This repository hosts a Node.js/Typescript program which utilizes Pulumi and Automation API to set up a Kubernetes cluster on Oracle Cloud Infrastructure (OCI), set up nginx-ingress, cert-manager and ArgoCD in Kubernetes, create a DNS record and required rules in Cloudflare, as well as initialize up GitHub repositories with seed projects for multiple teams if required.
pulumi.ts
is the main file, importing functions from utils.ts
. In stacks/
folder there are four Pulumi programs
for each of the different providers (GitHub, OCI, Kubernetes, Cloudflare). Each of these can be managed conventionally
using pulumi
CLI. These programs all use differently named stacks, but default configuration is provided for one stack
in each.
Ensure you have accounts and API access to OCI, GitHub and Cloudflare. oci
CLI should be configured to access with
the appropriate user; this config will be automatically used. Cloudflare token with permissions to edit DNS records and
page rules should be set as a secret cloudflare:apiToken
in stacks/cloudflare/Pulumi.cf_dev.yaml
. GitHub token with
permissions to manage organizations (or at least the one which should be used) should be as a secret master:githubToken
in stacks/github/Pulumi.gh_dev.yaml
. Passphrase used for Pulumi password encryption should be written to
pulumi_passphrase
file in root directory of this project. org-chart.yaml
should be edited to reflect actual org
name, projects and GitHub usernames of developers to be added to the org.
After reviewing stacks' configuration, run pulumi.ts up dev
with your favourite command for TypeScript Node projects.
If you want to destroy all infrastructure, including GitHub repos and org memberships, run pulumi.ts destroyAll dev
;
if you want to keep GitHub repos and org memberships (but destroy everything else), run pulumi.ts destroy dev
.