├── LICENSE ├── README.md ├── ch01 ├── basic-gitops-operator-config │ ├── deployment.yaml │ └── namespace.yaml ├── basic-gitops-operator │ ├── go.mod │ ├── go.sum │ └── main.go ├── declarative-files │ ├── deployment.yaml │ └── namespace.yaml ├── declarative-folder │ ├── deployment.yaml │ └── namespace.yaml └── imperative-config │ ├── deployment.yaml │ ├── namespace-with-labels.yaml │ └── namespace.yaml ├── ch02 ├── README.md ├── argo-app │ └── application.yaml └── kind.yaml ├── ch03 ├── argocd-app.yaml ├── argocd-notifications-app.yaml ├── disaster-recovery │ └── backup-2021-09-15_18-16.yml ├── kustomize-installation │ ├── kustomization.yaml │ ├── patches │ │ ├── argocd-application-controller-statefulset.yaml │ │ ├── argocd-cm.yaml │ │ ├── argocd-repo-server-deployment.yaml │ │ └── argocd-server-deployment.yaml │ └── resources │ │ └── namespace.yaml ├── notifications │ ├── kustomization.yaml │ └── patches │ │ └── argocd-notifications-cm.yaml └── servicemonitor │ ├── servicemonitor-argocd-metrics.yaml │ ├── servicemonitor-argocd-repo-server-metrics.yaml │ └── servicemonitor-argocd-server-metrics.yaml ├── ch04 ├── kustomize-installation │ ├── argocd-app.yaml │ ├── argocd-proj.yaml │ ├── kustomization.yaml │ ├── patches │ │ ├── argocd-cm.yaml │ │ └── argocd-rbac-cm.yaml │ └── resources │ │ └── namespace.yaml └── sso-setup │ ├── ArgoCDSSO_schema.json │ ├── argocd-cm.yaml │ ├── argocd-dex-server-deployment.yaml │ └── argocd-rbac-cm.yaml ├── ch05 ├── .gitignore ├── applications │ ├── argo-rollouts │ │ └── install.yaml │ ├── argocd-ui │ │ ├── Chart.yaml │ │ ├── templates │ │ │ └── argocd-ui.yaml │ │ └── values.yaml │ ├── argocd │ │ ├── argo-teams.yaml │ │ └── argocd-cm.yaml │ ├── istio-control-plane │ │ └── istio-control-plane.yaml │ └── master-utilities │ │ ├── Chart.yaml │ │ └── templates │ │ ├── argocd-ui.yaml │ │ ├── external-dns.yaml │ │ ├── istio-operator.yaml │ │ └── istio.yaml ├── k8s-bootstrap │ ├── base │ │ ├── argo-applicationset.yaml │ │ ├── argo-rollouts.yaml │ │ ├── argocd.yaml │ │ ├── blue-green.yaml │ │ ├── bootstrap-applicationset.yaml │ │ ├── kustomization.yaml │ │ └── namespace.yaml │ └── bootstrap │ │ ├── argocd-server.yaml │ │ └── kustomization.yaml └── terraform │ ├── argocd.tf │ ├── eks.tf │ ├── iam.tf │ ├── network.tf │ ├── outputs.tf │ ├── provider.tf │ ├── server.yaml │ ├── variables.tf │ └── versions.tf ├── ch06 ├── .gitignore ├── automated-blue-green │ ├── .github │ │ └── workflows │ │ │ ├── cd.yaml │ │ │ └── ci.yaml │ ├── Dockerfile │ ├── Makefile │ ├── cmd │ │ └── main.go │ ├── deployments │ │ ├── argo │ │ │ ├── rollout.yaml │ │ │ ├── service-green.yaml │ │ │ └── servive-blue.yaml │ │ └── integration-tests │ │ │ ├── integration-job.yaml │ │ │ ├── rbac.yaml │ │ │ └── rollout-job.yaml │ └── go.mod └── simple-blue-green │ ├── app │ ├── Dockerfile │ ├── Makefile │ ├── cmd │ │ └── main.go │ └── go.mod │ ├── blue.yaml │ ├── green.yaml │ ├── service-v1.yaml │ └── service-v2.yaml ├── ch07 ├── day-to-day │ └── custom-helm │ │ └── values-overwrite.yaml ├── initial-setup │ ├── argocd-nonprod-app.yaml │ ├── argocd-nonprod │ │ ├── kustomization.yaml │ │ └── resources │ │ │ └── namespace.yaml │ ├── argocd-platform-app.yaml │ ├── argocd-platform │ │ ├── kustomization.yaml │ │ ├── output.yaml │ │ ├── patches │ │ │ ├── argocd-application-controller-clusterrolebinding.yaml │ │ │ └── argocd-server-clusterrolebinding.yaml │ │ └── resources │ │ │ └── namespace.yaml │ ├── argocd-prod-app.yaml │ └── argocd-prod │ │ ├── kustomization.yaml │ │ └── resources │ │ └── namespace.yaml └── performance-improvements │ ├── helm-installation │ └── override-values.yaml │ ├── kustomization.yaml │ └── patches │ ├── argocd-application-controller-statefulset.yaml │ └── argocd-repo-server-deployment.yaml ├── ch08 ├── Helm │ ├── traefik-application.yaml │ ├── traefik-umbrella │ │ ├── Chart.yaml │ │ └── values.yaml │ └── validate-template.sh ├── conftest │ ├── manifests │ │ ├── deployment.yaml │ │ └── poddisruptionbudget.yaml │ └── policy │ │ └── deployment.rego ├── kube-score │ └── enforcing-best-practices.sh └── kubeconform │ └── validate-schema.sh └── ch09 ├── cli-utils-example └── deployment.yaml └── namespaced ├── example └── deployment.yaml └── namespaced.yaml /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2021 Packt 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | # Argo CD in Practice 5 | 6 | Early Access 7 | 8 | This is the code repository for [Argo CD in Practice](https://www.packtpub.com/product/argo-cd-in-practice/9781803233321?utm_source=github&utm_medium=repository&utm_campaign=9781803233321), published by Packt. 9 | 10 | **The GitOps way of managing cloud-native applications** 11 | 12 | ## What is this book about? 13 | GitOps follows the practices of infrastructure as code (IaC), allowing developers to use their day-to-day tools and practices such as source control and pull requests to manage apps. With this book, you’ll understand how to apply GitOps bootstrap clusters in a repeatable manner, build CD pipelines for cloud native apps running on Kubernetes, and minimize the failure of deployments. 14 | 15 | This book covers the following exciting features: 16 | Understand GitOps principles and how they relate to IaC 17 | Discover how Argo CD sets the background for reconciling Git state with the cluster state 18 | Run Argo CD in production with an emphasis on reliability and troubleshooting 19 | Bootstrap Kubernetes clusters with essential utilities following the GitOps approach 20 | Set up a CD pipeline and minimize the failure of deployments 21 | Explore ways to verify and validate the YAML you put together when working with Kubernetes 22 | Understand the democratization of GitOps and how the GitOps engine will enable its further adoption 23 | 24 | If you feel this book is for you, get your [copy](https://www.amazon.com/dp/180323332X) today! 25 | 26 | https://www.packtpub.com/ 28 | 29 | ## Instructions and Navigations 30 | All of the code is organized into folders. For example, ch01. 31 | 32 | The code will look like the following: 33 | ``` 34 | apiVersion: v1 35 | kind: ConfigMap 36 | metadata: 37 | name: argocd-cm 38 | data: 39 | accounts.alina: apiKey, login 40 | ``` 41 | 42 | **Following is what you need for this book:** 43 | If you’re a software developer, DevOps engineer, or SRE who is responsible for building CD pipelines for projects running on Kubernetes and wants to advance in your career, this book is for you. Basic knowledge of Kubernetes, Helm, or Kustomize and CD pipelines will help you to get the most out of this book. 44 | 45 | With the following software and hardware list you can run all code files present in the book (Chapter 1-9). 46 | ### Software and Hardware List 47 | | Software required | OS required | 48 | | ------------------------------------ | ----------------------------------- | 49 | | Argo CD v2.1 and v2.2 | Windows, macOS, or Linux | 50 | 51 | 52 | We also provide a PDF file that has color images of the screenshots/diagrams used in this book. [Click here to download it](https://packt.link/HfXCL). 53 | 54 | ### Related products 55 | * The Kubernetes Bible [[Packt]](https://www.packtpub.com/product/the-kubernetes-bible/9781838827694?utm_source=github&utm_medium=repository&utm_campaign=9781838827694) [[Amazon]](https://www.amazon.com/dp/1838827692) 56 | 57 | * Learning DevOps - Second Edition [[Packt]](https://www.packtpub.com/product/learning-devops-second-edition/9781801818964?utm_source=github&utm_medium=repository&utm_campaign=9781801818964) [[Amazon]](https://www.amazon.com/dp/1801818967) 58 | 59 | ## Get to Know the Authors 60 | **Spiros Economakis** 61 | started as a Software Engineer in 2010 and went through a series of jobs and roles from Software Engineer, Software Architect to Head of Cloud. In 2013 founded its own startup and that was the first touch with DevOps culture and built with a small team a couple of CI/CD pipelines for a microservice architecture and mobile apps releases. After this in most of the companies involved to influence DevOps culture and automation. 62 | 63 | In 2019 started as an SRE in Lenses (acquired by Celonis) and soon influenced the organization with Kubernetes, GitOps, Cloud and transitioned to a position as Head of Cloud where he introduced GitOps across the whole company and used Argo CD for bootstrapping k8s clusters with utilities and continuous delivery applications. Now he works in an open-source company which is called Mattermost as a Senior Engineering Manager/SRE where he transformed the old GitOps approach (fluxcd) to GitOps v2.0 with Argo CD and built a scalable architecture for multi-tenancy. 64 | 65 | 66 | **Liviu Costea** 67 | started as a developer in the early 2000 and his career path took him to different roles from Developer to Coding Architect and from Team Lead to CTO. In 2012 he transitioned to DevOps, when at a small company, someone had to start working on pipelines and automation because the traditional way wasn’t scalable anymore. 68 | 69 | In 2018 he started with the Platform Team and then he was the Tech Lead in the Release Team at Mambu, where they designed most of the CI/CD pipelines, adopting GitOps practices. They have been live with Argo CD since 2019. More recently he joined Juni, a promising startup, where they are planning the GitOps adoption. For his contributions to OSS projects, including Argo CD, he was named CNCF Ambassador in August 2020. 70 | 71 | 72 | ### Download a free PDF 73 | 74 | If you have already purchased a print or Kindle version of this book, you can get a DRM-free PDF version at no cost.
Simply click on the link to claim your free PDF. 75 |

https://packt.link/free-ebook/9781803233321

