my-homelab-configs/argocd/main.tf

resource "kubernetes_namespace" "argocd" {
  metadata {
    name = "argocd"
  }
}

data "http" "argocd_manifest" {
  url = "https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml"
}

resource "kubernetes_manifest" "argocd_core" {
  for_each = { for idx, doc in provider::kubernetes::manifest_decode_multi(data.http.argocd_manifest.response_body) : idx => doc }

  manifest = merge(
    each.value,
    contains(["ClusterRole", "ClusterRoleBinding", "CustomResourceDefinition", "Namespace"], lookup(each.value, "kind", "")) ? {} : {
      metadata = merge(
        try(each.value.metadata, {}),
        {
          namespace = kubernetes_namespace.argocd.metadata[0].name
        }
      )
    },
    lookup(each.value, "kind", "") == "Service" && lookup(try(each.value.metadata, {}), "name", "") == "argocd-server" ? {
      spec = merge(
        try(each.value.spec, {}),
        {
          type = "NodePort"
          ports = [
            {
              name       = "http"
              port       = 80
              protocol   = "TCP"
              targetPort = 8080
              nodePort   = 30501
            },
            {
              name       = "https"
              port       = 443
              protocol   = "TCP"
              targetPort = 8080
            }
          ]
        }
      )
    } : {}
  )

  field_manager {
    force_conflicts = true
  }

  depends_on = [kubernetes_namespace.argocd]
}

resource "kubernetes_secret_v1" "argocd_private_repo" {
  metadata {
    name      = "my-homelab-repo-secret"
    namespace = kubernetes_namespace.argocd.metadata[0].name
    labels = {
      "argocd.argoproj.io/secret-type" = "repository"
    }
  }

  data = {
    type     = "git"
    url      = "http://192.168.100.68:30300/jv/my-homelab-configs"
    username = "jv"
    password = "Summer12#$"
  }

  depends_on = [kubernetes_manifest.argocd_core]
}

resource "kubernetes_manifest" "argocd_app_registry" {
  manifest = {
    apiVersion = "argoproj.io/v1alpha1"
    kind       = "Application"
    metadata = {
      name      = "container-registry"
      namespace = "argocd"
    }
    spec = {
      project = "default"
      source = {
        repoURL        = "http://192.168.100.68:30300/jv/my-homelab-configs"
        targetRevision = "HEAD"
        path           = "container-registry" # Points to the folder containing your registry YAMLs
      }
      destination = {
        server    = "https://kubernetes.default.svc"
        namespace = "container-registry" # Deploys into this namespace
      }
      syncPolicy = {
        automated = {
          prune    = true
          selfHeal = true
        }
        syncOptions = ["CreateNamespace=true"]
      }
    }
  }
  depends_on = [kubernetes_manifest.argocd_core]
}

resource "kubernetes_manifest" "argocd_app_web_app" {
  manifest = {
    apiVersion = "argoproj.io/v1alpha1"
    kind       = "Application"
    metadata = {
      name      = "php-web-app"
      namespace = "argocd"
    }
    spec = {
      project = "default"
      source = {
        repoURL        = "http://192.168.100.68:30300/jv/my-homelab-configs"
        targetRevision = "HEAD"
        path           = "web-app" # ArgoCD ignores the PHP/Docker files and grabs web-app.yaml
      }
      destination = {
        server    = "https://kubernetes.default.svc"
        namespace = "default"
      }
      syncPolicy = {
        automated = {
          prune    = true
          selfHeal = true
        }
        syncOptions = ["CreateNamespace=true"]
      }
    }
  }
  depends_on = [kubernetes_manifest.argocd_core]
}