diff --git a/CLAUDE.md b/CLAUDE.md index c602e7c..a84a8e2 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -2,7 +2,7 @@ ## Overview -AKS-specific GitOps configuration for ArgoCD addon lifecycle management. Part of a multi-cloud strategy (`eks-gitops`, `gke-gitops`, `aks-gitops`). Companion to [azure-aks](https://github.com/nanohype/azure-aks) (Bicep/Terraform infrastructure). +AKS-specific GitOps configuration for ArgoCD addon lifecycle management. Part of a multi-cloud strategy (`eks-gitops`, `aks-gitops`). Companion to [landing-zone](https://github.com/nanohype/landing-zone) (OpenTofu/Terragrunt infrastructure). ## Directory Structure @@ -86,7 +86,7 @@ task render # Render manifests to rendered/ directory ## Relationship to Parent Repo - This is the AKS variant of a multi-cloud GitOps strategy -- `azure-aks` (Bicep/Terraform) deploys ArgoCD and creates the App-of-Apps Application pointing to this repo +- `landing-zone` (OpenTofu) deploys ArgoCD and creates the App-of-Apps Application pointing to this repo - Bootstrap addons (cert-manager, external-secrets, etc.) are managed by this repo at wave 0 - Cluster secret labels (set by IaC) drive environment selection in ApplicationSets diff --git a/README.md b/README.md index aff44b7..6321b1e 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # AKS GitOps Repository -GitOps configuration for AKS cluster addons, managed by ArgoCD. Part of a multi-cloud GitOps strategy (`eks-gitops`, `gke-gitops`, `aks-gitops`). +GitOps configuration for AKS cluster addons, managed by ArgoCD. Part of a multi-cloud GitOps strategy (`eks-gitops`, `aks-gitops`). **AI clients / agents start here:** [`AGENTS.md`](AGENTS.md). For the stack-wide view, see the [Platform Reference](https://github.com/nanohype/nanohype/blob/main/docs/platform-reference.md). @@ -15,7 +15,7 @@ GitOps configuration for AKS cluster addons, managed by ArgoCD. Part of a multi- ## Companion Repository -This repository is the AKS variant of a multi-cloud GitOps strategy. Infrastructure is provisioned by [azure-aks](https://github.com/nanohype/azure-aks) (Bicep/Terraform), which deploys ArgoCD and creates the App-of-Apps Application pointing to this repository. +This repository is the AKS variant of a multi-cloud GitOps strategy. Infrastructure is provisioned by [landing-zone](https://github.com/nanohype/landing-zone) (OpenTofu/Terragrunt), which deploys ArgoCD and creates the App-of-Apps Application pointing to this repository. ## Architecture diff --git a/docs/architecture/overview.md b/docs/architecture/overview.md index 47ab811..2d4865a 100644 --- a/docs/architecture/overview.md +++ b/docs/architecture/overview.md @@ -2,11 +2,11 @@ ## GitOps Model -This repository implements the **App-of-Apps** pattern for ArgoCD. It is the AKS variant of a multi-cloud GitOps strategy (`eks-gitops`, `gke-gitops`, `aks-gitops`). The IaC infrastructure ([azure-aks](https://github.com/nanohype/azure-aks)) deploys ArgoCD and creates a root Application that points to this repository's `applicationsets/` directory. +This repository implements the **App-of-Apps** pattern for ArgoCD. It is the AKS variant of a multi-cloud GitOps strategy (`eks-gitops`, `aks-gitops`). The IaC infrastructure ([landing-zone](https://github.com/nanohype/landing-zone)) deploys ArgoCD and creates a root Application that points to this repository's `applicationsets/` directory. ```mermaid graph TD - IaC[azure-aks IaC] -->|deploys| ArgoCD + IaC[landing-zone OpenTofu] -->|deploys| ArgoCD IaC -->|creates| AppOfApps[App-of-Apps Application] AppOfApps -->|references| AppSets[ApplicationSets] AppSets -->|generates| BootApps[Bootstrap Apps] @@ -118,4 +118,4 @@ addons/// Cluster workloads authenticate to Azure resources via [Azure Workload Identity](https://azure.github.io/azure-workload-identity/). Service accounts carry an `azure.workload.identity/client-id` annotation that the federated credential maps to a Managed Identity. This is the AKS analogue of EKS IRSA. -The cluster must have OIDC issuer and Workload Identity enabled (provisioned by `azure-aks` IaC). External Secrets, External DNS, Velero, Loki/Tempo (if using blob storage), KEDA, OpenCost, Argo Workflows, and Karpenter all use this pattern. +The cluster must have OIDC issuer and Workload Identity enabled (provisioned by `landing-zone` (OpenTofu)). External Secrets, External DNS, Velero, Loki/Tempo (if using blob storage), KEDA, OpenCost, Argo Workflows, and Karpenter all use this pattern.