refactor(bootstrap)!: switch to Helm with better templates

Squashed commit of the following: commit c2d2def93933d5dd6ca5618385de226cd75dab3f Author: Khue Doan <khuedoan98@gmail.com> Date: Mon Dec 27 17:39:32 2021 +0700 refactor(bootstrap): switch branch to master commit a84a3f6ff14ee484c374f4eb13aa92495917249c Author: Khue Doan <khuedoan98@gmail.com> Date: Mon Dec 27 17:36:41 2021 +0700 fix(bootstrap): add missing fields commit 9d8f3d2e2374dba06c76a83241f1ea161094b241 Author: Khue Doan <khuedoan98@gmail.com> Date: Mon Dec 27 17:25:04 2021 +0700 build(bootstrap): update dependencies if needed before apply commit 4d725efa82b4283eb701263a8b76a7c371db1e2b Author: Khue Doan <khuedoan98@gmail.com> Date: Mon Dec 27 17:15:46 2021 +0700 feat(bootstrap): port changes from master commit 7cb8d09a73cc17232314d742de52ae15daac1565 Merge: 3dc1417 d493de3 Author: Khue Doan <khuedoan98@gmail.com> Date: Mon Dec 27 16:33:06 2021 +0700 Merge branch 'master' into bootstrap-rework commit 3dc141723d52ffbe0eaf3a485513dd55bb268c0f Author: Khue Doan <khuedoan98@gmail.com> Date: Wed Dec 1 13:43:28 2021 +0700 build(bootstrap): change make targets commit e81abd30158ca312edc64bfb88f88e7349d16a3e Author: Khue Doan <khuedoan98@gmail.com> Date: Wed Dec 1 13:42:44 2021 +0700 feat(bootstrap): add global values commit 69371afacf7645c935fd89807ec101670d5009d2 Merge: 370b1ca e89aea8 Author: Khue Doan <khuedoan98@gmail.com> Date: Wed Dec 1 12:19:33 2021 +0700 Merge branch 'master' into bootstrap-rework commit 370b1caf46cffcaaad4d2e38ceca8757259cf1e9 Author: Khue Doan <khuedoan98@gmail.com> Date: Wed Nov 17 00:43:13 2021 +0700 fix namespace commit 9ca055cd40b060bf2288832eb78d14a287a2aa46 Author: Khue Doan <khuedoan98@gmail.com> Date: Tue Nov 16 22:05:29 2021 +0700 disable cert commit 1575fc7121b149a4426d6865db0b988b25feaa62 Author: Khue Doan <khuedoan98@gmail.com> Date: Tue Nov 16 21:54:36 2021 +0700 sync wave based on index commit e3dfb4027265e238b02b840e78523b3970f8669d Author: Khue Doan <khuedoan98@gmail.com> Date: Tue Nov 16 21:02:27 2021 +0700 feat(bootstrap): add project per stack commit 68645e0e18cf6f9fcdd75dfc1d9bfb2d85a7d5bb Author: Khue Doan <khuedoan98@gmail.com> Date: Tue Nov 16 11:18:18 2021 +0700 Initial rework for bootstrap
2025-07-09 23:39:51 +07:00 · 2021-12-27 17:40:47 +07:00
parent d493de34f0
commit 3d3e9a92c6
15 changed files with 124 additions and 236 deletions
--- a/bootstrap/Chart.yaml
+++ b/bootstrap/Chart.yaml
@ -0,0 +1,10 @@
+apiVersion: v2
+name: bootstrap
+version: 0.0.0
+dependencies:
+  - name: argo-cd
+    version: 3.29.4
+    repository: https://argoproj.github.io/argo-helm
+  - name: argocd-applicationset
+    version: 1.7.0
+    repository: https://argoproj.github.io/argo-helm
--- a/bootstrap/Makefile
+++ b/bootstrap/Makefile
@ -2,21 +2,21 @@
 .EXPORT_ALL_VARIABLES:

 KUBECONFIG = ../metal/kubeconfig.yaml
+NAMESPACE = argocd

-default: argocd root
+default: namespace apply

-.PHONY: argocd
-argocd:
-	kustomize build ./argocd | kubectl apply -f -
-	kubectl -n argocd wait --timeout=60s --for condition=Established \
-		crd/applications.argoproj.io \
-		crd/applicationsets.argoproj.io
+charts: Chart.yaml
+	helm dependency update

