provider-argocd-endpoint

module

v1.0.0 Latest Latest Go to latest Published: Nov 3, 2022 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/krateoplatformops/provider-argocd-endpoint

Links

Open Source Insights

README ¶

Provider ArgoCD

Overview

This is a Kubernetes Operator (Crossplane provider) that creates API tokens for specific ArgoCD users.

The provider that is built from the source code in this repository adds the following new functionality:

a Custom Resource Definition (CRD) that model ArgoCD auth tokens for specific users

Getting Started

With Crossplane and ArgoCD installed in your cluster:

$ helm repo add crossplane-stable https://charts.crossplane.io/stable
$ helm repo update
$ helm install crossplane --namespace crossplane-system crossplane-stable/crossplane

$ kubectl create namespace argo-system
$ kubectl apply -n argo-system -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

How to install this provider

$ kubectl apply -f ./examples/provider.yaml

Replace VERSION tag with the desired release.

Configure this operator with `serverUrl` pointing to an ArgoCD instance

$ cat <<EOF | kubectl apply -f -
apiVersion: argocd.krateo.io/v1alpha1
kind: ProviderConfig
metadata:
  name: provider-argocd-endpoint-config
spec:
  serverUrl: https://argocd-server.argo-system.svc:443
  credentials:
    source: Secret
    secretRef:
      namespace: argo-system
      name: argocd-initial-admin-secret
      key: password
EOF

Create a new ArgoCD account

Following the steps in the official ArgoCD documentation you can create a new user defining it in the argo-cm ConfigMap:

$ cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ConfigMap
metadata:
  name: argocd-cm
  namespace: argo-system
  labels:
    app.kubernetes.io/name: argocd-cm
    app.kubernetes.io/part-of: argocd
data:
  accounts.krateo-dashboard: apiKey, login
EOF

Each user might have two capabilities:

apiKey: allows generating authentication tokens for API access
login: allows to login using UI

Create an API token without expiration that can be used by the defined user

$ cat <<EOF | kubectl apply -f -
apiVersion: argocd.krateo.io/v1alpha1
kind: Endpoint
metadata:
  name: krateo-dashboard-argocd-endpoint
spec:
  forProvider:
    account: krateo-dashboard
    writeSecretToRef:
      name: krateo-dashboard-argocd-endpoint
      namespace: krateo-system
  providerConfigRef:
    name: provider-argocd-endpoint-config
EOF

After a while check if the API token is created

$ kubectl get secrets/krateo-dashboard-argocd-endpoint -n krateo-system \
   --template='{{.data.bearer | base64decode}}'

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJkOWZkNDJiYi05ZGU4LTRmMGUtYTA...

Directories ¶

Path	Synopsis
apis
endpoints/v1alpha1 +kubebuilder:object:generate=true +groupName=argocd.krateo.io +versionName=v1alpha1	+kubebuilder:object:generate=true +groupName=argocd.krateo.io +versionName=v1alpha1
v1alpha1 Package v1alpha1 contains the core resources of the Todoist provider.	Package v1alpha1 contains the core resources of the Todoist provider.
cmd
internal
clients
clients/accounts
controller
controller/config
controller/endpoint

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL