From 44cccb5f6b75c532aa6b097e2989d7581e78869e Mon Sep 17 00:00:00 2001 From: makefunstuff Date: Fri, 28 Jun 2024 13:30:53 +0300 Subject: proper refactoring --- scripts/create-secret | 24 ++++++++++++++++++++++++ scripts/deploy-argocd | 12 ++++++++++++ scripts/setup-apps | 0 3 files changed, 36 insertions(+) create mode 100755 scripts/create-secret create mode 100755 scripts/deploy-argocd create mode 100644 scripts/setup-apps (limited to 'scripts') diff --git a/scripts/create-secret b/scripts/create-secret new file mode 100755 index 0000000..d9aa929 --- /dev/null +++ b/scripts/create-secret @@ -0,0 +1,24 @@ +#!/bin/bash + +set -e + +function createSecret() { + local secretName=$1 + local secretKey=$2 + local secretValue=$3 + + kubectl create secret generic $secretName --from-literal=$secretKey=$secretValue +} + +function help() { + echo "Usage: create-secret " +} + +case "$#" in + 3) + createSecret $1 $2 $3 + ;; + *) + help + ;; +esac diff --git a/scripts/deploy-argocd b/scripts/deploy-argocd new file mode 100755 index 0000000..2fdec58 --- /dev/null +++ b/scripts/deploy-argocd @@ -0,0 +1,12 @@ +#!/bin/bash + +set -e + + +if kubectl get namespace argocd; then + echo "Namespace 'argocd' alreay exists. Doing nothing" +else + echo "Creating argocd namespace" + kubectl create namespace argocd +fi + diff --git a/scripts/setup-apps b/scripts/setup-apps new file mode 100644 index 0000000..e69de29 -- cgit 1.4.1-2-gfad0 From 96abd71cde4ed66223a916935ab28af1909b7ef0 Mon Sep 17 00:00:00 2001 From: makefunstuff Date: Fri, 28 Jun 2024 13:52:33 +0300 Subject: argocd password --- scripts/argocd-admin-password | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100755 scripts/argocd-admin-password (limited to 'scripts') diff --git a/scripts/argocd-admin-password b/scripts/argocd-admin-password new file mode 100755 index 0000000..da85088 --- /dev/null +++ b/scripts/argocd-admin-password @@ -0,0 +1,40 @@ +#!/bin/bash + +# Ensure a secret name is provided +if [ -z "$1" ]; then + echo "Usage: $0 " + exit 1 +fi + +# Set the secret name +SECRET_NAME=$1 + +# Check if 1Password CLI is installed +if ! command -v op &> /dev/null; then + echo "1Password CLI (op) could not be found. Please install it first." + exit 1 +fi + +# Sign in to 1Password (ensure OP_SESSION_myaccount is set in the environment) +if [ -z "$OP_SESSION_myaccount" ]; then + eval $(op signin my) +fi + +# Retrieve the admin password from 1Password +ADMIN_PASSWORD=$(op read "op://Personal/$SECRET_NAME/password") + +if [ -z "$ADMIN_PASSWORD" ]; then + echo "Failed to retrieve the admin password from 1Password." + exit 1 +fi + +# Generate bcrypt hash of the password +HASHED_PASSWORD=$(htpasswd -nbBC 10 "" "$ADMIN_PASSWORD" | tr -d ':\n' | sed 's/$2y/$2a/') + +# Create the Kubernetes secret +kubectl create secret generic argocd-secret \ + --from-literal=admin.password=$HASHED_PASSWORD \ + -n argocd + +echo "ArgoCD admin password secret created successfully." + -- cgit 1.4.1-2-gfad0 From 320b06cb81e0fe434aea56494684fae101a89dfc Mon Sep 17 00:00:00 2001 From: makefunstuff Date: Fri, 28 Jun 2024 14:04:03 +0300 Subject: update --- .gitignore | 3 +++ scripts/deploy-argocd | 9 +-------- tools/argocd/Chart.yaml | 10 ++++++++++ 3 files changed, 14 insertions(+), 8 deletions(-) create mode 100644 .gitignore (limited to 'scripts') diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e080220 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +*.tgz +**/charts +**/Chart.lock diff --git a/scripts/deploy-argocd b/scripts/deploy-argocd index 2fdec58..aa0b3e5 100755 --- a/scripts/deploy-argocd +++ b/scripts/deploy-argocd @@ -2,11 +2,4 @@ set -e - -if kubectl get namespace argocd; then - echo "Namespace 'argocd' alreay exists. Doing nothing" -else - echo "Creating argocd namespace" - kubectl create namespace argocd -fi - +helm install argocd ./tools/argocd diff --git a/tools/argocd/Chart.yaml b/tools/argocd/Chart.yaml index e69de29..4cae20b 