I'm trying to run ArgoCD on a local Rancher Desktop single node K3s cluster with a local Git repo
Versions:
- Rancher Desktop: 1.18.2
- Kubernetes: 1.31
- Argo CD: v3.1.0+9f37d43
The local Git repo is in this path on my laptop:
/Users/me/srv/local/git/test-repo.git
Following a similar approach to that described here, I've first created a PV and PVC like below:
apiVersion: v1
kind: PersistentVolume
metadata:
finalizers:
- kubernetes.io/pv-protection
labels:
type: local
name: local-git-pv
namespace: argocd
spec:
storageClassName: manual
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
hostPath:
path: "/Users/me/srv/local/git"
type: Directory
persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
type: local
name: local-git-pvc
namespace: argocd
spec:
storageClassName: manual
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 3Gi
volumeName: local-git-pv
Then I installed argocd with the manifest from here, but first modified the argocd-repo-server Deployment descriptor, to include the mount in the argocd-repo-server container:
volumeMounts:
...
# Local git repo
- mountPath: "/usr/local/share/git"
name: local-git-volume
readOnly: true
...
volumes:
...
# Local git repo
- name: local-git-volume
persistentVolumeClaim:
claimName: local-git-pvc
And I created the below Argo CD Application:
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: test-app
namespace: argocd
spec:
destination:
namespace: apps
server: ''
source:
path: test-app
repoURL: 'file:///usr/local/share/git/test-repo.git'
targetRevision: ''
project: default
syncPolicy:
automated:
prune: true
selfHeal: true
However, I got this error in the UI regarding sync:
Failed to fetch default: `git fetch origin --tags --force --prune` failed exit status 128:
fatal: detected dubious ownership in repository at '/usr/local/share/git/test-repo.git'
To add an exception for this directory, call:
git config --global --add safe.directory /usr/local/share/git/test-repo.git
fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
Based on the error message, I creaetd a ConfigMap to wrap a .gitconfig file:
apiVersion: v1
kind: ConfigMap
metadata:
name: argocd-gitconfig
namespace: argocd
data:
.gitconfig: |+
[safe]
directory = *
And mounted it to the argocd-repo-server container:
volumeMounts:
...
- mountPath: /home/argocd/.gitconfig
name: gitconfig
subPath: .gitconfig
...
volumes:
...
- name: gitconfig
configMap:
name: argocd-gitconfig
This didn't fix the issue
When I exec into the argocd-repo-server Pod's container as the argocd user, the /tmp/_argocd-repo directory and its subdirectories that hold the cloned repo is initially not accessible. So I ran the following commands:
$ cd /tmp
$ ls -l _argocd-repo
ls: cannot open directory '_argocd-repo': Permission denied
$ chmod +r _argocd-repo
$ ls -l _argocd-repo
total 4
drwxr-xr-x 3 argocd argocd 4096 Mar 20 10:40 2f92a276-0180-47cc-9da5-8018b8effcda
$ cd _argocd-repo/2f92a276-0180-47cc-9da5-8018b8effcda
$ ls
$ git fetch origin --tags --force --prune
...
Unpacking objects: 100% (19/19), 2.12 KiB | 362.00 KiB/s, done.
From file:///usr/local/share/git/test-repo
* [new branch] main -> origin/main
After a short time, the app appears as successfully synced in the UI, and I can see the application has been deployed ok
Subsequent changes to the repo and attempts to sync get the same error again. If I again exec into the Pod and manually run git fetch origin --tags --force --prune, the sync works ok
I'm not sure what is going on here. It looks like the .gitconfig is not being used in the argocd-repo-server's sync process
This is a local scratch type of lab, so I could add a script to manually run the sync commands each time I push a change
But, if anyone can advise on what is going on and how to fix the setup to avoid the manual work around, I'd be very grateful
发布者:admin,转转请注明出处:http://www.yc00.com/questions/1744412929a4572972.html
评论列表(0条)