This repository enables a streamlined GitOps approach to managing GitHub Enterprise (GHE) and Terraform Cloud (TFC) deployments on Google Kubernetes Engine (GKE). It leverages Docker containers, Helm charts, and Terraform infrastructure-as-code (IaC) to automate the entire provisioning and deployment process.
- Automated Pipelines : GitHub Actions workflows for building and pushing Docker images and Helm charts to Google Artifact Registry.
- Infrastructure as Code : Terraform configurations to create artifact registries, GKE clusters, and enable GKE Fleet and Anthos Config Management (ACM).
- GitOps Principles : Manage infrastructure and applications declaratively through version-controlled configuration files.
- Scalability and Reliability : Leverage GKE's features for high availability and efficient resource management.
Docker Pipeline
: Builds and pushes GHE and TFC Docker images to Artifact Registry.Helm Pipeline
: Packages and pushes GHE and TFC Helm charts to Artifact Registry.Terraform Infrastructure
:- Creates Artifact Registry to store Docker images and Helm charts.
- Provisions GKE cluster(s).
- Enables GKE Fleet and ACM for multi-cluster management.
- Deploys Helm charts using kubectl manifests.
- Google Cloud Project: You need a Google Cloud Project to store artifacts and create resources.
- Authentication: Authenticate your gcloud CLI with your GCP project: gcloud auth login.
- Terraform: Install Terraform if you haven't already.Terraform Cloud: If using TFC, configure workspaces and variables as needed.
kubectl
installed and configured to connect to your Kubernetes cluster.helm
installed.- Workload Identity Federation: Ensure WIF is configured as a prerequisite(See Workload Identity quickstart guide)
Follow these guides to get started quickly:
NOTE : Creation and Deletion steps should be executed in sequence with a single PR for each step
To ensure proper setup, follow this strict deployment sequence, creating a separate Pull Request (PR) for each step:
Cluster Creation
: Establish the GKE cluster infrastructure.Provider & Namespace
: After cluster creation, set up the provider (e.g., Kubernetes provider) to interact with the clusters.Then, create the necessary namespaces within the clusters.Controller Deployment
: Deploy the GHE Controller and TFC Operator.Secrets Creation
: Once the controllers are in place, create and securely store any sensitive configuration data (e.g., GITHUB_PAT, Terraform API Token) as Kubernetes secrets.Resource Deployment
: Finally, set up the runner set and the agent pool (the worker nodes that actually execute the jobs or tasks).
To safely remove resources, follow this strict cleanup sequence, creating a separate Pull Request(PR) for each step:
- Delete Kubernetes Resources: Remove regular Kubernetes resources first.
- Delete Controller Resources: Remove GHE Controller and TFC Operator resources.
- Delete Namespace: Delete the created namespace.
- Delete Cluster: Finally, delete the GKE cluster.