From f8f7bb59b757e41b56af2239074125079ce05ef8 Mon Sep 17 00:00:00 2001
From: Andrey Kartashov <gorilych@gmail.com>
Date: Wed, 11 Nov 2020 00:19:13 +0700
Subject: [PATCH] argocd: use single ingress for http/grpc

---
 apps/argocd/ingress.yaml               | 44 ++++----------------------
 apps/argocd/kustomization.yaml         |  1 -
 apps/argocd/patches/argocd-server.yaml | 14 --------
 3 files changed, 7 insertions(+), 52 deletions(-)
 delete mode 100644 apps/argocd/patches/argocd-server.yaml

diff --git a/apps/argocd/ingress.yaml b/apps/argocd/ingress.yaml
index d101d72..721ea7e 100644
--- a/apps/argocd/ingress.yaml
+++ b/apps/argocd/ingress.yaml
@@ -1,53 +1,23 @@
----
-apiVersion: cert-manager.io/v1alpha2
-kind: Certificate
-metadata: 
-  name: argocd
-spec:
-  secretName: argocd-secret
-  dnsNames: 
-  - argocd.gorilych.ru
-  - argocd-grpc.gorilych.ru
-  issuerRef:
-    name: letsencrypt
-    kind: ClusterIssuer
----
+# https://argoproj.github.io/argo-cd/operator-manual/ingress/#ssl-passthrough-with-cert-manager-and-lets-encrypt
 apiVersion: networking.k8s.io/v1beta1
 kind: Ingress
 metadata:
-  name: argocd-server-http-ingress
+  name: argocd-server-ingress
   annotations:
+    cert-manager.io/cluster-issuer: letsencrypt
     kubernetes.io/ingress.class: nginx
+    kubernetes.io/tls-acme: "true"
+    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
 spec:
   rules:
   - http:
       paths:
       - backend:
           serviceName: argocd-server
-          servicePort: http
+          servicePort: https
     host: argocd.gorilych.ru
   tls:
   - hosts:
     - argocd.gorilych.ru
     secretName: argocd-secret
----
-apiVersion: networking.k8s.io/v1beta1
-kind: Ingress
-metadata:
-  name: argocd-server-grpc-ingress
-  annotations:
-    kubernetes.io/ingress.class: nginx
-    nginx.ingress.kubernetes.io/backend-protocol: GRPC
-spec:
-  rules:
-  - http:
-      paths:
-      - backend:
-          serviceName: argocd-server
-          servicePort: http
-    host: argocd-grpc.gorilych.ru
-  tls:
-  - hosts:
-    - argocd-grpc.gorilych.ru
-    secretName: argocd-secret
-
diff --git a/apps/argocd/kustomization.yaml b/apps/argocd/kustomization.yaml
index 3de2296..1813f9a 100644
--- a/apps/argocd/kustomization.yaml
+++ b/apps/argocd/kustomization.yaml
@@ -9,6 +9,5 @@ resources:
 - install.yaml
 - ingress.yaml
 patchesStrategicMerge:
-- patches/argocd-server.yaml
 - patches/argocd-cm.yaml
 - patches/argocd-rbac-cm.yaml
diff --git a/apps/argocd/patches/argocd-server.yaml b/apps/argocd/patches/argocd-server.yaml
deleted file mode 100644
index a74bcc9..0000000
--- a/apps/argocd/patches/argocd-server.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-server
-spec:
-  template:
-    spec:
-      containers:
-      - name: argocd-server
-        command:
-        - argocd-server
-        - --staticassets
-        - /shared/app
-        - --insecure