argocd-vault-plugin
argocd-vault-plugin copied to clipboard
argoproj-labs
AVP installed by ArgoCD Helm chart and AWS Secret Manager issue
Describe the bug
I would like to install the AVP by the ArgoCD Helm chart on my Amazon EKS cluster and make it working with AWS Secret Manager.
As somebody already mentioned in this issue https://github.com/argoproj-labs/argocd-vault-plugin/issues/474, the installation of AVP by ArgoCD Helm chart is not described properly in the official AVP documentation so here is the way how I did it, but at the end I was not able to make it working:
Create Secret in AWS Secret Manager, Policy, IRSA, ... - I'll skip it and put here just output of the kubectl showing the pre created ServiceAccount argocd-repo-server with role:
$ kubectl describe serviceaccount -n argocd argocd-repo-server
Name: argocd-repo-server
Namespace: argocd
Labels: app.kubernetes.io/managed-by=eksctl
Annotations: eks.amazonaws.com/role-arn: arn:aws:iam::7xxxxxxxxxx7:role/eksctl-k01-irsa-argocd
Image pull secrets: <none>
Mountable secrets: <none>
Tokens: <none>
Events: <none>
AVP + ArgoCD Helm Installation (there is probably something "wrong"):
export CLUSTER_FQDN="k01.k8s.mylabs.dev"
helm repo add argo https://argoproj.github.io/argo-helm
cat > "helm_values-argocd.yml" << EOF
global:
logging:
level: debug
configs:
params:
server.insecure: true
cmp:
create: true
plugins:
avp-kustomize:
allowConcurrency: true
discover:
find:
command:
- find
- "."
- -name
- kustomization.yaml
generate:
command:
- sh
- "-c"
- "kustomize build . | argocd-vault-plugin generate --verbose-sensitive-output -"
lockRepo: false
avp-helm:
allowConcurrency: true
discover:
find:
command:
- sh
- "-c"
- "find . -name 'Chart.yaml' && find . -name 'values.yaml'"
generate:
command:
- sh
- "-c"
- |
helm template \$ARGOCD_APP_NAME -n \$ARGOCD_APP_NAMESPACE -f <(echo "\$ARGOCD_ENV_helm_values") . |
argocd-vault-plugin generate --verbose-sensitive-output -
lockRepo: false
avp:
allowConcurrency: true
discover:
find:
command:
- sh
- "-c"
- "find . -name '*.yaml' | xargs -I {} grep \\"<path\\\\|avp\\\\.kubernetes\\\\.io\\" {} | grep ."
generate:
command:
- argocd-vault-plugin
- generate
- "--verbose-sensitive-output"
- "."
lockRepo: false
repoServer:
env:
- name: AVP_TYPE
value: awssecretsmanager
metrics:
enabled: true
serviceMonitor:
enabled: true
serviceAccount:
create: false
name: argocd-repo-server
initContainers:
- name: download-tools
image: alpine:latest
command: [sh, -c]
env:
- name: AVP_VERSION
value: 1.14.0
- name: AVP_ARCHITECTURE
value: arm64
args:
- >-
wget -O argocd-vault-plugin
https://github.com/argoproj-labs/argocd-vault-plugin/releases/download/v\${AVP_VERSION}/argocd-vault-plugin_\${AVP_VERSION}_linux_\${AVP_ARCHITECTURE} &&
chmod +x argocd-vault-plugin &&
mv argocd-vault-plugin /custom-tools/
volumeMounts:
- mountPath: /custom-tools
name: custom-tools
extraContainers:
- name: avp
command: [/var/run/argocd/argocd-cmp-server]
image: quay.io/argoproj/argocd:v2.7.2
securityContext:
runAsNonRoot: true
runAsUser: 999
volumeMounts:
- mountPath: /var/run/argocd
name: var-files
- mountPath: /home/argocd/cmp-server/plugins
name: plugins
- mountPath: /tmp
name: tmp
- mountPath: /home/argocd/cmp-server/config/plugin.yaml
subPath: avp.yaml
name: argocd-cmp-cm
- name: custom-tools
subPath: argocd-vault-plugin
mountPath: /usr/local/bin/argocd-vault-plugin
- name: avp-helm
command: [/var/run/argocd/argocd-cmp-server]
image: quay.io/argoproj/argocd:v2.7.2
securityContext:
runAsNonRoot: true
runAsUser: 999
volumeMounts:
- mountPath: /var/run/argocd
name: var-files
- mountPath: /home/argocd/cmp-server/plugins
name: plugins
- mountPath: /tmp
name: tmp
- mountPath: /home/argocd/cmp-server/config/plugin.yaml
subPath: avp-helm.yaml
name: argocd-cmp-cm
- name: custom-tools
subPath: argocd-vault-plugin
mountPath: /usr/local/bin/argocd-vault-plugin
- name: avp-kustomize
command: [/var/run/argocd/argocd-cmp-server]
image: quay.io/argoproj/argocd:v2.7.2
securityContext:
runAsNonRoot: true
runAsUser: 999
volumeMounts:
- mountPath: /var/run/argocd
name: var-files
- mountPath: /home/argocd/cmp-server/plugins
name: plugins
- mountPath: /tmp
name: tmp
- mountPath: /home/argocd/cmp-server/config/plugin.yaml
subPath: avp-kustomize.yaml
name: argocd-cmp-cm
- name: custom-tools
subPath: argocd-vault-plugin
mountPath: /usr/local/bin/argocd-vault-plugin
volumes:
- configMap:
name: argocd-cmp-cm
name: argocd-cmp-cm
- name: custom-tools
emptyDir: {}
EOF
helm upgrade --install --version "5.34.3" --namespace argocd --create-namespace --wait --values "helm_values-argocd.yml" argo-cd argo/argo-cd
The I installed two apps where I used <path: with secret which should be taken from the AWS Secret Manager:
-
First is using the secret as a helm parameter - the secret should be injected into the installed helm chart.
