Coder Social home page Coder Social logo

danmanners / aws-argo-cluster-template Goto Github PK

View Code? Open in Web Editor NEW
14.0 14.0 1.0 115 KB

A community opinionated template for deploying Kubernetes clusters on-prem and in AWS using Pulumi, SOPS, Sealed Secrets, GitHub Actions, Renovate, Cilium and more!

License: MIT License

TypeScript 57.81% Dockerfile 4.39% Shell 37.79%

aws-argo-cluster-template's Introduction

Hello, I'm Dan πŸ‘‹

Website

Dan's GitHub Stats

What am I doing?

  • πŸŒ‰ Designing and building infrastructure and services @ Cisco
  • πŸ” Ensuring security on systems in zero-trust environments
  • 🎬 Scaling GitHub Actions for the Enterprise
  • πŸŽ‰ Making K8s easier for everyone deploying or managing it
  • πŸ“¦ Containerizing ALL OF THE THINGS
  • β˜• Drinking all of the coffee

Connect with me!



Website πŸ•ΈοΈ

Want your own personalized Github Readme? codeSTACKr has an excellent YouTube video tutorial here which will help get you started!

aws-argo-cluster-template's People

Contributors

danmanners avatar jjgadgets avatar renovate[bot] avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar

Forkers

jjgadgets

aws-argo-cluster-template's Issues

OPTION | Bastion Instantiation

In the event of disaster recovery or wanting to have direct kubectl access without the Tailscale Operator, a bastion may be desired.

We want the ability to toggle a boolean and get your bastion and all relevant resources provisioned by the pulumi stack.

Installation order of operations - Docs & Installation

We need docs and a shell script which will walk a user through the full provisioning of their required resources.

Fundamentally, the order of operations should be:

  1. Install the required tooling on your local system
  2. Walk user through setting up AWS SSO
  3. Configure local AWS SSO credentials
  4. Create the state bucket for Pulumi (awscli)
  5. Pulumi "Identity Access and Trust" Stack - Configure SSO for your GitHub Actions for ECR Auth
  6. GitHub Action for Building & Pushing the cluster instantiation and bootstrapping container
  7. Pulumi Cloud Resource Stack - Provision AWS resources and kick off the AWS Lambda, utilizing the ECR container

AWS Authentication

Need to ensure that credential configuration is as secure as possible. Currently, docs reference static credentials. Instead, utilizing the AWS CLI SSO Login flow should be the approach documented and recommended.

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

  • chore(deps): update docker/setup-buildx-action action to v3.1.0
  • chore(deps): update helm release ingress-nginx to v4.10.0
  • πŸ” Create all rate-limited PRs at once πŸ”

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

dockerfile
containers/Dockerfile
  • docker/dockerfile 1.6.0
  • docker.io/library/alpine 3.19
  • docker.io/library/alpine 3.19
github-actions
.github/workflows/build-container.yaml
  • aws-actions/configure-aws-credentials v4
  • actions/checkout v4.1.1
  • docker/setup-buildx-action v3.0.0
  • aws-actions/amazon-ecr-login v2.0.1
  • docker/login-action v3
  • docker/build-push-action v5
npm
infrastructure/pulumi/package.json
  • @pulumi/aws ^5.0.0
  • @pulumi/awsx ^1.0.0
  • @pulumi/pulumi ^3.0.0
  • eta ^1.12.3
  • @types/node ^14
regex
kubernetes/core/sealed-secrets/kustomization.yaml
kubernetes/core/argocd/env.sh
  • argo-cd 6.2.1
kubernetes/core/cert-manager/env.sh
  • cert-manager 1.13.3
kubernetes/core/cilium/env.sh
  • cilium 1.15.1
kubernetes/core/coredns/env.sh
  • coredns 1.28.2
kubernetes/core/ebs-csi-driver/env.sh
  • cert-manager 1.13.3
kubernetes/core/external-dns/env.sh
  • external-dns 1.13.3
kubernetes/core/ingress-nginx/env.sh
  • ingress-nginx 4.9.1
kubernetes/core/sealed-secrets/env.sh
  • sealed-secrets 2.14.1
kubernetes/services/efs-csi-driver/env.sh
  • cert-manager 1.13.3
  • Check this box to trigger a request for Renovate to run again on this repository

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.