This repository is meant to bootstrap Argo CD. Once setup, Argo CD will be able to manage itself. To do that, an app-of-apps (or in reality an app-of-appsets) is configured in the values.yaml file, which in turn has an ApplicationSet pointing to this repo, along with another ApplicationSet which configures Prometheus and Grafana.

This is a Helm umbrella chart which bundles the argo-cd chart, as well as the argocd-apps chart, which configures the app-of-appsets.

For Argo CD, the values used are the defaults coming from argo-helm, with a few exceptions:

• The resource tracking has been set to annotation+label.
• Metrics and service monitors have been enabled in order for Argo CD metrics to be able to be scraped by Prometheus.
• The argocd-server service uses NodePort.
• TLS is disabled for argocd-server.

This setup currently assumes that this is meant to be run on a local minikube / Docker Desktop (hence the disabling of TLS and setting up of NodePort), but it shouldn't be too hard to extend this to work in other environments.

The initial setup is a one-liner, which will get the initial Argo CD up and running.

(kubectl get ns argocd || kubectl create ns argocd) && \ 
  helm template --namespace argocd --name-template=argocd . | kubectl apply -f -

Once everything has been deployed, you can then retrieve the initial admin password with the following command:

argocd admin initial-password

Reset the initial password.

argocd login localhost:30080 --insecure
argocd account update-password
# login again with your new password
argocd login localhost:30080 --insecure

You will then need to configure the repository credentials in order for Argo CD to be able to manage itself in the future, as well as enabling the setup up of Prometheus and Grafana. You will first need to get a GitHub PAT through some out-of-band means. Once you have gotten a PAT, you can then either set it up in the UI by logging in to http://localhost:30080, head to Settings/Repositories and add a repo that way, or you can add it with the following commands below:

argocd login localhost:30080 --insecure # username: admin password: your password
argocd repocreds add https://github.com/blakepettersson --username anything --password github_pat_<something>

You might need to refresh the application, in order for it to pick up the credential changes (this applies for the UI as well).

argocd app get argocd/argocd-appsets --refresh

In order for kube-prometheus-stack to be deployed, we need to add a cluster label to our local cluster. Once the label has been set, the applicationset-controller will pick it up and then generate an app in the local cluster. In order to do that we need to either configure it in the UI by logging in to http://localhost:30080, then to Settings/Clusters and edit the cluster and adding a label with the key environment and the value dev.

As far as I know, there's currently no way to set labels on the in-cluster cluster with the argocd CLI. Once the in-cluster has been edited, you can do subsequent edits with kubectl edit secret cluster-<clustername> (since what happens with the first edit is that a cluster secret gets created with all the attributes of the pre-existing in-cluster, but that does not initially exist).