Skip to content

Commit

Permalink
Implement Kapitan plugin as ConfigMamangementPlugin sidecar
Browse files Browse the repository at this point in the history
  • Loading branch information
simu committed Nov 16, 2023
1 parent 9c43d47 commit ad5f8f4
Show file tree
Hide file tree
Showing 8 changed files with 209 additions and 94 deletions.
4 changes: 2 additions & 2 deletions class/defaults.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,8 @@ parameters:
tag: '1.25.5@sha256:19dff0248157ae4cd320097ace1b5e0ffbb8bc7c7ea7fa3f13f73993fc6d7ee2'
kapitan:
registry: docker.io
repository: projectsyn/kapitan
tag: 'v0.29.5@sha256:33715063f8238a93938f79053bc939e992def3bbe95ae1f9f6e48e5c1421d569'
repository: kapicorp/kapitan
tag: 'v0.32.0'
vault_agent:
registry: docker.io
repository: library/vault
Expand Down
86 changes: 57 additions & 29 deletions component/argocd.jsonnet
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,33 @@ local vault_agent_config = kube.ConfigMap('vault-agent-config') {
},
};

local kapitan_plugin_config = kube.ConfigMap('kapitan-plugin-config') {
data: {
'plugin.yaml': std.manifestYamlDoc(
{
apiVersion: 'argoproj.io/v1alpha1',
kind: 'ConfigManagementPlugin',
metadata: {
name: 'kapitan',
},
spec: {
generate: {
command: [
'kapitan',
'refs',
'--reveal',
'--refs-path',
'../../refs/',
'--file',
'./',
],
},
},
}
),
},
};

local repoServer = {
logLevel: common.evaluate_log_level('repo_server'),
logFormat: common.evaluate_log_format('repo_server'),
Expand All @@ -74,21 +101,12 @@ local repoServer = {
[if params.resources.repo_server != null then 'resources']:
std.prune(params.resources.repo_server),
volumeMounts: [
{
name: 'kapitan-bin',
mountPath: '/usr/local/bin/kapitan',
subPath: 'kapitan',
},
{
name: 'vault-token',
mountPath: '/home/argocd/',
},
],
volumes: [
{
name: 'kapitan-bin',
emptyDir: {},
},
{
name: 'vault-token',
emptyDir: {
Expand All @@ -107,25 +125,39 @@ local repoServer = {
secretName: 'steward',
},
},
],
initContainers: [
{
name: 'install-kapitan',
image: common.render_image('kapitan', include_tag=true),
imagePullPolicy: 'Always',
command: [
'cp',
'-v',
'/usr/local/bin/kapitan',
'/custom-tools/',
],
volumeMounts: [ {
name: 'kapitan-bin',
mountPath: '/custom-tools',
} ],
name: 'kapitan-plugin-config',
configMap: {
name: kapitan_plugin_config.metadata.name,
},
},
],
sidecarContainers: [
kube.Container('kapitan') {
command: [ '/var/run/argocd/argocd-cmp-server' ],
env_: {
HOME: '/home/argocd',
},
image: common.render_image('kapitan', include_tag=true),
securityContext: {
runAsNonRoot: true,
},
volumeMounts_: {
'var-files': {
mountPath: '/var/run/argocd',
},
plugins: {
mountPath: '/home/argocd/cmp-server/plugins',
},
kapitan_plugin_config: {
mountPath: '/home/argocd/cmp-server/config/plugin.yaml',
subPath: 'plugin.yaml',
},
'vault-token': {
mountPath: '/home/argocd/',
},
},
},
kube.Container('vault-agent') {
name: 'vault-agent',
image: common.render_image('vault_agent', include_tag=true),
Expand Down Expand Up @@ -171,11 +203,6 @@ local argocd(name) =
image: common.render_image('argocd'),
version: params.images.argocd.tag,
applicationInstanceLabelKey: 'argocd.argoproj.io/instance',
configManagementPlugins: |||
- name: kapitan
generate:
command: [kapitan, refs, --reveal, --refs-path, ../../refs/, --file, ./]
|||,
controller: applicationController,
initialRepositories: '- url: ' + inv.parameters.cluster.catalog_url,
repositoryCredentials: |||
Expand Down Expand Up @@ -313,6 +340,7 @@ local ssh_secret = kube._Object('v1', 'Secret', 'argo-ssh-key') {

