From ef30dc0d09df4865fbbbc61bbe51936aadefa02e Mon Sep 17 00:00:00 2001
From: Ashesh Vidyut <134911583+absolutelightning@users.noreply.github.com>
Date: Thu, 31 Aug 2023 08:10:45 +0530
Subject: [PATCH] Net 5229 create dedicated argocd stanza (#2785)

* enable argocd

* adds bats test and setting argo annotations if global.argocd.enabled = true

* update comment

* added change log

* Update charts/consul/templates/gateway-cleanup-job.yaml

Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>

* comments fixes

* fix line diff

* change log fix

* fix comment

* Update .changelog/2785.txt

Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>

---------

Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
---
 .changelog/2785.txt                           |  3 ++
 .../consul/templates/server-acl-init-job.yaml |  4 +++
 .../consul/test/unit/server-acl-init-job.bats | 36 +++++++++++++++++++
 charts/consul/values.yaml                     |  8 +++++
 4 files changed, 51 insertions(+)
 create mode 100644 .changelog/2785.txt

diff --git a/.changelog/2785.txt b/.changelog/2785.txt
new file mode 100644
index 0000000000..02a7b3748e
--- /dev/null
+++ b/.changelog/2785.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+Add new value `global.argocd.enabled`. Set this to `true` when using ArgoCD to deploy this chart.
+```
\ No newline at end of file
diff --git a/charts/consul/templates/server-acl-init-job.yaml b/charts/consul/templates/server-acl-init-job.yaml
index e8a06cf7aa..a72d12f80d 100644
--- a/charts/consul/templates/server-acl-init-job.yaml
+++ b/charts/consul/templates/server-acl-init-job.yaml
@@ -49,6 +49,10 @@ spec:
         {{- if .Values.global.acls.annotations }}
           {{- tpl .Values.global.acls.annotations . | nindent 8 }}
         {{- end }}
+        {{- if .Values.global.argocd.enabled }}
+        "argocd.argoproj.io/hook": "Sync"
+        "argocd.argoproj.io/hook-delete-policy": "HookSucceeded"
+        {{- end }}
         {{- if .Values.global.secretsBackend.vault.enabled }}
 
         {{- /* Run the Vault agent as both an init container and sidecar.
diff --git a/charts/consul/test/unit/server-acl-init-job.bats b/charts/consul/test/unit/server-acl-init-job.bats
index 1dc55a9551..81022a8e4c 100644
--- a/charts/consul/test/unit/server-acl-init-job.bats
+++ b/charts/consul/test/unit/server-acl-init-job.bats
@@ -2296,3 +2296,39 @@ load _helpers
       yq -r '.spec.template.metadata.annotations.foo' | tee /dev/stderr)
   [ "${actual}" = "bar" ]
 }
+
+@test "serverACLInit/Job: argocd annotations are set if global.argocd.enabled is true" {
+  cd `chart_dir`
+  local actual=$(helm template \
+     -s templates/server-acl-init-job.yaml \
+     --set 'global.acls.manageSystemACLs=true' \
+     --set 'global.argocd.enabled=true' \
+     . | tee /dev/stderr |
+     yq -r '.spec.template.metadata.annotations["argocd.argoproj.io/hook"]' | tee /dev/stderr)
+  [ "${actual}" = "Sync" ]
+  local actual=$(helm template \
+     -s templates/server-acl-init-job.yaml \
+     --set 'global.acls.manageSystemACLs=true' \
+     --set 'global.argocd.enabled=true' \
+     . | tee /dev/stderr |
+     yq -r '.spec.template.metadata.annotations["argocd.argoproj.io/hook-delete-policy"]' | tee /dev/stderr)
+  [ "${actual}" = "HookSucceeded" ]
+}
+
+@test "serverACLInit/Job: argocd annotations are not set if global.argocd.enabled is false" {
+  cd `chart_dir`
+  local actual=$(helm template \
+     -s templates/server-acl-init-job.yaml \
+     --set 'global.acls.manageSystemACLs=true' \
+     --set 'global.argocd.enabled=false' \
+     . | tee /dev/stderr |
+     yq -r '.spec.template.metadata.annotations["argocd.argoproj.io/hook"]' | tee /dev/stderr)
+  [ "${actual}" = null ]
+  local actual=$(helm template \
+     -s templates/server-acl-init-job.yaml \
+     --set 'global.acls.manageSystemACLs=true' \
+     --set 'global.argocd.enabled=false' \
+     . | tee /dev/stderr |
+     yq -r '.spec.template.metadata.annotations["argocd.argoproj.io/hook-delete-policy"]' | tee /dev/stderr)
+  [ "${actual}" = null ]
+}
diff --git a/charts/consul/values.yaml b/charts/consul/values.yaml
index 6f98d05d35..38e7989744 100644
--- a/charts/consul/values.yaml
+++ b/charts/consul/values.yaml
@@ -524,6 +524,14 @@ global:
     # @type: string
     annotations: null
 
+  # If argocd.enabled is set to true, following annotations are added to
+  # job - server-acl-init-job
+  # annotations -
+  #   argocd.argoproj.io/hook: Sync
+  #   argocd.argoproj.io/hook-delete-policy: HookSucceeded
+  argocd:
+    enabled: false
+
   # [Enterprise Only] This value refers to a Kubernetes or Vault secret that you have created
   # that contains your enterprise license. It is required if you are using an
   # enterprise binary. Defining it here applies it to your cluster once a leader