Refactor Argo CD application configuration to utilize a single source for the noble-platform, consolidating Helm chart management within kustomization.yaml. Update values.yaml to enable Helm inflation and revise documentation in README.md and apps/README.md to clarify the new structure and improve UI representation of resources.
This commit is contained in:
Nikholas Pcenicni
@@ -1,5 +1,6 @@
|
||||
# Plain Kustomize (namespaces + extra YAML only). Helm charts are **Application** sources in
|
||||
# **bootstrap/argocd/apps/noble-platform.yaml** so Argo CD does not need **kustomize --enable-helm**.
|
||||
# Single Argo CD **source** (**noble-platform** → **path: clusters/noble/apps**) so the UI shows the
|
||||
# full resource tree. Helm charts are inlined via **helmCharts**; requires **argocd-cm**
|
||||
# **kustomize.buildOptions: --enable-helm** (see **bootstrap/argocd/values.yaml**).
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
@@ -15,3 +16,60 @@ resources:
|
||||
- grafana-loki-datasource/loki-datasource.yaml
|
||||
- vault/unseal-cronjob.yaml
|
||||
- vault/cilium-network-policy.yaml
|
||||
|
||||
helmCharts:
|
||||
- name: kube-prometheus-stack
|
||||
repo: https://prometheus-community.github.io/helm-charts
|
||||
version: 82.15.1
|
||||
releaseName: kube-prometheus
|
||||
namespace: monitoring
|
||||
valuesFile: kube-prometheus-stack/values.yaml
|
||||
includeCRDs: true
|
||||
- name: loki
|
||||
repo: https://grafana.github.io/helm-charts
|
||||
version: 6.55.0
|
||||
releaseName: loki
|
||||
namespace: loki
|
||||
valuesFile: loki/values.yaml
|
||||
- name: fluent-bit
|
||||
repo: https://fluent.github.io/helm-charts
|
||||
version: 0.56.0
|
||||
releaseName: fluent-bit
|
||||
namespace: logging
|
||||
valuesFile: fluent-bit/values.yaml
|
||||
- name: sealed-secrets
|
||||
repo: https://bitnami-labs.github.io/sealed-secrets
|
||||
version: 2.18.4
|
||||
releaseName: sealed-secrets
|
||||
namespace: sealed-secrets
|
||||
valuesFile: sealed-secrets/values.yaml
|
||||
- name: external-secrets
|
||||
repo: https://charts.external-secrets.io
|
||||
version: 2.2.0
|
||||
releaseName: external-secrets
|
||||
namespace: external-secrets
|
||||
valuesFile: external-secrets/values.yaml
|
||||
- name: vault
|
||||
repo: https://helm.releases.hashicorp.com
|
||||
version: 0.32.0
|
||||
releaseName: vault
|
||||
namespace: vault
|
||||
valuesFile: vault/values.yaml
|
||||
- name: kyverno
|
||||
repo: https://kyverno.github.io/kyverno/
|
||||
version: 3.7.1
|
||||
releaseName: kyverno
|
||||
namespace: kyverno
|
||||
valuesFile: kyverno/values.yaml
|
||||
- name: kyverno-policies
|
||||
repo: https://kyverno.github.io/kyverno/
|
||||
version: 3.7.1
|
||||
releaseName: kyverno-policies
|
||||
namespace: kyverno
|
||||
valuesFile: kyverno/policies-values.yaml
|
||||
- name: headlamp
|
||||
repo: https://kubernetes-sigs.github.io/headlamp/
|
||||
version: 0.40.1
|
||||
releaseName: headlamp
|
||||
namespace: headlamp
|
||||
valuesFile: headlamp/values.yaml
|
||||
|
||||
@@ -49,7 +49,7 @@ Use **Settings → Repositories** in the UI, or `argocd repo add` / a `Secret` o
|
||||
kubectl apply -f clusters/noble/bootstrap/argocd/root-application.yaml
|
||||
```
|
||||
|
||||
**`apps/noble-platform.yaml`** lists Helm charts and a Git **`path`** for **`clusters/noble/apps`** (see **`kustomization.yaml`** there).
|
||||
**`apps/noble-platform.yaml`** uses one Git **`path`** (**`clusters/noble/apps`**) so the UI shows the full workload tree; **`kustomization.yaml`** there uses **helmCharts** plus **`values.yaml`** from each app.
|
||||
|
||||
## Versions
|
||||
|
||||
|
||||
@@ -2,4 +2,4 @@
|
||||
|
||||
**`noble-root`** syncs this directory. Keep **one** child Application (**`noble-platform`**) so the UI does not list every Helm release separately.
|
||||
|
||||
- **`noble-platform.yaml`** — one **Application** with **multiple sources**: Helm charts from upstream repos plus a Git **`ref: values`** entry that supplies **`$values/.../values.yaml`** and **`path: clusters/noble/apps`** for plain **Kustomize** (namespaces + extra YAML only). No **`kustomize --enable-helm`** required.
|
||||
- **`noble-platform.yaml`** — a **single** **`source`** pointing at **`clusters/noble/apps`** (**`kustomization.yaml`**). Helm charts are **not** separate `sources` entries: multi-source apps are poorly represented in the UI (often only one source’s manifests appear in the tree). **`kustomize.buildOptions: --enable-helm`** is set in **`argocd-cm`** via **`values.yaml`** so Kustomize can expand **helmCharts**.
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
# Noble cluster workloads — one Application row: Helm charts (native sources) + Git/Kustomize
|
||||
# for plain YAML. Values come from this repo via **$values** (last source). Release names match
|
||||
# the per-app README **helm upgrade --install** commands.
|
||||
# Noble cluster workloads — **single** `source` so Argo CD’s resource tree lists all rendered
|
||||
# objects (Helm + Kustomize). **spec.sources** (multi-source) is limited in the UI and often
|
||||
# shows only one source’s manifests (e.g. plain Kustomize without chart workloads).
|
||||
#
|
||||
# https://argo-cd.readthedocs.io/en/stable/user-guide/multiple_sources/
|
||||
# Renders **clusters/noble/apps** via **kustomization.yaml** (helmCharts + resources).
|
||||
# Requires **kustomize.buildOptions: --enable-helm** in **argocd-cm** (see **values.yaml**).
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
@@ -12,83 +13,10 @@ metadata:
|
||||
- resources-finalizer.argocd.argoproj.io/background
|
||||
spec:
|
||||
project: default
|
||||
sources:
|
||||
- repoURL: https://prometheus-community.github.io/helm-charts
|
||||
chart: kube-prometheus-stack
|
||||
targetRevision: "82.15.1"
|
||||
helm:
|
||||
releaseName: kube-prometheus
|
||||
namespace: monitoring
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/kube-prometheus-stack/values.yaml
|
||||
- repoURL: https://grafana.github.io/helm-charts
|
||||
chart: loki
|
||||
targetRevision: "6.55.0"
|
||||
helm:
|
||||
releaseName: loki
|
||||
namespace: loki
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/loki/values.yaml
|
||||
- repoURL: https://fluent.github.io/helm-charts
|
||||
chart: fluent-bit
|
||||
targetRevision: "0.56.0"
|
||||
helm:
|
||||
releaseName: fluent-bit
|
||||
namespace: logging
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/fluent-bit/values.yaml
|
||||
- repoURL: https://bitnami-labs.github.io/sealed-secrets
|
||||
chart: sealed-secrets
|
||||
targetRevision: "2.18.4"
|
||||
helm:
|
||||
releaseName: sealed-secrets
|
||||
namespace: sealed-secrets
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/sealed-secrets/values.yaml
|
||||
- repoURL: https://charts.external-secrets.io
|
||||
chart: external-secrets
|
||||
targetRevision: "2.2.0"
|
||||
helm:
|
||||
releaseName: external-secrets
|
||||
namespace: external-secrets
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/external-secrets/values.yaml
|
||||
- repoURL: https://helm.releases.hashicorp.com
|
||||
chart: vault
|
||||
targetRevision: "0.32.0"
|
||||
helm:
|
||||
releaseName: vault
|
||||
namespace: vault
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/vault/values.yaml
|
||||
- repoURL: https://kyverno.github.io/kyverno/
|
||||
chart: kyverno
|
||||
targetRevision: "3.7.1"
|
||||
helm:
|
||||
releaseName: kyverno
|
||||
namespace: kyverno
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/kyverno/values.yaml
|
||||
- repoURL: https://kyverno.github.io/kyverno/
|
||||
chart: kyverno-policies
|
||||
targetRevision: "3.7.1"
|
||||
helm:
|
||||
releaseName: kyverno-policies
|
||||
namespace: kyverno
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/kyverno/policies-values.yaml
|
||||
- repoURL: https://kubernetes-sigs.github.io/headlamp/
|
||||
chart: headlamp
|
||||
targetRevision: "0.40.1"
|
||||
helm:
|
||||
releaseName: headlamp
|
||||
namespace: headlamp
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/headlamp/values.yaml
|
||||
- repoURL: https://gitea.pcenicni.ca/gsdavidp/home-server.git
|
||||
targetRevision: main
|
||||
ref: values
|
||||
path: clusters/noble/apps
|
||||
source:
|
||||
repoURL: https://gitea.pcenicni.ca/gsdavidp/home-server.git
|
||||
targetRevision: main
|
||||
path: clusters/noble/apps
|
||||
destination:
|
||||
server: https://kubernetes.default.svc
|
||||
namespace: default
|
||||
|
||||
@@ -4,8 +4,9 @@
|
||||
# 2. kubectl apply -f clusters/noble/bootstrap/argocd/root-application.yaml
|
||||
#
|
||||
# Syncs **Application** YAMLs under **apps/** (today: **noble-platform**). Cluster
|
||||
# workloads are defined by **clusters/noble/apps/kustomization.yaml** (plain Kustomize)
|
||||
# and **apps/noble-platform.yaml** (Helm chart sources); per-app **values.yaml** and READMEs stay the source of truth for versions.
|
||||
# workloads are defined by **clusters/noble/apps/kustomization.yaml** (Kustomize + **helmCharts**);
|
||||
# **apps/noble-platform.yaml** uses a single Git **source** for a full UI resource tree. Per-app **values.yaml**
|
||||
# and READMEs stay the source of truth for chart versions.
|
||||
#
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
|
||||
@@ -17,6 +17,10 @@ global:
|
||||
domain: argo.apps.noble.lab.pcenicni.dev
|
||||
|
||||
configs:
|
||||
# Required for **helmCharts** in **clusters/noble/apps/kustomization.yaml** (Kustomize Helm inflation).
|
||||
# After changing this, **helm upgrade** argo-cd; the chart rolls repo-server when **argocd-cm** checksum changes.
|
||||
cm:
|
||||
kustomize.buildOptions: "--enable-helm"
|
||||
params:
|
||||
# TLS terminates at Traefik / cert-manager; Argo CD serves HTTP behind the Ingress.
|
||||
server.insecure: true
|
||||
|
||||
Reference in New Issue
Block a user