From 05156c9a17964f0680f2bc000f47093066181389 Mon Sep 17 00:00:00 2001 From: disposab1e <48065501+disposab1e@users.noreply.github.com> Date: Thu, 14 Nov 2019 20:54:49 +0100 Subject: [PATCH] New Version 0.0.2 --- deploy/catalog-source.yaml | 10 + ...tor-helm.v0.0.2.clusterserviceversion.yaml | 472 ++++++++++++++ .../0.0.2/argoproj.io_argocds_crd.yaml | 19 + deploy/operator-group.yaml | 8 + deploy/operator-subscription.yaml | 10 + deploy/operator.yaml | 31 + deploy/role.yaml | 81 +++ deploy/role_binding.yaml | 13 + deploy/service_account.yaml | 4 + docs/robots.txt | 3 + .../kubernetes_argocd_installation.txt | 9 + ...ubernetes_operator_manual_installation.txt | 21 + .../kubernetes_operator_olm_installation.txt | 20 + guides/kubernetes/examples/gcp.yaml | 575 ++++++++++++++++++ guides/kubernetes/examples/minikube.yaml | 575 ++++++++++++++++++ guides/kubernetes/manual/crd.yaml | 19 + guides/kubernetes/manual/deployment.yaml | 31 + guides/kubernetes/manual/namespace.yaml | 5 + guides/kubernetes/manual/role.yaml | 81 +++ guides/kubernetes/manual/role_binding.yaml | 12 + guides/kubernetes/manual/service_account.yaml | 5 + guides/kubernetes/manual/usecase.md | 39 ++ guides/kubernetes/olm/catalog-source.yaml | 10 + guides/kubernetes/olm/namespace.yaml | 5 + guides/kubernetes/olm/operator-group.yaml | 8 + guides/kubernetes/olm/subscription.yaml | 10 + guides/openshift/examples/crc.yaml | 575 ++++++++++++++++++ guides/openshift/manual/crd.yaml | 19 + guides/openshift/manual/deployment.yaml | 31 + guides/openshift/manual/namespace.yaml | 5 + guides/openshift/manual/role.yaml | 81 +++ guides/openshift/manual/role_binding.yaml | 12 + guides/openshift/manual/service_account.yaml | 5 + guides/openshift/olm/catalog-source.yaml | 10 + guides/openshift/olm/namespace.yaml | 5 + guides/openshift/olm/operator-group.yaml | 8 + guides/openshift/olm/subscription.yaml | 10 + hack/build.sh | 9 + hack/bundle.sh | 23 + hack/env.sh | 21 + hack/push.sh | 6 + quickstart/kubernetes/argocd.yaml | 575 ++++++++++++++++++ quickstart/kubernetes/quickstart.yaml | 35 ++ quickstart/openshift/argocd.yaml | 575 ++++++++++++++++++ quickstart/openshift/quickstart.yaml | 35 ++ 45 files changed, 4116 insertions(+) create mode 100644 deploy/catalog-source.yaml create mode 100644 deploy/olm-catalog/argocd-operator-helm/0.0.2/argocd-operator-helm.v0.0.2.clusterserviceversion.yaml create mode 100644 deploy/olm-catalog/argocd-operator-helm/0.0.2/argoproj.io_argocds_crd.yaml create mode 100644 deploy/operator-group.yaml create mode 100644 deploy/operator-subscription.yaml create mode 100644 deploy/operator.yaml create mode 100644 deploy/role.yaml create mode 100644 deploy/role_binding.yaml create mode 100644 deploy/service_account.yaml create mode 100644 docs/robots.txt create mode 100644 docs/source/_static/kubernetes_argocd_installation.txt create mode 100644 docs/source/_static/kubernetes_operator_manual_installation.txt create mode 100644 docs/source/_static/kubernetes_operator_olm_installation.txt create mode 100644 guides/kubernetes/examples/gcp.yaml create mode 100644 guides/kubernetes/examples/minikube.yaml create mode 100644 guides/kubernetes/manual/crd.yaml create mode 100644 guides/kubernetes/manual/deployment.yaml create mode 100644 guides/kubernetes/manual/namespace.yaml create mode 100644 guides/kubernetes/manual/role.yaml create mode 100644 guides/kubernetes/manual/role_binding.yaml create mode 100644 guides/kubernetes/manual/service_account.yaml create mode 100644 guides/kubernetes/manual/usecase.md create mode 100644 guides/kubernetes/olm/catalog-source.yaml create mode 100644 guides/kubernetes/olm/namespace.yaml create mode 100644 guides/kubernetes/olm/operator-group.yaml create mode 100644 guides/kubernetes/olm/subscription.yaml create mode 100644 guides/openshift/examples/crc.yaml create mode 100644 guides/openshift/manual/crd.yaml create mode 100644 guides/openshift/manual/deployment.yaml create mode 100644 guides/openshift/manual/namespace.yaml create mode 100644 guides/openshift/manual/role.yaml create mode 100644 guides/openshift/manual/role_binding.yaml create mode 100644 guides/openshift/manual/service_account.yaml create mode 100644 guides/openshift/olm/catalog-source.yaml create mode 100644 guides/openshift/olm/namespace.yaml create mode 100644 guides/openshift/olm/operator-group.yaml create mode 100644 guides/openshift/olm/subscription.yaml create mode 100755 hack/build.sh create mode 100755 hack/bundle.sh create mode 100755 hack/env.sh create mode 100755 hack/push.sh create mode 100644 quickstart/kubernetes/argocd.yaml create mode 100644 quickstart/kubernetes/quickstart.yaml create mode 100644 quickstart/openshift/argocd.yaml create mode 100644 quickstart/openshift/quickstart.yaml diff --git a/deploy/catalog-source.yaml b/deploy/catalog-source.yaml new file mode 100644 index 00000000..55ab8860 --- /dev/null +++ b/deploy/catalog-source.yaml @@ -0,0 +1,10 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: argocd-catalog + namespace: argocd +spec: + sourceType: grpc + image: quay.io/disposab1e/argocd-operator-helm-registry:0.0.2 + displayName: Argo CD Operators + publisher: Argo CD \ No newline at end of file diff --git a/deploy/olm-catalog/argocd-operator-helm/0.0.2/argocd-operator-helm.v0.0.2.clusterserviceversion.yaml b/deploy/olm-catalog/argocd-operator-helm/0.0.2/argocd-operator-helm.v0.0.2.clusterserviceversion.yaml new file mode 100644 index 00000000..38793b8f --- /dev/null +++ b/deploy/olm-catalog/argocd-operator-helm/0.0.2/argocd-operator-helm.v0.0.2.clusterserviceversion.yaml @@ -0,0 +1,472 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "argoproj.io/v1alpha1", + "kind": "ArgoCD", + "metadata": { + "name": "argocd" + }, + "spec": { + "configs": { + "knownHosts": { + "data": { + "ssh_known_hosts": "bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==\ngithub.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\ngitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=\ngitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf\ngitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9\nssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H\nvs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H\n" + } + }, + "secret": { + "bitbucketSecret": "", + "createSecret": true, + "githubSecret": "", + "gitlabSecret": "" + }, + "tlsCerts": {} + }, + "controller": { + "affinity": {}, + "args": { + "operationProcessors": "10", + "statusProcessors": "20" + }, + "clusterAdminAccess": { + "enabled": true + }, + "containerPort": 8082, + "extraArgs": [], + "image": { + "imagePullPolicy": null, + "repository": null, + "tag": null + }, + "livenessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "logLevel": "info", + "metrics": { + "enabled": false, + "service": { + "annotations": {}, + "labels": {}, + "servicePort": 8082 + }, + "serviceMonitor": { + "enabled": false + } + }, + "name": "application-controller", + "nodeSelector": {}, + "podAnnotations": {}, + "podLabels": {}, + "priorityClassName": "", + "readinessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "resources": {}, + "service": { + "annotations": {}, + "labels": {}, + "port": 8082 + }, + "serviceAccount": { + "create": true, + "name": "argocd-application-controller" + }, + "tolerations": [], + "volumeMounts": [], + "volumes": [] + }, + "dex": { + "affinity": {}, + "containerPortGrpc": 5557, + "containerPortHttp": 5556, + "enabled": true, + "image": { + "imagePullPolicy": "IfNotPresent", + "repository": "quay.io/dexidp/dex", + "tag": "v2.14.0" + }, + "initImage": { + "imagePullPolicy": null, + "repository": null, + "tag": null + }, + "name": "dex-server", + "nodeSelector": {}, + "priorityClassName": "", + "resources": {}, + "serviceAccount": { + "create": true, + "name": "argocd-dex-server" + }, + "servicePortGrpc": 5557, + "servicePortHttp": 5556, + "tolerations": [], + "volumeMounts": [ + { + "mountPath": "/shared", + "name": "static-files" + } + ], + "volumes": [ + { + "emptyDir": {}, + "name": "static-files" + } + ] + }, + "fullnameOverride": "", + "global": { + "image": { + "imagePullPolicy": "IfNotPresent", + "repository": "argoproj/argocd", + "tag": "v1.3.0" + } + }, + "installCRDs": true, + "nameOverride": "argocd", + "redis": { + "affinity": {}, + "containerPort": 6379, + "enabled": true, + "image": { + "imagePullPolicy": "IfNotPresent", + "repository": "redis", + "tag": "5.0.3" + }, + "name": "redis", + "nodeSelector": {}, + "priorityClassName": "", + "resources": {}, + "servicePort": 6379, + "tolerations": [], + "volumeMounts": [], + "volumes": [] + }, + "repoServer": { + "affinity": {}, + "containerPort": 8081, + "extraArgs": [], + "image": { + "imagePullPolicy": null, + "repository": null, + "tag": null + }, + "livenessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "logLevel": "info", + "metrics": { + "enabled": false, + "service": { + "annotations": {}, + "labels": {}, + "servicePort": 8084 + }, + "serviceMonitor": { + "enabled": false + } + }, + "name": "repo-server", + "nodeSelector": {}, + "podAnnotations": {}, + "podLabels": {}, + "priorityClassName": "", + "readinessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "resources": {}, + "service": { + "annotations": {}, + "labels": {}, + "port": 8081 + }, + "tolerations": [], + "volumeMounts": [], + "volumes": [] + }, + "server": { + "additionalApplications": [], + "additionalProjects": [], + "affinity": {}, + "certificate": { + "additionalHosts": [], + "domain": "argocd.example.com", + "enabled": false, + "issuer": {} + }, + "config": { + "application.instanceLabelKey": "argocd.argoproj.io/instance", + "url": "https://argocd.example.com" + }, + "containerPort": 8080, + "extraArgs": [], + "image": { + "imagePullPolicy": null, + "repository": null, + "tag": null + }, + "ingress": { + "annotations": {}, + "enabled": false, + "hosts": [], + "labels": {}, + "paths": [ + "/" + ], + "tls": [] + }, + "livenessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "logLevel": "info", + "metrics": { + "enabled": false, + "service": { + "annotations": {}, + "labels": {}, + "servicePort": 8083 + }, + "serviceMonitor": { + "enabled": false + } + }, + "name": "server", + "nodeSelector": {}, + "podAnnotations": {}, + "podLabels": {}, + "priorityClassName": "", + "rbacConfig": {}, + "readinessProbe": { + "failureThreshold": 3, + "initialDelaySeconds": 10, + "periodSeconds": 10, + "successThreshold": 1, + "timeoutSeconds": 1 + }, + "resources": {}, + "route": { + "enabled": true, + "hostname": "" + }, + "service": { + "annotations": {}, + "labels": {}, + "servicePortHttp": 80, + "servicePortHttps": 443, + "type": "ClusterIP" + }, + "serviceAccount": { + "create": true, + "name": "argocd-server" + }, + "tolerations": [], + "volumeMounts": [], + "volumes": [] + } + } + } + ] + capabilities: Basic Install + categories: "Integration & Delivery" + description: Manages the installation of Argo CD. + certified: "false" + containerImage: quay.io/disposab1e/argocd-operator-helm:v0.0.2 + support: Community + repository: https://github.com/disposab1e/argocd-operator-helm.git + name: argocd-operator-helm.v0.0.2 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - kind: ArgoCD + displayName: ArgoCD + name: argocds.argoproj.io + version: v1alpha1 + description: 'Represents the Argo CD installation.' + description: | + + ### Argo CD + + [Argo CD](https://argoproj.github.io/argo-cd/) is a declarative, GitOps continuous delivery tool for Kubernetes. + + ### Overview + This **community maintained** [Argo CD Operator (Helm)](https://github.com/disposab1e/argocd-operator-helm) + is based on the [Argo CD Helm Chart](https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd) + and currently installs the non-HA version of [Argo CD](https://argoproj.github.io/argo-cd/) in OpenShift Container Platform and Kubernetes. + The operator shares all [configuration values](https://github.com/disposab1e/argocd-operator-helm/blob/release-0.0.2/helm-charts/argo-cd/README.md) + from the Argo CD Helm Chart. + + + ### Install + + The operator manages a single namespace installation of Argo CD. + Therefore you have to install the operator and Argo CD in the same namespace. + For simplicity we recommend creating a namespace `argocd`. + + To install Argo CD create a new ArgoCD resource with your own customizations or use the provided example from the Web UI. + + Please note! For Kubernetes you must disable the OpenShift route from the Web UI example with `server.route: false`. + + + displayName: Argo CD Operator (Helm) + links: + - name: Argo CD + url: https://argoproj.github.io/argo-cd/ + - name: GitHub + url: https://github.com/disposab1e/argocd-operator-helm.git + - name: Read the Docs + url: https://argocd-operator-helm.readthedocs.io + icon: + - base64data: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+CjwhRE9DVFlQRSBzdmcgUFVCTElDICItLy9XM0MvL0RURCBTVkcgMS4xLy9FTiIgImh0dHA6Ly93d3cudzMub3JnL0dyYXBoaWNzL1NWRy8xLjEvRFREL3N2ZzExLmR0ZCI+Cjxzdmcgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDIzIDMwIiB2ZXJzaW9uPSIxLjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHhtbDpzcGFjZT0icHJlc2VydmUiIHhtbG5zOnNlcmlmPSJodHRwOi8vd3d3LnNlcmlmLmNvbS8iIHN0eWxlPSJmaWxsLXJ1bGU6ZXZlbm9kZDtjbGlwLXJ1bGU6ZXZlbm9kZDtzdHJva2UtbGluZWpvaW46cm91bmQ7c3Ryb2tlLW1pdGVybGltaXQ6MjsiPgogICAgPGcgdHJhbnNmb3JtPSJtYXRyaXgoMSwwLDAsMSwtOS4yLC03KSI+CiAgICAgICAgPGc+CiAgICAgICAgICAgIDxnPgogICAgICAgICAgICAgICAgPHBhdGggZD0iTTE2LDI3LjdDMTYsMjcuNyAxNS44LDI4LjMgMTUuNSwyOC42QzE1LjMsMjguOCAxNS4xLDI4LjkgMTQuOCwyOC45QzE0LjEsMjkuMSAxMy4zLDI5LjIgMTMuMywyOS4yQzEzLjMsMjkuMiAxNCwyOS4zIDE0LjgsMjkuNEMxNS4xLDI5LjQgMTUuMSwyOS40IDE1LjMsMjkuNUMxNS44LDI5LjUgMTYsMjkuMiAxNiwyOS4yTDE2LDI3LjdaIiBzdHlsZT0iZmlsbDpyZ2IoMjMzLDEwMSw3NSk7ZmlsbC1ydWxlOm5vbnplcm87Ii8+CiAgICAgICAgICAgICAgICA8cGF0aCBkPSJNMjUuMiwyNy43QzI1LjIsMjcuNyAyNS40LDI4LjMgMjUuNywyOC42QzI1LjksMjguOCAyNi4xLDI4LjkgMjYuNCwyOC45QzI3LjEsMjkuMSAyNy45LDI5LjIgMjcuOSwyOS4yQzI3LjksMjkuMiAyNy4yLDI5LjMgMjYuMywyOS40QzI2LDI5LjQgMjYsMjkuNCAyNS44LDI5LjVDMjUuMiwyOS41IDI1LjEsMjkuMiAyNS4xLDI5LjJMMjUuMiwyNy43WiIgc3R5bGU9ImZpbGw6cmdiKDIzMywxMDEsNzUpO2ZpbGwtcnVsZTpub256ZXJvOyIvPgogICAgICAgICAgICA8L2c+CiAgICAgICAgICAgIDxnPgogICAgICAgICAgICAgICAgPGNpcmNsZSBjeD0iMjAuNyIgY3k9IjE3LjgiIHI9IjEwLjgiIHN0eWxlPSJmaWxsOnJnYigxODIsMjA3LDIzNCk7Ii8+CiAgICAgICAgICAgICAgICA8Y2lyY2xlIGN4PSIyMC43IiBjeT0iMTcuOCIgcj0iMTAuNCIgc3R5bGU9ImZpbGw6cmdiKDIzMCwyNDUsMjQ4KTsiLz4KICAgICAgICAgICAgICAgIDxjaXJjbGUgY3g9IjIwLjciIGN5PSIxOCIgcj0iOC41IiBzdHlsZT0iZmlsbDpyZ2IoMjA4LDIzMiwyNDApOyIvPgogICAgICAgICAgICAgICAgPGcgaWQ9IkJvZHlfMV8iPgogICAgICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik0xNS43LDIyQzE1LjcsMjIgMTYuNCwzMy4zIDE2LjQsMzMuNUMxNi40LDMzLjYgMTYuNSwzMy44IDE2LDM0QzE1LjUsMzQuMiAxMy45LDM0LjYgMTMuOSwzNC42TDE2LjMsMzQuNkMxNy40LDM0LjYgMTcuNCwzMy43IDE3LjQsMzMuNUMxNy40LDMzLjMgMTcuNywyOSAxNy43LDI5QzE3LjcsMjkgMTcuOCwzNC4xIDE3LjgsMzQuM0MxNy44LDM0LjUgMTcuNywzNC44IDE3LDM1QzE2LjUsMzUuMSAxNSwzNS40IDE1LDM1LjRMMTcuMywzNS40QzE4LjcsMzUuNCAxOC43LDM0LjUgMTguNywzNC41TDE5LDMwQzE5LDMwIDE5LjEsMzQuNSAxOS4xLDM1QzE5LjEsMzUuNCAxOC44LDM1LjcgMTcuNywzNS45QzE3LDM2LjEgMTYuMSwzNi4zIDE2LjEsMzYuM0wxOC43LDM2LjNDMjAsMzYuMiAyMC4yLDM1LjMgMjAuMiwzNS4zTDIyLjQsMjQuMUwxNS43LDIyWiIgc3R5bGU9ImZpbGw6cmdiKDIzOCwxMjEsNzUpO2ZpbGwtcnVsZTpub256ZXJvOyIvPgogICAgICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik0yNS43LDIyQzI1LjcsMjIgMjUsMzMuMyAyNSwzMy41QzI1LDMzLjYgMjQuOSwzMy44IDI1LjQsMzRDMjUuOSwzNC4yIDI3LjUsMzQuNiAyNy41LDM0LjZMMjUuMSwzNC42QzI0LDM0LjYgMjQsMzMuNyAyNCwzMy41QzI0LDMzLjMgMjMuNywyOSAyMy43LDI5QzIzLjcsMjkgMjMuNiwzNC4xIDIzLjYsMzQuM0MyMy42LDM0LjUgMjMuNywzNC44IDI0LjQsMzVDMjQuOSwzNS4xIDI2LjQsMzUuNCAyNi40LDM1LjRMMjQuMSwzNS40QzIyLjcsMzUuNCAyMi43LDM0LjUgMjIuNywzNC41TDIyLjQsMzBDMjIuNCwzMCAyMi4zLDM0LjUgMjIuMywzNUMyMi4zLDM1LjQgMjIuNiwzNS43IDIzLjcsMzUuOUMyNC40LDM2LjEgMjUuMywzNi4zIDI1LjMsMzYuM0wyMi43LDM2LjNDMjEuNCwzNi4yIDIxLjIsMzUuMyAyMS4yLDM1LjNMMTksMjQuMUwyNS43LDIyWiIgc3R5bGU9ImZpbGw6cmdiKDIzOCwxMjEsNzUpO2ZpbGwtcnVsZTpub256ZXJvOyIvPgogICAgICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik0yNS44LDE2LjVDMjUuOCwxOS4zIDIzLjUsMjEuNSAyMC44LDIxLjVDMTguMSwyMS41IDE1LjgsMTkuMiAxNS44LDE2LjVDMTUuOCwxMy44IDE4LjEsMTEuNSAyMC44LDExLjVDMjMuNSwxMS41IDI1LjgsMTMuNyAyNS44LDE2LjVaIiBzdHlsZT0iZmlsbDpyZ2IoMjM4LDEyMSw3NSk7ZmlsbC1ydWxlOm5vbnplcm87Ii8+CiAgICAgICAgICAgICAgICAgICAgPGNsaXBQYXRoIGlkPSJfY2xpcDEiPgogICAgICAgICAgICAgICAgICAgICAgICA8cGF0aCBkPSJNMjUuOCwxNi4zTDI1LjIsMzBMMTYuMiwzMEwxNS43LDE2LjMiLz4KICAgICAgICAgICAgICAgICAgICA8L2NsaXBQYXRoPgogICAgICAgICAgICAgICAgICAgIDxnIGNsaXAtcGF0aD0idXJsKCNfY2xpcDEpIj4KICAgICAgICAgICAgICAgICAgICAgICAgPGNpcmNsZSBjeD0iMjAuOCIgY3k9IjE5LjIiIHI9IjguOSIgc3R5bGU9ImZpbGw6cmdiKDIzOCwxMjEsNzUpOyIvPgogICAgICAgICAgICAgICAgICAgIDwvZz4KICAgICAgICAgICAgICAgICAgICA8cGF0aCBkPSJNMjUuNSwyMkMyNS41LDIyIDI2LjEsMTYuNyAyNS4zLDE0LjdDMjMuOCwxMS4yIDIwLjMsMTEuNSAyMC4zLDExLjVDMjAuMywxMS41IDIyLjMsMTIuMyAyMi40LDE1LjNDMjIuNSwxNy40IDIyLjQsMjAuNSAyMi40LDIwLjVMMjUuNSwyMloiIHN0eWxlPSJmaWxsOnJnYigyMjcsNzgsNTkpO2ZpbGwtb3BhY2l0eTowLjIyO2ZpbGwtcnVsZTpub256ZXJvOyIvPgogICAgICAgICAgICAgICAgPC9nPgogICAgICAgICAgICAgICAgPGcgaWQ9IkZhY2VfMV8iPgogICAgICAgICAgICAgICAgICAgIDxjaXJjbGUgY3g9IjE4LjciIGN5PSIxMy44IiByPSIwLjciIHN0eWxlPSJmaWxsOnJnYigyNTEsMjIzLDE5NSk7ZmlsbC1vcGFjaXR5OjAuNTsiLz4KICAgICAgICAgICAgICAgICAgICA8Zz4KICAgICAgICAgICAgICAgICAgICAgICAgPGc+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8cGF0aCBkPSJNMjIuNSwyNEMyMi41LDI1LjcgMjEuNywyNi44IDIwLjcsMjYuOEMxOS43LDI2LjggMTguOSwyNS41IDE4LjksMjMuOEMxOC45LDIzLjggMTkuNywyNS40IDIwLjgsMjUuNEMyMS45LDI1LjQgMjIuNSwyNCAyMi41LDI0WiIgc3R5bGU9ImZpbGw6cmdiKDEsMSwxKTtmaWxsLXJ1bGU6bm9uemVybzsiLz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik0yMi41LDI0QzIyLjUsMjUuMSAyMS43LDI1LjcgMjAuNywyNS43QzE5LjcsMjUuNyAxOSwyNC45IDE5LDIzLjlDMTksMjMuOSAxOS44LDI0LjkgMjAuOSwyNC45QzIyLDI0LjkgMjIuNSwyNCAyMi41LDI0WiIgc3R5bGU9ImZpbGw6d2hpdGU7ZmlsbC1ydWxlOm5vbnplcm87Ii8+CiAgICAgICAgICAgICAgICAgICAgICAgIDwvZz4KICAgICAgICAgICAgICAgICAgICAgICAgPGc+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICA8Zz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8Zz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGNpcmNsZSBjeD0iMjQuMiIgY3k9IjE5LjMiIHI9IjMuMSIgc3R5bGU9ImZpbGw6cmdiKDIzMywxMDEsNzUpOyIvPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8Y2lyY2xlIGN4PSIxNy4yIiBjeT0iMTkuMyIgcj0iMy4xIiBzdHlsZT0iZmlsbDpyZ2IoMjMzLDEwMSw3NSk7Ii8+CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPC9nPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxnPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8Y2lyY2xlIGN4PSIyNC4yIiBjeT0iMTkuMyIgcj0iMi40IiBzdHlsZT0iZmlsbDp3aGl0ZTsiLz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgPGNpcmNsZSBjeD0iMTciIGN5PSIxOS4zIiByPSIyLjQiIHN0eWxlPSJmaWxsOndoaXRlOyIvPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvZz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvZz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxnPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDxjaXJjbGUgY3g9IjE3IiBjeT0iMTkiIHI9IjAuNyIgc3R5bGU9ImZpbGw6cmdiKDEsMSwxKTsiLz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA8Y2lyY2xlIGN4PSIyNC4yIiBjeT0iMTkiIHI9IjAuNyIgc3R5bGU9ImZpbGw6cmdiKDEsMSwxKTsiLz4KICAgICAgICAgICAgICAgICAgICAgICAgICAgIDwvZz4KICAgICAgICAgICAgICAgICAgICAgICAgPC9nPgogICAgICAgICAgICAgICAgICAgIDwvZz4KICAgICAgICAgICAgICAgIDwvZz4KICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik05LjcsMjAuNUM5LjQsMjAuNSA5LjIsMjAuMyA5LjIsMjBMOS4yLDE2QzkuMiwxNS43IDkuNCwxNS41IDkuNywxNS41QzEwLDE1LjUgMTAuMiwxNS43IDEwLjIsMTZMMTAuMiwyMEMxMC4yLDIwLjMgMTAsMjAuNSA5LjcsMjAuNVoiIHN0eWxlPSJmaWxsOnJnYigxODIsMjA3LDIzNCk7ZmlsbC1ydWxlOm5vbnplcm87Ii8+CiAgICAgICAgICAgICAgICA8cGF0aCBkPSJNMzEuNSwyMC41QzMxLjIsMjAuNSAzMSwyMC4zIDMxLDIwTDMxLDE2QzMxLDE1LjcgMzEuMiwxNS41IDMxLjUsMTUuNUMzMS44LDE1LjUgMzIsMTUuNyAzMiwxNkwzMiwyMEMzMiwyMC4zIDMxLjgsMjAuNSAzMS41LDIwLjVaIiBzdHlsZT0iZmlsbDpyZ2IoMTgyLDIwNywyMzQpO2ZpbGwtcnVsZTpub256ZXJvOyIvPgogICAgICAgICAgICAgICAgPGNpcmNsZSBjeD0iMTcuMyIgY3k9IjkuOCIgcj0iMC41IiBzdHlsZT0iZmlsbDp3aGl0ZTsiLz4KICAgICAgICAgICAgICAgIDxwYXRoIGQ9Ik0xMy43LDIzLjNDMTMuNiwyMy4zIDEzLjUsMjMuMyAxMy40LDIzLjJDMTIuMiwyMS43IDExLjYsMTkuOCAxMS42LDE3LjlDMTEuNiwxNi4zIDEyLDE0LjggMTIuOCwxMy40QzEzLjYsMTIuMSAxNC43LDExIDE2LDEwLjJDMTYuMiwxMC4xIDE2LjQsMTAuMiAxNi41LDEwLjNDMTYuNiwxMC41IDE2LjUsMTAuNyAxNi40LDEwLjhDMTMuOSwxMi4yIDEyLjMsMTQuOSAxMi4zLDE3LjhDMTIuMywxOS42IDEyLjksMjEuMyAxNCwyMi43QzE0LjEsMjIuOCAxNC4xLDIzLjEgMTMuOSwyMy4yQzEzLjgsMjMuMyAxMy44LDIzLjMgMTMuNywyMy4zWiIgc3R5bGU9ImZpbGw6d2hpdGU7ZmlsbC1ydWxlOm5vbnplcm87Ii8+CiAgICAgICAgICAgICAgICA8cGF0aCBkPSJNMjUuMiwyOEwyNS4yLDI3LjJDMjMuOCwyOCAyMi4zLDI4LjggMjAuNSwyOC44QzE4LjUsMjguOCAxNy4yLDI3LjkgMTUuOSwyNy4yTDE2LDI4QzE2LDI4IDE3LjUsMjkuNiAyMC42LDI5LjZDMjMuNSwyOS41IDI1LjIsMjggMjUuMiwyOFoiIHN0eWxlPSJmaWxsOnJnYigyMzMsMTAxLDc1KTtmaWxsLW9wYWNpdHk6MC4yNTtmaWxsLXJ1bGU6bm9uemVybzsiLz4KICAgICAgICAgICAgPC9nPgogICAgICAgIDwvZz4KICAgIDwvZz4KPC9zdmc+Cg== + mediatype: image/svg+xml + maintainers: + - name: Disposable Zone + email: disposable.source@icloud.com + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - namespaces + - pods + - services + - services/finalizers + - endpoints + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - '*' + - apiGroups: + - apps + resources: + - deployments + - replicasets + verbs: + - '*' + - apiGroups: + - apps + resourceNames: + - argocd-operator-helm + resources: + - deployments/finalizers + verbs: + - update + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - apiGroups: + - apps + resources: + - replicasets + verbs: + - get + - apiGroups: + - argoproj.io + resources: + - '*' + verbs: + - '*' + - apiGroups: + - route.openshift.io + resources: + - 'routes' + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - prometheuses + - servicemonitors + verbs: + - '*' + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + - rolebindings + - roles + verbs: + - '*' + serviceAccountName: argocd-operator-helm + deployments: + - name: argocd-operator-helm + spec: + replicas: 1 + selector: + matchLabels: + name: argocd-operator-helm + strategy: {} + template: + metadata: + labels: + name: argocd-operator-helm + spec: + containers: + - env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: argocd-operator-helm + image: quay.io/disposab1e/argocd-operator-helm:v0.0.2 + imagePullPolicy: Always + name: argocd-operator-helm + resources: {} + serviceAccountName: argocd-operator-helm + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: false + type: AllNamespaces + maturity: alpha + version: 0.0.2 + provider: + name: Disposable Zone diff --git a/deploy/olm-catalog/argocd-operator-helm/0.0.2/argoproj.io_argocds_crd.yaml b/deploy/olm-catalog/argocd-operator-helm/0.0.2/argoproj.io_argocds_crd.yaml new file mode 100644 index 00000000..e2f128d8 --- /dev/null +++ b/deploy/olm-catalog/argocd-operator-helm/0.0.2/argoproj.io_argocds_crd.yaml @@ -0,0 +1,19 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: argocds.argoproj.io +spec: + group: argoproj.io + names: + kind: ArgoCD + listKind: ArgoCDList + plural: argocds + singular: argocd + scope: Namespaced + subresources: + status: {} + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/deploy/operator-group.yaml b/deploy/operator-group.yaml new file mode 100644 index 00000000..36ac48da --- /dev/null +++ b/deploy/operator-group.yaml @@ -0,0 +1,8 @@ +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: argocd-operator-helm + namespace: argocd +spec: + targetNamespaces: + - argocd \ No newline at end of file diff --git a/deploy/operator-subscription.yaml b/deploy/operator-subscription.yaml new file mode 100644 index 00000000..26ad7ddd --- /dev/null +++ b/deploy/operator-subscription.yaml @@ -0,0 +1,10 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: argocd-operator-helm + namespace: argocd +spec: + channel: alpha + name: argocd-operator-helm + source: argocd-catalog + sourceNamespace: olm diff --git a/deploy/operator.yaml b/deploy/operator.yaml new file mode 100644 index 00000000..55329702 --- /dev/null +++ b/deploy/operator.yaml @@ -0,0 +1,31 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-operator-helm + namespace: argocd +spec: + replicas: 1 + selector: + matchLabels: + name: argocd-operator-helm + template: + metadata: + labels: + name: argocd-operator-helm + spec: + serviceAccountName: argocd-operator-helm + containers: + - name: argocd-operator-helm + image: quay.io/disposab1e/argocd-operator-helm:v0.0.2 + imagePullPolicy: Always + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: "argocd-operator-helm" diff --git a/deploy/role.yaml b/deploy/role.yaml new file mode 100644 index 00000000..2e59c2d4 --- /dev/null +++ b/deploy/role.yaml @@ -0,0 +1,81 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: argocd-operator-helm +rules: +- apiGroups: + - "" + resources: + - namespaces + - pods + - services + - services/finalizers + - endpoints + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + - replicasets + verbs: + - '*' +- apiGroups: + - apps + resourceNames: + - argocd-operator-helm + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - "" + resources: + - pods + verbs: + - get +- apiGroups: + - apps + resources: + - replicasets + verbs: + - get +- apiGroups: + - argoproj.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - route.openshift.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - prometheuses + - servicemonitors + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + - rolebindings + - roles + verbs: + - '*' diff --git a/deploy/role_binding.yaml b/deploy/role_binding.yaml new file mode 100644 index 00000000..df064ae0 --- /dev/null +++ b/deploy/role_binding.yaml @@ -0,0 +1,13 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: argocd-operator-helm + namespace: argocd +subjects: +- kind: ServiceAccount + name: argocd-operator-helm + namespace: argocd +roleRef: + kind: ClusterRole + name: argocd-operator-helm + apiGroup: rbac.authorization.k8s.io diff --git a/deploy/service_account.yaml b/deploy/service_account.yaml new file mode 100644 index 00000000..32003647 --- /dev/null +++ b/deploy/service_account.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-operator-helm diff --git a/docs/robots.txt b/docs/robots.txt new file mode 100644 index 00000000..ee1663a2 --- /dev/null +++ b/docs/robots.txt @@ -0,0 +1,3 @@ +User-agent: * +Disallow: /en/0.0.1/ +Disallow: /en/stable \ No newline at end of file diff --git a/docs/source/_static/kubernetes_argocd_installation.txt b/docs/source/_static/kubernetes_argocd_installation.txt new file mode 100644 index 00000000..e716915d --- /dev/null +++ b/docs/source/_static/kubernetes_argocd_installation.txt @@ -0,0 +1,9 @@ +.. code-block:: bash + + kubectl get ArgoCDs argocd -n argocd + + kubectl rollout status -w deployment/argocd-application-controller -n argocd + kubectl rollout status -w deployment/argocd-dex-server -n argocd + kubectl rollout status -w deployment/argocd-redis -n argocd + kubectl rollout status -w deployment/argocd-repo-server -n argocd + kubectl rollout status -w deployment/argocd-server -n argocd diff --git a/docs/source/_static/kubernetes_operator_manual_installation.txt b/docs/source/_static/kubernetes_operator_manual_installation.txt new file mode 100644 index 00000000..2c802b6b --- /dev/null +++ b/docs/source/_static/kubernetes_operator_manual_installation.txt @@ -0,0 +1,21 @@ +Manual +------ + +You can install the operator from local sources without having to install an OLM Catalog. + +.. Note:: No channel subscription and automatic operator updates available with this method. + +.. image:: https://img.shields.io/badge/git%20clone-https%3A%2F%2Fgithub.com%2Fdisposab1e%2Fargocd--operator--helm.git-9cf.svg + :target: https://github.com/disposab1e/argocd-operator-helm + :alt: git clone + +.. code-block:: bash + + kubectl apply -f guides/kubernetes/manual/namespace.yaml + kubectl apply -f guides/kubernetes/manual/service_account.yaml + kubectl apply -f guides/kubernetes/manual/role.yaml + kubectl apply -f guides/kubernetes/manual/role_binding.yaml + kubectl apply -f guides/kubernetes/manual/crd.yaml + kubectl apply -f guides/kubernetes/manual/deployment.yaml + + kubectl rollout status -w deployment/argocd-operator-helm -n argocd diff --git a/docs/source/_static/kubernetes_operator_olm_installation.txt b/docs/source/_static/kubernetes_operator_olm_installation.txt new file mode 100644 index 00000000..6516db09 --- /dev/null +++ b/docs/source/_static/kubernetes_operator_olm_installation.txt @@ -0,0 +1,20 @@ +Operator Lifecycle Manager +-------------------------- + +This installation method installs the operator using an `OLM Catalog`_. + +.. _OLM Catalog: https://quay.io/repository/disposab1e/argocd-operator-helm-registry + +.. image:: https://img.shields.io/badge/git%20clone-https%3A%2F%2Fgithub.com%2Fdisposab1e%2Fargocd--operator--helm.git-9cf.svg + :target: https://github.com/disposab1e/argocd-operator-helm + :alt: git clone + +.. code-block:: bash + + kubectl apply -f guides/kubernetes/olm/namespace.yaml + kubectl apply -f guides/kubernetes/olm/catalog-source.yaml + kubectl apply -f guides/kubernetes/olm/operator-group.yaml + kubectl apply -f guides/kubernetes/olm/subscription.yaml + + kubectl rollout status -w deployment/argocd-operator-helm -n argocd + diff --git a/guides/kubernetes/examples/gcp.yaml b/guides/kubernetes/examples/gcp.yaml new file mode 100644 index 00000000..1b05ce18 --- /dev/null +++ b/guides/kubernetes/examples/gcp.yaml @@ -0,0 +1,575 @@ +apiVersion: argoproj.io/v1alpha1 +kind: ArgoCD +metadata: + name: argocd + namespace: argocd +spec: + # Default values copied from /helm-charts/argo-cd/values.yaml + + ## ArgoCD configuration + ## Ref: https://github.com/argoproj/argo-cd + ## + nameOverride: argocd + fullnameOverride: "" + + # Optional CRD installation for those without Helm hooks + installCRDs: true + + global: + image: + repository: argoproj/argocd + tag: v1.3.0 + imagePullPolicy: IfNotPresent + + ## Controller + controller: + name: application-controller + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Argo controller commandline flags + args: + statusProcessors: "20" + operationProcessors: "10" + + ## Argo controller log level + logLevel: info + + ## Additional command line arguments to pass to argocd-controller + ## - key: value + extraArgs: [] + + ## Annotations to be added to controller pods + ## + podAnnotations: {} + + ## Labels to be added to controller pods + ## + podLabels: {} + + ## Configures the controller port + containerPort: 8082 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the controller main container. + volumeMounts: [] + + ## Additional volumes to the controller pod. + volumes: [] + + ## Controller service configuration + service: + annotations: {} + labels: {} + port: 8082 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi + + serviceAccount: + create: true + name: argocd-application-controller + + ## Server metrics controller configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8082 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + ## Enable Admin ClusterRole resources. + ## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster. + clusterAdminAccess: + enabled: true + + ## Dex + dex: + enabled: true + name: dex-server + + image: + repository: quay.io/dexidp/dex + tag: v2.14.0 + imagePullPolicy: IfNotPresent + initImage: + repository: + tag: + imagePullPolicy: + + serviceAccount: + create: true + name: argocd-dex-server + + ## Additional volumeMounts to the controller main container. + volumeMounts: + - name: static-files + mountPath: /shared + + ## Additional volumes to the controller pod. + volumes: + - name: static-files + emptyDir: {} + + ## Dex deployment container ports + containerPortHttp: 5556 + servicePortHttp: 5556 + containerPortGrpc: 5557 + servicePortGrpc: 5557 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + + ## Redis + redis: + enabled: true + name: redis + + image: + repository: redis + tag: 5.0.3 + imagePullPolicy: IfNotPresent + + containerPort: 6379 + servicePort: 6379 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + + volumeMounts: [] + volumes: [] + + ## Server + server: + name: server + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Additional command line arguments to pass to argocd-server + ## - key: value + # extraArgs: [] + # - insecure: true + extraArgs: [] + + ## Argo server log level + logLevel: info + + ## Annotations to be added to controller pods + ## + podAnnotations: {} + + ## Labels to be added to controller pods + ## + podLabels: {} + + ## Configures the server port + containerPort: 8080 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the server main container. + volumeMounts: [] + + ## Additional volumes to the controller pod. + volumes: [] + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 50m + # memory: 64Mi + + ## Certificate configuration + certificate: + enabled: false + domain: argocd.example.com + issuer: {} + additionalHosts: [] + + ## Server service configuration + service: + annotations: {} + labels: {} + type: LoadBalancer + servicePortHttp: 80 + servicePortHttps: 443 + + ## Server metrics service configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8083 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + serviceAccount: + create: true + name: argocd-server + + ingress: + enabled: false + annotations: {} + labels: {} + + ## Argo Ingress. + ## Hostnames must be provided if Ingress is enabled. + ## Secrets must be manually created in the namespace + ## + hosts: + [] + # - argocd.example.com + paths: + - / + tls: + [] + # - secretName: argocd-example-tls + # hosts: + # - argocd.example.com + + # Create a OpenShift Route with SSL passthrough for UI and CLI + # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain + # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain: + # If 'hostname' is an empty string "" OpenShift will create a hostname for you. + route: + enabled: false + hostname: "" + + ## ArgoCD config + ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml + config: + # Argo CD's externally facing base URL (optional). Required when configuring SSO + url: https://argocd.example.com + # Argo CD instance label key + application.instanceLabelKey: argocd.argoproj.io/instance + # repositories: | + # - url: git@github.com:group/repo.git + # sshPrivateKeySecret: + # name: secret-name + # key: sshPrivateKey + # oidc.config: | + # name: AzureAD + # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 + # clientID: CLIENT_ID + # clientSecret: $oidc.azuread.clientSecret + # requestedIDTokenClaims: + # groups: + # essential: true + # requestedScopes: + # - openid + # - profile + # - email + + ## ArgoCD rbac config + ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md + rbacConfig: + {} + # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). + # Policy rules are in the form: + # p, subject, resource, action, object, effect + # Role definitions and bindings are in the form: + # g, subject, inherited-subject + # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. + # policy.csv: | + # # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project' + # p, my-org:team-alpha, applications, sync, my-project/*, allow + # # Grant all members of 'my-org:team-beta' admins + # g, my-org:team-beta, role:admin + # policy.default is the name of the default role which Argo CD will falls back to, when + # authorizing API requests (optional). If omitted or empty, users may be still be able to login, + # but will see no apps, projects, etc... + # policy.default: role:readonly + # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). + # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. + # scopes: '[cognito:groups, email]' + + ## Not well tested and not well supported on release v1.0.0. + ## Applications + ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + additionalApplications: [] + # - name: guestbook + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # project: guestbook + # source: + # repoURL: https://github.com/argoproj/argocd-example-apps.git + # targetRevision: HEAD + # path: guestbook + # directory: + # recurse: true + # destination: + # server: https://kubernetes.default.svc + # namespace: guestbook + # syncPolicy: + # automated: + # prune: false + # selfHeal: false + + ## Projects + ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + additionalProjects: [] + # - name: guestbook + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # description: Example Project + # sourceRepos: + # - '*' + # destinations: + # - namespace: guestbook + # server: https://kubernetes.default.svc + # clusterResourceWhitelist: [] + # namespaceResourceBlacklist: + # - group: '' + # kind: ResourceQuota + # - group: '' + # kind: LimitRange + # - group: '' + # kind: NetworkPolicy + # orphanedResources: {} + # roles: [] + # orphanedResources: {} + # roles: [] + + ## Repo Server + repoServer: + name: repo-server + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Additional command line arguments to pass to argocd-repo-server + ## - key: value + extraArgs: [] + + ## Argo repoServer log level + logLevel: info + + ## Annotations to be added to repo server pods + ## + podAnnotations: {} + + ## Labels to be added to repo server pods + ## + podLabels: {} + + ## Configures the repo server port + containerPort: 8081 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the repo server main container. + volumeMounts: [] + + ## Additional volumes to the repo server pod. + volumes: [] + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + + ## Repo server service configuration + service: + annotations: {} + labels: {} + port: 8081 + + ## Repo server metrics service configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8084 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + ## Argo Configs + configs: + knownHosts: + data: + ssh_known_hosts: | + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= + gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf + gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 + ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + tlsCerts: + {} + # data: + # argocd.example.com: | + # -----BEGIN CERTIFICATE----- + # MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL + # BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE + # BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0 + # c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda + # Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT + # YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES + # MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi + # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5 + # NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc + # CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u + # P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G + # ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+ + # YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E + # Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko + # Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J + # kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u + # kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO + # gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7 + # bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86 + # r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/ + # BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn + # Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx + # CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2 + # XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT + # +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr + # d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO + # OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so + # 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr + # jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8 + # 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W + # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK + # XWyb96wrUlv+E8I= + # -----END CERTIFICATE----- + secret: + createSecret: true + githubSecret: "" + gitlabSecret: "" + bitbucketSecret: "" + diff --git a/guides/kubernetes/examples/minikube.yaml b/guides/kubernetes/examples/minikube.yaml new file mode 100644 index 00000000..387497cb --- /dev/null +++ b/guides/kubernetes/examples/minikube.yaml @@ -0,0 +1,575 @@ +apiVersion: argoproj.io/v1alpha1 +kind: ArgoCD +metadata: + name: argocd + namespace: argocd +spec: + # Default values copied from /helm-charts/argo-cd/values.yaml + + ## ArgoCD configuration + ## Ref: https://github.com/argoproj/argo-cd + ## + nameOverride: argocd + fullnameOverride: "" + + # Optional CRD installation for those without Helm hooks + installCRDs: true + + global: + image: + repository: argoproj/argocd + tag: v1.3.0 + imagePullPolicy: IfNotPresent + + ## Controller + controller: + name: application-controller + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Argo controller commandline flags + args: + statusProcessors: "20" + operationProcessors: "10" + + ## Argo controller log level + logLevel: info + + ## Additional command line arguments to pass to argocd-controller + ## - key: value + extraArgs: [] + + ## Annotations to be added to controller pods + ## + podAnnotations: {} + + ## Labels to be added to controller pods + ## + podLabels: {} + + ## Configures the controller port + containerPort: 8082 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the controller main container. + volumeMounts: [] + + ## Additional volumes to the controller pod. + volumes: [] + + ## Controller service configuration + service: + annotations: {} + labels: {} + port: 8082 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi + + serviceAccount: + create: true + name: argocd-application-controller + + ## Server metrics controller configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8082 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + ## Enable Admin ClusterRole resources. + ## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster. + clusterAdminAccess: + enabled: true + + ## Dex + dex: + enabled: true + name: dex-server + + image: + repository: quay.io/dexidp/dex + tag: v2.14.0 + imagePullPolicy: IfNotPresent + initImage: + repository: + tag: + imagePullPolicy: + + serviceAccount: + create: true + name: argocd-dex-server + + ## Additional volumeMounts to the controller main container. + volumeMounts: + - name: static-files + mountPath: /shared + + ## Additional volumes to the controller pod. + volumes: + - name: static-files + emptyDir: {} + + ## Dex deployment container ports + containerPortHttp: 5556 + servicePortHttp: 5556 + containerPortGrpc: 5557 + servicePortGrpc: 5557 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + + ## Redis + redis: + enabled: true + name: redis + + image: + repository: redis + tag: 5.0.3 + imagePullPolicy: IfNotPresent + + containerPort: 6379 + servicePort: 6379 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + + volumeMounts: [] + volumes: [] + + ## Server + server: + name: server + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Additional command line arguments to pass to argocd-server + ## - key: value + # extraArgs: [] + # - insecure: true + extraArgs: [] + + ## Argo server log level + logLevel: info + + ## Annotations to be added to controller pods + ## + podAnnotations: {} + + ## Labels to be added to controller pods + ## + podLabels: {} + + ## Configures the server port + containerPort: 8080 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the server main container. + volumeMounts: [] + + ## Additional volumes to the controller pod. + volumes: [] + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 50m + # memory: 64Mi + + ## Certificate configuration + certificate: + enabled: false + domain: argocd.example.com + issuer: {} + additionalHosts: [] + + ## Server service configuration + service: + annotations: {} + labels: {} + type: ClusterIP + servicePortHttp: 80 + servicePortHttps: 443 + + ## Server metrics service configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8083 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + serviceAccount: + create: true + name: argocd-server + + ingress: + enabled: false + annotations: {} + labels: {} + + ## Argo Ingress. + ## Hostnames must be provided if Ingress is enabled. + ## Secrets must be manually created in the namespace + ## + hosts: + [] + # - argocd.example.com + paths: + - / + tls: + [] + # - secretName: argocd-example-tls + # hosts: + # - argocd.example.com + + # Create a OpenShift Route with SSL passthrough for UI and CLI + # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain + # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain: + # If 'hostname' is an empty string "" OpenShift will create a hostname for you. + route: + enabled: false + hostname: "" + + ## ArgoCD config + ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml + config: + # Argo CD's externally facing base URL (optional). Required when configuring SSO + url: https://argocd.example.com + # Argo CD instance label key + application.instanceLabelKey: argocd.argoproj.io/instance + # repositories: | + # - url: git@github.com:group/repo.git + # sshPrivateKeySecret: + # name: secret-name + # key: sshPrivateKey + # oidc.config: | + # name: AzureAD + # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 + # clientID: CLIENT_ID + # clientSecret: $oidc.azuread.clientSecret + # requestedIDTokenClaims: + # groups: + # essential: true + # requestedScopes: + # - openid + # - profile + # - email + + ## ArgoCD rbac config + ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md + rbacConfig: + {} + # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). + # Policy rules are in the form: + # p, subject, resource, action, object, effect + # Role definitions and bindings are in the form: + # g, subject, inherited-subject + # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. + # policy.csv: | + # # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project' + # p, my-org:team-alpha, applications, sync, my-project/*, allow + # # Grant all members of 'my-org:team-beta' admins + # g, my-org:team-beta, role:admin + # policy.default is the name of the default role which Argo CD will falls back to, when + # authorizing API requests (optional). If omitted or empty, users may be still be able to login, + # but will see no apps, projects, etc... + # policy.default: role:readonly + # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). + # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. + # scopes: '[cognito:groups, email]' + + ## Not well tested and not well supported on release v1.0.0. + ## Applications + ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + additionalApplications: [] + # - name: guestbook + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # project: guestbook + # source: + # repoURL: https://github.com/argoproj/argocd-example-apps.git + # targetRevision: HEAD + # path: guestbook + # directory: + # recurse: true + # destination: + # server: https://kubernetes.default.svc + # namespace: guestbook + # syncPolicy: + # automated: + # prune: false + # selfHeal: false + + ## Projects + ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + additionalProjects: [] + # - name: guestbook + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # description: Example Project + # sourceRepos: + # - '*' + # destinations: + # - namespace: guestbook + # server: https://kubernetes.default.svc + # clusterResourceWhitelist: [] + # namespaceResourceBlacklist: + # - group: '' + # kind: ResourceQuota + # - group: '' + # kind: LimitRange + # - group: '' + # kind: NetworkPolicy + # orphanedResources: {} + # roles: [] + # orphanedResources: {} + # roles: [] + + ## Repo Server + repoServer: + name: repo-server + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Additional command line arguments to pass to argocd-repo-server + ## - key: value + extraArgs: [] + + ## Argo repoServer log level + logLevel: info + + ## Annotations to be added to repo server pods + ## + podAnnotations: {} + + ## Labels to be added to repo server pods + ## + podLabels: {} + + ## Configures the repo server port + containerPort: 8081 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the repo server main container. + volumeMounts: [] + + ## Additional volumes to the repo server pod. + volumes: [] + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + + ## Repo server service configuration + service: + annotations: {} + labels: {} + port: 8081 + + ## Repo server metrics service configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8084 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + ## Argo Configs + configs: + knownHosts: + data: + ssh_known_hosts: | + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= + gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf + gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 + ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + tlsCerts: + {} + # data: + # argocd.example.com: | + # -----BEGIN CERTIFICATE----- + # MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL + # BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE + # BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0 + # c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda + # Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT + # YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES + # MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi + # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5 + # NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc + # CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u + # P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G + # ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+ + # YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E + # Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko + # Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J + # kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u + # kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO + # gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7 + # bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86 + # r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/ + # BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn + # Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx + # CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2 + # XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT + # +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr + # d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO + # OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so + # 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr + # jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8 + # 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W + # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK + # XWyb96wrUlv+E8I= + # -----END CERTIFICATE----- + secret: + createSecret: true + githubSecret: "" + gitlabSecret: "" + bitbucketSecret: "" + diff --git a/guides/kubernetes/manual/crd.yaml b/guides/kubernetes/manual/crd.yaml new file mode 100644 index 00000000..e2f128d8 --- /dev/null +++ b/guides/kubernetes/manual/crd.yaml @@ -0,0 +1,19 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: argocds.argoproj.io +spec: + group: argoproj.io + names: + kind: ArgoCD + listKind: ArgoCDList + plural: argocds + singular: argocd + scope: Namespaced + subresources: + status: {} + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/guides/kubernetes/manual/deployment.yaml b/guides/kubernetes/manual/deployment.yaml new file mode 100644 index 00000000..55329702 --- /dev/null +++ b/guides/kubernetes/manual/deployment.yaml @@ -0,0 +1,31 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-operator-helm + namespace: argocd +spec: + replicas: 1 + selector: + matchLabels: + name: argocd-operator-helm + template: + metadata: + labels: + name: argocd-operator-helm + spec: + serviceAccountName: argocd-operator-helm + containers: + - name: argocd-operator-helm + image: quay.io/disposab1e/argocd-operator-helm:v0.0.2 + imagePullPolicy: Always + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: "argocd-operator-helm" diff --git a/guides/kubernetes/manual/namespace.yaml b/guides/kubernetes/manual/namespace.yaml new file mode 100644 index 00000000..8a297d00 --- /dev/null +++ b/guides/kubernetes/manual/namespace.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: argocd + diff --git a/guides/kubernetes/manual/role.yaml b/guides/kubernetes/manual/role.yaml new file mode 100644 index 00000000..2e59c2d4 --- /dev/null +++ b/guides/kubernetes/manual/role.yaml @@ -0,0 +1,81 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: argocd-operator-helm +rules: +- apiGroups: + - "" + resources: + - namespaces + - pods + - services + - services/finalizers + - endpoints + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + - replicasets + verbs: + - '*' +- apiGroups: + - apps + resourceNames: + - argocd-operator-helm + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - "" + resources: + - pods + verbs: + - get +- apiGroups: + - apps + resources: + - replicasets + verbs: + - get +- apiGroups: + - argoproj.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - route.openshift.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - prometheuses + - servicemonitors + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + - rolebindings + - roles + verbs: + - '*' diff --git a/guides/kubernetes/manual/role_binding.yaml b/guides/kubernetes/manual/role_binding.yaml new file mode 100644 index 00000000..655b3802 --- /dev/null +++ b/guides/kubernetes/manual/role_binding.yaml @@ -0,0 +1,12 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: argocd-operator-helm +subjects: +- kind: ServiceAccount + name: argocd-operator-helm + namespace: argocd +roleRef: + kind: ClusterRole + name: argocd-operator-helm + apiGroup: rbac.authorization.k8s.io diff --git a/guides/kubernetes/manual/service_account.yaml b/guides/kubernetes/manual/service_account.yaml new file mode 100644 index 00000000..c26d64ac --- /dev/null +++ b/guides/kubernetes/manual/service_account.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-operator-helm + namespace: argocd diff --git a/guides/kubernetes/manual/usecase.md b/guides/kubernetes/manual/usecase.md new file mode 100644 index 00000000..fd535c65 --- /dev/null +++ b/guides/kubernetes/manual/usecase.md @@ -0,0 +1,39 @@ +# Kubernetes + +## UseCase: Local without Catalog Source from quay.io + +* Create Namespace 'argocd' +* Create ServiceAccount in namespace 'argocd' +* Create ClusterRole +* Create ClusterRoleBinding +* Create Custom Resource Definiton +* Create operator Deployment in namespace 'argocd' + + +## Notice + +* cluster: ClusterRole, ClusterRoleBinding, CustomResourceDefinition +* argocd: SericeAccoount, Operator, Argo CD + + +## Install + +```bash +kubectl apply -f deploy/kubernetes/local/namespace.yaml +kubectl apply -f deploy/kubernetes/local/service_account.yaml +kubectl apply -f deploy/kubernetes/local/role.yaml +kubectl apply -f deploy/kubernetes/local/role_binding.yaml +kubectl apply -f deploy/kubernetes/local/crd.yaml +kubectl apply -f deploy/kubernetes/local/deployment.yaml +``` + +## Uninstall + +```bash +kubectl delete -f deploy/kubernetes/local/deployment.yaml +kubectl delete -f deploy/kubernetes/local/crd.yaml +kubectl delete -f deploy/kubernetes/local/role_binding.yaml +kubectl delete -f deploy/kubernetes/local/role.yaml +kubectl delete -f deploy/kubernetes/local/service_account.yaml +kubectl delete -f deploy/kubernetes/local/namespace.yaml +``` diff --git a/guides/kubernetes/olm/catalog-source.yaml b/guides/kubernetes/olm/catalog-source.yaml new file mode 100644 index 00000000..d3c8e780 --- /dev/null +++ b/guides/kubernetes/olm/catalog-source.yaml @@ -0,0 +1,10 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: argocd-catalog + namespace: olm +spec: + sourceType: grpc + image: quay.io/disposab1e/argocd-operator-helm-registry:0.0.2 + displayName: Argo CD Operator (Helm) Registry + publisher: Disposable Zone \ No newline at end of file diff --git a/guides/kubernetes/olm/namespace.yaml b/guides/kubernetes/olm/namespace.yaml new file mode 100644 index 00000000..8a297d00 --- /dev/null +++ b/guides/kubernetes/olm/namespace.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: argocd + diff --git a/guides/kubernetes/olm/operator-group.yaml b/guides/kubernetes/olm/operator-group.yaml new file mode 100644 index 00000000..36ac48da --- /dev/null +++ b/guides/kubernetes/olm/operator-group.yaml @@ -0,0 +1,8 @@ +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: argocd-operator-helm + namespace: argocd +spec: + targetNamespaces: + - argocd \ No newline at end of file diff --git a/guides/kubernetes/olm/subscription.yaml b/guides/kubernetes/olm/subscription.yaml new file mode 100644 index 00000000..26ad7ddd --- /dev/null +++ b/guides/kubernetes/olm/subscription.yaml @@ -0,0 +1,10 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: argocd-operator-helm + namespace: argocd +spec: + channel: alpha + name: argocd-operator-helm + source: argocd-catalog + sourceNamespace: olm diff --git a/guides/openshift/examples/crc.yaml b/guides/openshift/examples/crc.yaml new file mode 100644 index 00000000..5dfd9e66 --- /dev/null +++ b/guides/openshift/examples/crc.yaml @@ -0,0 +1,575 @@ +apiVersion: argoproj.io/v1alpha1 +kind: ArgoCD +metadata: + name: argocd + namespace: argocd +spec: + # Default values copied from /helm-charts/argo-cd/values.yaml + + ## ArgoCD configuration + ## Ref: https://github.com/argoproj/argo-cd + ## + nameOverride: argocd + fullnameOverride: "" + + # Optional CRD installation for those without Helm hooks + installCRDs: true + + global: + image: + repository: argoproj/argocd + tag: v1.3.0 + imagePullPolicy: IfNotPresent + + ## Controller + controller: + name: application-controller + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Argo controller commandline flags + args: + statusProcessors: "20" + operationProcessors: "10" + + ## Argo controller log level + logLevel: info + + ## Additional command line arguments to pass to argocd-controller + ## - key: value + extraArgs: [] + + ## Annotations to be added to controller pods + ## + podAnnotations: {} + + ## Labels to be added to controller pods + ## + podLabels: {} + + ## Configures the controller port + containerPort: 8082 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the controller main container. + volumeMounts: [] + + ## Additional volumes to the controller pod. + volumes: [] + + ## Controller service configuration + service: + annotations: {} + labels: {} + port: 8082 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi + + serviceAccount: + create: true + name: argocd-application-controller + + ## Server metrics controller configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8082 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + ## Enable Admin ClusterRole resources. + ## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster. + clusterAdminAccess: + enabled: true + + ## Dex + dex: + enabled: true + name: dex-server + + image: + repository: quay.io/dexidp/dex + tag: v2.14.0 + imagePullPolicy: IfNotPresent + initImage: + repository: + tag: + imagePullPolicy: + + serviceAccount: + create: true + name: argocd-dex-server + + ## Additional volumeMounts to the controller main container. + volumeMounts: + - name: static-files + mountPath: /shared + + ## Additional volumes to the controller pod. + volumes: + - name: static-files + emptyDir: {} + + ## Dex deployment container ports + containerPortHttp: 5556 + servicePortHttp: 5556 + containerPortGrpc: 5557 + servicePortGrpc: 5557 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + + ## Redis + redis: + enabled: true + name: redis + + image: + repository: redis + tag: 5.0.3 + imagePullPolicy: IfNotPresent + + containerPort: 6379 + servicePort: 6379 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + + volumeMounts: [] + volumes: [] + + ## Server + server: + name: server + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Additional command line arguments to pass to argocd-server + ## - key: value + # extraArgs: [] + # - insecure: true + extraArgs: [] + + ## Argo server log level + logLevel: info + + ## Annotations to be added to controller pods + ## + podAnnotations: {} + + ## Labels to be added to controller pods + ## + podLabels: {} + + ## Configures the server port + containerPort: 8080 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the server main container. + volumeMounts: [] + + ## Additional volumes to the controller pod. + volumes: [] + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 50m + # memory: 64Mi + + ## Certificate configuration + certificate: + enabled: false + domain: argocd.example.com + issuer: {} + additionalHosts: [] + + ## Server service configuration + service: + annotations: {} + labels: {} + type: ClusterIP + servicePortHttp: 80 + servicePortHttps: 443 + + ## Server metrics service configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8083 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + serviceAccount: + create: true + name: argocd-server + + ingress: + enabled: false + annotations: {} + labels: {} + + ## Argo Ingress. + ## Hostnames must be provided if Ingress is enabled. + ## Secrets must be manually created in the namespace + ## + hosts: + [] + # - argocd.example.com + paths: + - / + tls: + [] + # - secretName: argocd-example-tls + # hosts: + # - argocd.example.com + + # Create a OpenShift Route with SSL passthrough for UI and CLI + # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain + # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain: + # If 'hostname' is an empty string "" OpenShift will create a hostname for you. + route: + enabled: true + hostname: "" + + ## ArgoCD config + ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml + config: + # Argo CD's externally facing base URL (optional). Required when configuring SSO + url: https://argocd.example.com + # Argo CD instance label key + application.instanceLabelKey: argocd.argoproj.io/instance + # repositories: | + # - url: git@github.com:group/repo.git + # sshPrivateKeySecret: + # name: secret-name + # key: sshPrivateKey + # oidc.config: | + # name: AzureAD + # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 + # clientID: CLIENT_ID + # clientSecret: $oidc.azuread.clientSecret + # requestedIDTokenClaims: + # groups: + # essential: true + # requestedScopes: + # - openid + # - profile + # - email + + ## ArgoCD rbac config + ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md + rbacConfig: + {} + # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). + # Policy rules are in the form: + # p, subject, resource, action, object, effect + # Role definitions and bindings are in the form: + # g, subject, inherited-subject + # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. + # policy.csv: | + # # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project' + # p, my-org:team-alpha, applications, sync, my-project/*, allow + # # Grant all members of 'my-org:team-beta' admins + # g, my-org:team-beta, role:admin + # policy.default is the name of the default role which Argo CD will falls back to, when + # authorizing API requests (optional). If omitted or empty, users may be still be able to login, + # but will see no apps, projects, etc... + # policy.default: role:readonly + # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). + # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. + # scopes: '[cognito:groups, email]' + + ## Not well tested and not well supported on release v1.0.0. + ## Applications + ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + additionalApplications: [] + # - name: guestbook + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # project: guestbook + # source: + # repoURL: https://github.com/argoproj/argocd-example-apps.git + # targetRevision: HEAD + # path: guestbook + # directory: + # recurse: true + # destination: + # server: https://kubernetes.default.svc + # namespace: guestbook + # syncPolicy: + # automated: + # prune: false + # selfHeal: false + + ## Projects + ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + additionalProjects: [] + # - name: guestbook + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # description: Example Project + # sourceRepos: + # - '*' + # destinations: + # - namespace: guestbook + # server: https://kubernetes.default.svc + # clusterResourceWhitelist: [] + # namespaceResourceBlacklist: + # - group: '' + # kind: ResourceQuota + # - group: '' + # kind: LimitRange + # - group: '' + # kind: NetworkPolicy + # orphanedResources: {} + # roles: [] + # orphanedResources: {} + # roles: [] + + ## Repo Server + repoServer: + name: repo-server + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Additional command line arguments to pass to argocd-repo-server + ## - key: value + extraArgs: [] + + ## Argo repoServer log level + logLevel: info + + ## Annotations to be added to repo server pods + ## + podAnnotations: {} + + ## Labels to be added to repo server pods + ## + podLabels: {} + + ## Configures the repo server port + containerPort: 8081 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the repo server main container. + volumeMounts: [] + + ## Additional volumes to the repo server pod. + volumes: [] + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + + ## Repo server service configuration + service: + annotations: {} + labels: {} + port: 8081 + + ## Repo server metrics service configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8084 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + ## Argo Configs + configs: + knownHosts: + data: + ssh_known_hosts: | + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= + gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf + gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 + ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + tlsCerts: + {} + # data: + # argocd.example.com: | + # -----BEGIN CERTIFICATE----- + # MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL + # BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE + # BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0 + # c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda + # Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT + # YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES + # MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi + # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5 + # NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc + # CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u + # P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G + # ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+ + # YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E + # Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko + # Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J + # kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u + # kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO + # gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7 + # bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86 + # r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/ + # BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn + # Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx + # CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2 + # XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT + # +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr + # d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO + # OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so + # 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr + # jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8 + # 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W + # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK + # XWyb96wrUlv+E8I= + # -----END CERTIFICATE----- + secret: + createSecret: true + githubSecret: "" + gitlabSecret: "" + bitbucketSecret: "" + diff --git a/guides/openshift/manual/crd.yaml b/guides/openshift/manual/crd.yaml new file mode 100644 index 00000000..e2f128d8 --- /dev/null +++ b/guides/openshift/manual/crd.yaml @@ -0,0 +1,19 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: argocds.argoproj.io +spec: + group: argoproj.io + names: + kind: ArgoCD + listKind: ArgoCDList + plural: argocds + singular: argocd + scope: Namespaced + subresources: + status: {} + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/guides/openshift/manual/deployment.yaml b/guides/openshift/manual/deployment.yaml new file mode 100644 index 00000000..55329702 --- /dev/null +++ b/guides/openshift/manual/deployment.yaml @@ -0,0 +1,31 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-operator-helm + namespace: argocd +spec: + replicas: 1 + selector: + matchLabels: + name: argocd-operator-helm + template: + metadata: + labels: + name: argocd-operator-helm + spec: + serviceAccountName: argocd-operator-helm + containers: + - name: argocd-operator-helm + image: quay.io/disposab1e/argocd-operator-helm:v0.0.2 + imagePullPolicy: Always + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: "argocd-operator-helm" diff --git a/guides/openshift/manual/namespace.yaml b/guides/openshift/manual/namespace.yaml new file mode 100644 index 00000000..8a297d00 --- /dev/null +++ b/guides/openshift/manual/namespace.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: argocd + diff --git a/guides/openshift/manual/role.yaml b/guides/openshift/manual/role.yaml new file mode 100644 index 00000000..2e59c2d4 --- /dev/null +++ b/guides/openshift/manual/role.yaml @@ -0,0 +1,81 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: argocd-operator-helm +rules: +- apiGroups: + - "" + resources: + - namespaces + - pods + - services + - services/finalizers + - endpoints + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + - replicasets + verbs: + - '*' +- apiGroups: + - apps + resourceNames: + - argocd-operator-helm + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - "" + resources: + - pods + verbs: + - get +- apiGroups: + - apps + resources: + - replicasets + verbs: + - get +- apiGroups: + - argoproj.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - route.openshift.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - prometheuses + - servicemonitors + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + - rolebindings + - roles + verbs: + - '*' diff --git a/guides/openshift/manual/role_binding.yaml b/guides/openshift/manual/role_binding.yaml new file mode 100644 index 00000000..655b3802 --- /dev/null +++ b/guides/openshift/manual/role_binding.yaml @@ -0,0 +1,12 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: argocd-operator-helm +subjects: +- kind: ServiceAccount + name: argocd-operator-helm + namespace: argocd +roleRef: + kind: ClusterRole + name: argocd-operator-helm + apiGroup: rbac.authorization.k8s.io diff --git a/guides/openshift/manual/service_account.yaml b/guides/openshift/manual/service_account.yaml new file mode 100644 index 00000000..c26d64ac --- /dev/null +++ b/guides/openshift/manual/service_account.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-operator-helm + namespace: argocd diff --git a/guides/openshift/olm/catalog-source.yaml b/guides/openshift/olm/catalog-source.yaml new file mode 100644 index 00000000..975b7be3 --- /dev/null +++ b/guides/openshift/olm/catalog-source.yaml @@ -0,0 +1,10 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: argocd-catalog + namespace: openshift-marketplace +spec: + sourceType: grpc + image: quay.io/disposab1e/argocd-operator-helm-registry:0.0.2 + displayName: Argo CD Operators + publisher: Argo CD \ No newline at end of file diff --git a/guides/openshift/olm/namespace.yaml b/guides/openshift/olm/namespace.yaml new file mode 100644 index 00000000..8a297d00 --- /dev/null +++ b/guides/openshift/olm/namespace.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: argocd + diff --git a/guides/openshift/olm/operator-group.yaml b/guides/openshift/olm/operator-group.yaml new file mode 100644 index 00000000..36ac48da --- /dev/null +++ b/guides/openshift/olm/operator-group.yaml @@ -0,0 +1,8 @@ +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: argocd-operator-helm + namespace: argocd +spec: + targetNamespaces: + - argocd \ No newline at end of file diff --git a/guides/openshift/olm/subscription.yaml b/guides/openshift/olm/subscription.yaml new file mode 100644 index 00000000..4f574846 --- /dev/null +++ b/guides/openshift/olm/subscription.yaml @@ -0,0 +1,10 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: argocd-operator-helm + namespace: argocd +spec: + channel: alpha + name: argocd-operator-helm + source: argocd-catalog + sourceNamespace: openshift-marketplace diff --git a/hack/build.sh b/hack/build.sh new file mode 100755 index 00000000..44e991e6 --- /dev/null +++ b/hack/build.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +set -e + +HACK_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +source ${HACK_DIR}/env.sh + +operator-sdk build ${ARGOCD_OPERATOR_IMAGE} + diff --git a/hack/bundle.sh b/hack/bundle.sh new file mode 100755 index 00000000..eb94f30f --- /dev/null +++ b/hack/bundle.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +set -e + +HACK_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +source ${HACK_DIR}/env.sh + +# Perform metadata syntax checking and validation on the artifacts +operator-courier --verbose verify ${ARGOCD_OPERATOR_BUNDLE_MANIFEST_DIR} + +# Create bundle build directory +mkdir -p ${ARGOCD_OPERATOR_BUNDLE_BUILD_DIR} + +# Copy bundle artifacts +cp -r ${ARGOCD_OPERATOR_BUNDLE_DIR}/* ${ARGOCD_OPERATOR_BUNDLE_BUILD_DIR}/ + +# Copy manifests +mkdir -p ${ARGOCD_OPERATOR_BUNDLE_BUILD_DIR}/manifests +cp -r ${ARGOCD_OPERATOR_BUNDLE_MANIFEST_DIR} ${ARGOCD_OPERATOR_BUNDLE_BUILD_DIR}/manifests/ + +# Build the bundle registry container image +docker build -t ${ARGOCD_OPERATOR_BUNDLE_IMAGE} ${ARGOCD_OPERATOR_BUNDLE_BUILD_DIR} +docker push ${ARGOCD_OPERATOR_BUNDLE_IMAGE} \ No newline at end of file diff --git a/hack/env.sh b/hack/env.sh new file mode 100755 index 00000000..a3746865 --- /dev/null +++ b/hack/env.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +# General vars +export ARGOCD_OPERATOR_NAME=${ARGOCD_OPERATOR_NAME:-"argocd-operator-helm"} + +# Container image vars +export ARGOCD_OPERATOR_IMAGE_REPO=${ARGOCD_OPERATOR_IMAGE_REPO:-"quay.io/disposab1e/${ARGOCD_OPERATOR_NAME}"} +export ARGOCD_OPERATOR_IMAGE_TAG=${ARGOCD_OPERATOR_IMAGE_TAG:-"v0.0.2"} +export ARGOCD_OPERATOR_IMAGE=${ARGOCD_OPERATOR_IMAGE:-"${ARGOCD_OPERATOR_IMAGE_REPO}:${ARGOCD_OPERATOR_IMAGE_TAG}"} + +# Operator bundle vars +export ARGOCD_OPERATOR_BUNDLE_DIR=${ARGOCD_OPERATOR_BUNDLE_DIR:-"build/bundle"} +export ARGOCD_OPERATOR_BUNDLE_BUILD_DIR=${ARGOCD_OPERATOR_BUNDLE_BUILD_DIR:-"build/_output/bundle"} +export ARGOCD_OPERATOR_BUNDLE_MANIFEST_DIR=${ARGOCD_OPERATOR_BUNDLE_MANIFEST_DIR:-"deploy/olm-catalog/${ARGOCD_OPERATOR_NAME}"} +export ARGOCD_OPERATOR_BUNDLE_IMAGE_NAME=${ARGOCD_OPERATOR_BUNDLE_IMAGE_NAME:-"${ARGOCD_OPERATOR_NAME}-registry"} +export ARGOCD_OPERATOR_BUNDLE_IMAGE_REPO=${ARGOCD_OPERATOR_BUNDLE_IMAGE_REPO:-"quay.io/disposab1e/${ARGOCD_OPERATOR_BUNDLE_IMAGE_NAME}"} +export ARGOCD_OPERATOR_BUNDLE_IMAGE_TAG=${ARGOCD_OPERATOR_BUNDLE_IMAGE_TAG:-"0.0.2"} +export ARGOCD_OPERATOR_BUNDLE_IMAGE=${ARGOCD_OPERATOR_BUNDLE_IMAGE:-"${ARGOCD_OPERATOR_BUNDLE_IMAGE_REPO}:${ARGOCD_OPERATOR_BUNDLE_IMAGE_TAG}"} + +# Misc +export GO111MODULE=on \ No newline at end of file diff --git a/hack/push.sh b/hack/push.sh new file mode 100755 index 00000000..833e956f --- /dev/null +++ b/hack/push.