Brice Burgess briceburg

What is ArgoCD?

ArgoCD does a great job managing application "deployment" configuration across multiple k8s clusters. It does an equally well job maintaining "core" or "baseline" configuration across the clusters (e.g. ingress class CRDs), including the intrinsic ability to manage itself.

It works by watching for configuration changes in registered git repositories and performing a "sync" whenever there is a difference in the manifests it has applied (aka "live") and the ones in git (aka "desired"). "Syncs" can be performed automatically, through the API, or manually -- and the configuration repositories are typically polled for changes every 3m.

GitOps

This concept of responding to and applying infrastructure configuration changes in response to a git repository's state is called "gitops".

Questions

should RAILS_ENV == DD_ENV
should DD_ENV == NAMESPACE_STAGE

how do we make these decisions?

current environment

lower level deployed heroku apps use 'staging' as RAILS_ENV.

	#!/usr/bin/env bash
	# dumps the current environment into .env file format (multiline values are quoted) while ignorning common variables.
	# additional ignore list can be provided as arguments.

	# common variables to ignore
	declare -a COMMON_IGNORE_LIST=(
	"_"
	"COLORTERM"
	"GEM_CACHE"
	"GEM_HOME"

	#!/usr/bin/env python3
	# @code-style: black
	import argparse, os, sys
	import atexit
	import psycopg2 # export LIBRARY_PATH=$LIBRARY_PATH:/opt/homebrew/opt/openssl/lib when doing pip install
	import difflib
	import random


	def die(errMsg):

	# add the bellow blocks to your shell startup files (~/.bashrc \|\| ~/.zshrc &c.)
	# you will now have awsp-<profile_name> tab completions for activating configured profiles.
	_aws-set-profile(){
	echo "activating aws profile: $1" >&2
	export AWS_PROFILE="$1"
	local sso_session="$(aws configure get sso_session 2>/dev/null)"
	if [[ -n "$sso_session" ]]; then
	local expires=$(aws configure export-credentials \| jq -r '.Expiration')
	if [[ -z "$expires" \|\| $(gdate --date "$expires" +'%s') -lt $(gdate --date "+2 hours" +'%s') ]]; then
	echo "refreshing sso session" >&2

	services:
	proxy:
	image: mitmproxy/mitmproxy:11.0
	tty: true
	ports:
	- "80:8080" # proxy
	- "8081:8081" # web ui
	command: mitmweb --mode reverse:http://backend:3000/ --web-host 0.0.0.0 --set keep_host_header --no-web-open-browser
	depends_on:
	- backend

	#!/usr/bin/env bash
	set -eo pipefail
	project_root="$(cd "$(dirname "$0")/.." ; pwd -P)"

	default_env="prod"
	default_src="Dockerfile"
	default_tag="build:latest"

	(
	echo "Build Dir: ${BUILD_DIR:=$project_root}" >&2

	FROM haproxy:2.7-alpine

	COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg

	ARG SOURCE_COMMIT=""
	ENV DD_SERVICE="haproxy" DD_ENV="local" DD_VERSION="$SOURCE_COMMIT"

	resource "aws_ecr_repository" "repo" {
	name = "foo"
	}

	data "aws_ecr_authorization_token" "repo" {}


	#
	# providers.tf
	#

	#!/usr/bin/env python3
	import sys
	import functools
	for line in map(str.rstrip, sys.stdin):
	repls = ('prod', 'production'), ('sdlc', 'staging'), ('sandbox', 'development')
	print("terraform state mv %s %s" % (line, functools.reduce(lambda a, kv: a.replace(*kv), repls, line)))