Install ArgoCD
Attention la compatibilité de la version argo cd et Kub. A voir dans la page officiel en bas :
https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/
l'installation est sur le site:
https://gist.github.com/dmancloud/7a024aa0e47fd39bd0db6e80a4aae842 :
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}'
get ip and node port to connect to the argo cd for test
kubectl get svc -n argocd
get password to connect
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
connect to site with
user : admin
password : xxxxxxxx (password get from the request kubectl)
la video est la suivante
https://www.youtube.com/watch?v=fBd_tz6BALU
Install argocd CLI
VERSION=$(curl --silent "https://api.github.com/repos/argoproj/argo-cd/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/')
curl -sSL -o /usr/local/bin/argocd https://github.com/argoproj/argo-cd/releases/download/$VERSION/argocd-linux-amd64
chmod +x /usr/local/bin/argocd
argocd versionAccess to ARGOCD via argocdCLI
argocd login arg.bakdevops.com --username admin --grpc-web --insecure
#List account
argocd account listGenerate a token
# Generate token for the currently logged in account
argocd account generate-token
# Generate token for the account with the specified name
argocd account generate-token --account <account-name>
details : [Link](https://argo-cd.readthedocs.io/en/stable/user-guide/commands/argocd_account_generate-token/ "Link")Add a user to Argocd
# extract file from ConfigMap in K8S
kubectl get configmap argocd-cm -n argocd -o yaml > argocd-cm.yml
#Add data to argocd-cm.yml
apiVersion: v1
kind: ConfigMap
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"ConfigMap","metadata":{"annotations":{},"labels":{"app.kubernetes.io/name":"argocd-cm","app.kubernetes.io/part-of":"argocd"},"name":"argocd-cm","namespace":"argocd"}}
creationTimestamp: "2023-09-10T20:14:48Z"
labels:
app.kubernetes.io/name: argocd-cm
app.kubernetes.io/part-of: argocd
name: argocd-cm
namespace: argocd
resourceVersion: "3261549"
uid: 4562d63b-7af5-47b1-bf9b-6371fcfe743f
data:
accounts.bakyass: apiKey, login
#Add password to User
argocd account update-password --account bakyass --new-password xxxxxxx
Add permission to user
kubectl get configmap argocd-rbac-cm -n argocd -o yaml > argocd-rbac.ymlAdd data bloc to the file copied
p is permission and g is group or user. You create permission and add the role to the group
more details are into https://www.linkedin.com/pulse/kubernetes-practice-user-management-rbac-argocd-qu%C3%A2n-hu%E1%BB%B3nh and https://argo-cd.readthedocs.io/en/stable/operator-manual/rbac/
apiVersion: v1
kind: ConfigMap
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"ConfigMap","metadata":{"annotations":{},"labels":{"app.kubernetes.io/name":"argocd-rbac-cm","app.kubernetes.io/part-of":"argocd"},"name":"argocd-rbac-cm","namespace":"argocd"}}
creationTimestamp: "2023-09-10T20:14:49Z"
labels:
app.kubernetes.io/name: argocd-rbac-cm
app.kubernetes.io/part-of: argocd
name: argocd-rbac-cm
namespace: argocd
resourceVersion: "3261558"
uid: 91594ebd-741b-474c-8ab2-cf18e0546b43
data:
policy.default: role:readonly
policy.csv: |
p, role:org-admin, applications, *, */*, allow
p, role:org-admin, clusters, get, *, allow
p, role:org-admin, repositories, get, *, allow
p, role:org-admin, repositories, create, *, allow
p, role:org-admin, repositories, update, *, allow
p, role:org-admin, repositories, delete, *, allow
p, role:org-admin, projects, get, *, allow
p, role:org-admin, projects, create, *, allow
p, role:org-admin, projects, update, *, allow
p, role:org-admin, projects, delete, *, allow
p, role:org-admin, logs, get, *, allow
p, role:org-admin, exec, create, */*, allow
g, bakyass, role:org-admin
apply file
kubectl apply -f argocd-rbac.yml