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +HACK_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +source ${HACK_DIR}/env.sh + +docker push ${ARGOCD_OPERATOR_IMAGE} diff --git a/quickstart/kubernetes/argocd.yaml b/quickstart/kubernetes/argocd.yaml new file mode 100644 index 00000000..387497cb --- /dev/null +++ b/quickstart/kubernetes/argocd.yaml @@ -0,0 +1,575 @@ +apiVersion: argoproj.io/v1alpha1 +kind: ArgoCD +metadata: + name: argocd + namespace: argocd +spec: + # Default values copied from /helm-charts/argo-cd/values.yaml + + ## ArgoCD configuration + ## Ref: https://github.com/argoproj/argo-cd + ## + nameOverride: argocd + fullnameOverride: "" + + # Optional CRD installation for those without Helm hooks + installCRDs: true + + global: + image: + repository: argoproj/argocd + tag: v1.3.0 + imagePullPolicy: IfNotPresent + + ## Controller + controller: + name: application-controller + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Argo controller commandline flags + args: + statusProcessors: "20" + operationProcessors: "10" + + ## Argo controller log level + logLevel: info + + ## Additional command line arguments to pass to argocd-controller + ## - key: value + extraArgs: [] + + ## Annotations to be added to controller pods + ## + podAnnotations: {} + + ## Labels to be added to controller pods + ## + podLabels: {} + + ## Configures the controller port + containerPort: 8082 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the controller main container. + volumeMounts: [] + + ## Additional volumes to the controller pod. + volumes: [] + + ## Controller service configuration + service: + annotations: {} + labels: {} + port: 8082 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi + + serviceAccount: + create: true + name: argocd-application-controller + + ## Server metrics controller configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8082 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + ## Enable Admin ClusterRole resources. + ## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster. + clusterAdminAccess: + enabled: true + + ## Dex + dex: + enabled: true + name: dex-server + + image: + repository: quay.io/dexidp/dex + tag: v2.14.0 + imagePullPolicy: IfNotPresent + initImage: + repository: + tag: + imagePullPolicy: + + serviceAccount: + create: true + name: argocd-dex-server + + ## Additional volumeMounts to the controller main container. + volumeMounts: + - name: static-files + mountPath: /shared + + ## Additional volumes to the controller pod. + volumes: + - name: static-files + emptyDir: {} + + ## Dex deployment container ports + containerPortHttp: 5556 + servicePortHttp: 5556 + containerPortGrpc: 5557 + servicePortGrpc: 5557 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + + ## Redis + redis: + enabled: true + name: redis + + image: + repository: redis + tag: 5.0.3 + imagePullPolicy: IfNotPresent + + containerPort: 6379 + servicePort: 6379 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + + volumeMounts: [] + volumes: [] + + ## Server + server: + name: server + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Additional command line arguments to pass to argocd-server + ## - key: value + # extraArgs: [] + # - insecure: true + extraArgs: [] + + ## Argo server log level + logLevel: info + + ## Annotations to be added to controller pods + ## + podAnnotations: {} + + ## Labels to be added to controller pods + ## + podLabels: {} + + ## Configures the server port + containerPort: 8080 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the server main container. + volumeMounts: [] + + ## Additional volumes to the controller pod. + volumes: [] + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 50m + # memory: 64Mi + + ## Certificate configuration + certificate: + enabled: false + domain: argocd.example.com + issuer: {} + additionalHosts: [] + + ## Server service configuration + service: + annotations: {} + labels: {} + type: ClusterIP + servicePortHttp: 80 + servicePortHttps: 443 + + ## Server metrics service configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8083 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + serviceAccount: + create: true + name: argocd-server + + ingress: + enabled: false + annotations: {} + labels: {} + + ## Argo Ingress. + ## Hostnames must be provided if Ingress is enabled. + ## Secrets must be manually created in the namespace + ## + hosts: + [] + # - argocd.example.com + paths: + - / + tls: + [] + # - secretName: argocd-example-tls + # hosts: + # - argocd.example.com + + # Create a OpenShift Route with SSL passthrough for UI and CLI + # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain + # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain: + # If 'hostname' is an empty string "" OpenShift will create a hostname for you. + route: + enabled: false + hostname: "" + + ## ArgoCD config + ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml + config: + # Argo CD's externally facing base URL (optional). Required when configuring SSO + url: https://argocd.example.com + # Argo CD instance label key + application.instanceLabelKey: argocd.argoproj.io/instance + # repositories: | + # - url: git@github.com:group/repo.git + # sshPrivateKeySecret: + # name: secret-name + # key: sshPrivateKey + # oidc.config: | + # name: AzureAD + # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 + # clientID: CLIENT_ID + # clientSecret: $oidc.azuread.clientSecret + # requestedIDTokenClaims: + # groups: + # essential: true + # requestedScopes: + # - openid + # - profile + # - email + + ## ArgoCD rbac config + ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md + rbacConfig: + {} + # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). + # Policy rules are in the form: + # p, subject, resource, action, object, effect + # Role definitions and bindings are in the form: + # g, subject, inherited-subject + # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. + # policy.csv: | + # # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project' + # p, my-org:team-alpha, applications, sync, my-project/*, allow + # # Grant all members of 'my-org:team-beta' admins + # g, my-org:team-beta, role:admin + # policy.default is the name of the default role which Argo CD will falls back to, when + # authorizing API requests (optional). If omitted or empty, users may be still be able to login, + # but will see no apps, projects, etc... + # policy.default: role:readonly + # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). + # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. + # scopes: '[cognito:groups, email]' + + ## Not well tested and not well supported on release v1.0.0. + ## Applications + ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + additionalApplications: [] + # - name: guestbook + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # project: guestbook + # source: + # repoURL: https://github.com/argoproj/argocd-example-apps.git + # targetRevision: HEAD + # path: guestbook + # directory: + # recurse: true + # destination: + # server: https://kubernetes.default.svc + # namespace: guestbook + # syncPolicy: + # automated: + # prune: false + # selfHeal: false + + ## Projects + ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + additionalProjects: [] + # - name: guestbook + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # description: Example Project + # sourceRepos: + # - '*' + # destinations: + # - namespace: guestbook + # server: https://kubernetes.default.svc + # clusterResourceWhitelist: [] + # namespaceResourceBlacklist: + # - group: '' + # kind: ResourceQuota + # - group: '' + # kind: LimitRange + # - group: '' + # kind: NetworkPolicy + # orphanedResources: {} + # roles: [] + # orphanedResources: {} + # roles: [] + + ## Repo Server + repoServer: + name: repo-server + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Additional command line arguments to pass to argocd-repo-server + ## - key: value + extraArgs: [] + + ## Argo repoServer log level + logLevel: info + + ## Annotations to be added to repo server pods + ## + podAnnotations: {} + + ## Labels to be added to repo server pods + ## + podLabels: {} + + ## Configures the repo server port + containerPort: 8081 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the repo server main container. + volumeMounts: [] + + ## Additional volumes to the repo server pod. + volumes: [] + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + + ## Repo server service configuration + service: + annotations: {} + labels: {} + port: 8081 + + ## Repo server metrics service configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8084 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + ## Argo Configs + configs: + knownHosts: + data: + ssh_known_hosts: | + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= + gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf + gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 + ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + tlsCerts: + {} + # data: + # argocd.example.com: | + # -----BEGIN CERTIFICATE----- + # MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL + # BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE + # BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0 + # c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda + # Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT + # YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES + # MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi + # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5 + # NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc + # CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u + # P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G + # ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+ + # YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E + # Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko + # Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J + # kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u + # kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO + # gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7 + # bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86 + # r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/ + # BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn + # Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx + # CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2 + # XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT + # +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr + # d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO + # OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so + # 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr + # jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8 + # 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W + # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK + # XWyb96wrUlv+E8I= + # -----END CERTIFICATE----- + secret: + createSecret: true + githubSecret: "" + gitlabSecret: "" + bitbucketSecret: "" + diff --git a/quickstart/kubernetes/quickstart.yaml b/quickstart/kubernetes/quickstart.yaml new file mode 100644 index 00000000..9c4fc2a3 --- /dev/null +++ b/quickstart/kubernetes/quickstart.yaml @@ -0,0 +1,35 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: argocd +--- +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: argocd-operator-helm + namespace: argocd +spec: + targetNamespaces: + - argocd +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: argocd-catalog + namespace: olm +spec: + sourceType: grpc + image: quay.io/disposab1e/argocd-operator-helm-registry:0.0.2 + displayName: Argo CD Operator (Helm) Registry + publisher: Disposable Zone +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: argocd-operator-helm + namespace: argocd +spec: + channel: alpha + name: argocd-operator-helm + source: argocd-catalog + sourceNamespace: olm diff --git a/quickstart/openshift/argocd.yaml b/quickstart/openshift/argocd.yaml new file mode 100644 index 00000000..5dfd9e66 --- /dev/null +++ b/quickstart/openshift/argocd.yaml @@ -0,0 +1,575 @@ +apiVersion: argoproj.io/v1alpha1 +kind: ArgoCD +metadata: + name: argocd + namespace: argocd +spec: + # Default values copied from /helm-charts/argo-cd/values.yaml + + ## ArgoCD configuration + ## Ref: https://github.com/argoproj/argo-cd + ## + nameOverride: argocd + fullnameOverride: "" + + # Optional CRD installation for those without Helm hooks + installCRDs: true + + global: + image: + repository: argoproj/argocd + tag: v1.3.0 + imagePullPolicy: IfNotPresent + + ## Controller + controller: + name: application-controller + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Argo controller commandline flags + args: + statusProcessors: "20" + operationProcessors: "10" + + ## Argo controller log level + logLevel: info + + ## Additional command line arguments to pass to argocd-controller + ## - key: value + extraArgs: [] + + ## Annotations to be added to controller pods + ## + podAnnotations: {} + + ## Labels to be added to controller pods + ## + podLabels: {} + + ## Configures the controller port + containerPort: 8082 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the controller main container. + volumeMounts: [] + + ## Additional volumes to the controller pod. + volumes: [] + + ## Controller service configuration + service: + annotations: {} + labels: {} + port: 8082 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi + + serviceAccount: + create: true + name: argocd-application-controller + + ## Server metrics controller configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8082 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + ## Enable Admin ClusterRole resources. + ## Enable if you would like to grant rights to ArgoCD to deploy to the local kuberentes cluster. + clusterAdminAccess: + enabled: true + + ## Dex + dex: + enabled: true + name: dex-server + + image: + repository: quay.io/dexidp/dex + tag: v2.14.0 + imagePullPolicy: IfNotPresent + initImage: + repository: + tag: + imagePullPolicy: + + serviceAccount: + create: true + name: argocd-dex-server + + ## Additional volumeMounts to the controller main container. + volumeMounts: + - name: static-files + mountPath: /shared + + ## Additional volumes to the controller pod. + volumes: + - name: static-files + emptyDir: {} + + ## Dex deployment container ports + containerPortHttp: 5556 + servicePortHttp: 5556 + containerPortGrpc: 5557 + servicePortGrpc: 5557 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + + ## Redis + redis: + enabled: true + name: redis + + image: + repository: redis + tag: 5.0.3 + imagePullPolicy: IfNotPresent + + containerPort: 6379 + servicePort: 6379 + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + + volumeMounts: [] + volumes: [] + + ## Server + server: + name: server + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Additional command line arguments to pass to argocd-server + ## - key: value + # extraArgs: [] + # - insecure: true + extraArgs: [] + + ## Argo server log level + logLevel: info + + ## Annotations to be added to controller pods + ## + podAnnotations: {} + + ## Labels to be added to controller pods + ## + podLabels: {} + + ## Configures the server port + containerPort: 8080 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the server main container. + volumeMounts: [] + + ## Additional volumes to the controller pod. + volumes: [] + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 50m + # memory: 64Mi + + ## Certificate configuration + certificate: + enabled: false + domain: argocd.example.com + issuer: {} + additionalHosts: [] + + ## Server service configuration + service: + annotations: {} + labels: {} + type: ClusterIP + servicePortHttp: 80 + servicePortHttps: 443 + + ## Server metrics service configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8083 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + serviceAccount: + create: true + name: argocd-server + + ingress: + enabled: false + annotations: {} + labels: {} + + ## Argo Ingress. + ## Hostnames must be provided if Ingress is enabled. + ## Secrets must be manually created in the namespace + ## + hosts: + [] + # - argocd.example.com + paths: + - / + tls: + [] + # - secretName: argocd-example-tls + # hosts: + # - argocd.example.com + + # Create a OpenShift Route with SSL passthrough for UI and CLI + # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain + # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain: + # If 'hostname' is an empty string "" OpenShift will create a hostname for you. + route: + enabled: true + hostname: "" + + ## ArgoCD config + ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml + config: + # Argo CD's externally facing base URL (optional). Required when configuring SSO + url: https://argocd.example.com + # Argo CD instance label key + application.instanceLabelKey: argocd.argoproj.io/instance + # repositories: | + # - url: git@github.com:group/repo.git + # sshPrivateKeySecret: + # name: secret-name + # key: sshPrivateKey + # oidc.config: | + # name: AzureAD + # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0 + # clientID: CLIENT_ID + # clientSecret: $oidc.azuread.clientSecret + # requestedIDTokenClaims: + # groups: + # essential: true + # requestedScopes: + # - openid + # - profile + # - email + + ## ArgoCD rbac config + ## reference https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md + rbacConfig: + {} + # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). + # Policy rules are in the form: + # p, subject, resource, action, object, effect + # Role definitions and bindings are in the form: + # g, subject, inherited-subject + # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. + # policy.csv: | + # # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project' + # p, my-org:team-alpha, applications, sync, my-project/*, allow + # # Grant all members of 'my-org:team-beta' admins + # g, my-org:team-beta, role:admin + # policy.default is the name of the default role which Argo CD will falls back to, when + # authorizing API requests (optional). If omitted or empty, users may be still be able to login, + # but will see no apps, projects, etc... + # policy.default: role:readonly + # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). + # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings. + # scopes: '[cognito:groups, email]' + + ## Not well tested and not well supported on release v1.0.0. + ## Applications + ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + additionalApplications: [] + # - name: guestbook + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # project: guestbook + # source: + # repoURL: https://github.com/argoproj/argocd-example-apps.git + # targetRevision: HEAD + # path: guestbook + # directory: + # recurse: true + # destination: + # server: https://kubernetes.default.svc + # namespace: guestbook + # syncPolicy: + # automated: + # prune: false + # selfHeal: false + + ## Projects + ## reference: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ + additionalProjects: [] + # - name: guestbook + # namespace: argocd + # additionalLabels: {} + # additionalAnnotations: {} + # description: Example Project + # sourceRepos: + # - '*' + # destinations: + # - namespace: guestbook + # server: https://kubernetes.default.svc + # clusterResourceWhitelist: [] + # namespaceResourceBlacklist: + # - group: '' + # kind: ResourceQuota + # - group: '' + # kind: LimitRange + # - group: '' + # kind: NetworkPolicy + # orphanedResources: {} + # roles: [] + # orphanedResources: {} + # roles: [] + + ## Repo Server + repoServer: + name: repo-server + + image: + repository: # argoproj/argocd + tag: # v1.3.0 + imagePullPolicy: # IfNotPresent + + ## Additional command line arguments to pass to argocd-repo-server + ## - key: value + extraArgs: [] + + ## Argo repoServer log level + logLevel: info + + ## Annotations to be added to repo server pods + ## + podAnnotations: {} + + ## Labels to be added to repo server pods + ## + podLabels: {} + + ## Configures the repo server port + containerPort: 8081 + + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + + ## Additional volumeMounts to the repo server main container. + volumeMounts: [] + + ## Additional volumes to the repo server pod. + volumes: [] + + ## Node selectors and tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + nodeSelector: {} + tolerations: [] + affinity: {} + + priorityClassName: "" + + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + + ## Repo server service configuration + service: + annotations: {} + labels: {} + port: 8081 + + ## Repo server metrics service configuration + metrics: + enabled: false + service: + annotations: {} + labels: {} + servicePort: 8084 + serviceMonitor: + enabled: false + # selector: + # prometheus: kube-prometheus + # namespace: monitoring + # additionalLabels: {} + + ## Argo Configs + configs: + knownHosts: + data: + ssh_known_hosts: | + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= + gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf + gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 + ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + tlsCerts: + {} + # data: + # argocd.example.com: | + # -----BEGIN CERTIFICATE----- + # MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL + # BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE + # BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0 + # c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda + # Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT + # YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES + # MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi + # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5 + # NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc + # CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u + # P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G + # ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+ + # YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E + # Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko + # Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J + # kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u + # kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO + # gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7 + # bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86 + # r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/ + # BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn + # Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx + # CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2 + # XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT + # +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr + # d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO + # OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so + # 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr + # jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8 + # 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W + # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK + # XWyb96wrUlv+E8I= + # -----END CERTIFICATE----- + secret: + createSecret: true + githubSecret: "" + gitlabSecret: "" + bitbucketSecret: "" + diff --git a/quickstart/openshift/quickstart.yaml b/quickstart/openshift/quickstart.yaml new file mode 100644 index 00000000..440207bb --- /dev/null +++ b/quickstart/openshift/quickstart.yaml @@ -0,0 +1,35 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: argocd +--- +apiVersion: operators.coreos.com/v1alpha2 +kind: OperatorGroup +metadata: + name: argocd-operators-helm + namespace: argocd +spec: + targetNamespaces: + - argocd +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: CatalogSource +metadata: + name: argocd-catalog + namespace: openshift-marketplace +spec: + sourceType: grpc + image: quay.io/disposab1e/argocd-operator-helm-registry:0.0.2 + displayName: Argo CD Operators + publisher: Argo CD +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: argocd-operator-helm + namespace: argocd +spec: + channel: alpha + name: argocd-operator-helm + source: argocd-catalog + sourceNamespace: openshift-marketplace