Skip to main content

Provider Lab Part 2

ArgoCD

For ArgoCD it's necessary to create an account or use an existing one to have a token on it. Best practice says to create an account for Crossplane. In the Backstage lab we left an account prepared for this.

The token is already in the environment variable exported in the terminal. The secret needs to contain authToken.

# argocd.yaml
apiVersion: v1
kind: Secret
metadata:
  name: argocd-credentials
  namespace: crossplane-system
type: Opaque
stringData:
  authToken: "${ARGOCD_AUTH_TOKEN_CROSSPLANE}"
---
apiVersion: argocd.crossplane.io/v1alpha1
kind: ProviderConfig
metadata:
  name: argocd-provider
spec:
  serverAddr: argocd-server.argocd.svc:443
  insecure: true
  plainText: true
  grpcWeb: true
  grpcWebRootPath: /
  credentials:
    source: Secret
    secretRef:
      namespace: crossplane-system
      name: argocd-credentials
      key: authToken

Let's apply this manifest and check the resources we have available.


envsubst < argocd.yaml | kubectl apply -f -
secret/argocd-credentials created
providerconfig.argocd.crossplane.io/argocd-provider created

❯ k get customresourcedefinitions.apiextensions.k8s.io -n crossplane-system -o custom-columns=NAME:.metadata.name | grep argocd
applications.applications.argocd.crossplane.io
applicationsets.applicationsets.argocd.crossplane.io
clusters.cluster.argocd.crossplane.io
projects.projects.argocd.crossplane.io
providerconfigs.argocd.crossplane.io
providerconfigusages.argocd.crossplane.io
repositories.repositories.argocd.crossplane.io

Just to test let's apply this manifest and see if an application will be created.

apiVersion: applications.argocd.crossplane.io/v1alpha1
kind: Application
metadata:
  name: example-application
spec:
  providerConfigRef:
    name: argocd-provider
  forProvider:
    destination:
      namespace: default
      server: https://kubernetes.default.svc
    project: default
    source:
      repoURL: https://github.com/stefanprodan/podinfo/
      path: charts/podinfo
      targetRevision: HEAD
    syncPolicy: # If you don't have the sync policy it will create the application but won't do the heal.
      automated:
        prune: true
        selfHeal: true
      syncOptions:
        - CreateNamespace=true
❯ kubectl apply -f argocdapplication.yaml
application.applications.argocd.crossplane.io/example-application configured

❯ kubectl get applications.applications.argocd.crossplane.io
NAME                  READY   SYNCED   AGE
example-application   True    True     24m

alt text

Confluent (Kafka)