On branch all-in-one-deployment

Changes to be committed:
	deleted:    infra/main.tf
	new file:   infra/modules/application/main.tf
	new file:   infra/modules/application/outputs.tf
	new file:   infra/modules/application/variables.tf
	modified:   infra/modules/argocd/main.tf
	modified:   infra/modules/argocd/outputs.tf
	modified:   infra/modules/argocd/variables.tf
	new file:   infra/modules/cluster-minikube/main.tf
	new file:   infra/modules/cluster-minikube/outputs.tf
	new file:   infra/modules/cluster-minikube/variables.tf
	deleted:    infra/modules/minikube/main.tf
	deleted:    infra/modules/minikube/outputs.tf
	deleted:    infra/modules/minikube/variables.tf
	deleted:    infra/outputs.tf
	new file:   infra/projects/application/main.tf
	new file:   infra/projects/application/outputs.tf
	new file:   infra/projects/application/providers.tf
	new file:   infra/projects/application/variabels.tf
	new file:   infra/projects/argocd/main.tf
	new file:   infra/projects/argocd/outputs.tf
	renamed:    infra/providers.tf -> infra/projects/argocd/providers.tf
	new file:   infra/projects/argocd/terraform.tfvars.example
	new file:   infra/projects/argocd/variables.tf
	new file:   infra/projects/cluster/main.tf
	new file:   infra/projects/cluster/outputs.tf
	new file:   infra/projects/cluster/provider.tf
	new file:   infra/projects/cluster/terraform.tfvars.example
	new file:   infra/projects/cluster/variables.tf
	deleted:    infra/terraform.tfvars.example
	deleted:    infra/variables.tf

Author: aliannus2

infra/main.tf

@@ -0,0 +1,92 @@
+# App runtime namespace
+resource "kubernetes_namespace" "app" {
+  metadata {
+    name = var.application_namespace
+    labels = {
+      "app.kubernetes.io/name"       = var.application_name
+      "app.kubernetes.io/part-of"    = var.cluster_name # <- use cluster_name instead of a static project label
+      "app.kubernetes.io/managed-by" = "terraform"
+    }
+  }
+}
+
+
+# Register the repo in Argo CD (Secret in argocd namespace)
+resource "kubernetes_secret" "argocd_repo_github_https" {
+  metadata {
+    name      = var.repo_secret_name
+    namespace = var.argocd_namespace
+    labels = {
+      "argocd.argoproj.io/secret-type" = "repository"
+      "app.kubernetes.io/part-of"      = var.cluster_name
+      "app.kubernetes.io/managed-by"   = "terraform"
+    }
+  }
+  type = "Opaque"
+
+  # stringData lets us provide plaintext; provider encodes to data
+  data = {
+    type     = "git"
+    url      = var.github_repo_url
+    username = var.repo_username
+    password = var.github_pat
+  }
+}
+
+# AppProject (scopes repos/destinations)
+resource "kubernetes_manifest" "argocd_project" {
+  manifest = {
+    apiVersion = "argoproj.io/v1alpha1"
+    kind       = "AppProject"
+    metadata = {
+      name      = var.project_name
+      namespace = var.argocd_namespace
+      labels = {
+        "app.kubernetes.io/part-of"    = var.cluster_name
+        "app.kubernetes.io/managed-by" = "terraform"
+      }
+    }
+    spec = {
+      description = "Project for ${var.cluster_name}"
+      sourceRepos = [var.github_repo_url]
+      destinations = [{
+        namespace = var.application_namespace
+        server    = "https://kubernetes.default.svc"
+      }]
+      clusterResourceWhitelist   = [{ group = "*", kind = "*" }]
+      namespaceResourceWhitelist = [{ group = "*", kind = "*" }]
+    }
+  }
+}
+
+# Argo CD Application
+resource "kubernetes_manifest" "argocd_application" {
+  manifest = {
+    apiVersion = "argoproj.io/v1alpha1"
+    kind       = "Application"
+    metadata = {
+      name      = var.application_name
+      namespace = var.argocd_namespace
+      labels = {
+        "app.kubernetes.io/part-of"    = var.cluster_name
+        "app.kubernetes.io/managed-by" = "terraform"
+      }
+    }
+    spec = {
+      project = var.project_name
+      source = {
+        repoURL        = var.github_repo_url
+        targetRevision = var.target_revision
+        path           = var.kustomize_path
+      }
+      destination = {
+        server    = "https://kubernetes.default.svc"
+        namespace = var.application_namespace
+      }
+      syncPolicy = {
+        automated   = { prune = true, selfHeal = true }
+        syncOptions = ["CreateNamespace=true"]
+      }
+    }
+  }
+}

infra/modules/application/main.tf

@@ -0,0 +1,3 @@
+output "application_namespace" { value = var.application_namespace }
+output "application_name" { value = var.application_name }
+output "project_name" { value = var.project_name }

infra/modules/application/outputs.tf

@@ -0,0 +1,73 @@
+variable "cluster_name" {
+  description = "Used in labels and for context-aware manifests (passed from project)"
+  type        = string
+}
+
+variable "argocd_namespace" {
+  description = "Namespace where Argo CD is installed"
+  type        = string
+  default     = "argocd"
+}
+
+variable "application_namespace" {
+  description = "Namespace where the app will run"
+  type        = string
+  default     = "emumba-assessment"
+}
+
+variable "project_name" {
+  description = "Argo CD AppProject name"
+  type        = string
+  default     = "emumba-deployment"
+}
+
+variable "application_name" {
+  description = "Argo CD Application name"
+  type        = string
+  default     = "emumba-assessment-app"
+}
+
+variable "github_repo_url" {
+  description = "Git repository URL for the app (https)"
+  type        = string
+}
+
+variable "github_pat" {
+  description = "GitHub personal access token (read access)"
+  type        = string
+  sensitive   = true
+}
+
+variable "repo_username" {
+  description = "Repository username for basic auth"
+  type        = string
+  default     = "git"
+}
+
+variable "repo_secret_name" {
+  description = "K8s Secret name registered in Argo CD"
+  type        = string
+  default     = "repo-github-emumba-https"
+}
+
+variable "kustomize_path" {
+  description = "Path inside the repo to Kustomize overlay"
+  type        = string
+  default     = "k8s/overlays/dev"
+}
+
+variable "target_revision" {
+  description = "Git revision (branch, tag, or commit SHA)"
+  type        = string
+  default     = "HEAD"
+}
+
+terraform {
+  required_version = ">= 1.10.0"
+  required_providers {
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = ">= 2.38.0"
+    }
+  }
+}

infra/modules/application/variables.tf

@@ -1,47 +1,17 @@
-terraform {
-  required_version = ">= 1.10.0"
-  required_providers {
-    kubernetes = {
-      source  = "hashicorp/kubernetes"
-      version = ">= 2.38.0"
-    }
-    helm = {
-      source  = "hashicorp/helm"
-      version = "3.0.2"
-    }
-  }
-}
-
-provider "kubernetes" {
-  config_path = pathexpand("~/.kube/config")
-}
-
-provider "helm" {
-  kubernetes = {
-    config_path = pathexpand("~/.kube/config")
-  }
-}
-
-
 resource "kubernetes_namespace" "argocd" {
   metadata {
     name = var.namespace
     labels = {
       "app.kubernetes.io/name"       = "argocd"
-      "app.kubernetes.io/part-of"    = "emumba-assessment-k8s-iac"
+      "app.kubernetes.io/part-of"    = "emumba-minikube-cluster"
       "app.kubernetes.io/managed-by" = "terraform"
     }
   }
 }
 
