Skip to content

Commit b0e6816

Browse files
committed
try
1 parent 794c435 commit b0e6816

2 files changed

Lines changed: 16 additions & 37 deletions

File tree

docs/argocd.md

Lines changed: 8 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -126,10 +126,10 @@ The repository structure is designed for clarity and co-location of configuratio
126126
```
127127
├── infrastructure/
128128
│ └── controllers/
129-
│ └── argocd/
130-
│ ├── apps/ # <-- Config managed BY ArgoCD
129+
│ └── argocd/ # <-- Manually bootstrapped, NOT in AppSet
130+
│ ├── apps/
131131
│ │ ├── appsets/
132-
│ │ │ ├── infrastructure-appset.yaml
132+
│ │ │ ├── infrastructure-appset.yaml #<-- Ignores its own parent
133133
│ │ │ ├── monitoring-appset.yaml
134134
│ │ │ └── my-apps-appset.yaml
135135
│ │ ├── projects.yaml
@@ -152,7 +152,8 @@ The repository structure is designed for clarity and co-location of configuratio
152152

153153
1. **Co-located & Self-Managing ArgoCD**:
154154
- ArgoCD's entire configuration lives logically within `infrastructure/controllers/argocd`.
155-
- The `root` application manages the projects and `ApplicationSet`s from the `apps/` subdirectory, creating a safe, self-managing loop.
155+
- The `root` application manages the projects and `ApplicationSet`s from the `apps/` subdirectory.
156+
- **Crucially, the `infrastructure-appset` explicitly excludes its own directory (`.../argocd`) to prevent a recursive management loop.**
156157

157158
2. **Enterprise Pattern**:
158159
- Clear separation of concerns with three `ApplicationSet`s.
@@ -224,39 +225,10 @@ kubectl describe application my-apps-nginx-development -n argocd
224225
### Common Issues
225226
| Issue | Solution |
226227
|-------|----------|
227-
| **ApplicationSet not generating apps** | Verify the directory structure matches the `path` pattern in the `ApplicationSet`. Check the `ApplicationSet` controller logs in the `argocd` namespace. |
228+
| **ApplicationSet not generating apps** | Verify the directory structure matches the `path` pattern in the `ApplicationSet`. Check the `ApplicationSet` controller logs in the `argocd` namespace. Also ensure you are not accidentally excluding the path you want to deploy. |
229+
| **Recursive loop or Helm error on `infra-argocd`** | This happens if the `infrastructure-appset` discovers the `infrastructure/controllers/argocd` directory. The ApplicationSet must have a generator that explicitly excludes this path to prevent ArgoCD from trying to manage itself. |
228230
| **Applications stuck in sync** | Review application logs (`argocd app logs <app-name>`) and check for sync errors in the UI. |
229231
| **ArgoCD UI not accessible** | Check the `http-route.yaml` and the status of the `istio-ingressgateway` service. |
230232

231233
### ArgoCD Self-Management
232-
```bash
233-
# Check the root application that manages the rest of ArgoCD's config
234-
kubectl get application root -n argocd -o yaml
235-
236-
# View the ArgoCD ApplicationSets managed by the root app
237-
kubectl get applicationsets -n argocd
238-
```
239-
240-
## Enterprise Patterns
241-
242-
This setup follows **enterprise GitOps patterns**:
243-
244-
1. **Infrastructure as Code**: Everything defined in Git.
245-
2. **Self-Service**: Developers can add new applications simply by creating a new directory in the correct path.
246-
3. **Separation of Concerns**: Clear project boundaries for security and organization.
247-
4. **Automated Operations**: Zero-touch deployments after the initial bootstrap.
248-
5. **Observability**: Ready for a full monitoring and alerting stack.
249-
6. **Security**: `AppProject`s provide the foundation for RBAC and policy.
250-
251-
## Taking to Production
252-
253-
This homelab setup translates directly to enterprise environments:
254-
255-
1. **Replace Git repo URL** in the `ApplicationSet`s and `root.yaml`.
256-
2. **Add proper RBAC** to the `AppProject`s for team-based access.
257-
3. **Configure notifications** for Slack/Teams in the ArgoCD `values.yaml`.
258-
4. **Add policy enforcement** with tools like OPA Gatekeeper, using project selectors.
259-
5. **Implement proper secrets management** with External Secrets Operator, which is already set up.
260-
6. **Add multi-cluster support** by adding new cluster destinations to the `AppProject`s and modifying the `ApplicationSet`s.
261-
262-
The patterns and structure remain the same - this is **production-grade GitOps**.
234+
```

infrastructure/controllers/argocd/apps/appsets/infrastructure-appset.yaml

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,9 +11,16 @@ spec:
1111
- git:
1212
repoURL: https://github.com/mitchross/k3s-argocd-proxmox.git # TODO: Replace with your repo URL
1313
revision: HEAD
14-
# Discover any application directory within the infrastructure/*/* path.
14+
# Discover any application directory within the infrastructure/controllers path...
1515
directories:
1616
- path: "infrastructure/controllers/*"
17+
- git:
18+
repoURL: https://github.com/mitchross/k3s-argocd-proxmox.git # TODO: Replace with your repo URL
19+
revision: HEAD
20+
# ...but explicitly exclude the argocd directory itself to prevent a recursive loop.
21+
directories:
22+
- path: "infrastructure/controllers/argocd"
23+
exclude: true
1724
template:
1825
metadata:
1926
# Name is derived from the path, e.g., 'infra-cert-manager'

0 commit comments

Comments
 (0)