argocd-vault-plugin
argo-rollouts
Our great sponsors
argocd-vault-plugin | argo-rollouts | |
---|---|---|
9 | 9 | |
760 | 2,472 | |
2.6% | 3.5% | |
7.3 | 9.5 | |
about 10 hours ago | 6 days ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
argocd-vault-plugin
-
GitOps and Kubernetes – Secure Handling of Secrets
ArgoCD supports SOPS with the vault Plugin.
-
Injecting secrets from Vault into Helm charts with ArgoCD
repoServer: rbac: - verbs: - get - list - watch apiGroups: - '' resources: - secrets - configmaps initContainers: - name: download-tools image: registry.access.redhat.com/ubi8 env: - name: AVP_VERSION value: 1.11.0 command: [sh, -c] args: - >- curl -L https://github.com/argoproj-labs/argocd-vault-plugin/releases/download/v$(AVP_VERSION)/argocd-vault-plugin_$(AVP_VERSION)_linux_amd64 -o argocd-vault-plugin && chmod +x argocd-vault-plugin && mv argocd-vault-plugin /custom-tools/ volumeMounts: - mountPath: /custom-tools name: custom-tools extraContainers: - name: avp-helm command: [/var/run/argocd/argocd-cmp-server] image: quay.io/argoproj/argocd:v2.4.8 securityContext: runAsNonRoot: true runAsUser: 999 volumeMounts: - mountPath: /var/run/argocd name: var-files - mountPath: /home/argocd/cmp-server/plugins name: plugins - mountPath: /tmp name: tmp-dir - mountPath: /home/argocd/cmp-server/config name: cmp-plugin - name: custom-tools subPath: argocd-vault-plugin mountPath: /usr/local/bin/argocd-vault-plugin volumes: - configMap: name: cmp-plugin name: cmp-plugin - name: custom-tools emptyDir: {} - name: tmp-dir emptyDir: {} # If you face issue with ArgoCD CRDs installation, then uncomment below section to disable it #crds: # install: false
- K8s and HIPPA/PHI compliant systems - Need advice!
-
Learning with K3s at home. Is it "better" to store secrets encrypted in the git repo (e.g., sealed-secrets) or in a separately managed secret database (e.g., vault)?
argoproj-labs/argocd-vault-plugin
-
Best solution to use Argocd with helm and manage secrets ? Don't say flux !
We’re using https://github.com/argoproj-labs/argocd-vault-plugin which allows you to define secrets in git (works with more backends than just hashicorp vault despite the name). The documentation took me a bit to figure out, but so far it works.
-
Best Practices for Argo CD
Argo CD Vault plugin
- Removing replication count, resource, tolerations, pvc when app is onboarded using ArgoCD
- Gotta love gitops
-
Best/Secure way to add a secret for ArgoCD Helm Chart?
I used argocd vault plugin https://github.com/IBM/argocd-vault-plugin
argo-rollouts
-
Gateway API is now in Beta; new project formed for service mesh APIs
And support is on it's way for Argo Rollouts 🎉 https://github.com/argoproj/argo-rollouts/pull/2004
-
Progressive Delivery with Argo Rollouts : Blue-Green Deployment
curl -LO https://github.com/argoproj/argo-rollouts/releases/latest/download/kubectl-argo-rollouts-linux-amd64 chmod +x ./kubectl-argo-rollouts-linux-amd64 sudo mv ./kubectl-argo-rollouts-linux-amd64 /usr/local/bin/kubectl-argo-rollouts kubectl argo rollouts version
-
Progressive Delivery with Argo Rollouts: Canary Deployment
kubectl create namespace argo-rollouts kubectl apply -n argo-rollouts -f https://github.com/argoproj/argo-rollouts/releases/latest/download/install.yaml
-
how do you auto deploy to kubernetes with auto rollbacks?
You can see in why argo section here what are the limitations of rolling updates and how rollouts solves it: https://github.com/argoproj/argo-rollouts
-
Best Practices for Argo CD
Argo Rollouts
-
Canary deployments
Check the public users list https://github.com/argoproj/argo-rollouts/blob/master/USERS.md
-
argo-rollouts VS flagger - a user suggested alternative
2 projects | 25 Jan 2022
- argoproj/argo-rollouts: Progressive Delivery for Kubernetes
-
Automation assistants: GitOps tools in comparison
Supplementary GitOps operators can also be used for deployment strategies, such as canary releases, A/B tests, and blue/green deployments, which have now been grouped under the term “progressive delivery”. The resources of most GitOps operators are not sufficient for this. One solution is Flagger. The tool that was launched by Weaveworks is now being developed as part of the Flux project. The Argo project also has an operator for this use case: Argo Rollouts. Both offer CRs for implementing progressive delivery strategies in interaction with various ingress controllers and service meshes.
What are some alternatives?
kubernetes-external-secrets - Integrate external secret management systems with Kubernetes
flagger - Progressive delivery Kubernetes operator (Canary, A/B Testing and Blue/Green deployments)
kustomize-sops - KSOPS - A Flexible Kustomize Plugin for SOPS Encrypted Resources
Flux - Successor: https://github.com/fluxcd/flux2
vault-secrets-operator - Create Kubernetes secrets from Vault for a secure GitOps based workflow.
fleet - Deploy workloads from Git to large fleets of Kubernetes clusters
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
terraform-k8s - Terraform Cloud Operator for Kubernetes
secrets-store-csi-driver - Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
flux2 - Open and extensible continuous delivery solution for Kubernetes. Powered by GitOps Toolkit.
vault-creds - Sidecar container for requesting dynamic Vault database secrets
argo-cd - Declarative Continuous Deployment for Kubernetes