kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yamlkubectl edit configmap argocd-cm -n argocdadd the following to it:
data:
# Define the 'apiuser' account and grant it the capabilities
# to log in and have API keys generated for it.
accounts.apiuser: apiKey, loginkubectl edit configmap argocd-rbac-cm -n argocdadd the following to it:
data:
policy.csv: |
p, role:admin, *, *, *, allow
p, role:admin, accounts, apiKey, *, allow
p, role:api-user, accounts, apiKey, apiuser, allow
p, role:api-user, projects, get, *, allow
p, role:api-user, applications, get, *, allow
p, role:api-user, repositories, get, *, allow
p, role:api-user, clusters, get, *, allow
g, admin, role:admin
g, apiuser, role:api-user
policy.default: role:readonlyRestart argocd:
kubectl rollout restart deployment argocd-server -n argocdkubectl port-forward svc/argocd-server -n argocd 8080:443# get the password
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo
# login
argocd login localhost:8080 --insecure --username admin --password '<password obtained above>'
# generate apiuser token
argocd account generate-token --account apiuserAdd it to holmes argocd config.
holmes:
toolsets:
argocd/core:
enabled: true
additionalEnvVars:
- name: ARGOCD_AUTH_TOKEN
value: "<the auth token obtained above>"
- name: ARGOCD_OPTS
value: "--port-forward --port-forward-namespace argocd --grpc-web"And then the usual
helm upgrade ...kubectl port-forward svc/argocd-server -n argocd 8080:443Access the UI. admin password is the same as the one obtained in earlier steps.
Create app:
