#argocd (2023-07)
2023-07-05
How far can you nest the app of apps concept? I’m trying to nest it so I can delegate ownership (in code) to others that might want to create apps, but doesn’t have access argo-cd directly to add a new app. These individuals might test apps from various branches that they’d create. So, how would you nest app of app of apps….?
2023-07-18
Hi folks, I’m looking for suggestions on how to inject secret values into my Application manifest. Currently, I’m using the argocd-vault-plugin to fetch secrets from Google Secret Manager.
However, I’m unsure about the best approach for retrieving those values and incorporating them into my application manifest.
I’ve searched extensively, but I couldn’t find any helpful references. Any assistance would be greatly appreciated. Thank you!
# base/elasticsearch.yaml
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: elasticsearch
namespace: argocd
spec:
project: my-project
destination:
name: in-cluster
namespace: default
sources:
- chart: elasticsearch
repoURL: <https://helm.elastic.co>
targetRevision: 8.5.1
helm:
parameters:
- name: secret.password
value: "password"
# overlays/deployment/secrets/secrets.yaml
---
kind: Secret
apiVersion: v1
metadata:
name: elasticsearch
annotations:
avp.kubernetes.io/path: projects/1234567890/secrets/elasticsearch
type: Opaque
data:
elasticsearch-password: <elasticsearch-secrets | jsonPath {.elasticsearch-password} | base64encode>
I’ve never done this, but have you tried something like this? Similar to env vars for deployments.
- name: secret.password
valueFrom:
secretKeyRef:
name: elasticsearch
key: elasticsearch-password
Argocd does not support valueFrom within helm.parameters , unfortunately. There even is long thread on Github related to that topic.
My suggestion would be to set it in a local helm values file