DEV Community

loading...

Discussion on: GitOps: Demo with Argo CD and KSOPS on GKE

Collapse
rbabyuk profile image
rbabyuk

I've tried this but I am getting encrypt/decrypt things inside argocd container "Failed to call GCP KMS encryption service: googleapi: Error 403: Request had insufficient authentication scopes.
More details:
Reason: insufficientPermissions, Message: Insufficient Permission
]"

and I am using argocd with sops preinstalled, because I am trying to use helm-secrets with argocd where my keys are GCP KMS.
probably the last resort will be to 'mount' secret key for user account and use env. variable GOOGLE_APPLICATION_CREDENTIALS in each pod.
but it look weird at this point of time.