From 7d561a4f8ec035dd2b99d5a80cb20fd81a0bce63 Mon Sep 17 00:00:00 2001 From: incubator4 Date: Tue, 24 Oct 2023 18:14:33 +0800 Subject: [PATCH] feat: add cert-manager --- application.tf | 58 +++++++++++++++++++ cert-manager/{dev => base}/clusterissuer.yaml | 0 cert-manager/base/kustomization.yaml | 2 + cert-manager/dev/app.yaml | 21 ------- cert-manager/dev/kustomization.yaml | 2 + cert-manager/prod/app.yaml | 21 ------- cert-manager/prod/clusterissuer.yaml | 18 ------ cert-manager/prod/kustomization.yaml | 2 + 8 files changed, 64 insertions(+), 60 deletions(-) rename cert-manager/{dev => base}/clusterissuer.yaml (100%) create mode 100644 cert-manager/base/kustomization.yaml delete mode 100644 cert-manager/dev/app.yaml create mode 100644 cert-manager/dev/kustomization.yaml delete mode 100644 cert-manager/prod/app.yaml delete mode 100644 cert-manager/prod/clusterissuer.yaml create mode 100644 cert-manager/prod/kustomization.yaml diff --git a/application.tf b/application.tf index 6079f98..cb7da9a 100644 --- a/application.tf +++ b/application.tf @@ -87,6 +87,64 @@ resource "argocd_application_set" "traefik_mesh" { ref = "values" } + destination { + server = "{{url}}" + namespace = "default" + } + } + } + } +} + +resource "argocd_application_set" "cert_manager" { + metadata { + name = "cert-manager" + } + spec { + generator { + list { + elements = [ + { + cluster = argocd_cluster.dev.name + url = argocd_cluster.dev.server + }, + { + cluster = argocd_cluster.prod.name + url = argocd_cluster.prod.server + } + ] + } + } + template { + metadata { + name = "cert-manager-{{cluster}}" + } + + spec { + source { + helm { + release_name = "cert-manager" + value_files = [ + "$values/cert-manager/{{cluster}}/values.yaml" + ] + } + repo_url = "https://charts.jetstack.io" + target_revision = "1.11.0" + chart = "cert-manager" + } + source { + repo_url = var.repo_url + target_revision = "HEAD" + ref = "values" + } + + source { + repo_url = var.repo_url + target_revision = "HEAD" + path = "cert-manager/{{cluster}}" + kustomize {} + } + destination { server = "{{url}}" namespace = "default" diff --git a/cert-manager/dev/clusterissuer.yaml b/cert-manager/base/clusterissuer.yaml similarity index 100% rename from cert-manager/dev/clusterissuer.yaml rename to cert-manager/base/clusterissuer.yaml diff --git a/cert-manager/base/kustomization.yaml b/cert-manager/base/kustomization.yaml new file mode 100644 index 0000000..df29220 --- /dev/null +++ b/cert-manager/base/kustomization.yaml @@ -0,0 +1,2 @@ +resources: + - clusterissuer.yaml \ No newline at end of file diff --git a/cert-manager/dev/app.yaml b/cert-manager/dev/app.yaml deleted file mode 100644 index afbb390..0000000 --- a/cert-manager/dev/app.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: cert-manager-dev - namespace: guardian -spec: - destination: - name: dev - namespace: guardian - project: dev - sources: - - chart: cert-manager - helm: - releaseName: cert-manager - valueFiles: - - $values/cert-manager/dev/values.yaml - repoURL: https://charts.jetstack.io - targetRevision: 1.11.0 - - ref: values - repoURL: https://github.com/NaturalSelectionLabs/Hephaestus.git - targetRevision: main diff --git a/cert-manager/dev/kustomization.yaml b/cert-manager/dev/kustomization.yaml new file mode 100644 index 0000000..51f7382 --- /dev/null +++ b/cert-manager/dev/kustomization.yaml @@ -0,0 +1,2 @@ +resources: + - ../base/ \ No newline at end of file diff --git a/cert-manager/prod/app.yaml b/cert-manager/prod/app.yaml deleted file mode 100644 index 5865fd5..0000000 --- a/cert-manager/prod/app.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: cert-manager-prod - namespace: guardian -spec: - destination: - name: prod - namespace: guardian - project: prod - sources: - - chart: cert-manager - helm: - releaseName: cert-manager - valueFiles: - - $values/cert-manager/prod/values.yaml - repoURL: https://charts.jetstack.io - targetRevision: 1.11.0 - - ref: values - repoURL: https://github.com/NaturalSelectionLabs/Hephaestus.git - targetRevision: main diff --git a/cert-manager/prod/clusterissuer.yaml b/cert-manager/prod/clusterissuer.yaml deleted file mode 100644 index 62f5404..0000000 --- a/cert-manager/prod/clusterissuer.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: acme - namespace: guardian -spec: - acme: - email: areswang@rss3.io - server: https://acme-v02.api.letsencrypt.org/directory - privateKeySecretRef: - # Secret resource used to store the account's private key. - name: acme-cert-key - solvers: - - dns01: - cloudflare: - apiTokenSecretRef: - name: cf-nsl-xyz-api-token - key: api-token \ No newline at end of file diff --git a/cert-manager/prod/kustomization.yaml b/cert-manager/prod/kustomization.yaml new file mode 100644 index 0000000..51f7382 --- /dev/null +++ b/cert-manager/prod/kustomization.yaml @@ -0,0 +1,2 @@ +resources: + - ../base/ \ No newline at end of file