-------------------------------------------------------------------------------- /ch01/basic-gitops-operator-config/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: nginx 5 | namespace: nginx 6 | spec: 7 | selector: 8 | matchLabels: 9 | app: nginx 10 | template: 11 | metadata: 12 | labels: 13 | app: nginx 14 | spec: 15 | containers: 16 | - name: nginx 17 | image: nginx 18 | -------------------------------------------------------------------------------- /ch01/basic-gitops-operator-config/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: nginx 5 | -------------------------------------------------------------------------------- /ch01/basic-gitops-operator/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/lcostea/basic-gitops-operator 2 | 3 | go 1.16 4 | 5 | require ( 6 | github.com/go-git/go-git/v5 v5.4.2 7 | github.com/google/go-cmp v0.5.5 // indirect 8 | golang.org/x/net v0.0.0-20210520170846-37e1c6afe023 // indirect 9 | golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 // indirect 10 | golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d // indirect 11 | gopkg.in/yaml.v2 v2.4.0 // indirect 12 | gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect 13 | ) 14 | -------------------------------------------------------------------------------- /ch01/basic-gitops-operator/go.sum: -------------------------------------------------------------------------------- 1 | github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= 2 | github.com/Microsoft/go-winio v0.4.16 h1:FtSW/jqD+l4ba5iPBj9CODVtgfYAD8w2wS923g/cFDk= 3 | github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= 4 | github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7 h1:YoJbenK9C67SkzkDfmQuVln04ygHj3vjZfd9FL+GmQQ= 5 | github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= 6 | github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk= 7 | github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= 8 | github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA= 9 | github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= 10 | github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= 11 | github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= 12 | github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= 13 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 14 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= 15 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 16 | github.com/emirpasic/gods v1.12.0 h1:QAUIPSaCu4G+POclxeqb3F+WPpdKqFGlw36+yOzGlrg= 17 | github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= 18 | github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= 19 | github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0= 20 | github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= 21 | github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= 22 | github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= 23 | github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= 24 | github.com/go-git/go-billy/v5 v5.3.1 h1:CPiOUAzKtMRvolEKw+bG1PLRpT7D3LIs3/3ey4Aiu34= 25 | github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= 26 | github.com/go-git/go-git-fixtures/v4 v4.2.1 h1:n9gGL1Ct/yIw+nfsfr8s4+sbhT+Ncu2SubfXjIWgci8= 27 | github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= 28 | github.com/go-git/go-git/v5 v5.4.2 h1:BXyZu9t0VkbiHtqrsvdq39UDhGJTl1h55VW6CSC4aY4= 29 | github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc= 30 | github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= 31 | github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= 32 | github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= 33 | github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= 34 | github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= 35 | github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= 36 | github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= 37 | github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= 38 | github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 h1:DowS9hvgyYSX4TO5NpyC606/Z4SxnNYbT+WX27or6Ck= 39 | github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= 40 | github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= 41 | github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= 42 | github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= 43 | github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= 44 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= 45 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= 46 | github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= 47 | github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= 48 | github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A= 49 | github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= 50 | github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= 51 | github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= 52 | github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= 53 | github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 54 | github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= 55 | github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 56 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 57 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 58 | github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0= 59 | github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= 60 | github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= 61 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 62 | github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 63 | github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= 64 | github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= 65 | github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= 66 | github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 67 | github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI= 68 | github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= 69 | golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 70 | golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= 71 | golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b h1:7mWr3k41Qtv8XlltBkDkl8LoP3mpSgBW8BUoxtEdbXg= 72 | golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= 73 | golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= 74 | golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= 75 | golang.org/x/net v0.0.0-20210520170846-37e1c6afe023 h1:ADo5wSpq2gqaCGQWzk7S5vd//0iyyLeAratkEoG5dLE= 76 | golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= 77 | golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 78 | golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 79 | golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 80 | golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 81 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 82 | golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 83 | golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 84 | golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 85 | golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 86 | golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 h1:RqytpXGR1iVNX7psjB3ff8y7sNFinVFvkx1c8SjBkio= 87 | golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 88 | golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= 89 | golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d h1:SZxvLBoTP5yHO3Frd4z4vrF+DBX9vMVanchswa69toE= 90 | golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= 91 | golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= 92 | golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= 93 | golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= 94 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 95 | golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 96 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 97 | gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 98 | gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 99 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= 100 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= 101 | gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME= 102 | gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= 103 | gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 104 | gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 105 | gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 106 | gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= 107 | gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= 108 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 109 | gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= 110 | gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 111 | -------------------------------------------------------------------------------- /ch01/basic-gitops-operator/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | "os" 6 | "os/exec" 7 | "path" 8 | "time" 9 | 10 | "github.com/go-git/go-git/v5" 11 | ) 12 | 13 | func main() { 14 | timerSec := 5 * time.Second 15 | gitopsRepo := "https://github.com/PacktPublishing/ArgoCD-in-Practice.git" 16 | localPath := "tmp/" 17 | pathToApply := "ch01/basic-gitops-operator-config" 18 | for { 19 | fmt.Println("start repo sync") 20 | err := syncRepo(gitopsRepo, localPath) 21 | if err != nil { 22 | fmt.Printf("repo sync error: %s", err) 23 | return 24 | } 25 | fmt.Println("start manifests apply") 26 | err = applyManifestsClient(path.Join(localPath, pathToApply)) 27 | if err != nil { 28 | fmt.Printf("manifests apply error: %s", err) 29 | } 30 | syncTimer := time.NewTimer(timerSec) 31 | fmt.Printf("\n next sync in %s \n", timerSec) 32 | <-syncTimer.C 33 | } 34 | } 35 | 36 | func syncRepo(repoUrl, localPath string) error { 37 | _, err := git.PlainClone(localPath, false, &git.CloneOptions{ 38 | URL: repoUrl, 39 | Progress: os.Stdout, 40 | }) 41 | 42 | if err == git.ErrRepositoryAlreadyExists { 43 | repo, err := git.PlainOpen(localPath) 44 | if err != nil { 45 | return err 46 | } 47 | w, err := repo.Worktree() 48 | if err != nil { 49 | return err 50 | } 51 | err = w.Pull(&git.PullOptions{ 52 | RemoteName: "origin", 53 | Progress: os.Stdout, 54 | }) 55 | // the library returns an "Already up to date" error if there is nothing to pull 56 | // but in our case we don't consider it an error 57 | if err == git.NoErrAlreadyUpToDate { 58 | return nil 59 | } 60 | return err 61 | } 62 | return err 63 | } 64 | 65 | func applyManifestsClient(localPath string) error { 66 | dir, err := os.Getwd() 67 | if err != nil { 68 | return err 69 | } 70 | 71 | cmd := exec.Command("kubectl", "apply", "-f", path.Join(dir, localPath)) 72 | cmd.Stdout = os.Stdout 73 | cmd.Stderr = os.Stderr 74 | err = cmd.Run() 75 | return err 76 | } 77 | -------------------------------------------------------------------------------- /ch01/declarative-files/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: nginx 5 | namespace: declarative-files 6 | spec: 7 | selector: 8 | matchLabels: 9 | app: nginx 10 | template: 11 | metadata: 12 | labels: 13 | app: nginx 14 | spec: 15 | containers: 16 | - name: nginx 17 | image: nginx 18 | -------------------------------------------------------------------------------- /ch01/declarative-files/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: declarative-files 5 | labels: 6 | namespace: declarative-files 7 | -------------------------------------------------------------------------------- /ch01/declarative-folder/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: nginx 5 | namespace: declarative-folder 6 | spec: 7 | selector: 8 | matchLabels: 9 | app: nginx 10 | template: 11 | metadata: 12 | labels: 13 | app: nginx 14 | spec: 15 | containers: 16 | - name: nginx 17 | image: nginx 18 | -------------------------------------------------------------------------------- /ch01/declarative-folder/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: declarative-folder 5 | -------------------------------------------------------------------------------- /ch01/imperative-config/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: nginx-deployment 5 | namespace: imperative-config-test 6 | spec: 7 | selector: 8 | matchLabels: 9 | app: nginx 10 | template: 11 | metadata: 12 | labels: 13 | app: nginx 14 | spec: 15 | containers: 16 | - name: nginx 17 | image: nginx -------------------------------------------------------------------------------- /ch01/imperative-config/namespace-with-labels.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: imperative-config-test 5 | labels: 6 | name: imperative-config-test 7 | -------------------------------------------------------------------------------- /ch01/imperative-config/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: imperative-config-test 5 | -------------------------------------------------------------------------------- /ch02/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/ArgoCD-in-Practice/8d0d6b3f0ccea95a0e56a15607e56a7800799132/ch02/README.md -------------------------------------------------------------------------------- /ch02/argo-app/application.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: nginx 5 | namespace: argocd 6 | finalizers: 7 | - resources-finalizer.argocd.argoproj.io 8 | spec: 9 | syncPolicy: 10 | automated: 11 | prune: true 12 | selfHeal: true 13 | syncOptions: 14 | - CreateNamespace=true 15 | destination: 16 | namespace: nginx 17 | server: https://kubernetes.default.svc 18 | project: default 19 | source: 20 | repoURL: https://charts.bitnami.com/bitnami 21 | chart: nginx 22 | targetRevision: 13.2.10 23 | -------------------------------------------------------------------------------- /ch02/kind.yaml: -------------------------------------------------------------------------------- 1 | # kind.yaml 2 | kind: Cluster 3 | apiVersion: kind.x-k8s.io/v1alpha4 4 | nodes: 5 | - role: control-plane 6 | kubeadmConfigPatches: 7 | - | 8 | kind: InitConfiguration 9 | nodeRegistration: 10 | kubeletExtraArgs: 11 | node-labels: "ingress-ready=true" 12 | extraPortMappings: 13 | - containerPort: 80 14 | hostPort: 80 15 | protocol: TCP 16 | - containerPort: 443 17 | hostPort: 443 18 | protocol: TCP 19 | -------------------------------------------------------------------------------- /ch03/argocd-app.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | annotations: 5 | notifications.argoproj.io/subscribe.on-sync.gitlab: "" 6 | name: argocd 7 | spec: 8 | destination: 9 | namespace: argocd 10 | server: https://kubernetes.default.svc 11 | project: default 12 | source: 13 | path: ch03/kustomize-installation 14 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 15 | targetRevision: main 16 | syncPolicy: 17 | automated: {} 18 | -------------------------------------------------------------------------------- /ch03/argocd-notifications-app.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: argocd-notifications 5 | spec: 6 | destination: 7 | namespace: argocd 8 | server: https://kubernetes.default.svc 9 | project: default 10 | source: 11 | path: ch3/notifications 12 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 13 | targetRevision: main 14 | syncPolicy: 15 | automated: {} 16 | -------------------------------------------------------------------------------- /ch03/disaster-recovery/backup-2021-09-15_18-16.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | timeout.reconciliation: 300s 4 | kind: ConfigMap 5 | metadata: 6 | annotations: 7 | kubectl.kubernetes.io/last-applied-configuration: | 8 | {"apiVersion":"v1","data":{"timeout.reconciliation":"300s"},"kind":"ConfigMap","metadata":{"annotations":{},"labels":{"app.kubernetes.io/instance":"argocd","app.kubernetes.io/name":"argocd-cm","app.kubernetes.io/part-of":"argocd"},"name":"argocd-cm","namespace":"argocd"}} 9 | labels: 10 | app.kubernetes.io/instance: argocd 11 | app.kubernetes.io/name: argocd-cm 12 | app.kubernetes.io/part-of: argocd 13 | name: argocd-cm 14 | --- 15 | apiVersion: v1 16 | kind: ConfigMap 17 | metadata: 18 | annotations: 19 | kubectl.kubernetes.io/last-applied-configuration: | 20 | {"apiVersion":"v1","kind":"ConfigMap","metadata":{"annotations":{},"labels":{"app.kubernetes.io/instance":"argocd","app.kubernetes.io/name":"argocd-rbac-cm","app.kubernetes.io/part-of":"argocd"},"name":"argocd-rbac-cm","namespace":"argocd"}} 21 | labels: 22 | app.kubernetes.io/instance: argocd 23 | app.kubernetes.io/name: argocd-rbac-cm 24 | app.kubernetes.io/part-of: argocd 25 | name: argocd-rbac-cm 26 | --- 27 | apiVersion: v1 28 | data: 29 | ssh_known_hosts: | 30 | bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== 31 | github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== 32 | gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= 33 | gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf 34 | gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 35 | ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H 36 | vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H 37 | kind: ConfigMap 38 | metadata: 39 | annotations: 40 | kubectl.kubernetes.io/last-applied-configuration: | 41 | {"apiVersion":"v1","data":{"ssh_known_hosts":"bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==\ngithub.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\ngitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=\ngitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf\ngitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9\nssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H\nvs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H\n"},"kind":"ConfigMap","metadata":{"annotations":{},"labels":{"app.kubernetes.io/instance":"argocd","app.kubernetes.io/name":"argocd-ssh-known-hosts-cm","app.kubernetes.io/part-of":"argocd"},"name":"argocd-ssh-known-hosts-cm","namespace":"argocd"}} 42 | labels: 43 | app.kubernetes.io/instance: argocd 44 | app.kubernetes.io/name: argocd-ssh-known-hosts-cm 45 | app.kubernetes.io/part-of: argocd 46 | name: argocd-ssh-known-hosts-cm 47 | --- 48 | apiVersion: v1 49 | kind: ConfigMap 50 | metadata: 51 | annotations: 52 | kubectl.kubernetes.io/last-applied-configuration: | 53 | {"apiVersion":"v1","data":null,"kind":"ConfigMap","metadata":{"annotations":{},"labels":{"app.kubernetes.io/instance":"argocd","app.kubernetes.io/name":"argocd-tls-certs-cm","app.kubernetes.io/part-of":"argocd"},"name":"argocd-tls-certs-cm","namespace":"argocd"}} 54 | labels: 55 | app.kubernetes.io/instance: argocd 56 | app.kubernetes.io/name: argocd-tls-certs-cm 57 | app.kubernetes.io/part-of: argocd 58 | name: argocd-tls-certs-cm 59 | --- 60 | apiVersion: v1 61 | data: 62 | admin.password: JDJhJDEwJHVIM1NUdG9oZFY1OE0wNUFkeTMwY08yeG5RaFNqRTlBR2N6dHlxelpLWVhZZFdBdDcvcGdp 63 | admin.passwordMtime: MjAyMS0wOS0xM1QxOToyODo0MFo= 64 | server.secretkey: T28zSHZldWZFclBSc2QxanE4eXRFbERHc0IvWVdnN0lJb3BhV2RmcUZ0Zz0= 65 | tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURZekNDQWt1Z0F3SUJBZ0lSQU84V242Y1VaRzEyNHRSVTdsNytBWmd3RFFZSktvWklodmNOQVFFTEJRQXcKRWpFUU1BNEdBMVVFQ2hNSFFYSm5ieUJEUkRBZUZ3MHlNVEE1TVRNeE9USTROREJhRncweU1qQTVNVE14T1RJNApOREJhTUJJeEVEQU9CZ05WQkFvVEIwRnlaMjhnUTBRd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3CmdnRUtBb0lCQVFDNUI2Mk9CdHd3VUJzbXpsUThQeWpkSW1UZDVFd0RIRkdaNmN1ZkJNWmVDdlBKS0FkRGU3NTgKa0M1RkZGN0hZcmhNUUtveCsvd1BkazJzWHVGdGFaVC91dnd6Y2NEQ293MDF6bVAxRTVpaEE5SFFjQXU4dkRCKwpmWGRrNVZxZm5CVnFJcXp3SmFUbG5wa1RyN3FOQnczS2cvY1NXc242azJqeForSDZXaWt5TXdSdDhOZzFsdUZ1CmN2QU02ZGNJVnBjWE5ZTVh4bVkyL0lGWGxWd0IzTExmdG9POHltLy9rY3dGWmd2M0hHZmFFZGdLZVVoeEtXYzAKTmhuUjh1YXpRSVFCcGF3NkEwVnJsMVVMaHN3dVRCaE12ZEtjVUpFTi9ZeDdWRVhNZnJ5ZHVvMkdZcDRiRFNiaAo3MjVhb1NLZG8xdTdUQUZIQ2hBd1V6VlFkUEFxcnZ1QkFnTUJBQUdqZ2JNd2diQXdEZ1lEVlIwUEFRSC9CQVFECkFnV2dNQk1HQTFVZEpRUU1NQW9HQ0NzR0FRVUZCd01CTUF3R0ExVWRFd0VCL3dRQ01BQXdld1lEVlIwUkJIUXcKY29JSmJHOWpZV3hvYjNOMGdnMWhjbWR2WTJRdGMyVnlkbVZ5Z2hSaGNtZHZZMlF0YzJWeWRtVnlMbUZ5WjI5agpaSUlZWVhKbmIyTmtMWE5sY25abGNpNWhjbWR2WTJRdWMzWmpnaVpoY21kdlkyUXRjMlZ5ZG1WeUxtRnlaMjlqClpDNXpkbU11WTJ4MWMzUmxjaTVzYjJOaGJEQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FRRUFGUkV6WWpZeGFQQjQKZW92cm9qOTZUV0xncWo1d2d1eVJHSG40TGp6d3Z3NzlOOEs4bGZ5UVlWZkxrbUcwQUhnSEpsVUFSMW5FWGdMVQpEc3lqOU9GUkNLcjMveDVWS2xaODdNSDkvb1VRZzBNaGxJYXYwdU9Mc3I5ZFBxL09pc0Fhc1lQRVkzSmJsM1cyCk12TlpkenVtc3Fxa0VYWXlsN0hHcTUvb0gvcUllRHRWVEQ2a3J5OEJWVDZ1MUNuUTdjRjhoVXZLS0RxUitLR08KaGdTVGNldjZ1MHRqSG9pZmJWRjBVRXRvQm1kN1NqTVY4eitBb20rYnJNRUVFMnpHZkdzTEEwc3RQRW10V0lIYworU3pxT3k5MVNKM0pBTmltNW84bmlBcG1NYk5iMjFmYTJWQzBYUkhSeUtFOEVWM3V5VW1SK0p4aDM4VEpqWllMCkFmRk15MlRSL3c9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== 66 | tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBdVFldGpnYmNNRkFiSnM1VVBEOG8zU0prM2VSTUF4eFJtZW5MbndUR1hncnp5U2dIClEzdStmSkF1UlJSZXgySzRURUNxTWZ2OEQzWk5yRjdoYldtVS83cjhNM0hBd3FNTk5jNWo5Uk9Zb1FQUjBIQUwKdkx3d2ZuMTNaT1ZhbjV3VmFpS3M4Q1drNVo2WkU2KzZqUWNOeW9QM0VsckorcE5vOFdmaCtsb3BNak1FYmZEWQpOWmJoYm5Md0RPblhDRmFYRnpXREY4Wm1OdnlCVjVWY0FkeXkzN2FEdk1wdi81SE1CV1lMOXh4bjJoSFlDbmxJCmNTbG5ORFlaMGZMbXMwQ0VBYVdzT2dORmE1ZFZDNGJNTGt3WVRMM1NuRkNSRGYyTWUxUkZ6SDY4bmJxTmhtS2UKR3cwbTRlOXVXcUVpbmFOYnUwd0JSd29RTUZNMVVIVHdLcTc3Z1FJREFRQUJBb0lCQUJBUjlxVHJPNXlHbUpVYQpQbjZ0RGFPSEpUT1FiSG1vci8ycUxLRTNEUE9HQi81a2w1em8xbmFESDBHb3IwS3A5RS9MSGYwUllhY0dJMkRoCkxMc1AvSHpwaEpZRFB6YW9hckZOcDZqVmR1QWxNTWZsczE5RkNRRXpiSGM2NUZBUWdsdWhmMXVzS1ZJNElCdHgKbThZNzRwckFNMmxJc1ZvdUMyTk1IbmhiOUZBRHNHcGYraUtlRWFjUUFFMEFMUDB2R0tiaGxZS1lOaGx1MXA2aApxN3NKaTh6RlFuOXdkT1NIUHZ4aEtWMW5vQUZKbGw0RHdUcW91eDNEOTgxTGNoWXV0WTF4aDAxNFNlUnVmSWtNCjE0MVp1Qi9QcGFDZm1EWDlaTVpEVUtkTHUrWFM1bCtpM3pGQWJGQXJQRERGVkxuaG9iYVdlQzZ0WW5ZQUQ1RGMKYVhON2ViRUNnWUVBNmtDeFFyaC82UHBxK0lNQVQ0MmtIcm1CUUExNlZVajdBMkZtbCt0aDFEYU5ZSGdCUDBSTgoyTWhyUXZHbjBsekNOOVZUZGFDQU02dThzbGtCdWNqdjh0NStQSk10WC9LNmxJQ2IyODRnaEFYQzhmTTkxdWR3CmpoUWJydFNGT245RWNweWtHYVJoNTZITnpLNUU0RHcvem8wQ2tUanNlSm9tOTNMdWMyQk9EZHNDZ1lFQXlqVWwKZWFyR2l0ZWZTdmZQaUsxczhoSUxmeDZNY0pBOEl6bWgrZ2JGWnIzN1M3Y1NDUnZkeWJLZzc1V3hKYnJFQ2FYWgp3bFhoUURHZmVRdkdrUXdadFhoMy81NDMrTEJ2VkJVek8zbld4M3I3V2tNRGsvQ3dJVkhQQ1VUR2M5WXg2ZDJpCmdXWlFyNm1TOUJGbGkvN2dhK09lbGlTSVp3cDBxK3gxU3ZacHNOTUNnWUIybjBua01vKzdSOHdSaWkwSEcvL0cKKzBORFQwL3FqaWxtWGRWWkN2NGdPM3UrSlNia2hjOHgvdE9xTTdzN0lIUE5XRDZLS3p1Z2J0QUFOR2hXVHpXSwo5RFpTc0dqaTFJUzlISjlRWUlKQXVMWXVWWEcwT01EYmdiMCsvQ2wzSk9saGJJY0E0U2dlNXVYVFIxQmppTDc2CjlwY2RPUWt1VFVsOE52d2UrdDZyendLQmdRRElPNktWZlgvSHcwZFJGRjNsU1Y3Rnd3cXhZWTNPZFhXbnFBMTIKcWpmVnlyRkt3OGxQVGRIdFJqN0pvT0RmckxjdG1wY3RNcCt3VXJOSlNWampEeWx5SXc0cENRTUI5NnoyaFZ2TApQSlpyeUtPWU9SNFU1RlYxV1M1OFRpZDZVNVB2c3ZLVjByeDVocUVub1FaK2YvQzV4WmVudEJ1Q2RiOGM5RFVkCit5Nmowd0tCZ1FEQm5qUkExQnVRckQ5N2ZzR01mNXkvMTNuZU9MSFA5NWxDTytDUS9MNTE3YXNzVmU4UExJTm8KbnYzakNBaVFaOTVLb1c5UEF5S3JnQUd6YjliOHNVNjI3WUJYZHl6WityaFFUbWo1OWpzdzZVTUxWZnJJMWNScQpWSFd5TGt3R3E3d3pVS1hoVGI5Tk5EWW5wMnlTRUYvOFdUcFE4VnF1M2pBNUhrTmE0NDErVUE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo= 67 | kind: Secret 68 | metadata: 69 | annotations: 70 | kubectl.kubernetes.io/last-applied-configuration: | 71 | {"apiVersion":"v1","kind":"Secret","metadata":{"annotations":{},"labels":{"app.kubernetes.io/instance":"argocd","app.kubernetes.io/name":"argocd-secret","app.kubernetes.io/part-of":"argocd"},"name":"argocd-secret","namespace":"argocd"},"type":"Opaque"} 72 | labels: 73 | app.kubernetes.io/instance: argocd 74 | app.kubernetes.io/name: argocd-secret 75 | app.kubernetes.io/part-of: argocd 76 | name: argocd-secret 77 | type: Opaque 78 | --- 79 | apiVersion: argoproj.io/v1alpha1 80 | kind: AppProject 81 | metadata: 82 | name: default 83 | spec: 84 | clusterResourceWhitelist: 85 | - group: '*' 86 | kind: '*' 87 | destinations: 88 | - namespace: '*' 89 | server: '*' 90 | sourceRepos: 91 | - '*' 92 | status: {} 93 | --- 94 | apiVersion: argoproj.io/v1alpha1 95 | kind: Application 96 | metadata: 97 | annotations: 98 | kubectl.kubernetes.io/last-applied-configuration: | 99 | {"apiVersion":"argoproj.io/v1alpha1","kind":"Application","metadata":{"annotations":{},"name":"argocd","namespace":"argocd"},"spec":{"destination":{"namespace":"argocd","server":"https://kubernetes.default.svc"},"project":"default","source":{"path":"ch03/kustomize-installation","repoURL":"https://github.com/PacktPublishing/ArgoCD-in-Practice.git","targetRevision":"main"},"syncPolicy":{"automated":{}}}} 100 | name: argocd 101 | spec: 102 | destination: 103 | namespace: argocd 104 | server: https://kubernetes.default.svc 105 | project: default 106 | source: 107 | path: ch03/kustomize-installation 108 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 109 | targetRevision: main 110 | syncPolicy: 111 | automated: {} 112 | status: 113 | health: 114 | status: Healthy 115 | history: 116 | - deployStartedAt: "2021-09-13T19:31:14Z" 117 | deployedAt: "2021-09-13T19:31:16Z" 118 | id: 0 119 | revision: 38f5370f7f0309fefaa53b75f65d373f824043be 120 | source: 121 | path: ch03/kustomize-installation 122 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 123 | targetRevision: main 124 | operationState: 125 | finishedAt: "2021-09-13T19:31:16Z" 126 | message: successfully synced (all tasks run) 127 | operation: 128 | initiatedBy: 129 | automated: true 130 | retry: 131 | limit: 5 132 | sync: 133 | revision: 38f5370f7f0309fefaa53b75f65d373f824043be 134 | phase: Succeeded 135 | startedAt: "2021-09-13T19:31:14Z" 136 | syncResult: 137 | resources: 138 | - group: "" 139 | hookPhase: Running 140 | kind: Namespace 141 | message: namespace/argocd configured 142 | name: argocd 143 | namespace: argocd 144 | status: Synced 145 | syncPhase: Sync 146 | version: v1 147 | - group: networking.k8s.io 148 | hookPhase: Running 149 | kind: NetworkPolicy 150 | message: networkpolicy.networking.k8s.io/argocd-redis-ha-server-network-policy 151 | configured 152 | name: argocd-redis-ha-server-network-policy 153 | namespace: argocd 154 | status: Synced 155 | syncPhase: Sync 156 | version: v1 157 | - group: networking.k8s.io 158 | hookPhase: Running 159 | kind: NetworkPolicy 160 | message: networkpolicy.networking.k8s.io/argocd-application-controller-network-policy 161 | configured 162 | name: argocd-application-controller-network-policy 163 | namespace: argocd 164 | status: Synced 165 | syncPhase: Sync 166 | version: v1 167 | - group: networking.k8s.io 168 | hookPhase: Running 169 | kind: NetworkPolicy 170 | message: networkpolicy.networking.k8s.io/argocd-server-network-policy configured 171 | name: argocd-server-network-policy 172 | namespace: argocd 173 | status: Synced 174 | syncPhase: Sync 175 | version: v1 176 | - group: networking.k8s.io 177 | hookPhase: Running 178 | kind: NetworkPolicy 179 | message: networkpolicy.networking.k8s.io/argocd-dex-server-network-policy 180 | configured 181 | name: argocd-dex-server-network-policy 182 | namespace: argocd 183 | status: Synced 184 | syncPhase: Sync 185 | version: v1 186 | - group: networking.k8s.io 187 | hookPhase: Running 188 | kind: NetworkPolicy 189 | message: networkpolicy.networking.k8s.io/argocd-redis-ha-proxy-network-policy 190 | configured 191 | name: argocd-redis-ha-proxy-network-policy 192 | namespace: argocd 193 | status: Synced 194 | syncPhase: Sync 195 | version: v1 196 | - group: networking.k8s.io 197 | hookPhase: Running 198 | kind: NetworkPolicy 199 | message: networkpolicy.networking.k8s.io/argocd-repo-server-network-policy 200 | configured 201 | name: argocd-repo-server-network-policy 202 | namespace: argocd 203 | status: Synced 204 | syncPhase: Sync 205 | version: v1 206 | - group: "" 207 | hookPhase: Running 208 | kind: ServiceAccount 209 | message: serviceaccount/argocd-dex-server configured 210 | name: argocd-dex-server 211 | namespace: argocd 212 | status: Synced 213 | syncPhase: Sync 214 | version: v1 215 | - group: "" 216 | hookPhase: Running 217 | kind: ServiceAccount 218 | message: serviceaccount/argocd-redis-ha configured 219 | name: argocd-redis-ha 220 | namespace: argocd 221 | status: Synced 222 | syncPhase: Sync 223 | version: v1 224 | - group: "" 225 | hookPhase: Running 226 | kind: ServiceAccount 227 | message: serviceaccount/argocd-server configured 228 | name: argocd-server 229 | namespace: argocd 230 | status: Synced 231 | syncPhase: Sync 232 | version: v1 233 | - group: "" 234 | hookPhase: Running 235 | kind: ServiceAccount 236 | message: serviceaccount/argocd-application-controller configured 237 | name: argocd-application-controller 238 | namespace: argocd 239 | status: Synced 240 | syncPhase: Sync 241 | version: v1 242 | - group: "" 243 | hookPhase: Running 244 | kind: ServiceAccount 245 | message: serviceaccount/argocd-redis-ha-haproxy configured 246 | name: argocd-redis-ha-haproxy 247 | namespace: argocd 248 | status: Synced 249 | syncPhase: Sync 250 | version: v1 251 | - group: "" 252 | hookPhase: Running 253 | kind: Secret 254 | message: secret/argocd-secret configured 255 | name: argocd-secret 256 | namespace: argocd 257 | status: Synced 258 | syncPhase: Sync 259 | version: v1 260 | - group: "" 261 | hookPhase: Running 262 | kind: ConfigMap 263 | message: configmap/argocd-cm configured 264 | name: argocd-cm 265 | namespace: argocd 266 | status: Synced 267 | syncPhase: Sync 268 | version: v1 269 | - group: "" 270 | hookPhase: Running 271 | kind: ConfigMap 272 | message: configmap/argocd-cmd-params-cm configured 273 | name: argocd-cmd-params-cm 274 | namespace: argocd 275 | status: Synced 276 | syncPhase: Sync 277 | version: v1 278 | - group: "" 279 | hookPhase: Running 280 | kind: ConfigMap 281 | message: configmap/argocd-redis-ha-configmap configured 282 | name: argocd-redis-ha-configmap 283 | namespace: argocd 284 | status: Synced 285 | syncPhase: Sync 286 | version: v1 287 | - group: "" 288 | hookPhase: Running 289 | kind: ConfigMap 290 | message: configmap/argocd-tls-certs-cm configured 291 | name: argocd-tls-certs-cm 292 | namespace: argocd 293 | status: Synced 294 | syncPhase: Sync 295 | version: v1 296 | - group: "" 297 | hookPhase: Running 298 | kind: ConfigMap 299 | message: configmap/argocd-ssh-known-hosts-cm configured 300 | name: argocd-ssh-known-hosts-cm 301 | namespace: argocd 302 | status: Synced 303 | syncPhase: Sync 304 | version: v1 305 | - group: "" 306 | hookPhase: Running 307 | kind: ConfigMap 308 | message: configmap/argocd-redis-ha-health-configmap configured 309 | name: argocd-redis-ha-health-configmap 310 | namespace: argocd 311 | status: Synced 312 | syncPhase: Sync 313 | version: v1 314 | - group: "" 315 | hookPhase: Running 316 | kind: ConfigMap 317 | message: configmap/argocd-gpg-keys-cm configured 318 | name: argocd-gpg-keys-cm 319 | namespace: argocd 320 | status: Synced 321 | syncPhase: Sync 322 | version: v1 323 | - group: "" 324 | hookPhase: Running 325 | kind: ConfigMap 326 | message: configmap/argocd-rbac-cm configured 327 | name: argocd-rbac-cm 328 | namespace: argocd 329 | status: Synced 330 | syncPhase: Sync 331 | version: v1 332 | - group: apiextensions.k8s.io 333 | hookPhase: Running 334 | kind: CustomResourceDefinition 335 | message: customresourcedefinition.apiextensions.k8s.io/appprojects.argoproj.io 336 | unchanged 337 | name: appprojects.argoproj.io 338 | namespace: argocd 339 | status: Synced 340 | syncPhase: Sync 341 | version: v1 342 | - group: apiextensions.k8s.io 343 | hookPhase: Running 344 | kind: CustomResourceDefinition 345 | message: customresourcedefinition.apiextensions.k8s.io/applications.argoproj.io 346 | unchanged 347 | name: applications.argoproj.io 348 | namespace: argocd 349 | status: Synced 350 | syncPhase: Sync 351 | version: v1 352 | - group: rbac.authorization.k8s.io 353 | hookPhase: Running 354 | kind: ClusterRole 355 | message: clusterrole.rbac.authorization.k8s.io/argocd-server reconciled. reconciliation 356 | required update. clusterrole.rbac.authorization.k8s.io/argocd-server configured 357 | name: argocd-server 358 | namespace: argocd 359 | status: Synced 360 | syncPhase: Sync 361 | version: v1 362 | - group: rbac.authorization.k8s.io 363 | hookPhase: Running 364 | kind: ClusterRole 365 | message: clusterrole.rbac.authorization.k8s.io/argocd-application-controller 366 | reconciled. reconciliation required update. clusterrole.rbac.authorization.k8s.io/argocd-application-controller 367 | configured 368 | name: argocd-application-controller 369 | namespace: argocd 370 | status: Synced 371 | syncPhase: Sync 372 | version: v1 373 | - group: rbac.authorization.k8s.io 374 | hookPhase: Running 375 | kind: ClusterRoleBinding 376 | message: clusterrolebinding.rbac.authorization.k8s.io/argocd-application-controller 377 | reconciled. reconciliation required update. clusterrolebinding.rbac.authorization.k8s.io/argocd-application-controller 378 | configured 379 | name: argocd-application-controller 380 | namespace: argocd 381 | status: Synced 382 | syncPhase: Sync 383 | version: v1 384 | - group: rbac.authorization.k8s.io 385 | hookPhase: Running 386 | kind: ClusterRoleBinding 387 | message: clusterrolebinding.rbac.authorization.k8s.io/argocd-server reconciled. 388 | reconciliation required update. clusterrolebinding.rbac.authorization.k8s.io/argocd-server 389 | configured 390 | name: argocd-server 391 | namespace: argocd 392 | status: Synced 393 | syncPhase: Sync 394 | version: v1 395 | - group: rbac.authorization.k8s.io 396 | hookPhase: Running 397 | kind: Role 398 | message: role.rbac.authorization.k8s.io/argocd-redis-ha-haproxy reconciled. 399 | reconciliation required update. role.rbac.authorization.k8s.io/argocd-redis-ha-haproxy 400 | configured 401 | name: argocd-redis-ha-haproxy 402 | namespace: argocd 403 | status: Synced 404 | syncPhase: Sync 405 | version: v1 406 | - group: rbac.authorization.k8s.io 407 | hookPhase: Running 408 | kind: Role 409 | message: role.rbac.authorization.k8s.io/argocd-application-controller reconciled. 410 | reconciliation required update. role.rbac.authorization.k8s.io/argocd-application-controller 411 | configured 412 | name: argocd-application-controller 413 | namespace: argocd 414 | status: Synced 415 | syncPhase: Sync 416 | version: v1 417 | - group: rbac.authorization.k8s.io 418 | hookPhase: Running 419 | kind: Role 420 | message: role.rbac.authorization.k8s.io/argocd-redis-ha reconciled. reconciliation 421 | required update. role.rbac.authorization.k8s.io/argocd-redis-ha configured 422 | name: argocd-redis-ha 423 | namespace: argocd 424 | status: Synced 425 | syncPhase: Sync 426 | version: v1 427 | - group: rbac.authorization.k8s.io 428 | hookPhase: Running 429 | kind: Role 430 | message: role.rbac.authorization.k8s.io/argocd-server reconciled. reconciliation 431 | required update. role.rbac.authorization.k8s.io/argocd-server configured 432 | name: argocd-server 433 | namespace: argocd 434 | status: Synced 435 | syncPhase: Sync 436 | version: v1 437 | - group: rbac.authorization.k8s.io 438 | hookPhase: Running 439 | kind: Role 440 | message: role.rbac.authorization.k8s.io/argocd-dex-server reconciled. reconciliation 441 | required update. role.rbac.authorization.k8s.io/argocd-dex-server configured 442 | name: argocd-dex-server 443 | namespace: argocd 444 | status: Synced 445 | syncPhase: Sync 446 | version: v1 447 | - group: rbac.authorization.k8s.io 448 | hookPhase: Running 449 | kind: RoleBinding 450 | message: rolebinding.rbac.authorization.k8s.io/argocd-dex-server reconciled. 451 | reconciliation required update. rolebinding.rbac.authorization.k8s.io/argocd-dex-server 452 | configured 453 | name: argocd-dex-server 454 | namespace: argocd 455 | status: Synced 456 | syncPhase: Sync 457 | version: v1 458 | - group: rbac.authorization.k8s.io 459 | hookPhase: Running 460 | kind: RoleBinding 461 | message: rolebinding.rbac.authorization.k8s.io/argocd-redis-ha reconciled. 