Gaurav Agarwal bharatmicrosystems

## nginx-fine-grained.yaml
apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  securityContext:
    seccompProfile:
      type: Localhost

## setup-argo.yml
name: Create Kubernetes Cluster and Install Argo
on: push
jobs:
  deploy-terraform:
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: ./terraform
    steps:
    - uses: actions/checkout@v2

## my-nginx-app.tf
data "kubectl_file_documents" "my-nginx-app" {
    content = file("../manifests/argocd/my-nginx-app.yaml")
}

resource "kubectl_manifest" "my-nginx-app" {
    depends_on = [
      kubectl_manifest.argocd,
    ]
    count     = length(data.kubectl_file_documents.my-nginx-app.documents)
    yaml_body = element(data.kubectl_file_documents.my-nginx-app.documents, count.index)

## my-nginx-app.yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: my-nginx
  namespace: argocd
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  project: default
  source:

## nginx.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-nginx
spec:
  selector:
    matchLabels:
      run: my-nginx
  replicas: 2
  template:

## install-argocd.yaml
provider "kubectl" {
  host                   = module.gke_auth.host
  cluster_ca_certificate = module.gke_auth.cluster_ca_certificate
  token                  = module.gke_auth.token
  load_config_file       = false
}

data "kubectl_file_documents" "namespace" {
    content = file("../manifests/argocd/namespace.yaml")
}

## namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: argocd

## gke.tf
provider "google" {
  project = var.project_id
  region  = var.region
  zone    = var.location
}

resource "google_service_account" "main" {
  account_id   = "${var.cluster_name}-sa"
  display_name = "GKE Cluster ${var.cluster_name} Service Account"
}

## backend.tf
terraform {
  required_version = ">= 0.13"
  required_providers {
    kubectl = {
      source  = "gavinbunney/kubectl"
      version = ">= 1.7.0"
    }
  }
  backend "gcs" {
    bucket = "terraform-backend-<project-id>"

## nginx-deployment.yaml
cat <<EOF | kubectl apply -f -
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  selector:
    matchLabels:
      app: nginx
  replicas: 2
	apiVersion: v1
	kind: Pod
	metadata:
	name: nginx
	labels:
	app: nginx
	spec:
	securityContext:
	seccompProfile:
	type: Localhost
	name: Create Kubernetes Cluster and Install Argo
	on: push
	jobs:
	deploy-terraform:
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: ./terraform
	steps:
	- uses: actions/checkout@v2
	data "kubectl_file_documents" "my-nginx-app" {
	content = file("../manifests/argocd/my-nginx-app.yaml")
	}

	resource "kubectl_manifest" "my-nginx-app" {
	depends_on = [
	kubectl_manifest.argocd,
	]
	count = length(data.kubectl_file_documents.my-nginx-app.documents)
	yaml_body = element(data.kubectl_file_documents.my-nginx-app.documents, count.index)
	apiVersion: argoproj.io/v1alpha1
	kind: Application
	metadata:
	name: my-nginx
	namespace: argocd
	finalizers:
	- resources-finalizer.argocd.argoproj.io
	spec:
	project: default
	source:
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: my-nginx
	spec:
	selector:
	matchLabels:
	run: my-nginx
	replicas: 2
	template:
	provider "kubectl" {
	host = module.gke_auth.host
	cluster_ca_certificate = module.gke_auth.cluster_ca_certificate
	token = module.gke_auth.token
	load_config_file = false
	}

	data "kubectl_file_documents" "namespace" {
	content = file("../manifests/argocd/namespace.yaml")
	}
	provider "google" {
	project = var.project_id
	region = var.region
	zone = var.location
	}

	resource "google_service_account" "main" {
	account_id = "${var.cluster_name}-sa"
	display_name = "GKE Cluster ${var.cluster_name} Service Account"
	}
	terraform {
	required_version = ">= 0.13"
	required_providers {
	kubectl = {
	source = "gavinbunney/kubectl"
	version = ">= 1.7.0"
	}
	}
	backend "gcs" {
	bucket = "terraform-backend-<project-id>"
	cat <<EOF \| kubectl apply -f -
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: nginx-deployment
	spec:
	selector:
	matchLabels:
	app: nginx
	replicas: 2