Skip to content

Commit 88ce0f7

Browse files
committed
fix: remove argocd-update and uses http for sync verification
1 parent 02bb91a commit 88ce0f7

7 files changed

Lines changed: 81 additions & 16 deletions

File tree

argo-cd-apps/base/internal/kargo/appset.yaml

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,6 @@ spec:
1313
template:
1414
metadata:
1515
name: kargo-{{nameNormalized}}
16-
annotations:
17-
kargo.akuity.io/authorized-stage: kargo-infra-common:ring-1-staging,kargo-infra-common:ring-2-production
1816
spec:
1917
project: default
2018
source:

argo-cd-apps/base/internal/rover-group-sync/appset.yaml

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,8 +12,6 @@ spec:
1212
template:
1313
metadata:
1414
name: rover-group-sync
15-
annotations:
16-
kargo.akuity.io/authorized-stage: kargo-infra-common:ring-1-staging,kargo-infra-common:ring-2-production
1715
spec:
1816
project: default
1917
source:

argo-cd-apps/overlays/internal-staging/dummy-deployment.yaml

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,6 @@ spec:
1111
template:
1212
metadata:
1313
name: dummy-deployment-{{nameNormalized}}
14-
annotations:
15-
kargo.akuity.io/authorized-stage: kargo-infra-common:ring-1-staging
1614
spec:
1715
project: default
1816
source:
Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
---
2+
apiVersion: v1
3+
kind: ServiceAccount
4+
metadata:
5+
name: argocd-app-reader
6+
---
7+
apiVersion: v1
8+
kind: Secret
9+
metadata:
10+
name: argocd-app-reader-token
11+
annotations:
12+
kubernetes.io/service-account.name: argocd-app-reader
13+
type: kubernetes.io/service-account-token
14+
---
15+
apiVersion: rbac.authorization.k8s.io/v1
16+
kind: ClusterRole
17+
metadata:
18+
name: kargo-infra-common-argocd-app-reader
19+
rules:
20+
- apiGroups:
21+
- argoproj.io
22+
resources:
23+
- applications
24+
verbs:
25+
- get
26+
---
27+
apiVersion: rbac.authorization.k8s.io/v1
28+
kind: ClusterRoleBinding
29+
metadata:
30+
name: kargo-infra-common-argocd-app-reader
31+
roleRef:
32+
apiGroup: rbac.authorization.k8s.io
33+
kind: ClusterRole
34+
name: kargo-infra-common-argocd-app-reader
35+
subjects:
36+
- kind: ServiceAccount
37+
name: argocd-app-reader
38+
namespace: kargo-infra-common

components/kargo/internal-production/projects/kargo-infra-common/base/rbac/kustomization.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,3 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
33
kind: Kustomization
44
resources:
55
- rbac.yaml
6+
- argocd-app-reader.yaml

components/kargo/internal-production/projects/kargo-infra-common/base/stage-ring-1-staging.yaml

Lines changed: 21 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -87,12 +87,28 @@ spec:
8787
config:
8888
repoURL: ${{ vars.repoURL }}
8989
prNumber: ${{ outputs['open-pr'].pr.id }}
90-
- uses: argocd-update
91-
as: argocd-update
90+
- uses: http
91+
as: wait-for-revision
92+
retry:
93+
timeout: 15m
94+
config:
95+
method: GET
96+
url: https://kubernetes.default.svc/apis/argoproj.io/v1alpha1/namespaces/argocd-local/applications/${{ vars.component }}-in-cluster
97+
headers:
98+
- name: Authorization
99+
value: Bearer ${{ secret('argocd-app-reader-token').token }}
100+
insecureSkipTLSVerify: true
101+
successExpression: |
102+
response.status == 200 &&
103+
response.body?.status?.sync?.status == 'Synced' &&
104+
response.body?.status?.sync?.revision == '${{ outputs['wait-for-pr'].commit }}'
105+
failureExpression: |
106+
response.body?.status?.health?.status == 'Degraded' ||
107+
response.body?.status?.operationState?.phase in ['Failed', 'Error']
108+
timeout: 60s
109+
- uses: argocd-wait
110+
as: argocd-wait
92111
config:
93112
apps:
94113
- name: ${{ vars.component }}-in-cluster
95114
namespace: argocd-local
96-
sources:
97-
- repoURL: ${{ vars.repoURL }}
98-
desiredRevision: ${{ outputs['wait-for-pr'].commit }}

components/kargo/internal-production/projects/kargo-infra-common/base/stage-ring-2-production.yaml

Lines changed: 21 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -77,12 +77,28 @@ spec:
7777
config:
7878
repoURL: ${{ vars.repoURL }}
7979
prNumber: ${{ outputs['open-pr'].pr.id }}
80-
- uses: argocd-update
81-
as: argocd-update
80+
- uses: http
81+
as: wait-for-revision
82+
retry:
83+
timeout: 15m
84+
config:
85+
method: GET
86+
url: https://kubernetes.default.svc/apis/argoproj.io/v1alpha1/namespaces/argocd-local/applications/${{ vars.component }}-in-cluster
87+
headers:
88+
- name: Authorization
89+
value: Bearer ${{ secret('argocd-app-reader-token').token }}
90+
insecureSkipTLSVerify: true
91+
successExpression: |
92+
response.status == 200 &&
93+
response.body?.status?.sync?.status == 'Synced' &&
94+
response.body?.status?.sync?.revision == '${{ outputs['wait-for-pr'].commit }}'
95+
failureExpression: |
96+
response.body?.status?.health?.status == 'Degraded' ||
97+
response.body?.status?.operationState?.phase in ['Failed', 'Error']
98+
timeout: 60s
99+
- uses: argocd-wait
100+
as: argocd-wait
82101
config:
83102
apps:
84103
- name: ${{ vars.component }}-in-cluster
85104
namespace: argocd-local
86-
sources:
87-
- repoURL: ${{ vars.repoURL }}
88-
desiredRevision: ${{ outputs['wait-for-pr'].commit }}

0 commit comments

Comments
 (0)