2022-08-25 08:42:43 +00:00
{{- if .Values.crds.install }}
2021-01-12 18:27:30 +00:00
apiVersion : apiextensions.k8s.io/v1
2019-12-18 22:50:18 +00:00
kind : CustomResourceDefinition
metadata :
2022-08-25 08:42:43 +00:00
annotations :
{{- if .Values.crds.keep }}
"helm.sh/resource-policy": keep
{{- end }}
{{- with .Values.crds.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
2019-12-18 22:50:18 +00:00
labels :
app.kubernetes.io/name : appprojects.argoproj.io
app.kubernetes.io/part-of : argocd
2023-05-11 14:06:46 +00:00
{{- with .Values.crds.additionalLabels }}
{{- toYaml . | nindent 4}}
2024-02-07 07:10:12 +00:00
{{- end }}
2019-12-18 22:50:18 +00:00
name : appprojects.argoproj.io
spec :
group : argoproj.io
names :
kind : AppProject
2020-04-08 15:43:40 +00:00
listKind : AppProjectList
2019-12-18 22:50:18 +00:00
plural : appprojects
shortNames :
2020-04-08 15:43:40 +00:00
- appproj
- appprojs
singular : appproject
2019-12-18 22:50:18 +00:00
scope : Namespaced
2021-01-15 19:44:31 +00:00
versions :
- name : v1alpha1
schema :
openAPIV3Schema :
2021-12-15 10:15:02 +00:00
description : 'AppProject provides a logical grouping of applications, providing
controls for : * where the apps may deploy to (cluster whitelist) * what
may be deployed (repository whitelist, resource whitelist/blacklist) * who
can access these applications (roles, OIDC group claims bindings) * and
what they can do (RBAC policies) * automation access to these roles (JWT
tokens)'
2021-01-15 19:44:31 +00:00
properties :
apiVersion :
2021-12-15 10:15:02 +00:00
description : 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info : https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
2021-01-15 19:44:31 +00:00
type : string
kind :
2021-12-15 10:15:02 +00:00
description : 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info : https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
2021-01-15 19:44:31 +00:00
type : string
metadata :
type : object
spec :
description : AppProjectSpec is the specification of an AppProject
properties :
clusterResourceBlacklist :
2021-12-15 10:15:02 +00:00
description : ClusterResourceBlacklist contains list of blacklisted
cluster level resources
2021-01-15 19:44:31 +00:00
items :
2021-12-15 10:15:02 +00:00
description : GroupKind specifies a Group and a Kind, but does not
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
2021-01-15 19:44:31 +00:00
properties :
group :
2019-12-18 22:50:18 +00:00
type : string
2021-01-15 19:44:31 +00:00
kind :
type : string
required :
- group
- kind
type : object
type : array
clusterResourceWhitelist :
2021-12-15 10:15:02 +00:00
description : ClusterResourceWhitelist contains list of whitelisted
cluster level resources
2021-01-15 19:44:31 +00:00
items :
2021-12-15 10:15:02 +00:00
description : GroupKind specifies a Group and a Kind, but does not
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
2021-01-15 19:44:31 +00:00
properties :
group :
type : string
kind :
type : string
required :
- group
- kind
type : object
type : array
description :
description : Description contains optional project description
type : string
destinations :
2021-12-15 10:15:02 +00:00
description : Destinations contains list of destinations available
for deployment
2021-01-15 19:44:31 +00:00
items :
2021-12-15 10:15:02 +00:00
description : ApplicationDestination holds information about the
application's destination
2021-01-15 19:44:31 +00:00
properties :
name :
2021-12-15 10:15:02 +00:00
description : Name is an alternate way of specifying the target
2024-02-05 06:25:42 +00:00
cluster by its symbolic name. This must be set if Server is
not set.
2021-01-15 19:44:31 +00:00
type : string
namespace :
2021-12-15 10:15:02 +00:00
description : Namespace specifies the target namespace for the
application's resources. The namespace will only be set for
namespace-scoped resources that have not set a value for .metadata.namespace
2021-01-15 19:44:31 +00:00
type : string
server :
2024-02-05 06:25:42 +00:00
description : Server specifies the URL of the target cluster's
Kubernetes control plane API. This must be set if Name is
not set.
2021-01-15 19:44:31 +00:00
type : string
type : object
type : array
namespaceResourceBlacklist :
2021-12-15 10:15:02 +00:00
description : NamespaceResourceBlacklist contains list of blacklisted
namespace level resources
2021-01-15 19:44:31 +00:00
items :
2021-12-15 10:15:02 +00:00
description : GroupKind specifies a Group and a Kind, but does not
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
2021-01-15 19:44:31 +00:00
properties :
group :
type : string
kind :
type : string
required :
- group
- kind
type : object
type : array
namespaceResourceWhitelist :
2021-12-15 10:15:02 +00:00
description : NamespaceResourceWhitelist contains list of whitelisted
namespace level resources
2021-01-15 19:44:31 +00:00
items :
2021-12-15 10:15:02 +00:00
description : GroupKind specifies a Group and a Kind, but does not
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
2021-01-15 19:44:31 +00:00
properties :
group :
type : string
kind :
type : string
required :
- group
- kind
type : object
type : array
orphanedResources :
2021-12-15 10:15:02 +00:00
description : OrphanedResources specifies if controller should monitor
orphaned resources of apps in this project
2021-01-15 19:44:31 +00:00
properties :
ignore :
2021-12-15 10:15:02 +00:00
description : Ignore contains a list of resources that are to be
excluded from orphaned resources monitoring
2019-12-18 22:50:18 +00:00
items :
2021-12-15 10:15:02 +00:00
description : OrphanedResourceKey is a reference to a resource
to be ignored from
2019-12-18 22:50:18 +00:00
properties :
2021-01-15 19:44:31 +00:00
group :
type : string
kind :
type : string
name :
2020-05-14 02:16:36 +00:00
type : string
2019-12-18 22:50:18 +00:00
type : object
type : array
2021-01-15 19:44:31 +00:00
warn :
2021-12-15 10:15:02 +00:00
description : Warn indicates if warning condition should be created
for apps which have orphaned resources
2021-01-15 19:44:31 +00:00
type : boolean
2020-08-29 20:42:25 +00:00
type : object
2022-10-25 21:22:22 +00:00
permitOnlyProjectScopedClusters :
description : PermitOnlyProjectScopedClusters determines whether destinations
can only reference clusters which are project-scoped
type : boolean
2021-01-15 19:44:31 +00:00
roles :
2021-12-15 10:15:02 +00:00
description : Roles are user defined RBAC roles associated with this
project
2021-01-15 19:44:31 +00:00
items :
2021-12-15 10:15:02 +00:00
description : ProjectRole represents a role that has access to a
project
2021-01-15 19:44:31 +00:00
properties :
description :
description : Description is a description of the role
2019-12-18 22:50:18 +00:00
type : string
2021-01-15 19:44:31 +00:00
groups :
2021-12-15 10:15:02 +00:00
description : Groups are a list of OIDC group claims bound to
this role
2021-01-15 19:44:31 +00:00
items :
type : string
type : array
jwtTokens :
2021-12-15 10:15:02 +00:00
description : JWTTokens are a list of generated JWT tokens bound
to this role
2021-01-15 19:44:31 +00:00
items :
2021-12-15 10:15:02 +00:00
description : JWTToken holds the issuedAt and expiresAt values
of a token
2021-01-15 19:44:31 +00:00
properties :
exp :
format : int64
type : integer
iat :
format : int64
type : integer
id :
type : string
required :
- iat
type : object
type : array
name :
description : Name is a name for this role
2019-12-18 22:50:18 +00:00
type : string
2021-01-15 19:44:31 +00:00
policies :
2021-12-15 10:15:02 +00:00
description : Policies Stores a list of casbin formatted strings
that define access policies for the role in the project
2021-01-15 19:44:31 +00:00
items :
type : string
type : array
required :
- name
type : object
type : array
signatureKeys :
