From 2dbc4bf6ddfec13918454f7263e016bc54b913e0 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Sat, 2 Sep 2023 23:10:37 -0400 Subject: [PATCH 1/2] update secret manager example Signed-off-by: Carlos Santana --- .../eks/aws-secrets-manager/README.md | 7 +++- .../aws-secrets-manager/bootstrap/addons.yaml | 42 ++++++++++++------- .../examples/eks/aws-secrets-manager/main.tf | 28 ++++++------- .../eks/aws-secrets-manager/outputs.tf | 4 +- .../eks/aws-secrets-manager/variables.tf | 20 ++++++--- 5 files changed, 64 insertions(+), 37 deletions(-) diff --git a/argocd/iac/terraform/examples/eks/aws-secrets-manager/README.md b/argocd/iac/terraform/examples/eks/aws-secrets-manager/README.md index e26f950c..bd83f6cd 100644 --- a/argocd/iac/terraform/examples/eks/aws-secrets-manager/README.md +++ b/argocd/iac/terraform/examples/eks/aws-secrets-manager/README.md @@ -9,11 +9,16 @@ terraform init terraform apply ``` -Access Terraform output to configure `kubectl` and `argocd` +Access Terraform output to configure `kubectl` and `argocd` (it includes argocd password) ```shell terraform output ``` +To get the argocd `admin` password stored in AWS Secret Manager +```shell +aws secretsmanager get-secret-value --secret-id argocd --output json | jq -r .SecretString +``` + Destroy EKS Cluster ```shell cd hub diff --git a/argocd/iac/terraform/examples/eks/aws-secrets-manager/bootstrap/addons.yaml b/argocd/iac/terraform/examples/eks/aws-secrets-manager/bootstrap/addons.yaml index 61216a94..21c9e06e 100644 --- a/argocd/iac/terraform/examples/eks/aws-secrets-manager/bootstrap/addons.yaml +++ b/argocd/iac/terraform/examples/eks/aws-secrets-manager/bootstrap/addons.yaml @@ -1,19 +1,33 @@ +--- apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: name: bootstrap-addons - namespace: 'argocd' + namespace: argocd spec: - destination: - server: https://kubernetes.default.svc - namespace: 'argocd' - project: default - source: - path: ${path} - repoURL: ${repoURL} - targetRevision: ${targetRevision} - directory: - recurse: true - exclude: exclude/* syncPolicy: - automated: {} + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'bootstrap-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.addons_repo_url}}' + path: '{{metadata.annotations.addons_repo_basepath}}{{metadata.annotations.addons_repo_path}}' + targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true + exclude: exclude/* + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: {} diff --git a/argocd/iac/terraform/examples/eks/aws-secrets-manager/main.tf b/argocd/iac/terraform/examples/eks/aws-secrets-manager/main.tf index 1a1277e2..acc1ca3b 100644 --- a/argocd/iac/terraform/examples/eks/aws-secrets-manager/main.tf +++ b/argocd/iac/terraform/examples/eks/aws-secrets-manager/main.tf @@ -45,13 +45,15 @@ provider "kubernetes" { } locals { - name = "ex-${replace(basename(path.cwd), "_", "-")}" - environment = "dev" - region = "us-west-2" - cluster_version = "1.27" - gitops_url = var.gitops_url - gitops_revision = var.gitops_revision - gitops_path = var.gitops_path + name = "ex-${replace(basename(path.cwd), "_", "-")}" + environment = "dev" + region = "us-west-2" + cluster_version = "1.27" + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision + aws_addons = { enable_cert_manager = true @@ -98,17 +100,15 @@ locals { aws_vpc_id = module.vpc.vpc_id }, { - gitops_bridge_repo_url = local.gitops_url - gitops_bridge_repo_revision = local.gitops_revision + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision } ) argocd_bootstrap_app_of_apps = { - addons = templatefile("${path.module}/bootstrap/addons.yaml", { - repoURL = local.gitops_url - targetRevision = local.gitops_revision - path = local.gitops_path - }) + addons = file("${path.module}/bootstrap/addons.yaml") workloads = file("${path.module}/bootstrap/workloads.yaml") } diff --git a/argocd/iac/terraform/examples/eks/aws-secrets-manager/outputs.tf b/argocd/iac/terraform/examples/eks/aws-secrets-manager/outputs.tf index f2d1bb13..34f84b82 100644 --- a/argocd/iac/terraform/examples/eks/aws-secrets-manager/outputs.tf +++ b/argocd/iac/terraform/examples/eks/aws-secrets-manager/outputs.tf @@ -13,9 +13,9 @@ output "configure_argocd" { aws eks --region ${local.region} update-kubeconfig --name ${module.eks.cluster_name} export ARGOCD_OPTS="--port-forward --port-forward-namespace argocd --grpc-web" kubectl config set-context --current --namespace argocd - argocd login --port-forward --username admin --password $(argocd admin initial-password | head -1) + argocd login --port-forward --username admin --password $(aws secretsmanager get-secret-value --secret-id argocd --output json | jq -r .SecretString) echo "ArgoCD Username: admin" - echo "ArgoCD Password: $(kubectl get secrets argocd-initial-admin-secret -n argocd --template="{{index .data.password | base64decode}}")" + echo "ArgoCD Password: $(aws secretsmanager get-secret-value --secret-id argocd --output json | jq -r .SecretString)" echo Port Forward: http://localhost:8080 kubectl port-forward -n argocd svc/argo-cd-argocd-server 8080:80 EOT diff --git a/argocd/iac/terraform/examples/eks/aws-secrets-manager/variables.tf b/argocd/iac/terraform/examples/eks/aws-secrets-manager/variables.tf index dbd72d91..c1d456eb 100644 --- a/argocd/iac/terraform/examples/eks/aws-secrets-manager/variables.tf +++ b/argocd/iac/terraform/examples/eks/aws-secrets-manager/variables.tf @@ -1,12 +1,20 @@ -variable "gitops_url" { +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" +} +variable "gitops_addons_repo" { description = "Git repository contains for addons" - default = "https://github.com/gitops-bridge-dev/gitops-bridge-argocd-control-plane-template" + default = "gitops-bridge-argocd-control-plane-template" } -variable "gitops_revision" { - description = "Git repository revision/branch/ref for addons" - default = "HEAD" +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + default = "" } -variable "gitops_path" { +variable "gitops_addons_path" { description = "Git repository path for addons" default = "bootstrap/control-plane/addons" } +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} From 