From 858b569eeabc70202b3648559e9fcc9d00f6d9ba Mon Sep 17 00:00:00 2001
From: Richard Robert Reitz <richard-robert.reitz@telekom.de>
Date: Sat, 7 Dec 2024 19:09:08 +0100
Subject: [PATCH] Added ALPHA quality kargo stack from cnoe stack

---
 template/registry/kargo.yaml                  | 24 ++++++
 template/stacks/kargo/kargo.yaml              | 23 ++++++
 template/stacks/kargo/kargo/cert-manager.yaml | 28 +++++++
 template/stacks/kargo/kargo/kargo.yaml        | 73 +++++++++++++++++++
 4 files changed, 148 insertions(+)
 create mode 100644 template/registry/kargo.yaml
 create mode 100644 template/stacks/kargo/kargo.yaml
 create mode 100644 template/stacks/kargo/kargo/cert-manager.yaml
 create mode 100644 template/stacks/kargo/kargo/kargo.yaml

diff --git a/template/registry/kargo.yaml b/template/registry/kargo.yaml
new file mode 100644
index 0000000..7917f2b
--- /dev/null
+++ b/template/registry/kargo.yaml
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: kargo
+  namespace: argocd
+  labels:
+    env: dev
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    name: in-cluster
+    namespace: argocd
+  source:
+    path: stacks/kargo
+    repoURL: 'https://gitea.{{ .Values.edfbuilderTargetDomain }}/giteaAdmin/edfbuilder'
+    targetRevision: HEAD
+  project: default
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
diff --git a/template/stacks/kargo/kargo.yaml b/template/stacks/kargo/kargo.yaml
new file mode 100644
index 0000000..987ca3b
--- /dev/null
+++ b/template/stacks/kargo/kargo.yaml
@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: kargo
+  namespace: argocd
+  labels:
+    env: dev
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  syncPolicy:
+    automated:
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+  destination:
+    name: in-cluster
+    namespace: kargo
+  source:
+    path: stacks/kargo/kargo
+    repoURL: https://gitea.{{ .Values.edfbuilderTargetDomain }}/giteaAdmin/edfbuilder
+    targetRevision: HEAD
diff --git a/template/stacks/kargo/kargo/cert-manager.yaml b/template/stacks/kargo/kargo/cert-manager.yaml
new file mode 100644
index 0000000..53cc976
--- /dev/null
+++ b/template/stacks/kargo/kargo/cert-manager.yaml
@@ -0,0 +1,28 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: cert-manager
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    server: "https://kubernetes.default.svc"
+    namespace: cert-manager
+  source:
+    chart: cert-manager
+    repoURL: https://charts.jetstack.io
+    targetRevision: 1.14.5
+    helm:
+      releaseName: cert-manager
+      valueFiles:
+        - values.yaml
+      values: |
+        installCRDs: true
+  project: default
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
diff --git a/template/stacks/kargo/kargo/kargo.yaml b/template/stacks/kargo/kargo/kargo.yaml
new file mode 100644
index 0000000..d712e0e
--- /dev/null
+++ b/template/stacks/kargo/kargo/kargo.yaml
@@ -0,0 +1,73 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: kargo
+---
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: kargo-helm
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    server: "https://kubernetes.default.svc"
+    namespace: kargo
+  source:
+    chart: kargo
+    repoURL: ghcr.io/akuity/kargo-charts
+    targetRevision: 1.0.3
+    helm:
+      parameters:
+      - name: api.ingress.tls.enabled
+        value: "false"
+      - name: api.tls.selfSignedCert
+        value: "true"
+      - name: api.secret.name
+        value: kargo-api
+  project: default
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: kargo-api
+  namespace: kargo
+  annotations:
+    # We need the ingress to pass through ssl traffic to the vCluster
+    # This only works for the nginx-ingress (enable via --enable-ssl-passthrough
+    # https://kubernetes.github.io/ingress-nginx/user-guide/tls/#ssl-passthrough )
+    # for other ingress controllers please check their respective documentation.
+    nginx.ingress.kubernetes.io/backend-protocol: HTTPS
+    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+spec:
+  ingressClassName: "nginx"
+  rules:
+    - host: kargo.cnoe.localtest.me
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: kargo-api
+                port:
+                  number: 443
+---
+apiVersion: v1
+data:
+  ADMIN_ACCOUNT_PASSWORD_HASH: JDJhJDEwJFpyaGhpZTR2THo1eWd0VlNhaWY2by5xTjM2amdzNnZqdE1CZE02eXJVMUZPZWlBQU1NeE9t
+  ADMIN_ACCOUNT_TOKEN_SIGNING_KEY: aXdpc2h0b3dhc2hteWlyaXNod3Jpc3R3YXRjaA==
+kind: Secret
+metadata:
+  labels:
+  name: kargo-api
+  namespace: kargo
+type: Opaque