Skip to content

GitOps for Kubernetes with GitLab CI, ArgoCD and Terraform Cloud.

License

Notifications You must be signed in to change notification settings

KyriakosTsalia/pure-gitops

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Pure GitOps with Terraform Cloud, GitLab CI and ArgoCD

Technologies used

Name Version
terraform cloud ~> 1.4.4
eks 1.26
argocd v2.6.7
gitlab ci 15.11
go 1.19

Disclaimer: The application source code has its own repository, which is here. Ideally, the Kubernetes manifests would have their own repository as well, but for the sake of simplicity, they are hosted in this one. Furthermore, the whole project was developed on and for GitLab and then imported on GitHub.

Summary

This project explores the capabilities of the GitOps way of defining infrastructure as well as implementing Continuous Deployment for cloud native applications. A simple Go application will be deployed on the AWS EKS platform and GitLab CI with ArgoCD will be used to handle the CI/CD part of it. Terraform Cloud (TFC) natively supports GitOps, so it is a natural choice for declaratively defining the whole infrastructure.

By cloning the repository and running terraform apply inside the tfc-setup directory, Terraform, through the tfe provider, creates a new TFC organization, a project and three separate workspaces. Each workspace uses the VCS-driven workflow and pulls changes from a specific path of this repository. The eks workspace creates an AWS VPC and then provisions an EKS cluster in it. The argocd-installation workspace installs ArgoCD on the newly formed Kubernetes cluster using the Helm provider. The argocd-app workspace creates the ArgoCD Application and the necessary credentials for interacting with both the application and manifest repositories.

In order to connect the repositories to Terraform Cloud, a GitLab Personal Access Token, which will be used to configure the TFC OAuth Client, needs to be created. This access token will also be used in the argocd-app workspace in order to create two GitLab Deploy Tokens: one with read_repository permissions for the manifest repo and one with read_registry for the application repo.

Any input variables that may be needed in all workspaces are proactively created and given values in the beginning along with the workspaces themselves. Furthermore, in order to connect to AWS, valid AWS account credentials (access key and secret access key) are needed. They will be accessible to all workspaces with the use of a TFC project_variable_set.


License

Copyright © 2023 Kyriakos Tsaliagkos

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see https://www.gnu.org/licenses/.

About

GitOps for Kubernetes with GitLab CI, ArgoCD and Terraform Cloud.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages