From a0d5439d336aee1d5accd37f24044ce992f12746 Mon Sep 17 00:00:00 2001 From: Jesse Suen Date: Sat, 22 Sep 2018 01:29:11 -0700 Subject: [PATCH] Update manifests to support in-cluster installations --- Makefile | 5 +- docs/internal/releasing.md | 26 +- hack/update-manifests.sh | 25 +- manifests/README.md | 16 + .../application-controller-deployment.yaml} | 1 - .../application-controller-role.yaml} | 1 - .../application-controller-rolebinding.yaml} | 1 - .../application-controller-sa.yaml} | 1 - .../application-crd.yaml} | 1 - .../appproject-crd.yaml} | 1 - manifests/base/argocd-cm.yaml | 23 + .../argocd-metrics-service.yaml} | 1 - manifests/base/argocd-rbac-cm.yaml | 15 + .../argocd-repo-server-deployment.yaml} | 1 - .../argocd-repo-server-service.yaml} | 1 - manifests/base/argocd-secret.yaml | 26 + .../argocd-server-deployment.yaml} | 7 - .../argocd-server-role.yaml} | 1 - .../argocd-server-rolebinding.yaml} | 1 - .../argocd-server-sa.yaml} | 1 - .../argocd-server-service.yaml} | 1 - .../dex-server-deployment.yaml} | 7 +- .../dex-server-role.yaml} | 4 - .../dex-server-rolebinding.yaml} | 1 - .../dex-server-sa.yaml} | 1 - .../dex-server-service.yaml} | 1 - manifests/base/kustomization.yaml | 31 ++ .../application-controller-clusterrole.yaml | 15 + ...ication-controller-clusterrolebinding.yaml | 12 + .../argocd-server-clusterrole.yaml | 11 + .../argocd-server-clusterrolebinding.yaml | 12 + manifests/cluster-install/kustomization.yaml | 8 + manifests/components/02a_argocd-cm.yaml | 25 - manifests/components/02b_argocd-secret.yaml | 26 - manifests/components/02c_argocd-rbac-cm.yaml | 16 - manifests/install.yaml | 454 +++++++++--------- manifests/namespace-install.yaml | 380 +++++++++++++++ reposerver/repository/repository_test.go | 6 +- .../testdata/concatenated/concatenated.yaml | 17 + test/e2e/fixture.go | 2 +- 40 files changed, 844 insertions(+), 341 deletions(-) create mode 100644 manifests/README.md rename manifests/{components/03d_application-controller-deployment.yaml => base/application-controller-deployment.yaml} (99%) rename manifests/{components/03b_application-controller-role.yaml => base/application-controller-role.yaml} (99%) rename manifests/{components/03c_application-controller-rolebinding.yaml => base/application-controller-rolebinding.yaml} (98%) rename manifests/{components/03a_application-controller-sa.yaml => base/application-controller-sa.yaml} (95%) rename manifests/{components/01a_application-crd.yaml => base/application-crd.yaml} (98%) rename manifests/{components/01b_appproject-crd.yaml => base/appproject-crd.yaml} (98%) create mode 100644 manifests/base/argocd-cm.yaml rename manifests/{components/04f_argocd-metrics-service.yaml => base/argocd-metrics-service.yaml} (97%) create mode 100644 manifests/base/argocd-rbac-cm.yaml rename manifests/{components/05a_argocd-repo-server-deployment.yaml => base/argocd-repo-server-deployment.yaml} (99%) rename manifests/{components/05b_argocd-repo-server-service.yaml => base/argocd-repo-server-service.yaml} (97%) create mode 100644 manifests/base/argocd-secret.yaml rename manifests/{components/04d_argocd-server-deployment.yaml => base/argocd-server-deployment.yaml} (82%) rename manifests/{components/04b_argocd-server-role.yaml => base/argocd-server-role.yaml} (99%) rename manifests/{components/04c_argocd-server-rolebinding.yaml => base/argocd-server-rolebinding.yaml} (98%) rename manifests/{components/04a_argocd-server-sa.yaml => base/argocd-server-sa.yaml} (94%) rename manifests/{components/04e_argocd-server-service.yaml => base/argocd-server-service.yaml} (98%) rename manifests/{components/06d_dex-server-deployment.yaml => base/dex-server-deployment.yaml} (86%) rename manifests/{components/06b_dex-server-role.yaml => base/dex-server-role.yaml} (78%) rename manifests/{components/06c_dex-server-rolebinding.yaml => base/dex-server-rolebinding.yaml} (98%) rename manifests/{components/06a_dex-server-sa.yaml => base/dex-server-sa.yaml} (94%) rename manifests/{components/06e_dex-server-service.yaml => base/dex-server-service.yaml} (98%) create mode 100644 manifests/base/kustomization.yaml create mode 100644 manifests/cluster-install/application-controller-clusterrole.yaml create mode 100644 manifests/cluster-install/application-controller-clusterrolebinding.yaml create mode 100644 manifests/cluster-install/argocd-server-clusterrole.yaml create mode 100644 manifests/cluster-install/argocd-server-clusterrolebinding.yaml create mode 100644 manifests/cluster-install/kustomization.yaml delete mode 100644 manifests/components/02a_argocd-cm.yaml delete mode 100644 manifests/components/02b_argocd-secret.yaml delete mode 100644 manifests/components/02c_argocd-rbac-cm.yaml create mode 100644 manifests/namespace-install.yaml create mode 100644 reposerver/repository/testdata/concatenated/concatenated.yaml diff --git a/Makefile b/Makefile index 53e9908332eb2..ced8ea9c94f55 100644 --- a/Makefile +++ b/Makefile @@ -78,9 +78,8 @@ cli-darwin: clean-debug argocd-util: clean-debug CGO_ENABLED=0 go build -v -i -ldflags '${LDFLAGS} -extldflags "-static"' -o ${DIST_DIR}/argocd-util ./cmd/argocd-util -.PHONY: install-manifest -install-manifest: - if [ "${IMAGE_NAMESPACE}" = "" ] ; then echo "IMAGE_NAMESPACE must be set to build install manifest" ; exit 1 ; fi +.PHONY: manifests +manifests: ./hack/update-manifests.sh .PHONY: server diff --git a/docs/internal/releasing.md b/docs/internal/releasing.md index 3b2c3aca85229..b5336f44ee35d 100644 --- a/docs/internal/releasing.md +++ b/docs/internal/releasing.md @@ -1,6 +1,6 @@ # ArgoCD Release Instructions -1. Tag and build argo-cd-ui +1. Tag, build, and push argo-cd-ui ```bash cd argo-cd-ui git tag vX.Y.Z @@ -8,26 +8,27 @@ git push upstream vX.Y.Z IMAGE_NAMESPACE=argoproj IMAGE_TAG=vX.Y.Z DOCKER_PUSH=true yarn docker ``` -2. Edit CHANGELOG.md, getting_started.md, install manifests with new version +2. Create release-X.Y branch (if creating initial X.Y release) ```bash -make install-manifest IMAGE_NAMESPACE=argoproj IMAGE_TAG=vX.Y.Z +git checkout -b release-X.Y +git push upstream release-X.Y +``` + +3. Update manifests with new version +```bash +vi manifests/base/kustomization.yaml # update with new image tags +make manifests git commit -a -m "Update manifests to vX.Y.Z" git push upstream master ``` -3. Tag, build the release, and push to docker hub +4. Tag, build, and push release to docker hub ```bash git tag vX.Y.Z make release IMAGE_NAMESPACE=argoproj IMAGE_TAG=vX.Y.Z DOCKER_PUSH=true git push upstream vX.Y.Z ``` -4. Create release-X.Y branch (if necessary) -```bash -git checkout -b release-X.Y -git push upstream release-X.Y -``` - 5. Update argocd brew formula ```bash git clone https://github.com/argoproj/homebrew-tap @@ -37,3 +38,8 @@ shasum -a 256 ~/go/src/github.com/argoproj/argo-cd/dist/argocd-darwin-amd64 git commit -a -m "Update argocd to vX.Y.Z" git push ``` + +6. Update documentation: +* Edit CHANGELOG.md with release notes +* Update getting_started.md with new version +* Create GitHub release from new tag and upload binaries (e.g. dist/argocd-darwin-amd64) diff --git a/hack/update-manifests.sh b/hack/update-manifests.sh index 0647b62f1d540..23b77966c487f 100755 --- a/hack/update-manifests.sh +++ b/hack/update-manifests.sh @@ -1,11 +1,22 @@ #!/bin/sh -IMAGE_NAMESPACE=${IMAGE_NAMESPACE:='argoproj'} -IMAGE_TAG=${IMAGE_TAG:='latest'} +SRCROOT="$( cd "$(dirname "$0")/.." ; pwd -P )" +AUTOGENMSG="# This is an auto-generated file. DO NOT EDIT" -for i in "$(ls manifests/components/*.yaml)"; do - sed -i '' 's@\( image: \(.*\)/\(argocd-.*\):.*\)@ image: '"${IMAGE_NAMESPACE}"'/\3:'"${IMAGE_TAG}"'@g' $i -done +update_image () { + if [ ! -z "${IMAGE_NAMESPACE}" ]; then + sed -i '' 's| image: \(.*\)/\(argocd-.*\)| image: '"${IMAGE_NAMESPACE}"'/\2|g' ${1} + fi + if [ ! -z "${IMAGE_TAG}" ]; then + sed -i '' 's|\( image: .*/argocd-.*\)\:.*|\1:'"${IMAGE_TAG}"'|g' ${1} + fi +} + +echo "${AUTOGENMSG}" > ${SRCROOT}/manifests/install.yaml +kustomize build ${SRCROOT}/manifests/cluster-install >> ${SRCROOT}/manifests/install.yaml +update_image ${SRCROOT}/manifests/install.yaml + +echo "${AUTOGENMSG}" > ${SRCROOT}/manifests/namespace-install.yaml +kustomize build ${SRCROOT}/manifests/base >> ${SRCROOT}/manifests/namespace-install.yaml +update_image ${SRCROOT}/manifests/namespace-install.yaml -echo "# This is an auto-generated file. DO NOT EDIT" > manifests/install.yaml -cat manifests/components/*.yaml >> manifests/install.yaml diff --git a/manifests/README.md b/manifests/README.md new file mode 100644 index 0000000000000..8ae330fd1909a --- /dev/null +++ b/manifests/README.md @@ -0,0 +1,16 @@ +# ArgoCD Installation Manifests + +Two sets of installation manifests are provided: + +* [install.yaml](install.yaml) - Standard ArgoCD installation with cluster-admin access. Use this + manifest set if you plan to use ArgoCD to deploy applications in the same cluster that ArgoCD runs + in (i.e. kubernetes.svc.default). Will still be able to deploy to external clusters with inputted + credentials. + +* [namespace-install.yaml](namespace-install.yaml) - Installation of ArgoCD which requires only + namespace level privileges (does not need cluster roles). Use this manifest set if you do not + need ArgoCD to deploy applications in the same cluster that ArgoCD runs in, and will rely solely + on inputted cluster credentials. An example of using this set of manifests is if you run several + ArgoCD instances for different teams, where each instance will bedeploying applications to + external clusters. Will still be possible to deploy to the same cluster (kubernetes.svc.default) + with inputted credentials (i.e. `argocd cluster add --in-cluster`). diff --git a/manifests/components/03d_application-controller-deployment.yaml b/manifests/base/application-controller-deployment.yaml similarity index 99% rename from manifests/components/03d_application-controller-deployment.yaml rename to manifests/base/application-controller-deployment.yaml index afcc5b9c7bbde..234e5c2b50cea 100644 --- a/manifests/components/03d_application-controller-deployment.yaml +++ b/manifests/base/application-controller-deployment.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/manifests/components/03b_application-controller-role.yaml b/manifests/base/application-controller-role.yaml similarity index 99% rename from manifests/components/03b_application-controller-role.yaml rename to manifests/base/application-controller-role.yaml index 6c22ffeedc771..7a3d16399e920 100644 --- a/manifests/components/03b_application-controller-role.yaml +++ b/manifests/base/application-controller-role.yaml @@ -1,4 +1,3 @@ ---- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: diff --git a/manifests/components/03c_application-controller-rolebinding.yaml b/manifests/base/application-controller-rolebinding.yaml similarity index 98% rename from manifests/components/03c_application-controller-rolebinding.yaml rename to manifests/base/application-controller-rolebinding.yaml index e7f8009585536..6ae75c60e7ad9 100644 --- a/manifests/components/03c_application-controller-rolebinding.yaml +++ b/manifests/base/application-controller-rolebinding.yaml @@ -1,4 +1,3 @@ ---- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: diff --git a/manifests/components/03a_application-controller-sa.yaml b/manifests/base/application-controller-sa.yaml similarity index 95% rename from manifests/components/03a_application-controller-sa.yaml rename to manifests/base/application-controller-sa.yaml index e7d12d8c8bd7d..bb713bcd2237c 100644 --- a/manifests/components/03a_application-controller-sa.yaml +++ b/manifests/base/application-controller-sa.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: ServiceAccount metadata: diff --git a/manifests/components/01a_application-crd.yaml b/manifests/base/application-crd.yaml similarity index 98% rename from manifests/components/01a_application-crd.yaml rename to manifests/base/application-crd.yaml index f6774e00f092f..3f00368100619 100644 --- a/manifests/components/01a_application-crd.yaml +++ b/manifests/base/application-crd.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: diff --git a/manifests/components/01b_appproject-crd.yaml b/manifests/base/appproject-crd.yaml similarity index 98% rename from manifests/components/01b_appproject-crd.yaml rename to manifests/base/appproject-crd.yaml index 3a87dbf7b2600..59f67f7ca54da 100644 --- a/manifests/components/01b_appproject-crd.yaml +++ b/manifests/base/appproject-crd.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: diff --git a/manifests/base/argocd-cm.yaml b/manifests/base/argocd-cm.yaml new file mode 100644 index 0000000000000..bf69b3106c2fd --- /dev/null +++ b/manifests/base/argocd-cm.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-cm +# data: +# # ArgoCD's externally facing base URL. Required for configuring SSO +# # url: https://argo-cd-demo.argoproj.io +# +# # A dex connector configuration. See documentation on how to configure SSO: +# # https://github.com/argoproj/argo-cd/blob/master/docs/sso.md#2-configure-argocd-for-sso +# dex.config: | +# connectors: +# # GitHub example +# - type: github +# id: github +# name: GitHub +# config: +# clientID: aabbccddeeff00112233 +# clientSecret: $dex.github.clientSecret +# orgs: +# - name: your-github-org +# teams: +# - red-team diff --git a/manifests/components/04f_argocd-metrics-service.yaml b/manifests/base/argocd-metrics-service.yaml similarity index 97% rename from manifests/components/04f_argocd-metrics-service.yaml rename to manifests/base/argocd-metrics-service.yaml index f8484ba8f1a8c..f70166f83a721 100644 --- a/manifests/components/04f_argocd-metrics-service.yaml +++ b/manifests/base/argocd-metrics-service.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Service metadata: diff --git a/manifests/base/argocd-rbac-cm.yaml b/manifests/base/argocd-rbac-cm.yaml new file mode 100644 index 0000000000000..1ac7ec5b55846 --- /dev/null +++ b/manifests/base/argocd-rbac-cm.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-rbac-cm +# data: +# # An RBAC policy .csv file containing additional policy and role definitions. +# # See https://github.com/argoproj/argo-cd/blob/master/docs/rbac.md on how to write RBAC policies. +# policy.csv: | +# # Give all members of "my-org:team-alpha" the ability to sync apps in "my-project" +# p, my-org:team-alpha, applications, sync, my-project/*, allow +# # Make all members of "my-org:team-beta" admins +# g, my-org:team-beta, role:admin +# +# # The default role ArgoCD will fall back to, when authorizing API requests +# policy.default: role:readonly diff --git a/manifests/components/05a_argocd-repo-server-deployment.yaml b/manifests/base/argocd-repo-server-deployment.yaml similarity index 99% rename from manifests/components/05a_argocd-repo-server-deployment.yaml rename to manifests/base/argocd-repo-server-deployment.yaml index b3fecc2911f07..0a1f6d40bfdf3 100644 --- a/manifests/components/05a_argocd-repo-server-deployment.yaml +++ b/manifests/base/argocd-repo-server-deployment.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/manifests/components/05b_argocd-repo-server-service.yaml b/manifests/base/argocd-repo-server-service.yaml similarity index 97% rename from manifests/components/05b_argocd-repo-server-service.yaml rename to manifests/base/argocd-repo-server-service.yaml index 1ded2496f0166..a36da415458f6 100644 --- a/manifests/components/05b_argocd-repo-server-service.yaml +++ b/manifests/base/argocd-repo-server-service.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Service metadata: diff --git a/manifests/base/argocd-secret.yaml b/manifests/base/argocd-secret.yaml new file mode 100644 index 0000000000000..05671650a97c1 --- /dev/null +++ b/manifests/base/argocd-secret.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Secret +metadata: + name: argocd-secret +type: Opaque +# data: +# # TLS certificate and private key for API server. +# # Autogenerated with a self-signed ceritificate if keys are missing. +# tls.crt: +# tls.key: +# +# # bcrypt hash of the admin password and it's last modified time. Autogenerated on initial +# # startup. To reset a forgotten password, delete both keys and restart argocd-server. +# admin.password: +# admin.passwordMtime: +# +# # random server signature key for session validation. Autogenerated on initial startup +# server.secretkey: +# +# # The following keys hold the shared secret for authenticating GitHub/GitLab/BitBucket webhook +# # events. To enable webhooks, configure one or more of the following keys with the shared git +# # provider webhook secret. The payload URL configured in the git provider should use the +# # /api/webhook endpoint of your ArgoCD instance (e.g. https://argocd.example.com/api/webhook) +# github.webhook.secret: +# gitlab.webhook.secret: +# bitbucket.webhook.uuid: diff --git a/manifests/components/04d_argocd-server-deployment.yaml b/manifests/base/argocd-server-deployment.yaml similarity index 82% rename from manifests/components/04d_argocd-server-deployment.yaml rename to manifests/base/argocd-server-deployment.yaml index 5a4227749864f..f056f4a9c57f4 100644 --- a/manifests/components/04d_argocd-server-deployment.yaml +++ b/manifests/base/argocd-server-deployment.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -14,12 +13,6 @@ spec: spec: serviceAccountName: argocd-server initContainers: - - name: copyutil - image: argoproj/argocd-server:latest - command: [cp, /argocd-util, /shared] - volumeMounts: - - mountPath: /shared - name: static-files - name: ui image: argoproj/argocd-ui:latest command: [cp, -r, /app, /shared] diff --git a/manifests/components/04b_argocd-server-role.yaml b/manifests/base/argocd-server-role.yaml similarity index 99% rename from manifests/components/04b_argocd-server-role.yaml rename to manifests/base/argocd-server-role.yaml index 5b5a56a7cafec..46d8c85bea9f6 100644 --- a/manifests/components/04b_argocd-server-role.yaml +++ b/manifests/base/argocd-server-role.yaml @@ -1,4 +1,3 @@ ---- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: diff --git a/manifests/components/04c_argocd-server-rolebinding.yaml b/manifests/base/argocd-server-rolebinding.yaml similarity index 98% rename from manifests/components/04c_argocd-server-rolebinding.yaml rename to manifests/base/argocd-server-rolebinding.yaml index bca111c40d931..7705e5c84dce8 100644 --- a/manifests/components/04c_argocd-server-rolebinding.yaml +++ b/manifests/base/argocd-server-rolebinding.yaml @@ -1,4 +1,3 @@ ---- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: diff --git a/manifests/components/04a_argocd-server-sa.yaml b/manifests/base/argocd-server-sa.yaml similarity index 94% rename from manifests/components/04a_argocd-server-sa.yaml rename to manifests/base/argocd-server-sa.yaml index fa2a6209cf40b..83c5bf07ceb88 100644 --- a/manifests/components/04a_argocd-server-sa.yaml +++ b/manifests/base/argocd-server-sa.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: ServiceAccount metadata: diff --git a/manifests/components/04e_argocd-server-service.yaml b/manifests/base/argocd-server-service.yaml similarity index 98% rename from manifests/components/04e_argocd-server-service.yaml rename to manifests/base/argocd-server-service.yaml index 3df6cbc88589b..a61f66ef7300c 100644 --- a/manifests/components/04e_argocd-server-service.yaml +++ b/manifests/base/argocd-server-service.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Service metadata: diff --git a/manifests/components/06d_dex-server-deployment.yaml b/manifests/base/dex-server-deployment.yaml similarity index 86% rename from manifests/components/06d_dex-server-deployment.yaml rename to manifests/base/dex-server-deployment.yaml index 3eec4ca66be04..75181a8e93485 100644 --- a/manifests/components/06d_dex-server-deployment.yaml +++ b/manifests/base/dex-server-deployment.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -22,11 +21,11 @@ spec: name: static-files containers: - name: dex - image: quay.io/coreos/dex:v2.10.0 + image: quay.io/dexidp/dex:v2.11.0 command: [/shared/argocd-util, rundex] ports: - - containerPort: 5556 - - containerPort: 5557 + - containerPort: 5556 + - containerPort: 5557 volumeMounts: - mountPath: /shared name: static-files diff --git a/manifests/components/06b_dex-server-role.yaml b/manifests/base/dex-server-role.yaml similarity index 78% rename from manifests/components/06b_dex-server-role.yaml rename to manifests/base/dex-server-role.yaml index 576d258b36372..fdc65f8b1777a 100644 --- a/manifests/components/06b_dex-server-role.yaml +++ b/manifests/base/dex-server-role.yaml @@ -1,4 +1,3 @@ ---- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -6,9 +5,6 @@ metadata: rules: - apiGroups: - "" - resourceNames: - - argocd-cm - - argocd-secret resources: - secrets - configmaps diff --git a/manifests/components/06c_dex-server-rolebinding.yaml b/manifests/base/dex-server-rolebinding.yaml similarity index 98% rename from manifests/components/06c_dex-server-rolebinding.yaml rename to manifests/base/dex-server-rolebinding.yaml index 02eeee5c8c895..a9f5f63385122 100644 --- a/manifests/components/06c_dex-server-rolebinding.yaml +++ b/manifests/base/dex-server-rolebinding.yaml @@ -1,4 +1,3 @@ ---- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: diff --git a/manifests/components/06a_dex-server-sa.yaml b/manifests/base/dex-server-sa.yaml similarity index 94% rename from manifests/components/06a_dex-server-sa.yaml rename to manifests/base/dex-server-sa.yaml index 0413108841492..50d96ecdce51e 100644 --- a/manifests/components/06a_dex-server-sa.yaml +++ b/manifests/base/dex-server-sa.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: ServiceAccount metadata: diff --git a/manifests/components/06e_dex-server-service.yaml b/manifests/base/dex-server-service.yaml similarity index 98% rename from manifests/components/06e_dex-server-service.yaml rename to manifests/base/dex-server-service.yaml index ddb0b2e606fb0..bec4173a4399e 100644 --- a/manifests/components/06e_dex-server-service.yaml +++ b/manifests/base/dex-server-service.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Service metadata: diff --git a/manifests/base/kustomization.yaml b/manifests/base/kustomization.yaml new file mode 100644 index 0000000000000..c6019b53759a1 --- /dev/null +++ b/manifests/base/kustomization.yaml @@ -0,0 +1,31 @@ +resources: +- application-crd.yaml +- appproject-crd.yaml +- argocd-cm.yaml +- argocd-secret.yaml +- argocd-rbac-cm.yaml +- application-controller-sa.yaml +- application-controller-role.yaml +- application-controller-rolebinding.yaml +- application-controller-deployment.yaml +- argocd-server-sa.yaml +- argocd-server-role.yaml +- argocd-server-rolebinding.yaml +- argocd-server-deployment.yaml +- argocd-server-service.yaml +- argocd-metrics-service.yaml +- argocd-repo-server-deployment.yaml +- argocd-repo-server-service.yaml +- dex-server-sa.yaml +- dex-server-role.yaml +- dex-server-rolebinding.yaml +- dex-server-deployment.yaml +- dex-server-service.yaml + +imageTags: +- name: argoproj/argocd-server + newTag: latest +- name: argoproj/argocd-repo-server + newTag: latest +- name: argoproj/application-controller + newTag: latest diff --git a/manifests/cluster-install/application-controller-clusterrole.yaml b/manifests/cluster-install/application-controller-clusterrole.yaml new file mode 100644 index 0000000000000..3fade8ead2cbf --- /dev/null +++ b/manifests/cluster-install/application-controller-clusterrole.