Open trevorbox opened 1 year ago
Hi @malacourse, @raffaelespazzoli mentioned that you might be working on this but I am also happy to take this otherwise.
applicationset:
I propose we follow this for using an ApplicationSet: https://argocd-applicationset.readthedocs.io/en/stable/Generators-Git/ This pattern might work nicely if/when the platform becomes a multi-cluster deployment. An example I tried: https://github.com/trevorbox/gitops-example-iac-go#deploy-applicationset
After https://github.com/janus-idp/assemble-platforms/pull/48 is merged, I will attempt the ApplicationSet pattern
@trevorbox merged, I'll take a look at the general folder layout today
@mattheh my thoughts regarding structure - https://github.com/trevorbox/assemble-platforms/tree/gitops/deploy https://github.com/trevorbox/assemble-platforms/tree/gitops#deploy
Options to consider:
To correctly GitOps-ify secrets we may need to use vault-config-operator and path operator. We may also need argo workflows/helm hooks to get everything completely in GitOps. Maybe a pipeline could also run to setup secrets.
- understand the usefulness of Keycloak for auth abstraction
AFAIK janus-idp auth is enabled by default and by consequence it is needed to use a OAuth provider (keycloak, etc)
2. perhaps Gitops can be useful initially for installing operators
Why do you want to install operators instead of Helm charts or resources able to install also janus-idp on vanilla k8s clusters ;-) I dont see why we have to use operators to install singleton applications such as: Tekton, ArgoCD, Keycloak @trevorbox
Create a procedure for deploying Openshift GitOps and ApplicationSet to then sync all platform services & configurations so that the IDP is ready to use in a single cluster.