Skip to content

Commit f309ce5

Browse files
gnunn1gnunn1
committed
Add CLI instructions
1 parent ac03ef8 commit f309ce5

File tree

1 file changed

+96
-0
lines changed

1 file changed

+96
-0
lines changed

content/modules/ROOT/pages/01-getting-started.adoc

Lines changed: 96 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,3 +145,99 @@ Check that these have been deployed successfully in your Argo CD namespace:
145145
----
146146
oc get all -n {user}-argocd
147147
----
148+
149+
== Argo CD CLI
150+
151+
We wil use the ArgoCD CLI to explore your GitOps environment in more detail. A secret has been pre-created in the `{user}-argocd`
152+
namespace called `argocd-cli` that provides the credentials needed to login into Argo CD.
153+
154+
[NOTE]
155+
Normally when using Argo CD with OIDC the login would be done with using the `--sso` switch
156+
which starts up a local web server to handle the OIDC callback on localhost. However since
157+
our terminal is running in a pod in OpenShift this is not possible. Therefore a local account, `{user}-cli`, has been pre-created
158+
with identical permissions to the SSO user. Normally local accounts in Argo CD should only
159+
be used for automation not for users.
160+
161+
To provision secret into the terminal as exported environment variables run the following
162+
commands:
163+
164+
[.console-input]
165+
[source,sh,subs="attributes",role=execute]
166+
----
167+
export ARGOCD_AUTH_TOKEN=$(oc get secret argocd-cli -n {user}-argocd -o jsonpath="{.data.ARGOCD_AUTH_TOKEN}" | base64 -d)
168+
export ARGOCD_SERVER=$(oc get secret argocd-cli -n {user}-argocd -o jsonpath="{.data.ARGOCD_SERVER}" | base64 -d)
169+
export ARGOCD_USERNAME=$(oc get secret argocd-cli -n {user}-argocd -o jsonpath="{.data.ARGOCD_USERNAME}" | base64 -d)
170+
alias argocd='f(){ argocd "$@" --grpc-web; unset -f f; }; f'
171+
----
172+
173+
The Argo CD CLI will use the specified environment variables automatically and not require an explicit login. Additionally
174+
the alias command at the end will ensure that when the `argocd` is called the parameter `--grpc-web` is automatically added. Since
175+
we are routing commands through the OpenShift Route this parameter is needed to avoid superfluous warnings.
176+
177+
[IMPORTANT]
178+
If you restart the terminal interface you may need to run the above commands again in order to access Argo CD
179+
from the command line.
180+
181+
Test the variables are set by using the Argo CD CLI to view the Applications that were shown in the user interface:
182+
183+
[.console-input]
184+
[source,sh,subs="attributes",role=execute]
185+
----
186+
argocd app list
187+
----
188+
189+
The following output will be provided showing the application name, the sync and health status, the source and destination.
190+
191+
[.console-output]
192+
[source,bash,subs="attributes+,+macros"]
193+
----
194+
NAME CLUSTER NAMESPACE PROJECT STATUS HEALTH SYNCPOLICY CONDITIONS REPO PATH TARGET
195+
{user}-argocd/dev-tools in-cluster {user}-cicd {user} Synced Healthy Auto <none> https://github.com/AdvancedDevSecOpsWorkshop/bootstrap.git infra/dev-tools/overlays/default HEAD
196+
----
197+
198+
A detailed view of the Application can be retrieved by using the `get` command:
199+
200+
[.console-input]
201+
[source,sh,subs="attributes",role=execute]
202+
----
203+
argocd app get {user}-argocd/dev-tools
204+
----
205+
206+
Various details of the Application are shown including a list of resources that the application is managing and their associated statuses.
207+
208+
[.console-output]
209+
[source,bash,subs="attributes+,+macros"]
210+
----
211+
Name: {user}-argocd/dev-tools
212+
Project: {user}
213+
Server: in-cluster
214+
Namespace: {user}-cicd
215+
URL: https://argocd-server-gitops.apps.cluster-wvcx7.sandbox1429.opentlc.com/applications/dev-tools
216+
Source:
217+
- Repo: https://github.com/AdvancedDevSecOpsWorkshop/bootstrap.git
218+
Target: HEAD
219+
Path: infra/dev-tools/overlays/default
220+
SyncWindow: Sync Allowed
221+
Sync Policy: Automated
222+
Sync Status: Synced to HEAD (482bc44)
223+
Health Status: Healthy
224+
225+
GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE
226+
Secret {user}-cicd sonarqube-admin Synced secret/sonarqube-admin created
227+
PersistentVolumeClaim {user}-cicd nexus Synced Healthy persistentvolumeclaim/nexus created
228+
PersistentVolumeClaim {user}-cicd sonarqube-data Synced Healthy persistentvolumeclaim/sonarqube-data created
229+
PersistentVolumeClaim {user}-cicd postgresql-sonarqube-data Synced Healthy persistentvolumeclaim/postgresql-sonarqube-data created
230+
Service {user}-cicd sonarqube Synced Healthy service/sonarqube created
231+
Service {user}-cicd nexus Synced Healthy service/nexus created
232+
Service {user}-cicd postgresql-sonarqube Synced Healthy service/postgresql-sonarqube created
233+
apps Deployment {user}-cicd nexus Synced Healthy deployment.apps/nexus created
234+
apps Deployment {user}-cicd sonarqube Synced Healthy deployment.apps/sonarqube created
235+
batch Job {user}-cicd configure-nexus Synced Healthy job.batch/configure-nexus created
236+
batch Job {user}-cicd configure-sonarqube Synced Healthy job.batch/configure-sonarqube created
237+
route.openshift.io Route {user}-cicd nexus Synced Healthy route.route.openshift.io/nexus created
238+
apps.openshift.io DeploymentConfig {user}-cicd postgresql-sonarqube Synced Healthy deploymentconfig.apps.openshift.io/postgresql-sonarqube created
239+
route.openshift.io Route {user}-cicd sonarqube Synced Healthy route.route.openshift.io/sonarqube created
240+
----
241+
242+
In addition to retrieving information about the Application, various tasks can be performed via the CLI including syncing, refreshing and modifying the Application. We
243+
will look at these in more depth in subsequent sections.

0 commit comments

Comments
 (0)