Argo CD

This walkthrough shows you how to use CloudTruth parameters and secrets in Argo CD directly from our Argo CD plugin.
GitHub - cloudtruth/argocd-cloudtruth-plugin: An ArgoCD plugin that allows one to replace cloudtruth parameter references with their values in the yaml files delivered to kubernetes
GitHub
Prerequisites
You are familiar with Argo CD.
You have created one or more CloudTruth Parameters.
You have created a CloudTruth API Access token.
CloudTruth Argo CD plugin
The CloudTruth plugin solves how to handle secrets management with Argo CD. When the plugin is installed in your application it will replace any references following the format <parameter> in your GitOps yaml files.
Installing the plugin
You can run an automated installer that will install the plugin in your Argo CD installation.
curl -s https://raw.githubusercontent.com/cloudtruth/argocd-cloudtruth-plugin/main/install/setup.sh | sh
Provide the installer with the following CloudTruth parameters:
Parameter
Value
​CLOUDTRUTH_API_KEY​
Provides access to your CloudTruth org
​CLOUDTRUTH_ENVIRONMENT​
Specifies a targeted Environment
​CLOUDTRUTH_PROJECT​
Specifies a targeted project
​CLOUDTRUTH_TAG​
Specifies a targeted tag
The installer will perform the following to configure the plugin in your Argo CD installation:
1.Create a K8s secret with the provided parameters in the Argo namespace.
2.Patch the argocd configmap to add CloudTruth to configManamentPlugins​
3.Patch the argocd-repo-server to add the required volumes, secret and init containers.
You can restart the Argo CD repo server to pickup the changes.
kubectl rollout restart -n argocd deployment/argocd-repo-server
For a full parameters list visit our Argo plugin repo.
Using the plugin for secrets and parameters
Now that the plugin is installed, you can reference CloudTruth config in your app config files.
UI app install
When creating an application from a Git repository using the Argo CD UI plugins are enabled from the Directory dropdown.
Select the argocd-cloudtruth-plugin
You can also override any installation parameter values for your specific app with plugin ENV values.
Argo CLI app installation
The Argo CLI allows you to create apps with the CloudTruth plugin as well as update existing apps to be plugin enabled. The following are a few examples of using the CloudTruth plugin with the Argo CLI.
App creation
​Create an application:
argocd app create YOUR_APP --repo https://github.com/YOUR_REPO --path cloudtruth-plugin --dest-server YOUR_K8S_SERVER --dest-namespace default --config-management-plugin argocd-cloudtruth-plugin
Create an application and specify a specific project:
argocd app create YOUR_APP --repo https://github.com/YOUR_REPO --path cloudtruth-plugin --dest-server YOUR_K8S_SERVER --dest-namespace default --config-management-plugin argocd-cloudtruth-plugin --plugin-env CLOUDTRUTH_PROJECT=YOUR_CLOUDTRUTH_PROJECT
Create an application and specify a specific project and environment:
argocd app create YOUR_APP --repo https://github.com/YOUR_REPO --path cloudtruth-plugin --dest-server YOUR_K8S_SERVER --dest-namespace default --config-management-plugin argocd-cloudtruth-plugin --plugin-env CLOUDTRUTH_PROJECT=YOUR_CLOUDTRUTH_PROJECT  --plugin-env CLOUDTRUTH_ENVIRONMENT=YOUR_CLOUDTRUTH_ENVIRONMENT
App updates
Add the plugin to existing apps with set:
argocd app set YOUR_APP --config-management-plugin argocd-cloudtruth-plugin
update a plugin parameter value to existing app:
argocd app set YOUR_APP --plugin-env CLOUDTRUTH_ENVIRONMENT=YOUR_CLOUDTRUTH_ENVIRONMENT
Argo CD plugin demo
Here is an example use case with the Argo CD plugin that populates a ConfigMap with values pulled from CloudTruth while deploying an application in a GitOps workflow.
We will deploy a flask application from our demo Git repo.
The ConfigMap substitutes data values from CloudTruth using the default substitution format <YOUR_PARAM_NAME>.
kind: ConfigMap 
apiVersion: v1 
metadata:
  name: flask-map
data:
   FLASK_APP: "<FLASK_APP>"
   FLASK_ENV: "<FLASK_ENV>"
   FLASK_MESSAGE: "<FLASK_MESSAGE>"
   FLASK_RUN_HOST: "<FLASK_RUN_HOST>"
   FLASK_RUN_PORT: "<FLASK_RUN_PORT>"
   IMAGE: "<IMAGE>"
You can use the CloudTruth CLI that sets up a project to deploy this example.
cloudtruth projects set flask
cloudtruth --project flask parameters set  FLASK_APP -v "flaskdemo.py"
cloudtruth --project flask parameters set  FLASK_DEBUG -v "True"
cloudtruth --project flask parameters set  FLASK_ENV -v "development"
cloudtruth --project flask parameters set  FLASK_MESSAGE -v "Configuration Management for default"
cloudtruth --project flask parameters set  FLASK_RUN_HOST -v "0.0.0.0"
cloudtruth --project flask parameters set  FLASK_RUN_PORT -v "3000"
cloudtruth --project flask parameters set  IMAGE -v CloudTruth.jpg
Deploy the app with the following Argo CLI command:
argocd app create flask --repo https://github.com/cloudtruth/blog-examples --path argo-flask/cloudtruth-plugin --dest-server https://kubernetes.default.svc --dest-namespace default --config-management-plugin argocd-cloudtruth-plugin --plugin-env CLOUDTRUTH_ENVIRONMENT=production --plugin-env CLOUDTRUTH_PROJECT=flask
The argocd app create is broken down into the following commands. The --plugin-env commands specify the CloudTruth environment and project to get values from.
Command
Value
--repo
​https://github.com/cloudtruth/blog-examples​
--path
argo-flask/cloudtruth-plugin
--dest-server
https://kubernetes.default.svc
--dest-namespace
default
--config-management-plugin
argocd-cloudtruth-plugin
--plugin-env
CLOUDTRUTH_ENVIRONMENT=production
--plugin-env
CLOUDTRUTH_PROJECT=flask
Verify the ConfigMap has values from the configured CloudTruth project with the manifests command:
argocd app manifests flask
​
---
apiVersion: v1
data:
  FLASK_APP: flaskdemo.py
  FLASK_ENV: development
  FLASK_MESSAGE: Configuration Management for default
  FLASK_RUN_HOST: 0.0.0.0
  FLASK_RUN_PORT: "3000"
  IMAGE: CloudTruth.jpg
kind: ConfigMap
metadata:
  labels:
    app.kubernetes.io/instance: flask
  name: flask-map
  namespace: default
Deploy by synching the app:
argocd app sync flask
You can also deploy and verify the app health in the Argo UI.

🧩Integrations

AWS

Last modified 5mo ago

Copy link

On this page

Prerequisites

CloudTruth Argo CD plugin

Using the plugin for secrets and parameters

UI app install

Argo CLI app installation

Argo CD plugin demo