diff --git a/modules/infra/argocd/main.tf b/modules/infra/argocd/main.tf
index a3befdf..0c94c4b 100644
--- a/modules/infra/argocd/main.tf
+++ b/modules/infra/argocd/main.tf
@@ -1,3 +1,10 @@
+locals {
+  argocd_password_hash = bcrypt(var.admin_password, 10)
+  values_yaml = templatefile("${path.module}/values.yaml", {
+    argocd_password_hash = local.argocd_password_hash
+  })
+}
+
 resource "helm_release" "argocd" {
   name       = "argocd"
   chart      = "argo-cd"
@@ -5,9 +12,7 @@ resource "helm_release" "argocd" {
   repository = "https://argoproj.github.io/argo-helm"
   version    = "7.7.21"
 
-  values = [
-    file("${path.module}/values.yaml")
-  ]
+  values = [local.values_yaml]
 
   depends_on = [kubernetes_manifest.argocd_cmp_plugin]
 }
@@ -40,11 +45,3 @@ resource "kubernetes_secret" "argocd_vault_plugin_credentials" {
   depends_on = [helm_release.argocd]
 }
 
-data "kubernetes_secret" "argocd_initial_password" {
-  metadata {
-    name      = "argocd-initial-admin-secret"
-    namespace = "argocd"
-  }
-
-  depends_on = [helm_release.argocd]
-}
diff --git a/modules/infra/argocd/values.yaml b/modules/infra/argocd/values.yaml
index 66759a7..dc57884 100644
--- a/modules/infra/argocd/values.yaml
+++ b/modules/infra/argocd/values.yaml
@@ -5,6 +5,8 @@ server:
 configs:
   params:
     server.insecure: true
+  secret:
+    argocdServerAdminPassword: "${argocd_password_hash}"
 
 # argocd-vault-plugin
 repoServer:
diff --git a/modules/infra/argocd/variables.tf b/modules/infra/argocd/variables.tf
new file mode 100644
index 0000000..c7a7cdb
--- /dev/null
+++ b/modules/infra/argocd/variables.tf
@@ -0,0 +1,5 @@
+variable "admin_password" {
+  type        = string
+  description = "admin password"
+  sensitive   = true
+}
diff --git a/projects/infra/main.tf b/projects/infra/main.tf
index fd5e4d9..d977b12 100644
--- a/projects/infra/main.tf
+++ b/projects/infra/main.tf
@@ -35,8 +35,14 @@ module "opentelemetry" {
   source = "../../modules/infra/opentelemetry"
 }
 
+data "vault_kv_secret_v2" "argocd" {
+  mount = "kv"
+  name = "infra/argocd"
+}
+
 module "argocd" {
   source = "../../modules/infra/argocd"
+  admin_password = data.vault_kv_secret_v2.argocd.data["password"]
 }
 
 module "argocd-application" {