Deploy ArgoCD to the remote clusters (#30)

gitops/clusters/crossplane/base/cluster/aks-composite-resource-definition.yaml

@@ -336,7 +336,7 @@ spec:
                 properties:
                   tags:
                     type: object
-                    description: specifies the tags for the virtual network
+                    description: specifies the tags for the virtual network                  
             required:
               - location
     served: true

gitops/clusters/crossplane/base/cluster/aks-composition.yaml

@@ -271,6 +271,54 @@ spec:
         - type: FromCompositeFieldPath
           fromFieldPath: spec.resourceGroup.tags
           toFieldPath: spec.forProvider.tags
+    - name: helm-provider-config
+      base:
+        apiVersion: helm.crossplane.io/v1beta1
+        kind: ProviderConfig
+        spec:
+          credentials:
+            source: Secret
+            secretRef:
+              name: cluster-config
+              namespace: crossplane-system
+              key: attribute.kube_admin_config_raw
+      patches:
+        - type: FromCompositeFieldPath
+          fromFieldPath: metadata.name
+          toFieldPath: metadata.name
+        - type: FromCompositeFieldPath
+          fromFieldPath: metadata.namespace
+          toFieldPath: metadata.namespace         
+        - type: FromCompositeFieldPath
+          fromFieldPath: "metadata.uid"
+          toFieldPath: spec.credentials.secretRef.name
+          transforms:
+            - type: string
+              string:
+                fmt: "%s-secret"          
+        - type: FromCompositeFieldPath
+          fromFieldPath: metadata.namespace
+          toFieldPath: spec.credentials.secretRef.namespace
+    - name: argocd-helm-release
+      base:
+        apiVersion: helm.crossplane.io/v1beta1
+        kind: Release
+        metadata:
+          annotations: 
+            crossplane.io/external-name: argocd     
+        spec:
+          forProvider:
+            chart:
+              name: argo-cd
+              repository: https://argoproj.github.io/argo-helm
+              version:  6.7.2
+            namespace: argocd   
+          providerConfigRef:
+            name: helm-provider	
+      patches:
+        - type: FromCompositeFieldPath
+          fromFieldPath: metadata.name
+          toFieldPath: spec.providerConfigRef.name                 
   compositeTypeRef:
     apiVersion: kubernetes.example.com/v1alpha1
     kind: XAksCluster

gitops/clusters/crossplane/clusters/my-app-cluster/base/cluster-claim.yaml

@@ -11,7 +11,7 @@ spec:
   aks:
     defaultNodePool:
       name: system
-      vmSize: Standard_B2s
+      vmSize: Standard_DS3_v2
       enableAutoScaling: true
       nodeCount: 1
       minCount: 1
@@ -21,7 +21,7 @@ spec:
         mode: system
       onlyCriticalAddonsEnabled: false
       osDiskSizeGb: 128
-      osDiskType: Ephemeral
+      osDiskType: Managed
     kubernetesVersion: "1.28.3"
     roleBasedAccessControlEnabled: true
     oidcIssuerEnabled: true
@@ -56,7 +56,7 @@ spec:
     nodeLabels:
       mode: user
     osDiskSizeGb: 128
-    osDiskType: Ephemeral
+    osDiskType: Managed
     osSku: AzureLinux
     osType: Linux
   subnet:
@@ -70,4 +70,4 @@ spec:
       - 10.0.0.0/8
     tags:
       environment: Test
-      provisionedBy: Crossplane
+      provisionedBy: Crossplane   

gitops/clusters/crossplane/clusters/my-app-cluster/dev/cluster-claim.yaml

@@ -6,12 +6,12 @@ metadata:
   annotations:
     crossplane.io/external-name: my-app-cluster-dev  
 spec:
+  writeConnectionSecretToRef:
+    name: my-app-cluster-dev-secret
   location: "North Europe"
   aks:
     tags:
       environment: dev
   virtualNetwork:
     tags:
-      environment: dev    
-  writeConnectionSecretToRef:
-    name: my-app-cluster-dev-secret
+      environment: dev   

