If you've followed a link to this repo, but are not really sure what it contains or how to use it, head over to Multicloud GitOps for additional context and installation instructions
When configuring vault there is a values-secret.yaml file that push_secrets Ansible playbook will use.
For Kong we will create a key-value for the license as follows:
cat << EOF >> values-secret.yaml
secrets:
kong:
license: "$(sed 's/\"//g' license.json)"
EOFUse these variables to create an entry for your cluster in the values-secret.yaml file using the following code:
CLUSTER_NAME=example
CLUSTER_API_URL=https://api.mycluster.jqic.p1.openshiftapps.com:6443
oc login $CLUSTER_API_URL
oc create sa argocd-external -n default
oc adm policy add-cluster-role-to-user cluster-admin system:serviceaccount:default:argocd-external
CLUSTER_TOKEN=$(oc describe secret -n default argocd-external-token | grep 'token:' | awk '{print$2}')
oc extract -n openshift-config cm/kube-root-ca.crt --to=- --keys=ca.crt > ${CLUSTER_NAME}.crtUse the previous environment variables to create an entry for your cluster in the values-secret.yaml file using the following code:
cat << EOF >> values-secret.yaml
cluster_${CLUSTER_NAME}:
server: ${CLUSTER_API_URL}
bearerToken: ${CLUSTER_TOKEN}
files:
cluster_${CLUSTER_NAME}_ca: `pwd`/${CLUSTER_NAME}.crt
EOFRepeat the script to create the sa and extract the token and root CA into a file. Now
add the cluster secrets and ca files like this to keep the sections:
sed -i "/files:/i\ cluster_${CLUSTER_NAME}:\n server: ${CLUSTER_API_URL}\n bearerToken: ${CLUSTER_TOKEN}" values-secret.yaml
echo " cluster_${CLUSTER_NAME}_ca: `pwd`/${CLUSTER_NAME}.crt" >> values-secret.yamlCopy the values-secret.yaml to your $HOME directory
cp values-secret.yaml ~/values-secret.yamlmake installNote: Sometimes the main ArgoCD app needs a manual refresh to start progressing.
make uninstall