app-poly-gitops-infra/Taskfile.yaml at main · justgithubaccount/app-poly-gitops-infra · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
# https://taskfile.dev
version: '3'

vars:
  ARGOCD_VERSION: "9.1.6"
  TF_DIR: terraform/timeweb
  KUBECONFIG_PATH: "{{.HOME}}/.kube/timeweb-config"

dotenv: ['.env']

env:
  KUBECONFIG: "{{.KUBECONFIG_PATH}}"

tasks:
  default:
    desc: "Show available tasks"
    cmds:
      - task --list

  # Infrastructure
  init:
    desc: "Initialize terraform and create cluster"
    cmds:
      - terraform -chdir={{.TF_DIR}} init
      - terraform -chdir={{.TF_DIR}} apply -auto-approve -refresh=true
      - task: kubeconfig

  refresh:
    desc: "Refresh Terraform outputs (after code changes)"
    cmds:
      - terraform -chdir={{.TF_DIR}} apply -refresh-only -auto-approve

  plan:
    desc: "Show terraform plan"
    cmds:
      - terraform -chdir={{.TF_DIR}} plan

  kubeconfig:
    desc: "Get kubeconfig from Terraform output"
    cmds:
      - mkdir -p {{.HOME}}/.kube
      - terraform -chdir={{.TF_DIR}} output -raw kubeconfig > {{.KUBECONFIG_PATH}}
      - chmod 600 {{.KUBECONFIG_PATH}}
      - echo "Kubeconfig saved to {{.KUBECONFIG_PATH}}"

  # ArgoCD Bootstrap
  bootstrap:
    desc: "Bootstrap ArgoCD in cluster"
    vars:
      HELM_CMD: >-
        helm template argocd argo/argo-cd
        --namespace argocd
        --version {{.ARGOCD_VERSION}}
        --values bootstrap/argocd/values.yaml
    cmds:
      - >-
        kubectl --kubeconfig={{.KUBECONFIG_PATH}}
        create namespace argocd --dry-run=client -o yaml |
        kubectl --kubeconfig={{.KUBECONFIG_PATH}} apply -f -
      - helm repo add argo https://argoproj.github.io/argo-helm
      - helm repo update
      - '{{.HELM_CMD}} | kubectl --kubeconfig={{.KUBECONFIG_PATH}} apply -f - || {{.HELM_CMD}} | kubectl --kubeconfig={{.KUBECONFIG_PATH}} apply -f -'

  argocd-password:
    desc: "Get ArgoCD admin password"
    cmds:
      - kubectl --kubeconfig={{.KUBECONFIG_PATH}} -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d && echo

  argocd-port-forward:
    desc: "Port-forward ArgoCD UI to localhost:8080"
    cmds:
      - kubectl --kubeconfig={{.KUBECONFIG_PATH}} port-forward svc/argocd-server -n argocd 8080:443

  # GitOps
  app-of-apps:
    desc: "Deploy root Application (app-of-apps)"
    cmds:
      - kubectl --kubeconfig={{.KUBECONFIG_PATH}} apply -f https://raw.githubusercontent.com/justgithubaccount/app-poly-gitops-k8s/main/platform/core/cluster-bootstrap/app-of-apps.yaml

  # Cleanup
  destroy:
    desc: "Destroy infrastructure (DANGER!)"
    prompt: "This will destroy all infrastructure. Are you sure?"
    cmds:
      - terraform -chdir={{.TF_DIR}} destroy -auto-approve

  # Full workflow
  up:
    desc: "Full setup: init + bootstrap + app-of-apps"
    cmds:
      - task: init
      - task: bootstrap
      - task: app-of-apps
      - task: argocd-password

  # === Diagnostics ===
  status:
    desc: "Check ArgoCD status (usage: task status -- [app-name])"
    cmds:
      - ./scripts/argocd-status.sh {{.CLI_ARGS}}

  sync-wait:
    desc: "Wait for ArgoCD app sync (usage: task sync-wait -- app-name)"
    cmds:
      - ./scripts/argocd-sync-check.sh {{.CLI_ARGS}}

  nodes:
    desc: "Check cluster nodes"
    cmds:
      - ./scripts/check-nodes.sh

  # === Secrets ===
  seal:
    desc: "Create SealedSecret (usage: task seal -- name namespace KEY=value)"
    cmds:
      - ./scripts/seal.sh {{.CLI_ARGS}}

  seal:openrouter:
    desc: "Create OpenRouter SealedSecret from .env"
    cmds:
      - ./scripts/seal.sh chat-openrouter chat-api OPENROUTER_API_KEY=$OPENROUTER_API_KEY

  seal:github:
    desc: "Create GitHub repo SealedSecret from .env"
    cmds:
      - ./scripts/seal.sh chat-github argocd --repo url=$GITHUB_REPO_URL username=$GITHUB_USERNAME password=$GITHUB_PAT

  seal:postgree:
    desc: "Create PostgreSQL SealedSecret from .env"
    cmds:
      - ./scripts/seal.sh chat-postgree chat-api DATABASE_URL=$DATABASE_URL

  # === Timeweb CLI ===
  twc:versions:
    desc: "List available K8s versions"
    cmds:
      - twc k8s list-k8s-versions

  twc:presets:
    desc: "List K8s presets (master/worker)"
    cmds:
      - twc k8s list-presets

  twc:list:
    desc: "List K8s clusters"
    cmds:
      - twc k8s list

  twc:kubeconfig:
    desc: "Download kubeconfig for cluster (usage: task twc:kubeconfig -- CLUSTER_ID)"
    cmds:
      - twc k8s kubeconfig {{.CLI_ARGS}} -o {{.KUBECONFIG_PATH}}
      - chmod 600 {{.KUBECONFIG_PATH}}
      - echo "Kubeconfig saved to {{.KUBECONFIG_PATH}}"

  twc:show:
    desc: "Show cluster info (usage: task twc:show -- CLUSTER_ID)"
    cmds:
      - twc k8s show {{.CLI_ARGS}}