-resource "helm_release" "argocd" {
-  name       = var.release_name
-  repository = "https://argoproj.github.io/argo-helm"
-  chart      = "argo-cd"
-  namespace  = kubernetes_namespace.argocd.metadata[0].name
-  version    = "8.5.7"
-
-  values = [yamlencode({
+locals {
+  base_values = yamlencode({
+    installCRDs = true
     configs = {
       params = {
         "server.insecure" = "true"
@@ -52,78 +22,20 @@ resource "helm_release" "argocd" {
         type = var.server_service_type
       }
     }
-  })]
-
-  depends_on = [kubernetes_namespace.argocd]
+  })
+  merged_values = concat([local.base_values], var.extra_values_yaml)
 }
 
-resource "kubernetes_secret" "argocd_repo_github_https" {
-  metadata {
-    name      = "repo-github-emumba-https"
-    namespace = kubernetes_namespace.argocd.metadata[0].name
-    labels = { "argocd.argoproj.io/secret-type" = "repository" }
-  }
-  type = "Opaque"
-  data = {
-    type     = "git"
-    url      = var.github_repo_url
-    username = "git"
-    password = var.github_pat
-  }
-}
+resource "helm_release" "argocd" {
+  name       = var.release_name
+  repository = "https://argoproj.github.io/argo-helm"
+  chart      = "argo-cd"
+  namespace  = kubernetes_namespace.argocd.metadata[0].name
+  version    = var.chart_version
 
-resource "kubernetes_manifest" "emumba_project" {
-  manifest = {
-    apiVersion = "argoproj.io/v1alpha1"
-    kind       = "AppProject"
-    metadata = {
-      name      = "emumba-deployment"
-      namespace = kubernetes_namespace.argocd.metadata[0].name
-      labels = { "app.kubernetes.io/part-of" = "emumba-assessment-k8s-iac" }
-    }
-    spec = {
-      description = "Project for Emumba assessment"
-      sourceRepos = [var.github_repo_url]
-      destinations = [{
-        namespace = "emumba-assessment"
-        server    = "https://kubernetes.default.svc"
-      }]
-      clusterResourceWhitelist   = [{ group = "*", kind = "*" }]
-      namespaceResourceWhitelist = [{ group = "*", kind = "*" }]
-    }
-  }
-  depends_on = [helm_release.argocd]
-}
+  wait    = true
+  timeout = 600
 
-resource "kubernetes_manifest" "app" {
-  manifest = {
-    apiVersion = "argoproj.io/v1alpha1"
-    kind       = "Application"
-    metadata = {
-      name      = "emumba-assessment-app"
-      namespace = kubernetes_namespace.argocd.metadata[0].name
-      labels = { "app.kubernetes.io/part-of" = "emumba-assessment-k8s-iac" }
-    }
-    spec = {
-      project = "emumba-deployment"
-      source = {
-        repoURL        = var.github_repo_url
-        targetRevision = "local-exec-minikube"
-        path           = "k8s/overlays/dev"
-      }
-      destination = {
-        server    = "https://kubernetes.default.svc"
-        namespace = "emumba-assessment"
-      }
-      syncPolicy = {
-        automated  = { prune = true, selfHeal = true }
-        syncOptions = ["CreateNamespace=true"]
-      }
-    }
-  }
-  depends_on = [
-    helm_release.argocd,
-    kubernetes_manifest.emumba_project,
-    kubernetes_secret.argocd_repo_github_https
-  ]
+  values = local.merged_values
 }
+

infra/modules/argocd/main.tf

@@ -1,15 +1,2 @@
-output "namespace" {
-  value = kubernetes_namespace.argocd.metadata[0].name
-}
-
-output "server_service" {
-  value = "${var.release_name}-argocd-server"
-}
-
-output "admin_password_cmd" {
-  value = "kubectl -n ${kubernetes_namespace.argocd.metadata[0].name} get secret argocd-initial-admin-secret -o jsonpath='{.data.password}' | base64 -d && echo"
-}
-
-output "port_forward_cmd" {
-  value = "kubectl -n ${kubernetes_namespace.argocd.metadata[0].name} port-forward svc/${var.release_name}-argocd-server 8080:80"
-}
+output "namespace" { value = var.namespace }
+output "release_name" { value = helm_release.argocd.name }