In the ever-evolving landscape of DevOps, Continuous Deployment (CD) has become a cornerstone of efficient and reliable software delivery. ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, is a powerful ally in this domain. However, managing access and ensuring security can be a challenge. Integrating ArgoCD with Microsoft Azure Active Directory (AD) simplifies authentication and enhances security by leveraging existing Azure AD credentials.
Why Integrate ArgoCD with Azure AD?
Prerequisites:
Before integrating ArgoCD with Azure AD, ensure you have the following:
Step-by-Step Guide to Integrate ArgoCD with Azure:
1. Configure a new Entra ID Enterprise App
2. Create a new group from your Main Directory:
3. Add this group or users to the new created users
4. Configure the SAML Login
5. Download the SAML Signing Certificate (base 64) from the Single sign-on Menu:
6. Configure Argo to use the new Entra ID Enterprise App:
apiVersion: v1
data:
url:
dex.config: |
logger:
level: debug
format: json
connectors:
- type: saml
id: saml
name: Microsoft
config:
entityIssuer: https:///api/dex/callback
ssoURL: https://login.microsoftonline.com//saml2
caData: |
BASE64-ENCODED-CERTIFICATE-DATA
redirectURI: https:///api/dex/callback
usernameAttr: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
emailAttr: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
groupsAttr: http://schemas.microsoft.com/ws/2008/06/identity/claims/groups
data:
policy.csv: |
p, role:org-admin, applications, *, *, allow
p, role:org-admin, clusters, get, *, allow
p, role:org-admin, repositories, get, *, allow
p, role:org-admin, repositories, create, *, allow
p, role:org-admin, repositories, update, *, allow
p, role:org-admin, repositories, delete, *, allow
g, "add-your-group-id-here", role:org-admin
7. Validation: