fix: update oceanbox repo in init.sh

argocd/kustomize-helm-with-rewrite/.gitignore

@@ -0,0 +1,2 @@
+argo-repo-server.yaml
+values.yaml

argocd/kustomize-helm-with-rewrite/Dockerfile

@@ -0,0 +1,7 @@
+FROM alpine/k8s:1.28.9
+
+RUN mkdir -p /home/argocd/cmp-server/config/
+COPY plugin.yaml /home/argocd/cmp-server/config/
+
+WORKDIR /plugin
+COPY init-helm-repos.sh init.sh get-values.sh generate.sh ./

argocd/kustomize-helm-with-rewrite/deploy.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+img=registry.gitlab.com/oceanbox/manifests/kustomize-helm-with-rewrite
+tag=${1:-latest}
+
+docker build -t $img:$tag .
+docker push $img:$tag

argocd/kustomize-helm-with-rewrite/generate.sh

@@ -0,0 +1,35 @@
+#!/bin/sh
+
+export HOME=/helm-working-dir
+
+env > /tmp/$ARGOCD_APP_NAME.env
+
+echo "$ARGOCD_APP_PARAMETERS" | jq '.[] | select(.name == "helm-parameters") | .map' | yq -P -oy > parameters.yaml
+cp parameters.yaml /tmp/$ARGOCD_APP_NAME-parameters.yaml
+
+if [ -n "$PARAM_CHART" -a "$PARAM_CHART" != "." ]; then
+    CHART=$PARAM_CHART
+elif [ -d chart ]; then
+    CHART=chart
+elif [ -f chart ]; then
+    CHART=$(cat chart)
+else
+    CHART="."
+fi
+
+[ -f chart/values.yaml ] && VALUES="-f chart/values.yaml"
+[ -f values-chart.yaml ] && VALUES="$VALUES -f values-chart.yaml"
+[ -f values.yaml ] && VALUES="$VALUES -f values.yaml"
+[ -f values-$PARAM_ENV.yaml ] && VALUES="$VALUES -f values-$PARAM_ENV.yaml"
+VALUES="$VALUES -f parameters.yaml"
+
+mkdir -p base
+echo "helm template -n $ARGOCD_APP_NAMESPACE $PARAM_FLAGS $VALUES $ARGOCD_APP_NAME $CHART" > /tmp/$ARGOCD_APP_NAME-helm.sh
+helm template -n $ARGOCD_APP_NAMESPACE $PARAM_FLAGS $VALUES $ARGOCD_APP_NAME $CHART > ./base/_manifest.yaml
+
+sed -i "$PARAM_REWRITE" ./base/_manifest.yaml
+cp ./base/_manifest.yaml /tmp/$ARGOCD_APP_NAME-manifest.yaml
+
+[ -d "$PARAM_ENV" ] && kubectl kustomize $PARAM_ENV > /tmp/$ARGOCD_APP_NAME-manifest.yaml
+
+cat /tmp/$ARGOCD_APP_NAME-manifest.yaml

argocd/kustomize-helm-with-rewrite/get-values.sh

@@ -0,0 +1,28 @@
+#!/bin/sh
+
+if [ -f values.yaml ]; then
+    VALUES="values.yaml"
+elif [ -f values-chart.yaml ]; then
+    VALUES="values-chart.yaml"
+elif [ -f chart/values.yaml ]; then
+    VALUES="chart/values.yaml"
+else
+    cat << EOF
+[{
+    "name": "helm-parameters",
+    "title": "Helm Parameters",
+    "collectionType": "map",
+    "map": { "replicaCount": "1" }
+}]
+EOF
+    exit 0
+fi
+
+yq e -o=p $VALUES | jq --slurp --raw-input '
+  [{
+    name: "helm-parameters",
+    title: "Helm Parameters",
+    collectionType: "map",
+    map: split("\n") | map(capture("(?<key>.*) = (?<value>.*)")) | from_entries
+  }]'
+

argocd/kustomize-helm-with-rewrite/init-helm-repos.sh

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+export HOME=/helm-working-dir
+
+helm repo add --username argocd-helm --password "$OCEANBOX_HELM_ACCESS_TOKEN" oceanbox \
+    https://gitlab.com/api/v4/projects/54396343/packages/helm/stable
+
+helm repo add bitnami https://charts.bitnami.com/bitnami
+helm repo add cerbos https://download.cerbos.dev/helm-charts
+helm repo add dapr https://dapr.github.io/helm-charts/
+helm repo add ncsa https://opensource.ncsa.illinois.edu/charts
+helm repo add dex https://charts.dexidp.io
+
+helm repo update

argocd/kustomize-helm-with-rewrite/init.sh

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+export HOME=/helm-working-dir
+
+helm repo update oceanbox
+
+if [ -n "$PARAM_CHART" -a "$PARAM_CHART" != "." ]; then
+    helm show values $PARAM_CHART > values-chart.yaml
+elif [ -f chart ]; then
+    CHART=$(cat chart)
+    helm show values $CHART > values-chart.yaml
+fi

