Argo CD GitOps
GitOps
Github, Github Action, ECR, Argo-CD, Helm Chart를 이용한 GitOps 설정에 대한 예시입니다.
GitOps Repository
project/
├── .helmignore
├── cd/
│ └── dev-values.yaml
├── Chart.yaml
├── templates/
│ ├── _helpers.tpl
│ ├── backend/
│ │ └── ...
│ └── frontend/
│ ├── _helpers.tpl
│ ├── deployments.yaml
│ ├── horizontalpodautoscaler.yaml
│ ├── service.yaml
│ └── serviceaccount.yaml
└── values.yaml
project/values.yaml
nameOverride: ""
namespaceOverride: ""
fullnameOverride: ""
commonLabels: {}
frontend:
image:
repository: "<ecr>/frontend"
tag: ""
pullPolicy: IfNotPresent
podLabels: {}
resources: {}
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 10
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
backend:
image:
repository: "<ecr>/backend"
tag: ""
pullPolicy: IfNotPresent
# ...
{{- define "project.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- define "project.namespace" -}}
{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- define "project.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := (include "project.name" . ) }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{- define "project.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- define "project.labels" -}}
{{- range $name, $value := .Values.commonLabels -}}
{{ $name }}: {{ tpl $value $ }}
{{ end -}}
helm.sh/chart: {{ include "project.chart" . }}
app.kubernetes.io/part-of: {{ include "project.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/created-by: "hhk7734@gmail.com"
{{- end }}
project/templates/frontend/_helpers.tpl
{{- define "project.frontend.fullname" -}}
{{ include "project.fullname" . }}-frontend
{{- end }}
{{- define "project.frontend.matchLabels" -}}
app.kubernetes.io/name: {{ include "project.frontend.fullname" . }}
app: {{ include "project.frontend.fullname" . }}
{{- end }}
{{- define "project.frontend.labels" }}
{{- include "project.labels" . }}
{{ include "project.frontend.matchLabels" . }}
{{- end }}
Github Action for CD
info
사용할 수 있는 컨텍스트 정보를 아래 Action을 통해 확인 할 수 있습니다.
name: Context testing
on: push
jobs:
dump_contexts_to_log:
runs-on: ubuntu-latest
steps:
- name: Dump GitHub context
id: github_context_step
run: echo '${{ toJSON(github) }}'
- name: Dump job context
run: echo '${{ toJSON(job) }}'
- name: Dump steps context
run: echo '${{ toJSON(steps) }}'
- name: Dump runner context
run: echo '${{ toJSON(runner) }}'
- name: Dump strategy context
run: echo '${{ toJSON(strategy) }}'
- name: Dump matrix context
run: echo '${{ toJSON(matrix) }}'
아래 예시는 프로젝트 중 프론트 엔드 dev용 CD Action 파일입니다.
name: Frontend CD Dev
on:
push:
# development
branches:
- main
## stage
# tags:
# - "v[0-9]+.[0-9]+.[0-9]+-rc.[0-9]+"
## production
# tags:
# - "v[0-9]+.[0-9]+.[0-9]+"
# 같은 group인 경우 이전 작업은 취소되고 새로운 작업만 수행합니다
concurrency:
group: frontend-cd-dev
cancel-in-progress: true
jobs:
cd:
name: CD
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1-node16
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-2
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Get TAG
id: tag
run: |
# development, Commit Hash의 앞 9자리를 잘라서 TAG로 설정합니다
TAG=$(echo ${{ github.sha }} | cut -c1-9)
# production
# TAG=${{ github.ref_name }}
echo TAG=$TAG
echo "tag=$TAG" >> $GITHUB_OUTPUT
- name: Build and push image to Amazon ECR
env:
ECR_REPOSITORY: ${{ steps.login-ecr.outputs.registry }}/frontend
IMAGE_TAG: ${{ steps.tag.outputs.tag }}
run: |
docker build --build-arg ENV_FILE=.env.development -t $ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REPOSITORY:$IMAGE_TAG
## production
# - name: Release
# uses: softprops/action-gh-release@v1
# with:
# generate_release_notes: true
# env:
# GITHUB_TOKEN: ${{ secrets.PAT }}
- name: Checkout argocd
uses: actions/checkout@v3
with:
# GitOps Repository
repository: hhk7734/argocd
ref: main
token: ${{ secrets.PAT }}
path: argocd
- name: Update frontend helm values
uses: mikefarah/yq@master
env:
ECR_REPOSITORY: ${{ steps.login-ecr.outputs.registry }}/frontend
IMAGE_TAG: ${{ steps.tag.outputs.tag }}
with:
cmd: |
yq -i '
.frontend.image.repository = strenv(ECR_REPOSITORY) |
.frontend.image.tag = strenv(IMAGE_TAG)
' argocd/project/cd/dev-values.yaml
- name: Commit files
env:
COMMIT_AUTHOR_NAME: ${{ github.event.head_commit.author.name }}
COMMIT_AUTHOR_EMAIL: ${{ github.event.head_commit.author.email }}
IMAGE_TAG: ${{ steps.tag.outputs.tag }}
run: |
cd argocd
git config --global user.name "$COMMIT_AUTHOR_NAME"
git config --global user.email "$COMMIT_AUTHOR_EMAIL"
git commit -am "chore: set project/frontend tag to $IMAGE_TAG"
- name: Push changes
uses: ad-m/github-push-action@master
with:
# GitOps Repository
repository: hhk7734/argocd
github_token: ${{ secrets.PAT }}
branch: main
directory: argocd