/
fluxcd.tf
93 lines (80 loc) · 2.79 KB
/
fluxcd.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
################################################################################
# Installs FluxCD AKS extension with GitRepository and Kustomization resources #
################################################################################
resource "azurerm_kubernetes_cluster_extension" "example" {
name = "aks-${local.name}-fluxcd"
cluster_id = azurerm_kubernetes_cluster.example.id
extension_type = "microsoft.flux"
release_namespace = "flux-system"
configuration_settings = {
"image-automation-controller.enabled" = true,
"image-reflector-controller.enabled" = true,
"notification-controller.enabled" = true,
}
# depends_on = [azapi_update_resource.example]
}
resource "kubernetes_secret" "example" {
metadata {
name = "${var.repo_name}-repo-secrets"
namespace = "flux-system"
}
data = {
password = var.gh_token
username = var.gh_user
}
depends_on = [
local_file.kubeconfig,
azurerm_kubernetes_cluster_extension.example
]
}
resource "azurerm_kubernetes_flux_configuration" "example" {
name = var.repo_name
cluster_id = azurerm_kubernetes_cluster.example.id
namespace = "flux-system"
scope = "cluster"
continuous_reconciliation_enabled = true
git_repository {
url = "https://github.com/${var.gh_user}/${var.repo_name}"
reference_type = "branch"
reference_value = var.repo_branch
local_auth_reference = kubernetes_secret.example.metadata[0].name
sync_interval_in_seconds = 60
}
kustomizations {
name = "dev-app"
path = "./overlays/dev"
garbage_collection_enabled = true
recreating_enabled = true
sync_interval_in_seconds = 60
}
kustomizations {
name = "dev-image"
path = "./clusters/dev/image-update"
garbage_collection_enabled = true
recreating_enabled = true
sync_interval_in_seconds = 60
depends_on = ["dev-app"]
}
kustomizations {
name = "dev-flagger"
path = "./clusters/dev/flagger"
garbage_collection_enabled = true
recreating_enabled = true
sync_interval_in_seconds = 60
depends_on = ["dev-app"]
}
kustomizations {
name = "dev-canary-store-front"
path = "./overlays/dev/canary"
garbage_collection_enabled = true
recreating_enabled = true
sync_interval_in_seconds = 60
depends_on = [
"dev-app",
"dev-flagger",
]
}
depends_on = [
kubernetes_secret.example
]
}