aws install without using local gitea DO NOT MERGE

[scottmbaker]

Description

Add the ability to perform an AWS install directly from a remote git repository instead of using a local copy in Gitea.

The 2025.2 behavior remains unchanged, unless a flag is supplied during installation.

The new behavior must be triggered by adding the flag "--external-repo" when using provision.sh. The default remote repository URL is github.com/open-edge-platform/edge-manageability-framework and the default remote branch is main.

If --external-repo is specified and app-orch is disabled (by use of DISABLE_AO_PROFILE=true) then Gitea installation will be skipped entirely.

Test: Default Behavior

1. Install using provision.sh with no changes
2. Ensure all pods / applications deployed correctly
3. Use kubectl get pods -A and observe gitea is installed
4. run kubectl -n scott2 describe application root-app | grep -i "deploy repo url" and observe that the URL points to local gitea

Test: --external-repo with app-orch

1. Install with "--external-repo" applied when invoking provision.sh
2. Ensure all pods / applications deployed correctly
3. Use kubectl get pods -A and observe gitea is installed
4. run kubectl -n scott2 describe application root-app | grep -i "deploy repo url" and observe that the URL points to external repository

Test: --external-repo without app-orch

1. export DISABLE_AO_PROFILE=true
2. Install with "--external-repo" applied when invoking provision.sh
3. Ensure all pods / applications deployed correctly
4. Use kubectl get pods -A and observe gitea is not installed
5. run kubectl -n scott2 describe application root-app | grep -i "deploy repo url" and observe that the URL points to external repository

Any Newly Introduced Dependencies

None

How Has This Been Tested?

Tested in Coder

Checklist:

• I agree to use the APACHE-2.0 license for my code changes
• I have not introduced any 3rd party dependency changes
• I have performed a self-review of my code

[Copilot]

Pull request overview

This PR adds support for using an external GitHub repository as the ArgoCD deployment source instead of the default local Gitea instance. This provides flexibility for deployments that prefer to use a public or external repository rather than hosting their own Gitea server.

Changes:

• Added --external-repo flag to provision.sh to toggle between local Gitea and external repository
• Introduced install_from_local_gitea and deploy_repo_url Terraform variables for conditional deployment
• Modified installer scripts to configure ArgoCD with the appropriate repository URL and credentials based on the deployment mode

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
pod-configs/utils/provision.sh	Added --external-repo option parsing and INSTALL_FROM_LOCAL_GITEA variable handling
pod-configs/orchestrator/cluster/variable.tf	Added install_from_local_gitea and deploy_repo_url variables
pod-configs/orchestrator/cluster/main.tf	Added conditional kubernetes_secret resource for GitHub repository credentials
pod-configs/module/gitea/variable.tf	Added install_from_local_gitea variable with default value
pod-configs/module/gitea/main.tf	Modified argocd_gitea_secrets to conditionally create based on install_from_local_gitea
installer/generate_cluster_yaml.sh	Added logic to set repository URLs based on INSTALL_FROM_LOCAL_GITEA variable
installer/configure-cluster.sh	Added export of INSTALL_FROM_LOCAL_GITEA variable
installer/cluster_aws.tpl	Changed to use dynamic DEPLOY_REPO_URL and DEPLOY_GIT_SERVER variables

Comments suppressed due to low confidence (8)

installer/configure-cluster.sh:90

• The INSTALL_FROM_LOCAL_GITEA variable is exported without a default value. If the variable is not set in the environment (e.g., from a previous provision.sh run), this will pass an empty value to generate_cluster_yaml.sh, which could cause issues. Consider adding a default value: export INSTALL_FROM_LOCAL_GITEA="${INSTALL_FROM_LOCAL_GITEA:-true}"

export INSTALL_FROM_LOCAL_GITEA

pod-configs/utils/provision.sh:285

• The new --external-repo option is not documented in the usage function. Add documentation for this option to help users understand when and how to use it. This should be added around line 196 in the usage function alongside other optional flags.

            --external-repo) INSTALL_FROM_LOCAL_GITEA=false;;

installer/generate_cluster_yaml.sh:89

• The GitHub repository URL includes the .git suffix on line 89, but the default value for deploy_repo_url variable in variable.tf (line 22) does not include the .git suffix. This inconsistency could cause issues. Either remove the .git suffix here or add it to the default value in variable.tf for consistency.

    export DEPLOY_REPO_URL="https://github.com/open-edge-platform/edge-manageability-framework.git"

pod-configs/orchestrator/cluster/variable.tf:16

• The TODO comment "XXX smbaker" should be removed as mentioned in the PR description. The default value should be set to 'true' to maintain consistency with the module/gitea/variable.tf default (line 34) and the initial value in provision.sh (line 106). Currently there's an inconsistency where the orchestrator defaults to false but the gitea module defaults to true.

  default = false # XXX smbaker

pod-configs/orchestrator/cluster/main.tf:246

• The commented-out username and password fields suggest incomplete implementation for GitHub authentication. While this may be intentional for public repositories, the commented fields should either be removed or documented with a comment explaining why they're commented out (e.g., "username and password not required for public GitHub repositories").

    #"username" = var.git_username
    #"password" = var.git_token

installer/generate_cluster_yaml.sh:88

• When INSTALL_FROM_LOCAL_GITEA is not set or empty, this condition will fail with a potential error. Add a default value check to handle cases where the variable might not be exported from the environment file. Consider using: if [ "${INSTALL_FROM_LOCAL_GITEA:-true}" = "false" ]; then

if [ "${INSTALL_FROM_LOCAL_GITEA}" = "false" ]; then

installer/generate_cluster_yaml.sh:335

• Same as line 88 - when INSTALL_FROM_LOCAL_GITEA is not set or empty, this condition may fail. Add a default value check: if [ "${INSTALL_FROM_LOCAL_GITEA:-true}" = "false" ]; then

if [ "${INSTALL_FROM_LOCAL_GITEA}" = "false" ]; then

installer/generate_cluster_yaml.sh:336

• The sed command removes the local cluster YAML file reference, but if CLUSTER_NAME is not set, the substitution pattern will be incomplete. Add validation to ensure CLUSTER_NAME is set before executing this sed command, or use the default value handling like other variables in the script.

    sed -i "s|- orch-configs/clusters/${CLUSTER_NAME}.yaml||g" "$OUTPUT_FILE"

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

@scottmbaker I've opened a new pull request, #1512, to work on those changes. Once the pull request is ready, I'll request review from you.

[github-actions]

This pull request is stale because it has been open 30 days with no activity. Make a comment or update the PR to avoid closing PR after 15 days.