deploy argocd app
Less than 1 minute
deploy argocd app
prepare
- argo workflows is ready
- minio is ready for artifact repository
- endpoint: minio.storage:9000
demo
- configure s3 artifact repository
- prepare secret
argocd-login-credentialswhich stores argocd username and passwordARGOCD_USERNAME=admin # change ARGOCD_PASSWORD to your argocd password ARGOCD_PASSWORD=$(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d) kubectl -n business-workflows create secret generic argocd-login-credentials \ --from-literal=username=${ARGOCD_USERNAME} \ --from-literal=password=${ARGOCD_PASSWORD}
- prepare
deploy-argocd-app-rbac.yamland apply it to k8s--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: application-administrator rules: - apiGroups: - argoproj.io resources: - applications verbs: - '*' --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: application-administration namespace: argocd roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: application-administrator subjects: - kind: ServiceAccount name: argo-workflow namespace: business-workflowskubectl -n argocd apply -f deploy-argocd-app-rbac.yaml
- prepare
deploy-argocd-app.yamlapiVersion: argoproj.io/v1alpha1 kind: Workflow metadata: generateName: deploy-argocd-app- spec: entrypoint: entry artifactRepositoryRef: configmap: artifact-repositories key: default-artifact-repository serviceAccountName: argo-workflow templates: - name: entry inputs: parameters: - name: argocd-server value: argo-cd-argocd-server.argocd:443 - name: insecure-option value: --insecure dag: tasks: - name: apply template: apply - name: prepare-argocd-binary template: prepare-argocd-binary dependencies: - apply - name: sync dependencies: - prepare-argocd-binary template: sync arguments: artifacts: - name: argocd-binary from: "{{tasks.prepare-argocd-binary.outputs.artifacts.argocd-binary}}" parameters: - name: argocd-server value: "{{inputs.parameters.argocd-server}}" - name: insecure-option value: "{{inputs.parameters.insecure-option}}" - name: wait dependencies: - sync template: wait arguments: artifacts: - name: argocd-binary from: "{{tasks.prepare-argocd-binary.outputs.artifacts.argocd-binary}}" parameters: - name: argocd-server value: "{{inputs.parameters.argocd-server}}" - name: insecure-option value: "{{inputs.parameters.insecure-option}}" - name: apply resource: action: apply manifest: | apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: hello-nginx namespace: argocd spec: syncPolicy: syncOptions: - CreateNamespace=true project: default source: repoURL: https://ben-wangz.github.io/helm-chart-mirror/charts chart: nginx targetRevision: 15.9.0 helm: releaseName: hello-nginx values: | image: registry: docker.io service: type: ClusterIP ingress: enabled: false destination: server: https://kubernetes.default.svc namespace: application - name: prepare-argocd-binary inputs: artifacts: - name: argocd-binary path: /tmp/argocd mode: 755 http: url: https://files.github.com/argoproj/argo-cd/releases/download/v2.9.3/argocd-linux-amd64 outputs: artifacts: - name: argocd-binary path: "{{inputs.artifacts.argocd-binary.path}}" container: image: docker.io/library/fedora:39 command: - sh - -c args: - | ls -l {{inputs.artifacts.argocd-binary.path}} - name: sync inputs: artifacts: - name: argocd-binary path: /usr/local/bin/argocd parameters: - name: argocd-server - name: insecure-option value: "" container: image: docker.io/library/fedora:39 env: - name: ARGOCD_USERNAME valueFrom: secretKeyRef: name: argocd-login-credentials key: username - name: ARGOCD_PASSWORD valueFrom: secretKeyRef: name: argocd-login-credentials key: password - name: WITH_PRUNE_OPTION value: --prune command: - sh - -c args: - | set -e export ARGOCD_SERVER={{inputs.parameters.argocd-server}} export INSECURE_OPTION={{inputs.parameters.insecure-option}} export ARGOCD_USERNAME=${ARGOCD_USERNAME:-admin} argocd login ${INSECURE_OPTION} --username ${ARGOCD_USERNAME} --password ${ARGOCD_PASSWORD} ${ARGOCD_SERVER} argocd app sync argocd/hello-nginx ${WITH_PRUNE_OPTION} --timeout 300 - name: wait inputs: artifacts: - name: argocd-binary path: /usr/local/bin/argocd parameters: - name: argocd-server - name: insecure-option value: "" container: image: docker.io/library/fedora:39 env: - name: ARGOCD_USERNAME valueFrom: secretKeyRef: name: argocd-login-credentials key: username - name: ARGOCD_PASSWORD valueFrom: secretKeyRef: name: argocd-login-credentials key: password command: - sh - -c args: - | set -e export ARGOCD_SERVER={{inputs.parameters.argocd-server}} export INSECURE_OPTION={{inputs.parameters.insecure-option}} export ARGOCD_USERNAME=${ARGOCD_USERNAME:-admin} argocd login ${INSECURE_OPTION} --username ${ARGOCD_USERNAME} --password ${ARGOCD_PASSWORD} ${ARGOCD_SERVER} argocd app wait argocd/hello-nginx
- submit with argo workflow client
argo -n business-workflows submit deploy-argocd-app.yaml
- check status
argo -n business-workflows list# argo -n business-workflows get deploy-argocd-app-2j5z2 argo -n business-workflows get @lastest# argo -n business-workflows logs deploy-argocd-app-2j5z2 argo -n business-workflows logs @latest