diff --git a/template/edfbuilder.yaml b/template/edfbuilder.yaml index 4e9fabd..6afc8c2 100644 --- a/template/edfbuilder.yaml +++ b/template/edfbuilder.yaml @@ -13,7 +13,7 @@ spec: namespace: argocd source: path: registry - repoURL: 'https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder' + repoURL: 'https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/template/registry/core.yaml b/template/registry/core.yaml index 3a722ac..aef343d 100644 --- a/template/registry/core.yaml +++ b/template/registry/core.yaml @@ -13,7 +13,7 @@ spec: namespace: argocd source: path: stacks/core - repoURL: 'https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder' + repoURL: 'https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/template/registry/local-backup.yaml b/template/registry/local-backup.yaml index a2ac46d..5540134 100644 --- a/template/registry/local-backup.yaml +++ b/template/registry/local-backup.yaml @@ -13,7 +13,7 @@ spec: namespace: argocd source: path: stacks/local-backup - repoURL: 'https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder' + repoURL: 'https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/template/registry/monitoring.yaml b/template/registry/monitoring.yaml index c9826bc..88b1af3 100644 --- a/template/registry/monitoring.yaml +++ b/template/registry/monitoring.yaml @@ -13,7 +13,7 @@ spec: namespace: argocd source: path: stacks/monitoring - repoURL: 'https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder' + repoURL: 'https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/template/registry/ref-implementation.yaml b/template/registry/ref-implementation.yaml index 3a6cf1a..82bbeaf 100644 --- a/template/registry/ref-implementation.yaml +++ b/template/registry/ref-implementation.yaml @@ -13,7 +13,7 @@ spec: namespace: argocd source: path: stacks/ref-implementation - repoURL: 'https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder' + repoURL: 'https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/template/registry/second-cluster.yaml b/template/registry/second-cluster.yaml index 98ddd40..6ff1357 100644 --- a/template/registry/second-cluster.yaml +++ b/template/registry/second-cluster.yaml @@ -13,7 +13,7 @@ spec: namespace: argocd source: path: stacks/second-cluster - repoURL: 'https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder' + repoURL: 'https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/template/stacks/core/argocd.yaml b/template/stacks/core/argocd.yaml index a79ef6c..4f65e09 100644 --- a/template/stacks/core/argocd.yaml +++ b/template/stacks/core/argocd.yaml @@ -18,10 +18,13 @@ spec: sources: - repoURL: https://github.com/argoproj/argo-helm path: charts/argo-cd + # TODO: RIRE Can be updated when https://github.com/argoproj/argo-cd/issues/20790 is fixed and merged + # As logout make problems, it is suggested to switch from path based routing to an own argocd domain, + # similar to the CNOE amazon reference implementation and in our case, Forgejo targetRevision: argo-cd-7.7.5 helm: valueFiles: - $values/stacks/core/argocd/values.yaml - - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + - repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD ref: values diff --git a/template/stacks/core/argocd/hydrated/install.yaml b/template/stacks/core/argocd/hydrated/install.yaml deleted file mode 100644 index 4917b17..0000000 --- a/template/stacks/core/argocd/hydrated/install.yaml +++ /dev/null @@ -1,24530 +0,0 @@ ---- -# Source: argo-cd/templates/argocd-application-controller/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: true -metadata: - name: argocd-application-controller - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: application-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" ---- -# Source: argo-cd/templates/argocd-applicationset/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: true -metadata: - name: argocd-applicationset-controller - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" ---- -# Source: argo-cd/templates/argocd-repo-server/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: true -metadata: - name: argocd-repo-server - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: repo-server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" ---- -# Source: argo-cd/templates/argocd-server/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: true -metadata: - name: argocd-server - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" ---- -# Source: argo-cd/templates/argocd-configs/argocd-secret.yaml -apiVersion: v1 -kind: Secret -metadata: - name: argocd-secret - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-secret - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -type: Opaque ---- -# Source: argo-cd/templates/argocd-configs/argocd-cm.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-cm - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-cm - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -data: - accounts.provider-argocd: apiKey - admin.enabled: "true" - application.instanceLabelKey: argocd.argoproj.io/instance - application.resourceTrackingMethod: annotation - exec.enabled: "false" - resource.exclusions: | - - apiGroups: - - "*" - kinds: - - ProviderConfigUsage - - apiGroups: - - cilium.io - kinds: - - CiliumIdentity - clusters: - - "*" - server.rbac.log.enforce.enable: "false" - statusbadge.enabled: "false" - timeout.hard.reconciliation: 0s - timeout.reconciliation: 60s - url: https://runner.c-one-infra.de ---- -# Source: argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-cmd-params-cm - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-cmd-params-cm - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -data: - application.namespaces: "" - applicationsetcontroller.enable.leader.election: "false" - applicationsetcontroller.enable.progressive.syncs: "false" - applicationsetcontroller.log.format: text - applicationsetcontroller.log.level: info - applicationsetcontroller.namespaces: "" - applicationsetcontroller.policy: sync - controller.ignore.normalizer.jq.timeout: 1s - controller.log.format: text - controller.log.level: info - controller.operation.processors: "10" - controller.repo.server.timeout.seconds: "60" - controller.self.heal.timeout.seconds: "5" - controller.status.processors: "20" - otlp.address: "" - redis.server: argocd-redis:6379 - repo.server: argocd-repo-server:8081 - reposerver.log.format: text - reposerver.log.level: info - reposerver.parallelism.limit: "0" - server.basehref: /argocd - server.disable.auth: "false" - server.enable.gzip: "true" - server.enable.proxy.extension: "false" - server.insecure: "true" - server.log.format: text - server.log.level: info - server.repo.server.strict.tls: "false" - server.rootpath: "" - server.staticassets: /shared/app - server.x.frame.options: sameorigin ---- -# Source: argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-gpg-keys-cm - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-gpg-keys-cm - app.kubernetes.io/instance: argocd - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" ---- -# Source: argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-rbac-cm - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-rbac-cm - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -data: - policy.csv: g, provider-argocd, role:admin - policy.default: "" - policy.matchMode: glob - scopes: '[groups]' ---- -# Source: argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-ssh-known-hosts-cm - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-ssh-known-hosts-cm - app.kubernetes.io/instance: argocd - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -data: - ssh_known_hosts: | - [ssh.github.com]:443 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= - [ssh.github.com]:443 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - [ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= - bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= - bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO - bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M= - github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= - github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= - gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= - gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf - gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 - ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H ---- -# Source: argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-tls-certs-cm - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-tls-certs-cm - app.kubernetes.io/instance: argocd - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -data: - gitea.runner.c-one-infra.de: | - -----BEGIN CERTIFICATE----- - MIIFBjCCA+6gAwIBAgISBOO8kIfirQl2mctqw87A+UUUMA0GCSqGSIb3DQEBCwUA - MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD - EwNSMTAwHhcNMjUwMjA1MTIzMzA4WhcNMjUwNTA2MTIzMzA3WjAmMSQwIgYDVQQD - ExtnaXRlYS5ydW5uZXIuYy1vbmUtaW5mcmEuZGUwggEiMA0GCSqGSIb3DQEBAQUA - A4IBDwAwggEKAoIBAQC13t32UN2mZCHTsW5H38d+opsAwN46UkxAx2t1dPZtnujn - g4GWBwghExyYKkiP7MnxqyWeD6dD+X2Gjp6kH3QluOeSWwD0h35q8Q4dEhZ3fw7f - jyn/mfNInIdPicVTruT6EjpaALULyC5dCtSIobBE9vL1wsigeo7d9KqE9pcEBYKv - ooGiZD5MFLPMHwe1iraV95TpLrOC7UyFXGzYtwcPQ0u55GkXfGZGDGa2mfKlzNlm - g4+gevCFqdu8DeMrmpDzdJMiK/BudlO/5ASr/QT7DIakgA5UTuVFLX1XXOxpshWK - 1kEkRqT4wRsNvR5bbxw+X4vDIsxsa58Hc6BVFKCPAgMBAAGjggIfMIICGzAOBgNV - HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud - EwEB/wQCMAAwHQYDVR0OBBYEFDpRZ/YsIwVLaVIA9X4ZHVXaiN+jMB8GA1UdIwQY - MBaAFLu8w0el5LypxsOkcgwQjaI14cjoMFcGCCsGAQUFBwEBBEswSTAiBggrBgEF - BQcwAYYWaHR0cDovL3IxMC5vLmxlbmNyLm9yZzAjBggrBgEFBQcwAoYXaHR0cDov - L3IxMC5pLmxlbmNyLm9yZy8wJgYDVR0RBB8wHYIbZ2l0ZWEucnVubmVyLmMtb25l - LWluZnJhLmRlMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB - 9QSB8gDwAHcAouMK5EXvva2bfjjtR2d3U9eCW4SU1yteGyzEuVCkR+cAAAGU1k8j - iwAABAMASDBGAiEAspssISV4rKlDRiz5cwDHGNCH8aJf/tiDBUa5t+BSHFACIQDB - nLO6GGi1SN63PeIB4Fiky3AIBql+37kd1UJzB0jJ5gB1ABNK3xq1mEIJeAxv70x6 - kaQWtyNJzlhXat+u2qfCq+AiAAABlNZPJOcAAAQDAEYwRAIgG9ym5Hwp66y3VLtt - 9Qnfxe9z5peKT2r1Ey2Oxhp4XHwCICOxl/qjcIIlFFcqMdV08QLJWJa7Fm6xbHBu - hqqayUYmMA0GCSqGSIb3DQEBCwUAA4IBAQAOFN2FjY1kYplE4Dl2fwt6K28jI0mm - iPWTIPNLlveNT+sLxi8XAIqnFk5abO28BIpEsMUpw0hPnyhVXw7hQFsvFCzha5J0 - KUjIsAzA0PyYIr2Q5z8bYdOmOaVEA89fvTtHHN8ibzrmwVNr3UxohnZlQwjJe5hc - 2mJjOdrjIfUo5UU+1HvfKUIrlpAWuaIT0cfn7c+UT4LkWPZSc0ELn3VpNIIWrYIm - Xfr1SlyoSrr3QwEXpDkhRMSBfBN6oqzSJ7jV2zPxzsG9SVaCkP1NCEEohj4Bl/Hd - WX4MnlO3s7ysq5EGmtdN14NMrj6AhFTwlXURe5IhWy2nbHvGZ/XC8ima - -----END CERTIFICATE----- - -----BEGIN CERTIFICATE----- - MIIFBTCCAu2gAwIBAgIQS6hSk/eaL6JzBkuoBI110DANBgkqhkiG9w0BAQsFADBP - MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy - Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNDAzMTMwMDAwMDBa - Fw0yNzAzMTIyMzU5NTlaMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBF - bmNyeXB0MQwwCgYDVQQDEwNSMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK - AoIBAQDPV+XmxFQS7bRH/sknWHZGUCiMHT6I3wWd1bUYKb3dtVq/+vbOo76vACFL - YlpaPAEvxVgD9on/jhFD68G14BQHlo9vH9fnuoE5CXVlt8KvGFs3Jijno/QHK20a - /6tYvJWuQP/py1fEtVt/eA0YYbwX51TGu0mRzW4Y0YCF7qZlNrx06rxQTOr8IfM4 - FpOUurDTazgGzRYSespSdcitdrLCnF2YRVxvYXvGLe48E1KGAdlX5jgc3421H5KR - mudKHMxFqHJV8LDmowfs/acbZp4/SItxhHFYyTr6717yW0QrPHTnj7JHwQdqzZq3 - DZb3EoEmUVQK7GH29/Xi8orIlQ2NAgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgGG - MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATASBgNVHRMBAf8ECDAGAQH/ - AgEAMB0GA1UdDgQWBBS7vMNHpeS8qcbDpHIMEI2iNeHI6DAfBgNVHSMEGDAWgBR5 - tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAKG - Fmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0gBAwwCjAIBgZngQwBAgEwJwYD - VR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVuY3Iub3JnLzANBgkqhkiG9w0B - AQsFAAOCAgEAkrHnQTfreZ2B5s3iJeE6IOmQRJWjgVzPw139vaBw1bGWKCIL0vIo - zwzn1OZDjCQiHcFCktEJr59L9MhwTyAWsVrdAfYf+B9haxQnsHKNY67u4s5Lzzfd - u6PUzeetUK29v+PsPmI2cJkxp+iN3epi4hKu9ZzUPSwMqtCceb7qPVxEbpYxY1p9 - 1n5PJKBLBX9eb9LU6l8zSxPWV7bK3lG4XaMJgnT9x3ies7msFtpKK5bDtotij/l0 - GaKeA97pb5uwD9KgWvaFXMIEt8jVTjLEvwRdvCn294GPDF08U8lAkIv7tghluaQh - 1QnlE4SEN4LOECj8dsIGJXpGUk3aU3KkJz9icKy+aUgA+2cP21uh6NcDIS3XyfaZ - QjmDQ993ChII8SXWupQZVBiIpcWO4RqZk3lr7Bz5MUCwzDIA359e57SSq5CCkY0N - 4B6Vulk7LktfwrdGNVI5BsC9qqxSwSKgRJeZ9wygIaehbHFHFhcBaMDKpiZlBHyz - rsnnlFXCb5s8HKn5LsUgGvB24L7sGNZP2CX7dhHov+YhD+jozLW2p9W4959Bz2Ei - RmqDtmiXLnzqTpXbI+suyCsohKRg6Un0RC47+cpiVwHiXZAW+cn8eiNIjqbVgXLx - KPpdzvvtTnOPlC7SQZSYmdunr3Bf9b77AiC/ZidstK36dRILKz7OA54= - -----END CERTIFICATE----- ---- -# Source: argo-cd/templates/redis/health-configmap.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: argocd-redis-health-configmap - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: redis - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -data: - redis_liveness.sh: | - response=$( - redis-cli \ - -a "${REDIS_PASSWORD}" --no-auth-warning \ - -h localhost \ - -p 6379 \ - ping - ) - if [ "$response" != "PONG" ] && [ "${response:0:7}" != "LOADING" ] ; then - echo "$response" - exit 1 - fi - echo "response=$response" - redis_readiness.sh: | - response=$( - redis-cli \ - -a "${REDIS_PASSWORD}" --no-auth-warning \ - -h localhost \ - -p 6379 \ - ping - ) - if [ "$response" != "PONG" ] ; then - echo "$response" - exit 1 - fi - echo "response=$response" ---- -# Source: argo-cd/templates/crds/crd-application.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - "helm.sh/resource-policy": keep - labels: - app.kubernetes.io/name: applications.argoproj.io - app.kubernetes.io/part-of: argocd - name: applications.argoproj.io -spec: - group: argoproj.io - names: - kind: Application - listKind: ApplicationList - plural: applications - shortNames: - - app - - apps - singular: application - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.sync.status - name: Sync Status - type: string - - jsonPath: .status.health.status - name: Health Status - type: string - - jsonPath: .status.sync.revision - name: Revision - priority: 10 - type: string - - jsonPath: .spec.project - name: Project - priority: 10 - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Application is a definition of Application resource. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - operation: - description: Operation contains information about a requested or running - operation - properties: - info: - description: Info is a list of informational items for this operation - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - initiatedBy: - description: InitiatedBy contains information about who initiated - the operations - properties: - automated: - description: Automated is set to true if operation was initiated - automatically by the application controller. - type: boolean - username: - description: Username contains the name of a user who started - operation - type: string - type: object - retry: - description: Retry controls the strategy to apply if a sync fails - properties: - backoff: - description: Backoff controls how to backoff on subsequent retries - of failed syncs - properties: - duration: - description: Duration is the amount to back off. Default unit - is seconds, but could also be a duration (e.g. "2m", "1h") - type: string - factor: - description: Factor is a factor to multiply the base duration - after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of time allowed - for the backoff strategy - type: string - type: object - limit: - description: Limit is the maximum number of attempts for retrying - a failed sync. If set to 0, no retries will be performed. - format: int64 - type: integer - type: object - sync: - description: Sync contains parameters for the operation - properties: - autoHealAttemptsCount: - description: SelfHealAttemptsCount contains the number of auto-heal - attempts - format: int64 - type: integer - dryRun: - description: DryRun specifies to perform a `kubectl apply --dry-run` - without actually performing the sync - type: boolean - manifests: - description: Manifests is an optional field that overrides sync - source with a local directory for development - items: - type: string - type: array - prune: - description: Prune specifies to delete resources from the cluster - that are no longer tracked in git - type: boolean - resources: - description: Resources describes which resources shall be part - of the sync - items: - description: SyncOperationResource contains resources to sync. - properties: - group: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - - name - type: object - type: array - revision: - description: |- - Revision is the revision (Git) or chart version (Helm) which to sync the application to - If omitted, will use the revision specified in app spec. - type: string - revisions: - description: |- - Revisions is the list of revision (Git) or chart version (Helm) which to sync each source in sources field for the