-.PHONY: root
-root:
-	kustomize build ./root | kubectl apply -f -
-	kubectl -n argocd wait --timeout=300s --for condition=ResourcesUpToDate \
-		applicationset/bootstrap \
-		applicationset/system \
-		applicationset/platform \
-		applicationset/apps
+namespace:
+	kubectl create namespace argocd --dry-run=client --output=yaml \
+		| kubectl apply -f -
+
+apply: charts
+	# ArgoCD only uses Helm as YAML generator
+	helm template \
+		--include-crds \
+		--namespace ${NAMESPACE} \
+		argocd . \
+		| kubectl apply -n argocd -f -
--- a/bootstrap/argocd/argocd-cm-patch.yaml
+++ b/bootstrap/argocd/argocd-cm-patch.yaml
@ -1,40 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: argocd-cm
-data:
-  users.anonymous.enabled: 'true'
-  resource.customizations.health.argoproj.io_Application: |
-    hs = {}
-    hs.status = "Progressing"
-    hs.message = ""
-    if obj.status ~= nil then
-      if obj.status.health ~= nil then
-        hs.status = obj.status.health.status
-        if obj.status.health.message ~= nil then
-          hs.message = obj.status.health.message
-        end
-      end
-    end
-    return hs
-  resource.customizations.health.argoproj.io_ApplicationSet: |
-    hs = {}
-    if obj.status ~= nil then
-      if obj.status.conditions ~= nil then
-        for i, condition in pairs(obj.status.conditions) do
-          if condition.type == "ErrorOccurred" and condition.status == "True" then
-            hs.status = "Degraded"
-            hs.message = condition.message
-            return hs
-          end
-          if condition.type == "ResourcesUpToDate" and condition.status == "True" then
-            hs.status = "Healthy"
-            hs.message = condition.message
-            return hs
-          end
-        end
-      end
-    end
-    hs.status = "Progressing"
-    hs.message = ""
-    return hs
--- a/bootstrap/argocd/argocd-rbac-cm-patch.yaml
+++ b/bootstrap/argocd/argocd-rbac-cm-patch.yaml
@ -1,6 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: argocd-rbac-cm
-data:
-  policy.default: role:readonly
--- a/bootstrap/argocd/argocd-server-deployment-patch.yaml
+++ b/bootstrap/argocd/argocd-server-deployment-patch.yaml
@ -1,12 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: argocd-server
-spec:
-  template:
-    spec:
-      containers:
-        - name: argocd-server
-          command:
-            - argocd-server
-            - --insecure
--- a/bootstrap/argocd/ingress.yaml
+++ b/bootstrap/argocd/ingress.yaml
@ -1,25 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: argocd-server
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-    external-dns.alpha.kubernetes.io/target: homelab-tunnel.khuedoan.com
-    external-dns.alpha.kubernetes.io/cloudflare-proxied: 'true'
-spec:
-  ingressClassName: nginx
-  rules:
-    - host: argocd.khuedoan.com
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: argocd-server
-                port:
-                  name: http
-  tls:
-    - hosts:
-        - argocd.khuedoan.com
-      secretName: argocd-secret
--- a/bootstrap/argocd/kustomization.yaml
+++ b/bootstrap/argocd/kustomization.yaml
@ -1,15 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
-  - namespace.yaml
-  - https://raw.githubusercontent.com/argoproj/argo-cd/v2.2.0-rc1/manifests/install.yaml  # TODO switch back to stable
-  - https://raw.githubusercontent.com/argoproj-labs/applicationset/master/manifests/install.yaml  # TODO switch back to stable
-  - ingress.yaml
-
-patches:
-  - path: argocd-server-deployment-patch.yaml
-  - path: argocd-cm-patch.yaml
-  - path: argocd-rbac-cm-patch.yaml
-
-namespace: argocd
--- a/bootstrap/argocd/namespace.yaml
+++ b/bootstrap/argocd/namespace.yaml
@ -1,4 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: argocd
--- a/bootstrap/root/apps.yaml
+++ b/bootstrap/root/apps.yaml
@ -1,34 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: ApplicationSet
-metadata:
-  name: apps
-spec:
-  generators:
-    - git:
-        repoURL: https://github.com/khuedoan/homelab.git
-        revision: master
-        directories:
-          - path: apps/*
-  template:
-    metadata:
-      name: '{{path.basename}}'
-    spec:
-      destination:
-        name: in-cluster
-        namespace: '{{path.basename}}'
-      project: default
-      source:
-        repoURL: https://github.com/khuedoan/homelab.git
-        path: '{{path}}'
-      syncPolicy:
-        automated:
-          prune: true
-          selfHeal: true
-        retry:
-          limit: 10
-          backoff:
-            duration: 1m
-            factor: 2
-            maxDuration: 16m
-        syncOptions:
-          - CreateNamespace=true
--- a/bootstrap/root/bootstrap.yaml
+++ b/bootstrap/root/bootstrap.yaml
@ -1,30 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: ApplicationSet
-metadata:
-  name: bootstrap
-spec:
-  generators:
-    - git:
-        repoURL: https://github.com/khuedoan/homelab.git
-        revision: master
-        directories:
-          - path: bootstrap/*
-  template:
-    metadata:
-      name: '{{path.basename}}'
-    spec:
-      destination:
-        name: in-cluster
-      project: default
-      source:
-        repoURL: https://github.com/khuedoan/homelab.git
-        path: '{{path}}'
-      syncPolicy:
-        automated:
