Deploy the argocd-cr helm chart on Azure Managed Openshift Service

Question

Pulumi · Accepted Answer

To deploy the `argocd-cr` Helm chart on Azure Managed OpenShift Service using Pulumi, you can follow these high-level steps:

1. **Set up an Azure Managed OpenShift Service**: The first step is to create an instance of Azure Red Hat OpenShift (ARO), Microsoft's Kubernetes platform with Red Hat OpenShift's enterprise-grade container orchestration. You'll use the Pulumi `azure-native` package for this, specifically the `OpenShiftCluster` resource.

2. **Install the Helm Chart**: Once you have an OpenShift cluster running, you will use Pulumi's Helm chart support through the `Chart` resource in the `kubernetes` package to deploy the `argocd-cr` chart onto the cluster.

Here is a complete program illustrating these steps:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
import * as k8s from "@pulumi/kubernetes";

// Step 1: Create an Azure Managed OpenShift Cluster
const resourceGroupName = "myResourceGroup";
const clusterName = "myOpenShiftCluster";

const resourceGroup = new azure_native.resources.ResourceGroup(resourceGroupName, {
    resourceGroupName: resourceGroupName
});

const openShiftCluster = new azure_native.redhatopenshift.OpenShiftCluster(clusterName, {
    resourceGroupName: resourceGroupName,
    resourceName: clusterName,
    location: "eastus",
    clusterProfile: {
        resourceGroupId: pulumi.interpolate`/subscriptions/${azure_native.config.subscriptionId}/resourceGroups/${resourceGroupName}`,
        domain: "example",
        version: "4.6",
        pullSecret: "{}", // Fill in with your pull secret
    },
    masterProfile: {
        vmSize: "Standard_D8s_v3",
    },
    workerProfiles: [{
        name: "worker",
        count: 3,
        vmSize: "Standard_D2s_v3",
        diskSizeGB: 128,
    }],
    networkProfile: {
        podCidr: "10.128.0.0/14",
        serviceCidr: "172.30.0.0/16",
    },
    servicePrincipalProfile: {
        clientId: "myAppId", // Use the client ID of your service principal
        clientSecret: "myPassword" // Use the client secret of your service principal
    },
}, { dependsOn: resourceGroup });

// Step 2: Install `argocd-cr` using the Helm Chart
const k8sProvider = new k8s.Provider("k8sProvider", {
    // Kubernetes cluster details for the newly created OpenShift cluster
    // Typically obtained via `az aro list-credentials`, change the kubeconfig accordingly
    kubeconfig: "<Your OpenShift cluster kubeconfig here>",
});

const argoCDChart = new k8s.helm.v3.Chart("argocd-cr", {
    chart: "argo-cd",
    version: "3.2.3", // Use the version number of the chart you want to deploy
    fetchOpts:{
        repo: "https://argoproj.github.io/argo-helm",
    },
}, { provider: k8sProvider });

// Export the cluster's kubeconfig and public hostname
export const kubeconfig = pulumi.secret(openShiftCluster.kubeconfig);

// Pulumi program exports, typically including generated endpoints and file content
export const argoCDServerHost = argoCDChart.getResourceProperty("v1/Service", "argocd-server", "status");
```

**Explanation:**

- We start by importing the required Pulumi packages.
- The `azure_native.resources.ResourceGroup` resource will create a new Azure resource group in which all other resources will be contained.
- The `azure_native.redhatopenshift.OpenShiftCluster` resource will create a new Managed OpenShift cluster. Note: replace placeholder strings for the `resourceGroupId`, `clientId`, and `clientSecret` with actual values for your Azure subscription and Azure AD application.
- We then create a Pulumi Kubernetes provider `k8s.Provider` which allows Pulumi to perform operations on the Kubernetes cluster. The `kubeconfig` needs to be set with your OpenShift cluster's configuration.
- The `k8s.helm.v3.Chart` resource represents a Helm chart resource which will deploy the `argocd-cr` chart from the Helm repository provided.
- Finally, we export values that you might need to use outside of Pulumi like the cluster kubeconfig and the public endpoint of the Argo CD server.

Please replace placeholders with actual values before running the program with `pulumi up`. If you need further assistance with getting values like `kubeconfig`, `clientId`, and `clientSecret`, refer to Azure's documentation or use Azure CLI commands to obtain these values.

Remember to set up your Azure credentials with Pulumi and install any necessary CLI tools (such as Azure CLI, `kubectl`, and `helm`) before running Pulumi commands.