application to - If omitted, will use the revision specified in app spec. - items: - type: string - type: array - source: - description: |- - Source overrides the source definition set in the application. - This is typically set in a Rollback operation and is nil during a Sync operation - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded from - being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included during - manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable to - be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar represents a variable to - be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - fileParameters: - description: FileParameters are file parameters to the - helm template - items: - description: HelmFileParameter is a file parameter that's - passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by - not appending them to helm template --values - type: boolean - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - namespace: - description: Namespace is an optional namespace to template - with. If left empty, defaults to the app's destination - namespace. - type: string - parameters: - description: Parameters is a list of Helm parameters which - are passed to the helm template command upon manifest - generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all domains - (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to use. - If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for templating - ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources for - Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to force - applying common labels to resources for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize image - definition in the format [old_image_name=]: - type: string - type: array - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - labelWithoutSelector: - description: LabelWithoutSelector specifies whether to - apply common labels to resource selectors or not - type: boolean - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, usually - expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type - parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string type - parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` - tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or - Helm) that contains the application manifests - type: string - targetRevision: - description: |- - TargetRevision defines the revision of the source to sync the application to. - In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: |- - Sources overrides the source definition set in the application. - This is typically set in a Rollback operation and is nil during a Sync operation - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded from - being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included during - manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - fileParameters: - description: FileParameters are file parameters to the - helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally - by not appending them to helm template --values - type: boolean - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - namespace: - description: Namespace is an optional namespace to template - with. If left empty, defaults to the app's destination - namespace. - type: string - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to - use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - labelWithoutSelector: - description: LabelWithoutSelector specifies whether - to apply common labels to resource selectors or not - type: boolean - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type - parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` - tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or - Helm) that contains the application manifests - type: string - targetRevision: - description: |- - TargetRevision defines the revision of the source to sync the application to. - In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - syncOptions: - description: SyncOptions provide per-sync sync-options, e.g. Validate=false - items: - type: string - type: array - syncStrategy: - description: SyncStrategy describes how to perform the sync - properties: - apply: - description: Apply will perform a `kubectl apply` to perform - the sync. - properties: - force: - description: |- - Force indicates whether or not to supply the --force flag to `kubectl apply`. - The --force flag deletes and re-create the resource, when PATCH encounters conflict and has - retried for 5 times. - type: boolean - type: object - hook: - description: Hook will submit any referenced resources to - perform the sync. This is the default strategy - properties: - force: - description: |- - Force indicates whether or not to supply the --force flag to `kubectl apply`. - The --force flag deletes and re-create the resource, when PATCH encounters conflict and has - retried for 5 times. - type: boolean - type: object - type: object - type: object - type: object - spec: - description: ApplicationSpec represents desired application state. Contains - link to repository with application definition and additional parameters - link definition revision. - properties: - destination: - description: Destination is a reference to the target Kubernetes server - and namespace - properties: - name: - description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. - type: string - namespace: - description: |- - Namespace specifies the target namespace for the application's resources. - The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace - type: string - server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is not - set. - type: string - type: object - ignoreDifferences: - description: IgnoreDifferences is a list of resources and their fields - which should be ignored during comparison - items: - description: ResourceIgnoreDifferences contains resource filter - and list of json paths which should be ignored during comparison - with live state. - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - description: |- - ManagedFieldsManagers is a list of trusted managers. Fields mutated by those managers will take precedence over the - desired state defined in the SCM and won't be displayed in diffs - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - description: Info contains a list of information (URLs, email addresses, - and plain text) that relates to the application - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - description: |- - Project is a reference to the project this application belongs to. - The empty string means that application belongs to the 'default' project. - type: string - revisionHistoryLimit: - description: |- - RevisionHistoryLimit limits the number of items kept in the application's revision history, which is used for informational purposes as well as for rollbacks to previous versions. - This should only be changed in exceptional circumstances. - Setting to zero will store no history. This will reduce storage used. - Increasing will increase the space used to store the history, so we do not recommend increasing it. - Default is 10. - format: int64 - type: integer - source: - description: Source is a reference to the location of the application's - manifests or chart - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match paths - against that should be explicitly excluded from being used - during manifest generation - type: string - include: - description: Include contains a glob pattern to match paths - against that should be explicitly included during manifest - generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - fileParameters: - description: FileParameters are file parameters to the helm - template - items: - description: HelmFileParameter is a file parameter that's - passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by not - appending them to helm template --values - type: boolean - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - namespace: - description: Namespace is an optional namespace to template - with. If left empty, defaults to the app's destination namespace. - type: string - parameters: - description: Parameters is a list of Helm parameters which - are passed to the helm template command upon manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all domains - (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to use. - If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition installation - step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files to - use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for templating - ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional annotations - to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether to - apply env variables substitution for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels to - add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize components - to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to force - applying common annotations to resources for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to force - applying common labels to resources for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize image - definition in the format [old_image_name=]: - type: string - type: array - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - labelWithoutSelector: - description: LabelWithoutSelector specifies whether to apply - common labels to resource selectors or not - type: boolean - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize adds - to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas override - specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize to - use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, usually - expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or Helm) - that contains the application manifests - type: string - targetRevision: - description: |- - TargetRevision defines the revision of the source to sync the application to. - In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources is a reference to the location of the application's - manifests or chart - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match paths - against that should be explicitly excluded from being - used during manifest generation - type: string - include: - description: Include contains a glob pattern to match paths - against that should be explicitly included during manifest - generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - fileParameters: - description: FileParameters are file parameters to the helm - template - items: - description: HelmFileParameter is a file parameter that's - passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by not - appending them to helm template --values - type: boolean - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - namespace: - description: Namespace is an optional namespace to template - with. If left empty, defaults to the app's destination - namespace. - type: string - parameters: - description: Parameters is a list of Helm parameters which - are passed to the helm template command upon manifest - generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all domains - (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to use. - If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition installation - step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files to - use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for templating - ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional annotations - to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize components - to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to - force applying common annotations to resources for Kustomize - apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to force - applying common labels to resources for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize image - definition in the format [old_image_name=]: - type: string - type: array - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - labelWithoutSelector: - description: LabelWithoutSelector specifies whether to apply - common labels to resource selectors or not - type: boolean - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas override - specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, usually - expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string type - parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` - tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or Helm) - that contains the application manifests - type: string - targetRevision: - description: |- - TargetRevision defines the revision of the source to sync the application to. - In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - description: SyncPolicy controls when and how a sync will be performed - properties: - automated: - description: Automated will keep an application synced to the - target revision - properties: - allowEmpty: - description: 'AllowEmpty allows apps have zero live resources - (default: false)' - type: boolean - prune: - description: 'Prune specifies whether to delete resources - from the cluster that are not found in the sources anymore - as part of automated sync (default: false)' - type: boolean - selfHeal: - description: 'SelfHeal specifies whether to revert resources - back to their desired state upon modification in the cluster - (default: false)' - type: boolean - type: object - managedNamespaceMetadata: - description: ManagedNamespaceMetadata controls metadata in the - given namespace (if CreateNamespace=true) - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - description: Retry controls failed sync retry behavior - properties: - backoff: - description: Backoff controls how to backoff on subsequent - retries of failed syncs - properties: - duration: - description: Duration is the amount to back off. Default - unit is seconds, but could also be a duration (e.g. - "2m", "1h") - type: string - factor: - description: Factor is a factor to multiply the base duration - after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of time - allowed for the backoff strategy - type: string - type: object - limit: - description: Limit is the maximum number of attempts for retrying - a failed sync. If set to 0, no retries will be performed. - format: int64 - type: integer - type: object - syncOptions: - description: Options allow you to specify whole app sync-options - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - status: - description: ApplicationStatus contains status information for the application - properties: - conditions: - description: Conditions is a list of currently observed application - conditions - items: - description: ApplicationCondition contains details about an application - condition, which is usually an error or warning - properties: - lastTransitionTime: - description: LastTransitionTime is the time the condition was - last observed - format: date-time - type: string - message: - description: Message contains human-readable message indicating - details about condition - type: string - type: - description: Type is an application condition type - type: string - required: - - message - - type - type: object - type: array - controllerNamespace: - description: ControllerNamespace indicates the namespace in which - the application controller is located - type: string - health: - description: Health contains information about the application's current - health status - properties: - message: - description: Message is a human-readable informational message - describing the health status - type: string - status: - description: Status holds the status code of the application or - resource - type: string - type: object - history: - description: History contains information about the application's - sync history - items: - description: RevisionHistory contains history information about - a previous sync - properties: - deployStartedAt: - description: DeployStartedAt holds the time the sync operation - started - format: date-time - type: string - deployedAt: - description: DeployedAt holds the time the sync operation completed - format: date-time - type: string - id: - description: ID is an auto incrementing identifier of the RevisionHistory - format: int64 - type: integer - initiatedBy: - description: InitiatedBy contains information about who initiated - the operations - properties: - automated: - description: Automated is set to true if operation was initiated - automatically by the application controller. - type: boolean - username: - description: Username contains the name of a user who started - operation - type: string - type: object - revision: - description: Revision holds the revision the sync was performed - against - type: string - revisions: - description: Revisions holds the revision of each source in - sources field the sync was performed against - items: - type: string - type: array - source: - description: Source is a reference to the application source - used for the sync operation - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded from - being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included during - manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - fileParameters: - description: FileParameters are file parameters to the - helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally - by not appending them to helm template --values - type: boolean - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - namespace: - description: Namespace is an optional namespace to template - with. If left empty, defaults to the app's destination - namespace. - type: string - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to - use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - labelWithoutSelector: - description: LabelWithoutSelector specifies whether - to apply common labels to resource selectors or not - type: boolean - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type - parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` - tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or - Helm) that contains the application manifests - type: string - targetRevision: - description: |- - TargetRevision defines the revision of the source to sync the application to. - In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources is a reference to the application sources - used for the sync operation - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded - from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included - during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - fileParameters: - description: FileParameters are file parameters to - the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template --values - type: boolean - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - namespace: - description: Namespace is an optional namespace to - template with. If left empty, defaults to the app's - destination namespace. - type: string - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - labelWithoutSelector: - description: LabelWithoutSelector specifies whether - to apply common labels to resource selectors or - not - type: boolean - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying a - parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used with - a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: |- - TargetRevision defines the revision of the source to sync the application to. - In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - required: - - deployedAt - - id - type: object - type: array - observedAt: - description: |- - ObservedAt indicates when the application state was updated without querying latest git state - Deprecated: controller no longer updates ObservedAt field - format: date-time - type: string - operationState: - description: OperationState contains information about any ongoing - operations, such as a sync - properties: - finishedAt: - description: FinishedAt contains time of operation completion - format: date-time - type: string - message: - description: Message holds any pertinent messages when attempting - to perform operation (typically errors). - type: string - operation: - description: Operation is the original requested operation - properties: - info: - description: Info is a list of informational items for this - operation - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - initiatedBy: - description: InitiatedBy contains information about who initiated - the operations - properties: - automated: - description: Automated is set to true if operation was - initiated automatically by the application controller. - type: boolean - username: - description: Username contains the name of a user who - started operation - type: string - type: object - retry: - description: Retry controls the strategy to apply if a sync - fails - properties: - backoff: - description: Backoff controls how to backoff on subsequent - retries of failed syncs - properties: - duration: - description: Duration is the amount to back off. Default - unit is seconds, but could also be a duration (e.g. - "2m", "1h") - type: string - factor: - description: Factor is a factor to multiply the base - duration after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of - time allowed for the backoff strategy - type: string - type: object - limit: - description: Limit is the maximum number of attempts for - retrying a failed sync. If set to 0, no retries will - be performed. - format: int64 - type: integer - type: object - sync: - description: Sync contains parameters for the operation - properties: - autoHealAttemptsCount: - description: SelfHealAttemptsCount contains the number - of auto-heal attempts - format: int64 - type: integer - dryRun: - description: DryRun specifies to perform a `kubectl apply - --dry-run` without actually performing the sync - type: boolean - manifests: - description: Manifests is an optional field that overrides - sync source with a local directory for development - items: - type: string - type: array - prune: - description: Prune specifies to delete resources from - the cluster that are no longer tracked in git - type: boolean - resources: - description: Resources describes which resources shall - be part of the sync - items: - description: SyncOperationResource contains resources - to sync. - properties: - group: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - - name - type: object - type: array - revision: - description: |- - Revision is the revision (Git) or chart version (Helm) which to sync the application to - If omitted, will use the revision specified in app spec. - type: string - revisions: - description: |- - Revisions is the list of revision (Git) or chart version (Helm) which to sync each source in sources field for the application to - If omitted, will use the revision specified in app spec. - items: - type: string - type: array - source: - description: |- - Source overrides the source definition set in the application. - This is typically set in a Rollback operation and is nil during a Sync operation - properties: - chart: - description: Chart is a Helm chart name, and must - be specified for applications sourced from a Helm - repo. - type: string - directory: - description: Directory holds path/directory specific - options - properties: - exclude: - description: Exclude contains a glob pattern to - match paths against that should be explicitly - excluded from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to - match paths against that should be explicitly - included during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to - Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet - External Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan - a directory recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - fileParameters: - description: FileParameters are file parameters - to the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm - parameter - type: string - path: - description: Path is the path to the file - containing the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents - helm template from failing when valueFiles do - not exist locally by not appending them to helm - template --values - type: boolean - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - namespace: - description: Namespace is an optional namespace - to template with. If left empty, defaults to - the app's destination namespace. - type: string - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command - upon manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and - numbers as strings - type: boolean - name: - description: Name is the name of the Helm - parameter - type: string - value: - description: Value is the value for the - Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials - to all domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application - name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be - passed to helm template, typically defined as - a block. ValuesObject takes precedence over - Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a - map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use - for templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies - whether to apply env variables substitution - for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before - building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies - whether to force applying common annotations - to resources for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether - to force applying common labels to resources - for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image - override specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - labelWithoutSelector: - description: LabelWithoutSelector specifies whether - to apply common labels to resource selectors - or not - type: boolean - namePrefix: - description: NamePrefix is a prefix appended to - resources for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to - resources for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that - Kustomize adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of - Kustomize to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git - repository, and is only valid for applications sourced - from Git. - type: string - plugin: - description: Plugin holds config management plugin - specific options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in - the application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying - a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used - with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository - (Git or Helm) that contains the application manifests - type: string - targetRevision: - description: |- - TargetRevision defines the revision of the source to sync the application to. - In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: |- - Sources overrides the source definition set in the application. - This is typically set in a Rollback operation and is nil during a Sync operation - items: - description: ApplicationSource contains all required - information about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must - be specified for applications sourced from a Helm - repo. - type: string - directory: - description: Directory holds path/directory specific - options - properties: - exclude: - description: Exclude contains a glob pattern - to match paths against that should be explicitly - excluded from being used during manifest generation - type: string - include: - description: Include contains a glob pattern - to match paths against that should be explicitly - included during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific - to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet - External Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan - a directory recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - fileParameters: - description: FileParameters are file parameters - to the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm - parameter - type: string - path: - description: Path is the path to the file - containing the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents - helm template from failing when valueFiles - do not exist locally by not appending them - to helm template --values - type: boolean - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - namespace: - description: Namespace is an optional namespace - to template with. If left empty, defaults - to the app's destination namespace. - type: string - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command - upon manifest generation - items: - description: HelmParameter is a parameter - that's passed to helm template during manifest - generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and - numbers as strings - type: boolean - name: - description: Name is the name of the Helm - parameter - type: string - value: - description: Value is the value for the - Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials - to all domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release - name to use. If omitted it will use the application - name - type: string - skipCrds: - description: SkipCrds skips custom resource - definition installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to - be passed to helm template, typically defined - as a block. ValuesObject takes precedence - over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as - a map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to - use for templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific - options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of - additional annotations to add to rendered - manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies - whether to apply env variables substitution - for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of - kustomize components to add to the kustomization - before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies - whether to force applying common annotations - to resources for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether - to force applying common labels to resources - for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image - override specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - labelWithoutSelector: - description: LabelWithoutSelector specifies - whether to apply common labels to resource - selectors or not - type: boolean - namePrefix: - description: NamePrefix is a prefix appended - to resources for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended - to resources for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that - Kustomize adds to all resources - type: string - patches: - description: Patches is a list of Kustomize - patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize - Replicas override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version - of Kustomize to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the - Git repository, and is only valid for applications - sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin - specific options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry - in the application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the - variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an - array type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map - type parameter. - type: object - name: - description: Name is the name identifying - a parameter. - type: string - string: - description: String_ is the value of a - string type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source - within sources field. This field will not be used - if used with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository - (Git or Helm) that contains the application manifests - type: string - targetRevision: - description: |- - TargetRevision defines the revision of the source to sync the application to. - In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - syncOptions: - description: SyncOptions provide per-sync sync-options, - e.g. Validate=false - items: - type: string - type: array - syncStrategy: - description: SyncStrategy describes how to perform the - sync - properties: - apply: - description: Apply will perform a `kubectl apply` - to perform the sync. - properties: - force: - description: |- - Force indicates whether or not to supply the --force flag to `kubectl apply`. - The --force flag deletes and re-create the resource, when PATCH encounters conflict and has - retried for 5 times. - type: boolean - type: object - hook: - description: Hook will submit any referenced resources - to perform the sync. This is the default strategy - properties: - force: - description: |- - Force indicates whether or not to supply the --force flag to `kubectl apply`. - The --force flag deletes and re-create the resource, when PATCH encounters conflict and has - retried for 5 times. - type: boolean - type: object - type: object - type: object - type: object - phase: - description: Phase is the current phase of the operation - type: string - retryCount: - description: RetryCount contains time of operation retries - format: int64 - type: integer - startedAt: - description: StartedAt contains time of operation start - format: date-time - type: string - syncResult: - description: SyncResult is the result of a Sync operation - properties: - managedNamespaceMetadata: - description: ManagedNamespaceMetadata contains the current - sync state of managed namespace metadata - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - resources: - description: Resources contains a list of sync result items - for each individual resource in a sync operation - items: - description: ResourceResult holds the operation result details - of a specific resource - properties: - group: - description: Group specifies the API group of the resource - type: string - hookPhase: - description: |- - HookPhase contains the state of any operation associated with this resource OR hook - This can also contain values for non-hook resources. - type: string - hookType: - description: HookType specifies the type of the hook. - Empty for non-hook resources - type: string - kind: - description: Kind specifies the API kind of the resource - type: string - message: - description: Message contains an informational or error - message for the last sync OR operation - type: string - name: - description: Name specifies the name of the resource - type: string - namespace: - description: Namespace specifies the target namespace - of the resource - type: string - status: - description: Status holds the final result of the sync. - Will be empty if the resources is yet to be applied/pruned - and is always zero-value for hooks - type: string - syncPhase: - description: SyncPhase indicates the particular phase - of the sync that this result was acquired in - type: string - version: - description: Version specifies the API version of the - resource - type: string - required: - - group - - kind - - name - - namespace - - version - type: object - type: array - revision: - description: Revision holds the revision this sync operation - was performed to - type: string - revisions: - description: Revisions holds the revision this sync operation - was performed for respective indexed source in sources field - items: - type: string - type: array - source: - description: Source records the application source information - of the sync, used for comparing auto-sync - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded - from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included - during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - fileParameters: - description: FileParameters are file parameters to - the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template --values - type: boolean - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - namespace: - description: Namespace is an optional namespace to - template with. If left empty, defaults to the app's - destination namespace. - type: string - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - labelWithoutSelector: - description: LabelWithoutSelector specifies whether - to apply common labels to resource selectors or - not - type: boolean - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying a - parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used with - a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: |- - TargetRevision defines the revision of the source to sync the application to. - In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Source records the application source information - of the sync, used for comparing auto-sync - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be - specified for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific - options - properties: - exclude: - description: Exclude contains a glob pattern to - match paths against that should be explicitly - excluded from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to - match paths against that should be explicitly - included during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a - directory recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - fileParameters: - description: FileParameters are file parameters - to the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm - parameter - type: string - path: - description: Path is the path to the file - containing the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template - --values - type: boolean - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - namespace: - description: Namespace is an optional namespace - to template with. If left empty, defaults to the - app's destination namespace. - type: string - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command - upon manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm - parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to - all domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application - name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be - passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use - for templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies - whether to apply env variables substitution for - annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before - building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether - to force applying common labels to resources for - Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image - override specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - labelWithoutSelector: - description: LabelWithoutSelector specifies whether - to apply common labels to resource selectors or - not - type: boolean - namePrefix: - description: NamePrefix is a prefix appended to - resources for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to - resources for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git - repository, and is only valid for applications sourced - from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying - a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used - with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: |- - TargetRevision defines the revision of the source to sync the application to. - In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - required: - - revision - type: object - required: - - operation - - phase - - startedAt - type: object - reconciledAt: - description: ReconciledAt indicates when the application state was - reconciled using the latest git version - format: date-time - type: string - resourceHealthSource: - description: 'ResourceHealthSource indicates where the resource health - status is stored: inline if not set or appTree' - type: string - resources: - description: Resources is a list of Kubernetes resources managed by - this application - items: - description: |- - ResourceStatus holds the current sync and health status of a resource - TODO: describe members of this type - properties: - group: - type: string - health: - description: HealthStatus contains information about the currently - observed health state of an application or resource - properties: - message: - description: Message is a human-readable informational message - describing the health status - type: string - status: - description: Status holds the status code of the application - or resource - type: string - type: object - hook: - type: boolean - kind: - type: string - name: - type: string - namespace: - type: string - requiresPruning: - type: boolean - status: - description: SyncStatusCode is a type which represents possible - comparison results - type: string - syncWave: - format: int64 - type: integer - version: - type: string - type: object - type: array - sourceType: - description: SourceType specifies the type of this application - type: string - sourceTypes: - description: SourceTypes specifies the type of the sources included - in the application - items: - description: ApplicationSourceType specifies the type of the application's - source - type: string - type: array - summary: - description: Summary contains a list of URLs and container images - used by this application - properties: - externalURLs: - description: ExternalURLs holds all external URLs of application - child resources. - items: - type: string - type: array - images: - description: Images holds all images of application child resources. - items: - type: string - type: array - type: object - sync: - description: Sync contains information about the application's current - sync status - properties: - comparedTo: - description: ComparedTo contains information about what has been - compared - properties: - destination: - description: Destination is a reference to the application's - destination used for comparison - properties: - name: - description: Name is an alternate way of specifying the - target cluster by its symbolic name. This must be set - if Server is not set. - type: string - namespace: - description: |- - Namespace specifies the target namespace for the application's resources. - The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace - type: string - server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name - is not set. - type: string - type: object - ignoreDifferences: - description: IgnoreDifferences is a reference to the application's - ignored differences used for comparison - items: - description: ResourceIgnoreDifferences contains resource - filter and list of json paths which should be ignored - during comparison with live state. - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - description: |- - ManagedFieldsManagers is a list of trusted managers. Fields mutated by those managers will take precedence over the - desired state defined in the SCM and won't be displayed in diffs - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - source: - description: Source is a reference to the application's source - used for comparison - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded - from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included - during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - fileParameters: - description: FileParameters are file parameters to - the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template --values - type: boolean - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - namespace: - description: Namespace is an optional namespace to - template with. If left empty, defaults to the app's - destination namespace. - type: string - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - labelWithoutSelector: - description: LabelWithoutSelector specifies whether - to apply common labels to resource selectors or - not - type: boolean - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying a - parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used with - a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: |- - TargetRevision defines the revision of the source to sync the application to. - In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources is a reference to the application's multiple - sources used for comparison - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be - specified for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific - options - properties: - exclude: - description: Exclude contains a glob pattern to - match paths against that should be explicitly - excluded from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to - match paths against that should be explicitly - included during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a - directory recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - fileParameters: - description: FileParameters are file parameters - to the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm - parameter - type: string - path: - description: Path is the path to the file - containing the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template - --values - type: boolean - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - namespace: - description: Namespace is an optional namespace - to template with. If left empty, defaults to the - app's destination namespace. - type: string - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command - upon manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm - parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to - all domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application - name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be - passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use - for templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - apiVersions: - description: |- - APIVersions specifies the Kubernetes resource API versions to pass to Helm when templating manifests. By default, - Argo CD uses the API versions of the target cluster. The format is [group/]version/kind. - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies - whether to apply env variables substitution for - annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before - building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether - to force applying common labels to resources for - Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image - override specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - kubeVersion: - description: |- - KubeVersion specifies the Kubernetes API version to pass to Helm when templating manifests. By default, Argo CD - uses the Kubernetes version of the target cluster. - type: string - labelWithoutSelector: - description: LabelWithoutSelector specifies whether - to apply common labels to resource selectors or - not - type: boolean - namePrefix: - description: NamePrefix is a prefix appended to - resources for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to - resources for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git - repository, and is only valid for applications sourced - from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying - a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used - with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: |- - TargetRevision defines the revision of the source to sync the application to. - In case of Git, this can be commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - required: - - destination - type: object - revision: - description: Revision contains information about the revision - the comparison has been performed to - type: string - revisions: - description: Revisions contains information about the revisions - of multiple sources the comparison has been performed to - items: - type: string - type: array - status: - description: Status is the sync state of the comparison - type: string - required: - - status - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: {} ---- -# Source: argo-cd/templates/crds/crd-applicationset.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - "helm.sh/resource-policy": keep - labels: - app.kubernetes.io/name: applicationsets.argoproj.io - app.kubernetes.io/part-of: argocd - name: applicationsets.argoproj.io -spec: - group: argoproj.io - names: - kind: ApplicationSet - listKind: ApplicationSetList - plural: applicationsets - shortNames: - - appset - - appsets - singular: applicationset - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - applyNestedSelectors: - type: boolean - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - type: object - matrix: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - pullRequest: - properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - caRef: - properties: - configMapName: - type: string - key: - type: string - required: - - configMapName - - key - type: object - insecure: - type: boolean - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - targetBranchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - caRef: - properties: - configMapName: - type: string - key: - type: string - required: - - configMapName - - key - type: object - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - project - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - bitbucketServer: - properties: - allBranches: - type: boolean - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - caRef: - properties: - configMapName: - type: string - key: - type: string - required: - - configMapName - - key - type: object - insecure: - type: boolean - project: - type: string - required: - - api - - project - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - caRef: - properties: - configMapName: - type: string - key: - type: string - required: - - configMapName - - key - type: object - group: - type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - topic: - type: string - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - type: object - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - type: object - merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - pullRequest: - properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - caRef: - properties: - configMapName: - type: string - key: - type: string - required: - - configMapName - - key - type: object - insecure: - type: boolean - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - targetBranchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - caRef: - properties: - configMapName: - type: string - key: - type: string - required: - - configMapName - - key - type: object - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - project - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - bitbucketServer: - properties: - allBranches: - type: boolean - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - caRef: - properties: - configMapName: - type: string - key: - type: string - required: - - configMapName - - key - type: object - insecure: - type: boolean - project: - type: string - required: - - api - - project - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - caRef: - properties: - configMapName: - type: string - key: - type: string - required: - - configMapName - - key - type: object - group: - type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - topic: - type: string - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - type: object - type: array - mergeKeys: - items: - type: string - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - - mergeKeys - type: object - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - pullRequest: - properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - caRef: - properties: - configMapName: - type: string - key: - type: string - required: - - configMapName - - key - type: object - insecure: - type: boolean - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - targetBranchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - caRef: - properties: - configMapName: - type: string - key: - type: string - required: - - configMapName - - key - type: object - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - project - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - bitbucketServer: - properties: - allBranches: - type: boolean - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - caRef: - properties: - configMapName: - type: string - key: - type: string - required: - - configMapName - - key - type: object - insecure: - type: boolean - project: - type: string - required: - - api - - project - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - caRef: - properties: - configMapName: - type: string - key: - type: string - required: - - configMapName - - key - type: object - group: - type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - topic: - type: string - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - type: object - type: array - goTemplate: - type: boolean - goTemplateOptions: - items: - type: string - type: array - ignoreApplicationDifferences: - items: - properties: - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - name: - type: string - type: object - type: array - preservedFields: - properties: - annotations: - items: - type: string - type: array - labels: - items: - type: string - type: array - type: object - strategy: - properties: - rollingSync: - properties: - steps: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - type: object - type: array - maxUpdate: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: array - type: object - type: - type: string - type: object - syncPolicy: - properties: - applicationsSync: - enum: - - create-only - - create-update - - create-delete - - sync - type: string - preserveResourcesOnDeletion: - type: boolean - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - apiVersions: - items: - type: string - type: array - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - kubeVersion: - type: string - namespace: - type: string - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - apiVersions: - items: - type: string - type: array - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - kubeVersion: - type: string - labelWithoutSelector: - type: boolean - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - templatePatch: - type: string - required: - - generators - - template - type: object - status: - properties: - applicationStatus: - items: - properties: - application: - type: string - lastTransitionTime: - format: date-time - type: string - message: - type: string - status: - type: string - step: - type: string - targetRevisions: - items: - type: string - type: array - required: - - application - - message - - status - - step - - targetRevisions - type: object - type: array - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - message - - reason - - status - - type - type: object - type: array - resources: - items: - properties: - group: - type: string - health: - properties: - message: - type: string - status: - type: string - type: object - hook: - type: boolean - kind: - type: string - name: - type: string - namespace: - type: string - requiresPruning: - type: boolean - status: - type: string - syncWave: - format: int64 - type: integer - version: - type: string - type: object - type: array - type: object - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -# Source: argo-cd/templates/crds/crd-project.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - "helm.sh/resource-policy": keep - labels: - app.kubernetes.io/name: appprojects.argoproj.io - app.kubernetes.io/part-of: argocd - name: appprojects.argoproj.io -spec: - group: argoproj.io - names: - kind: AppProject - listKind: AppProjectList - plural: appprojects - shortNames: - - appproj - - appprojs - singular: appproject - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - AppProject provides a logical grouping of applications, providing controls for: - * where the apps may deploy to (cluster whitelist) - * what may be deployed (repository whitelist, resource whitelist/blacklist) - * who can access these applications (roles, OIDC group claims bindings) - * and what they can do (RBAC policies) - * automation access to these roles (JWT tokens) - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: AppProjectSpec is the specification of an AppProject - properties: - clusterResourceBlacklist: - description: ClusterResourceBlacklist contains list of blacklisted - cluster level resources - items: - description: |- - GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying - concepts during lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - clusterResourceWhitelist: - description: ClusterResourceWhitelist contains list of whitelisted - cluster level resources - items: - description: |- - GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying - concepts during lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - description: - description: Description contains optional project description - type: string - destinationServiceAccounts: - description: DestinationServiceAccounts holds information about the - service accounts to be impersonated for the application sync operation - for each destination. - items: - description: ApplicationDestinationServiceAccount holds information - about the service account to be impersonated for the application - sync operation. - properties: - defaultServiceAccount: - description: DefaultServiceAccount to be used for impersonation - during the sync operation - type: string - namespace: - description: Namespace specifies the target namespace for the - application's resources. - type: string - server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. - type: string - required: - - defaultServiceAccount - - server - type: object - type: array - destinations: - description: Destinations contains list of destinations available - for deployment - items: - description: ApplicationDestination holds information about the - application's destination - properties: - name: - description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. - type: string - namespace: - description: |- - Namespace specifies the target namespace for the application's resources. - The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace - type: string - server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is - not set. - type: string - type: object - type: array - namespaceResourceBlacklist: - description: NamespaceResourceBlacklist contains list of blacklisted - namespace level resources - items: - description: |- - GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying - concepts during lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - namespaceResourceWhitelist: - description: NamespaceResourceWhitelist contains list of whitelisted - namespace level resources - items: - description: |- - GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying - concepts during lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - orphanedResources: - description: OrphanedResources specifies if controller should monitor - orphaned resources of apps in this project - properties: - ignore: - description: Ignore contains a list of resources that are to be - excluded from orphaned resources monitoring - items: - description: OrphanedResourceKey is a reference to a resource - to be ignored from - properties: - group: - type: string - kind: - type: string - name: - type: string - type: object - type: array - warn: - description: Warn indicates if warning condition should be created - for apps which have orphaned resources - type: boolean - type: object - permitOnlyProjectScopedClusters: - description: PermitOnlyProjectScopedClusters determines whether destinations - can only reference clusters which are project-scoped - type: boolean - roles: - description: Roles are user defined RBAC roles associated with this - project - items: - description: ProjectRole represents a role that has access to a - project - properties: - description: - description: Description is a description of the role - type: string - groups: - description: Groups are a list of OIDC group claims bound to - this role - items: - type: string - type: array - jwtTokens: - description: JWTTokens are a list of generated JWT tokens bound - to this role - items: - description: JWTToken holds the issuedAt and expiresAt values - of a token - properties: - exp: - format: int64 - type: integer - iat: - format: int64 - type: integer - id: - type: string - required: - - iat - type: object - type: array - name: - description: Name is a name for this role - type: string - policies: - description: Policies Stores a list of casbin formatted strings - that define access policies for the role in the project - items: - type: string - type: array - required: - - name - type: object - type: array - signatureKeys: - description: SignatureKeys contains a list of PGP key IDs that commits - in Git must be signed with in order to be allowed for sync - items: - description: SignatureKey is the specification of a key required - to verify commit signatures with - properties: - keyID: - description: The ID of the key in hexadecimal notation - type: string - required: - - keyID - type: object - type: array - sourceNamespaces: - description: SourceNamespaces defines the namespaces application resources - are allowed to be created in - items: - type: string - type: array - sourceRepos: - description: SourceRepos contains list of repository URLs which can - be used for deployment - items: - type: string - type: array - syncWindows: - description: SyncWindows controls when syncs can be run for apps in - this project - items: - description: SyncWindow contains the kind, time, duration and attributes - that are used to assign the syncWindows to apps - properties: - applications: - description: Applications contains a list of applications that - the window will apply to - items: - type: string - type: array - clusters: - description: Clusters contains a list of clusters that the window - will apply to - items: - type: string - type: array - duration: - description: Duration is the amount of time the sync window - will be open - type: string - kind: - description: Kind defines if the window allows or blocks syncs - type: string - manualSync: - description: ManualSync enables manual syncs when they would - otherwise be blocked - type: boolean - namespaces: - description: Namespaces contains a list of namespaces that the - window will apply to - items: - type: string - type: array - schedule: - description: Schedule is the time the window will begin, specified - in cron format - type: string - timeZone: - description: TimeZone of the sync that will be applied to the - schedule - type: string - type: object - type: array - type: object - status: - description: AppProjectStatus contains status information for AppProject - CRs - properties: - jwtTokensByRole: - additionalProperties: - description: JWTTokens represents a list of JWT tokens - properties: - items: - items: - description: JWTToken holds the issuedAt and expiresAt values - of a token - properties: - exp: - format: int64 - type: integer - iat: - format: int64 - type: integer - id: - type: string - required: - - iat - type: object - type: array - type: object - description: JWTTokensByRole contains a list of JWT tokens issued - for a given role - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true ---- -# Source: argo-cd/templates/argocd-application-controller/clusterrole.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argocd-application-controller - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: application-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -rules: - - apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' - - nonResourceURLs: - - '*' - verbs: - - '*' ---- -# Source: argo-cd/templates/argocd-server/clusterrole.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argocd-server - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -rules: - - apiGroups: - - '*' - resources: - - '*' - verbs: - - delete # supports deletion a live object in UI - - get # supports viewing live object manifest in UI - - patch # supports `argocd app patch` - - list # supports `argocd appset generate` with cluster generator - - apiGroups: - - "" - resources: - - events - verbs: - - list # supports listing events in UI - - create - - apiGroups: - - "" - resources: - - pods - - pods/log - verbs: - - get # supports viewing pod logs from UI - - apiGroups: - - argoproj.io - resources: - - applications - - applicationsets - verbs: - - get - - list - - update - - watch - - apiGroups: - - batch - resources: - - - jobs - verbs: - - create - - apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - - create ---- -# Source: argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: argocd-application-controller - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: application-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argocd-application-controller -subjects: -- kind: ServiceAccount - name: argocd-application-controller - namespace: argocd ---- -# Source: argo-cd/templates/argocd-server/clusterrolebinding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: argocd-server - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argocd-server -subjects: -- kind: ServiceAccount - name: argocd-server - namespace: argocd ---- -# Source: argo-cd/templates/argocd-application-controller/role.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: argocd-application-controller - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: application-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - list -- apiGroups: - - apps - resources: - - deployments - verbs: - - get - - list - - watch ---- -# Source: argo-cd/templates/argocd-applicationset/role.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: argocd-applicationset-controller - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -rules: - - apiGroups: - - argoproj.io - resources: - - applications - - applicationsets - - applicationsets/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - argoproj.io - resources: - - applicationsets/status - verbs: - - get - - patch - - update - - apiGroups: - - argoproj.io - resources: - - appprojects - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - get - - list - - patch - - watch - - apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - update - - delete - - get - - list - - patch - - watch - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch - - apiGroups: - - apps - - extensions - resources: - - deployments - verbs: - - get - - list - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - delete - - get - - list - - patch - - update - - watch ---- -# Source: argo-cd/templates/argocd-repo-server/role.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: argocd-repo-server - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: repo-server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -rules: ---- -# Source: argo-cd/templates/argocd-server/role.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: argocd-server - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - argoproj.io - resources: - - applications - - applicationsets - - appprojects - verbs: - - create - - get - - list - - watch - - update - - delete - - patch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - list ---- -# Source: argo-cd/templates/argocd-application-controller/rolebinding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: argocd-application-controller - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: application-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-application-controller -subjects: - - kind: ServiceAccount - name: argocd-application-controller - namespace: argocd ---- -# Source: argo-cd/templates/argocd-applicationset/rolebinding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: argocd-applicationset-controller - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-applicationset-controller -subjects: - - kind: ServiceAccount - name: argocd-applicationset-controller - namespace: argocd ---- -# Source: argo-cd/templates/argocd-repo-server/rolebinding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: argocd-repo-server - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: repo-server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-repo-server -subjects: -- kind: ServiceAccount - name: argocd-repo-server - namespace: argocd ---- -# Source: argo-cd/templates/argocd-server/rolebinding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: argocd-server - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-server -subjects: -- kind: ServiceAccount - name: argocd-server - namespace: argocd ---- -# Source: argo-cd/templates/argocd-applicationset/service.yaml -apiVersion: v1 -kind: Service -metadata: - name: argocd-applicationset-controller - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -spec: - type: ClusterIP - ports: - - name: http-webhook - port: 7000 - targetPort: webhook - selector: - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/instance: argocd ---- -# Source: argo-cd/templates/argocd-repo-server/service.yaml -apiVersion: v1 -kind: Service -metadata: - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: repo-server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" - name: argocd-repo-server - namespace: argocd -spec: - ports: - - name: tcp-repo-server - protocol: TCP - port: 8081 - targetPort: repo-server - selector: - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/instance: argocd ---- -# Source: argo-cd/templates/argocd-server/service.yaml -apiVersion: v1 -kind: Service -metadata: - name: argocd-server - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -spec: - type: ClusterIP - sessionAffinity: None - ports: - - name: http - protocol: TCP - port: 80 - targetPort: 8080 - - name: https - protocol: TCP - port: 443 - targetPort: 8080 - selector: - app.kubernetes.io/name: argocd-server - app.kubernetes.io/instance: argocd ---- -# Source: argo-cd/templates/redis/service.yaml -apiVersion: v1 -kind: Service -metadata: - name: argocd-redis - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: redis - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -spec: - ports: - - name: redis - port: 6379 - targetPort: redis - selector: - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/instance: argocd ---- -# Source: argo-cd/templates/argocd-applicationset/deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argocd-applicationset-controller - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -spec: - replicas: 1 - revisionHistoryLimit: 3 - selector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/instance: argocd - template: - metadata: - annotations: - checksum/cmd-params: da520a00b489f06e2ae8c1ad5e08f4ab760bc81f36cb930087852d9c9395f787 - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" - spec: - terminationGracePeriodSeconds: 30 - serviceAccountName: argocd-applicationset-controller - automountServiceAccountToken: true - containers: - - name: applicationset-controller - image: quay.io/argoproj/argocd:v2.13.1 - imagePullPolicy: IfNotPresent - args: - - /usr/local/bin/argocd-applicationset-controller - - --metrics-addr=:8080 - - --probe-addr=:8081 - - --webhook-addr=:7000 - env: - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.global.preserved.annotations - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_LABELS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.global.preserved.labels - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.leader.election - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER - valueFrom: - configMapKeyRef: - key: repo.server - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.policy - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.policy.override - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.debug - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.log.level - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.dryrun - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_GIT_MODULES_ENABLED - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.git.submodule - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.progressive.syncs - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.new.git.file.globbing - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.repo.server.plaintext - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.repo.server.strict.tls - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.repo.server.timeout.seconds - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.concurrent.reconciliations.max - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.scm.root.ca.path - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.allowed.scm.providers - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.enable.scm.providers - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_WEBHOOK_PARALLELISM_LIMIT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.webhook.parallelism.limit - optional: true - ports: - - name: metrics - containerPort: 8080 - protocol: TCP - - name: probe - containerPort: 8081 - protocol: TCP - - name: webhook - containerPort: 7000 - protocol: TCP - resources: - {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /app/config/ssh - name: ssh-known-hosts - - mountPath: /app/config/tls - name: tls-certs - - mountPath: /app/config/gpg/source - name: gpg-keys - - mountPath: /app/config/gpg/keys - name: gpg-keyring - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls - - mountPath: /tmp - name: tmp - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller - topologyKey: kubernetes.io/hostname - volumes: - - name: ssh-known-hosts - configMap: - name: argocd-ssh-known-hosts-cm - - name: tls-certs - configMap: - name: argocd-tls-certs-cm - - name: gpg-keys - configMap: - name: argocd-gpg-keys-cm - - name: gpg-keyring - emptyDir: {} - - name: tmp - emptyDir: {} - - name: argocd-repo-server-tls - secret: - secretName: argocd-repo-server-tls - optional: true - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - dnsPolicy: ClusterFirst ---- -# Source: argo-cd/templates/argocd-repo-server/deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argocd-repo-server - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: repo-server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -spec: - replicas: 1 - revisionHistoryLimit: 3 - selector: - matchLabels: - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/instance: argocd - template: - metadata: - annotations: - checksum/cmd-params: da520a00b489f06e2ae8c1ad5e08f4ab760bc81f36cb930087852d9c9395f787 - checksum/cm: ffbd90689ecd3845ae26ecbd04b785504ad58e4b74111a125a8e10cd44f9059d - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: repo-server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" - spec: - terminationGracePeriodSeconds: 30 - serviceAccountName: argocd-repo-server - automountServiceAccountToken: true - containers: - - name: repo-server - image: quay.io/argoproj/argocd:v2.13.1 - imagePullPolicy: IfNotPresent - args: - - /usr/local/bin/argocd-repo-server - - --port=8081 - - --metrics-port=8084 - env: - - name: ARGOCD_REPO_SERVER_NAME - value: argocd-repo-server - - name: ARGOCD_RECONCILIATION_TIMEOUT - valueFrom: - configMapKeyRef: - name: argocd-cm - key: timeout.reconciliation - optional: true - - name: ARGOCD_REPO_SERVER_LOGFORMAT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.log.format - optional: true - - name: ARGOCD_REPO_SERVER_LOGLEVEL - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.log.level - optional: true - - name: ARGOCD_REPO_SERVER_PARALLELISM_LIMIT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.parallelism.limit - optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.listen.address - optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.metrics.listen.address - optional: true - - name: ARGOCD_REPO_SERVER_DISABLE_TLS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.disable.tls - optional: true - - name: ARGOCD_TLS_MIN_VERSION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.tls.minversion - optional: true - - name: ARGOCD_TLS_MAX_VERSION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.tls.maxversion - optional: true - - name: ARGOCD_TLS_CIPHERS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.tls.ciphers - optional: true - - name: ARGOCD_REPO_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.repo.cache.expiration - optional: true - - name: REDIS_SERVER - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: redis.server - optional: true - - name: REDIS_COMPRESSION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: redis.compression - optional: true - - name: REDISDB - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: redis.db - optional: true - - name: REDIS_USERNAME - valueFrom: - secretKeyRef: - name: argocd-redis - key: redis-username - optional: true - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: argocd-redis - key: auth - - name: REDIS_SENTINEL_USERNAME - valueFrom: - secretKeyRef: - name: argocd-redis - key: redis-sentinel-username - optional: true - - name: REDIS_SENTINEL_PASSWORD - valueFrom: - secretKeyRef: - name: argocd-redis - key: redis-sentinel-password - optional: true - - name: ARGOCD_DEFAULT_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.default.cache.expiration - optional: true - - name: ARGOCD_REPO_SERVER_OTLP_ADDRESS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: otlp.address - optional: true - - name: ARGOCD_REPO_SERVER_OTLP_INSECURE - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: otlp.insecure - optional: true - - name: ARGOCD_REPO_SERVER_OTLP_HEADERS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: otlp.headers - optional: true - - name: ARGOCD_REPO_SERVER_MAX_COMBINED_DIRECTORY_MANIFESTS_SIZE - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.max.combined.directory.manifests.size - optional: true - - name: ARGOCD_REPO_SERVER_PLUGIN_TAR_EXCLUSIONS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.plugin.tar.exclusions - optional: true - - name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS - valueFrom: - configMapKeyRef: - key: reposerver.allow.oob.symlinks - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_TAR_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.streamed.manifest.max.tar.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_EXTRACTED_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.streamed.manifest.max.extracted.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_HELM_MANIFEST_MAX_EXTRACTED_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.helm.manifest.max.extracted.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_DISABLE_HELM_MANIFEST_MAX_EXTRACTED_SIZE - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: reposerver.disable.helm.manifest.max.extracted.size - optional: true - - name: ARGOCD_GIT_MODULES_ENABLED - valueFrom: - configMapKeyRef: - key: reposerver.enable.git.submodule - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_GIT_LS_REMOTE_PARALLELISM_LIMIT - valueFrom: - configMapKeyRef: - key: reposerver.git.lsremote.parallelism.limit - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_GIT_REQUEST_TIMEOUT - valueFrom: - configMapKeyRef: - key: reposerver.git.request.timeout - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REVISION_CACHE_LOCK_TIMEOUT - valueFrom: - configMapKeyRef: - key: reposerver.revision.cache.lock.timeout - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_INCLUDE_HIDDEN_DIRECTORIES - valueFrom: - configMapKeyRef: - key: reposerver.include.hidden.directories - name: argocd-cmd-params-cm - optional: true - - name: HELM_CACHE_HOME - value: /helm-working-dir - - name: HELM_CONFIG_HOME - value: /helm-working-dir - - name: HELM_DATA_HOME - value: /helm-working-dir - volumeMounts: - - mountPath: /app/config/ssh - name: ssh-known-hosts - - mountPath: /app/config/tls - name: tls-certs - - mountPath: /app/config/gpg/source - name: gpg-keys - - mountPath: /app/config/gpg/keys - name: gpg-keyring - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls - - mountPath: /helm-working-dir - name: helm-working-dir - - mountPath: /home/argocd/cmp-server/plugins - name: plugins - - mountPath: /tmp - name: tmp - ports: - - name: repo-server - containerPort: 8081 - protocol: TCP - - name: metrics - containerPort: 8084 - protocol: TCP - livenessProbe: - httpGet: - path: /healthz?full=true - port: metrics - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /healthz - port: metrics - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - resources: - {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - initContainers: - - command: - - /bin/cp - - -n - - /usr/local/bin/argocd - - /var/run/argocd/argocd-cmp-server - image: quay.io/argoproj/argocd:v2.13.1 - imagePullPolicy: IfNotPresent - name: copyutil - resources: - {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /var/run/argocd - name: var-files - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-repo-server - topologyKey: kubernetes.io/hostname - volumes: - - name: helm-working-dir - emptyDir: {} - - name: plugins - emptyDir: {} - - name: var-files - emptyDir: {} - - name: tmp - emptyDir: {} - - name: ssh-known-hosts - configMap: - name: argocd-ssh-known-hosts-cm - - name: tls-certs - configMap: - name: argocd-tls-certs-cm - - name: gpg-keys - configMap: - name: argocd-gpg-keys-cm - - name: gpg-keyring - emptyDir: {} - - name: argocd-repo-server-tls - secret: - secretName: argocd-repo-server-tls - optional: true - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - dnsPolicy: ClusterFirst ---- -# Source: argo-cd/templates/argocd-server/deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argocd-server - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -spec: - replicas: 1 - revisionHistoryLimit: 3 - selector: - matchLabels: - app.kubernetes.io/name: argocd-server - app.kubernetes.io/instance: argocd - template: - metadata: - annotations: - checksum/cmd-params: da520a00b489f06e2ae8c1ad5e08f4ab760bc81f36cb930087852d9c9395f787 - checksum/cm: ffbd90689ecd3845ae26ecbd04b785504ad58e4b74111a125a8e10cd44f9059d - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-server - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" - spec: - terminationGracePeriodSeconds: 30 - serviceAccountName: argocd-server - automountServiceAccountToken: true - containers: - - name: server - image: quay.io/argoproj/argocd:v2.13.1 - imagePullPolicy: IfNotPresent - args: - - /usr/local/bin/argocd-server - - --port=8080 - - --metrics-port=8083 - env: - - name: ARGOCD_SERVER_NAME - value: argocd-server - - name: ARGOCD_SERVER_INSECURE - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.insecure - optional: true - - name: ARGOCD_SERVER_BASEHREF - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.basehref - optional: true - - name: ARGOCD_SERVER_ROOTPATH - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.rootpath - optional: true - - name: ARGOCD_SERVER_LOGFORMAT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.log.format - optional: true - - name: ARGOCD_SERVER_LOG_LEVEL - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.log.level - optional: true - - name: ARGOCD_SERVER_REPO_SERVER - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: repo.server - optional: true - - name: ARGOCD_SERVER_DEX_SERVER - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.dex.server - optional: true - - name: ARGOCD_SERVER_DISABLE_AUTH - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.disable.auth - optional: true - - name: ARGOCD_SERVER_ENABLE_GZIP - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.enable.gzip - optional: true - - name: ARGOCD_SERVER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.repo.server.timeout.seconds - optional: true - - name: ARGOCD_SERVER_X_FRAME_OPTIONS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.x.frame.options - optional: true - - name: ARGOCD_SERVER_CONTENT_SECURITY_POLICY - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.content.security.policy - optional: true - - name: ARGOCD_SERVER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.repo.server.plaintext - optional: true - - name: ARGOCD_SERVER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.repo.server.strict.tls - optional: true - - name: ARGOCD_SERVER_DEX_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.dex.server.plaintext - optional: true - - name: ARGOCD_SERVER_DEX_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.dex.server.strict.tls - optional: true - - name: ARGOCD_TLS_MIN_VERSION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.tls.minversion - optional: true - - name: ARGOCD_TLS_MAX_VERSION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.tls.maxversion - optional: true - - name: ARGOCD_TLS_CIPHERS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.tls.ciphers - optional: true - - name: ARGOCD_SERVER_CONNECTION_STATUS_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.connection.status.cache.expiration - optional: true - - name: ARGOCD_SERVER_OIDC_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.oidc.cache.expiration - optional: true - - name: ARGOCD_SERVER_LOGIN_ATTEMPTS_EXPIRATION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.login.attempts.expiration - optional: true - - name: ARGOCD_SERVER_STATIC_ASSETS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.staticassets - optional: true - - name: ARGOCD_APP_STATE_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.app.state.cache.expiration - optional: true - - name: REDIS_SERVER - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: redis.server - optional: true - - name: REDIS_COMPRESSION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: redis.compression - optional: true - - name: REDISDB - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: redis.db - optional: true - - name: REDIS_USERNAME - valueFrom: - secretKeyRef: - name: argocd-redis - key: redis-username - optional: true - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: argocd-redis - key: auth - - name: REDIS_SENTINEL_USERNAME - valueFrom: - secretKeyRef: - name: argocd-redis - key: redis-sentinel-username - optional: true - - name: REDIS_SENTINEL_PASSWORD - valueFrom: - secretKeyRef: - name: argocd-redis - key: redis-sentinel-password - optional: true - - name: ARGOCD_DEFAULT_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.default.cache.expiration - optional: true - - name: ARGOCD_MAX_COOKIE_NUMBER - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.http.cookie.maxnumber - optional: true - - name: ARGOCD_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.listen.address - optional: true - - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.metrics.listen.address - optional: true - - name: ARGOCD_SERVER_OTLP_ADDRESS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: otlp.address - optional: true - - name: ARGOCD_SERVER_OTLP_INSECURE - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: otlp.insecure - optional: true - - name: ARGOCD_SERVER_OTLP_HEADERS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: otlp.headers - optional: true - - name: ARGOCD_APPLICATION_NAMESPACES - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: application.namespaces - optional: true - - name: ARGOCD_SERVER_ENABLE_PROXY_EXTENSION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.enable.proxy.extension - optional: true - - name: ARGOCD_K8SCLIENT_RETRY_MAX - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.k8sclient.retry.max - optional: true - - name: ARGOCD_K8SCLIENT_RETRY_BASE_BACKOFF - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.k8sclient.retry.base.backoff - optional: true - - name: ARGOCD_API_CONTENT_TYPES - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.api.content.types - optional: true - - name: ARGOCD_SERVER_WEBHOOK_PARALLELISM_LIMIT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: server.webhook.parallelism.limit - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.new.git.file.globbing - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.scm.root.ca.path - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.allowed.scm.providers - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: applicationsetcontroller.enable.scm.providers - optional: true - volumeMounts: - - mountPath: /app/config/ssh - name: ssh-known-hosts - - mountPath: /app/config/tls - name: tls-certs - - mountPath: /app/config/server/tls - name: argocd-repo-server-tls - - mountPath: /app/config/dex/tls - name: argocd-dex-server-tls - - mountPath: /home/argocd - name: plugins-home - - mountPath: /shared/app/custom - name: styles - - mountPath: /tmp - name: tmp - - name: argocd-cmd-params-cm - mountPath: /home/argocd/params - ports: - - name: server - containerPort: 8080 - protocol: TCP - - name: metrics - containerPort: 8083 - protocol: TCP - livenessProbe: - httpGet: - path: /healthz?full=true - port: server - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /healthz - port: server - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - resources: - {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-server - topologyKey: kubernetes.io/hostname - volumes: - - name: plugins-home - emptyDir: {} - - name: tmp - emptyDir: {} - - name: ssh-known-hosts - configMap: - name: argocd-ssh-known-hosts-cm - - name: tls-certs - configMap: - name: argocd-tls-certs-cm - - name: styles - configMap: - name: argocd-styles-cm - optional: true - - name: argocd-repo-server-tls - secret: - secretName: argocd-repo-server-tls - optional: true - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - - name: argocd-dex-server-tls - secret: - secretName: argocd-dex-server-tls - optional: true - items: - - key: tls.crt - path: tls.crt - - key: ca.crt - path: ca.crt - - name: argocd-cmd-params-cm - configMap: - optional: true - name: argocd-cmd-params-cm - items: - - key: server.profile.enabled - path: profiler.enabled - dnsPolicy: ClusterFirst ---- -# Source: argo-cd/templates/redis/deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argocd-redis - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: redis - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -spec: - replicas: 1 - revisionHistoryLimit: 3 - selector: - matchLabels: - app.kubernetes.io/name: argocd-redis - template: - metadata: - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: redis - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" - spec: - securityContext: - runAsNonRoot: true - runAsUser: 999 - seccompProfile: - type: RuntimeDefault - terminationGracePeriodSeconds: 30 - serviceAccountName: default - automountServiceAccountToken: true - containers: - - name: redis - image: public.ecr.aws/docker/library/redis:7.4.1-alpine - imagePullPolicy: IfNotPresent - args: - - --save - - "" - - --appendonly - - "no" - - --requirepass $(REDIS_PASSWORD) - env: - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: argocd-redis - key: auth - ports: - - name: redis - containerPort: 6379 - protocol: TCP - resources: - {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - volumeMounts: - - mountPath: /health - name: health - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-redis - topologyKey: kubernetes.io/hostname - volumes: - - name: health - configMap: - name: argocd-redis-health-configmap - defaultMode: 493 - dnsPolicy: ClusterFirst ---- -# Source: argo-cd/templates/argocd-application-controller/statefulset.yaml -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: argocd-application-controller - namespace: argocd - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: application-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -spec: - replicas: 1 - revisionHistoryLimit: 5 - serviceName: argocd-application-controller - selector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/instance: argocd - template: - metadata: - annotations: - checksum/cmd-params: da520a00b489f06e2ae8c1ad5e08f4ab760bc81f36cb930087852d9c9395f787 - checksum/cm: ffbd90689ecd3845ae26ecbd04b785504ad58e4b74111a125a8e10cd44f9059d - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: application-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" - spec: - terminationGracePeriodSeconds: 30 - serviceAccountName: argocd-application-controller - automountServiceAccountToken: true - containers: - - args: - - /usr/local/bin/argocd-application-controller - - --metrics-port=8082 - image: quay.io/argoproj/argocd:v2.13.1 - imagePullPolicy: IfNotPresent - name: application-controller - env: - - name: ARGOCD_CONTROLLER_REPLICAS - value: "1" - - name: ARGOCD_APPLICATION_CONTROLLER_NAME - value: argocd-application-controller - - name: ARGOCD_RECONCILIATION_TIMEOUT - valueFrom: - configMapKeyRef: - name: argocd-cm - key: timeout.reconciliation - optional: true - - name: ARGOCD_HARD_RECONCILIATION_TIMEOUT - valueFrom: - configMapKeyRef: - name: argocd-cm - key: timeout.hard.reconciliation - optional: true - - name: ARGOCD_RECONCILIATION_JITTER - valueFrom: - configMapKeyRef: - key: timeout.reconciliation.jitter - name: argocd-cm - optional: true - - name: ARGOCD_REPO_ERROR_GRACE_PERIOD_SECONDS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.repo.error.grace.period.seconds - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: repo.server - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.repo.server.timeout.seconds - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_STATUS_PROCESSORS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.status.processors - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_OPERATION_PROCESSORS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.operation.processors - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.log.format - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.log.level - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_METRICS_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.metrics.cache.expiration - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.self.heal.timeout.seconds - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.self.heal.backoff.timeout.seconds - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_FACTOR - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.self.heal.backoff.factor - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_BACKOFF_CAP_SECONDS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.self.heal.backoff.cap.seconds - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.repo.server.plaintext - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.repo.server.strict.tls - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_PERSIST_RESOURCE_HEALTH - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.resource.health.persist - optional: true - - name: ARGOCD_APP_STATE_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.app.state.cache.expiration - optional: true - - name: REDIS_SERVER - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: redis.server - optional: true - - name: REDIS_COMPRESSION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: redis.compression - optional: true - - name: REDISDB - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: redis.db - optional: true - - name: REDIS_USERNAME - valueFrom: - secretKeyRef: - name: argocd-redis - key: redis-username - optional: true - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: argocd-redis - key: auth - - name: REDIS_SENTINEL_USERNAME - valueFrom: - secretKeyRef: - name: argocd-redis - key: redis-sentinel-username - optional: true - - name: REDIS_SENTINEL_PASSWORD - valueFrom: - secretKeyRef: - name: argocd-redis - key: redis-sentinel-password - optional: true - - name: ARGOCD_DEFAULT_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.default.cache.expiration - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_ADDRESS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: otlp.address - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_INSECURE - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: otlp.insecure - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_HEADERS - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: otlp.headers - optional: true - - name: ARGOCD_APPLICATION_NAMESPACES - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: application.namespaces - optional: true - - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.sharding.algorithm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.kubectl.parallelism.limit - optional: true - - name: ARGOCD_K8SCLIENT_RETRY_MAX - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.k8sclient.retry.max - optional: true - - name: ARGOCD_K8SCLIENT_RETRY_BASE_BACKOFF - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.k8sclient.retry.base.backoff - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_SERVER_SIDE_DIFF - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.diff.server.side - optional: true - - name: ARGOCD_IGNORE_NORMALIZER_JQ_TIMEOUT - valueFrom: - configMapKeyRef: - name: argocd-cmd-params-cm - key: controller.ignore.normalizer.jq.timeout - optional: true - ports: - - name: metrics - containerPort: 8082 - protocol: TCP - readinessProbe: - httpGet: - path: /healthz - port: metrics - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - resources: - {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - workingDir: /home/argocd - volumeMounts: - - mountPath: /app/config/controller/tls - name: argocd-repo-server-tls - - mountPath: /home/argocd - name: argocd-home - - name: argocd-cmd-params-cm - mountPath: /home/argocd/params - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - topologyKey: kubernetes.io/hostname - volumes: - - name: argocd-home - emptyDir: {} - - name: argocd-repo-server-tls - secret: - secretName: argocd-repo-server-tls - optional: true - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - - name: argocd-cmd-params-cm - configMap: - optional: true - name: argocd-cmd-params-cm - items: - - key: controller.profile.enabled - path: profiler.enabled - dnsPolicy: ClusterFirst ---- -# Source: argo-cd/templates/redis-secret-init/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: true -metadata: - name: argocd-redis-secret-init - namespace: "argocd" - annotations: - "helm.sh/hook": pre-install,pre-upgrade - "helm.sh/hook-delete-policy": before-hook-creation - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-redis-secret-init - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: redis-secret-init - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" ---- -# Source: argo-cd/templates/redis-secret-init/role.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - annotations: - "helm.sh/hook": pre-install,pre-upgrade - "helm.sh/hook-delete-policy": before-hook-creation - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-redis-secret-init - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: redis-secret-init - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" - name: argocd-redis-secret-init - namespace: "argocd" -rules: - - apiGroups: - - "" - resources: - - secrets - resourceNames: - - argocd-redis - verbs: - - get - - apiGroups: - - "" - resources: - - secrets - verbs: - - create ---- -# Source: argo-cd/templates/redis-secret-init/rolebinding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - annotations: - "helm.sh/hook": pre-install,pre-upgrade - "helm.sh/hook-delete-policy": before-hook-creation - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-redis-secret-init - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: redis-secret-init - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" - name: argocd-redis-secret-init - namespace: "argocd" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-redis-secret-init -subjects: - - kind: ServiceAccount - name: argocd-redis-secret-init ---- -# Source: argo-cd/templates/redis-secret-init/job.yaml -apiVersion: batch/v1 -kind: Job -metadata: - name: argocd-redis-secret-init - namespace: "argocd" - annotations: - "helm.sh/hook": pre-install,pre-upgrade - "helm.sh/hook-delete-policy": before-hook-creation - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-redis-secret-init - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: redis-secret-init - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" -spec: - ttlSecondsAfterFinished: 60 - template: - metadata: - labels: - helm.sh/chart: argo-cd-7.7.5 - app.kubernetes.io/name: argocd-redis-secret-init - app.kubernetes.io/instance: argocd - app.kubernetes.io/component: redis-secret-init - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argocd - app.kubernetes.io/version: "v2.13.1" - spec: - containers: - - command: - - argocd - - admin - - redis-initial-password - image: quay.io/argoproj/argocd:v2.13.1 - imagePullPolicy: IfNotPresent - name: secret-init - resources: - {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - restartPolicy: OnFailure - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-redis-secret-init - topologyKey: kubernetes.io/hostname - serviceAccountName: argocd-redis-secret-init diff --git a/template/stacks/core/crossplane-compositions.yaml b/template/stacks/core/crossplane-compositions.yaml index f6a6bc0..d5341c8 100644 --- a/template/stacks/core/crossplane-compositions.yaml +++ b/template/stacks/core/crossplane-compositions.yaml @@ -17,7 +17,7 @@ spec: namespace: crossplane-system source: path: stacks/core/crossplane-compositions - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD directory: recurse: true diff --git a/template/stacks/core/crossplane-providers.yaml b/template/stacks/core/crossplane-providers.yaml index 760c33e..3fd69b7 100644 --- a/template/stacks/core/crossplane-providers.yaml +++ b/template/stacks/core/crossplane-providers.yaml @@ -18,6 +18,6 @@ spec: namespace: crossplane-system source: path: stacks/core/crossplane-providers - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD {{{ end }}} diff --git a/template/stacks/core/forgejo-runner.yaml b/template/stacks/core/forgejo-runner.yaml new file mode 100644 index 0000000..edff667 --- /dev/null +++ b/template/stacks/core/forgejo-runner.