Argocd server

argocd-server

Run the ArgoCD API server

Synopsis

The API server is a gRPC/REST server which exposes the API consumed by the Web UI, CLI, and CI/CD systems. This command runs API server in the foreground. It can be configured by following options.

  1. argocd-server [flags]

Options

  1. --address string Listen on given address (default "0.0.0.0")
  2. --app-state-cache-expiration duration Cache expiration for app state (default 1h0m0s)
  3. --application-namespaces strings List of additional namespaces where application resources can be managed in
  4. --as string Username to impersonate for the operation
  5. --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups.
  6. --as-uid string UID to impersonate for the operation
  7. --basehref string Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / (default "/")
  8. --certificate-authority string Path to a cert file for the certificate authority
  9. --client-certificate string Path to a client certificate file for TLS
  10. --client-key string Path to a client key file for TLS
  11. --cluster string The name of the kubeconfig cluster to use
  12. --connection-status-cache-expiration duration Cache expiration for cluster/repo connection status (default 1h0m0s)
  13. --content-security-policy value Set Content-Security-Policy header in HTTP responses to value. To disable, set to "". (default "frame-ancestors 'self';")
  14. --context string The name of the kubeconfig context to use
  15. --default-cache-expiration duration Cache expiration default (default 24h0m0s)
  16. --dex-server string Dex server address (default "argocd-dex-server:5556")
  17. --dex-server-plaintext Use a plaintext client (non-TLS) to connect to dex server
  18. --dex-server-strict-tls Perform strict validation of TLS certificates when connecting to dex server
  19. --disable-auth Disable client authentication
  20. --enable-gzip Enable GZIP compression (default true)
  21. --enable-proxy-extension Enable Proxy Extension feature
  22. --gloglevel int Set the glog logging level
  23. -h, --help help for argocd-server
  24. --insecure Run server without TLS
  25. --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
  26. --kubeconfig string Path to a kube config. Only required if out-of-cluster
  27. --logformat string Set the logging format. One of: text|json (default "text")
  28. --login-attempts-expiration duration Cache expiration for failed login attempts (default 24h0m0s)
  29. --loglevel string Set the logging level. One of: debug|info|warn|error (default "info")
  30. --metrics-address string Listen for metrics on given address (default "0.0.0.0")
  31. --metrics-port int Start metrics on given port (default 8083)
  32. -n, --namespace string If present, the namespace scope for this CLI request
  33. --oidc-cache-expiration duration Cache expiration for OIDC state (default 3m0s)
  34. --otlp-address string OpenTelemetry collector address to send traces to
  35. --password string Password for basic authentication to the API server
  36. --port int Listen on given port (default 8080)
  37. --proxy-url string If provided, this URL will be used to connect via proxy
  38. --redis string Redis server hostname and port (e.g. argocd-redis:6379).
  39. --redis-ca-certificate string Path to Redis server CA certificate (e.g. /etc/certs/redis/ca.crt). If not specified, system trusted CAs will be used for server certificate validation.
  40. --redis-client-certificate string Path to Redis client certificate (e.g. /etc/certs/redis/client.crt).
  41. --redis-client-key string Path to Redis client key (e.g. /etc/certs/redis/client.crt).
  42. --redis-compress string Enable compression for data sent to Redis with the required compression algorithm. (possible values: gzip, none) (default "gzip")
  43. --redis-insecure-skip-tls-verify Skip Redis server certificate validation.
  44. --redis-use-tls Use TLS when connecting to Redis.
  45. --redisdb int Redis database.
  46. --repo-server string Repo server address (default "argocd-repo-server:8081")
  47. --repo-server-plaintext Use a plaintext client (non-TLS) to connect to repository server
  48. --repo-server-strict-tls Perform strict validation of TLS certificates when connecting to repo server
  49. --repo-server-timeout-seconds int Repo server RPC call timeout seconds. (default 60)
  50. --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
  51. --rootpath string Used if Argo CD is running behind reverse proxy under subpath different from /
  52. --sentinel stringArray Redis sentinel hostname and port (e.g. argocd-redis-ha-announce-0:6379).
  53. --sentinelmaster string Redis sentinel master group name. (default "master")
  54. --server string The address and port of the Kubernetes API server
  55. --staticassets string Directory path that contains additional static assets (default "/shared/app")
  56. --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used.
  57. --tlsciphers string The list of acceptable ciphers to be used when establishing TLS connections. Use 'list' to list available ciphers. (default "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_RSA_WITH_AES_256_GCM_SHA384")
  58. --tlsmaxversion string The maximum SSL/TLS version that is acceptable (one of: 1.0|1.1|1.2|1.3) (default "1.3")
  59. --tlsminversion string The minimum SSL/TLS version that is acceptable (one of: 1.0|1.1|1.2|1.3) (default "1.2")
  60. --token string Bearer token for authentication to the API server
  61. --user string The name of the kubeconfig user to use
  62. --username string Username for basic authentication to the API server
  63. --x-frame-options value Set X-Frame-Options header in HTTP responses to value. To disable, set to "". (default "sameorigin")

SEE ALSO