Unable to update ArgoCD account password
Lab 3.3 Argo CD Security and RBAC says to set the password with the following command. I've included the errors and my other attempts
$ argocd account update-password --account developer --new-password Developer123 FATA[0000] Argo CD server address unspecified $ argocd account update-password --account developer --new-password Developer123 --server localhost:8080 FATA[0000] Failed to establish connection to localhost:8080: tls: failed to verify certificate: x509: certificate signed by unknown authority
Then I tried to trust the cert on my Mac via the following steps
1. export cert by going to my ArgoCD server URL via https://localhost:8080 on my browser
2. Added certificate to login keychain in Keychain Access utility.
3. Configure cert to "Always Trust"
Then when I try to update the password again, I get the following error
$ argocd account update-password --account developer --new-password Developer123 --server localhost:8080 FATA[0000] rpc error: code = Unauthenticated desc = no session information
I am using a work computer with a vpn that has caused me issues in the past with minikube, k3d, etc. Don't know if it is related.
Answers
-
Using the username and password from the previous section, I logged in before executing the update-password command.
argocd login localhost:8080 --name admin --password <secret:argocd-initial-admin-secret>
0 -
Hi @johchung
I tried to reproduce the issue on a kind cluster as shown below:kind version kind v0.22.0 go1.21.7 darwin/arm64 kubectl get no NAME STATUS ROLES AGE VERSION kind-control-plane Ready control-plane 3d21h v1.29.2 kind-worker Ready <none> 3d21h v1.29.2 kind-worker2 Ready <none> 3d21h v1.29.2
kubectl create namespace argocd kubectl apply --namespace argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml kubectl --namespace argocd get po NAME READY STATUS RESTARTS AGE argocd-application-controller-0 1/1 Running 0 2m argocd-applicationset-controller-6c8fbc69b5-2kfkn 1/1 Running 0 2m argocd-dex-server-b6fc796d7-glsbp 1/1 Running 0 2m argocd-notifications-controller-6b66d47b45-gh9zr 1/1 Running 0 2m argocd-redis-76748db5f4-vfdp7 1/1 Running 0 2m argocd-repo-server-6f87db89c7-g92df 1/1 Running 0 2m argocd-server-7cbbdb87d7-84vg6 1/1 Running 0 2m kubectl port-forward svc/argocd-server --namespace argocd 8080:443 Forwarding from 127.0.0.1:8080 -> 8080 Forwarding from [::1]:8080 -> 8080
Then I tried to log in using the admin credentials:
kubectl --namespace argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo <PASSWORD> argocd login localhost:8080 WARNING: server certificate had error: tls: failed to verify certificate: x509: certificate signed by unknown authority. Proceed insecurely (y/n)? y Username: admin Password: 'admin:login' logged in successfully Context 'localhost:8080' updated
Then I added a new user to the ArgoCD config map as follows:
kubectl edit cm argocd-cm --namespace argocd apiVersion: v1 data: accounts.developer: login kind: ConfigMap metadata: labels: app.kubernetes.io/name: argocd-cm app.kubernetes.io/part-of: argocd name: argocd-cm namespace: argocd
Finally, I updated the password for the new user:
argocd account update-password --account developer --new-password Developer123 *** Enter password of currently logged in user (admin): Password updated
And I tried to log in using the new user:
argocd login localhost:8080 WARNING: server certificate had error: tls: failed to verify certificate: x509: certificate signed by unknown authority. Proceed insecurely (y/n)? y Username: developer Password: 'developer:login' logged in successfully Context 'localhost:8080' updated
Here is the version of the ArgoCD and the CLI I used:
argocd version argocd: v2.10.7+b060053.dirty BuildDate: 2024-04-15T12:31:39Z GitCommit: b060053b099b4c81c1e635839a309c9c8c1863e9 GitTreeState: dirty GoVersion: go1.22.2 Compiler: gc Platform: darwin/arm64 argocd-server: v2.10.6+d504d2b BuildDate: 2024-04-05T00:27:47Z GitCommit: d504d2b1d92f0cf831a124a5fd1a96ee29fa7679 GitTreeState: clean GoVersion: go1.21.3 Compiler: gc Platform: linux/arm64 Kustomize Version: v5.2.1 2023-10-19T20:13:51Z Helm Version: v3.14.3+gf03cc04 Kubectl Version: v0.26.11 Jsonnet Version: v0.20.0
Can you please confirm that you have done the same steps?
Thanks0 -
Yup, after I logged in everything worked. Unfortunately, that step was not included in the lesson.
0
Categories
- All Categories
- 219 LFX Mentorship
- 219 LFX Mentorship: Linux Kernel
- 793 Linux Foundation IT Professional Programs
- 354 Cloud Engineer IT Professional Program
- 179 Advanced Cloud Engineer IT Professional Program
- 82 DevOps Engineer IT Professional Program
- 147 Cloud Native Developer IT Professional Program
- 137 Express Training Courses
- 137 Express Courses - Discussion Forum
- 6.2K Training Courses
- 47 LFC110 Class Forum - Discontinued
- 71 LFC131 Class Forum
- 42 LFD102 Class Forum
- 227 LFD103 Class Forum
- 19 LFD110 Class Forum
- 38 LFD121 Class Forum
- 18 LFD133 Class Forum
- 7 LFD134 Class Forum
- 18 LFD137 Class Forum
- 71 LFD201 Class Forum
- 5 LFD210 Class Forum
- 5 LFD210-CN Class Forum
- 2 LFD213 Class Forum - Discontinued
- 128 LFD232 Class Forum - Discontinued
- 2 LFD233 Class Forum
- 4 LFD237 Class Forum
- 24 LFD254 Class Forum
- 697 LFD259 Class Forum
- 111 LFD272 Class Forum
- 4 LFD272-JP クラス フォーラム
- 12 LFD273 Class Forum
- 149 LFS101 Class Forum
- 1 LFS111 Class Forum
- 3 LFS112 Class Forum
- 2 LFS116 Class Forum
- 4 LFS118 Class Forum
- LFS120 Class Forum
- 7 LFS142 Class Forum
- 5 LFS144 Class Forum
- 4 LFS145 Class Forum
- 3 LFS146 Class Forum
- 3 LFS147 Class Forum
- 1 LFS148 Class Forum
- 15 LFS151 Class Forum
- 2 LFS157 Class Forum
- 30 LFS158 Class Forum
- 7 LFS162 Class Forum
- 2 LFS166 Class Forum
- 4 LFS167 Class Forum
- 3 LFS170 Class Forum
- 2 LFS171 Class Forum
- 3 LFS178 Class Forum
- 3 LFS180 Class Forum
- 2 LFS182 Class Forum
- 5 LFS183 Class Forum
- 32 LFS200 Class Forum
- 737 LFS201 Class Forum - Discontinued
- 3 LFS201-JP クラス フォーラム
- 18 LFS203 Class Forum
- 134 LFS207 Class Forum
- 2 LFS207-DE-Klassenforum
- 1 LFS207-JP クラス フォーラム
- 302 LFS211 Class Forum
- 56 LFS216 Class Forum
- 52 LFS241 Class Forum
- 48 LFS242 Class Forum
- 38 LFS243 Class Forum
- 15 LFS244 Class Forum
- 2 LFS245 Class Forum
- LFS246 Class Forum
- 49 LFS250 Class Forum
- 2 LFS250-JP クラス フォーラム
- 1 LFS251 Class Forum
- 153 LFS253 Class Forum
- 1 LFS254 Class Forum
- 1 LFS255 Class Forum
- 9 LFS256 Class Forum
- 1 LFS257 Class Forum
- 1.3K LFS258 Class Forum
- 10 LFS258-JP クラス フォーラム
- 119 LFS260 Class Forum
- 159 LFS261 Class Forum
- 42 LFS262 Class Forum
- 82 LFS263 Class Forum - Discontinued
- 15 LFS264 Class Forum - Discontinued
- 11 LFS266 Class Forum - Discontinued
- 24 LFS267 Class Forum
- 24 LFS268 Class Forum
- 30 LFS269 Class Forum
- LFS270 Class Forum
- 202 LFS272 Class Forum
- 2 LFS272-JP クラス フォーラム
- 1 LFS274 Class Forum
- 4 LFS281 Class Forum
- 9 LFW111 Class Forum
- 259 LFW211 Class Forum
- 181 LFW212 Class Forum
- 13 SKF100 Class Forum
- 1 SKF200 Class Forum
- 1 SKF201 Class Forum
- 796 Hardware
- 199 Drivers
- 68 I/O Devices
- 37 Monitors
- 103 Multimedia
- 174 Networking
- 91 Printers & Scanners
- 85 Storage
- 758 Linux Distributions
- 82 Debian
- 67 Fedora
- 17 Linux Mint
- 13 Mageia
- 23 openSUSE
- 148 Red Hat Enterprise
- 31 Slackware
- 13 SUSE Enterprise
- 353 Ubuntu
- 468 Linux System Administration
- 39 Cloud Computing
- 71 Command Line/Scripting
- Github systems admin projects
- 93 Linux Security
- 78 Network Management
- 102 System Management
- 47 Web Management
- 63 Mobile Computing
- 18 Android
- 33 Development
- 1.2K New to Linux
- 1K Getting Started with Linux
- 371 Off Topic
- 114 Introductions
- 174 Small Talk
- 22 Study Material
- 805 Programming and Development
- 303 Kernel Development
- 484 Software Development
- 1.8K Software
- 263 Applications
- 183 Command Line
- 3 Compiling/Installing
- 987 Games
- 317 Installation
- 97 All In Program
- 97 All In Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)