From 04ecc3639b4b5802e5f122b117213195bcf6ea5d Mon Sep 17 00:00:00 2001 From: Kory Date: Fri, 18 Mar 2022 22:28:28 +0900 Subject: [PATCH 01/22] =?UTF-8?q?feat:=20helm-chart=E3=82=92GH=20Pages?= =?UTF-8?q?=E3=81=ABrelease=E3=81=99=E3=82=8B=E3=82=A2=E3=82=AF=E3=82=B7?= =?UTF-8?q?=E3=83=A7=E3=83=B3=E3=82=92=E5=AE=9A=E7=BE=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_charts.yaml | 72 +++++++++++++++++++++++++++ README.md | 3 ++ 2 files changed, 75 insertions(+) create mode 100644 .github/workflows/release_charts.yaml diff --git a/.github/workflows/release_charts.yaml b/.github/workflows/release_charts.yaml new file mode 100644 index 000000000..b89dcdecb --- /dev/null +++ b/.github/workflows/release_charts.yaml @@ -0,0 +1,72 @@ +name: "Helm chart を更新・公開する" + +on: + push: + # branches: + # - main + # Only when a helm-chart is updated + # paths: + # - 'helm-charts/**' + +jobs: + lint-test: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Set up Helm + uses: azure/setup-helm@v1 + with: + version: v3.8.1 + + - uses: actions/setup-python@v2 + with: + python-version: 3.7 + + - name: Set up chart-testing + uses: helm/chart-testing-action@v2.2.1 + + - name: Run chart-testing (list-changed) + id: list-changed + run: | + changed=$(ct list-changed --targer-branch main) + if [[ -n "$changed" ]]; then + echo "::set-output name=changed::true" + fi + + - name: Run chart-testing (lint) + run: ct lint + + - name: Create kind cluster + uses: helm/kind-action@v1.2.0 + if: steps.list-changed.outputs.changed == 'true' + + - name: Run chart-testing (install) + run: ct install + + release: + runs-on: ubuntu-latest + needs: ["lint-test"] + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + - name: Install Helm + uses: azure/setup-helm@v1 + with: + version: v3.7.1 + + - name: Run chart-releaser + uses: helm/chart-releaser-action@v1.3.0 + env: + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/README.md b/README.md index 10784024f..d90074d45 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,9 @@ seichi.click networkのオンプレ環境のうち、公開可能な箇所を管 - 概要図、ネットワーク構成図などの図を draw.io で描いて管理するディレクトリ。 - 2022/03/18現在、GitHubがmermaidのレンダリングを正式にサポートしたため、新しい図はmermaidで作成して良いかも + - [`helm-charts`](./helm-charts/) + - [`proxy-kubernetes`](./proxy-kubernetes/) 等で使用できる汎用的な [Helm chart repository](https://helm.sh/docs/topics/chart_repository/)。 + - [`proxy-kubernetes`](./proxy-kubernetes/) - Linode Kubernetes Engine(LKE) 上の k8s クラスタの定義を管理するディレクトリ。詳細は [README](./proxy-kubernetes/README.md) を参照してください。 From fd4b32dcad67fa447bb8f4c350b23aa0f0d27838 Mon Sep 17 00:00:00 2001 From: Kory Date: Fri, 18 Mar 2022 22:29:27 +0900 Subject: [PATCH 02/22] =?UTF-8?q?fix:=20flag=E3=81=AEtypo=E3=82=92?= =?UTF-8?q?=E7=9B=B4=E3=81=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_charts.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release_charts.yaml b/.github/workflows/release_charts.yaml index b89dcdecb..fc725de18 100644 --- a/.github/workflows/release_charts.yaml +++ b/.github/workflows/release_charts.yaml @@ -32,7 +32,7 @@ jobs: - name: Run chart-testing (list-changed) id: list-changed run: | - changed=$(ct list-changed --targer-branch main) + changed=$(ct list-changed --target-branch main) if [[ -n "$changed" ]]; then echo "::set-output name=changed::true" fi From 37acb48f58cb385bf5e2288f9ef98206c371090d Mon Sep 17 00:00:00 2001 From: Kory Date: Fri, 18 Mar 2022 23:12:51 +0900 Subject: [PATCH 03/22] =?UTF-8?q?refactor:=20release=5Fhelm=5Fcharts?= =?UTF-8?q?=E3=81=ABrename?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../workflows/{release_charts.yaml => release_helm_charts.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{release_charts.yaml => release_helm_charts.yaml} (100%) diff --git a/.github/workflows/release_charts.yaml b/.github/workflows/release_helm_charts.yaml similarity index 100% rename from .github/workflows/release_charts.yaml rename to .github/workflows/release_helm_charts.yaml From d6791ed6e0d69f14870bf6a0e37e955b9a7baaf3 Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 03:21:31 +0900 Subject: [PATCH 04/22] =?UTF-8?q?feat:=20proxy-k8s-argo-cd=20chart?= =?UTF-8?q?=E3=82=92=E8=BF=BD=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm-charts/proxy-k8s-argo-cd/Chart.yaml | 7 + helm-charts/proxy-k8s-argo-cd/values.yaml | 232 +++++++++++++++++++++ proxy-kubernetes/argocd-apps/argocd.yaml | 237 +--------------------- 3 files changed, 243 insertions(+), 233 deletions(-) create mode 100644 helm-charts/proxy-k8s-argo-cd/Chart.yaml create mode 100644 helm-charts/proxy-k8s-argo-cd/values.yaml diff --git a/helm-charts/proxy-k8s-argo-cd/Chart.yaml b/helm-charts/proxy-k8s-argo-cd/Chart.yaml new file mode 100644 index 000000000..6d6a8d771 --- /dev/null +++ b/helm-charts/proxy-k8s-argo-cd/Chart.yaml @@ -0,0 +1,7 @@ +apiVersion: v2 +name: proxy-k8s-argo-cd +version: 1.0.0 +dependencies: + - name: argo-cd + version: 4.2.0 + repository: https://argoproj.github.io/argo-helm diff --git a/helm-charts/proxy-k8s-argo-cd/values.yaml b/helm-charts/proxy-k8s-argo-cd/values.yaml new file mode 100644 index 000000000..fae1e5f0b --- /dev/null +++ b/helm-charts/proxy-k8s-argo-cd/values.yaml @@ -0,0 +1,232 @@ +# values for argo-cd. See +# https://github.com/argoproj/argo-helm/blob/3a2858aa98f607b495d34db0da2a7a3ecad3eaa0/charts/argo-cd/values.yaml +# for default values. +argo-cd: + controller: + ## Application controller metrics configuration + metrics: + # -- Deploy metrics service + enabled: true + service: + # -- Metrics service annotations + annotations: {} + # -- Metrics service labels + labels: {} + # -- Metrics service port + servicePort: 8082 + serviceMonitor: + # -- Enable a prometheus ServiceMonitor + enabled: true + # -- Prometheus ServiceMonitor interval + interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] + # -- Prometheus ServiceMonitor selector + selector: + prometheus: kube-prometheus + + # -- Prometheus ServiceMonitor namespace + namespace: "argocd" + # -- Prometheus ServiceMonitor labels + additionalLabels: {} + rules: + # -- Deploy a PrometheusRule for the application controller + enabled: true + # -- PrometheusRule.Spec for the application controller + spec: + - alert: ArgoAppMissing + expr: | + absent(argocd_app_info) + for: 15m + labels: + severity: critical + annotations: + summary: "[ArgoCD] No reported applications" + description: > + ArgoCD has not reported any applications data for the past 15 minutes which + means that it must be down or not functioning properly. This needs to be + resolved for this cloud to continue to maintain state. + - alert: ArgoAppNotSynced + expr: | + argocd_app_info{sync_status!="Synced"} == 1 + for: 12h + labels: + severity: warning + annotations: + summary: "[{{`{{$labels.name}}`}}] Application not synchronized" + description: > + The application [{{`{{$labels.name}}`}} has not been synchronized for over + 12 hours which means that the state of this cloud has drifted away from the + state inside Git. + selector: + prometheus: kube-prometheus + namespace: monitoring + additionalLabels: {} + server: + configEnabled: true + # -- [General Argo CD configuration] + # @default -- See [values.yaml] + config: + # Argo CD's externally facing base URL (optional). Required when configuring SSO + url: https://argocd.bungee-proxy-public.seichi.click + # Argo CD instance label key + application.instanceLabelKey: argocd.argoproj.io/instance + kustomize.buildOptions: --load-restrictor LoadRestrictionsNone + kustomize.buildOptions.v4.4.0: --output /tmp + dex.config: | + connectors: + - type: github + id: github + name: GitHub + config: + clientID: 6d77699f96a51159ce39 + clientSecret: $dex.github.clientSecret + orgs: + - name: GiganticMinecraft + rbacConfig: + # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). + # Policy rules are in the form: + # p, subject, resource, action, object, effect + # Role definitions and bindings are in the form: + # g, subject, inherited-subject + # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. + policy.csv: | + g, GiganticMinecraft:admin-team, role:admin + g, GiganticMinecraft:infra-collaborator, role:admin + # policy.default is the name of the default role which Argo CD will falls back to, when + # authorizing API requests (optional). If omitted or empty, users may be still be able to login, + # but will see no apps, projects, etc... + policy.default: role:readonly + ## Server metrics service configuration + metrics: + # -- Deploy metrics service + enabled: true + service: + # -- Metrics service annotations + annotations: {} + # -- Metrics service labels + labels: {} + # -- Metrics service port + servicePort: 8083 + serviceMonitor: + # -- Enable a prometheus ServiceMonitor + enabled: true + # -- Prometheus ServiceMonitor interval + interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] + # -- Prometheus ServiceMonitor selector + selector: + prometheus: kube-prometheus + + # -- Prometheus ServiceMonitor namespace + namespace: "argocd" + # -- Prometheus ServiceMonitor labels + additionalLabels: {} + ## Dex + dex: + metrics: + # -- Deploy metrics service + enabled: true + serviceMonitor: + # -- Enable a prometheus ServiceMonitor + enabled: true + # -- Prometheus ServiceMonitor interval + interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] + # -- Prometheus ServiceMonitor selector + selector: + prometheus: kube-prometheus + + # -- Prometheus ServiceMonitor namespace + namespace: "argocd" + # -- Prometheus ServiceMonitor labels + additionalLabels: {} + redis: + metrics: + # -- Deploy metrics service and redis-exporter sidecar + enabled: true + image: + # -- redis-exporter image repository + repository: quay.io/bitnami/redis-exporter + # -- redis-exporter image tag + tag: 1.26.0-debian-10-r2 + # -- redis-exporter image PullPolicy + imagePullPolicy: IfNotPresent + # -- Port to use for redis-exporter sidecar + containerPort: 9121 + # -- Resource limits and requests for redis-exporter sidecar + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 50m + memory: 64Mi + service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: None + # -- Metrics service annotations + annotations: {} + # -- Metrics service labels + labels: {} + # -- Metrics service port + servicePort: 9121 + # -- Metrics service port name + portName: http-metrics + serviceMonitor: + # -- Enable a prometheus ServiceMonitor + enabled: true + # -- Interval at which metrics should be scraped + interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] + # -- Prometheus ServiceMonitor selector + selector: + prometheus: kube-prometheus + + # -- Prometheus ServiceMonitor namespace + namespace: "argocd" + # -- Prometheus ServiceMonitor labels + additionalLabels: {} + ## Repo Server + repoServer: + ## Repo server metrics service configuration + metrics: + # -- Deploy metrics service + enabled: true + service: + # -- Metrics service annotations + annotations: {} + # -- Metrics service labels + labels: {} + # -- Metrics service port + servicePort: 8084 + serviceMonitor: + # -- Enable a prometheus ServiceMonitor + enabled: true + # -- Prometheus ServiceMonitor interval + interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] + # -- Prometheus ServiceMonitor selector + selector: + prometheus: kube-prometheus + + # -- Prometheus ServiceMonitor namespace + namespace: "argocd" + # -- Prometheus ServiceMonitor labels + additionalLabels: {} diff --git a/proxy-kubernetes/argocd-apps/argocd.yaml b/proxy-kubernetes/argocd-apps/argocd.yaml