14793f1a97b1f14ad3726aed20d5a755b3768c12 Mon Sep 17 00:00:00 2001 From: Carlos Santana Date: Sun, 3 Sep 2023 01:15:23 -0400 Subject: [PATCH 2/2] refactor addons repo info Signed-off-by: Carlos Santana --- .../eks/complete/bootstrap/addons.yaml | 42 ++++++++----- .../terraform/examples/eks/complete/main.tf | 19 +++--- .../examples/eks/complete/variables.tf | 20 +++++-- .../eks/crossplane/bootstrap/addons.yaml | 42 ++++++++----- .../terraform/examples/eks/crossplane/main.tf | 27 ++++----- .../examples/eks/crossplane/variables.tf | 20 +++++-- .../examples/eks/external-secrets/main.tf | 12 ++-- .../eks/hello-world/bootstrap/addons.yaml | 42 ++++++++----- .../examples/eks/hello-world/main.tf | 27 ++++----- .../examples/eks/hello-world/variables.tf | 20 +++++-- .../eks/ingress-alb/bootstrap/addons.yaml | 42 ++++++++----- .../examples/eks/ingress-alb/main.tf | 27 ++++----- .../examples/eks/ingress-alb/outputs.tf | 1 - .../examples/eks/ingress-alb/variables.tf | 21 ++++--- .../distributed/bootstrap/addons.yaml | 42 ++++++++----- .../eks/multi-cluster/distributed/main.tf | 29 +++++---- .../multi-cluster/distributed/variables.tf | 32 ++++++---- .../hub/bootstrap/addons.yaml | 42 ++++++++----- .../hub-spoke-shared/hub/main.tf | 29 +++++---- .../hub-spoke-shared/hub/variables.tf | 34 +++++++---- .../hub-spoke-shared/spokes/main.tf | 23 +++---- .../hub-spoke-shared/spokes/variables.tf | 34 +++++++---- .../hub-spoke/hub/bootstrap/addons.yaml | 42 ++++++++----- .../eks/multi-cluster/hub-spoke/hub/main.tf | 29 +++++---- .../multi-cluster/hub-spoke/hub/variables.tf | 34 +++++++---- .../multi-cluster/hub-spoke/spokes/main.tf | 23 +++---- .../hub-spoke/spokes/variables.tf | 34 +++++++---- .../eks/private-git/bootstrap/addons.yaml | 42 ++++++++----- .../eks/private-git/bootstrap/workloads.yaml | 44 +++++++++----- .../examples/eks/private-git/main.tf | 60 ++++++++++--------- .../examples/eks/private-git/variables.tf | 37 ++++++++++++ 31 files changed, 605 insertions(+), 367 deletions(-) diff --git a/argocd/iac/terraform/examples/eks/complete/bootstrap/addons.yaml b/argocd/iac/terraform/examples/eks/complete/bootstrap/addons.yaml index 61216a94..21c9e06e 100644 --- a/argocd/iac/terraform/examples/eks/complete/bootstrap/addons.yaml +++ b/argocd/iac/terraform/examples/eks/complete/bootstrap/addons.yaml @@ -1,19 +1,33 @@ +--- apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: name: bootstrap-addons - namespace: 'argocd' + namespace: argocd spec: - destination: - server: https://kubernetes.default.svc - namespace: 'argocd' - project: default - source: - path: ${path} - repoURL: ${repoURL} - targetRevision: ${targetRevision} - directory: - recurse: true - exclude: exclude/* syncPolicy: - automated: {} + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'bootstrap-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.addons_repo_url}}' + path: '{{metadata.annotations.addons_repo_basepath}}{{metadata.annotations.addons_repo_path}}' + targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true + exclude: exclude/* + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: {} diff --git a/argocd/iac/terraform/examples/eks/complete/main.tf b/argocd/iac/terraform/examples/eks/complete/main.tf index 741260c2..2aea185d 100644 --- a/argocd/iac/terraform/examples/eks/complete/main.tf +++ b/argocd/iac/terraform/examples/eks/complete/main.tf @@ -47,9 +47,10 @@ locals { environment = "dev" region = "us-west-2" cluster_version = "1.27" - gitops_url = var.gitops_url - gitops_revision = var.gitops_revision - gitops_path = var.gitops_path + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision aws_addons = { enable_cert_manager = true @@ -96,8 +97,10 @@ locals { aws_vpc_id = module.vpc.vpc_id }, { - gitops_bridge_repo_url = local.gitops_url - gitops_bridge_repo_revision = local.gitops_revision + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision }, try(local.aws_addons.enable_velero, false) ? { velero_backup_s3_bucket_prefix = try(local.velero_backup_s3_bucket_prefix,"") @@ -105,11 +108,7 @@ locals { ) argocd_bootstrap_app_of_apps = { - addons = templatefile("${path.module}/bootstrap/addons.yaml", { - repoURL = local.gitops_url - targetRevision = local.gitops_revision - path = local.gitops_path - }) + addons = file("${path.module}/bootstrap/addons.yaml") workloads = file("${path.module}/bootstrap/workloads.yaml") } diff --git a/argocd/iac/terraform/examples/eks/complete/variables.tf b/argocd/iac/terraform/examples/eks/complete/variables.tf index dbd72d91..c1d456eb 100644 --- a/argocd/iac/terraform/examples/eks/complete/variables.tf +++ b/argocd/iac/terraform/examples/eks/complete/variables.tf @@ -1,12 +1,20 @@ -variable "gitops_url" { +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" +} +variable "gitops_addons_repo" { description = "Git repository contains for addons" - default = "https://github.com/gitops-bridge-dev/gitops-bridge-argocd-control-plane-template" + default = "gitops-bridge-argocd-control-plane-template" } -variable "gitops_revision" { - description = "Git repository revision/branch/ref for addons" - default = "HEAD" +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + default = "" } -variable "gitops_path" { +variable "gitops_addons_path" { description = "Git repository path for addons" default = "bootstrap/control-plane/addons" } +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} diff --git a/argocd/iac/terraform/examples/eks/crossplane/bootstrap/addons.yaml b/argocd/iac/terraform/examples/eks/crossplane/bootstrap/addons.yaml index 61216a94..21c9e06e 100644 --- a/argocd/iac/terraform/examples/eks/crossplane/bootstrap/addons.yaml +++ b/argocd/iac/terraform/examples/eks/crossplane/bootstrap/addons.yaml @@ -1,19 +1,33 @@ +--- apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: name: bootstrap-addons - namespace: 'argocd' + namespace: argocd spec: - destination: - server: https://kubernetes.default.svc - namespace: 'argocd' - project: default - source: - path: ${path} - repoURL: ${repoURL} - targetRevision: ${targetRevision} - directory: - recurse: true - exclude: exclude/* syncPolicy: - automated: {} + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'bootstrap-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.addons_repo_url}}' + path: '{{metadata.annotations.addons_repo_basepath}}{{metadata.annotations.addons_repo_path}}' + targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true + exclude: exclude/* + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: {} diff --git a/argocd/iac/terraform/examples/eks/crossplane/main.tf b/argocd/iac/terraform/examples/eks/crossplane/main.tf index 1d962e3d..51ab53f8 100644 --- a/argocd/iac/terraform/examples/eks/crossplane/main.tf +++ b/argocd/iac/terraform/examples/eks/crossplane/main.tf @@ -43,13 +43,14 @@ provider "kubernetes" { } locals { - name = "ex-${replace(basename(path.cwd), "_", "-")}" - environment = "control-plane" - region = "us-west-2" - cluster_version = "1.27" - gitops_url = var.gitops_url - gitops_revision = var.gitops_revision - gitops_path = var.gitops_path + name = "ex-${replace(basename(path.cwd), "_", "-")}" + environment = "control-plane" + region = "us-west-2" + cluster_version = "1.27" + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision aws_addons = { enable_cert_manager = true @@ -106,17 +107,15 @@ locals { aws_upbound_crossplane_iam_role_arn = module.crossplane_irsa_aws.iam_role_arn }, { - gitops_bridge_repo_url = local.gitops_url - gitops_bridge_repo_revision = local.gitops_revision + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision } ) argocd_bootstrap_app_of_apps = { - addons = templatefile("${path.module}/bootstrap/addons.yaml", { - repoURL = local.gitops_url - targetRevision = local.gitops_revision - path = local.gitops_path - }) + addons = file("${path.module}/bootstrap/addons.yaml") workloads = file("${path.module}/bootstrap/workloads.yaml") } diff --git a/argocd/iac/terraform/examples/eks/crossplane/variables.tf b/argocd/iac/terraform/examples/eks/crossplane/variables.tf index dbd72d91..c1d456eb 100644 --- a/argocd/iac/terraform/examples/eks/crossplane/variables.tf +++ b/argocd/iac/terraform/examples/eks/crossplane/variables.tf @@ -1,12 +1,20 @@ -variable "gitops_url" { +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" +} +variable "gitops_addons_repo" { description = "Git repository contains for addons" - default = "https://github.com/gitops-bridge-dev/gitops-bridge-argocd-control-plane-template" + default = "gitops-bridge-argocd-control-plane-template" } -variable "gitops_revision" { - description = "Git repository revision/branch/ref for addons" - default = "HEAD" +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + default = "" } -variable "gitops_path" { +variable "gitops_addons_path" { description = "Git repository path for addons" default = "bootstrap/control-plane/addons" } +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} diff --git a/argocd/iac/terraform/examples/eks/external-secrets/main.tf b/argocd/iac/terraform/examples/eks/external-secrets/main.tf index 55d0fc74..9a681ea3 100644 --- a/argocd/iac/terraform/examples/eks/external-secrets/main.tf +++ b/argocd/iac/terraform/examples/eks/external-secrets/main.tf @@ -47,12 +47,10 @@ locals { environment = "dev" region = "us-west-2" cluster_version = "1.27" - gitops_addons_org = var.gitops_addons_org - gitops_addons_repo = var.gitops_addons_repo + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" gitops_addons_basepath = var.gitops_addons_basepath gitops_addons_path = var.gitops_addons_path gitops_addons_revision = var.gitops_addons_revision - gitops_addons_url = "${local.gitops_addons_org}/${local.gitops_addons_repo}" gitops_workload_org = var.gitops_workload_org gitops_workload_repo = var.gitops_workload_repo @@ -110,10 +108,10 @@ locals { aws_vpc_id = module.vpc.vpc_id }, { - gitops_bridge_repo_url = local.gitops_addons_url - gitops_bridge_repo_basepath = local.gitops_addons_basepath - gitops_bridge_repo_path = local.gitops_addons_path - gitops_bridge_repo_revision = local.gitops_addons_revision + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision }, { workload_repo_url = local.gitops_workload_url diff --git a/argocd/iac/terraform/examples/eks/hello-world/bootstrap/addons.yaml b/argocd/iac/terraform/examples/eks/hello-world/bootstrap/addons.yaml index 61216a94..21c9e06e 100644 --- a/argocd/iac/terraform/examples/eks/hello-world/bootstrap/addons.yaml +++ b/argocd/iac/terraform/examples/eks/hello-world/bootstrap/addons.yaml @@ -1,19 +1,33 @@ +--- apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: name: bootstrap-addons - namespace: 'argocd' + namespace: argocd spec: - destination: - server: https://kubernetes.default.svc - namespace: 'argocd' - project: default - source: - path: ${path} - repoURL: ${repoURL} - targetRevision: ${targetRevision} - directory: - recurse: true - exclude: exclude/* syncPolicy: - automated: {} + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'bootstrap-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.addons_repo_url}}' + path: '{{metadata.annotations.addons_repo_basepath}}{{metadata.annotations.addons_repo_path}}' + targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true + exclude: exclude/* + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: {} diff --git a/argocd/iac/terraform/examples/eks/hello-world/main.tf b/argocd/iac/terraform/examples/eks/hello-world/main.tf index a8e6e00f..1b69c075 100644 --- a/argocd/iac/terraform/examples/eks/hello-world/main.tf +++ b/argocd/iac/terraform/examples/eks/hello-world/main.tf @@ -43,13 +43,14 @@ provider "kubernetes" { } locals { - name = "ex-${replace(basename(path.cwd), "_", "-")}" - environment = "dev" - region = "us-west-2" - cluster_version = "1.27" - gitops_url = var.gitops_url - gitops_revision = var.gitops_revision - gitops_path = var.gitops_path + name = "ex-${replace(basename(path.cwd), "_", "-")}" + environment = "dev" + region = "us-west-2" + cluster_version = "1.27" + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision aws_addons = { enable_cert_manager = true @@ -96,17 +97,15 @@ locals { aws_vpc_id = module.vpc.vpc_id }, { - gitops_bridge_repo_url = local.gitops_url - gitops_bridge_repo_revision = local.gitops_revision + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision } ) argocd_bootstrap_app_of_apps = { - addons = templatefile("${path.module}/bootstrap/addons.yaml", { - repoURL = local.gitops_url - targetRevision = local.gitops_revision - path = local.gitops_path - }) + addons = file("${path.module}/bootstrap/addons.yaml") workloads = file("${path.module}/bootstrap/workloads.yaml") } diff --git a/argocd/iac/terraform/examples/eks/hello-world/variables.tf b/argocd/iac/terraform/examples/eks/hello-world/variables.tf index dbd72d91..c1d456eb 100644 --- a/argocd/iac/terraform/examples/eks/hello-world/variables.tf +++ b/argocd/iac/terraform/examples/eks/hello-world/variables.tf @@ -1,12 +1,20 @@ -variable "gitops_url" { +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" +} +variable "gitops_addons_repo" { description = "Git repository contains for addons" - default = "https://github.com/gitops-bridge-dev/gitops-bridge-argocd-control-plane-template" + default = "gitops-bridge-argocd-control-plane-template" } -variable "gitops_revision" { - description = "Git repository revision/branch/ref for addons" - default = "HEAD" +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + default = "" } -variable "gitops_path" { +variable "gitops_addons_path" { description = "Git repository path for addons" default = "bootstrap/control-plane/addons" } +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} diff --git a/argocd/iac/terraform/examples/eks/ingress-alb/bootstrap/addons.yaml b/argocd/iac/terraform/examples/eks/ingress-alb/bootstrap/addons.yaml index 61216a94..21c9e06e 100644 --- a/argocd/iac/terraform/examples/eks/ingress-alb/bootstrap/addons.yaml +++ b/argocd/iac/terraform/examples/eks/ingress-alb/bootstrap/addons.yaml @@ -1,19 +1,33 @@ +--- apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: name: bootstrap-addons - namespace: 'argocd' + namespace: argocd spec: - destination: - server: https://kubernetes.default.svc - namespace: 'argocd' - project: default - source: - path: ${path} - repoURL: ${repoURL} - targetRevision: ${targetRevision} - directory: - recurse: true - exclude: exclude/* syncPolicy: - automated: {} + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'bootstrap-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.addons_repo_url}}' + path: '{{metadata.annotations.addons_repo_basepath}}{{metadata.annotations.addons_repo_path}}' + targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true + exclude: exclude/* + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: {} diff --git a/argocd/iac/terraform/examples/eks/ingress-alb/main.tf b/argocd/iac/terraform/examples/eks/ingress-alb/main.tf index 6dd52c33..a66208ed 100644 --- a/argocd/iac/terraform/examples/eks/ingress-alb/main.tf +++ b/argocd/iac/terraform/examples/eks/ingress-alb/main.tf @@ -43,13 +43,14 @@ provider "kubernetes" { } locals { - name = "ex-${replace(basename(path.cwd), "_", "-")}" - environment = "dev" - region = "us-west-2" - cluster_version = "1.27" - gitops_url = var.gitops_url - gitops_revision = var.gitops_revision - gitops_path = var.gitops_path + name = "ex-${replace(basename(path.cwd), "_", "-")}" + environment = "dev" + region = "us-west-2" + cluster_version = "1.27" + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision enable_ingress = true domain_private_zone = false @@ -114,17 +115,15 @@ locals { argocd_namespace = "argocd" }, { - gitops_bridge_repo_url = local.gitops_url - gitops_bridge_repo_revision = local.gitops_revision + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision } ) argocd_bootstrap_app_of_apps = { - addons = templatefile("${path.module}/bootstrap/addons.yaml", { - repoURL = local.gitops_url - targetRevision = local.gitops_revision - path = local.gitops_path - }) + addons = file("${path.module}/bootstrap/addons.yaml") workloads = file("${path.module}/bootstrap/workloads.yaml") } diff --git a/argocd/iac/terraform/examples/eks/ingress-alb/outputs.tf b/argocd/iac/terraform/examples/eks/ingress-alb/outputs.tf index 8fba750f..b1fa7096 100644 --- a/argocd/iac/terraform/examples/eks/ingress-alb/outputs.tf +++ b/argocd/iac/terraform/examples/eks/ingress-alb/outputs.tf @@ -30,4 +30,3 @@ output "access_argocd" { echo "ArgoCD Password: $(kubectl get secrets argocd-initial-admin-secret -n argocd --template="{{index .data.password | base64decode}}")" EOT } - diff --git a/argocd/iac/terraform/examples/eks/ingress-alb/variables.tf b/argocd/iac/terraform/examples/eks/ingress-alb/variables.tf index 6bcc8fc3..c1d456eb 100644 --- a/argocd/iac/terraform/examples/eks/ingress-alb/variables.tf +++ b/argocd/iac/terraform/examples/eks/ingress-alb/variables.tf @@ -1,15 +1,20 @@ -variable "domain_name" { - description = "Route 53 domain name" +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" } -variable "gitops_url" { +variable "gitops_addons_repo" { description = "Git repository contains for addons" - default = "https://github.com/gitops-bridge-dev/gitops-bridge-argocd-control-plane-template" + default = "gitops-bridge-argocd-control-plane-template" } -variable "gitops_revision" { - description = "Git repository revision/branch/ref for addons" - default = "HEAD" +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + default = "" } -variable "gitops_path" { +variable "gitops_addons_path" { description = "Git repository path for addons" default = "bootstrap/control-plane/addons" } +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/distributed/bootstrap/addons.yaml b/argocd/iac/terraform/examples/eks/multi-cluster/distributed/bootstrap/addons.yaml index 61216a94..21c9e06e 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/distributed/bootstrap/addons.yaml +++ b/argocd/iac/terraform/examples/eks/multi-cluster/distributed/bootstrap/addons.yaml @@ -1,19 +1,33 @@ +--- apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: name: bootstrap-addons - namespace: 'argocd' + namespace: argocd spec: - destination: - server: https://kubernetes.default.svc - namespace: 'argocd' - project: default - source: - path: ${path} - repoURL: ${repoURL} - targetRevision: ${targetRevision} - directory: - recurse: true - exclude: exclude/* syncPolicy: - automated: {} + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'bootstrap-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.addons_repo_url}}' + path: '{{metadata.annotations.addons_repo_basepath}}{{metadata.annotations.addons_repo_path}}' + targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true + exclude: exclude/* + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: {} diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/distributed/main.tf b/argocd/iac/terraform/examples/eks/multi-cluster/distributed/main.tf index 1e67fa6c..aca21a00 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/distributed/main.tf +++ b/argocd/iac/terraform/examples/eks/multi-cluster/distributed/main.tf @@ -43,14 +43,15 @@ provider "kubernetes" { } locals { - name = "multi-cluster-${terraform.workspace}" - environment = terraform.workspace - region = "us-west-2" - cluster_version = var.kubernetes_version - vpc_cidr = var.vpc_cidr - gitops_url = var.gitops_url - gitops_revision = var.gitops_revision - gitops_path = var.gitops_path + name = "multi-cluster-${terraform.workspace}" + environment = terraform.workspace + region = "us-west-2" + cluster_version = var.kubernetes_version + vpc_cidr = var.vpc_cidr + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision aws_addons = { enable_cert_manager = true @@ -97,17 +98,15 @@ locals { aws_vpc_id = module.vpc.vpc_id }, { - gitops_bridge_repo_url = local.gitops_url - gitops_bridge_repo_revision = local.gitops_revision + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision } ) argocd_bootstrap_app_of_apps = { - addons = templatefile("${path.module}/bootstrap/addons.yaml", { - repoURL = local.gitops_url - targetRevision = local.gitops_revision - path = local.gitops_path - }) + addons = file("${path.module}/bootstrap/addons.yaml") workloads = templatefile("${path.module}/bootstrap/workloads.yaml", { environment = local.environment diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/distributed/variables.tf b/argocd/iac/terraform/examples/eks/multi-cluster/distributed/variables.tf index 656fb109..2d768889 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/distributed/variables.tf +++ b/argocd/iac/terraform/examples/eks/multi-cluster/distributed/variables.tf @@ -1,18 +1,28 @@ -variable "vpc_cidr" { - description = "VPC CIDR" -} -variable "kubernetes_version" { - description = "EKS version" +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" } -variable "gitops_url" { +variable "gitops_addons_repo" { description = "Git repository contains for addons" - default = "https://github.com/gitops-bridge-dev/gitops-bridge-argocd-control-plane-template" + default = "gitops-bridge-argocd-control-plane-template" } -variable "gitops_revision" { - description = "Git repository revision/branch/ref for addons" - default = "HEAD" +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + default = "" } -variable "gitops_path" { +variable "gitops_addons_path" { description = "Git repository path for addons" default = "bootstrap/control-plane/addons" } +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} + + +variable "vpc_cidr" { + description = "VPC CIDR" +} +variable "kubernetes_version" { + description = "EKS version" +} diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/hub/bootstrap/addons.yaml b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/hub/bootstrap/addons.yaml index 61216a94..21c9e06e 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/hub/bootstrap/addons.yaml +++ b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/hub/bootstrap/addons.yaml @@ -1,19 +1,33 @@ +--- apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: name: bootstrap-addons - namespace: 'argocd' + namespace: argocd spec: - destination: - server: https://kubernetes.default.svc - namespace: 'argocd' - project: default - source: - path: ${path} - repoURL: ${repoURL} - targetRevision: ${targetRevision} - directory: - recurse: true - exclude: exclude/* syncPolicy: - automated: {} + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'bootstrap-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.addons_repo_url}}' + path: '{{metadata.annotations.addons_repo_basepath}}{{metadata.annotations.addons_repo_path}}' + targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true + exclude: exclude/* + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: {} diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/hub/main.tf b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/hub/main.tf index cd5add2a..e21e29ee 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/hub/main.tf +++ b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/hub/main.tf @@ -43,14 +43,15 @@ provider "kubernetes" { } locals { - name = "hub-spoke-2-${local.environment}" - environment = "control-plane" - region = "us-west-2" - cluster_version = var.kubernetes_version - vpc_cidr = var.vpc_cidr - gitops_url = var.gitops_url - gitops_revision = var.gitops_revision - gitops_path = var.gitops_path + name = "hub-spoke-2-${local.environment}" + environment = "control-plane" + region = "us-west-2" + cluster_version = var.kubernetes_version + vpc_cidr = var.vpc_cidr + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision aws_addons = { enable_cert_manager = true @@ -103,17 +104,15 @@ locals { argocd_namespace = "argocd" }, { - gitops_bridge_repo_url = local.gitops_url - gitops_bridge_repo_revision = local.gitops_revision + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision } ) argocd_bootstrap_app_of_apps = { - addons = templatefile("${path.module}/bootstrap/addons.yaml", { - repoURL = local.gitops_url - targetRevision = local.gitops_revision - path = local.gitops_path - }) + addons = file("${path.module}/bootstrap/addons.yaml") } azs = slice(data.aws_availability_zones.available.names, 0, 3) diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/hub/variables.tf b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/hub/variables.tf index 34ad6103..fff92ae1 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/hub/variables.tf +++ b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/hub/variables.tf @@ -1,3 +1,25 @@ +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" +} +variable "gitops_addons_repo" { + description = "Git repository contains for addons" + default = "gitops-bridge-argocd-control-plane-template" +} +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + default = "" +} +variable "gitops_addons_path" { + description = "Git repository path for addons" + default = "bootstrap/control-plane/addons" +} +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} + + variable "vpc_cidr" { description = "VPC CIDR" default = "10.0.0.0/16" @@ -8,15 +30,3 @@ variable "kubernetes_version" { default = "1.27" type = string } -variable "gitops_url" { - description = "Git repository contains for addons" - default = "https://github.com/gitops-bridge-dev/gitops-bridge-argocd-control-plane-template" -} -variable "gitops_revision" { - description = "Git repository revision/branch/ref for addons" - default = "HEAD" -} -variable "gitops_path" { - description = "Git repository path for addons" - default = "bootstrap/control-plane/addons" -} diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/spokes/main.tf b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/spokes/main.tf index f56b51a1..0a43dda6 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/spokes/main.tf +++ b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/spokes/main.tf @@ -88,14 +88,15 @@ provider "helm" { locals { - name = "hub-spoke-2-${terraform.workspace}" - environment = terraform.workspace - region = "us-west-2" - cluster_version = var.kubernetes_version - vpc_cidr = var.vpc_cidr - gitops_url = var.gitops_url - gitops_revision = var.gitops_revision - gitops_path = var.gitops_path + name = "hub-spoke-2-${terraform.workspace}" + environment = terraform.workspace + region = "us-west-2" + cluster_version = var.kubernetes_version + vpc_cidr = var.vpc_cidr + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision aws_addons = { enable_cert_manager = true @@ -142,8 +143,10 @@ locals { aws_vpc_id = module.vpc.vpc_id }, { - gitops_bridge_repo_url = local.gitops_url - gitops_bridge_repo_revision = local.gitops_revision + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision } ) diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/spokes/variables.tf b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/spokes/variables.tf index 63377f88..7b52c1ae 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/spokes/variables.tf +++ b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke-shared/spokes/variables.tf @@ -1,3 +1,25 @@ +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" +} +variable "gitops_addons_repo" { + description = "Git repository contains for addons" + default = "gitops-bridge-argocd-control-plane-template" +} +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + default = "" +} +variable "gitops_addons_path" { + description = "Git repository path for addons" + default = "bootstrap/control-plane/addons" +} +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} + + variable "vpc_cidr" { description = "VPC CIDR" type = string @@ -6,15 +28,3 @@ variable "kubernetes_version" { description = "EKS version" type = string } -variable "gitops_url" { - description = "Git repository contains for addons" - default = "https://github.com/gitops-bridge-dev/gitops-bridge-argocd-control-plane-template" -} -variable "gitops_revision" { - description = "Git repository revision/branch/ref for addons" - default = "HEAD" -} -variable "gitops_path" { - description = "Git repository path for addons" - default = "bootstrap/control-plane/addons" -} diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/hub/bootstrap/addons.yaml b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/hub/bootstrap/addons.yaml index 61216a94..21c9e06e 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/hub/bootstrap/addons.yaml +++ b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/hub/bootstrap/addons.yaml @@ -1,19 +1,33 @@ +--- apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: name: bootstrap-addons - namespace: 'argocd' + namespace: argocd spec: - destination: - server: https://kubernetes.default.svc - namespace: 'argocd' - project: default - source: - path: ${path} - repoURL: ${repoURL} - targetRevision: ${targetRevision} - directory: - recurse: true - exclude: exclude/* syncPolicy: - automated: {} + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'bootstrap-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.addons_repo_url}}' + path: '{{metadata.annotations.addons_repo_basepath}}{{metadata.annotations.addons_repo_path}}' + targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true + exclude: exclude/* + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: {} diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/hub/main.tf b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/hub/main.tf index 21369022..a935ee21 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/hub/main.tf +++ b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/hub/main.tf @@ -43,14 +43,15 @@ provider "kubernetes" { } locals { - name = "hub-spoke-${local.environment}" - environment = "control-plane" - region = "us-west-2" - cluster_version = var.kubernetes_version - vpc_cidr = var.vpc_cidr - gitops_url = var.gitops_url - gitops_revision = var.gitops_revision - gitops_path = var.gitops_path + name = "hub-spoke-${local.environment}" + environment = "control-plane" + region = "us-west-2" + cluster_version = var.kubernetes_version + vpc_cidr = var.vpc_cidr + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision aws_addons = { enable_cert_manager = true @@ -103,17 +104,15 @@ locals { argocd_namespace = "argocd" }, { - gitops_bridge_repo_url = local.gitops_url - gitops_bridge_repo_revision = local.gitops_revision + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision } ) argocd_bootstrap_app_of_apps = { - addons = templatefile("${path.module}/bootstrap/addons.yaml", { - repoURL = local.gitops_url - targetRevision = local.gitops_revision - path = local.gitops_path - }) + addons = file("${path.module}/bootstrap/addons.yaml") } azs = slice(data.aws_availability_zones.available.names, 0, 3) diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/hub/variables.tf b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/hub/variables.tf index 5f658eab..697c8a10 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/hub/variables.tf +++ b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/hub/variables.tf @@ -1,3 +1,25 @@ +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" +} +variable "gitops_addons_repo" { + description = "Git repository contains for addons" + default = "gitops-bridge-argocd-control-plane-template" +} +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + default = "" +} +variable "gitops_addons_path" { + description = "Git repository path for addons" + default = "bootstrap/control-plane/addons" +} +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} + + variable "vpc_cidr" { description = "VPC CIDR" default = "10.0.0.0/16" @@ -6,15 +28,3 @@ variable "kubernetes_version" { description = "EKS version" default = "1.27" } -variable "gitops_url" { - description = "Git repository contains for addons" - default = "https://github.com/gitops-bridge-dev/gitops-bridge-argocd-control-plane-template" -} -variable "gitops_revision" { - description = "Git repository revision/branch/ref for addons" - default = "HEAD" -} -variable "gitops_path" { - description = "Git repository path for addons" - default = "bootstrap/control-plane/addons" -} diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/spokes/main.tf b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/spokes/main.tf index 4f2e4c88..7331bfa3 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/spokes/main.tf +++ b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/spokes/main.tf @@ -62,14 +62,15 @@ provider "kubernetes" { locals { - name = "hub-spoke-${terraform.workspace}" - environment = terraform.workspace - region = "us-west-2" - cluster_version = var.kubernetes_version - vpc_cidr = var.vpc_cidr - gitops_url = var.gitops_url - gitops_revision = var.gitops_revision - gitops_path = var.gitops_path + name = "hub-spoke-${terraform.workspace}" + environment = terraform.workspace + region = "us-west-2" + cluster_version = var.kubernetes_version + vpc_cidr = var.vpc_cidr + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision aws_addons = { enable_cert_manager = true @@ -117,8 +118,10 @@ locals { aws_vpc_id = module.vpc.vpc_id }, { - gitops_bridge_repo_url = local.gitops_url - gitops_bridge_repo_revision = local.gitops_revision + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision } ) diff --git a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/spokes/variables.tf b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/spokes/variables.tf index 63377f88..7b52c1ae 100644 --- a/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/spokes/variables.tf +++ b/argocd/iac/terraform/examples/eks/multi-cluster/hub-spoke/spokes/variables.tf @@ -1,3 +1,25 @@ +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + default = "https://github.com/gitops-bridge-dev" +} +variable "gitops_addons_repo" { + description = "Git repository contains for addons" + default = "gitops-bridge-argocd-control-plane-template" +} +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + default = "" +} +variable "gitops_addons_path" { + description = "Git repository path for addons" + default = "bootstrap/control-plane/addons" +} +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} + + variable "vpc_cidr" { description = "VPC CIDR" type = string @@ -6,15 +28,3 @@ variable "kubernetes_version" { description = "EKS version" type = string } -variable "gitops_url" { - description = "Git repository contains for addons" - default = "https://github.com/gitops-bridge-dev/gitops-bridge-argocd-control-plane-template" -} -variable "gitops_revision" { - description = "Git repository revision/branch/ref for addons" - default = "HEAD" -} -variable "gitops_path" { - description = "Git repository path for addons" - default = "bootstrap/control-plane/addons" -} diff --git a/argocd/iac/terraform/examples/eks/private-git/bootstrap/addons.yaml b/argocd/iac/terraform/examples/eks/private-git/bootstrap/addons.yaml index 61216a94..21c9e06e 100644 --- a/argocd/iac/terraform/examples/eks/private-git/bootstrap/addons.yaml +++ b/argocd/iac/terraform/examples/eks/private-git/bootstrap/addons.yaml @@ -1,19 +1,33 @@ +--- apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: name: bootstrap-addons - namespace: 'argocd' + namespace: argocd spec: - destination: - server: https://kubernetes.default.svc - namespace: 'argocd' - project: default - source: - path: ${path} - repoURL: ${repoURL} - targetRevision: ${targetRevision} - directory: - recurse: true - exclude: exclude/* syncPolicy: - automated: {} + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'bootstrap-addons' + spec: + project: default + source: + repoURL: '{{metadata.annotations.addons_repo_url}}' + path: '{{metadata.annotations.addons_repo_basepath}}{{metadata.annotations.addons_repo_path}}' + targetRevision: '{{metadata.annotations.addons_repo_revision}}' + directory: + recurse: true + exclude: exclude/* + destination: + namespace: 'argocd' + name: '{{name}}' + syncPolicy: + automated: {} diff --git a/argocd/iac/terraform/examples/eks/private-git/bootstrap/workloads.yaml b/argocd/iac/terraform/examples/eks/private-git/bootstrap/workloads.yaml index 9553651e..2446309c 100644 --- a/argocd/iac/terraform/examples/eks/private-git/bootstrap/workloads.yaml +++ b/argocd/iac/terraform/examples/eks/private-git/bootstrap/workloads.yaml @@ -1,20 +1,32 @@ +--- apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: - name: bootstrap-workloads - namespace: 'argocd' - finalizers: - - resources-finalizer.argocd.argoproj.io + name: workloads + namespace: argocd spec: - destination: - server: https://kubernetes.default.svc - namespace: 'guestbook' - project: default - source: - path: ${path} - repoURL: ${repoURL} - targetRevision: ${targetRevision} syncPolicy: - automated: {} - syncOptions: - - CreateNamespace=true \ No newline at end of file + preserveResourcesOnDeletion: true + generators: + - clusters: + selector: + matchExpressions: + - key: akuity.io/argo-cd-cluster-name + operator: NotIn + values: [in-cluster] + template: + metadata: + name: 'workload' + spec: + project: default + source: + repoURL: '{{metadata.annotations.workload_repo_url}}' + path: '{{metadata.annotations.workload_repo_path}}' + targetRevision: '{{metadata.annotations.workload_repo_revision}}' + destination: + namespace: 'workload' + name: '{{name}}' + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true \ No newline at end of file diff --git a/argocd/iac/terraform/examples/eks/private-git/main.tf b/argocd/iac/terraform/examples/eks/private-git/main.tf index b7e48ace..49883bb6 100644 --- a/argocd/iac/terraform/examples/eks/private-git/main.tf +++ b/argocd/iac/terraform/examples/eks/private-git/main.tf @@ -50,15 +50,18 @@ locals { git_private_ssh_key = "~/.ssh/id_rsa" # Update with the git ssh key to be used by ArgoCD - gitops_addons_org = "git@github.com:gitops-bridge-dev" - gitops_addons_repo = "gitops-bridge-argocd-control-plane-template" - gitops_addon_path = "bootstrap/control-plane/addons" - gitops_addon_revision = "HEAD" + gitops_addons_org = var.gitops_addons_org + gitops_addons_url = "${var.gitops_addons_org}/${var.gitops_addons_repo}" + gitops_addons_basepath = var.gitops_addons_basepath + gitops_addons_path = var.gitops_addons_path + gitops_addons_revision = var.gitops_addons_revision + + gitops_workload_org = var.gitops_workload_org + gitops_workload_repo = var.gitops_workload_repo + gitops_workload_path = var.gitops_workload_path + gitops_workload_revision = var.gitops_workload_revision + gitops_workload_url = "${local.gitops_workload_org}/${local.gitops_workload_repo}" - gitops_workloads_org = "git@github.com:argoproj" - gitops_workloads_repo = "argocd-example-apps" - gitops_workloads_path = "helm-guestbook" - gitops_workloads_revision = "HEAD" aws_addons = { enable_cert_manager = true @@ -105,22 +108,21 @@ locals { aws_vpc_id = module.vpc.vpc_id }, { - gitops_bridge_repo_url = "${local.gitops_addons_org}/${local.gitops_addons_repo}" - gitops_bridge_repo_revision = local.gitops_addon_revision + addons_repo_url = local.gitops_addons_url + addons_repo_basepath = local.gitops_addons_basepath + addons_repo_path = local.gitops_addons_path + addons_repo_revision = local.gitops_addons_revision + }, + { + workload_repo_url = local.gitops_workload_url + workload_repo_path = local.gitops_workload_path + workload_repo_revision = local.gitops_workload_revision } ) argocd_bootstrap_app_of_apps = { - addons = templatefile("${path.module}/bootstrap/addons.yaml", { - repoURL = "${local.gitops_addons_org}/${local.gitops_addons_repo}" - path = local.gitops_addon_path - targetRevision = local.gitops_addon_revision - }) - workloads = templatefile("${path.module}/bootstrap/workloads.yaml", { - repoURL = "${local.gitops_workloads_org}/${local.gitops_workloads_repo}" - path = local.gitops_workloads_path - targetRevision = local.gitops_workloads_revision - }) + addons = file("${path.module}/bootstrap/addons.yaml") + workloads = file("${path.module}/bootstrap/workloads.yaml") } vpc_cidr = "10.0.0.0/16" @@ -136,27 +138,27 @@ locals { # GitOps Bridge: Private ssh keys for git ################################################################################ resource "kubernetes_namespace" "argocd" { - depends_on = [ module.eks_blueprints_addons ] + depends_on = [module.eks_blueprints_addons] metadata { name = "argocd" } } resource "kubernetes_secret" "git_secrets" { - depends_on = [ kubernetes_namespace.argocd ] + depends_on = [kubernetes_namespace.argocd] for_each = { git-addons = { - type = "git" - url = local.gitops_addons_org + type = "git" + url = local.gitops_addons_org sshPrivateKey = file(pathexpand(local.git_private_ssh_key)) } git-workloads = { - type = "git" - url = local.gitops_workloads_org + type = "git" + url = local.gitops_workload_org sshPrivateKey = file(pathexpand(local.git_private_ssh_key)) } } metadata { - name = each.key + name = each.key namespace = kubernetes_namespace.argocd.metadata[0].name labels = { "argocd.argoproj.io/secret-type" = "repo-creds" @@ -185,8 +187,8 @@ module "gitops_bridge_bootstrap" { argocd_cluster = module.gitops_bridge_metadata.argocd argocd_bootstrap_app_of_apps = local.argocd_bootstrap_app_of_apps - argocd = { create_namespace = false } - depends_on = [kubernetes_secret.git_secrets] + argocd = { create_namespace = false } + depends_on = [kubernetes_namespace.argocd, kubernetes_secret.git_secrets] } diff --git a/argocd/iac/terraform/examples/eks/private-git/variables.tf b/argocd/iac/terraform/examples/eks/private-git/variables.tf index e69de29b..697e0eb0 100644 --- a/argocd/iac/terraform/examples/eks/private-git/variables.tf +++ b/argocd/iac/terraform/examples/eks/private-git/variables.tf @@ -0,0 +1,37 @@ +variable "gitops_addons_org" { + description = "Git repository org/user contains for addons" + default = "git@github.com:gitops-bridge-dev" +} +variable "gitops_addons_repo" { + description = "Git repository contains for addons" + default = "gitops-bridge-argocd-control-plane-template" +} +variable "gitops_addons_basepath" { + description = "Git repository base path for addons" + default = "" +} +variable "gitops_addons_path" { + description = "Git repository path for addons" + default = "bootstrap/control-plane/addons" +} +variable "gitops_addons_revision" { + description = "Git repository revision/branch/ref for addons" + default = "HEAD" +} + +variable "gitops_workload_org" { + description = "Git repository org/user contains for workload" + default = "git@github.com:argoproj" +} +variable "gitops_workload_repo" { + description = "Git repository contains for workload" + default = "argocd-example-apps" +} +variable "gitops_workload_path" { + description = "Git repository path for workload" + default = "helm-guestbook" +} +variable "gitops_workload_revision" { + description = "Git repository revision/branch/ref for workload" + default = "HEAD" +}