support argocd application generation via course file (#596)

* generate and write argocd application manifests

* whoops :)

* avoid accidental double-loop

* reuse writeYAML()

* commented imports from argocd directly

* add gitops to releases

* merge+override release gitops over global gitops

* remove obsolete comment

* use yaml paths in warnings

* add some basic documentation for gitops

* go mod tidy

* clarify commented imports w/ future instructions

* move gitops/argocd stuff to TemplateRelease()

* lowercase argo app names too

* put warnings behind verbosity 3

* skip when app.metadata.name is missing

* create both outputdir and appsoutputdir if missing

* skip argocd app gen when --output-dir is not given

* remove obsolete comment

* clarify --output-dir and gitops interaction in doc

* remove another obsolete comment

* pass --output-dir value through reckoner.Client

Co-authored-by: Andrew Suderman <[email protected]>

Author: intrand

cmd/root.go

@@ -162,14 +162,15 @@ var templateCmd = &cobra.Command{
 			CreateNamespaces: false,
 			ContinueOnError:  continueOnError,
 			Releases:         onlyRun,
+			OutputDirectory:  templateOutputDir,
 		}
 
 		err := client.Init(courseFile, false)
 		if err != nil {
 			color.Red(err.Error())
 			os.Exit(1)
 		}
-		tmpl, err := client.TemplateAll(templateOutputDir)
+		tmpl, err := client.TemplateAll()
 		if err != nil {
 			color.Red(err.Error())
 			os.Exit(1)

docs/usage.md

@@ -36,6 +36,10 @@ We'll be breaking this documentation down into sections to make reference easier
 - `secrets` _(list of objects)_
     A list of objects that define where and how to get secrets from your secret backend
     Required keys are `name` and `backend`.
+- `gitops` _(object)_
+    A key of `argocd` is supported, which should contain an ArgoCD Application custom resource. When used at this top level,
+    all releases will have an Application custom resource generated with inherited values. If you wish to override something
+    in a particular release, repeat this same structure within the release item.
 
 Example:
 ```yaml
@@ -95,6 +99,8 @@ The `charts` block in your course define all the charts you'd like to install an
     Translates into a direct YAML values file for use with `-f <tmpfile>` for the helm install command line arguments
 - `plugins` _(string)_
     Prepend your helm commands with this `plugins` string (see [PR 99](https://github.com/FairwindsOps/reckoner/pull/99))
+- `gitops` _(object)_
+    Same as top level `gitops` field, but overrides the top-level, if it exists, on a per-release basis.
 
 ```yaml
 ...
@@ -263,6 +269,52 @@ secrets:
       - "changemeagain"
 ```
 
+## Gitops
+
+Specifying the appropriate values within the `gitops` field will cause `reckoner` to generate the corresponding custom resources for popular GitOps agents. As of the writing, only ArgoCD is supported, although we may include support for other GitOps agents in the future.
+
+Assuming you have the following YAML in the top level of your course file, you should see some basic ArgoCD Application custom resources being generated:
+```yaml
+gitops:
+  argocd:
+    spec:
+      source:
+        repoURL: https://gitlab.company.tld/organization/repository.git
+```
+
+> Must be used with `reckoner template --output-dir <some_dir>` to produce any files.
+
+For each release, the gitops.argocd.spec.destination namespace value will be read from the course file top-level namespace field, or from the release namespace field, if defined. See Namespace Management section for further details.
+
+Another example which uses far more features of the ArgoCD agent is shown below. If you find a particular feature is missing, please open an issue with the project so we may discuss it.
+
+Example:
+```yaml
+gitops:
+  argocd:
+    kind: Application
+    apiVersion: argoproj.io/v1alpha1
+    metadata:
+      namespace: argocd
+      annotations: {}
+    spec:
+      destination:
+        server: https://kubernetes.default.svc
+      project: default
+      source:
+        repoURL: https://github.com/someuser/clustername.git
+        directory:
+          recurse: true
+      syncPolicy:
+        automated:
+          prune: true
+        syncOptions:
+          - CreateNamespace=true
+          - PruneLast=true
+```
+
+> Must be used with `reckoner template --output-dir <some_dir>` to produce any files.
+
 ## CLI Usage
 
 ```text

go.mod

@@ -9,6 +9,7 @@ require (
 	github.com/fatih/color v1.13.0
 	github.com/go-git/go-git/v5 v5.4.2
 	github.com/gookit/color v1.5.1
+	github.com/imdario/mergo v0.3.12
 	github.com/mattn/go-colorable v0.1.12
 	github.com/rhysd/go-github-selfupdate v1.2.3
 	github.com/sergi/go-diff v1.1.0
@@ -54,7 +55,6 @@ require (
 	github.com/google/go-github/v30 v30.1.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.1.0 // indirect
-	github.com/imdario/mergo v0.3.12 // indirect
 	github.com/inconshreveable/go-update v0.0.0-20160112193335-8152e7eb6ccf // indirect
 	github.com/inconshreveable/mousetrap v1.0.0 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect

pkg/course/argocd.go

@@ -0,0 +1,58 @@
+package course
+
+// We may use these imports to track ArgoCD Applications exactly. However,
+// this also pulls in kubernetes api packages, which makes reckoner rely
+// on particular versions of kubernetes. At the time of writing, no such
+// relationship exists. Once we've firmly chosen a path, this comment
+// should be removed, and potentially this entire file.
+// import (
+// 	argoAppv1alpha1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
+// 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+// )
+
+type ArgoApplicationSpecSyncPolicyAutomated struct {
+	Prune bool `yaml:"prune,omitempty"`
+}
+
+type ArgoApplicationSpecSyncPolicy struct {
+	Automated ArgoApplicationSpecSyncPolicyAutomated `yaml:"automated,omitempty"`
+	Options   []string                               `yaml:"syncOptions,omitempty"`
+}
+
+type ArgoApplicationSpecSourceDirectory struct {
+	Recurse bool `yaml:"recurse,omitempty"`
+}
+
+type ArgoApplicationSpecSource struct {
+	Directory ArgoApplicationSpecSourceDirectory `yaml:"directory,omitempty"`
+	Path      string                             `yaml:"path"`
+	RepoURL   string                             `yaml:"repoURL"`
+}
+
+type ArgoApplicationSpecDestination struct {
+	Server    string `yaml:"server,omitempty"`
+	Namespace string `yaml:"namespace,omitempty"`
+}
+
+type ArgoApplicationSpec struct {
+	Source      ArgoApplicationSpecSource      `yaml:"source"`
+	Destination ArgoApplicationSpecDestination `yaml:"destination"`
+	Project     string                         `yaml:"project"`
+	SyncPolicy  ArgoApplicationSpecSyncPolicy  `yaml:"syncPolicy,omitempty"`
+}
+
+// ArgoApplicationMetadata contains the k8s metadata for the gitops agent CustomResource.
+// This is the resource/manifest/config the agent will read in, not the resources deployed by the agent.
+type ArgoApplicationMetadata struct {
+	Name        string            `yaml:"name"`
+	Namespace   string            `yaml:"namespace,omitempty"`
+	Annotations map[string]string `yaml:"annotations,omitempty"`
+	Labels      map[string]string `yaml:"labels,omitempty"`
+}
+
+type ArgoApplication struct {
+	Kind       string                  `yaml:"kind"`
+	APIVersion string                  `yaml:"apiVersion"`
+	Metadata   ArgoApplicationMetadata `yaml:"metadata"`
+	Spec       ArgoApplicationSpec     `yaml:"spec"`
+}

