Closing CI/CD loop using Argoproj
Argo CD is a popular Kubernetes continuous deployment tool that enables GitOps workflow. The tool enables developers to manage infrastructure in the exact same way they manage application source code and provides powerful day-two features to monitor and manage applications in production.
Infrastructure as a code increases developers’ productivity and significantly reduces the number of errors, misconfigurations, and ultimately the number of incidents. The methodology works well, but it does require you to make a Git commit for each and every change. This becomes very annoying if you follow continuous deployment principles and deploy new changes multiple times a week or even per day. Are you tired of bumping the image tag manually every time you make a change? Meet the Argo CD Image Updater that does this chore automatically for you!
What is Argo CD Image Updater?
The Argo CD Image Updater continuously monitors for when a new container image of your application becomes available, and automatically updates the image tag in the Git repository. This preserves all the benefits of GitOps by requiring each and every infrastructure change to be stored in Git and go through a review and verification process, without forcing developers to waste time making trivial changes in the Git repository to update the image tag. It has out-of-the-box support for many popular, public container registries, such as Docker Hub, Red Hat Quay, or GitHub Container Registry, and supports private and on-premise registries as well.
Let’s give it a try!
The project has great documentation, but one demo is worth a thousand words! Let’s get our hands dirty and put the Image Updater through its paces. We will walk you through the installation steps, explain the Argo CD Image Updater basics, and get you ready to automate your application’s continuous deployment.
First Things First
The Argo CD Image Updater works in tandem with Argo CD, so we need a Kubernetes cluster with Argo CD installed. If you already have one, feel free to move to the next step.
- Minikube: https://kubernetes.io/docs/setup/
- Argo CD: https://argoproj.github.io/argo-cd/getting_started/
TL;DR:
If you are a Mac user you can install minikube and Argo CD CLI using the following command:
brew install minikube argocdNext, we need to create a new minikube cluster and install Argo CD:
minikube start -p argocd-image-updater-demo
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v2.0.0-rc1/manifests/install.yamlArgo CD installation is done? Let's make sure it is up and running:
kubectl rollout status deploy/argocd-server -n argocdFinally, let’s make sure we can use Argo CD CLI. For the sake of simplicity start port-forwarding in the background using kubectl port-forward svc/argocd-server -n argocd 8080:443 and login using Argo CD CLI:
argocd login localhost:8080 — username admin — insecure — password <password>Check Argo CD getting started guide to learn how to get retrieve password. Done! Now we have a Kubernetes cluster with Argo CD and it is time to install and configure the image updater!
Install Argo CD Image Updater
The Argo CD Image Updater installation requires only one step. Install additional manifests into the existing Argo CD namespace:
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj-labs/argocd-image-updater/v0.9.0/manifests/install.yamlThe configuration also ends here! Unless you want to monitor images in a private image registry no additional steps are required. The Argo CD Image updater seamlessly integrates with Argo CD: it uses Argo CD Application CRD to get information about deployed images and by default re-uses Git repository credentials configured in Argo CD. So we are ready for the next step.
Create Application
We need to create an Argo CD application and enable image management. The image updater is going to push changes into the Git repository so we need to create a repository that holds deployment manifests. Luckily we don’t have to do it manually. Instead, let’s just create a fork of https://github.com/argoproj/argocd-example-apps — that repository includes various forms of deployment manifests based on different config management tools. Please navigate to the repository URL and use “Fork” button to create a fork.
Check Github documentation if you need more help.
After the fork is created we need to configure repository access in Argo CD. Please navigate to https://github.com/settings/tokens/new and create a personal access token. Make sure to click “repo” checkbox to provide write access for the image updater. Use the generated token to configure repository credentials with the following command:
argocd repo add https://github.com/<username>/argocd-example-apps — username updater — password <token>We are ready for the last step: create an Argo CD application and enable automated image management.
Note: Don’t forget to replace <username> with your Github username
export GH_USER=<username>
kubectl apply -n argocd -f — << EOF
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: guestbook
spec:
destination:
namespace: default
server: https://kubernetes.default.svc
project: default
source:
path: kustomize-guestbook
repoURL: https://github.com/$GH_USER/argocd-example-apps.git
targetRevision: master
syncPolicy:
automated: {}
EOFThe command above creates an Argo CD application and configures automatic syncing. As soon as the application is created, Argo CD is going to deploy a sample application deployment that uses gcr.io/heptio-images/ks-guestbook-demo:0.1 image into the default namespace. Use the kubectl to verify it or leverage Argo CD user interface to see the full resource’s hierarchy:
kubectl get deploy -o=wide -n default
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
kustomize-guestbook-ui 1/1 1 1 42h guestbook-ui gcr.io/heptio-images/ks-guestbook-demo:0.1 app=guestbook-uiThere is a new version of ks-guestbook-demo available! Let’s use Image Updater to upgrade it for us.
Enable Image Management for the Application
The final step is to add annotations that enable automated image management for the application. Run the following command to add required annotations:
kubectl annotate app guestbook \
argocd-image-updater.argoproj.io/image-list=gcr.io/heptio-images/ks-guestbook-demo \
argocd-image-updater.argoproj.io/write-back-method=gitThe Image Updater checks applications every two minutes. Let’s wait a couple of minutes and check the guestbook deployment again:
kubectl get deploy -o=wide -n default
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
kustomize-guestbook-ui 1/1 1 1 2d2h guestbook-ui gcr.io/heptio-images/ks-guestbook-demo:0.2 app=guestbook-uiThe image has changed to gcr.io/heptio-images/ks-guestbook-demo:0.2. So Argo CD Image Updater did its job! But what exactly did it do? Let’s find out. Check your deployment repository in Github. It has one more commit authored by “argocd-image-updater”. If you navigate to the commit details page you will find a new .argocd-source-guestbook.yaml file. The file contains YAML with the new image tag.
Before explaining the content of that file, I want to remind you about the Argo CD parameter override feature. The parameter override allows you to “override” config management tool parameters such as Kustomize images or Helm parameters. The parameter values are stored in Application CRD and are very useful in situations when you don’t want to version control application change. For example, if you want to deploy a short-lived copy of your application to test pull requests or if you are continuously updating development instances of your application and want to avoid too many commits in the deployment repository. The .argocd-source-<app-name>.yaml file is pretty much the same feature but parameter values are stored in the Git repository along with deployment manifests. The Image Updater generates the expected values of parameter overrides and stores them either in Git or directly in application CRD, depending on the value of the argocd-image-updater.argoproj.io/write-back-method annotation.
Learn more about image updater in the project documentation, share your feedback, and don’t forget to star the Github repository!
