{"id":23417484,"url":"https://github.com/holos-run/kargo-demo","last_synced_at":"2025-10-30T05:30:52.934Z","repository":{"id":268455417,"uuid":"904300227","full_name":"holos-run/kargo-demo","owner":"holos-run","description":"Holos Kargo Integration","archived":false,"fork":false,"pushed_at":"2025-02-06T22:30:05.000Z","size":1477,"stargazers_count":0,"open_issues_count":0,"forks_count":4,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-06T23:27:23.942Z","etag":null,"topics":["cue","devops","holos","kargo","kubernetes"],"latest_commit_sha":null,"homepage":"https://holos.run/docs/kargo/","language":"CUE","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/holos-run.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-12-16T16:14:03.000Z","updated_at":"2025-02-06T22:30:10.000Z","dependencies_parsed_at":"2024-12-16T22:25:04.540Z","dependency_job_id":"f517b633-7360-4da6-b0a8-b3d55b0fb3d3","html_url":"https://github.com/holos-run/kargo-demo","commit_stats":null,"previous_names":["holos-run/kargo-demo"],"tags_count":14,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/holos-run%2Fkargo-demo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/holos-run%2Fkargo-demo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/holos-run%2Fkargo-demo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/holos-run%2Fkargo-demo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/holos-run","download_url":"https://codeload.github.com/holos-run/kargo-demo/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":238934018,"owners_count":19554788,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cue","devops","holos","kargo","kubernetes"],"created_at":"2024-12-22T23:18:21.679Z","updated_at":"2025-10-30T05:30:52.129Z","avatar_url":"https://github.com/holos-run.png","language":"CUE","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Kargo Demo\n\nThis repository showcases how well [Holos] integrates with [Kargo].\n\nTwo main uses cases are addressed:\n\n1. Automatically tracking updates to third party add-ons like Istio and cert-manager.\n2. Automatically promoting new versions of first-part containerized services,\n   for example from dev to test, uat, then prod following the Sun from east to\n   west.\n\n## Quick Start\n\n### Local Cluster\n\nFirst, see [Local Cluster] to get set up locally.\n\n### Fork this Repository\n\nFork the repository.  Clone your fork to your local machine.\n\nSet the correct git uri.  Replace GH_USER with your github username.\n\n```bash\nGH_USER=jeffmccune\n```\n\n```bash\ncat \u003c\u003cEOF \u003e \"config/platform/platform_${USER}.cue\"\n```\n```cue\n@if(${USER} || ${GH_USER})\npackage platform\n\norganization: repoURL: \"https://github.com/${GH_USER}/kargo-demo.git\"\n```\n```bash\nEOF\n```\n\nRender the manifests with your configuration:\n\n```\nholos render platform -t $GH_USER\n```\n\nCommit and push the updated deploy directory.\n\n```bash\ngit add deploy\ngit commit -m \"Switch to $GH_USER fork\"\ngit push\n```\n\n### GitHub Credentials\n\n[Create a GitHub App](https://github.com/settings/apps/new) in the user or\norganization where your bank-of-holos fork resides.\n\nIn the `GitHub App name` field, specify a unique name, for example `Holos -\nLocal Cluster 1733418802` produced by:\n\n```bash\necho -n \"Holos - Local Cluster $(date +%s)\" | pbcopy\n```\n\nSet the `Homepage URL` to `https://holos.run/docs/local-cluster/`.\n\nUnder `Webhook`, de-select `Active`.\n\nUnder `Permissions` → `Repository permissions` → `Contents`, select `Read and\nwrite` permissions.  _The App will receive these permissions on all repositories\ninto which it is installed._\n\nThe `git-open-pr` step requires write permission to pull requests.  Add this\npermission if you get the following error:\n\n```\nstep execution failed: step 4 met error threshold of 1: failed to run step\n\"git-open-pr\": error creating pull request: POST\nhttps://api.github.com/repos/jeffmccune/kargo-demo/pulls: 403 Resource not\naccessible by integration []\n```\n\nUnder `Where can this GitHub App be installed?`, leave `Only on this account`\nselected.\n\nClick `Create GitHub App`.\n\nTake note of the `App ID`. In your shell store it for use later using:\n\n```bash\nexport GITHUB_APP_ID=9999999\n```\n\nScroll to the bottom of the page and click `Generate a private key`. The\nresulting key will be downloaded immediately.  Record the path to this file for\nuse later using:\n\n```bash\nexport GITHUB_APP_KEY=\"$(ls -lrt1 ~/Downloads/holos-local-cluster*.private-key.pem | tail -1)\"\n```\n\nOn the left-hand side of the page, click `Install App`.\n\nChoose an account to install the App into by clicking `Install`.\n\nSelect `Only select repositories` and choose your `bank-of-holos` fork.\nRemember that the App will receive the permissions you selected earlier for all\nrepositories you grant access.\n\nClick `Install`.\n\nIn your browser's address bar, take note of the numeric identifier at the end of\nthe current page's URL. This is the `Installation ID`.  Save the installation id\nfor later.\n\nFor example, `https://github.com/settings/installations/99999999` is saved as:\n\n```shell\nexport GITHUB_APP_INSTALL_ID=99999999\n```\n\n#### GitHub App Secret\n\nGenerate a Kubernetes Secret to store the Kargo git credentials.  We put this in\n`mkcert -CAROOT` so `reset-cluster` restores it each time the local cluster is\nreset.\n\nRecord the Git URL, the same as you set for `Organization.RepoURL`\n\n```shell\nexport GITHUB_APP_REPO_URL=\"https://github.com/${GH_USER}/kargo-demo.git\"\n```\n\nAt this point you should have the following values, for example:\n\n```shell\nenv | grep GITHUB_APP\n```\n\n```shell\nGITHUB_APP_ID=1079195\nGITHUB_APP_KEY=/Users/jeff/Downloads/holos-local-cluster-1733419264.2024-12-30.private-key.pem\nGITHUB_APP_INSTALL_ID=58021430\nGITHUB_APP_REPO_URL=https://github.com/jeffmccune/kargo-demo.git\n```\n\nGenerate the secret:\n\n```shell\n./scripts/kargo-git-creds\n```\n\n```txt\nSecret created, apply with:\n  kubectl apply -f ~/Library/Application\\ Support/mkcert/kargo.yaml\n\nThe reset-cluster script will automatically apply this secret going forward.\n```\n\nAnd apply it or reset your cluster.\n\n```shell\nkubectl apply -f \"$(mkcert -CAROOT)/kargo.yaml\"\n```\n\n### Apply the Configuration\n\nThen, reset your local cluster and apply all of the configuration in this repository.\n\n```bash\ntime bash -c './scripts/reset-cluster \u0026\u0026 ./scripts/apply'\n```\n\nShould take about 1 minute.\n\nApplying the configuration will:\n\n1. Configure the argocd, kargo, podinfo, and httpbin services.\n   1. https://argocd.holos.localhost\n   2. https://kargo.holos.localhost\n   3. https://podinfo.holos.localhost\n   4. https://httpbin.holos.localhost\n2. Configure ArgoCD to reconcile against your fork of this repository.  Auto-sync is disabled for the demo.\n3. Configure Kargo to automatically promote new versions of podinfo, httpbin, and cert-manager.\n4. Configure an istio-promoter Application.  If synced, this ArgoCD Application will configure Kargo to automatically create pull requests for new Istio versions.\n\n## Demo\n\nPodinfo represents a first-party service one of the teams in our org owns.  Kargo automatically promotes new container image tags from dev to test to uat, then waits for approval to promote to production.\n\nNote https://kargo.holos.localhost routes to three backend namespaces,\nprod-us-east, prod-us-central, and prod-us-west, each with a different version.\n\nLog into Kargo using the password:\n\n```bash\nkubectl get secret -n kargo admin-credentials -o json \\\n  | jq --exit-status -r '.data.password | @base64d' \\\n  | pbcopy\n```\n\nBrowse to https://kargo.holos.localhost/project/podinfo\n\nKargo should have already promoted the new image from dev to test to uat and is waiting for your approval to promote to prod.\n\n[Holos]: https://holos.run/docs/overview/\n[Kargo]: https://kargo.io/\n[Local Cluster]: https://holos.run/docs/local-cluster/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fholos-run%2Fkargo-demo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fholos-run%2Fkargo-demo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fholos-run%2Fkargo-demo/lists"}