We may want the updater to trigger a deployment when an image is pushed to Azure Container Registry.
Create a secret used by argocd image updater to authenticate to ACR.
resource "kubernetes_secret" "argocd_image_updater_acr" {
metadata {
name = "argocd-image-updater-acr-${var.service}"
namespace = "argocd"
}
data = {
".dockerconfigjson" = jsonencode({
auths = {
"${azurerm_container_registry.acr.login_server}" = {
auth = base64encode("${azurerm_container_registry.acr.admin_username}:${azurerm_container_registry.acr.admin_password}")
}
}
})
}
}
We install the updater in our cluster using terraform.
resource "helm_release" "image_updater" {
name = "argocd-image-updater"
repository = "https://argoproj.github.io/argo-helm"
chart = "argocd-image-updater"
namespace = "argocd"
values = [
<<EOF
config:
registries:
- name: ACR demo-app
api_url: https://devdemoapp.azurecr.io
prefix: devdemoapp.azurecr.io
ping: yes
credentials: pullsecret:argocd/argocd-image-updater-acr-demo-app
EOF
]
}
These are the annotations for our ArgoCD application.
annotations:
argocd-image-updater.argoproj.io/image-list: repo=devdemoapp.azurecr.io/devdemoapp
argocd-image-updater.argoproj.io/repo.update-strategy: newest-build
To troubleshooot, we can log in to the argocd container.
kubectl exec -n argocd -it argocd-image-updater-7fc87697d5-qtnhn -- ash
Test the connection to ACR.
argocd-image-updater test devdemoapp.azurecr.io/devdemoapp --update-strategy newest-build --credentials pullsecret:argocd/argocd-image-updater-acr-demo-app
Trigger a deploymemnt.
argocd-image-updater run --once --loglevel trace --argocd-namespace argocd --metrics-port 0
Top comments (0)