pkg/course/course.go

@@ -68,6 +68,15 @@ type FileV2 struct {
 	Releases []*Release `yaml:"releases,omitempty" json:"releases,omitempty"`
 	// HelmArgs is a list of arguments to pass to helm commands
 	HelmArgs []string `yaml:"helm_args,omitempty" json:"helm_args,omitempty"`
+	GitOps   GitOps   `yaml:"gitops,omitempty" json:"gitops,omitempty"`
+}
+
+// GitOps is a field on the root of the course.yaml file which instructs reckoner to
+// generate CustomResources appropriate to the configured flavor of gitops agent.
+// For instance, if gitops.argocd is present and complete, ArgoCD Application resources
+// will be generated for each release in the course file with the corresponding values.
+type GitOps struct {
+	ArgoCD ArgoApplication `yaml:"argocd" json:"argocd"`
 }
 
 type NamespaceMgmt struct {
@@ -145,6 +154,7 @@ type Release struct {
 	// Values contains any values that you wish to pass to the release. Everything
 	// underneath this key will placed in a temporary yaml file and passed to helm as a values file.
 	Values map[string]interface{} `yaml:"values,omitempty" json:"values,omitempty"`
+	GitOps GitOps                 `yaml:"gitops,omitempty" json:"gitops,omitempty"`
 }
 
 // ReleaseV1 represents a helm release and all of its configuration from v1 schema

pkg/course/coursev2.schema.json

@@ -37,10 +37,13 @@
                     "type": "array"
                 },
                 "pre_install": {
-                "type": "array"
+                    "type": "array"
                 }
             }
         },
+        "gitops": {
+            "type": "object"
+        },
         "release": {
             "type": "array",
             "additionalProperties": {
@@ -159,6 +162,9 @@
         "hooks": {
             "$ref": "#/definitions/hooks"
         },
+        "gitops": {
+            "$ref": "#/definitions/gitops"
+        },
         "minimum_versions": {
             "type": "object",
             "additionalProperties": false,
@@ -195,23 +201,22 @@
                 "type": "object",
                 "additionalProperties": true,
                 "properties": {
-                    "backend":{
+                    "backend": {
                         "type": "string"
                     },
                     "name": {
                         "type": "string"
                     }
                 },
                 "required": [
-                   "backend",
-                   "name"
+                    "backend",
+                    "name"
                 ]
             }
-
         }
     },
     "required": [
         "namespace",
         "releases"
     ]
-}
+}