gitops/clusters/crossplane/clusters/my-app-cluster/stage/cluster-claim.yaml

@@ -6,12 +6,13 @@ metadata:
   annotations:
     crossplane.io/external-name: my-app-cluster-stage  
 spec:
+  writeConnectionSecretToRef:
+    name: my-app-cluster-stage-secret    
   location: "EastUs"
   aks:
     tags:
       environment: stage
   virtualNetwork:
     tags:
-      environment: stage
-  writeConnectionSecretToRef:
-    name: my-app-cluster-stage-secret      
+      environment: stage     
+

gitops/environments/default/addons/crossplane-azure-upbound/values.yaml

@@ -0,0 +1,9 @@
+provider:
+  enabled: true
+  metadata:
+    annotations: {}
+    labels:
+      app.kubernetes.io/managed-by: Helm
+  package:
+    registry: xpkg.upbound.io/upbound
+    version: v0.42.1

terraform/main.tf

@@ -13,9 +13,8 @@ locals {
   argocd_namespace = "argocd"
 
   azure_addons = {
-    enable_azure_crossplane_provider         = var.infrastructure_provider == "crossplane" ? true : false
-    enable_azure_crossplane_upbound_provider = var.infrastructure_provider == "crossplane" ? true : false
-    enable_cluster_api_operator              = try(var.addons.enable_cluster_api_operator, false)
+    enable_azure_crossplane_upbound_provider = var.infrastructure_provider == "crossplane" && var.addons.enable_azure_crossplane_upbound_provider ? true : false
+    enable_cluster_api_operator              = var.infrastructure_provider == "capz" && var.addons.enable_cluster_api_operator ? true : false
   }
 
   oss_addons = {
@@ -24,7 +23,7 @@ locals {
     enable_argo_events                     = try(var.addons.enable_argo_events, false)
     enable_argo_workflows                  = try(var.addons.enable_argo_workflows, false)
     enable_cluster_proportional_autoscaler = try(var.addons.enable_cluster_proportional_autoscaler, false)
-    enable_cert_manager                    = try(var.addons.enable_cert_manager, false)
+    enable_cert_manager                    = var.infrastructure_provider == "capz" && var.addons.enable_cert_manager ? true : false
     enable_gatekeeper                      = try(var.addons.enable_gatekeeper, false)
     enable_gpu_operator                    = try(var.addons.enable_gpu_operator, false)
     enable_ingress_nginx                   = try(var.addons.enable_ingress_nginx, false)
@@ -34,7 +33,9 @@ locals {
     enable_prometheus_adapter              = try(var.addons.enable_prometheus_adapter, false)
     enable_secrets_store_csi_driver        = try(var.addons.enable_secrets_store_csi_driver, false)
     enable_vpa                             = try(var.addons.enable_vpa, false)
-    enable_crossplane                      = var.infrastructure_provider == "crossplane" ? true : false
+    enable_crossplane                      = var.infrastructure_provider == "crossplane" && var.addons.enable_crossplane ? true : false
+    enable_crossplane_helm_provider        = var.infrastructure_provider == "crossplane" && var.addons.enable_crossplane_helm_provider ? true : false
+    enable_crossplane_kubernetes_provider  = var.infrastructure_provider == "crossplane" && var.addons.enable_crossplane_kubernetes_provider? true : false
   }
   addons = merge(local.azure_addons, local.oss_addons)
 

terraform/variables.tf

@@ -37,6 +37,8 @@ variable "addons" {
     enable_crossplane                        = true # installs crossplane core
     enable_azure_crossplane_upbound_provider = true # installs azure upbound provider
     enable_cluster_api_operator              = true # installs azure api operator
+    enable_crossplane_helm_provider          = true # installs crossplane helm provider
+    enable_crossplane_kubernetes_provider    = true # installs crossplane kubernetes provider
   }
 }