argocd/kustomize-helm-with-rewrite/plugin.yaml

@@ -0,0 +1,94 @@
+apiVersion: argoproj.io/v1alpha1
+kind: ConfigManagementPlugin
+metadata:
+  name: kustomize-helm-with-rewrite
+spec:
+  # version: v1.2
+  # The init command runs in the Application source directory at the beginning of each manifest generation. The init
+  # command can output anything. A non-zero status code will fail manifest generation.
+  init:
+    # Init always happens immediately before generate, but its output is not treated as manifests.
+    # This is a good place to, for example, download chart dependencies.
+    command: [ /bin/sh ]
+    args:
+      - /plugin/init.sh
+  # The generate command runs in the Application source directory each time manifests are generated. Standard output
+  # must be ONLY valid Kubernetes Objects in either YAML or JSON. A non-zero exit code will fail manifest generation.
+  # To write log messages from the command, write them to stderr, it will always be displayed.
+  # Error output will be sent to the UI, so avoid printing sensitive information (such as secrets).
+  generate:
+    command: [ /bin/sh ]
+    args:
+      - /plugin/generate.sh
+
+  # The discovery config is applied to a repository. If every configured discovery tool matches, then the plugin may be
+  # used to generate manifests for Applications using the repository. If the discovery config is omitted then the plugin
+  # will not match any application but can still be invoked explicitly by specifying the plugin name in the app spec.
+  # Only one of fileName, find.glob, or find.command should be specified. If multiple are specified then only the
+  # first (in that order) is evaluated.
+  # discover:
+    # fileName is a glob pattern (https://pkg.go.dev/path/filepath#Glob) that is applied to the Application's source
+    # directory. If there is a match, this plugin may be used for the Application.
+    # fileName: "./subdir/s*.yaml"
+    # find:
+      # This does the same thing as fileName, but it supports double-start (nested directory) glob patterns.
+      # glob: "**/Chart.yaml"
+      # The find command runs in the repository's root directory. To match, it must exit with status code 0 _and_
+      # produce non-empty output to standard out.
+      # command: [sh, -c, find . -name env.yaml]
+  # The parameters config describes what parameters the UI should display for an Application. It is up to the user to
+  # actually set parameters in the Application manifest (in spec.source.plugin.parameters). The announcements _only_
+  # inform the "Parameters" tab in the App Details page of the UI.
+  parameters:
+    # Static parameter announcements are sent to the UI for _all_ Applications handled by this plugin.
+    # Think of the `string`, `array`, and `map` values set here as "defaults". It is up to the plugin author to make
+    # sure that these default values actually reflect the plugin's behavior if the user doesn't explicitly set different
+    # values for those parameters.
+    static:
+      - name: env
+        title: Environment
+        tooltip: Kustomization env (directory in manifest folder)
+        required: true
+        itemType: string
+        collectionType: string
+        string: "staging"
+      - name: rewrite
+        title: Rewrite
+        tooltip: sed rewrite experssion
+        required: false
+        itemType: string
+        collectionType: string
+        string: ""
+      - name: chart
+        title: Chart
+        tooltip: Name or path of helm chart
+        required: false
+        itemType: string
+        collectionType: string
+        string: "."
+      - name: flags
+        title: Helm flags
+        tooltip: Extra helm flags
+        required: false
+        itemType: string
+        collectionType: string
+        string: ""
+      # All the fields above besides "string" apply to both the array and map type parameter announcements.
+      # - name: array-param
+      #   # This field communicates the parameter's default value to the UI. Setting this field is optional.
+      #   array: [default, items]
+      #   collectionType: array
+      # - name: map-param
+      #   # This field communicates the parameter's default value to the UI. Setting this field is optional.
+      #   map:
+      #     some: value
+      #   collectionType: map
+    dynamic:
+      # The command is run in an Application's source directory. Standard output must be JSON matching the schema of the
+      # static parameter announcements list.
+      command: [ /bin/sh, /plugin/get-values.sh ]
+
+    # If set to `true` then the plugin receives repository files with original file mode. Dangerous since the repository
+    # might have executable files. Set to true only if you trust the CMP plugin authors.
+    preserveFileMode: false
+

argocd/staging-vcluster.yaml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  annotations:
+    managed-by: argocd.argoproj.io
+  labels:
+    argocd.argoproj.io/secret-type: cluster
+  name: cluster-staging-vcluster
+  namespace: argocd
+stringData:
+  config: |
+    {"bearerToken":"eyJhbGciOiJSUzI1NiIsImtpZCI6InhKNmNNemw4V01jR0cxUHJ4ajE3bTdQRDlKd1ZyQUQ0cDFPcXRuVDBFbWsifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi10b2tlbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJhZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImUyNjQ2MDgzLTNjMDMtNDc0Ni1iMGIxLWViOGRmMzY3NTNiMiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTphZG1pbiJ9.hXQzh4mus2yPwXz-EyowgSpOKgOk7uDU8z-dH-sZJ-UgzxQFOxABfkjD4Kb4JYlXrr_zkMO7n_zkaDOl3iFDCDS2Pury7hsIlJNKETYk-_llH0RYI9DYzAB5PkeOyuKhmRq8eklynq5ObPtk7WVuj3Bp-64uSqfX-WvxqoE0dfh0erSVcU7BwwjRdeDnO01xzv5zXXAYkOmk6e5DGOLBdUMD8kDZE0_NEa-MKCVkl78sc2mCsOMOUhzXoCduvc92hfnoFEfoTKe7xHwLeUim4HvVfD9czXOpRtHKXgEsk0UGtj0xg7D70uftUIxpr4a8rbWceM4eyGtXpjPUm1mh1Q","tlsClientConfig":{"insecure":true}}
+  name: staging-vcluster
+  server: https://staging-vcluster.staging-vcluster
+type: Opaque
+