Skip to content

Instantly share code, notes, and snippets.

@taking

taking/argocd-helm.md

Last active June 22, 2022 00:22
Show Gist options
  • Save taking/36f64910eab11e17e07fffe97234a4c2 to your computer and use it in GitHub Desktop.
Save taking/36f64910eab11e17e07fffe97234a4c2 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
argocd-helm.md

Repo

Prerequisites

  • Kubernetes 1.19+
  • Helm 3.2.0+

helm update

helm repo add argo https://argoproj.github.io/argo-helm
helm repo update

Install

helm install argocd argo/argo-cd \
  --create-namespace \
  --namespace=argocd \
  --set dex.enabled=false \
  --set server.service.type=NodePort \
  --set server.service.nodePortHttps=32453
check ID/PW
echo 'your id : admin'
echo -e "your password: $(kubectl get secret argocd-initial-admin-secret -n ${ARGOCD:-argocd} -o jsonpath='{.data.password}' | base64 -d) \n"
ArgoCD RBAC Configmap
kubectl describe cm argocd-rbac-cm -n ${NAMESPACE}
kubectl create configmap argocd-rbac-cm -n ${NAMESPACE} -o yaml --dry-run=client | cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ConfigMap
metadata:
  name: argocd-rbac-cm
  namespace: argocd
data:
  policy.csv: |
    g, /admin, role:admin
EOF
kubectl describe cm argocd-rbac-cm -n ${NAMESPACE}
ArgoCD add cluster
argocd cluster add msa-cluster --kubeconfig string
@taking
Copy link
Author

taking commented Nov 10, 2021
edited
Loading

(Option) Keycloak SSO setting

# oidc.keycloak.clientSecret
echo -n '1a580051-a5d7-43de-9b62-a651a9763bf8' | base64

kubectl describe cm argocd-cm -n argocd
kubectl create configmap argocd-cm -n argocd -o yaml --dry-run=client | cat <<"EOF" | kubectl apply -f -
apiVersion: v1
kind: ConfigMap
metadata:
  name: argocd-cm
  namespace: argocd
data:
  url: https://argocd.taking.kr
  oidc.config: |
    name: Keycloak
    issuer: https://sso.taking.kr/auth/realms/taking
    clientID: argocd
    clientSecret: $oidc.keycloak.clientSecret
    #requestedScopes: ["openid", "profile", "email", "groups"]
    requestedScopes: ["openid"]
    logoutURL: https://argocd.taking.kr/auth/realms/taking/protocol/openid-connect/logout?redirect_uri=https://argocd.taking.kr
EOF
kubectl describe cm argocd-cm -n argocd

kubectl describe secret argocd-secret -n ${NAMESPACE}
kubectl create secret argocd-secret -n ${NAMESPACE} -o yaml --dry-run=client | cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: argocd-secret
  namespace: argocd
data:
  oidc.keycloak.clientSecret: MWE1ODAwNTEtYTVkNy00M2RlLTliNjItYTY1MWE5NzYzYmY4
EOF
kubectl describe secret argocd-secret -n ${NAMESPACE}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment