argo docs 2

2024-12-15 06:34:47 +02:00
parent a82193f059
commit e4dfde9562
1 changed files with 21 additions and 57 deletions
--- a/argocd/README.md
+++ b/argocd/README.md
@@ -1,63 +1,8 @@
 # Workflow
 Most applications in our Kubernetes cluster are managed by ArgoCD.
 Most notably operators are NOT managed by ArgoCD.
-Adding to `applications/`: `kubectl apply -f newapp.yaml`
+## Managing applications
-
+Update apps (see TODO below):
 # Deployment
 To deploy ArgoCD:
 ```bash
 helm repo add argo-cd https://argoproj.github.io/argo-helm
 kubectl create secret -n argocd generic argocd-secret # Initialize empty secret for sessions
 helm template -n argocd --release-name k6 argo-cd/argo-cd --include-crds -f values.yaml > argocd.yml
 kubectl apply -f argocd.yml -f application-extras.yml -f redis.yaml -f monitoring.yml -n argocd
 kubectl label -n argocd secret oidc-client-argocd-owner-secrets app.kubernetes.io/part-of=argocd
 kubectl -n argocd rollout restart deployment/k6-argocd-redis deployment/k6-argocd-repo-server deployment/k6-argocd-server deployment/k6-argocd-notifications-controller statefulset/k6-argocd-application-controller
 ```
 # Setting up Git secrets
 Generate SSH key to access Gitea:
 ```
 ssh-keygen -t ecdsa -f id_ecdsa -C argocd.k-space.ee -P ''
 kubectl -n argocd create secret generic gitea-kube \
  --from-literal=type=git \
  --from-literal=url=git@git.k-space.ee:k-space/kube \
  --from-file=sshPrivateKey=id_ecdsa
 kubectl -n argocd create secret generic gitea-kube-staging \
  --from-literal=type=git \
  --from-literal=url=git@git.k-space.ee:k-space/kube-staging \
  --from-file=sshPrivateKey=id_ecdsa
 kubectl -n argocd create secret generic gitea-kube-members \
  --from-literal=type=git \
  --from-literal=url=git@git.k-space.ee:k-space/kube-members \
  --from-file=sshPrivateKey=id_ecdsa
 kubectl -n argocd create secret generic gitea-members \
  --from-literal=type=git \
  --from-literal=url=git@git.k-space.ee:k-space/kube-members \
  --from-file=sshPrivateKey=id_ecdsa  
 kubectl label -n argocd secret gitea-kube argocd.argoproj.io/secret-type=repository
 kubectl label -n argocd secret gitea-kube-staging argocd.argoproj.io/secret-type=repository
 kubectl label -n argocd secret gitea-kube-members argocd.argoproj.io/secret-type=repository
 kubectl label -n argocd secret gitea-members argocd.argoproj.io/secret-type=repository
 rm -fv id_ecdsa
 ```
 Have Gitea admin reset password for user `argocd` and log in with that account.
 Add the SSH key for user `argocd` from file `id_ecdsa.pub`.
 Delete any other SSH keys associated with Gitea user `argocd`.
 # Managing applications
 To update apps:
 ```
 for j in asterisk bind camtiler etherpad freescout gitea grafana hackerspace nextcloud nyancat rosdump traefik wiki wildduck woodpecker; do
@@ -90,3 +35,22 @@ EOF
 done
 find applications -name "*.yaml" -exec kubectl apply -n argocd -f {} \;
 ```
 ### Repository secrets
 1. Generate keys locally with `ssh-keygen -f argo`
 2. Add `argo.pub` in `git.k-space.ee/<your>/<repo>` → Settings → Deploy keys
 3. Add `argo` (private key) at https://argocd.k-space.ee/settings/repos along with referenced repo.
 ## Argo Deployment
 To deploy ArgoCD itself:
 ```bash
 helm repo add argo-cd https://argoproj.github.io/argo-helm
 kubectl create secret -n argocd generic argocd-secret # Empty secret for sessions
 helm template -n argocd --release-name k6 argo-cd/argo-cd --include-crds -f values.yaml > argocd.yml
 kubectl apply -f argocd.yml -f application-extras.yml -f redis.yaml -f monitoring.yml -n argocd
 kubectl label -n argocd secret oidc-client-argocd-owner-secrets app.kubernetes.io/part-of=argocd
 kubectl -n argocd rollout restart deployment/k6-argocd-redis deployment/k6-argocd-repo-server deployment/k6-argocd-server deployment/k6-argocd-notifications-controller statefulset/k6-argocd-application-controller
 ```