Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ROX-26039: Create tenant argoCd app #2009

Merged
merged 5 commits into from
Nov 14, 2024
Merged

ROX-26039: Create tenant argoCd app #2009

merged 5 commits into from
Nov 14, 2024

Conversation

ludydoo
Copy link
Collaborator

@ludydoo ludydoo commented Sep 2, 2024
edited
Loading

Description

Adds the support for deploying tenant-resources through ArgoCD rather than the built-in tenant-resources chart. The CentralReconciler will

  • Create an ArgoCD application if the flag is enabled for a tenant
  • Delete the ArgoCD application if the flag is disabled (or do nothing)
Screenshot 2024-11-12 at 10 59 54 AM

Environment variables have been added that represent the default tenant-resources application source. Currently, it defaults to
Repo github.com/stackrox/acscs-manifests
Path tenant-resources
Ref HEAD

Because this is an opt-in feature, at this point deploying this will have no consequence on the int/stage/prod environments.

The acscs-manifests repository is private. But ArgoCD should have access to it thanks to https://github.com/stackrox/acs-fleet-manager-aws-config/pull/257

A further step in the development of the feature is to enable the local development support for ArgoCD: https://github.com/stackrox/acs-fleet-manager/pull/2074/files

Checklist (Definition of Done)

  • Unit and integration tests added
  • Added test description under Test manual
  • Documentation added if necessary (i.e. changes to dev setup, test execution, ...)
  • CI and all relevant tests are passing
  • Add the ticket number to the PR title if available, i.e. ROX-12345: ...
  • Discussed security and business related topics privately. Will move any security and business related topics that arise to private communication channel.
  • Add secret to app-interface Vault or Secrets Manager if necessary
  • RDS changes were e2e tested manually
  • Check AWS limits are reasonable for changes provisioning new resources
  • (If applicable) Changes to the dp-terraform Helm values have been reflected in the addon on integration environment

Test manual

TODO: Add manual testing efforts

# To run tests locally run:
make db/teardown db/setup db/migrate
make ocm/setup
make verify lint binary test test/integration

@openshift-ci openshift-ci bot added the approved label Sep 2, 2024
@ludydoo ludydoo force-pushed the ROX-26038-argocd-tenant-flag branch from cb7795a to 2f08d57 Compare September 4, 2024 12:10
@ludydoo ludydoo force-pushed the ROX-26039-create-argocd-tenant-app branch from f42e55c to a1ac500 Compare September 4, 2024 12:47
Base automatically changed from ROX-26038-argocd-tenant-flag to main October 14, 2024 09:58
@ludydoo ludydoo force-pushed the ROX-26039-create-argocd-tenant-app branch from a1ac500 to 3635f24 Compare October 16, 2024 08:47
kovayur
kovayur approved these changes Oct 16, 2024
View reviewed changes
Copy link
Contributor

@kovayur kovayur left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔥

@openshift-ci openshift-ci bot added the lgtm label Oct 16, 2024
@ludydoo ludydoo force-pushed the ROX-26039-create-argocd-tenant-app branch from e3a4736 to e4d10fa Compare October 16, 2024 11:26
@openshift-ci openshift-ci bot removed the lgtm label Oct 16, 2024
johannes94
johannes94 requested changes Oct 16, 2024
View reviewed changes
Copy link
Contributor

@johannes94 johannes94 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't like being the "Process-driven block a PR because of formal issues guy", but for a change like this, I'd expect more information in the PR description. For instance how you've tested the changes and also a functional description of what you expect / not expect to work after this PR.

fleetshard/config/config.go Outdated Show resolved Hide resolved
fleetshard/pkg/central/reconciler/reconciler.go Outdated
return nil
}

func (r *CentralReconciler) getArgoCDApplication(remoteCentral private.ManagedCentral) (*argocd.Application, error) {
Copy link
Contributor

@johannes94 johannes94 Oct 16, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: The method name was confusing me. I expected this function to send a GET requests to argoCd as opposed to creating the *argocd.Application object from a remoteCentral.

fleetshard/pkg/central/reconciler/reconciler.go Outdated Show resolved Hide resolved
@ludydoo
Copy link
Collaborator Author

ludydoo commented Oct 16, 2024
edited
Loading

https://github.com/stackrox/acs-fleet-manager/pull/2074/files

You're right. After some thought, I believe it would make sense to merge both https://github.com/stackrox/acs-fleet-manager/pull/2074/files and this PR together. Otherwise it might break the local development setup (because argoCD CRDs would not be present). Though it is easier to review separately.

Edit: suspicion confirmed by the failing e2e test.

1 runtime.go:249] Unexpected error occurred rhacs-cs7r0jv6t49s7391gqdg/e2e-b8f0c67c874f629f: unable to delete ArgoCD application for central rhacs-cs7r0jv6t49s7391gqdg/e2e-b8f0c67c874f629f: getting ArgoCD application: no matches for kind "Application" in version "argoproj.io/v1alpha1"

@ludydoo ludydoo force-pushed the ROX-26039-create-argocd-tenant-app branch from e4d10fa to a614365 Compare October 22, 2024 08:30
@ludydoo ludydoo changed the base branch from main to lc/ROX-26523-dev-argocd October 22, 2024 08:30
Base automatically changed from lc/ROX-26523-dev-argocd to main October 23, 2024 08:20
@ludydoo ludydoo requested a review from kovayur November 11, 2024 14:02
@ludydoo
Copy link
Collaborator Author

ludydoo commented Nov 11, 2024

/retest

@openshift-ci openshift-ci bot added the lgtm label Nov 12, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Nov 12, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: johannes94, kovayur, ludydoo

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [johannes94,kovayur,ludydoo]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot removed the lgtm label Nov 12, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Nov 12, 2024

New changes are detected. LGTM label has been removed.

@ludydoo ludydoo force-pushed the ROX-26039-create-argocd-tenant-app branch from 37ef489 to 478540f Compare November 12, 2024 12:56
@ludydoo
Copy link
Collaborator Author

ludydoo commented Nov 12, 2024

/retest

2 similar comments
@ludydoo
Copy link
Collaborator Author

ludydoo commented Nov 12, 2024

/retest

@ludydoo
Copy link
Collaborator Author

ludydoo commented Nov 13, 2024

/retest

@ludydoo ludydoo merged commit 688f7a6 into main Nov 14, 2024
15 checks passed
@ludydoo ludydoo deleted the ROX-26039-create-argocd-tenant-app branch November 14, 2024 08:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@johannes94 johannes94 johannes94 approved these changes

@kovayur kovayur kovayur approved these changes

@kurlov kurlov Awaiting requested review from kurlov

Assignees

@kovayur kovayur

@johannes94 johannes94

Labels
approved
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ludydoo @kovayur @johannes94 @openshift-merge-robot