100644 --- a/tools/argocd/Chart.yaml +++ b/tools/argocd/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: argocd +description: A Helm chart for deploying ArgoCD with custom Ingress rules +version: 0.1.0 +appVersion: v2.1.7 + +dependencies: + - name: argo-cd + version: 4.5.2 + repository: https://argoproj.github.io/argo-helm -- cgit 1.4.1-2-gfad0 From b427ae29bd6d0abc447d70fe082ceddfcc42a10e Mon Sep 17 00:00:00 2001 From: makefunstuff Date: Fri, 28 Jun 2024 18:54:07 +0300 Subject: it works!!!!!1111 --- scripts/argocd-admin-password | 40 ---------------------------------- scripts/bootstrap | 5 +++++ scripts/create-secret | 24 -------------------- scripts/deploy-argocd | 5 ----- scripts/setup-apps | 0 tools/argocd/Chart.yaml | 9 ++++---- tools/argocd/templates/deployment.yaml | 32 --------------------------- tools/argocd/templates/ingress.yaml | 33 ---------------------------- tools/argocd/templates/secret.yaml | 11 ---------- tools/argocd/templates/service.yaml | 12 ---------- tools/argocd/values.yaml | 33 ++++++++++++++++++---------- 11 files changed, 30 insertions(+), 174 deletions(-) delete mode 100755 scripts/argocd-admin-password create mode 100755 scripts/bootstrap delete mode 100755 scripts/create-secret delete mode 100755 scripts/deploy-argocd delete mode 100644 scripts/setup-apps delete mode 100644 tools/argocd/templates/deployment.yaml delete mode 100644 tools/argocd/templates/ingress.yaml delete mode 100644 tools/argocd/templates/secret.yaml delete mode 100644 tools/argocd/templates/service.yaml (limited to 'scripts') diff --git a/scripts/argocd-admin-password b/scripts/argocd-admin-password deleted file mode 100755 index da85088..0000000 --- a/scripts/argocd-admin-password +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash - -# Ensure a secret name is provided -if [ -z "$1" ]; then - echo "Usage: $0 " - exit 1 -fi - -# Set the secret name -SECRET_NAME=$1 - -# Check if 1Password CLI is installed -if ! command -v op &> /dev/null; then - echo "1Password CLI (op) could not be found. Please install it first." - exit 1 -fi - -# Sign in to 1Password (ensure OP_SESSION_myaccount is set in the environment) -if [ -z "$OP_SESSION_myaccount" ]; then - eval $(op signin my) -fi - -# Retrieve the admin password from 1Password -ADMIN_PASSWORD=$(op read "op://Personal/$SECRET_NAME/password") - -if [ -z "$ADMIN_PASSWORD" ]; then - echo "Failed to retrieve the admin password from 1Password." - exit 1 -fi - -# Generate bcrypt hash of the password -HASHED_PASSWORD=$(htpasswd -nbBC 10 "" "$ADMIN_PASSWORD" | tr -d ':\n' | sed 's/$2y/$2a/') - -# Create the Kubernetes secret -kubectl create secret generic argocd-secret \ - --from-literal=admin.password=$HASHED_PASSWORD \ - -n argocd - -echo "ArgoCD admin password secret created successfully." - diff --git a/scripts/bootstrap b/scripts/bootstrap new file mode 100755 index 0000000..aa0b3e5 --- /dev/null +++ b/scripts/bootstrap @@ -0,0 +1,5 @@ +#!/bin/bash + +set -e + +helm install argocd ./tools/argocd diff --git a/scripts/create-secret b/scripts/create-secret deleted file mode 100755 index d9aa929..0000000 --- a/scripts/create-secret +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -set -e - -function createSecret() { - local secretName=$1 - local secretKey=$2 - local secretValue=$3 - - kubectl create secret generic $secretName --from-literal=$secretKey=$secretValue -} - -function help() { - echo "Usage: create-secret " -} - -case "$#" in - 3) - createSecret $1 $2 $3 - ;; - *) - help - ;; -esac diff --git a/scripts/deploy-argocd b/scripts/deploy-argocd deleted file mode 100755 index aa0b3e5..0000000 --- a/scripts/deploy-argocd +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -set -e - -helm install argocd ./tools/argocd diff --git a/scripts/setup-apps b/scripts/setup-apps deleted file mode 100644 index e69de29..0000000 diff --git a/tools/argocd/Chart.yaml b/tools/argocd/Chart.yaml index 4cae20b..84ecd67 