From 42f9f6775fe5b6b059d0fa66f6672e04e99f993d Mon Sep 17 00:00:00 2001 From: Paul Buetow Date: Sat, 10 Jan 2026 11:05:43 +0200 Subject: Add SSH agent sidecar to ArgoCD repo-server - Create ssh-agent sidecar container to provide SSH_AUTH_SOCK - Share socket via emptyDir volume at /tmp/ssh-agent - Add SSH key from argocd-git-ssh-key secret to agent - Fixes 'SSH agent requested but SSH_AUTH_SOCK not-specified' errors --- f3s/argocd/values.yaml | 30 +++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/f3s/argocd/values.yaml b/f3s/argocd/values.yaml index 3b4c511..b2b7500 100644 --- a/f3s/argocd/values.yaml +++ b/f3s/argocd/values.yaml @@ -61,13 +61,41 @@ repoServer: - name: repo-server-data persistentVolumeClaim: claimName: argocd-repo-server-pvc + - name: ssh-agent-socket + emptyDir: {} + - name: git-ssh-key + secret: + secretName: argocd-git-ssh-key + defaultMode: 0400 volumeMounts: - name: repo-server-data mountPath: /home/argocd/repo-cache - # Configure repo-server to use the persistent cache directory + - name: ssh-agent-socket + mountPath: /tmp/ssh-agent + # SSH agent sidecar to provide SSH_AUTH_SOCK for git operations + extraContainers: + - name: ssh-agent + image: alpine:3.19 + command: + - sh + - -c + - | + apk add --no-cache openssh + eval $(ssh-agent -s -a /tmp/ssh-agent/socket) + ssh-add /tmp/ssh-key/sshPrivateKey + # Keep agent running + while true; do sleep 3600; done + volumeMounts: + - name: ssh-agent-socket + mountPath: /tmp/ssh-agent + - name: git-ssh-key + mountPath: /tmp/ssh-key + # Configure repo-server to use the persistent cache directory and SSH agent env: - name: XDG_CACHE_HOME value: /home/argocd/repo-cache + - name: SSH_AUTH_SOCK + value: /tmp/ssh-agent/socket # Resource limits resources: limits: -- cgit v1.2.3