index a420c02b4..237277812 100644 --- a/proxy-kubernetes/argocd-apps/argocd.yaml +++ b/proxy-kubernetes/argocd-apps/argocd.yaml @@ -6,240 +6,11 @@ metadata: spec: project: default source: - chart: argo-cd - repoURL: https://argoproj.github.io/argo-helm - targetRevision: 3.33.5 + chart: proxy-k8s-argo-cd + repoURL: https://giganticminecraft.github.io/seichi_infra + targetRevision: 1.0.0 helm: - releaseName: argocd - values: | - controller: - ## Application controller metrics configuration - metrics: - # -- Deploy metrics service - enabled: true - service: - # -- Metrics service annotations - annotations: {} - # -- Metrics service labels - labels: {} - # -- Metrics service port - servicePort: 8082 - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: true - # -- Prometheus ServiceMonitor interval - interval: 30s - # -- Prometheus [RelabelConfigs] to apply to samples before scraping - relabelings: [] - # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion - metricRelabelings: [] - # -- Prometheus ServiceMonitor selector - selector: - prometheus: kube-prometheus - - # -- Prometheus ServiceMonitor namespace - namespace: "argocd" - # -- Prometheus ServiceMonitor labels - additionalLabels: {} - rules: - # -- Deploy a PrometheusRule for the application controller - enabled: true - # -- PrometheusRule.Spec for the application controller - spec: - - alert: ArgoAppMissing - expr: | - absent(argocd_app_info) - for: 15m - labels: - severity: critical - annotations: - summary: "[ArgoCD] No reported applications" - description: > - ArgoCD has not reported any applications data for the past 15 minutes which - means that it must be down or not functioning properly. This needs to be - resolved for this cloud to continue to maintain state. - - alert: ArgoAppNotSynced - expr: | - argocd_app_info{sync_status!="Synced"} == 1 - for: 12h - labels: - severity: warning - annotations: - summary: "[{{`{{$labels.name}}`}}] Application not synchronized" - description: > - The application [{{`{{$labels.name}}`}} has not been synchronized for over - 12 hours which means that the state of this cloud has drifted away from the - state inside Git. - selector: - prometheus: kube-prometheus - namespace: monitoring - additionalLabels: {} - server: - configEnabled: true - # -- [General Argo CD configuration] - # @default -- See [values.yaml] - config: - # Argo CD's externally facing base URL (optional). Required when configuring SSO - url: https://argocd.bungee-proxy-public.seichi.click - # Argo CD instance label key - application.instanceLabelKey: argocd.argoproj.io/instance - kustomize.buildOptions: --load-restrictor LoadRestrictionsNone - kustomize.buildOptions.v4.4.0: --output /tmp - dex.config: | - connectors: - - type: github - id: github - name: GitHub - config: - clientID: 6d77699f96a51159ce39 - clientSecret: $dex.github.clientSecret - orgs: - - name: GiganticMinecraft - rbacConfig: - # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). - # Policy rules are in the form: - # p, subject, resource, action, object, effect - # Role definitions and bindings are in the form: - # g, subject, inherited-subject - # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. - policy.csv: | - g, GiganticMinecraft:admin-team, role:admin - g, GiganticMinecraft:infra-collaborator, role:admin - # policy.default is the name of the default role which Argo CD will falls back to, when - # authorizing API requests (optional). If omitted or empty, users may be still be able to login, - # but will see no apps, projects, etc... - policy.default: role:readonly - ## Server metrics service configuration - metrics: - # -- Deploy metrics service - enabled: true - service: - # -- Metrics service annotations - annotations: {} - # -- Metrics service labels - labels: {} - # -- Metrics service port - servicePort: 8083 - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: true - # -- Prometheus ServiceMonitor interval - interval: 30s - # -- Prometheus [RelabelConfigs] to apply to samples before scraping - relabelings: [] - # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion - metricRelabelings: [] - # -- Prometheus ServiceMonitor selector - selector: - prometheus: kube-prometheus - - # -- Prometheus ServiceMonitor namespace - namespace: "argocd" - # -- Prometheus ServiceMonitor labels - additionalLabels: {} - ## Dex - dex: - metrics: - # -- Deploy metrics service - enabled: true - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: true - # -- Prometheus ServiceMonitor interval - interval: 30s - # -- Prometheus [RelabelConfigs] to apply to samples before scraping - relabelings: [] - # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion - metricRelabelings: [] - # -- Prometheus ServiceMonitor selector - selector: - prometheus: kube-prometheus - - # -- Prometheus ServiceMonitor namespace - namespace: "argocd" - # -- Prometheus ServiceMonitor labels - additionalLabels: {} - redis: - metrics: - # -- Deploy metrics service and redis-exporter sidecar - enabled: true - image: - # -- redis-exporter image repository - repository: quay.io/bitnami/redis-exporter - # -- redis-exporter image tag - tag: 1.26.0-debian-10-r2 - # -- redis-exporter image PullPolicy - imagePullPolicy: IfNotPresent - # -- Port to use for redis-exporter sidecar - containerPort: 9121 - # -- Resource limits and requests for redis-exporter sidecar - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 50m - memory: 64Mi - service: - # -- Metrics service type - type: ClusterIP - # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) - clusterIP: None - # -- Metrics service annotations - annotations: {} - # -- Metrics service labels - labels: {} - # -- Metrics service port - servicePort: 9121 - # -- Metrics