Comments (9)
Hi @malacourse, @raffaelespazzoli mentioned that you might be working on this but I am also happy to take this otherwise.
from demo-setup.
- general folder layout: Matt
- vault: michael
- vault-config-operator: michael
- devspaces: matt
- tekton: trevor
- keycloak: trevor
- cert-manager: michael
- gitwebhook-operator: Matt
applicationset:
from demo-setup.
I propose we follow this for using an ApplicationSet: https://argocd-applicationset.readthedocs.io/en/stable/Generators-Git/
This pattern might work nicely if/when the platform becomes a multi-cluster deployment.
An example I tried: https://github.com/trevorbox/gitops-example-iac-go#deploy-applicationset
from demo-setup.
After #48 is merged, I will attempt the ApplicationSet pattern
from demo-setup.
@trevorbox merged, I'll take a look at the general folder layout today
from demo-setup.
@mattheh my thoughts regarding structure - https://github.com/trevorbox/assemble-platforms/tree/gitops/deploy
https://github.com/trevorbox/assemble-platforms/tree/gitops#deploy
from demo-setup.
Options to consider:
- understand the usefulness of Keycloak for auth abstraction
- perhaps Gitops can be useful initially for installing operators and then an Ansible script to setup secrets
To correctly GitOps-ify secrets we may need to use vault-config-operator and path operator.
We may also need argo workflows/helm hooks to get everything completely in GitOps.
Maybe a pipeline could also run to setup secrets.
from demo-setup.
- understand the usefulness of Keycloak for auth abstraction
AFAIK janus-idp auth is enabled by default and by consequence it is needed to use a OAuth provider (keycloak, etc)
from demo-setup.
2. perhaps Gitops can be useful initially for installing operators
Why do you want to install operators instead of Helm charts or resources able to install also janus-idp on vanilla k8s clusters ;-) I dont see why we have to use operators to install singleton applications such as: Tekton, ArgoCD, Keycloak @trevorbox
from demo-setup.
Related Issues (20)
- Software template for Keycloak HOT 3
- Cluster Authentication Integration with Keycloak
- Backstage Authentication Integration with Keycloak HOT 1
- develop GitHub configuration reference HOT 3
- Assemble Service Installation chart HOT 3
- Instructions and config for provisioning platform components HOT 10
- Bootstrap Argo config for Platform components HOT 2
- Create Hashicorp Vault Instance HOT 2
- Use IngressGateway instead of OpenShift Route depending on k8s distro
- Include OLM as an Assemble platform component
- Update installation instructions to populate Vault with foundational passwords (Postgress, GitHub etc.)
- Add integration tests
- Provide vanilla kubernetes support
- Use consistent naming across the board HOT 1
- Spike: Identify all the secrets that Vault and Argo will need to manage for MVP
- Need to configure ArgoCD Plugin to fetch secrets from Vault HOT 1
- Additional namespace configuration
- Implement Tekton plugin HOT 2
- Update main README
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from demo-setup.