-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Using SSH keys to authenticate kustomize bases from git #827
Comments
@arnarg Your current workaround is the the recommended approach at the moment. Alternatively, you could have used an init container to copy the file to a shared emptyDir. See: https://github.com/argoproj/argo-cd/blob/master/docs/custom_tools.md We will look into how we could formalize repo-server customizations through settings. Another example of where this is needed is with helm charts that need to use another remote helm repo as a dependency: #747 |
I first tried it with emptyDir volume or mounting the secret directly under |
@jessesuen Hi! Any updates on this issue in the current ArgoCD version or we still need to manually add known host in ArgoCD server container? |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Fixed. In v1.1 |
This workaround no longer appears to be working (on v 2.2.3) with:
Still works if you additionally set Mounting to an empytDir would be better though if the "owned by root" problem highlighted by @arnarg can be overcome. |
Kustomize bases can point to other git repositories like is shown here. The problem is that we have our base in a private bitbucket repository.
You can set the base to
git::https://<user>:<app_pass>@bitbucket.org/org/repo.git
and that works fine but storing thatapp_pass
in a repository isn't optimal.I managed to get SSH working using the base
git::bitbucket.org:/org/repo.git
and change the deployment ofargo-repo-server
to the following:Is there any way this could be supported more natively?
Either by using the same key as the repository used for the application or setting another one somehow.
The text was updated successfully, but these errors were encountered: