Register an account with IAM

visit the service's endpoint is https://iam-pilota.cloud.cnaf.infn.it

Argocd GUI

The user will be able to login at https://argo-test.cloud.cnaf.infn.it using IAM Pilota as the identity provider

After a successful login, the user will be able to deploy within the k8s-wg argocd project

Managing ArgoCD Applications

Due to RBAC policies, the user is only able to deploy ArgoCD applications within the k8s-wg namespace.

Deploy application using the GUI

When clicking on + NEW APP button, the user will be prompted with a form. That form contains all the necessary parameters to deploy an ArgoCD application.

Listing Important parameters

General section:

• Application name needs to have k8s-wg/ prefix otherwise ArgoCD will return permission denied.
• Project name is k8s-wg

Source section can be either Helm or Git.

Destination section:

• Cluster Url is equal to the internal kubernetes api endpoint https://kubernetes.default.svc
• namespace is flexible and can have a value chosen by the user.

Otherwise the user can click on EDIT AS YAML

In this case Application name doesn't need to have a prefix but the namespace of the application has to have the value k8s-wg.

Sync Application

click on Sync if the user choose manual sync.

Deploy Application Using ArgoCD CLI

After install ArgoCD CLI https://argo-cd.readthedocs.io/en/stable/cli_installation/, the user can login using single sign-on.

$ argocd login argo-test.cloud.cnaf.infn.it --sso
WARN[0000] Failed to invoke grpc call. Use flag --grpc-web in grpc calls. To avoid this warning message, use flag --grpc-web.
Opening browser for authentication
Performing authorization_code flow login: https://iam-pilota.cloud.cnaf.infn.it/authorize?access_type=offline&client_id=<client id>&code_challenge=<code challenge>&code_challenge_method=S256&redirect_uri=http%3A%2F%2Flocalhost%3A8085%2Fauth%2Fcallback&response_type=code&scope=openid+profile+email+offline_access&state=HQEfPEshjvOrEZmuukxQxOGF
Authentication successful
'ahmad.alkhansa@cnaf.infn.it' logged in successfully
Context 'argo-test.cloud.cnaf.infn.it' updated

Listing Applications

$ argocd app list
WARN[0000] Failed to invoke grpc call. Use flag --grpc-web in grpc calls. To avoid this warning message, use flag --grpc-web.
NAME           CLUSTER                         NAMESPACE  PROJECT  STATUS  HEALTH   SYNCPOLICY  CONDITIONS  REPO                                                 PATH       TARGET
k8s-wg/testwg  https://kubernetes.default.svc  pippo      k8s-wg   Synced  Healthy  <none>      <none>      https://github.com/argoproj/argocd-example-apps.git  guestbook  HEAD

Create Applications

1. Create a manifest of the application
   

   apiVersion: argoproj.io/v1alpha1
   kind: Application
   metadata:
     name: test3
     namespace: k8s-wg
   spec:
     destination:
       name: ''
       namespace: test3
       server: 'https://kubernetes.default.svc'
     source:
       path: guestbook
       repoURL: 'https://github.com/argoproj/argocd-example-apps.git'
       targetRevision: HEAD
     sources: []
     project: k8s-wg
     # Sync policy that allows autocreation of namespace
     syncPolicy:
       syncOptions:
       - CreateNamespace=true
     

2. Use manifest file as input for ArgoCD CLI 

   $ argocd app create -f argocd-app-test.yaml
   WARN[0000] Failed to invoke grpc call. Use flag --grpc-web in grpc calls. To avoid this warning message, use flag --grpc-web.
   application 'test3' created

3. Check if the has been create 

   $ argocd app list
   WARN[0000] Failed to invoke grpc call. Use flag --grpc-web in grpc calls. To avoid this warning message, use flag --grpc-web.
   NAME           CLUSTER                         NAMESPACE  PROJECT  STATUS     HEALTH   SYNCPOLICY  CONDITIONS  REPO                                                 PATH       TARGET
   k8s-wg/test2   https://kubernetes.default.svc  test2      k8s-wg   OutOfSync  Missing  <none>      <none>      https://github.com/argoproj/argocd-example-apps.git  guestbook  HEAD
   k8s-wg/test3   https://kubernetes.default.svc  test3      k8s-wg   OutOfSync  Missing  <none>      <none>      https://github.com/argoproj/argocd-example-apps.git  guestbook  HEAD
   k8s-wg/testwg  https://kubernetes.default.svc  pippo      k8s-wg   Synced     Healthy  <none>      <none>      https://github.com/argoproj/argocd-example-apps.git  guestbook  HEAD

4. Sync the application

   $ argocd app sync k8s-wg/test3
   WARN[0000] Failed to invoke grpc call. Use flag --grpc-web in grpc calls. To avoid this warning message, use flag --grpc-web.
   TIMESTAMP                  GROUP        KIND   NAMESPACE                  NAME    STATUS    HEALTH        HOOK  MESSAGE
   2024-04-23T10:23:03+02:00            Service       test3          guestbook-ui  OutOfSync  Missing
   2024-04-23T10:23:03+02:00   apps  Deployment       test3          guestbook-ui  OutOfSync  Missing
   2024-04-23T10:23:07+02:00          Namespace                             test3   Running   Synced              namespace/test3 created
   2024-04-23T10:23:11+02:00            Service       test3          guestbook-ui    Synced  Healthy
   2024-04-23T10:23:12+02:00            Service       test3          guestbook-ui    Synced   Healthy              service/guestbook-ui created
   2024-04-23T10:23:12+02:00   apps  Deployment       test3          guestbook-ui  OutOfSync  Missing              deployment.apps/guestbook-ui created
   2024-04-23T10:23:12+02:00   apps  Deployment       test3          guestbook-ui    Synced  Progressing              deployment.apps/guestbook-ui created
   
   Name:               k8s-wg/test3
   Project:            k8s-wg
   Server:             https://kubernetes.default.svc
   Namespace:          test3
   URL:                https://argo-test.cloud.cnaf.infn.it/applications/k8s-wg/test3
   Repo:               https://github.com/argoproj/argocd-example-apps.git
   Target:             HEAD
   Path:               guestbook
   SyncWindow:         Sync Allowed
   Sync Policy:        <none>
   Sync Status:        Synced to HEAD (d7927a2)
   Health Status:      Progressing
   
   Operation:          Sync
   Sync Revision:      d7927a27b4533926b7d86b5f249cd9ebe7625e90
   Phase:              Succeeded
   Start:              2024-04-23 10:23:01 +0200 CEST
   Finished:           2024-04-23 10:23:11 +0200 CEST
   Duration:           10s
   Message:            successfully synced (all tasks run)
   
   GROUP  KIND        NAMESPACE  NAME          STATUS   HEALTH       HOOK  MESSAGE
          Namespace              test3         Running  Synced             namespace/test3 created
          Service     test3      guestbook-ui  Synced   Healthy            service/guestbook-ui created
   apps   Deployment  test3      guestbook-ui  Synced   Progressing        deployment.apps/guestbook-ui created

5. The application is synced

   $ argocd app list
   WARN[0000] Failed to invoke grpc call. Use flag --grpc-web in grpc calls. To avoid this warning message, use flag --grpc-web.
   NAME           CLUSTER                         NAMESPACE  PROJECT  STATUS  HEALTH   SYNCPOLICY  CONDITIONS  REPO                                                 PATH       TARGET
   k8s-wg/test2   https://kubernetes.default.svc  test2      k8s-wg   Synced  Healthy  <none>      <none>      https://github.com/argoproj/argocd-example-apps.git  guestbook  HEAD
   k8s-wg/test3   https://kubernetes.default.svc  test3      k8s-wg   Synced  Healthy  <none>      <none>      https://github.com/argoproj/argocd-example-apps.git  guestbook  HEAD
   k8s-wg/testwg  https://kubernetes.default.svc  pippo      k8s-wg   Synced  Healthy  <none>      <none>      https://github.com/argoproj/argocd-example-apps.git  guestbook  HEAD