You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am using Cloudflare Zero Trust to secure an ArgoCD service deployed on a Kubernetes cluster. My setup restricts access to the ArgoCD UI and API to authenticated users via WARP (Cloudflare’s Zero Trust client). For human users, this works as expected—WARP authentication allows access to the ArgoCD UI. However, for my CI/CD pipeline (AWS CodePipeline), which needs to interact with the ArgoCD API to sync applications, I’ve configured a service auth access policy in Cloudflare Zero Trust to allow authentication using a service token (Client ID and Client Secret). Despite this, I consistently receive an authentication error (HTTP 403 Forbidden) when the pipeline attempts to connect to the ArgoCD API. Environment:
ArgoCD Version: [argocd chart version 6.7.3]
Cloudflare Zero Trust: Configured with WARP for user authentication and service tokens for CI/CD
ERROR: FATA[0000] rpc error: code = PermissionDenied desc = unexpected HTTP status code received from server: 403 (Forbidden )
Is there extra configuration that has to be added from the argocd side to accept this connection ?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I am using Cloudflare Zero Trust to secure an ArgoCD service deployed on a Kubernetes cluster. My setup restricts access to the ArgoCD UI and API to authenticated users via WARP (Cloudflare’s Zero Trust client). For human users, this works as expected—WARP authentication allows access to the ArgoCD UI. However, for my CI/CD pipeline (AWS CodePipeline), which needs to interact with the ArgoCD API to sync applications, I’ve configured a service auth access policy in Cloudflare Zero Trust to allow authentication using a service token (Client ID and Client Secret). Despite this, I consistently receive an authentication error (HTTP 403 Forbidden) when the pipeline attempts to connect to the ArgoCD API.
Environment:
ArgoCD Version: [argocd chart version 6.7.3]
Cloudflare Zero Trust: Configured with WARP for user authentication and service tokens for CI/CD
ERROR: FATA[0000] rpc error: code = PermissionDenied desc = unexpected HTTP status code received from server: 403 (Forbidden )
Is there extra configuration that has to be added from the argocd side to accept this connection ?
Beta Was this translation helpful? Give feedback.
All reactions