Argocd behind nginx oidc not working

[onkar6699]

I have started argocd behind nginx data: url: https://argocd.example.com

nignx conf server { listen 80; server_name argo.example.com;

location / {
    proxy_pass http://argocd-server.default.svc.cluster.local:80;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}

}

what url should i provide ? under data? public facing URL?

[onkar6699]

@cardoe @farcaller @ncdc @gpaul can someone please help me?

[andrii-korotkov-verkada]

Can you provide more details about where is this url configured and how does nginx config used, please? Also, what's the argocd server version?

[onkar6699]

@andrii-korotkov-verkada please find below config I have nginx and proxy pass to argocd-server.argpcd.svc.cluster.local service

I have added nginx url in both argocd conf and IDP redirect url but still getting error

[onkar6699]

argocd: v2.12.6+4dab5bd BuildDate: 2024-10-18T17:39:26Z GitCommit: https://github.com/argoproj/argo-cd/commit/4dab5bd6a60adea12e084ad23519e35b710060a2 GitTreeState: clean GoVersion: go1.22.4 Compiler: gc Platform: linux/amd64

[andrii-korotkov-verkada]

Is there anything useful in the logs with debug level enabled? Note that you may need to configure it differently for dex comparing to other containers.

[onkar6699]

I have enabled debug but it's not reflecting still able to see only info log

[onkar6699]

Should I try with previous version what you suggest? Similar conf grafana worked but argocd failing

[andrii-korotkov-verkada]

For dex you need something like

  dex.config: |
    logger:
      level: debug
      format: json
...

in argocd-cm. Can you share your argocd-cm, please? (Feel free to mock sensitive values of course)

[andrii-korotkov-verkada]

I'll try with v2.13.1 as well if it's not too much hassle.

[onkar6699]

Not using Dex without Dex I am doing As per this PR https://github.com/argoproj/argo-cd/pull/4780 y error exact match with this PR why this change made idk

[andrii-korotkov-verkada]

Try setting this

apiVersion: v1
kind: ConfigMap
metadata:
  name: argocd-cmd-params-cm
data:
  applicationsetcontroller.log.level: debug
  applicationsetcontroller.log.format: json
  controller.log.level: debug
  controller.log.format: json
  notificationscontroller.log.level: debug
  notificationscontroller.log.format: json
  reposerver.log.level: debug
  reposerver.log.format: json
  server.log.level: debug
  server.log.format: json
  ...

[onkar6699]

For dex you need something like

  dex.config: |
    logger:
      level: debug
      format: json
...

in argocd-cm. Can you share your argocd-cm, please? (Feel free to mock sensitive values of course)

ArgoCD OIDC Config url: https://argocd.example.com/ (nginx exposed app) oidc.config: | name: MYIDP issuer: myissuerURL clientID: 0oa9abcdefgh123AB5d7 clientSecret: ABCDEFG1234567890abcdefg requestedScopes: ["openid", "profile", "email", "groups"] requestedIDTokenClaims: {"groups": {"essential": true}}

[onkar6699]

@andrii-korotkov-verkada I have tried to start server log in debug mode nothing reflected as explained here https://github.com/argoproj/argo-cd/issues/17577 using 3rd party log which is not respecting our sent value always starting in info

[andrii-korotkov-verkada]

You can try --gloglevel N as parameter to the container args, some libs use that.

[onkar6699]

containers:

• args:

  • /usr/local/bin/argocd-server
  • --port=8080
  • --metrics-port=8083

  • --loglevel=debug

    Currently passing this you mean

  • --loglevel= ??

[onkar6699]

@andrii-korotkov-verkada also can you suggest me one stable app version of argocd so i can try loglevel as well as oidc conf

[andrii-korotkov-verkada]

It would be

- "--gloglevel"
- "6"

You can change verbosity level from 1 to large values, but it can get spammy.

[andrii-korotkov-verkada]

I recommend v2.13.1

[onkar6699]

I have updated 2.13.1 but still same issue with log