raynix 筆記

ArgoCD, Jsonnet and Tanka

Ever since I’ve installed ArgoCD in my garage Kubernetes lab, I wanted to make Tanka work with ArgoCD, so that I can do GitOps with Jsonnet, in addition to YAML, kustomize and helm charts.

I was hugely inspired by(read: copied and pasted from) this blog post. Here are the steps I made Tanka worked as a plugin of ArgoCD.

In my previous post, I created my own sideloader container image to load Tanka(tk) and Jsonnet bundler(jb) into the ArgoCD repo server. This is a better approach in my opinion because it hides all the beautiful bash commands needed to side load binaries in ArgoCD’s official custom tooling instructions.

With the tk and jb binaries ready, the next step is to configure Tanka as a plugin of ArgoCD. A ConfigMap( named argocd-cm by default ) hold a lot of server settings for ArgoCD. A full YAML example for argocd-cm can be found here, but for this task only a plugin definition is needed.

data:
  configManagementPlugins: |
    - name: tanka
      init:
        # with my sideloader, binaries are in /sideloader directory
        command: ["/sideloader/jb"]
        args: ["install"]
      generate:
        # `sh -c` is necessary to substitude the ENVs in the args 
        command: ["/bin/sh", "-c"]
        # note: since ArgoCD 2.4, all ENVs will be prefixed with `ARGOCD_ENV_`
        args: ["/sideloader/tk show environments/${ARGOCD_ENV_TK_ENV} --dangerous-allow-redirect"]

That last step is to check-in an ArgoCD application which points to where the Tanka repository is. Note the plugin section below.

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: httpbin
  namespace: argocd
  finalizers:
  - resources-finalizer.argocd.argoproj.io
spec:
  destination:
    namespace: default
    server: https://kubernetes.default.svc
  project: default
  source:
    path: httpbin
    repoURL: https://github.com/raynix/argo-gitops.git
    targetRevision: HEAD
    # to invoke the tanka plugin
    plugin:
      name: tanka
      env:
        - name: TK_ENV
          value: default
  syncPolicy:
    automated:
      prune: true

The Tanka and Jsonnet files I did for httpbin is here. The result is very satisfying.

Good luck with your experiment 🙂

PS. I tried to use istio-libsonnet to generate Istio Gateway and VirtualService objects but at the moment it was broken so I wrote my own simple helper for those Istio resources.

admin

,
, , , ,