-          selfHeal: true
-        retry:
-          limit: 10
-          backoff:
-            duration: 1m
-            factor: 2
-            maxDuration: 16m
--- a/bootstrap/root/kustomization.yaml
+++ b/bootstrap/root/kustomization.yaml
@ -1,10 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
-  - bootstrap.yaml
-  - system.yaml
-  - platform.yaml
-  - apps.yaml
-
-namespace: argocd
--- a/bootstrap/root/system.yaml
+++ b/bootstrap/root/system.yaml
@ -1,34 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: ApplicationSet
-metadata:
-  name: system
-spec:
-  generators:
-    - git:
-        repoURL: https://github.com/khuedoan/homelab.git
-        revision: master
-        directories:
-          - path: system/*
-  template:
-    metadata:
-      name: '{{path.basename}}'
-    spec:
-      destination:
-        name: in-cluster
-        namespace: '{{path.basename}}'
-      project: default
-      source:
-        repoURL: https://github.com/khuedoan/homelab.git
-        path: '{{path}}'
-      syncPolicy:
-        automated:
-          prune: true
-          selfHeal: true
-        syncOptions:
-          - CreateNamespace=true
-        retry:
-          limit: 10
-          backoff:
-            duration: 1m
-            factor: 2
-            maxDuration: 16m
--- a/bootstrap/templates/argocd.yaml
+++ b/bootstrap/templates/argocd.yaml
@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: argocd
+  namespace: {{ .Release.Namespace }}
+spec:
+  destination:
+    name: in-cluster
+    namespace: {{ .Release.Namespace }}
+  project: default
+  source:
+    repoURL: {{ .Values.gitops.repo }}
+    targetRevision: {{ $.Values.gitops.revision }}
+    path: bootstrap
+  syncPolicy:
+    automated:
+      selfHeal: true
+    retry:
+      backoff:
+        duration: 1m
+        factor: 2
+        maxDuration: 16m
+      limit: 10
--- a/bootstrap/templates/stack.yaml
+++ b/bootstrap/templates/stack.yaml
@ -1,34 +1,38 @@
+{{- range $index, $stack := .Values.stacks }}
+---
 apiVersion: argoproj.io/v1alpha1
 kind: ApplicationSet
 metadata:
-  name: platform
+  name: {{ $stack }}
+  namespace: {{ $.Release.Namespace }}
 spec:
  generators:
    - git:
-        repoURL: https://github.com/khuedoan/homelab.git
-        revision: master
+        repoURL: {{ $.Values.gitops.repo }}
+        revision: {{ $.Values.gitops.revision }}
        directories:
-          - path: platform/*
+          - path: {{ $stack }}/*
  template:
    metadata:
-      name: '{{path.basename}}'
+      name: '{{ `{{path.basename}}` }}'
    spec:
      destination:
        name: in-cluster
-        namespace: '{{path.basename}}'
-      project: default
+        namespace: '{{ `{{path.basename}}` }}'
+      project: default # TODO
      source:
-        repoURL: https://github.com/khuedoan/homelab.git
-        path: '{{path}}'
+        repoURL: {{ $.Values.gitops.repo }}
+        path: '{{ `{{path}}` }}'
      syncPolicy:
        automated:
          prune: true
          selfHeal: true
-        syncOptions:
-          - CreateNamespace=true
        retry:
          limit: 10
          backoff:
            duration: 1m
            factor: 2
            maxDuration: 16m
+        syncOptions:
+          - CreateNamespace=true
+{{- end }}
--- a/bootstrap/values.yaml
+++ b/bootstrap/values.yaml
@ -0,0 +1,61 @@
+argo-cd:
+  server:
+    rbacConfig:
+      policy.default: role:readonly
+    config:
+      users.anonymous.enabled: 'true'
+      resource.customizations.health.argoproj.io_Application: |
+        hs = {}
+        hs.status = "Progressing"
+        hs.message = ""
+        if obj.status ~= nil then
+          if obj.status.health ~= nil then
+            hs.status = obj.status.health.status
+            if obj.status.health.message ~= nil then
+              hs.message = obj.status.health.message
+            end
+          end
+        end
+        return hs
+      resource.customizations.health.argoproj.io_ApplicationSet: |
+        hs = {}
+        if obj.status ~= nil then
+          if obj.status.conditions ~= nil then
+            for i, condition in pairs(obj.status.conditions) do
+              if condition.type == "ErrorOccurred" and condition.status == "True" then
+                hs.status = "Degraded"
+                hs.message = condition.message
+                return hs
+              end
+              if condition.type == "ResourcesUpToDate" and condition.status == "True" then
+                hs.status = "Healthy"
+                hs.message = condition.message
+                return hs
+              end
+            end
+          end
+        end
+        hs.status = "Progressing"
+        hs.message = ""
+        return hs
+    ingress:
+      enabled: true
+      ingressClassName: nginx
+      annotations:
+        cert-manager.io/cluster-issuer: letsencrypt-prod
+        external-dns.alpha.kubernetes.io/target: homelab-tunnel.khuedoan.com
+        external-dns.alpha.kubernetes.io/cloudflare-proxied: 'true'
+      hosts:
+        - &host argocd.khuedoan.com
+      tls:
+        - secretName: argocd-tls-certificate
+          hosts:
+            - *host
+
+gitops:
+  repo: https://github.com/khuedoan/homelab.git
+  revision: master
+stacks:
+  - system
+  - platform
+  - apps