Setup ArgoCD on cluster using terraform. Ensure the kubernetes
provider configuration and helm
provider configuration works fine
locals {
# Example annotations when using Nginx ingress controller as shown here https://argoproj.github.io/argo-cd/operator-manual/ingress/#option-1-ssl-passthrough
argocd_ingress_annotations = {
"kubernetes.io/ingress.class" = nginx
"nginx.ingress.kubernetes.io/force-ssl-redirect" = "true"
"nginx.ingress.kubernetes.io/ssl-passthrough" = "true"
}
argocd_repositories = [
{
url = "https://repo.git"
username = "hello"
password = "bar"
},
{
url = "https://repo.git"
access_token = var.argocd_access_token
},
{
url = "https://charts.jetstack.io"
type = "helm"
},
]
}
module "argocd" {
source = "https://gitlab.com/deimosdev/tooling/terraform-modules/terraform-kubernetes-argocd"
ingress_host = "argocd.example.com"
ingress_annotations = local.argocd_ingress_annotations
repositories = local.argocd_repositories
# Argocd Config
config = {
"accounts.image-updater" = "apiKey"
}
# Argocd RBAC Config
rbac_config = {
"policy.default" = "role:readonly"
"policy.csv" = <<POLICY
p, role:image-updater, applications, get, */*, allow
p, role:image-updater, applications, update, */*, allow
g, image-updater, role:image-updater
POLICY
}
module_depends_on = [module.gke]
}
locals {
# Example annotations when using Azure application gateway Ingress Controller with Cert-manager
argocd_ingress_annotations = {
"cert-manager.io/cluster-issuer" = module.cert_manager.issuer
"appgw.ingress.kubernetes.io/ssl-redirect" = "true"
"kubernetes.io/ingress.class" = "azure/application-gateway"
}
}
module "argocd" {
source = "https://gitlab.com/deimosdev/tooling/terraform-modules/terraform-kubernetes-argocd"
repositories = local.argocd_repositories
ingress_host = "argocd.${var.dns_zone_name}"
ingress_annotations = local.argocd_ingress_annotations
server_insecure = true # Run argocd-server in secure mode to prevent SSL conflicts with application/gateway and cert-manager
module_depends_on = [module.gke]
}
Ensure Kubernetes Provider and Helm Provider settings are correct https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/guides/getting-started#provider-setup
Code formatting and documentation for variables and outputs is generated using pre-commit-terraform hooks which uses terraform-docs.
Follow these instructions to install pre-commit locally.
And install terraform-docs
with
go get github.com/segmentio/terraform-docs
or
brew install terraform-docs.
Report issues/questions/feature requests on in the issues section.
Full contributing guidelines are covered here.
Name | Version |
---|---|
terraform | >= 0.12 |
helm | >=1.2.3 |
kubernetes | >=1.11.3 |
Name | Version |
---|---|
helm | >=1.2.3 |
null | n/a |
No modules.
Name | Type |
---|---|
helm_release.argocd | resource |
null_resource.extra_manifests | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
chart_version | version of charts | any |
null |
no |
config | Additional config to be added to the Argocd configmap | map |
{} |
no |
image_tag | Image tag to install | string |
null |
no |
ingress_annotations | annotations to pass to the ingress | map |
{} |
no |
ingress_host | The ingress host | any |
null |
no |
ingress_tls_secret | The TLS secret name for argocd ingress | string |
"argocd-tls" |
no |
manifests | Path/URL to manifests to be applied after argocd is deployed | list(string) |
[] |
no |
namespace | The namespace to deploy argocd into | string |
"argocd" |
no |
rbac_config | Additional rbac config to be added to the Argocd rbac configmap | map |
{} |
no |
repositories | A list of repository defintions | list(map(string)) |
[] |
no |
server_extra_args | Extra arguments passed to argoCD server | list |
[] |
no |
server_insecure | Whether to run the argocd-server with --insecure flag. Useful when disabling argocd-server tls default protocols to provide your certificates | bool |
false |
no |
values | Extra Values to pass to the Argocd Helm Deployment | map |
{} |
no |
Name | Description |
---|---|
namespace | the kubernetes namespace of the release |
release_name | the name of the release |
server_url | The server URL of argocd created by ingress |