I wanted to disable the admin user in Argo, primarily because I wanted to have all logins go through my SAML provider.
With ArgoCD you have the ability to use local users, external users (via SAML) or both.
I wanted to force all logins through the SAML provider and remove the username/password text boxes from the login screen. After a quick look through the source, I found I needed to disable the login on all local users in the Argo system. Since I did not have any users other than the admin, I only needed to disable that one user.
To do this, modify the
argocd-cm config map and add a new entry,
admin.enabled. Set it to
false and apply it.
Below is the relevant parts of the config map.
apiVersion: v1 kind: ConfigMap metadata: name: argocd-cm data: admin.enabled: "false"
Argo is fun and I enjoy learning more about it as time goes on. It only gets better. Before I set the
admin.enabled value I had just set the password hash on the admin user to an invalid value, hacky, but that worked. This is a much better solution.