Kubefirst Instant GitOps Platforms
Install | Twitter | LinkedIn | Slack | Blog
The gitops
repository has 2 main sections
/registry
: the argocd gitops application registry for each of our clusters/terraform
: infrastructure as code & configuration as code for your cloud, git provider, vault, and user resources
The kubefirst cli has established the following applications:
Application | Namespace | Description | URL (where applicable) |
---|---|---|---|
Argo CD | argocd | GitOps Continuous Delivery | <ARGOCD_INGRESS_URL> |
Argo Workflows | argo | Application Continuous Integration | <ARGO_WORKFLOWS_INGRESS_URL> |
Atlantis | atlantis | Terraform Workflow Automation | <ATLANTIS_INGRESS_URL> |
Cert Manager | cert-manager | Certificate Automation Utility | |
Certificate Issuers | clusterwide | Let's Encrypt browser-trusted certificates | |
Chart Museum | chartmuseum | Helm Chart Registry | <CHARTMUSEUM_INGRESS_URL> |
External Secrets | external-secrets | Syncs Kubernetes secrets with Vault secrets | |
Nginx Ingress Controller | ingress-nginx | Ingress Controller | |
Vault | vault | Secrets Management | <VAULT_INGRESS_URL> |
The argocd configurations in this repo can be found in the registry directory. The applications that we build and release on the kubefirst platform will also be registered here in the development, staging, and production folders. The metaphor
application can be found there to serve as an example to follow for building and shipping code on the platform.
The main
branch's registry directory represents the gitops desired state for all apps registered with kubernetes. Argo CD will automatically apply your desired state to kubernetes through. You can see the Sync status of all of your apps in argo cd.
The terraform in this repository can be found in the terraform directory. It has entry points for management of cloud resources, vault configurations, git provider configurations, and user management.
All of our terraform is automated with a tool called atlantis that integrates with your git pull requests. To see the terraform entry points and under what circumstance they are triggered, see atlantis.yaml.
Any change to a *.tf
file, even a whitespace change, will trigger its corresponding Atlantis workflow once a pull request is submitted. Within a minute it will post the plan to the pull request with instruction on how to apply the plan if approved.