Argo CD : checksum support for the install url

roles/kubernetes-apps/argocd/defaults/main.yml

@@ -3,4 +3,3 @@ argocd_enabled: false
 argocd_version: 2.14.5
 argocd_namespace: argocd
 # argocd_admin_password:
-argocd_install_url: "https://raw.githubusercontent.com/argoproj/argo-cd/v{{ argocd_version }}/manifests/install.yaml"

roles/kubernetes-apps/argocd/tasks/main.yml

@@ -20,26 +20,17 @@
       - name: namespace
         file: argocd-namespace.yml
       - name: install
-        file: argocd-install.yml
+        file: "{{ downloads.argocd_install.dest | basename }}"
         namespace: "{{ argocd_namespace }}"
-        url: "{{ argocd_install_url }}"
+        download: "{{ downloads.argocd_install }}"
   when:
     - "inventory_hostname == groups['kube_control_plane'][0]"
 
 - name: Kubernetes Apps | Download ArgoCD remote manifests
   include_tasks: "../../../download/tasks/download_file.yml"
   vars:
-    download_argocd:
-      enabled: "{{ argocd_enabled }}"
-      file: true
-      dest: "{{ local_release_dir }}/{{ item.file }}"
-      url: "{{ item.url }}"
-      unarchive: false
-      owner: "root"
-      mode: "0644"
-      sha256: ""
-    download: "{{ download_defaults | combine(download_argocd) }}"
-  with_items: "{{ argocd_templates | selectattr('url', 'defined') | list }}"
+    download: "{{ download_defaults | combine(item.download) }}"
+  with_items: "{{ argocd_templates | selectattr('download', 'defined') | list }}"
   loop_control:
     label: "{{ item.file }}"
   when:
@@ -54,15 +45,15 @@
     owner: false
     group: false
   delegate_to: "{{ inventory_hostname }}"
-  with_items: "{{ argocd_templates | selectattr('url', 'defined') | list }}"
+  with_items: "{{ argocd_templates | selectattr('download', 'defined') | list }}"
   when:
     - "inventory_hostname == groups['kube_control_plane'][0]"
 
 - name: Kubernetes Apps | Set ArgoCD namespace for remote manifests
   become: true
   command: |
     {{ bin_dir }}/yq eval-all -i '.metadata.namespace="{{ argocd_namespace }}"' {{ kube_config_dir }}/{{ item.file }}
-  with_items: "{{ argocd_templates | selectattr('url', 'defined') | list }}"
+  with_items: "{{ argocd_templates | selectattr('download', 'defined') | list }}"
   loop_control:
     label: "{{ item.file }}"
   when:
@@ -74,7 +65,7 @@
     src: "{{ item.file }}.j2"
     dest: "{{ kube_config_dir }}/{{ item.file }}"
     mode: "0644"
-  with_items: "{{ argocd_templates | selectattr('url', 'undefined') | list }}"
+  with_items: "{{ argocd_templates | selectattr('download', 'undefined') | list }}"
   loop_control:
     label: "{{ item.file }}"
   when:

roles/kubespray_defaults/defaults/main/download.yml

@@ -80,6 +80,7 @@ youki_version: "{{ (youki_checksums['amd64'] | dict2items)[0].key }}"
 gvisor_version: "{{ (gvisor_runsc_binary_checksums['amd64'] | dict2items)[0].key }}"
 containerd_version: "{{ (containerd_archive_checksums['amd64'] | dict2items)[0].key }}"
 cri_dockerd_version: "{{ (cri_dockerd_archive_checksums['amd64'] | dict2items)[0].key }}"
+argocd_version: "{{ (argocd_install_checksums.no_arch | dict2items)[0].key }}"
 
 # this is relevant when container_manager == 'docker'
 docker_containerd_version: 1.6.32
@@ -192,6 +193,7 @@ containerd_download_url: "{{ github_url }}/containerd/containerd/releases/downlo
 cri_dockerd_download_url: "{{ github_url }}/Mirantis/cri-dockerd/releases/download/v{{ cri_dockerd_version }}/cri-dockerd-{{ cri_dockerd_version }}.{{ image_arch }}.tgz"
 skopeo_download_url: "{{ github_url }}/lework/skopeo-binary/releases/download/v{{ skopeo_version }}/skopeo-linux-{{ image_arch }}"
 yq_download_url: "{{ github_url }}/mikefarah/yq/releases/download/v{{ yq_version }}/yq_linux_{{ image_arch }}"
+argocd_install_url: "https://raw.githubusercontent.com/argoproj/argo-cd/v{{ argocd_version }}/manifests/install.yaml"
 gateway_api_crds_download_url: "{{ github_url }}/kubernetes-sigs/gateway-api/releases/download/v{{ gateway_api_version }}/{{ gateway_api_channel }}-install.yaml"
 
 etcd_binary_checksum: "{{ etcd_binary_checksums[image_arch][etcd_version] }}"
@@ -200,6 +202,7 @@ kubelet_binary_checksum: "{{ kubelet_checksums[image_arch][kube_version] }}"
 kubectl_binary_checksum: "{{ kubectl_checksums[image_arch][kube_version] }}"
 kubeadm_binary_checksum: "{{ kubeadm_checksums[image_arch][kube_version] }}"
 yq_binary_checksum: "{{ yq_checksums[image_arch][yq_version] }}"
+argocd_install_checksum: "{{ argocd_install_checksums.no_arch[argocd_version] }}"
 calicoctl_binary_checksum: "{{ calicoctl_binary_checksums[image_arch][calico_ctl_version] }}"
 ciliumcli_binary_checksum: "{{ ciliumcli_binary_checksums[image_arch][cilium_cli_version] }}"
 crictl_binary_checksum: "{{ crictl_checksums[image_arch][crictl_version] }}"
@@ -1108,6 +1111,19 @@ downloads:
     groups:
       - kube_control_plane
 
+  argocd_install:
+    enabled: "{{ argocd_enabled }}"
+    file: true
+    version: "{{ argocd_version }}"
+    dest: "{{ local_release_dir }}/argocd-install.yml"
+    checksum: "{{ argocd_install_checksum }}"
+    url: "{{ argocd_install_url }}"
+    unarchive: false
+    owner: "root"
+    mode: "0644"
+    groups:
+      - kube_control_plane
+
 download_defaults:
   container: false
   file: false

roles/kubespray_defaults/vars/main/checksums.yml

@@ -1356,3 +1356,6 @@ gateway_api_experimental_crds_checksums:
     1.2.0: sha256:4369188e63b9ab5a35b5a83032c94d871159dece086b908b6ea18ea321ca06a9
     1.1.0: sha256:10f322744a005d4e73e2b067e95fecd4cfec619dc7564930b488c296bfa3bec1
     1.0.0: sha256:6c601dced7872a940d76fa667ae126ba718cb4c6db970d0bab49128ecc1192a3
+argocd_install_checksums:
+  no_arch:
+    2.14.5: sha256:247ccda29c9faac4e0c8598680f5ebefff9911e957e3aeaf838eb4bbf455f2f4