argo cd password
+      --insecure                   Run Argo-CD server without TLS
       --installation-mode string   One of: normal|flat. If flat, will commit the bootstrap manifests, otherwise will commit the bootstrap kustomization.yaml (default "normal")
       --kubeconfig string          Path to the kubeconfig file to use for CLI requests.
   -n, --namespace string           If present, the namespace scope for this CLI request
-      --namespaced                 If true, install a namespaced version of argo-cd (no need for cluster-role)
       --provider string            The git provider, one of: gitea|github
       --repo string                Repository URL [GIT_REPO]
       --request-timeout string     The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")

go.mod

@@ -6,8 +6,8 @@ require (
 	code.gitea.io/sdk/gitea v0.14.1
 	github.com/argoproj-labs/applicationset v0.1.0
 	github.com/argoproj/argo-cd v1.8.7
-	github.com/argoproj/argo-cd/v2 v2.0.3
-	github.com/argoproj/gitops-engine v0.3.3
+	github.com/argoproj/argo-cd/v2 v2.1.0-rc1
+	github.com/argoproj/gitops-engine v0.3.1-0.20210709004906-a4c77d5c70fb
 	github.com/briandowns/spinner v1.13.0
 	github.com/ghodss/yaml v1.0.0
 	github.com/go-git/go-billy/v5 v5.3.1
@@ -19,6 +19,7 @@ require (
 	github.com/spf13/pflag v1.0.5
 	github.com/spf13/viper v1.7.1
 	github.com/stretchr/testify v1.7.0
+	google.golang.org/grpc/examples v0.0.0-20210730002332-ea9b7a0a7651 // indirect
 	k8s.io/api v0.21.1
 	k8s.io/apimachinery v0.21.1
 	k8s.io/cli-runtime v0.21.1