-
Second is using
kustomizeand should inject the secret into the annotation.
argocd login --core --name "${CLUSTER_FQDN}"
kubectl config set-context --current --namespace=argocd
cat > "helm_values-podinfo.yml" << EOF
ui:
message: "<path:${CLUSTER_FQDN}-PodinfoSecret#podinfo_secret_message>"
EOF
argocd app create podinfo \
--repo https://stefanprodan.github.io/podinfo --helm-chart podinfo --revision 6.3.6 \
--dest-namespace podinfo --dest-server https://kubernetes.default.svc \
--auto-prune --sync-option CreateNamespace=true --sync-policy auto \
--values-literal-file "helm_values-podinfo.yml"
argocd app create podinfo2 \
--repo https://github.com/stefanprodan/podinfo.git --path kustomize \
--dest-namespace podinfo2 --dest-server https://kubernetes.default.svc \
--kustomize-common-annotation "secret-test=<path:${CLUSTER_FQDN}-PodinfoSecret#podinfo_secret_message>" \
--auto-prune --sync-option CreateNamespace=true --sync-policy auto
Unfortunately the <path:... was not replaced by the password from the AWS Secret Manager as you can see it by checking the k8s objects:
❯ kubectl get pod -n podinfo -o yaml | grep -B2 '<path:' ⎈ k01/argocd
env:
- name: PODINFO_UI_MESSAGE
value: <path:k01.k8s.mylabs.dev-PodinfoSecret#podinfo_secret_message>
❯ kubectl get pod -n podinfo2 -o yaml | grep '<path:' ⎈ k01/argocd
secret-test: <path:k01.k8s.mylabs.dev-PodinfoSecret#podinfo_secret_message>
secret-test: <path:k01.k8s.mylabs.dev-PodinfoSecret#podinfo_secret_message>
I'm adding here the ArgoCD logs and few more details which may be handy. I was not able to find anything in the logs related to AVP :-( - it looks like AVP was not "properly" installed by the Helm Chart...
❯ kubectl stern -n argocd . ✘ INT 4s ⎈ k01/argocd
+ argo-cd-argocd-server-fb568f96d-4h4ng › server
+ argo-cd-argocd-applicationset-controller-588b76448-k2pdf › applicationset-controller
+ argo-cd-argocd-repo-server-54d8954bfd-mctbl › avp-helm
+ argo-cd-argocd-repo-server-54d8954bfd-mctbl › avp
+ argo-cd-argocd-repo-server-54d8954bfd-mctbl › avp-kustomize
+ argo-cd-argocd-repo-server-54d8954bfd-mctbl › repo-server
+ argo-cd-argocd-dex-server-56ffbf9fc8-ktz8n › dex-server
+ argo-cd-argocd-notifications-controller-7749b5c5b4-gb5wf › notifications-controller
+ argo-cd-argocd-application-controller-0 › application-controller
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="ArgoCD API Server is starting" built="2023-05-12T13:43:25Z" commit=cbee7e6011407ed2d1066c482db74e97e0cc6bdb namespace=argocd port=8080 version=v2.7.2+cbee7e6.dirty
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="Starting configmap/secret informers"
+ argo-cd-argocd-redis-86b6c546db-hrcfv › redis
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="Configmap/secret informer synced"
argo-cd-argocd-applicationset-controller-588b76448-k2pdf applicationset-controller time="2023-06-03T11:26:52Z" level=info msg="ArgoCD ApplicationSet Controller is starting" built="2023-05-12T13:43:25Z" commit=cbee7e6011407ed2d1066c482db74e97e0cc6bdb namespace=argocd version=v2.7.2+cbee7e6.dirty
argo-cd-argocd-applicationset-controller-588b76448-k2pdf applicationset-controller time="2023-06-03T11:26:53Z" level=info msg="Starting configmap/secret informers"
argo-cd-argocd-applicationset-controller-588b76448-k2pdf applicationset-controller time="2023-06-03T11:26:53Z" level=info msg="Configmap/secret informer synced"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="Initialized server signature"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="Initialized admin password"
argo-cd-argocd-applicationset-controller-588b76448-k2pdf applicationset-controller time="2023-06-03T11:26:53Z" level=info msg="Starting webhook server"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="Starting configmap/secret informers"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="configmap informer cancelled"
argo-cd-argocd-applicationset-controller-588b76448-k2pdf applicationset-controller time="2023-06-03T11:26:53Z" level=info msg="Starting manager"
argo-cd-argocd-applicationset-controller-588b76448-k2pdf applicationset-controller time="2023-06-03T11:27:52Z" level=debug msg="received create event from owning an application"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=warning msg="Unable to parse updated settings: server.secretkey is missing"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="Configmap/secret informer synced"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="secrets informer cancelled"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="Starting configmap/secret informers"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="configmap informer cancelled"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="Configmap/secret informer synced"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="secrets informer cancelled"
