I have deployed the application via ArgoCD successfully, and I can access it via its ingress url
The applicaiton uses the image name with latest tag, such as
image: <private_registry>/app_1_service:latest
I also manage other tags on same of tag latest, such as image:<commit_id> or image:<1.0.xxx>
Now, developers will update the codes, after commit changes, a gitlab pipeline autoamtically runs and build a new image and override to tag latest with other tags and push to private docker registry
So what's the next step in ArgoCD?
How argocd know the application is changed, and need be redeployed, and the image:latest need be pull again?
CodePudding user response:
You can use 
Here's an example of deploying helm from Jfrog artifact registry automatically:
project: default
source:
repoURL: 'https://abc.jfrog.io/artifactory/helm'
targetRevision: '*.*.*' # set your regex pattern here
helm:
parameters:
- name: image.tag
env: dev
chart: frontend-chart
destination:
server: 'https://kubernetes.default.svc'
namespace: default
syncPolicy:
automated: {} # enables auto syncing
CodePudding user response:
If you are using latest tag, the most simple way is this
- set your k8s yaml
imagePullPolicytoAlways - add below step in
gitlab-ci.ymlto restart application by calling argocd api
argocd-restart:
image: argoproj/argocd
stage: deploy
variables:
GIT_STRATEGY: none
ARGOCD_SERVER: "192.111.111.111:30000"
# gitlab admin panel variable
# ARGOCD_USERNAME: "admin"
# ARGOCD_PASSWORD: "XXXXXX"
before_script:
- echo "ARGOCD_SERVER:$ARGOCD_SERVER"
- echo "ARGOCD_APP_NAME:$ARGOCD_APP_NAME"
- echo "ARGOCD_USERNAME:$ARGOCD_USERNAME"
script:
- argocd login "${ARGOCD_SERVER}" --insecure --username "${ARGOCD_USERNAME}" --password "${ARGOCD_PASSWORD}"
- argocd app actions run "$ARGOCD_APP_NAME" restart --kind Deployment |& tee response.txt
- cat response.txt
# if response.txt have content, exit with error, empty response means success
- if [ -s response.txt ]; then exit 1; fi
only:
- master
- dev
argocd cli doc: 
Modify gitlab-ci.yml, build image with new image tag, and commit the image tag to stg-image-tag.yaml
- i use $CI_PIPELINE_IID as version number in image tag.
- i have branch name for each env
docker-build:
image: docker
stage: build
variables:
# REGISTRY_SERVER: 192.168.111.111
# REGISTRY_USER: xxx
# REGISTRY_PASSWORD: xxx
before_script:
- IMAGE_TAG="$CI_COMMIT_REF_SLUG-v0.0.$CI_PIPELINE_IID"
script:
- docker login -u "$REGISTRY_USER" -p "$REGISTRY_PASSWORD" $REGISTRY_SERVER
- docker build .
-t "$NEW_IMAGE_REPO:latest"
-t "$NEW_IMAGE_REPO:$IMAGE_TAG"
- docker push "$NEW_IMAGE_REPO" --all-tags
- echo IMAGE_TAG=$IMAGE_TAG >> IMAGE_TAG.env
- cat IMAGE_TAG.env
artifacts:
reports:
# add IMAGE_TAG to other jobs as env var
dotenv: IMAGE_TAG.env
expire_in: "86400" # 1 day
commit-image-tag:
image: curlimages/curl
stage: deploy
needs:
- job: docker-build
artifacts: true
variables:
GIT_STRATEGY: none
GITLAB_PROJECT_ID: "111"
GITLAB_PROJECT_TOKEN: "xxxxxxxxxxx"
before_script:
- echo "IMAGE_TAG:$IMAGE_TAG"
script:
- |
cat <<EOF > body.txt
{
"branch":"master",
"commit_message":"update image tag ${IMAGE_TAG}",
"actions":[
{
"action":"update",
"file_path":"helm-charts/${CI_COMMIT_REF_SLUG}-image-tag.yaml",
"content":"image:\n tag: $IMAGE_TAG"
}
]
}
EOF
- |
cat <<EOF > header.txt
Authorization: Bearer ${GITLAB_PROJECT_TOKEN}
Content-Type: application/json
EOF
- curl --insecure "${CI_SERVER_URL}/api/v4/projects/${GITLAB_PROJECT_ID}/repository/commits"
-i --output response.txt
--header @header.txt --data @body.txt
--silent --write-out "%{response_code}" > response_code.txt
- cat response.txt
# error if response code is not 201
- if [ "$(cat response_code.txt)" != "201" ]; then exit 1; fi
only:
- stg
- prod
Then you setup a webhook so argocd will refresh image tag immediately.
otherwise argocd will refresh every 3 min.
