Documentation Index Fetch the complete documentation index at: https://docs.cloudthinker.io/llms.txt
Use this file to discover all available pages before exploring further.
ArgoCD Connect your ArgoCD instances to enable Kai (Kubernetes Engineer) to analyze deployments, manage applications, and troubleshoot GitOps workflows.
Platform Support Self-hosted ArgoCD All versions Akuity Platform Managed ArgoCD service
Setup Select your ArgoCD platform:
Self-hosted ArgoCD
Akuity Platform
For ArgoCD already running on your cluster.
Get Connection Details
Ensure ArgoCD is accessible. The default port is 8888. Get your host IP address: hostname -I | awk '{print $1}'
Ensure ArgoCD CLI is installed:
Generate API Token
Enable apiKey and generate token: kubectl -n argocd patch configmap argocd-cm --type merge -p '{"data":{"accounts.admin":"apiKey, login"}}' argocd login < host-i p > :8888 --username admin --password '<password>' --insecure argocd account generate-token --account admin --insecure
Configure CloudThinker Connection
In CloudThinker, navigate to Connections → ArgoCD and enter:
Base URL : https://<host-ip>:8888API Token : Token from previous stepTLS Verification : DisableRead-only Mode : Enable For managed ArgoCD via Akuity Platform.
Install CLI
Install ArgoCD CLI: Install Akuity CLI: curl -sSL -o /tmp/akuity \ "https://dl.akuity.io/akuity-cli/$( curl -sL https://dl.akuity.io/akuity-cli/stable.txt)/$( uname )/$( uname -m )/akuity" chmod +x /tmp/akuity sudo mv /tmp/akuity /usr/local/bin/akuity
Create Admin Account
In the Akuity Portal :
Navigate to Organization → API Keys → Click Create API Key (role: Owner)
Under your ArgoCD instance → Settings → System Accounts
Click Add Account → Name: admin
Enable both login and apiKey capabilities
Set a password
Generate API Token
Login and generate token: argocd login < instance-i d > .cd.akuity.cloud --grpc-web \ --username admin --password '<your-password>' argocd account generate-token --account admin --grpc-web
Configure CloudThinker Connection
In CloudThinker, navigate to Connections → ArgoCD and enter:
Base URL : https://<instance-id>.cd.akuity.cloudAPI Token : Token from previous stepTLS Verification : EnableRead-only Mode : Enable Connection Options Option Description Self-hosted Akuity TLS Verification Validate server certificate Disable Enable API Key Setup Enable apiKey capability Patch argocd-cm Portal UI CLI Flags ArgoCD CLI flags --insecure--grpc-web
Required Permissions The CloudThinker user needs ArgoCD RBAC permissions:
apiVersion : v1 kind : ConfigMap metadata : name : argocd-rbac-cm namespace : argocd data : policy.default : role:readonly policy.csv : | p, role:cloudthinker-readonly, applications, get, */*, allow p, role:cloudthinker-readonly, applications, list, */*, allow p, role:cloudthinker-readonly, repositories, get, *, allow p, role:cloudthinker-readonly, repositories, list, *, allow p, role:cloudthinker-readonly, clusters, get, *, allow p, role:cloudthinker-readonly, clusters, list, *, allow g, cloudthinker-readonly, role:cloudthinker-readonly
Apply:
kubectl apply -f argocd-rbac.yaml
Agent Capabilities Once connected, Kai can:
Capability Description Application Status View sync status, health state, last sync time Deployment Analysis Identify out-of-sync and failed deployments Repository Insights Analyze Git repository state and commits Sync Operations Trigger manual syncs Health Monitoring Track application health
Example Prompts @kai show me all out-of-sync applications in ArgoCD @kai analyze deployment failures for the payment service @kai sync the frontend application to latest commit @kai check health status of all apps in production @kai list applications with degraded health
Troubleshooting
Cannot connect to ArgoCD server
Self-hosted : Use host IP (not localhost) in Base URLVerify port-forward: kubectl port-forward svc/argocd-server -n argocd 8888:443 --address 0.0.0.0
Check firewall rules
Verify API token is correct
Ensure admin has login + apiKey capabilities
Self-hosted: Check argocd-cm ConfigMap patched
Akuity: Check System Account capabilities
Cannot generate API token
Check apiKey capability enabled
Run: argocd account get
Self-hosted: Disable TLS verification
Akuity: Enable TLS verification
Security Best Practices
Read-only access - Use read-only RBACToken rotation - Rotate periodicallyNetwork isolation - Restrict server accessAudit logging - Enable ArgoCD audit logsLeast privilege - Grant only get/list
Kai Agent Kubernetes and GitOps agent
Kubernetes Connection Connect clusters
