Here's how you can set up #argocd to build nix flakes: https://github.com/argoproj/argocd-example-apps/pull/244 (based on my #nixcon talk the other day).

I did not have much fun reformatting the yaml-in-yaml, but my original setup is nix based (which solves that specific problem so nicely I forgot it's in fact a yaml-in-yaml thing). There's no catch 22, of course, but I think everyone else but me deploys argocd without nix, so they couldn't make use or the example the other way.

SecurityOnline: CVE-2023-40029 in Argo CD lets attackers view the full contents of a cluster secret https://securityonline.info/cve-2023-40029-in-argo-cd-lets-attackers-view-the-full-contents-of-a-cluster-secret/ #CVE-2023-40029 #CVE-2023-40584 #Vulnerability #ArgoCD

Ok instead of apps of apps, I really want to be using ApplicationSets, specifically with the SCM provider generator.

Then I can add a project to a group and have it just get added to the cluster

#argocd #devops

I'm thinking of building a CI/CD pipeline with #GitHub Actions and #ArgoCD to deploy software with testing and quality assurance using #SonarQube. I pretend to study architecture again....

The talk on #nix & #kubernetes was approved \o/ my #argocd shenanigans are coming to #nixcon 🎉

My mood this morning trying to get some flaky CI tests to pass and a flaky CD system to actually deploy... I can't wait until we finish the rewrite and migration to #ArgoCD and #ClusterAPI

I'm trying to deploy a new service in #argocd and it doesn't work 😎

#devops #kubernetes #secrets

@SerhiyMakarenko I just use nix to bootstrap k3s: https://github.com/farcaller/nix-kube-modules

I also used nix on the first management cluster to get the CNI going but then I used #argocd in there to provision the CNI on the rest.

Deploying Helm Charts with ArgoCD using Helmfile is not supported out of the box. In this article, I will show how to extend ArgoCD using Config Management Plugins to support Helmfile: https://blog.knell.it/deploying-helm-charts-using-argocd-and-helmfile #argocd #gitops #helm #kubernetes #openshift #cicd

Learn how to deploy Helm Charts with ArgoCD with four different approaches.
https://blog.knell.it/deploying-helm-charts-through-argocd-streamlining-kubernetes-deployments/ #argocd #helm #kubernetes #openshift #gitops #cicd

I had to teach #argocd to run nix build with --impure, but now I can collect the global services from all my deployments and reflect them into my ingress cluster with `builtins.getFlake`.

Is it a mess? Yes.
It is fun? Heck yes.

#ArgoCD mag mich nicht. Ich hab mich im kustomization.yaml im Pfad zu einer der "resources" vertippt, aber statt dass es mir einfach im Webinterface sagt, dass es das gewünschte File nicht existiert, sagt es... nix. Ich mein, man kann mir sowas schon direkt mitteilen, ich vertrag das schon, das muss man nicht schüchtern ins Log schreiben und mich eine Ewigkeit suchen lassen.

🔥⏲️ Fudge Sunday "GitOps Goes the World" A look at GitOps and Policy-as-Code (PaC).

#gitops #policyascode #iac #pac #cicd #cicdpipelines #sbom #k8s #immutable #immutability #devx #developerexperience #idp #developerproductivity #platformengineering #platformengineer #opengitops #kyverno #kubernetes #argo #argocd #flux #newsletters #newsletter

https://fudge.org/archive/gitops-goes-the-world/?shared=foo

@raito I don't think it's one-size-fits-all , really. Like, I wouldn't want nix-based setup to manage my whole kubernetes cluster declaratively, #argocd works much much better for that. But I would want nix to manage argo itself because the abstractions are better.

Same for VMs. I don't want nix to manage the #tinyvmm because running VMs is often an imperative process. I'm fine with the "state". Not everything can be declared in a pure way.

But still, nix is so good for so many things.

google config connector: it a tar.gz archive with yaml and no versioning.
me: oh look, I can use #nix with #argocd again, fetch and deploy it in a reliable manner and track the changes.

I should really finish that blog post about making argocd and nix work, right?

If I want to tie a ConfigMap to a Deployment, I can use kustomize.

But: ArgoCD will happily prune the old configmap (obvs. I have to check the option).

This means that I can't roll back the deployment (because the ConfigMap is gone).

Is there a better way to manage this?

#kubernetes #argocd #gitops

The recording of my "#GitOps me some of that! Managing Hundreds of Clusters with #ArgoCD" talk is now available https://youtu.be/rh95h0uOEc8 #KubeCon #ArgoCon #Kubernetes #ClusterAPI #ApplicationSet

GitOps in harmony #gitops #argocd #flux @argoproj@twitter.com @OpenGitOps@twitter.com @fluxcd@twitter.com

RT @sabre1041
GitOps in harmony #gitops #argocd #flux @argoproj @OpenGitOps @fluxcd

My talk "#GitOps me some of that! Managing Hundreds of Clusters with #ArgoCD" is today at 4:20pm. You can come hear & learn about how #Adobe uses #ClusterAPI with #ArgoCD #ApplicationSet (plus the new #ProgressiveSync) to manage our fleet of clusters. #KubeCon #Kubernetes #ArgoCon https://sched.co/1JoAV