ArgoCD

ArgoCD can be integrated with Delivery Shield by following the steps given below:

Prerequisites:

  • Delivery Shield

  • OPA

  • ArgoCD with applications

  • Git

  • Github account with access to applications in gitops repo

Integrating ArgoCD in Delivery Shield:

Follow the steps given below to integrate ArgoCD with Delivery Shield.

  1. Connect to the cluster where ArgoCD is running and run the command given below:

curl -o argocd-notifications-cm.yaml 
https://raw.githubusercontent.com/OpsMx/argocd-ssd/main/argocd-notifications-cm.yaml

  1. Update the values given below in argocd-notifications-cm.yaml.

  • argocdUrl: Provide the argocd endpoint.

  • argocdName: Enter a name for the argocd.

  • argoEnvironmentList: Provide the target cluster env name and IP address. You can provide multiple target cluster details here. For example: dev|https://12.34.56.78;staging|https://kubernetes.default.svc

  • Url: Provide the SSD RabbitMQ external IP address or DNS endpoint. For example: 

kubectl patch cm argocd-notifications-cm -n argocd --type merge --patch-file argocd-notifications-cm.yaml

  1. Replace your SSD RabbitMQ username and password in the commands given below and run in your cluster. Note: Default username and password is given in the commands.

kubectl patch secret argocd-notifications-secret  --patch="{\"data\": { \"rabbitmq-password\"xxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }}" -n argocd

kubectl patch secret argocd-notifications-secret  --patch="{\"data\": { \"rabbitmq-username\"xxxxxxxxxxxxxxxxxxxxxxxxxxxxx" -n argocd

  1. Run the commands given below to add sidecar containers to the argocd-repo-server pod.

kubectl apply -n argocd -f https://raw.githubusercontent.com/OpsMx/argocd-ssd/main/cmp-config.yaml

curl -o volumes.yaml https://raw.githubusercontent.com/OpsMx/argocd-ssd/main/volumes.yaml

kubectl patch deploy argocd-repo-server -n argocd --patch-file volumes.yaml

curl -o argocd-repo-server-patch.yaml https://raw.githubusercontent.com/OpsMx/argocd-ssd/main/argocd-repo-server-patch.yaml

sed -i 's/SSD-OPA.EXAMPLE.COM/<replace with OPA ingress>/g' argocd-repo-server-patch.yaml

kubectl patch deploy argocd-repo-server -n argocd --patch-file argocd-repo-server-patch.yaml

  1. Add the labels given below, in all the services deployment files under the template.metadata.labels.

ssd.admissionreview.accountname: <Target cluster env name>
ssd.admissionreview.appname: <argocd application name >

  1. Edit the opa-config cm of OPA and point the services endpoint to ssd-opa endpoint at target cluster.

  2. The ArgoCD integration to Delivery Shield is completed.

Troubleshooting:

To check if the integration is working, trigger the CI/CD process once again. If the data is visible in Delivery Shield, the integrations works. If you face any issues while integrating ArgoCD to Secure Software Delivery feel free to contact OpsMx support team.

PreviousJenkinsNextSpinnaker

Last updated