Add local config support (#150)

* feat: add ability to specify local config

This is useful for cases when a user has previously logged in with sso;
when a local config path has been set the `apiClient` will take the
token from the config.

* deps: upgrade argocd

The behaviour of `localconfig.DefaultLocalConfigPath` has changed
between `2.2.x` and `2.3.x`, so to ensure that the correct default path
is being taken, upgrade argocd along with its dependencies.

* docs: update index.md

Co-authored-by: Blake Pettersson <[email protected]>

argocd/provider.go

@@ -10,6 +10,7 @@ import (
 	"github.com/argoproj/argo-cd/v2/pkg/apiclient"
 	"github.com/argoproj/argo-cd/v2/pkg/apiclient/session"
 	"github.com/argoproj/argo-cd/v2/util/io"
+	"github.com/argoproj/argo-cd/v2/util/localconfig"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
@@ -44,6 +45,8 @@ func Provider() *schema.Provider {
 				ConflictsWith: []string{
 					"username",
 					"password",
+					"use_local_config",
+					"config_path",
 				},
 			},
 			"username": {
@@ -52,10 +55,13 @@ func Provider() *schema.Provider {
 				DefaultFunc: schema.EnvDefaultFunc("ARGOCD_AUTH_USERNAME", nil),
 				ConflictsWith: []string{
 					"auth_token",
+					"use_local_config",
+					"config_path",
 				},
 				AtLeastOneOf: []string{
 					"password",
 					"auth_token",
+					"use_local_config",
 				},
 			},
 			"password": {
@@ -64,10 +70,13 @@ func Provider() *schema.Provider {
 				DefaultFunc: schema.EnvDefaultFunc("ARGOCD_AUTH_PASSWORD", nil),
 				ConflictsWith: []string{
 					"auth_token",
+					"use_local_config",
+					"config_path",
 				},
 				AtLeastOneOf: []string{
 					"username",
 					"auth_token",
+					"use_local_config",
 				},
 			},
 			"cert_file": {
@@ -92,6 +101,25 @@ func Provider() *schema.Provider {
 				Type:     schema.TypeBool,
 				Optional: true,
 			},
+			"use_local_config": {
+				Type:     schema.TypeBool,
+				Optional: true,
+				ConflictsWith: []string{
+					"username",
+					"password",
+					"auth_token",
+				},
+			},
+			"config_path": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("ARGOCD_CONFIG_PATH", nil),
+				ConflictsWith: []string{
+					"username",
+					"password",
+					"auth_token",
+				},
+			},
 			"grpc_web_root_path": {
 				Type:     schema.TypeString,
 				Optional: true,
@@ -148,6 +176,20 @@ func initApiClient(d *schema.ResourceData) (
 		opts.ServerAddr = v.(string)
 	}
 
+	if v, ok := d.GetOk("use_local_config"); ok {
+		if v.(bool) {
+			if v, ok := d.GetOk("config_path"); ok {
+				opts.ConfigPath = v.(string)
+			} else {
+				path, err := localconfig.DefaultLocalConfigPath()
+				if err != nil {
+					return nil, err
+				}
+				opts.ConfigPath = path
+			}
+		}
+	}
+
 	if v, ok := d.GetOk("plain_text"); ok {
 		opts.PlainText = v.(bool)
 	}

docs/index.md

@@ -14,7 +14,11 @@ provider "argocd" {
 ## Argument Reference
 
 * `server_addr` - (Required) ArgoCD server address with port.
-* `auth_token` - (Optional) ArgoCD authentication token, taked precedence over `username`/`password`. Can be set through the `ARGOCD_AUTH_TOKEN` environment variable.
+* `use_local_config` - (Optional) use the authentication settings found in the local config file. Useful when you have previously logged in using SSO. Conflicts with
+`auth_token`, `username` and `password`.
+* `config_path` (Optional) - Override the default config path of `$HOME/.config/argocd/config`. Only relevant when using `use_local_config` above.
+  Can be set through the `ARGOCD_CONFIG_PATH` environment variable.
+* `auth_token` - (Optional) ArgoCD authentication token, takes precedence over `username`/`password`. Can be set through the `ARGOCD_AUTH_TOKEN` environment variable.
 * `username` - (Optional) authentication username. Can be set through the `ARGOCD_AUTH_USERNAME` environment variable.
 * `password` - (Optional) authentication password. Can be set through the `ARGOCD_AUTH_PASSWORD` environment variable.
 * `cert_file` - (Optional) Additional root CA certificates file to add to the client TLS connection pool. 

