search

argoproj / argo-cd

Declarative Continuous Deployment for Kubernetes
https://argo-cd.readthedocs.io
Apache License 2.0
17.86k stars 5.45k forks source link

Update documentation to use different image example for sidecar container #17885

Open raweber42 opened 6 months ago

raweber42 commented 6 months ago

Summary

In the documentation about CMP plugins via sidecar containers, it is recommended (or at least given as example) to use busybox as the image for your sidecar container. This should be changed imho, as this does not work properly if you are trying to install argocd-vault as a plugin. See also here: https://github.com/argoproj/argo-cd/issues/13539#issuecomment-1714696123

Motivation

A lot of people are using argocd-vault as a plugin. They should be provided with documentation that works out of the box for their usecase. It has to be an image that includes ca-certificates. Otherwise they will run into the following bug which I ran into myself:

Could not find secret: rpc error: code = Unavailable desc = connection error: desc = \"transport: authentication handshake failed: tls: failed to verify certificate: x509: certificate signed by unknown authority

Proposal

Update the documentation here and here to an image which includes ca-certificates. Or at least add a note for vault-plugin users.

In the vault-plugin documentation they use a different image: https://argocd-vault-plugin.readthedocs.io/en/stable/installation/#initcontainer-and-configuration-via-sidecar

crenshaw-dev commented 6 months ago

I'd be fine with Ubuntu. I didn't pick Busybox for any particular reason in that example. Would gladly review a docs PR