Skip to content

Commit af78b63

Browse files
cardoecardoe
authored
Merge pull request #853 from rackerlabs/argocd-deploy-update
feat: update ArgoCD AppSets to make dev/prod closer
2 parents 7ffd2b6 + fc7f123 commit af78b63

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

41 files changed

+971
-588
lines changed

apps/appsets/appset-understack-global.yaml

Lines changed: 146 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,146 @@
1+
---
2+
apiVersion: argoproj.io/v1alpha1
3+
kind: ApplicationSet
4+
metadata:
5+
name: understack-global
6+
spec:
7+
syncPolicy:
8+
applicationsSync: create-update
9+
# for infrastructure resources we don't want to delete things automatically
10+
preserveResourcesOnDeletion: true
11+
goTemplate: true
12+
goTemplateOptions: ["missingkey=error"]
13+
generators:
14+
# matrixes clusters with the applications
15+
- matrix:
16+
generators:
17+
- merge:
18+
mergeKeys:
19+
# merge cluster configs based on cluster name
20+
- name
21+
generators:
22+
# load all clusters for global or aio
23+
- clusters:
24+
selector:
25+
matchExpressions:
26+
- key: understack.rackspace.com/role
27+
operator: In
28+
values:
29+
- "global"
30+
- "aio"
31+
# dev clusters allow some overrides
32+
- clusters:
33+
selector:
34+
matchLabels:
35+
understack.rackspace.com/env: dev
36+
values:
37+
understack_url: '{{index .metadata.annotations "uc_repo_git_url"}}'
38+
understack_ref: '{{index .metadata.annotations "uc_repo_ref"}}'
39+
deploy_url: '{{index .metadata.annotations "uc_deploy_git_url"}}'
40+
deploy_ref: '{{index .metadata.annotations "uc_deploy_ref"}}'
41+
# now the applications matrixed with the clusters
42+
- merge:
43+
mergeKeys:
44+
# merge config based on component name
45+
- component
46+
generators:
47+
- git:
48+
repoURL: '{{ .values.understack_url }}'
49+
revision: '{{ .values.understack_ref }}'
50+
files:
51+
- path: "apps/global/*.yaml"
52+
- git:
53+
repoURL: '{{ .values.deploy_url }}'
54+
revision: '{{ .values.deploy_ref }}'
55+
files:
56+
# due to https://github.com/argoproj/argo-cd/issues/22051
57+
# we need to do this workaround. this reads the apps.yaml
58+
# for per cluster
59+
- path: '{{ "{{.name}}" }}/apps.yaml'
60+
selector:
61+
matchExpressions:
62+
# if you set skip to any value for the component in apps.yaml, this will disable it
63+
- key: skip
64+
operator: DoesNotExist
65+
template:
66+
metadata:
67+
name: '{{.name}}-{{.component}}'
68+
# we should never set the finalizer here as the applicationsSync policy will handle it
69+
annotations:
70+
argocd.argoproj.io/compare-options: ServerSideDiff=true,IncludeMutationWebhook=true
71+
spec:
72+
project: understack
73+
destination:
74+
server: '{{.server}}'
75+
namespace: '{{coalesce (get . "componentNamespace") .component}}'
76+
syncPolicy:
77+
automated:
78+
selfHeal: true
79+
syncOptions:
80+
- CreateNamespace=true
81+
- ServerSideApply=true
82+
- RespectIgnoreDifferences=true
83+
managedNamespaceMetadata:
84+
annotations:
85+
# ArgoCD can create our namespace but let's not delete it
86+
argocd.argoproj.io/sync-options: Delete=false
87+
templatePatch: |
88+
spec:
89+
{{- $root := . }}
90+
{{- if hasKey . "sources" }}
91+
sources:
92+
{{- range $source := .sources }}
93+
{{- if hasKey $source "ref" }}
94+
- ref: {{ $source.ref }}
95+
{{- if eq $source.ref "understack" }}
96+
repoURL: {{ $root.values.understack_url }}
97+
targetRevision: {{ $root.values.understack_ref }}
98+
{{- else if eq $source.ref "deploy" }}
99+
repoURL: {{ $root.values.deploy_url }}
100+
targetRevision: {{ $root.values.deploy_ref }}
101+
{{- end }}
102+
{{- else}}
103+
- repoURL: {{ $source.repoURL }}
104+
targetRevision: {{ $source.targetRevision }}
105+
{{- end }}
106+
{{- if hasKey $source "chart" }}
107+
chart: {{ $source.chart }}
108+
{{- end }}
109+
{{- if hasKey $source "helm" }}
110+
helm:
111+
{{- if hasKey $source "chart" }}
112+
releaseName: {{ $source.chart }}
113+
{{- end }}
114+
{{- if hasKey $source.helm "valueFiles" }}
115+
valueFiles:
116+
{{- range $vf := $source.helm.valueFiles }}
117+
# until dynamic parameters exist this must be done
118+
- {{ $vf | replace "{{.name}}" $root.name }}
119+
{{- end }}
120+
ignoreMissingValueFiles: true
121+
{{- end }}
122+
{{- if hasKey $source.helm "fileParameters" }}
123+
fileParameters:
124+
{{- range $fp := $source.helm.fileParameters }}
125+
# until dynamic parameters exist this must be done
126+
- name: {{ $fp.name }}
127+
path: {{ $fp.path | replace "{{.name}}" $root.name }}
128+
{{- end }}
129+
{{- end }}
130+
{{- if hasKey $source.helm "valuesObject" }}
131+
valuesObject: {{ $source.helm.valuesObject | toJson }}
132+
# indentation matters so collapse to single line with toJson to keep it
133+
{{- end }}
134+
{{- end }}
135+
{{- if hasKey $source "kustomize" }}
136+
kustomize: {{ $source.kustomize | toJson | replace "{{.dns_zone}}" (index $root.metadata.annotations "dns_zone") }}
137+
{{- end }}
138+
{{- if hasKey $source "path" }}
139+
path: {{ $source.path | replace "{{.name}}" $root.name }}
140+
{{- end }}
141+
{{- end }}
142+
{{- end }}
143+
{{- if hasKey . "ignoreDifferences" }}
144+
# indentation matters so collapse to single line with toJson to keep it
145+
ignoreDifferences: {{ .ignoreDifferences | toJson }}
146+
{{- end }}

apps/appsets/appset-understack-infra.yaml

Lines changed: 103 additions & 82 deletions
Original file line numberDiff line numberDiff line change
@@ -11,86 +11,58 @@ spec:
1111
goTemplate: true
1212
goTemplateOptions: ["missingkey=error"]
1313
generators:
14+
# matrixes clusters with the applications
1415
- matrix:
1516
generators:
16-
- clusters:
17-
selector:
18-
matchExpressions:
19-
- key: understack.rackspace.com/role
20-
operator: In
17+
- merge:
18+
mergeKeys:
19+
# merge cluster configs based on cluster name
20+
- name
21+
generators:
22+
# load all clusters
23+
- clusters:
24+
selector:
25+
matchExpressions:
26+
- key: understack.rackspace.com/role
27+
operator: In
28+
values:
29+
- "global"
30+
- "site"
31+
- "aio"
32+
# dev clusters allow some overrides
33+
- clusters:
34+
selector:
35+
matchLabels:
36+
understack.rackspace.com/env: dev
2137
values:
22-
- "global"
23-
- "regional"
24-
- "aio"
25-
values:
26-
uc_skip_components: '{{ default "[]" (index .metadata.annotations "uc_skip_components") }}'
27-
uc_repo_git_url: '{{index .metadata.annotations "uc_repo_git_url"}}'
28-
uc_repo_ref: '{{index .metadata.annotations "uc_repo_ref"}}'
29-
uc_deploy_git_url: '{{index .metadata.annotations "uc_deploy_git_url"}}'
30-
uc_deploy_ref: '{{index .metadata.annotations "uc_deploy_ref"}}'
31-
uc_role: '{{index .metadata.labels "understack.rackspace.com/role"}}'
32-
uc_dns_zone: '{{index .metadata.annotations "dns_zone" }}'
33-
uc_cluster_issuer: '{{index .metadata.annotations "uc_cluster_issuer" }}'
34-
uc_global_dns_zone: '{{index .metadata.annotations "uc_global_dns_zone" }}'
35-
- list:
36-
elements:
37-
- component: cert-manager
38-
skipComponent: '{{has "cert-manager" (.values.uc_skip_components | fromJson)}}'
39-
sources:
40-
- repoURL: https://charts.jetstack.io
41-
chart: cert-manager
42-
targetRevision: '1.15.2'
43-
helm:
44-
releaseName: cert-manager
45-
valuesObject:
46-
crds:
47-
enabled: true
48-
- component: ingress-nginx
49-
skipComponent: '{{has "ingress-nginx" (.values.uc_skip_components | fromJson)}}'
50-
sources:
51-
- repoURL: https://kubernetes.github.io/ingress-nginx
52-
chart: ingress-nginx
53-
targetRevision: 4.12.1
54-
helm:
55-
releaseName: ingress-nginx
56-
valueFiles:
57-
- $deploy/{{.name}}/helm-configs/ingress-nginx.yaml
58-
ignoreMissingValueFiles: true
59-
- repoURL: '{{ .values.uc_deploy_git_url }}'
60-
targetRevision: '{{ .values.uc_deploy_ref }}'
61-
ref: deploy
62-
- component: cilium
63-
skipComponent: '{{or (has "cilium" (.values.uc_skip_components | fromJson)) (eq "global" .values.uc_role)}}'
64-
sources:
65-
# Cilium itself is deployed before ArgoCD so we only include project
66-
# and environment specific stuff here
67-
- repoURL: '{{ .values.uc_deploy_git_url }}'
68-
targetRevision: '{{ .values.uc_deploy_ref }}'
69-
path: '{{.name}}/manifests/cilium'
70-
- component: etcdbackup
71-
componentNamespace: kube-system
72-
skipComponent: '{{has "etcdbackup" (.values.uc_skip_components | fromJson)}}'
73-
sources:
74-
- repoURL: '{{ .values.uc_repo_git_url }}'
75-
targetRevision: '{{ .values.uc_repo_ref }}'
76-
path: 'components/etcdbackup'
77-
ref: understack
78-
helm:
79-
valueFiles:
80-
- $understack/components/etcdbackup/values.yaml
81-
- $deploy/{{.name}}/helm-configs/etcdbackup.yaml
82-
ignoreMissingValueFiles: true
83-
- repoURL: '{{ .values.uc_deploy_git_url }}'
84-
targetRevision: '{{ .values.uc_deploy_ref }}'
85-
ref: deploy
86-
selector:
87-
# by setting the key in the elements 'skipComponent' to 'true' it will skip installing it
88-
# ArgoCD's templating operates with strings so it's the string "true"
89-
matchExpressions:
90-
- key: skipComponent
91-
operator: NotIn
92-
values:
93-
- "true"
38+
understack_url: '{{index .metadata.annotations "uc_repo_git_url"}}'
39+
understack_ref: '{{index .metadata.annotations "uc_repo_ref"}}'
40+
deploy_url: '{{index .metadata.annotations "uc_deploy_git_url"}}'
41+
deploy_ref: '{{index .metadata.annotations "uc_deploy_ref"}}'
42+
# now the applications matrixed with the clusters
43+
- merge:
44+
mergeKeys:
45+
# merge config based on component name
46+
- component
47+
generators:
48+
- git:
49+
repoURL: '{{ .values.understack_url }}'
50+
revision: '{{ .values.understack_ref }}'
51+
files:
52+
- path: "apps/infra/*.yaml"
53+
- git:
54+
repoURL: '{{ .values.deploy_url }}'
55+
revision: '{{ .values.deploy_ref }}'
56+
files:
57+
# due to https://github.com/argoproj/argo-cd/issues/22051
58+
# we need to do this workaround. this reads the apps.yaml
59+
# for per cluster
60+
- path: '{{ "{{.name}}" }}/apps.yaml'
61+
selector:
62+
matchExpressions:
63+
# if you set skip to any value for the component in apps.yaml, this will disable it
64+
- key: skip
65+
operator: DoesNotExist
9466
template:
9567
metadata:
9668
name: '{{.name}}-{{.component}}'
@@ -115,12 +87,61 @@ spec:
11587
argocd.argoproj.io/sync-options: Delete=false
11688
templatePatch: |
11789
spec:
90+
{{- $root := . }}
91+
{{- if hasKey . "sources" }}
11892
sources:
119-
{{- range $source := .sources }}
120-
# indentation matters so collapse to single line with toJson to keep it
121-
- {{ $source | toJson }}
93+
{{- range $source := .sources }}
94+
{{- if hasKey $source "ref" }}
95+
- ref: {{ $source.ref }}
96+
{{- if eq $source.ref "understack" }}
97+
repoURL: {{ $root.values.understack_url }}
98+
targetRevision: {{ $root.values.understack_ref }}
99+
{{- else if eq $source.ref "deploy" }}
100+
repoURL: {{ $root.values.deploy_url }}
101+
targetRevision: {{ $root.values.deploy_ref }}
102+
{{- end }}
103+
{{- else }}
104+
- repoURL: {{ $source.repoURL }}
105+
targetRevision: {{ $source.targetRevision }}
106+
{{- end }}
107+
{{- if hasKey $source "chart" }}
108+
chart: {{ $source.chart }}
109+
{{- end }}
110+
{{- if hasKey $source "helm" }}
111+
helm:
112+
{{- if hasKey $source "chart" }}
113+
releaseName: {{ $source.chart }}
114+
{{- end }}
115+
{{- if hasKey $source.helm "valueFiles" }}
116+
valueFiles:
117+
{{- range $vf := $source.helm.valueFiles }}
118+
# until dynamic parameters exist this must be done
119+
- {{ $vf | replace "{{.name}}" $root.name }}
120+
{{- end }}
121+
ignoreMissingValueFiles: true
122+
{{- end }}
123+
{{- if hasKey $source.helm "fileParameters" }}
124+
fileParameters:
125+
{{- range $fp := $source.helm.fileParameters }}
126+
# until dynamic parameters exist this must be done
127+
- name: {{ $fp.name }}
128+
path: {{ $fp.path | replace "{{.name}}" $root.name }}
129+
{{- end }}
130+
{{- end }}
131+
{{- if hasKey $source.helm "valuesObject" }}
132+
valuesObject: {{ $source.helm.valuesObject | toJson }}
133+
# indentation matters so collapse to single line with toJson to keep it
134+
{{- end }}
135+
{{- end }}
136+
{{- if hasKey $source "kustomize" }}
137+
kustomize: {{ $source.kustomize | toJson }}
138+
{{- end }}
139+
{{- if hasKey $source "path" }}
140+
path: {{ $source.path | replace "{{.name}}" $root.name }}
141+
{{- end }}
142+
{{- end }}
122143
{{- end }}
123-
{{- if hasKey . "ignoreDifferences" }}
144+
{{- if hasKey . "ignoreDifferences" }}
124145
# indentation matters so collapse to single line with toJson to keep it
125146
ignoreDifferences: {{ .ignoreDifferences | toJson }}
126-
{{- end }}
147+
{{- end }}

0 commit comments

Comments
 (0)