How can create a user in ArgoCD with apiKey access only?

12/8/2021

I have a shell script in a container, that needs to access the ArgoCD API. The script asks the API for a token, and then uses this token to restart a deployment.

JSON=$(jq -c -n --arg username "$USER_NAME" --arg password "$PASSWORD" '$ARGS.named')
TOKEN=$(curl -k $ARGOCD_SERVER/api/v1/session -d "$JSON" | jq -r ".token")

PARAMETERS="namespace=$NAMESPACE&resourceName=$RESOURCE_NAME&kind=Deployment&group=apps&version=v1"
curl -k -H "Authorization: Bearer $TOKEN" \
        -d "\"restart\"" \
        "$ARGOCD_SERVER/api/v1/applications/argocd/resource/actions?$PARAMETERS"

This only seems to work when I have the login option enabled in my argo-cd-cm.yaml enabled.

...
data:
  admin.enabled: "false"
  accounts.<service-user>: apiKey, login
  accounts.<service-user>.enabled: "true"
...

As I am using OIDC for regular users, I would not like this login option to be disabled.

Is there a way to specify an apiKey for a given user in the one of the configmaps?

-- sekthor
argocd
kubernetes

0 Answers