Prerequisites

Before proceeding, make sure you have the following prerequisites in place

1. A running ArgoCD server

2. Kubernetes clusters that you want to connect to ArgoCD

How to setup ArgoCD and connect to private github repo

In my previous blog I have covered this topic for setup ArgoCD and connect to private github repo you will also get their sample code to perform this blogs tutorial that is important please do checkout before this blog

Part-1: Setting Up CI/CD using GitHub Actions, SonarCloud, and ArgoCD on Google Kubernetes Engine

GKE Clusters Set-Up

1. Create 2 gke clusters ( you can create multiple clusters as per your comfort )

gcloud container clusters create dev --num-nodes=2 --zone=us-central1-a
gcloud container clusters create prod --num-nodes=1 --zone=us-central1-a

Note: Make sure argoCD server should be installed on dev cluster

1. Get config entry in Cloud shell for dev cluster

gcloud container clusters get-credentials dev --zone=us-central1-a
gcloud container clusters get-credentials prod --zone=us-central1-a

dev cluster is the one where we will install argoCD CLI

Install ArgoCD CLI

1. The ArgoCD CLI (argocd) is a command-line tool that allows you to interact with the ArgoCD server. If you haven't already installed it, download the CLI from the official ArgoCD releases page and ensure it is in your system's PATH.

curl -sSL -o argocd-linux-amd64 https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64
sudo install -m 555 argocd-linux-amd64 /usr/local/bin/argocd
rm argocd-linux-amd64

1. Connect to ArgoCD Server To interact with the ArgoCD server, use the argocd login command. Replace <ARGOCD_SERVER_ADDRESS>, <USERNAME>, and <PASSWORD> (or <TOKEN>) with the appropriate values for your ArgoCD instance.

<ARGOCD_SERVER_ADDRESS> don't include https or http just keep IP only

argocd login <ARGOCD_SERVER_ADDRESS> --username <USERNAME> --password <PASSWORD>
# or use token-based authentication:
# argocd login <ARGOCD_SERVER_ADDRESS> --username <USERNAME> --token <TOKEN>

1. Get context names

kubectl config get-contexts

copy context name for prod cluster <CLUSTER_CONTEXT_NAME>

1. Add Cluster Contexts Use the argocd cluster add command to add Kubernetes cluster as a context to ArgoCD. For example:

argocd cluster add <CLUSTER_CONTEXT_NAME>

1. Verify Connected Clusters You can verify the clusters connected to ArgoCD using the following command:

argocd cluster list

This will list all the clusters that are connected to your ArgoCD instance.

1. Open argoCD UI and check under setting >> cluster you will see your second cluster is added but status will be unknown don't worry just deploy app it will show successful

1. Create Applications With the clusters connected, you can now create applications in ArgoCD that deploy resources to specific clusters , and how to create application. I have covered in my previous blog on argocd

app in the dev cluster

app in the prod cluster

Sync Applications ArgoCD will automatically sync the applications with their respective clusters based on the specified context and Git repository.

Conclusion

By following these steps, you can easily add multiple Kubernetes clusters to ArgoCD and manage your applications across various clusters from a single ArgoCD instance. ArgoCD's ability to handle multiple clusters simplifies the process of deploying applications in complex multi-cluster environments. Embrace the power of ArgoCD to streamline your application deployments and manage your Kubernetes clusters efficiently. Happy deploying!

We'll cover topics such as setting up GitHub Actions workflows for building, testing, and deploying your application, integrating SonarCloud for code quality analysis, and leveraging ArgoCD for automated deployment of your application to Google Kubernetes Engine (GKE).

With this comprehensive guide, you'll be able to optimize your development workflow, ensure code quality, and achieve efficient and reliable deployments to production.

Note: If you haven't checkout part-1 , please check the first Link.

Prerequisites

• Sonarcloud account

• GitHub public repositories ( works with Sonarcloud free plan)

• Slack (Optional)

Why SonarCloud and GitHub Actions?

SonarCloud is a go-to choice for devs when it comes to code analysis and quality management, thanks to its awesome features and support for a bunch of programming languages like Java, JavaScript, C#, C++, Python, and more. It's got some powerful code analysis tools, like detecting code smells, security vulnerabilities, code duplication, and analyzing code coverage, which helps teams spot and fix issues early in the dev process. On the flip side, GitHub Actions is a super handy automation tool that lets devs automate all sorts of tasks, like continuous integration (CI), continuous delivery (CD), and code quality checks, right within their GitHub repos. GitHub Actions offers a flexible and customizable way to automate workflows and create automated pipelines for software development projects.

