From bb5aa01a0ee05082953415024d52caaf20e5a084 Mon Sep 17 00:00:00 2001 From: sylus Date: Thu, 7 Oct 2021 10:11:30 -0400 Subject: [PATCH] feat(operator): Add ArgoCD Operator initial pass Signed-off-by: sylus --- charts/argocd-operator/.helmignore | 22 + charts/argocd-operator/Chart.yaml | 20 + charts/argocd-operator/README.md | 10 + .../crds/argoproj.io_applications_crd.yaml | 1760 +++++++++++++++++ .../crds/argoproj.io_applicationsets.yaml | 1741 ++++++++++++++++ .../crds/argoproj.io_appprojects_crd.yaml | 257 +++ .../crds/argoproj.io_argocdexports_crd.yaml | 219 ++ .../crds/argoproj.io_argocds_crd.yaml | 1236 ++++++++++++ charts/argocd-operator/templates/NOTES.txt | 5 + charts/argocd-operator/templates/_helpers.tpl | 58 + .../templates/argocd_editor_role.yaml | 24 + .../templates/argocd_viewer_role.yaml | 20 + .../templates/argocdexport_editor_role.yaml | 24 + .../templates/argocdexport_viewer_role.yaml | 20 + .../auth_proxy_client_clusterrole.yaml | 9 + .../templates/auth_proxy_role.yaml | 17 + .../templates/auth_proxy_role_binding.yaml | 12 + .../templates/auth_proxy_service.yaml | 14 + .../templates/leader_election_role.yaml | 37 + .../leader_election_role_binding.yaml | 12 + .../argocd-operator/templates/operator.yaml | 45 + .../argocd-operator/templates/projects.yaml | 23 + charts/argocd-operator/templates/role.yaml | 120 ++ .../templates/role_binding.yaml | 12 + .../templates/service_account.yaml | 7 + .../vault-plugin/cluster-role-binding.yaml | 18 + .../templates/vault-plugin/plugin-secret.yaml | 18 + .../templates/vault-plugin/role-binding.yaml | 18 + .../templates/vault-plugin/role.yaml | 15 + .../vault-plugin/serviceaccount.yaml | 13 + charts/argocd-operator/values.yaml | 108 + 31 files changed, 5914 insertions(+) create mode 100644 charts/argocd-operator/.helmignore create mode 100644 charts/argocd-operator/Chart.yaml create mode 100644 charts/argocd-operator/README.md create mode 100644 charts/argocd-operator/crds/argoproj.io_applications_crd.yaml create mode 100644 charts/argocd-operator/crds/argoproj.io_applicationsets.yaml create mode 100644 charts/argocd-operator/crds/argoproj.io_appprojects_crd.yaml create mode 100644 charts/argocd-operator/crds/argoproj.io_argocdexports_crd.yaml create mode 100644 charts/argocd-operator/crds/argoproj.io_argocds_crd.yaml create mode 100644 charts/argocd-operator/templates/NOTES.txt create mode 100644 charts/argocd-operator/templates/_helpers.tpl create mode 100644 charts/argocd-operator/templates/argocd_editor_role.yaml create mode 100644 charts/argocd-operator/templates/argocd_viewer_role.yaml create mode 100644 charts/argocd-operator/templates/argocdexport_editor_role.yaml create mode 100644 charts/argocd-operator/templates/argocdexport_viewer_role.yaml create mode 100644 charts/argocd-operator/templates/auth_proxy_client_clusterrole.yaml create mode 100644 charts/argocd-operator/templates/auth_proxy_role.yaml create mode 100644 charts/argocd-operator/templates/auth_proxy_role_binding.yaml create mode 100644 charts/argocd-operator/templates/auth_proxy_service.yaml create mode 100644 charts/argocd-operator/templates/leader_election_role.yaml create mode 100644 charts/argocd-operator/templates/leader_election_role_binding.yaml create mode 100644 charts/argocd-operator/templates/operator.yaml create mode 100644 charts/argocd-operator/templates/projects.yaml create mode 100644 charts/argocd-operator/templates/role.yaml create mode 100644 charts/argocd-operator/templates/role_binding.yaml create mode 100644 charts/argocd-operator/templates/service_account.yaml create mode 100644 charts/argocd-operator/templates/vault-plugin/cluster-role-binding.yaml create mode 100644 charts/argocd-operator/templates/vault-plugin/plugin-secret.yaml create mode 100644 charts/argocd-operator/templates/vault-plugin/role-binding.yaml create mode 100644 charts/argocd-operator/templates/vault-plugin/role.yaml create mode 100644 charts/argocd-operator/templates/vault-plugin/serviceaccount.yaml create mode 100644 charts/argocd-operator/values.yaml diff --git a/charts/argocd-operator/.helmignore b/charts/argocd-operator/.helmignore new file mode 100644 index 00000000..50af0317 --- /dev/null +++ b/charts/argocd-operator/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/argocd-operator/Chart.yaml b/charts/argocd-operator/Chart.yaml new file mode 100644 index 00000000..f637688f --- /dev/null +++ b/charts/argocd-operator/Chart.yaml @@ -0,0 +1,20 @@ +apiVersion: v2 +description: A Helm chart for ArgoCD Operator +name: argocd-operator +version: 0.0.6 +appVersion: v0.0.15 +type: application +keywords: +- argocd +- cd +- gitops +home: https://argocd-operator.readthedocs.io/ +icon: https://raw.githubusercontent.com/argoproj-labs/argocd-operator/master/deploy/argo-cd/icon.png +sources: +- https://github.com/argoproj-labs/argocd-operator +maintainers: +- name: sylus + email: william.hearn@canada.ca +- name: zachomedia + email: zachary.seguin@canada.ca +engine: gotpl diff --git a/charts/argocd-operator/README.md b/charts/argocd-operator/README.md new file mode 100644 index 00000000..ff0ed31f --- /dev/null +++ b/charts/argocd-operator/README.md @@ -0,0 +1,10 @@ +# ArgoCD Operator + +A Kubernetes operator for managing Argo CD clusters. + +For more detailed documentation please visit [here](https://argocd-operator.readthedocs.io/) + +Introduction +------------ + +This chart bootstraps the ArgoCD Operator on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. diff --git a/charts/argocd-operator/crds/argoproj.io_applications_crd.yaml b/charts/argocd-operator/crds/argoproj.io_applications_crd.yaml new file mode 100644 index 00000000..74364ae4 --- /dev/null +++ b/charts/argocd-operator/crds/argoproj.io_applications_crd.yaml @@ -0,0 +1,1760 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: applications.argoproj.io + app.kubernetes.io/part-of: argocd + name: applications.argoproj.io +spec: + group: argoproj.io + names: + kind: Application + listKind: ApplicationList + plural: applications + shortNames: + - app + - apps + singular: application + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.sync.status + name: Sync Status + type: string + - jsonPath: .status.health.status + name: Health Status + type: string + - jsonPath: .status.sync.revision + name: Revision + priority: 10 + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Application is a definition of Application resource. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + operation: + description: Operation contains information about a requested or running operation + properties: + info: + description: Info is a list of informational items for this operation + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + initiatedBy: + description: InitiatedBy contains information about who initiated the operations + properties: + automated: + description: Automated is set to true if operation was initiated automatically by the application controller. + type: boolean + username: + description: Username contains the name of a user who started operation + type: string + type: object + retry: + description: Retry controls the strategy to apply if a sync fails + properties: + backoff: + description: Backoff controls how to backoff on subsequent retries of failed syncs + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts for retrying a failed sync. If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + sync: + description: Sync contains parameters for the operation + properties: + dryRun: + description: DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync + type: boolean + manifests: + description: Manifests is an optional field that overrides sync source with a local directory for development + items: + type: string + type: array + prune: + description: Prune specifies to delete resources from the cluster that are no longer tracked in git + type: boolean + resources: + description: Resources describes which resources shall be part of the sync + items: + description: SyncOperationResource contains resources to sync. + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + type: array + revision: + description: Revision is the revision (Git) or chart version (Helm) which to sync the application to If omitted, will use the revision specified in app spec. + type: string + source: + description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and is nil during a Sync operation + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm template + items: + description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation + items: + description: HelmParameter is a parameter that's passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: Environment is a ksonnet application environment name + type: string + parameters: + description: Parameters are a list of ksonnet component parameter override values + items: + description: KsonnetParameter is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels to add to rendered manifests + type: object + images: + description: Images is a list of Kustomize image override specifications + items: + description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. + type: string + plugin: + description: ConfigManagementPlugin holds config management plugin specific options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's environment + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncOptions: + description: SyncOptions provide per-sync sync-options, e.g. Validate=false + items: + type: string + type: array + syncStrategy: + description: SyncStrategy describes how to perform the sync + properties: + apply: + description: Apply will perform a `kubectl apply` to perform the sync. + properties: + force: + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. + type: boolean + type: object + hook: + description: Hook will submit any referenced resources to perform the sync. This is the default strategy + properties: + force: + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. + type: boolean + type: object + type: object + type: object + type: object + spec: + description: ApplicationSpec represents desired application state. Contains link to repository with application definition and additional parameters link definition revision. + properties: + destination: + description: Destination is a reference to the target Kubernetes server and namespace + properties: + name: + description: Name is an alternate way of specifying the target cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target namespace for the application's resources. The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list of resources and their fields which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains resource filter and list of json paths which should be ignored during comparison with live state. + properties: + group: + type: string + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - jsonPointers + - kind + type: object + type: array + info: + description: Info contains a list of information (URLs, email addresses, and plain text) that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to the project this application belongs to. The empty string means that application belongs to the 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits the number of items kept in the application's revision history, which is used for informational purposes as well as for rollbacks to previous versions. This should only be changed in exceptional circumstances. Setting to zero will store no history. This will reduce storage used. Increasing will increase the space used to store the history, so we do not recommend increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location of the application's manifests or chart + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm template + items: + description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation + items: + description: HelmParameter is a parameter that's passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: Environment is a ksonnet application environment name + type: string + parameters: + description: Parameters are a list of ksonnet component parameter override values + items: + description: KsonnetParameter is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels to add to rendered manifests + type: object + images: + description: Images is a list of Kustomize image override specifications + items: + description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. + type: string + plugin: + description: ConfigManagementPlugin holds config management plugin specific options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's environment + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when and how a sync will be performed + properties: + automated: + description: Automated will keep an application synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have zero live resources (default: false)' + type: boolean + prune: + description: 'Prune specifies whether to delete resources from the cluster that are not found in the sources anymore as part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal specifes whether to revert resources back to their desired state upon modification in the cluster (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff controls how to backoff on subsequent retries of failed syncs + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts for retrying a failed sync. If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + status: + description: ApplicationStatus contains status information for the application + properties: + conditions: + description: Conditions is a list of currently observed application conditions + items: + description: ApplicationCondition contains details about an application condition, which is usally an error or warning + properties: + lastTransitionTime: + description: LastTransitionTime is the time the condition was last observed + format: date-time + type: string + message: + description: Message contains human-readable message indicating details about condition + type: string + type: + description: Type is an application condition type + type: string + required: + - message + - type + type: object + type: array + health: + description: Health contains information about the application's current health status + properties: + message: + description: Message is a human-readable informational message describing the health status + type: string + status: + description: Status holds the status code of the application or resource + type: string + type: object + history: + description: History contains information about the application's sync history + items: + description: RevisionHistory contains history information about a previous sync + properties: + deployStartedAt: + description: DeployStartedAt holds the time the sync operation started + format: date-time + type: string + deployedAt: + description: DeployedAt holds the time the sync operation completed + format: date-time + type: string + id: + description: ID is an auto incrementing identifier of the RevisionHistory + format: int64 + type: integer + revision: + description: Revision holds the revision the sync was performed against + type: string + source: + description: Source is a reference to the application source used for the sync operation + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm template + items: + description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation + items: + description: HelmParameter is a parameter that's passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: Environment is a ksonnet application environment name + type: string + parameters: + description: Parameters are a list of ksonnet component parameter override values + items: + description: KsonnetParameter is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels to add to rendered manifests + type: object + images: + description: Images is a list of Kustomize image override specifications + items: + description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. + type: string + plugin: + description: ConfigManagementPlugin holds config management plugin specific options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's environment + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + required: + - deployedAt + - id + - revision + type: object + type: array + observedAt: + description: 'ObservedAt indicates when the application state was updated without querying latest git state Deprecated: controller no longer updates ObservedAt field' + format: date-time + type: string + operationState: + description: OperationState contains information about any ongoing operations, such as a sync + properties: + finishedAt: + description: FinishedAt contains time of operation completion + format: date-time + type: string + message: + description: Message holds any pertinent messages when attempting to perform operation (typically errors). + type: string + operation: + description: Operation is the original requested operation + properties: + info: + description: Info is a list of informational items for this operation + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + initiatedBy: + description: InitiatedBy contains information about who initiated the operations + properties: + automated: + description: Automated is set to true if operation was initiated automatically by the application controller. + type: boolean + username: + description: Username contains the name of a user who started operation + type: string + type: object + retry: + description: Retry controls the strategy to apply if a sync fails + properties: + backoff: + description: Backoff controls how to backoff on subsequent retries of failed syncs + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts for retrying a failed sync. If set to 0, no retries will be performed. + format: int64 + type: integer + type: object + sync: + description: Sync contains parameters for the operation + properties: + dryRun: + description: DryRun specifies to perform a `kubectl apply --dry-run` without actually performing the sync + type: boolean + manifests: + description: Manifests is an optional field that overrides sync source with a local directory for development + items: + type: string + type: array + prune: + description: Prune specifies to delete resources from the cluster that are no longer tracked in git + type: boolean + resources: + description: Resources describes which resources shall be part of the sync + items: + description: SyncOperationResource contains resources to sync. + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + type: array + revision: + description: Revision is the revision (Git) or chart version (Helm) which to sync the application to If omitted, will use the revision specified in app spec. + type: string + source: + description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and is nil during a Sync operation + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm template + items: + description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation + items: + description: HelmParameter is a parameter that's passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: Environment is a ksonnet application environment name + type: string + parameters: + description: Parameters are a list of ksonnet component parameter override values + items: + description: KsonnetParameter is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels to add to rendered manifests + type: object + images: + description: Images is a list of Kustomize image override specifications + items: + description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. + type: string + plugin: + description: ConfigManagementPlugin holds config management plugin specific options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's environment + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + syncOptions: + description: SyncOptions provide per-sync sync-options, e.g. Validate=false + items: + type: string + type: array + syncStrategy: + description: SyncStrategy describes how to perform the sync + properties: + apply: + description: Apply will perform a `kubectl apply` to perform the sync. + properties: + force: + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. + type: boolean + type: object + hook: + description: Hook will submit any referenced resources to perform the sync. This is the default strategy + properties: + force: + description: Force indicates whether or not to supply the --force flag to `kubectl apply`. The --force flag deletes and re-create the resource, when PATCH encounters conflict and has retried for 5 times. + type: boolean + type: object + type: object + type: object + type: object + phase: + description: Phase is the current phase of the operation + type: string + retryCount: + description: RetryCount contains time of operation retries + format: int64 + type: integer + startedAt: + description: StartedAt contains time of operation start + format: date-time + type: string + syncResult: + description: SyncResult is the result of a Sync operation + properties: + resources: + description: Resources contains a list of sync result items for each individual resource in a sync operation + items: + description: ResourceResult holds the operation result details of a specific resource + properties: + group: + description: Group specifies the API group of the resource + type: string + hookPhase: + description: HookPhase contains the state of any operation associated with this resource OR hook This can also contain values for non-hook resources. + type: string + hookType: + description: HookType specifies the type of the hook. Empty for non-hook resources + type: string + kind: + description: Kind specifies the API kind of the resource + type: string + message: + description: Message contains an informational or error message for the last sync OR operation + type: string + name: + description: Name specifies the name of the resource + type: string + namespace: + description: Namespace specifies the target namespace of the resource + type: string + status: + description: Status holds the final result of the sync. Will be empty if the resources is yet to be applied/pruned and is always zero-value for hooks + type: string + syncPhase: + description: SyncPhase indicates the particular phase of the sync that this result was acquired in + type: string + version: + description: Version specifies the API version of the resource + type: string + required: + - group + - kind + - name + - namespace + - version + type: object + type: array + revision: + description: Revision holds the revision this sync operation was performed to + type: string + source: + description: Source records the application source information of the sync, used for comparing auto-sync + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm template + items: + description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation + items: + description: HelmParameter is a parameter that's passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: Environment is a ksonnet application environment name + type: string + parameters: + description: Parameters are a list of ksonnet component parameter override values + items: + description: KsonnetParameter is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels to add to rendered manifests + type: object + images: + description: Images is a list of Kustomize image override specifications + items: + description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. + type: string + plugin: + description: ConfigManagementPlugin holds config management plugin specific options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's environment + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + required: + - revision + type: object + required: + - operation + - phase + - startedAt + type: object + reconciledAt: + description: ReconciledAt indicates when the application state was reconciled using the latest git version + format: date-time + type: string + resources: + description: Resources is a list of Kubernetes resources managed by this application + items: + description: 'ResourceStatus holds the current sync and health status of a resource TODO: describe members of this type' + properties: + group: + type: string + health: + description: HealthStatus contains information about the currently observed health state of an application or resource + properties: + message: + description: Message is a human-readable informational message describing the health status + type: string + status: + description: Status holds the status code of the application or resource + type: string + type: object + hook: + type: boolean + kind: + type: string + name: + type: string + namespace: + type: string + requiresPruning: + type: boolean + status: + description: SyncStatusCode is a type which represents possible comparison results + type: string + version: + type: string + type: object + type: array + sourceType: + description: SourceType specifies the type of this application + type: string + summary: + description: Summary contains a list of URLs and container images used by this application + properties: + externalURLs: + description: ExternalURLs holds all external URLs of application child resources. + items: + type: string + type: array + images: + description: Images holds all images of application child resources. + items: + type: string + type: array + type: object + sync: + description: Sync contains information about the application's current sync status + properties: + comparedTo: + description: ComparedTo contains information about what has been compared + properties: + destination: + description: Destination is a reference to the application's destination used for comparison + properties: + name: + description: Name is an alternate way of specifying the target cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target namespace for the application's resources. The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API + type: string + type: object + source: + description: Source is a reference to the application's source used for comparison + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should be explicitly excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm template + items: + description: HelmFileParameter is a file parameter that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm parameter + type: string + type: object + type: array + parameters: + description: Parameters is a list of Helm parameters which are passed to the helm template command upon manifest generation + items: + description: HelmParameter is a parameter that's passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating (either "2" or "3") + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: Environment is a ksonnet application environment name + type: string + parameters: + description: Parameters are a list of ksonnet component parameter override values + items: + description: KsonnetParameter is a ksonnet component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels to add to rendered manifests + type: object + images: + description: Images is a list of Kustomize image override specifications + items: + description: KustomizeImage represents a Kustomize image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, and is only valid for applications sourced from Git. + type: string + plugin: + description: ConfigManagementPlugin holds config management plugin specific options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's environment + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source to sync the application to. In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. In case of Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + required: + - destination + - source + type: object + revision: + description: Revision contains information about the revision the comparison has been performed to + type: string + status: + description: Status is the sync state of the comparison + type: string + required: + - status + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: {} diff --git a/charts/argocd-operator/crds/argoproj.io_applicationsets.yaml b/charts/argocd-operator/crds/argoproj.io_applicationsets.yaml new file mode 100644 index 00000000..eec1d396 --- /dev/null +++ b/charts/argocd-operator/crds/argoproj.io_applicationsets.yaml @@ -0,0 +1,1741 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.3.0 + creationTimestamp: null + name: applicationsets.argoproj.io +spec: + group: argoproj.io + names: + kind: ApplicationSet + listKind: ApplicationSetList + plural: applicationsets + singular: applicationset + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ApplicationSet is a set of Application resources + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ApplicationSetSpec represents a class of application set + state. + properties: + generators: + items: + description: ApplicationSetGenerator include list item info + properties: + clusters: + description: ClusterGenerator defines a generator to match against + clusters registered with ArgoCD. + properties: + selector: + description: Selector defines a label selector to match + against all clusters registered with ArgoCD. Clusters + today are stored as Kubernetes Secrets, thus the Secret + labels will be used for matching the selector. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the + Argo CD application fields that may be used for Applications + generated from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application + state. Contains link to repository with application + definition and additional parameters link definition + revision. + properties: + destination: + description: Destination overrides the kubernetes + server and namespace defined in the environment + ksonnet app.yaml + properties: + name: + description: Name of the destination cluster + which can be used instead of server (url) + field + type: string + namespace: + description: Namespace overrides the environment + namespace value in the ksonnet app.yaml + type: string + server: + description: Server overrides the environment + server value in the ksonnet app.yaml + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences controls resources + fields which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains + resource filter and list of json paths which + should be ignored during comparison with live + state. + properties: + group: + type: string + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - jsonPointers + - kind + type: object + type: array + info: + description: Infos contains a list of useful information + (URLs, email addresses, and plain text) that relates + to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a application project name. + Empty name means that application belongs to 'default' + project. + type: string + revisionHistoryLimit: + description: This limits this number of items kept + in the apps revision history. This should only + be changed in exceptional circumstances. Setting + to zero will store no history. This will reduce + storage used. Increasing will increase the space + used to store the history, so we do not recommend + increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location + ksonnet application definition + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + type: string + jsonnet: + description: ApplicationSourceJsonnet holds + jsonnet specific options + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar is a jsonnet + variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search + dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet + Top-level Arguments + items: + description: JsonnetVar is a jsonnet + variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file + parameter to a helm template + properties: + name: + description: Name is the name of the + helm parameter + type: string + path: + description: Path is the path value + for the helm parameter + type: string + type: object + type: array + parameters: + description: Parameters are parameters to + the helm template + items: + description: HelmParameter is a parameter + to a helm template + properties: + forceString: + description: ForceString determines + whether to tell Helm to interpret + booleans and numbers as strings + type: boolean + name: + description: Name is the name of the + helm parameter + type: string + value: + description: Value is the value for + the helm parameter + type: string + type: object + type: array + releaseName: + description: The Helm release name. If omitted + it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm + value files to use when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically + defined as a block + type: string + version: + description: Version is the Helm version + to use for templating with + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific + options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet + component parameter override values + items: + description: KsonnetParameter is a ksonnet + component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations adds additional + kustomize commonAnnotations + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional + kustomize commonLabels + type: object + images: + description: Images are kustomize image + overrides + items: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for kustomize apps + type: string + version: + description: Version contains optional Kustomize + version + type: string + type: object + path: + description: Path is a directory path within + the Git repository + type: string + plugin: + description: ConfigManagementPlugin holds config + management plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of + the application manifests + type: string + targetRevision: + description: TargetRevision defines the commit, + tag, or branch in which to sync the application + to. If omitted, will sync to HEAD + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when a sync will + be performed + properties: + automated: + description: Automated will keep an application + synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have + zero live resources (default: false)' + type: boolean + prune: + description: 'Prune will prune resources + automatically as part of automated sync + (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal enables auto-syncing + if (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry + behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount + to back off. Default unit is seconds, + but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply + the base duration after each failed + retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum + amount of time allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum number + of attempts when retrying a container + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole + app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + description: Values contains key/value pairs which are passed + directly as parameters to the template + type: object + type: object + git: + properties: + directories: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the + Argo CD application fields that may be used for Applications + generated from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application + state. Contains link to repository with application + definition and additional parameters link definition + revision. + properties: + destination: + description: Destination overrides the kubernetes + server and namespace defined in the environment + ksonnet app.yaml + properties: + name: + description: Name of the destination cluster + which can be used instead of server (url) + field + type: string + namespace: + description: Namespace overrides the environment + namespace value in the ksonnet app.yaml + type: string + server: + description: Server overrides the environment + server value in the ksonnet app.yaml + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences controls resources + fields which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains + resource filter and list of json paths which + should be ignored during comparison with live + state. + properties: + group: + type: string + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - jsonPointers + - kind + type: object + type: array + info: + description: Infos contains a list of useful information + (URLs, email addresses, and plain text) that relates + to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a application project name. + Empty name means that application belongs to 'default' + project. + type: string + revisionHistoryLimit: + description: This limits this number of items kept + in the apps revision history. This should only + be changed in exceptional circumstances. Setting + to zero will store no history. This will reduce + storage used. Increasing will increase the space + used to store the history, so we do not recommend + increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location + ksonnet application definition + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + type: string + jsonnet: + description: ApplicationSourceJsonnet holds + jsonnet specific options + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar is a jsonnet + variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search + dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet + Top-level Arguments + items: + description: JsonnetVar is a jsonnet + variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file + parameter to a helm template + properties: + name: + description: Name is the name of the + helm parameter + type: string + path: + description: Path is the path value + for the helm parameter + type: string + type: object + type: array + parameters: + description: Parameters are parameters to + the helm template + items: + description: HelmParameter is a parameter + to a helm template + properties: + forceString: + description: ForceString determines + whether to tell Helm to interpret + booleans and numbers as strings + type: boolean + name: + description: Name is the name of the + helm parameter + type: string + value: + description: Value is the value for + the helm parameter + type: string + type: object + type: array + releaseName: + description: The Helm release name. If omitted + it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm + value files to use when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically + defined as a block + type: string + version: + description: Version is the Helm version + to use for templating with + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific + options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet + component parameter override values + items: + description: KsonnetParameter is a ksonnet + component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations adds additional + kustomize commonAnnotations + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional + kustomize commonLabels + type: object + images: + description: Images are kustomize image + overrides + items: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for kustomize apps + type: string + version: + description: Version contains optional Kustomize + version + type: string + type: object + path: + description: Path is a directory path within + the Git repository + type: string + plugin: + description: ConfigManagementPlugin holds config + management plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of + the application manifests + type: string + targetRevision: + description: TargetRevision defines the commit, + tag, or branch in which to sync the application + to. If omitted, will sync to HEAD + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when a sync will + be performed + properties: + automated: + description: Automated will keep an application + synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have + zero live resources (default: false)' + type: boolean + prune: + description: 'Prune will prune resources + automatically as part of automated sync + (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal enables auto-syncing + if (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry + behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount + to back off. Default unit is seconds, + but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply + the base duration after each failed + retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum + amount of time allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum number + of attempts when retrying a container + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole + app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - repoURL + - revision + type: object + list: + description: ListGenerator include items info + properties: + elements: + items: + description: ListGeneratorElement include cluster and + url info + properties: + cluster: + type: string + url: + type: string + values: + additionalProperties: + type: string + description: Values contains key/value pairs which + are passed directly as parameters to the template + type: object + required: + - cluster + - url + type: object + type: array + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the + Argo CD application fields that may be used for Applications + generated from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application + state. Contains link to repository with application + definition and additional parameters link definition + revision. + properties: + destination: + description: Destination overrides the kubernetes + server and namespace defined in the environment + ksonnet app.yaml + properties: + name: + description: Name of the destination cluster + which can be used instead of server (url) + field + type: string + namespace: + description: Namespace overrides the environment + namespace value in the ksonnet app.yaml + type: string + server: + description: Server overrides the environment + server value in the ksonnet app.yaml + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences controls resources + fields which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains + resource filter and list of json paths which + should be ignored during comparison with live + state. + properties: + group: + type: string + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - jsonPointers + - kind + type: object + type: array + info: + description: Infos contains a list of useful information + (URLs, email addresses, and plain text) that relates + to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a application project name. + Empty name means that application belongs to 'default' + project. + type: string + revisionHistoryLimit: + description: This limits this number of items kept + in the apps revision history. This should only + be changed in exceptional circumstances. Setting + to zero will store no history. This will reduce + storage used. Increasing will increase the space + used to store the history, so we do not recommend + increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location + ksonnet application definition + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory + specific options + properties: + exclude: + type: string + jsonnet: + description: ApplicationSourceJsonnet holds + jsonnet specific options + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar is a jsonnet + variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search + dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet + Top-level Arguments + items: + description: JsonnetVar is a jsonnet + variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file + parameter to a helm template + properties: + name: + description: Name is the name of the + helm parameter + type: string + path: + description: Path is the path value + for the helm parameter + type: string + type: object + type: array + parameters: + description: Parameters are parameters to + the helm template + items: + description: HelmParameter is a parameter + to a helm template + properties: + forceString: + description: ForceString determines + whether to tell Helm to interpret + booleans and numbers as strings + type: boolean + name: + description: Name is the name of the + helm parameter + type: string + value: + description: Value is the value for + the helm parameter + type: string + type: object + type: array + releaseName: + description: The Helm release name. If omitted + it will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm + value files to use when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically + defined as a block + type: string + version: + description: Version is the Helm version + to use for templating with + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific + options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet + component parameter override values + items: + description: KsonnetParameter is a ksonnet + component parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations adds additional + kustomize commonAnnotations + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional + kustomize commonLabels + type: object + images: + description: Images are kustomize image + overrides + items: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for kustomize apps + type: string + version: + description: Version contains optional Kustomize + version + type: string + type: object + path: + description: Path is a directory path within + the Git repository + type: string + plugin: + description: ConfigManagementPlugin holds config + management plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of + the application manifests + type: string + targetRevision: + description: TargetRevision defines the commit, + tag, or branch in which to sync the application + to. If omitted, will sync to HEAD + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when a sync will + be performed + properties: + automated: + description: Automated will keep an application + synced to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have + zero live resources (default: false)' + type: boolean + prune: + description: 'Prune will prune resources + automatically as part of automated sync + (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal enables auto-syncing + if (default: false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry + behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount + to back off. Default unit is seconds, + but could also be a duration (e.g. + "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply + the base duration after each failed + retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum + amount of time allowed for the backoff + strategy + type: string + type: object + limit: + description: Limit is the maximum number + of attempts when retrying a container + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole + app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + type: object + type: array + syncPolicy: + description: ApplicationSetSyncPolicy configures how generated Applications + will relate to their ApplicationSet. + properties: + skipPrune: + description: SkipPrune will disable the default behavior which + will delete Applications that are no longer being generated + for the ApplicationSet which created them, or the ApplicationSet + itself is deleted. If SkipPrune is set to true, these Applications + will be orphaned but continue to exist. + type: boolean + type: object + template: + description: ApplicationSetTemplate represents argocd ApplicationSpec + properties: + metadata: + description: ApplicationSetTemplateMeta represents the Argo CD + application fields that may be used for Applications generated + from the ApplicationSet (based on metav1.ObjectMeta) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: ApplicationSpec represents desired application state. + Contains link to repository with application definition and + additional parameters link definition revision. + properties: + destination: + description: Destination overrides the kubernetes server and + namespace defined in the environment ksonnet app.yaml + properties: + name: + description: Name of the destination cluster which can + be used instead of server (url) field + type: string + namespace: + description: Namespace overrides the environment namespace + value in the ksonnet app.yaml + type: string + server: + description: Server overrides the environment server value + in the ksonnet app.yaml + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences controls resources fields which + should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains resource + filter and list of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + required: + - jsonPointers + - kind + type: object + type: array + info: + description: Infos contains a list of useful information (URLs, + email addresses, and plain text) that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a application project name. Empty + name means that application belongs to 'default' project. + type: string + revisionHistoryLimit: + description: This limits this number of items kept in the + apps revision history. This should only be changed in exceptional + circumstances. Setting to zero will store no history. This + will reduce storage used. Increasing will increase the space + used to store the history, so we do not recommend increasing + it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location ksonnet + application definition + properties: + chart: + description: Chart is a Helm chart name + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + type: string + jsonnet: + description: ApplicationSourceJsonnet holds jsonnet + specific options + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar is a jsonnet variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar is a jsonnet variable + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + to a helm template + properties: + name: + description: Name is the name of the helm parameter + type: string + path: + description: Path is the path value for the + helm parameter + type: string + type: object + type: array + parameters: + description: Parameters are parameters to the helm + template + items: + description: HelmParameter is a parameter to a helm + template + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the helm parameter + type: string + value: + description: Value is the value for the helm + parameter + type: string + type: object + type: array + releaseName: + description: The Helm release name. If omitted it + will use the application name + type: string + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values is Helm values, typically defined + as a block + type: string + version: + description: Version is the Helm version to use for + templating with + type: string + type: object + ksonnet: + description: Ksonnet holds ksonnet specific options + properties: + environment: + description: Environment is a ksonnet application + environment name + type: string + parameters: + description: Parameters are a list of ksonnet component + parameter override values + items: + description: KsonnetParameter is a ksonnet component + parameter + properties: + component: + type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations adds additional kustomize + commonAnnotations + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels adds additional kustomize + commonLabels + type: object + images: + description: Images are kustomize image overrides + items: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for kustomize apps + type: string + version: + description: Version contains optional Kustomize version + type: string + type: object + path: + description: Path is a directory path within the Git repository + type: string + plugin: + description: ConfigManagementPlugin holds config management + plugin specific options + properties: + env: + items: + properties: + name: + description: the name, usually uppercase + type: string + value: + description: the value + type: string + required: + - name + - value + type: object + type: array + name: + type: string + type: object + repoURL: + description: RepoURL is the repository URL of the application + manifests + type: string + targetRevision: + description: TargetRevision defines the commit, tag, or + branch in which to sync the application to. If omitted, + will sync to HEAD + type: string + required: + - repoURL + type: object + syncPolicy: + description: SyncPolicy controls when a sync will be performed + properties: + automated: + description: Automated will keep an application synced + to the target revision + properties: + allowEmpty: + description: 'AllowEmpty allows apps have zero live + resources (default: false)' + type: boolean + prune: + description: 'Prune will prune resources automatically + as part of automated sync (default: false)' + type: boolean + selfHeal: + description: 'SelfHeal enables auto-syncing if (default: + false)' + type: boolean + type: object + retry: + description: Retry controls failed sync retry behavior + properties: + backoff: + description: Backoff is a backoff strategy + properties: + duration: + description: Duration is the amount to back off. + Default unit is seconds, but could also be a + duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the + base duration after each failed retry + format: int64 + type: integer + maxDuration: + description: MaxDuration is the maximum amount + of time allowed for the backoff strategy + type: string + type: object + limit: + description: Limit is the maximum number of attempts + when retrying a container + format: int64 + type: integer + type: object + syncOptions: + description: Options allow you to specify whole app sync-options + items: + type: string + type: array + type: object + required: + - destination + - project + - source + type: object + required: + - metadata + - spec + type: object + required: + - generators + - template + type: object + status: + description: ApplicationSetStatus defines the observed state of ApplicationSet + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/argocd-operator/crds/argoproj.io_appprojects_crd.yaml b/charts/argocd-operator/crds/argoproj.io_appprojects_crd.yaml new file mode 100644 index 00000000..7bb09652 --- /dev/null +++ b/charts/argocd-operator/crds/argoproj.io_appprojects_crd.yaml @@ -0,0 +1,257 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: appprojects.argoproj.io + app.kubernetes.io/part-of: argocd + name: appprojects.argoproj.io +spec: + group: argoproj.io + names: + kind: AppProject + listKind: AppProjectList + plural: appprojects + shortNames: + - appproj + - appprojs + singular: appproject + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AppProjectSpec is the specification of an AppProject + properties: + clusterResourceBlacklist: + description: ClusterResourceBlacklist contains list of blacklisted cluster level resources + items: + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + clusterResourceWhitelist: + description: ClusterResourceWhitelist contains list of whitelisted cluster level resources + items: + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + description: + description: Description contains optional project description + type: string + destinations: + description: Destinations contains list of destinations available for deployment + items: + description: ApplicationDestination holds information about the application's destination + properties: + name: + description: Name is an alternate way of specifying the target cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target namespace for the application's resources. The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster and must be set to the Kubernetes control plane API + type: string + type: object + type: array + namespaceResourceBlacklist: + description: NamespaceResourceBlacklist contains list of blacklisted namespace level resources + items: + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + namespaceResourceWhitelist: + description: NamespaceResourceWhitelist contains list of whitelisted namespace level resources + items: + description: GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying concepts during lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + orphanedResources: + description: OrphanedResources specifies if controller should monitor orphaned resources of apps in this project + properties: + ignore: + description: Ignore contains a list of resources that are to be excluded from orphaned resources monitoring + items: + description: OrphanedResourceKey is a reference to a resource to be ignored from + properties: + group: + type: string + kind: + type: string + name: + type: string + type: object + type: array + warn: + description: Warn indicates if warning condition should be created for apps which have orphaned resources + type: boolean + type: object + roles: + description: Roles are user defined RBAC roles associated with this project + items: + description: ProjectRole represents a role that has access to a project + properties: + description: + description: Description is a description of the role + type: string + groups: + description: Groups are a list of OIDC group claims bound to this role + items: + type: string + type: array + jwtTokens: + description: JWTTokens are a list of generated JWT tokens bound to this role + items: + description: JWTToken holds the issuedAt and expiresAt values of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + name: + description: Name is a name for this role + type: string + policies: + description: Policies Stores a list of casbin formated strings that define access policies for the role in the project + items: + type: string + type: array + required: + - name + type: object + type: array + signatureKeys: + description: SignatureKeys contains a list of PGP key IDs that commits in Git must be signed with in order to be allowed for sync + items: + description: SignatureKey is the specification of a key required to verify commit signatures with + properties: + keyID: + description: The ID of the key in hexadecimal notation + type: string + required: + - keyID + type: object + type: array + sourceRepos: + description: SourceRepos contains list of repository URLs which can be used for deployment + items: + type: string + type: array + syncWindows: + description: SyncWindows controls when syncs can be run for apps in this project + items: + description: SyncWindow contains the kind, time, duration and attributes that are used to assign the syncWindows to apps + properties: + applications: + description: Applications contains a list of applications that the window will apply to + items: + type: string + type: array + clusters: + description: Clusters contains a list of clusters that the window will apply to + items: + type: string + type: array + duration: + description: Duration is the amount of time the sync window will be open + type: string + kind: + description: Kind defines if the window allows or blocks syncs + type: string + manualSync: + description: ManualSync enables manual syncs when they would otherwise be blocked + type: boolean + namespaces: + description: Namespaces contains a list of namespaces that the window will apply to + items: + type: string + type: array + schedule: + description: Schedule is the time the window will begin, specified in cron format + type: string + type: object + type: array + type: object + status: + description: AppProjectStatus contains status information for AppProject CRs + properties: + jwtTokensByRole: + additionalProperties: + description: JWTTokens represents a list of JWT tokens + properties: + items: + items: + description: JWTToken holds the issuedAt and expiresAt values of a token + properties: + exp: + format: int64 + type: integer + iat: + format: int64 + type: integer + id: + type: string + required: + - iat + type: object + type: array + type: object + description: JWTTokensByRole contains a list of JWT tokens issued for a given role + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true diff --git a/charts/argocd-operator/crds/argoproj.io_argocdexports_crd.yaml b/charts/argocd-operator/crds/argoproj.io_argocdexports_crd.yaml new file mode 100644 index 00000000..1bf94b6c --- /dev/null +++ b/charts/argocd-operator/crds/argoproj.io_argocdexports_crd.yaml @@ -0,0 +1,219 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.1 + creationTimestamp: null + name: argocdexports.argoproj.io +spec: + group: argoproj.io + names: + kind: ArgoCDExport + listKind: ArgoCDExportList + plural: argocdexports + singular: argocdexport + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ArgoCDExport is the Schema for the argocdexports API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ArgoCDExportSpec defines the desired state of ArgoCDExport + properties: + argocd: + description: Argocd is the name of the ArgoCD instance to export. + type: string + image: + description: Image is the container image to use for the export Job. + type: string + schedule: + description: Schedule in Cron format, see https://en.wikipedia.org/wiki/Cron. + type: string + storage: + description: Storage defines the storage configuration options. + properties: + backend: + description: Backend defines the storage backend to use, must + be "local" (the default), "aws", "azure" or "gcp". + type: string + pvc: + description: PVC is the desired characteristics for a PersistentVolumeClaim. + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'This field can be used to specify either: * + An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) * An existing + custom resource that implements data population (Alpha) + In order to use custom resource types that implement data + population, the AnyVolumeDataSource feature gate must be + enabled. If the provisioner or an external controller can + support the specified data source, it will create a new + volume based on the contents of the specified data source.' + properties: + apiGroup: + description: APIGroup is the group for the resource being + referenced. If APIGroup is not specified, the specified + Kind must be in the core API group. For any other third-party + types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + resources: + description: 'Resources represents the minimum resources the + volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: A label query over volumes to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not included + in claim spec. + type: string + volumeName: + description: VolumeName is the binding reference to the PersistentVolume + backing this claim. + type: string + type: object + secretName: + description: SecretName is the name of a Secret with encryption + key, credentials, etc. + type: string + type: object + version: + description: Version is the tag/digest to use for the export Job container + image. + type: string + required: + - argocd + type: object + status: + description: ArgoCDExportStatus defines the observed state of ArgoCDExport + properties: + phase: + description: 'Phase is a simple, high-level summary of where the ArgoCDExport + is in its lifecycle. There are five possible phase values: Pending: + The ArgoCDExport has been accepted by the Kubernetes system, but + one or more of the required resources have not been created. Running: + All of the containers for the ArgoCDExport are still running, or + in the process of starting or restarting. Succeeded: All containers + for the ArgoCDExport have terminated in success, and will not be + restarted. Failed: At least one container has terminated in failure, + either exited with non-zero status or was terminated by the system. + Unknown: For some reason the state of the ArgoCDExport could not + be obtained.' + type: string + required: + - phase + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/argocd-operator/crds/argoproj.io_argocds_crd.yaml b/charts/argocd-operator/crds/argoproj.io_argocds_crd.yaml new file mode 100644 index 00000000..b562ee51 --- /dev/null +++ b/charts/argocd-operator/crds/argoproj.io_argocds_crd.yaml @@ -0,0 +1,1236 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.1 + creationTimestamp: null + name: argocds.argoproj.io +spec: + group: argoproj.io + names: + kind: ArgoCD + listKind: ArgoCDList + plural: argocds + singular: argocd + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ArgoCD is the Schema for the argocds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ArgoCDSpec defines the desired state of ArgoCD + properties: + applicationInstanceLabelKey: + description: ApplicationInstanceLabelKey is the key name where Argo + CD injects the app name as a tracking label. + type: string + applicationSet: + description: ArgoCDApplicationSet defines whether the Argo CD ApplicationSet + controller should be installed. + properties: + image: + description: Image is the Argo CD ApplicationSet image (optional) + type: string + logLevel: + description: LogLevel describes the log level that should be used + by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel + if not set. Valid options are debug,info, error, and warn. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for ApplicationSet. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + version: + description: Version is the Argo CD ApplicationSet image tag. + (optional) + type: string + type: object + configManagementPlugins: + description: ConfigManagementPlugins is used to specify additional + config management plugins. + type: string + controller: + description: Controller defines the Application Controller options + for ArgoCD. + properties: + appSync: + description: "AppSync is used to control the sync frequency, by + default the ArgoCD controller polls Git every 3m by default. + \n Set this to a duration, e.g. 10m or 600s to control the synchronisation + frequency." + type: string + logLevel: + description: LogLevel refers to the log level used by the Application + Controller component. Defaults to ArgoCDDefaultLogLevel if not + configured. Valid options are debug, info, error, and warn. + type: string + processors: + description: Processors contains the options for the Application + Controller processors. + properties: + operation: + description: Operation is the number of application operation + processors. + format: int32 + type: integer + status: + description: Status is the number of application status processors. + format: int32 + type: integer + type: object + resources: + description: Resources defines the Compute Resources required + by the container for the Application Controller. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + sharding: + description: Sharding contains the options for the Application + Controller sharding configuration. + properties: + enabled: + description: Enabled defines whether sharding should be enabled + on the Application Controller component. + type: boolean + replicas: + description: Replicas defines the number of replicas to run + in the Application controller shard. + format: int32 + type: integer + type: object + type: object + dex: + description: Dex defines the Dex server options for ArgoCD. + properties: + config: + description: Config is the dex connector configuration. + type: string + image: + description: Image is the Dex container image. + type: string + openShiftOAuth: + description: OpenShiftOAuth enables OpenShift OAuth authentication + for the Dex server. + type: boolean + resources: + description: Resources defines the Compute Resources required + by the container for Dex. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + version: + description: Version is the Dex container image tag. + type: string + type: object + disableAdmin: + description: DisableAdmin will disable the admin user. + type: boolean + gaAnonymizeUsers: + description: GAAnonymizeUsers toggles user IDs being hashed before + sending to google analytics. + type: boolean + gaTrackingID: + description: GATrackingID is the google analytics tracking ID to use. + type: string + grafana: + description: Grafana defines the Grafana server options for ArgoCD. + properties: + enabled: + description: Enabled will toggle Grafana support globally for + ArgoCD. + type: boolean + host: + description: Host is the hostname to use for Ingress/Route resources. + type: string + image: + description: Image is the Grafana container image. + type: string + ingress: + description: Ingress defines the desired state for an Ingress + for the Grafana component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to apply + to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress only + supports a single TLS port, 443. If multiple members of + this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified through + the SNI TLS extension, if the ingress controller fulfilling + the ingress supports SNI. + items: + description: IngressTLS describes the transport layer security + associated with an Ingress. + properties: + hosts: + description: Hosts are a list of hosts included in the + TLS certificate. The values in this list must match + the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller + fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + secretName: + description: SecretName is the name of the secret used + to terminate SSL traffic on 443. Field is left optional + to allow SSL routing based on SNI hostname alone. + If the SNI host in a listener conflicts with the "Host" + header field used by an IngressRule, the SNI host + is used for termination and value of the Host header + is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + resources: + description: Resources defines the Compute Resources required + by the container for Grafana. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + route: + description: Route defines the desired state for an OpenShift + Route for the Grafana component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to use + for the Route resource. + type: object + enabled: + description: Enabled will toggle the creation of the OpenShift + Route. + type: boolean + labels: + additionalProperties: + type: string + description: Labels is the map of labels to use for the Route + resource + type: object + path: + description: Path the router watches for, to route traffic + for to the service. + type: string + tls: + description: TLS provides the ability to configure certificates + and termination for the Route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents + of the ca certificate of the final destination. When + using reencrypt termination this file should be provided + in order to have routers use it for health checks on + the secure connection. If this field is not specified, + the router may provide its own destination CA and perform + hostname validation using the short service name (service.namespace.svc), + which allows infrastructure generated certificates to + automatically verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to a route. + While each router may make its own decisions on which + ports to expose, this is normally port 80. \n * Allow + - traffic is sent to the server on the insecure port + (default) * Disable - no traffic is allowed on the insecure + port. * Redirect - clients are redirected to the secure + port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: termination indicates termination type. + type: string + required: + - termination + type: object + wildcardPolicy: + description: WildcardPolicy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + type: string + required: + - enabled + type: object + size: + description: Size is the replica count for the Grafana Deployment. + format: int32 + type: integer + version: + description: Version is the Grafana container image tag. + type: string + required: + - enabled + type: object + ha: + description: HA options for High Availability support for the Redis + component. + properties: + enabled: + description: Enabled will toggle HA support globally for Argo + CD. + type: boolean + redisProxyImage: + description: RedisProxyImage is the Redis HAProxy container image. + type: string + redisProxyVersion: + description: RedisProxyVersion is the Redis HAProxy container + image tag. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for HA. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + required: + - enabled + type: object + helpChatText: + description: HelpChatText is the text for getting chat help, defaults + to "Chat now!" + type: string + helpChatURL: + description: HelpChatURL is the URL for getting chat help, this will + typically be your Slack channel for support. + type: string + image: + description: Image is the ArgoCD container image for all ArgoCD components. + type: string + import: + description: Import is the import/restore options for ArgoCD. + properties: + name: + description: Name of an ArgoCDExport from which to import data. + type: string + namespace: + description: Namespace for the ArgoCDExport, defaults to the same + namespace as the ArgoCD. + type: string + required: + - name + type: object + initialRepositories: + description: InitialRepositories to configure Argo CD with upon creation + of the cluster. + type: string + initialSSHKnownHosts: + description: InitialSSHKnownHosts defines the SSH known hosts data + upon creation of the cluster for connecting Git repositories via + SSH. + properties: + excludedefaulthosts: + description: ExcludeDefaultHosts describes whether you would like + to include the default list of SSH Known Hosts provided by ArgoCD. + type: boolean + keys: + description: Keys describes a custom set of SSH Known Hosts that + you would like to have included in your ArgoCD server. + type: string + type: object + kustomizeBuildOptions: + description: KustomizeBuildOptions is used to specify build options/parameters + to use with `kustomize build`. + type: string + kustomizeVersions: + description: KustomizeVersions is a listing of configured versions + of Kustomize to be made available within ArgoCD. + items: + description: KustomizeVersionSpec is used to specify information + about a kustomize version to be used within ArgoCD. + properties: + path: + description: Path is the path to a configured kustomize version + on the filesystem of your repo server. + type: string + version: + description: Version is a configured kustomize version in the + format of vX.Y.Z + type: string + type: object + type: array + oidcConfig: + description: OIDCConfig is the OIDC configuration as an alternative + to dex. + type: string + prometheus: + description: Prometheus defines the Prometheus server options for + ArgoCD. + properties: + enabled: + description: Enabled will toggle Prometheus support globally for + ArgoCD. + type: boolean + host: + description: Host is the hostname to use for Ingress/Route resources. + type: string + ingress: + description: Ingress defines the desired state for an Ingress + for the Prometheus component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to apply + to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress only + supports a single TLS port, 443. If multiple members of + this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified through + the SNI TLS extension, if the ingress controller fulfilling + the ingress supports SNI. + items: + description: IngressTLS describes the transport layer security + associated with an Ingress. + properties: + hosts: + description: Hosts are a list of hosts included in the + TLS certificate. The values in this list must match + the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller + fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + secretName: + description: SecretName is the name of the secret used + to terminate SSL traffic on 443. Field is left optional + to allow SSL routing based on SNI hostname alone. + If the SNI host in a listener conflicts with the "Host" + header field used by an IngressRule, the SNI host + is used for termination and value of the Host header + is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + route: + description: Route defines the desired state for an OpenShift + Route for the Prometheus component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to use + for the Route resource. + type: object + enabled: + description: Enabled will toggle the creation of the OpenShift + Route. + type: boolean + labels: + additionalProperties: + type: string + description: Labels is the map of labels to use for the Route + resource + type: object + path: + description: Path the router watches for, to route traffic + for to the service. + type: string + tls: + description: TLS provides the ability to configure certificates + and termination for the Route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents + of the ca certificate of the final destination. When + using reencrypt termination this file should be provided + in order to have routers use it for health checks on + the secure connection. If this field is not specified, + the router may provide its own destination CA and perform + hostname validation using the short service name (service.namespace.svc), + which allows infrastructure generated certificates to + automatically verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to a route. + While each router may make its own decisions on which + ports to expose, this is normally port 80. \n * Allow + - traffic is sent to the server on the insecure port + (default) * Disable - no traffic is allowed on the insecure + port. * Redirect - clients are redirected to the secure + port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: termination indicates termination type. + type: string + required: + - termination + type: object + wildcardPolicy: + description: WildcardPolicy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + type: string + required: + - enabled + type: object + size: + description: Size is the replica count for the Prometheus StatefulSet. + format: int32 + type: integer + required: + - enabled + type: object + rbac: + description: RBAC defines the RBAC configuration for Argo CD. + properties: + defaultPolicy: + description: DefaultPolicy is the name of the default role which + Argo CD will falls back to, when authorizing API requests (optional). + If omitted or empty, users may be still be able to login, but + will see no apps, projects, etc... + type: string + policy: + description: 'Policy is CSV containing user-defined RBAC policies + and role definitions. Policy rules are in the form: p, subject, + resource, action, object, effect Role definitions and bindings + are in the form: g, subject, inherited-subject See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md + for additional information.' + type: string + scopes: + description: 'Scopes controls which OIDC scopes to examine during + rbac enforcement (in addition to `sub` scope). If omitted, defaults + to: ''[groups]''.' + type: string + type: object + redis: + description: Redis defines the Redis server options for ArgoCD. + properties: + image: + description: Image is the Redis container image. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for Redis. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + version: + description: Version is the Redis container image tag. + type: string + type: object + repo: + description: Repo defines the repo server options for Argo CD. + properties: + autotls: + description: 'AutoTLS specifies the method to use for automatic + TLS configuration for the repo server The value specified here + can currently be: - openshift - Use the OpenShift service CA + to request TLS config' + type: string + execTimeout: + description: ExecTimeout specifies the timeout in seconds for + tool execution + type: integer + image: + description: Image is the ArgoCD Repo Server container image. + type: string + logLevel: + description: LogLevel describes the log level that should be used + by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not + set. Valid options are debug, info, error, and warn. + type: string + mountsatoken: + description: MountSAToken describes whether you would like to + have the Repo server mount the service account token + type: boolean + resources: + description: Resources defines the Compute Resources required + by the container for Redis. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + serviceaccount: + description: ServiceAccount defines the ServiceAccount user that + you would like the Repo server to use + type: string + verifytls: + description: VerifyTLS defines whether repo server API should + be accessed using strict TLS validation + type: boolean + version: + description: Version is the ArgoCD Repo Server container image + tag. + type: string + type: object + repositoryCredentials: + description: RepositoryCredentials are the Git pull credentials to + configure Argo CD with upon creation of the cluster. + type: string + resourceCustomizations: + description: 'ResourceCustomizations customizes resource behavior. + Keys are in the form: group/Kind.' + type: string + resourceExclusions: + description: ResourceExclusions is used to completely ignore entire + classes of resource group/kinds. + type: string + resourceInclusions: + description: ResourceInclusions is used to only include specific group/kinds + in the reconciliation process. + type: string + server: + description: Server defines the options for the ArgoCD Server component. + properties: + autoscale: + description: Autoscale defines the autoscale options for the Argo + CD Server component. + properties: + enabled: + description: Enabled will toggle autoscaling support for the + Argo CD Server component. + type: boolean + hpa: + description: HPA defines the HorizontalPodAutoscaler options + for the Argo CD Server component. + properties: + maxReplicas: + description: upper limit for the number of pods that can + be set by the autoscaler; cannot be smaller than MinReplicas. + format: int32 + type: integer + minReplicas: + description: minReplicas is the lower limit for the number + of replicas to which the autoscaler can scale down. It + defaults to 1 pod. minReplicas is allowed to be 0 if + the alpha feature gate HPAScaleToZero is enabled and + at least one Object or External metric is configured. Scaling + is active as long as at least one metric value is available. + format: int32 + type: integer + scaleTargetRef: + description: reference to scaled resource; horizontal + pod autoscaler will learn the current resource consumption + and will set the desired number of pods by using its + Scale subresource. + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"' + type: string + name: + description: 'Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + required: + - kind + - name + type: object + targetCPUUtilizationPercentage: + description: target average CPU utilization (represented + as a percentage of requested CPU) over all the pods; + if not specified the default autoscaling policy will + be used. + format: int32 + type: integer + required: + - maxReplicas + - scaleTargetRef + type: object + required: + - enabled + type: object + grpc: + description: GRPC defines the state for the Argo CD Server GRPC + options. + properties: + host: + description: Host is the hostname to use for Ingress/Route + resources. + type: string + ingress: + description: Ingress defines the desired state for the Argo + CD Server GRPC Ingress. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to + apply to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress + only supports a single TLS port, 443. If multiple members + of this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified + through the SNI TLS extension, if the ingress controller + fulfilling the ingress supports SNI. + items: + description: IngressTLS describes the transport layer + security associated with an Ingress. + properties: + hosts: + description: Hosts are a list of hosts included + in the TLS certificate. The values in this list + must match the name/s used in the tlsSecret. Defaults + to the wildcard host setting for the loadbalancer + controller fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + secretName: + description: SecretName is the name of the secret + used to terminate SSL traffic on 443. Field is + left optional to allow SSL routing based on SNI + hostname alone. If the SNI host in a listener + conflicts with the "Host" header field used by + an IngressRule, the SNI host is used for termination + and value of the Host header is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + type: object + host: + description: Host is the hostname to use for Ingress/Route resources. + type: string + ingress: + description: Ingress defines the desired state for an Ingress + for the Argo CD Server component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to apply + to the Ingress. + type: object + enabled: + description: Enabled will toggle the creation of the Ingress. + type: boolean + path: + description: Path used for the Ingress resource. + type: string + tls: + description: TLS configuration. Currently the Ingress only + supports a single TLS port, 443. If multiple members of + this list specify different hosts, they will be multiplexed + on the same port according to the hostname specified through + the SNI TLS extension, if the ingress controller fulfilling + the ingress supports SNI. + items: + description: IngressTLS describes the transport layer security + associated with an Ingress. + properties: + hosts: + description: Hosts are a list of hosts included in the + TLS certificate. The values in this list must match + the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller + fulfilling this Ingress, if left unspecified. + items: + type: string + type: array + secretName: + description: SecretName is the name of the secret used + to terminate SSL traffic on 443. Field is left optional + to allow SSL routing based on SNI hostname alone. + If the SNI host in a listener conflicts with the "Host" + header field used by an IngressRule, the SNI host + is used for termination and value of the Host header + is used for routing. + type: string + type: object + type: array + required: + - enabled + type: object + insecure: + description: Insecure toggles the insecure flag. + type: boolean + logLevel: + description: LogLevel refers to the log level to be used by the + ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if + not set. Valid options are debug, info, error, and warn. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for the Argo CD server component. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + route: + description: Route defines the desired state for an OpenShift + Route for the Argo CD Server component. + properties: + annotations: + additionalProperties: + type: string + description: Annotations is the map of annotations to use + for the Route resource. + type: object + enabled: + description: Enabled will toggle the creation of the OpenShift + Route. + type: boolean + labels: + additionalProperties: + type: string + description: Labels is the map of labels to use for the Route + resource + type: object + path: + description: Path the router watches for, to route traffic + for to the service. + type: string + tls: + description: TLS provides the ability to configure certificates + and termination for the Route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents + type: string + destinationCACertificate: + description: destinationCACertificate provides the contents + of the ca certificate of the final destination. When + using reencrypt termination this file should be provided + in order to have routers use it for health checks on + the secure connection. If this field is not specified, + the router may provide its own destination CA and perform + hostname validation using the short service name (service.namespace.svc), + which allows infrastructure generated certificates to + automatically verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to a route. + While each router may make its own decisions on which + ports to expose, this is normally port 80. \n * Allow + - traffic is sent to the server on the insecure port + (default) * Disable - no traffic is allowed on the insecure + port. * Redirect - clients are redirected to the secure + port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: termination indicates termination type. + type: string + required: + - termination + type: object + wildcardPolicy: + description: WildcardPolicy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + type: string + required: + - enabled + type: object + service: + description: Service defines the options for the Service backing + the ArgoCD Server component. + properties: + type: + description: Type is the ServiceType to use for the Service + resource. + type: string + required: + - type + type: object + type: object + sso: + description: SSO defines the Single Sign-on configuration for Argo + CD + properties: + image: + description: Image is the SSO container image. + type: string + provider: + description: Provider installs and configures the given SSO Provider + with Argo CD. + type: string + resources: + description: Resources defines the Compute Resources required + by the container for SSO. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + verifyTLS: + description: VerifyTLS set to false disables strict TLS validation. + type: boolean + version: + description: Version is the SSO container image tag. + type: string + type: object + statusBadgeEnabled: + description: StatusBadgeEnabled toggles application status badge feature. + type: boolean + tls: + description: TLS defines the TLS options for ArgoCD. + properties: + ca: + description: CA defines the CA options. + properties: + configMapName: + description: ConfigMapName is the name of the ConfigMap containing + the CA Certificate. + type: string + secretName: + description: SecretName is the name of the Secret containing + the CA Certificate and Key. + type: string + type: object + initialCerts: + additionalProperties: + type: string + description: InitialCerts defines custom TLS certificates upon + creation of the cluster for connecting Git repositories via + HTTPS. + type: object + type: object + usersAnonymousEnabled: + description: UsersAnonymousEnabled toggles anonymous user access. + The anonymous users get default role permissions specified argocd-rbac-cm. + type: boolean + version: + description: Version is the tag to use with the ArgoCD container image + for all ArgoCD components. + type: string + type: object + status: + description: ArgoCDStatus defines the observed state of ArgoCD + properties: + applicationController: + description: 'ApplicationController is a simple, high-level summary + of where the Argo CD application controller component is in its + lifecycle. There are five possible ApplicationController values: + Pending: The Argo CD application controller component has been accepted + by the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD application controller component are in a Ready state. Failed: + At least one of the Argo CD application controller component Pods + had a failure. Unknown: For some reason the state of the Argo CD + application controller component could not be obtained.' + type: string + dex: + description: 'Dex is a simple, high-level summary of where the Argo + CD Dex component is in its lifecycle. There are five possible dex + values: Pending: The Argo CD Dex component has been accepted by + the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD Dex component are in a Ready state. Failed: At least one + of the Argo CD Dex component Pods had a failure. Unknown: For some + reason the state of the Argo CD Dex component could not be obtained.' + type: string + phase: + description: 'Phase is a simple, high-level summary of where the ArgoCD + is in its lifecycle. There are five possible phase values: Pending: + The ArgoCD has been accepted by the Kubernetes system, but one or + more of the required resources have not been created. Available: + All of the resources for the ArgoCD are ready. Failed: At least + one resource has experienced a failure. Unknown: For some reason + the state of the ArgoCD phase could not be obtained.' + type: string + redis: + description: 'Redis is a simple, high-level summary of where the Argo + CD Redis component is in its lifecycle. There are five possible + redis values: Pending: The Argo CD Redis component has been accepted + by the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD Redis component are in a Ready state. Failed: At least one + of the Argo CD Redis component Pods had a failure. Unknown: For + some reason the state of the Argo CD Redis component could not be + obtained.' + type: string + repo: + description: 'Repo is a simple, high-level summary of where the Argo + CD Repo component is in its lifecycle. There are five possible repo + values: Pending: The Argo CD Repo component has been accepted by + the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD Repo component are in a Ready state. Failed: At least one + of the Argo CD Repo component Pods had a failure. Unknown: For + some reason the state of the Argo CD Repo component could not be + obtained.' + type: string + repoTLSChecksum: + description: RepoTLSChecksum contains the SHA256 checksum of the latest + known state of tls.crt and tls.key in the argocd-repo-server-tls + secret. + type: string + server: + description: 'Server is a simple, high-level summary of where the + Argo CD server component is in its lifecycle. There are five possible + server values: Pending: The Argo CD server component has been accepted + by the Kubernetes system, but one or more of the required resources + have not been created. Running: All of the required Pods for the + Argo CD server component are in a Ready state. Failed: At least + one of the Argo CD server component Pods had a failure. Unknown: + For some reason the state of the Argo CD server component could + not be obtained.' + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/argocd-operator/templates/NOTES.txt b/charts/argocd-operator/templates/NOTES.txt new file mode 100644 index 00000000..aeb84444 --- /dev/null +++ b/charts/argocd-operator/templates/NOTES.txt @@ -0,0 +1,5 @@ +********************** +** CONGRATULATIONS! ** +********************** + +The ArgoCD Operator and associated Argo Projects have been installed. diff --git a/charts/argocd-operator/templates/_helpers.tpl b/charts/argocd-operator/templates/_helpers.tpl new file mode 100644 index 00000000..e175dd54 --- /dev/null +++ b/charts/argocd-operator/templates/_helpers.tpl @@ -0,0 +1,58 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "argocd-operator.name" -}} +{{- default .Chart.Name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "argocd-operator.fullname" -}} +{{- $name := default .Chart.Name -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "argocd-operator.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels for operator +*/}} +{{- define "argocd-operator.labels" -}} +helm.sh/chart: {{ include "argocd-operator.chart" . }} +{{ include "argocd-operator.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Selector labels Operator +*/}} +{{- define "argocd-operator.selectorLabels" -}} +app.kubernetes.io/name: {{ include "argocd-operator.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + + +{{/* +ArgoCD Vault plugin validation +*/}} +{{- if .Values.vault.enabled }} +{{- if ne .Values.vault.auth.type "k8s" }} +{{- fail "This chart currently only supports k8s auth for the argocd-vault-plugin" }} +{{- end }} +{{- end }} diff --git a/charts/argocd-operator/templates/argocd_editor_role.yaml b/charts/argocd-operator/templates/argocd_editor_role.yaml new file mode 100644 index 00000000..fa69c337 --- /dev/null +++ b/charts/argocd-operator/templates/argocd_editor_role.yaml @@ -0,0 +1,24 @@ +# permissions for end users to edit argocds. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-editor-role +rules: +- apiGroups: + - argoproj.io + resources: + - argocds + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - argoproj.io + resources: + - argocds/status + verbs: + - get diff --git a/charts/argocd-operator/templates/argocd_viewer_role.yaml b/charts/argocd-operator/templates/argocd_viewer_role.yaml new file mode 100644 index 00000000..68d71358 --- /dev/null +++ b/charts/argocd-operator/templates/argocd_viewer_role.yaml @@ -0,0 +1,20 @@ +# permissions for end users to view argocds. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-viewer-role +rules: +- apiGroups: + - argoproj.io + resources: + - argocds + verbs: + - get + - list + - watch +- apiGroups: + - argoproj.io + resources: + - argocds/status + verbs: + - get diff --git a/charts/argocd-operator/templates/argocdexport_editor_role.yaml b/charts/argocd-operator/templates/argocdexport_editor_role.yaml new file mode 100644 index 00000000..3a93a019 --- /dev/null +++ b/charts/argocd-operator/templates/argocdexport_editor_role.yaml @@ -0,0 +1,24 @@ +# permissions for end users to edit argocdexports. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocdexport-editor-role +rules: +- apiGroups: + - argoproj.io + resources: + - argocdexports + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - argoproj.io + resources: + - argocdexports/status + verbs: + - get diff --git a/charts/argocd-operator/templates/argocdexport_viewer_role.yaml b/charts/argocd-operator/templates/argocdexport_viewer_role.yaml new file mode 100644 index 00000000..f7e36014 --- /dev/null +++ b/charts/argocd-operator/templates/argocdexport_viewer_role.yaml @@ -0,0 +1,20 @@ +# permissions for end users to view argocdexports. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocdexport-viewer-role +rules: +- apiGroups: + - argoproj.io + resources: + - argocdexports + verbs: + - get + - list + - watch +- apiGroups: + - argoproj.io + resources: + - argocdexports/status + verbs: + - get diff --git a/charts/argocd-operator/templates/auth_proxy_client_clusterrole.yaml b/charts/argocd-operator/templates/auth_proxy_client_clusterrole.yaml new file mode 100644 index 00000000..51a75db4 --- /dev/null +++ b/charts/argocd-operator/templates/auth_proxy_client_clusterrole.yaml @@ -0,0 +1,9 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: metrics-reader +rules: +- nonResourceURLs: + - "/metrics" + verbs: + - get diff --git a/charts/argocd-operator/templates/auth_proxy_role.yaml b/charts/argocd-operator/templates/auth_proxy_role.yaml new file mode 100644 index 00000000..80e1857c --- /dev/null +++ b/charts/argocd-operator/templates/auth_proxy_role.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create diff --git a/charts/argocd-operator/templates/auth_proxy_role_binding.yaml b/charts/argocd-operator/templates/auth_proxy_role_binding.yaml new file mode 100644 index 00000000..4c08e927 --- /dev/null +++ b/charts/argocd-operator/templates/auth_proxy_role_binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: proxy-role +subjects: +- kind: ServiceAccount + name: argocd-operator + namespace: argocd-operator-system diff --git a/charts/argocd-operator/templates/auth_proxy_service.yaml b/charts/argocd-operator/templates/auth_proxy_service.yaml new file mode 100644 index 00000000..0af537e8 --- /dev/null +++ b/charts/argocd-operator/templates/auth_proxy_service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: controller-manager-metrics-service + namespace: argocd-operator-system +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager diff --git a/charts/argocd-operator/templates/leader_election_role.yaml b/charts/argocd-operator/templates/leader_election_role.yaml new file mode 100644 index 00000000..4190ec80 --- /dev/null +++ b/charts/argocd-operator/templates/leader_election_role.yaml @@ -0,0 +1,37 @@ +# permissions to do leader election. +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: leader-election-role +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/charts/argocd-operator/templates/leader_election_role_binding.yaml b/charts/argocd-operator/templates/leader_election_role_binding.yaml new file mode 100644 index 00000000..08a2c7e2 --- /dev/null +++ b/charts/argocd-operator/templates/leader_election_role_binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: leader-election-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: leader-election-role +subjects: +- kind: ServiceAccount + name: argocd-operator + namespace: argocd-operator-system diff --git a/charts/argocd-operator/templates/operator.yaml b/charts/argocd-operator/templates/operator.yaml new file mode 100644 index 00000000..4e6a3cfa --- /dev/null +++ b/charts/argocd-operator/templates/operator.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: "argocd-operator" + namespace: {{ .Release.Namespace }} + labels: + {{- include "argocd-operator.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.operator.replicaCount }} + selector: + matchLabels: + {{- include "argocd-operator.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "argocd-operator.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.operator.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: argocd-operator + {{- with .Values.operator.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.operator.image.repository }}:{{ .Values.operator.image.tag }}" + command: + - /manager + args: + - --leader-elect + imagePullPolicy: {{ .Values.operator.image.pullPolicy }} + env: + - name: WATCH_NAMESPACE + value: {{ .Values.operator.nsToWatch }} + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: "argocd-operator" + resources: + {{- toYaml .Values.operator.resources | nindent 12 }} diff --git a/charts/argocd-operator/templates/projects.yaml b/charts/argocd-operator/templates/projects.yaml new file mode 100644 index 00000000..ec6749a2 --- /dev/null +++ b/charts/argocd-operator/templates/projects.yaml @@ -0,0 +1,23 @@ +{{ range .Values.projects }} +--- +apiVersion: argoproj.io/v1alpha1 +kind: ArgoCD +metadata: + name: {{ .name }} + namespace: {{ .namespace }} + ## Annotations for ArgoCD Project Pods + annotations: + {{- with .podAnnotations }} + {{- . | toYaml | nindent 4 }} + {{- end }} + ## Optionally pass labels to be applied to the statefulset pods + labels: + app: argocd + {{- with .podLabels }} + {{- . | toYaml | nindent 4 }} + {{- end }} +spec: {{- with .spec }} + # See https://argocd-operator.readthedocs.io/en/latest/reference/api.html/#argoproj.io/v1alpha1.ArgoCDSpec + {{ toYaml . | nindent 2 }} + {{ end }} +{{ end }} diff --git a/charts/argocd-operator/templates/role.yaml b/charts/argocd-operator/templates/role.yaml new file mode 100644 index 00000000..7cc1bc9a --- /dev/null +++ b/charts/argocd-operator/templates/role.yaml @@ -0,0 +1,120 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: manager-role +rules: +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - events + - namespaces + - persistentvolumeclaims + - pods + - secrets + - serviceaccounts + - services + - services/finalizers + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + - pods/log + verbs: + - get +- apiGroups: + - apps + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - '*' +- apiGroups: + - apps + resourceNames: + - argocd-operator + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + verbs: + - '*' +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + verbs: + - '*' +- apiGroups: + - argoproj.io + resources: + - argocdexports + - argocdexports/finalizers + - argocdexports/status + verbs: + - '*' +- apiGroups: + - argoproj.io + resources: + - argocds + - argocds/finalizers + - argocds/status + verbs: + - '*' +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - '*' +- apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - '*' +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - prometheuses + - servicemonitors + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + verbs: + - '*' +- apiGroups: + - route.openshift.io + resources: + - routes + - routes/custom-host + verbs: + - '*' diff --git a/charts/argocd-operator/templates/role_binding.yaml b/charts/argocd-operator/templates/role_binding.yaml new file mode 100644 index 00000000..c9f6f733 --- /dev/null +++ b/charts/argocd-operator/templates/role_binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: manager-role +subjects: +- kind: ServiceAccount + name: argocd-operator + namespace: argocd-operator-system diff --git a/charts/argocd-operator/templates/service_account.yaml b/charts/argocd-operator/templates/service_account.yaml new file mode 100644 index 00000000..ad1c0176 --- /dev/null +++ b/charts/argocd-operator/templates/service_account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-operator + namespace: {{ .Release.Namespace }} + labels: +{{ include "argocd-operator.labels" . | nindent 4 }} diff --git a/charts/argocd-operator/templates/vault-plugin/cluster-role-binding.yaml b/charts/argocd-operator/templates/vault-plugin/cluster-role-binding.yaml new file mode 100644 index 00000000..5ffb79e8 --- /dev/null +++ b/charts/argocd-operator/templates/vault-plugin/cluster-role-binding.yaml @@ -0,0 +1,18 @@ +{{- if .Values.vault.enabled }} +{{ range .Values.projects }} +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: role-tokenreview-binding-{{ .namespace }} + namespace: {{ .namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:auth-delegator +subjects: +- kind: ServiceAccount + name: argocd-repo-server-vault + namespace: {{ .namespace }} +{{ end }} +{{- end }} diff --git a/charts/argocd-operator/templates/vault-plugin/plugin-secret.yaml b/charts/argocd-operator/templates/vault-plugin/plugin-secret.yaml new file mode 100644 index 00000000..64b35566 --- /dev/null +++ b/charts/argocd-operator/templates/vault-plugin/plugin-secret.yaml @@ -0,0 +1,18 @@ +{{- if .Values.vault.enabled }} +{{ range .Values.projects }} +--- +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: argocd-vault-secret + namespace: {{ .namespace }} +stringData: + VAULT_ADDR: {{ $.Values.vault.auth.url }} + AVP_AUTH_TYPE: {{ $.Values.vault.auth.type }} + AVP_TYPE: vault + # The kubernetes role in vault + # https://github.com/IBM/argocd-vault-plugin/blob/main/docs/config.md#full-list-of-supported-parameters + AVP_K8S_ROLE: {{ $.Values.vault.auth.rolePrefix }}{{ .namespace | replace "-" "_" }} +{{ end }} +{{- end }} diff --git a/charts/argocd-operator/templates/vault-plugin/role-binding.yaml b/charts/argocd-operator/templates/vault-plugin/role-binding.yaml new file mode 100644 index 00000000..2318ff4f --- /dev/null +++ b/charts/argocd-operator/templates/vault-plugin/role-binding.yaml @@ -0,0 +1,18 @@ +{{- if .Values.vault.enabled }} +{{ range .Values.projects }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-repo-server-vault + namespace: {{ .namespace }} +subjects: +- kind: ServiceAccount + name: argocd-repo-server-vault + namespace: {{ .namespace }} +roleRef: + kind: Role + name: secret-reader + apiGroup: rbac.authorization.k8s.io +{{ end }} +{{- end }} diff --git a/charts/argocd-operator/templates/vault-plugin/role.yaml b/charts/argocd-operator/templates/vault-plugin/role.yaml new file mode 100644 index 00000000..976e8c79 --- /dev/null +++ b/charts/argocd-operator/templates/vault-plugin/role.yaml @@ -0,0 +1,15 @@ +{{- if .Values.vault.enabled }} +{{ range .Values.projects }} +--- +# This is to get the argocd-vault-secret +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: secret-reader + namespace: {{ .namespace }} +rules: +- apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] +{{ end }} +{{- end }} diff --git a/charts/argocd-operator/templates/vault-plugin/serviceaccount.yaml b/charts/argocd-operator/templates/vault-plugin/serviceaccount.yaml new file mode 100644 index 00000000..c98a6774 --- /dev/null +++ b/charts/argocd-operator/templates/vault-plugin/serviceaccount.yaml @@ -0,0 +1,13 @@ +# This is created regardless of whether or not +# Vault is being used (so that nothing fails) +# if the service account doesn't exist. +# This is OK, since the serviceaccount doesn't +# get a RoleBinding unless Vault is enabled. +{{ range .Values.projects }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: argocd-repo-server-vault + namespace: {{ .namespace }} +{{ end }} diff --git a/charts/argocd-operator/values.yaml b/charts/argocd-operator/values.yaml new file mode 100644 index 00000000..0ad154e1 --- /dev/null +++ b/charts/argocd-operator/values.yaml @@ -0,0 +1,108 @@ +# Default values for argocd-operator. + +operator: + clusterDomain: "" + nsToWatch: "argocd-operator-system,argocd-system" + image: + repository: statcan/argocd-operator + tag: v0.0.16 + pullPolicy: IfNotPresent + imagePullSecrets: [] + podAnnotations: {} + podLabels: {} + replicaCount: 1 + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + runAsNonRoot: true + fsGroup: 1000 + resources: + requests: + cpu: 200m + memory: 256Mi + ephemeral-storage: 500Mi + +# For the argocd-vault-plugin +vault: + enabled: false + auth: + url: http://vault.default:8200 + # https://github.com/IBM/argocd-vault-plugin/blob/main/docs/config.md + type: k8s + # You need to create this kubernetes role in vault + # The end role is `{prefix}{namespace}`, like `argocd_dscd_system`. + # This is to isolate Vault spaces from eachother. + # NOTE: The namespace will have "-"s replaced with "_"s + rolePrefix: argocd_ + +pluginConfig: &pluginConfig | + # If the argocd-vault-plugin is not enabled, + # then obviously these will not work. + - name: argocd-vault-plugin + generate: + command: ["argocd-vault-plugin"] + args: ["-s", "argocd-vault-secret", "generate", "./"] + - name: argocd-vault-plugin-helm + generate: + command: ["sh", "-c"] + args: ["helm template . > all.yaml && argocd-vault-plugin -s argocd-vault-secret generate all.yaml"] + - name: argocd-vault-plugin-kustomize + generate: + command: ["sh", "-c"] + args: ["kustomize build . > all.yaml && argocd-vault-plugin -s argocd-vault-secret generate all.yaml"] + +# ## ArgoCD Projects Definition +# projects: +# # Project name +# - name: argprojo01 +# namespace: "argocd-operator-system" +# podAnnotations: {} +# podLabels: {} +# spec: +# oidcConfig: | +# name: myoidc +# issuer: OIDC_FQDN +# clientID: id +# clientSecret: secret +# requestedIDTokenClaims: +# groups: +# essential: true +# requestedScopes: ["openid", "profile", "email"] +# rbac: +# defaultPolicy: 'role:readonly' +# policy: | +# g, system:cluster-admins, role:admin +# scopes: '[groups]' +# server: +# autoscale: +# enabled: true +# host: ARGOCD_FQDN +# insecure: false +# configManagementPlugins: *pluginConfig + +# # Project name +# - name: argprojo02 +# namespace: argocd-system +# podAnnotations: {} +# podLabels: {} +# spec: +# oidcConfig: | +# name: myoidc +# issuer: OIDC_FQDN +# clientID: id +# clientSecret: secret +# requestedIDTokenClaims: +# groups: +# essential: true +# requestedScopes: ["openid", "profile", "email"] +# rbac: +# defaultPolicy: 'role:readonly' +# policy: | +# g, system:cluster-admins, role:admin +# scopes: '[groups]' +# server: +# autoscale: +# enabled: true +# host: ARGOCD_FQDN +# insecure: false +# configManagementPlugins: *pluginConfig