marcel/argo-cd
1
0
Fork 0
mirror of https://github.com/argoproj/argo-cd.git synced 2026-02-20 01:28:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

chore: Use safe example domains defined in RFC 2606 (#16389)

Browse Source
This commit is contained in:
Marco Maurer (-Kilchhofer)
2023-11-20 10:34:04 +01:00
committed by GitHub
parent 9fa5e25fda
commit 841339d2ff
31 changed files with 97 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
applicationset/services/pull_request/azure_devops_test.go
View File

@@ -206,9 +206,9 @@ func TestBuildURL(t *testing.T) {
},
{
name: "Provided custom URL and organization",
url: "https://azuredevops.mycompany.com/",
url: "https://azuredevops.example.com/",
organization: "myorganization",
expected: "https://azuredevops.mycompany.com/myorganization",
expected: "https://azuredevops.example.com/myorganization",
},
}

36
controller/cache/info_test.go vendored
View File

@@ -52,7 +52,7 @@ var (
resourceVersion: "123"
uid: "4"
annotations:
link.argocd.argoproj.io/external-link: http://my-grafana.com/pre-generated-link
link.argocd.argoproj.io/external-link: http://my-grafana.example.com/pre-generated-link
spec:
selector:
app: guestbook
@@ -74,7 +74,7 @@ var (
serviceName: not-found-service
servicePort: 443
rules:
- host: helm-guestbook.com
- host: helm-guestbook.example.com
http:
paths:
- backend:
@@ -86,7 +86,7 @@ var (
servicePort: https
path: /
tls:
- host: helm-guestbook.com
- host: helm-guestbook.example.com
secretName: my-tls-secret
status:
loadBalancer:
@@ -101,13 +101,13 @@ var (
namespace: default
uid: "4"
annotations:
link.argocd.argoproj.io/external-link: http://my-grafana.com/ingress-link
link.argocd.argoproj.io/external-link: http://my-grafana.example.com/ingress-link
spec:
backend:
serviceName: not-found-service
servicePort: 443
rules:
- host: helm-guestbook.com
- host: helm-guestbook.example.com
http:
paths:
- backend:
@@ -119,7 +119,7 @@ var (
servicePort: https
path: /
tls:
- host: helm-guestbook.com
- host: helm-guestbook.example.com
secretName: my-tls-secret
status:
loadBalancer:
@@ -138,7 +138,7 @@ var (
serviceName: not-found-service
servicePort: 443
rules:
- host: helm-guestbook.com
- host: helm-guestbook.example.com
http:
paths:
- backend:
@@ -150,7 +150,7 @@ var (
servicePort: https
path: /*
tls:
- host: helm-guestbook.com
- host: helm-guestbook.example.com
secretName: my-tls-secret
status:
loadBalancer:
@@ -169,7 +169,7 @@ var (
serviceName: not-found-service
servicePort: 443
rules:
- host: helm-guestbook.com
- host: helm-guestbook.example.com
http:
paths:
- backend:
@@ -199,7 +199,7 @@ var (
port:
number: 443
rules:
- host: helm-guestbook.com
- host: helm-guestbook.example.com
http:
paths:
- backend:
@@ -215,7 +215,7 @@ var (
name: https
path: /
tls:
- host: helm-guestbook.com
- host: helm-guestbook.example.com
secretName: my-tls-secret
status:
loadBalancer:
@@ -327,7 +327,7 @@ func TestGetLinkAnnotatedServiceInfo(t *testing.T) {
assert.Equal(t, &v1alpha1.ResourceNetworkingInfo{
TargetLabels: map[string]string{"app": "guestbook"},
Ingress: []v1.LoadBalancerIngress{{Hostname: "localhost"}},
ExternalURLs: []string{"http://my-grafana.com/pre-generated-link"},
ExternalURLs: []string{"http://my-grafana.example.com/pre-generated-link"},
}, info.NetworkingInfo)
}
@@ -381,7 +381,7 @@ func TestGetIngressInfo(t *testing.T) {
Kind: kube.ServiceKind,
Name: "helm-guestbook",
}},
ExternalURLs: []string{"https://helm-guestbook.com/"},
ExternalURLs: []string{"https://helm-guestbook.example.com/"},
}, info.NetworkingInfo)
}
}
@@ -406,7 +406,7 @@ func TestGetLinkAnnotatedIngressInfo(t *testing.T) {
Kind: kube.ServiceKind,
Name: "helm-guestbook",
}},
ExternalURLs: []string{"http://my-grafana.com/ingress-link", "https://helm-guestbook.com/"},
ExternalURLs: []string{"http://my-grafana.example.com/ingress-link", "https://helm-guestbook.example.com/"},
}, info.NetworkingInfo)
}
@@ -430,7 +430,7 @@ func TestGetIngressInfoWildCardPath(t *testing.T) {
Kind: kube.ServiceKind,
Name: "helm-guestbook",
}},
ExternalURLs: []string{"https://helm-guestbook.com/"},
ExternalURLs: []string{"https://helm-guestbook.example.com/"},
}, info.NetworkingInfo)
}
@@ -454,7 +454,7 @@ func TestGetIngressInfoWithoutTls(t *testing.T) {
Kind: kube.ServiceKind,
Name: "helm-guestbook",
}},
ExternalURLs: []string{"http://helm-guestbook.com/"},
ExternalURLs: []string{"http://helm-guestbook.example.com/"},
}, info.NetworkingInfo)
}
@@ -563,7 +563,7 @@ func TestExternalUrlWithMultipleSubPaths(t *testing.T) {
namespace: default
spec:
rules:
- host: helm-guestbook.com
- host: helm-guestbook.example.com
http:
paths:
- backend:
@@ -587,7 +587,7 @@ func TestExternalUrlWithMultipleSubPaths(t *testing.T) {
info := &ResourceInfo{}
populateNodeInfo(ingress, info, []string{})
expectedExternalUrls := []string{"https://helm-guestbook.com/my/sub/path/", "https://helm-guestbook.com/my/sub/path/2", "https://helm-guestbook.com"}
expectedExternalUrls := []string{"https://helm-guestbook.example.com/my/sub/path/", "https://helm-guestbook.example.com/my/sub/path/2", "https://helm-guestbook.example.com"}
actualURLs := info.NetworkingInfo.ExternalURLs
sort.Strings(expectedExternalUrls)
sort.Strings(actualURLs)

2
docs/operator-manual/custom-styles.md
View File

@@ -21,7 +21,7 @@ metadata:
...
name: argocd-cm
data:
ui.cssurl: "https://www.myhost.com/my-styles.css"
ui.cssurl: "https://www.example.com/my-styles.css"
```
## Adding Styles Via Volume Mounts

20
docs/operator-manual/declarative-setup.md
View File

@@ -590,8 +590,8 @@ metadata:
argocd.argoproj.io/secret-type: cluster
type: Opaque
stringData:
name: mycluster.com
server: https://mycluster.com
name: mycluster.example.com
server: https://mycluster.example.com
config: |
{
"bearerToken": "<authentication token>",
@@ -615,8 +615,8 @@ metadata:
argocd.argoproj.io/secret-type: cluster
type: Opaque
stringData:
name: "mycluster.com"
server: "https://mycluster.com"
name: "mycluster.example.com"
server: "https://mycluster.example.com"
config: |
{
"awsAuthConfig": {
@@ -742,8 +742,8 @@ metadata:
argocd.argoproj.io/secret-type: cluster
type: Opaque
stringData:
name: mycluster.com
server: https://mycluster.com
name: mycluster.example.com
server: https://mycluster.example.com
config: |
{
"execProviderConfig": {
@@ -795,8 +795,8 @@ metadata:
argocd.argoproj.io/secret-type: cluster
type: Opaque
stringData:
name: mycluster.com
server: https://mycluster.com
name: mycluster.example.com
server: https://mycluster.example.com
config: |
{
"execProviderConfig": {
@@ -830,8 +830,8 @@ metadata:
argocd.argoproj.io/secret-type: cluster
type: Opaque
stringData:
name: mycluster.com
server: https://mycluster.com
name: mycluster.example.com
server: https://mycluster.example.com
config: |
{
"execProviderConfig": {

4
docs/operator-manual/high_availability.md
View File

@@ -98,8 +98,8 @@ metadata:
type: Opaque
stringData:
shard: 1
name: mycluster.com
server: https://mycluster.com
name: mycluster.example.com
server: https://mycluster.example.com
config: |
{
"bearerToken": "<authentication token>",

10
docs/operator-manual/ingress.md
View File

@@ -661,9 +661,9 @@ metadata:
networking.gke.io/v1beta1.FrontendConfig: argocd-frontend-config
spec:
tls:
- secretName: secret-yourdomain-com
- secretName: secret-example-com
rules:
- host: argocd.yourdomain.com
- host: argocd.example.com
http:
paths:
- pathType: ImplementationSpecific
@@ -686,9 +686,9 @@ metadata:
networking.gke.io/v1beta1.FrontendConfig: argocd-frontend-config
spec:
tls:
- secretName: secret-yourdomain-com
- secretName: secret-example-com
rules:
- host: argocd.yourdomain.com
- host: argocd.example.com
http:
paths:
- pathType: Prefix
@@ -700,7 +700,7 @@ spec:
number: 80
```
As you may know already, it can take some minutes to deploy the load balancer and become ready to accept connections. Once it's ready, get the public IP address for your Load Balancer, go to your DNS server (Google or third party) and point your domain or subdomain (i.e. argocd.yourdomain.com) to that IP address.
As you may know already, it can take some minutes to deploy the load balancer and become ready to accept connections. Once it's ready, get the public IP address for your Load Balancer, go to your DNS server (Google or third party) and point your domain or subdomain (i.e. argocd.example.com) to that IP address.
You can get that IP address describing the Ingress object like this:

14
docs/operator-manual/user-management/index.md
View File

@@ -201,7 +201,7 @@ data:
id: acme-github
name: Acme GitHub
config:
hostName: github.acme.com
hostName: github.acme.example.com
clientID: abcdefghijklmnopqrst
clientSecret: $dex.acme.clientSecret # Alternatively $<some_K8S_secret>:dex.acme.clientSecret
orgs:
@@ -242,7 +242,7 @@ data:
id: oidc
name: OIDC
config:
issuer: https://example-OIDC-provider.com
issuer: https://example-OIDC-provider.example.com
clientID: aaaabbbbccccddddeee
clientSecret: $dex.oidc.clientSecret
```
@@ -264,7 +264,7 @@ data:
id: oidc
name: OIDC
config:
issuer: https://example-OIDC-provider.com
issuer: https://example-OIDC-provider.example.com
clientID: aaaabbbbccccddddeee
clientSecret: $dex.oidc.clientSecret
insecureEnableGroups: true
@@ -294,7 +294,7 @@ data:
id: oidc
name: OIDC
config:
issuer: https://example-OIDC-provider.com
issuer: https://example-OIDC-provider.example.com
clientID: aaaabbbbccccddddeee
clientSecret: $dex.oidc.clientSecret
insecureEnableGroups: true
@@ -395,18 +395,18 @@ any active session post logout, you can do so by specifying it as follows:
```yaml
oidc.config: |
name: example-OIDC-provider
issuer: https://example-OIDC-provider.com
issuer: https://example-OIDC-provider.example.com
clientID: xxxxxxxxx
clientSecret: xxxxxxxxx
requestedScopes: ["openid", "profile", "email", "groups"]
requestedIDTokenClaims: {"groups": {"essential": true}}
logoutURL: https://example-OIDC-provider.com/logout?id_token_hint={{token}}
logoutURL: https://example-OIDC-provider.example.com/logout?id_token_hint={{token}}
```
By default, this would take the user to their OIDC provider's login page after logout. If you also wish to redirect the user back to Argo CD after logout, you can specify the logout URL as follows:
```yaml
...
