Add argocd and bump-tag

argocd-nginx/base/argocd-ingress.yaml

@@ -0,0 +1,22 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: argocd-ingress
+  namespace: argocd
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+        - argocd.streams.sunet.se 
+      secretName: tls-secret
+  rules:
+  - host: argocd.streams.sunet.se
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: argocd-server
+            port:
+              name: https

argocd-nginx/base/kustomization.yaml

@@ -0,0 +1,2 @@
+resources:
+  - argocd-ingress.yaml

argocd-nginx/overlays/prod/argocd-ingress.yaml

@@ -0,0 +1,27 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: argocd-ingress
+  namespace: argocd
+spec:
+  defaultBackend:
+    service:
+      name: argocd-server
+      port:
+        number: 80
+  ingressClassName: nginx
+  tls:
+    - hosts:
+        - argocd.streams.sunet.se 
+      secretName: tls-secret
+  rules:
+  - host: argocd.streams.sunet.se
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: argocd-server
+            port:
+              number: 80

argocd-nginx/overlays/prod/kustomization.yaml

@@ -0,0 +1,6 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources: [../../base]
+patches:
+  - path: argocd-ingress.yaml

argocd-nginx/overlays/test/argocd-ingress.yaml

@@ -0,0 +1,27 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: argocd-ingress
+  namespace: argocd
+spec:
+  defaultBackend:
+    service:
+      name: argocd-server
+      port:
+        number: 80
+  ingressClassName: nginx
+  tls:
+    - hosts:
+        - argocd-test.streams.sunet.se 
+      secretName: tls-secret
+  rules:
+  - host: argocd-test.streams.sunet.se
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: argocd-server
+            port:
+              number: 80

argocd-nginx/overlays/test/kustomization.yaml

@@ -0,0 +1,6 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources: [../../base]
+patches:
+  - path: argocd-ingress.yaml

argocd/base/argocd-namespace.yml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: argocd
+spec:
+  finalizers:
+  - kubernetes

argocd/base/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: argocd
+resources:
+- https://raw.githubusercontent.com/argoproj/argo-cd/v2.12.4/manifests/ha/install.yaml

argocd/overlays/prod/argocd-cm.yaml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    app.kubernetes.io/instance: argocd
+    app.kubernetes.io/name: argocd-cm
+    app.kubernetes.io/part-of: argocd
+  name: argocd-cm
+  namespace: argocd
+data:
+  resource.customizations: |
+    networking.k8s.io/Ingress:
+        health.lua: |
+          hs = {}
+          hs.status = "Healthy"
+          return hs
+  kustomize.buildOptions: --enable-helm

argocd/overlays/prod/argocd-repo-server-deployment.yaml

@@ -0,0 +1,21 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/component: repo-server
+    app.kubernetes.io/name: argocd-repo-server
+    app.kubernetes.io/part-of: argocd
+  name: argocd-repo-server
+  namespace: argocd
+spec:
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: argocd-repo-server
+    spec:
+      containers:
+      - name: argocd-repo-server
+        env:
+        - name: ARGOCD_EXEC_TIMEOUT
+          value: "300s"
+

argocd/overlays/prod/argocd-server-deployment.yaml

@@ -0,0 +1,22 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/component: server
+    app.kubernetes.io/name: argocd-server
+    app.kubernetes.io/part-of: argocd
+  name: argocd-server
+  namespace: argocd
+spec:
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: argocd-server
+    spec:
+      containers:
+      - args:
+        - /usr/local/bin/argocd-server
+        - --insecure
+        - --redis
+        - "argocd-redis-ha-haproxy:6379"
+        name: argocd-server

argocd/overlays/prod/kustomization.yaml

@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- ../../base
+patches:
+- path: argocd-server-deployment.yaml
+- path: argocd-repo-server-deployment.yaml
+- path: argocd-cm.yaml

argocd/overlays/test/argocd-cm.yaml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    app.kubernetes.io/instance: argocd
+    app.kubernetes.io/name: argocd-cm
+    app.kubernetes.io/part-of: argocd
+  name: argocd-cm
+  namespace: argocd
+data:
+  resource.customizations: |
+    networking.k8s.io/Ingress:
+        health.lua: |
+          hs = {}
+          hs.status = "Healthy"
+          return hs
+  kustomize.buildOptions: --enable-helm

argocd/overlays/test/argocd-repo-server-deployment.yaml

@@ -0,0 +1,21 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/component: repo-server
+    app.kubernetes.io/name: argocd-repo-server
+    app.kubernetes.io/part-of: argocd
+  name: argocd-repo-server
+  namespace: argocd
+spec:
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: argocd-repo-server
+    spec:
+      containers:
+      - name: argocd-repo-server
+        env:
+        - name: ARGOCD_EXEC_TIMEOUT
+          value: "300s"
+

argocd/overlays/test/argocd-server-deployment.yaml

@@ -0,0 +1,22 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/component: server
+    app.kubernetes.io/name: argocd-server
+    app.kubernetes.io/part-of: argocd
+  name: argocd-server
+  namespace: argocd
+spec:
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: argocd-server
+    spec:
+      containers:
+      - args:
+        - /usr/local/bin/argocd-server
+        - --insecure
+        - --redis
+        - "argocd-redis-ha-haproxy:6379"
+        name: argocd-server

argocd/overlays/test/kustomization.yaml

@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- ../../base
+patches:
+- path: argocd-server-deployment.yaml
+- path: argocd-repo-server-deployment.yaml
+- path: argocd-cm.yaml

bump-tag

@@ -0,0 +1,57 @@
+#!/bin/bash
+
+set -e
+
+echo "Fetching any updates from server:"
+git pull
+echo ""
+
+if [[ -z ${1} ]]; then
+	deftag=$(basename "${PWD}")
+else
+	deftag="${1}"
+fi
+tagpfx=${tag:="${deftag}"}
+
+last_tag=$(git tag -l "${tagpfx}-*" | sort | tail -1)
+
+echo "Verifying last tag ${last_tag}:"
+(git tag -v "${last_tag}" | grep ^gpg:) || true
+# again to not mask exit status of git with grep
+git tag -v "${last_tag}" >/dev/null 2>&1
+echo ""
+
+echo "Differences between tag ${last_tag} and what you are about to sign:"
+env PAGER=cat git diff --color "${last_tag}..main"
+
+iter=1
+ok=
+while test -z "$ok"; do
+	this_tag=$(date "+${tagpfx}-%Y-%m-%d-v$(printf "%02d" ${iter})")
+  iter=$(( iter + 1))
+	case $( (
+		echo "${this_tag}"
+		echo "${last_tag}"
+	) | sort | tail -1) in
+	"${last_tag}") ;;
+
+	"${this_tag}")
+		ok=yes
+		;;
+	esac
+done
+
+if [ "${deftag}" != "${tagpfx}" ]; then
+	echo -e "Using new tag \e[94m${this_tag}\e[0m according to pattern in cosmos.conf"
+else
+	echo -e "Using new tag \e[94m${this_tag}\e[0m"
+fi
+
+echo -e "\e[1mONLY SIGN IF YOU APPROVE OF VERIFICATION AND DIFF ABOVE\e[0m"
+
+# GITTAGEXTRA is for putting things like "-u 2117364A"
+# shellcheck disable=SC2086
+git tag ${GITTAGEXTRA} -s "${this_tag}" -m bump.
+
+git push
+git push --tags