Support for custom tools about gitops-operator HOT 4 OPEN

I can't figure out how to add a volume mount and an init container during the setup process though. If you try to modify the argocd-repo-server after the creation is overwritten since it's managed by argocd. It would be nice to be able to add those instead of having to build a manual image.

Casey, you have to utilize the custom image which is built and pushed to a registry, then specify when building your ACD. In other words, in the ACD configuration, you can specify a custom image on initial creation.

I haven't used the plugin in quite a while (since starting to use external-secrets). Speaking with complete transparency, I've spent a bit testing and evaluating tools since the original article, external-secrets in my opinion, it's a better overall approach to managing secrets and utilizing with ArgoCD/Git/Gitops Operator. There is an additional writeup here that walks us through it. :External Secrets Demo

from gitops-operator.

@pbmoses I haven't looked into external secrets yet so I will give that a shot. Thank you for the recommendation!

from gitops-operator.

This should be possible, see the following article from RedHat (under the "ArgoCD Installation and Configuration" section):
https://cloud.redhat.com/blog/how-to-use-hashicorp-vault-and-argo-cd-for-gitops-on-openshift

Create a Dockerfile

FROM argoproj/argocd:latest
# Switch to root for the ability to perform install
USER root

# Install tools needed for your repo-server to retrieve & decrypt secrets, render manifests
# (e.g. curl, awscli, gpg, sops)
RUN apt-get update && \
    apt-get install -y \
        curl \
        awscli \
        gpg && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# Install the AVP plugin (as root so we can copy to /usr/local/bin)
RUN curl -L -o argocd-vault-plugin https://github.com/IBM/argocd-vault-plugin/releases/download/v0.7.0/argocd-v
ault-plugin_0.7.0_linux_amd64
RUN chmod +x argocd-vault-plugin
RUN mv argocd-vault-plugin /usr/local/bin

# Switch back to non-root user
USER argocd

Build your image and push the image to your preferred image registry

podman build -t pmo-argovault:v1.0 .
podman push localhost/pmo-argovault:v1.0 quay.io/pbmoses/pmo-argovault:v1.0

After the image is built and pushed to the registry,we will need to build a new ArgoCD instance including our custom repo image. You can utilize the ArgoCD create GUI or apply a manifest you have available. There area few things to note which need to be included in your manifest:

*Our repo will need “mountsatoken” present and the SA we created earlier

repo:
    mountsatoken: true
    serviceaccount: vplugin

*The image will be that which was pushed in the previous steps

image: quay.io/pbmoses/pmo-argovault
Version: v1.0

*Our config management plugin will need to be defined

  configManagementPlugins: |-
    - name: argocd-vault-plugin
      generate:
        command: ["argocd-vault-plugin"]
        args: ["generate", "./"]

You set those configuration values up in the operator configuration when creating your ArgoCD instance.

from gitops-operator.

I can't figure out how to add a volume mount and an init container during the setup process though. If you try to modify the argocd-repo-server after the creation is overwritten since it's managed by argocd. It would be nice to be able to add those instead of having to build a manual image.

from gitops-operator.