59-argo-combined.sh

# Source: https://gist.github.com/48f44d3974db698d3127f52b6e7cd0d3

###########################################################
# Automation of Everything                                #
# How To Combine Argo Events, Workflows, CD, and Rollouts #
# https://youtu.be/XNXJtxkUKeY                            #
###########################################################

# Requirements:
# - k8s v1.19+ cluster with nginx Ingress

#Replace `[...]` with the Kubernetes cluster config location
export KUBECONFIG=[...]

# Replace `[...]` with the GitHub organization or the username
export GH_ORG=[...]

# Replace `[...]` with the base host accessible through NGINX Ingress
export BASE_HOST=[...] # e.g., $INGRESS_HOST.nip.io

export REGISTRY_SERVER=https://index.docker.io/v1/

# Replace `[...]` with the registry username
export REGISTRY_USER=[...]

# Replace `[...]` with the registry password
export REGISTRY_PASS=[...]

# Replace `[...]` with the registry email
export REGISTRY_EMAIL=[...]

# Replace `[...]` with the GitHub token
export GH_TOKEN=[...]

# Replace `[...]` with the GitHub email
export GH_EMAIL=[...]

open https://github.com/vfarcic/argo-combined-app

# Fork it!

git clone \
    https://github.com/$GH_ORG/argo-combined-app.git

cd argo-combined-app

cat kustomize/base/ingress.yaml \
    | sed -e "[email protected]@staging.argo-combined-app.$BASE_HOST@g" \
    | tee kustomize/overlays/staging/ingress.yaml

cat kustomize/overlays/production/rollout.yaml \
    | sed -e "s@vfarcic@$REGISTRY_USER@g" \
    | tee kustomize/overlays/production/rollout.yaml

cat kustomize/overlays/staging/deployment.yaml \
    | sed -e "s@vfarcic@$REGISTRY_USER@g" \
    | tee kustomize/overlays/staging/deployment.yaml

cd ..

open https://github.com/vfarcic/argo-combined-demo

# Fork it!

git clone \
    https://github.com/$GH_ORG/argo-combined-demo.git

cd argo-combined-demo

cat orig/sealed-secrets.yaml \
    | sed -e "s@vfarcic@$GH_ORG@g" \
    | tee production/sealed-secrets.yaml

cat argo-cd/base/ingress.yaml \
    | sed -e "[email protected]@argo-cd.$BASE_HOST@g" \
    | tee argo-cd/overlays/production/ingress.yaml

cat argo-events/base/event-sources.yaml \
    | sed -e "s@vfarcic@$GH_ORG@g" \
    | sed -e "[email protected]@webhook.$BASE_HOST@g" \
    | tee argo-events/overlays/production/event-sources.yaml

cat argo-events/base/sensors.yaml \
    | sed -e "s@value: vfarcic@value: $GH_ORG@g" \
    | sed -e "s@value: CHANGE_ME_IMAGE_OWNER@value: $REGISTRY_USER@g" \
    | tee argo-events/overlays/production/sensors.yaml

cat production/argo-cd.yaml \
    | sed -e "s@vfarcic@$GH_ORG@g" \
    | tee production/argo-cd.yaml

cat production/argo-workflows-resources.yaml \
    | sed -e "s@vfarcic@$GH_ORG@g" \
    | tee production/argo-workflows-resources.yaml

cat production/argo-events-resources.yaml \
    | sed -e "s@vfarcic@$GH_ORG@g" \
    | tee production/argo-events-resources.yaml

cat production/argo-workflows.yaml \   
    | sed -e "[email protected]@argo-workflows.$BASE_HOST@g" \
    | sed -e "s@vfarcic@$GH_ORG@g" \
    | tee production/argo-workflows.yaml

cat production/argo-events.yaml \
    | sed -e "s@vfarcic@$GH_ORG@g" \
    | tee production/argo-events.yaml

cat production/argo-rollouts.yaml \
    | sed -e "s@vfarcic@$GH_ORG@g" \
    | tee production/argo-rollouts.yaml

cat production/argo-combined-app.yaml \
    | sed -e "[email protected]/[email protected]/$GH_ORG@g" \
    | sed -e "s@- vfarcic@- $REGISTRY_USER@g" \
    | tee production/argo-combined-app.yaml

