kubernetesargo-workflowsargocdargo
Argo Workflow Stuck in Progressing
I've created a test Argo Workflow to help me understand how I can CI/CD approach to deploy an Ansible Playbook. When I create the app in Argo CD, it syncs fine, but then it just gets stuck on Progressing and never gets out of that state.
I tried digging around to see if there was any indication in the logs, but I'm fairly new to Argo. It doesn't even get to the point where it's creating any pods to do any of the steps.
Thoughts?
Here is my workflow:
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
name: ansible-test
spec:
entrypoint: ansible-test-ci
arguments:
parameters:
- name: repo
value: ****
- name: revision
value: '1.6'
templates:
- name: ansible-test-ci
steps:
- - name: checkout
template: checkout
#- - name: test-playbook
# template: test-playbook
# arguments:
# artifacts:
# - name: source
# from: "{{steps.checkout.outputs.artifacts.source}}"
- - name: deploy
template: deploy
arguments:
artifacts:
- name: source
from: "{{steps.checkout.outputs.artifacts.source}}"
- name: checkout
inputs:
artifacts:
- name: source
path: /src
git:
repo: "{{workflow.parameters.repo}}"
#revision: "{{workflow.parameters.revision}}"
#sshPrivateKeySecret:
# name: my-secret
# key: ssh-private-key # kubectl create secret generic my-secret --from-file=ssh-private-key=~/.ssh/id_rsa2
outputs:
artifacts:
- name: source
path: /src
container:
image: alpine/git:latest
command: ["/bin/sh", "-c"]
args: ["cd /src && git status && ls -l"]
#- name: test-playbook
# inputs:
# artifacts:
# - name: source
# path: /ansible/
# container:
# image: ansible/ansible-runner:latest
# command: ["/bin/sh", "-c"]
# args: ["
# cd /ansible &&
# ansible-playbook playbook.yaml -i inventory
# "]
- name: deploy
inputs:
artifacts:
- name: source
path: /ansible/
container:
image: ansible/ansible-runner:latest
command: ["/bin/sh", "-c"]
args: ["
cd /ansible &&
ansible-playbook playbook.yaml -i inventory
"]
Images of what's going on in Argo CD:
Solution
I ended up solving this by adding a ServiceAccount and Role resource to the namespace that Argo Workflow was trying to run within.
Here's the Role I added:
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: workflow-role
rules:
# pod get/watch is used to identify the container IDs of the current pod
# pod patch is used to annotate the step's outputs back to controller (e.g. artifact location)
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- watch
- patch
# logs get/watch are used to get the pods logs for script outputs, and for log archival
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: workflow-role-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: workflow-role
subjects:
- kind: ServiceAccount
name: default
- The connection to the server localhost:8080 was refused
- How to use Kubernetes secret object stringData to store base64 encoded privateKey
- K8s cluster deployment error: nc: bad address 'xx'
- Ingress path redirection, helm chart
- fluentd with OpenSearch - where does the @timestamp field come from?
- How can I keep a container running on Kubernetes?
- kubectl logs displays only 'API server listening at: [::]:40000' when remote debugging with dlv is enabled - How do I get my logs back?
- failed calling webhook "vingress.elbv2.k8s.aws"
- Kubernetes - Frontend pod can't reach backend pod
- How to access Kubernetes API when using minkube?
- What is Difference between KubernetesManifest@0 and KubernetesManifest@1 in Yaml pipeline?
- kube-prometheus-stack issue scraping metrics
- No stdout/stderror output or delayed when running Haskell application in Kubernetes
- Is there an imperative command to create daemonsets in kubernetes?
- Mongo DB deployment not working in kubernetes because processor doesn't have AVX support
- Nginx Ingress Controller - Failed Calling Webhook
- Easily detect deprecated resources on Kubernetes
- How to configure a Kubernetes Multi-Pod Deployment
- Difference between targetPort and port in Kubernetes Service definition
- EKS Fargate workloads unable to resolve DNS names
- Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "text/html"
- Can't install Kubernetes on Vagrant
- How do I force Kubernetes to re-pull an image?
- no endpoints available for service \"kubernetes-dashboard\"
- Cannot install kubernetes helm chart Error: cannot re-use a name that is still in use
- helm error "Error: This command needs 2 arguments: release name, chart path"
- Helm --set with > as special Charcater at the end
- How can I deploy a helm packaged app to ArgoCD?
- k8s CRD definition: 4 mutually exclusive optional fields
- Minikube with ingress example not working