logoutURL: https://example-OIDC-provider.com/logout?id_token_hint={{token}}&post_logout_redirect_uri={{logoutRedirectURL}}
logoutURL: https://example-OIDC-provider.example.com/logout?id_token_hint={{token}}&post_logout_redirect_uri={{logoutRedirectURL}}
```
You are not required to specify a logoutRedirectURL as this is automatically generated by ArgoCD as your base ArgoCD url + Rootpath

36
docs/proposals/parameterized-config-management-plugins.md
View File

@@ -256,7 +256,7 @@ spec:
array: [values.yaml]
- name: helm-parameters
map:
image.repository: my.company.com/gcr-proxy/heptio-images/ks-guestbook-demo
image.repository: my.example.com/gcr-proxy/heptio-images/ks-guestbook-demo
image.tag: "0.1"
```
@@ -283,7 +283,7 @@ That command, when run by a CMP with the above Application manifest, will print
{
"name": "helm-parameters",
"map": {
"image.repository": "my.company.com/gcr-proxy/heptio-images/ks-guestbook-demo",
"image.repository": "my.example.com/gcr-proxy/heptio-images/ks-guestbook-demo",
"image.tag": "0.1"
}
}
@@ -398,7 +398,7 @@ like this:
"title": "Helm Parameters",
"tooltip": "Parameters to override when generating manifests with Helm",
"map": {
"image.repository": "my.company.com/gcr-proxy/heptio-images/ks-guestbook-demo",
"image.repository": "my.example.com/gcr-proxy/heptio-images/ks-guestbook-demo",
"image.tag": "0.1"
}
}
@@ -423,7 +423,7 @@ readability.)
"title": "Helm Parameters",
"tooltip": "Parameters to override when generating manifests with Helm",
"map": {
"image.repository": "my.company.com/gcr-proxy/heptio-images/ks-guestbook-demo",
"image.repository": "my.example.com/gcr-proxy/heptio-images/ks-guestbook-demo",
"image.tag": "0.1"
}
}
@@ -493,11 +493,11 @@ type ParametersAnnouncement []ParameterAnnouncement
- name: images
collectionType: map
array: # this gets ignored because collectionType is 'map'
- ubuntu:latest=docker.company.com/proxy/ubuntu:latest
- guestbook:v0.1=docker.company.com/proxy/guestbook:v0.1
- ubuntu:latest=docker.example.com/proxy/ubuntu:latest
- guestbook:v0.1=docker.example.com/proxy/guestbook:v0.1
map:
ubuntu:latest: docker.company.com/proxy/ubuntu:latest
guestbook:v0.1: docker.company.com/proxy/guestbook:v0.1
ubuntu:latest: docker.example.com/proxy/ubuntu:latest
guestbook:v0.1: docker.example.com/proxy/guestbook:v0.1
```
2. **Question**: What do we do if the CMP user sets more than one of `value`/`array`/`map` in the Application spec?
@@ -513,11 +513,11 @@ type ParametersAnnouncement []ParameterAnnouncement
parameters:
- name: images
array: # this gets sent to the CMP, but the CMP should ignore it
- ubuntu:latest=docker.company.com/proxy/ubuntu:latest
- guestbook:v0.1=docker.company.com/proxy/guestbook:v0.1
- ubuntu:latest=docker.example.com/proxy/ubuntu:latest
- guestbook:v0.1=docker.example.com/proxy/guestbook:v0.1
map:
ubuntu:latest: docker.company.com/proxy/ubuntu:latest
guestbook:v0.1: docker.company.com/proxy/guestbook:v0.1
ubuntu:latest: docker.example.com/proxy/ubuntu:latest
guestbook:v0.1: docker.example.com/proxy/guestbook:v0.1
```
3. **Question**: How will the UI know that adding more items to an array or a map is allowed?
