{"id":18431951,"url":"https://github.com/jessebot/argo-example","last_synced_at":"2025-04-14T01:19:12.567Z","repository":{"id":85031671,"uuid":"495290028","full_name":"jessebot/argo-example","owner":"jessebot","description":"Get started with ArgoCD :)","archived":false,"fork":false,"pushed_at":"2022-08-18T08:54:40.000Z","size":1931,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-02-16T09:25:48.960Z","etag":null,"topics":["argocd","argocd-demo","helm","k8s","kubernetes"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jessebot.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-05-23T06:47:27.000Z","updated_at":"2022-08-14T13:21:05.000Z","dependencies_parsed_at":null,"dependency_job_id":"4a84b919-449f-4309-a691-90cd09f74c6f","html_url":"https://github.com/jessebot/argo-example","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jessebot%2Fargo-example","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jessebot%2Fargo-example/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jessebot%2Fargo-example/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jessebot%2Fargo-example/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jessebot","download_url":"https://codeload.github.com/jessebot/argo-example/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248804901,"owners_count":21164149,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["argocd","argocd-demo","helm","k8s","kubernetes"],"created_at":"2024-11-06T05:26:56.561Z","updated_at":"2025-04-14T01:19:12.537Z","avatar_url":"https://github.com/jessebot.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# ArgoCD on K8s (now with secrets)\nJust a quick example of how to set up a test Kuberentes (k8s) environment with KIND, and then use ArgoCD for k8s config management and then we'll also setup bitnami's sealed secret for you (This will allow you to encrypt secrets so they are safe for git checkin) :) In the future, we'll support other secret solutions, but as this is geared towards a homelab, at this time, we won't be supporting Vault, as to be secure, and match production, we'd need a multinode cluster, which is not always feasible for smaller labs. \n\n## Tech stack\n| App/Tool | Reason |\n|:--------:|:-------|\n| [Docker](https://www.docker.com/get-started/)         | for the containers |\n| [KIND](https://kind.sigs.k8s.io/)                     |  Tool to spin up a [Kubernetes](https://kubernetes.io/docs/concepts/overview/what-is-kubernetes/) [CLUSTER](media/peridot.png) in Docker, which we use to scale containers :3 |\n| [helm2/helm3](https://helm.sh/docs/intro/quickstart/) | installs k8s apps (mostly a bunch of k8s yamls) |\n| [Argo CD](https://argo-cd.readthedocs.io/en/stable/)   | Continuous Delivery for k8s, from within k8s |\n| [sealed-secrets](https://github.com/bitnami-labs/sealed-secrets) | generation of secrets as encrypted blobs so you can check secrets into git |\n\n\n## Pre-Requisites\n- [brew](https://brew.sh/) - Missing package manager for Mac (also supports Linux)\n\n\u003cdetails\u003e\n  \u003csummary\u003emacOS\u003c/summary\u003e\n\n  Make sure you have the [`Brewfile`](./deps/Brewfile) from this repo and then run:\n\n  ```bash\n    # MacOS only\n    brew bundle install deps/Brewfile\n  ```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n  \u003csummary\u003eLinux\u003c/summary\u003e\n\n  ### LinuxBrew\n\n  Make sure you have the [`Brewfile_linux`](./deps/Brewfile_linux) from this repo and then run:\n\n  ```bash\n  # Linux only\n  brew bundle install deps/Brewfile_linux\n  ```\n  \n  ### apt (On Debian distros)\n\n  ```bash\n  # Debian based distros only\n  .deps/apt_dep_installation.sh\n  ```\n\n\u003c/details\u003e\n\n# Installation\nCreate a kubernetes cluster. If you don't have one, expand and follow the \"Create a KIND Cluster\" section.\n\u003cdetails\u003e\n  \u003csummary\u003eCreate a KIND Cluster\u003c/summary\u003e\n\n  This is from the my other homelab repo, [smol_k8s_homelab](https://github.com/jessebot/smol_k8s_homelab/),\n  and will install KIND with the proper ingress controller resources as well as metallb so you can locally route your install :) \n\n  ```bash\n    # You can look at exactly what this does in https://raw.githubusercontent.com/jessebot/smol_k8s_homelab/main/kind/README.md\n    /bin/bash -c \"$(curl -fsSL https://raw.githubusercontent.com/jessebot/smol_k8s_homelab/main/kind/bash_full_quickstart.sh)\"\n\n    # tip: use :quit to exit k9s, you can also use :q similar to vim\n  ```\n\n\u003c/details\u003e\n\nNow that we have a local k8s cluster, let's get Argo and Bitnami Sealed Secrets up and running!\n\n## Sealed Secrets\nThis is a Bitnami project, so we'll need to first add their helm chart repo:\n```bash\nhelm repo add https://bitnami-labs.github.io/sealed-secrets\nhelm repo update\n```\n\nThen you can install the helm chart like this:\n```bash\nhelm install sealed-secrets -n sealed-secrets --create-namespace --set namespace=\"sealed-secrets\" sealed-secrets/sealed-secrets\n```\n\nThat's it :D Onto argocd~!\n\n## ArgoCD\nWe'll be installing the [argo-helm repo argo-cd chart](https://github.com/argoproj/argo-helm/blob/master/charts/argo-cd/).\nRun the following helm commands to add the helm repo first:\n\n```bash\n# add the repo and update\nhelm repo add argo-cd https://argoproj.github.io/argo-helm\nhelm repo update\n```\n\nNext, go into `values.yml` in this repo and change line 10 from `selfhosting4dogs.com` to a domain of your choosing :)\n```yaml\n   hosts:\n     - \"argocd.selfhosting4dogs.com\"\n```\n\nThe next thing you need to do do is install the chart with:\n```bash\nhelm install argocd argo-cd/argo-cd -n argocd --create-namespace --values values.yml\n```\n\n## Argo via the GUI\nAssuming this is a local homelab setup, you'll need to either go into your router and update your DNS or you can update your `/etc/hosts` file to route this to the local IP of this cluster. For example, here's my `/etc/hosts`:\n\n```\n127.0.0.1       localhost argocd.selfhosting4dogs.com\n```\n\nThen, you should be able to go to http://argocd.selfhosting4dogs.com in a browser.\n\nYou can now login with the default username, `admin`, and auto-generated password from this k8s secret:\n```bash\nkubectl get secret argocd-initial-admin-secret -o jsonpath=\"{.data.password}\" -n argo-cd | base64 -d\n```\n\n## Argo via the CLI\nFirst you should generate cli completion for your shell of choice. In my case, it was BASH:\n```bash\nargocd completion bash \u003e ~/.bashrc_argocd\nsource ~/.bashrc_argocd\n```\n\nGrab the exact host from the output of the checking the ingress:\n```bash\nkubectl get ing -A\nNAMESPACE   NAME                    CLASS   HOSTS                           ADDRESS      PORTS    AGE\nargocd      argo-cd-argocd-server   nginx   argocd.selfhosting4dogs.com   192.168.72.22   80      31s\n```\n\nGet your password here.\n```bash\n   kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath=\"{.data.password}\" | base64 -d\n```\n\nThis you should be able to login like so:\n```bash\n  argocd login --username admin --password mysupercoolplaintextpassword argocd.selfhosting4dogs.com --grpc-web\n```\n\nWhich should return something like this:\n```\n'admin:login' logged in successfully\nContext 'argocd.selfhosting4dogs.com' updated\n```\n\nNow you can do things like this, checking your active argocd repos:\n```\nargocd repo list --grpc-web\n```\n\n### Adding an Application example\nLet's try an easy one first :) We'll use my [example prometheus repo](https://github.com/jessebot/prometheus_example) get your monitoring working in this cluster:\n\n```bash\n# this adds the repo as something argo CD has access to\nargocd repo add https://github.com/jessebot/prometheus_example\n\n# This creates the app, and the namespace it will live in\nargocd app create prometheus --repo https://github.com/jessebot/prometheus_example.git --dest-namespace monitoring --dest-server https://kubernetes.default.svc --path . --sync-policy auto --sync-option CreateNamespace=true\n```\n\n### Now for an example with a sealed secret\nComing soon. Working on a fancy repo to demo this with nextcloud :D\n\n# Cleanup\nTo delete the kind cluster:\n```bash\nkind delete cluster\n```\n\nTo just uninstall everything we installed for argocd and sealed secrets:\n```bash\nhelm uninstall argo-cd -n argocd\nhelm uninstall sealed-secrets -n sealed-secrets\n```\n\n# Notes\n\n## Troubleshooting\n### How to fix crd-install issue (Skip if no issue on `helm install`)\n*Why and How*\nYou would see this:\n```bash\n$ helm install argo-cd charts/argo/\nmanifest_sorter.go:192: info: skipping unknown hook: \"crd-install\"\nmanifest_sorter.go:192: info: skipping unknown hook: \"crd-install\"\nNAME: argo-cd\nLAST DEPLOYED: Wed May 11 10:53:55 2022\nNAMESPACE: default\nSTATUS: deployed\nREVISION: 1\nTEST SUITE: None\n```\n\nYou need those CRDs, or the pod will just crash loop, and then when you try to follow the next logical step of port-forwarding to test the frontend, you'll get something like this, when you actually test it:\n```bash\n$ kubectl port-forward svc/argo-cd-argocd-server 8080:443\nForwarding from 127.0.0.1:8080 -\u003e 8080\nForwarding from [::1]:8080 -\u003e 8080\nHandling connection for 8080\n```\n\nWhich seems fine, but when you go to http://localhost:8080 in your browser you'll see this in stdout in your terminal:\n```\nE0511 11:07:43.094956   46063 portforward.go:406] an error occurred forwarding 8080 -\u003e 8080: error forwarding port 8080 to pod 53c2b12a3c748bb2c9acd763ed898c5261227ca4b359c047ec264608cbc67058, uid : failed to execute portforward in network namespace \"/var/run/netns/cni-84865981-c6a2-6e6d-1ce1-336602591e41\": failed to connect to localhost:8080 inside namespace \"53c2b12a3c748bb2c9acd763ed898c5261227ca4b359c047ec264608cbc67058\", IPv4: dial tcp4 127.0.0.1:8080: connect: connection refused IPv6 dial tcp6 [::1]:8080: connect: connection refused\nE0511 11:07:43.095553   46063 portforward.go:234] lost connection to pod\nHandling connection for 8080\nE0511 11:07:43.096354   46063 portforward.go:346] error creating error stream for port 8080 -\u003e 8080: EOF\n```\n\nThis happens because you're using an older version of argoCD, and is apparently because of [this issue](https://github.com/bitnami/charts/issues/7972) and is fixed by [this](https://github.com/helm/helm/issues/6930), so you can just update your version.\n\n*Fix*\nUpdate `version` of your `charts/argo/Chart.yaml` to at least 4.6.0 (cause that's what worked for me :D)\n\nThen you'll need to rerun the dep update:\n```bash\nhelm dep update charts/argo/\n```\n\nFollowed by uninstalling, and then reinstalling:\n```bash\n$ helm uninstall argo-cd\nrelease \"argo-cd\" uninstalled\n```\n\n## Other Tips\n\nWanna have argo manage itself? Check out [Arthur's guide](https://www.arthurkoziel.com/setting-up-argocd-with-helm/), which I found really helpful.\n\nStill interested in Vault with ArgoCD? Check out the following:\n- [ArgoCD Vault Plugin](https://argocd-vault-plugin.readthedocs.io/en/stable/installation/) - ArgoCD with Vault\n- [ArgoCD Vault Replacer](https://github.com/crumbhole/argocd-vault-replacer) - for replacing secrets with vault values\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjessebot%2Fargo-example","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjessebot%2Fargo-example","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjessebot%2Fargo-example/lists"}