add gke test cluster and bootstrap-v2

common/bootstrap-v2/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+type: application
+name: bootstrap-v2
+description: A Helm chart bootstrapping the cluster
+version: 0.2.0
+appVersion: 1.0.0

common/bootstrap-v2/templates/argocd.yaml

@@ -0,0 +1,69 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: argocd
+spec:
+  project: infra
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: argocd
+  source:
+    repoURL: https://argoproj.github.io/argo-helm
+    chart: argo-cd
+    targetRevision: 7.7.16
+    helm:
+      values: |-
+        global:
+          domain: {{ .Values.argocd.domain }}
+        controller:
+          replicas: 1
+        redis-ha:
+          enabled: true
+        repoServer:
+          autoscaling:
+            enabled: true
+        server:
+          autoscaling:
+            enabled: true
+          ingress:
+            enabled: true
+            ingressClassName: traefik
+        configs:
+          params:
+            server.insecure: true
+          rbac:
+            scopes: "[email, groups]"
+            policy.default: role:readonly
+            policy.csv: |
+              g, planetarium:DevOps, role:admin
+          cm:
+            admin.enabled: true
+            statusbadge.enabled: true
+            dex.config: |-
+              connectors:
+              - type: github
+                id: github
+                name: GitHub
+                config:
+                  orgs:
+                  - name: planetarium
+                  clientID: "$github-ssh-client:dex.github.clientId"
+                  clientSecret: "$github-ssh-client:dex.github.clientSecret"
+        extraObjects:
+        - apiVersion: external-secrets.io/v1beta1
+          kind: ExternalSecret
+          metadata:
+            name: github-ssh-client
+          spec:
+            refreshInterval: 1m
+            secretStoreRef:
+              kind: SecretStore
+              name: argocd-secretsmanager
+            target:
+              name: github-ssh-client
+            dataFrom:
+            - extract:
+                key: {{ .Values.clusterName }}-argocd-github-ssh-client

common/bootstrap-v2/templates/external-secrets.yaml

@@ -0,0 +1,22 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: external-secrets
+spec:
+  project: infra
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: external-secrets
+  source:
+    repoURL: https://charts.external-secrets.io
+    chart: external-secrets
+    targetRevision: 0.12.1
+    helm:
+      values: |-
+        certController:
+          create: false
+        webhook:
+          create: false

common/bootstrap-v2/templates/traefik.yaml

@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: traefik
+spec:
+  project: infra
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: traefik
+  source:
+    repoURL: https://traefik.github.io/charts
+    chart: traefik
+    targetRevision: 34.1.0
+    helm:
+      values: |-
+        service:
+          annotations:
+            {{- with $.Values.global.service.annotations }}
+            {{- toYaml . | nindent 10 }}
+            {{- end }}

common/bootstrap-v2/values.yaml

@@ -0,0 +1 @@
+argocd:

gke-ninechronicles-internal/bootstrap.yaml

@@ -0,0 +1,28 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: bootstrap
+spec:
+  project: infra
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: argocd
+  source:
+    repoURL: https://github.com/planetarium/9c-infra
+    targetRevision: gke
+    path: common/bootstrap-v2
+    helm:
+      values: |
+        clusterName: ninechronicles-internal-test-1
+        provider: GCP
+
+        GCP:
+          projectID: devops-test-445104
+
+        global:
+          service:
+            annotations:
+              cloud.google.com/network-tier: Standard
+
+        argocd:
+          domain: argocd-internal-gke.planetarium.network