Seems like I need to modify argocd-cm.yaml config map to include resource of kind "Application".
But i couldn't see any argocd-cm configmap. I don't have kubectl utility to modify the config map.
Is there a way to view modify argocd-cm by logging in to argo website?
App of apps pattern:
https://argo-cd.readthedocs.io/en/stable/operator-manual/cluster-bootstrapping/
To view config for the current project in argo, i navigated to settings/projects/testproject and i see below settings:
Settings
The cluster resource allow list is empty.
cluster resource deny list:
Kind Group
* *
Namespace Resource allow list is empty
Namespace resource deny list
kind Group
ResourceQuota
LimitRange
NetworkPolicy
Not sure if any one of these settings is not allowing the resource of Kind: "Application"
No, there is no way to modify the argocd-cm settings via the UI.
Deploying Apps from other Apps is something which should be reserved for admins, because it allows you to deploy Apps with any project you choose. If you do not have access to edit argocd-cm, then you should not have access to deploy Apps with arbitrary project values.
Related
I've deployed a Django project on Google Cloud standard AppEngine,
My Domain Name is registered in Google Domains which confirms that it already points to my project when I try to customize my domains.
On the Web, I've access my project under its project name:
https://mooveup-9645.oa.r.appspot.com
However when I try https://my-domain.fr the web site cannot be accessed.
My Question is:
Where should I add my domain name ?
if APPENGINE_URL:
# Ensure a scheme is present in the URL before it's processed.
if not urlparse(APPENGINE_URL).scheme:
APPENGINE_URL = f"https://{APPENGINE_URL}"
ALLOWED_HOSTS = [urlparse(APPENGINE_URL).netloc, "www.my-domain.fr", "my-domain.fr"]
Is this the appropriate solution in Django settings or is there another configuration step with GCP?
You must add the Custom Domain in the GCP console:
https://console.cloud.google.com/appengine/settings/domains?project={your_project}
On Google Cloud tutorial to deploy an Django project on AppEngine, some steps are skipped.
On Django Settings complete the ALLOWED_HOSTS with your domain name.
If you have a Standard AppEngine in order to avoid the overload of the Engine, the better is to deploy and then delete the former versions, in order to alleviate the risk of Error 502:
$ gcloud app deploy --project PROJECT_ID --promote
$ gcloud app versions list --project PROJECT_ID //to get the older versions
$ gcloud app versions delete VERSION_ID
Then:
On https://console.cloud.google.com/appengine/settings, you should customize your domain name and end your domain name with a DOT in order to get the DNS records and then update them on https://domains.google.com/registrar/
I want to host a static web app containing HTML/CSS/JS only and some interlinking between HTML pages.
I am successfully able to access the app if I make the bucket public but I don't want to make the app public and I want that only authenticated users (People of the organization) can access that app.
When I make it private then CSS/JS stops working because the index.html can not access those files due to permission issue.
How to achieve this?
As said by John, you can't achieve this with Cloud Storage. However you can use App Engine standard with IAP.
For this, get your sources and build a app.yaml file with this content
runtime: python3
handlers:
- url: /stylesheets
static_dir: stylesheets
- url: /statics
static_dir: statics
- url: /.*
script: index.html
Then deploy it gcloud app deploy
Then, go to identity aware proxy page and activate IAP for your App Engine service.
Finally, you can select your App Engine service, go on the info panel on the right and click on add member. You can add a single user, a group or a company. (all needs to have a Google Account. Works well with Google Workspace company for example); and add the role IAP secured Web App user
You can solve this by adding the <base> tag inside <head>:
<base href="https://storage.cloud.google.com/<bucket>/path/to/site/root/"/>
Normal CSS and JS will work.
However calling fetch to load additional files might not work due to CORS.
So here's my situation...I have two React apps that need to talk to the same Cognito User Pool. I've been able to accomplish this by copying the aws-exports.js file from the first app to the second app I created (not sure if this is something I should be doing or not but it is working). The issue I am having however is when I run an Admin Query on the second app (to say list users in the Cognito User Pool) I get a 403 (Forbidden) error. Has anyone ever run into this before? Googling all day has not helped me so I figured I would ask.
You'll need "multi-frontend" solution:
https://docs.amplify.aws/cli/teams/multi-frontend
I'll give you some useful infos for this:
Open the Amplify Console and there the "first" app (wheres the backend was created).
Go to the first app's "backend" section
Select "Backend environments" tab
Search for "Edit backend" box and this text: "To continue working on the backend, install the Amplify CLI and make updates by running the command below from the root of your project folder"
copy that command, and paste/run in second app's root.
Beware!
do not modify (and push) the backend from the second application.
if you use git branch based environment you must always switch the env AND the branch parallel. Do not pull the "master" backend for your "dev" env.
try to avoid modifing on amplify console if you modify things with amplify cli. Those things cannot be syncronized... :(
If you store multiple apps in a git monorepo:
https://docs.amplify.aws/cli/usage/monorepo
We have an existing AWS Amplify project with auth, api, storage, hosting etc. Works well. We now need to create a separate publicly accessible site using the same DynamoDB tables, GraphQL schema etc. without auth and with different hosting and storage resources. We have viewed a couple of similar questions on StackOverflow without any answers. Our best guess would be to copy over the Amplify config files and remove the non-api related config files and sections - but that seems like a hack if it works.
Is there any official way to attempt this?
No, you are on the right track.
Manually pass in the resources that you want to overwrite, and generate new for everything else.
import { mergeDeepLeft } from 'ramda';
import Amplify from '#aws-amplify/core';
import config from './aws-exports';
const myAppConfig = {
// ...
'aws_appsync_graphqlEndpoint': 'https://xxxxxx.appsync-api.us-east-1.amazonaws.com/graphql',
'aws_appsync_region': 'us-east-1',
'aws_appsync_authenticationType': 'API_KEY',
'aws_appsync_apiKey': 'da2-xxxxxxxxxxxxxxxxxxxxxxxxxx',
// ...
}
Amplify.configure(mergeDeepLeft(myAppConfig, config));
I have 2 parts to my application one for an API and then the normal Web application. Each have separate controllers, the API returns json and Web returns views
I am using Pundit for authorization and I would like to place my policies into sub folders like the following
>policies
>api
>web
When I do this I get
Pundit::NotDefinedError (unable to find policy UserPolicy for
Is there a way of splitting the policies folder into subfolders or is there another solution to my problem?