{
'00_vault_agent_config': vault_agent_config,
'00_kapitan_plugin_config': kapitan_plugin_config,
'00_ssh_secret': ssh_secret,
'10_argocd': argocd('syn-argocd'),
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
apiVersion: v1
data:
plugin.yaml: |-
"apiVersion": "argoproj.io/v1alpha1"
"kind": "ConfigManagementPlugin"
"metadata":
"name": "kapitan"
"spec":
"generate":
"command":
- "kapitan"
- "refs"
- "--reveal"
- "--refs-path"
- "../../refs/"
- "--file"
- "./"
kind: ConfigMap
metadata:
annotations: {}
labels:
name: kapitan-plugin-config
name: kapitan-plugin-config
48 changes: 27 additions & 21 deletions tests/golden/defaults/argocd/argocd/30_argocd/10_argocd.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,6 @@ metadata:
namespace: syn
spec:
applicationInstanceLabelKey: argocd.argoproj.io/instance
configManagementPlugins: |
- name: kapitan
generate:
command: [kapitan, refs, --reveal, --refs-path, ../../refs/, --file, ./]
controller:
appSync: 180s
logFormat: text
Expand Down Expand Up @@ -53,18 +49,6 @@ spec:
env:
- name: HOME
value: /home/argocd
initContainers:
- command:
- cp
- -v
- /usr/local/bin/kapitan
- /custom-tools/
image: docker.io/projectsyn/kapitan:v0.29.5@sha256:33715063f8238a93938f79053bc939e992def3bbe95ae1f9f6e48e5c1421d569
imagePullPolicy: Always
name: install-kapitan
volumeMounts:
- mountPath: /custom-tools
name: kapitan-bin
logFormat: text
logLevel: info
resources:
Expand All @@ -74,6 +58,30 @@ spec:
cpu: 10m
memory: 128Mi
sidecarContainers:
- args: []
command:
- /var/run/argocd/argocd-cmp-server
env:
- name: HOME
value: /home/argocd
image: docker.io/kapicorp/kapitan:v0.32.0
imagePullPolicy: IfNotPresent
name: kapitan
ports: []
securityContext:
runAsNonRoot: true
stdin: false
tty: false
volumeMounts:
- mountPath: /home/argocd/cmp-server/config/plugin.yaml
name: kapitan-plugin-config
subPath: plugin.yaml
- mountPath: /home/argocd/cmp-server/plugins
name: plugins
- mountPath: /var/run/argocd
name: var-files
- mountPath: /home/argocd/
name: vault-token
- args:
- agent
- -config
Expand Down Expand Up @@ -104,14 +112,9 @@ spec:
- mountPath: /home/vault/
name: vault-token
volumeMounts:
- mountPath: /usr/local/bin/kapitan
name: kapitan-bin
subPath: kapitan
- mountPath: /home/argocd/
name: vault-token
volumes:
- emptyDir: {}
name: kapitan-bin
- emptyDir:
medium: Memory
name: vault-token
Expand All @@ -121,6 +124,9 @@ spec:
- name: steward-token
secret:
secretName: steward
- configMap:
name: kapitan-plugin-config
name: kapitan-plugin-config
repositoryCredentials: |
- url: ssh://git@
sshPrivateKeySecret:
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
apiVersion: v1
data:
plugin.yaml: |-
"apiVersion": "argoproj.io/v1alpha1"
"kind": "ConfigManagementPlugin"
"metadata":
"name": "kapitan"
"spec":
"generate":
"command":
- "kapitan"
- "refs"
- "--reveal"
- "--refs-path"
- "../../refs/"
- "--file"
- "./"
kind: ConfigMap
metadata:
annotations: {}
labels:
name: kapitan-plugin-config
name: kapitan-plugin-config
48 changes: 27 additions & 21 deletions tests/golden/openshift/argocd/argocd/30_argocd/10_argocd.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,6 @@ metadata:
namespace: syn
spec:
applicationInstanceLabelKey: argocd.argoproj.io/instance
configManagementPlugins: |
- name: kapitan
generate:
command: [kapitan, refs, --reveal, --refs-path, ../../refs/, --file, ./]
controller:
appSync: 180s
logFormat: text
Expand Down Expand Up @@ -53,18 +49,6 @@ spec:
env:
- name: HOME
value: /home/argocd
initContainers:
- command:
- cp
- -v
- /usr/local/bin/kapitan
- /custom-tools/
image: docker.io/projectsyn/kapitan:v0.29.5@sha256:33715063f8238a93938f79053bc939e992def3bbe95ae1f9f6e48e5c1421d569
imagePullPolicy: Always
name: install-kapitan
volumeMounts:
- mountPath: /custom-tools
name: kapitan-bin
logFormat: text
logLevel: info
resources:
Expand All @@ -74,6 +58,30 @@ spec:
cpu: 10m
memory: 128Mi
sidecarContainers:
- args: []
command:
- /var/run/argocd/argocd-cmp-server
env:
- name: HOME
value: /home/argocd
image: docker.io/kapicorp/kapitan:v0.32.0
imagePullPolicy: IfNotPresent
name: kapitan
ports: []
securityContext:
runAsNonRoot: true
stdin: false
tty: false
volumeMounts:
- mountPath: /home/argocd/cmp-server/config/plugin.yaml
name: kapitan-plugin-config
subPath: plugin.yaml
- mountPath: /home/argocd/cmp-server/plugins
name: plugins
- mountPath: /var/run/argocd
name: var-files
- mountPath: /home/argocd/
name: vault-token
- args:
- agent
- -config
Expand Down Expand Up @@ -102,14 +110,9 @@ spec:
- mountPath: /home/vault/
name: vault-token
volumeMounts:
- mountPath: /usr/local/bin/kapitan
name: kapitan-bin
subPath: kapitan
- mountPath: /home/argocd/
name: vault-token
volumes:
- emptyDir: {}
name: kapitan-bin
- emptyDir:
medium: Memory
name: vault-token
Expand All @@ -119,6 +122,9 @@ spec:
- name: steward-token
secret:
secretName: steward
- configMap:
name: kapitan-plugin-config
name: kapitan-plugin-config
repositoryCredentials: |
- url: ssh://git@
sshPrivateKeySecret:
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
apiVersion: v1
data:
plugin.yaml: |-
"apiVersion": "argoproj.io/v1alpha1"
"kind": "ConfigManagementPlugin"
"metadata":
"name": "kapitan"
"spec":
"generate":
"command":
- "kapitan"
- "refs"
- "--reveal"
- "--refs-path"
- "../../refs/"
- "--file"
- "./"
kind: ConfigMap
metadata:
annotations: {}
labels:
name: kapitan-plugin-config
name: kapitan-plugin-config
Loading

0 comments on commit ad5f8f4

Please sign in to comment.