2021-12-15 10:15:02 +00:00
description : SignatureKeys contains a list of PGP key IDs that commits
in Git must be signed with in order to be allowed for sync
2021-01-15 19:44:31 +00:00
items :
2021-12-15 10:15:02 +00:00
description : SignatureKey is the specification of a key required
to verify commit signatures with
2021-01-15 19:44:31 +00:00
properties :
keyID :
description : The ID of the key in hexadecimal notation
2019-12-18 22:50:18 +00:00
type : string
2021-01-15 19:44:31 +00:00
required :
- keyID
type : object
type : array
2022-10-25 21:22:22 +00:00
sourceNamespaces :
description : SourceNamespaces defines the namespaces application resources
are allowed to be created in
items :
type : string
type : array
2021-01-15 19:44:31 +00:00
sourceRepos :
2021-12-15 10:15:02 +00:00
description : SourceRepos contains list of repository URLs which can
be used for deployment
2021-01-15 19:44:31 +00:00
items :
type : string
type : array
syncWindows :
2021-12-15 10:15:02 +00:00
description : SyncWindows controls when syncs can be run for apps in
this project
2021-01-15 19:44:31 +00:00
items :
2021-12-15 10:15:02 +00:00
description : SyncWindow contains the kind, time, duration and attributes
that are used to assign the syncWindows to apps
2021-01-15 19:44:31 +00:00
properties :
applications :
2021-12-15 10:15:02 +00:00
description : Applications contains a list of applications that
the window will apply to
2021-01-15 19:44:31 +00:00
items :
type : string
type : array
clusters :
2021-12-15 10:15:02 +00:00
description : Clusters contains a list of clusters that the window
will apply to
2021-01-15 19:44:31 +00:00
items :
type : string
type : array
duration :
2021-12-15 10:15:02 +00:00
description : Duration is the amount of time the sync window
will be open
2021-01-15 19:44:31 +00:00
type : string
kind :
description : Kind defines if the window allows or blocks syncs
type : string
manualSync :
2021-12-15 10:15:02 +00:00
description : ManualSync enables manual syncs when they would
otherwise be blocked
2021-01-15 19:44:31 +00:00
type : boolean
namespaces :
2021-12-15 10:15:02 +00:00
description : Namespaces contains a list of namespaces that the
window will apply to
2021-01-15 19:44:31 +00:00
items :
type : string
type : array
schedule :
2021-12-15 10:15:02 +00:00
description : Schedule is the time the window will begin, specified
in cron format
type : string
timeZone :
description : TimeZone of the sync that will be applied to the
schedule
2021-01-15 19:44:31 +00:00
type : string
type : object
type : array
type : object
2021-02-17 05:30:40 +00:00
status :
2021-12-15 10:15:02 +00:00
description : AppProjectStatus contains status information for AppProject
CRs
2021-02-17 05:30:40 +00:00
properties :
jwtTokensByRole :
2021-03-20 15:58:47 +00:00
additionalProperties :
2021-04-24 10:50:25 +00:00
description : JWTTokens represents a list of JWT tokens
2021-03-20 15:58:47 +00:00
properties :
2021-04-24 10:50:25 +00:00
items :
items :
2021-12-15 10:15:02 +00:00
description : JWTToken holds the issuedAt and expiresAt values
of a token
2021-03-20 15:58:47 +00:00
properties :
exp :
format : int64
type : integer
iat :
format : int64
type : integer
id :
type : string
2021-04-24 10:50:25 +00:00
required :
- iat
2021-03-20 15:58:47 +00:00
type : object
type : array
type : object
2021-12-15 10:15:02 +00:00
description : JWTTokensByRole contains a list of JWT tokens issued
for a given role
2021-02-17 05:30:40 +00:00
type : object
type : object
2021-01-15 19:44:31 +00:00
required :
- metadata
- spec
type : object
2021-04-24 10:50:25 +00:00
served : true
storage : true
2022-08-25 08:42:43 +00:00
{{- end }}
