Refactor Argo CD application configuration to utilize plain Kustomize for YAML resources and streamline Helm chart management. Update kustomization.yaml to remove Helm chart definitions, shifting to a multi-source approach in noble-platform.yaml. Revise documentation in README.md and apps/README.md to clarify the new structure and eliminate the need for Helm inflation in values.yaml.
This commit is contained in:
Nikholas Pcenicni
@@ -1,8 +1,5 @@
|
||||
# Umbrella for Argo CD Application **noble-platform** — one sync target for core Helm releases
|
||||
# plus shared manifests. Per-app READMEs keep manual **`helm upgrade --install`** commands;
|
||||
# **values.yaml** paths match those commands.
|
||||
#
|
||||
# Requires repo-server Kustomize **--enable-helm** (see **bootstrap/argocd/values.yaml**).
|
||||
# Plain Kustomize (namespaces + extra YAML only). Helm charts are **Application** sources in
|
||||
# **bootstrap/argocd/apps/noble-platform.yaml** so Argo CD does not need **kustomize --enable-helm**.
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
@@ -18,60 +15,3 @@ resources:
|
||||
- grafana-loki-datasource/loki-datasource.yaml
|
||||
- vault/unseal-cronjob.yaml
|
||||
- vault/cilium-network-policy.yaml
|
||||
|
||||
helmCharts:
|
||||
- name: kube-prometheus-stack
|
||||
repo: https://prometheus-community.github.io/helm-charts
|
||||
version: 82.15.1
|
||||
releaseName: kube-prometheus
|
||||
namespace: monitoring
|
||||
valuesFile: kube-prometheus-stack/values.yaml
|
||||
includeCRDs: true
|
||||
- name: loki
|
||||
repo: https://grafana.github.io/helm-charts
|
||||
version: 6.55.0
|
||||
releaseName: loki
|
||||
namespace: loki
|
||||
valuesFile: loki/values.yaml
|
||||
- name: fluent-bit
|
||||
repo: https://fluent.github.io/helm-charts
|
||||
version: 0.56.0
|
||||
releaseName: fluent-bit
|
||||
namespace: logging
|
||||
valuesFile: fluent-bit/values.yaml
|
||||
- name: sealed-secrets
|
||||
repo: https://bitnami-labs.github.io/sealed-secrets
|
||||
version: 2.18.4
|
||||
releaseName: sealed-secrets
|
||||
namespace: sealed-secrets
|
||||
valuesFile: sealed-secrets/values.yaml
|
||||
- name: external-secrets
|
||||
repo: https://charts.external-secrets.io
|
||||
version: 2.2.0
|
||||
releaseName: external-secrets
|
||||
namespace: external-secrets
|
||||
valuesFile: external-secrets/values.yaml
|
||||
- name: vault
|
||||
repo: https://helm.releases.hashicorp.com
|
||||
version: 0.32.0
|
||||
releaseName: vault
|
||||
namespace: vault
|
||||
valuesFile: vault/values.yaml
|
||||
- name: kyverno
|
||||
repo: https://kyverno.github.io/kyverno/
|
||||
version: 3.7.1
|
||||
releaseName: kyverno
|
||||
namespace: kyverno
|
||||
valuesFile: kyverno/values.yaml
|
||||
- name: kyverno-policies
|
||||
repo: https://kyverno.github.io/kyverno/
|
||||
version: 3.7.1
|
||||
releaseName: kyverno-policies
|
||||
namespace: kyverno
|
||||
valuesFile: kyverno/policies-values.yaml
|
||||
- name: headlamp
|
||||
repo: https://kubernetes-sigs.github.io/headlamp/
|
||||
version: 0.40.1
|
||||
releaseName: headlamp
|
||||
namespace: headlamp
|
||||
valuesFile: headlamp/values.yaml
|
||||
|
||||
@@ -49,7 +49,7 @@ Use **Settings → Repositories** in the UI, or `argocd repo add` / a `Secret` o
|
||||
kubectl apply -f clusters/noble/bootstrap/argocd/root-application.yaml
|
||||
```
|
||||
|
||||
**`apps/noble-platform.yaml`** points at **`clusters/noble/apps`** (see **`kustomization.yaml`** there). After **`values.yaml`** changes that affect repo-server (e.g. **`kustomize.buildOptions`**), run **`helm upgrade`** for Argo CD again.
|
||||
**`apps/noble-platform.yaml`** lists Helm charts and a Git **`path`** for **`clusters/noble/apps`** (see **`kustomization.yaml`** there).
|
||||
|
||||
## Versions
|
||||
|
||||
|
||||
@@ -2,6 +2,4 @@
|
||||
|
||||
**`noble-root`** syncs this directory. Keep **one** child Application (**`noble-platform`**) so the UI does not list every Helm release separately.
|
||||
|
||||
- **`noble-platform.yaml`** — syncs **`clusters/noble/apps`** via **`kustomization.yaml`** (namespaces, extra YAML, and **helmCharts** with the same **`values.yaml`** files as the manual install commands in each app README).
|
||||
|
||||
After changing **`clusters/noble/bootstrap/argocd/values.yaml`** (e.g. **`kustomize.buildOptions`**), roll the Argo CD Helm release so repo-server picks up the new ConfigMap.
|
||||
- **`noble-platform.yaml`** — one **Application** with **multiple sources**: Helm charts from upstream repos plus a Git **`ref: values`** entry that supplies **`$values/.../values.yaml`** and **`path: clusters/noble/apps`** for plain **Kustomize** (namespaces + extra YAML only). No **`kustomize --enable-helm`** required.
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
# Noble cluster workloads — one Application so the Argo CD UI stays a single “platform” row
|
||||
# under **noble-root** (app-of-apps). Renders **clusters/noble/apps** (Kustomize + Helm).
|
||||
# Noble cluster workloads — one Application row: Helm charts (native sources) + Git/Kustomize
|
||||
# for plain YAML. Values come from this repo via **$values** (last source). Release names match
|
||||
# the per-app README **helm upgrade --install** commands.
|
||||
#
|
||||
# Adopting existing manual Helm releases: release names and namespaces must match
|
||||
# **clusters/noble/apps/kustomization.yaml** (same as the README install commands).
|
||||
# https://argo-cd.readthedocs.io/en/stable/user-guide/multiple_sources/
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
@@ -12,10 +12,83 @@ metadata:
|
||||
- resources-finalizer.argocd.argoproj.io/background
|
||||
spec:
|
||||
project: default
|
||||
source:
|
||||
repoURL: https://gitea.pcenicni.ca/gsdavidp/home-server.git
|
||||
targetRevision: main
|
||||
path: clusters/noble/apps
|
||||
sources:
|
||||
- repoURL: https://prometheus-community.github.io/helm-charts
|
||||
chart: kube-prometheus-stack
|
||||
targetRevision: "82.15.1"
|
||||
helm:
|
||||
releaseName: kube-prometheus
|
||||
namespace: monitoring
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/kube-prometheus-stack/values.yaml
|
||||
- repoURL: https://grafana.github.io/helm-charts
|
||||
chart: loki
|
||||
targetRevision: "6.55.0"
|
||||
helm:
|
||||
releaseName: loki
|
||||
namespace: loki
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/loki/values.yaml
|
||||
- repoURL: https://fluent.github.io/helm-charts
|
||||
chart: fluent-bit
|
||||
targetRevision: "0.56.0"
|
||||
helm:
|
||||
releaseName: fluent-bit
|
||||
namespace: logging
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/fluent-bit/values.yaml
|
||||
- repoURL: https://bitnami-labs.github.io/sealed-secrets
|
||||
chart: sealed-secrets
|
||||
targetRevision: "2.18.4"
|
||||
helm:
|
||||
releaseName: sealed-secrets
|
||||
namespace: sealed-secrets
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/sealed-secrets/values.yaml
|
||||
- repoURL: https://charts.external-secrets.io
|
||||
chart: external-secrets
|
||||
targetRevision: "2.2.0"
|
||||
helm:
|
||||
releaseName: external-secrets
|
||||
namespace: external-secrets
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/external-secrets/values.yaml
|
||||
- repoURL: https://helm.releases.hashicorp.com
|
||||
chart: vault
|
||||
targetRevision: "0.32.0"
|
||||
helm:
|
||||
releaseName: vault
|
||||
namespace: vault
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/vault/values.yaml
|
||||
- repoURL: https://kyverno.github.io/kyverno/
|
||||
chart: kyverno
|
||||
targetRevision: "3.7.1"
|
||||
helm:
|
||||
releaseName: kyverno
|
||||
namespace: kyverno
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/kyverno/values.yaml
|
||||
- repoURL: https://kyverno.github.io/kyverno/
|
||||
chart: kyverno-policies
|
||||
targetRevision: "3.7.1"
|
||||
helm:
|
||||
releaseName: kyverno-policies
|
||||
namespace: kyverno
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/kyverno/policies-values.yaml
|
||||
- repoURL: https://kubernetes-sigs.github.io/headlamp/
|
||||
chart: headlamp
|
||||
targetRevision: "0.40.1"
|
||||
helm:
|
||||
releaseName: headlamp
|
||||
namespace: headlamp
|
||||
valueFiles:
|
||||
- $values/clusters/noble/apps/headlamp/values.yaml
|
||||
- repoURL: https://gitea.pcenicni.ca/gsdavidp/home-server.git
|
||||
targetRevision: main
|
||||
ref: values
|
||||
path: clusters/noble/apps
|
||||
destination:
|
||||
server: https://kubernetes.default.svc
|
||||
namespace: default
|
||||
|
||||
@@ -4,8 +4,8 @@
|
||||
# 2. kubectl apply -f clusters/noble/bootstrap/argocd/root-application.yaml
|
||||
#
|
||||
# Syncs **Application** YAMLs under **apps/** (today: **noble-platform**). Cluster
|
||||
# workloads are defined by **clusters/noble/apps/kustomization.yaml** (Kustomize +
|
||||
# Helm); per-app **values.yaml** and READMEs stay the source of truth for versions.
|
||||
# workloads are defined by **clusters/noble/apps/kustomization.yaml** (plain Kustomize)
|
||||
# and **apps/noble-platform.yaml** (Helm chart sources); per-app **values.yaml** and READMEs stay the source of truth for versions.
|
||||
#
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
|
||||
@@ -17,9 +17,6 @@ global:
|
||||
domain: argo.apps.noble.lab.pcenicni.dev
|
||||
|
||||
configs:
|
||||
# Kustomize **helmCharts** in **clusters/noble/apps/kustomization.yaml** need Helm inflation.
|
||||
cm:
|
||||
kustomize.buildOptions: --enable-helm
|
||||
params:
|
||||
# TLS terminates at Traefik / cert-manager; Argo CD serves HTTP behind the Ingress.
|
||||
server.insecure: true
|
||||
|
||||
Reference in New Issue
Block a user