This repository contains the k8s manifest for all the applications in the Code4ro platform.
The k8s cluster is using ArgoCD to automatically deploy manifests when a new change is detected.
The flow is as follow:
- User adds a new tag in application git repository
- CI kicks in in that repository and builds the new image
- The image is pushed to docker hub with that specific tag
- A new commit is made by the CI/user on this repo in which we change the image version in the manifest (wait for the GHA that pushes the image to DockerHub to end successfuly)
- ArgoCD will detect the change in this repo and apply the manifests to the k8s cluster
ArgoCD projects:
- infra: knative, cert-manager, sealed-secrets and argocd.
infra/argo-apps-infra.yamlis the root ArgoCD Application forinfra/argo-apps.infra/argo-appsstore the ArgoCD Applications. - default: all applications manifests.
apps/argo-apps-default.yamlis the root ArgoCD Application forinfra/argo-apps.apps/argo-appsstore the ArgoCD Applications.
Encrypt secrets and store them on git. Below is an example of how to create secrets with kubeseal.
# Create a yaml-encoded Secret somehow:
# (note use of `--dry-run` - this is just a local file!)
echo -n bar | kubectl create secret generic mysecret --dry-run=client --from-file=foo=/dev/stdin -o yaml >secret.yaml
# This is the important bit:
kubeseal --controller-namespace sealed-secrets --controller-name sealed-secrets --format yaml <secret.yaml >sealed-secret.yaml
# At this point sealed-secret.yaml is safe to upload to Github
# Test it
kubectl get secret my-secret
For automatically regenerating certificates with Lets Encrypt using Route53 integration.
This project is built by amazing volunteers and you can be one of them! Here's a list of ways in which you can contribute to this project. If you want to make any change to this repository, please make a fork first.
- Request a new feature on GitHub.
- Vote for popular feature requests.
- File a bug in GitHub Issues.
- Email us with other feedback [email protected]
This project is licensed under the MPL 2.0 License - see the LICENSE file for details
Started in 2016, Code for Romania is a civic tech NGO, official member of the Code for All network. We have a community of around 2.000 volunteers (developers, ux/ui, communications, data scientists, graphic designers, devops, it security and more) who work pro-bono for developing digital solutions to solve social problems. #techforsocialgood. If you want to learn more details about our projects visit our site or if you want to talk to one of our staff members, please e-mail us at [email protected].
Last, but not least, we rely on donations to ensure the infrastructure, logistics and management of our community that is widely spread across 11 timezones, coding for social change to make Romania and the world a better place. If you want to support us, you can do it here.