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: application-controller-clusterrole +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' +- nonResourceURLs: + - '*' + verbs: + - '*' diff --git a/manifests/cluster-install/application-controller-clusterrolebinding.yaml b/manifests/cluster-install/application-controller-clusterrolebinding.yaml new file mode 100644 index 0000000000000..5e2577a76a742 --- /dev/null +++ b/manifests/cluster-install/application-controller-clusterrolebinding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: application-controller-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: application-controller-clusterrole +subjects: +- kind: ServiceAccount + name: application-controller + namespace: argocd diff --git a/manifests/cluster-install/argocd-server-clusterrole.yaml b/manifests/cluster-install/argocd-server-clusterrole.yaml new file mode 100644 index 0000000000000..baece217b1ff2 --- /dev/null +++ b/manifests/cluster-install/argocd-server-clusterrole.yaml @@ -0,0 +1,11 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-server-clusterrole +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - delete diff --git a/manifests/cluster-install/argocd-server-clusterrolebinding.yaml b/manifests/cluster-install/argocd-server-clusterrolebinding.yaml new file mode 100644 index 0000000000000..afd47ab7e6013 --- /dev/null +++ b/manifests/cluster-install/argocd-server-clusterrolebinding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: argocd-server-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argocd-server-clusterrole +subjects: +- kind: ServiceAccount + name: argocd-server + namespace: argocd diff --git a/manifests/cluster-install/kustomization.yaml b/manifests/cluster-install/kustomization.yaml new file mode 100644 index 0000000000000..b5252639e5572 --- /dev/null +++ b/manifests/cluster-install/kustomization.yaml @@ -0,0 +1,8 @@ +bases: +- ../base + +resources: +- application-controller-clusterrole.yaml +- application-controller-clusterrolebinding.yaml +- argocd-server-clusterrole.yaml +- argocd-server-clusterrolebinding.yaml diff --git a/manifests/components/02a_argocd-cm.yaml b/manifests/components/02a_argocd-cm.yaml deleted file mode 100644 index f20d775a5cc13..0000000000000 --- a/manifests/components/02a_argocd-cm.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-cm -#data: - # ArgoCD's externally facing URL - # url: https://argo-cd-demo.argoproj.io - - # A dex connector configuration. - # Visit https://github.com/argoproj/argo-cd/blob/master/docs/sso.md#2-configure-argocd-for-sso - # for instructions on configuring SSO. - # dex.config: | - # connectors: - # # GitHub example - # - type: github - # id: github - # name: GitHub - # config: - # clientID: aabbccddeeff00112233 - # clientSecret: $dex.github.clientSecret - # orgs: - # - name: your-github-org - # teams: - # - red-team diff --git a/manifests/components/02b_argocd-secret.yaml b/manifests/components/02b_argocd-secret.yaml deleted file mode 100644 index 4a9e2aee72230..0000000000000 --- a/manifests/components/02b_argocd-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# NOTE: some values in this secret will be populated by the initial startup of the API server -apiVersion: v1 -kind: Secret -metadata: - name: argocd-secret -type: Opaque -#data: - # TLS certificate and private key for API server - # server.crt: - # server.key: - - # The following keys hold the shared secret for authenticating GitHub/GitLab/BitBucket webhook - # events. To enable webhooks, configure one or more of the following keys with the shared git - # provider webhook secret. The payload URL configured in the git provider should use the - # /api/webhook endpoint of your ArgoCD instance (e.g. https://argocd.example.com/api/webhook) - # github.webhook.secret: - # gitlab.webhook.secret: - # bitbucket.webhook.uuid: - - # bcrypt hash of the admin password (autogenerated on initial startup). - # To reset a forgotten password, delete this key and restart the argocd-server - # admin.password: - - # random server signature key for session validation (autogenerated on initial startup) - # server.secretkey: diff --git a/manifests/components/02c_argocd-rbac-cm.yaml b/manifests/components/02c_argocd-rbac-cm.yaml deleted file mode 100644 index a3fc87ff83bc2..0000000000000 --- a/manifests/components/02c_argocd-rbac-cm.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-rbac-cm -#data: - # An RBAC policy .csv file containing additional policy and role definitions. - # See https://github.com/argoproj/argo-cd/blob/master/docs/rbac.md on how to write RBAC policies. - # policy.csv: | - # # Give all members of "my-org:team-alpha" the ability to sync apps in "my-project" - # p, my-org:team-alpha, applications, sync, my-project/*, allow - # # Make all members of "my-org:team-beta" admins - # g, my-org:team-beta, role:admin - - # The default role ArgoCD will fall back to, when authorizing API requests - # policy.default: role:readonly diff --git a/manifests/install.yaml b/manifests/install.yaml index b3ab08ea1294e..b440d994a3823 100644 --- a/manifests/install.yaml +++ b/manifests/install.yaml @@ -1,5 +1,4 @@ # This is an auto-generated file. DO NOT EDIT ---- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: @@ -30,76 +29,19 @@ spec: version: v1alpha1 --- apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-cm -#data: - # ArgoCD's externally facing URL - # url: https://argo-cd-demo.argoproj.io - - # A dex connector configuration. - # Visit https://github.com/argoproj/argo-cd/blob/master/docs/sso.md#2-configure-argocd-for-sso - # for instructions on configuring SSO. - # dex.config: | - # connectors: - # # GitHub example - # - type: github - # id: github - # name: GitHub - # config: - # clientID: aabbccddeeff00112233 - # clientSecret: $dex.github.clientSecret - # orgs: - # - name: your-github-org - # teams: - # - red-team ---- -# NOTE: some values in this secret will be populated by the initial startup of the API server -apiVersion: v1 -kind: Secret +kind: ServiceAccount metadata: - name: argocd-secret -type: Opaque -#data: - # TLS certificate and private key for API server - # server.crt: - # server.key: - - # The following keys hold the shared secret for authenticating GitHub/GitLab/BitBucket webhook - # events. To enable webhooks, configure one or more of the following keys with the shared git - # provider webhook secret. The payload URL configured in the git provider should use the - # /api/webhook endpoint of your ArgoCD instance (e.g. https://argocd.example.com/api/webhook) - # github.webhook.secret: - # gitlab.webhook.secret: - # bitbucket.webhook.uuid: - - # bcrypt hash of the admin password (autogenerated on initial startup). - # To reset a forgotten password, delete this key and restart the argocd-server - # admin.password: - - # random server signature key for session validation (autogenerated on initial startup) - # server.secretkey: + name: application-controller --- apiVersion: v1 -kind: ConfigMap +kind: ServiceAccount metadata: - name: argocd-rbac-cm -#data: - # An RBAC policy .csv file containing additional policy and role definitions. - # See https://github.com/argoproj/argo-cd/blob/master/docs/rbac.md on how to write RBAC policies. - # policy.csv: | - # # Give all members of "my-org:team-alpha" the ability to sync apps in "my-project" - # p, my-org:team-alpha, applications, sync, my-project/*, allow - # # Make all members of "my-org:team-beta" admins - # g, my-org:team-beta, role:admin - - # The default role ArgoCD will fall back to, when authorizing API requests - # policy.default: role:readonly + name: argocd-server --- apiVersion: v1 kind: ServiceAccount metadata: - name: application-controller + name: dex-server --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -136,43 +78,6 @@ rules: verbs: - create - list - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: application-controller-role-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: application-controller-role -subjects: -- kind: ServiceAccount - name: application-controller ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: application-controller -spec: - selector: - matchLabels: - app: application-controller - template: - metadata: - labels: - app: application-controller - spec: - containers: - - command: [/argocd-application-controller, --repo-server, 'argocd-repo-server:8081'] - image: argoproj/argocd-application-controller:latest - name: application-controller - serviceAccountName: application-controller ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: argocd-server --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -214,6 +119,61 @@ rules: - list --- apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: dex-server-role +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: application-controller-clusterrole +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' +- nonResourceURLs: + - '*' + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-server-clusterrole +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - delete +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: application-controller-role-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: application-controller-role +subjects: +- kind: ServiceAccount + name: application-controller +--- +apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: argocd-server-role-binding @@ -225,49 +185,83 @@ subjects: - kind: ServiceAccount name: argocd-server --- -apiVersion: apps/v1 -kind: Deployment +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: dex-server-role-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: dex-server-role +subjects: +- kind: ServiceAccount + name: dex-server +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: application-controller-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: application-controller-clusterrole +subjects: +- kind: ServiceAccount + name: application-controller + namespace: argocd +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding metadata: + name: argocd-server-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: argocd-server-clusterrole +subjects: +- kind: ServiceAccount name: argocd-server + namespace: argocd +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-cm +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-rbac-cm +--- +apiVersion: v1 +kind: Secret +metadata: + name: argocd-secret +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-metrics spec: + ports: + - name: http + port: 8082 + protocol: TCP + targetPort: 8082 selector: - matchLabels: - app: argocd-server - template: - metadata: - labels: - app: argocd-server - spec: - serviceAccountName: argocd-server - initContainers: - - name: copyutil - image: argoproj/argocd-server:latest - command: [cp, /argocd-util, /shared] - volumeMounts: - - mountPath: /shared - name: static-files - - name: ui - image: argoproj/argocd-ui:latest - command: [cp, -r, /app, /shared] - volumeMounts: - - mountPath: /shared - name: static-files - containers: - - name: argocd-server - image: argoproj/argocd-server:latest - command: [/argocd-server, --staticassets, /shared/app, --repo-server, 'argocd-repo-server:8081'] - volumeMounts: - - mountPath: /shared - name: static-files - readinessProbe: - httpGet: - path: /healthz - port: 8080 - initialDelaySeconds: 3 - periodSeconds: 30 - volumes: - - emptyDir: {} - name: static-files + app: argocd-server +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-repo-server +spec: + ports: + - port: 8081 + targetPort: 8081 + selector: + app: argocd-repo-server --- apiVersion: v1 kind: Service @@ -276,12 +270,12 @@ metadata: spec: ports: - name: http - protocol: TCP port: 80 + protocol: TCP targetPort: 8080 - name: https - protocol: TCP port: 443 + protocol: TCP targetPort: 8080 selector: app: argocd-server @@ -289,15 +283,41 @@ spec: apiVersion: v1 kind: Service metadata: - name: argocd-metrics + name: dex-server spec: ports: - name: http + port: 5556 protocol: TCP - port: 8082 - targetPort: 8082 + targetPort: 5556 + - name: grpc + port: 5557 + protocol: TCP + targetPort: 5557 selector: - app: argocd-server + app: dex-server +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: application-controller +spec: + selector: + matchLabels: + app: application-controller + template: + metadata: + labels: + app: application-controller + spec: + containers: + - command: + - /argocd-application-controller + - --repo-server + - argocd-repo-server:8081 + image: argoproj/argocd-application-controller:latest + name: application-controller + serviceAccountName: application-controller --- apiVersion: apps/v1 kind: Deployment @@ -312,58 +332,66 @@ spec: labels: app: argocd-repo-server spec: + automountServiceAccountToken: false containers: - - name: argocd-repo-server + - command: + - /argocd-repo-server image: argoproj/argocd-repo-server:latest - command: [/argocd-repo-server] + name: argocd-repo-server ports: - - containerPort: 8081 + - containerPort: 8081 + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 10 + tcpSocket: + port: 8081 --- -apiVersion: v1 -kind: Service +apiVersion: apps/v1 +kind: Deployment metadata: - name: argocd-repo-server + name: argocd-server spec: - ports: - - port: 8081 - targetPort: 8081 selector: - app: argocd-repo-server ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: dex-server ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: dex-server-role -rules: -- apiGroups: - - "" - resourceNames: - - argocd-cm - - argocd-secret - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: dex-server-role-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: dex-server-role -subjects: -- kind: ServiceAccount - name: dex-server + matchLabels: + app: argocd-server + template: + metadata: + labels: + app: argocd-server + spec: + containers: + - command: + - /argocd-server + - --staticassets + - /shared/app + - --repo-server + - argocd-repo-server:8081 + image: argoproj/argocd-server:latest + name: argocd-server + readinessProbe: + httpGet: + path: /healthz + port: 8080 + initialDelaySeconds: 3 + periodSeconds: 30 + volumeMounts: + - mountPath: /shared + name: static-files + initContainers: + - command: + - cp + - -r + - /app + - /shared + image: argoproj/argocd-ui:latest + name: ui + volumeMounts: + - mountPath: /shared + name: static-files + serviceAccountName: argocd-server + volumes: + - emptyDir: {} + name: static-files --- apiVersion: apps/v1 kind: Deployment @@ -378,41 +406,29 @@ spec: labels: app: dex-server spec: - serviceAccountName: dex-server - initContainers: - - name: copyutil - image: argoproj/argocd-server:latest - command: [cp, /argocd-util, /shared] + containers: + - command: + - /shared/argocd-util + - rundex + image: quay.io/dexidp/dex:v2.11.0 + name: dex + ports: + - containerPort: 5556 + - containerPort: 5557 volumeMounts: - mountPath: /shared name: static-files - containers: - - name: dex - image: quay.io/coreos/dex:v2.10.0 - command: [/shared/argocd-util, rundex] - ports: - - containerPort: 5556 - - containerPort: 5557 + initContainers: + - command: + - cp + - /argocd-util + - /shared + image: argoproj/argocd-server:latest + name: copyutil volumeMounts: - mountPath: /shared name: static-files + serviceAccountName: dex-server volumes: - emptyDir: {} name: static-files ---- -apiVersion: v1 -kind: Service -metadata: - name: dex-server -spec: - ports: - - name: http - protocol: TCP - port: 5556 - targetPort: 5556 - - name: grpc - protocol: TCP - port: 5557 - targetPort: 5557 - selector: - app: dex-server diff --git a/manifests/namespace-install.yaml b/manifests/namespace-install.yaml new file mode 100644 index 0000000000000..cb86470c7cc66 --- /dev/null +++ b/manifests/namespace-install.yaml @@ -0,0 +1,380 @@ +# This is an auto-generated file. DO NOT EDIT +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: applications.argoproj.io +spec: + group: argoproj.io + names: + kind: Application + plural: applications + shortNames: + - app + scope: Namespaced + version: v1alpha1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: appprojects.argoproj.io +spec: + group: argoproj.io + names: + kind: AppProject + plural: appprojects + shortNames: + - appproj + - appprojs + scope: Namespaced + version: v1alpha1 +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: application-controller +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-server +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: dex-server +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: application-controller-role +rules: +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - watch + - list + - patch + - update +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - list +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-server-role +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - create + - get + - list + - watch + - update + - delete + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - list +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: dex-server-role +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: application-controller-role-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: application-controller-role +subjects: +- kind: ServiceAccount + name: application-controller +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-server-role-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: argocd-server-role +subjects: +- kind: ServiceAccount + name: argocd-server +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: dex-server-role-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: dex-server-role +subjects: +- kind: ServiceAccount + name: dex-server +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-cm +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-rbac-cm +--- +apiVersion: v1 +kind: Secret +metadata: + name: argocd-secret +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-metrics +spec: + ports: + - name: http + port: 8082 + protocol: TCP + targetPort: 8082 + selector: + app: argocd-server +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-repo-server +spec: + ports: + - port: 8081 + targetPort: 8081 + selector: + app: argocd-repo-server +--- +apiVersion: v1 +kind: Service +metadata: + name: argocd-server +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8080 + - name: https + port: 443 + protocol: TCP + targetPort: 8080 + selector: + app: argocd-server +--- +apiVersion: v1 +kind: Service +metadata: + name: dex-server +spec: + ports: + - name: http + port: 5556 + protocol: TCP + targetPort: 5556 + - name: grpc + port: 5557 + protocol: TCP + targetPort: 5557 + selector: + app: dex-server +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: application-controller +spec: + selector: + matchLabels: + app: application-controller + template: + metadata: + labels: + app: application-controller + spec: + containers: + - command: + - /argocd-application-controller + - --repo-server + - argocd-repo-server:8081 + image: argoproj/argocd-application-controller:latest + name: application-controller + serviceAccountName: application-controller +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-repo-server +spec: + selector: + matchLabels: + app: argocd-repo-server + template: + metadata: + labels: + app: argocd-repo-server + spec: + automountServiceAccountToken: false + containers: + - command: + - /argocd-repo-server + image: argoproj/argocd-repo-server:latest + name: argocd-repo-server + ports: + - containerPort: 8081 + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 10 + tcpSocket: + port: 8081 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-server +spec: + selector: + matchLabels: + app: argocd-server + template: + metadata: + labels: + app: argocd-server + spec: + containers: + - command: + - /argocd-server + - --staticassets + - /shared/app + - --repo-server + - argocd-repo-server:8081 + image: argoproj/argocd-server:latest + name: argocd-server + readinessProbe: + httpGet: + path: /healthz + port: 8080 + initialDelaySeconds: 3 + periodSeconds: 30 + volumeMounts: + - mountPath: /shared + name: static-files + initContainers: + - command: + - cp + - -r + - /app + - /shared + image: argoproj/argocd-ui:latest + name: ui + volumeMounts: + - mountPath: /shared + name: static-files + serviceAccountName: argocd-server + volumes: + - emptyDir: {} + name: static-files +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dex-server +spec: + selector: + matchLabels: + app: dex-server + template: + metadata: + labels: + app: dex-server + spec: + containers: + - command: + - /shared/argocd-util + - rundex + image: quay.io/dexidp/dex:v2.11.0 + name: dex + ports: + - containerPort: 5556 + - containerPort: 5557 + volumeMounts: + - mountPath: /shared + name: static-files + initContainers: + - command: + - cp + - /argocd-util + - /shared + image: argoproj/argocd-server:latest + name: copyutil + volumeMounts: + - mountPath: /shared + name: static-files + serviceAccountName: dex-server + volumes: + - emptyDir: {} + name: static-files diff --git a/reposerver/repository/repository_test.go b/reposerver/repository/repository_test.go index a55d8efcefa13..3176657db8b3e 100644 --- a/reposerver/repository/repository_test.go +++ b/reposerver/repository/repository_test.go @@ -11,14 +11,14 @@ func TestGenerateYamlManifestInDir(t *testing.T) { const countOfManifests = 22 q := ManifestRequest{} - res1, err := generateManifests("../../manifests/components", &q) + res1, err := generateManifests("../../manifests/base", &q) assert.Nil(t, err) assert.Equal(t, len(res1.Manifests), countOfManifests) // this will test concatenated manifests to verify we split YAMLs correctly - res2, err := generateManifests("../../manifests", &q) + res2, err := generateManifests("./testdata/concatenated", &q) assert.Nil(t, err) - assert.Equal(t, len(res2.Manifests), len(res1.Manifests)) + assert.Equal(t, 3, len(res2.Manifests)) } func TestGenerateJsonnetManifestInDir(t *testing.T) { diff --git a/reposerver/repository/testdata/concatenated/concatenated.yaml b/reposerver/repository/testdata/concatenated/concatenated.yaml new file mode 100644 index 0000000000000..7f65cfe7d94f1 --- /dev/null +++ b/reposerver/repository/testdata/concatenated/concatenated.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: sa1 +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: sa2 +--- +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: sa3 +--- diff --git a/test/e2e/fixture.go b/test/e2e/fixture.go index 4e5eb1a1fa70d..6ff2ca7f8008c 100644 --- a/test/e2e/fixture.go +++ b/test/e2e/fixture.go @@ -92,7 +92,7 @@ func getFreePort() (int, error) { } func (f *Fixture) setup() error { - _, err := exec.Command("kubectl", "apply", "-f", "../../manifests/components/01a_application-crd.yaml", "-f", "../../manifests/components/01b_appproject-crd.yaml").Output() + _, err := exec.Command("kubectl", "apply", "-f", "../../manifests/base/application-crd.yaml", "-f", "../../manifests/base/appproject-crd.yaml").Output() if err != nil { return err }