davad/argo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge remote-tracking branch 'origin/main'

Browse source
This commit is contained in:
David Landry 2024-02-02 21:14:04 -05:00
commit 3439c614d7
65 changed files with 1185 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

21
projects/README.md Normal file
View file

@ -0,0 +1,21 @@
# Projects
This directory contains all of your `argocd-autopilot` projects. Projects provide a way to logically group applications and easily control things such as defaults and restrictions.
### Creating a new project
To create a new project run:
```bash
export GIT_TOKEN=<YOUR_TOKEN>
export GIT_REPO=<REPO_URL>
argocd-autopilot project create <PROJECT_NAME>
```
### Creating a new project on different cluster
You can create a project that deploys applications to a different cluster, instead of the cluster where Argo-CD is installed. To do that run:
```bash
export GIT_TOKEN=<YOUR_TOKEN>
export GIT_REPO=<REPO_URL>
argocd-autopilot project create <PROJECT_NAME> --dest-kube-context <CONTEXT_NAME>
```
Now all applications in this project that do not explicitly specify a different `--dest-server` will be created on the project's destination server.

93
projects/games.yaml Normal file
View file

@ -0,0 +1,93 @@
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
annotations:
argocd-autopilot.argoproj-labs.io/default-dest-server: https://kubernetes.default.svc
argocd.argoproj.io/sync-options: PruneLast=true
argocd.argoproj.io/sync-wave: "-2"
creationTimestamp: null
name: games
namespace: argocd
spec:
clusterResourceWhitelist:
- group: "*"
kind: "*"
description: games project
destinations:
- namespace: "*"
server: "*"
namespaceResourceWhitelist:
- group: "*"
kind: "*"
sourceRepos:
- "*"
status: {}
---
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
annotations:
argocd.argoproj.io/sync-wave: "0"
creationTimestamp: null
name: games
namespace: argocd
spec:
generators:
- git:
files:
- path: apps/**/games/config.json
repoURL: ssh://git@gitea-ssh.gitops.svc.cluster.local:2222/davad/argo.git
requeueAfterSeconds: 20
revision: ""
template:
metadata: {}
spec:
destination: {}
project: ""
- git:
files:
- path: apps/**/games/config_dir.json
repoURL: ssh://git@gitea-ssh.gitops.svc.cluster.local:2222/davad/argo.git
requeueAfterSeconds: 20
revision: ""
template:
metadata: {}
spec:
destination: {}
project: ""
source:
directory:
exclude: "{{ exclude }}"
include: "{{ include }}"
jsonnet: {}
recurse: true
repoURL: ""
syncPolicy: {}
template:
metadata:
labels:
app.kubernetes.io/managed-by: argocd-autopilot
app.kubernetes.io/name: "{{ appName }}"
name: games-{{ userGivenName }}
namespace: argocd
spec:
destination:
namespace: "{{ destNamespace }}"
server: "{{ destServer }}"
ignoreDifferences:
- group: argoproj.io
jsonPointers:
- /status
kind: Application
project: games
source:
path: "{{ srcPath }}"
repoURL: "{{ srcRepoURL }}"
targetRevision: "{{ srcTargetRevision }}"
syncPolicy:
automated:
allowEmpty: true
prune: true
selfHeal: true
status: {}

93
projects/media.yaml Normal file
View file

@ -0,0 +1,93 @@
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
annotations:
argocd-autopilot.argoproj-labs.io/default-dest-server: https://kubernetes.default.svc
argocd.argoproj.io/sync-options: PruneLast=true
argocd.argoproj.io/sync-wave: "-2"
creationTimestamp: null
name: media
namespace: argocd
spec:
clusterResourceWhitelist:
- group: "*"
kind: "*"
description: media project
destinations:
- namespace: "*"
server: "*"
namespaceResourceWhitelist:
- group: "*"
kind: "*"
sourceRepos:
- "*"
status: {}
---
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
annotations:
argocd.argoproj.io/sync-wave: "0"
creationTimestamp: null
name: media
namespace: argocd
spec:
generators:
- git:
files:
- path: apps/**/media/config.json
repoURL: ssh://git@gitea-ssh.gitops.svc.cluster.local:2222/davad/argo.git
requeueAfterSeconds: 20
revision: ""
template:
metadata: {}
spec:
destination: {}
project: ""
- git:
files:
- path: apps/**/media/config_dir.json
repoURL: ssh://git@gitea-ssh.gitops.svc.cluster.local:2222/davad/argo.git
requeueAfterSeconds: 20
revision: ""
template:
metadata: {}
spec:
destination: {}
project: ""
source:
directory:
exclude: "{{ exclude }}"
include: "{{ include }}"
jsonnet: {}
recurse: true
repoURL: ""
syncPolicy: {}
template:
metadata:
labels:
app.kubernetes.io/managed-by: argocd-autopilot
app.kubernetes.io/name: "{{ appName }}"
name: media-{{ userGivenName }}
namespace: argocd
spec:
destination:
namespace: "{{ destNamespace }}"
server: "{{ destServer }}"
ignoreDifferences:
- group: argoproj.io
jsonPointers:
- /status
kind: Application
project: media
source:
path: "{{ srcPath }}"
repoURL: "{{ srcRepoURL }}"
targetRevision: "{{ srcTargetRevision }}"
syncPolicy:
automated:
allowEmpty: true
prune: true
selfHeal: true
status: {}

23
projects/media/.helmignore
View file

@ -1,23 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

12
projects/media/Chart.yaml
View file

@ -1,12 +0,0 @@
---
apiVersion: v2
name: media
type: application
version: 1.0.0
appVersion: "1.16.1"
description: App-of-apps for self-hosted media applications
dependencies:
- name: app-of-apps
version: 1.0.2
repository: file://../../charts/app-of-apps

12
projects/media/values.yaml
View file

@ -1,12 +0,0 @@
---
app-of-apps:
project: default
destination:
server: https://kubernetes.default.svc
source:
repoURL: ssh://git@gitea-ssh.gitops.svc.cluster.local:2222/davad/argo.git
path: apps
apps:
- name: kavita
namespace: media
path: kavita

93
projects/system.yaml Normal file
View file

@ -0,0 +1,93 @@
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
annotations:
argocd-autopilot.argoproj-labs.io/default-dest-server: https://kubernetes.default.svc
argocd.argoproj.io/sync-options: PruneLast=true
argocd.argoproj.io/sync-wave: "-2"
creationTimestamp: null
name: system
namespace: argocd
spec:
clusterResourceWhitelist:
- group: "*"
kind: "*"
description: system project
destinations:
- namespace: "*"
server: "*"
namespaceResourceWhitelist:
- group: "*"
kind: "*"
sourceRepos:
- "*"
status: {}
---
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
annotations:
argocd.argoproj.io/sync-wave: "0"
creationTimestamp: null
name: system
namespace: argocd
spec:
generators:
- git:
files:
- path: apps/**/system/config.json
repoURL: ssh://git@gitea-ssh.gitops.svc.cluster.local:2222/davad/argo.git
requeueAfterSeconds: 20
revision: ""
template:
metadata: {}
spec:
destination: {}
project: ""
- git:
files:
- path: apps/**/system/config_dir.json
repoURL: ssh://git@gitea-ssh.gitops.svc.cluster.local:2222/davad/argo.git
requeueAfterSeconds: 20
revision: ""
template:
metadata: {}
spec:
destination: {}
project: ""
source:
directory:
exclude: "{{ exclude }}"
include: "{{ include }}"
jsonnet: {}
recurse: true
repoURL: ""
syncPolicy: {}
template:
metadata:
labels:
app.kubernetes.io/managed-by: argocd-autopilot
app.kubernetes.io/name: "{{ appName }}"
name: system-{{ userGivenName }}
namespace: argocd
spec:
destination:
namespace: "{{ destNamespace }}"
server: "{{ destServer }}"
ignoreDifferences:
- group: argoproj.io
jsonPointers:
- /status
kind: Application
project: system
source:
path: "{{ srcPath }}"
repoURL: "{{ srcRepoURL }}"
targetRevision: "{{ srcTargetRevision }}"
syncPolicy:
automated:
allowEmpty: true
prune: true
selfHeal: true
status: {}

11
projects/system/Chart.yaml
View file

@ -1,11 +0,0 @@
---
apiVersion: v2
name: system-apps
type: application
version: 1.0.0
appVersion: "1.0.0"
dependencies:
- name: app-of-apps
version: 1.0.2
repository: file://../../charts/app-of-apps/

