trevorbox
commented
1 year ago Hi @malacourse, @raffaelespazzoli mentioned that you might be working on this but I am also happy to take this otherwise.
Open trevorbox opened 1 year ago
trevorbox
commented
1 year ago Hi @malacourse, @raffaelespazzoli mentioned that you might be working on this but I am also happy to take this otherwise.
raffaelespazzoli
commented
1 year ago applicationset:
trevorbox
commented
1 year ago I propose we follow this for using an ApplicationSet: https://argocd-applicationset.readthedocs.io/en/stable/Generators-Git/ This pattern might work nicely if/when the platform becomes a multi-cluster deployment. An example I tried: https://github.com/trevorbox/gitops-example-iac-go#deploy-applicationset
trevorbox
commented
1 year ago After https://github.com/janus-idp/assemble-platforms/pull/48 is merged, I will attempt the ApplicationSet pattern
mattheh
commented
1 year ago @trevorbox merged, I'll take a look at the general folder layout today
trevorbox
commented
1 year ago @mattheh my thoughts regarding structure - https://github.com/trevorbox/assemble-platforms/tree/gitops/deploy https://github.com/trevorbox/assemble-platforms/tree/gitops#deploy
trevorbox
commented
1 year ago Options to consider:
To correctly GitOps-ify secrets we may need to use vault-config-operator and path operator. We may also need argo workflows/helm hooks to get everything completely in GitOps. Maybe a pipeline could also run to setup secrets.
cmoulliard
commented
1 year ago
- understand the usefulness of Keycloak for auth abstraction
AFAIK janus-idp auth is enabled by default and by consequence it is needed to use a OAuth provider (keycloak, etc)
cmoulliard
commented
1 year ago 2. perhaps Gitops can be useful initially for installing operators
Why do you want to install operators instead of Helm charts or resources able to install also janus-idp on vanilla k8s clusters ;-) I dont see why we have to use operators to install singleton applications such as: Tekton, ArgoCD, Keycloak @trevorbox
Create a procedure for deploying Openshift GitOps and ApplicationSet to then sync all platform services & configurations so that the IDP is ready to use in a single cluster.