Combining SonarCloud and GitHub Actions can provide a seamless and automated way to incorporate code quality checks into the software development workflow, enabling developers to catch and fix code issues before they make their way into production.

Setting up SonarCloud and GitHub Actions: Here's a step-by-step guide on how to set up SonarCloud and GitHub Actions for code quality checks in your GitHub repositories:

Sonarcloud Setup

1. Sign up and configure SonarCloud Sign up for a free account on SonarCloud (https://sonarcloud.io/).

2. Create a new project for your GitHub repository or import organization.

1. Click on the imported repo and choose analysis method Github actions. copy token, as they will be needed in the GitHub Actions workflow.

1. Add the above token to Github actions secrets

1. Generate one more Github token or take from part-1 API_TOKEN_GITHUB

GitHub Actions workflow

1. Create a sonar-project.properties file in the main repo and configure it.

   sonar.projectKey=<<ADD PROJECT KEY>>

   sonar.organization=<<organization name>>

   sonar.projectName= <ADD project NAME>

sonar.projectKey=<<ADD PROJECT KEY>>
sonar.organization=shivam779823
sonar.python.coverage.reportPaths=*coverage*.xml
sonar.python.xunit.reportPath=*output*.xml 
sonar.coverage.dtdVerification=false
#sonar.inclusions=*.py

# This is the name and version displayed in the SonarCloud UI.
sonar.projectName= <ADD project NAME>
#sonar.projectVersion=1.0
sonar.python.version = 3

# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
sonar.sources=.


# Encoding of the source code. Default is default system encoding
sonar.sourceEncoding=UTF-8

1. Establish the steps for your GitHub Actions workflow, incorporating essential code quality checks. These may consist of checking out the code, installing dependencies, running tests, and performing SonarCloud analysis. Below is a GitHub Actions workflow YAML file featuring SonarCloud analysis for a Python project

#################################################
# MAINTAINED BY: SHIVAM
#################################################

name: ArgoCD CI Pipeline 
on:
  workflow_dispatch:
  push:
    branches:
      - main
      - test
  pull_request:
    branches:
      - main
      - test
env:     
  IMAGE: mywebsite
  DOCKERHUB_USERNAME: <username> 

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version: ["3.9",]

    steps:
      - name: code Checkout
        uses: actions/checkout@v3
        with:
           fetch-depth: 0

      - name: Set up Python ${{ matrix.python-version }}
        uses: actions/setup-python@v4
        with:
          python-version: ${{ matrix.python-version }}

#       #STEP 1 python install

      - name: install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install pytest
          if [ -f requirements.txt ]; then pip install -r requirements.txt; fi  
#       #STEP 2 Pytest        
      - name: Test with pytest
        run: |
          pytest --cov=main test_main.py --junitxml=./output.xml 
          python3 -m coverage xml
          ls
          cat coverage.xml
          pwd
        #STEP 3 Sonarcloud
      - name: SonarCloud Scan
        uses: SonarSource/sonarcloud-github-action@master
        env:
            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
            SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}   

      - name: SonarQube Quality Gate check
        id: sonarqube-quality-gate-check
        uses: sonarsource/sonarqube-quality-gate-action@master
      # Force to fail step after specific time.
        timeout-minutes: 1
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} 

#       #STEP 4 Dockerhub login
      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

#       #STEP 5 Build and Push
      - name: Build and push
        uses: docker/build-push-action@v3
        with:
          context: .
          file: ./Dockerfile
          push: true
          tags: ${{env.DOCKERHUB_USERNAME}}/${{env.IMAGE}}:${{github.run_number}} 

#       #STEP 6  Invoke deployment action     
      - name: Invoke deployment GitOps pipe
        run: |
          curl -H "Accept: application/vnd.github.everest-preview+json" \
          -H "Authorization: token ${{secrets.API_TOKEN_GITHUB}}" \
          --request POST \
          --data '{"event_type": "update-deployment", "client_payload": { "buildnumber": "'"${{github.run_number}}"'" }}' \
          https://api.github.com/repos/shivam779823/argocd-deployment/dispatches

In this example, the workflow is triggered on push and pull request events for the main branch.

Github APP repo: ArgoCD-CICD-app-repo

Github Secrets

Add all secrets to GitHub secrets

DOCKERHUB_USERNAME :

API_GITHUB_TOKEN:

DOCKERHUB_TOKEN:

SONAR_TOKEN:

1. Configure sonar Quality Gates as per your requirements.

Try to push or add a commit run CI/CD you will see code analysis on Sonarcloud UI

The next step is Slack integration this is optional you can add whatever tool you like for notifications

Slack Integrations

1. Create a Slack workspace: If you don't already have a Slack workspace, you'll need to create one. You can sign up for a free account on the Slack website (https://slack.com/) and create a new workspace for your team or organization.

2. Add the GitHub app to Slack: In your Slack workspace, you can search for the GitHub app in the Slack App Directory and add it to your workspace. The GitHub app allows you to receive notifications and updates from your GitHub repositories directly in Slack.

3. Configure GitHub integration settings: Once the GitHub app is added to your Slack workspace, you'll need to configure the integration settings. This usually involves authorizing the app to access your GitHub repositories and selecting the repositories for which you want to receive notifications in Slack.

4. Customize notifications: You can customize the notifications that you want to receive in Slack from GitHub. For example, you can choose to receive notifications for new pull requests, code reviews, commits, and other GitHub events. You can also configure the format and content of the notifications, such as the channel where notifications are posted, the message template, and the level of detail in the notifications.

5. Set up Slack webhooks: Slack also supports webhooks, which allow you to receive custom notifications and events from GitHub in Slack. You can set up webhooks in GitHub to send notifications to a specific Slack channel or user when certain events occur, such as new pull requests or issues being opened or closed.

6. Use Slack commands for GitHub actions: Slack also supports custom slash commands, which allow you to trigger GitHub actions directly from Slack. For example, you can create custom slash commands to create new issues, comment on pull requests, or close issues in GitHub, all from within Slack.

7. Collaborate with team members: Once the Slack and GitHub integration is set up, you can collaborate with your team members in Slack by discussing code changes, reviewing pull requests, and coordinating code reviews. Slack notifications can help you stay up-to-date with the latest changes in your GitHub repositories, and you can use Slack commands to take actions on GitHub directly from Slack, making it a seamless and efficient way to collaborate on code development and reviews.

Summary

building a CI/CD pipeline using GitHub Actions, SonarCloud, and ArgoCD on GKE. These tools enable developers to automate code quality analysis, build, and deployment processes, resulting in faster and more reliable software development cycles. By implementing a robust CI/CD pipeline, teams can achieve higher code quality, faster release cycles, and improved collaboration among team members, ultimately leading to more successful and efficient software development projects.

In conclusion, this blog provides a comprehensive guide on how to build a CI/CD pipeline using GitHub Actions, SonarCloud, and ArgoCD on GKE, empowering teams to deliver high-quality software with increased speed, reliability, and scalability.

cd

cd: Change directory

The cd command is used to navigate between directories. It allows you to move to a different directory within the file system. For example, to move to the home directory, you can type cd ~.

ls

ls: List contents of a directory

The ls command is used to list the contents of a directory. It displays the files and directories in the current directory. You can use the -l option to display more detailed information about the files, such as their permissions, owner, and size.

mkdir

mkdir: Make directory

The mkdir command is used to create a new directory. You can create a new directory by typing mkdir directory_name. For example, to create a new directory called "my_folder", you can type mkdir my_folder.

rm

rm: Remove files or directories

The rm command is used to delete files or directories. Be careful when using this command as it can permanently delete files and directories. To delete a file, you can type rm file_name. To delete a directory and its contents, you can use the -r option, which stands for "recursive". For example, to delete a directory called "my_folder" and its contents, you can type rm -r my_folder.

cp

cp: Copy files or directories

The cp command is used to make a copy of a file or directory. To copy a file, you can type cp file_name new_file_name. To copy a directory and its contents, you can use the -r option. For example, to copy a directory called "my_folder" to a new directory called "new_folder", you can type cp -r my_folder new_folder.

mv

mv: Move files or directories

The mv command is used to move files or directories. It can also be used to rename files or directories. To move a file or directory, you can type mv file_or_directory_name new_directory_name. For example, to move a file called "my_file.txt" to a new directory called "my_folder", you can type mv my_file.txt my_folder/.

grep

grep: Search for a pattern in a file

The grep command is used to search for a specific string or pattern in a file. It can be used to search for a word, a phrase, or a regular expression. For example, to search for the word "error" in a log file called "my_log.txt", you can type grep error my_log.txt.

top

top: Display system information

The top command is used to display information about system processes and resource usage. It shows the processes that are currently running on the system, as well as their CPU and memory usage. It's a useful command for monitoring system performance and troubleshooting issues.

netstat

netstat: Display network information

The netstat command is used to display network connections, routing tables, and interface statistics. It can be used to troubleshoot network issues and monitor network activity. For example, to display all active network connections, you can type netstat -a.

ssh

ssh: Secure Shell

The SSH command is used to establish a secure shell connection between a client and a server. Here's an example of how to use the SSH command

ssh username@server_ip_address

username is the username you use to log in to the server, and server_ip_address is the IP address or domain name of the server you want to connect to.

ping

ping: Check network connectivity

The ping command is used to check network connectivity. It sends packets to a remote host and waits for a response. If the host is reachable, it will respond with a packet. The ping command can be used to test the connectivity of a remote host or troubleshoot network issues. For example, to ping a host called "google.com", you can type ping google.com.

ifconfig

ifconfig: Display network interface configuration

The ifconfig command is used to display the configuration of network interfaces on the system. It shows information such as the IP address, netmask, and MAC address of each interface. It can be used to troubleshoot network issues and configure network settings.

ps

ps: Display running processes

The ps command is used to display information about running processes on the system. It shows the process ID, CPU and memory usage, and other information about each process. It can be used to monitor system performance and troubleshoot issues.

kill

kill: Stop a running process

The kill command is used to stop a running process. It sends a signal to the process to terminate it. You can use the kill command to stop a process that has become unresponsive or is consuming too much resources. For example, to stop a process with a process ID of 1234, you can type kill 1234.

tar

tar: Create and extract compressed archives

The tar command is used to create and extract compressed archives. It can be used to compress and archive files and directories for backup or transfer. For example, to create a compressed archive of a directory called "my_folder", you can type tar -czvf my_folder.tar.gz my_folder/. To extract the contents of a compressed archive, you can use the tar -xvf command.

curl

curl: Transfer data from or to a server

The curl command is used to transfer data from or to a server using a variety of protocols, including HTTP, FTP, SMTP, and more. It can be used to test API endpoints, download files, or upload data to a server. For example, to download a file from a URL, you can type curl -O http://example.com/file.txt.

sed

sed: Stream editor for text files

The sed command is used to perform text transformations on a file or stream. It can be used to find and replace text, delete lines, or perform other operations. For example, to replace the word "foo" with "bar" in a file called "my_file.txt", you can type sed 's/foo/bar/g' my_file.txt.

awk

awk: Pattern scanning and processing language

The awk command is used to perform text processing and manipulation. It can be used to extract specific fields from a file, perform calculations, or apply transformations to text. For example, to print the first column of a CSV file called "data.csv", you can type awk -F, '{print $1}' data.csv.

iptables

iptables: Firewall configuration

The iptables command is used to configure the Linux firewall. It can be used to allow or deny traffic based on IP address, port, or protocol. It is an essential tool for securing servers and preventing unauthorized access. For example, to allow incoming traffic on port 80, you can type iptables -A INPUT -p tcp --dport 80 -j ACCEPT.

summary

By mastering these Linux commands, one can increase efficiency and productivity as a DevOps engineer. Many other Linux commands can be useful in your work, but these commands are a good starting point. With practice and experience, you can become proficient in using the Linux command line to manage servers and infrastructure.

SSH

Secure Shell (SSH) is a widely used protocol for accessing remote servers and computing resources. Google Cloud Platform (GCP) Compute Engine provides a powerful platform for deploying virtual machines in the cloud. In this blog post, we will explore how to SSH into a GCP Compute Engine instance using a Bastion host.

What is a Bastion Host?

A bastion host is a secure intermediary server that acts as a gateway for remote access to a private network. In the context of GCP Compute Engine, a bastion host is used to provide secure access to instances running in a Virtual Private Cloud (VPC).

Benefits of using a bastion host for accessing VMs in GCP

1. Enhanced security: A bastion host acts as a secure gateway to your VMs, reducing the surface area for attacks.

2. Centralized access control: With a bastion host, you can centralize access control and log for all SSH connections to your VMs.

3. Simplified management: A bastion host can reduce the complexity of managing SSH keys for multiple VMs.

Steps to set up Bastion Host

1. Create a VPC network: Create a VPC network in GCP, which will be used to host your VMs and a bastion host.

gcloud compute networks create bastion-vpc \
--subnet-mode=custom

1. Create two subnets in the VPC network

gcloud compute networks subnets create subnet-a --network=bastion-vpc --region=us-central1 --range=10.250.40.0/27

gcloud compute networks subnets create subnet-b --network=bastion-vpc --region=us-central1 --range=10.250.41.0/9

Note: Delete your default vpc before running the above commands

1. Create a bastion host VM: Create a new Compute Engine instance that will act as the bastion host. Ensure that this VM is in the same VPC network as your target VMs.

gcloud compute instances create bastion  \
--network=bastion-vpc \
--zone=us-central1-a \
--subnet=subnet-a \
--tags=bastion

1. Create a private VM with no external IP

gcloud compute instances create private-vm  \
--network=bastion-vpc \
--zone=us-central1-a \
--subnet=subnet-b \
--tags=private-vm \
--no-address

Create a Firewall rule to allow ssh to Bastion host with your IP address

gcloud compute firewall-rules create allow-ssh-bastion \
--allow=tcp:22 \
--network=bastion-vpc \
--target-tags=bastion \
--source-ranges=[YOUR IP_RANGE]

Create a Firewall rule to allow traffic from the bastion to all other instances

gcloud compute firewall-rules create bastion-fwd-private-vm \
--allow=tcp:22 \
--network=bastion-vpc \
--source-tags=bastion \
--target-tags=private-vm

SSH into bastion host and run below command to access private vm

gcloud compute ssh private-vm --internal-ip

Note: Make sure your bastion vm service accountt have Read/Write permissions.

That's it! You can now securely access your VMs in GCP using a Bastion host.

Conclusion

In this blog post, we have explored how to SSH into a GCP Compute Engine instance using a Bastion host. By following these steps, you can establish a secure connection to your instances running in a VPC. It is important to note that using a bastion host adds an extra layer of security to your system by providing an additional barrier against unauthorized access.

Prerequisites

Before proceeding , you should have the following:

• A GitHub account

• A Google Cloud Platform account

• A Google Kubernetes Engine cluster

• ArgoCD installed on the cluster

• A sample application that you want to deploy

Architecture

I have two GitHub repositories: one for app code and another for deployment. The app code repository stores our application code, utilizing a continuous integration GitHub workflow. Meanwhile, the deployment repository houses a workflow for managing changes in deployment.yaml files. Additionally, you can integrate third-party tools for notifications.

Setting up GitHub Actions CI/CD

The first step is to set up GitHub Actions to build and test the application. Create a new file in the root directory of your application code repo named .github/workflows/Argocd-ci.yaml. This file will contain the following configuration for your CI/CD workflow.

Note: SonarCloud Integration and Slack we will See In the next part

#################################################
# MAINTAINED BY: SHIVAM
#################################################

name: ArgoCD CI Pipeline 
on:
  workflow_dispatch:
  push:
    branches:
      - main
      - test
  pull_request:
    branches:
      - main
      - test
env:     
  IMAGE: mywebsite
  DOCKERHUB_USERNAME: <username> 

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version: ["3.9",]

    steps:
      - name: code Checkout
        uses: actions/checkout@v3
        with:
           fetch-depth: 0

      - name: Set up Python ${{ matrix.python-version }}
        uses: actions/setup-python@v4
        with:
          python-version: ${{ matrix.python-version }}

#       #STEP 1 python install

      - name: install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install pytest
          if [ -f requirements.txt ]; then pip install -r requirements.txt; fi  
#       #STEP 2 Pytest        
      - name: Test with pytest
        run: |
          pytest --cov=main test_main.py --junitxml=./output.xml 
          python3 -m coverage xml
          ls
          cat coverage.xml
          pwd
#       #STEP 3 Lint
      - name: Linting
        run: |
          find . -name \*.py | xargs pylint -f parseable | tee pylint.log


#       #STEP 4 Dockerhub login
      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

#       #STEP 5 Build and Push
      - name: Build and push
        uses: docker/build-push-action@v3
        with:
          context: .
          file: ./Dockerfile
          push: true
          tags: ${{env.DOCKERHUB_USERNAME}}/${{env.IMAGE}}:${{github.run_number}} 



      # - name: kuberntest manifest
      #   run: |
      #     sed -i 's/mywebsite:latest/mywebsite:${{github.run_number}}/g' ${{ github.workspace }}/k8s/deployment.yaml

#       #STEP 6  Invoke deployment action     
      - name: Invoke deployment GitOps pipe
        run: |
          curl -H "Accept: application/vnd.github.everest-preview+json" \
          -H "Authorization: token ${{secrets.API_TOKEN_GITHUB}}" \
          --request POST \
          --data '{"event_type": "update-deployment", "client_payload": { "buildnumber": "'"${{github.run_number}}"'" }}' \
          https://api.github.com/repos/shivam779823/argocd-deployment/dispatches

Github APP repo: ArgoCD-CICD-app-repo

Now create separate Github repo for Deployment files

Github Deployment repo: ArgoCD-CICD-deployment-repo

name: Deployment to GKE 

on:
  repository_dispatch:
     types: update-deployment   
jobs:
  Deploy:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
      with:
        persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token
        fetch-depth: 0

    - name: Update Image Version
      id: imgupd
      uses: mikefarah/yq@master
      with:
        cmd: yq eval '.spec.template.spec.containers[0].image = "shiva9921/mywebsite:${{ github.event.client_payload.buildnumber }}"' -i k8s/deployment.yaml

    - name: Update the Build number
      run: |
        echo "Updating the Build Number: ${{github.event.client_payload.buildnumber}}"

    - name: Commit & Push changes
      uses: actions-js/push@master
      with:
        github_token: ${{ secrets.API_GITHUB_TOKEN }}
        message: "Updating the Build Number: ${{github.event.client_payload.buildnumber}}"

Github Secrets

Add all secrets to GitHub secrets

DOCKERHUB_USERNAME :

API_GITHUB_TOKEN:

DOCKERHUB_TOKEN:

Steup GKE and ArgoCD

as of now I am creating only one cluster you are free to create multiple cluster and how to add it in single argocd we will see in separate blog.

1. Run in Cloud shell to spin GKE Cluster.

gcloud container clusters create dev --num-nodes=2 --zone=us-central1-a

1. Get config entry in Cloud shell.

gcloud container clusters get-credentials dev --zone=us-central1-a

1. clone repo

git clone https://github.com/shivam779823/ArgoCD-CICD-app-repo.git
cd ArgoCD-CICD-app-repo

1. Create a namespace and Install ArgoCD

kubectl create ns argocd

kubectl -n argocd apply -f install.yaml

1. Get argocd password and username "Admin" by default

kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo

1. Open Load balancer ip in the browser for argocd server

kubectl -n argocd get svc

Argo CD Github Private repo integration

Remember that this repository is used for these tutorials are public for obvious reasons, so if you want to follow this tutorial, you are free to fork it to a private repository and adjust the repository URLs there.

There are two possibilities for ArgoCD to communicate with GitHub to check for changes. One is via HTTPS using a username and password. The other and recommended way is using SSH using a private-public key-pair

1. we need an SSH key to use. We can easily create a new SSH key pair using the following command.

ssh-keygen -t ed25519 -C "some comment"

cat ~/.ssh/id_ed25519.pub

1. Copy the public key and Add the Public key to GitHub.

1. Go to settings in argoCD UI , Click on Repository, select auth method SSH

1. Add the GitHub ssh url and Paste the private key that we generated.

ArgoCD application deployments config

Go to argocd and click on create new app and fill the details . ( you can change the details as per your github repo configurations)

finally, we are done with deployment of application ..............you can play around and explore UI

Summary

This tutorial taught us a few steps to create GitHub actions CI/CD using ArgoCD with our private GitHub repository. If you are pretty new to it, it might be a bit overwhelming, but you should get quickly into it, and with this tutorial, you should get a quick start on getting up and running fast 😊.

Additional resources

ArgoCD: https://spacelift.io/blog/argocd

GitHub actions: https://docs.github.com/en/actions

Part 2 : part-2-building-cicd-using-github-actions-sonarcloud-and-argocd-on-google-kubernetes-engine