Support for external OIDC providers and implicit login flows

Procfile

@@ -1,4 +1,4 @@
 controller: go run ./cmd/argocd-application-controller/main.go
-api-server: go run ./cmd/argocd-server/main.go --insecure --disable-auth
+api-server: go run ./cmd/argocd-server/main.go --insecure --dex-server http://localhost:5556 --repo-server localhost:8081
 repo-server: go run ./cmd/argocd-repo-server/main.go --loglevel debug
-dex: sh -c "go run ./cmd/argocd-util/main.go gendexcfg -o `pwd`/dist/dex.yaml && docker run --rm -p 5556:5556 -p 5557:5557 -v `pwd`/dist/dex.yaml:/dex.yaml quay.io/coreos/dex:v2.10.0 serve /dex.yaml"
+dex: sh -c "go run ./cmd/argocd-util/main.go gendexcfg -o `pwd`/dist/dex.yaml && docker run --rm -p 5556:5556 -v `pwd`/dist/dex.yaml:/dex.yaml quay.io/dexidp/dex:v2.12.0 serve /dex.yaml"

VERSION

@@ -1 +1 @@
-0.10.0
+0.11.0

cmd/argocd-application-controller/main.go

@@ -2,10 +2,8 @@ package main
 
 import (
 	"context"
-	"flag"
 	"fmt"
 	"os"
-	"strconv"
 	"time"
 
 	log "github.com/sirupsen/logrus"
@@ -48,14 +46,8 @@ func newCommand() *cobra.Command {
 		Use:   cliName,
 		Short: "application-controller is a controller to operate on applications CRD",
 		RunE: func(c *cobra.Command, args []string) error {
-			level, err := log.ParseLevel(logLevel)
-			errors.CheckError(err)
-			log.SetLevel(level)
-
-			// Set the glog level for the k8s go-client
-			_ = flag.CommandLine.Parse([]string{})
-			_ = flag.Lookup("logtostderr").Value.Set("true")
-			_ = flag.Lookup("v").Value.Set(strconv.Itoa(glogLevel))
+			cli.SetLogLevel(logLevel)
+			cli.SetGLogLevel(glogLevel)
 
 			config, err := clientConfig.ClientConfig()
 			errors.CheckError(err)

cmd/argocd-repo-server/main.go

@@ -14,6 +14,7 @@ import (
 	"github.com/argoproj/argo-cd/reposerver"
 	"github.com/argoproj/argo-cd/reposerver/repository"
 	"github.com/argoproj/argo-cd/util/cache"
+	"github.com/argoproj/argo-cd/util/cli"
 	"github.com/argoproj/argo-cd/util/git"
 	"github.com/argoproj/argo-cd/util/ksonnet"
 	"github.com/argoproj/argo-cd/util/stats"
@@ -35,9 +36,7 @@ func newCommand() *cobra.Command {
 		Use:   cliName,
 		Short: "Run argocd-repo-server",
 		RunE: func(c *cobra.Command, args []string) error {
-			level, err := log.ParseLevel(logLevel)
-			errors.CheckError(err)
-			log.SetLevel(level)
+			cli.SetLogLevel(logLevel)
 
 			tlsConfigCustomizer, err := tlsConfigCustomizerSrc()
 			errors.CheckError(err)

cmd/argocd-server/commands/root.go

@@ -2,11 +2,8 @@ package commands
 
 import (
 	"context"
-	"flag"
-	"strconv"
 	"time"
 
-	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
@@ -20,6 +17,14 @@ import (
 	"github.com/argoproj/argo-cd/util/tls"
 )
 
