Argo CD Bootstrap Module

This module is used to bootstrap the Argo CD that will deploy the rest of the DevOps Stack modules on a first deployment of a cluster.

The Argo CD installed is the same as the one deployed by the Argo CD module, however this module deploys it using the Helm provider for Terraform, since the Argo CD provider cannot be obviously used until it installed.

Usage

To do that, on your Terraform configuration you can declare the module as such:

module "argocd_bootstrap" {
  source = "git::https://github.com/camptocamp/devops-stack-module-argocd.git//bootstrap?ref=<RELEASE>"

  # Note here that you should mark the module as depending on the module that deployed the cluster
  depends_on = [module.eks]
}

Do not forget to add the Argo CD provider settings, which is needed to deploy all the other modules, since they use the Argo CD provider:

provider "argocd" {
  server_addr                 = "127.0.0.1:8080"
  auth_token                  = module.argocd_bootstrap.argocd_auth_token
  insecure                    = true
  plain_text                  = true
  port_forward                = true
  port_forward_with_namespace = "argocd"

  kubernetes {
    ...
  }
}

Unified AppProject

By default, all the modules of the DevOps Stack create their own AppProject to deploy the Argo CD Application deployed by the module. Since the version 3.5.0 of this module, the bootstrap module now supports creating AppProjects for a given map of projects passed in the variable argocd_projects. The DevOps Stack modules then can be configured to use this unified AppProject instead of creating on for each application.

By default, the AppProjects created by this module do not contain restrictions for the destination namespace or source repositories, but you can change that behavior by configuring the allowed_source_repos and allowed_namespaces values on the argocd_projects map.

Migrating from split AppProjects to a unified AppProject

This process requires a few manual steps, because Terraform will try to delete the old AppProjects before referencing the Applications to the new AppProject. To accomplish this, do the following:

Create the new AppProject with the argocd_projects variable, and apply the changes.
Use the Argo CD web interface or edit the Application objects using K9s or kubectl and move each Application to the new project you created.
Modify the module instantiations for each module and add the argocd_project variable to set the Application to use the new AppProject.
Run a terraform apply again. This time, the only changes you should see is the deletion of the old AppProjects.

Technical Documentation

Requirements

The following requirements are needed by this module:

terraform (>= 1.2)
helm (>= 2)
htpasswd (>= 1)
jwt (>= 1.1)
random (>= 3)
time (>= 0.9)
utils (>= 1.6)

Providers

The following providers are used by this module:

random (>= 3)
jwt (>= 1.1)
time (>= 0.9)
helm (>= 2)
utils (>= 1.6)
null

Resources

The following resources are used by this module:

helm_release.argocd (resource)
jwt_hashed_token.argocd (resource)
null_resource.this (resource)
random_password.argocd_server_secretkey (resource)
random_uuid.jti (resource)
time_static.iat (resource)
utils_deep_merge_yaml.values (data source)

Optional Inputs

The following input variables are optional (have default values):

namespace

Description: Namespace where to deploy Argo CD.

Type: string

Default: "argocd"

helm_values

Description: Helm chart value overrides. They should be passed as a list of HCL structures.

Type: any

Default:

[
  {
    "argo-cd": {}
  }
]

Outputs

The following outputs are exported:

Reference in table format

Show tables

= Requirements

Name	Version
terraform	>= 1.2
helm	>= 2
htpasswd	>= 1
jwt	>= 1.1
random	>= 3
time	>= 0.9
utils	>= 1.6

Name

Version

>= 1.2

>= 2

>= 1

>= 1.1

>= 3

>= 0.9

>= 1.6

= Providers

Name	Version
jwt	>= 1.1
time	>= 0.9
random	>= 3
helm	>= 2
utils	>= 1.6
null	n/a

Name

Version

>= 1.1

>= 0.9

>= 3

>= 2

>= 1.6

n/a

= Resources

Name	Type
helm_release.argocd	resource
jwt_hashed_token.argocd	resource
null_resource.this	resource
random_password.argocd_server_secretkey	resource
random_uuid.jti	resource
time_static.iat	resource
utils_deep_merge_yaml.values	data source

Name

Type

helm_release.argocd

resource

jwt_hashed_token.argocd

resource

null_resource.this

resource

random_password.argocd_server_secretkey

resource

random_uuid.jti

resource

time_static.iat

resource

utils_deep_merge_yaml.values

data source

= Inputs

Name Description Type Default Required

Name	Description	Type	Default	Required
namespace	Namespace where to deploy Argo CD.	`string`	`"argocd"`	no
helm_values	Helm chart value overrides. They should be passed as a list of HCL structures.	`any`	`[ { "argo-cd": {} } ]`	no

namespace

Namespace where to deploy Argo CD.

string

"argocd"

helm_values

Helm chart value overrides. They should be passed as a list of HCL structures.

any

[
  {
    "argo-cd": {}
  }
]

= Outputs

Name Description

Name	Description
id	ID to pass other modules in order to refer to this module as a dependency.
argocd_namespace	The namespace where to deploy Argo CD.
argocd_server_secretkey	The Argo CD server secret key.
argocd_auth_token	The token to set in `ARGOCD_AUTH_TOKEN` environment variable. May be used for configuring Argo CD Terraform provider.
argocd_accounts_pipeline_tokens	The Argo CD accounts pipeline tokens.

ID to pass other modules in order to refer to this module as a dependency.

argocd_namespace

The namespace where to deploy Argo CD.

argocd_server_secretkey

The Argo CD server secret key.

argocd_auth_token

The token to set in ARGOCD_AUTH_TOKEN environment variable. May be used for configuring Argo CD Terraform provider.

argocd_accounts_pipeline_tokens

The Argo CD accounts pipeline tokens.