This repo contains resources that are deployed and managed by the application team in a gitops environment. These resources are deployed to the namespaces created by the tenant-gitops repo utilizing the ArgoCD instance created by that repo.
Prerequisites:
- Kubectl CLI
- Install Kubeseal CLI (https://github.com/bitnami-labs/sealed-secrets/releases/download)
- Bootstrapped Openshift Cluster (see https://github.com/rh-datascience-and-edge-practice/mlops-demo-getting-started)
- Create the Kubernetes Secret with your SSH Private Key and save as mlops-demo-application-gitops-github-ssh-key-secret.yaml:
kind: Secret
apiVersion: v1
metadata:
name: mlops-demo-application-gitops-github-ssh-key
namespace: mlops-demo-pipelines
annotations:
tekton.dev/git-0: github.com
data:
ssh-privatekey: >-
<ENCODED_PRIVATE_KEY>
type: kubernetes.io/ssh-auth
- Encrypt the Secret Using the Certificate from Step 1:
kubeseal --controller-namespace=sealed-secrets --format=yaml < mlops-demo-application-gitops-github-ssh-key-secret.yaml > mlops-demo-application-gitops-github-ssh-key-sealed-secret.yaml
- Apply the Sealed Secret to Your Cluster:
kubectl create -f mlops-demo-application-gitops-github-ssh-key-sealed-secret.yaml
- Verify Creation of the Secret:
kubectl get secret mlops-demo-application-gitops-github-ssh-key -o jsonpath="{.data.ssh-privatekey}" | base64 --decode
- The secret is now available in your namespace as specified in Step 2
Execute the bootstrap script to begin the installation process:
./scripts/bootstrap.shAdditional ArgoCD Application objects will be created and synced in OpenShift GitOps. You can follow the progress of the sync using the ArgoCD URL that the script will provide. This sync operation should complete in a few seconds.