100644 --- a/tools/argocd/Chart.yaml +++ b/tools/argocd/Chart.yaml @@ -1,10 +1,9 @@ apiVersion: v2 name: argocd -description: A Helm chart for deploying ArgoCD with custom Ingress rules version: 0.1.0 -appVersion: v2.1.7 - +description: A Helm chart for deploying ArgoCD dependencies: - name: argo-cd - version: 4.5.2 - repository: https://argoproj.github.io/argo-helm + version: 7.3.2 + repository: "https://argoproj.github.io/argo-helm" + diff --git a/tools/argocd/templates/deployment.yaml b/tools/argocd/templates/deployment.yaml deleted file mode 100644 index e0daf82..0000000 --- a/tools/argocd/templates/deployment.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: argocd ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argocd-server - namespace: argocd -spec: - replicas: {{ .Values.replicas }} - selector: - matchLabels: - app: argocd-server - template: - metadata: - labels: - app: argocd-server - spec: - containers: - - name: argocd-server - image: argoproj/argocd:latest - ports: - - containerPort: 8080 - env: - - name: ARGOCD_SERVER_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: argocd-secret - key: admin.password - diff --git a/tools/argocd/templates/ingress.yaml b/tools/argocd/templates/ingress.yaml deleted file mode 100644 index 1253287..0000000 --- a/tools/argocd/templates/ingress.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: argocd-ingress - namespace: {{ .Values.namespace }} - annotations: - kubernetes.io/ingress.class: - {{ .Values.ingress.annotations.kubernetes_io_ingress_class }} - cert-manager.io/cluster-issuer: letsencrypt-prod - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernetes.io/router.tls.certresolver: "default" - traefik.ingress.kubernetes.io/redirect-entry-point: https - traefik.ingress.kubernetes.io/router.tls.domains.0.main: topkek.cloud - traefik.ingress.kubernetes.io/router.tls.domains.0.sans: argocd.topkek.cloud - traefik.ingress.kubernetes.io/ssl-redirect: "true" - traefik.ingress.kubernetes.io/tls-acme: "true" -spec: - rules: - - host: {{ .Values.ingress.hostname }} - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: argocd-server - port: - number: 80 - tls: - - hosts: - - {{ .Values.ingress.hostname }} - secretName: {{ .Values.ingress.tls.secretName }} diff --git a/tools/argocd/templates/secret.yaml b/tools/argocd/templates/secret.yaml deleted file mode 100644 index c80372c..0000000 --- a/tools/argocd/templates/secret.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{- if not (lookup "v1" "Secret" .Values.namespace "argocd-secret") }} -apiVersion: v1 -kind: Secret -metadata: - name: argocd-secret - namespace: {{ .Values.namespace }} -type: Opaque -data: - admin.password: {{ .Values.argocd.adminPassword | b64enc }} -{{- end }} - diff --git a/tools/argocd/templates/service.yaml b/tools/argocd/templates/service.yaml deleted file mode 100644 index 9a6afdf..0000000 --- a/tools/argocd/templates/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: argocd-server - namespace: argocd -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: 8080 - selector: - app: argocd-server diff --git a/tools/argocd/values.yaml b/tools/argocd/values.yaml index 4ecc684..3953d1b 100644 --- a/tools/argocd/values.yaml +++ b/tools/argocd/values.yaml @@ -1,13 +1,22 @@ -replicas: 1 -namespace: argocd -ingress: - enabled: true - hostname: argocd.topkek.cloud - annotations: - kubernetes.io/ingress.class: "traefik" - tls: - enabled: true - secretName: argocd-topkek-cloud-tls -argocd: - adminPassword: changeme +argo-cd: + global: + domain: argocd.topkek.cloud + configs: + params: + server.insecure: true + + server: + ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" + traefik.ingress.kubernetes.io/router.tls.certresolver: "default" + traefik.ingress.kubernetes.io/redirect-entry-point: https + enabled: true + ingressClass: traefik + extraTls: + - hosts: + - argocd.topkek.cloud + secretName: argocd-tls -- cgit 1.4.1-2-gfad0