@@ -528,17 +528,17 @@ type ParametersAnnouncement []ParameterAnnouncement
- name: images
collectionType: map # users will be allowed to add new items, because this is a map
map:
ubuntu:latest: docker.company.com/proxy/ubuntu:latest
guestbook:v0.1: docker.company.com/proxy/guestbook:v0.1
ubuntu:latest: docker.example.com/proxy/ubuntu:latest
guestbook:v0.1: docker.example.com/proxy/guestbook:v0.1
```
If the CMP author wants an immutable array or map, they should just break it into individual parameters.
```yaml
- name: ubuntu:latest
string: docker.company.com/proxy/ubuntu:latest
string: docker.example.com/proxy/ubuntu:latest
- name: guestbook:v0.1
string: docker.company.com/proxy/guestbook:v0.1
string: docker.example.com/proxy/guestbook:v0.1
```
4. **Question**: What do we do if a CMP announcement doesn't include a `collectionType`?
@@ -799,8 +799,8 @@ spec:
"title": "Image Overrides",
"collectionType": "map",
"map": {
"quay.io/argoproj/argocd": "docker.company.com/proxy/argoproj/argocd",
"ubuntu:latest": "docker.company.com/proxy/argoproj/argocd"
"quay.io/argoproj/argocd": "docker.example.com/proxy/argoproj/argocd",
"ubuntu:latest": "docker.example.com/proxy/argoproj/argocd"
}
}
]

2
docs/proposals/project-repos-and-clusters.md
View File

@@ -102,7 +102,7 @@ p, proj:my-project:admin, repositories, update, my-project/*, allow
This provides extra flexibility so that admin can have stricter rules. e.g.:
```
p, proj:my-project:admin, repositories, update, my-project/"https://github.my-company.com/*", allow
p, proj:my-project:admin, repositories, update, my-project/"https://github.example.com/*", allow
```
#### UI/CLI Changes

2
docs/user-guide/ci_automation.md
View File

@@ -43,7 +43,7 @@ useful so that the CLI used in the CI pipeline is always kept in-sync and uses a
that is always compatible with the Argo CD API server.
```bash
export ARGOCD_SERVER=argocd.mycompany.com
export ARGOCD_SERVER=argocd.example.com
export ARGOCD_AUTH_TOKEN=<JWT token generated from project>
curl -sSL -o /usr/local/bin/argocd https://${ARGOCD_SERVER}/download/argocd-linux-amd64
argocd app sync guestbook

2
docs/user-guide/environment-variables.md
View File

@@ -4,7 +4,7 @@ The following environment variables can be used with `argocd` CLI:
| Environment Variable | Description |
|--------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `ARGOCD_SERVER` | the address of the Argo CD server without `https://` prefix <br> (instead of specifying `--server` for every command) <br> eg. `ARGOCD_SERVER=argocd.mycompany.com` if served through an ingress with DNS |
| `ARGOCD_SERVER` | the address of the Argo CD server without `https://` prefix <br> (instead of specifying `--server` for every command) <br> eg. `ARGOCD_SERVER=argocd.example.com` if served through an ingress with DNS |
| `ARGOCD_AUTH_TOKEN` | the Argo CD `apiKey` for your Argo CD user to be able to authenticate |
| `ARGOCD_OPTS` | command-line options to pass to `argocd` CLI <br> eg. `ARGOCD_OPTS="--grpc-web"` |
| `ARGOCD_SERVER_NAME` | the Argo CD API Server name (default "argocd-server") |

2
docs/user-guide/external-url.md
View File

@@ -12,7 +12,7 @@ kind: Deployment
metadata:
name: my-svc
annotations:
link.argocd.argoproj.io/external-link: http://my-grafana.com/pre-generated-link
link.argocd.argoproj.io/external-link: http://my-grafana.example.com/pre-generated-link
```
![External link](../assets/external-link.png)

6
docs/user-guide/projects.md
View File

@@ -292,7 +292,7 @@ p, proj:my-project:admin, repositories, update, my-project/*, allow