argo-cd-argocd-applicationset-controller-588b76448-k2pdf applicationset-controller time="2023-06-03T11:27:55Z" level=debug msg="received update event from owning an application"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="argocd v2.7.2+cbee7e6.dirty serving on port 8080 (url: , tls: false, namespace: argocd, sso: false)"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="Enabled application namespace patterns: argocd"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="0x4000c29f80 subscribed to settings updates"
argo-cd-argocd-applicationset-controller-588b76448-k2pdf applicationset-controller time="2023-06-03T11:27:55Z" level=debug msg="requeue: false caused by application podinfo\n"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="Starting rbac config informer"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:26:51Z" level=info msg="RBAC ConfigMap 'argocd-rbac-cm' added"
argo-cd-argocd-server-fb568f96d-4h4ng server time="2023-06-03T11:27:18Z" level=info msg="Notifying 1 settings subscribers: [0x4000c29f80]"
argo-cd-argocd-applicationset-controller-588b76448-k2pdf applicationset-controller time="2023-06-03T11:27:55Z" level=debug msg="received update event from owning an application"
argo-cd-argocd-applicationset-controller-588b76448-k2pdf applicationset-controller time="2023-06-03T11:27:55Z" level=debug msg="requeue: false caused by application podinfo\n"
...
...
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=debug msg="Refreshing app argocd/podinfo2 for change in cluster of object podinfo2/podinfo-5986769856-pnz46 of type v1/Pod"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="Refreshing app status (controller refresh requested), level (0)" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="No status changes. Skipping patch" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="Reconciliation completed" application=argocd/podinfo2 dest-name= dest-namespace=podinfo2 dest-server="https://kubernetes.default.svc" fields.level=0 time_ms=3
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=debug msg="Refreshing app argocd/podinfo2 for change in cluster of object podinfo2/podinfo-5986769856 of type apps/v1/ReplicaSet"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=debug msg="Refreshing app argocd/podinfo2 for change in cluster of object podinfo2/podinfo-zknc6 of type discovery.k8s.io/v1/EndpointSlice"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="Refreshing app status (controller refresh requested), level (0)" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="No status changes. Skipping patch" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="Reconciliation completed" application=argocd/podinfo2 dest-name= dest-namespace=podinfo2 dest-server="https://kubernetes.default.svc" fields.level=0 time_ms=2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="Refreshing app status (controller refresh requested), level (0)" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="No status changes. Skipping patch" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="Reconciliation completed" application=argocd/podinfo2 dest-name= dest-namespace=podinfo2 dest-server="https://kubernetes.default.svc" fields.level=0 time_ms=2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=debug msg="Refreshing app argocd/podinfo2 for change in cluster of object podinfo2/podinfo of type apps/v1/Deployment"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="Refreshing app status (controller refresh requested), level (1)" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="Comparing app state (cluster: https://kubernetes.default.svc, namespace: podinfo2)" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=debug msg="Generating Manifest for source {https://github.com/stefanprodan/podinfo.git kustomize nil &ApplicationSourceKustomize{NamePrefix:,NameSuffix:,Images:[],CommonLabels:map[string]string{},Version:,CommonAnnotations:map[string]string{secret-test: <path:k01.k8s.mylabs.dev-PodinfoSecret#podinfo_secret_message>,},ForceCommonLabels:false,ForceCommonAnnotations:false,Namespace:,CommonAnnotationsEnvsubst:false,Replicas:[]KustomizeReplica{},} nil nil } revision 073f1ec5aff930bd3411d33534e91cbe23302324"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="getRepoObjs stats" application=argocd/podinfo2 build_options_ms=0 helm_ms=0 plugins_ms=0 repo_ms=0 time_ms=12 unmarshal_ms=12 version_ms=0
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=debug msg="Retrieved live manifests" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="Skipping auto-sync: application status is Synced" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="No status changes. Skipping patch" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:30Z" level=info msg="Reconciliation completed" application=argocd/podinfo2 dedup_ms=0 dest-name= dest-namespace=podinfo2 dest-server="https://kubernetes.default.svc" diff_ms=12 fields.level=1 git_ms=12 health_ms=0 live_ms=0 settings_ms=0 sync_ms=0 time_ms=31
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:32Z" level=debug msg="Successfully saved info of 1 clusters"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=debug msg="Refreshing app argocd/podinfo2 for change in cluster of object podinfo2/podinfo-5986769856 of type apps/v1/ReplicaSet"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Refreshing app status (controller refresh requested), level (0)" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="No status changes. Skipping patch" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Reconciliation completed" application=argocd/podinfo2 dest-name= dest-namespace=podinfo2 dest-server="https://kubernetes.default.svc" fields.level=0 time_ms=2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=debug msg="Refreshing app argocd/podinfo2 for change in cluster of object podinfo2/podinfo of type apps/v1/Deployment"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Refreshing app status (controller refresh requested), level (1)" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Comparing app state (cluster: https://kubernetes.default.svc, namespace: podinfo2)" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=debug msg="Generating Manifest for source {https://github.com/stefanprodan/podinfo.git kustomize nil &ApplicationSourceKustomize{NamePrefix:,NameSuffix:,Images:[],CommonLabels:map[string]string{},Version:,CommonAnnotations:map[string]string{secret-test: <path:k01.k8s.mylabs.dev-PodinfoSecret#podinfo_secret_message>,},ForceCommonLabels:false,ForceCommonAnnotations:false,Namespace:,CommonAnnotationsEnvsubst:false,Replicas:[]KustomizeReplica{},} nil nil } revision 073f1ec5aff930bd3411d33534e91cbe23302324"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="getRepoObjs stats" application=argocd/podinfo2 build_options_ms=0 helm_ms=0 plugins_ms=0 repo_ms=0 time_ms=9 unmarshal_ms=9 version_ms=0
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=debug msg="Retrieved live manifests" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Skipping auto-sync: application status is Synced" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Updated health status: Progressing -> Healthy" application=podinfo2 dest-namespace=podinfo2 dest-server="https://kubernetes.default.svc" reason=ResourceUpdated type=Normal
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Update successful" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Reconciliation completed" application=argocd/podinfo2 dedup_ms=0 dest-name= dest-namespace=podinfo2 dest-server="https://kubernetes.default.svc" diff_ms=14 fields.level=1 git_ms=9 health_ms=0 live_ms=0 settings_ms=0 sync_ms=0 time_ms=65
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=debug msg="Refreshing app argocd/podinfo2 for change in cluster of object podinfo2/podinfo of type autoscaling/v2/HorizontalPodAutoscaler"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Refreshing app status (controller refresh requested), level (1)" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Comparing app state (cluster: https://kubernetes.default.svc, namespace: podinfo2)" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=debug msg="Generating Manifest for source {https://github.com/stefanprodan/podinfo.git kustomize nil &ApplicationSourceKustomize{NamePrefix:,NameSuffix:,Images:[],CommonLabels:map[string]string{},Version:,CommonAnnotations:map[string]string{secret-test: <path:k01.k8s.mylabs.dev-PodinfoSecret#podinfo_secret_message>,},ForceCommonLabels:false,ForceCommonAnnotations:false,Namespace:,CommonAnnotationsEnvsubst:false,Replicas:[]KustomizeReplica{},} nil nil } revision 073f1ec5aff930bd3411d33534e91cbe23302324"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="getRepoObjs stats" application=argocd/podinfo2 build_options_ms=0 helm_ms=0 plugins_ms=0 repo_ms=0 time_ms=9 unmarshal_ms=9 version_ms=0
