Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Add support for ArgoCD installation via ArgoCD operator #236

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: Add support for ArgoCD installation via ArgoCD operator #236

wants to merge 1 commit into from

Conversation

pmarkiewka
Copy link
Contributor

@pmarkiewka pmarkiewka commented Oct 14, 2024
edited
Loading

PR adds ArgoCD Operator functionality.

Install the ArgoCD Operator via docs/developers.md

Use this config.yaml to test it locally:

# $schema: https://raw.githubusercontent.com/cloudogu/gitops-playground/feature/argocd_operator/docs/configuration.schema.json
application:
  remote: false
  insecure: false
  username: "admin"
  password: "admin"
  "yes": false
  namePrefix: ""
  destroy: false
  podResources: false
  gitName: "Cloudogu"
  gitEmail: "[email protected]"
  urlSeparatorHyphen: false
  mirrorRepos: false
  skipCrds: false
  openshift: false
features:
  argocd:
    active: true
    url: ""
    emailFrom: "[email protected]"
    emailToUser: "[email protected]"
    emailToAdmin: "[email protected]"
    operator: true
    env: []
    resourceInclusionsCluster: "https://10.43.0.1:443"

@pmarkiewka @nihussmann
feat: Add support for ArgoCD installation via ArgoCD operator
4269f7c 
- Introduced ArgoCD operator deployment alongside the existing Helm installation.
  - Created operator-specific YAML files and RBAC configurations for operator-based deployments.
  - Allowed users to choose between Helm and operator installation methods based on their cluster setup.
  - Added full support for OpenShift environments via the operator.

- Added a new `argocd.ftl.yaml` file:
  - Dynamically sets `resourceInclusionsCluster` for internal Kubernetes API URLs. Which is needed in namespace isolated setups.
    - The `resourceInclusionsCluster` field can be set dynamically from environment variables in the pods, but manual configuration in the config file always takes precedence.
  - Configured resource limits and requests for `applicationSet` and `notifications` components, as required by OpenShift for successful deployment.

- Refactored ArgoCD configuration:
  - Introduced conditional logic to handle both Helm and operator deployments within ArgoCD.
  - Enhanced `K8sClient` with utility functions for:
    - Namespace creation, ensuring idempotency for existing namespaces.
    - Service patching to ensure services are properly configured and monitored.
    - Resource phase waiting to ensure synchronization during resource deployment.

- Refactored the `createNamespace` method in `K8sClient.groovy`:
  - Improved idempotency, avoiding errors if the namespace already exists.
  - Enhanced error handling to provide clear feedback in failure scenarios.

- Extended `configuration.schema.json` and `Schema.groovy`:
  - Added new fields for `operator`, `openshift`, and `resourceInclusionsCluster` to allow for flexible handling of Kubernetes API URLs and OpenShift-specific deployments.

- Improved environment variable support for ArgoCD components:
  - Injected environment variables (`env`) into components like `applicationSet`, `notifications`, `controller`, `redis`, `repo`, and `server` using FreeMarker templates.
  - Added validation to ensure each environment variable is a properly structured map with 'name' and 'value' fields.

- Updated RBAC configurations for multiple namespaces:
  - Enhanced permissions (`get`, `list`, `watch`) for namespaces like `example-apps-production`, `example-apps-staging`, `ingress-nginx`, `monitoring`, and `secrets`, ensuring compliance with OpenShift's least privilege security configuration.

- Added SSO configuration to the ArgoCD operator deployment if OpenShift is enabled:
  - In non-OpenShift environments, SSO will not work, and the default ArgoCD login mechanism will remain in place.

- **Comprehensive Testing**:
  - Verified namespace creation, service patching, and resource phase waiting behavior.
  - Ensured correct handling of `operator` and `openshift` flags and deployment logic for Helm and operator workflows.
  - Tested environment variable injection and validation across all relevant ArgoCD components.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@schnatterer schnatterer Awaiting requested review from schnatterer

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@pmarkiewka