pkg/reckoner/argocd.go

@@ -0,0 +1,120 @@
+package reckoner
+
+import (
+	"bytes"
+	"errors"
+	"os"
+	"strings"
+
+	"github.com/fairwindsops/reckoner/pkg/course"
+	"github.com/fatih/color"
+	"github.com/imdario/mergo"
+	"gopkg.in/yaml.v3"
+	"k8s.io/klog/v2"
+)
+
+func generateArgoApplication(release course.Release, courseFile course.FileV2) (app course.ArgoApplication, err error) {
+	app = courseFile.GitOps.ArgoCD // use global config at root of course file
+
+	// if release.GitOps.ArgoCD.<whatever> exists, override the app.<whatever> with that one, recursively.
+	err = mergo.Merge(&app, release.GitOps.ArgoCD, mergo.WithOverride)
+	if err != nil {
+		return app, err
+	}
+
+	// default to a kind of Application if it was omitted in the course file
+	if app.Kind == "" {
+		app.Kind = "Application"
+	}
+
+	// default to an API version of v1alpha1 if it was omitted in the course file
+	if app.APIVersion == "" {
+		app.APIVersion = "argoproj.io/v1alpha1"
+	}
+
+	// unless they overrode it in the course file, assume the name of the argocd app is the same as the helm release
+	// app:release should be a 1:1
+	if app.Metadata.Name == "" {
+		app.Metadata.Name = release.Name
+	}
+
+	// Application.Metadata.Namespace is where the ArgoCD Application resource will go (not the helm release)
+	if app.Metadata.Namespace == "" {
+		klog.V(3).Infoln("No namespace declared in course file. Your ArgoCD Application manifests will likely get applied to the agent's default context.")
+	}
+
+	// default source path to release name
+	if app.Spec.Source.Path == "" {
+		klog.V(3).Infoln("No .gitops.argocd.spec.source.path declared in course file for " + release.Name + ". The path has been set to its name.")
+		app.Spec.Source.Path = release.Name
+	}
+
+	// don't support ArgoCD Application spec.destination.namespace at all
+	if app.Spec.Destination.Namespace != "" {
+		klog.V(3).Infoln("Refusing to respect the .gitops.argocd.spec.destination.namespace value declared in course file for " + release.Name + ". Using the release namespace instead, if it exists. If none is specified, the default at the root of the course YAML file will be used. Remove the namespace from the ArgoCD destination to stop seeing this warning.")
+	}
+
+	// Application.Spec.Destination.Namespace is where the helm releases will be applied
+	if release.Namespace != "" { // there's a specific namespace for this release
+		app.Spec.Destination.Namespace = release.Namespace // specify it as the destination namespace
+	} else { // nothing was specified in the release
+		app.Spec.Destination.Namespace = courseFile.DefaultNamespace // use the default namespace at the root of the course file
+	}
+
+	if app.Spec.Destination.Server == "" {
+		klog.V(3).Infoln("No .gitops.argocd.spec.destination.server declared in course file for " + release.Name + ". Assuming you want the kubernetes service in the default namespace. Specify to make this warning go away.")
+		app.Spec.Destination.Server = "https://kubernetes.default.svc"
+	}
+
+	if app.Spec.Project == "" {
+		klog.V(3).Infoln("No .gitops.argocd.spec.project declared in course file for " + release.Name + ". We'll set it to a sensible default value of 'default'. Specify to make this warning go away.")
+		app.Spec.Project = "default"
+	}
+
+	return app, err
+}
+
+func (c *Client) WriteArgoApplications(outputDir string) (err error) {
+	appsOutputDir := outputDir + "/argocd-apps"
+	for _, dir := range []string{outputDir, appsOutputDir} {
+		if _, err := os.Stat(dir); errors.Is(err, os.ErrNotExist) {
+			err := os.Mkdir(dir, os.ModePerm)
+			if err != nil {
+				return err
+			}
+		}
+	}
+
+	for _, release := range c.CourseFile.Releases {
+		// generate an argocd application resource
+		app, err := generateArgoApplication(*release, c.CourseFile)
+		if err != nil {
+			return err
+		}
+
+		if app.Metadata.Name == "" {
+			color.Yellow("No metadata found for release " + release.Name + ". Skipping ArgoCD Applicationgeneration...")
+			continue
+		}
+
+		// generate name of app file
+		appOutputFile := appsOutputDir + "/" + strings.ToLower(app.Metadata.Name) + ".yaml"
+
+		// prepare to write stuff (pretty)
+		var b bytes.Buffer                 // used for encoding & return
+		yamlEncoder := yaml.NewEncoder(&b) // create an encoder to handle custom configuration
+		yamlEncoder.SetIndent(2)           // people expect two-space indents instead of the default four
+		err = yamlEncoder.Encode(&app)     // encode proper YAML into slice of bytes
+		if err != nil {                    // check for errors
+			return err // bubble up
+		}
+
+		// write stuff
+		err = writeYAML(b.Bytes(), appOutputFile)
+		if err != nil { // check for errors
+			return err // bubble up
+		}
+	}
+
+	return err
+}

pkg/reckoner/client.go

@@ -63,6 +63,8 @@ type Client struct {
 	HelmArgs []string
 	// Schema is a byte slice representation of the coursev2 json schema
 	Schema []byte
+	// OutputDirectory is the directory which will contain each YAML manifest in a separate file
+	OutputDirectory string
 }
 
 var once sync.Once