相同的文档告诉我们如何提取密码 https://argo-cd.readthedocs.io/en/stable/getting_started/#4-login-using-the-cli对于阿尔戈:
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo
获取ArgoCD服务器的hostname
使用以下方法也没什么大不了的:
kubectl get service argocd-server -n argocd --output=jsonpath='{.status.loadBalancer.ingress[0].hostname}'
并且作为argocd login
命令有参数--username
and --password
, 我们可以像这样制作我们的登录命令:
argocd login $(kubectl get service argocd-server -n argocd --output=jsonpath='{.status.loadBalancer.ingress[0].hostname}') --username admin --password $(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo) --insecure
注意--insecure
防止 argo CLI 询问诸如WARNING: server certificate had error: x509: certificate is valid for localhost, argocd-server, argocd-server.argocd, argocd-server.argocd.svc, argocd-server.argocd.svc.cluster.local, not a5f715808162c48c1af54069ba37db0e-1371850981.eu-central-1.elb.amazonaws.com. Proceed insecurely (y/n)?
.
成功登录在 GitHub Actions UI 中应该看起来像这样(请参阅完整的日志在这里 https://github.com/jonashackt/tekton-argocd-eks/runs/5105912670?check_suite_focus=true):
'admin:login' logged in successfully
Context 'a5f715808162c48c1af54069ba37db0e-1371850981.eu-central-1.elb.amazonaws.com' updated
现在您的 GitHub Actions 工作流程应该能够与 ArgoCD 服务器进行交互。
防止错误FATA[0000] dial tcp: lookup a965bfb530e8449f5a355f221b2fd107-598531793.eu-central-1.elb.amazonaws.com on 8.8.8.8:53: no such host
如果出现此错误argocd-server
Kubernetes 服务是在运行之前全新安装的argocd login
命令已运行。然后argocd login
命令失败了一段时间,直到它最终可以正常工作。
假设存在一些 DNS 传播问题,我们可以通过包装我们的 CI 管道来防止此错误破坏我们的 CI 管道。argocd login
命令进入一个until
就像已经完成的一样在这个答案中 https://stackoverflow.com/a/70108997/4964553。完整的命令将如下所示:
until argocd login $(kubectl get service argocd-server -n argocd --output=jsonpath='{.status.loadBalancer.ingress[0].hostname}') --username admin --password $(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo) --insecure; do : ; done
在 GitHub Actions 中,这将看起来像这样:
--- Login argocd CLI - now wrapped in until to prevent FATA[0000] dial tcp: lookup 12345.eu-central-1.elb.amazonaws.com on 8.8.8.8:53: no such host
time="2022-02-21T12:57:32Z" level=fatal msg="dial tcp: lookup a071bed7e9ea14747951b04360133141-459093397.eu-central-1.elb.amazonaws.com on 127.0.0.53:53: no such host"
time="2022-02-21T12:57:35Z" level=fatal msg="dial tcp: lookup a071bed7e9ea14747951b04360133141-459093397.eu-central-1.elb.amazonaws.com on 127.0.0.53:53: no such host"
time="2022-02-21T12:57:37Z" level=fatal msg="dial tcp: lookup a071bed7e9ea14747951b04360133141-459093397.eu-central-1.elb.amazonaws.com on 127.0.0.53:53: no such host"
[...]
time="2022-02-21T12:58:27Z" level=fatal msg="dial tcp: lookup a071bed7e9ea14747951b04360133141-459093397.eu-central-1.elb.amazonaws.com on 127.0.0.53:53: no such host"
time="2022-02-21T12:58:30Z" level=fatal msg="dial tcp: lookup a071bed7e9ea14747951b04360133141-459093397.eu-central-1.elb.amazonaws.com on 127.0.0.53:53: no such host"
time="2022-02-21T12:58:32Z" level=fatal msg="dial tcp: lookup a071bed7e9ea14747951b04360133141-459093397.eu-central-1.elb.amazonaws.com on 127.0.0.53:53: no such host"
'admin:login' logged in successfully
Context 'a071bed7e9ea14747951b04360133141-459093397.eu-central-1.elb.amazonaws.com' updated
这里还有一个日志 https://github.com/jonashackt/tekton-argocd-eks/runs/5274400263?check_suite_focus=true.