From 2f3309c08ab9c8271cfed626e2caab3bae151f5f Mon Sep 17 00:00:00 2001 From: Travis Leeden Date: Fri, 13 Mar 2026 15:27:49 +1000 Subject: [PATCH 1/2] Added docs page for AWS managed argo cd --- .../argo-cd/instances/aws-managed-argo-cd.md | 57 +++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 src/pages/docs/argo-cd/instances/aws-managed-argo-cd.md diff --git a/src/pages/docs/argo-cd/instances/aws-managed-argo-cd.md b/src/pages/docs/argo-cd/instances/aws-managed-argo-cd.md new file mode 100644 index 0000000000..8169570218 --- /dev/null +++ b/src/pages/docs/argo-cd/instances/aws-managed-argo-cd.md @@ -0,0 +1,57 @@ +--- +layout: src/layouts/Default.astro +pubDate: 2025-09-15 +modDate: 2026-03-13 +title: AWS Managed Argo CD +description: Install Argo CD Gateway on EKS with Argo CD Capability +navOrder: 10 +hideInThisSectionHeader: true +--- + +The Argo CD Gateway can be installed into an AWS EKS cluster and connect to an Argo CD instance managed by the Argo CD Capability. + +## Differences from a Standard Argo CD Instance + +AWS managed Argo CD instances differ from standard self-hosted installations in the following ways: + +**External URL** + +Standard installations connect to Argo CD using the in-cluster Kubernetes service DNS name (e.g. `argocd-server.argocd.svc.cluster.local`). AWS managed Argo CD instances are not accessible via in-cluster DNS, so the publicly accessible EKS capabilities URL must be used instead. + +**Valid TLS Certificate** + +AWS managed Argo CD instances are served with a publicly trusted TLS certificate. Unlike self-hosted installations that may use self-signed certificates, the **Argo CD instance uses self-signed certificates** option should remain unchecked to keep certificate verification enabled. + +**gRPC-Web** + +AWS EKS Argo CD instances are exposed through a load balancer that does not support native gRPC (HTTP/2). The gateway must be configured to use gRPC-Web, which encapsulates gRPC communication over HTTP/1.1, by setting `gateway.argocd.grpcWeb="true"` or `gateway.argocd.grpcWebRootPath="/argo/api"`. + + +## Installation + +The installation process follows the [standard process](/docs/argo-cd/instances#installing-the-octopus-argo-cd-gateway), with a few adjustments required for AWS managed Argo CD instances. + +1. Replace the default value for the Argo CD service DNS name with the publicly accessible URL for the Argo CD instance, without the protocol prefix. For example: `xxxxxxxx.eks-capabilities.ap-southeast-2.amazonaws.com` +2. Uncheck the **Argo CD instance uses self-signed certificates** option +3. Copy the generated Helm command and append the following value: `--set gateway.argocd.grpcWeb="true"`, if your Argo CD instance's API is not hosted at the root path you can set the following value instead: `--set gateway.argocd.grpcWebRootPath="/argo/api"` + +The resulting Helm command will look similar to the following: + +```bash +helm install --atomic \ +--create-namespace --namespace octo-argo-gateway- \ +--version "*.*" \ +--set registration.octopus.name="" \ +--set registration.octopus.serverApiUrl="https://your-instance.octopus.app/" \ +--set registration.octopus.serverAccessToken="API-XXXXXXXXXXXXXXXX" \ +--set registration.octopus.spaceId="Spaces-1" \ +--set gateway.octopus.serverGrpcUrl="grpc://your-instance.octopus.app:8443" \ +--set gateway.argocd.serverGrpcUrl="grpc://xxxxxxxx.eks-capabilities..amazonaws.com" \ +--set gateway.argocd.insecure="false" \ +--set gateway.argocd.plaintext="false" \ +--set gateway.argocd.authenticationToken="" \ +--set gateway.argocd.grpcWeb="true" \ + \ +oci://registry-1.docker.io/octopusdeploy/octopus-argocd-gateway-chart +``` + From 40d42a646ec947ea1e3d3e397ba20519e4d6a376 Mon Sep 17 00:00:00 2001 From: Travis Leeden Date: Fri, 13 Mar 2026 16:15:20 +1000 Subject: [PATCH 2/2] Fixed linting --- src/pages/docs/argo-cd/instances/aws-managed-argo-cd.md | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/src/pages/docs/argo-cd/instances/aws-managed-argo-cd.md b/src/pages/docs/argo-cd/instances/aws-managed-argo-cd.md index 8169570218..1ba401e4a6 100644 --- a/src/pages/docs/argo-cd/instances/aws-managed-argo-cd.md +++ b/src/pages/docs/argo-cd/instances/aws-managed-argo-cd.md @@ -14,19 +14,18 @@ The Argo CD Gateway can be installed into an AWS EKS cluster and connect to an A AWS managed Argo CD instances differ from standard self-hosted installations in the following ways: -**External URL** +### External URL Standard installations connect to Argo CD using the in-cluster Kubernetes service DNS name (e.g. `argocd-server.argocd.svc.cluster.local`). AWS managed Argo CD instances are not accessible via in-cluster DNS, so the publicly accessible EKS capabilities URL must be used instead. -**Valid TLS Certificate** +### Valid TLS Certificate AWS managed Argo CD instances are served with a publicly trusted TLS certificate. Unlike self-hosted installations that may use self-signed certificates, the **Argo CD instance uses self-signed certificates** option should remain unchecked to keep certificate verification enabled. -**gRPC-Web** +### gRPC-Web AWS EKS Argo CD instances are exposed through a load balancer that does not support native gRPC (HTTP/2). The gateway must be configured to use gRPC-Web, which encapsulates gRPC communication over HTTP/1.1, by setting `gateway.argocd.grpcWeb="true"` or `gateway.argocd.grpcWebRootPath="/argo/api"`. - ## Installation The installation process follows the [standard process](/docs/argo-cd/instances#installing-the-octopus-argo-cd-gateway), with a few adjustments required for AWS managed Argo CD instances. @@ -54,4 +53,3 @@ helm install --atomic \ \ oci://registry-1.docker.io/octopusdeploy/octopus-argocd-gateway-chart ``` -