Omer Kahani
6 years ago
committed by
Alexander Matyushentsev
10 changed files with 246 additions and 0 deletions
@ -0,0 +1,10 @@ |
|||
apiVersion: v1 |
|||
version: 1 |
|||
appVersion: "0.12" |
|||
description: application of applications example |
|||
name: application-of-applications |
|||
keywords: |
|||
- argocd |
|||
maintainers: |
|||
- name: Omer Kahani |
|||
email: omer@riskified.com |
@ -0,0 +1,32 @@ |
|||
{{/* vim: set filetype=mustache: */}} |
|||
{{/* |
|||
Expand the name of the chart. |
|||
*/}} |
|||
{{- define "argo-cd.name" -}} |
|||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} |
|||
{{- end -}} |
|||
|
|||
{{/* |
|||
Create a default fully qualified app name. |
|||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). |
|||
If release name contains chart name it will be used as a full name. |
|||
*/}} |
|||
{{- define "argo-cd.fullname" -}} |
|||
{{- if .Values.fullnameOverride -}} |
|||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} |
|||
{{- else -}} |
|||
{{- $name := default .Chart.Name .Values.nameOverride -}} |
|||
{{- if contains $name .Release.Name -}} |
|||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}} |
|||
{{- else -}} |
|||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} |
|||
{{- end -}} |
|||
{{- end -}} |
|||
{{- end -}} |
|||
|
|||
{{/* |
|||
Create chart name and version as used by the chart label. |
|||
*/}} |
|||
{{- define "argo-cd.chart" -}} |
|||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} |
|||
{{- end -}} |
@ -0,0 +1,30 @@ |
|||
{{- $namespace := .Values.argo_namespace -}} |
|||
{{- $chart_name := include "argo-cd.name" . -}} |
|||
{{- $chart := include "argo-cd.chart" . -}} |
|||
|
|||
{{- range .Values.applications }} |
|||
apiVersion: argoproj.io/v1alpha1 |
|||
kind: Application |
|||
metadata: |
|||
name: {{ .name }} |
|||
namespace: {{ $namespace }} |
|||
labels: |
|||
app.kubernetes.io/name: {{ $chart_name }} |
|||
helm.sh/chart: {{ $chart }} |
|||
app.kubernetes.io/instance: {{ $.Release.Name }} |
|||
app.kubernetes.io/managed-by: {{ $.Release.Service }} |
|||
app.kubernetes.io/part-of: {{ $chart_name }} |
|||
spec: |
|||
project: {{ .project }} |
|||
source: |
|||
repoURL: {{ .git.url }} |
|||
targetRevision: {{ .git.branch }} |
|||
path: {{ .git.path }} |
|||
helm: |
|||
valueFiles: |
|||
{{ toYaml .value_files | indent 6 }} |
|||
destination: |
|||
server: {{ .destination.server | default "https://kubernetes.default.svc"}} |
|||
namespace: {{ .destination.namespace }} |
|||
--- |
|||
{{- end }} |
@ -0,0 +1,25 @@ |
|||
apiVersion: v1 |
|||
kind: ConfigMap |
|||
metadata: |
|||
name: argocd-cm |
|||
namespace: {{ .Values.argo_namespace}} |
|||
labels: |
|||
app.kubernetes.io/name: {{ include "argo-cd.name" . }} |
|||
helm.sh/chart: {{ include "argo-cd.chart" . }} |
|||
app.kubernetes.io/instance: {{ .Release.Name }} |
|||
app.kubernetes.io/managed-by: {{ .Release.Service }} |
|||
app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} |
|||
data: |
|||
url: {{ .Values.config.url }} |
|||
{{- if .Values.config.helmRepositories }} |
|||
helm.repositories: | |
|||
{{ toYaml .Values.config.helmRepositories | indent 4 }} |
|||
{{- end }} |
|||
{{- if .Values.config.repositories }} |
|||
repositories: | |
|||
{{ toYaml .Values.config.repositories | indent 4 }} |
|||
{{- end }} |
|||
{{- if .Values.config.oidcConfig }} |
|||
oidc.config: | |
|||
{{ toYaml .Values.config.oidcConfig | indent 4 }} |
|||
{{- end }} |
@ -0,0 +1,19 @@ |
|||
apiVersion: v1 |
|||
kind: ConfigMap |
|||
metadata: |
|||
name: argocd-rbac-cm |
|||
namespace: {{ .Values.argo_namespace}} |
|||
labels: |
|||
app.kubernetes.io/name: {{ include "argo-cd.name" . }} |
|||
helm.sh/chart: {{ include "argo-cd.chart" . }} |
|||
app.kubernetes.io/instance: {{ .Release.Name }} |
|||
app.kubernetes.io/managed-by: {{ .Release.Service }} |
|||
app.kubernetes.io/part-of: {{ include "argo-cd.name" . }} |
|||
data: |
|||
{{- if .Values.rbac.policyDefault }} |
|||
policy.default: {{ .Values.rbac.policyDefault }} |
|||
{{- end }} |
|||
{{- if .Values.rbac.policyCsv }} |
|||
policy.csv: |
|||
{{- toYaml .Values.rbac.policyCsv | indent 4 }} |
|||
{{- end }} |
@ -0,0 +1,45 @@ |
|||
{{- $namespace := .Values.argo_namespace -}} |
|||
{{- $chart_name := include "argo-cd.name" . -}} |
|||
{{- $chart := include "argo-cd.chart" . -}} |
|||
|
|||
{{- range .Values.projects }} |
|||
apiVersion: argoproj.io/v1alpha1 |
|||
kind: AppProject |
|||
metadata: |
|||
name: {{ .name }} |
|||
namespace: {{ $namespace }} |
|||
labels: |
|||
app.kubernetes.io/name: {{ $chart_name }} |
|||
helm.sh/chart: {{ $chart }} |
|||
app.kubernetes.io/instance: {{ $.Release.Name }} |
|||
app.kubernetes.io/managed-by: {{ $.Release.Service }} |
|||
app.kubernetes.io/part-of: {{ $chart_name }} |
|||
spec: |
|||
description: {{ .description }} |
|||
sourceRepos: |
|||
{{ toYaml .sourceRepos | indent 2 -}} |
|||
destinations: |
|||
{{- range .destinations }} |
|||
- namespace: {{ .namespaces }} |
|||
server: {{.server | default "https://kubernetes.default.svc" }} |
|||
{{- end }} |
|||
|
|||
{{- if .clusterResourceWhitelist }} |
|||
clusterResourceWhitelist: |
|||
{{ toYaml .clusterResourceWhitelist| indent 2 }} |
|||
{{- end }} |
|||
|
|||
roles: |
|||
{{- range .roles }} |
|||
- name: {{ .name }} |
|||
description: {{ .description }} |
|||
policies: |
|||
{{ toYaml .policies| indent 6 }} |
|||
jwtTokens: |
|||
{{ toYaml .jwtTokens| indent 6 }} |
|||
groups: |
|||
{{ toYaml .oidcGroups| indent 6 -}} |
|||
{{- end }} |
|||
|
|||
--- |
|||
{{- end }} |
@ -0,0 +1,46 @@ |
|||
argo_namespace: argocd |
|||
|
|||
config: |
|||
helmRepositories: |
|||
- name: private-helm-repo |
|||
url: https://private.repo/ |
|||
usernameSecret: |
|||
name: secret_name |
|||
key: key_name |
|||
passwordSecret: |
|||
name: secret_name |
|||
key: key_name |
|||
- name: incubator |
|||
url: https://kubernetes-charts-incubator.storage.googleapis.com/ |
|||
repositories: |
|||
- url: repo_url |
|||
sshPrivateKeySecret: #the chart doesn't install the secert |
|||
name: secret_name |
|||
key: key_name |
|||
|
|||
rbac: |
|||
# See https://github.com/argoproj/argo-cd/blob/master/docs/rbac.md on how to write RBAC policies. |
|||
# This will effacte on all argocd instances |
|||
policyCsv: | |
|||
g, role_name, role:admin |
|||
policyDefault: role:readonly |
|||
|
|||
projects: |
|||
- name: project_name |
|||
destinations: |
|||
- namespaces: [namespace] |
|||
#server: https://kubernetes.default.svc |
|||
description: description |
|||
sourceRepos: |
|||
- 'repo_url' |
|||
#clusterResourceWhitelist: |
|||
#- group: '*' |
|||
# kind: '*' |
|||
roles: |
|||
- name: role_name |
|||
description: role_description |
|||
oidcGroups: [' grop_name'] |
|||
policies: | |
|||
|
|||
jwtTokens: |
|||
- iat: 123 |
@ -0,0 +1,19 @@ |
|||
config: |
|||
url: https://argocd_url |
|||
#idcConfig: |
|||
# name: Okta |
|||
# clientID: |
|||
# clientSecret: |
|||
# issuer: |
|||
|
|||
applications: |
|||
- name: app_name |
|||
project: project |
|||
destination: |
|||
namespace: namespace |
|||
git: |
|||
url: url |
|||
branch: branch |
|||
path: path #path to the value file |
|||
value_files: |
|||
- values-production.yaml |
@ -0,0 +1,19 @@ |
|||
config: |
|||
url: https://argocd_url |
|||
#idcConfig: |
|||
# name: Okta |
|||
# clientID: |
|||
# clientSecret: |
|||
# issuer: |
|||
|
|||
applications: |
|||
- name: app_name |
|||
project: project |
|||
destination: |
|||
namespace: namespace |
|||
git: |
|||
url: url |
|||
branch: branch |
|||
path: path #path to the value file |
|||
value_files: |
|||
- values-staging.yaml |
Loading…
Reference in new issue