Argo CD Bootstrap Module
This module is used to bootstrap the Argo CD that will deploy the rest of the DevOps Stack modules on a first deployment of a cluster.
The Argo CD installed is the same as the one deployed by the Argo CD module, however this module deploys it using the Helm provider for Terraform, since the Argo CD provider cannot be obviously used until it installed.
Usage
To do that, on your Terraform configuration you can declare the module as such:
module "argocd_bootstrap" {
source = "git::https://github.com/camptocamp/devops-stack-module-argocd.git//bootstrap?ref=<RELEASE>"
# Note here that you should mark the module as depending on the module that deployed the cluster
depends_on = [module.eks]
}
Do not forget to add the Argo CD provider settings, which is needed to deploy all the other modules, since they this Terraform to deploy the Argo CD applications:
provider "argocd" {
auth_token = module.argocd_bootstrap.argocd_auth_token
port_forward_with_namespace = module.argocd_bootstrap.argocd_namespace
insecure = true
plain_text = true
kubernetes {
...
}
}
Unified AppProject
By default, all the modules of the DevOps Stack create their own AppProject to deploy the Argo CD Application deployed by the module. Since the version 3.5.0 of this module, the bootstrap module now supports creating AppProjects for a given map of projects passed in the variable argocd_projects
. The DevOps Stack modules then can be configured to use this unified AppProject instead of creating on for each application.
By default, the AppProjects created by this module do not contain restrictions for the destination namespace or source repositories, but you can change that behavior by configuring the allowed_source_repos and allowed_namespaces values on the argocd_projects map.
|
Migrating from split AppProjects to a unified AppProject
This process requires a few manual steps, because Terraform will try to delete the old AppProjects before referencing the Applications to the new AppProject. To accomplish this, do the following:
-
Create the new AppProject with the
argocd_projects
variable, and apply the changes. -
Use the Argo CD web interface or edit the Application objects using K9s or
kubectl
and move each Application to the new project you created. -
Modify the module instantiations for each module and add the
argocd_project
variable to set the Application to use the new AppProject. -
Run a
terraform apply
again. This time, the only changes you should see is the deletion of the old AppProjects.
Technical Documentation
Resources
The following resources are used by this module:
-
argocd_project.devops_stack_applications (resource)
-
helm_release.argocd (resource)
-
jwt_hashed_token.argocd (resource)
-
null_resource.this (resource)
-
random_password.argocd_server_secretkey (resource)
-
random_uuid.jti (resource)
-
time_static.iat (resource)
-
utils_deep_merge_yaml.values (data source)
Optional Inputs
The following input variables are optional (have default values):
argocd_projects
Description: List of AppProject definitions to be created in Argo CD. By default, no projects are created since this variable defaults to an empty map.
At a minimum, you need to provide the destination_cluster
value, so that the destination cluster can be defined in the project. The name of the project is derived from the key of the map.
The first cluster in the list should always be your main cluster where the Argo CD will be deployed, and the destination cluster for that project must be in-cluster
.
Type:
map(object({
destination_cluster = string
allowed_source_repos = optional(list(string), ["*"])
allowed_namespaces = optional(list(string), ["*"])
}))
Default: {}
helm_values
Description: Helm chart value overrides. They should be passed as a list of HCL structures.
Type: any
Default:
[
{
"argo-cd": {}
}
]
Outputs
The following outputs are exported:
id
Description: ID to pass other modules in order to refer to this module as a dependency.
argocd_namespace
Description: The namespace where Argo CD resides. The main use of this output is to create an implicit dependency when passing this attribute to the oboukili/argocd provider settings.
argocd_project_names
Description: The names of all the Argo CD AppProjects created by the bootstrap module.
argocd_server_secretkey
Description: The Argo CD server secret key.
argocd_auth_token
Description: The token to set in ARGOCD_AUTH_TOKEN
environment variable. May be used for configuring Argo CD Terraform provider.
argocd_accounts_pipeline_tokens
Description: The Argo CD accounts pipeline tokens.
Reference in table format
Show tables
= Requirements
Name | Version |
---|---|
>= 1.2 |
|
>= 6 |
|
>= 2 |
|
>= 1 |
|
>= 1.1 |
|
>= 3 |
|
>= 0.9 |
|
>= 1.6 |
= Providers
Name | Version |
---|---|
>= 3 |
|
>= 1.1 |
|
>= 0.9 |
|
>= 2 |
|
>= 6 |
|
>= 1.6 |
|
n/a |
= Resources
Name | Type |
---|---|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
data source |
= Inputs
Name | Description | Type | Default | Required |
---|---|---|---|---|
List of AppProject definitions to be created in Argo CD. By default, no projects are created since this variable defaults to an empty map. At a minimum, you need to provide the The first cluster in the list should always be your main cluster where the Argo CD will be deployed, and the destination cluster for that project must be |
|
|
no |
|
Helm chart value overrides. They should be passed as a list of HCL structures. |
|
|
no |
= Outputs
Name | Description |
---|---|
ID to pass other modules in order to refer to this module as a dependency. |
|
The namespace where Argo CD resides. The main use of this output is to create an implicit dependency when passing this attribute to the oboukili/argocd provider settings. |
|
The names of all the Argo CD AppProjects created by the bootstrap module. |
|
The Argo CD server secret key. |
|
The token to set in |
|
The Argo CD accounts pipeline tokens. |