157
projects/system/values.yaml
View file

@ -1,157 +0,0 @@
---
app-of-apps:
project: default
destination:
server: https://kubernetes.default.svc
source:
repoURL: ssh://git@gitea-ssh.gitops.svc.cluster.local:2222/davad/argo.git
path: system
apps:
- name: homepage
description: Homelab dashboard
path: ../apps/gethomepage
namespace: homepage
selfHeal: true
# - name: cert-manager
# namespace: cert-manager
# path: cert-manager
# plugin:
# env:
# - name: SOPS_SECRET_FILE
# value: secret.sec.yaml
# - name: cloudflared
# namespace: cloudflared
# path: cloudflared
# - name: cloudnative-pg
# namespace: cnpg
# path: cloudnative-pg
# - name: kubernetes-dashboard
# namespace: kubernetes-dashboard
# path: dashboard
# plugin:
# env:
# - name: SOPS_SECRET_FILE
# value: secret.sec.yaml
# extraSyncOptions:
# - RespectIgnoreDifferences=true
# ignoreDifferences:
# - name: kubernetes-dashboard-csrf
# kind: Secret
# jsonPointers:
# - /data/csrf
# - name: dyndns
# namespace: dyndns
# path: dyndns
# plugin:
# env:
# - name: SOPS_SECRET_FILE
# value: secret.sec.yaml
# - name: keycloak
# namespace: identity
# path: identity/keycloak
# plugin:
# env:
# - name: SOPS_SECRET_FILE
# value: secret.sec.yaml
# - name: metrics-server
# namespace: metrics-server
# path: metrics-server
# - name: nfs-subdir-external-provisioner
# namespace: nfs-subdir-provisioner
# path: nfs-subdir-external-provisioner
# plugin:
# env:
# - name: SOPS_SECRET_FILE
# value: secret.sec.yaml
# - name: oauth2-proxy
# namespace: oauth2-proxy
# path: oauth2-proxy
# plugin:
# env:
# - name: SOPS_SECRET_FILE
# value: secret.sec.yaml
# - name: prometheus-stack
# namespace: monitoring
# path: prometheus-stack
# plugin:
# env:
# - name: SOPS_SECRET_FILE
# value: secret.sec.yaml
# extraSyncOptions:
# - ServerSideApply=true
# managedNamespaceMetadata:
# labels:
# pod-security.kubernetes.io/enforce: privileged
#
# - name: traefik
# namespace: traefik
# path: traefik
# plugin:
# env:
# - name: SOPS_SECRET_FILE
# value: secret.sec.yaml
# - name: node-feature-discovery
# namespace: node-feature-discovery
# path: node-feature-discovery
# extraSyncOptions:
# - RespectIgnoreDifferences=true
# ignoreDifferences:
# - group: apps
# kind: DaemonSet
# jsonPointers:
# - /spec/template/metadata/annotations
# managedNamespaceMetadata:
# labels:
# pod-security.kubernetes.io/enforce: privileged
# - name: intel-device-plugins-operator
# namespace: intel-device-plugins-operator
# path: intel-device-plugins-operator
# managedNamespaceMetadata:
# labels:
# pod-security.kubernetes.io/enforce: privileged
# - name: intel-gpu-plugin
# namespace: intel-gpu-plugin
# path: intel-gpu-plugin
# extraSyncOptions:
# - RespectIgnoreDifferences=true
# ignoreDifferences:
# - group: deviceplugin.intel.com
# kind: GpuDevicePlugin
# jsonPointers:
# - /spec/resourceManager
# managedNamespaceMetadata:
# labels:
# pod-security.kubernetes.io/enforce: privileged
# - name: snapshot-controller
# namespace: snapshot-controller
# path: snapshot-controller
# ignoreDifferences:
# - group: "admissionregistration.k8s.io"
# kind: ValidatingWebhookConfiguration
# name: snapshot-validation-webhook
# jqPathExpressions:
# - .webhooks[]?.clientConfig.caBundle
# - kind: Secret
# name: snapshot-validation-webhook-tls
# jsonPointers:
# - /data
# - name: external-secrets
# namespace: external-secrets
# path: external-secrets
# plugin:
# env:
# - name: SOPS_SECRET_FILE
# value: secret.sec.yaml
# - name: kubelet-csr-approver
# namespace: kube-system
# path: kubelet-csr-approver
# - name: volsync
# namespace: volsync
# path: volsync
# - name: talos-backup
# namespace: talos-backup
# path: talos-backup