Injecting secrets from Vault into Helm charts with ArgoCD

• argo-helm

  17 1,540 9.5 Mustache

  ArgoProj Helm Charts

  

# once againe make sure to use proper namespace kubens toolbox # install ArgoCD with provided vaules helm repo add argo https://argoproj.github.io/argo-helm helm install argocd argo/argo-cd -n toolbox -f argocd-helm-values.yaml

• kubectx

  40 16,852 3.3 Go

  Faster way to switch between clusters and namespaces in kubectl

I also encourage you to install kubectx + kubens to navigate Kubernetes easily.

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• vault-helm

  3 1,032 7.5 Shell

  Helm chart to install Vault and other associated components.

  

To install Vault we will use the official Helm chart provided by HashiCorp. For simplicity, install it in developer mode. In dev mode, Vault doesn't need to be initialized or unsealed, but remember, it's only for development or experimentation. Never, ever run a dev mode in production

• argocd-vault-plugin

  9 757 7.1 Go

  An Argo CD plugin to retrieve secrets from Secret Management tools and inject them into Kubernetes secrets

  

repoServer: rbac: - verbs: - get - list - watch apiGroups: - '' resources: - secrets - configmaps initContainers: - name: download-tools image: registry.access.redhat.com/ubi8 env: - name: AVP_VERSION value: 1.11.0 command: [sh, -c] args: - >- curl -L https://github.com/argoproj-labs/argocd-vault-plugin/releases/download/v$(AVP_VERSION)/argocd-vault-plugin_$(AVP_VERSION)_linux_amd64 -o argocd-vault-plugin && chmod +x argocd-vault-plugin && mv argocd-vault-plugin /custom-tools/ volumeMounts: - mountPath: /custom-tools name: custom-tools extraContainers: - name: avp-helm command: [/var/run/argocd/argocd-cmp-server] image: quay.io/argoproj/argocd:v2.4.8 securityContext: runAsNonRoot: true runAsUser: 999 volumeMounts: - mountPath: /var/run/argocd name: var-files - mountPath: /home/argocd/cmp-server/plugins name: plugins - mountPath: /tmp name: tmp-dir - mountPath: /home/argocd/cmp-server/config name: cmp-plugin - name: custom-tools subPath: argocd-vault-plugin mountPath: /usr/local/bin/argocd-vault-plugin volumes: - configMap: name: cmp-plugin name: cmp-plugin - name: custom-tools emptyDir: {} - name: tmp-dir emptyDir: {} # If you face issue with ArgoCD CRDs installation, then uncomment below section to disable it #crds: # install: false

• arogcd-vault-plugin-with-helm

  1 1 10.0

  Repository contains configuration resources to setup secret injections from Vault into Helm charts with ArgoCD

All of the above configurations you can find in dedicated GitHub repo

• spring-boot-debug-app

  3 1 10.0 Kotlin

  Spring Boot application for debugging purpose.

apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: demo spec: destination: namespace: sandbox server: https://kubernetes.default.svc project: default source: path: infra/helm repoURL: https://github.com/luafanti/spring-boot-debug-app targetRevision: main plugin: env: - name: HELM_VALUES value: | serviceAccount: create: true image: repository: luafanti/spring-boot-debug-app tag: main pullPolicy: IfNotPresent replicaCount: 1 resources: memoryRequest: 256Mi memoryLimit: 512Mi cpuRequest: 500m cpuLimit: 1 probes: liveness: initialDelaySeconds: 15 path: /actuator/health/liveness failureThreshold: 3 successThreshold: 1 timeoutSeconds: 3 periodSeconds: 5 readiness: initialDelaySeconds: 15 path: /actuator/health/readiness failureThreshold: 3 successThreshold: 1 timeoutSeconds: 3 periodSeconds: 5 ports: http: name: http value: 8080 management: name: management value: 8081 envs: - name: VAULT_SECRET_USER value: - name: VAULT_SECRET_PASSWORD value: log: level: spring: "info" service: "info" syncPolicy: {}

Suggest a related project