ArgoCD add new repositories
This process can be executed through the ArgoCD interface, but we prefer to store everything in our git repository (always use gitops if possible).
Table of Contents
Add repositories on helm
In the helm values file, we need to add the repository we want to connect to ArgoCD:
repositories:
k8s-components:
url: ssh://git@<repository_url>/devops/k8s_components.git
type: git
insecure: "true"
project: default
name: k8s-components
This will use the credentials below to grant access.
Create credentials to access git repositories
This step is only required once.
To retrieve content from git repositories, we need to create a set of credentials to be deployed on our cluster. These credentials are stored in our Vault and can be used across multiple git repositories.
This secret should be placed under a repository that will be activated on ArgoCD as an external secret provider.
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: git-credentials
namespace: argocd
spec:
data:
- remoteRef:
conversionStrategy: Default
key: cluster-credentials/argocd/repositories
property: ssh-private-key
secretKey: sshPrivateKey
- remoteRef:
conversionStrategy: Default
key: cluster-credentials/argocd/repositories
property: ssh-url-credentials
secretKey: url
refreshInterval: 3600s
secretStoreRef:
kind: ClusterSecretStore
name: vault-backend
target:
creationPolicy: Owner
deletionPolicy: Retain
name: git-credentials
template:
metadata:
labels:
argocd.argoproj.io/secret-type: repo-creds
Ensure that the argocd.argoproj.io/secret-type: repo-creds label is present for ArgoCD to recognize this as repository credentials. With this secret, all repositories that start with the same content present in ssh-url-credentials will use this private key associated with the secret.