From 5f7fd2d8a19359fbd0ddce08b0801c15fd5bc0a9 Mon Sep 17 00:00:00 2001
From: JesseBot <jessebot@linux.com>
Date: Tue, 19 Sep 2023 10:53:40 +0200
Subject: [PATCH] Update versions of Argo CD, Appset Secrets Plugin, and
 cert-manager (#86)

* updating argo_cd_appset_secrets_plugin to use the new small-hack repo just called appset_secrets_plugin

* bump cert manager version while we're at this

* bump argo cd version to latest patch
---
 poetry.lock                                   | 49 +++++++++----------
 pyproject.toml                                |  6 +--
 smol_k8s_lab/__init__.py                      |  4 +-
 smol_k8s_lab/config/default_config.yaml       |  8 +--
 smol_k8s_lab/k8s_apps/argocd.py               |  8 +--
 smol_k8s_lab/k8s_apps/ingress/cert_manager.py |  2 +-
 smol_k8s_lab/k8s_tools/helm.py                |  4 +-
 7 files changed, 40 insertions(+), 41 deletions(-)

diff --git a/poetry.lock b/poetry.lock
index a3de1d556..6e8b32a98 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -1,4 +1,4 @@
-# This file is automatically @generated by Poetry 1.5.1 and should not be changed by hand.
+# This file is automatically @generated by Poetry 1.6.1 and should not be changed by hand.
 
 [[package]]
 name = "bcrypt"
@@ -316,27 +316,27 @@ pathspec = ">=0.9.0"
 
 [[package]]
 name = "google-auth"
-version = "2.17.3"
+version = "2.23.0"
 description = "Google Authentication Library"
 optional = false
-python-versions = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*"
+python-versions = ">=3.7"
 files = [
-    {file = "google-auth-2.17.3.tar.gz", hash = "sha256:ce311e2bc58b130fddf316df57c9b3943c2a7b4f6ec31de9663a9333e4064efc"},
-    {file = "google_auth-2.17.3-py2.py3-none-any.whl", hash = "sha256:f586b274d3eb7bd932ea424b1c702a30e0393a2e2bc4ca3eae8263ffd8be229f"},
+    {file = "google-auth-2.23.0.tar.gz", hash = "sha256:753a26312e6f1eaeec20bc6f2644a10926697da93446e1f8e24d6d32d45a922a"},
+    {file = "google_auth-2.23.0-py2.py3-none-any.whl", hash = "sha256:2cec41407bd1e207f5b802638e32bb837df968bb5c05f413d0fa526fac4cf7a7"},
 ]
 
 [package.dependencies]
 cachetools = ">=2.0.0,<6.0"
 pyasn1-modules = ">=0.2.1"
-rsa = {version = ">=3.1.4,<5", markers = "python_version >= \"3.6\""}
-six = ">=1.9.0"
+rsa = ">=3.1.4,<5"
+urllib3 = "<2.0"
 
 [package.extras]
-aiohttp = ["aiohttp (>=3.6.2,<4.0.0dev)", "requests (>=2.20.0,<3.0.0dev)"]
+aiohttp = ["aiohttp (>=3.6.2,<4.0.0.dev0)", "requests (>=2.20.0,<3.0.0.dev0)"]
 enterprise-cert = ["cryptography (==36.0.2)", "pyopenssl (==22.0.0)"]
 pyopenssl = ["cryptography (>=38.0.3)", "pyopenssl (>=20.0.0)"]
 reauth = ["pyu2f (>=0.1.5)"]
-requests = ["requests (>=2.20.0,<3.0.0dev)"]
+requests = ["requests (>=2.20.0,<3.0.0.dev0)"]
 
 [[package]]
 name = "idna"
@@ -608,13 +608,13 @@ rsa = ["oauthlib[signedtoken] (>=3.0.0)"]
 
 [[package]]
 name = "rich"
-version = "13.5.2"
+version = "13.5.3"
 description = "Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal"
 optional = false
 python-versions = ">=3.7.0"
 files = [
-    {file = "rich-13.5.2-py3-none-any.whl", hash = "sha256:146a90b3b6b47cac4a73c12866a499e9817426423f57c5a66949c086191a8808"},
-    {file = "rich-13.5.2.tar.gz", hash = "sha256:fb9d6c0a0f643c99eed3875b5377a184132ba9be4d61516a55273d3554d75a39"},
+    {file = "rich-13.5.3-py3-none-any.whl", hash = "sha256:9257b468badc3d347e146a4faa268ff229039d4c2d176ab0cffb4c4fbc73d5d9"},
+    {file = "rich-13.5.3.tar.gz", hash = "sha256:87b43e0543149efa1253f485cd845bb7ee54df16c9617b8a893650ab84b4acb6"},
 ]
 
 [package.dependencies]
@@ -651,34 +651,33 @@ files = [
 
 [[package]]
 name = "urllib3"
-version = "2.0.4"
+version = "1.26.16"
 description = "HTTP library with thread-safe connection pooling, file post, and more."
 optional = false
-python-versions = ">=3.7"
+python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*"
 files = [
-    {file = "urllib3-2.0.4-py3-none-any.whl", hash = "sha256:de7df1803967d2c2a98e4b11bb7d6bd9210474c46e8a0401514e3a42a75ebde4"},
-    {file = "urllib3-2.0.4.tar.gz", hash = "sha256:8d22f86aae8ef5e410d4f539fde9ce6b2113a001bb4d189e0aed70642d602b11"},
+    {file = "urllib3-1.26.16-py2.py3-none-any.whl", hash = "sha256:8d36afa7616d8ab714608411b4a3b13e58f463aee519024578e062e141dce20f"},
+    {file = "urllib3-1.26.16.tar.gz", hash = "sha256:8f135f6502756bde6b2a9b28989df5fbe87c9970cecaa69041edcce7f0589b14"},
 ]
 
 [package.extras]
-brotli = ["brotli (>=1.0.9)", "brotlicffi (>=0.8.0)"]
-secure = ["certifi", "cryptography (>=1.9)", "idna (>=2.0.0)", "pyopenssl (>=17.1.0)", "urllib3-secure-extra"]
-socks = ["pysocks (>=1.5.6,!=1.5.7,<2.0)"]
-zstd = ["zstandard (>=0.18.0)"]
+brotli = ["brotli (>=1.0.9)", "brotlicffi (>=0.8.0)", "brotlipy (>=0.6.0)"]
+secure = ["certifi", "cryptography (>=1.3.4)", "idna (>=2.0.0)", "ipaddress", "pyOpenSSL (>=0.14)", "urllib3-secure-extra"]
+socks = ["PySocks (>=1.5.6,!=1.5.7,<2.0)"]
 
 [[package]]
 name = "websocket-client"
-version = "1.6.1"
+version = "1.6.3"
 description = "WebSocket client for Python with low level API options"
 optional = false
-python-versions = ">=3.7"
+python-versions = ">=3.8"
 files = [
-    {file = "websocket-client-1.6.1.tar.gz", hash = "sha256:c951af98631d24f8df89ab1019fc365f2227c0892f12fd150e935607c79dd0dd"},
-    {file = "websocket_client-1.6.1-py3-none-any.whl", hash = "sha256:f1f9f2ad5291f0225a49efad77abf9e700b6fef553900623060dad6e26503b9d"},
+    {file = "websocket-client-1.6.3.tar.gz", hash = "sha256:3aad25d31284266bcfcfd1fd8a743f63282305a364b8d0948a43bd606acc652f"},
+    {file = "websocket_client-1.6.3-py3-none-any.whl", hash = "sha256:6cfc30d051ebabb73a5fa246efdcc14c8fbebbd0330f8984ac3bb6d9edd2ad03"},
 ]
 
 [package.extras]
-docs = ["Sphinx (>=3.4)", "sphinx-rtd-theme (>=0.5)"]
+docs = ["Sphinx (>=6.0)", "sphinx-rtd-theme (>=1.1.0)"]
 optional = ["python-socks", "wsaccel"]
 test = ["websockets"]
 
diff --git a/pyproject.toml b/pyproject.toml
index f4691ae72..267d0eca9 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name          = "smol_k8s_lab"
-version       = "1.0.0"
+version       = "1.0.1"
 description   = "bootstrap simple projects on kubernetes with kind and k3s"
 authors       = ["Jesse Hitch <jessebot@linux.com>",
                  "Max Roby <emax@cloudydev.net>"]
@@ -34,8 +34,8 @@ kubernetes    = "^27.2"
 requests      = "^2.28"
 pyyaml        = "^6.0"
 xdg-base-dirs = "^6.0"
-pyjwt = "^2.8.0"
-cryptography = "^41.0.3"
+pyjwt         = "^2.8.0"
+cryptography  = "^41.0.3"
 
 [tool.poetry.plugins."smol-k8s-lab.application.plugin"]
 "smol-k8s-lab" = "smol_k8s_lab:main"
diff --git a/smol_k8s_lab/__init__.py b/smol_k8s_lab/__init__.py
index be8e531db..9a272184f 100755
--- a/smol_k8s_lab/__init__.py
+++ b/smol_k8s_lab/__init__.py
@@ -154,7 +154,7 @@ def main(config: str = "",
                         apps['cilium'],
                         apps['cert_manager'],
                         argo_enabled,
-                        apps['argo_cd_appset_secret_plugin']['enabled'])
+                        apps['appset_secret_plugin']['enabled'])
 
         # 🦑 Install Argo CD: continuous deployment app for k8s
         if argo_enabled:
@@ -162,7 +162,7 @@ def main(config: str = "",
             argocd_fqdn = SECRETS['argo_cd_hostname']
             from .k8s_apps.argocd import configure_argocd
             configure_argocd(k8s_obj, argocd_fqdn, bw,
-                             apps['argo_cd_appset_secret_plugin']['enabled'],
+                             apps['appset_secret_plugin']['enabled'],
                              SECRETS)
 
             setup_k8s_secrets_management(k8s_obj,
diff --git a/smol_k8s_lab/config/default_config.yaml b/smol_k8s_lab/config/default_config.yaml
index 2855129e4..072aa19ae 100644
--- a/smol_k8s_lab/config/default_config.yaml
+++ b/smol_k8s_lab/config/default_config.yaml
@@ -201,9 +201,9 @@ apps:
       # source repos for Argo CD argo-cd Project (in addition to argo_cd.argo.repo)
       project_source_repos:
         - https://argoproj.github.io/argo-helm
-        - https://jessebot.github.io/argocd-appset-secret-plugin
+        - https://small-hack.github.io/appset-secret-plugin
 
-  argo_cd_appset_secret_plugin:
+  appset_secret_plugin:
     # Required if you want to use the default small-hack/argocd-apps argo.repo and
     # default enabled if ArgoCD is enabled, so we can create a k8s Secret with
     # your more private info such as hostnames, IP addresses, and emails in a
@@ -222,13 +222,13 @@ apps:
       # git repo to install the Argo CD app from
       repo: "https://github.com/small-hack/argocd-apps"
       # path in the argo repo to point to. Trailing slash very important!
-      path: "argocd/argocd_appset/"
+      path: "argocd/"
       # either the branch or tag to point at in the argo repo above
       ref: "main"
       # namespace to install the k8s app in
       namespace: "argocd"
       project_source_repos:
-        - https://jessebot.github.io/argocd-appset-secret-plugin
+        - https://small-hack.github.io/appset-secret-plugin
 
   external_secrets_operator:
     # enable the external secrets operator to pull remote secrets
diff --git a/smol_k8s_lab/k8s_apps/argocd.py b/smol_k8s_lab/k8s_apps/argocd.py
index b2132cb08..087dae100 100644
--- a/smol_k8s_lab/k8s_apps/argocd.py
+++ b/smol_k8s_lab/k8s_apps/argocd.py
@@ -85,7 +85,7 @@ def configure_argocd(k8s_obj: K8s,
 
         release_dict['values_file'] = values_file_name
         release_dict['chart_name'] = 'argo-cd/argo-cd'
-        release_dict['chart_version'] = '5.46.0'
+        release_dict['chart_version'] = '5.46.5'
 
         release = Helm.chart(**release_dict)
         release.install(True)
@@ -121,10 +121,10 @@ def configure_secret_plugin_generator(k8s_obj: K8s, secret_dict: dict):
                 'token.existingSecret': 'appset-secret-token'}
 
     # install the helm chart :)
-    chart_name = 'appset-secret-plugin/argocd-appset-secret-plugin'
-    release = Helm.chart(release_name='argocd-appset-secret-plugin',
+    chart_name = 'appset-secret-plugin/appset-secret-plugin'
+    release = Helm.chart(release_name='appset-secret-plugin',
                          chart_name=chart_name,
-                         chart_version='0.4.0',
+                         chart_version='0.5.0',
                          namespace='argocd',
                          set_options=set_opts)
     release.install(True)
diff --git a/smol_k8s_lab/k8s_apps/ingress/cert_manager.py b/smol_k8s_lab/k8s_apps/ingress/cert_manager.py
index 400d84082..1d5279d25 100644
--- a/smol_k8s_lab/k8s_apps/ingress/cert_manager.py
+++ b/smol_k8s_lab/k8s_apps/ingress/cert_manager.py
@@ -20,7 +20,7 @@ def configure_cert_manager(k8s_obj: K8s, email_addr: str = "") -> True:
     # install chart and wait
     release = Helm.chart(release_name='cert-manager',
                          chart_name='jetstack/cert-manager',
-                         chart_version="1.12.4",
+                         chart_version="1.13.0",
                          namespace='ingress',
                          set_options={'installCRDs': 'true'})
     release.install(True)
diff --git a/smol_k8s_lab/k8s_tools/helm.py b/smol_k8s_lab/k8s_tools/helm.py
index d9ac19441..5da817e55 100755
--- a/smol_k8s_lab/k8s_tools/helm.py
+++ b/smol_k8s_lab/k8s_tools/helm.py
@@ -154,8 +154,8 @@ def add_default_repos(k8s_distro: str,
         repos['argo-cd'] = 'https://argoproj.github.io/argo-helm'
 
     if argo_secrets:
-        repos['appset-secret-plugin'] = ('https://jessebot.github.io/'
-                                         'argocd-appset-secret-plugin')
+        repos['appset-secret-plugin'] = ('https://small-hack.github.io/'
+                                         'appset-secret-plugin')
 
     # kind has a special install path
     if k8s_distro == 'kind':