service port name - portName: http-metrics - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: true - # -- Interval at which metrics should be scraped - interval: 30s - # -- Prometheus [RelabelConfigs] to apply to samples before scraping - relabelings: [] - # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion - metricRelabelings: [] - # -- Prometheus ServiceMonitor selector - selector: - prometheus: kube-prometheus - - # -- Prometheus ServiceMonitor namespace - namespace: "argocd" - # -- Prometheus ServiceMonitor labels - additionalLabels: {} - ## Repo Server - repoServer: - ## Repo server metrics service configuration - metrics: - # -- Deploy metrics service - enabled: true - service: - # -- Metrics service annotations - annotations: {} - # -- Metrics service labels - labels: {} - # -- Metrics service port - servicePort: 8084 - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: true - # -- Prometheus ServiceMonitor interval - interval: 30s - # -- Prometheus [RelabelConfigs] to apply to samples before scraping - relabelings: [] - # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion - metricRelabelings: [] - # -- Prometheus ServiceMonitor selector - selector: - prometheus: kube-prometheus - - # -- Prometheus ServiceMonitor namespace - namespace: "argocd" - # -- Prometheus ServiceMonitor labels - additionalLabels: {} + releaseName: proxy-k8s-argo-cd destination: server: https://kubernetes.default.svc namespace: argocd From a7b289361e07d549b960cb5e122fc258b6f535c4 Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 03:26:09 +0900 Subject: [PATCH 05/22] =?UTF-8?q?fix:=20ct=20lint=E3=81=8C=E5=A4=89?= =?UTF-8?q?=E6=9B=B4=E3=81=8C=E8=A1=8C=E3=82=8F=E3=82=8C=E3=81=9F=E6=99=82?= =?UTF-8?q?=E3=81=AE=E3=81=BF=E8=B5=B0=E3=82=8B=E3=82=88=E3=81=86=E3=81=AB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index fc725de18..03aaad449 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -38,6 +38,7 @@ jobs: fi - name: Run chart-testing (lint) + if: steps.list-changed.outputs.changed == 'true' run: ct lint - name: Create kind cluster From 22ba0b9ed8263aa6c0dd1ba6c07e1022010fe8d0 Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 03:26:20 +0900 Subject: [PATCH 06/22] =?UTF-8?q?fix:=20release=5Fhelm=5Fcharts=E3=81=AE?= =?UTF-8?q?=E5=AE=9F=E8=A1=8C=E3=82=B9=E3=82=B3=E3=83=BC=E3=83=97=E3=82=92?= =?UTF-8?q?=E5=A4=89=E3=81=88=E3=82=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index 03aaad449..15e262b3b 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -2,11 +2,9 @@ name: "Helm chart を更新・公開する" on: push: - # branches: - # - main # Only when a helm-chart is updated - # paths: - # - 'helm-charts/**' + paths: + - 'helm-charts/**' jobs: lint-test: @@ -43,13 +41,13 @@ jobs: - name: Create kind cluster uses: helm/kind-action@v1.2.0 - if: steps.list-changed.outputs.changed == 'true' - name: Run chart-testing (install) run: ct install release: runs-on: ubuntu-latest + if: ${{ github.ref == 'refs/heads/main' }} needs: ["lint-test"] steps: - name: Checkout From c877e7e20656780c6874ebfebe4f58028395ca28 Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 03:53:55 +0900 Subject: [PATCH 07/22] =?UTF-8?q?feat:=20additionalApplications=E3=81=ABAp?= =?UTF-8?q?p=20of=20Apps=E3=81=A7argocd=E8=87=AA=E8=BA=AB=E3=82=92?= =?UTF-8?q?=E8=BF=BD=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm-charts/proxy-k8s-argo-cd/values.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/helm-charts/proxy-k8s-argo-cd/values.yaml b/helm-charts/proxy-k8s-argo-cd/values.yaml index fae1e5f0b..48c7b547e 100644 --- a/helm-charts/proxy-k8s-argo-cd/values.yaml +++ b/helm-charts/proxy-k8s-argo-cd/values.yaml @@ -64,6 +64,7 @@ argo-cd: prometheus: kube-prometheus namespace: monitoring additionalLabels: {} + server: configEnabled: true # -- [General Argo CD configuration] @@ -127,6 +128,7 @@ argo-cd: namespace: "argocd" # -- Prometheus ServiceMonitor labels additionalLabels: {} + ## Dex dex: metrics: @@ -149,6 +151,7 @@ argo-cd: namespace: "argocd" # -- Prometheus ServiceMonitor labels additionalLabels: {} + redis: metrics: # -- Deploy metrics service and redis-exporter sidecar @@ -200,6 +203,7 @@ argo-cd: namespace: "argocd" # -- Prometheus ServiceMonitor labels additionalLabels: {} + ## Repo Server repoServer: ## Repo server metrics service configuration @@ -230,3 +234,20 @@ argo-cd: namespace: "argocd" # -- Prometheus ServiceMonitor labels additionalLabels: {} + + ## We will be using the App of Apps pattern (https://argo-cd.readthedocs.io/en/stable/operator-manual/cluster-bootstrapping/) + ## to manage a group of applications in our cluster. + ## This is the only application in this deployment. + additionalApplications: + - name: argo-cd + namespace: argo-cd + finalizers: + - resources-finalizer.argocd.argoproj.io + destination: + namespace: argo-cd + server: https://kubernetes.default.svc + project: default + source: + path: proxy-kubernetes/argocd-apps + repoURL: https://github.com/GiganticMinecraft/seichi_infra + targetRevision: HEAD From a7752b63f1bb64da9dc1aa6c4910d3eb6223e3aa Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 03:54:43 +0900 Subject: [PATCH 08/22] =?UTF-8?q?chore:=20argo-cd=E3=82=92argocd=E3=81=AB?= =?UTF-8?q?