diff options
-rwxr-xr-x | scripts/argocd-admin-password | 40 | ||||
-rwxr-xr-x | scripts/bootstrap (renamed from scripts/deploy-argocd) | 0 | ||||
-rwxr-xr-x | scripts/create-secret | 24 | ||||
-rw-r--r-- | scripts/setup-apps | 0 | ||||
-rw-r--r-- | tools/argocd/Chart.yaml | 9 | ||||
-rw-r--r-- | tools/argocd/templates/deployment.yaml | 32 | ||||
-rw-r--r-- | tools/argocd/templates/ingress.yaml | 33 | ||||
-rw-r--r-- | tools/argocd/templates/secret.yaml | 11 | ||||
-rw-r--r-- | tools/argocd/templates/service.yaml | 12 | ||||
-rw-r--r-- | tools/argocd/values.yaml | 33 |
10 files changed, 25 insertions, 169 deletions
diff --git a/scripts/argocd-admin-password b/scripts/argocd-admin-password deleted file mode 100755 index da85088..0000000 --- a/scripts/argocd-admin-password +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash - -# Ensure a secret name is provided -if [ -z "$1" ]; then - echo "Usage: $0 <onepassword-secret-name>" - exit 1 -fi - -# Set the secret name -SECRET_NAME=$1 - -# Check if 1Password CLI is installed -if ! command -v op &> /dev/null; then - echo "1Password CLI (op) could not be found. Please install it first." - exit 1 -fi - -# Sign in to 1Password (ensure OP_SESSION_myaccount is set in the environment) -if [ -z "$OP_SESSION_myaccount" ]; then - eval $(op signin my) -fi - -# Retrieve the admin password from 1Password -ADMIN_PASSWORD=$(op read "op://Personal/$SECRET_NAME/password") - -if [ -z "$ADMIN_PASSWORD" ]; then - echo "Failed to retrieve the admin password from 1Password." - exit 1 -fi - -# Generate bcrypt hash of the password -HASHED_PASSWORD=$(htpasswd -nbBC 10 "" "$ADMIN_PASSWORD" | tr -d ':\n' | sed 's/$2y/$2a/') - -# Create the Kubernetes secret -kubectl create secret generic argocd-secret \ - --from-literal=admin.password=$HASHED_PASSWORD \ - -n argocd - -echo "ArgoCD admin password secret created successfully." - diff --git a/scripts/deploy-argocd b/scripts/bootstrap index aa0b3e5..aa0b3e5 100755 --- a/scripts/deploy-argocd +++ b/scripts/bootstrap diff --git a/scripts/create-secret b/scripts/create-secret deleted file mode 100755 index d9aa929..0000000 --- a/scripts/create-secret +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -set -e - -function createSecret() { - local secretName=$1 - local secretKey=$2 - local secretValue=$3 - - kubectl create secret generic $secretName --from-literal=$secretKey=$secretValue -} - -function help() { - echo "Usage: create-secret <secret name> <secret key> <secret value>" -} - -case "$#" in - 3) - createSecret $1 $2 $3 - ;; - *) - help - ;; -esac diff --git a/scripts/setup-apps b/scripts/setup-apps deleted file mode 100644 index e69de29..0000000 --- a/scripts/setup-apps +++ /dev/null diff --git a/tools/argocd/Chart.yaml b/tools/argocd/Chart.yaml index 4cae20b..84ecd67 100644 --- a/tools/argocd/Chart.yaml +++ b/tools/argocd/Chart.yaml @@ -1,10 +1,9 @@ apiVersion: v2 name: argocd -description: A Helm chart for deploying ArgoCD with custom Ingress rules version: 0.1.0 -appVersion: v2.1.7 - +description: A Helm chart for deploying ArgoCD dependencies: - name: argo-cd - version: 4.5.2 - repository: https://argoproj.github.io/argo-helm + version: 7.3.2 + repository: "https://argoproj.github.io/argo-helm" + diff --git a/tools/argocd/templates/deployment.yaml b/tools/argocd/templates/deployment.yaml deleted file mode 100644 index e0daf82..0000000 --- a/tools/argocd/templates/deployment.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: argocd ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argocd-server - namespace: argocd -spec: - replicas: {{ .Values.replicas }} - selector: - matchLabels: - app: argocd-server - template: - metadata: - labels: - app: argocd-server - spec: - containers: - - name: argocd-server - image: argoproj/argocd:latest - ports: - - containerPort: 8080 - env: - - name: ARGOCD_SERVER_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: argocd-secret - key: admin.password - diff --git a/tools/argocd/templates/ingress.yaml b/tools/argocd/templates/ingress.yaml deleted file mode 100644 index 1253287..0000000 --- a/tools/argocd/templates/ingress.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: argocd-ingress - namespace: {{ .Values.namespace }} - annotations: - kubernetes.io/ingress.class: - {{ .Values.ingress.annotations.kubernetes_io_ingress_class }} - cert-manager.io/cluster-issuer: letsencrypt-prod - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernetes.io/router.tls.certresolver: "default" - traefik.ingress.kubernetes.io/redirect-entry-point: https - traefik.ingress.kubernetes.io/router.tls.domains.0.main: topkek.cloud - traefik.ingress.kubernetes.io/router.tls.domains.0.sans: argocd.topkek.cloud - traefik.ingress.kubernetes.io/ssl-redirect: "true" - traefik.ingress.kubernetes.io/tls-acme: "true" -spec: - rules: - - host: {{ .Values.ingress.hostname }} - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: argocd-server - port: - number: 80 - tls: - - hosts: - - {{ .Values.ingress.hostname }} - secretName: {{ .Values.ingress.tls.secretName }} diff --git a/tools/argocd/templates/secret.yaml b/tools/argocd/templates/secret.yaml deleted file mode 100644 index c80372c..0000000 --- a/tools/argocd/templates/secret.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{- if not (lookup "v1" "Secret" .Values.namespace "argocd-secret") }} -apiVersion: v1 -kind: Secret -metadata: - name: argocd-secret - namespace: {{ .Values.namespace }} -type: Opaque -data: - admin.password: {{ .Values.argocd.adminPassword | b64enc }} -{{- end }} - diff --git a/tools/argocd/templates/service.yaml b/tools/argocd/templates/service.yaml deleted file mode 100644 index 9a6afdf..0000000 --- a/tools/argocd/templates/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: argocd-server - namespace: argocd -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: 8080 - selector: - app: argocd-server diff --git a/tools/argocd/values.yaml b/tools/argocd/values.yaml index 4ecc684..3953d1b 100644 --- a/tools/argocd/values.yaml +++ b/tools/argocd/values.yaml @@ -1,13 +1,22 @@ -replicas: 1 -namespace: argocd -ingress: - enabled: true - hostname: argocd.topkek.cloud - annotations: - kubernetes.io/ingress.class: "traefik" - tls: - enabled: true - secretName: argocd-topkek-cloud-tls -argocd: - adminPassword: changeme +argo-cd: + global: + domain: argocd.topkek.cloud + configs: + params: + server.insecure: true + + server: + ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" + traefik.ingress.kubernetes.io/router.tls.certresolver: "default" + traefik.ingress.kubernetes.io/redirect-entry-point: https + enabled: true + ingressClass: traefik + extraTls: + - hosts: + - argocd.topkek.cloud + secretName: argocd-tls |