I have an ArgoCD application like this:
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: my-app
spec:
destination:
name: my-cluster
namespace: my-app-namespace
sources:
- repoURL: 'https://github.com/my-corp/my-app'
targetRevision: HEAD
path: src/Deployment # the location of the Chart.yaml + values files
helm:
valueFiles:
- values.yaml
- dv-values.yaml
ArgoCD is configured to have GitHub auth saved as a credential template for all repos in the org.
In my-app's repo there is a Chart.yaml that uses dependencies. like this:
apiVersion: v2
name: my-app
type: application
version: 0.1.0
appVersion: "33"
dependencies:
- name: my-chart
version: 2.0.0
repository: "https://artifactory.my-corp.com/artifactory/helm/"
ArgoCD successfully pulls the helm chart above from GitHub for my-app but then does not pass any authentication on to Artifactory when trying to grab the dependency my-chart
My application fails to pull my-chart and gives this error:
Error: looks like "https://artifactory.my-corp.com/artifactory/helm" is not a valid chart repository or cannot be reached: failed to fetch https://artifactory.my-corp.com/artifactory/helm/index.yaml : 401 Unauthorized
This is the same exact error as when trying to do the helm repo add command for this private helm repo without passing any auth via --username and --password.
Does anyone know how to pass the helm auth for a Helm dependency to ArgoCD?
According to the documentation, you can configure it with the following Secret declaration:
apiVersion: v1
kind: Secret
metadata:
name: argo-helm
namespace: argocd
labels:
argocd.argoproj.io/secret-type: repository
stringData:
name: argo
url: https://argoproj.github.io/argo-helm
type: helm
username: my-username
password: my-password
tlsClientCertData: ...
tlsClientCertKey: ...