Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Argocd CMP plugin is not designed to work nicely with other tools (such as helm) #16252

Open
borisovano opened this issue Nov 6, 2023 · 1 comment
Open

Argocd CMP plugin is not designed to work nicely with other tools (such as helm) #16252

borisovano opened this issue Nov 6, 2023 · 1 comment
Labels
component:cmp Config Management Plugin related issues enhancement New feature or request

Comments

@borisovano
Copy link

borisovano commented Nov 6, 2023
edited
Loading

Summary

Allow CMP plugin to Plug-In to the flow together with other tools, instead of trying augment them with complicated CLI commands.

| Argocd checkout repo | ----> | Argocd helm tool | ----> | Argocd CMP plugin | -----> | Diff | ----> | Sync |

Motivation

Currently CMP plugin is not designed to Plug-In to the flow together with other tools, instead it tries to augment them.

I'll bring vault plugin as example.

I'd like to use vault-plugin - meaning to dynamically fetch the secrets on Sync.
Instead of chaining the plugin to the output of helm tool which is minimal and elegant. The user is required to implement all the helm heavy lifting by himself.

So instead of using the output of helm tool we need to use on of the following:
Default: https://argocd-vault-plugin.readthedocs.io/en/stable/installation/#initcontainer-and-configuration-via-sidecar
Helm Simple: https://argocd-vault-plugin.readthedocs.io/en/stable/usage/#with-additional-helm-arguments
Helm with arguments: https://argocd-vault-plugin.readthedocs.io/en/stable/usage/#with-additional-helm-arguments
Helm with inline values: https://argocd-vault-plugin.readthedocs.io/en/stable/usage/#with-an-inline-values-file

(PS - it's not clear from the docs which usecase fits each direction)

Some of the directions above have security risks, others prone to errors and none allows me to keep my application as is.
So instead of current implementation, the application is as follows:

project: myproj
source:
  repoURL: 'https://gitlab.com/myrepo'
  path: local-charts/mychart
  targetRevision: HEAD
  helm:
    valueFiles:
      - ../../services/myservice/myapp/values.yaml
      - >-
        ../../services/myservice/myapp/env/myenv/values.yaml

The user required to use something like this:

  source:
    path: your-app
    plugin:
      name: argocd-vault-plugin-helm
      env:
        - name: HELM_VALUES
          value: |
            # non-vault helm values are specified normally
            someValue: lasldkfjlksa
            moreStuff:
              - a
              - b
              - c

Proposal

CMP plugin should get the helm tool output and return valid manifests

project: myproj
source:
  repoURL: 'https://gitlab.com/myrepo'
  path: local-charts/mychart
  targetRevision: HEAD
  helm:
    valueFiles:
      - ../../services/myservice/myapp/values.yaml
      - >-
        ../../services/myservice/myapp/env/myenv/values.yaml
   plugin: 
      name: argo-vault-plugin
      after: helm
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component:cmp Config Management Plugin related issues enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@leoluz @borisovano @reggie-k