Refactor GitHub Actions workflows and Terraform configurations; update image tag handling, add ArgoCD installation, and configure providers for Kubernetes and Helm.

karimzakzouk · karimzakzouk · commit ce78ad0ed82c · 2025-08-23T02:35:30.000+03:00
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -65,40 +65,16 @@ jobs:
             MONGO_PASSWORD: $(echo -n "${{ secrets.MONGO_PASSWORD }}" | base64)
           EOF
 
-      # - name: Generate Deployment YAML with Docker image
-      #   run: |
-      #     IMAGE_TAG=${{ inputs.image-tag || github.sha }}
-      #     envsubst < ./kubernetes/deployment.template.yml > ./kubernetes/deployment.yml
-      #   env:
-      #     DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
-      #     IMAGE_TAG: ${{ inputs.image-tag || github.sha }}
-
-      - name: Setup helm
-        uses: azure/setup-helm@v4
-        with:
-          version: v3.5.4
-
-
-      - name: Deploy with helm
+      - name: Update Helm values with new image tag
         run: |
           IMAGE_TAG=${{ inputs.image-tag || github.sha }}
-          helm upgrade --install solar-system ./helm \
-           --set image.repository=ghcr.io/${{ secrets.DOCKER_USERNAME }}/graduation-project-devops \
-           --set image.tag=$IMAGE_TAG \
-           --namespace default \
-           --create-namespace
-
-      - name: Verify Deployment
-        run: |
-          kubectl get pods -l app=solar-system
-          kubectl get services
-          echo "Waiting for deployment to be ready..."
-          kubectl wait --for=condition=available --timeout=300s deployment/solar-system
-          echo "Waiting for container to be running..."
-          kubectl wait --for=condition=Ready --timeout=180s pod -l app=solar-system
-
-      - name: Get Service URL
+          # Update the image tag in values.yaml for ArgoCD to pick up
+          sed -i "s|tag: \".*\"|tag: \"$IMAGE_TAG\"|g" ./helm/values.yaml
+          
+      - name: Commit updated image tag
         run: |
-          HOSTNAME=$(kubectl get svc solar-system-svc -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')
-          echo "Service URL: http://$HOSTNAME"
-        working-directory: ./kubernetes
+          git config --local user.email "action@github.com"
+          git config --local user.name "GitHub Action"
+          git add helm/values.yaml
+          git commit -m "Update image tag to ${{ inputs.image-tag || github.sha }}" || exit 0
+          git push
diff --git a/.github/workflows/main-pipeline.yml b/.github/workflows/main-pipeline.yml
@@ -23,10 +23,6 @@ on:
         required: false
         default: false
         type: boolean
-  push:
-    branches:
-      - main
-      - 'feature-branch-A'
 
 permissions:
   contents: read
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
@@ -51,3 +51,39 @@ jobs:
         if: ${{ inputs.terraform-action == 'apply' || inputs.terraform-action == '' }}
         run: terraform apply -auto-approve
         working-directory: ./Terraform
+
+      - name: Update kubeconfig
+        if: ${{ inputs.terraform-action == 'apply' || inputs.terraform-action == '' }}
+        run: |
+          aws eks update-kubeconfig --name otel-cluster --region us-east-1
+
+      - name: Wait for ArgoCD LoadBalancer
+        if: ${{ inputs.terraform-action == 'apply' || inputs.terraform-action == '' }}
+        run: |
+          echo "Waiting for ArgoCD LoadBalancer to be ready..."
+          kubectl wait --for=condition=available --timeout=300s deployment/argocd-server -n argocd || true
+          sleep 30
+
+      - name: Get ArgoCD Access Info
+        if: ${{ inputs.terraform-action == 'apply' || inputs.terraform-action == '' }}
+        run: |
+          echo "=========================================="
+          echo "🚀 ARGOCD ACCESS INFORMATION"
+          echo "=========================================="
+          
+          # Get ArgoCD URL
+          ARGOCD_URL=$(kubectl get svc argocd-server -n argocd -o jsonpath='{.status.loadBalancer.ingress[0].hostname}' 2>/dev/null || echo "Still loading...")
+          echo "📋 ArgoCD URL: http://$ARGOCD_URL"
+          
+          # Get admin password
+          ARGOCD_PASSWORD=$(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath='{.data.password}' 2>/dev/null | base64 -d || echo "Secret not ready yet")
+          echo "🔑 Username: admin"
+          echo "🔑 Password: $ARGOCD_PASSWORD"
+          
+          echo "=========================================="
+          echo "📝 Instructions:"
+          echo "1. Wait a few minutes for LoadBalancer DNS to propagate"
+          echo "2. Access: http://$ARGOCD_URL"
+          echo "3. Login with username 'admin' and password above"
+          echo "4. Your solar-system app should appear automatically"
+          echo "=========================================="
diff --git a/Terraform/0-versions.tf b/Terraform/0-versions.tf
@@ -5,5 +5,13 @@ terraform {
       source  = "hashicorp/aws"
       version = "~> 5.0"
     }
+    helm = {
+      source  = "hashicorp/helm"
+      version = "~> 2.12"
+    }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "~> 2.25"
+    }
   }
 }
diff --git a/Terraform/1-provider.tf b/Terraform/1-provider.tf
@@ -3,3 +3,29 @@ provider "aws" {
   region = "us-east-1"
 }
 
+# Configure the Kubernetes Provider
+provider "kubernetes" {
+  host                   = module.eks.cluster_endpoint
+  cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
+
+  exec {
+    api_version = "client.authentication.k8s.io/v1beta1"
+    command     = "aws"
+    args        = ["eks", "get-token", "--cluster-name", module.eks.cluster_name]
+  }
+}
+
+# Configure the Helm Provider
+provider "helm" {
+  kubernetes {
+    host                   = module.eks.cluster_endpoint
+    cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
+
+    exec {
+      api_version = "client.authentication.k8s.io/v1beta1"
+      command     = "aws"
+      args        = ["eks", "get-token", "--cluster-name", module.eks.cluster_name]
+    }
+  }
+}
+
diff --git a/Terraform/3-main.tf b/Terraform/3-main.tf
@@ -16,5 +16,26 @@ module "eks" {
   vpc_id                = module.vpc.vpc_id
   subnet_ids            = module.vpc.private_subnet_ids
   node_groups           = var.node_groups
+}
+
+# Install ArgoCD
+resource "helm_release" "argocd" {
+  name       = "argocd"
+  repository = "https://argoproj.github.io/argo-helm"
+  chart      = "argo-cd"
+  namespace  = "argocd"
+  
+  create_namespace = true
+  
+  set {
+    name  = "server.service.type"
+    value = "LoadBalancer"
+  }
+  
+  set {
+    name  = "server.extraArgs[0]"
+    value = "--insecure"
+  }
 
+  depends_on = [module.eks]
 }

Original file line number	Diff line number	Diff line change
`@@ -5,5 +5,13 @@ terraform {`
`5`	`5`	`source = "hashicorp/aws"`
`6`	`6`	`version = "~> 5.0"`
`7`	`7`	`}`
	`8`	`+ helm = {`
	`9`	`+ source = "hashicorp/helm"`
	`10`	`+ version = "~> 2.12"`
	`11`	`+ }`
	`12`	`+ kubernetes = {`
	`13`	`+ source = "hashicorp/kubernetes"`
	`14`	`+ version = "~> 2.25"`
	`15`	`+ }`
`8`	`16`	`}`
`9`	`17`	`}`