go.mod

@@ -6,51 +6,38 @@ require (
 	cloud.google.com/go/storage v1.14.0 // indirect
 	github.com/Masterminds/semver v1.5.0
 	github.com/apparentlymart/go-cidr v1.1.0 // indirect
-	github.com/argoproj/argo-cd/v2 v2.2.5
-	github.com/argoproj/gitops-engine v0.5.2
+	github.com/argoproj/argo-cd/v2 v2.3.0
+	github.com/argoproj/gitops-engine v0.6.0
 	github.com/argoproj/pkg v0.11.1-0.20211203175135-36c59d8fafe0
 	github.com/aws/aws-sdk-go v1.38.65 // indirect
-	github.com/caddyserver/caddy v1.0.3 // indirect
-	github.com/casbin/casbin v1.9.1 // indirect
-	github.com/checkpoint-restore/go-criu/v4 v4.1.0 // indirect
 	github.com/cristalhq/jwt/v3 v3.1.0
-	github.com/go-bindata/go-bindata v3.1.1+incompatible // indirect
 	github.com/golang/protobuf v1.5.2
-	github.com/golang/snappy v0.0.3 // indirect
 	github.com/hashicorp/go-getter v1.5.4 // indirect
 	github.com/hashicorp/go-uuid v1.0.2 // indirect
 	github.com/hashicorp/hcl/v2 v2.8.2 // indirect
 	github.com/hashicorp/terraform-json v0.13.0 // indirect
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.7.1
-	github.com/miekg/dns v1.1.35 // indirect
 	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
-	github.com/robfig/cron v1.1.0
-	github.com/spf13/jwalterweatherman v1.1.0 // indirect
+	github.com/robfig/cron v1.2.0
 	github.com/stretchr/testify v1.7.0
-	github.com/thecodeteam/goscaleio v0.1.0 // indirect
 	github.com/ulikunitz/xz v0.5.10 // indirect
-	go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489 // indirect
-	golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e
-	golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect
-	golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 // indirect
-	golang.org/x/tools v0.1.3 // indirect
-	google.golang.org/api v0.44.0-impersonate-preview // indirect
-	k8s.io/apimachinery v0.22.2
+	golang.org/x/crypto v0.0.0-20210817164053-32db794688a5
+	k8s.io/apimachinery v0.23.1
 	k8s.io/client-go v11.0.1-0.20190816222228-6d55c1b1f1ca+incompatible
-	k8s.io/heapster v1.2.0-beta.1 // indirect
 	modernc.org/mathutil v1.0.0
 )
 
 replace (
+	github.com/go-check/check v1.0.0-20180628173108-788fd7840127 => github.com/go-check/check v0.0.0-20180628173108-788fd7840127
 	github.com/golang/protobuf => github.com/golang/protobuf v1.4.2
 	github.com/gorilla/websocket => github.com/gorilla/websocket v1.4.2
 	github.com/grpc-ecosystem/grpc-gateway => github.com/grpc-ecosystem/grpc-gateway v1.16.0
 	github.com/improbable-eng/grpc-web => github.com/improbable-eng/grpc-web v0.0.0-20181111100011-16092bd1d58a
 
-	k8s.io/api => k8s.io/api v0.22.2
+	k8s.io/api => k8s.io/api v0.23.1
 	k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.22.2
 	k8s.io/apimachinery => k8s.io/apimachinery v0.22.4-rc.0
-	k8s.io/apiserver => k8s.io/apiserver v0.22.2
+	k8s.io/apiserver => k8s.io/apiserver v0.23.1
 	k8s.io/cli-runtime => k8s.io/cli-runtime v0.22.2
 	k8s.io/client-go => k8s.io/client-go v0.22.2
 	k8s.io/cloud-provider => k8s.io/cloud-provider v0.22.2
@@ -65,7 +52,7 @@ replace (
 	k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.22.2
 	k8s.io/kube-proxy => k8s.io/kube-proxy v0.22.2
 	k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.22.2
-	k8s.io/kubectl => k8s.io/kubectl v0.22.2
+	k8s.io/kubectl => k8s.io/kubectl v0.23.1
 	k8s.io/kubelet => k8s.io/kubelet v0.22.2
 	k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.22.2
 	k8s.io/metrics => k8s.io/metrics v0.22.2