Closed Zoli8501 closed 4 months ago
Made some progress, plugin is now visible in argocd, can be selected but when creating new app following
error appears:
Unable to create application: application spec for root-app is invalid: InvalidSpecError: Unable to generate manifests in .: rpc error: code = Unknown desc = plugin sidecar failed. error generating manifests in cmp: rpc error: code = Unknown desc = error generating manifests: argocd-vault-plugin generate -s vault-kubernetes
failed exit status 1: Error:
cmp-plugin: apiVersion: v1 kind: ConfigMap metadata: name: cmp-plugin namespace: argocd data: avp.yaml: | apiVersion: argoproj.io/v1alpha1 kind: ConfigManagementPlugin metadata: name: argocd-vault-plugin spec: allowConcurrency: true discover: find: command:
somehow it not mounted: $ printenv | grep "AVP" $ $
but mountpath and volummounts are there in the configuration:
- mountPath: /home/argocd/cmp-server/config/plugin.yaml
name: cmp-plugin
subPath: avp.yaml
..
volumes:
I try to activate the plugin for argocd in helm chart, configmaps are argocd-cmp-cm and argocd-cm.
configuration of argocd-cm: configManagementPlugins: |
the cmp-plugin in argocd-cmp-cm: plugins:
--- First plugin
and the plugin configuration part: extraContainers:
command:
initContainers:
args:
-- Additional volumeMounts to the repo server main container
volumeMounts: []
-- Additional volumes to the repo server pod
volumes:
-- envFrom to pass to repo server
@default --
[]
(See [values.yaml])envFrom:
backend secret is root token of vault: data: AVP_AUTH_TYPE: vault VAULT_ADDR: ... AVP_AUTH_TYPE: token AVP_TYPE: vault VAULT_TOKEN: ... kind: Secret
Argocd app manifest:
apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: opensearch namespace: argocd spec: project: hccs destination: server: {{ .Values.spec.destination.server }} namespace: opensearch sources:
and the secret: kind: Secret apiVersion: v1 metadata: name: opensearch annotations: avp.kubernetes.io/path: "secret/data/opensearch" type: Opaque stringData: password:
in argocd the secret will be syncronized but password substitution is not happening...
I also tried to add manually cmp-plugin configmap: apiVersion: v1 kind: ConfigMap metadata: name: cmp-plugin data: avp.yaml: | apiVersion: argoproj.io/v1alpha1 kind: ConfigManagementPlugin metadata: name: argocd-vault-plugin spec: allowConcurrency: true discover: find: command:
but also not working...
Thank you for your support.