install argocd cli
https://argo-cd.readthedocs.io/en/stable/cli_installation/
Copy # macos
brew install argocd
# linux latest
curl -sSL -o /usr/local/bin/argocd https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64
chmod +x /usr/local/bin/argocd
# linux version
VERSION=<TAG> # Select desired TAG from https://github.com/argoproj/argo-cd/releases
curl -sSL -o /usr/local/bin/argocd https://github.com/argoproj/argo-cd/releases/download/$VERSION/argocd-linux-amd64
chmod +x /usr/local/bin/argocd https://argo-cd.readthedocs.io/en/stable/user-guide/commands/argocd/
port forwarding
Copy kubectl port-forward svc/argocd-server -n argocd 8080:443 ์ ์ ํ์ธ
https://localhost:8080
get password
Copy k -n argocd get secret argocd-initial-admin-secret \
-o jsonpath="{.data.password}" | base64 -d && echo login
Copy argocd login localhost:8080
>admin password ๋ณ๊ฒฝ
Copy # argocd account update-password --account <new-username> --new-password <new-password>
argocd account update-password
argocd account update-password --account admin --new-password xxxx add user
create configmap
Copy apiVersion: v1
kind: ConfigMap
metadata:
name: argocd-cm
namespace: argocd
labels:
app.kubernetes.io/name: argocd-cm
app.kubernetes.io/part-of: argocd
data:
# add an additional local user with apiKey and login capabilities
# apiKey - allows generating API keys
# login - allows to login using UI
accounts.dev: login
# disables user. User is enabled by default
accounts.dev.enabled: 'false'
# add an additional local user with apiKey and login capabilities
# admin
accounts.admin: apiKey #token์ ๋ง๋ค๊ธฐ์ํด์ ๋ฃ์ด์ค.
Copy k apply -f argocd-cm.yml create token
Copy argocd account generate-token --account dev --account๊ฐ ์์ผ๋ฉด ํ์ฌ ๋ก๊ทธ์ธ๋ ์ ์
์ด๋๋ฏผ์ ๊ฒฝ์ฐ ์์ ์์ ์ฒ๋ผ ์ถ๊ฐ๋ก ๋ฃ์ด์ค์ผํ๋ค. ๊ทธ๋ฆฌ๊ณ ์ปค๋งจ๋๋ก ์์ฑ์ ์๋ฌ๊ฐ ๋๋๊ฒฝ์ฐ๋ ์๋ค. ์ด๋๋ ์น์์ ์์ฑํ๋ฉด๋๋ค.
role ์ถ๊ฐ
์ ์ ๋ฅผ ์ถ๊ฐํด๋ ๊ถํ์ ์์ฃผ๋ฉด ์๋ฌด๊ฒ๋ ๋ณด์ด์ง ์๋๋ค.
์
๋ฐ์ดํธํด๋ณด์.
Copy ---
apiVersion: v1
kind: ConfigMap
metadata:
name: argocd-rbac-cm
namespace: argocd
data:
policy.default: role:readonly
policy.csv: |
p, role:dev, applications, get, */*, allow
p, role:dev, applications, sync, */*, allow
p, role:dev, repositories, get, *, allow
g, dev, role:dev
# https://argo-cd.readthedocs.io/en/stable/operator-manual/rbac/
Copy k apply -f argocd-rbac-cm.yml dev๋ผ๋ ์ ์ ๋ฅผ ๊ถํ์ ์ถ๊ฐํ๊ณ sync๊ฐ ๊ฐ๋ฅํ๊ฒ ํ๋ค.
add repo
Copy argocd repo add git@github.com:YOUR/argocd.git \
--ssh-private-key-path ~/.ssh/argocd add app
Copy # Create a directory app
argocd app create guestbook \
--repo https://github.com/argoproj/argocd-example-apps.git \
--path guestbook \
--dest-namespace default \
--dest-server https://kubernetes.default.svc \
--directory-recurse
# Create a Kustomize app
argocd app create kustomize-guestbook \
--repo https://github.com/argoproj/argocd-example-apps.git \
--path kustomize-guestbook \
--dest-namespace default \
--dest-server https://kubernetes.default.svc \
--kustomize-image gcr.io/heptio-images/ks-guestbook-demo:0.1 get app
Copy argocd app get APPNAME app sync
Copy NAME=default
argocd app sync ${NAME} --prune --force
argocd app wait ${NAME} --timeout 1200 app delete
Copy argocd app delete homesecurity-hms
argocd app delete homesecurity-hms --cascade=false how to use token
Copy export ARGOCD_SERVER=argocd.mycompany.com
export ARGOCD_AUTH_TOKEN=<JWT token generated from project>
argocd app sync guestbook
argocd app wait guestbook refernce
