GitOps

Introduction

In Devtron, you can either use Helm or GitOps (Argo CD) to deploy your applications and charts. GitOps is a branch of DevOps that focuses on using Git repositories to manage infrastructure and application code deployments.

If you use the GitOps approach, Devtron will store Kubernetes configuration files and the desired state of your applications in Git repositories.


Steps to Configure GitOps

Who Can Perform This Action?

Users need to have super-admin permission to configure GitOps.

  1. Go to Global ConfigurationsGitOps

    Figure 1: Global Configuration - GitOps
  2. Select any one of the supported Git providers to configure GitOps.

    Figure 2: Selecting a Provider

The Git provider you select for configuring GitOps might impact the following sections:

  1. Fill all the mandatory fields. Refer supported Git providers to know more about the respective fields.

    Figure 3: Entering Git Credentials
  2. In the Directory Management in Git section, you get the following options:

    • Use default git repository structure:

      This option lets Devtron automatically create a GitOps repository within your organization. The repository name will match your application name, and it cannot be changed. Since Devtron needs admin access to create the repository, ensure the Git credentials you provided in Step 3 have administrator rights.

    • Allow changing git repository for application:

      Select this option if you wish to use your own GitOps repo. This is ideal if there are any confidentiality/security concerns that prevent you from giving us admin access. Therefore, the onus is on you to create a GitOps repo with your Git provider, and then add it to the specific application on Devtron. Make sure the Git credentials you provided in Step 3 have at least read/write access. Choosing this option will unlock a GitOps Configuration page under the App Configuration tab.

    Figure 4: Need for User-defined Git Repo
  3. Click Save/Update. A green tick will appear on the active Git provider.

Feature Flag

Alternatively, you may use the feature flag FEATURE_USER_DEFINED_GITOPS_REPO_ENABLE to enable or disable custom GitOps repo.

For disabling - FEATURE_USER_DEFINED_GITOPS_REPO_ENABLE: "false" For enabling - FEATURE_USER_DEFINED_GITOPS_REPO_ENABLE: "true"

How to Use Feature Flag

Using Feature Flag
  1. Select the cluster where Devtron is running, i.e., default_cluster.

  2. Go to the Config & Storage dropdown on the left.

  3. Click ConfigMap.

  4. Use the namespace filter (located on the right-hand side) to select devtroncd namespace. Therefore, it will show only the ConfigMaps related to Devtron, and filter out the rest.

  5. Find the ConfigMap meant for the dashboard of your Devtron instance, i.e., dashboard-cm (with an optional suffix).

  6. Click Edit Live Manifest.

  7. Add the feature flag (with the intended boolean value) within the data dictionary

  8. Click Apply Changes.


Supported Git Providers

Below are the Git providers supported in Devtron for storing configuration files.

GitHub

Prerequisite

  1. A GitHub account

  2. A GitHub organization. If you don't have one, refer Creating Organization in GitHub.

Fill the following mandatory fields:

FieldDescription

Git Host

Shows the URL of GitHub, e.g., https://github.com/

GitHub Organisation Name

Enter the GitHub organization name. If you do not have one, refer how to create organization in Github.

GitHub Username

Provide the username of your GitHub account

Personal Access Token

Provide your personal access token (PAT). It is used as an alternate password to authenticate your GitHub account. If you do not have one, create a GitHub PAT here.

GitLab

Prerequisite

  1. A GitLab account

  2. A GitLab group. If you don't have one, refer Creating Group in GitLab.

Fill the following mandatory fields:

FieldDescription

Git Host

Shows the URL of GitLab, e.g., https://gitlab.com/

GitLab Group ID

Enter the GitLab group ID. If you do not have one, refer GitLab Group ID.

GitLab Username

Provide the username of your GitLab account

Personal Access Token

Provide your personal access token (PAT). It is used as an alternate password to authenticate your GitLab account. If you do not have one, create a GitLab PAT here.

Azure

Prerequisite

  1. An organization on Azure DevOps. If you don't have one, refer this link.

  2. A project in your Azure DevOps organization. Refer Creating Project in Azure.

Fill the following mandatory fields:

FieldDescription

Azure DevOps Organisation Url*

Enter the Org URL of Azure DevOps. Format should be https://dev.azure.com/<org-name>, where <org-name> represents the organization name, e.g., https://dev.azure.com/devtron-test

Azure DevOps Project Name

Enter the Azure DevOps project name. If you do not have one, refer Azure DevOps Project Name.

Azure DevOps Username*

Provide the username of your Azure DevOps account

Azure DevOps Access Token*

Provide your Azure DevOps access token. It is used as an alternate password to authenticate your Azure DevOps account. If you do not have one, create a Azure DevOps access token here.

Bitbucket

Here, you get 2 options:

  • Bitbucket Cloud - Select this if you wish to store GitOps configuration in a web-based Git repository hosting service offered by Bitbucket.

  • Bitbucket Data Center - Select this if you wish to store GitOps configuration in a git repository hosted on a self-managed Bitbucket Data Center (on-prem).

Bitbucket Cloud

Prerequisite

  1. A Bitbucket account

  2. A workspace in your Bitbucket account. Refer Creating Workspace in Bitbucket.

Figure 5: Entering Details of Bitbucket Cloud

Fill the following mandatory fields:

FieldDescription

Bitbucket Host

Shows the URL of Bitbucket Cloud, e.g., https://bitbucket.org/

Bitbucket Workspace ID

Enter the Bitbucket workspace ID. If you do not have one, refer Bitbucket Workspace Id

Bitbucket Project Key

Enter the Bitbucket project key. If you do not have one, refer Bitbucket Project Key. Note: If the project is not provided, the repository is automatically assigned to the oldest project in the workspace.

Bitbucket Username*

Provide the username of your Bitbucket account

Personal Access Token

Provide your personal access token (PAT). It is used as an alternate password to authenticate your Bitbucket Cloud account. If you do not have one, create a Bitbucket Cloud PAT here.

Bitbucket Data Center

Prerequisite

A Bitbucket Data Center account

Fill the following mandatory fields:

FieldDescription

Bitbucket Host

Enter the URL address of your Bitbucket Data Center, e.g., https://bitbucket.mycompany.com

Bitbucket Project Key

Enter the Bitbucket project key. Refer Bitbucket Project Key.

Bitbucket Username*

Provide the username of your Bitbucket Data Center account

Password

Provide the password to authenticate your Bitbucket Data Center account


Miscellaneous

Creating Organization in GitHub

We do NOT recommend using GitHub organization that contains your source code.

  1. Create a new account on GitHub (if you do not have one).

  2. On the upper-right corner of your GitHub page, click your profile photo, then click Settings.

  3. On the Access section, click Organizations.

  4. On the Organizations section, click New organization.

  5. Pick a plan for your organization. You have the option to select create free organization also.

  6. On the Set up your organization page,

    • Enter the organization account name, contact email.

    • Select the option your organization belongs to.

    • Verify your account and click Next.

    • Your GitHub organization name will be created.

  7. Go to your profile and click Your organizations to view all the organizations you created.

For more information about the plans available for your team, see GitHub's products. You can also refer GitHub organization official doc page for more detail.

Note:

  • repo - Full control of private repositories (able to access commit status, deployment status, and public repositories).

  • admin:org - Full control of organizations and teams (Read and write access).

  • delete_repo - Grants delete repo access on private repositories.

Creating Group in GitLab

  1. Create a new account on GitLab (if you do not have one).

  2. You can create a group by going to the 'Groups' tab on the GitLab dashboard and click New group.

  3. Select Create group.

  4. Enter the group name (required) and select the optional descriptions if required, and click Create group.

  5. Your group will be created and your group name will be assigned with a new Group ID (e.g. 61512475).

Note:

  • api - Grants complete read/write access to the scoped project API.

  • write_repository - Allows read/write access (pull, push) to the repository.

Creating Project in Azure DevOps

  1. Go to Azure DevOps and navigate to Projects.

  2. Select your organization and click New project.

  3. On the Create new project page,

    • Enter the project name and description of the project.

    • Select the visibility option (private or public), initial source control type, and work item process.

    • Click Create.

    • Azure DevOps displays the project welcome page with the project name.

You can also refer Azure DevOps - Project Creation official page for more details.

Note:

Creating Workspace in Bitbucket

  1. Create a new individual account on Bitbucket (if you do not have one).

  2. Select your profile and settings avatar on the upper-right corner of the top navigation bar.

  3. Select All workspaces from the dropdown menu.

  4. Select the Create workspace on the upper-right corner of the Workspaces page.

  5. On the Create a Workspace page:

  • Enter a Workspace name.

  • Enter a Workspace ID. Your ID cannot have any spaces or special characters, but numbers and capital letters are fine. This ID becomes part of the URL for the workspace and anywhere else where there is a label that identifies the team (APIs, permission groups, OAuth, etc.).

  • Click Create.

  1. Your Workspace name and Workspace ID will be created.

You can also refer official Bitbucket Workspace page for more details.

Note:

  • repo - Full control of repositories (Read, Write, Admin, Delete) access.

Last updated