argocd: Deploy Argo CD

[Argo CD] is a Kubernetes-native GitOps/continuous deployment manager. It monitors the state of Kubnernetes resources, such as Pods, Deployments, ConfigMaps, Secrets, and Custom Resources, and synchronizes them with their canonical definitions from a Git repository. *Argo CD* consists of various components, including a Repository Service, an Application Controller, a Notification Controller, and an API server/Web UI. It also has some optional components, such as a bundled Dex server for authentication/authorization, and an ApplicationSet controller, which we will not be using. [Argo CD]: https://argo-cd.readthedocs.io/
2023-10-14 09:35:08 -05:00
parent 8ccac0e845
commit fdbf1d3432
16 changed files with 320 additions and 0 deletions
--- a/argocd/kustomization.yaml
+++ b/argocd/kustomization.yaml
@@ -0,0 +1,116 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: argocd
+
+resources:
+- namespace.yaml
+- https://raw.githubusercontent.com/argoproj/argo-cd/v2.8.4/manifests/install.yaml
+- ingress.yaml
+
+configMapGenerator:
+- name: argocd-cm
+  behavior: merge
+  literals:
+  - url=https://argocd.pyrocufflink.blue
+  files:
+  - oidc.config
+
+- name: argocd-rbac-cm
+  behavior: merge
+  literals:
+  - policy.default=role:readonly
+  files:
+  - policy.csv
+
+patches:
+- patch: |-
+    $patch: delete
+    apiVersion: apiextensions.k8s.io/v1
+    kind: CustomResourceDefinition
+    metadata:
+      name: applicationsets.argoproj.io
+
+- patch: |-
+    $patch: delete
+    apiVersion: v1
+    kind: ServiceAccount
+    metadata:
+      name: argocd-applicationset-controller
+
+- patch: |-
+    $patch: delete
+    apiVersion: v1
+    kind: ServiceAccount
+    metadata:
+      name: argocd-dex-server
+
+- patch: |-
+    $patch: delete
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: Role
+    metadata:
+      name: argocd-applicationset-controller
+
+- patch: |-
+    $patch: delete
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: Role
+    metadata:
+      name: argocd-dex-server
+
+- patch: |-
+    $patch: delete
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: RoleBinding
+    metadata:
+      name: argocd-applicationset-controller
+
+- patch: |-
+    $patch: delete
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: RoleBinding
+    metadata:
+      name: argocd-dex-server
+
+- patch: |-
+    $patch: delete
+    apiVersion: v1
+    kind: Service
+    metadata:
+      name: argocd-applicationset-controller
+
+- patch: |-
+    $patch: delete
+    apiVersion: v1
+    kind: Service
+    metadata:
+      name: argocd-dex-server
+
+- patch: |-
+    $patch: delete
+    apiVersion: apps/v1
+    kind: Deployment
+    metadata:
+      name: argocd-applicationset-controller
+
+- patch: |-
+    $patch: delete
+    apiVersion: apps/v1
+    kind: Deployment
+    metadata:
+      name: argocd-dex-server
+
+- patch: |-
+    $patch: delete
+    apiVersion: networking.k8s.io/v1
+    kind: NetworkPolicy
+    metadata:
+      name: argocd-applicationset-controller-network-policy
+
+- patch: |-
+    $patch: delete
+    apiVersion: networking.k8s.io/v1
+    kind: NetworkPolicy
+    metadata:
+      name: argocd-dex-server-network-policy