[GITOPS-9258]: Configurable TLS server settings for argocd and argocd-agent components

Signed-off-by: akhil nittala <nakhil@redhat.com>

Author: akhilnittala

Dockerfile

@@ -1,35 +1,32 @@
 # Build the manager binary
-FROM --platform=linux/amd64 golang:1.25 AS builder
+FROM golang:1.25 as builder
 
 WORKDIR /workspace
-
-COPY argocd-operator /workspace/argocd-operator
-
 # Copy the Go Modules manifests
 COPY go.mod go.mod
 COPY go.sum go.sum
-
-# Cache dependencies
+# cache deps before building and copying source so that we don't need to re-download as much
+# and so that source changes don't invalidate our downloaded layer
 RUN go mod download
 
-# Copy the Go source
+# Copy the go source
 COPY cmd/main.go cmd/main.go
 COPY api/ api/
 COPY controllers/ controllers/
 COPY common/ common/
 COPY version/ version/
 
-# Build explicitly for linux/amd64
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager ./cmd/main.go
-
-# Use distroless as minimal base image
-FROM --platform=linux/amd64 gcr.io/distroless/static:nonroot
+# Build - Use TARGETARCH to build for the correct architecture
+ARG TARGETARCH
+RUN CGO_ENABLED=0 GOOS=linux GOARCH=${TARGETARCH} go build -a -o manager ./cmd/main.go
 
+# Use distroless as minimal base image to package the manager binary
+# Refer to https://github.com/GoogleContainerTools/distroless for more details
+FROM gcr.io/distroless/static:nonroot
 WORKDIR /
-
 COPY --from=builder /workspace/manager /usr/local/bin/manager
 
-# Install redis artifacts
+# install redis artifacts
 COPY build/redis /var/lib/redis
 
 USER 65532:65532

Makefile

@@ -183,7 +183,7 @@ run: manifests generate fmt vet ## Run a controller from your host.
 	CLUSTER_SCOPED_ARGO_ROLLOUTS_NAMESPACES=argo-rollouts,test-rom-ns-1,rom-ns-1,openshift-gitops  ARGOCD_CLUSTER_CONFIG_NAMESPACES="openshift-gitops, argocd-e2e-cluster-config, argocd-test-impersonation-1-046, argocd-agent-principal-1-051, argocd-agent-agent-1-052, appset-argocd, appset-old-ns, appset-new-ns, ns-hosting-principal, ns-hosting-managed-agent, ns-hosting-autonomous-agent, appset-argocd-clusterrole"  REDIS_CONFIG_PATH="build/redis"   go run ./cmd/main.go
 
 .PHONY: docker-build
-docker-build:  ## Build container image with the manager.
+docker-build: test ## Build container image with the manager.
 	$(CONTAINER_RUNTIME) build --platform=linux/amd64 -t ${IMG} .
 
 .PHONY: docker-push

bundle/manifests/argoproj.io_argocds.yaml

@@ -190,7 +190,7 @@ metadata:
     capabilities: Deep Insights
     console.openshift.io/plugins: '["gitops-plugin"]'
     containerImage: quay.io/redhat-developer/gitops-operator
-    createdAt: "2026-04-24T14:56:46Z"
+    createdAt: "2026-05-21T11:46:26Z"
     description: Enables teams to adopt GitOps principles for managing cluster configurations
       and application delivery across hybrid multi-cluster Kubernetes environments.
     features.operators.openshift.io/disconnected: "true"
@@ -589,6 +589,7 @@ spec:
         - apiGroups:
           - config.openshift.io
           resources:
+          - apiservers
           - authentications
           - clusterversions
           - ingresses

bundle/manifests/gitops-operator.clusterserviceversion.yaml

@@ -1314,6 +1314,15 @@ spec:
                     description: Sharding contains the options for the Application
                       Controller sharding configuration.
                     properties:
+                      algorithm:
+                        description: DistributionAlgorithm determines what algorithm
+                          will be used for distribution of shards. Valid options are
+                          legacy, round-robin, and consistent-hashing
+                        enum:
+                        - legacy
+                        - round-robin
+                        - consistent-hashing
+                        type: string
                       clustersPerShard:
                         description: ClustersPerShard defines the maximum number of
                           clusters managed by each argocd shard
@@ -12195,6 +12204,10 @@ spec:
                                 - "1.3"
                                 type: string
                             type: object
+                            x-kubernetes-validations:
+                            - message: minVersion must be less than or equal to maxVersion
+                              rule: '!has(self.minVersion) || !has(self.maxVersion)
+                                || self.minVersion <= self.maxVersion'
                         type: object
                     type: object
                 type: object
@@ -12233,6 +12246,7 @@ spec:
                   CmdParams specifies command-line parameters for the Argo CD components.
                   The only keys currently supported for this parameter are:
                   - controller.resource.health.persist
+                  - applicationsetcontroller.enable.tokenref.strict.mode — when ApplicationSet-in-any-namespace is active, the operator defaults this to "true"
                 type: object
               configManagementPlugins:
                 description: 'Deprecated: ConfigManagementPlugins field is no longer
@@ -14063,6 +14077,15 @@ spec:
                     description: Sharding contains the options for the Application
                       Controller sharding configuration.
                     properties:
+                      algorithm:
+                        description: DistributionAlgorithm determines what algorithm
+                          will be used for distribution of shards. Valid options are
+                          legacy, round-robin, and consistent-hashing
+                        enum:
+                        - legacy
+                        - round-robin
+                        - consistent-hashing
+                        type: string
                       clustersPerShard:
                         description: ClustersPerShard defines the maximum number of
                           clusters managed by each argocd shard
@@ -18198,6 +18221,10 @@ spec:
                         - "1.3"
                         type: string
                     type: object
+                    x-kubernetes-validations:
+                    - message: minVersion must be less than or equal to maxVersion
+                      rule: '!has(self.minVersion) || !has(self.maxVersion) || self.minVersion
+                        <= self.maxVersion'
                 required:
                 - enabled
                 type: object
@@ -18984,6 +19011,10 @@ spec:
                         - "1.3"
                         type: string
                     type: object
+                    x-kubernetes-validations:
+                    - message: minVersion must be less than or equal to maxVersion
+                      rule: '!has(self.minVersion) || !has(self.maxVersion) || self.minVersion
+                        <= self.maxVersion'
                   version:
                     description: Version is the Redis container image tag.
                     type: string
@@ -22590,6 +22621,10 @@ spec:
                         - "1.3"
                         type: string
                     type: object
+                    x-kubernetes-validations:
+                    - message: minVersion must be less than or equal to maxVersion
+                      rule: '!has(self.minVersion) || !has(self.maxVersion) || self.minVersion
+                        <= self.maxVersion'
                   verifytls:
                     description: VerifyTLS defines whether repo server API should
                       be accessed using strict TLS validation
@@ -28292,6 +28327,10 @@ spec:
                         - "1.3"
                         type: string
                     type: object
+                    x-kubernetes-validations:
+                    - message: minVersion must be less than or equal to maxVersion
+                      rule: '!has(self.minVersion) || !has(self.maxVersion) || self.minVersion
+                        <= self.maxVersion'
                   volumeMounts:
                     description: VolumeMounts adds volumeMounts to the Argo CD Server
                       container.

config/crd/bases/argoproj.io_argocdexports.yaml

@@ -12,5 +12,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 images:
 - name: controller
-  newName: quay.io/nittalaakhil/openshift-gitops-operator
-  newTag: v0.0.38
+  newName: quay.io/redhat-developer/gitops-operator