diff --git a/.drone.yml b/.drone.yml index 6b238c2..16d1962 100644 --- a/.drone.yml +++ b/.drone.yml @@ -18,6 +18,8 @@ steps: environment: GITEA_PASSWORD: from_secret: gitea_password + ARGO_TOKEN: + from_secret: argo_token image_pull_secrets: - dockerconfigjson diff --git a/README.md b/README.md index 89bc52c..55c3587 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,18 @@ $ helm repo add --username --password https:/ $ helm install / ``` +and/or + +```bash +$ kubectl apply -f application-manifests.yaml +``` + +TODO: [App-of-apps](https://argo-cd.readthedocs.io/en/stable/operator-manual/cluster-bootstrapping/#app-of-apps-pattern) to manage whole-cluster configuration. + ## Other links * [General documentation on repositories](https://helm.sh/docs/topics/chart_repository/) -* [Gitea's own documentation](https://docs.gitea.com/next/usage/packages/helm) \ No newline at end of file +* [Gitea's own documentation](https://docs.gitea.com/next/usage/packages/helm) +* [Helm charts via Argo](https://argo-cd.readthedocs.io/en/stable/user-guide/helm/), [broader application syntax](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/) + * Don't be caught out by Argo's behaviour of only accepting Applications in its own namespace! + * See [here](https://gitea.scubbo.org/scubbo/blogcontent/src/branch/main/.drone.yml#L77) for examples of how to call the Argo UI \ No newline at end of file diff --git a/application-manifests.yaml b/application-manifests.yaml new file mode 100644 index 0000000..22a32b8 --- /dev/null +++ b/application-manifests.yaml @@ -0,0 +1,25 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: cert-manager + namespace: argo +spec: + project: default + + source: + chart: cert-manager + repoURL: https://charts.jetstack.io + targetRevision: 1.11.0 + helm: + values: | + installCRDs: true + + destination: + server: "https://kubernetes.default.svc" + namespace: security + + syncPolicy: + automated: + prune: true + syncOptions: + - CreateNamespace=true diff --git a/build-tools/upload-new-versions.sh b/build-tools/upload-new-versions.sh index 6889c81..0abfcca 100755 --- a/build-tools/upload-new-versions.sh +++ b/build-tools/upload-new-versions.sh @@ -35,3 +35,20 @@ done # All packages have been checked, no version conflicts - upload them all! find bundles -type f -exec curl -s --user "scubbo:$GITEA_PASSWORD" -X POST --upload-file '{}' https://gitea.scubbo.org/api/packages/scubbo/helm/api/charts \; rm -rf bundles; + +# Call Argo UI to create/sync the Argo application. +# +# Prefer this over declarative GitOps - "upload a file like [here](https://argo-cd.readthedocs.io/en/stable/user-guide/helm/) +# stating which version should be used" - because that would require two changes for one version (one to declare and +# upload the new version, another to depend on it). Since we _own_ the chart definitions, there's no reason not to +# deploy the latest one immediately! +# +# An alternative approach (that would only have required a single update) would be for the Argo Application to track a +# Git Repo (at HEAD) rather than a Helm repo. In this case, merely pushing a new instance to HEAD would be sufficient to +# update the Argo App. However, I wanted to learn how to operate a Helm repo :) +for changed_chart in $changed_charts +do + app_name=$(basename $changed_chart) + # TODO - create app if it doesn't already exist + curl -s -X POST "argo-cd-argocd-server.argo.svc.cluster.local/api/v1/applications/$app_name/sync" -H "Authorization: Bearer ${ARGO_TOKEN}" -H "Content-Type: application/json" +done