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=debug msg="Retrieved live manifests" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Skipping auto-sync: application status is Synced" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Update successful" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:33Z" level=info msg="Reconciliation completed" application=argocd/podinfo2 dedup_ms=0 dest-name= dest-namespace=podinfo2 dest-server="https://kubernetes.default.svc" diff_ms=11 fields.level=1 git_ms=9 health_ms=0 live_ms=0 settings_ms=0 sync_ms=0 time_ms=36
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:42Z" level=debug msg="Successfully saved info of 1 clusters"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:48Z" level=debug msg="Refreshing app argocd/podinfo2 for change in cluster of object podinfo2/podinfo of type autoscaling/v2/HorizontalPodAutoscaler"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:48Z" level=info msg="Refreshing app status (controller refresh requested), level (1)" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:48Z" level=info msg="Comparing app state (cluster: https://kubernetes.default.svc, namespace: podinfo2)" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:48Z" level=debug msg="Generating Manifest for source {https://github.com/stefanprodan/podinfo.git kustomize nil &ApplicationSourceKustomize{NamePrefix:,NameSuffix:,Images:[],CommonLabels:map[string]string{},Version:,CommonAnnotations:map[string]string{secret-test: <path:k01.k8s.mylabs.dev-PodinfoSecret#podinfo_secret_message>,},ForceCommonLabels:false,ForceCommonAnnotations:false,Namespace:,CommonAnnotationsEnvsubst:false,Replicas:[]KustomizeReplica{},} nil nil } revision 073f1ec5aff930bd3411d33534e91cbe23302324"
argo-cd-argocd-repo-server-54d8954bfd-mctbl repo-server time="2023-06-03T11:28:48Z" level=debug msg="getting manifests cache" appName=podinfo2 appSrc="{\"appSrc\":{\"repoURL\":\"\",\"path\":\"kustomize\",\"kustomize\":{\"commonAnnotations\":{\"secret-test\":\"\\u003cpath:k01.k8s.mylabs.dev-PodinfoSecret#podinfo_secret_message\\u003e\"}}},\"srcRefs\":{}}" clusterInfo="1.25+|acme.cert-manager.io/v1,acme.cert-manager.io/v1/Challenge,acme.cert-manager.io/v1/Order,admissionregistration.k8s.io/v1,admissionregistration.k8s.io/v1/MutatingWebhookConfiguration,admissionregistration.k8s.io/v1/ValidatingWebhookConfiguration,apiextensions.k8s.io/v1,apiextensions.k8s.io/v1/CustomResourceDefinition,apiregistration.k8s.io/v1,apiregistration.k8s.io/v1/APIService,apps/v1,apps/v1/ControllerRevision,apps/v1/DaemonSet,apps/v1/Deployment,apps/v1/ReplicaSet,apps/v1/StatefulSet,argoproj.io/v1alpha1,argoproj.io/v1alpha1/AppProject,argoproj.io/v1alpha1/Application,argoproj.io/v1alpha1/ApplicationSet,autoscaling/v1,autoscaling/v1/HorizontalPodAutoscaler,autoscaling/v2,autoscaling/v2/HorizontalPodAutoscaler,autoscaling/v2beta2,autoscaling/v2beta2/HorizontalPodAutoscaler,batch/v1,batch/v1/CronJob,batch/v1/Job,cert-manager.io/v1,cert-manager.io/v1/Certificate,cert-manager.io/v1/CertificateRequest,cert-manager.io/v1/ClusterIssuer,cert-manager.io/v1/Issuer,certificates.k8s.io/v1,certificates.k8s.io/v1/CertificateSigningRequest,coordination.k8s.io/v1,coordination.k8s.io/v1/Lease,crd.k8s.amazonaws.com/v1alpha1,crd.k8s.amazonaws.com/v1alpha1/ENIConfig,discovery.k8s.io/v1,discovery.k8s.io/v1/EndpointSlice,events.k8s.io/v1,events.k8s.io/v1/Event,flowcontrol.apiserver.k8s.io/v1beta1,flowcontrol.apiserver.k8s.io/v1beta1/FlowSchema,flowcontrol.apiserver.k8s.io/v1beta1/PriorityLevelConfiguration,flowcontrol.apiserver.k8s.io/v1beta2,flowcontrol.apiserver.k8s.io/v1beta2/FlowSchema,flowcontrol.apiserver.k8s.io/v1beta2/PriorityLevelConfiguration,forecastle.stakater.com/v1alpha1,forecastle.stakater.com/v1alpha1/ForecastleApp,karpenter.k8s.aws/v1alpha1,karpenter.k8s.aws/v1alpha1/AWSNodeTemplate,karpenter.sh/v1alpha5,karpenter.sh/v1alpha5/Provisioner,monitoring.coreos.com/v1,monitoring.coreos.com/v1/Alertmanager,monitoring.coreos.com/v1/PodMonitor,monitoring.coreos.com/v1/Probe,monitoring.coreos.com/v1/Prometheus,monitoring.coreos.com/v1/PrometheusRule,monitoring.coreos.com/v1/ServiceMonitor,monitoring.coreos.com/v1/ThanosRuler,monitoring.coreos.com/v1alpha1,monitoring.coreos.com/v1alpha1/AlertmanagerConfig,networking.k8s.io/v1,networking.k8s.io/v1/Ingress,networking.k8s.io/v1/IngressClass,networking.k8s.io/v1/NetworkPolicy,node.k8s.io/v1,node.k8s.io/v1/RuntimeClass,policy/v1,policy/v1/PodDisruptionBudget,rbac.authorization.k8s.io/v1,rbac.authorization.k8s.io/v1/ClusterRole,rbac.authorization.k8s.io/v1/ClusterRoleBinding,rbac.authorization.k8s.io/v1/Role,rbac.authorization.k8s.io/v1/RoleBinding,scheduling.k8s.io/v1,scheduling.k8s.io/v1/PriorityClass,storage.k8s.io/v1,storage.k8s.io/v1/CSIDriver,storage.k8s.io/v1/CSINode,storage.k8s.io/v1/CSIStorageCapacity,storage.k8s.io/v1/StorageClass,storage.k8s.io/v1/VolumeAttachment,storage.k8s.io/v1beta1,storage.k8s.io/v1beta1/CSIStorageCapacity,v1,v1/ConfigMap,v1/Endpoints,v1/Event,v1/LimitRange,v1/Namespace,v1/Node,v1/PersistentVolume,v1/PersistentVolumeClaim,v1/Pod,v1/PodTemplate,v1/ReplicationController,v1/ResourceQuota,v1/Secret,v1/Service,v1/ServiceAccount,vpcresources.k8s.aws/v1beta1,vpcresources.k8s.aws/v1beta1/SecurityGroupPolicy" namespace=podinfo2 reason="GenerateManifest API call" revision=073f1ec5aff930bd3411d33534e91cbe23302324 trackingKey=argocd.argoproj.io/instance
argo-cd-argocd-repo-server-54d8954bfd-mctbl repo-server time="2023-06-03T11:28:48Z" level=info msg="manifest cache hit: &ApplicationSource{RepoURL:https://github.com/stefanprodan/podinfo.git,Path:kustomize,TargetRevision:,Helm:nil,Kustomize:&ApplicationSourceKustomize{NamePrefix:,NameSuffix:,Images:[],CommonLabels:map[string]string{},Version:,CommonAnnotations:map[string]string{secret-test: <path:k01.k8s.mylabs.dev-PodinfoSecret#podinfo_secret_message>,},ForceCommonLabels:false,ForceCommonAnnotations:false,Namespace:,CommonAnnotationsEnvsubst:false,Replicas:[]KustomizeReplica{},},Directory:nil,Plugin:nil,Chart:,Ref:,}/073f1ec5aff930bd3411d33534e91cbe23302324"
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:48Z" level=info msg="getRepoObjs stats" application=argocd/podinfo2 build_options_ms=0 helm_ms=0 plugins_ms=0 repo_ms=0 time_ms=11 unmarshal_ms=10 version_ms=0
argo-cd-argocd-repo-server-54d8954bfd-mctbl repo-server time="2023-06-03T11:28:48Z" level=info msg="finished unary call with code OK" grpc.code=OK grpc.method=GenerateManifest grpc.service=repository.RepoServerService grpc.start_time="2023-06-03T11:28:48Z" grpc.time_ms=1.513 span.kind=server system=grpc
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:48Z" level=debug msg="Retrieved live manifests" application=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:48Z" level=info msg="Skipping auto-sync: application status is Synced" application=argocd/podinfo2
argo-cd-argocd-notifications-controller-7749b5c5b4-gb5wf notifications-controller time="2023-06-03T11:28:48Z" level=info msg="Start processing" resource=argocd/podinfo2
argo-cd-argocd-applicationset-controller-588b76448-k2pdf applicationset-controller time="2023-06-03T11:28:48Z" level=debug msg="received update event from owning an application"
argo-cd-argocd-applicationset-controller-588b76448-k2pdf applicationset-controller time="2023-06-03T11:28:48Z" level=debug msg="requeue: false caused by application podinfo2\n"
argo-cd-argocd-notifications-controller-7749b5c5b4-gb5wf notifications-controller time="2023-06-03T11:28:48Z" level=debug msg="SyncStatus up-to-date (FinishedAt=2023-06-03 11:28:03 +0000 UTC, ReconciledAt=2023-06-03 11:28:03 +0000 UTC, Observed=0001-01-01 00:00:00 +0000 UTC" app=podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:48Z" level=info msg="Update successful" application=argocd/podinfo2
argo-cd-argocd-notifications-controller-7749b5c5b4-gb5wf notifications-controller time="2023-06-03T11:28:48Z" level=info msg="Processing completed" resource=argocd/podinfo2
argo-cd-argocd-application-controller-0 application-controller time="2023-06-03T11:28:48Z" level=info msg="Reconciliation completed" application=argocd/podinfo2 dedup_ms=0 dest-name= dest-namespace=podinfo2 dest-server="https://kubernetes.default.svc" diff_ms=11 fields.level=1 git_ms=11 health_ms=0 live_ms=0 settings_ms=0 sync_ms=0 time_ms=41
❯ kubectl get configmaps -n argocd argocd-cmp-cm -o yaml ⎈ k01/argocd
apiVersion: v1
data:
avp-helm.yaml: |
apiVersion: argoproj.io/v1alpha1
kind: ConfigManagementPlugin
metadata:
name: avp-helm
spec:
allowConcurrency: true
discover:
find:
command:
- sh
- -c
- find . -name 'Chart.yaml' && find . -name 'values.yaml'
generate:
command:
- sh
- -c
- |
helm template $ARGOCD_APP_NAME -n $ARGOCD_APP_NAMESPACE -f <(echo "$ARGOCD_ENV_helm_values") . |
argocd-vault-plugin generate --verbose-sensitive-output -
lockRepo: false
avp-kustomize.yaml: |
apiVersion: argoproj.io/v1alpha1
kind: ConfigManagementPlugin
metadata:
name: avp-kustomize
spec:
allowConcurrency: true
discover:
find:
command:
- find
- .
- -name
- kustomization.yaml
generate:
command:
- sh
- -c
- kustomize build . | argocd-vault-plugin generate --verbose-sensitive-output -
lockRepo: false
avp.yaml: |
apiVersion: argoproj.io/v1alpha1
kind: ConfigManagementPlugin
metadata:
name: avp
spec:
allowConcurrency: true
discover:
find:
command:
- sh
- -c
- find . -name '*.yaml' | xargs -I {} grep "<path\|avp\.kubernetes\.io" {} | grep
.
generate:
command:
- argocd-vault-plugin
- generate
- --verbose-sensitive-output
- .
lockRepo: false
kind: ConfigMap
metadata:
annotations:
meta.helm.sh/release-name: argo-cd
meta.helm.sh/release-namespace: argocd
creationTimestamp: "2023-06-03T11:26:42Z"
labels:
app.kubernetes.io/component: repo-server
app.kubernetes.io/instance: argo-cd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: argocd-cmp-cm
app.kubernetes.io/part-of: argocd
helm.sh/chart: argo-cd-5.34.3
name: argocd-cmp-cm
namespace: argocd
resourceVersion: "45517"
uid: a2f85e36-1624-4c12-ad9a-81f5403d89a0
❯ kubectl get deployments.apps -n argocd argo-cd-argocd-repo-server -o yaml
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
meta.helm.sh/release-name: argo-cd
meta.helm.sh/release-namespace: argocd
creationTimestamp: "2023-06-03T11:26:44Z"
generation: 1
labels:
app.kubernetes.io/component: repo-server
app.kubernetes.io/instance: argo-cd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: argocd-repo-server
app.kubernetes.io/part-of: argocd
helm.sh/chart: argo-cd-5.34.3
name: argo-cd-argocd-repo-server
namespace: argocd
resourceVersion: "45891"
uid: 39374828-f8f4-4aff-b0ef-0cb2ac300fd2
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 3
selector:
matchLabels:
app.kubernetes.io/instance: argo-cd
app.kubernetes.io/name: argocd-repo-server
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
annotations:
checksum/cmd-params: 1cb5093b9ad60f5b922cd45344817a68602339c21fd7f5f34f94327f03920a1a
creationTimestamp: null
labels:
app.kubernetes.io/component: repo-server
app.kubernetes.io/instance: argo-cd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: argocd-repo-server
app.kubernetes.io/part-of: argocd
helm.sh/chart: argo-cd-5.34.3
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: argocd-repo-server
topologyKey: kubernetes.io/hostname
weight: 100
containers:
- args:
- /usr/local/bin/argocd-repo-server
- --port=8081
- --metrics-port=8084
env:
- name: AVP_TYPE
value: awssecretsmanager
- name: ARGOCD_RECONCILIATION_TIMEOUT
valueFrom:
configMapKeyRef:
key: timeout.reconciliation
name: argocd-cm
optional: true
- name: ARGOCD_REPO_SERVER_LOGFORMAT
valueFrom:
configMapKeyRef:
key: reposerver.log.format
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_LOGLEVEL
valueFrom:
configMapKeyRef:
key: reposerver.log.level
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_PARALLELISM_LIMIT
valueFrom:
configMapKeyRef:
key: reposerver.parallelism.limit
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_DISABLE_TLS
valueFrom:
configMapKeyRef:
key: reposerver.disable.tls
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_TLS_MIN_VERSION
valueFrom:
configMapKeyRef:
key: reposerver.tls.minversion
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_TLS_MAX_VERSION
valueFrom:
configMapKeyRef:
key: reposerver.tls.maxversion
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_TLS_CIPHERS
valueFrom:
configMapKeyRef:
key: reposerver.tls.ciphers
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_CACHE_EXPIRATION
valueFrom:
configMapKeyRef:
key: reposerver.repo.cache.expiration
name: argocd-cmd-params-cm
optional: true
- name: REDIS_SERVER
valueFrom:
configMapKeyRef:
key: redis.server
name: argocd-cmd-params-cm
optional: true
- name: REDIS_COMPRESSION
valueFrom:
configMapKeyRef:
key: redis.compression
name: argocd-cmd-params-cm
optional: true
- name: REDISDB
valueFrom:
configMapKeyRef:
key: redis.db
name: argocd-cmd-params-cm
optional: true
- name: REDIS_USERNAME
valueFrom:
secretKeyRef:
key: redis-username
name: argo-cd-argocd-redis
optional: true
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
key: redis-password
name: argo-cd-argocd-redis
optional: true
- name: ARGOCD_DEFAULT_CACHE_EXPIRATION
valueFrom:
configMapKeyRef:
key: reposerver.default.cache.expiration
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_OTLP_ADDRESS
valueFrom:
configMapKeyRef:
key: otlp.address
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_MAX_COMBINED_DIRECTORY_MANIFESTS_SIZE
valueFrom:
configMapKeyRef:
key: reposerver.max.combined.directory.manifests.size
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_PLUGIN_TAR_EXCLUSIONS
valueFrom:
configMapKeyRef:
key: reposerver.plugin.tar.exclusions
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS
valueFrom:
configMapKeyRef:
key: reposerver.allow.oob.symlinks
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_TAR_SIZE
valueFrom:
configMapKeyRef:
key: reposerver.streamed.manifest.max.tar.size