462 | reconciliation required update. rolebinding.rbac.authorization.k8s.io/argocd-redis-ha 463 | configured 464 | name: argocd-redis-ha 465 | namespace: argocd 466 | status: Synced 467 | syncPhase: Sync 468 | version: v1 469 | - group: rbac.authorization.k8s.io 470 | hookPhase: Running 471 | kind: RoleBinding 472 | message: rolebinding.rbac.authorization.k8s.io/argocd-server reconciled. reconciliation 473 | required update. rolebinding.rbac.authorization.k8s.io/argocd-server configured 474 | name: argocd-server 475 | namespace: argocd 476 | status: Synced 477 | syncPhase: Sync 478 | version: v1 479 | - group: rbac.authorization.k8s.io 480 | hookPhase: Running 481 | kind: RoleBinding 482 | message: rolebinding.rbac.authorization.k8s.io/argocd-application-controller 483 | reconciled. reconciliation required update. rolebinding.rbac.authorization.k8s.io/argocd-application-controller 484 | configured 485 | name: argocd-application-controller 486 | namespace: argocd 487 | status: Synced 488 | syncPhase: Sync 489 | version: v1 490 | - group: rbac.authorization.k8s.io 491 | hookPhase: Running 492 | kind: RoleBinding 493 | message: rolebinding.rbac.authorization.k8s.io/argocd-redis-ha-haproxy reconciled. 494 | reconciliation required update. rolebinding.rbac.authorization.k8s.io/argocd-redis-ha-haproxy 495 | configured 496 | name: argocd-redis-ha-haproxy 497 | namespace: argocd 498 | status: Synced 499 | syncPhase: Sync 500 | version: v1 501 | - group: "" 502 | hookPhase: Running 503 | kind: Service 504 | message: service/argocd-repo-server configured 505 | name: argocd-repo-server 506 | namespace: argocd 507 | status: Synced 508 | syncPhase: Sync 509 | version: v1 510 | - group: "" 511 | hookPhase: Running 512 | kind: Service 513 | message: service/argocd-redis-ha-announce-2 configured 514 | name: argocd-redis-ha-announce-2 515 | namespace: argocd 516 | status: Synced 517 | syncPhase: Sync 518 | version: v1 519 | - group: "" 520 | hookPhase: Running 521 | kind: Service 522 | message: service/argocd-redis-ha-haproxy configured 523 | name: argocd-redis-ha-haproxy 524 | namespace: argocd 525 | status: Synced 526 | syncPhase: Sync 527 | version: v1 528 | - group: "" 529 | hookPhase: Running 530 | kind: Service 531 | message: service/argocd-redis-ha-announce-1 configured 532 | name: argocd-redis-ha-announce-1 533 | namespace: argocd 534 | status: Synced 535 | syncPhase: Sync 536 | version: v1 537 | - group: "" 538 | hookPhase: Running 539 | kind: Service 540 | message: service/argocd-dex-server configured 541 | name: argocd-dex-server 542 | namespace: argocd 543 | status: Synced 544 | syncPhase: Sync 545 | version: v1 546 | - group: "" 547 | hookPhase: Running 548 | kind: Service 549 | message: service/argocd-server-metrics configured 550 | name: argocd-server-metrics 551 | namespace: argocd 552 | status: Synced 553 | syncPhase: Sync 554 | version: v1 555 | - group: "" 556 | hookPhase: Running 557 | kind: Service 558 | message: service/argocd-server configured 559 | name: argocd-server 560 | namespace: argocd 561 | status: Synced 562 | syncPhase: Sync 563 | version: v1 564 | - group: "" 565 | hookPhase: Running 566 | kind: Service 567 | message: service/argocd-redis-ha-announce-0 configured 568 | name: argocd-redis-ha-announce-0 569 | namespace: argocd 570 | status: Synced 571 | syncPhase: Sync 572 | version: v1 573 | - group: "" 574 | hookPhase: Running 575 | kind: Service 576 | message: service/argocd-redis-ha configured 577 | name: argocd-redis-ha 578 | namespace: argocd 579 | status: Synced 580 | syncPhase: Sync 581 | version: v1 582 | - group: "" 583 | hookPhase: Running 584 | kind: Service 585 | message: service/argocd-metrics configured 586 | name: argocd-metrics 587 | namespace: argocd 588 | status: Synced 589 | syncPhase: Sync 590 | version: v1 591 | - group: apps 592 | hookPhase: Running 593 | kind: Deployment 594 | message: deployment.apps/argocd-server configured 595 | name: argocd-server 596 | namespace: argocd 597 | status: Synced 598 | syncPhase: Sync 599 | version: v1 600 | - group: apps 601 | hookPhase: Running 602 | kind: Deployment 603 | message: deployment.apps/argocd-redis-ha-haproxy configured 604 | name: argocd-redis-ha-haproxy 605 | namespace: argocd 606 | status: Synced 607 | syncPhase: Sync 608 | version: v1 609 | - group: apps 610 | hookPhase: Running 611 | kind: Deployment 612 | message: deployment.apps/argocd-dex-server configured 613 | name: argocd-dex-server 614 | namespace: argocd 615 | status: Synced 616 | syncPhase: Sync 617 | version: v1 618 | - group: apps 619 | hookPhase: Running 620 | kind: Deployment 621 | message: deployment.apps/argocd-repo-server configured 622 | name: argocd-repo-server 623 | namespace: argocd 624 | status: Synced 625 | syncPhase: Sync 626 | version: v1 627 | - group: apps 628 | hookPhase: Running 629 | kind: StatefulSet 630 | message: statefulset.apps/argocd-application-controller configured 631 | name: argocd-application-controller 632 | namespace: argocd 633 | status: Synced 634 | syncPhase: Sync 635 | version: v1 636 | - group: apps 637 | hookPhase: Running 638 | kind: StatefulSet 639 | message: statefulset.apps/argocd-redis-ha-server configured 640 | name: argocd-redis-ha-server 641 | namespace: argocd 642 | status: Synced 643 | syncPhase: Sync 644 | version: v1 645 | revision: 38f5370f7f0309fefaa53b75f65d373f824043be 646 | source: 647 | path: ch03/kustomize-installation 648 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 649 | targetRevision: main 650 | reconciledAt: "2021-09-15T18:14:04Z" 651 | resources: 652 | - kind: ConfigMap 653 | name: argocd-cm 654 | namespace: argocd 655 | status: Synced 656 | version: v1 657 | - kind: ConfigMap 658 | name: argocd-cmd-params-cm 659 | namespace: argocd 660 | status: Synced 661 | version: v1 662 | - kind: ConfigMap 663 | name: argocd-gpg-keys-cm 664 | namespace: argocd 665 | status: Synced 666 | version: v1 667 | - kind: ConfigMap 668 | name: argocd-rbac-cm 669 | namespace: argocd 670 | status: Synced 671 | version: v1 672 | - kind: ConfigMap 673 | name: argocd-redis-ha-configmap 674 | namespace: argocd 675 | status: Synced 676 | version: v1 677 | - kind: ConfigMap 678 | name: argocd-redis-ha-health-configmap 679 | namespace: argocd 680 | status: Synced 681 | version: v1 682 | - kind: ConfigMap 683 | name: argocd-ssh-known-hosts-cm 684 | namespace: argocd 685 | status: Synced 686 | version: v1 687 | - kind: ConfigMap 688 | name: argocd-tls-certs-cm 689 | namespace: argocd 690 | status: Synced 691 | version: v1 692 | - kind: Namespace 693 | name: argocd 694 | status: Synced 695 | version: v1 696 | - kind: Secret 697 | name: argocd-secret 698 | namespace: argocd 699 | status: Synced 700 | version: v1 701 | - health: 702 | status: Healthy 703 | kind: Service 704 | name: argocd-dex-server 705 | namespace: argocd 706 | status: Synced 707 | version: v1 708 | - health: 709 | status: Healthy 710 | kind: Service 711 | name: argocd-metrics 712 | namespace: argocd 713 | status: Synced 714 | version: v1 715 | - health: 716 | status: Healthy 717 | kind: Service 718 | name: argocd-redis-ha 719 | namespace: argocd 720 | status: Synced 721 | version: v1 722 | - health: 723 | status: Healthy 724 | kind: Service 725 | name: argocd-redis-ha-announce-0 726 | namespace: argocd 727 | status: Synced 728 | version: v1 729 | - health: 730 | status: Healthy 731 | kind: Service 732 | name: argocd-redis-ha-announce-1 733 | namespace: argocd 734 | status: Synced 735 | version: v1 736 | - health: 737 | status: Healthy 738 | kind: Service 739 | name: argocd-redis-ha-announce-2 740 | namespace: argocd 741 | status: Synced 742 | version: v1 743 | - health: 744 | status: Healthy 745 | kind: Service 746 | name: argocd-redis-ha-haproxy 747 | namespace: argocd 748 | status: Synced 749 | version: v1 750 | - health: 751 | status: Healthy 752 | kind: Service 753 | name: argocd-repo-server 754 | namespace: argocd 755 | status: Synced 756 | version: v1 757 | - health: 758 | status: Healthy 759 | kind: Service 760 | name: argocd-server 761 | namespace: argocd 762 | status: Synced 763 | version: v1 764 | - health: 765 | status: Healthy 766 | kind: Service 767 | name: argocd-server-metrics 768 | namespace: argocd 769 | status: Synced 770 | version: v1 771 | - kind: ServiceAccount 772 | name: argocd-application-controller 773 | namespace: argocd 774 | status: Synced 775 | version: v1 776 | - kind: ServiceAccount 777 | name: argocd-dex-server 778 | namespace: argocd 779 | status: Synced 780 | version: v1 781 | - kind: ServiceAccount 782 | name: argocd-redis-ha 783 | namespace: argocd 784 | status: Synced 785 | version: v1 786 | - kind: ServiceAccount 787 | name: argocd-redis-ha-haproxy 788 | namespace: argocd 789 | status: Synced 790 | version: v1 791 | - kind: ServiceAccount 792 | name: argocd-server 793 | namespace: argocd 794 | status: Synced 795 | version: v1 796 | - group: apiextensions.k8s.io 797 | kind: CustomResourceDefinition 798 | name: applications.argoproj.io 799 | status: Synced 800 | version: v1 801 | - group: apiextensions.k8s.io 802 | kind: CustomResourceDefinition 803 | name: appprojects.argoproj.io 804 | status: Synced 805 | version: v1 806 | - group: apps 807 | health: 808 | status: Healthy 809 | kind: Deployment 810 | name: argocd-dex-server 811 | namespace: argocd 812 | status: Synced 813 | version: v1 814 | - group: apps 815 | health: 816 | status: Healthy 817 | kind: Deployment 818 | name: argocd-redis-ha-haproxy 819 | namespace: argocd 820 | status: Synced 821 | version: v1 822 | - group: apps 823 | health: 824 | status: Healthy 825 | kind: Deployment 826 | name: argocd-repo-server 827 | namespace: argocd 828 | status: Synced 829 | version: v1 830 | - group: apps 831 | health: 832 | status: Healthy 833 | kind: Deployment 834 | name: argocd-server 835 | namespace: argocd 836 | status: Synced 837 | version: v1 838 | - group: apps 839 | health: 840 | message: 'partitioned roll out complete: 3 new pods have been updated...' 841 | status: Healthy 842 | kind: StatefulSet 843 | name: argocd-application-controller 844 | namespace: argocd 845 | status: Synced 846 | version: v1 847 | - group: apps 848 | health: 849 | message: statefulset rolling update complete 3 pods at revision argocd-redis-ha-server-85f496c479... 