This provides extra flexibility so that admins can have stricter rules. e.g.:
```
p, proj:my-project:admin, repositories, update, my-project/https://github.my-company.com/*, allow
p, proj:my-project:admin, repositories, update, my-project/https://github.example.com/*, allow
```
Once the appropriate RBAC rules are in place, developers can create their own Git repositories and (assuming
@@ -330,9 +330,9 @@ metadata:
argocd.argoproj.io/secret-type: cluster
type: Opaque
stringData:
name: mycluster.com
name: mycluster.example.com
project: my-project1 # Project scoped
server: https://mycluster.com
server: https://mycluster.example.com
config: |
{
"bearerToken": "<authentication token>",

2
pkg/apis/application/v1alpha1/types_test.go
View File

@@ -370,7 +370,7 @@ func TestAppProject_IsDestinationPermitted_PermitOnlyProjectScopedClusters(t *te
projDest: []ApplicationDestination{{
Server: "https://my-cluster.123.com", Namespace: "default",
}},
appDest: ApplicationDestination{Server: "https://some-other-cluster.com", Namespace: "default"},
appDest: ApplicationDestination{Server: "https://some-other-cluster.example.com", Namespace: "default"},
clusters: []*Cluster{{
Server: "https://my-cluster.123.com",
}},

2
resource_customizations/cert-manager.io/ClusterIssuer/testdata/degraded_acmeFailed.yaml vendored
View File

@@ -8,7 +8,7 @@ metadata:
uid: 37f408e3-3157-11e9-be3f-42010a800011
spec:
acme:
email: myemail@test.com
email: myemail@example.com
http01: {}
privateKeySecretRef:
key: ""

2
resource_customizations/cert-manager.io/ClusterIssuer/testdata/healthy_registered.yaml vendored
View File

@@ -8,7 +8,7 @@ metadata:
uid: b0045219-e219-11e8-9f93-42010a80021d
spec:
acme:
email: myemail@test.com
email: myemail@example.com
http01: {}
privateKeySecretRef:
key: ""

2
resource_customizations/cert-manager.io/ClusterIssuer/testdata/progressing_noStatus.yaml vendored
View File

@@ -8,7 +8,7 @@ metadata:
uid: b0045219-e219-11e8-9f93-42010a80021d
spec:
acme:
email: myemail@test.com
email: myemail@example.com
http01: {}
privateKeySecretRef:
key: ""

2
resource_customizations/cert-manager.io/Issuer/testdata/degraded_acmeFailed.yaml vendored
View File

@@ -10,7 +10,7 @@ metadata:
uid: 37f408e3-3157-11e9-be3f-42010a800011
spec:
acme:
email: myemail@test.com
email: myemail@example.com
http01: {}
privateKeySecretRef:
key: ""

2
resource_customizations/cert-manager.io/Issuer/testdata/healthy_registered.yaml vendored
View File

@@ -10,7 +10,7 @@ metadata:
uid: b0045219-e219-11e8-9f93-42010a80021d
spec:
acme:
email: myemail@test.com
email: myemail@example.com
http01: {}
privateKeySecretRef:
key: ""

2
resource_customizations/cert-manager.io/Issuer/testdata/progressing_noStatus.yaml vendored
View File

@@ -10,7 +10,7 @@ metadata:
uid: b0045219-e219-11e8-9f93-42010a80021d
spec:
acme:
email: myemail@test.com
email: myemail@example.com
http01: {}
privateKeySecretRef:
key: ""

2
resource_customizations/certmanager.k8s.io/Issuer/testdata/degraded_acmeFailed.yaml vendored
View File

@@ -10,7 +10,7 @@ metadata:
uid: 37f408e3-3157-11e9-be3f-42010a800011
spec:
acme:
email: myemail@test.com
email: myemail@example.com
http01: {}
privateKeySecretRef:
key: ""

2
resource_customizations/certmanager.k8s.io/Issuer/testdata/healthy_registered.yaml vendored
View File

@@ -10,7 +10,7 @@ metadata:
uid: b0045219-e219-11e8-9f93-42010a80021d
spec:
acme:
email: myemail@test.com
email: myemail@example.com
http01: {}
privateKeySecretRef:
key: ""

2
