ArogoCD

kubectl create ns argocd

helm repo add argo https://argoproj.github.io/argo-helm helm repo update argo

cat <<\EOF> argocd-value.yaml configs: cm: accounts.image-updater: apiKey timeout.reconciliation: 60s rbac: policy.csv: | p, role:image-updater, applications, get, */*, allow p, role:image-updater, applications, update, */*, allow g, image-updater, role:image-updater policy.default: role.readonly params: server.insecure: true EOF

helm install argocd argo/argo-cd \ --create-namespace \ --namespace argocd \ --values argocd-value.yaml

curl -sSL -o argocd-linux-amd64 https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64 sudo install -m 555 argocd-linux-amd64 /usr/local/bin/argocd rm -rf argocd-linux-amd64

sudo dnf install -y expect # kubectl port-forward svc/argocd-server -n argocd --address=0.0.0.0 8080:443 > /dev/null & kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "LoadBalancer"}}' ARGO_PW=(`kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d`) echo y | argocd login --insecure --username admin --password $ARGO_PW 127.0.0.1:8080 # ID : admin expect -c " spawn argocd account update-password expect -re \".*Enter.*\" send \"$ARGO_PW\r\" expect -re \".*Enter.*\" send \"Skill53##\r\" expect -re \".*Confirm.*\" send \"Skill53##\r\" interact "

eksctl create iamserviceaccount \ --cluster gwangju-eks-cluster \ --name argocd-image-updater \ --namespace argocd \ --attach-policy-arn arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly \ --approve

cat <<\EOF> argocd-image-updater-values.yaml config: argocd: grpcWeb: true serverAddress: "http://argocd-server.argocd" insecure: true plaintext: true logLevel: debug registries: - name: ECR api_url: "https://ACCOUNT_ID.dkr.ecr.REGION_CODE.amazonaws.com" prefix: "ACCOUNT_ID.dkr.ecr.REGION_CODE.amazonaws.com" ping: true insecure: false credentials: "ext:/scripts/auth1.sh" credsexpire: 10h authScripts: enabled: true scripts: auth1.sh: | #!/bin/sh aws ecr --region REGION_CODE get-authorization-token --output text --query 'authorizationData[].authorizationToken' | base64 -d EOF

AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text) AWS_DEFAULT_REGION=$(aws configure set region ap-northeast-2 && aws configure get region --output text)

sed -i "s|ACCOUNT_ID|$AWS_ACCOUNT_ID|g" argocd-image-updater-values.yaml sed -i "s|REGION_CODE|$AWS_DEFAULT_REGION|g" argocd-image-updater-values.yaml

helm install argocd-image-updater argo/argocd-image-updater \ --namespace argocd \ --set serviceAccount.create=false \ --values argocd-image-updater-values.yaml

kubectl create namespace argo-rollouts kubectl apply -n argo-rollouts -f https://github.com/argoproj/argo-rollouts/releases/latest/download/install.yaml curl -LO https://github.com/argoproj/argo-rollouts/releases/latest/download/kubectl-argo-rollouts-linux-amd64 sudo install -o root -g root -m 0755 kubectl-argo-rollouts-linux-amd64 /usr/local/bin/kubectl-argo-rollouts

kubectl argo rollouts version

apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: argocd-ing namespace: argocd annotations: alb.ingress.kubernetes.io/load-balancer-name: argocd-alb alb.ingress.kubernetes.io/group.name: argocd-tg alb.ingress.kubernetes.io/scheme: internet-facing alb.ingress.kubernetes.io/target-type: ip alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]' alb.ingress.kubernetes.io/healthcheck-path: / alb.ingress.kubernetes.io/healthcheck-interval-seconds: '5' alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '3' alb.ingress.kubernetes.io/healthy-threshold-count: '3' alb.ingress.kubernetes.io/unhealthy-threshold-count: '2' alb.ingress.kubernetes.io/target-group-attributes: deregistration_delay.timeout_seconds=30 spec: ingressClassName: alb rules: - http: paths: - path: / pathType: Prefix backend: service: name: argocd-server port: number: 80

kubectl apply -f argocd-ingress.yaml