Created
October 10, 2022 21:54
-
-
Save eddycharly/58aac2e6955d0118947f3ec751a41d44 to your computer and use it in GitHub Desktop.
Kind / ArgoCD / Kyverno
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -e | |
| # CONSTANTS | |
| readonly KIND_IMAGE=kindest/node:v1.24.4 | |
| readonly NAME=argo | |
| # CREATE CLUSTER | |
| kind create cluster --name $NAME --image $KIND_IMAGE --config - <<EOF | |
| kind: Cluster | |
| apiVersion: kind.x-k8s.io/v1alpha4 | |
| nodes: | |
| - role: control-plane | |
| kubeadmConfigPatches: | |
| - | | |
| kind: InitConfiguration | |
| nodeRegistration: | |
| kubeletExtraArgs: | |
| node-labels: "ingress-ready=true" | |
| extraPortMappings: | |
| - containerPort: 80 | |
| hostPort: 80 | |
| protocol: TCP | |
| - containerPort: 443 | |
| hostPort: 443 | |
| protocol: TCP | |
| EOF | |
| # DEPLOY INGRESS-NGINX | |
| kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml | |
| sleep 15 | |
| kubectl wait --namespace ingress-nginx \ | |
| --for=condition=ready pod \ | |
| --selector=app.kubernetes.io/component=controller \ | |
| --timeout=90s | |
| # DEPLOY ARGOCD | |
| helm upgrade --install --wait --timeout 15m --atomic --namespace argocd --create-namespace \ | |
| --repo https://argoproj.github.io/argo-helm argocd argo-cd --values - <<EOF | |
| dex: | |
| enabled: false | |
| redis: | |
| enabled: true | |
| redis-ha: | |
| enabled: false | |
| repoServer: | |
| serviceAccount: | |
| create: true | |
| server: | |
| config: | |
| resource.compareoptions: | | |
| ignoreAggregatedRoles: true | |
| ignoreResourceStatusField: all | |
| url: http://localhost/argocd | |
| application.instanceLabelKey: argocd.argoproj.io/instance | |
| extraArgs: | |
| - --insecure | |
| - --rootpath | |
| - /argocd | |
| ingress: | |
| annotations: | |
| kubernetes.io/ingress.class: nginx | |
| cert-manager.io/cluster-issuer: ca-issuer | |
| enabled: true | |
| paths: | |
| - /argocd | |
| EOF | |
| # CREATE KYVERNO APP | |
| kubectl apply -f - <<EOF | |
| apiVersion: argoproj.io/v1alpha1 | |
| kind: Application | |
| metadata: | |
| name: kyverno | |
| namespace: argocd | |
| spec: | |
| destination: | |
| namespace: kyverno | |
| server: https://kubernetes.default.svc | |
| project: default | |
| source: | |
| chart: kyverno | |
| repoURL: https://kyverno.github.io/kyverno | |
| targetRevision: 2.6.0 | |
| syncPolicy: | |
| automated: | |
| prune: true | |
| selfHeal: true | |
| syncOptions: | |
| - CreateNamespace=true | |
| - Replace=true | |
| EOF | |
| ARGOCD_PASSWORD=$(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d) | |
| echo "---------------------------------------------------------------------------------" | |
| echo "ArgoCD is running and available at http://localhost/argocd" | |
| echo "- log in with admin / $ARGOCD_PASSWORD" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment