DEV Community

leroykayanda
leroykayanda

Posted on • Edited on

Using ArgoCD Image Updater with ACR

We may want the updater to trigger a deployment when an image is pushed to Azure Container Registry.

Create a secret used by argocd image updater to authenticate to ACR.

resource "kubernetes_secret" "argocd_image_updater_acr" {
  metadata {
    name      = "argocd-image-updater-acr-${var.service}"
    namespace = "argocd"
  }

  data = {
    ".dockerconfigjson" = jsonencode({
      auths = {
        "${azurerm_container_registry.acr.login_server}" = {
          auth = base64encode("${azurerm_container_registry.acr.admin_username}:${azurerm_container_registry.acr.admin_password}")
        }
      }
    })
  }
}
Enter fullscreen mode Exit fullscreen mode

We install the updater in our cluster using terraform.

resource "helm_release" "image_updater" {
  name       = "argocd-image-updater"
  repository = "https://argoproj.github.io/argo-helm"
  chart      = "argocd-image-updater"
  namespace  = "argocd"

  values = [
    <<EOF
config:
  registries:
    - name: ACR demo-app
      api_url: https://devdemoapp.azurecr.io
      prefix: devdemoapp.azurecr.io
      ping: yes
      credentials: pullsecret:argocd/argocd-image-updater-acr-demo-app
EOF
  ]
}
Enter fullscreen mode Exit fullscreen mode

These are the annotations for our ArgoCD application.

  annotations:
    argocd-image-updater.argoproj.io/image-list: repo=devdemoapp.azurecr.io/devdemoapp
    argocd-image-updater.argoproj.io/repo.update-strategy: newest-build
Enter fullscreen mode Exit fullscreen mode

To troubleshooot, we can log in to the argocd container.

kubectl exec -n argocd -it argocd-image-updater-7fc87697d5-qtnhn -- ash

Test the connection to ACR.

argocd-image-updater test devdemoapp.azurecr.io/devdemoapp --update-strategy newest-build --credentials pullsecret:argocd/argocd-image-updater-acr-demo-app

Trigger a deploymemnt.

argocd-image-updater run --once --loglevel trace --argocd-namespace argocd --metrics-port 0

Top comments (0)