cat staging/argo-combined-app.yaml \
    | sed -e "[email protected]/[email protected]/$GH_ORG@g" \
    | sed -e "s@- vfarcic@- $REGISTRY_USER@g" \
    | tee staging/argo-combined-app.yaml

cat apps.yaml \
    | sed -e "s@vfarcic@$GH_ORG@g" \
    | tee apps.yaml

kubectl apply --filename sealed-secrets

kubectl --namespace workflows \
    create secret \
    docker-registry regcred \
    --docker-server=$REGISTRY_SERVER \
    --docker-username=$REGISTRY_USER \
    --docker-password=$REGISTRY_PASS \
    --docker-email=$REGISTRY_EMAIL \
    --output json \
    --dry-run=client \
    | kubeseal --format yaml \
    | tee argo-workflows/overlays/production/regcred.yaml

# Wait for a while and repeat the previous command if the output contains `cannot fetch certificate` error message

echo "apiVersion: v1
kind: Secret
metadata:
  name: github-access
  namespace: workflows
type: Opaque
data:
  token: $(echo -n $GH_TOKEN | base64)
  user: $(echo -n $GH_ORG | base64)
  email: $(echo -n $GH_EMAIL | base64)" \
    | kubeseal --format yaml \
    | tee argo-workflows/overlays/workflows/githubcred.yaml

echo "apiVersion: v1
kind: Secret
metadata:
  name: github-access
  namespace: argo-events
type: Opaque
data:
  token: $(echo -n $GH_TOKEN | base64)" \
    | kubeseal --format yaml \
    | tee argo-events/overlays/production/githubcred.yaml

git add .

git commit -m "Manifests"

git push

cd ..

######################
# GitOps deployments #
######################

cd argo-combined-demo

ls -1 production/

cat production/argo-cd.yaml

helm upgrade --install argocd argo/argo-cd --namespace argocd --create-namespace --set server.ingress.hosts="{argo-cd.$BASE_HOST}" --set server.ingress.enabled=true --set server.extraArgs="{--insecure}" --set controller.args.appResyncPeriod=30 --set server.ingress.ingressClassName=nginx --wait

kubectl --namespace argocd \
    rollout status \
    deployment argocd-server

export PASS=$(kubectl \
    --namespace argocd \
    get secret argocd-initial-admin-secret \
    --output jsonpath="{.data.password}" \
    | base64 --decode)

echo $PASS 

#use admin / $PASS to login to ArgoCD UI

open http://argo-cd.$BASE_HOST

# Use `admin` as the user and `admin123` as the password

cat project.yaml

kubectl apply --filename project.yaml

cat apps.yaml

kubectl apply --filename apps.yaml

########################
# Events and workflows #
########################

cat argo-events/overlays/production/event-sources.yaml

cat argo-events/overlays/production/sensors.yaml

open https://github.com/$GH_ORG/argo-combined-app/settings/hooks

open http://argo-workflows.$BASE_HOST

cd ../argo-combined-app

# This might not work with providers that do not expose the IP but a host (e.g., AWS EKS)
export ISTIO_HOST=$(kubectl \
    --namespace istio-system \
    get svc istio-ingressgateway \
    --output jsonpath="{.status.loadBalancer.ingress[0].ip}")

echo $ISTIO_HOST

cat kustomize/base/istio.yaml \
    | sed -e "[email protected]@argo-combined-app.$ISTIO_HOST.nip.io@g" \
    | tee kustomize/overlays/production/istio.yaml

cat config.toml \
    | sed -e "s@Where DevOps becomes practice@Subscribe now\!\!\!@g" \
    | tee config.toml

git add .

git commit -m "A silly change"

git push

###################
# GitOps upgrades #
###################

open http://staging.argo-combined-app.$BASE_HOST

######################
# Canary deployments #
######################

cat kustomize/overlays/production/rollout.yaml

kubectl argo rollouts \
    --namespace production \
    get rollout argo-combined-app \
    --watch

open http://argo-combined-app.$BASE_HOST.nip.io

Hey Victor, loving your videos. Can you check this the argo-combined-demo git repo, I think the file production/argo-cd.yaml is missing.

Unfortunately, I used that repo for a few other demos and talks, had to refactor it for a talk I did, and forgot to update the Gist. So, it's not working anymore. I'll do my best to create a new one (or correct it) but, until I do that, it's not operational :( Sorry for that... That tech changes too fast and it's very challenging for me to keep everything always up-to-date.