diff --git a/cmd/root.go b/cmd/root.go index 7df615a2..470f675b 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -59,10 +59,11 @@ func init() { stringFlag(flags, "argocd-api-server-addr", "ArgoCD API Server Address.", newStringOpts(). withDefault("argocd-server")) - boolFlag(flags, "argocd-api-insecure", "Enable to use insecure connections to the ArgoCD API server.") + boolFlag(flags, "argocd-api-insecure", "Enable to use insecure connections over TLS to the ArgoCD API server.") stringFlag(flags, "argocd-api-namespace", "ArgoCD namespace where the application watcher will read Custom Resource Definitions (CRD) for Application and ApplicationSet resources.", newStringOpts(). withDefault("argocd")) + boolFlag(flags, "argocd-api-plaintext", "Enable to use plaintext connections without TLS.") stringFlag(flags, "kubernetes-type", "Kubernetes Type One of eks, or local. Defaults to local.", newStringOpts(). withChoices("eks", "local"). diff --git a/docs/usage.md b/docs/usage.md index 67fe107a..18dae861 100644 --- a/docs/usage.md +++ b/docs/usage.md @@ -36,8 +36,9 @@ The full list of supported environment variables is described below: |Env Var|Description|Default Value| |-----------|-------------|------| -|`KUBECHECKS_ARGOCD_API_INSECURE`|Enable to use insecure connections to the ArgoCD API server.|`false`| +|`KUBECHECKS_ARGOCD_API_INSECURE`|Enable to use insecure connections over TLS to the ArgoCD API server.|`false`| |`KUBECHECKS_ARGOCD_API_NAMESPACE`|ArgoCD namespace where the application watcher will read Custom Resource Definitions (CRD) for Application and ApplicationSet resources.|`argocd`| +|`KUBECHECKS_ARGOCD_API_PLAINTEXT`|Enable to use plaintext connections without TLS.|`false`| |`KUBECHECKS_ARGOCD_API_SERVER_ADDR`|ArgoCD API Server Address.|`argocd-server`| |`KUBECHECKS_ARGOCD_API_TOKEN`|ArgoCD API token.|| |`KUBECHECKS_ENABLE_CONFTEST`|Set to true to enable conftest policy checking of manifests.|`false`| diff --git a/pkg/argo_client/client.go b/pkg/argo_client/client.go index b690dcbf..ac3af7c9 100644 --- a/pkg/argo_client/client.go +++ b/pkg/argo_client/client.go @@ -27,6 +27,7 @@ func NewArgoClient(cfg config.ServerConfig) (*ArgoClient, error) { AuthToken: cfg.ArgoCDToken, GRPCWebRootPath: cfg.ArgoCDPathPrefix, Insecure: cfg.ArgoCDInsecure, + PlainText: cfg.ArgoCDPlainText, } log.Info(). diff --git a/pkg/config/config.go b/pkg/config/config.go index 846419af..8aa7549a 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -22,6 +22,7 @@ type ServerConfig struct { ArgoCDPathPrefix string `mapstructure:"argocd-api-path-prefix"` ArgoCDInsecure bool `mapstructure:"argocd-api-insecure"` ArgoCDNamespace string `mapstructure:"argocd-api-namespace"` + ArgoCDPlainText bool `mapstructure:"argocd-api-plaintext"` KubernetesConfig string `mapstructure:"kubernetes-config"` KubernetesType string `mapstructure:"kubernetes-type"` KubernetesClusterID string `mapstructure:"kubernetes-clusterid"` diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go index 88122fa1..2227f484 100644 --- a/pkg/config/config_test.go +++ b/pkg/config/config_test.go @@ -16,6 +16,7 @@ func TestNew(t *testing.T) { v := viper.New() v.Set("log-level", "info") v.Set("argocd-api-insecure", "true") + v.Set("argocd-api-plaintext", "true") v.Set("worst-conftest-state", "warning") v.Set("repo-refresh-interval", "10m") @@ -23,6 +24,7 @@ func TestNew(t *testing.T) { require.NoError(t, err) assert.Equal(t, zerolog.InfoLevel, cfg.LogLevel) assert.Equal(t, true, cfg.ArgoCDInsecure) + assert.Equal(t, true, cfg.ArgoCDPlainText) assert.Equal(t, pkg.StateWarning, cfg.WorstConfTestState, "worst states can be overridden") assert.Equal(t, time.Minute*10, cfg.RepoRefreshInterval) }