Search code examples
kubernetesrepositorykubernetes-helmargocd

Adding an SSH GitHub repository to ArgoCD using declarative DSL gives "authentication required"

I have an ArgoCD installation and want to add a GitHub repository using SSH access with an SSH key pair to it using the declarative DSL.

What I have is:

apiVersion: v1
data:
  sshPrivateKey: <my private ssh key base64 encoded>
  url: <url base64 encoded>
kind: Secret
metadata:
  annotations:
    meta.helm.sh/release-name: argocd-config
    meta.helm.sh/release-namespace: argocd
  creationTimestamp: "2021-06-30T12:39:35Z"
  labels:
    app.kubernetes.io/managed-by: Helm
    argocd.argoproj.io/secret-type: repo-creds
  name: repo-creds
  namespace: argocd
  resourceVersion: "364936"
  selfLink: /api/v1/namespaces/argocd/secrets/repo-creds
  uid: 8ca64883-302b-4a41-aaf6-5277c34dfbfc
type: Opaque
---
apiVersion: v1
data:
  url: <url base64 encoded>
kind: Secret
metadata:
  annotations:
    meta.helm.sh/release-name: argocd-config
    meta.helm.sh/release-namespace: argocd
  creationTimestamp: "2021-06-30T12:39:35Z"
  labels:
    app.kubernetes.io/managed-by: Helm
    argocd.argoproj.io/secret-type: repository
  name: argocd-repo
  namespace: argocd
  resourceVersion: "364935"
  selfLink: /api/v1/namespaces/argocd/secrets/argocd-repo
  uid: 09de56e0-3b0a-4032-8fb5-81b3a6e1899e
type: Opaque

I can manually connect to that GitHub private repo using that SSH key pair, but using the DSL, the repo doesn't appear in the ArgoCD GUI.

In the log of the argocd-repo-server I am getting the error:

time="2021-06-30T14:48:25Z" level=error msg="finished unary call with code Unknown" error="authentication required" grpc.code=Unknown grpc.method=GenerateManifest grpc.request.deadline="2021-06-30T14:49:25Z" grpc.service=repository.RepoServerService grpc.start_time="2021-06-30T14:48:25Z" grpc.time_ms=206.505 span.kind=server system=grpc

I deploy the secrets with helm.

So can anyone help me point in the right direction? What am I doing wrong?

I basically followed the declarative documentation under: https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/

Thanks in advance.

Best regards, rforberger

Solution

  • I am not sure about helm, since I am working with the yaml files for now, before moving into helm. You could take a look at this Github issue here to configure SSH Key for helm

    I had this issue, when I was working with manifests. The repo config should be in argocd-cm configmap. The fix was this:

    ---
apiVersion: v1
kind: ConfigMap
metadata:
  name: argocd-cm
  namespace: argocd
  labels:
    app.kubernetes.io/name: argocd-cm
    app.kubernetes.io/part-of: argocd
data:
  repositories: |
    - name: my-test-repo
      url: ssh://git@repo-url/path/to/repo.git
      type: git
      insecure: true.                  // To skip verification
      insecureIgnoreHostKey: true      // to ignore host key for ssh
      sshPrivateKeySecret:
        name: private-repo-creds
        key: sshPrivateKey
---
apiVersion: v1
kind: Secret
metadata:
  name: private-repo-creds
  namespace: argocd
  labels:
    argocd.argoproj.io/secret-type: repo-creds
data:
  sshPrivateKey: <my private ssh key base64 encoded>

    And I am not sure if the documentation is correct or not, because I can see the document in stable is a bit different, although both your link and this stable doc link are from the same version