adjust external secrets for argocd (#727)

* server side apply argocd

* adjust external secret for reconcile and remove sleep job

* removing extra ServerSideApply true

* add argocd application to all stacks

---------

Co-authored-by: John Dietz <[email protected]>

akamai-github/templates/mgmt/components/argocd/application.yaml

@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: argocd-kustomized-app
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    namespace: argocd
+    name: in-cluster
+  project: default
+  source:
+    path: registry/clusters/<CLUSTER_NAME>/components/argocd
+    repoURL: '<GITOPS_REPO_URL>'
+    targetRevision: HEAD
+    kustomize:
+      forceCommonLabels: true
+      forceCommonAnnotations: true
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+      - ServerSideApply=true

akamai-github/templates/mgmt/components/argocd/argocd-oidc-restart-job.yaml

@@ -58,23 +58,3 @@ spec:
             - kubectl -n argocd rollout restart deployment/argocd-server
       restartPolicy: OnFailure
       serviceAccountName: argocd-oidc-restart-job
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  annotations:
-    argocd.argoproj.io/sync-wave: '120'
-    argocd.argoproj.io/hook: PostSync
-  name: argocd-sleep-after-restart
-  namespace: argocd
-spec:
-  template:
-    spec:
-      containers:
-        - name: argocd-sleep-after-restart-job
-          image: public.ecr.aws/bitnami/kubectl:1.24
-          command:
-            - /bin/sh
-            - -c
-            - "sleep 120"
-      restartPolicy: OnFailure

akamai-github/templates/mgmt/components/argocd/externalsecrets.yaml

@@ -13,10 +13,12 @@ spec:
   refreshInterval: 10s
   data:
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_secret
       secretKey: clientSecret
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_id
       secretKey: clientId

aws-github/templates/mgmt/components/argocd/application.yaml

@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: argocd-kustomized-app
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    namespace: argocd
+    name: in-cluster
+  project: default
+  source:
+    path: registry/clusters/<CLUSTER_NAME>/components/argocd
+    repoURL: '<GITOPS_REPO_URL>'
+    targetRevision: HEAD
+    kustomize:
+      forceCommonLabels: true
+      forceCommonAnnotations: true
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+      - ServerSideApply=true

aws-github/templates/mgmt/components/argocd/argocd-oidc-restart-job.yaml

@@ -58,23 +58,3 @@ spec:
             - kubectl -n argocd rollout restart deployment/argocd-server
       restartPolicy: OnFailure
       serviceAccountName: argocd-oidc-restart-job
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  annotations:
-    argocd.argoproj.io/sync-wave: '120'
-    argocd.argoproj.io/hook: PostSync
-  name: argocd-sleep-after-restart
-  namespace: argocd
-spec:
-  template:
-    spec:
-      containers:
-        - name: argocd-sleep-after-restart-job
-          image: public.ecr.aws/bitnami/kubectl:1.24
-          command:
-            - /bin/sh
-            - -c
-            - "sleep 120"
-      restartPolicy: OnFailure

aws-github/templates/mgmt/components/argocd/externalsecrets.yaml

@@ -13,10 +13,12 @@ spec:
   refreshInterval: 10s
   data:
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_secret
       secretKey: clientSecret
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_id
       secretKey: clientId

aws-gitlab/templates/mgmt/components/argocd/application.yaml

@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: argocd-kustomized-app
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    namespace: argocd
+    name: in-cluster
+  project: default
+  source:
+    path: registry/clusters/<CLUSTER_NAME>/components/argocd
+    repoURL: '<GITOPS_REPO_URL>'
+    targetRevision: HEAD
+    kustomize:
+      forceCommonLabels: true
+      forceCommonAnnotations: true
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+      - ServerSideApply=true

aws-gitlab/templates/mgmt/components/argocd/argocd-oidc-restart-job.yaml

@@ -58,23 +58,3 @@ spec:
             - kubectl -n argocd rollout restart deployment/argocd-server
       restartPolicy: OnFailure
       serviceAccountName: argocd-oidc-restart-job
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  annotations:
-    argocd.argoproj.io/sync-wave: '120'
-    argocd.argoproj.io/hook: PostSync
-  name: argocd-sleep-after-restart
-  namespace: argocd
-spec:
-  template:
-    spec:
-      containers:
-        - name: argocd-sleep-after-restart-job
-          image: public.ecr.aws/bitnami/kubectl:1.24
-          command:
-            - /bin/sh
-            - -c
-            - "sleep 120"
-      restartPolicy: OnFailure

aws-gitlab/templates/mgmt/components/argocd/externalsecrets.yaml

@@ -13,10 +13,12 @@ spec:
   refreshInterval: 10s
   data:
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_secret
       secretKey: clientSecret
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_id
       secretKey: clientId

civo-github/templates/mgmt/components/argocd/argocd-oidc-restart-job.yaml

@@ -58,4 +58,3 @@ spec:
             - kubectl -n argocd rollout restart deployment/argocd-server
       restartPolicy: OnFailure
       serviceAccountName: argocd-oidc-restart-job
-

civo-github/templates/mgmt/components/argocd/externalsecrets.yaml

@@ -13,10 +13,12 @@ spec:
   refreshInterval: 10s
   data:
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_secret
       secretKey: clientSecret
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_id
       secretKey: clientId

civo-gitlab/templates/mgmt/components/argocd/application.yaml

@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: argocd-kustomized-app
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    namespace: argocd
+    name: in-cluster
+  project: default
+  source:
+    path: registry/clusters/<CLUSTER_NAME>/components/argocd
+    repoURL: '<GITOPS_REPO_URL>'
+    targetRevision: HEAD
+    kustomize:
+      forceCommonLabels: true
+      forceCommonAnnotations: true
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+      - ServerSideApply=true

civo-gitlab/templates/mgmt/components/argocd/argocd-oidc-restart-job.yaml

@@ -58,23 +58,3 @@ spec:
             - kubectl -n argocd rollout restart deployment/argocd-server
       restartPolicy: OnFailure
       serviceAccountName: argocd-oidc-restart-job
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  annotations:
-    argocd.argoproj.io/sync-wave: '120'
-    argocd.argoproj.io/hook: PostSync
-  name: argocd-sleep-after-restart
-  namespace: argocd
-spec:
-  template:
-    spec:
-      containers:
-        - name: argocd-sleep-after-restart-job
-          image: public.ecr.aws/bitnami/kubectl:1.24
-          command:
-            - /bin/sh
-            - -c
-            - "sleep 120"
-      restartPolicy: OnFailure

civo-gitlab/templates/mgmt/components/argocd/externalsecrets.yaml

@@ -13,10 +13,12 @@ spec:
   refreshInterval: 10s
   data:
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_secret
       secretKey: clientSecret
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_id
       secretKey: clientId

digitalocean-github/templates/mgmt/argocd.yaml

@@ -15,8 +15,6 @@ spec:
     server: 'https://kubernetes.default.svc'
     namespace: argocd
   syncPolicy:
-    syncOptions:
-    - ServerSideApply=true
     automated:
       prune: true
       selfHeal: true

digitalocean-github/templates/mgmt/components/argocd/application.yaml

@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: argocd-kustomized-app
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    namespace: argocd
+    name: in-cluster
+  project: default
+  source:
+    path: registry/clusters/<CLUSTER_NAME>/components/argocd
+    repoURL: '<GITOPS_REPO_URL>'
+    targetRevision: HEAD
+    kustomize:
+      forceCommonLabels: true
+      forceCommonAnnotations: true
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+      - ServerSideApply=true

digitalocean-github/templates/mgmt/components/argocd/argocd-oidc-restart-job.yaml

@@ -58,23 +58,3 @@ spec:
             - kubectl -n argocd rollout restart deployment/argocd-server
       restartPolicy: OnFailure
       serviceAccountName: argocd-oidc-restart-job
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  annotations:
-    argocd.argoproj.io/sync-wave: '120'
-    argocd.argoproj.io/hook: PostSync
-  name: argocd-sleep-after-restart
-  namespace: argocd
-spec:
-  template:
-    spec:
-      containers:
-        - name: argocd-sleep-after-restart-job
-          image: public.ecr.aws/bitnami/kubectl:1.24
-          command:
-            - /bin/sh
-            - -c
-            - "sleep 120"
-      restartPolicy: OnFailure

digitalocean-github/templates/mgmt/components/argocd/externalsecrets.yaml

@@ -13,10 +13,12 @@ spec:
   refreshInterval: 10s
   data:
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_secret
       secretKey: clientSecret
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_id
       secretKey: clientId

digitalocean-gitlab/templates/mgmt/components/argocd/application.yaml

@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: argocd-kustomized-app
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    namespace: argocd
+    name: in-cluster
+  project: default
+  source:
+    path: registry/clusters/<CLUSTER_NAME>/components/argocd
+    repoURL: '<GITOPS_REPO_URL>'
+    targetRevision: HEAD
+    kustomize:
+      forceCommonLabels: true
+      forceCommonAnnotations: true
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+      - ServerSideApply=true

digitalocean-gitlab/templates/mgmt/components/argocd/argocd-oidc-restart-job.yaml

@@ -58,23 +58,3 @@ spec:
             - kubectl -n argocd rollout restart deployment/argocd-server
       restartPolicy: OnFailure
       serviceAccountName: argocd-oidc-restart-job
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  annotations:
-    argocd.argoproj.io/sync-wave: '120'
-    argocd.argoproj.io/hook: PostSync
-  name: argocd-sleep-after-restart
-  namespace: argocd
-spec:
-  template:
-    spec:
-      containers:
-        - name: argocd-sleep-after-restart-job
-          image: public.ecr.aws/bitnami/kubectl:1.24
-          command:
-            - /bin/sh
-            - -c
-            - "sleep 120"
-      restartPolicy: OnFailure

digitalocean-gitlab/templates/mgmt/components/argocd/externalsecrets.yaml

@@ -13,10 +13,12 @@ spec:
   refreshInterval: 10s
   data:
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_secret
       secretKey: clientSecret
     - remoteRef:
+        conversionStrategy: Default
         key: oidc/argocd
         property: client_id
       secretKey: clientId