You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12413 lines
578 KiB
12413 lines
578 KiB
# This is an auto-generated file. DO NOT EDIT
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: applications.argoproj.io
|
|
app.kubernetes.io/part-of: argocd
|
|
name: applications.argoproj.io
|
|
spec:
|
|
group: argoproj.io
|
|
names:
|
|
kind: Application
|
|
listKind: ApplicationList
|
|
plural: applications
|
|
shortNames:
|
|
- app
|
|
- apps
|
|
singular: application
|
|
scope: Namespaced
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- jsonPath: .status.sync.status
|
|
name: Sync Status
|
|
type: string
|
|
- jsonPath: .status.health.status
|
|
name: Health Status
|
|
type: string
|
|
- jsonPath: .status.sync.revision
|
|
name: Revision
|
|
priority: 10
|
|
type: string
|
|
name: v1alpha1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Application is a definition of Application resource.
|
|
properties:
|
|
apiVersion:
|
|
description: 'APIVersion defines the versioned schema of this representation
|
|
of an object. Servers should convert recognized schemas to the latest
|
|
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
type: string
|
|
kind:
|
|
description: 'Kind is a string value representing the REST resource this
|
|
object represents. Servers may infer this from the endpoint the client
|
|
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
operation:
|
|
description: Operation contains information about a requested or running
|
|
operation
|
|
properties:
|
|
info:
|
|
description: Info is a list of informational items for this operation
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
initiatedBy:
|
|
description: InitiatedBy contains information about who initiated
|
|
the operations
|
|
properties:
|
|
automated:
|
|
description: Automated is set to true if operation was initiated
|
|
automatically by the application controller.
|
|
type: boolean
|
|
username:
|
|
description: Username contains the name of a user who started
|
|
operation
|
|
type: string
|
|
type: object
|
|
retry:
|
|
description: Retry controls the strategy to apply if a sync fails
|
|
properties:
|
|
backoff:
|
|
description: Backoff controls how to backoff on subsequent retries
|
|
of failed syncs
|
|
properties:
|
|
duration:
|
|
description: Duration is the amount to back off. Default unit
|
|
is seconds, but could also be a duration (e.g. "2m", "1h")
|
|
type: string
|
|
factor:
|
|
description: Factor is a factor to multiply the base duration
|
|
after each failed retry
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
description: MaxDuration is the maximum amount of time allowed
|
|
for the backoff strategy
|
|
type: string
|
|
type: object
|
|
limit:
|
|
description: Limit is the maximum number of attempts for retrying
|
|
a failed sync. If set to 0, no retries will be performed.
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
sync:
|
|
description: Sync contains parameters for the operation
|
|
properties:
|
|
dryRun:
|
|
description: DryRun specifies to perform a `kubectl apply --dry-run`
|
|
without actually performing the sync
|
|
type: boolean
|
|
manifests:
|
|
description: Manifests is an optional field that overrides sync
|
|
source with a local directory for development
|
|
items:
|
|
type: string
|
|
type: array
|
|
prune:
|
|
description: Prune specifies to delete resources from the cluster
|
|
that are no longer tracked in git
|
|
type: boolean
|
|
resources:
|
|
description: Resources describes which resources shall be part
|
|
of the sync
|
|
items:
|
|
description: SyncOperationResource contains resources to sync.
|
|
properties:
|
|
group:
|
|
type: string
|
|
kind:
|
|
type: string
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
- name
|
|
type: object
|
|
type: array
|
|
revision:
|
|
description: Revision is the revision (Git) or chart version (Helm)
|
|
which to sync the application to If omitted, will use the revision
|
|
specified in app spec.
|
|
type: string
|
|
source:
|
|
description: Source overrides the source definition set in the
|
|
application. This is typically set in a Rollback operation and
|
|
is nil during a Sync operation
|
|
properties:
|
|
chart:
|
|
description: Chart is a Helm chart name, and must be specified
|
|
for applications sourced from a Helm repo.
|
|
type: string
|
|
directory:
|
|
description: Directory holds path/directory specific options
|
|
properties:
|
|
exclude:
|
|
description: Exclude contains a glob pattern to match
|
|
paths against that should be explicitly excluded from
|
|
being used during manifest generation
|
|
type: string
|
|
include:
|
|
description: Include contains a glob pattern to match
|
|
paths against that should be explicitly included during
|
|
manifest generation
|
|
type: string
|
|
jsonnet:
|
|
description: Jsonnet holds options specific to Jsonnet
|
|
properties:
|
|
extVars:
|
|
description: ExtVars is a list of Jsonnet External
|
|
Variables
|
|
items:
|
|
description: JsonnetVar represents a variable to
|
|
be passed to jsonnet during manifest generation
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
description: Additional library search dirs
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
description: TLAS is a list of Jsonnet Top-level Arguments
|
|
items:
|
|
description: JsonnetVar represents a variable to
|
|
be passed to jsonnet during manifest generation
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
description: Recurse specifies whether to scan a directory
|
|
recursively for manifests
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
description: Helm holds helm specific options
|
|
properties:
|
|
fileParameters:
|
|
description: FileParameters are file parameters to the
|
|
helm template
|
|
items:
|
|
description: HelmFileParameter is a file parameter that's
|
|
passed to helm template during manifest generation
|
|
properties:
|
|
name:
|
|
description: Name is the name of the Helm parameter
|
|
type: string
|
|
path:
|
|
description: Path is the path to the file containing
|
|
the values for the Helm parameter
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
description: IgnoreMissingValueFiles prevents helm template
|
|
from failing when valueFiles do not exist locally by
|
|
not appending them to helm template --values
|
|
type: boolean
|
|
parameters:
|
|
description: Parameters is a list of Helm parameters which
|
|
are passed to the helm template command upon manifest
|
|
generation
|
|
items:
|
|
description: HelmParameter is a parameter that's passed
|
|
to helm template during manifest generation
|
|
properties:
|
|
forceString:
|
|
description: ForceString determines whether to tell
|
|
Helm to interpret booleans and numbers as strings
|
|
type: boolean
|
|
name:
|
|
description: Name is the name of the Helm parameter
|
|
type: string
|
|
value:
|
|
description: Value is the value for the Helm parameter
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
description: PassCredentials pass credentials to all domains
|
|
(Helm's --pass-credentials)
|
|
type: boolean
|
|
releaseName:
|
|
description: ReleaseName is the Helm release name to use.
|
|
If omitted it will use the application name
|
|
type: string
|
|
skipCrds:
|
|
description: SkipCrds skips custom resource definition
|
|
installation step (Helm's --skip-crds)
|
|
type: boolean
|
|
valueFiles:
|
|
description: ValuesFiles is a list of Helm value files
|
|
to use when generating a template
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
description: Values specifies Helm values to be passed
|
|
to helm template, typically defined as a block
|
|
type: string
|
|
version:
|
|
description: Version is the Helm version to use for templating
|
|
("3")
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
description: Kustomize holds kustomize specific options
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
description: CommonAnnotations is a list of additional
|
|
annotations to add to rendered manifests
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: CommonLabels is a list of additional labels
|
|
to add to rendered manifests
|
|
type: object
|
|
forceCommonAnnotations:
|
|
description: ForceCommonAnnotations specifies whether
|
|
to force applying common annotations to resources for
|
|
Kustomize apps
|
|
type: boolean
|
|
forceCommonLabels:
|
|
description: ForceCommonLabels specifies whether to force
|
|
applying common labels to resources for Kustomize apps
|
|
type: boolean
|
|
images:
|
|
description: Images is a list of Kustomize image override
|
|
specifications
|
|
items:
|
|
description: KustomizeImage represents a Kustomize image
|
|
definition in the format [old_image_name=]<image_name>:<image_tag>
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
description: NamePrefix is a prefix appended to resources
|
|
for Kustomize apps
|
|
type: string
|
|
nameSuffix:
|
|
description: NameSuffix is a suffix appended to resources
|
|
for Kustomize apps
|
|
type: string
|
|
version:
|
|
description: Version controls which version of Kustomize
|
|
to use for rendering manifests
|
|
type: string
|
|
type: object
|
|
path:
|
|
description: Path is a directory path within the Git repository,
|
|
and is only valid for applications sourced from Git.
|
|
type: string
|
|
plugin:
|
|
description: Plugin holds config management plugin specific
|
|
options
|
|
properties:
|
|
env:
|
|
description: Env is a list of environment variable entries
|
|
items:
|
|
description: EnvEntry represents an entry in the application's
|
|
environment
|
|
properties:
|
|
name:
|
|
description: Name is the name of the variable, usually
|
|
expressed in uppercase
|
|
type: string
|
|
value:
|
|
description: Value is the value of the variable
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
description: RepoURL is the URL to the repository (Git or
|
|
Helm) that contains the application manifests
|
|
type: string
|
|
targetRevision:
|
|
description: TargetRevision defines the revision of the source
|
|
to sync the application to. In case of Git, this can be
|
|
commit, tag, or branch. If omitted, will equal to HEAD.
|
|
In case of Helm, this is a semver tag for the Chart's version.
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncOptions:
|
|
description: SyncOptions provide per-sync sync-options, e.g. Validate=false
|
|
items:
|
|
type: string
|
|
type: array
|
|
syncStrategy:
|
|
description: SyncStrategy describes how to perform the sync
|
|
properties:
|
|
apply:
|
|
description: Apply will perform a `kubectl apply` to perform
|
|
the sync.
|
|
properties:
|
|
force:
|
|
description: Force indicates whether or not to supply
|
|
the --force flag to `kubectl apply`. The --force flag
|
|
deletes and re-create the resource, when PATCH encounters
|
|
conflict and has retried for 5 times.
|
|
type: boolean
|
|
type: object
|
|
hook:
|
|
description: Hook will submit any referenced resources to
|
|
perform the sync. This is the default strategy
|
|
properties:
|
|
force:
|
|
description: Force indicates whether or not to supply
|
|
the --force flag to `kubectl apply`. The --force flag
|
|
deletes and re-create the resource, when PATCH encounters
|
|
conflict and has retried for 5 times.
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
spec:
|
|
description: ApplicationSpec represents desired application state. Contains
|
|
link to repository with application definition and additional parameters
|
|
link definition revision.
|
|
properties:
|
|
destination:
|
|
description: Destination is a reference to the target Kubernetes server
|
|
and namespace
|
|
properties:
|
|
name:
|
|
description: Name is an alternate way of specifying the target
|
|
cluster by its symbolic name
|
|
type: string
|
|
namespace:
|
|
description: Namespace specifies the target namespace for the
|
|
application's resources. The namespace will only be set for
|
|
namespace-scoped resources that have not set a value for .metadata.namespace
|
|
type: string
|
|
server:
|
|
description: Server specifies the URL of the target cluster and
|
|
must be set to the Kubernetes control plane API
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
description: IgnoreDifferences is a list of resources and their fields
|
|
which should be ignored during comparison
|
|
items:
|
|
description: ResourceIgnoreDifferences contains resource filter
|
|
and list of json paths which should be ignored during comparison
|
|
with live state.
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
description: ManagedFieldsManagers is a list of trusted managers.
|
|
Fields mutated by those managers will take precedence over
|
|
the desired state defined in the SCM and won't be displayed
|
|
in diffs
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
description: Info contains a list of information (URLs, email addresses,
|
|
and plain text) that relates to the application
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
description: Project is a reference to the project this application
|
|
belongs to. The empty string means that application belongs to the
|
|
'default' project.
|
|
type: string
|
|
revisionHistoryLimit:
|
|
description: RevisionHistoryLimit limits the number of items kept
|
|
in the application's revision history, which is used for informational
|
|
purposes as well as for rollbacks to previous versions. This should
|
|
only be changed in exceptional circumstances. Setting to zero will
|
|
store no history. This will reduce storage used. Increasing will
|
|
increase the space used to store the history, so we do not recommend
|
|
increasing it. Default is 10.
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
description: Source is a reference to the location of the application's
|
|
manifests or chart
|
|
properties:
|
|
chart:
|
|
description: Chart is a Helm chart name, and must be specified
|
|
for applications sourced from a Helm repo.
|
|
type: string
|
|
directory:
|
|
description: Directory holds path/directory specific options
|
|
properties:
|
|
exclude:
|
|
description: Exclude contains a glob pattern to match paths
|
|
against that should be explicitly excluded from being used
|
|
during manifest generation
|
|
type: string
|
|
include:
|
|
description: Include contains a glob pattern to match paths
|
|
against that should be explicitly included during manifest
|
|
generation
|
|
type: string
|
|
jsonnet:
|
|
description: Jsonnet holds options specific to Jsonnet
|
|
properties:
|
|
extVars:
|
|
description: ExtVars is a list of Jsonnet External Variables
|
|
items:
|
|
description: JsonnetVar represents a variable to be
|
|
passed to jsonnet during manifest generation
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
description: Additional library search dirs
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
description: TLAS is a list of Jsonnet Top-level Arguments
|
|
items:
|
|
description: JsonnetVar represents a variable to be
|
|
passed to jsonnet during manifest generation
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
description: Recurse specifies whether to scan a directory
|
|
recursively for manifests
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
description: Helm holds helm specific options
|
|
properties:
|
|
fileParameters:
|
|
description: FileParameters are file parameters to the helm
|
|
template
|
|
items:
|
|
description: HelmFileParameter is a file parameter that's
|
|
passed to helm template during manifest generation
|
|
properties:
|
|
name:
|
|
description: Name is the name of the Helm parameter
|
|
type: string
|
|
path:
|
|
description: Path is the path to the file containing
|
|
the values for the Helm parameter
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
description: IgnoreMissingValueFiles prevents helm template
|
|
from failing when valueFiles do not exist locally by not
|
|
appending them to helm template --values
|
|
type: boolean
|
|
parameters:
|
|
description: Parameters is a list of Helm parameters which
|
|
are passed to the helm template command upon manifest generation
|
|
items:
|
|
description: HelmParameter is a parameter that's passed
|
|
to helm template during manifest generation
|
|
properties:
|
|
forceString:
|
|
description: ForceString determines whether to tell
|
|
Helm to interpret booleans and numbers as strings
|
|
type: boolean
|
|
name:
|
|
description: Name is the name of the Helm parameter
|
|
type: string
|
|
value:
|
|
description: Value is the value for the Helm parameter
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
description: PassCredentials pass credentials to all domains
|
|
(Helm's --pass-credentials)
|
|
type: boolean
|
|
releaseName:
|
|
description: ReleaseName is the Helm release name to use.
|
|
If omitted it will use the application name
|
|
type: string
|
|
skipCrds:
|
|
description: SkipCrds skips custom resource definition installation
|
|
step (Helm's --skip-crds)
|
|
type: boolean
|
|
valueFiles:
|
|
description: ValuesFiles is a list of Helm value files to
|
|
use when generating a template
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
description: Values specifies Helm values to be passed to
|
|
helm template, typically defined as a block
|
|
type: string
|
|
version:
|
|
description: Version is the Helm version to use for templating
|
|
("3")
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
description: Kustomize holds kustomize specific options
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
description: CommonAnnotations is a list of additional annotations
|
|
to add to rendered manifests
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: CommonLabels is a list of additional labels to
|
|
add to rendered manifests
|
|
type: object
|
|
forceCommonAnnotations:
|
|
description: ForceCommonAnnotations specifies whether to force
|
|
applying common annotations to resources for Kustomize apps
|
|
type: boolean
|
|
forceCommonLabels:
|
|
description: ForceCommonLabels specifies whether to force
|
|
applying common labels to resources for Kustomize apps
|
|
type: boolean
|
|
images:
|
|
description: Images is a list of Kustomize image override
|
|
specifications
|
|
items:
|
|
description: KustomizeImage represents a Kustomize image
|
|
definition in the format [old_image_name=]<image_name>:<image_tag>
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
description: NamePrefix is a prefix appended to resources
|
|
for Kustomize apps
|
|
type: string
|
|
nameSuffix:
|
|
description: NameSuffix is a suffix appended to resources
|
|
for Kustomize apps
|
|
type: string
|
|
version:
|
|
description: Version controls which version of Kustomize to
|
|
use for rendering manifests
|
|
type: string
|
|
type: object
|
|
path:
|
|
description: Path is a directory path within the Git repository,
|
|
and is only valid for applications sourced from Git.
|
|
type: string
|
|
plugin:
|
|
description: Plugin holds config management plugin specific options
|
|
properties:
|
|
env:
|
|
description: Env is a list of environment variable entries
|
|
items:
|
|
description: EnvEntry represents an entry in the application's
|
|
environment
|
|
properties:
|
|
name:
|
|
description: Name is the name of the variable, usually
|
|
expressed in uppercase
|
|
type: string
|
|
value:
|
|
description: Value is the value of the variable
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
description: RepoURL is the URL to the repository (Git or Helm)
|
|
that contains the application manifests
|
|
type: string
|
|
targetRevision:
|
|
description: TargetRevision defines the revision of the source
|
|
to sync the application to. In case of Git, this can be commit,
|
|
tag, or branch. If omitted, will equal to HEAD. In case of Helm,
|
|
this is a semver tag for the Chart's version.
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
description: SyncPolicy controls when and how a sync will be performed
|
|
properties:
|
|
automated:
|
|
description: Automated will keep an application synced to the
|
|
target revision
|
|
properties:
|
|
allowEmpty:
|
|
description: 'AllowEmpty allows apps have zero live resources
|
|
(default: false)'
|
|
type: boolean
|
|
prune:
|
|
description: 'Prune specifies whether to delete resources
|
|
from the cluster that are not found in the sources anymore
|
|
as part of automated sync (default: false)'
|
|
type: boolean
|
|
selfHeal:
|
|
description: 'SelfHeal specifes whether to revert resources
|
|
back to their desired state upon modification in the cluster
|
|
(default: false)'
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
description: Retry controls failed sync retry behavior
|
|
properties:
|
|
backoff:
|
|
description: Backoff controls how to backoff on subsequent
|
|
retries of failed syncs
|
|
properties:
|
|
duration:
|
|
description: Duration is the amount to back off. Default
|
|
unit is seconds, but could also be a duration (e.g.
|
|
"2m", "1h")
|
|
type: string
|
|
factor:
|
|
description: Factor is a factor to multiply the base duration
|
|
after each failed retry
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
description: MaxDuration is the maximum amount of time
|
|
allowed for the backoff strategy
|
|
type: string
|
|
type: object
|
|
limit:
|
|
description: Limit is the maximum number of attempts for retrying
|
|
a failed sync. If set to 0, no retries will be performed.
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
description: Options allow you to specify whole app sync-options
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
status:
|
|
description: ApplicationStatus contains status information for the application
|
|
properties:
|
|
conditions:
|
|
description: Conditions is a list of currently observed application
|
|
conditions
|
|
items:
|
|
description: ApplicationCondition contains details about an application
|
|
condition, which is usally an error or warning
|
|
properties:
|
|
lastTransitionTime:
|
|
description: LastTransitionTime is the time the condition was
|
|
last observed
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: Message contains human-readable message indicating
|
|
details about condition
|
|
type: string
|
|
type:
|
|
description: Type is an application condition type
|
|
type: string
|
|
required:
|
|
- message
|
|
- type
|
|
type: object
|
|
type: array
|
|
health:
|
|
description: Health contains information about the application's current
|
|
health status
|
|
properties:
|
|
message:
|
|
description: Message is a human-readable informational message
|
|
describing the health status
|
|
type: string
|
|
status:
|
|
description: Status holds the status code of the application or
|
|
resource
|
|
type: string
|
|
type: object
|
|
history:
|
|
description: History contains information about the application's
|
|
sync history
|
|
items:
|
|
description: RevisionHistory contains history information about
|
|
a previous sync
|
|
properties:
|
|
deployStartedAt:
|
|
description: DeployStartedAt holds the time the sync operation
|
|
started
|
|
format: date-time
|
|
type: string
|
|
deployedAt:
|
|
description: DeployedAt holds the time the sync operation completed
|
|
format: date-time
|
|
type: string
|
|
id:
|
|
description: ID is an auto incrementing identifier of the RevisionHistory
|
|
format: int64
|
|
type: integer
|
|
revision:
|
|
description: Revision holds the revision the sync was performed
|
|
against
|
|
type: string
|
|
source:
|
|
description: Source is a reference to the application source
|
|
used for the sync operation
|
|
properties:
|
|
chart:
|
|
description: Chart is a Helm chart name, and must be specified
|
|
for applications sourced from a Helm repo.
|
|
type: string
|
|
directory:
|
|
description: Directory holds path/directory specific options
|
|
properties:
|
|
exclude:
|
|
description: Exclude contains a glob pattern to match
|
|
paths against that should be explicitly excluded from
|
|
being used during manifest generation
|
|
type: string
|
|
include:
|
|
description: Include contains a glob pattern to match
|
|
paths against that should be explicitly included during
|
|
manifest generation
|
|
type: string
|
|
jsonnet:
|
|
description: Jsonnet holds options specific to Jsonnet
|
|
properties:
|
|
extVars:
|
|
description: ExtVars is a list of Jsonnet External
|
|
Variables
|
|
items:
|
|
description: JsonnetVar represents a variable
|
|
to be passed to jsonnet during manifest generation
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
description: Additional library search dirs
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
description: TLAS is a list of Jsonnet Top-level
|
|
Arguments
|
|
items:
|
|
description: JsonnetVar represents a variable
|
|
to be passed to jsonnet during manifest generation
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
description: Recurse specifies whether to scan a directory
|
|
recursively for manifests
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
description: Helm holds helm specific options
|
|
properties:
|
|
fileParameters:
|
|
description: FileParameters are file parameters to the
|
|
helm template
|
|
items:
|
|
description: HelmFileParameter is a file parameter
|
|
that's passed to helm template during manifest generation
|
|
properties:
|
|
name:
|
|
description: Name is the name of the Helm parameter
|
|
type: string
|
|
path:
|
|
description: Path is the path to the file containing
|
|
the values for the Helm parameter
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
description: IgnoreMissingValueFiles prevents helm template
|
|
from failing when valueFiles do not exist locally
|
|
by not appending them to helm template --values
|
|
type: boolean
|
|
parameters:
|
|
description: Parameters is a list of Helm parameters
|
|
which are passed to the helm template command upon
|
|
manifest generation
|
|
items:
|
|
description: HelmParameter is a parameter that's passed
|
|
to helm template during manifest generation
|
|
properties:
|
|
forceString:
|
|
description: ForceString determines whether to
|
|
tell Helm to interpret booleans and numbers
|
|
as strings
|
|
type: boolean
|
|
name:
|
|
description: Name is the name of the Helm parameter
|
|
type: string
|
|
value:
|
|
description: Value is the value for the Helm parameter
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
description: PassCredentials pass credentials to all
|
|
domains (Helm's --pass-credentials)
|
|
type: boolean
|
|
releaseName:
|
|
description: ReleaseName is the Helm release name to
|
|
use. If omitted it will use the application name
|
|
type: string
|
|
skipCrds:
|
|
description: SkipCrds skips custom resource definition
|
|
installation step (Helm's --skip-crds)
|
|
type: boolean
|
|
valueFiles:
|
|
description: ValuesFiles is a list of Helm value files
|
|
to use when generating a template
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
description: Values specifies Helm values to be passed
|
|
to helm template, typically defined as a block
|
|
type: string
|
|
version:
|
|
description: Version is the Helm version to use for
|
|
templating ("3")
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
description: Kustomize holds kustomize specific options
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
description: CommonAnnotations is a list of additional
|
|
annotations to add to rendered manifests
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: CommonLabels is a list of additional labels
|
|
to add to rendered manifests
|
|
type: object
|
|
forceCommonAnnotations:
|
|
description: ForceCommonAnnotations specifies whether
|
|
to force applying common annotations to resources
|
|
for Kustomize apps
|
|
type: boolean
|
|
forceCommonLabels:
|
|
description: ForceCommonLabels specifies whether to
|
|
force applying common labels to resources for Kustomize
|
|
apps
|
|
type: boolean
|
|
images:
|
|
description: Images is a list of Kustomize image override
|
|
specifications
|
|
items:
|
|
description: KustomizeImage represents a Kustomize
|
|
image definition in the format [old_image_name=]<image_name>:<image_tag>
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
description: NamePrefix is a prefix appended to resources
|
|
for Kustomize apps
|
|
type: string
|
|
nameSuffix:
|
|
description: NameSuffix is a suffix appended to resources
|
|
for Kustomize apps
|
|
type: string
|
|
version:
|
|
description: Version controls which version of Kustomize
|
|
to use for rendering manifests
|
|
type: string
|
|
type: object
|
|
path:
|
|
description: Path is a directory path within the Git repository,
|
|
and is only valid for applications sourced from Git.
|
|
type: string
|
|
plugin:
|
|
description: Plugin holds config management plugin specific
|
|
options
|
|
properties:
|
|
env:
|
|
description: Env is a list of environment variable entries
|
|
items:
|
|
description: EnvEntry represents an entry in the application's
|
|
environment
|
|
properties:
|
|
name:
|
|
description: Name is the name of the variable,
|
|
usually expressed in uppercase
|
|
type: string
|
|
value:
|
|
description: Value is the value of the variable
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
description: RepoURL is the URL to the repository (Git or
|
|
Helm) that contains the application manifests
|
|
type: string
|
|
targetRevision:
|
|
description: TargetRevision defines the revision of the
|
|
source to sync the application to. In case of Git, this
|
|
can be commit, tag, or branch. If omitted, will equal
|
|
to HEAD. In case of Helm, this is a semver tag for the
|
|
Chart's version.
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
required:
|
|
- deployedAt
|
|
- id
|
|
- revision
|
|
type: object
|
|
type: array
|
|
observedAt:
|
|
description: 'ObservedAt indicates when the application state was
|
|
updated without querying latest git state Deprecated: controller
|
|
no longer updates ObservedAt field'
|
|
format: date-time
|
|
type: string
|
|
operationState:
|
|
description: OperationState contains information about any ongoing
|
|
operations, such as a sync
|
|
properties:
|
|
finishedAt:
|
|
description: FinishedAt contains time of operation completion
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: Message holds any pertinent messages when attempting
|
|
to perform operation (typically errors).
|
|
type: string
|
|
operation:
|
|
description: Operation is the original requested operation
|
|
properties:
|
|
info:
|
|
description: Info is a list of informational items for this
|
|
operation
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
initiatedBy:
|
|
description: InitiatedBy contains information about who initiated
|
|
the operations
|
|
properties:
|
|
automated:
|
|
description: Automated is set to true if operation was
|
|
initiated automatically by the application controller.
|
|
type: boolean
|
|
username:
|
|
description: Username contains the name of a user who
|
|
started operation
|
|
type: string
|
|
type: object
|
|
retry:
|
|
description: Retry controls the strategy to apply if a sync
|
|
fails
|
|
properties:
|
|
backoff:
|
|
description: Backoff controls how to backoff on subsequent
|
|
retries of failed syncs
|
|
properties:
|
|
duration:
|
|
description: Duration is the amount to back off. Default
|
|
unit is seconds, but could also be a duration (e.g.
|
|
"2m", "1h")
|
|
type: string
|
|
factor:
|
|
description: Factor is a factor to multiply the base
|
|
duration after each failed retry
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
description: MaxDuration is the maximum amount of
|
|
time allowed for the backoff strategy
|
|
type: string
|
|
type: object
|
|
limit:
|
|
description: Limit is the maximum number of attempts for
|
|
retrying a failed sync. If set to 0, no retries will
|
|
be performed.
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
sync:
|
|
description: Sync contains parameters for the operation
|
|
properties:
|
|
dryRun:
|
|
description: DryRun specifies to perform a `kubectl apply
|
|
--dry-run` without actually performing the sync
|
|
type: boolean
|
|
manifests:
|
|
description: Manifests is an optional field that overrides
|
|
sync source with a local directory for development
|
|
items:
|
|
type: string
|
|
type: array
|
|
prune:
|
|
description: Prune specifies to delete resources from
|
|
the cluster that are no longer tracked in git
|
|
type: boolean
|
|
resources:
|
|
description: Resources describes which resources shall
|
|
be part of the sync
|
|
items:
|
|
description: SyncOperationResource contains resources
|
|
to sync.
|
|
properties:
|
|
group:
|
|
type: string
|
|
kind:
|
|
type: string
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
- name
|
|
type: object
|
|
type: array
|
|
revision:
|
|
description: Revision is the revision (Git) or chart version
|
|
(Helm) which to sync the application to If omitted,
|
|
will use the revision specified in app spec.
|
|
type: string
|
|
source:
|
|
description: Source overrides the source definition set
|
|
in the application. This is typically set in a Rollback
|
|
operation and is nil during a Sync operation
|
|
properties:
|
|
chart:
|
|
description: Chart is a Helm chart name, and must
|
|
be specified for applications sourced from a Helm
|
|
repo.
|
|
type: string
|
|
directory:
|
|
description: Directory holds path/directory specific
|
|
options
|
|
properties:
|
|
exclude:
|
|
description: Exclude contains a glob pattern to
|
|
match paths against that should be explicitly
|
|
excluded from being used during manifest generation
|
|
type: string
|
|
include:
|
|
description: Include contains a glob pattern to
|
|
match paths against that should be explicitly
|
|
included during manifest generation
|
|
type: string
|
|
jsonnet:
|
|
description: Jsonnet holds options specific to
|
|
Jsonnet
|
|
properties:
|
|
extVars:
|
|
description: ExtVars is a list of Jsonnet
|
|
External Variables
|
|
items:
|
|
description: JsonnetVar represents a variable
|
|
to be passed to jsonnet during manifest
|
|
generation
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
description: Additional library search dirs
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
description: TLAS is a list of Jsonnet Top-level
|
|
Arguments
|
|
items:
|
|
description: JsonnetVar represents a variable
|
|
to be passed to jsonnet during manifest
|
|
generation
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
description: Recurse specifies whether to scan
|
|
a directory recursively for manifests
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
description: Helm holds helm specific options
|
|
properties:
|
|
fileParameters:
|
|
description: FileParameters are file parameters
|
|
to the helm template
|
|
items:
|
|
description: HelmFileParameter is a file parameter
|
|
that's passed to helm template during manifest
|
|
generation
|
|
properties:
|
|
name:
|
|
description: Name is the name of the Helm
|
|
parameter
|
|
type: string
|
|
path:
|
|
description: Path is the path to the file
|
|
containing the values for the Helm parameter
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
description: IgnoreMissingValueFiles prevents
|
|
helm template from failing when valueFiles do
|
|
not exist locally by not appending them to helm
|
|
template --values
|
|
type: boolean
|
|
parameters:
|
|
description: Parameters is a list of Helm parameters
|
|
which are passed to the helm template command
|
|
upon manifest generation
|
|
items:
|
|
description: HelmParameter is a parameter that's
|
|
passed to helm template during manifest generation
|
|
properties:
|
|
forceString:
|
|
description: ForceString determines whether
|
|
to tell Helm to interpret booleans and
|
|
numbers as strings
|
|
type: boolean
|
|
name:
|
|
description: Name is the name of the Helm
|
|
parameter
|
|
type: string
|
|
value:
|
|
description: Value is the value for the
|
|
Helm parameter
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
description: PassCredentials pass credentials
|
|
to all domains (Helm's --pass-credentials)
|
|
type: boolean
|
|
releaseName:
|
|
description: ReleaseName is the Helm release name
|
|
to use. If omitted it will use the application
|
|
name
|
|
type: string
|
|
skipCrds:
|
|
description: SkipCrds skips custom resource definition
|
|
installation step (Helm's --skip-crds)
|
|
type: boolean
|
|
valueFiles:
|
|
description: ValuesFiles is a list of Helm value
|
|
files to use when generating a template
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
description: Values specifies Helm values to be
|
|
passed to helm template, typically defined as
|
|
a block
|
|
type: string
|
|
version:
|
|
description: Version is the Helm version to use
|
|
for templating ("3")
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
description: Kustomize holds kustomize specific options
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
description: CommonAnnotations is a list of additional
|
|
annotations to add to rendered manifests
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: CommonLabels is a list of additional
|
|
labels to add to rendered manifests
|
|
type: object
|
|
forceCommonAnnotations:
|
|
description: ForceCommonAnnotations specifies
|
|
whether to force applying common annotations
|
|
to resources for Kustomize apps
|
|
type: boolean
|
|
forceCommonLabels:
|
|
description: ForceCommonLabels specifies whether
|
|
to force applying common labels to resources
|
|
for Kustomize apps
|
|
type: boolean
|
|
images:
|
|
description: Images is a list of Kustomize image
|
|
override specifications
|
|
items:
|
|
description: KustomizeImage represents a Kustomize
|
|
image definition in the format [old_image_name=]<image_name>:<image_tag>
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
description: NamePrefix is a prefix appended to
|
|
resources for Kustomize apps
|
|
type: string
|
|
nameSuffix:
|
|
description: NameSuffix is a suffix appended to
|
|
resources for Kustomize apps
|
|
type: string
|
|
version:
|
|
description: Version controls which version of
|
|
Kustomize to use for rendering manifests
|
|
type: string
|
|
type: object
|
|
path:
|
|
description: Path is a directory path within the Git
|
|
repository, and is only valid for applications sourced
|
|
from Git.
|
|
type: string
|
|
plugin:
|
|
description: Plugin holds config management plugin
|
|
specific options
|
|
properties:
|
|
env:
|
|
description: Env is a list of environment variable
|
|
entries
|
|
items:
|
|
description: EnvEntry represents an entry in
|
|
the application's environment
|
|
properties:
|
|
name:
|
|
description: Name is the name of the variable,
|
|
usually expressed in uppercase
|
|
type: string
|
|
value:
|
|
description: Value is the value of the variable
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
description: RepoURL is the URL to the repository
|
|
(Git or Helm) that contains the application manifests
|
|
type: string
|
|
targetRevision:
|
|
description: TargetRevision defines the revision of
|
|
the source to sync the application to. In case of
|
|
Git, this can be commit, tag, or branch. If omitted,
|
|
will equal to HEAD. In case of Helm, this is a semver
|
|
tag for the Chart's version.
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncOptions:
|
|
description: SyncOptions provide per-sync sync-options,
|
|
e.g. Validate=false
|
|
items:
|
|
type: string
|
|
type: array
|
|
syncStrategy:
|
|
description: SyncStrategy describes how to perform the
|
|
sync
|
|
properties:
|
|
apply:
|
|
description: Apply will perform a `kubectl apply`
|
|
to perform the sync.
|
|
properties:
|
|
force:
|
|
description: Force indicates whether or not to
|
|
supply the --force flag to `kubectl apply`.
|
|
The --force flag deletes and re-create the resource,
|
|
when PATCH encounters conflict and has retried
|
|
for 5 times.
|
|
type: boolean
|
|
type: object
|
|
hook:
|
|
description: Hook will submit any referenced resources
|
|
to perform the sync. This is the default strategy
|
|
properties:
|
|
force:
|
|
description: Force indicates whether or not to
|
|
supply the --force flag to `kubectl apply`.
|
|
The --force flag deletes and re-create the resource,
|
|
when PATCH encounters conflict and has retried
|
|
for 5 times.
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
phase:
|
|
description: Phase is the current phase of the operation
|
|
type: string
|
|
retryCount:
|
|
description: RetryCount contains time of operation retries
|
|
format: int64
|
|
type: integer
|
|
startedAt:
|
|
description: StartedAt contains time of operation start
|
|
format: date-time
|
|
type: string
|
|
syncResult:
|
|
description: SyncResult is the result of a Sync operation
|
|
properties:
|
|
resources:
|
|
description: Resources contains a list of sync result items
|
|
for each individual resource in a sync operation
|
|
items:
|
|
description: ResourceResult holds the operation result details
|
|
of a specific resource
|
|
properties:
|
|
group:
|
|
description: Group specifies the API group of the resource
|
|
type: string
|
|
hookPhase:
|
|
description: HookPhase contains the state of any operation
|
|
associated with this resource OR hook This can also
|
|
contain values for non-hook resources.
|
|
type: string
|
|
hookType:
|
|
description: HookType specifies the type of the hook.
|
|
Empty for non-hook resources
|
|
type: string
|
|
kind:
|
|
description: Kind specifies the API kind of the resource
|
|
type: string
|
|
message:
|
|
description: Message contains an informational or error
|
|
message for the last sync OR operation
|
|
type: string
|
|
name:
|
|
description: Name specifies the name of the resource
|
|
type: string
|
|
namespace:
|
|
description: Namespace specifies the target namespace
|
|
of the resource
|
|
type: string
|
|
status:
|
|
description: Status holds the final result of the sync.
|
|
Will be empty if the resources is yet to be applied/pruned
|
|
and is always zero-value for hooks
|
|
type: string
|
|
syncPhase:
|
|
description: SyncPhase indicates the particular phase
|
|
of the sync that this result was acquired in
|
|
type: string
|
|
version:
|
|
description: Version specifies the API version of the
|
|
resource
|
|
type: string
|
|
required:
|
|
- group
|
|
- kind
|
|
- name
|
|
- namespace
|
|
- version
|
|
type: object
|
|
type: array
|
|
revision:
|
|
description: Revision holds the revision this sync operation
|
|
was performed to
|
|
type: string
|
|
source:
|
|
description: Source records the application source information
|
|
of the sync, used for comparing auto-sync
|
|
properties:
|
|
chart:
|
|
description: Chart is a Helm chart name, and must be specified
|
|
for applications sourced from a Helm repo.
|
|
type: string
|
|
directory:
|
|
description: Directory holds path/directory specific options
|
|
properties:
|
|
exclude:
|
|
description: Exclude contains a glob pattern to match
|
|
paths against that should be explicitly excluded
|
|
from being used during manifest generation
|
|
type: string
|
|
include:
|
|
description: Include contains a glob pattern to match
|
|
paths against that should be explicitly included
|
|
during manifest generation
|
|
type: string
|
|
jsonnet:
|
|
description: Jsonnet holds options specific to Jsonnet
|
|
properties:
|
|
extVars:
|
|
description: ExtVars is a list of Jsonnet External
|
|
Variables
|
|
items:
|
|
description: JsonnetVar represents a variable
|
|
to be passed to jsonnet during manifest generation
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
description: Additional library search dirs
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
description: TLAS is a list of Jsonnet Top-level
|
|
Arguments
|
|
items:
|
|
description: JsonnetVar represents a variable
|
|
to be passed to jsonnet during manifest generation
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
description: Recurse specifies whether to scan a directory
|
|
recursively for manifests
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
description: Helm holds helm specific options
|
|
properties:
|
|
fileParameters:
|
|
description: FileParameters are file parameters to
|
|
the helm template
|
|
items:
|
|
description: HelmFileParameter is a file parameter
|
|
that's passed to helm template during manifest
|
|
generation
|
|
properties:
|
|
name:
|
|
description: Name is the name of the Helm parameter
|
|
type: string
|
|
path:
|
|
description: Path is the path to the file containing
|
|
the values for the Helm parameter
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
description: IgnoreMissingValueFiles prevents helm
|
|
template from failing when valueFiles do not exist
|
|
locally by not appending them to helm template --values
|
|
type: boolean
|
|
parameters:
|
|
description: Parameters is a list of Helm parameters
|
|
which are passed to the helm template command upon
|
|
manifest generation
|
|
items:
|
|
description: HelmParameter is a parameter that's
|
|
passed to helm template during manifest generation
|
|
properties:
|
|
forceString:
|
|
description: ForceString determines whether
|
|
to tell Helm to interpret booleans and numbers
|
|
as strings
|
|
type: boolean
|
|
name:
|
|
description: Name is the name of the Helm parameter
|
|
type: string
|
|
value:
|
|
description: Value is the value for the Helm
|
|
parameter
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
description: PassCredentials pass credentials to all
|
|
domains (Helm's --pass-credentials)
|
|
type: boolean
|
|
releaseName:
|
|
description: ReleaseName is the Helm release name
|
|
to use. If omitted it will use the application name
|
|
type: string
|
|
skipCrds:
|
|
description: SkipCrds skips custom resource definition
|
|
installation step (Helm's --skip-crds)
|
|
type: boolean
|
|
valueFiles:
|
|
description: ValuesFiles is a list of Helm value files
|
|
to use when generating a template
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
description: Values specifies Helm values to be passed
|
|
to helm template, typically defined as a block
|
|
type: string
|
|
version:
|
|
description: Version is the Helm version to use for
|
|
templating ("3")
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
description: Kustomize holds kustomize specific options
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
description: CommonAnnotations is a list of additional
|
|
annotations to add to rendered manifests
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: CommonLabels is a list of additional
|
|
labels to add to rendered manifests
|
|
type: object
|
|
forceCommonAnnotations:
|
|
description: ForceCommonAnnotations specifies whether
|
|
to force applying common annotations to resources
|
|
for Kustomize apps
|
|
type: boolean
|
|
forceCommonLabels:
|
|
description: ForceCommonLabels specifies whether to
|
|
force applying common labels to resources for Kustomize
|
|
apps
|
|
type: boolean
|
|
images:
|
|
description: Images is a list of Kustomize image override
|
|
specifications
|
|
items:
|
|
description: KustomizeImage represents a Kustomize
|
|
image definition in the format [old_image_name=]<image_name>:<image_tag>
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
description: NamePrefix is a prefix appended to resources
|
|
for Kustomize apps
|
|
type: string
|
|
nameSuffix:
|
|
description: NameSuffix is a suffix appended to resources
|
|
for Kustomize apps
|
|
type: string
|
|
version:
|
|
description: Version controls which version of Kustomize
|
|
to use for rendering manifests
|
|
type: string
|
|
type: object
|
|
path:
|
|
description: Path is a directory path within the Git repository,
|
|
and is only valid for applications sourced from Git.
|
|
type: string
|
|
plugin:
|
|
description: Plugin holds config management plugin specific
|
|
options
|
|
properties:
|
|
env:
|
|
description: Env is a list of environment variable
|
|
entries
|
|
items:
|
|
description: EnvEntry represents an entry in the
|
|
application's environment
|
|
properties:
|
|
name:
|
|
description: Name is the name of the variable,
|
|
usually expressed in uppercase
|
|
type: string
|
|
value:
|
|
description: Value is the value of the variable
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
description: RepoURL is the URL to the repository (Git
|
|
or Helm) that contains the application manifests
|
|
type: string
|
|
targetRevision:
|
|
description: TargetRevision defines the revision of the
|
|
source to sync the application to. In case of Git, this
|
|
can be commit, tag, or branch. If omitted, will equal
|
|
to HEAD. In case of Helm, this is a semver tag for the
|
|
Chart's version.
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
required:
|
|
- revision
|
|
type: object
|
|
required:
|
|
- operation
|
|
- phase
|
|
- startedAt
|
|
type: object
|
|
reconciledAt:
|
|
description: ReconciledAt indicates when the application state was
|
|
reconciled using the latest git version
|
|
format: date-time
|
|
type: string
|
|
resourceHealthSource:
|
|
description: 'ResourceHealthSource indicates where the resource health
|
|
status is stored: inline if not set or appTree'
|
|
type: string
|
|
resources:
|
|
description: Resources is a list of Kubernetes resources managed by
|
|
this application
|
|
items:
|
|
description: 'ResourceStatus holds the current sync and health status
|
|
of a resource TODO: describe members of this type'
|
|
properties:
|
|
group:
|
|
type: string
|
|
health:
|
|
description: HealthStatus contains information about the currently
|
|
observed health state of an application or resource
|
|
properties:
|
|
message:
|
|
description: Message is a human-readable informational message
|
|
describing the health status
|
|
type: string
|
|
status:
|
|
description: Status holds the status code of the application
|
|
or resource
|
|
type: string
|
|
type: object
|
|
hook:
|
|
type: boolean
|
|
kind:
|
|
type: string
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
requiresPruning:
|
|
type: boolean
|
|
status:
|
|
description: SyncStatusCode is a type which represents possible
|
|
comparison results
|
|
type: string
|
|
syncWave:
|
|
format: int64
|
|
type: integer
|
|
version:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
sourceType:
|
|
description: SourceType specifies the type of this application
|
|
type: string
|
|
summary:
|
|
description: Summary contains a list of URLs and container images
|
|
used by this application
|
|
properties:
|
|
externalURLs:
|
|
description: ExternalURLs holds all external URLs of application
|
|
child resources.
|
|
items:
|
|
type: string
|
|
type: array
|
|
images:
|
|
description: Images holds all images of application child resources.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
sync:
|
|
description: Sync contains information about the application's current
|
|
sync status
|
|
properties:
|
|
comparedTo:
|
|
description: ComparedTo contains information about what has been
|
|
compared
|
|
properties:
|
|
destination:
|
|
description: Destination is a reference to the application's
|
|
destination used for comparison
|
|
properties:
|
|
name:
|
|
description: Name is an alternate way of specifying the
|
|
target cluster by its symbolic name
|
|
type: string
|
|
namespace:
|
|
description: Namespace specifies the target namespace
|
|
for the application's resources. The namespace will
|
|
only be set for namespace-scoped resources that have
|
|
not set a value for .metadata.namespace
|
|
type: string
|
|
server:
|
|
description: Server specifies the URL of the target cluster
|
|
and must be set to the Kubernetes control plane API
|
|
type: string
|
|
type: object
|
|
source:
|
|
description: Source is a reference to the application's source
|
|
used for comparison
|
|
properties:
|
|
chart:
|
|
description: Chart is a Helm chart name, and must be specified
|
|
for applications sourced from a Helm repo.
|
|
type: string
|
|
directory:
|
|
description: Directory holds path/directory specific options
|
|
properties:
|
|
exclude:
|
|
description: Exclude contains a glob pattern to match
|
|
paths against that should be explicitly excluded
|
|
from being used during manifest generation
|
|
type: string
|
|
include:
|
|
description: Include contains a glob pattern to match
|
|
paths against that should be explicitly included
|
|
during manifest generation
|
|
type: string
|
|
jsonnet:
|
|
description: Jsonnet holds options specific to Jsonnet
|
|
properties:
|
|
extVars:
|
|
description: ExtVars is a list of Jsonnet External
|
|
Variables
|
|
items:
|
|
description: JsonnetVar represents a variable
|
|
to be passed to jsonnet during manifest generation
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
description: Additional library search dirs
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
description: TLAS is a list of Jsonnet Top-level
|
|
Arguments
|
|
items:
|
|
description: JsonnetVar represents a variable
|
|
to be passed to jsonnet during manifest generation
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
description: Recurse specifies whether to scan a directory
|
|
recursively for manifests
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
description: Helm holds helm specific options
|
|
properties:
|
|
fileParameters:
|
|
description: FileParameters are file parameters to
|
|
the helm template
|
|
items:
|
|
description: HelmFileParameter is a file parameter
|
|
that's passed to helm template during manifest
|
|
generation
|
|
properties:
|
|
name:
|
|
description: Name is the name of the Helm parameter
|
|
type: string
|
|
path:
|
|
description: Path is the path to the file containing
|
|
the values for the Helm parameter
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
description: IgnoreMissingValueFiles prevents helm
|
|
template from failing when valueFiles do not exist
|
|
locally by not appending them to helm template --values
|
|
type: boolean
|
|
parameters:
|
|
description: Parameters is a list of Helm parameters
|
|
which are passed to the helm template command upon
|
|
manifest generation
|
|
items:
|
|
description: HelmParameter is a parameter that's
|
|
passed to helm template during manifest generation
|
|
properties:
|
|
forceString:
|
|
description: ForceString determines whether
|
|
to tell Helm to interpret booleans and numbers
|
|
as strings
|
|
type: boolean
|
|
name:
|
|
description: Name is the name of the Helm parameter
|
|
type: string
|
|
value:
|
|
description: Value is the value for the Helm
|
|
parameter
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
description: PassCredentials pass credentials to all
|
|
domains (Helm's --pass-credentials)
|
|
type: boolean
|
|
releaseName:
|
|
description: ReleaseName is the Helm release name
|
|
to use. If omitted it will use the application name
|
|
type: string
|
|
skipCrds:
|
|
description: SkipCrds skips custom resource definition
|
|
installation step (Helm's --skip-crds)
|
|
type: boolean
|
|
valueFiles:
|
|
description: ValuesFiles is a list of Helm value files
|
|
to use when generating a template
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
description: Values specifies Helm values to be passed
|
|
to helm template, typically defined as a block
|
|
type: string
|
|
version:
|
|
description: Version is the Helm version to use for
|
|
templating ("3")
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
description: Kustomize holds kustomize specific options
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
description: CommonAnnotations is a list of additional
|
|
annotations to add to rendered manifests
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: CommonLabels is a list of additional
|
|
labels to add to rendered manifests
|
|
type: object
|
|
forceCommonAnnotations:
|
|
description: ForceCommonAnnotations specifies whether
|
|
to force applying common annotations to resources
|
|
for Kustomize apps
|
|
type: boolean
|
|
forceCommonLabels:
|
|
description: ForceCommonLabels specifies whether to
|
|
force applying common labels to resources for Kustomize
|
|
apps
|
|
type: boolean
|
|
images:
|
|
description: Images is a list of Kustomize image override
|
|
specifications
|
|
items:
|
|
description: KustomizeImage represents a Kustomize
|
|
image definition in the format [old_image_name=]<image_name>:<image_tag>
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
description: NamePrefix is a prefix appended to resources
|
|
for Kustomize apps
|
|
type: string
|
|
nameSuffix:
|
|
description: NameSuffix is a suffix appended to resources
|
|
for Kustomize apps
|
|
type: string
|
|
version:
|
|
description: Version controls which version of Kustomize
|
|
to use for rendering manifests
|
|
type: string
|
|
type: object
|
|
path:
|
|
description: Path is a directory path within the Git repository,
|
|
and is only valid for applications sourced from Git.
|
|
type: string
|
|
plugin:
|
|
description: Plugin holds config management plugin specific
|
|
options
|
|
properties:
|
|
env:
|
|
description: Env is a list of environment variable
|
|
entries
|
|
items:
|
|
description: EnvEntry represents an entry in the
|
|
application's environment
|
|
properties:
|
|
name:
|
|
description: Name is the name of the variable,
|
|
usually expressed in uppercase
|
|
type: string
|
|
value:
|
|
description: Value is the value of the variable
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
description: RepoURL is the URL to the repository (Git
|
|
or Helm) that contains the application manifests
|
|
type: string
|
|
targetRevision:
|
|
description: TargetRevision defines the revision of the
|
|
source to sync the application to. In case of Git, this
|
|
can be commit, tag, or branch. If omitted, will equal
|
|
to HEAD. In case of Helm, this is a semver tag for the
|
|
Chart's version.
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
required:
|
|
- destination
|
|
- source
|
|
type: object
|
|
revision:
|
|
description: Revision contains information about the revision
|
|
the comparison has been performed to
|
|
type: string
|
|
status:
|
|
description: Status is the sync state of the comparison
|
|
type: string
|
|
required:
|
|
- status
|
|
type: object
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources: {}
|
|
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: applicationsets.argoproj.io
|
|
app.kubernetes.io/part-of: argocd
|
|
name: applicationsets.argoproj.io
|
|
spec:
|
|
group: argoproj.io
|
|
names:
|
|
kind: ApplicationSet
|
|
listKind: ApplicationSetList
|
|
plural: applicationsets
|
|
shortNames:
|
|
- appset
|
|
- appsets
|
|
singular: applicationset
|
|
scope: Namespaced
|
|
versions:
|
|
- name: v1alpha1
|
|
schema:
|
|
openAPIV3Schema:
|
|
properties:
|
|
apiVersion:
|
|
type: string
|
|
kind:
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
generators:
|
|
items:
|
|
properties:
|
|
clusterDecisionResource:
|
|
properties:
|
|
configMapRef:
|
|
type: string
|
|
labelSelector:
|
|
properties:
|
|
matchExpressions:
|
|
items:
|
|
properties:
|
|
key:
|
|
type: string
|
|
operator:
|
|
type: string
|
|
values:
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- key
|
|
- operator
|
|
type: object
|
|
type: array
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
name:
|
|
type: string
|
|
requeueAfterSeconds:
|
|
format: int64
|
|
type: integer
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
values:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
required:
|
|
- configMapRef
|
|
type: object
|
|
clusters:
|
|
properties:
|
|
selector:
|
|
properties:
|
|
matchExpressions:
|
|
items:
|
|
properties:
|
|
key:
|
|
type: string
|
|
operator:
|
|
type: string
|
|
values:
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- key
|
|
- operator
|
|
type: object
|
|
type: array
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
values:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
git:
|
|
properties:
|
|
directories:
|
|
items:
|
|
properties:
|
|
exclude:
|
|
type: boolean
|
|
path:
|
|
type: string
|
|
required:
|
|
- path
|
|
type: object
|
|
type: array
|
|
files:
|
|
items:
|
|
properties:
|
|
path:
|
|
type: string
|
|
required:
|
|
- path
|
|
type: object
|
|
type: array
|
|
repoURL:
|
|
type: string
|
|
requeueAfterSeconds:
|
|
format: int64
|
|
type: integer
|
|
revision:
|
|
type: string
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
required:
|
|
- repoURL
|
|
- revision
|
|
type: object
|
|
list:
|
|
properties:
|
|
elements:
|
|
items:
|
|
x-kubernetes-preserve-unknown-fields: true
|
|
type: array
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
required:
|
|
- elements
|
|
type: object
|
|
matrix:
|
|
properties:
|
|
generators:
|
|
items:
|
|
properties:
|
|
clusterDecisionResource:
|
|
properties:
|
|
configMapRef:
|
|
type: string
|
|
labelSelector:
|
|
properties:
|
|
matchExpressions:
|
|
items:
|
|
properties:
|
|
key:
|
|
type: string
|
|
operator:
|
|
type: string
|
|
values:
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- key
|
|
- operator
|
|
type: object
|
|
type: array
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
name:
|
|
type: string
|
|
requeueAfterSeconds:
|
|
format: int64
|
|
type: integer
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
values:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
required:
|
|
- configMapRef
|
|
type: object
|
|
clusters:
|
|
properties:
|
|
selector:
|
|
properties:
|
|
matchExpressions:
|
|
items:
|
|
properties:
|
|
key:
|
|
type: string
|
|
operator:
|
|
type: string
|
|
values:
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- key
|
|
- operator
|
|
type: object
|
|
type: array
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
values:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
git:
|
|
properties:
|
|
directories:
|
|
items:
|
|
properties:
|
|
exclude:
|
|
type: boolean
|
|
path:
|
|
type: string
|
|
required:
|
|
- path
|
|
type: object
|
|
type: array
|
|
files:
|
|
items:
|
|
properties:
|
|
path:
|
|
type: string
|
|
required:
|
|
- path
|
|
type: object
|
|
type: array
|
|
repoURL:
|
|
type: string
|
|
requeueAfterSeconds:
|
|
format: int64
|
|
type: integer
|
|
revision:
|
|
type: string
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
required:
|
|
- repoURL
|
|
- revision
|
|
type: object
|
|
list:
|
|
properties:
|
|
elements:
|
|
items:
|
|
x-kubernetes-preserve-unknown-fields: true
|
|
type: array
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
required:
|
|
- elements
|
|
type: object
|
|
matrix:
|
|
x-kubernetes-preserve-unknown-fields: true
|
|
merge:
|
|
x-kubernetes-preserve-unknown-fields: true
|
|
pullRequest:
|
|
properties:
|
|
bitbucketServer:
|
|
properties:
|
|
api:
|
|
type: string
|
|
basicAuth:
|
|
properties:
|
|
passwordRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
username:
|
|
type: string
|
|
required:
|
|
- passwordRef
|
|
- username
|
|
type: object
|
|
project:
|
|
type: string
|
|
repo:
|
|
type: string
|
|
required:
|
|
- api
|
|
- project
|
|
- repo
|
|
type: object
|
|
filters:
|
|
items:
|
|
properties:
|
|
branchMatch:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
gitea:
|
|
properties:
|
|
api:
|
|
type: string
|
|
insecure:
|
|
type: boolean
|
|
owner:
|
|
type: string
|
|
repo:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- api
|
|
- owner
|
|
- repo
|
|
type: object
|
|
github:
|
|
properties:
|
|
api:
|
|
type: string
|
|
appSecretName:
|
|
type: string
|
|
labels:
|
|
items:
|
|
type: string
|
|
type: array
|
|
owner:
|
|
type: string
|
|
repo:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- owner
|
|
- repo
|
|
type: object
|
|
gitlab:
|
|
properties:
|
|
api:
|
|
type: string
|
|
labels:
|
|
items:
|
|
type: string
|
|
type: array
|
|
project:
|
|
type: string
|
|
pullRequestState:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- project
|
|
type: object
|
|
requeueAfterSeconds:
|
|
format: int64
|
|
type: integer
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
type: object
|
|
scmProvider:
|
|
properties:
|
|
azureDevOps:
|
|
properties:
|
|
accessTokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
organization:
|
|
type: string
|
|
teamProject:
|
|
type: string
|
|
required:
|
|
- accessTokenRef
|
|
- organization
|
|
- teamProject
|
|
type: object
|
|
bitbucket:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
appPasswordRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
owner:
|
|
type: string
|
|
user:
|
|
type: string
|
|
required:
|
|
- appPasswordRef
|
|
- owner
|
|
- user
|
|
type: object
|
|
bitbucketServer:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
basicAuth:
|
|
properties:
|
|
passwordRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
username:
|
|
type: string
|
|
required:
|
|
- passwordRef
|
|
- username
|
|
type: object
|
|
project:
|
|
type: string
|
|
required:
|
|
- api
|
|
- project
|
|
type: object
|
|
cloneProtocol:
|
|
type: string
|
|
filters:
|
|
items:
|
|
properties:
|
|
branchMatch:
|
|
type: string
|
|
labelMatch:
|
|
type: string
|
|
pathsDoNotExist:
|
|
items:
|
|
type: string
|
|
type: array
|
|
pathsExist:
|
|
items:
|
|
type: string
|
|
type: array
|
|
repositoryMatch:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
gitea:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
insecure:
|
|
type: boolean
|
|
owner:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- api
|
|
- owner
|
|
type: object
|
|
github:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
appSecretName:
|
|
type: string
|
|
organization:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- organization
|
|
type: object
|
|
gitlab:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
group:
|
|
type: string
|
|
includeSubgroups:
|
|
type: boolean
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- group
|
|
type: object
|
|
requeueAfterSeconds:
|
|
format: int64
|
|
type: integer
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
type: object
|
|
selector:
|
|
properties:
|
|
matchExpressions:
|
|
items:
|
|
properties:
|
|
key:
|
|
type: string
|
|
operator:
|
|
type: string
|
|
values:
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- key
|
|
- operator
|
|
type: object
|
|
type: array
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: array
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
required:
|
|
- generators
|
|
type: object
|
|
merge:
|
|
properties:
|
|
generators:
|
|
items:
|
|
properties:
|
|
clusterDecisionResource:
|
|
properties:
|
|
configMapRef:
|
|
type: string
|
|
labelSelector:
|
|
properties:
|
|
matchExpressions:
|
|
items:
|
|
properties:
|
|
key:
|
|
type: string
|
|
operator:
|
|
type: string
|
|
values:
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- key
|
|
- operator
|
|
type: object
|
|
type: array
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
name:
|
|
type: string
|
|
requeueAfterSeconds:
|
|
format: int64
|
|
type: integer
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
values:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
required:
|
|
- configMapRef
|
|
type: object
|
|
clusters:
|
|
properties:
|
|
selector:
|
|
properties:
|
|
matchExpressions:
|
|
items:
|
|
properties:
|
|
key:
|
|
type: string
|
|
operator:
|
|
type: string
|
|
values:
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- key
|
|
- operator
|
|
type: object
|
|
type: array
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
values:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
git:
|
|
properties:
|
|
directories:
|
|
items:
|
|
properties:
|
|
exclude:
|
|
type: boolean
|
|
path:
|
|
type: string
|
|
required:
|
|
- path
|
|
type: object
|
|
type: array
|
|
files:
|
|
items:
|
|
properties:
|
|
path:
|
|
type: string
|
|
required:
|
|
- path
|
|
type: object
|
|
type: array
|
|
repoURL:
|
|
type: string
|
|
requeueAfterSeconds:
|
|
format: int64
|
|
type: integer
|
|
revision:
|
|
type: string
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
required:
|
|
- repoURL
|
|
- revision
|
|
type: object
|
|
list:
|
|
properties:
|
|
elements:
|
|
items:
|
|
x-kubernetes-preserve-unknown-fields: true
|
|
type: array
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
required:
|
|
- elements
|
|
type: object
|
|
matrix:
|
|
x-kubernetes-preserve-unknown-fields: true
|
|
merge:
|
|
x-kubernetes-preserve-unknown-fields: true
|
|
pullRequest:
|
|
properties:
|
|
bitbucketServer:
|
|
properties:
|
|
api:
|
|
type: string
|
|
basicAuth:
|
|
properties:
|
|
passwordRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
username:
|
|
type: string
|
|
required:
|
|
- passwordRef
|
|
- username
|
|
type: object
|
|
project:
|
|
type: string
|
|
repo:
|
|
type: string
|
|
required:
|
|
- api
|
|
- project
|
|
- repo
|
|
type: object
|
|
filters:
|
|
items:
|
|
properties:
|
|
branchMatch:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
gitea:
|
|
properties:
|
|
api:
|
|
type: string
|
|
insecure:
|
|
type: boolean
|
|
owner:
|
|
type: string
|
|
repo:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- api
|
|
- owner
|
|
- repo
|
|
type: object
|
|
github:
|
|
properties:
|
|
api:
|
|
type: string
|
|
appSecretName:
|
|
type: string
|
|
labels:
|
|
items:
|
|
type: string
|
|
type: array
|
|
owner:
|
|
type: string
|
|
repo:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- owner
|
|
- repo
|
|
type: object
|
|
gitlab:
|
|
properties:
|
|
api:
|
|
type: string
|
|
labels:
|
|
items:
|
|
type: string
|
|
type: array
|
|
project:
|
|
type: string
|
|
pullRequestState:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- project
|
|
type: object
|
|
requeueAfterSeconds:
|
|
format: int64
|
|
type: integer
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
type: object
|
|
scmProvider:
|
|
properties:
|
|
azureDevOps:
|
|
properties:
|
|
accessTokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
organization:
|
|
type: string
|
|
teamProject:
|
|
type: string
|
|
required:
|
|
- accessTokenRef
|
|
- organization
|
|
- teamProject
|
|
type: object
|
|
bitbucket:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
appPasswordRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
owner:
|
|
type: string
|
|
user:
|
|
type: string
|
|
required:
|
|
- appPasswordRef
|
|
- owner
|
|
- user
|
|
type: object
|
|
bitbucketServer:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
basicAuth:
|
|
properties:
|
|
passwordRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
username:
|
|
type: string
|
|
required:
|
|
- passwordRef
|
|
- username
|
|
type: object
|
|
project:
|
|
type: string
|
|
required:
|
|
- api
|
|
- project
|
|
type: object
|
|
cloneProtocol:
|
|
type: string
|
|
filters:
|
|
items:
|
|
properties:
|
|
branchMatch:
|
|
type: string
|
|
labelMatch:
|
|
type: string
|
|
pathsDoNotExist:
|
|
items:
|
|
type: string
|
|
type: array
|
|
pathsExist:
|
|
items:
|
|
type: string
|
|
type: array
|
|
repositoryMatch:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
gitea:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
insecure:
|
|
type: boolean
|
|
owner:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- api
|
|
- owner
|
|
type: object
|
|
github:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
appSecretName:
|
|
type: string
|
|
organization:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- organization
|
|
type: object
|
|
gitlab:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
group:
|
|
type: string
|
|
includeSubgroups:
|
|
type: boolean
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- group
|
|
type: object
|
|
requeueAfterSeconds:
|
|
format: int64
|
|
type: integer
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
type: object
|
|
selector:
|
|
properties:
|
|
matchExpressions:
|
|
items:
|
|
properties:
|
|
key:
|
|
type: string
|
|
operator:
|
|
type: string
|
|
values:
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- key
|
|
- operator
|
|
type: object
|
|
type: array
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: array
|
|
mergeKeys:
|
|
items:
|
|
type: string
|
|
type: array
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
required:
|
|
- generators
|
|
- mergeKeys
|
|
type: object
|
|
pullRequest:
|
|
properties:
|
|
bitbucketServer:
|
|
properties:
|
|
api:
|
|
type: string
|
|
basicAuth:
|
|
properties:
|
|
passwordRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
username:
|
|
type: string
|
|
required:
|
|
- passwordRef
|
|
- username
|
|
type: object
|
|
project:
|
|
type: string
|
|
repo:
|
|
type: string
|
|
required:
|
|
- api
|
|
- project
|
|
- repo
|
|
type: object
|
|
filters:
|
|
items:
|
|
properties:
|
|
branchMatch:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
gitea:
|
|
properties:
|
|
api:
|
|
type: string
|
|
insecure:
|
|
type: boolean
|
|
owner:
|
|
type: string
|
|
repo:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- api
|
|
- owner
|
|
- repo
|
|
type: object
|
|
github:
|
|
properties:
|
|
api:
|
|
type: string
|
|
appSecretName:
|
|
type: string
|
|
labels:
|
|
items:
|
|
type: string
|
|
type: array
|
|
owner:
|
|
type: string
|
|
repo:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- owner
|
|
- repo
|
|
type: object
|
|
gitlab:
|
|
properties:
|
|
api:
|
|
type: string
|
|
labels:
|
|
items:
|
|
type: string
|
|
type: array
|
|
project:
|
|
type: string
|
|
pullRequestState:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- project
|
|
type: object
|
|
requeueAfterSeconds:
|
|
format: int64
|
|
type: integer
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
type: object
|
|
scmProvider:
|
|
properties:
|
|
azureDevOps:
|
|
properties:
|
|
accessTokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
organization:
|
|
type: string
|
|
teamProject:
|
|
type: string
|
|
required:
|
|
- accessTokenRef
|
|
- organization
|
|
- teamProject
|
|
type: object
|
|
bitbucket:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
appPasswordRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
owner:
|
|
type: string
|
|
user:
|
|
type: string
|
|
required:
|
|
- appPasswordRef
|
|
- owner
|
|
- user
|
|
type: object
|
|
bitbucketServer:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
basicAuth:
|
|
properties:
|
|
passwordRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
username:
|
|
type: string
|
|
required:
|
|
- passwordRef
|
|
- username
|
|
type: object
|
|
project:
|
|
type: string
|
|
required:
|
|
- api
|
|
- project
|
|
type: object
|
|
cloneProtocol:
|
|
type: string
|
|
filters:
|
|
items:
|
|
properties:
|
|
branchMatch:
|
|
type: string
|
|
labelMatch:
|
|
type: string
|
|
pathsDoNotExist:
|
|
items:
|
|
type: string
|
|
type: array
|
|
pathsExist:
|
|
items:
|
|
type: string
|
|
type: array
|
|
repositoryMatch:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
gitea:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
insecure:
|
|
type: boolean
|
|
owner:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- api
|
|
- owner
|
|
type: object
|
|
github:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
appSecretName:
|
|
type: string
|
|
organization:
|
|
type: string
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- organization
|
|
type: object
|
|
gitlab:
|
|
properties:
|
|
allBranches:
|
|
type: boolean
|
|
api:
|
|
type: string
|
|
group:
|
|
type: string
|
|
includeSubgroups:
|
|
type: boolean
|
|
tokenRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
secretName:
|
|
type: string
|
|
required:
|
|
- key
|
|
- secretName
|
|
type: object
|
|
required:
|
|
- group
|
|
type: object
|
|
requeueAfterSeconds:
|
|
format: int64
|
|
type: integer
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
type: object
|
|
selector:
|
|
properties:
|
|
matchExpressions:
|
|
items:
|
|
properties:
|
|
key:
|
|
type: string
|
|
operator:
|
|
type: string
|
|
values:
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- key
|
|
- operator
|
|
type: object
|
|
type: array
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: array
|
|
goTemplate:
|
|
type: boolean
|
|
syncPolicy:
|
|
properties:
|
|
preserveResourcesOnDeletion:
|
|
type: boolean
|
|
type: object
|
|
template:
|
|
properties:
|
|
metadata:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
finalizers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
type: object
|
|
spec:
|
|
properties:
|
|
destination:
|
|
properties:
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
server:
|
|
type: string
|
|
type: object
|
|
ignoreDifferences:
|
|
items:
|
|
properties:
|
|
group:
|
|
type: string
|
|
jqPathExpressions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
jsonPointers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
kind:
|
|
type: string
|
|
managedFieldsManagers:
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
type: string
|
|
namespace:
|
|
type: string
|
|
required:
|
|
- kind
|
|
type: object
|
|
type: array
|
|
info:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
project:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int64
|
|
type: integer
|
|
source:
|
|
properties:
|
|
chart:
|
|
type: string
|
|
directory:
|
|
properties:
|
|
exclude:
|
|
type: string
|
|
include:
|
|
type: string
|
|
jsonnet:
|
|
properties:
|
|
extVars:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
libs:
|
|
items:
|
|
type: string
|
|
type: array
|
|
tlas:
|
|
items:
|
|
properties:
|
|
code:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
type: object
|
|
recurse:
|
|
type: boolean
|
|
type: object
|
|
helm:
|
|
properties:
|
|
fileParameters:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
ignoreMissingValueFiles:
|
|
type: boolean
|
|
parameters:
|
|
items:
|
|
properties:
|
|
forceString:
|
|
type: boolean
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
passCredentials:
|
|
type: boolean
|
|
releaseName:
|
|
type: string
|
|
skipCrds:
|
|
type: boolean
|
|
valueFiles:
|
|
items:
|
|
type: string
|
|
type: array
|
|
values:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
kustomize:
|
|
properties:
|
|
commonAnnotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
commonLabels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
forceCommonAnnotations:
|
|
type: boolean
|
|
forceCommonLabels:
|
|
type: boolean
|
|
images:
|
|
items:
|
|
type: string
|
|
type: array
|
|
namePrefix:
|
|
type: string
|
|
nameSuffix:
|
|
type: string
|
|
version:
|
|
type: string
|
|
type: object
|
|
path:
|
|
type: string
|
|
plugin:
|
|
properties:
|
|
env:
|
|
items:
|
|
properties:
|
|
name:
|
|
type: string
|
|
value:
|
|
type: string
|
|
required:
|
|
- name
|
|
- value
|
|
type: object
|
|
type: array
|
|
name:
|
|
type: string
|
|
type: object
|
|
repoURL:
|
|
type: string
|
|
targetRevision:
|
|
type: string
|
|
required:
|
|
- repoURL
|
|
type: object
|
|
syncPolicy:
|
|
properties:
|
|
automated:
|
|
properties:
|
|
allowEmpty:
|
|
type: boolean
|
|
prune:
|
|
type: boolean
|
|
selfHeal:
|
|
type: boolean
|
|
type: object
|
|
retry:
|
|
properties:
|
|
backoff:
|
|
properties:
|
|
duration:
|
|
type: string
|
|
factor:
|
|
format: int64
|
|
type: integer
|
|
maxDuration:
|
|
type: string
|
|
type: object
|
|
limit:
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
syncOptions:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
required:
|
|
- destination
|
|
- project
|
|
- source
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
required:
|
|
- generators
|
|
- template
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
properties:
|
|
lastTransitionTime:
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
type: string
|
|
reason:
|
|
type: string
|
|
status:
|
|
type: string
|
|
type:
|
|
type: string
|
|
required:
|
|
- message
|
|
- reason
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: appprojects.argoproj.io
|
|
app.kubernetes.io/part-of: argocd
|
|
name: appprojects.argoproj.io
|
|
spec:
|
|
group: argoproj.io
|
|
names:
|
|
kind: AppProject
|
|
listKind: AppProjectList
|
|
plural: appprojects
|
|
shortNames:
|
|
- appproj
|
|
- appprojs
|
|
singular: appproject
|
|
scope: Namespaced
|
|
versions:
|
|
- name: v1alpha1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: 'AppProject provides a logical grouping of applications, providing
|
|
controls for: * where the apps may deploy to (cluster whitelist) * what
|
|
may be deployed (repository whitelist, resource whitelist/blacklist) * who
|
|
can access these applications (roles, OIDC group claims bindings) * and
|
|
what they can do (RBAC policies) * automation access to these roles (JWT
|
|
tokens)'
|
|
properties:
|
|
apiVersion:
|
|
description: 'APIVersion defines the versioned schema of this representation
|
|
of an object. Servers should convert recognized schemas to the latest
|
|
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
type: string
|
|
kind:
|
|
description: 'Kind is a string value representing the REST resource this
|
|
object represents. Servers may infer this from the endpoint the client
|
|
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: AppProjectSpec is the specification of an AppProject
|
|
properties:
|
|
clusterResourceBlacklist:
|
|
description: ClusterResourceBlacklist contains list of blacklisted
|
|
cluster level resources
|
|
items:
|
|
description: GroupKind specifies a Group and a Kind, but does not
|
|
force a version. This is useful for identifying concepts during
|
|
lookup stages without having partially valid types
|
|
properties:
|
|
group:
|
|
type: string
|
|
kind:
|
|
type: string
|
|
required:
|
|
- group
|
|
- kind
|
|
type: object
|
|
type: array
|
|
clusterResourceWhitelist:
|
|
description: ClusterResourceWhitelist contains list of whitelisted
|
|
cluster level resources
|
|
items:
|
|
description: GroupKind specifies a Group and a Kind, but does not
|
|
force a version. This is useful for identifying concepts during
|
|
lookup stages without having partially valid types
|
|
properties:
|
|
group:
|
|
type: string
|
|
kind:
|
|
type: string
|
|
required:
|
|
- group
|
|
- kind
|
|
type: object
|
|
type: array
|
|
description:
|
|
description: Description contains optional project description
|
|
type: string
|
|
destinations:
|
|
description: Destinations contains list of destinations available
|
|
for deployment
|
|
items:
|
|
description: ApplicationDestination holds information about the
|
|
application's destination
|
|
properties:
|
|
name:
|
|
description: Name is an alternate way of specifying the target
|
|
cluster by its symbolic name
|
|
type: string
|
|
namespace:
|
|
description: Namespace specifies the target namespace for the
|
|
application's resources. The namespace will only be set for
|
|
namespace-scoped resources that have not set a value for .metadata.namespace
|
|
type: string
|
|
server:
|
|
description: Server specifies the URL of the target cluster
|
|
and must be set to the Kubernetes control plane API
|
|
type: string
|
|
type: object
|
|
type: array
|
|
namespaceResourceBlacklist:
|
|
description: NamespaceResourceBlacklist contains list of blacklisted
|
|
namespace level resources
|
|
items:
|
|
description: GroupKind specifies a Group and a Kind, but does not
|
|
force a version. This is useful for identifying concepts during
|
|
lookup stages without having partially valid types
|
|
properties:
|
|
group:
|
|
type: string
|
|
kind:
|
|
type: string
|
|
required:
|
|
- group
|
|
- kind
|
|
type: object
|
|
type: array
|
|
namespaceResourceWhitelist:
|
|
description: NamespaceResourceWhitelist contains list of whitelisted
|
|
namespace level resources
|
|
items:
|
|
description: GroupKind specifies a Group and a Kind, but does not
|
|
force a version. This is useful for identifying concepts during
|
|
lookup stages without having partially valid types
|
|
properties:
|
|
group:
|
|
type: string
|
|
kind:
|
|
type: string
|
|
required:
|
|
- group
|
|
- kind
|
|
type: object
|
|
type: array
|
|
orphanedResources:
|
|
description: OrphanedResources specifies if controller should monitor
|
|
orphaned resources of apps in this project
|
|
properties:
|
|
ignore:
|
|
description: Ignore contains a list of resources that are to be
|
|
excluded from orphaned resources monitoring
|
|
items:
|
|
description: OrphanedResourceKey is a reference to a resource
|
|
to be ignored from
|
|
properties:
|
|
group:
|
|
type: string
|
|
kind:
|
|
type: string
|
|
name:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
warn:
|
|
description: Warn indicates if warning condition should be created
|
|
for apps which have orphaned resources
|
|
type: boolean
|
|
type: object
|
|
permitOnlyProjectScopedClusters:
|
|
description: PermitOnlyProjectScopedClusters determines whether destinations
|
|
can only reference clusters which are project-scoped
|
|
type: boolean
|
|
roles:
|
|
description: Roles are user defined RBAC roles associated with this
|
|
project
|
|
items:
|
|
description: ProjectRole represents a role that has access to a
|
|
project
|
|
properties:
|
|
description:
|
|
description: Description is a description of the role
|
|
type: string
|
|
groups:
|
|
description: Groups are a list of OIDC group claims bound to
|
|
this role
|
|
items:
|
|
type: string
|
|
type: array
|
|
jwtTokens:
|
|
description: JWTTokens are a list of generated JWT tokens bound
|
|
to this role
|
|
items:
|
|
description: JWTToken holds the issuedAt and expiresAt values
|
|
of a token
|
|
properties:
|
|
exp:
|
|
format: int64
|
|
type: integer
|
|
iat:
|
|
format: int64
|
|
type: integer
|
|
id:
|
|
type: string
|
|
required:
|
|
- iat
|
|
type: object
|
|
type: array
|
|
name:
|
|
description: Name is a name for this role
|
|
type: string
|
|
policies:
|
|
description: Policies Stores a list of casbin formatted strings
|
|
that define access policies for the role in the project
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- name
|
|
type: object
|
|
type: array
|
|
signatureKeys:
|
|
description: SignatureKeys contains a list of PGP key IDs that commits
|
|
in Git must be signed with in order to be allowed for sync
|
|
items:
|
|
description: SignatureKey is the specification of a key required
|
|
to verify commit signatures with
|
|
properties:
|
|
keyID:
|
|
description: The ID of the key in hexadecimal notation
|
|
type: string
|
|
required:
|
|
- keyID
|
|
type: object
|
|
type: array
|
|
sourceNamespaces:
|
|
description: SourceNamespaces defines the namespaces application resources
|
|
are allowed to be created in
|
|
items:
|
|
type: string
|
|
type: array
|
|
sourceRepos:
|
|
description: SourceRepos contains list of repository URLs which can
|
|
be used for deployment
|
|
items:
|
|
type: string
|
|
type: array
|
|
syncWindows:
|
|
description: SyncWindows controls when syncs can be run for apps in
|
|
this project
|
|
items:
|
|
description: SyncWindow contains the kind, time, duration and attributes
|
|
that are used to assign the syncWindows to apps
|
|
properties:
|
|
applications:
|
|
description: Applications contains a list of applications that
|
|
the window will apply to
|
|
items:
|
|
type: string
|
|
type: array
|
|
clusters:
|
|
description: Clusters contains a list of clusters that the window
|
|
will apply to
|
|
items:
|
|
type: string
|
|
type: array
|
|
duration:
|
|
description: Duration is the amount of time the sync window
|
|
will be open
|
|
type: string
|
|
kind:
|
|
description: Kind defines if the window allows or blocks syncs
|
|
type: string
|
|
manualSync:
|
|
description: ManualSync enables manual syncs when they would
|
|
otherwise be blocked
|
|
type: boolean
|
|
namespaces:
|
|
description: Namespaces contains a list of namespaces that the
|
|
window will apply to
|
|
items:
|
|
type: string
|
|
type: array
|
|
schedule:
|
|
description: Schedule is the time the window will begin, specified
|
|
in cron format
|
|
type: string
|
|
timeZone:
|
|
description: TimeZone of the sync that will be applied to the
|
|
schedule
|
|
type: string
|
|
type: object
|
|
type: array
|
|
type: object
|
|
status:
|
|
description: AppProjectStatus contains status information for AppProject
|
|
CRs
|
|
properties:
|
|
jwtTokensByRole:
|
|
additionalProperties:
|
|
description: JWTTokens represents a list of JWT tokens
|
|
properties:
|
|
items:
|
|
items:
|
|
description: JWTToken holds the issuedAt and expiresAt values
|
|
of a token
|
|
properties:
|
|
exp:
|
|
format: int64
|
|
type: integer
|
|
iat:
|
|
format: int64
|
|
type: integer
|
|
id:
|
|
type: string
|
|
required:
|
|
- iat
|
|
type: object
|
|
type: array
|
|
type: object
|
|
description: JWTTokensByRole contains a list of JWT tokens issued
|
|
for a given role
|
|
type: object
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: application-controller
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-application-controller
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: controller
|
|
app.kubernetes.io/name: argocd-applicationset-controller
|
|
app.kubernetes.io/part-of: argocd-applicationset
|
|
name: argocd-applicationset-controller
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: dex-server
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-dex-server
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: notifications-controller
|
|
app.kubernetes.io/name: argocd-notifications-controller
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-notifications-controller
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha-haproxy
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: repo-server
|
|
app.kubernetes.io/name: argocd-repo-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-repo-server
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: server
|
|
app.kubernetes.io/name: argocd-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-server
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: application-controller
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-application-controller
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- secrets
|
|
- configmaps
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- argoproj.io
|
|
resources:
|
|
- applications
|
|
- appprojects
|
|
verbs:
|
|
- create
|
|
- get
|
|
- list
|
|
- watch
|
|
- update
|
|
- patch
|
|
- delete
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- events
|
|
verbs:
|
|
- create
|
|
- list
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: controller
|
|
app.kubernetes.io/name: argocd-applicationset-controller
|
|
app.kubernetes.io/part-of: argocd-applicationset
|
|
name: argocd-applicationset-controller
|
|
rules:
|
|
- apiGroups:
|
|
- argoproj.io
|
|
resources:
|
|
- applications
|
|
- applicationsets
|
|
- applicationsets/finalizers
|
|
verbs:
|
|
- create
|
|
- delete
|
|
- get
|
|
- list
|
|
- patch
|
|
- update
|
|
- watch
|
|
- apiGroups:
|
|
- argoproj.io
|
|
resources:
|
|
- appprojects
|
|
verbs:
|
|
- get
|
|
- apiGroups:
|
|
- argoproj.io
|
|
resources:
|
|
- applicationsets/status
|
|
verbs:
|
|
- get
|
|
- patch
|
|
- update
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- events
|
|
verbs:
|
|
- create
|
|
- get
|
|
- list
|
|
- patch
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- secrets
|
|
- configmaps
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- apps
|
|
- extensions
|
|
resources:
|
|
- deployments
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: dex-server
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-dex-server
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- secrets
|
|
- configmaps
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: argocd-notifications-controller
|
|
rules:
|
|
- apiGroups:
|
|
- argoproj.io
|
|
resources:
|
|
- applications
|
|
- appprojects
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- update
|
|
- patch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- configmaps
|
|
- secrets
|
|
verbs:
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resourceNames:
|
|
- argocd-notifications-cm
|
|
resources:
|
|
- configmaps
|
|
verbs:
|
|
- get
|
|
- apiGroups:
|
|
- ""
|
|
resourceNames:
|
|
- argocd-notifications-secret
|
|
resources:
|
|
- secrets
|
|
verbs:
|
|
- get
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- endpoints
|
|
verbs:
|
|
- get
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha-haproxy
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- endpoints
|
|
verbs:
|
|
- get
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: server
|
|
app.kubernetes.io/name: argocd-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-server
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- secrets
|
|
- configmaps
|
|
verbs:
|
|
- create
|
|
- get
|
|
- list
|
|
- watch
|
|
- update
|
|
- patch
|
|
- delete
|
|
- apiGroups:
|
|
- argoproj.io
|
|
resources:
|
|
- applications
|
|
- appprojects
|
|
- applicationsets
|
|
verbs:
|
|
- create
|
|
- get
|
|
- list
|
|
- watch
|
|
- update
|
|
- delete
|
|
- patch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- events
|
|
verbs:
|
|
- create
|
|
- list
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: application-controller
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-application-controller
|
|
rules:
|
|
- apiGroups:
|
|
- '*'
|
|
resources:
|
|
- '*'
|
|
verbs:
|
|
- '*'
|
|
- nonResourceURLs:
|
|
- '*'
|
|
verbs:
|
|
- '*'
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: server
|
|
app.kubernetes.io/name: argocd-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-server
|
|
rules:
|
|
- apiGroups:
|
|
- '*'
|
|
resources:
|
|
- '*'
|
|
verbs:
|
|
- delete
|
|
- get
|
|
- patch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- events
|
|
verbs:
|
|
- list
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- pods
|
|
- pods/log
|
|
verbs:
|
|
- get
|
|
- apiGroups:
|
|
- argoproj.io
|
|
resources:
|
|
- applications
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: application-controller
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-application-controller
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: argocd-application-controller
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: argocd-application-controller
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: controller
|
|
app.kubernetes.io/name: argocd-applicationset-controller
|
|
app.kubernetes.io/part-of: argocd-applicationset
|
|
name: argocd-applicationset-controller
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: argocd-applicationset-controller
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: argocd-applicationset-controller
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: dex-server
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-dex-server
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: argocd-dex-server
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: argocd-dex-server
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: argocd-notifications-controller
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: argocd-notifications-controller
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: argocd-notifications-controller
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: argocd-redis-ha
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: argocd-redis-ha
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha-haproxy
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: argocd-redis-ha-haproxy
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: argocd-redis-ha-haproxy
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: server
|
|
app.kubernetes.io/name: argocd-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-server
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: argocd-server
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: argocd-server
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: application-controller
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-application-controller
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: argocd-application-controller
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: argocd-application-controller
|
|
namespace: argocd
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: server
|
|
app.kubernetes.io/name: argocd-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-server
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: argocd-server
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: argocd-server
|
|
namespace: argocd
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-cm
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-cm
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-cmd-params-cm
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-cmd-params-cm
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-gpg-keys-cm
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-gpg-keys-cm
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: argocd-notifications-cm
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-rbac-cm
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-rbac-cm
|
|
---
|
|
apiVersion: v1
|
|
data:
|
|
fix-split-brain.sh: |
|
|
HOSTNAME="$(hostname)"
|
|
INDEX="${HOSTNAME##*-}"
|
|
SENTINEL_PORT=26379
|
|
ANNOUNCE_IP=''
|
|
MASTER=''
|
|
MASTER_GROUP="argocd"
|
|
QUORUM="2"
|
|
REDIS_CONF=/data/conf/redis.conf
|
|
REDIS_PORT=6379
|
|
REDIS_TLS_PORT=
|
|
SENTINEL_CONF=/data/conf/sentinel.conf
|
|
SENTINEL_TLS_PORT=
|
|
SERVICE=argocd-redis-ha
|
|
SENTINEL_TLS_REPLICATION_ENABLED=false
|
|
REDIS_TLS_REPLICATION_ENABLED=false
|
|
|
|
ROLE=''
|
|
REDIS_MASTER=''
|
|
|
|
set -eu
|
|
sentinel_get_master() {
|
|
set +e
|
|
if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel get-master-addr-by-name "${MASTER_GROUP}" |\
|
|
grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))'
|
|
else
|
|
redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel get-master-addr-by-name "${MASTER_GROUP}" |\
|
|
grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))'
|
|
fi
|
|
set -e
|
|
}
|
|
|
|
sentinel_get_master_retry() {
|
|
master=''
|
|
retry=${1}
|
|
sleep=3
|
|
for i in $(seq 1 "${retry}"); do
|
|
master=$(sentinel_get_master)
|
|
if [ -n "${master}" ]; then
|
|
break
|
|
fi
|
|
sleep $((sleep + i))
|
|
done
|
|
echo "${master}"
|
|
}
|
|
|
|
identify_master() {
|
|
echo "Identifying redis master (get-master-addr-by-name).."
|
|
echo " using sentinel (argocd-redis-ha), sentinel group name (argocd)"
|
|
MASTER="$(sentinel_get_master_retry 3)"
|
|
if [ -n "${MASTER}" ]; then
|
|
echo " $(date) Found redis master (${MASTER})"
|
|
else
|
|
echo " $(date) Did not find redis master (${MASTER})"
|
|
fi
|
|
}
|
|
|
|
sentinel_update() {
|
|
echo "Updating sentinel config.."
|
|
echo " evaluating sentinel id (\${SENTINEL_ID_${INDEX}})"
|
|
eval MY_SENTINEL_ID="\$SENTINEL_ID_${INDEX}"
|
|
echo " sentinel id (${MY_SENTINEL_ID}), sentinel grp (${MASTER_GROUP}), quorum (${QUORUM})"
|
|
sed -i "1s/^/sentinel myid ${MY_SENTINEL_ID}\\n/" "${SENTINEL_CONF}"
|
|
if [ "$SENTINEL_TLS_REPLICATION_ENABLED" = true ]; then
|
|
echo " redis master (${1}:${REDIS_TLS_PORT})"
|
|
sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_TLS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}"
|
|
else
|
|
echo " redis master (${1}:${REDIS_PORT})"
|
|
sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}"
|
|
fi
|
|
echo "sentinel announce-ip ${ANNOUNCE_IP}" >> ${SENTINEL_CONF}
|
|
if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
echo " announce (${ANNOUNCE_IP}:${SENTINEL_TLS_PORT})"
|
|
echo "sentinel announce-port ${SENTINEL_TLS_PORT}" >> ${SENTINEL_CONF}
|
|
else
|
|
echo " announce (${ANNOUNCE_IP}:${SENTINEL_PORT})"
|
|
echo "sentinel announce-port ${SENTINEL_PORT}" >> ${SENTINEL_CONF}
|
|
fi
|
|
}
|
|
|
|
redis_update() {
|
|
echo "Updating redis config.."
|
|
if [ "$REDIS_TLS_REPLICATION_ENABLED" = true ]; then
|
|
echo " we are slave of redis master (${1}:${REDIS_TLS_PORT})"
|
|
echo "slaveof ${1} ${REDIS_TLS_PORT}" >> "${REDIS_CONF}"
|
|
echo "slave-announce-port ${REDIS_TLS_PORT}" >> ${REDIS_CONF}
|
|
else
|
|
echo " we are slave of redis master (${1}:${REDIS_PORT})"
|
|
echo "slaveof ${1} ${REDIS_PORT}" >> "${REDIS_CONF}"
|
|
echo "slave-announce-port ${REDIS_PORT}" >> ${REDIS_CONF}
|
|
fi
|
|
echo "slave-announce-ip ${ANNOUNCE_IP}" >> ${REDIS_CONF}
|
|
}
|
|
|
|
copy_config() {
|
|
echo "Copying default redis config.."
|
|
echo " to '${REDIS_CONF}'"
|
|
cp /readonly-config/redis.conf "${REDIS_CONF}"
|
|
echo "Copying default sentinel config.."
|
|
echo " to '${SENTINEL_CONF}'"
|
|
cp /readonly-config/sentinel.conf "${SENTINEL_CONF}"
|
|
}
|
|
|
|
setup_defaults() {
|
|
echo "Setting up defaults.."
|
|
echo " using statefulset index (${INDEX})"
|
|
if [ "${INDEX}" = "0" ]; then
|
|
echo "Setting this pod as master for redis and sentinel.."
|
|
echo " using announce (${ANNOUNCE_IP})"
|
|
redis_update "${ANNOUNCE_IP}"
|
|
sentinel_update "${ANNOUNCE_IP}"
|
|
echo " make sure ${ANNOUNCE_IP} is not a slave (slaveof no one)"
|
|
sed -i "s/^.*slaveof.*//" "${REDIS_CONF}"
|
|
else
|
|
echo "Getting redis master ip.."
|
|
echo " blindly assuming (${SERVICE}-announce-0) or (${SERVICE}-server-0) are master"
|
|
DEFAULT_MASTER="$(getent_hosts 0 | awk '{ print $1 }')"
|
|
echo " identified redis (may be redis master) ip (${DEFAULT_MASTER})"
|
|
if [ -z "${DEFAULT_MASTER}" ]; then
|
|
echo "Error: Unable to resolve redis master (getent hosts)."
|
|
exit 1
|
|
fi
|
|
echo "Setting default slave config for redis and sentinel.."
|
|
echo " using master ip (${DEFAULT_MASTER})"
|
|
redis_update "${DEFAULT_MASTER}"
|
|
sentinel_update "${DEFAULT_MASTER}"
|
|
fi
|
|
}
|
|
|
|
redis_ping() {
|
|
set +e
|
|
if [ "$REDIS_PORT" -eq 0 ]; then
|
|
redis-cli -h "${MASTER}" -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key ping
|
|
else
|
|
redis-cli -h "${MASTER}" -p "${REDIS_PORT}" ping
|
|
fi
|
|
set -e
|
|
}
|
|
|
|
redis_ping_retry() {
|
|
ping=''
|
|
retry=${1}
|
|
sleep=3
|
|
for i in $(seq 1 "${retry}"); do
|
|
if [ "$(redis_ping)" = "PONG" ]; then
|
|
ping='PONG'
|
|
break
|
|
fi
|
|
sleep $((sleep + i))
|
|
MASTER=$(sentinel_get_master)
|
|
done
|
|
echo "${ping}"
|
|
}
|
|
|
|
find_master() {
|
|
echo "Verifying redis master.."
|
|
if [ "$REDIS_PORT" -eq 0 ]; then
|
|
echo " ping (${MASTER}:${REDIS_TLS_PORT})"
|
|
else
|
|
echo " ping (${MASTER}:${REDIS_PORT})"
|
|
fi
|
|
if [ "$(redis_ping_retry 3)" != "PONG" ]; then
|
|
echo " $(date) Can't ping redis master (${MASTER})"
|
|
echo "Attempting to force failover (sentinel failover).."
|
|
|
|
if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
echo " on sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
if redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then
|
|
echo " $(date) Failover returned with 'NOGOODSLAVE'"
|
|
echo "Setting defaults for this pod.."
|
|
setup_defaults
|
|
return 0
|
|
fi
|
|
else
|
|
echo " on sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
if redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then
|
|
echo " $(date) Failover returned with 'NOGOODSLAVE'"
|
|
echo "Setting defaults for this pod.."
|
|
setup_defaults
|
|
return 0
|
|
fi
|
|
fi
|
|
|
|
echo "Hold on for 10sec"
|
|
sleep 10
|
|
echo "We should get redis master's ip now. Asking (get-master-addr-by-name).."
|
|
if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
echo " sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
else
|
|
echo " sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
fi
|
|
MASTER="$(sentinel_get_master)"
|
|
if [ "${MASTER}" ]; then
|
|
echo " $(date) Found redis master (${MASTER})"
|
|
echo "Updating redis and sentinel config.."
|
|
sentinel_update "${MASTER}"
|
|
redis_update "${MASTER}"
|
|
else
|
|
echo "$(date) Error: Could not failover, exiting..."
|
|
exit 1
|
|
fi
|
|
else
|
|
echo " $(date) Found reachable redis master (${MASTER})"
|
|
echo "Updating redis and sentinel config.."
|
|
sentinel_update "${MASTER}"
|
|
redis_update "${MASTER}"
|
|
fi
|
|
}
|
|
|
|
redis_ro_update() {
|
|
echo "Updating read-only redis config.."
|
|
echo " redis.conf set 'replica-priority 0'"
|
|
echo "replica-priority 0" >> ${REDIS_CONF}
|
|
}
|
|
|
|
getent_hosts() {
|
|
index=${1:-${INDEX}}
|
|
service="${SERVICE}-announce-${index}"
|
|
pod="${SERVICE}-server-${index}"
|
|
host=$(getent hosts "${service}")
|
|
if [ -z "${host}" ]; then
|
|
host=$(getent hosts "${pod}")
|
|
fi
|
|
echo "${host}"
|
|
}
|
|
|
|
identify_announce_ip() {
|
|
echo "Identify announce ip for this pod.."
|
|
echo " using (${SERVICE}-announce-${INDEX}) or (${SERVICE}-server-${INDEX})"
|
|
ANNOUNCE_IP=$(getent_hosts | awk '{ print $1 }')
|
|
echo " identified announce (${ANNOUNCE_IP})"
|
|
}
|
|
|
|
redis_role() {
|
|
set +e
|
|
if [ "$REDIS_PORT" -eq 0 ]; then
|
|
ROLE=$(redis-cli -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key info | grep role | sed 's/role://' | sed 's/\r//')
|
|
else
|
|
ROLE=$(redis-cli -p "${REDIS_PORT}" info | grep role | sed 's/role://' | sed 's/\r//')
|
|
fi
|
|
set -e
|
|
}
|
|
|
|
identify_redis_master() {
|
|
set +e
|
|
if [ "$REDIS_PORT" -eq 0 ]; then
|
|
REDIS_MASTER=$(redis-cli -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key info | grep master_host | sed 's/master_host://' | sed 's/\r//')
|
|
else
|
|
REDIS_MASTER=$(redis-cli -p "${REDIS_PORT}" info | grep master_host | sed 's/master_host://' | sed 's/\r//')
|
|
fi
|
|
set -e
|
|
}
|
|
|
|
reinit() {
|
|
set +e
|
|
sh /readonly-config/init.sh
|
|
|
|
if [ "$REDIS_PORT" -eq 0 ]; then
|
|
echo "shutdown" | redis-cli -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key
|
|
else
|
|
echo "shutdown" | redis-cli -p "${REDIS_PORT}"
|
|
fi
|
|
set -e
|
|
}
|
|
|
|
identify_announce_ip
|
|
|
|
while true; do
|
|
sleep 60
|
|
|
|
# where is redis master
|
|
identify_master
|
|
|
|
if [ "$MASTER" == "$ANNOUNCE_IP" ]; then
|
|
redis_role
|
|
if [ "$ROLE" != "master" ]; then
|
|
reinit
|
|
fi
|
|
else
|
|
identify_redis_master
|
|
if [ "$REDIS_MASTER" != "$MASTER" ]; then
|
|
reinit
|
|
fi
|
|
fi
|
|
done
|
|
haproxy.cfg: |
|
|
defaults REDIS
|
|
mode tcp
|
|
timeout connect 4s
|
|
timeout server 6m
|
|
timeout client 6m
|
|
timeout check 2s
|
|
|
|
listen health_check_http_url
|
|
bind [::]:8888 v4v6
|
|
mode http
|
|
monitor-uri /healthz
|
|
option dontlognull
|
|
# Check Sentinel and whether they are nominated master
|
|
backend check_if_redis_is_master_0
|
|
mode tcp
|
|
option tcp-check
|
|
tcp-check connect
|
|
tcp-check send PING\r\n
|
|
tcp-check expect string +PONG
|
|
tcp-check send SENTINEL\ get-master-addr-by-name\ argocd\r\n
|
|
tcp-check expect string REPLACE_ANNOUNCE0
|
|
tcp-check send QUIT\r\n
|
|
tcp-check expect string +OK
|
|
server R0 argocd-redis-ha-announce-0:26379 check inter 3s
|
|
server R1 argocd-redis-ha-announce-1:26379 check inter 3s
|
|
server R2 argocd-redis-ha-announce-2:26379 check inter 3s
|
|
# Check Sentinel and whether they are nominated master
|
|
backend check_if_redis_is_master_1
|
|
mode tcp
|
|
option tcp-check
|
|
tcp-check connect
|
|
tcp-check send PING\r\n
|
|
tcp-check expect string +PONG
|
|
tcp-check send SENTINEL\ get-master-addr-by-name\ argocd\r\n
|
|
tcp-check expect string REPLACE_ANNOUNCE1
|
|
tcp-check send QUIT\r\n
|
|
tcp-check expect string +OK
|
|
server R0 argocd-redis-ha-announce-0:26379 check inter 3s
|
|
server R1 argocd-redis-ha-announce-1:26379 check inter 3s
|
|
server R2 argocd-redis-ha-announce-2:26379 check inter 3s
|
|
# Check Sentinel and whether they are nominated master
|
|
backend check_if_redis_is_master_2
|
|
mode tcp
|
|
option tcp-check
|
|
tcp-check connect
|
|
tcp-check send PING\r\n
|
|
tcp-check expect string +PONG
|
|
tcp-check send SENTINEL\ get-master-addr-by-name\ argocd\r\n
|
|
tcp-check expect string REPLACE_ANNOUNCE2
|
|
tcp-check send QUIT\r\n
|
|
tcp-check expect string +OK
|
|
server R0 argocd-redis-ha-announce-0:26379 check inter 3s
|
|
server R1 argocd-redis-ha-announce-1:26379 check inter 3s
|
|
server R2 argocd-redis-ha-announce-2:26379 check inter 3s
|
|
|
|
# decide redis backend to use
|
|
#master
|
|
frontend ft_redis_master
|
|
bind [::]:6379 v4v6
|
|
use_backend bk_redis_master
|
|
# Check all redis servers to see if they think they are master
|
|
backend bk_redis_master
|
|
mode tcp
|
|
option tcp-check
|
|
tcp-check connect
|
|
tcp-check send PING\r\n
|
|
tcp-check expect string +PONG
|
|
tcp-check send info\ replication\r\n
|
|
tcp-check expect string role:master
|
|
tcp-check send QUIT\r\n
|
|
tcp-check expect string +OK
|
|
use-server R0 if { srv_is_up(R0) } { nbsrv(check_if_redis_is_master_0) ge 2 }
|
|
server R0 argocd-redis-ha-announce-0:6379 check inter 3s fall 1 rise 1
|
|
use-server R1 if { srv_is_up(R1) } { nbsrv(check_if_redis_is_master_1) ge 2 }
|
|
server R1 argocd-redis-ha-announce-1:6379 check inter 3s fall 1 rise 1
|
|
use-server R2 if { srv_is_up(R2) } { nbsrv(check_if_redis_is_master_2) ge 2 }
|
|
server R2 argocd-redis-ha-announce-2:6379 check inter 3s fall 1 rise 1
|
|
haproxy_init.sh: |
|
|
HAPROXY_CONF=/data/haproxy.cfg
|
|
cp /readonly/haproxy.cfg "$HAPROXY_CONF"
|
|
for loop in $(seq 1 10); do
|
|
getent hosts argocd-redis-ha-announce-0 && break
|
|
echo "Waiting for service argocd-redis-ha-announce-0 to be ready ($loop) ..." && sleep 1
|
|
done
|
|
ANNOUNCE_IP0=$(getent hosts "argocd-redis-ha-announce-0" | awk '{ print $1 }')
|
|
if [ -z "$ANNOUNCE_IP0" ]; then
|
|
echo "Could not resolve the announce ip for argocd-redis-ha-announce-0"
|
|
exit 1
|
|
fi
|
|
sed -i "s/REPLACE_ANNOUNCE0/$ANNOUNCE_IP0/" "$HAPROXY_CONF"
|
|
for loop in $(seq 1 10); do
|
|
getent hosts argocd-redis-ha-announce-1 && break
|
|
echo "Waiting for service argocd-redis-ha-announce-1 to be ready ($loop) ..." && sleep 1
|
|
done
|
|
ANNOUNCE_IP1=$(getent hosts "argocd-redis-ha-announce-1" | awk '{ print $1 }')
|
|
if [ -z "$ANNOUNCE_IP1" ]; then
|
|
echo "Could not resolve the announce ip for argocd-redis-ha-announce-1"
|
|
exit 1
|
|
fi
|
|
sed -i "s/REPLACE_ANNOUNCE1/$ANNOUNCE_IP1/" "$HAPROXY_CONF"
|
|
for loop in $(seq 1 10); do
|
|
getent hosts argocd-redis-ha-announce-2 && break
|
|
echo "Waiting for service argocd-redis-ha-announce-2 to be ready ($loop) ..." && sleep 1
|
|
done
|
|
ANNOUNCE_IP2=$(getent hosts "argocd-redis-ha-announce-2" | awk '{ print $1 }')
|
|
if [ -z "$ANNOUNCE_IP2" ]; then
|
|
echo "Could not resolve the announce ip for argocd-redis-ha-announce-2"
|
|
exit 1
|
|
fi
|
|
sed -i "s/REPLACE_ANNOUNCE2/$ANNOUNCE_IP2/" "$HAPROXY_CONF"
|
|
init.sh: |
|
|
echo "$(date) Start..."
|
|
HOSTNAME="$(hostname)"
|
|
INDEX="${HOSTNAME##*-}"
|
|
SENTINEL_PORT=26379
|
|
ANNOUNCE_IP=''
|
|
MASTER=''
|
|
MASTER_GROUP="argocd"
|
|
QUORUM="2"
|
|
REDIS_CONF=/data/conf/redis.conf
|
|
REDIS_PORT=6379
|
|
REDIS_TLS_PORT=
|
|
SENTINEL_CONF=/data/conf/sentinel.conf
|
|
SENTINEL_TLS_PORT=
|
|
SERVICE=argocd-redis-ha
|
|
SENTINEL_TLS_REPLICATION_ENABLED=false
|
|
REDIS_TLS_REPLICATION_ENABLED=false
|
|
|
|
set -eu
|
|
sentinel_get_master() {
|
|
set +e
|
|
if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel get-master-addr-by-name "${MASTER_GROUP}" |\
|
|
grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))'
|
|
else
|
|
redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel get-master-addr-by-name "${MASTER_GROUP}" |\
|
|
grep -E '((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?s*$))'
|
|
fi
|
|
set -e
|
|
}
|
|
|
|
sentinel_get_master_retry() {
|
|
master=''
|
|
retry=${1}
|
|
sleep=3
|
|
for i in $(seq 1 "${retry}"); do
|
|
master=$(sentinel_get_master)
|
|
if [ -n "${master}" ]; then
|
|
break
|
|
fi
|
|
sleep $((sleep + i))
|
|
done
|
|
echo "${master}"
|
|
}
|
|
|
|
identify_master() {
|
|
echo "Identifying redis master (get-master-addr-by-name).."
|
|
echo " using sentinel (argocd-redis-ha), sentinel group name (argocd)"
|
|
MASTER="$(sentinel_get_master_retry 3)"
|
|
if [ -n "${MASTER}" ]; then
|
|
echo " $(date) Found redis master (${MASTER})"
|
|
else
|
|
echo " $(date) Did not find redis master (${MASTER})"
|
|
fi
|
|
}
|
|
|
|
sentinel_update() {
|
|
echo "Updating sentinel config.."
|
|
echo " evaluating sentinel id (\${SENTINEL_ID_${INDEX}})"
|
|
eval MY_SENTINEL_ID="\$SENTINEL_ID_${INDEX}"
|
|
echo " sentinel id (${MY_SENTINEL_ID}), sentinel grp (${MASTER_GROUP}), quorum (${QUORUM})"
|
|
sed -i "1s/^/sentinel myid ${MY_SENTINEL_ID}\\n/" "${SENTINEL_CONF}"
|
|
if [ "$SENTINEL_TLS_REPLICATION_ENABLED" = true ]; then
|
|
echo " redis master (${1}:${REDIS_TLS_PORT})"
|
|
sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_TLS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}"
|
|
else
|
|
echo " redis master (${1}:${REDIS_PORT})"
|
|
sed -i "2s/^/sentinel monitor ${MASTER_GROUP} ${1} ${REDIS_PORT} ${QUORUM} \\n/" "${SENTINEL_CONF}"
|
|
fi
|
|
echo "sentinel announce-ip ${ANNOUNCE_IP}" >> ${SENTINEL_CONF}
|
|
if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
echo " announce (${ANNOUNCE_IP}:${SENTINEL_TLS_PORT})"
|
|
echo "sentinel announce-port ${SENTINEL_TLS_PORT}" >> ${SENTINEL_CONF}
|
|
else
|
|
echo " announce (${ANNOUNCE_IP}:${SENTINEL_PORT})"
|
|
echo "sentinel announce-port ${SENTINEL_PORT}" >> ${SENTINEL_CONF}
|
|
fi
|
|
}
|
|
|
|
redis_update() {
|
|
echo "Updating redis config.."
|
|
if [ "$REDIS_TLS_REPLICATION_ENABLED" = true ]; then
|
|
echo " we are slave of redis master (${1}:${REDIS_TLS_PORT})"
|
|
echo "slaveof ${1} ${REDIS_TLS_PORT}" >> "${REDIS_CONF}"
|
|
echo "slave-announce-port ${REDIS_TLS_PORT}" >> ${REDIS_CONF}
|
|
else
|
|
echo " we are slave of redis master (${1}:${REDIS_PORT})"
|
|
echo "slaveof ${1} ${REDIS_PORT}" >> "${REDIS_CONF}"
|
|
echo "slave-announce-port ${REDIS_PORT}" >> ${REDIS_CONF}
|
|
fi
|
|
echo "slave-announce-ip ${ANNOUNCE_IP}" >> ${REDIS_CONF}
|
|
}
|
|
|
|
copy_config() {
|
|
echo "Copying default redis config.."
|
|
echo " to '${REDIS_CONF}'"
|
|
cp /readonly-config/redis.conf "${REDIS_CONF}"
|
|
echo "Copying default sentinel config.."
|
|
echo " to '${SENTINEL_CONF}'"
|
|
cp /readonly-config/sentinel.conf "${SENTINEL_CONF}"
|
|
}
|
|
|
|
setup_defaults() {
|
|
echo "Setting up defaults.."
|
|
echo " using statefulset index (${INDEX})"
|
|
if [ "${INDEX}" = "0" ]; then
|
|
echo "Setting this pod as master for redis and sentinel.."
|
|
echo " using announce (${ANNOUNCE_IP})"
|
|
redis_update "${ANNOUNCE_IP}"
|
|
sentinel_update "${ANNOUNCE_IP}"
|
|
echo " make sure ${ANNOUNCE_IP} is not a slave (slaveof no one)"
|
|
sed -i "s/^.*slaveof.*//" "${REDIS_CONF}"
|
|
else
|
|
echo "Getting redis master ip.."
|
|
echo " blindly assuming (${SERVICE}-announce-0) or (${SERVICE}-server-0) are master"
|
|
DEFAULT_MASTER="$(getent_hosts 0 | awk '{ print $1 }')"
|
|
echo " identified redis (may be redis master) ip (${DEFAULT_MASTER})"
|
|
if [ -z "${DEFAULT_MASTER}" ]; then
|
|
echo "Error: Unable to resolve redis master (getent hosts)."
|
|
exit 1
|
|
fi
|
|
echo "Setting default slave config for redis and sentinel.."
|
|
echo " using master ip (${DEFAULT_MASTER})"
|
|
redis_update "${DEFAULT_MASTER}"
|
|
sentinel_update "${DEFAULT_MASTER}"
|
|
fi
|
|
}
|
|
|
|
redis_ping() {
|
|
set +e
|
|
if [ "$REDIS_PORT" -eq 0 ]; then
|
|
redis-cli -h "${MASTER}" -p "${REDIS_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key ping
|
|
else
|
|
redis-cli -h "${MASTER}" -p "${REDIS_PORT}" ping
|
|
fi
|
|
set -e
|
|
}
|
|
|
|
redis_ping_retry() {
|
|
ping=''
|
|
retry=${1}
|
|
sleep=3
|
|
for i in $(seq 1 "${retry}"); do
|
|
if [ "$(redis_ping)" = "PONG" ]; then
|
|
ping='PONG'
|
|
break
|
|
fi
|
|
sleep $((sleep + i))
|
|
MASTER=$(sentinel_get_master)
|
|
done
|
|
echo "${ping}"
|
|
}
|
|
|
|
find_master() {
|
|
echo "Verifying redis master.."
|
|
if [ "$REDIS_PORT" -eq 0 ]; then
|
|
echo " ping (${MASTER}:${REDIS_TLS_PORT})"
|
|
else
|
|
echo " ping (${MASTER}:${REDIS_PORT})"
|
|
fi
|
|
if [ "$(redis_ping_retry 3)" != "PONG" ]; then
|
|
echo " $(date) Can't ping redis master (${MASTER})"
|
|
echo "Attempting to force failover (sentinel failover).."
|
|
|
|
if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
echo " on sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
if redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /tls-certs/ca.crt --cert /tls-certs/redis.crt --key /tls-certs/redis.key sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then
|
|
echo " $(date) Failover returned with 'NOGOODSLAVE'"
|
|
echo "Setting defaults for this pod.."
|
|
setup_defaults
|
|
return 0
|
|
fi
|
|
else
|
|
echo " on sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
if redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then
|
|
echo " $(date) Failover returned with 'NOGOODSLAVE'"
|
|
echo "Setting defaults for this pod.."
|
|
setup_defaults
|
|
return 0
|
|
fi
|
|
fi
|
|
|
|
echo "Hold on for 10sec"
|
|
sleep 10
|
|
echo "We should get redis master's ip now. Asking (get-master-addr-by-name).."
|
|
if [ "$SENTINEL_PORT" -eq 0 ]; then
|
|
echo " sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
else
|
|
echo " sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})"
|
|
fi
|
|
MASTER="$(sentinel_get_master)"
|
|
if [ "${MASTER}" ]; then
|
|
echo " $(date) Found redis master (${MASTER})"
|
|
echo "Updating redis and sentinel config.."
|
|
sentinel_update "${MASTER}"
|
|
redis_update "${MASTER}"
|
|
else
|
|
echo "$(date) Error: Could not failover, exiting..."
|
|
exit 1
|
|
fi
|
|
else
|
|
echo " $(date) Found reachable redis master (${MASTER})"
|
|
echo "Updating redis and sentinel config.."
|
|
sentinel_update "${MASTER}"
|
|
redis_update "${MASTER}"
|
|
fi
|
|
}
|
|
|
|
redis_ro_update() {
|
|
echo "Updating read-only redis config.."
|
|
echo " redis.conf set 'replica-priority 0'"
|
|
echo "replica-priority 0" >> ${REDIS_CONF}
|
|
}
|
|
|
|
getent_hosts() {
|
|
index=${1:-${INDEX}}
|
|
service="${SERVICE}-announce-${index}"
|
|
pod="${SERVICE}-server-${index}"
|
|
host=$(getent hosts "${service}")
|
|
if [ -z "${host}" ]; then
|
|
host=$(getent hosts "${pod}")
|
|
fi
|
|
echo "${host}"
|
|
}
|
|
|
|
identify_announce_ip() {
|
|
echo "Identify announce ip for this pod.."
|
|
echo " using (${SERVICE}-announce-${INDEX}) or (${SERVICE}-server-${INDEX})"
|
|
ANNOUNCE_IP=$(getent_hosts | awk '{ print $1 }')
|
|
echo " identified announce (${ANNOUNCE_IP})"
|
|
}
|
|
|
|
mkdir -p /data/conf/
|
|
|
|
echo "Initializing config.."
|
|
copy_config
|
|
|
|
# where is redis master
|
|
identify_master
|
|
|
|
identify_announce_ip
|
|
|
|
if [ -z "${ANNOUNCE_IP}" ]; then
|
|
"Error: Could not resolve the announce ip for this pod."
|
|
exit 1
|
|
elif [ "${MASTER}" ]; then
|
|
find_master
|
|
else
|
|
setup_defaults
|
|
fi
|
|
|
|
if [ "${AUTH:-}" ]; then
|
|
echo "Setting redis auth values.."
|
|
ESCAPED_AUTH=$(echo "${AUTH}" | sed -e 's/[\/&]/\\&/g');
|
|
sed -i "s/replace-default-auth/${ESCAPED_AUTH}/" "${REDIS_CONF}" "${SENTINEL_CONF}"
|
|
fi
|
|
|
|
if [ "${SENTINELAUTH:-}" ]; then
|
|
echo "Setting sentinel auth values"
|
|
ESCAPED_AUTH_SENTINEL=$(echo "$SENTINELAUTH" | sed -e 's/[\/&]/\\&/g');
|
|
sed -i "s/replace-default-sentinel-auth/${ESCAPED_AUTH_SENTINEL}/" "$SENTINEL_CONF"
|
|
fi
|
|
|
|
echo "$(date) Ready..."
|
|
redis.conf: |
|
|
dir "/data"
|
|
port 6379
|
|
rename-command FLUSHDB ""
|
|
rename-command FLUSHALL ""
|
|
bind 0.0.0.0
|
|
maxmemory 0
|
|
maxmemory-policy volatile-lru
|
|
min-replicas-max-lag 5
|
|
min-replicas-to-write 1
|
|
rdbchecksum yes
|
|
rdbcompression yes
|
|
repl-diskless-sync yes
|
|
save ""
|
|
sentinel.conf: |
|
|
dir "/data"
|
|
port 26379
|
|
bind 0.0.0.0
|
|
sentinel down-after-milliseconds argocd 10000
|
|
sentinel failover-timeout argocd 180000
|
|
maxclients 10000
|
|
sentinel parallel-syncs argocd 5
|
|
trigger-failover-if-master.sh: |
|
|
get_redis_role() {
|
|
is_master=$(
|
|
redis-cli \
|
|
-h localhost \
|
|
-p 6379 \
|
|
info | grep -c 'role:master' || true
|
|
)
|
|
}
|
|
get_redis_role
|
|
if [[ "$is_master" -eq 1 ]]; then
|
|
echo "This node is currently master, we trigger a failover."
|
|
response=$(
|
|
redis-cli \
|
|
-h localhost \
|
|
-p 26379 \
|
|
SENTINEL failover argocd
|
|
)
|
|
if [[ "$response" != "OK" ]] ; then
|
|
echo "$response"
|
|
exit 1
|
|
fi
|
|
timeout=30
|
|
while [[ "$is_master" -eq 1 && $timeout -gt 0 ]]; do
|
|
sleep 1
|
|
get_redis_role
|
|
timeout=$((timeout - 1))
|
|
done
|
|
echo "Failover successful"
|
|
fi
|
|
kind: ConfigMap
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha-configmap
|
|
---
|
|
apiVersion: v1
|
|
data:
|
|
redis_liveness.sh: |
|
|
response=$(
|
|
redis-cli \
|
|
-h localhost \
|
|
-p 6379 \
|
|
ping
|
|
)
|
|
if [ "$response" != "PONG" ] && [ "${response:0:7}" != "LOADING" ] ; then
|
|
echo "$response"
|
|
exit 1
|
|
fi
|
|
echo "response=$response"
|
|
redis_readiness.sh: |
|
|
response=$(
|
|
redis-cli \
|
|
-h localhost \
|
|
-p 6379 \
|
|
ping
|
|
)
|
|
if [ "$response" != "PONG" ] ; then
|
|
echo "$response"
|
|
exit 1
|
|
fi
|
|
echo "response=$response"
|
|
sentinel_liveness.sh: |
|
|
response=$(
|
|
redis-cli \
|
|
-h localhost \
|
|
-p 26379 \
|
|
ping
|
|
)
|
|
if [ "$response" != "PONG" ]; then
|
|
echo "$response"
|
|
exit 1
|
|
fi
|
|
echo "response=$response"
|
|
kind: ConfigMap
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha-health-configmap
|
|
---
|
|
apiVersion: v1
|
|
data:
|
|
ssh_known_hosts: |-
|
|
bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
|
|
github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
|
|
gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=
|
|
gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf
|
|
gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9
|
|
ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
|
|
vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H
|
|
github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=
|
|
github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl
|
|
kind: ConfigMap
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-ssh-known-hosts-cm
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-ssh-known-hosts-cm
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-tls-certs-cm
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-tls-certs-cm
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: argocd-notifications-secret
|
|
type: Opaque
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-secret
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-secret
|
|
type: Opaque
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: controller
|
|
app.kubernetes.io/name: argocd-applicationset-controller
|
|
app.kubernetes.io/part-of: argocd-applicationset
|
|
name: argocd-applicationset-controller
|
|
spec:
|
|
ports:
|
|
- name: webhook
|
|
port: 7000
|
|
protocol: TCP
|
|
targetPort: webhook
|
|
- name: metrics
|
|
port: 8080
|
|
protocol: TCP
|
|
targetPort: metrics
|
|
selector:
|
|
app.kubernetes.io/name: argocd-applicationset-controller
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: dex-server
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-dex-server
|
|
spec:
|
|
ports:
|
|
- name: http
|
|
port: 5556
|
|
protocol: TCP
|
|
targetPort: 5556
|
|
- name: grpc
|
|
port: 5557
|
|
protocol: TCP
|
|
targetPort: 5557
|
|
- name: metrics
|
|
port: 5558
|
|
protocol: TCP
|
|
targetPort: 5558
|
|
selector:
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: metrics
|
|
app.kubernetes.io/name: argocd-metrics
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-metrics
|
|
spec:
|
|
ports:
|
|
- name: metrics
|
|
port: 8082
|
|
protocol: TCP
|
|
targetPort: 8082
|
|
selector:
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-notifications-controller-metrics
|
|
name: argocd-notifications-controller-metrics
|
|
spec:
|
|
ports:
|
|
- name: metrics
|
|
port: 9001
|
|
protocol: TCP
|
|
targetPort: 9001
|
|
selector:
|
|
app.kubernetes.io/name: argocd-notifications-controller
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha
|
|
spec:
|
|
clusterIP: None
|
|
ports:
|
|
- name: tcp-server
|
|
port: 6379
|
|
protocol: TCP
|
|
targetPort: redis
|
|
- name: tcp-sentinel
|
|
port: 26379
|
|
protocol: TCP
|
|
targetPort: sentinel
|
|
selector:
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
type: ClusterIP
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
annotations:
|
|
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha-announce-0
|
|
spec:
|
|
ports:
|
|
- name: tcp-server
|
|
port: 6379
|
|
protocol: TCP
|
|
targetPort: redis
|
|
- name: tcp-sentinel
|
|
port: 26379
|
|
protocol: TCP
|
|
targetPort: sentinel
|
|
publishNotReadyAddresses: true
|
|
selector:
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
statefulset.kubernetes.io/pod-name: argocd-redis-ha-server-0
|
|
type: ClusterIP
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
annotations:
|
|
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha-announce-1
|
|
spec:
|
|
ports:
|
|
- name: tcp-server
|
|
port: 6379
|
|
protocol: TCP
|
|
targetPort: redis
|
|
- name: tcp-sentinel
|
|
port: 26379
|
|
protocol: TCP
|
|
targetPort: sentinel
|
|
publishNotReadyAddresses: true
|
|
selector:
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
statefulset.kubernetes.io/pod-name: argocd-redis-ha-server-1
|
|
type: ClusterIP
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
annotations:
|
|
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha-announce-2
|
|
spec:
|
|
ports:
|
|
- name: tcp-server
|
|
port: 6379
|
|
protocol: TCP
|
|
targetPort: redis
|
|
- name: tcp-sentinel
|
|
port: 26379
|
|
protocol: TCP
|
|
targetPort: sentinel
|
|
publishNotReadyAddresses: true
|
|
selector:
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
statefulset.kubernetes.io/pod-name: argocd-redis-ha-server-2
|
|
type: ClusterIP
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha-haproxy
|
|
spec:
|
|
ports:
|
|
- name: tcp-haproxy
|
|
port: 6379
|
|
protocol: TCP
|
|
targetPort: redis
|
|
selector:
|
|
app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
type: ClusterIP
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: repo-server
|
|
app.kubernetes.io/name: argocd-repo-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-repo-server
|
|
spec:
|
|
ports:
|
|
- name: server
|
|
port: 8081
|
|
protocol: TCP
|
|
targetPort: 8081
|
|
- name: metrics
|
|
port: 8084
|
|
protocol: TCP
|
|
targetPort: 8084
|
|
selector:
|
|
app.kubernetes.io/name: argocd-repo-server
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: server
|
|
app.kubernetes.io/name: argocd-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-server
|
|
spec:
|
|
ports:
|
|
- name: http
|
|
port: 80
|
|
protocol: TCP
|
|
targetPort: 8080
|
|
- name: https
|
|
port: 443
|
|
protocol: TCP
|
|
targetPort: 8080
|
|
selector:
|
|
app.kubernetes.io/name: argocd-server
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: server
|
|
app.kubernetes.io/name: argocd-server-metrics
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-server-metrics
|
|
spec:
|
|
ports:
|
|
- name: metrics
|
|
port: 8083
|
|
protocol: TCP
|
|
targetPort: 8083
|
|
selector:
|
|
app.kubernetes.io/name: argocd-server
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: controller
|
|
app.kubernetes.io/name: argocd-applicationset-controller
|
|
app.kubernetes.io/part-of: argocd-applicationset
|
|
name: argocd-applicationset-controller
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-applicationset-controller
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-applicationset-controller
|
|
spec:
|
|
containers:
|
|
- command:
|
|
- entrypoint.sh
|
|
- argocd-applicationset-controller
|
|
env:
|
|
- name: NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
- name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: applicationsetcontroller.enable.leader.election
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: applicationsetcontroller.namespace
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: repo.server
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: applicationsetcontroller.policy
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: applicationsetcontroller.debug
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: applicationsetcontroller.log.format
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: applicationsetcontroller.log.level
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: applicationsetcontroller.dryrun
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_GIT_MODULES_ENABLED
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: applicationsetcontroller.enable.git.submodule
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
image: quay.io/argoproj/argocd:latest
|
|
imagePullPolicy: Always
|
|
name: argocd-applicationset-controller
|
|
ports:
|
|
- containerPort: 7000
|
|
name: webhook
|
|
- containerPort: 8080
|
|
name: metrics
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /app/config/ssh
|
|
name: ssh-known-hosts
|
|
- mountPath: /app/config/tls
|
|
name: tls-certs
|
|
- mountPath: /app/config/gpg/source
|
|
name: gpg-keys
|
|
- mountPath: /app/config/gpg/keys
|
|
name: gpg-keyring
|
|
- mountPath: /tmp
|
|
name: tmp
|
|
serviceAccountName: argocd-applicationset-controller
|
|
volumes:
|
|
- configMap:
|
|
name: argocd-ssh-known-hosts-cm
|
|
name: ssh-known-hosts
|
|
- configMap:
|
|
name: argocd-tls-certs-cm
|
|
name: tls-certs
|
|
- configMap:
|
|
name: argocd-gpg-keys-cm
|
|
name: gpg-keys
|
|
- emptyDir: {}
|
|
name: gpg-keyring
|
|
- emptyDir: {}
|
|
name: tmp
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: dex-server
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-dex-server
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
spec:
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- podAffinityTerm:
|
|
labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/part-of: argocd
|
|
topologyKey: kubernetes.io/hostname
|
|
weight: 5
|
|
containers:
|
|
- command:
|
|
- /shared/argocd-dex
|
|
- rundex
|
|
env:
|
|
- name: ARGOCD_DEX_SERVER_DISABLE_TLS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: dexserver.disable.tls
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
image: ghcr.io/dexidp/dex:v2.35.3-distroless
|
|
imagePullPolicy: Always
|
|
name: dex
|
|
ports:
|
|
- containerPort: 5556
|
|
- containerPort: 5557
|
|
- containerPort: 5558
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /shared
|
|
name: static-files
|
|
- mountPath: /tmp
|
|
name: dexconfig
|
|
- mountPath: /tls
|
|
name: argocd-dex-server-tls
|
|
initContainers:
|
|
- command:
|
|
- cp
|
|
- -n
|
|
- /usr/local/bin/argocd
|
|
- /shared/argocd-dex
|
|
image: quay.io/argoproj/argocd:latest
|
|
imagePullPolicy: Always
|
|
name: copyutil
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /shared
|
|
name: static-files
|
|
- mountPath: /tmp
|
|
name: dexconfig
|
|
serviceAccountName: argocd-dex-server
|
|
volumes:
|
|
- emptyDir: {}
|
|
name: static-files
|
|
- emptyDir: {}
|
|
name: dexconfig
|
|
- name: argocd-dex-server-tls
|
|
secret:
|
|
items:
|
|
- key: tls.crt
|
|
path: tls.crt
|
|
- key: tls.key
|
|
path: tls.key
|
|
- key: ca.crt
|
|
path: ca.crt
|
|
optional: true
|
|
secretName: argocd-dex-server-tls
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: argocd-notifications-controller
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-notifications-controller
|
|
strategy:
|
|
type: Recreate
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-notifications-controller
|
|
spec:
|
|
containers:
|
|
- command:
|
|
- argocd-notifications
|
|
image: quay.io/argoproj/argocd:latest
|
|
imagePullPolicy: Always
|
|
livenessProbe:
|
|
tcpSocket:
|
|
port: 9001
|
|
name: argocd-notifications-controller
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
volumeMounts:
|
|
- mountPath: /app/config/tls
|
|
name: tls-certs
|
|
- mountPath: /app/config/reposerver/tls
|
|
name: argocd-repo-server-tls
|
|
workingDir: /app
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
serviceAccountName: argocd-notifications-controller
|
|
volumes:
|
|
- configMap:
|
|
name: argocd-tls-certs-cm
|
|
name: tls-certs
|
|
- name: argocd-repo-server-tls
|
|
secret:
|
|
items:
|
|
- key: tls.crt
|
|
path: tls.crt
|
|
- key: tls.key
|
|
path: tls.key
|
|
- key: ca.crt
|
|
path: ca.crt
|
|
optional: true
|
|
secretName: argocd-repo-server-tls
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha-haproxy
|
|
spec:
|
|
replicas: 3
|
|
revisionHistoryLimit: 1
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
strategy:
|
|
type: RollingUpdate
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
checksum/config: 33967cee643b636d6e9a66e82b7f85814ceb8c55fba7a1d8af439ef056934e5c
|
|
labels:
|
|
app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
name: argocd-redis-ha-haproxy
|
|
spec:
|
|
affinity:
|
|
podAntiAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
topologyKey: kubernetes.io/hostname
|
|
containers:
|
|
- image: haproxy:2.6.2-alpine
|
|
imagePullPolicy: IfNotPresent
|
|
lifecycle: {}
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8888
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 3
|
|
name: haproxy
|
|
ports:
|
|
- containerPort: 6379
|
|
name: redis
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8888
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 3
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /usr/local/etc/haproxy
|
|
name: data
|
|
- mountPath: /run/haproxy
|
|
name: shared-socket
|
|
initContainers:
|
|
- args:
|
|
- /readonly/haproxy_init.sh
|
|
command:
|
|
- sh
|
|
image: haproxy:2.6.2-alpine
|
|
imagePullPolicy: IfNotPresent
|
|
name: config-init
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /readonly
|
|
name: config-volume
|
|
readOnly: true
|
|
- mountPath: /data
|
|
name: data
|
|
securityContext:
|
|
fsGroup: 1000
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
serviceAccountName: argocd-redis-ha-haproxy
|
|
volumes:
|
|
- configMap:
|
|
name: argocd-redis-ha-configmap
|
|
name: config-volume
|
|
- emptyDir: {}
|
|
name: shared-socket
|
|
- emptyDir: {}
|
|
name: data
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: repo-server
|
|
app.kubernetes.io/name: argocd-repo-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-repo-server
|
|
spec:
|
|
replicas: 2
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-repo-server
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-repo-server
|
|
spec:
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- podAffinityTerm:
|
|
labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-repo-server
|
|
topologyKey: failure-domain.beta.kubernetes.io/zone
|
|
weight: 100
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-repo-server
|
|
topologyKey: kubernetes.io/hostname
|
|
automountServiceAccountToken: false
|
|
containers:
|
|
- command:
|
|
- entrypoint.sh
|
|
- argocd-repo-server
|
|
- --redis
|
|
- argocd-redis-ha-haproxy:6379
|
|
env:
|
|
- name: ARGOCD_RECONCILIATION_TIMEOUT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: timeout.reconciliation
|
|
name: argocd-cm
|
|
optional: true
|
|
- name: ARGOCD_REPO_SERVER_LOGFORMAT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.log.format
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_REPO_SERVER_LOGLEVEL
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.log.level
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_REPO_SERVER_PARALLELISM_LIMIT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.parallelism.limit
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_REPO_SERVER_DISABLE_TLS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.disable.tls
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_TLS_MIN_VERSION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.tls.minversion
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_TLS_MAX_VERSION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.tls.maxversion
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_TLS_CIPHERS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.tls.ciphers
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_REPO_CACHE_EXPIRATION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.repo.cache.expiration
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: REDIS_SERVER
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: redis.server
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: REDIS_COMPRESSION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: redis.compression
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: REDISDB
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: redis.db
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_DEFAULT_CACHE_EXPIRATION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.default.cache.expiration
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_REPO_SERVER_OTLP_ADDRESS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: otlp.address
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_REPO_SERVER_MAX_COMBINED_DIRECTORY_MANIFESTS_SIZE
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.max.combined.directory.manifests.size
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_REPO_SERVER_PLUGIN_TAR_EXCLUSIONS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.plugin.tar.exclusions
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.allow.oob.symlinks
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_TAR_SIZE
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.streamed.manifest.max.tar.size
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_EXTRACTED_SIZE
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.streamed.manifest.max.extracted.size
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_GIT_MODULES_ENABLED
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: reposerver.enable.git.submodule
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: HELM_CACHE_HOME
|
|
value: /helm-working-dir
|
|
- name: HELM_CONFIG_HOME
|
|
value: /helm-working-dir
|
|
- name: HELM_DATA_HOME
|
|
value: /helm-working-dir
|
|
image: quay.io/argoproj/argocd:latest
|
|
imagePullPolicy: Always
|
|
livenessProbe:
|
|
failureThreshold: 3
|
|
httpGet:
|
|
path: /healthz?full=true
|
|
port: 8084
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 30
|
|
timeoutSeconds: 5
|
|
name: argocd-repo-server
|
|
ports:
|
|
- containerPort: 8081
|
|
- containerPort: 8084
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8084
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /app/config/ssh
|
|
name: ssh-known-hosts
|
|
- mountPath: /app/config/tls
|
|
name: tls-certs
|
|
- mountPath: /app/config/gpg/source
|
|
name: gpg-keys
|
|
- mountPath: /app/config/gpg/keys
|
|
name: gpg-keyring
|
|
- mountPath: /app/config/reposerver/tls
|
|
name: argocd-repo-server-tls
|
|
- mountPath: /tmp
|
|
name: tmp
|
|
- mountPath: /helm-working-dir
|
|
name: helm-working-dir
|
|
- mountPath: /home/argocd/cmp-server/plugins
|
|
name: plugins
|
|
initContainers:
|
|
- command:
|
|
- cp
|
|
- -n
|
|
- /usr/local/bin/argocd
|
|
- /var/run/argocd/argocd-cmp-server
|
|
image: quay.io/argoproj/argocd:latest
|
|
name: copyutil
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /var/run/argocd
|
|
name: var-files
|
|
serviceAccountName: argocd-repo-server
|
|
volumes:
|
|
- configMap:
|
|
name: argocd-ssh-known-hosts-cm
|
|
name: ssh-known-hosts
|
|
- configMap:
|
|
name: argocd-tls-certs-cm
|
|
name: tls-certs
|
|
- configMap:
|
|
name: argocd-gpg-keys-cm
|
|
name: gpg-keys
|
|
- emptyDir: {}
|
|
name: gpg-keyring
|
|
- emptyDir: {}
|
|
name: tmp
|
|
- emptyDir: {}
|
|
name: helm-working-dir
|
|
- name: argocd-repo-server-tls
|
|
secret:
|
|
items:
|
|
- key: tls.crt
|
|
path: tls.crt
|
|
- key: tls.key
|
|
path: tls.key
|
|
- key: ca.crt
|
|
path: ca.crt
|
|
optional: true
|
|
secretName: argocd-repo-server-tls
|
|
- emptyDir: {}
|
|
name: var-files
|
|
- emptyDir: {}
|
|
name: plugins
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: server
|
|
app.kubernetes.io/name: argocd-server
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-server
|
|
spec:
|
|
replicas: 2
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-server
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-server
|
|
spec:
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- podAffinityTerm:
|
|
labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-server
|
|
topologyKey: failure-domain.beta.kubernetes.io/zone
|
|
weight: 100
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-server
|
|
topologyKey: kubernetes.io/hostname
|
|
containers:
|
|
- command:
|
|
- argocd-server
|
|
- --redis
|
|
- argocd-redis-ha-haproxy:6379
|
|
env:
|
|
- name: ARGOCD_API_SERVER_REPLICAS
|
|
value: "2"
|
|
- name: ARGOCD_SERVER_INSECURE
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.insecure
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_BASEHREF
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.basehref
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_ROOTPATH
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.rootpath
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_LOGFORMAT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.log.format
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_LOG_LEVEL
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.log.level
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_REPO_SERVER
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: repo.server
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_DEX_SERVER
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.dex.server
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_DISABLE_AUTH
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.disable.auth
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_ENABLE_GZIP
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.enable.gzip
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_REPO_SERVER_TIMEOUT_SECONDS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.repo.server.timeout.seconds
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_X_FRAME_OPTIONS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.x.frame.options
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_CONTENT_SECURITY_POLICY
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.content.security.policy
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_REPO_SERVER_PLAINTEXT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.repo.server.plaintext
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_REPO_SERVER_STRICT_TLS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.repo.server.strict.tls
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_DEX_SERVER_PLAINTEXT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.dex.server.plaintext
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_DEX_SERVER_STRICT_TLS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.dex.server.strict.tls
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_TLS_MIN_VERSION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.tls.minversion
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_TLS_MAX_VERSION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.tls.maxversion
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_TLS_CIPHERS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.tls.ciphers
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_CONNECTION_STATUS_CACHE_EXPIRATION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.connection.status.cache.expiration
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_OIDC_CACHE_EXPIRATION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.oidc.cache.expiration
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_LOGIN_ATTEMPTS_EXPIRATION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.login.attempts.expiration
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_STATIC_ASSETS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.staticassets
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APP_STATE_CACHE_EXPIRATION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.app.state.cache.expiration
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: REDIS_SERVER
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: redis.server
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: REDIS_COMPRESSION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: redis.compression
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: REDISDB
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: redis.db
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_DEFAULT_CACHE_EXPIRATION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.default.cache.expiration
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_MAX_COOKIE_NUMBER
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: server.http.cookie.maxnumber
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_SERVER_OTLP_ADDRESS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: otlp.address
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_NAMESPACES
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: application.namespaces
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
image: quay.io/argoproj/argocd:latest
|
|
imagePullPolicy: Always
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz?full=true
|
|
port: 8080
|
|
initialDelaySeconds: 3
|
|
periodSeconds: 30
|
|
timeoutSeconds: 5
|
|
name: argocd-server
|
|
ports:
|
|
- containerPort: 8080
|
|
- containerPort: 8083
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8080
|
|
initialDelaySeconds: 3
|
|
periodSeconds: 30
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /app/config/ssh
|
|
name: ssh-known-hosts
|
|
- mountPath: /app/config/tls
|
|
name: tls-certs
|
|
- mountPath: /app/config/server/tls
|
|
name: argocd-repo-server-tls
|
|
- mountPath: /app/config/dex/tls
|
|
name: argocd-dex-server-tls
|
|
- mountPath: /home/argocd
|
|
name: plugins-home
|
|
- mountPath: /tmp
|
|
name: tmp
|
|
serviceAccountName: argocd-server
|
|
volumes:
|
|
- emptyDir: {}
|
|
name: plugins-home
|
|
- emptyDir: {}
|
|
name: tmp
|
|
- configMap:
|
|
name: argocd-ssh-known-hosts-cm
|
|
name: ssh-known-hosts
|
|
- configMap:
|
|
name: argocd-tls-certs-cm
|
|
name: tls-certs
|
|
- name: argocd-repo-server-tls
|
|
secret:
|
|
items:
|
|
- key: tls.crt
|
|
path: tls.crt
|
|
- key: tls.key
|
|
path: tls.key
|
|
- key: ca.crt
|
|
path: ca.crt
|
|
optional: true
|
|
secretName: argocd-repo-server-tls
|
|
- name: argocd-dex-server-tls
|
|
secret:
|
|
items:
|
|
- key: tls.crt
|
|
path: tls.crt
|
|
- key: ca.crt
|
|
path: ca.crt
|
|
optional: true
|
|
secretName: argocd-dex-server-tls
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: application-controller
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-application-controller
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
serviceName: argocd-application-controller
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
spec:
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- podAffinityTerm:
|
|
labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
topologyKey: kubernetes.io/hostname
|
|
weight: 100
|
|
- podAffinityTerm:
|
|
labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/part-of: argocd
|
|
topologyKey: kubernetes.io/hostname
|
|
weight: 5
|
|
containers:
|
|
- command:
|
|
- argocd-application-controller
|
|
- --redis
|
|
- argocd-redis-ha-haproxy:6379
|
|
env:
|
|
- name: ARGOCD_CONTROLLER_REPLICAS
|
|
value: "1"
|
|
- name: ARGOCD_RECONCILIATION_TIMEOUT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: timeout.reconciliation
|
|
name: argocd-cm
|
|
optional: true
|
|
- name: ARGOCD_HARD_RECONCILIATION_TIMEOUT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: timeout.hard.reconciliation
|
|
name: argocd-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: repo.server
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: controller.repo.server.timeout.seconds
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_CONTROLLER_STATUS_PROCESSORS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: controller.status.processors
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_CONTROLLER_OPERATION_PROCESSORS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: controller.operation.processors
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_CONTROLLER_LOGFORMAT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: controller.log.format
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_CONTROLLER_LOGLEVEL
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: controller.log.level
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_CONTROLLER_METRICS_CACHE_EXPIRATION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: controller.metrics.cache.expiration
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_TIMEOUT_SECONDS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: controller.self.heal.timeout.seconds
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: controller.repo.server.plaintext
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_STRICT_TLS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: controller.repo.server.strict.tls
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_CONTROLLER_PERSIST_RESOURCE_HEALTH
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: controller.resource.health.persist
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APP_STATE_CACHE_EXPIRATION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: controller.app.state.cache.expiration
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: REDIS_SERVER
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: redis.server
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: REDIS_COMPRESSION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: redis.compression
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: REDISDB
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: redis.db
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_DEFAULT_CACHE_EXPIRATION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: controller.default.cache.expiration
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_CONTROLLER_OTLP_ADDRESS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: otlp.address
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_APPLICATION_NAMESPACES
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: application.namespaces
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
image: quay.io/argoproj/argocd:latest
|
|
imagePullPolicy: Always
|
|
name: argocd-application-controller
|
|
ports:
|
|
- containerPort: 8082
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 8082
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /app/config/controller/tls
|
|
name: argocd-repo-server-tls
|
|
- mountPath: /home/argocd
|
|
name: argocd-home
|
|
workingDir: /home/argocd
|
|
serviceAccountName: argocd-application-controller
|
|
volumes:
|
|
- emptyDir: {}
|
|
name: argocd-home
|
|
- name: argocd-repo-server-tls
|
|
secret:
|
|
items:
|
|
- key: tls.crt
|
|
path: tls.crt
|
|
- key: tls.key
|
|
path: tls.key
|
|
- key: ca.crt
|
|
path: ca.crt
|
|
optional: true
|
|
secretName: argocd-repo-server-tls
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: redis
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
app.kubernetes.io/part-of: argocd
|
|
name: argocd-redis-ha-server
|
|
spec:
|
|
podManagementPolicy: OrderedReady
|
|
replicas: 3
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
serviceName: argocd-redis-ha
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
checksum/init-config: 226aec192d2f29b5355769c9f1fbf093bf36c3a1e15b574b71fb8fe73fd37c05
|
|
labels:
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
spec:
|
|
affinity:
|
|
podAntiAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
topologyKey: kubernetes.io/hostname
|
|
automountServiceAccountToken: false
|
|
containers:
|
|
- args:
|
|
- /data/conf/redis.conf
|
|
command:
|
|
- redis-server
|
|
image: redis:7.0.5-alpine
|
|
imagePullPolicy: IfNotPresent
|
|
lifecycle:
|
|
preStop:
|
|
exec:
|
|
command:
|
|
- /bin/sh
|
|
- /readonly-config/trigger-failover-if-master.sh
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- /health/redis_liveness.sh
|
|
failureThreshold: 5
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 15
|
|
successThreshold: 1
|
|
timeoutSeconds: 15
|
|
name: redis
|
|
ports:
|
|
- containerPort: 6379
|
|
name: redis
|
|
readinessProbe:
|
|
exec:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- /health/redis_readiness.sh
|
|
failureThreshold: 5
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 15
|
|
successThreshold: 1
|
|
timeoutSeconds: 15
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /readonly-config
|
|
name: config
|
|
readOnly: true
|
|
- mountPath: /data
|
|
name: data
|
|
- mountPath: /health
|
|
name: health
|
|
- args:
|
|
- /data/conf/sentinel.conf
|
|
command:
|
|
- redis-sentinel
|
|
image: redis:7.0.5-alpine
|
|
imagePullPolicy: IfNotPresent
|
|
lifecycle: {}
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- /health/sentinel_liveness.sh
|
|
failureThreshold: 5
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 15
|
|
successThreshold: 1
|
|
timeoutSeconds: 15
|
|
name: sentinel
|
|
ports:
|
|
- containerPort: 26379
|
|
name: sentinel
|
|
readinessProbe:
|
|
exec:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- /health/sentinel_liveness.sh
|
|
failureThreshold: 5
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 15
|
|
successThreshold: 3
|
|
timeoutSeconds: 15
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /data
|
|
name: data
|
|
- mountPath: /health
|
|
name: health
|
|
- args:
|
|
- /readonly-config/fix-split-brain.sh
|
|
command:
|
|
- sh
|
|
env:
|
|
- name: SENTINEL_ID_0
|
|
value: 3c0d9c0320bb34888c2df5757c718ce6ca992ce6
|
|
- name: SENTINEL_ID_1
|
|
value: 40000915ab58c3fa8fd888fb8b24711944e6cbb4
|
|
- name: SENTINEL_ID_2
|
|
value: 2bbec7894d954a8af3bb54d13eaec53cb024e2ca
|
|
image: redis:7.0.5-alpine
|
|
imagePullPolicy: IfNotPresent
|
|
name: split-brain-fix
|
|
resources: {}
|
|
volumeMounts:
|
|
- mountPath: /readonly-config
|
|
name: config
|
|
readOnly: true
|
|
- mountPath: /data
|
|
name: data
|
|
initContainers:
|
|
- args:
|
|
- /readonly-config/init.sh
|
|
command:
|
|
- sh
|
|
env:
|
|
- name: SENTINEL_ID_0
|
|
value: 3c0d9c0320bb34888c2df5757c718ce6ca992ce6
|
|
- name: SENTINEL_ID_1
|
|
value: 40000915ab58c3fa8fd888fb8b24711944e6cbb4
|
|
- name: SENTINEL_ID_2
|
|
value: 2bbec7894d954a8af3bb54d13eaec53cb024e2ca
|
|
image: redis:7.0.5-alpine
|
|
imagePullPolicy: IfNotPresent
|
|
name: config-init
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /readonly-config
|
|
name: config
|
|
readOnly: true
|
|
- mountPath: /data
|
|
name: data
|
|
securityContext:
|
|
fsGroup: 1000
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
serviceAccountName: argocd-redis-ha
|
|
terminationGracePeriodSeconds: 60
|
|
volumes:
|
|
- configMap:
|
|
name: argocd-redis-ha-configmap
|
|
name: config
|
|
- configMap:
|
|
defaultMode: 493
|
|
name: argocd-redis-ha-health-configmap
|
|
name: health
|
|
- emptyDir: {}
|
|
name: data
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: argocd-application-controller-network-policy
|
|
spec:
|
|
ingress:
|
|
- from:
|
|
- namespaceSelector: {}
|
|
ports:
|
|
- port: 8082
|
|
podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
policyTypes:
|
|
- Ingress
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: argocd-applicationset-controller-network-policy
|
|
spec:
|
|
ingress:
|
|
- from:
|
|
- namespaceSelector: {}
|
|
ports:
|
|
- port: 7000
|
|
protocol: TCP
|
|
- port: 8080
|
|
protocol: TCP
|
|
podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-applicationset-controller
|
|
policyTypes:
|
|
- Ingress
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: argocd-dex-server-network-policy
|
|
spec:
|
|
ingress:
|
|
- from:
|
|
- podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-server
|
|
ports:
|
|
- port: 5556
|
|
protocol: TCP
|
|
- port: 5557
|
|
protocol: TCP
|
|
- from:
|
|
- namespaceSelector: {}
|
|
ports:
|
|
- port: 5558
|
|
protocol: TCP
|
|
podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
policyTypes:
|
|
- Ingress
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: argocd-notifications-controller-network-policy
|
|
spec:
|
|
ingress:
|
|
- from:
|
|
- namespaceSelector: {}
|
|
ports:
|
|
- port: 9001
|
|
protocol: TCP
|
|
podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-notifications-controller
|
|
policyTypes:
|
|
- Ingress
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: argocd-redis-ha-proxy-network-policy
|
|
spec:
|
|
egress:
|
|
- ports:
|
|
- port: 6379
|
|
protocol: TCP
|
|
- port: 26379
|
|
protocol: TCP
|
|
to:
|
|
- podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
- ports:
|
|
- port: 53
|
|
protocol: UDP
|
|
- port: 53
|
|
protocol: TCP
|
|
to:
|
|
- namespaceSelector: {}
|
|
ingress:
|
|
- from:
|
|
- podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-server
|
|
- podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-repo-server
|
|
- podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
ports:
|
|
- port: 6379
|
|
protocol: TCP
|
|
- port: 26379
|
|
protocol: TCP
|
|
podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
policyTypes:
|
|
- Ingress
|
|
- Egress
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: argocd-redis-ha-server-network-policy
|
|
spec:
|
|
egress:
|
|
- ports:
|
|
- port: 6379
|
|
protocol: TCP
|
|
- port: 26379
|
|
protocol: TCP
|
|
to:
|
|
- podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
- ports:
|
|
- port: 53
|
|
protocol: UDP
|
|
- port: 53
|
|
protocol: TCP
|
|
to:
|
|
- namespaceSelector: {}
|
|
ingress:
|
|
- from:
|
|
- podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-redis-ha-haproxy
|
|
- podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
ports:
|
|
- port: 6379
|
|
protocol: TCP
|
|
- port: 26379
|
|
protocol: TCP
|
|
podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-redis-ha
|
|
policyTypes:
|
|
- Ingress
|
|
- Egress
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: argocd-repo-server-network-policy
|
|
spec:
|
|
ingress:
|
|
- from:
|
|
- podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-server
|
|
- podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-application-controller
|
|
- podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-notifications-controller
|
|
ports:
|
|
- port: 8081
|
|
protocol: TCP
|
|
- from:
|
|
- namespaceSelector: {}
|
|
ports:
|
|
- port: 8084
|
|
podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-repo-server
|
|
policyTypes:
|
|
- Ingress
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: argocd-server-network-policy
|
|
spec:
|
|
ingress:
|
|
- {}
|
|
podSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-server
|
|
policyTypes:
|
|
- Ingress
|