ArgoCD
ArgoCD can be integrated with Delivery Shield by following the steps given below:
Prerequisites:
Delivery Shield
OPA
ArgoCD with applications
Git
Github account with access to applications in gitops repo
Integrating ArgoCD in Delivery Shield:
Follow the steps given below to integrate ArgoCD with Delivery Shield.
Connect to the cluster where ArgoCD is running and run the command given below:
curl -o argocd-notifications-cm.yaml
https://raw.githubusercontent.com/OpsMx/argocd-ssd/main/argocd-notifications-cm.yaml
Update the values given below in argocd-notifications-cm.yaml.
argocdUrl: Provide the argocd endpoint.
argocdName: Enter a name for the argocd.
argoEnvironmentList: Provide the target cluster env name and IP address. You can provide multiple target cluster details here. For example:
dev|https://12.34.56.78;staging|https://kubernetes.default.svc
Url: Provide the SSD RabbitMQ external IP address or DNS endpoint. For example:
kubectl patch cm argocd-notifications-cm -n argocd --type merge --patch-file argocd-notifications-cm.yaml
Replace your SSD RabbitMQ username and password in the commands given below and run in your cluster. Note: Default username and password is given in the commands.
kubectl patch secret argocd-notifications-secret --patch="{\"data\": { \"rabbitmq-password\"xxxxxxxxxxxxxxxxxxxxxxxxxxxxx" }}" -n argocd
kubectl patch secret argocd-notifications-secret --patch="{\"data\": { \"rabbitmq-username\"xxxxxxxxxxxxxxxxxxxxxxxxxxxxx" -n argocd
Run the commands given below to add sidecar containers to the argocd-repo-server pod.
kubectl apply -n argocd -f https://raw.githubusercontent.com/OpsMx/argocd-ssd/main/cmp-config.yaml
curl -o volumes.yaml https://raw.githubusercontent.com/OpsMx/argocd-ssd/main/volumes.yaml
kubectl patch deploy argocd-repo-server -n argocd --patch-file volumes.yaml
curl -o argocd-repo-server-patch.yaml https://raw.githubusercontent.com/OpsMx/argocd-ssd/main/argocd-repo-server-patch.yaml
sed -i 's/SSD-OPA.EXAMPLE.COM/<replace with OPA ingress>/g' argocd-repo-server-patch.yaml
kubectl patch deploy argocd-repo-server -n argocd --patch-file argocd-repo-server-patch.yaml
Add the labels given below, in all the services deployment files under the template.metadata.labels.
ssd.admissionreview.accountname: <Target cluster env name>
ssd.admissionreview.appname: <argocd application name >
Edit the opa-config cm of OPA and point the services endpoint to ssd-opa endpoint at target cluster.
The ArgoCD integration to Delivery Shield is completed.
Troubleshooting:
To check if the integration is working, trigger the CI/CD process once again. If the data is visible in Delivery Shield, the integrations works. If you face any issues while integrating ArgoCD to Secure Software Delivery feel free to contact OpsMx support team.
Last updated
Was this helpful?