⎈ A Hands-On Guide to ArgoCD Private Repository Management — PART-3 ⚙️
⇢ A Comprehensive Guide to Configuring Private Repositories Using CLI, Declarative Methods, and API Calls with Practical Example
PART — 1: ⎈ A Hands-On Guide to ArgoCD on Kubernetes — PART-1 ⚙️
PART — 2: ⎈ A Hands-On Guide to ArgoCD on Kubernetes — PART-2 ⚙️
Welcome to PART-3, Managing private repositories in ArgoCD is a crucial skill for DevOps engineers, ensuring that your applications can securely access the necessary code and resources for deployment. In this hands-on guide, we’ll explore three different methods to manage private repositories in ArgoCD:
- Using the ArgoCD CLI.
- Declarative approach
- API calls.
By the end of this guide, you’ll be equipped to handle private repositories in your ArgoCD environment efficiently.
Table of Contents
- Prerequisites
- Configuring Private Repositories in ArgoCD
- Using ArgoCD CLI
- Declarative Approach
- Using ArgoCD API Calls
3. Testing the Configuration
4. Best Practices for Managing Private Repositories
5. Conclusion
Prerequisites
Before diving into the configurations, ensure you have the following in place:
- ArgoCD Installation: ArgoCD should be installed and running on your Kubernetes cluster. You can follow PART-1 on ArgoCD to set it up.
- ArgoCD CLI: The ArgoCD CLI should be installed on your local machine. Installation instructions can be found PART-2 on ArgoCD.
- GitHub Personal Access Token: Generate a GitHub Personal Access Token (PAT) with the necessary scopes to access your private repositories. Instructions for generating a token can be found here.
- Basic Knowledge: Familiarity with Kubernetes, Git, and CI/CD concepts will be helpful.
- GitHub Private Repo: Make sure you create a private repo and assign proper permissions to the Personal Access Token.
Configuring Private Repositories in ArgoCD
In this section, we’ll cover how to configure private repositories using three different methods: the ArgoCD CLI, a declarative approach using Kubernetes manifests, and API calls.
Example: Adding a Private GitHub Repository to ArgoCD
Let’s say you’ve created a private GitHub repository located at https://github.com/anveshmuppeda/argo-cd-demo.git. We will now add this private repository to ArgoCD using the GitHub Personal Access Token.
Using ArgoCD CLI
The ArgoCD CLI provides a quick way to add private repositories to your ArgoCD configuration. Here’s how you can do it:
- Add the Private Repository:
Use the following command to add a private repository:
argocd repo add <repository-url> --username <your-username> --password <your-github-token>Replace <repository-url> with the URL of your private repository, <your-username> with your Git username, and <your-github-token> with your GitHub Personal Access Token..
2. Verify the Repository:
After adding the repository, you can verify it by listing all repositories:
argocd repo listThis command will display a list of repositories configured in ArgoCD, including the one you just added.
Example:
$ argocd repo add https://github.com/anveshmuppeda/argo-cd-demo.git --username anveshmuppeda
Password:
Repository 'https://github.com/anveshmuppeda/argo-cd-demo.git' added
$ argocd repo list
TYPE NAME REPO INSECURE OCI LFS CREDS STATUS MESSAGE PROJECT
git https://github.com/anveshmuppeda/argo-cd-demo.git false false false true Successful 
Declarative Approach
The declarative approach allows you to define your repository configuration as code, which is particularly useful for version control and automation.
- Create a Kubernetes Secret:
First, create a Kubernetes Secret to store your GitHub secrets:
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: argocd-private-repo
namespace: argocd
annotations:
managed-by: argocd.argoproj.io
labels:
argocd.argoproj.io/secret-type: repository
stringData:
type: git
url: https://github.com/anveshmuppeda/argo-cd-demo.git
username: <your-github-username>
password: <your-github-token>Replace <your-github-username> with your GitHub username and <your-github-token> with your GitHub Personal Access Token.
2. Apply the Secret to Your Cluster:
Save the above YAML configuration to a file (e.g., repo-secret.yaml) and apply it to your Kubernetes cluster:
kubectl apply -f repo-secret.yamlThis will create the secret in the argocd namespace, allowing ArgoCD to access your private repository.
Now if you run argocd repo list, you’ll get the repo added into your argocd cluster.
$ argocd repo list
TYPE NAME REPO INSECURE OCI LFS CREDS STATUS MESSAGE PROJECT
git https://github.com/anveshmuppeda/argo-cd-demo.git false false false true Successful Using ArgoCD API Calls
For programmatic management of repositories, you can use the ArgoCD API.
- Create an ArgoCD API Token:
In the next PART(i.e., PART-4) you’ll see, how to create api toknes in argocd, and how to manage users in ArgoCD.
2. Add the Private Repository via API:
Use the following curl command to add the repository
curl -k -X POST -H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-d '{
"repo": "https://github.com/anveshmuppeda/argo-cd-demo.git",
"username": "<your-github-username>",
"password": "<your-github-token>"
}' \
<argocd-server>/api/v1/repositoriesReplace <token> with your ArgoCD API token, <your-github-username> with your GitHub username, and <your-github-token> with your GitHub Personal Access Token.
Example:
$ curl -k -X POST -H "Authorization: Bearer <my-argocd-api-token>" \
-H "Content-Type: application/json" \
-d '{
"repo": "https://github.com/anveshmuppeda/kubernetes.git",
"name": "Kubernetes",
"password": "<my-github-token>"
}' \
https://<argocd-server>/api/v1/repositories
{"repo":"https://github.com/anveshmuppeda/kubernetes.git","connectionState":{"status":"","message":"","attemptedAt":null},"name":"Kubernetes"}%Testing the Configuration
After configuring the private repository, you should test the setup by deploying an application from the repository.
- Create an Application:
Deploy an application using the private repository. You can do this via the CLI, declarative method, or API. (Follow my PART-1 & PART-2)
2. Monitor the Application:
Ensure that ArgoCD successfully syncs the application. If everything is configured correctly, the application will deploy without any issues.
3. Troubleshoot Issues:
If you encounter any problems, check the ArgoCD logs for errors related to repository access and verify your credentials.
Best Practices for Managing Private Repositories
Here are some best practices to follow when managing private repositories in ArgoCD:
- Secure Storage: Store credentials securely using Kubernetes Secrets or an external secret management system like HashiCorp Vault.
- Token Rotation: Regularly rotate your GitHub Personal Access Tokens to reduce security risks.
- Access Control: Apply the principle of least privilege when granting repository access.
Conclusion
In this guide, we explored how to manage private repositories in ArgoCD using the CLI, declarative methods, and API calls. By following these steps, you can securely deploy applications from private repositories in your ArgoCD setup. Each method offers unique advantages, so choose the one that best suits your workflow.
If you found this guide helpful or have any questions, feel free to share your thoughts in the comments section below.
Source Code
You’re invited to explore our GitHub repository, which houses a comprehensive collection of source code for Kubernetes.
Also, if we welcome your feedback and suggestions! If you encounter any issues or have ideas for improvements, please open an issue on our GitHub repository. 🚀
Connect With Me
If you found this blog insightful and are eager to delve deeper into topics like AWS, cloud strategies, Kubernetes, or anything related, I’m excited to connect with you on LinkedIn. Let’s spark meaningful conversations, share insights, and explore the vast realm of cloud computing together.
Feel free to reach out, share your thoughts, or ask any questions. I look forward to connecting and growing together in this dynamic field!
My LinkedIn: https://www.linkedin.com/in/anveshmuppeda/
My GitHub: https://github.com/anveshmuppeda
Happy deploying! 🚀
Happy Kubernetings! ⎈
