When we talk about Argo CD, we can y say that it is a declarative GitOps tool. Which is used as continuous delivery for Kubernetes. It focuses on the management of application deployments in multiple clusters and also gives the smooth continuous delivery from VCS (Github) to your Kubernetes.
- Kubectl command line tool
- Setup Kubernetes cluster
- Install ArgoCd
- Install ArgoCd-Cli
Why do we need Users in ArgoCd
Now the question comes to mind, why do we need the user in the argocd. So, whenever we are working with the authentication with the third part tool for example postman. So, in that case, we need to create a user for the argocd because thgoodn account cannot generate the bearer token for authentication, so in that case, we need the user to create the token.
How to create the User in ArgoCd
So when we install the argocd on the kubernetes cluster, it will create the yamls in the argocd namespace. Which are the service, deployments, rbac etc. There are two methods of creating the user in argocd.
- By creating the new ConfigMap for argocd as argocd-cm and argocd-rbac-cm.
- Edit the existing argocd-cm and argocd-rbac-cm in argocd namespace.
I tried creating the new ConfigMap as argocd-cm and argocd-RBAC-cm. I used to make the user with the name
balraj as shown in the picture.
Now the user can login and create the the token for authentication.
Same with the argocd-rbac-cm
In this file, we assigned the permissions for the user to perform the task. Now we have to log in with the new user but before that update the password for the new user. To verify whether the user is created or not, go to the setting in the argocd UI, then click on accounts and we can check our user. Also, we just type the command argocd account list . Now update the password through the command
$ argocd account update-password --account <name> --current-password <current-user-password> --new-password <new-user-password>
Now login with the user that you have created and navigate yourself to the setting in the UI of argocd. Then click on your account and you can create the bearer toke under thatn. That token can be used for third-party authentication like postman, for calling the API’s.