Skip to content

Commit

Permalink
Create ArgoCD's pipeline token with Terraform
Browse files Browse the repository at this point in the history
  • Loading branch information
@mcanevet
mcanevet committed Nov 22, 2020
1 parent 370c987 commit 9569db5
Show file tree
Hide file tree
Showing 8 changed files with 66 additions and 25 deletions.
22 changes: 22 additions & 0 deletions modules/argocd-helm/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,18 @@
locals {
iat = 1605854613 # An arbitrary Unix timestamp before than now

argocd_accounts_pipeline_tokens = jsonencode(
[
{
id = random_uuid.accounts_pipeline_token_id.result
iat = local.iat
}
]
)
}

resource "random_uuid" "accounts_pipeline_token_id" {}

resource "helm_release" "argocd" {
name = "argocd"
chart = "${path.module}/../../argocd/argocd"
Expand All @@ -7,5 +22,12 @@ resource "helm_release" "argocd" {

values = [
file("${path.module}/../../argocd/argocd/values.yaml"),
<<EOT
argo-cd:
configs:
secret:
extra:
accounts.pipeline.tokens: '${local.argocd_accounts_pipeline_tokens}'
EOT
]
}
4 changes: 4 additions & 0 deletions modules/argocd-helm/outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
output "argocd_accounts_pipeline_tokens" {
description = "The token created for the pipeline."
value = local.argocd_accounts_pipeline_tokens
}
7 changes: 4 additions & 3 deletions modules/eks-aws/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,9 +126,10 @@ resource "helm_release" "app_of_apps" {
values = [
templatefile("${path.module}/values.tmpl.yaml",
{
cluster_name = var.cluster_name,
base_domain = var.base_domain,
repo_url = var.repo_url,
cluster_name = var.cluster_name
base_domain = var.base_domain
repo_url = var.repo_url
argocd_accounts_pipeline_tokens = module.argocd.argocd_accounts_pipeline_tokens
target_revision = var.target_revision,
aws_default_region = data.aws_region.current.name,
cert_manager_assumable_role_arn = module.iam_assumable_role_cert_manager.this_iam_role_arn,
Expand Down
4 changes: 4 additions & 0 deletions modules/eks-aws/values.tmpl.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,10 @@ apps:
enabled: ${enable_efs}

argo-cd:
configs:
secret:
extra:
accounts.pipeline.tokens: '${argocd_accounts_pipeline_tokens}'
controller:
metrics:
enabled: true
Expand Down
23 changes: 12 additions & 11 deletions modules/k3os-libvirt/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,17 +47,18 @@ resource "helm_release" "app_of_apps" {
values = [
templatefile("${path.module}/values.tmpl.yaml",
{
cluster_name = var.cluster_name,
base_domain = local.base_domain,
repo_url = var.repo_url,
target_revision = var.target_revision,
clientid = "applications"
clientsecret = random_password.clientsecret.result
admin_password = random_password.admin_password.result
cookie_secret = random_password.cookie_secret.result
enable_minio = var.enable_minio
minio_access_key = var.enable_minio ? random_password.minio_accesskey.0.result : ""
minio_secret_key = var.enable_minio ? random_password.minio_secretkey.0.result : ""
cluster_name = var.cluster_name
base_domain = local.base_domain
repo_url = var.repo_url
target_revision = var.target_revision
argocd_accounts_pipeline_tokens = module.argocd.argocd_accounts_pipeline_tokens
clientid = "applications"
clientsecret = random_password.clientsecret.result
admin_password = random_password.admin_password.result
cookie_secret = random_password.cookie_secret.result
enable_minio = var.enable_minio
minio_access_key = var.enable_minio ? random_password.minio_accesskey.0.result : ""
minio_secret_key = var.enable_minio ? random_password.minio_secretkey.0.result : ""
}
),
var.app_of_apps_values_overrides,
Expand Down
4 changes: 4 additions & 0 deletions modules/k3os-libvirt/values.tmpl.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,10 @@ minio:
hosts:
- minio.apps.${base_domain}
argo-cd:
configs:
secret:
extra:
accounts.pipeline.tokens: '${argocd_accounts_pipeline_tokens}'
controller:
metrics:
enabled: true
Expand Down
23 changes: 12 additions & 11 deletions modules/k3s-docker/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,17 +44,18 @@ resource "helm_release" "app_of_apps" {
values = [
templatefile("${path.module}/values.tmpl.yaml",
{
cluster_name = var.cluster_name,
base_domain = local.base_domain,
repo_url = var.repo_url,
target_revision = var.target_revision,
clientid = "applications"
clientsecret = random_password.clientsecret.result
admin_password = random_password.admin_password.result
cookie_secret = random_password.cookie_secret.result
enable_minio = var.enable_minio
minio_access_key = var.enable_minio ? random_password.minio_accesskey.0.result : ""
minio_secret_key = var.enable_minio ? random_password.minio_secretkey.0.result : ""
cluster_name = var.cluster_name
base_domain = local.base_domain
repo_url = var.repo_url
target_revision = var.target_revision
argocd_accounts_pipeline_tokens = module.argocd.argocd_accounts_pipeline_tokens
clientid = "applications"
clientsecret = random_password.clientsecret.result
admin_password = random_password.admin_password.result
cookie_secret = random_password.cookie_secret.result
enable_minio = var.enable_minio
minio_access_key = var.enable_minio ? random_password.minio_accesskey.0.result : ""
minio_secret_key = var.enable_minio ? random_password.minio_secretkey.0.result : ""
}
),
var.app_of_apps_values_overrides,
Expand Down
4 changes: 4 additions & 0 deletions modules/k3s-docker/values.tmpl.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,10 @@ minio:
- minio.apps.${base_domain}

argo-cd:
configs:
secret:
extra:
accounts.pipeline.tokens: '${argocd_accounts_pipeline_tokens}'
controller:
metrics:
enabled: true
Expand Down

0 comments on commit 9569db5

Please sign in to comment.