Giters

Jojoooo1 / kustomization-gce-iap

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Deploy GCE Ingress with IAP

This repo provide a default structure to create a GCE Ingress with IAP directly from your ArgoCD Application.

You will need to use an envsubst plugin like:

apiVersion: argoproj.io/v1alpha1
kind: Application
[...]
spec:
    source:
        plugin:
        name: envsubst
        env:
            - name: ARGOCD_ENV_INGRESS_IP_NAME
              value: "my-load-balancer-ip"

            - name: ARGOCD_ENV_INGRESS_NAME
              value: "my-ingress-name"

            - name: ARGOCD_ENV_INGRESS_NAMESPACE
              value: "my-ingress-namespace"

            - name: ARGOCD_ENV_INGRESS_DNS
              value: "my-dns.my-company.com"

            - name: ARGOCD_ENV_SERVICE_NAME
              value: "my-service"

And annotate your service with:

metadata:
    annotations:
        cloud.google.com/neg: '{"ingress": true}'
        cloud.google.com/backend-config: '{"default": "backend-config-my-ingress-name"}'

You also need to have ExternalSecret operator installed and a ExternalSecret named oauth-internal-creds-secrets containing your iap creds.

About