From d5dad6ab1a36d8a74999278334a433aa7f38e6d7 Mon Sep 17 00:00:00 2001 From: Shibra Amin Date: Fri, 23 Jun 2023 12:05:07 +0530 Subject: [PATCH 1/6] added gcp provider --- examples/{complate => complete}/README.md | 6 ++++++ .../{complate => complete}/helm/values.yaml | 0 examples/{complate => complete}/main.tf | 4 ++-- examples/{complate => complete}/output.tf | 0 .../provider.tf => complete/provider-aws.tf} | 0 examples/complete/provider-gcp.tf | 21 +++++++++++++++++++ 6 files changed, 29 insertions(+), 2 deletions(-) rename examples/{complate => complete}/README.md (86%) rename examples/{complate => complete}/helm/values.yaml (100%) rename examples/{complate => complete}/main.tf (73%) rename examples/{complate => complete}/output.tf (100%) rename examples/{complate/provider.tf => complete/provider-aws.tf} (100%) create mode 100644 examples/complete/provider-gcp.tf diff --git a/examples/complate/README.md b/examples/complete/README.md similarity index 86% rename from examples/complate/README.md rename to examples/complete/README.md index d521a25..1178a94 100644 --- a/examples/complate/README.md +++ b/examples/complete/README.md @@ -7,6 +7,12 @@ ### [SquareOps Technologies](https://squareops.com/) Your DevOps Partner for Accelerating cloud journey.
This example will be very useful for users who are new to a module and want to quickly learn how to use it. By reviewing the examples, users can gain a better understanding of how the module works, what features it supports, and how to customize it to their specific needs. + +## Usage + +Use the provider file as per your need. +- If deploying into AWS EKS use `provider-aws.tf` file and remove `provider-gcp.tf` file. +- If deploying into Google GKE use `provider-gcp.tf` file and remove `provider-aws.tf` file. ## Requirements diff --git a/examples/complate/helm/values.yaml b/examples/complete/helm/values.yaml similarity index 100% rename from examples/complate/helm/values.yaml rename to examples/complete/helm/values.yaml diff --git a/examples/complate/main.tf b/examples/complete/main.tf similarity index 73% rename from examples/complate/main.tf rename to examples/complete/main.tf index f1533f5..4603c79 100644 --- a/examples/complate/main.tf +++ b/examples/complete/main.tf @@ -11,11 +11,11 @@ locals { module "argocd" { source = "squareops/argocd/kubernetes" argocd_config = { - hostname = "argocd.prod.in" + hostname = "argocd.gcp.skaf.squareops.in" values_yaml = file("./helm/values.yaml") redis_ha_enabled = true autoscaling_enabled = true - slack_notification_token = "xoxb-qQ8486bluEuvmxrYx" + slack_notification_token = "xoxb-379541400966-4559734786594-DeSE4dOlRftr02w08mtwhYLc" argocd_notifications_enabled = true } } diff --git a/examples/complate/output.tf b/examples/complete/output.tf similarity index 100% rename from examples/complate/output.tf rename to examples/complete/output.tf diff --git a/examples/complate/provider.tf b/examples/complete/provider-aws.tf similarity index 100% rename from examples/complate/provider.tf rename to examples/complete/provider-aws.tf diff --git a/examples/complete/provider-gcp.tf b/examples/complete/provider-gcp.tf new file mode 100644 index 0000000..686255d --- /dev/null +++ b/examples/complete/provider-gcp.tf @@ -0,0 +1,21 @@ +data "google_client_config" "default" {} + +data "google_container_cluster" "primary" { + name = "" + location = "" + project = "" +} + +provider "kubernetes" { + host = "https://${data.google_container_cluster.primary.endpoint}" + token = data.google_client_config.default.access_token + cluster_ca_certificate = base64decode(data.google_container_cluster.primary.master_auth.0.cluster_ca_certificate) +} + +provider "helm" { + kubernetes { + host = "https://${data.google_container_cluster.primary.endpoint}" + token = data.google_client_config.default.access_token + cluster_ca_certificate = base64decode(data.google_container_cluster.primary.master_auth.0.cluster_ca_certificate) + } +} \ No newline at end of file From 5c222e1b1aef57664a65f7f718fd8be775971305 Mon Sep 17 00:00:00 2001 From: Shibra Amin Date: Fri, 23 Jun 2023 12:09:29 +0530 Subject: [PATCH 2/6] remove token --- examples/complete/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 4603c79..7c82c95 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -11,11 +11,11 @@ locals { module "argocd" { source = "squareops/argocd/kubernetes" argocd_config = { - hostname = "argocd.gcp.skaf.squareops.in" + hostname = "argocd.prod.in" values_yaml = file("./helm/values.yaml") redis_ha_enabled = true autoscaling_enabled = true - slack_notification_token = "xoxb-379541400966-4559734786594-DeSE4dOlRftr02w08mtwhYLc" + slack_notification_token = "xoxb-asdfghjk" argocd_notifications_enabled = true } } From 268adbd19516a15722858b46f93b972f0521d051 Mon Sep 17 00:00:00 2001 From: Shibra Amin Date: Fri, 23 Jun 2023 12:10:23 +0530 Subject: [PATCH 3/6] remove token --- examples/complete/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 7c82c95..f1533f5 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -15,7 +15,7 @@ module "argocd" { values_yaml = file("./helm/values.yaml") redis_ha_enabled = true autoscaling_enabled = true - slack_notification_token = "xoxb-asdfghjk" + slack_notification_token = "xoxb-qQ8486bluEuvmxrYx" argocd_notifications_enabled = true } } From 873c25ad6d8aa29b2e4c99b353be521a63aefa2e Mon Sep 17 00:00:00 2001 From: prajwalakhuj Date: Fri, 25 Aug 2023 17:17:38 +0530 Subject: [PATCH 4/6] Added support for GCP and & Azure --- IAM.md | 32 +++++++++-- README.md | 10 ++-- examples/complete/README.md | 7 +-- examples/complete/aws/README.md | 35 ++++++++++++ examples/complete/{ => aws}/helm/values.yaml | 0 examples/complete/{ => aws}/main.tf | 0 examples/complete/{ => aws}/output.tf | 0 .../{provider-aws.tf => aws/provider.tf} | 0 examples/complete/azure/README.md | 35 ++++++++++++ examples/complete/azure/helm/values.yaml | 56 +++++++++++++++++++ examples/complete/azure/main.tf | 21 +++++++ examples/complete/azure/output.tf | 4 ++ examples/complete/azure/provider.tf | 26 +++++++++ examples/complete/gcp/README.md | 35 ++++++++++++ examples/complete/gcp/helm/values.yaml | 26 +++++++++ examples/complete/gcp/main.tf | 21 +++++++ examples/complete/gcp/output.tf | 4 ++ .../{provider-gcp.tf => gcp/provider.tf} | 0 18 files changed, 299 insertions(+), 13 deletions(-) create mode 100644 examples/complete/aws/README.md rename examples/complete/{ => aws}/helm/values.yaml (100%) rename examples/complete/{ => aws}/main.tf (100%) rename examples/complete/{ => aws}/output.tf (100%) rename examples/complete/{provider-aws.tf => aws/provider.tf} (100%) create mode 100644 examples/complete/azure/README.md create mode 100644 examples/complete/azure/helm/values.yaml create mode 100644 examples/complete/azure/main.tf create mode 100644 examples/complete/azure/output.tf create mode 100644 examples/complete/azure/provider.tf create mode 100644 examples/complete/gcp/README.md create mode 100644 examples/complete/gcp/helm/values.yaml create mode 100644 examples/complete/gcp/main.tf create mode 100644 examples/complete/gcp/output.tf rename examples/complete/{provider-gcp.tf => gcp/provider.tf} (100%) diff --git a/IAM.md b/IAM.md index 196d9d0..e8f6bcd 100644 --- a/IAM.md +++ b/IAM.md @@ -1,8 +1,7 @@ ## IAM Permission -The Policy required to deploy this module is: - -``` +The Policy required to deploy this module: +```hcl { "Version": "2012-10-17", "Statement": [ @@ -18,6 +17,31 @@ The Policy required to deploy this module is: } ] } +``` +## Azure Role Permissions - +```hcl +{ + "Name": "AKS Describe Role", + "IsCustom": true, + "Description": "Allows describing AKS clusters", + "Actions": [ + "Microsoft.ContainerService/managedClusters/read" + ], + "DataActions": [], + "NotDataActions": [], + "AssignableScopes": [ + "/subscriptions/{subscriptionId}" + ] +} ``` + +## Google IAM Permissions + +```hcl +title: GKE Describe Role +description: Allows describing GKE clusters +stage: GA +includedPermissions: +- container.clusters.get +``` \ No newline at end of file diff --git a/README.md b/README.md index ba05729..13d06ea 100644 --- a/README.md +++ b/README.md @@ -10,13 +10,13 @@ This module deploys ArgoCD with Redis High Availability (HA) as the backend data store, and Slack notifications configured for real-time updates about deployments. With this module, you can automate your application deployment process with the GitOps methodology and ensure that the desired state of your application is always in sync with the actual state. Redis HA provides enhanced resilience and availability, while Slack notifications keep you informed of the status of your deployments. ## Important Notes: -This module is compatible with EKS version 1.23,1.24 and 1.25 which is great news for users deploying the module on an EKS cluster running that version. Review the module's documentation, meet specific configuration requirements, and test thoroughly after deployment to ensure everything works as expected. +This module is compatible with EKS, AKS & GKE which is great news for users deploying the module on an AWS, Azure & GCP cloud. Review the module's documentation, meet specific configuration requirements, and test thoroughly after deployment to ensure everything works as expected. ## Supported Versions: -| Argocd Helm Chart Version | K8s supported version | +| Argocd Helm Chart Version | K8s supported version (EKS, AKS & GKE) | | :-----: | :--- | -| **5.4.0** | **1.23,1.24,1.25** | +| **5.4.0** | **1.23,1.24,1.25,1.26,1.27** | ## Usage Example @@ -35,7 +35,9 @@ module "argocd" { } ``` -Refer [examples](https://github.com/squareops/terraform-kubernetes-argocd/tree/main/examples/complete) for more details. +- Refer [AWS examples](https://github.com/squareops/terraform-kubernetes-argocd/tree/main/examples/complete/aws) for more details. +- Refer [Azure examples](https://github.com/squareops/terraform-kubernetes-argocd/tree/main/examples/complete/azure) for more details. +- Refer [GCP examples](https://github.com/squareops/terraform-kubernetes-argocd/tree/main/examples/complete/gcp) for more details. ## IAM Permissions The required IAM permissions to create resources from this module can be found [here](https://github.com/squareops/terraform-kubernetes-argocd/blob/main/IAM.md) diff --git a/examples/complete/README.md b/examples/complete/README.md index 1178a94..f753b8d 100644 --- a/examples/complete/README.md +++ b/examples/complete/README.md @@ -8,11 +8,6 @@
This example will be very useful for users who are new to a module and want to quickly learn how to use it. By reviewing the examples, users can gain a better understanding of how the module works, what features it supports, and how to customize it to their specific needs. -## Usage - -Use the provider file as per your need. -- If deploying into AWS EKS use `provider-aws.tf` file and remove `provider-gcp.tf` file. -- If deploying into Google GKE use `provider-gcp.tf` file and remove `provider-aws.tf` file. ## Requirements @@ -23,6 +18,8 @@ No requirements. | Name | Version | |------|---------| | [aws](#provider\_aws) | n/a | +| [azure](#provider\_azure) | n/a | +| [gcp](#provider\_gcp) | n/a | ## Modules diff --git a/examples/complete/aws/README.md b/examples/complete/aws/README.md new file mode 100644 index 0000000..7a04514 --- /dev/null +++ b/examples/complete/aws/README.md @@ -0,0 +1,35 @@ +# AWS Argocd Terraform Kubernetes Module + +## Requirements + +No requirements. + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | n/a | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [argocd](#module\_argocd) | squareops/argocd/kubernetes | n/a | + +## Resources + +| Name | Type | +|------|------| +| [aws_eks_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source | +| [aws_eks_cluster_auth.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster_auth) | data source | + +## Inputs + +No inputs. + +## Outputs + +| Name | Description | +|------|-------------| +| [argocd\_credentials](#output\_argocd\_credentials) | Argocd\_Info | + \ No newline at end of file diff --git a/examples/complete/helm/values.yaml b/examples/complete/aws/helm/values.yaml similarity index 100% rename from examples/complete/helm/values.yaml rename to examples/complete/aws/helm/values.yaml diff --git a/examples/complete/main.tf b/examples/complete/aws/main.tf similarity index 100% rename from examples/complete/main.tf rename to examples/complete/aws/main.tf diff --git a/examples/complete/output.tf b/examples/complete/aws/output.tf similarity index 100% rename from examples/complete/output.tf rename to examples/complete/aws/output.tf diff --git a/examples/complete/provider-aws.tf b/examples/complete/aws/provider.tf similarity index 100% rename from examples/complete/provider-aws.tf rename to examples/complete/aws/provider.tf diff --git a/examples/complete/azure/README.md b/examples/complete/azure/README.md new file mode 100644 index 0000000..df4855d --- /dev/null +++ b/examples/complete/azure/README.md @@ -0,0 +1,35 @@ +# Azure Argocd Terraform Kubernetes Module + + +## Requirements + +No requirements. + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | 3.71.0 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [argocd](#module\_argocd) | squareops/argocd/kubernetes | n/a | + +## Resources + +| Name | Type | +|------|------| +| [azurerm_kubernetes_cluster.primary](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/kubernetes_cluster) | data source | + +## Inputs + +No inputs. + +## Outputs + +| Name | Description | +|------|-------------| +| [argocd\_credentials](#output\_argocd\_credentials) | Argocd\_Info | + \ No newline at end of file diff --git a/examples/complete/azure/helm/values.yaml b/examples/complete/azure/helm/values.yaml new file mode 100644 index 0000000..7d5486c --- /dev/null +++ b/examples/complete/azure/helm/values.yaml @@ -0,0 +1,56 @@ +controller: + resources: + limits: + cpu: 400m + memory: 512Mi + requests: + cpu: 100m + memory: 200Mi + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "Addons-Services" + operator: In + values: + - "true" +repoServer: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "Addons-Services" + operator: In + values: + - "true" + +server: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "Addons-Services" + operator: In + values: + - "true" + +redis: + resources: + limits: + cpu: 400m + memory: 500Mi + requests: + cpu: 100m + memory: 150Mi + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "Addons-Services" + operator: In + values: + - "true" \ No newline at end of file diff --git a/examples/complete/azure/main.tf b/examples/complete/azure/main.tf new file mode 100644 index 0000000..d127a31 --- /dev/null +++ b/examples/complete/azure/main.tf @@ -0,0 +1,21 @@ +locals { + region = "us-east-2" + additional_tags = { + Owner = "organization_name" + Expires = "Never" + Department = "Engineering" + environment = "prod" + } +} + +module "argocd" { + source = "squareops/argocd/kubernetes" + argocd_config = { + hostname = "argocd.skaf.squareops.in" + values_yaml = file("./helm/values.yaml") + redis_ha_enabled = true + autoscaling_enabled = true + slack_notification_token = "" + argocd_notifications_enabled = true + } +} diff --git a/examples/complete/azure/output.tf b/examples/complete/azure/output.tf new file mode 100644 index 0000000..b9ae7b9 --- /dev/null +++ b/examples/complete/azure/output.tf @@ -0,0 +1,4 @@ +output "argocd_credentials" { + value = module.argocd.argocd + description = "Argocd_Info" +} diff --git a/examples/complete/azure/provider.tf b/examples/complete/azure/provider.tf new file mode 100644 index 0000000..3bea740 --- /dev/null +++ b/examples/complete/azure/provider.tf @@ -0,0 +1,26 @@ +provider "azurerm" { + features {} +} + +data "azurerm_kubernetes_cluster" "primary" { + name = "" + resource_group_name = "" +} + +provider "kubernetes" { + host = data.azurerm_kubernetes_cluster.primary.kube_config.0.host + username = data.azurerm_kubernetes_cluster.primary.kube_config.0.username + password = data.azurerm_kubernetes_cluster.primary.kube_config.0.password + client_certificate = base64decode(data.azurerm_kubernetes_cluster.primary.kube_config.0.client_certificate) + client_key = base64decode(data.azurerm_kubernetes_cluster.primary.kube_config.0.client_key) + cluster_ca_certificate = base64decode(data.azurerm_kubernetes_cluster.primary.kube_config.0.cluster_ca_certificate) +} + +provider "helm" { + kubernetes { + host = data.azurerm_kubernetes_cluster.primary.kube_config.0.host + client_key = base64decode(data.azurerm_kubernetes_cluster.primary.kube_config.0.client_key) + client_certificate = base64decode(data.azurerm_kubernetes_cluster.primary.kube_config.0.client_certificate) + cluster_ca_certificate = base64decode(data.azurerm_kubernetes_cluster.primary.kube_config.0.cluster_ca_certificate) + } +} diff --git a/examples/complete/gcp/README.md b/examples/complete/gcp/README.md new file mode 100644 index 0000000..7dab93b --- /dev/null +++ b/examples/complete/gcp/README.md @@ -0,0 +1,35 @@ +# GCP Argocd Terraform Kubernetes Module + +## Requirements + +No requirements. + +## Providers + +| Name | Version | +|------|---------| +| [google](#provider\_google) | n/a | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [argocd](#module\_argocd) | squareops/argocd/kubernetes | n/a | + +## Resources + +| Name | Type | +|------|------| +| [google_client_config.default](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/client_config) | data source | +| [google_container_cluster.primary](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/container_cluster) | data source | + +## Inputs + +No inputs. + +## Outputs + +| Name | Description | +|------|-------------| +| [argocd\_credentials](#output\_argocd\_credentials) | Argocd\_Info | + \ No newline at end of file diff --git a/examples/complete/gcp/helm/values.yaml b/examples/complete/gcp/helm/values.yaml new file mode 100644 index 0000000..45e17c2 --- /dev/null +++ b/examples/complete/gcp/helm/values.yaml @@ -0,0 +1,26 @@ +controller: + resources: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 50m + memory: 150Mi + +server: + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 50m + memory: 100Mi + +redis: + resources: + limits: + cpu: 200m + memory: 150Mi + requests: + cpu: 50m + memory: 75Mi diff --git a/examples/complete/gcp/main.tf b/examples/complete/gcp/main.tf new file mode 100644 index 0000000..f1533f5 --- /dev/null +++ b/examples/complete/gcp/main.tf @@ -0,0 +1,21 @@ +locals { + region = "us-east-2" + additional_tags = { + Owner = "organization_name" + Expires = "Never" + Department = "Engineering" + environment = "prod" + } +} + +module "argocd" { + source = "squareops/argocd/kubernetes" + argocd_config = { + hostname = "argocd.prod.in" + values_yaml = file("./helm/values.yaml") + redis_ha_enabled = true + autoscaling_enabled = true + slack_notification_token = "xoxb-qQ8486bluEuvmxrYx" + argocd_notifications_enabled = true + } +} diff --git a/examples/complete/gcp/output.tf b/examples/complete/gcp/output.tf new file mode 100644 index 0000000..b9ae7b9 --- /dev/null +++ b/examples/complete/gcp/output.tf @@ -0,0 +1,4 @@ +output "argocd_credentials" { + value = module.argocd.argocd + description = "Argocd_Info" +} diff --git a/examples/complete/provider-gcp.tf b/examples/complete/gcp/provider.tf similarity index 100% rename from examples/complete/provider-gcp.tf rename to examples/complete/gcp/provider.tf From 06ceb4e39319a0cd2825a08b6137eb7870b4e2e2 Mon Sep 17 00:00:00 2001 From: prajwalakhuj Date: Fri, 25 Aug 2023 17:20:58 +0530 Subject: [PATCH 5/6] removed slack token --- examples/complete/aws/main.tf | 2 +- examples/complete/gcp/main.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/complete/aws/main.tf b/examples/complete/aws/main.tf index f1533f5..5cba2fe 100644 --- a/examples/complete/aws/main.tf +++ b/examples/complete/aws/main.tf @@ -15,7 +15,7 @@ module "argocd" { values_yaml = file("./helm/values.yaml") redis_ha_enabled = true autoscaling_enabled = true - slack_notification_token = "xoxb-qQ8486bluEuvmxrYx" + slack_notification_token = "" argocd_notifications_enabled = true } } diff --git a/examples/complete/gcp/main.tf b/examples/complete/gcp/main.tf index f1533f5..5cba2fe 100644 --- a/examples/complete/gcp/main.tf +++ b/examples/complete/gcp/main.tf @@ -15,7 +15,7 @@ module "argocd" { values_yaml = file("./helm/values.yaml") redis_ha_enabled = true autoscaling_enabled = true - slack_notification_token = "xoxb-qQ8486bluEuvmxrYx" + slack_notification_token = "" argocd_notifications_enabled = true } } From cf81092bc402ce8ab9bbc045a86332c5ba8f1e88 Mon Sep 17 00:00:00 2001 From: prajwalakhuj Date: Mon, 28 Aug 2023 12:43:59 +0530 Subject: [PATCH 6/6] updated IAM GKE permissions --- IAM.md | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/IAM.md b/IAM.md index e8f6bcd..f351605 100644 --- a/IAM.md +++ b/IAM.md @@ -1,7 +1,7 @@ ## IAM Permission The Policy required to deploy this module: -```hcl +```json { "Version": "2012-10-17", "Statement": [ @@ -20,7 +20,7 @@ The Policy required to deploy this module: ``` ## Azure Role Permissions -```hcl +```json { "Name": "AKS Describe Role", "IsCustom": true, @@ -38,10 +38,13 @@ The Policy required to deploy this module: ## Google IAM Permissions -```hcl -title: GKE Describe Role -description: Allows describing GKE clusters -stage: GA -includedPermissions: -- container.clusters.get +```json +{ + "title": "GKE Describe Role", + "description": "Allows describing GKE clusters", + "stage": "GA", + "includedPermissions": [ + "container.clusters.get" + ] +} ``` \ No newline at end of file