resource_customizations/certmanager.k8s.io/Issuer/testdata/progressing_noStatus.yaml vendored
View File

@@ -10,7 +10,7 @@ metadata:
uid: b0045219-e219-11e8-9f93-42010a80021d
spec:
acme:
email: myemail@test.com
email: myemail@example.com
http01: {}
privateKeySecretRef:
key: ""

16
server/application/application_test.go
View File

@@ -76,7 +76,7 @@ func fakeRepo() *appsv1.Repository {
func fakeCluster() *appsv1.Cluster {
return &appsv1.Cluster{
Server: "https://cluster-api.com",
Server: "https://cluster-api.example.com",
Name: "fake-cluster",
Config: appsv1.ClusterConfig{},
}
@@ -503,7 +503,7 @@ spec:
environment: default
destination:
namespace: ` + test.FakeDestNamespace + `
server: https://cluster-api.com
server: https://cluster-api.example.com
`
const fakeAppWithDestName = `
@@ -541,7 +541,7 @@ spec:
environment: default
destination:
namespace: ` + test.FakeDestNamespace + `
server: https://cluster-api.com
server: https://cluster-api.example.com
`
func newTestAppWithDestName(opts ...func(app *appsv1.Application)) *appsv1.Application {
@@ -797,22 +797,22 @@ func TestNoAppEnumeration(t *testing.T) {
t.Run("UpdateSpec", func(t *testing.T) {
_, err := appServer.UpdateSpec(adminCtx, &application.ApplicationUpdateSpecRequest{Name: pointer.String("test"), Spec: &appsv1.ApplicationSpec{
Destination: appsv1.ApplicationDestination{Namespace: "default", Server: "https://cluster-api.com"},
Destination: appsv1.ApplicationDestination{Namespace: "default", Server: "https://cluster-api.example.com"},
Source: &appsv1.ApplicationSource{RepoURL: "https://some-fake-source", Path: "."},
}})
assert.NoError(t, err)
_, err = appServer.UpdateSpec(noRoleCtx, &application.ApplicationUpdateSpecRequest{Name: pointer.String("test"), Spec: &appsv1.ApplicationSpec{
Destination: appsv1.ApplicationDestination{Namespace: "default", Server: "https://cluster-api.com"},
Destination: appsv1.ApplicationDestination{Namespace: "default", Server: "https://cluster-api.example.com"},
Source: &appsv1.ApplicationSource{RepoURL: "https://some-fake-source", Path: "."},
}})
assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence")
_, err = appServer.UpdateSpec(adminCtx, &application.ApplicationUpdateSpecRequest{Name: pointer.String("doest-not-exist"), Spec: &appsv1.ApplicationSpec{
Destination: appsv1.ApplicationDestination{Namespace: "default", Server: "https://cluster-api.com"},
Destination: appsv1.ApplicationDestination{Namespace: "default", Server: "https://cluster-api.example.com"},
Source: &appsv1.ApplicationSource{RepoURL: "https://some-fake-source", Path: "."},
}})
assert.Equal(t, permissionDeniedErr.Error(), err.Error(), "error message must be _only_ the permission error, to avoid leaking information about app existence")
_, err = appServer.UpdateSpec(adminCtx, &application.ApplicationUpdateSpecRequest{Name: pointer.String("doest-not-exist"), Project: pointer.String("test"), Spec: &appsv1.ApplicationSpec{
Destination: appsv1.ApplicationDestination{Namespace: "default", Server: "https://cluster-api.com"},
Destination: appsv1.ApplicationDestination{Namespace: "default", Server: "https://cluster-api.example.com"},
Source: &appsv1.ApplicationSource{RepoURL: "https://some-fake-source", Path: "."},
}})
assert.Equal(t, "rpc error: code = NotFound desc = applications.argoproj.io \"doest-not-exist\" not found", err.Error(), "when the request specifies a project, we can return the standard k8s error message")
@@ -1436,7 +1436,7 @@ func TestCreateAppWithDestName(t *testing.T) {
