From 9eee7fd41a58044b173231f1a0bbc36cee137d06 Mon Sep 17 00:00:00 2001 From: Angelo Fenoglio Date: Fri, 10 Nov 2023 21:19:32 -0300 Subject: [PATCH] Add notifications to ArgoCD --- .../k8s-components/chart-values/argo-cd.yaml | 314 +++++++++++++++++- .../k8s-eks/k8s-components/cicd-argo.tf | 9 + .../k8s-eks/k8s-components/config.tf | 6 + .../k8s-eks/k8s-components/terraform.tfvars | 3 +- 4 files changed, 326 insertions(+), 6 deletions(-) diff --git a/apps-devstg/us-east-1/k8s-eks/k8s-components/chart-values/argo-cd.yaml b/apps-devstg/us-east-1/k8s-eks/k8s-components/chart-values/argo-cd.yaml index 2f3102c09..efc4fd7ef 100644 --- a/apps-devstg/us-east-1/k8s-eks/k8s-components/chart-values/argo-cd.yaml +++ b/apps-devstg/us-east-1/k8s-eks/k8s-components/chart-values/argo-cd.yaml @@ -37,9 +37,313 @@ server: hosts: - ${argoHost} - extensions: - enabled: false +repoServer: + nodeSelector: ${nodeSelector} + tolerations: ${tolerations} + +applicationSet: + nodeSelector: ${nodeSelector} + tolerations: ${tolerations} + +notifications: + enabled: true + + argocdUrl: ${argoHost} + + nodeSelector: ${nodeSelector} + tolerations: ${tolerations} + + secret: + create: true + items: + slack-token: ${slackNotificationsAppToken} + + notifiers: + service.slack: | + token: $slack-token + username: ArgoCD-${env} + + subscriptions: + - recipients: + - slack:${slackNotificationsChannel} + triggers: + - on-created + - on-deleted + - on-deployed + - on-health-degraded + - on-sync-failed + - on-sync-running + - on-sync-status-unknown + - on-sync-succeeded + + templates: + template.app-created: | + message: Application {{.app.metadata.name}} has been created. + template.app-deleted: | + message: Application {{.app.metadata.name}} has been deleted. + template.app-deployed: | + message: | + {{if eq .serviceType "slack"}}:white_check_mark:{{end}} Application {{.app.metadata.name}} is now running new version of deployments manifests. + slack: + attachments: | + [{ + "title": "{{ .app.metadata.name}}", + "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", + "color": "#18be52", + "fields": [ + { + "title": "Sync Status", + "value": "{{.app.status.sync.status}}", + "short": true + }, + { + "title": "Repository", + "value": "{{.app.spec.source.repoURL}}", + "short": true + }, + { + "title": "Revision", + "value": "{{.app.status.sync.revision}}", + "short": true + } + {{range $index, $c := .app.status.conditions}} + {{if not $index}},{{end}} + {{if $index}},{{end}} + { + "title": "{{$c.type}}", + "value": "{{$c.message}}", + "short": true + } + {{end}} + ] + }] + deliveryPolicy: Post + groupingKey: "{{.app.status.sync.revision}}" + notifyBroadcast: false + template.app-health-degraded: | + message: | + {{if eq .serviceType "slack"}}:exclamation:{{end}} Application {{.app.metadata.name}} has degraded. + Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}. + slack: + attachments: | + [{ + "title": "{{ .app.metadata.name}}", + "title_link": "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", + "color": "#f4c030", + "fields": [ + { + "title": "Health Status", + "value": "{{.app.status.health.status}}", + "short": true + }, + { + "title": "Repository", + "value": "{{.app.spec.source.repoURL}}", + "short": true + } + {{range $index, $c := .app.status.conditions}} + {{if not $index}},{{end}} + {{if $index}},{{end}} + { + "title": "{{$c.type}}", + "value": "{{$c.message}}", + "short": true + } + {{end}} + ] + }] + deliveryPolicy: Post + groupingKey: "{{.app.status.sync.revision}}" + notifyBroadcast: false + template.app-sync-failed: | + message: | + {{if eq .serviceType "slack"}}:exclamation:{{end}} The sync operation of application {{.app.metadata.name}} has failed at {{.app.status.operationState.finishedAt}} with the following error: {{.app.status.operationState.message}} + Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . + slack: + attachments: | + [{ + "title": "{{ .app.metadata.name}}", + "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", + "color": "#E96D76", + "fields": [ + { + "title": "Sync Status", + "value": "{{.app.status.sync.status}}", + "short": true + }, + { + "title": "Repository", + "value": "{{.app.spec.source.repoURL}}", + "short": true + } + {{range $index, $c := .app.status.conditions}} + {{if not $index}},{{end}} + {{if $index}},{{end}} + { + "title": "{{$c.type}}", + "value": "{{$c.message}}", + "short": true + } + {{end}} + ] + }] + deliveryPolicy: Post + groupingKey: "{{.app.status.sync.revision}}" + notifyBroadcast: false + template.app-sync-running: | + message: | + The sync operation of application {{.app.metadata.name}} has started at {{.app.status.operationState.startedAt}}. + Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . + slack: + attachments: | + [{ + "title": "{{ .app.metadata.name}}", + "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", + "color": "#0DADEA", + "fields": [ + { + "title": "Sync Status", + "value": "{{.app.status.sync.status}}", + "short": true + }, + { + "title": "Repository", + "value": "{{.app.spec.source.repoURL}}", + "short": true + } + {{range $index, $c := .app.status.conditions}} + {{if not $index}},{{end}} + {{if $index}},{{end}} + { + "title": "{{$c.type}}", + "value": "{{$c.message}}", + "short": true + } + {{end}} + ] + }] + deliveryPolicy: Post + groupingKey: "{{.app.status.sync.revision}}" + notifyBroadcast: false + template.app-sync-status-unknown: | + message: | + {{if eq .serviceType "slack"}}:exclamation:{{end}} Application {{.app.metadata.name}} sync is 'Unknown'. + Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}. + {{if ne .serviceType "slack"}} + {{range $c := .app.status.conditions}} + * {{$c.message}} + {{end}} + {{end}} + slack: + attachments: | + [{ + "title": "{{ .app.metadata.name}}", + "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", + "color": "#E96D76", + "fields": [ + { + "title": "Sync Status", + "value": "{{.app.status.sync.status}}", + "short": true + }, + { + "title": "Repository", + "value": "{{.app.spec.source.repoURL}}", + "short": true + } + {{range $index, $c := .app.status.conditions}} + {{if not $index}},{{end}} + {{if $index}},{{end}} + { + "title": "{{$c.type}}", + "value": "{{$c.message}}", + "short": true + } + {{end}} + ] + }] + deliveryPolicy: Post + groupingKey: "{{.app.status.sync.revision}}" + notifyBroadcast: false + template.app-sync-succeeded: | + message: | + {{if eq .serviceType "slack"}}:white_check_mark:{{end}} Application {{.app.metadata.name}} has been successfully synced at {{.app.status.operationState.finishedAt}}. + Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . + slack: + attachments: | + [{ + "title": "{{ .app.metadata.name}}", + "title_link":"{{.context.argocdUrl}}/applications/{{.app.metadata.name}}", + "color": "#18be52", + "fields": [ + { + "title": "Sync Status", + "value": "{{.app.status.sync.status}}", + "short": true + }, + { + "title": "Repository", + "value": "{{.app.spec.source.repoURL}}", + "short": true + } + {{range $index, $c := .app.status.conditions}} + {{if not $index}},{{end}} + {{if $index}},{{end}} + { + "title": "{{$c.type}}", + "value": "{{$c.message}}", + "short": true + } + {{end}} + ] + }] + deliveryPolicy: Post + groupingKey: "{{.app.status.sync.revision}}" + notifyBroadcast: false - contents: - - name: argo-rollouts - url: https://github.com/argoproj-labs/rollout-extension/releases/download/v0.2.0/extension.tar + triggers: + trigger.on-created: | + - description: Application is created. + oncePer: app.metadata.name + send: + - app-created + when: "true" + trigger.on-deleted: | + - description: Application is deleted. + oncePer: app.metadata.name + send: + - app-deleted + when: app.metadata.deletionTimestamp != nil + trigger.on-deployed: | + - description: Application is synced and healthy. Triggered once per commit. + oncePer: app.status.operationState.syncResult.revision + send: + - app-deployed + when: app.status.operationState != nil and app.status.operationState.phase in ['Succeeded'] + and app.status.health.status == 'Healthy' + trigger.on-health-degraded: | + - description: Application has degraded + send: + - app-health-degraded + when: app.status.health.status == 'Degraded' + trigger.on-sync-failed: | + - description: Application syncing has failed + send: + - app-sync-failed + when: app.status.operationState != nil and app.status.operationState.phase in ['Error', + 'Failed'] + trigger.on-sync-running: | + - description: Application is being synced + send: + - app-sync-running + when: app.status.operationState != nil and app.status.operationState.phase in ['Running'] + trigger.on-sync-status-unknown: | + - description: Application status is 'Unknown' + send: + - app-sync-status-unknown + when: app.status.sync.status == 'Unknown' + trigger.on-sync-succeeded: | + - description: Application syncing has succeeded + send: + - app-sync-succeeded + when: app.status.operationState != nil and app.status.operationState.phase in ['Succeeded'] \ No newline at end of file diff --git a/apps-devstg/us-east-1/k8s-eks/k8s-components/cicd-argo.tf b/apps-devstg/us-east-1/k8s-eks/k8s-components/cicd-argo.tf index 33a29c32c..08c8acece 100644 --- a/apps-devstg/us-east-1/k8s-eks/k8s-components/cicd-argo.tf +++ b/apps-devstg/us-east-1/k8s-eks/k8s-components/cicd-argo.tf @@ -1,6 +1,12 @@ #------------------------------------------------------------------------------ # ArgoCD: GitOps + CD #------------------------------------------------------------------------------ +data "aws_secretsmanager_secret_version" "argocd_slack_app_oauth_token" { + count = var.argocd.enabled ? 1 : 0 + provider = aws.shared + secret_id = "/notifications/argocd" +} + resource "helm_release" "argocd" { count = var.argocd.enabled ? 1 : 0 @@ -12,8 +18,11 @@ resource "helm_release" "argocd" { values = [ templatefile("chart-values/argo-cd.yaml", { argoHost = "argocd.${local.environment}.${local.private_base_domain}", + env = local.environment, ingressClass = local.private_ingress_class, enableWebTerminal = var.argocd.enableWebTerminal, + slackNotificationsAppToken = jsondecode(data.aws_secretsmanager_secret_version.argocd_slack_app_oauth_token[0].secret_string)["token"], + slackNotificationsChannel = var.argocd.slackNotificationsChannel, nodeSelector = jsonencode({ stack = "argocd" }), tolerations = jsonencode([ { diff --git a/apps-devstg/us-east-1/k8s-eks/k8s-components/config.tf b/apps-devstg/us-east-1/k8s-eks/k8s-components/config.tf index 61b38c907..bd9b44193 100644 --- a/apps-devstg/us-east-1/k8s-eks/k8s-components/config.tf +++ b/apps-devstg/us-east-1/k8s-eks/k8s-components/config.tf @@ -6,6 +6,12 @@ provider "aws" { profile = var.profile } +provider "aws" { + alias = "shared" + region = var.region + profile = "${var.project}-shared-devops" +} + provider "kubernetes" { host = data.aws_eks_cluster.cluster.endpoint cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data) diff --git a/apps-devstg/us-east-1/k8s-eks/k8s-components/terraform.tfvars b/apps-devstg/us-east-1/k8s-eks/k8s-components/terraform.tfvars index f5dd74cb3..af89d4151 100644 --- a/apps-devstg/us-east-1/k8s-eks/k8s-components/terraform.tfvars +++ b/apps-devstg/us-east-1/k8s-eks/k8s-components/terraform.tfvars @@ -77,7 +77,8 @@ imc = { argocd = { enabled = true - enableWebTerminal = true + enableWebTerminal = true + slackNotificationsChannel = "le-tools-monitoring" image_updater = { enabled = false