+const (
+	// DefaultDexServerAddr is the HTTP address of the Dex OIDC server, which we run a reverse proxy against
+	DefaultDexServerAddr = "http://dex-server:5556"
+
+	// DefaultRepoServerAddr is the gRPC address of the ArgoCD repo server
+	DefaultRepoServerAddr = "argocd-repo-server:8081"
+)
+
 // NewCommand returns a new instance of an argocd command
 func NewCommand() *cobra.Command {
 	var (
@@ -29,6 +34,7 @@ func NewCommand() *cobra.Command {
 		clientConfig           clientcmd.ClientConfig
 		staticAssetsDir        string
 		repoServerAddress      string
+		dexServerAddress       string
 		disableAuth            bool
 		tlsConfigCustomizerSrc func() (tls.ConfigCustomizer, error)
 	)
@@ -37,14 +43,8 @@ func NewCommand() *cobra.Command {
 		Short: "Run the argocd API server",
 		Long:  "Run the argocd API server",
 		Run: func(c *cobra.Command, args []string) {
-			level, err := log.ParseLevel(logLevel)
-			errors.CheckError(err)
-			log.SetLevel(level)
-
-			// Set the glog level for the k8s go-client
-			_ = flag.CommandLine.Parse([]string{})
-			_ = flag.Lookup("logtostderr").Value.Set("true")
-			_ = flag.Lookup("v").Value.Set(strconv.Itoa(glogLevel))
+			cli.SetLogLevel(logLevel)
+			cli.SetGLogLevel(glogLevel)
 
 			config, err := clientConfig.ClientConfig()
 			errors.CheckError(err)
@@ -66,6 +66,7 @@ func NewCommand() *cobra.Command {
 				KubeClientset:       kubeclientset,
 				AppClientset:        appclientset,
 				RepoClientset:       repoclientset,
+				DexServerAddr:       dexServerAddress,
 				DisableAuth:         disableAuth,
 				TLSConfigCustomizer: tlsConfigCustomizer,
 			}
@@ -89,7 +90,8 @@ func NewCommand() *cobra.Command {
 	command.Flags().StringVar(&staticAssetsDir, "staticassets", "", "Static assets directory path")
 	command.Flags().StringVar(&logLevel, "loglevel", "info", "Set the logging level. One of: debug|info|warn|error")
 	command.Flags().IntVar(&glogLevel, "gloglevel", 0, "Set the glog logging level")
-	command.Flags().StringVar(&repoServerAddress, "repo-server", "localhost:8081", "Repo server address.")
+	command.Flags().StringVar(&repoServerAddress, "repo-server", DefaultRepoServerAddr, "Repo server address")
+	command.Flags().StringVar(&dexServerAddress, "dex-server", DefaultDexServerAddr, "Dex server address")
 	command.Flags().BoolVar(&disableAuth, "disable-auth", false, "Disable client authentication")
 	command.AddCommand(cli.NewVersionCmd(cliName))
 	tlsConfigCustomizerSrc = tls.AddTLSFlagsToCmd(command)

cmd/argocd/commands/account.go

@@ -10,7 +10,7 @@ import (
 	argocdclient "github.com/argoproj/argo-cd/pkg/apiclient"
 	"github.com/argoproj/argo-cd/server/account"
 	"github.com/argoproj/argo-cd/util"
-	"github.com/argoproj/argo-cd/util/settings"
+	"github.com/argoproj/argo-cd/util/cli"
 	"github.com/spf13/cobra"
 	"golang.org/x/crypto/ssh/terminal"
 )
@@ -51,7 +51,7 @@ func NewAccountUpdatePasswordCommand(clientOpts *argocdclient.ClientOptions) *co
 			}
 			if newPassword == "" {
 				var err error
-				newPassword, err = settings.ReadAndConfirmPassword()
+				newPassword, err = cli.ReadAndConfirmPassword()
 				errors.CheckError(err)
 			}
 

cmd/argocd/commands/common.go

@@ -2,4 +2,8 @@ package commands
 
 const (
 	cliName = "argocd"
+
+	// DefaultSSOLocalPort is the localhost port to listen on for the temporary web server performing
+	// the OAuth2 login flow.
+	DefaultSSOLocalPort = 8085
 )