=E3=83=AA=E3=83=8D=E3=83=BC=E3=83=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm-charts/proxy-k8s-argo-cd/Chart.yaml | 2 +- helm-charts/proxy-k8s-argo-cd/values.yaml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/helm-charts/proxy-k8s-argo-cd/Chart.yaml b/helm-charts/proxy-k8s-argo-cd/Chart.yaml index 6d6a8d771..8396d97d7 100644 --- a/helm-charts/proxy-k8s-argo-cd/Chart.yaml +++ b/helm-charts/proxy-k8s-argo-cd/Chart.yaml @@ -2,6 +2,6 @@ apiVersion: v2 name: proxy-k8s-argo-cd version: 1.0.0 dependencies: - - name: argo-cd + - name: argocd version: 4.2.0 repository: https://argoproj.github.io/argo-helm diff --git a/helm-charts/proxy-k8s-argo-cd/values.yaml b/helm-charts/proxy-k8s-argo-cd/values.yaml index 48c7b547e..bc7fc8bde 100644 --- a/helm-charts/proxy-k8s-argo-cd/values.yaml +++ b/helm-charts/proxy-k8s-argo-cd/values.yaml @@ -239,12 +239,12 @@ argo-cd: ## to manage a group of applications in our cluster. ## This is the only application in this deployment. additionalApplications: - - name: argo-cd - namespace: argo-cd + - name: argocd + namespace: argocd finalizers: - resources-finalizer.argocd.argoproj.io destination: - namespace: argo-cd + namespace: argocd server: https://kubernetes.default.svc project: default source: From 4d59530ad5700870340b312a704944e235819ca4 Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 03:58:31 +0900 Subject: [PATCH 09/22] =?UTF-8?q?fix:=20chart=E3=81=AE=E6=9B=B4=E6=96=B0?= =?UTF-8?q?=E3=81=8C=E7=84=A1=E3=81=8B=E3=81=A3=E3=81=9F=E6=99=82=E3=81=AB?= =?UTF-8?q?lint/install=E3=82=92=E3=81=97=E3=81=AA=E3=81=84=E3=82=88?= =?UTF-8?q?=E3=81=86=E3=81=AB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index 15e262b3b..9602d7e1d 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -40,9 +40,11 @@ jobs: run: ct lint - name: Create kind cluster + if: steps.list-changed.outputs.changed == 'true' uses: helm/kind-action@v1.2.0 - name: Run chart-testing (install) + if: steps.list-changed.outputs.changed == 'true' run: ct install release: From 256adcf55a4fc67ab8918b5a472bff294904469a Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 04:03:55 +0900 Subject: [PATCH 10/22] =?UTF-8?q?fix:=20helm-charts=20=E3=82=92chart?= =?UTF-8?q?=E3=83=87=E3=82=A3=E3=83=AC=E3=82=AF=E3=83=88=E3=83=AA=E3=81=A8?= =?UTF-8?q?=E3=81=97=E3=81=A6=E6=8C=87=E5=AE=9A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index 9602d7e1d..fc6b64f51 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -37,7 +37,7 @@ jobs: - name: Run chart-testing (lint) if: steps.list-changed.outputs.changed == 'true' - run: ct lint + run: ct lint --chart-dirs helm-charts - name: Create kind cluster if: steps.list-changed.outputs.changed == 'true' @@ -45,7 +45,7 @@ jobs: - name: Run chart-testing (install) if: steps.list-changed.outputs.changed == 'true' - run: ct install + run: ct install --chart-dirs helm-charts release: runs-on: ubuntu-latest @@ -69,5 +69,7 @@ jobs: - name: Run chart-releaser uses: helm/chart-releaser-action@v1.3.0 + with: + charts_dir: helm-charts env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" From 94a8237d67bdfcc63432d65b9046d4848f13fbff Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 04:43:04 +0900 Subject: [PATCH 11/22] =?UTF-8?q?chore:=20=E4=B8=80=E6=99=82=E7=9A=84?= =?UTF-8?q?=E3=81=AB=E5=B8=B8=E3=81=ABrelease=5Fhelm=5Fcharts=E3=81=8C?= =?UTF-8?q?=E8=B5=B0=E3=82=8B=E3=82=88=E3=81=86=E3=81=AB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index fc6b64f51..d9ba129cc 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -3,8 +3,8 @@ name: "Helm chart を更新・公開する" on: push: # Only when a helm-chart is updated - paths: - - 'helm-charts/**' + # paths: + # - 'helm-charts/**' jobs: lint-test: From a1c286be615fbae68e106a1a35b46bf44983f451 Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 04:44:12 +0900 Subject: [PATCH 12/22] =?UTF-8?q?fix:=20list-changed=E3=81=ABchart-dirs?= =?UTF-8?q?=E3=82=92=E6=8C=87=E5=AE=9A=E3=81=99=E3=82=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index d9ba129cc..3ee21a303 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -30,7 +30,7 @@ jobs: - name: Run chart-testing (list-changed) id: list-changed run: | - changed=$(ct list-changed --target-branch main) + changed=$(ct list-changed --target-branch main --chart-dirs helm-charts) if [[ -n "$changed" ]]; then echo "::set-output name=changed::true" fi From a81b9eb2a7f5e6e31ec8598c98620ec4d6ad0b15 Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 04:59:42 +0900 Subject: [PATCH 13/22] =?UTF-8?q?fix:=20--target-branch=20main=20=E3=82=92?= =?UTF-8?q?=E6=8C=87=E5=AE=9A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index 3ee21a303..e2fe73eca 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -9,6 +9,7 @@ on: jobs: lint-test: runs-on: ubuntu-latest + env: steps: - name: Checkout uses: actions/checkout@v2 @@ -37,7 +38,7 @@ jobs: - name: Run chart-testing (lint) if: steps.list-changed.outputs.changed == 'true' - run: ct lint --chart-dirs helm-charts + run: ct lint --target-branch main --chart-dirs helm-charts - name: Create kind cluster if: steps.list-changed.outputs.changed == 'true' @@ -45,7 +46,7 @@ jobs: - name: Run chart-testing (install) if: steps.list-changed.outputs.changed == 'true' - run: ct install --chart-dirs helm-charts + run: ct install --target-branch main --chart-dirs helm-charts release: runs-on: ubuntu-latest From 31d5f69f720a1b98ac0e42770d7331980655d62c Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 05:01:05 +0900 Subject: [PATCH 14/22] =?UTF-8?q?fix:=20=E7=A9=BA=E3=81=AEenv=E3=83=9E?= =?UTF-8?q?=E3=83=83=E3=83=97=E3=82=92=E5=89=8A=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index e2fe73eca..31df7f5bb 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -9,7 +9,6 @@ on: jobs: lint-test: runs-on: ubuntu-latest - env: steps: - name: Checkout uses: actions/checkout@v2 From d9703d10f82fe992d9168c1ae08c4c6994ea18c8 Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 05:02:38 +0900 Subject: [PATCH 15/22] =?UTF-8?q?fix:=20argo-cd=E3=81=AEhelm=20chart?= =?UTF-8?q?=E5=90=8D=E3=81=AE=E5=8F=82=E7=85=A7=E3=81=8C=E5=A3=8A=E3=82=8C?= =?UTF-8?q?=E3=81=A6=E3=81=84=E3=82=8B=E3=81=AE=E3=82=92=E4=BF=AE=E6=AD=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm-charts/proxy-k8s-argo-cd/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm-charts/proxy-k8s-argo-cd/Chart.yaml b/helm-charts/proxy-k8s-argo-cd/Chart.yaml index 8396d97d7..6d6a8d771 100644 --- a/helm-charts/proxy-k8s-argo-cd/Chart.yaml +++ b/helm-charts/proxy-k8s-argo-cd/Chart.yaml @@ -2,6 +2,6 @@ apiVersion: v2 name: proxy-k8s-argo-cd version: 1.0.0 dependencies: - - name: argocd + - name: argo-cd version: 4.2.0 repository: https://argoproj.github.io/argo-helm From fbe5f7d85caf5871ad064898cc4ab5534300d2cb Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 05:09:57 +0900 Subject: [PATCH 16/22] =?UTF-8?q?fix:=20ct=20lint=20=E3=81=A7=20maintainer?= =?UTF-8?q?=20=E3=82=92=E7=A2=BA=E8=AA=8D=E3=81=97=E3=81=AA=E3=81=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index 31df7f5bb..d84ba4049 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -37,7 +37,10 @@ jobs: - name: Run chart-testing (lint) if: steps.list-changed.outputs.changed == 'true' - run: ct lint --target-branch main --chart-dirs helm-charts + run: | + ct lint \ + --target-branch main --chart-dirs helm-charts \ + --validate-maintainers false - name: Create kind cluster if: steps.list-changed.outputs.changed == 'true' From 079d0497298103951cdb7145b334a6e1f300a66a Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 05:11:40 +0900 Subject: [PATCH 17/22] =?UTF-8?q?feat:=20maintainers=20=E3=82=92=E3=82=84?= =?UTF-8?q?=E3=81=AF=E3=82=8A=20validate=20=E3=81=99=E3=82=8B=E3=82=88?= =?UTF-8?q?=E3=81=86=E3=81=AB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 5 +---- helm-charts/proxy-k8s-argo-cd/Chart.yaml | 2 ++ 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index d84ba4049..31df7f5bb 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -37,10 +37,7 @@ jobs: - name: Run chart-testing (lint) if: steps.list-changed.outputs.changed == 'true' - run: | - ct lint \ - --target-branch main --chart-dirs helm-charts \ - --validate-maintainers false + run: ct lint --target-branch main --chart-dirs helm-charts - name: Create kind cluster if: steps.list-changed.outputs.changed == 'true' diff --git a/helm-charts/proxy-k8s-argo-cd/Chart.yaml b/helm-charts/proxy-k8s-argo-cd/Chart.yaml index 6d6a8d771..ac13d6ce0 100644 --- a/helm-charts/proxy-k8s-argo-cd/Chart.yaml +++ b/helm-charts/proxy-k8s-argo-cd/Chart.yaml @@ -5,3 +5,5 @@ dependencies: - name: argo-cd version: 4.2.0 repository: https://argoproj.github.io/argo-helm +maintainers: + - name: GiganticMinecraft From 12140d8fed10258964cf89afb01ce6f2645d8759 Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 05:52:34 +0900 Subject: [PATCH 18/22] =?UTF-8?q?fix:=20chart-repos=E3=81=A7argocd?= =?UTF-8?q?=E3=81=AErepository=E3=82=92=E6=8C=87=E5=AE=9A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index 31df7f5bb..46bb29649 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -45,7 +45,9 @@ jobs: - name: Run chart-testing (install) if: steps.list-changed.outputs.changed == 'true' - run: ct install --target-branch main --chart-dirs helm-charts + run: | + ct install --target-branch main --chart-dirs helm-charts \ + --chart-repos argocd=https://argoproj.github.io/argo-helm release: runs-on: ubuntu-latest From dbdaab8e00dc4a2ccf2ffb6a6a7591f003fbf832 Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 06:05:51 +0900 Subject: [PATCH 19/22] =?UTF-8?q?docs:=20=E3=82=B3=E3=83=A1=E3=83=B3?= =?UTF-8?q?=E3=83=88=E3=82=92=E8=BF=BD=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index 46bb29649..aebf62a2d 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -46,6 +46,8 @@ jobs: - name: Run chart-testing (install) if: steps.list-changed.outputs.changed == 'true' run: | + # https://helm.sh/docs/topics/charts/#managing-dependencies-with-the-dependencies-field + # 明示的に chart-repos は設定してやる必要がある ct install --target-branch main --chart-dirs helm-charts \ --chart-repos argocd=https://argoproj.github.io/argo-helm From 5f1f53174f977f713ca0ad7c595e32ee9d288b7d Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 06:22:22 +0900 Subject: [PATCH 20/22] =?UTF-8?q?feat!:=20argo-cd=E3=81=AEprometheus=20ope?= =?UTF-8?q?rator=E3=81=AB=E9=96=A2=E3=81=99=E3=82=8B=E8=A8=AD=E5=AE=9A?= =?UTF-8?q?=E3=82=92=E3=81=99=E3=81=B9=E3=81=A6=E5=89=8A=E9=99=A4=E3=81=99?= =?UTF-8?q?=E3=82=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm-charts/proxy-k8s-argo-cd/values.yaml | 205 +--------------------- 1 file changed, 5 insertions(+), 200 deletions(-) diff --git a/helm-charts/proxy-k8s-argo-cd/values.yaml b/helm-charts/proxy-k8s-argo-cd/values.yaml index bc7fc8bde..fefbebe5f 100644 --- a/helm-charts/proxy-k8s-argo-cd/values.yaml +++ b/helm-charts/proxy-k8s-argo-cd/values.yaml @@ -2,80 +2,18 @@ # https://github.com/argoproj/argo-helm/blob/3a2858aa98f607b495d34db0da2a7a3ecad3eaa0/charts/argo-cd/values.yaml # for default values. argo-cd: - controller: - ## Application controller metrics configuration - metrics: - # -- Deploy metrics service - enabled: true - service: - # -- Metrics service annotations - annotations: {} - # -- Metrics service labels - labels: {} - # -- Metrics service port - servicePort: 8082 - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: true - # -- Prometheus ServiceMonitor interval - interval: 30s - # -- Prometheus [RelabelConfigs] to apply to samples before scraping - relabelings: [] - # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion - metricRelabelings: [] - # -- Prometheus ServiceMonitor selector - selector: - prometheus: kube-prometheus - - # -- Prometheus ServiceMonitor namespace - namespace: "argocd" - # -- Prometheus ServiceMonitor labels - additionalLabels: {} - rules: - # -- Deploy a PrometheusRule for the application controller - enabled: true - # -- PrometheusRule.Spec for the application controller - spec: - - alert: ArgoAppMissing - expr: | - absent(argocd_app_info) - for: 15m - labels: - severity: critical - annotations: - summary: "[ArgoCD] No reported applications" - description: > - ArgoCD has not reported any applications data for the past 15 minutes which - means that it must be down or not functioning properly. This needs to be - resolved for this cloud to continue to maintain state. - - alert: ArgoAppNotSynced - expr: | - argocd_app_info{sync_status!