850 | status: Healthy 851 | kind: StatefulSet 852 | name: argocd-redis-ha-server 853 | namespace: argocd 854 | status: Synced 855 | version: v1 856 | - group: networking.k8s.io 857 | kind: NetworkPolicy 858 | name: argocd-application-controller-network-policy 859 | namespace: argocd 860 | status: Synced 861 | version: v1 862 | - group: networking.k8s.io 863 | kind: NetworkPolicy 864 | name: argocd-dex-server-network-policy 865 | namespace: argocd 866 | status: Synced 867 | version: v1 868 | - group: networking.k8s.io 869 | kind: NetworkPolicy 870 | name: argocd-redis-ha-proxy-network-policy 871 | namespace: argocd 872 | status: Synced 873 | version: v1 874 | - group: networking.k8s.io 875 | kind: NetworkPolicy 876 | name: argocd-redis-ha-server-network-policy 877 | namespace: argocd 878 | status: Synced 879 | version: v1 880 | - group: networking.k8s.io 881 | kind: NetworkPolicy 882 | name: argocd-repo-server-network-policy 883 | namespace: argocd 884 | status: Synced 885 | version: v1 886 | - group: networking.k8s.io 887 | kind: NetworkPolicy 888 | name: argocd-server-network-policy 889 | namespace: argocd 890 | status: Synced 891 | version: v1 892 | - group: rbac.authorization.k8s.io 893 | kind: ClusterRole 894 | name: argocd-application-controller 895 | status: Synced 896 | version: v1 897 | - group: rbac.authorization.k8s.io 898 | kind: ClusterRole 899 | name: argocd-server 900 | status: Synced 901 | version: v1 902 | - group: rbac.authorization.k8s.io 903 | kind: ClusterRoleBinding 904 | name: argocd-application-controller 905 | status: Synced 906 | version: v1 907 | - group: rbac.authorization.k8s.io 908 | kind: ClusterRoleBinding 909 | name: argocd-server 910 | status: Synced 911 | version: v1 912 | - group: rbac.authorization.k8s.io 913 | kind: Role 914 | name: argocd-application-controller 915 | namespace: argocd 916 | status: Synced 917 | version: v1 918 | - group: rbac.authorization.k8s.io 919 | kind: Role 920 | name: argocd-dex-server 921 | namespace: argocd 922 | status: Synced 923 | version: v1 924 | - group: rbac.authorization.k8s.io 925 | kind: Role 926 | name: argocd-redis-ha 927 | namespace: argocd 928 | status: Synced 929 | version: v1 930 | - group: rbac.authorization.k8s.io 931 | kind: Role 932 | name: argocd-redis-ha-haproxy 933 | namespace: argocd 934 | status: Synced 935 | version: v1 936 | - group: rbac.authorization.k8s.io 937 | kind: Role 938 | name: argocd-server 939 | namespace: argocd 940 | status: Synced 941 | version: v1 942 | - group: rbac.authorization.k8s.io 943 | kind: RoleBinding 944 | name: argocd-application-controller 945 | namespace: argocd 946 | status: Synced 947 | version: v1 948 | - group: rbac.authorization.k8s.io 949 | kind: RoleBinding 950 | name: argocd-dex-server 951 | namespace: argocd 952 | status: Synced 953 | version: v1 954 | - group: rbac.authorization.k8s.io 955 | kind: RoleBinding 956 | name: argocd-redis-ha 957 | namespace: argocd 958 | status: Synced 959 | version: v1 960 | - group: rbac.authorization.k8s.io 961 | kind: RoleBinding 962 | name: argocd-redis-ha-haproxy 963 | namespace: argocd 964 | status: Synced 965 | version: v1 966 | - group: rbac.authorization.k8s.io 967 | kind: RoleBinding 968 | name: argocd-server 969 | namespace: argocd 970 | status: Synced 971 | version: v1 972 | sourceType: Kustomize 973 | summary: 974 | images: 975 | - ghcr.io/dexidp/dex:v2.27.0 976 | - haproxy:2.0.22-alpine 977 | - quay.io/argoproj/argocd:v2.1.1 978 | - redis:6.2.4-alpine 979 | sync: 980 | comparedTo: 981 | destination: 982 | namespace: argocd 983 | server: https://kubernetes.default.svc 984 | source: 985 | path: ch03/kustomize-installation 986 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 987 | targetRevision: main 988 | revision: 38f5370f7f0309fefaa53b75f65d373f824043be 989 | status: Synced 990 | --- 991 | -------------------------------------------------------------------------------- /ch03/kustomize-installation/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | namespace: argocd 4 | 5 | bases: 6 | - github.com/argoproj/argo-cd/manifests/ha/cluster-install?ref=v2.6.8 7 | 8 | resources: 9 | - resources/namespace.yaml 10 | 11 | patchesStrategicMerge: 12 | - patches/argocd-cm.yaml 13 | - patches/argocd-server-deployment.yaml 14 | - patches/argocd-repo-server-deployment.yaml 15 | - patches/argocd-application-controller-statefulset.yaml 16 | -------------------------------------------------------------------------------- /ch03/kustomize-installation/patches/argocd-application-controller-statefulset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: argocd-application-controller 5 | spec: 6 | replicas: 3 7 | template: 8 | spec: 9 | containers: 10 | - name: argocd-application-controller 11 | env: 12 | - name: ARGOCD_CONTROLLER_REPLICAS 13 | value: "3" 14 | -------------------------------------------------------------------------------- /ch03/kustomize-installation/patches/argocd-cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: argocd-cm 5 | data: 6 | timeout.reconciliation: 300s 7 | -------------------------------------------------------------------------------- /ch03/kustomize-installation/patches/argocd-repo-server-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: argocd-repo-server 5 | spec: 6 | replicas: 3 7 | template: 8 | spec: 9 | containers: 10 | - name: argocd-repo-server 11 | env: 12 | - name: "ARGOCD_EXEC_TIMEOUT" 13 | value: "3m" 14 | -------------------------------------------------------------------------------- /ch03/kustomize-installation/patches/argocd-server-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: argocd-server 5 | spec: 6 | replicas: 3 7 | template: 8 | spec: 9 | containers: 10 | - name: argocd-server 11 | env: 12 | - name: ARGOCD_API_SERVER_REPLICAS 13 | value: '3' 14 | -------------------------------------------------------------------------------- /ch03/kustomize-installation/resources/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: argocd 5 | -------------------------------------------------------------------------------- /ch03/notifications/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | namespace: argocd 4 | 5 | bases: 6 | - github.com/argoproj-labs/argocd-notifications/manifests/controller?ref=v1.1.1 7 | 8 | patchesStrategicMerge: 9 | - patches/argocd-notifications-cm.yaml 10 | -------------------------------------------------------------------------------- /ch03/notifications/patches/argocd-notifications-cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: argocd-notifications-cm 5 | data: 6 | trigger.on-sync: | 7 | - when: app.status.operationState.phase in ['Succeeded', 'Error', 'Failed'] 8 | send: [gitlab-webhook] 9 | service.webhook.gitlab: | 10 | url: https://gitlab.com/api/v4/projects/29851922/trigger/pipeline 11 | headers: 12 | - name: Content-Type 13 | value: multipart/form-data 14 | 15 | template.gitlab-webhook: | 16 | webhook: 17 | gitlab: 18 | method: POST 19 | body: ref=main&token=e8dc4d2489e49f4f357e056038ab41&variables[APPLICATION_DEPLOY_STATUS]={{.app.status.sync.status}}&variables[APPLICATION_NAME]={{.app.metadata.name}}&variables[APPLICATION_GIT_COMMIT]={{.app.status.operationState.operation.sync.revision}} 20 | -------------------------------------------------------------------------------- /ch03/servicemonitor/servicemonitor-argocd-metrics.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: monitoring.coreos.com/v1 2 | kind: ServiceMonitor 3 | metadata: 4 | name: argocd-metrics 5 | labels: 6 | release: prometheus-operator 7 | spec: 8 | selector: 9 | matchLabels: 10 | app.kubernetes.io/name: argocd-metrics 11 | namespaceSelector: 12 | any: true 13 | endpoints: 14 | - port: metrics 15 | -------------------------------------------------------------------------------- /ch03/servicemonitor/servicemonitor-argocd-repo-server-metrics.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: monitoring.coreos.com/v1 2 | kind: ServiceMonitor 3 | metadata: 4 | name: argocd-repo-server-metrics 5 | labels: 6 | release: prometheus-operator 7 | spec: 8 | selector: 9 | matchLabels: 10 | app.kubernetes.io/name: argocd-repo-server 11 | namespaceSelector: 12 | any: true 13 | endpoints: 14 | - port: metrics 15 | -------------------------------------------------------------------------------- /ch03/servicemonitor/servicemonitor-argocd-server-metrics.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: monitoring.coreos.com/v1 2 | kind: ServiceMonitor 3 | metadata: 4 | name: argocd-server-metrics 5 | labels: 6 | release: prometheus-operator 7 | spec: 8 | selector: 9 | matchLabels: 10 | app.kubernetes.io/name: argocd-server-metrics 11 | namespaceSelector: 12 | any: true 13 | endpoints: 14 | - port: metrics 15 | -------------------------------------------------------------------------------- /ch04/kustomize-installation/argocd-app.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: argocd 5 | spec: 6 | destination: 7 | namespace: argocd 8 | server: https://kubernetes.default.svc 9 | project: argocd 10 | source: 11 | path: ch04/kustomize-installation 12 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 13 | targetRevision: main 14 | syncPolicy: 15 | automated: 16 | prune: false -------------------------------------------------------------------------------- /ch04/kustomize-installation/argocd-proj.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: AppProject 3 | metadata: 4 | name: argocd 5 | spec: 6 | roles: 7 | - name: read-sync 8 | description: read and sync privileges 9 | policies: 10 | - p, proj:argocd:read-sync, applications, get, argocd/*, allow 11 | - p, proj:argocd:read-sync, applications, sync, argocd/*, allow 12 | clusterResourceWhitelist: 13 | - group: '*' 14 | kind: '*' 15 | description: Project to configure argocd self-manage application 16 | destinations: 17 | - namespace: argocd 18 | server: https://kubernetes.default.svc 19 | sourceRepos: 20 | - https://github.com/PacktPublishing/ArgoCD-in-Practice.git 21 | -------------------------------------------------------------------------------- /ch04/kustomize-installation/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | namespace: argocd 4 | 5 | bases: 6 | - github.com/argoproj/argo-cd/manifests/cluster-install?ref=v2.1.1 7 | 8 | resources: 9 | - resources/namespace.yaml 10 | 11 | patchesStrategicMerge: 12 | - patches/argocd-cm.yaml 13 | - patches/argocd-rbac-cm.yaml 14 | -------------------------------------------------------------------------------- /ch04/kustomize-installation/patches/argocd-cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: argocd-cm 5 | data: 6 | accounts.alina: apiKey, login 7 | accounts.gitops-ci: apiKey 8 | admin.enabled: "false" 9 | -------------------------------------------------------------------------------- /ch04/kustomize-installation/patches/argocd-rbac-cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: argocd-rbac-cm 5 | data: 6 | policy.default: role:readonly 7 | 8 | policy.csv: | 9 | 10 | p, role:user-update, accounts, update, *, allow 11 | p, role:user-update, accounts, get, *, allow 12 | p, role:user-update, projects, update, argocd, allow 13 | 14 | g, alina, role:user-update 15 | -------------------------------------------------------------------------------- /ch04/kustomize-installation/resources/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: argocd 5 | -------------------------------------------------------------------------------- /ch04/sso-setup/ArgoCDSSO_schema.json: -------------------------------------------------------------------------------- 1 | { 2 | "schemaName": "ArgoCDSSO", 3 | "displayName": "ArgoCD_SSO_Role", 4 | "fields": [ 5 | { 6 | "fieldType": "STRING", 7 | "fieldName": "ArgoCDRole", 8 | "displayName": "ArgoCD_Role", 9 | "multiValued": true, 10 | "readAccessType": "ADMINS_AND_SELF" 11 | } 12 | ] 13 | } 14 | -------------------------------------------------------------------------------- /ch04/sso-setup/argocd-cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: argocd-cm 5 | data: 6 | admin.enabled: "false" 7 | url: https://argocd.mycompany.com 8 | dex.config: | 9 | connectors: 10 | - type: saml 11 | id: argocd-mycompany-saml-id 12 | name: google 13 | config: 14 | ssoURL: https://accounts.google.com/o/saml2/idp?idpid= 15 | caData: | 16 | BASE64-ENCODED-CERTIFICATE-DATA 17 | entityIssuer: argocd-mycompany-saml-id 18 | redirectURI: https://argocd.mycompany.com/api/dex/callback 19 | usernameAttr: name 20 | emailAttr: email 21 | groupsAttr: role 22 | -------------------------------------------------------------------------------- /ch04/sso-setup/argocd-dex-server-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: argocd-dex-server 5 | spec: 6 | replicas: 0 7 | -------------------------------------------------------------------------------- /ch04/sso-setup/argocd-rbac-cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: argocd-rbac-cm 5 | data: 6 | 7 | policy.csv: | 8 | 9 | g, role:developer, role:readonly 10 | p, role:developer, applications, sync, */*, allow 11 | 12 | g, role:sre, role:developer 13 | 14 | p, role:sre, applications, create, */*, allow 15 | p, role:sre, applications, update, */*, allow 16 | p, role:sre, applications, override, */*, allow 17 | p, role:sre, applications, action/*, */*, allow 18 | p, role:sre, projects, create, *, allow 19 | p, role:sre, projects, update, *, allow 20 | p, role:sre, repositories, create, *, allow 21 | p, role:sre, repositories, update, *, allow 22 | 23 | g, Sre, role:sre 24 | g, Developer, role:developer 25 | g, Onboarding, role:readonly 26 | -------------------------------------------------------------------------------- /ch05/.gitignore: -------------------------------------------------------------------------------- 1 | # Terraform 2 | *.terraform* 3 | *tfstate* 4 | plan.out 5 | 6 | # Kubeonfig 7 | kubeconfig* 8 | -------------------------------------------------------------------------------- /ch05/applications/argocd-ui/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: argocd-ui 3 | description: The ingress gateway to access Argo CD UI through Operator 4 | version: 0.0.1 5 | -------------------------------------------------------------------------------- /ch05/applications/argocd-ui/templates/argocd-ui.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.istio.io/v1alpha3 2 | kind: Gateway 3 | metadata: 4 | name: argocd-gateway 5 | namespace: argocd 6 | spec: 7 | selector: 8 | istio: ingressgateway 9 | servers: 10 | - port: 11 | number: 80 12 | name: http 13 | protocol: HTTP 14 | tls: 15 | httpsRedirect: true 16 | hosts: 17 | - "ui.packtargocdbook.link" 18 | - port: 19 | number: 443 20 | name: https 21 | protocol: HTTPS 22 | tls: 23 | mode: PASSTHROUGH 24 | hosts: 25 | - "ui.packtargocdbook.link" 26 | --- 27 | apiVersion: networking.istio.io/v1alpha3 28 | kind: VirtualService 29 | metadata: 30 | name: argocd-virtual-service 31 | namespace: argocd 32 | spec: 33 | hosts: 34 | - "ui.packtargocdbook.link" 35 | gateways: 36 | - argocd-gateway 37 | tls: 38 | - match: 39 | - port: 443 40 | route: 41 | - destination: 42 | host: argocd-server.argocd.svc.cluster.local 43 | port: 44 | number: 443 45 | -------------------------------------------------------------------------------- /ch05/applications/argocd-ui/values.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/ArgoCD-in-Practice/8d0d6b3f0ccea95a0e56a15607e56a7800799132/ch05/applications/argocd-ui/values.yaml -------------------------------------------------------------------------------- /ch05/applications/argocd/argo-teams.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: AppProject 3 | metadata: 4 | name: team 5 | namespace: argocd 6 | spec: 7 | destinations: 8 | - namespace: team-* 9 | server: '*' 10 | clusterResourceWhitelist: 11 | - group: '' 12 | kind: Namespace 13 | namespaceResourceBlacklist: 14 | - group: '' 15 | kind: ResourceQuota 16 | - group: '' 17 | kind: LimitRange 18 | - group: '' 19 | kind: NetworkPolicy 20 | sourceRepos: 21 | - https://github.com/PacktPublishing/ArgoCD-in-Practice.git 22 | - https://github.com/spirosoik/argocd-rollouts-cicd.git 23 | roles: 24 | - name: team-admin 25 | policies: 26 | - p, proj:team:team-admin, applications, *, team/*, allow 27 | - name: ci-role 28 | description: Create and Sync apps 29 | policies: 30 | - p, proj:team:ci-role, applications, sync, team/*, allow 31 | - p, proj:team:ci-role, applications, get, team/*, allow 32 | - p, proj:team:ci-role, applications, create, team/*, allow 33 | - p, proj:team:ci-role, applications, update, team/*, allow 34 | - p, proj:team:ci-role, applications, delete, team/*, allow 35 | -------------------------------------------------------------------------------- /ch05/applications/argocd/argocd-cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: argocd-cm 5 | namespace: argocd 6 | labels: 7 | app.kubernetes.io/name: argocd-cm 8 | app.kubernetes.io/part-of: argocd 9 | data: 10 | resource.customizations: | 11 | install.istio.io/IstioOperator: 12 | health.lua: | 13 | hs = {} 14 | if obj.status ~= nil then 15 | if obj.status.status == "HEALTHY" then 16 | hs.status = "Healthy" 17 | hs.message = "Istio-Operator Ready" 18 | return hs 19 | end 20 | end 21 | 22 | hs.status = "Progressing" 23 | hs.message = "Waiting for Istio-Operator" 24 | return hs 25 | -------------------------------------------------------------------------------- /ch05/applications/istio-control-plane/istio-control-plane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: install.istio.io/v1alpha1 2 | kind: IstioOperator 3 | metadata: 4 | namespace: istio-system 5 | name: istio-control-plane 6 | spec: 7 | profile: default 8 | components: 9 | ingressGateways: 10 | - namespace: istio-system 11 | name: istio-ingressgateway 12 | enabled: true 13 | k8s: 14 | serviceAnnotations: 15 | service.beta.kubernetes.io/aws-load-balancer-type: "nlb" 16 | service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:us-east-1:593113792344:certificate/9e5908cf-4ffc-49d3-a1b2-fb3e8b992c44" 17 | service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "http" 18 | service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https" 19 | service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "60" 20 | addonComponents: 21 | prometheus: 22 | enabled: false 23 | -------------------------------------------------------------------------------- /ch05/applications/master-utilities/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: master-utilities 3 | description: The master Argo Application for the Cluster utilities 4 | version: 0.0.1 5 | -------------------------------------------------------------------------------- /ch05/applications/master-utilities/templates/argocd-ui.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: argocd-istio-app 5 | namespace: argocd 6 | finalizers: 7 | - resources-finalizer.argocd.argoproj.io 8 | spec: 9 | project: default 10 | source: 11 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 12 | targetRevision: HEAD 13 | path: ch05/applications/argocd-ui 14 | 15 | destination: 16 | namespace: argocd-ui 17 | server: {{ .Values.spec.destination.server }} 18 | 19 | syncPolicy: 20 | automated: 21 | prune: true 22 | selfHeal: true 23 | syncOptions: 24 | - CreateNamespace=true 25 | -------------------------------------------------------------------------------- /ch05/applications/master-utilities/templates/external-dns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: external-dns 5 | namespace: argocd 6 | annotations: 7 | argocd.argoproj.io/sync-wave: "-3" 8 | finalizers: 9 | - resources-finalizer.argocd.argoproj.io 10 | spec: 11 | project: default 12 | source: 13 | repoURL: https://charts.bitnami.com/bitnami 14 | targetRevision: "6.0.1" 15 | chart: external-dns 16 | helm: 17 | values: | 18 | sources: 19 | - ingress 20 | - service 21 | - istio-gateway 22 | - istio-virtualservice 23 | serviceAccount: 24 | annotations: 25 | eks.amazonaws.com/role-arn: {{ .Values.externalDNS.iamRole }} 26 | domainFilters: 27 | - {{ .Values.externalDNS.domain }} 28 | txtOwnerId: {{ .Values.externalDNS.txtOwnerID }} 29 | 30 | destination: 31 | namespace: kube-system 32 | server: {{ .Values.spec.destination.server }} 33 | 34 | syncPolicy: 35 | automated: 36 | prune: true 37 | syncOptions: 38 | - CreateNamespace=true 39 | -------------------------------------------------------------------------------- /ch05/applications/master-utilities/templates/istio-operator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: istio-operator 5 | namespace: argocd 6 | annotations: 7 | argocd.argoproj.io/sync-wave: "-2" 8 | finalizers: 9 | - resources-finalizer.argocd.argoproj.io 10 | spec: 11 | project: default 12 | source: 13 | repoURL: https://github.com/istio/istio.git 14 | targetRevision: "1.12.0" 15 | path: manifests/charts/istio-operator 16 | helm: 17 | parameters: 18 | - name: "hub" 19 | value: "docker.io/istio" 20 | - name: "tag" 21 | value: "1.12.0" 22 | 23 | destination: 24 | namespace: istio-operator 25 | server: {{ .Values.spec.destination.server }} 26 | 27 | syncPolicy: 28 | automated: 29 | prune: true 30 | selfHeal: true 31 | syncOptions: 32 | - CreateNamespace=true 33 | -------------------------------------------------------------------------------- /ch05/applications/master-utilities/templates/istio.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: istio 5 | namespace: argocd 6 | annotations: 7 | argocd.argoproj.io/sync-wave: "-1" 8 | finalizers: 9 | - resources-finalizer.argocd.argoproj.io 10 | spec: 11 | project: default 12 | source: 13 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 14 | targetRevision: HEAD 15 | path: ch05/applications/istio-control-plane 16 | 17 | destination: 18 | namespace: istio-system 19 | server: {{ .Values.spec.destination.server }} 20 | 21 | syncPolicy: 22 | automated: 23 | prune: true 24 | selfHeal: true 25 | syncOptions: 26 | - CreateNamespace=true 27 | -------------------------------------------------------------------------------- /ch05/k8s-bootstrap/base/argo-applicationset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: argo-applicationset 5 | spec: 6 | project: default 7 | source: 8 | repoURL: https://github.com/argoproj-labs/applicationset.git 9 | targetRevision: HEAD 10 | path: manifests/namespace-install 11 | 12 | destination: 13 | namespace: argo-applicationset 14 | server: https://kubernetes.default.svc 15 | 16 | syncPolicy: 17 | automated: 18 | prune: true 19 | selfHeal: true 20 | syncOptions: 21 | - CreateNamespace=true 22 | -------------------------------------------------------------------------------- /ch05/k8s-bootstrap/base/argo-rollouts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: argo-rollouts 5 | finalizers: 6 | - resources-finalizer.argocd.argoproj.io 7 | spec: 8 | project: default 9 | source: 10 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 11 | targetRevision: HEAD 12 | path: ch05/applications/argo-rollouts 13 | 14 | destination: 15 | namespace: argo-rollouts 16 | server: https://kubernetes.default.svc 17 | 18 | syncPolicy: 19 | automated: 20 | prune: true 21 | selfHeal: true 22 | syncOptions: 23 | - CreateNamespace=true 24 | -------------------------------------------------------------------------------- /ch05/k8s-bootstrap/base/argocd.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: argo-cd 5 | finalizers: 6 | - resources-finalizer.argocd.argoproj.io 7 | spec: 8 | project: default 9 | source: 10 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 11 | targetRevision: HEAD 12 | path: ch05/applications/argocd 13 | 14 | destination: 15 | namespace: argocd 16 | server: https://kubernetes.default.svc 17 | 18 | syncPolicy: 19 | automated: 20 | prune: true 21 | selfHeal: true 22 | syncOptions: 23 | - CreateNamespace=true 24 | -------------------------------------------------------------------------------- /ch05/k8s-bootstrap/base/blue-green.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: blue-green 5 | finalizers: 6 | - resources-finalizer.argocd.argoproj.io 7 | spec: 8 | project: team 9 | source: 10 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 11 | targetRevision: HEAD 12 | path: ch06/simple-blue-green/deployments/argo 13 | 14 | destination: 15 | namespace: team-blue-green 16 | server: https://kubernetes.default.svc 17 | 18 | syncPolicy: 19 | automated: 20 | prune: true 21 | selfHeal: true 22 | syncOptions: 23 | - CreateNamespace=true 24 | -------------------------------------------------------------------------------- /ch05/k8s-bootstrap/base/bootstrap-applicationset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: ApplicationSet 3 | metadata: 4 | name: bootstrap 5 | spec: 6 | generators: 7 | - matrix: 8 | generators: 9 | - git: 10 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 11 | revision: HEAD 12 | directories: 13 | - path: ch05/applications/* 14 | - path: ch05/applications/istio-control-plane 15 | exclude: true 16 | - path: ch05/applications/argocd-ui 17 | exclude: true 18 | - list: 19 | elements: 20 | - cluster: engineering-dev 21 | url: https://kubernetes.default.svc 22 | template: 23 | metadata: 24 | name: "{{path.basename}}" 25 | spec: 26 | project: default 27 | source: 28 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 29 | targetRevision: HEAD 30 | path: "{{path}}" 31 | destination: 32 | server: "{{url}}" 33 | namespace: "{{path.basename}}" 34 | -------------------------------------------------------------------------------- /ch05/k8s-bootstrap/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | namespace: argocd 4 | bases: 5 | - https://raw.githubusercontent.com/argoproj/argo-cd/v2.1.7/manifests/install.yaml 6 | resources: 7 | - namespace.yaml 8 | - argo-applicationset.yaml 9 | - bootstrap-applicationset.yaml 10 | -------------------------------------------------------------------------------- /ch05/k8s-bootstrap/base/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: argocd 5 | -------------------------------------------------------------------------------- /ch05/k8s-bootstrap/bootstrap/argocd-server.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: argocd-server 6 | spec: 7 | selector: 8 | matchLabels: 9 | app.kubernetes.io/name: argocd-server 10 | template: 11 | spec: 12 | containers: 13 | - name: argocd-server 14 | command: 15 | - argocd-server 16 | - --staticassets 17 | - /shared/app 18 | - --repo-server 19 | - argocd-repo-server:8081 20 | - --insecure 21 | -------------------------------------------------------------------------------- /ch05/k8s-bootstrap/bootstrap/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | namespace: argocd 4 | bases: 5 | - ../base 6 | patchesStrategicMerge: 7 | - argocd-server.yaml 8 | -------------------------------------------------------------------------------- /ch05/terraform/argocd.tf: -------------------------------------------------------------------------------- 1 | locals { 2 | master_utils_values = <<-EOT 3 | apiVersion: argoproj.io/v1alpha1 4 | kind: Application 5 | metadata: 6 | name: master-utilities 7 | finalizers: 8 | - resources-finalizer.argocd.argoproj.io 9 | spec: 10 | project: default 11 | source: 12 | repoURL: https://github.com/PacktPublishing/ArgoCD-in-Practice.git 13 | targetRevision: HEAD 14 | path: ch05/applications/master-utilities 15 | helm: 16 | values: | 17 | externalDNS: 18 | iamRole: ${aws_iam_role.external_dns.arn} 19 | domain: ${var.domain} 20 | txtOwnerID: ${var.zone_id} 21 | 22 | destination: 23 | namespace: argocd 24 | server: https://kubernetes.default.svc 25 | 26 | syncPolicy: 27 | automated: 28 | prune: true 29 | selfHeal: true 30 | 31 | EOT 32 | 33 | values_dev = <<-EOT 34 | spec: 35 | destination: 36 | server: https://kubernetes.default.svc 37 | 38 | externalDNS: 39 | iamRole: ${aws_iam_role.external_dns.arn} 40 | domain: ${var.domain} 41 | txtOwnerID: ${var.zone_id} 42 | EOT 43 | } 44 | 45 | resource "local_file" "master_utils_values" { 46 | filename = "../k8s-bootstrap/base/master-utilities.yaml" 47 | content = local.master_utils_values 48 | } 49 | 50 | resource "local_file" "master_utils_values_yaml" { 51 | filename = "../applications/master-utilities/values.yaml" 52 | content = local.values_dev 53 | } 54 | 55 | data "kustomization_build" "argocd" { 56 | path = "../k8s-bootstrap/bootstrap" 57 | } 58 | 59 | resource "kustomization_resource" "argocd" { 60 | for_each = data.kustomization_build.argocd.ids 61 | manifest = data.kustomization_build.argocd.manifests[each.value] 62 | depends_on = [ 63 | local_file.master_utils_values, 64 | local_file.master_utils_values_yaml, 65 | ] 66 | } 67 | -------------------------------------------------------------------------------- /ch05/terraform/eks.tf: -------------------------------------------------------------------------------- 1 | module "eks" { 2 | source = "terraform-aws-modules/eks/aws" 3 | cluster_name = var.cluster_name 4 | cluster_version = "1.20" 5 | subnets = module.vpc.private_subnets 6 | enable_irsa = true 7 | 8 | tags = { 9 | Environment = "test" 10 | } 11 | 12 | vpc_id = module.vpc.vpc_id 13 | 14 | workers_group_defaults = { 15 | root_volume_type = "gp2" 16 | } 17 | 18 | worker_groups = [ 19 | { 20 | name = "utilities-group" 21 | instance_type = "t3.large" 22 | asg_desired_capacity = 2 23 | }, 24 | { 25 | name = "applications-group" 26 | instance_type = "t3.large" 27 | asg_desired_capacity = 2 28 | }, 29 | ] 30 | } 31 | 32 | data "aws_eks_cluster" "cluster" { 33 | name = module.eks.cluster_id 34 | } 35 | 36 | data "aws_eks_cluster_auth" "cluster" { 37 | name = module.eks.cluster_id 38 | } 39 | -------------------------------------------------------------------------------- /ch05/terraform/iam.tf: -------------------------------------------------------------------------------- 1 | 2 | data "aws_route53_zone" "zone_selected" { 3 | zone_id = var.zone_id 4 | } 5 | 6 | resource "aws_iam_policy" "external_dns" { 7 | name = "external-dns-policy" 8 | path = "/" 9 | description = "Allows access to resources needed to run external-dns." 10 | 11 | policy = < 2 17 | imageArr[0] == "ghcr.io" 18 | imageArr[1] == "_my_company_" 19 | } 20 | -------------------------------------------------------------------------------- /ch08/kube-score/enforcing-best-practices.sh: -------------------------------------------------------------------------------- 1 | #! /bin/sh 2 | 3 | helm dependency update traefik-umbrella 4 | 5 | helm template traefik-umbrella –include-crds --values traefik-umbrella/values.yaml --namespace traefik --output-dir out 6 | 7 | docker run -v $(pwd)/out:/out -w / zegl/kube-score:v1.14.0 score out/traefik-umbrella/charts/traefik/**/*.yaml 8 | -------------------------------------------------------------------------------- /ch08/kubeconform/validate-schema.sh: -------------------------------------------------------------------------------- 1 | #! /bin/sh 2 | 3 | helm dependency update traefik-umbrella 4 | helm template traefik-umbrella –include-crds --values traefik-umbrella/values.yaml --namespace traefik --output-dir out 5 | 6 | # validating 1.21 with apiextensions.k8s.io/v1beta1 7 | docker run -v $(pwd)/out:/templates ghcr.io/yannh/kubeconform:v0.4.12-amd64 -kubernetes-version 1.21.0 -skip IngressRoute -schema-location default -schema-location 'https://jenkins-x.github.io/jenkins-x-schemas/apiextensions.k8s.io/v1beta1/customresourcedefinition.json' /templates 8 | 9 | 10 | # validating 1.22 apiextensions.k8s.io/v1 11 | docker run -v $(pwd)/out:/templates ghcr.io/yannh/kubeconform:v0.4.12-amd64 -kubernetes-version 1.22.0 -skip IngressRoute -schema-location default -schema-location 'https://jenkins-x.github.io/jenkins-x-schemas/apiextensions.k8s.io/v1/customresourcedefinition.json' /templates 12 | -------------------------------------------------------------------------------- /ch09/cli-utils-example/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: app 5 | namespace: example-cli-utils 6 | spec: 7 | selector: 8 | matchLabels: 9 | app: app 10 | version: "1.0" 11 | replicas: 3 12 | template: 13 | metadata: 14 | labels: 15 | app: app 16 | version: "1.0" 17 | spec: 18 | containers: 19 | - name: service 20 | image: spirosoik/ch06:v1.0 21 | imagePullPolicy: IfNotPresent 22 | ports: 23 | - containerPort: 3000 24 | resources: 25 | limits: 26 | cpu: "1" 27 | memory: "128Mi" 28 | requests: 29 | cpu: "0.5" 30 | memory: "128Mi" 31 | -------------------------------------------------------------------------------- /ch09/namespaced/example/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: app 5 | namespace: example-namespaced 6 | spec: 7 | selector: 8 | matchLabels: 9 | app: app 10 | version: "1.0" 11 | replicas: 2 12 | template: 13 | metadata: 14 | labels: 15 | app: app 16 | version: "1.0" 17 | spec: 18 | containers: 19 | - name: service 20 | image: spirosoik/ch06:v1.0 21 | imagePullPolicy: IfNotPresent 22 | ports: 23 | - containerPort: 3000 24 | resources: 25 | limits: 26 | cpu: "1" 27 | memory: "128Mi" 28 | requests: 29 | cpu: "0.5" 30 | memory: "128Mi" 31 | -------------------------------------------------------------------------------- /ch09/namespaced/namespaced.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: gitops-agent 5 | namespace: example-namespaced 6 | --- 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: Role 9 | metadata: 10 | name: gitops-agent 11 | namespace: example-namespaced 12 | rules: 13 | - apiGroups: 14 | - "*" 15 | resources: 16 | - "*" 17 | verbs: 18 | - "*" 19 | --- 20 | apiVersion: rbac.authorization.k8s.io/v1 21 | kind: RoleBinding 22 | metadata: 23 | name: gitops-agent 24 | namespace: example-namespaced 25 | roleRef: 26 | apiGroup: rbac.authorization.k8s.io 27 | kind: Role 28 | name: gitops-agent 29 | subjects: 30 | - kind: ServiceAccount 31 | name: gitops-agent 32 | --- 33 | apiVersion: apps/v1 34 | kind: Deployment 35 | metadata: 36 | name: gitops-agent 37 | namespace: example-namespaced 38 | spec: 39 | selector: 40 | matchLabels: 41 | app.kubernetes.io/name: gitops-agent 42 | strategy: 43 | type: Recreate 44 | template: 45 | metadata: 46 | labels: 47 | app.kubernetes.io/name: gitops-agent 48 | spec: 49 | containers: 50 | - image: argoproj/gitops-agent:latest 51 | name: gitops-agent 52 | command: 53 | - gitops 54 | - /tmp/git/repo 55 | - --path 56 | - ch09/namespaced/example 57 | - --namespaced 58 | volumeMounts: 59 | - mountPath: /tmp/git 60 | name: git 61 | - image: k8s.gcr.io/git-sync:v3.1.6 62 | name: git-sync 63 | args: 64 | - --webhook-url 65 | - http://localhost:9001/api/v1/sync 66 | - --dest 67 | - repo 68 | - --branch 69 | - main 70 | env: 71 | - name: GIT_SYNC_REPO 72 | value: https://github.com/PacktPublishing/ArgoCD-in-Practice 73 | volumeMounts: 74 | - mountPath: /tmp/git 75 | name: git 76 | serviceAccountName: gitops-agent 77 | volumes: 78 | - emptyDir: {} 79 | name: git 80 | --------------------------------------------------------------------------------