jkroepke
commented
1 year ago ArgoCD App are not able to inject environment variables.
Do you have separat VAULT_TOKEN for each Application?
Closed jaythamke closed 11 months ago
jkroepke
commented
1 year ago ArgoCD App are not able to inject environment variables.
Do you have separat VAULT_TOKEN for each Application?
jaythamke
commented
1 year ago Do you have separat VAULT_TOKEN for each Application?
Yes, I have to create new VAULT_TOKEN for each VAULT_NAMESPACE
jaythamke
commented
1 year ago ArgoCD App are not able to inject environment variables.
Thanks for quick reply!
In that case, I think I have to come up with argocd-plugin like solution (provided in https://argocd-vault-plugin.readthedocs.io/en/stable/usage/) and then rendering K8s manifests by executing helm secrets template -f my-sops-enc-secret.yaml -f some-other-values.yaml inside configManagementPlugins.[].generate in ArgoCD config management plugin.
github-actions[bot]
commented
11 months ago This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
jaythamke
commented
11 months ago Closing as query is resolved
Hello Jan, I am currently testing some scenarios in our CD workflow with ArgoCD. I am already using helm-secrets plugin along with sops for managing the secrets since two years. Thanks for your efforts. In my current scenario, the secrets encryption and decryption are done by the keys stored in Hashicorp Vault (Enterprise version) Transit engines and the keys are separated by using Vault namespaces (e.g. /dev/, /staging/ etc. ) (defined by
VAULT_NAMESPACEenv variable).I would like to know how to pass
VAULT_NAMESPACEandVAULT_TOKENenv var toargocd-repo-serverfrom ArgoCD Application.