This assumes:
- You have an ArgoCD server up and running. If not, check out my article Install Red Hat OpenShift GitOps Operator using the console (Argo CD)
- You have installed the ArgoCD CLI.
- You are able to log into ArgoCD using the CLI. If not, check out my article Log into ArgoCD using the CLI on OpenShift
ArgoCD basically sits between your version control system such as GitHub and your Kubernetes or OpenShift clusters. To create an application in ArgoCD you will need to have YAML files in your version control system that ArgoCD will fetch.
Let's say you have the following deployment YAML file in some public version control system such as GitHub.
apiVersion: apps/v1
kind: Deployment
metadata:
name: python
spec:
replicas: 1
selector:
matchLabels:
app: python
template:
metadata:
labels:
app: python
spec:
containers:
- image: registry.example.com/python:latest
name: python
ports:
- containerPort: 80
And you want to deploy the app to a specific namespace in a Kubernetes or OpenShift cluster. If the namespace does not exist in the Kubernetes or OpenShift cluster you may need to use the kubectl (Kubernetes) or oc (OpenShift) login command to log into the cluster and then use the new-project command to create the project / namespace.
oc new-project my-project
The kubectl (Kubernetes) or oc (OpenShift) auth can-i command can be used to determine if you have permission to create an ArgoCD application.
~]$ oc whoami
john.doe
~]$ oc auth can-i create applications.argoproj.io
yes
If you do not have permission to create an ArgoCD application, the kubectl (Kubernetes) or oc (OpenShift) adm policy who-can command can be used to list the Users, Groups and Service Accounts that have permission to create an ArgoCD application.
~]$ oc adm policy who-can create applications.argoproj.io --namespace my-project
Namespace: my-project
Verb: create
Resource: applications.argoproj.io
Users: system:admin
system:serviceaccount:openshift-gitops-operator:openshift-gitops-operator-controller-manager
system:serviceaccount:openshift-gitops:my-service-account
Groups: Openshift_Admin
openshift_admins
openshift_operators
system:cluster-admins
system:masters
The argocd proj list command can be used to list your ArgoCD projects. There are NOT your namespace in Kubernetes or OpenShift. The important thing to make note of here is to ensure the project SOURCES allow you to fetch the application code from source control (e.g. GitHut) and the project DESTINATIONS allow you to create the app in the target namespace on Kubernetes or OpenShift and that there are no NAMESPACE-RESOURCE-BLACKLIST that deny the resources from being created in the target namespace on Kubernetes or OpenShift. The "default" project allows any resource to be created from any source in any namespace on Kubernetes or OpenShift.
~]$ argocd proj list
NAME DESCRIPTION DESTINATIONS SOURCES CLUSTER-RESOURCE-WHITELIST NAMESPACE-RESOURCE-BLACKLIST SIGNATURE-KEYS ORPHANED-RESOURCES DESTINATION-SERVICE-ACCOUNTS
default *,* * */* <none> <none> disabled <none>
my-project *,* * */* <none> <none> disabled <none>
The argocd cluster list command can be used to list the cluster you've added to ArgoCD. https://kubernetes.default.svc is the cluster that ArgoCD is running on.
~]$ argocd cluster list
SERVER NAME VERSION STATUS MESSAGE PROJECT
https://api.dev.openshift.example.com:6443 dev-cluster 1.27 Successful
https://api.stage.openshift.example.com:6443 stage-cluster 1.27 Successful
https://api.prod.openshift.example.com:6443 prod-cluster 1.27 Successful
https://kubernetes.default.svc in-cluster 1.27 Successful
The argocd repo list command can be used to list the repo's you have added to ArgoCD. If the repo your app will be used is not listed the argo repo add command can be used to add the repo.
~]$ argocd repo list
TYPE NAME REPO INSECURE OCI LFS CREDS STATUS MESSAGE PROJECT
git argocd-example-apps https://github.com/argoproj/argocd-example-apps false false false false Successful default
git foo git@github.com:example/foo.git false false false false Successful default
git bar git@github.com:example/bar.git false false false false Successful default
The argocd app create command can be used to create an app in a specific namespace in a specific cluster.
- --path will be the name of the directory in the version control system (GitHub in this example) that contains the deployment YAML file. In this example, the deployment.yaml file in GitHub is in a directory named "my-files" which is why --path my-files is used here.
- --dest-server is the API Server URL for the Kubernetes or OpenShift cluster that you want the application to be deployed to
- --dest-namespace is usually the namespace you want to create the application in on the target Kubernetes or OpenShift cluster
- --project is the name of the ArgoCD project that application will reside in
argocd app create demo \
--repo git@github.com:foo/bar.git \
--path my-files \
--dest-namespace my-namespace \
--dest-server https://api.dev.openshift.example.com:6443
--project my-project
Or you can create a YAML file like this.
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: hello-world
namespace: openshift-gitops
spec:
destination:
namespace: my-project
server: https://api.dev.openshift.example.com:6443
project: default
source:
path: my-files
repoURL: https://github.com/foo/bar.git
And then on the Kubernetes or OpenShift cluster that ArgoCD was installed on, use the kubectl (Kubernetes) or oc (OpenShift) apply command to create the application.
~]$ oc apply --filename hello-world.yaml
application.argoproj.io/hello-world created
The argocd app list command can then be used to list the app you have created.
~]$ argocd app list
NAME CLUSTER NAMESPACE PROJECT STATUS HEALTH SYNCPOLICY CONDITIONS REPO PATH TARGET
openshift-gitops/demo https://kubernetes.default.svc my-project default OutOfSync Missing Manual <none> https://github.com/my-project/my_repo.git python
The argocd app get command can be used to display more details.
~]$ argocd app get openshift-gitops/demo
Name: openshift-gitops/demo
Project: default
Server: https://kubernetes.default.svc
Namespace: default
URL: https://openshift-gitops-server-openshift-gitops.apps.openshift.example.com/applications/demo
Source:
- Repo: https://github.com/my-project/my_repo.git
Target:
Path: my-files
SyncWindow: Sync Allowed
Sync Policy: Manual
Sync Status: OutOfSync from (dbc57d6)
Health Status: Missing
GROUP KIND NAMESPACE NAME STATUS HEALTH HOOK MESSAGE
apps Deployment default python OutOfSync Missing
The kubectl (Kubernetes) or oc (OpenShift) get applications.argoproj.io command should list the application you created.
~]$ oc get applications.argoproj.io --namespace openshift-gitops
NAME SYNC STATUS HEALTH STATUS
hello-world Unknown Healthy
The "server" pod should contain logs like this.
~]$ oc logs openshift-gitops-server-6794f7fc56-sh8hx --namespace openshift-gitops
time="2025-01-14T02:09:43Z" level=warning msg="application does not exist" application=hello-world namespace=openshift-gitops user=admin
time="2025-01-14T02:09:43Z" level=info msg="admin created application" application=hello-world dest-namespace=my-project dest-server="https://api.dev.openshift.example.com:6443" reason=ResourceCreated type=Normal user=admin
In reality, your OpenShift application will most certainly have more than just a deployment. For example, it's fairly common for a deployment to have:
- Deployment
- Replica Set
- Pods
- Service
- Route
- Config Maps
- Secrets
- Service Account
In the ArgoCD console, you should see something like this, showing the various resources in your namespace.
Almost always, after creating an app, you can simply wait a few minutes for the application to sync or you can manually sync.
Did you find this article helpful?
If so, consider buying me a coffee over at 