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_EXTRACTED_SIZE
valueFrom:
configMapKeyRef:
key: reposerver.streamed.manifest.max.extracted.size
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_GIT_MODULES_ENABLED
valueFrom:
configMapKeyRef:
key: reposerver.enable.git.submodule
name: argocd-cmd-params-cm
optional: true
- name: HELM_CACHE_HOME
value: /helm-working-dir
- name: HELM_CONFIG_HOME
value: /helm-working-dir
- name: HELM_DATA_HOME
value: /helm-working-dir
image: quay.io/argoproj/argocd:v2.7.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz?full=true
port: metrics
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
name: repo-server
ports:
- containerPort: 8081
name: repo-server
protocol: TCP
- containerPort: 8084
name: metrics
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: metrics
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /app/config/ssh
name: ssh-known-hosts
- mountPath: /app/config/tls
name: tls-certs
- mountPath: /app/config/gpg/source
name: gpg-keys
- mountPath: /app/config/gpg/keys
name: gpg-keyring
- mountPath: /app/config/reposerver/tls
name: argocd-repo-server-tls
- mountPath: /helm-working-dir
name: helm-working-dir
- mountPath: /home/argocd/cmp-server/plugins
name: plugins
- mountPath: /tmp
name: tmp
- command:
- /var/run/argocd/argocd-cmp-server
image: quay.io/argoproj/argocd:v2.7.2
imagePullPolicy: IfNotPresent
name: avp
resources: {}
securityContext:
runAsNonRoot: true
runAsUser: 999
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/argocd
name: var-files
- mountPath: /home/argocd/cmp-server/plugins
name: plugins
- mountPath: /tmp
name: tmp
- mountPath: /home/argocd/cmp-server/config/plugin.yaml
name: argocd-cmp-cm
subPath: avp.yaml
- mountPath: /usr/local/bin/argocd-vault-plugin
name: custom-tools
subPath: argocd-vault-plugin
- command:
- /var/run/argocd/argocd-cmp-server
image: quay.io/argoproj/argocd:v2.7.2
imagePullPolicy: IfNotPresent
name: avp-helm
resources: {}
securityContext:
runAsNonRoot: true
runAsUser: 999
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/argocd
name: var-files
- mountPath: /home/argocd/cmp-server/plugins
name: plugins
- mountPath: /tmp
name: tmp
- mountPath: /home/argocd/cmp-server/config/plugin.yaml
name: argocd-cmp-cm
subPath: avp-helm.yaml
- mountPath: /usr/local/bin/argocd-vault-plugin
name: custom-tools
subPath: argocd-vault-plugin
- command:
- /var/run/argocd/argocd-cmp-server
image: quay.io/argoproj/argocd:v2.7.2
imagePullPolicy: IfNotPresent
name: avp-kustomize
resources: {}
securityContext:
runAsNonRoot: true
runAsUser: 999
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/argocd
name: var-files
- mountPath: /home/argocd/cmp-server/plugins
name: plugins
- mountPath: /tmp
name: tmp
- mountPath: /home/argocd/cmp-server/config/plugin.yaml
name: argocd-cmp-cm
subPath: avp-kustomize.yaml
- mountPath: /usr/local/bin/argocd-vault-plugin
name: custom-tools
subPath: argocd-vault-plugin
dnsPolicy: ClusterFirst
initContainers:
- command:
- /bin/cp
- -n
- /usr/local/bin/argocd
- /var/run/argocd/argocd-cmp-server
image: quay.io/argoproj/argocd:v2.7.2
imagePullPolicy: IfNotPresent
name: copyutil
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/argocd
name: var-files
- args:
- wget -O argocd-vault-plugin https://github.com/argoproj-labs/argocd-vault-plugin/releases/download/v${AVP_VERSION}/argocd-vault-plugin_${AVP_VERSION}_linux_${AVP_ARCHITECTURE}
&& chmod +x argocd-vault-plugin && mv argocd-vault-plugin /custom-tools/
command:
- sh
- -c
env:
- name: AVP_VERSION
value: 1.14.0
- name: AVP_ARCHITECTURE
value: arm64
image: alpine:latest
imagePullPolicy: Always
name: download-tools
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /custom-tools
name: custom-tools
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: argocd-repo-server
serviceAccountName: argocd-repo-server
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 420
name: argocd-cmp-cm
name: argocd-cmp-cm
- emptyDir: {}
name: custom-tools
- emptyDir: {}
name: helm-working-dir
- emptyDir: {}
name: plugins
- emptyDir: {}
name: var-files
- emptyDir: {}
name: tmp
- configMap:
defaultMode: 420
name: argocd-ssh-known-hosts-cm
name: ssh-known-hosts
- configMap:
defaultMode: 420
name: argocd-tls-certs-cm
name: tls-certs
- configMap:
defaultMode: 420
name: argocd-gpg-keys-cm
name: gpg-keys
- emptyDir: {}
name: gpg-keyring
- name: argocd-repo-server-tls
secret:
defaultMode: 420
items:
- key: tls.crt
path: tls.crt
- key: tls.key
path: tls.key
- key: ca.crt
path: ca.crt
optional: true
secretName: argocd-repo-server-tls
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2023-06-03T11:27:15Z"
lastUpdateTime: "2023-06-03T11:27:15Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2023-06-03T11:26:44Z"
lastUpdateTime: "2023-06-03T11:27:15Z"
message: ReplicaSet "argo-cd-argocd-repo-server-54d8954bfd" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1
Thank you...
