Refactor Argo CD application configuration to adopt a multi-source approach for noble-platform, removing Helm chart definitions from kustomization.yaml. Update noble-platform.yaml to directly reference Helm chart sources and clarify documentation in README.md and apps/README.md regarding the new structure and resource representation in the UI.

2026-03-28 02:18:02 -04:00
parent 0dd642f0c5
commit 05717c7e6a
6 changed files with 91 additions and 82 deletions
--- a/clusters/noble/bootstrap/argocd/apps/noble-platform.yaml
+++ b/clusters/noble/bootstrap/argocd/apps/noble-platform.yaml
@@ -1,9 +1,10 @@
-# Noble cluster workloads — **single** `source` so Argo CD’s resource tree lists all rendered
-# objects (Helm + Kustomize). **spec.sources** (multi-source) is limited in the UI and often
-# shows only one source’s manifests (e.g. plain Kustomize without chart workloads).
+# Multi-source: native Helm (no Kustomize helmCharts → no **--enable-helm**). Git **ref: values**
+# supplies **$values/...** paths; second Git entry runs plain Kustomize over **clusters/noble/apps**.
 #
-# Renders **clusters/noble/apps** via **kustomization.yaml** (helmCharts + resources).
-# Requires **kustomize.buildOptions: --enable-helm** in **argocd-cm** (see **values.yaml**).
+# UI: some Argo CD versions summarize multi-source apps oddly in the graph; the **Resource list**
+# still reflects the merged set. **ServerSideApply** avoids huge CRD client-side apply annotations.
+#
+# https://argo-cd.readthedocs.io/en/stable/user-guide/multiple_sources/
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
@@ -13,10 +14,85 @@ metadata:
    - resources-finalizer.argocd.argoproj.io/background
 spec:
  project: default
-  source:
-    repoURL: https://gitea.pcenicni.ca/gsdavidp/home-server.git
-    targetRevision: main
-    path: clusters/noble/apps
+  sources:
+    - repoURL: https://prometheus-community.github.io/helm-charts
+      chart: kube-prometheus-stack
+      targetRevision: "82.15.1"
+      helm:
+        releaseName: kube-prometheus
+        namespace: monitoring
+        valueFiles:
+          - $values/clusters/noble/apps/kube-prometheus-stack/values.yaml
+    - repoURL: https://grafana.github.io/helm-charts
+      chart: loki
+      targetRevision: "6.55.0"
+      helm:
+        releaseName: loki
+        namespace: loki
+        valueFiles:
+          - $values/clusters/noble/apps/loki/values.yaml
+    - repoURL: https://fluent.github.io/helm-charts
+      chart: fluent-bit
+      targetRevision: "0.56.0"
+      helm:
+        releaseName: fluent-bit
+        namespace: logging
+        valueFiles:
+          - $values/clusters/noble/apps/fluent-bit/values.yaml
+    - repoURL: https://bitnami-labs.github.io/sealed-secrets
+      chart: sealed-secrets
+      targetRevision: "2.18.4"
+      helm:
+        releaseName: sealed-secrets
+        namespace: sealed-secrets
+        valueFiles:
+          - $values/clusters/noble/apps/sealed-secrets/values.yaml
+    - repoURL: https://charts.external-secrets.io
+      chart: external-secrets
+      targetRevision: "2.2.0"
+      helm:
+        releaseName: external-secrets
+        namespace: external-secrets
+        valueFiles:
+          - $values/clusters/noble/apps/external-secrets/values.yaml
+    - repoURL: https://helm.releases.hashicorp.com
+      chart: vault
+      targetRevision: "0.32.0"
+      helm:
+        releaseName: vault
+        namespace: vault
+        valueFiles:
+          - $values/clusters/noble/apps/vault/values.yaml
+    - repoURL: https://kyverno.github.io/kyverno/
+      chart: kyverno
+      targetRevision: "3.7.1"
+      helm:
+        releaseName: kyverno
+        namespace: kyverno
+        valueFiles:
+          - $values/clusters/noble/apps/kyverno/values.yaml
+    - repoURL: https://kyverno.github.io/kyverno/
+      chart: kyverno-policies
+      targetRevision: "3.7.1"
+      helm:
+        releaseName: kyverno-policies
+        namespace: kyverno
+        valueFiles:
+          - $values/clusters/noble/apps/kyverno/policies-values.yaml
+    - repoURL: https://kubernetes-sigs.github.io/headlamp/
+      chart: headlamp
+      targetRevision: "0.40.1"
+      helm:
+        releaseName: headlamp
+        namespace: headlamp
+        valueFiles:
+          - $values/clusters/noble/apps/headlamp/values.yaml
+    - repoURL: https://gitea.pcenicni.ca/gsdavidp/home-server.git
+      targetRevision: main
+      ref: values
+    - repoURL: https://gitea.pcenicni.ca/gsdavidp/home-server.git
+      targetRevision: main
+      path: clusters/noble/apps
  destination:
    server: https://kubernetes.default.svc
    namespace: default
@@ -26,6 +102,4 @@ spec:
      selfHeal: true
    syncOptions:
      - CreateNamespace=true
-      # Large CRDs (Prometheus Operator, Kyverno, ESO) exceed kubectl’s ~256KiB annotation limit
-      # for last-applied-configuration; server-side apply avoids that.
      - ServerSideApply=true