="Synced"} == 1 - for: 12h - labels: - severity: warning - annotations: - summary: "[{{`{{$labels.name}}`}}] Application not synchronized" - description: > - The application [{{`{{$labels.name}}`}} has not been synchronized for over - 12 hours which means that the state of this cloud has drifted away from the - state inside Git. - selector: - prometheus: kube-prometheus - namespace: monitoring - additionalLabels: {} - server: configEnabled: true # -- [General Argo CD configuration] # @default -- See [values.yaml] config: - # Argo CD's externally facing base URL (optional). Required when configuring SSO - url: https://argocd.bungee-proxy-public.seichi.click # Argo CD instance label key application.instanceLabelKey: argocd.argoproj.io/instance kustomize.buildOptions: --load-restrictor LoadRestrictionsNone kustomize.buildOptions.v4.4.0: --output /tmp + ## Following settings are required when configuring SSO + # Argo CD's externally facing base URL (optional). + url: https://argocd.bungee-proxy-public.seichi.click dex.config: | connectors: - type: github @@ -83,9 +21,10 @@ argo-cd: name: GitHub config: clientID: 6d77699f96a51159ce39 - clientSecret: $dex.github.clientSecret + clientSecret: $argocd-github-client-secret:dex.github.clientSecret orgs: - name: GiganticMinecraft + rbacConfig: # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). # Policy rules are in the form: @@ -100,140 +39,6 @@ argo-cd: # authorizing API requests (optional). If omitted or empty, users may be still be able to login, # but will see no apps, projects, etc... policy.default: role:readonly - ## Server metrics service configuration - metrics: - # -- Deploy metrics service - enabled: true - service: - # -- Metrics service annotations - annotations: {} - # -- Metrics service labels - labels: {} - # -- Metrics service port - servicePort: 8083 - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: true - # -- Prometheus ServiceMonitor interval - interval: 30s - # -- Prometheus [RelabelConfigs] to apply to samples before scraping - relabelings: [] - # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion - metricRelabelings: [] - # -- Prometheus ServiceMonitor selector - selector: - prometheus: kube-prometheus - - # -- Prometheus ServiceMonitor namespace - namespace: "argocd" - # -- Prometheus ServiceMonitor labels - additionalLabels: {} - - ## Dex - dex: - metrics: - # -- Deploy metrics service - enabled: true - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: true - # -- Prometheus ServiceMonitor interval - interval: 30s - # -- Prometheus [RelabelConfigs] to apply to samples before scraping - relabelings: [] - # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion - metricRelabelings: [] - # -- Prometheus ServiceMonitor selector - selector: - prometheus: kube-prometheus - - # -- Prometheus ServiceMonitor namespace - namespace: "argocd" - # -- Prometheus ServiceMonitor labels - additionalLabels: {} - - redis: - metrics: - # -- Deploy metrics service and redis-exporter sidecar - enabled: true - image: - # -- redis-exporter image repository - repository: quay.io/bitnami/redis-exporter - # -- redis-exporter image tag - tag: 1.26.0-debian-10-r2 - # -- redis-exporter image PullPolicy - imagePullPolicy: IfNotPresent - # -- Port to use for redis-exporter sidecar - containerPort: 9121 - # -- Resource limits and requests for redis-exporter sidecar - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 50m - memory: 64Mi - service: - # -- Metrics service type - type: ClusterIP - # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) - clusterIP: None - # -- Metrics service annotations - annotations: {} - # -- Metrics service labels - labels: {} - # -- Metrics service port - servicePort: 9121 - # -- Metrics service port name - portName: http-metrics - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: true - # -- Interval at which metrics should be scraped - interval: 30s - # -- Prometheus [RelabelConfigs] to apply to samples before scraping - relabelings: [] - # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion - metricRelabelings: [] - # -- Prometheus ServiceMonitor selector - selector: - prometheus: kube-prometheus - - # -- Prometheus ServiceMonitor namespace - namespace: "argocd" - # -- Prometheus ServiceMonitor labels - additionalLabels: {} - - ## Repo Server - repoServer: - ## Repo server metrics service configuration - metrics: - # -- Deploy metrics service - enabled: true - service: - # -- Metrics service annotations - annotations: {} - # -- Metrics service labels - labels: {} - # -- Metrics service port - servicePort: 8084 - serviceMonitor: - # -- Enable a prometheus ServiceMonitor - enabled: true - # -- Prometheus ServiceMonitor interval - interval: 30s - # -- Prometheus [RelabelConfigs] to apply to samples before scraping - relabelings: [] - # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion - metricRelabelings: [] - # -- Prometheus ServiceMonitor selector - selector: - prometheus: kube-prometheus - - # -- Prometheus ServiceMonitor namespace - namespace: "argocd" - # -- Prometheus ServiceMonitor labels - additionalLabels: {} ## We will be using the App of Apps pattern (https://argo-cd.readthedocs.io/en/stable/operator-manual/cluster-bootstrapping/) ## to manage a group of applications in our cluster. From cbfdbe972cc1695374de3259559ab376c684f7e9 Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 06:31:31 +0900 Subject: [PATCH 21/22] =?UTF-8?q?feat:=20proxy-k8s-argo-cd=E3=81=AE?= =?UTF-8?q?=E8=A8=AD=E5=AE=9A=E3=82=92=E6=9C=80=E4=BD=8E=E9=99=90=E3=81=AB?= =?UTF-8?q?=E3=81=99=E3=82=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm-charts/proxy-k8s-argo-cd/values.yaml | 38 ----------------------- proxy-kubernetes/argocd-apps/argocd.yaml | 38 +++++++++++++++++++++++ 2 files changed, 38 insertions(+), 38 deletions(-) diff --git a/helm-charts/proxy-k8s-argo-cd/values.yaml b/helm-charts/proxy-k8s-argo-cd/values.yaml index fefbebe5f..e1423f10a 100644 --- a/helm-charts/proxy-k8s-argo-cd/values.yaml +++ b/helm-charts/proxy-k8s-argo-cd/values.yaml @@ -2,44 +2,6 @@ # https://github.com/argoproj/argo-helm/blob/3a2858aa98f607b495d34db0da2a7a3ecad3eaa0/charts/argo-cd/values.yaml # for default values. argo-cd: - server: - configEnabled: true - # -- [General Argo CD configuration] - # @default -- See [values.yaml] - config: - # Argo CD instance label key - application.instanceLabelKey: argocd.argoproj.io/instance - kustomize.buildOptions: --load-restrictor LoadRestrictionsNone - kustomize.buildOptions.v4.4.0: --output /tmp - ## Following settings are required when configuring SSO - # Argo CD's externally facing base URL (optional). - url: https://argocd.bungee-proxy-public.seichi.click - dex.config: | - connectors: - - type: github - id: github - name: GitHub - config: - clientID: 6d77699f96a51159ce39 - clientSecret: $argocd-github-client-secret:dex.github.clientSecret - orgs: - - name: GiganticMinecraft - - rbacConfig: - # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). - # Policy rules are in the form: - # p, subject, resource, action, object, effect - # Role definitions and bindings are in the form: - # g, subject, inherited-subject - # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. - policy.csv: | - g, GiganticMinecraft:admin-team, role:admin - g, GiganticMinecraft:infra-collaborator, role:admin - # policy.default is the name of the default role which Argo CD will falls back to, when - # authorizing API requests (optional). If omitted or empty, users may be still be able to login, - # but will see no apps, projects, etc... - policy.default: role:readonly - ## We will be using the App of Apps pattern (https://argo-cd.readthedocs.io/en/stable/operator-manual/cluster-bootstrapping/) ## to manage a group of applications in our cluster. ## This is the only application in this deployment. diff --git a/proxy-kubernetes/argocd-apps/argocd.yaml b/proxy-kubernetes/argocd-apps/argocd.yaml index 6d6ee0fdd..c277faba9 100644 --- a/proxy-kubernetes/argocd-apps/argocd.yaml +++ b/proxy-kubernetes/argocd-apps/argocd.yaml @@ -11,6 +11,44 @@ spec: targetRevision: 1.0.0 helm: releaseName: proxy-k8s-argo-cd + values: | + server: + configEnabled: true + # -- [General Argo CD configuration] + # @default -- See [values.yaml] + config: + # Argo CD instance label key + application.instanceLabelKey: argocd.argoproj.io/instance + kustomize.buildOptions: --load-restrictor LoadRestrictionsNone + kustomize.buildOptions.v4.4.0: --output /tmp + ## Following settings are required when configuring SSO + # Argo CD's externally facing base URL (optional). + url: https://argocd.bungee-proxy-public.seichi.click + dex.config: | + connectors: + - type: github + id: github + name: GitHub + config: + clientID: 6d77699f96a51159ce39 + clientSecret: $argocd-github-client-secret:dex.github.clientSecret + orgs: + - name: GiganticMinecraft + + rbacConfig: + # policy.csv is an file containing user-defined RBAC policies and role definitions (optional). + # Policy rules are in the form: + # p, subject, resource, action, object, effect + # Role definitions and bindings are in the form: + # g, subject, inherited-subject + # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information. + policy.csv: | + g, GiganticMinecraft:admin-team, role:admin + g, GiganticMinecraft:infra-collaborator, role:admin + # policy.default is the name of the default role which Argo CD will falls back to, when + # authorizing API requests (optional). If omitted or empty, users may be still be able to login, + # but will see no apps, projects, etc... + policy.default: role:readonly destination: server: https://kubernetes.default.svc namespace: argocd From 6eaa32eaccac381fef38fce93b6eab8675d3cc0a Mon Sep 17 00:00:00 2001 From: Kory Date: Sat, 19 Mar 2022 06:50:24 +0900 Subject: [PATCH 22/22] =?UTF-8?q?feat!:=20ct=20install=E3=82=B9=E3=83=86?= =?UTF-8?q?=E3=83=83=E3=83=97=E3=82=92=E5=89=8A=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release_helm_charts.yaml | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml index aebf62a2d..11ecebcfa 100644 --- a/.github/workflows/release_helm_charts.yaml +++ b/.github/workflows/release_helm_charts.yaml @@ -7,7 +7,7 @@ on: # - 'helm-charts/**' jobs: - lint-test: + lint: runs-on: ubuntu-latest steps: - name: Checkout @@ -39,22 +39,10 @@ jobs: if: steps.list-changed.outputs.changed == 'true' run: ct lint --target-branch main --chart-dirs helm-charts - - name: Create kind cluster - if: steps.list-changed.outputs.changed == 'true' - uses: helm/kind-action@v1.2.0 - - - name: Run chart-testing (install) - if: steps.list-changed.outputs.changed == 'true' - run: | - # https://helm.sh/docs/topics/charts/#managing-dependencies-with-the-dependencies-field - # 明示的に chart-repos は設定してやる必要がある - ct install --target-branch main --chart-dirs helm-charts \ - --chart-repos argocd=https://argoproj.github.io/argo-helm - release: runs-on: ubuntu-latest if: ${{ github.ref == 'refs/heads/main' }} - needs: ["lint-test"] + needs: ["lint"] steps: - name: Checkout uses: actions/checkout@v2