Repository files navigation

This repository contains the k8s manifest for all the applications in the Code4ro platform.

The k8s cluster is usingArgoCD to automatically deploy manifests when a new change is detected.

The flow is as follow:

1. User adds a new tag in application git repository
2. CI kicks in in that repository and builds the new image
3. The image is pushed to docker hub with that specific tag
4. A new commit is made by the CI/user on this repo in which we change the image version in the manifest (wait for the GHA that pushes the image to DockerHub to end successfuly)
5. ArgoCD will detect the change in this repo and apply the manifests to the k8s cluster

ArgoCD projects:

• infra: knative, cert-manager, sealed-secrets and argocd.infra/argo-apps-infra.yaml is the root ArgoCD Application forinfra/argo-apps.infra/argo-apps store the ArgoCD Applications.
• default: all applications manifests../apps/argo-apps/apps.yaml is the root ArgoCD Application forapps.apps store the ArgoCD Applications.

Encrypt secrets and store them on git. Below is an example of how to create secrets with kubeseal.

# Create a yaml-encoded Secret somehow:# (note use of `--dry-run` - this is just a local file!)echo -n bar | kubectl create secret generic mysecret --dry-run=client --from-file=foo=/dev/stdin -o yaml >secret.yaml# This is the important bit:kubeseal --controller-namespace sealed-secrets --controller-name sealed-secrets --format yaml <secret.yaml >sealed-secret.yaml# At this point sealed-secret.yaml is safe to upload to Github# Test itkubectl get secret my-secret

For automatically regenerating certificates with Lets Encrypt using Route53 integration.

This project is built by amazing volunteers and you can be one of them! Here's a list of ways inwhich you can contribute to this project. If you want to make any change to this repository, pleasemake a fork first.

• Request a new feature on GitHub.
• Vote for popular feature requests.
• File a bug in GitHub Issues.
• Email us with other feedbackcontact@code4.ro

This project is licensed under the MPL 2.0 License - see theLICENSE file for details

Started in 2016, Code for Romania is a civic tech NGO, official member of the Code for All network. We have a community of around 2.000 volunteers (developers, ux/ui, communications, data scientists, graphic designers, devops, it security and more) who work pro-bono for developing digital solutions to solve social problems. #techforsocialgood. If you want to learn more details about our projectsvisit our site or if you want to talk to one of our staff members, please e-mail us atcontact@code4.ro.

Last, but not least, we rely on donations to ensure the infrastructure, logistics and management of our community that is widely spread across 11 timezones, coding for social change to make Romania and the world a better place. If you want to support us,you can do it here.