Skip to content

tiwarisanjay/argoworkflow-argocd-dex-integration

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
microsoft-connector
microsoft-connector
 
 
README.md
README.md
 
 

Repository files navigation

argocd-dex

ArgoCD with Dex Configuration

ArgoWorkflow/ArgoCD Dex Integration AzureAD using dex Microsoft connector

Prerequsites

  • Create new application in AzureAD OIDC follow following link for the same Quick Start : Register an application
  • Call back URL in your AzureAD application would be :
    • https://<ArgoCD_Server_IP/URL>/api/dex/callback
  • I worked with GKE so still needs to work with localhost. It should work for localhost too where the IP/URL is required.

Lets run some commands now to get it work

Microsoft Connector

  • Following file needs to be updated:

    • microsoft-connector/argocd-extra.yaml , microsoft-connector/argoworkflow-extra.yaml

      • <Your Base64 Client Secret> : with your ClientSecret created in AzureAD for OIDC application
      • <Your Clinet/ApplicationID of Azure app> : Client/Application ID in AuzreAD OIDC Application.
      • 111111-000-000-aaaa-aaaaaaaa : Update Tenant-ID with yours.
      • https://22.222.222.222 : ArgoCD Server IP. If you port forward your application to localhost it should be localhost:port If you create a nodeport type service it should be localhost:nodeport If you create a loadbalancer it will be your loadbalancerIP
      • https://11.111.11.111:2746 : Its your argo workflow server LoadBalancerIP:port or localhost:port
      • 33.333.333.333 : Load Balancer IP for Dex

  • Lets Install everything

    kubectl apply -k microsoft-connector/

  • Restart your argo-server, argocd-server and dex pod if you are seening error as they might not have picked the changes from configmap.

  • If you are using localhost please port-forward you ArgoCD server and Argoworkflow server and update the config map with Right port.

  • Now port-forward your argo workflow server to localhost or use the loadbalancer IP.

  • Click on Single Sign On.

  • Congratulations you should have authenticated with your AzureAD account. :)

Failures Points for me:

  1. If you mention wrong URL for Issuer in argocd-cm configmap it will keep on giving you 404 page not found error.
  2. If you mention wrong issuer url for workflow-controller-configmap configmap it will also give you 404 page not found error.
  3. If you have not use insecureSkipVerify: true flag in workflow-controller-configmap argo-workflow server pod will give you certificate error.
  4. If your ID is incorrect for staticClient setup in argocd-cm configmap it wil give you invalid client_id("your-right-id") error. Though you will see the Right ClientID in your msg and this is pretty confusing and took me 3 days to solve the issue as nothing was pointing where its wrong.

About

Argo workflow sso integration using ArgoCD Dex and AzureAD OIDC

Topics

sso-authentication dex argocd argo-workflows argocd-dex argo-workflow-sso argo-cd-sso argo-workflow-dex

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published