remove template and added additional helm private repo config

TERRAFORM.md

@@ -12,7 +12,6 @@
 | helm | n/a |
 | kubernetes | >= 1.13.3 |
 | random | n/a |
-| template | n/a |
 | tls | n/a |
 
 ## Modules
@@ -29,7 +28,6 @@ No Modules.
 | [kubernetes_namespace](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) |
 | [kubernetes_secret](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/secret) |
 | [random_password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) |
-| [template_file](https://registry.terraform.io/providers/hashicorp/template/latest/docs/data-sources/file) |
 | [tls_private_key](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key) |
 | [tls_self_signed_cert](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/self_signed_cert) |
 
@@ -46,6 +44,7 @@ No Modules.
 | argocd\_git\_ssh\_auto\_generate\_keys | A flag to auto generate keys for git SSH | `bool` | `true` | no |
 | argocd\_git\_ssh\_private\_key | The keys config for argocd git repo | `string` | `""` | no |
 | argocd\_image\_tag | The image tag for the ArgoCD image | `string` | `"v2.0.4"` | no |
+| argocd\_private\_helm\_repositories | Private helm repositories to be added. The secret needs to have 'username' and 'password' | <pre>list(object({<br>    name : string<br>    url : string<br>    secret_name : string<br>  }))</pre> | `[]` | no |
 | namespace | The namespace name that will be created for argo and sealed secret | `string` | `"argo-system"` | no |
 | namespace\_labels | labels to be added to the namespace | `map(string)` | `{}` | no |
 | remote\_clusters | A list of remote clusters that will be managed by ArgoCD | <pre>list(object({<br>    name : string<br>    namespaces : list(string)<br>    host : string<br>    caData : string<br>    token : string<br>  }))</pre> | `[]` | no |

argo.tf

@@ -31,6 +31,38 @@ locals {
     yamlencode(local.cluster_credentials),
     yamlencode(local.argocd_config)
   ], var.argocd_chart_value_files)
+
+  main_git_repo = var.argocd_git_repo_url != "" ? [{
+    type = "git"
+    url  = var.argocd_git_repo_url
+    sshPrivateKeySecret = {
+      name = kubernetes_secret.git.0.metadata.0.name
+      key  = local.gitSSHSecretKey
+    }
+  }] : []
+
+  additional_repositories = [
+    for r in var.argocd_private_helm_repositories : {
+      type = "helm"
+      name = r.name
+      url  = r.url
+      usernameSecret = {
+        name = r.secret_name
+        key  = "username"
+      }
+      passwordSecret = {
+        name = r.secret_name
+        key  = "password"
+      }
+    }
+  ]
+
+  repositories_config = <<cfg
+server:
+  config:
+    repositories: |
+      ${indent(6, yamlencode(concat(local.main_git_repo, local.additional_repositories)))}
+  cfg
 }
 
 data "aws_eks_cluster" "creds" {
@@ -45,17 +77,6 @@ data "aws_eks_cluster_auth" "creds" {
   name = each.key
 }
 
-data "template_file" "git" {
-  count = var.argocd_git_repo_url != "" ? 1 : 0
-
-  template = file("${path.module}/templates/git-config.tmpl")
-  vars = {
-    GIT_URL     = var.argocd_git_repo_url
-    SECRET_NAME = kubernetes_secret.git.0.metadata.0.name
-    SECRET_KEY  = local.gitSSHSecretKey
-  }
-}
-
 resource "tls_private_key" "git" {
   count = var.argocd_git_ssh_auto_generate_keys ? 1 : 0
 
@@ -87,7 +108,7 @@ resource "helm_release" "argo" {
   chart      = "argo-cd"
   version    = var.argocd_chart_version
 
-  values = concat(var.argocd_git_repo_url != "" ? [data.template_file.git.0.rendered] : [], local.valueFiles)
+  values = concat([local.repositories_config], local.valueFiles)
 
   set {
     name  = "global.image.tag"

examples/private-helm-repos/main.tf

@@ -0,0 +1,46 @@
+provider "helm" {
+  kubernetes {
+    config_path    = "~/.kube/config"
+    config_context = "minikube"
+  }
+}
+
+provider "kubernetes" {
+  config_path    = "~/.kube/config"
+  config_context = "minikube"
+}
+
+resource "kubernetes_secret" "helm_credentials" {
+  metadata {
+    name      = "repo-private-test"
+    namespace = "argo-system"
+    labels = {
+      "argocd.argoproj.io/secret-type" = "repository"
+    }
+  }
+
+  data = {
+    username = "username-123"
+    password = "password!@#51"
+  }
+
+  type = "Opaque"
+}
+
+module "argocd-bootstrap" {
+  # source = "kube-champ/argocd-bootstrap/k8s"
+  source = "../../"
+
+  remote_clusters = []
+
+  argocd_additional_applications = []
+  argocd_additional_projects     = []
+
+  argocd_git_repo_url = "git@github.com:reynencourt/vendor-pipeline-argocd.git"
+
+  argocd_private_helm_repositories = [{
+    name = "test-private-repo"
+    url = "https://chart-repo.domain.com/helm-charts"
+    secret_name = kubernetes_secret.helm_credentials.metadata.0.name
+  }]
+}

examples/private-helm-repos/output.tf

@@ -0,0 +1,8 @@
+output "argocd_git_public_key" {
+  value = module.argocd-bootstrap.argocd_git_public_key
+}
+
+output "argocd_password" {
+  sensitive = true
+  value     = module.argocd-bootstrap.argocd_generated_admin_password
+}

variables.tf

@@ -60,6 +60,17 @@ variable "argocd_additional_projects" {
   default = []
 }
 
+variable "argocd_private_helm_repositories" {
+  description = "Private helm repositories to be added. The secret needs to have 'username' and 'password'"
+  type = list(object({
+    name : string
+    url : string
+    secret_name : string
+  }))
+
+  default = []
+}
+
 variable "argocd_chart_value_files" {
   description = "A list of values.yaml files to be added to the argo installation."
   type        = list(string)