app, err := appServer.Create(context.Background(), &createReq)
assert.NoError(t, err)
assert.NotNil(t, app)
assert.Equal(t, app.Spec.Destination.Server, "https://cluster-api.com")
assert.Equal(t, app.Spec.Destination.Server, "https://cluster-api.example.com")
}
func TestUpdateApp(t *testing.T) {

2
server/applicationset/applicationset_test.go
View File

@@ -38,7 +38,7 @@ func fakeRepo() *appsv1.Repository {
func fakeCluster() *appsv1.Cluster {
return &appsv1.Cluster{
Server: "https://cluster-api.com",
Server: "https://cluster-api.example.com",
Name: "fake-cluster",
Config: appsv1.ClusterConfig{},
}

2
server/deeplinks/deeplinks_test.go
View File

@@ -35,7 +35,7 @@ func TestDeepLinks(t *testing.T) {
},
Spec: v1alpha1.ApplicationSpec{
Destination: v1alpha1.ApplicationDestination{
Server: "test.com",
Server: "test.example.com",
Namespace: "testns",
},
},

2
server/notification/notification_test.go
View File

@@ -41,7 +41,7 @@ func TestNotificationServer(t *testing.T) {
Name: "argocd-notifications-cm",
},
Data: map[string]string{
"service.webhook.test": "url: https://test.com",
"service.webhook.test": "url: https://test.example.com",
"template.app-created": "email:\n subject: Application {{.app.metadata.name}} has been created.\nmessage: Application {{.app.metadata.name}} has been created.\nteams:\n title: Application {{.app.metadata.name}} has been created.\n",
"trigger.on-created": "- description: Application is created.\n oncePer: app.metadata.name\n send:\n - app-created\n when: \"true\"\n",
},

2
test/e2e/notification_test.go
View File

@@ -12,7 +12,7 @@ import (
func TestNotificationsListServices(t *testing.T) {
ctx := notifFixture.Given(t)
ctx.When().
SetParamInNotificationConfigMap("service.webhook.test", "url: https://test.com").
SetParamInNotificationConfigMap("service.webhook.test", "url: https://test.example.com").
Then().Services(func(services *notification.ServiceList, err error) {
assert.Nil(t, err)
assert.Equal(t, []*notification.Service{{Name: pointer.String("test")}}, services.Items)

4
test/e2e/testdata/networking/guestbook-ui-svc-ingress.yaml vendored
View File

@@ -9,7 +9,7 @@ metadata:
ingress.kubernetes.io/app-root: "/"
spec:
rules:
- host: myhost.com
- host: example.com
http:
paths:
- path: /
@@ -27,7 +27,7 @@ metadata:
ingress.kubernetes.io/app-root: "/"
spec:
rules:
- host: myhost.com
- host: example.com
http:
paths:
- path: /

4
util/dex/dex_test.go
View File

@@ -42,7 +42,7 @@ connectors:
id: acme-github
name: Acme GitHub
config:
hostName: github.acme.com
hostName: github.acme.example.com
clientID: abcdefghijklmnopqrst
clientSecret: $dex.acme.clientSecret
orgs:
@@ -79,7 +79,7 @@ connectors:
id: acme-github
name: Acme GitHub
config:
hostName: github.acme.com
hostName: github.acme.example.com
clientID: abcdefghijklmnopqrst
clientSecret: $dex.acme.clientSecret
orgs:

2
util/notification/settings/settings_test.go
View File

@@ -27,7 +27,7 @@ func TestInitGetVars(t *testing.T) {
},
Data: map[string]string{
"context": fmt.Sprintf("%s: %s", testContextKey, testContextKeyValue),
"service.webhook.test": "url: https://test.com",
"service.webhook.test": "url: https://test.example.com",
"template.app-created": "email:\n subject: Application {{.app.metadata.name}} has been created.\nmessage: Application {{.app.metadata.name}} has been created.\nteams:\n title: Application {{.app.metadata.name}} has been created.\n",
"trigger.on-created": "- description: Application is created.\n oncePer: app.metadata.name\n send:\n - app-created\n when: \"true\"\n",
},