Git Product home page Git Product logo

terraform-kubernetes-argocd's Introduction

Terraform-argocd

Setup ArgoCD on cluster using terraform. Ensure the kubernetes provider configuration and helm provider configuration works fine

Usage

Argocd with Nginx Ingress Controller

locals {
  # Example annotations when using Nginx ingress controller as shown here https://argoproj.github.io/argo-cd/operator-manual/ingress/#option-1-ssl-passthrough
  argocd_ingress_annotations = {
    "kubernetes.io/ingress.class" = nginx
    "nginx.ingress.kubernetes.io/force-ssl-redirect" = "true"
    "nginx.ingress.kubernetes.io/ssl-passthrough" = "true"
  }
  argocd_repositories = [
    {
      url          = "https://repo.git"
      username = "hello"
      password = "bar"
    },
    {
      url          = "https://repo.git"
      access_token = var.argocd_access_token
    },
    {
      url  = "https://charts.jetstack.io"
      type = "helm"
    },
  ]

}

module "argocd" {
  source              = "https://gitlab.com/deimosdev/tooling/terraform-modules/terraform-kubernetes-argocd"
  ingress_host        = "argocd.example.com"
  ingress_annotations = local.argocd_ingress_annotations
  repositories        = local.argocd_repositories
  # Argocd Config
  config = {
    "accounts.image-updater" = "apiKey"
  }

  # Argocd RBAC Config
  rbac_config = {
    "policy.default" = "role:readonly"
    "policy.csv"     = <<POLICY
  p, role:image-updater, applications, get, */*, allow
  p, role:image-updater, applications, update, */*, allow
  g, image-updater, role:image-updater
POLICY
  }

  module_depends_on = [module.gke]
}

Argocd with Azure Application Gateway Ingress Controller

locals {
  # Example annotations when using Azure application gateway Ingress Controller with Cert-manager
  argocd_ingress_annotations = {
    "cert-manager.io/cluster-issuer"           = module.cert_manager.issuer
    "appgw.ingress.kubernetes.io/ssl-redirect" = "true"
    "kubernetes.io/ingress.class"              = "azure/application-gateway"
  }
}

module "argocd" {
  source              = "https://gitlab.com/deimosdev/tooling/terraform-modules/terraform-kubernetes-argocd"
  repositories        = local.argocd_repositories
  ingress_host        = "argocd.${var.dns_zone_name}"
  ingress_annotations = local.argocd_ingress_annotations
  server_insecure     = true # Run argocd-server in secure mode to prevent SSL conflicts with application/gateway and cert-manager

  module_depends_on = [module.gke]
}

Ensure Kubernetes Provider and Helm Provider settings are correct https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/guides/getting-started#provider-setup

Doc generation

Code formatting and documentation for variables and outputs is generated using pre-commit-terraform hooks which uses terraform-docs.

Follow these instructions to install pre-commit locally.

And install terraform-docs with

go get github.com/segmentio/terraform-docs

or

brew install terraform-docs.

Contributing

Report issues/questions/feature requests on in the issues section.

Full contributing guidelines are covered here.

Requirements

Name Version
terraform >= 0.12
helm >=1.2.3
kubernetes >=1.11.3

Providers

Name Version
helm >=1.2.3
null n/a

Modules

No modules.

Resources

Name Type
helm_release.argocd resource
null_resource.extra_manifests resource

Inputs

Name Description Type Default Required
chart_version version of charts any null no
config Additional config to be added to the Argocd configmap map {} no
image_tag Image tag to install string null no
ingress_annotations annotations to pass to the ingress map {} no
ingress_host The ingress host any null no
ingress_tls_secret The TLS secret name for argocd ingress string "argocd-tls" no
manifests Path/URL to manifests to be applied after argocd is deployed list(string) [] no
namespace The namespace to deploy argocd into string "argocd" no
rbac_config Additional rbac config to be added to the Argocd rbac configmap map {} no
repositories A list of repository defintions list(map(string)) [] no
server_extra_args Extra arguments passed to argoCD server list [] no
server_insecure Whether to run the argocd-server with --insecure flag. Useful when disabling argocd-server tls default protocols to provide your certificates bool false no
values Extra Values to pass to the Argocd Helm Deployment map {} no

Outputs

Name Description
namespace the kubernetes namespace of the release
release_name the name of the release
server_url The server URL of argocd created by ingress

terraform-kubernetes-argocd's People

Contributors

mensaah avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.