ArgoCD initial authentication and secret retrieval¶

After installing ArgoCD into a Kubernetes cluster, the initial access credentials are stored as a Kubernetes Secret named argocd-initial-admin-secret.^[400-devops-04-ci-cd-pipelines-k8s-argocd-argocd-app-config-readme.md]

To retrieve the automatically generated password for the admin user, you can decode the secret data using kubectl^[400-devops-04-ci-cd-pipelines-k8s-argocd-argocd-app-config-readme.md]:

[kubectl](<./kubectl.md>) -n [ArgoCD](<./argocd.md>) get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 --decode && echo

Accessing the UI¶

To access the ArgoCD UI, you typically use kubectl port-forward to expose the service^[400-devops-04-ci-cd-pipelines-k8s-argocd-argocd-app-config-readme.md]:

[kubectl](<./kubectl.md>) port-forward svc/argocd-server 8080:443 -n [ArgoCD](<./argocd.md>)

Once the UI is accessible, you can log in using the admin username and the password retrieved from the secret^[400-devops-04-ci-cd-pipelines-k8s-argocd-argocd-app-config-readme.md]. It is considered best practice to change or delete this initial password after the first login^[400-devops-04-ci-cd-pipelines-k8s-argocd-argocd-app-config-readme.md].

Sources¶

^[400-devops-04-ci-cd-pipelines-k8s-argocd-argocd-app-config-readme.md]