Define cert-manager
This commit is contained in:
Jack Jackson
parent
bfcd757d3c
commit
38a8c702b0
@ -18,6 +18,8 @@ steps:
|
||||
environment:
|
||||
GITEA_PASSWORD:
|
||||
from_secret: gitea_password
|
||||
ARGO_TOKEN:
|
||||
from_secret: argo_token
|
||||
|
||||
image_pull_secrets:
|
||||
- dockerconfigjson
|
||||
|
||||
13
README.md
13
README.md
@ -19,7 +19,18 @@ $ helm repo add --username <username> --password <password> <repo-alias> https:/
|
||||
$ helm install <release-name> <repo-alias>/<name>
|
||||
```
|
||||
|
||||
and/or
|
||||
|
||||
```bash
|
||||
$ kubectl apply -f application-manifests.yaml
|
||||
```
|
||||
|
||||
TODO: [App-of-apps](https://argo-cd.readthedocs.io/en/stable/operator-manual/cluster-bootstrapping/#app-of-apps-pattern) to manage whole-cluster configuration.
|
||||
|
||||
## Other links
|
||||
|
||||
* [General documentation on repositories](https://helm.sh/docs/topics/chart_repository/)
|
||||
* [Gitea's own documentation](https://docs.gitea.com/next/usage/packages/helm)
|
||||
* [Gitea's own documentation](https://docs.gitea.com/next/usage/packages/helm)
|
||||
* [Helm charts via Argo](https://argo-cd.readthedocs.io/en/stable/user-guide/helm/), [broader application syntax](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/)
|
||||
* Don't be caught out by Argo's behaviour of only accepting Applications in its own namespace!
|
||||
* See [here](https://gitea.scubbo.org/scubbo/blogcontent/src/branch/main/.drone.yml#L77) for examples of how to call the Argo UI
|
||||
25
application-manifests.yaml
Normal file
25
application-manifests.yaml
Normal file
@ -0,0 +1,25 @@
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cert-manager
|
||||
namespace: argo
|
||||
spec:
|
||||
project: default
|
||||
|
||||
source:
|
||||
chart: cert-manager
|
||||
repoURL: https://charts.jetstack.io
|
||||
targetRevision: 1.11.0
|
||||
helm:
|
||||
values: |
|
||||
installCRDs: true
|
||||
|
||||
destination:
|
||||
server: "https://kubernetes.default.svc"
|
||||
namespace: security
|
||||
|
||||
syncPolicy:
|
||||
automated:
|
||||
prune: true
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
@ -35,3 +35,20 @@ done
|
||||
# All packages have been checked, no version conflicts - upload them all!
|
||||
find bundles -type f -exec curl -s --user "scubbo:$GITEA_PASSWORD" -X POST --upload-file '{}' https://gitea.scubbo.org/api/packages/scubbo/helm/api/charts \;
|
||||
rm -rf bundles;
|
||||
|
||||
# Call Argo UI to create/sync the Argo application.
|
||||
#
|
||||
# Prefer this over declarative GitOps - "upload a file like [here](https://argo-cd.readthedocs.io/en/stable/user-guide/helm/)
|
||||
# stating which version should be used" - because that would require two changes for one version (one to declare and
|
||||
# upload the new version, another to depend on it). Since we _own_ the chart definitions, there's no reason not to
|
||||
# deploy the latest one immediately!
|
||||
#
|
||||
# An alternative approach (that would only have required a single update) would be for the Argo Application to track a
|
||||
# Git Repo (at HEAD) rather than a Helm repo. In this case, merely pushing a new instance to HEAD would be sufficient to
|
||||
# update the Argo App. However, I wanted to learn how to operate a Helm repo :)
|
||||
for changed_chart in $changed_charts
|
||||
do
|
||||
app_name=$(basename $changed_chart)
|
||||
# TODO - create app if it doesn't already exist
|
||||
curl -s -X POST "argo-cd-argocd-server.argo.svc.cluster.local/api/v1/applications/$app_name/sync" -H "Authorization: Bearer ${ARGO_TOKEN}" -H "Content-Type: application/json"
|
||||
done
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user