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: forgejo-runner + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + server: "https://kubernetes.default.svc" + source: + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder + targetRevision: HEAD + path: "stacks/core/forgejo-runner" diff --git a/template/stacks/core/forgejo-runner/dind-docker.yaml b/template/stacks/core/forgejo-runner/dind-docker.yaml new file mode 100644 index 0000000..04b07a7 --- /dev/null +++ b/template/stacks/core/forgejo-runner/dind-docker.yaml @@ -0,0 +1,105 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: forgejo-runner + name: forgejo-runner + namespace: gitea +spec: + # Two replicas means that if one is busy, the other can pick up jobs. + replicas: 1 + selector: + matchLabels: + app: forgejo-runner + strategy: {} + template: + metadata: + creationTimestamp: null + labels: + app: forgejo-runner + spec: + restartPolicy: Always + volumes: + - name: docker-certs + emptyDir: {} + - name: runner-data + emptyDir: {} + # Initialise our configuration file using offline registration + # https://forgejo.org/docs/v1.21/admin/actions/#offline-registration + initContainers: + - name: runner-register + image: code.forgejo.org/forgejo/runner:6.0.1 + command: + - "forgejo-runner" + - "register" + - "--no-interactive" + - "--token" + - $(RUNNER_SECRET) + - "--name" + - $(RUNNER_NAME) + - "--instance" + - $(FORGEJO_INSTANCE_URL) + - "--labels" + - "docker:docker://node:20-bookworm,ubuntu-22.04:docker://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/catthehackerubuntu:act-22.04,ubuntu-latest:docker://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/catthehackerubuntu:act-22.04" + env: + - name: RUNNER_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: RUNNER_SECRET + valueFrom: + secretKeyRef: + name: forgejo-runner-token + key: token + - name: FORGEJO_INSTANCE_URL + value: https://{{{ .Env.DOMAIN_GITEA }}} + volumeMounts: + - name: runner-data + mountPath: /data + containers: + - name: runner + image: code.forgejo.org/forgejo/runner:6.0.1 + command: + - "sh" + - "-c" + - | + while ! nc -z 127.0.0.1 2376 config.yml ; + sed -i -e "s|privileged: .*|privileged: true|" config.yml + sed -i -e "s|network: .*|network: host|" config.yml ; + sed -i -e "s|^ envs:$$| envs:\n DOCKER_HOST: tcp://127.0.0.1:2376\n DOCKER_TLS_VERIFY: 1\n DOCKER_CERT_PATH: /certs/client|" config.yml ; + sed -i -e "s|^ options:| options: -v /certs/client:/certs/client|" config.yml ; + sed -i -e "s| valid_volumes: \[\]$$| valid_volumes:\n - /certs/client|" config.yml ; + /bin/forgejo-runner --config config.yml daemon + securityContext: + allowPrivilegeEscalation: true + privileged: true + readOnlyRootFilesystem: false + runAsGroup: 0 + runAsNonRoot: false + runAsUser: 0 + env: + - name: DOCKER_HOST + value: tcp://localhost:2376 + - name: DOCKER_CERT_PATH + value: /certs/client + - name: DOCKER_TLS_VERIFY + value: "1" + volumeMounts: + - name: docker-certs + mountPath: /certs + - name: runner-data + mountPath: /data + - name: daemon + image: docker:27.4.1-dind + env: + - name: DOCKER_TLS_CERTDIR + value: /certs + securityContext: + privileged: true + volumeMounts: + - name: docker-certs + mountPath: /certs diff --git a/template/stacks/core/forgejo.yaml b/template/stacks/core/forgejo.yaml index c8328c0..9b4aeae 100644 --- a/template/stacks/core/forgejo.yaml +++ b/template/stacks/core/forgejo.yaml @@ -22,6 +22,6 @@ spec: helm: valueFiles: - $values/stacks/core/forgejo/values.yaml - - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + - repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD ref: values diff --git a/template/stacks/core/forgejo/hydrated/install.yaml b/template/stacks/core/forgejo/hydrated/install.yaml deleted file mode 100644 index a366e64..0000000 --- a/template/stacks/core/forgejo/hydrated/install.yaml +++ /dev/null @@ -1,619 +0,0 @@ ---- -# Source: forgejo/templates/gitea/config.yaml -apiVersion: v1 -kind: Secret -metadata: - name: forgejo-inline-config - namespace: "gitea" - labels: - helm.sh/chart: forgejo-0.0.0 - app: forgejo - app.kubernetes.io/name: forgejo - app.kubernetes.io/instance: forgejo - app.kubernetes.io/version: "9.0.2" - version: "9.0.2" - app.kubernetes.io/managed-by: Helm -type: Opaque -stringData: - _generals_: |- - APP_NAME=Forgejo: Beyond coding. We forge. - RUN_MODE=prod - cache: |- - ADAPTER=memory - HOST= - database: DB_TYPE=sqlite3 - indexer: ISSUE_INDEXER_TYPE=db - metrics: ENABLED=false - queue: |- - CONN_STR= - TYPE=level - repository: ROOT=/data/git/gitea-repositories - security: INSTALL_LOCK=true - server: |- - APP_DATA_PATH=/data - DOMAIN=gitea.runner.c-one-infra.de - ENABLE_PPROF=false - HTTP_PORT=3000 - PROTOCOL=http - ROOT_URL=https://gitea.runner.c-one-infra.de:443 - SSH_DOMAIN=gitea.runner.c-one-infra.de - SSH_LISTEN_PORT=2222 - SSH_PORT=22 - START_SSH_SERVER=true - session: |- - PROVIDER=memory - PROVIDER_CONFIG= ---- -# Source: forgejo/templates/gitea/config.yaml -apiVersion: v1 -kind: Secret -metadata: - name: forgejo - labels: - helm.sh/chart: forgejo-0.0.0 - app: forgejo - app.kubernetes.io/name: forgejo - app.kubernetes.io/instance: forgejo - app.kubernetes.io/version: "9.0.2" - version: "9.0.2" - app.kubernetes.io/managed-by: Helm -type: Opaque -stringData: - assertions: | - config_environment.sh: |- - #!/usr/bin/env bash - set -euo pipefail - - function env2ini::log() { - printf "${1}\n" - } - - function env2ini::read_config_to_env() { - local section="${1}" - local line="${2}" - - if [[ -z "${line}" ]]; then - # skip empty line - return - fi - - # 'xargs echo -n' trims all leading/trailing whitespaces and a trailing new line - local setting="$(awk -F '=' '{print $1}' <<< "${line}" | xargs echo -n)" - - if [[ -z "${setting}" ]]; then - env2ini::log ' ! invalid setting' - exit 1 - fi - - local value='' - local regex="^${setting}(\s*)=(\s*)(.*)" - if [[ $line =~ $regex ]]; then - value="${BASH_REMATCH[3]}" - else - env2ini::log ' ! invalid setting' - exit 1 - fi - - env2ini::log " + '${setting}'" - - if [[ -z "${section}" ]]; then - export "FORGEJO____${setting^^}=${value}" # '^^' makes the variable content uppercase - return - fi - - local masked_section="${section//./_0X2E_}" # '//' instructs to replace all matches - masked_section="${masked_section//-/_0X2D_}" - - export "FORGEJO__${masked_section^^}__${setting^^}=${value}" # '^^' makes the variable content uppercase - } - - function env2ini::reload_preset_envs() { - env2ini::log "Reloading preset envs..." - - while read -r line; do - if [[ -z "${line}" ]]; then - # skip empty line - return - fi - - # 'xargs echo -n' trims all leading/trailing whitespaces and a trailing new line - local setting="$(awk -F '=' '{print $1}' <<< "${line}" | xargs echo -n)" - - if [[ -z "${setting}" ]]; then - env2ini::log ' ! invalid setting' - exit 1 - fi - - local value='' - local regex="^${setting}(\s*)=(\s*)(.*)" - if [[ $line =~ $regex ]]; then - value="${BASH_REMATCH[3]}" - else - env2ini::log ' ! invalid setting' - exit 1 - fi - - env2ini::log " + '${setting}'" - - export "${setting^^}=${value}" # '^^' makes the variable content uppercase - done < "/tmp/existing-envs" - - rm /tmp/existing-envs - } - - - function env2ini::process_config_file() { - local config_file="${1}" - local section="$(basename "${config_file}")" - - if [[ $section == '_generals_' ]]; then - env2ini::log " [ini root]" - section='' - else - env2ini::log " ${section}" - fi - - while read -r line; do - env2ini::read_config_to_env "${section}" "${line}" - done < <(awk 1 "${config_file}") # Helm .toYaml trims the trailing new line which breaks line processing; awk 1 ... adds it back while reading - } - - function env2ini::load_config_sources() { - local path="${1}" - - if [[ -d "${path}" ]]; then - env2ini::log "Processing $(basename "${path}")..." - - while read -d '' configFile; do - env2ini::process_config_file "${configFile}" - done < <(find "${path}" -type l -not -name '..data' -print0) - - env2ini::log "\n" - fi - } - - function env2ini::generate_initial_secrets() { - # These environment variables will either be - # - overwritten with user defined values, - # - initially used to set up Forgejo - # Anyway, they won't harm existing app.ini files - - export FORGEJO__SECURITY__INTERNAL_TOKEN=$(gitea generate secret INTERNAL_TOKEN) - export FORGEJO__SECURITY__SECRET_KEY=$(gitea generate secret SECRET_KEY) - export FORGEJO__OAUTH2__JWT_SECRET=$(gitea generate secret JWT_SECRET) - export FORGEJO__SERVER__LFS_JWT_SECRET=$(gitea generate secret LFS_JWT_SECRET) - - env2ini::log "...Initial secrets generated\n" - } - - # save existing envs prior to script execution. Necessary to keep order of - # preexisting and custom envs - env | (grep -e '^FORGEJO__' || [[ $? == 1 ]]) > /tmp/existing-envs - - # MUST BE CALLED BEFORE OTHER CONFIGURATION - env2ini::generate_initial_secrets - - env2ini::load_config_sources '/env-to-ini-mounts/inlines/' - env2ini::load_config_sources '/env-to-ini-mounts/additionals/' - - # load existing envs to override auto generated envs - env2ini::reload_preset_envs - - env2ini::log "=== All configuration sources loaded ===\n" - - # safety to prevent rewrite of secret keys if an app.ini already exists - if [ -f ${GITEA_APP_INI} ]; then - env2ini::log 'An app.ini file already exists. To prevent overwriting secret keys, these settings are dropped and remain unchanged:' - env2ini::log ' - security.INTERNAL_TOKEN' - env2ini::log ' - security.SECRET_KEY' - env2ini::log ' - oauth2.JWT_SECRET' - env2ini::log ' - server.LFS_JWT_SECRET' - - unset FORGEJO__SECURITY__INTERNAL_TOKEN - unset FORGEJO__SECURITY__SECRET_KEY - unset FORGEJO__OAUTH2__JWT_SECRET - unset FORGEJO__SERVER__LFS_JWT_SECRET - fi - - environment-to-ini -o $GITEA_APP_INI ---- -# Source: forgejo/templates/gitea/init.yaml -apiVersion: v1 -kind: Secret -metadata: - name: forgejo-init - namespace: "gitea" - labels: - helm.sh/chart: forgejo-0.0.0 - app: forgejo - app.kubernetes.io/name: forgejo - app.kubernetes.io/instance: forgejo - app.kubernetes.io/version: "9.0.2" - version: "9.0.2" - app.kubernetes.io/managed-by: Helm -type: Opaque -stringData: - configure_gpg_environment.sh: |- - #!/usr/bin/env bash - set -eu - - gpg --batch --import /raw/private.asc - init_directory_structure.sh: |- - #!/usr/bin/env bash - - set -euo pipefail - - set -x - mkdir -p /data/git/.ssh - chmod -R 700 /data/git/.ssh - [ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf - - # prepare temp directory structure - mkdir -p "${GITEA_TEMP}" - chmod ug+rwx "${GITEA_TEMP}" - - - - configure_gitea.sh: |- - #!/usr/bin/env bash - - set -euo pipefail - - echo '==== BEGIN GITEA CONFIGURATION ====' - - { # try - gitea migrate - } || { # catch - echo "Forgejo migrate might fail due to database connection...This init-container will try again in a few seconds" - exit 1 - } - function configure_admin_user() { - local full_admin_list=$(gitea admin user list --admin) - local actual_user_table='' - - # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line - local regex="(.*)(ID\s+Username\s+Email\s+IsActive.*)" - if [[ "${full_admin_list}" =~ $regex ]]; then - actual_user_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline - else - # This code block should never be reached, as long as the output table header remains the same. - # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script. - - echo "ERROR: 'configure_admin_user' was not able to determine the current list of admin users." - echo " Please review the output of 'gitea admin user list --admin' shown below." - echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues." - echo "DEBUG: Output of 'gitea admin user list --admin'" - echo "--" - echo "${full_admin_list}" - echo "--" - exit 1 - fi - - local ACCOUNT_ID=$(echo "${actual_user_table}" | grep -E "\s+${GITEA_ADMIN_USERNAME}\s+" | awk -F " " "{printf \$1}") - if [[ -z "${ACCOUNT_ID}" ]]; then - local -a create_args - create_args=(--admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email "gitea@local.domain") - if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = initialOnlyRequireReset ]]; then - create_args+=(--must-change-password=true) - else - create_args+=(--must-change-password=false) - fi - echo "No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now..." - gitea admin user create "${create_args[@]}" - echo '...created.' - else - if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = keepUpdated ]]; then - echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..." - local -a change_args - change_args=(--username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --must-change-password=false) - gitea admin user change-password "${change_args[@]}" - echo '...password sync done.' - else - echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist, but update mode is set to '${GITEA_ADMIN_PASSWORD_MODE}'. Skipping." - fi - fi - } - - configure_admin_user - - function configure_ldap() { - echo 'no ldap configuration... skipping.' - } - - configure_ldap - - function configure_oauth() { - echo 'no oauth configuration... skipping.' - } - - configure_oauth - - echo '==== END GITEA CONFIGURATION ====' ---- -# Source: forgejo/templates/gitea/pvc.yaml -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: gitea-shared-storage - namespace: "gitea" - annotations: - helm.sh/resource-policy: keep -spec: - accessModes: - - ReadWriteOnce - volumeMode: Filesystem - - resources: - requests: - storage: 5Gi ---- -# Source: forgejo/templates/gitea/http-svc.yaml -apiVersion: v1 -kind: Service -metadata: - name: forgejo-http - namespace: "gitea" - labels: - helm.sh/chart: forgejo-0.0.0 - app: forgejo - app.kubernetes.io/name: forgejo - app.kubernetes.io/instance: forgejo - app.kubernetes.io/version: "9.0.2" - version: "9.0.2" - app.kubernetes.io/managed-by: Helm - annotations: - {} -spec: - type: ClusterIP - clusterIP: None - ports: - - name: http - port: 3000 - targetPort: - selector: - app.kubernetes.io/name: forgejo - app.kubernetes.io/instance: forgejo ---- -# Source: forgejo/templates/gitea/ssh-svc.yaml -apiVersion: v1 -kind: Service -metadata: - name: forgejo-ssh - namespace: "gitea" - labels: - helm.sh/chart: forgejo-0.0.0 - app: forgejo - app.kubernetes.io/name: forgejo - app.kubernetes.io/instance: forgejo - app.kubernetes.io/version: "9.0.2" - version: "9.0.2" - app.kubernetes.io/managed-by: Helm - annotations: - {} -spec: - type: NodePort - externalTrafficPolicy: Local - ports: - - name: ssh - port: 22 - targetPort: 2222 - protocol: TCP - nodePort: 32222 - selector: - app.kubernetes.io/name: forgejo - app.kubernetes.io/instance: forgejo ---- -# Source: forgejo/templates/gitea/deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: forgejo - namespace: "gitea" - annotations: - labels: - helm.sh/chart: forgejo-0.0.0 - app: forgejo - app.kubernetes.io/name: forgejo - app.kubernetes.io/instance: forgejo - app.kubernetes.io/version: "9.0.2" - version: "9.0.2" - app.kubernetes.io/managed-by: Helm -spec: - replicas: 1 - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 100% - selector: - matchLabels: - app.kubernetes.io/name: forgejo - app.kubernetes.io/instance: forgejo - template: - metadata: - annotations: - checksum/config: bd40d1abc2e2692fafe0821e9345e231261f194a19fbee5aef7dd9cdfc106596 - labels: - helm.sh/chart: forgejo-0.0.0 - app: forgejo - app.kubernetes.io/name: forgejo - app.kubernetes.io/instance: forgejo - app.kubernetes.io/version: "9.0.2" - version: "9.0.2" - app.kubernetes.io/managed-by: Helm - spec: - - securityContext: - fsGroup: 1000 - initContainers: - - name: init-directories - image: "code.forgejo.org/forgejo/forgejo:9.0.2-rootless" - imagePullPolicy: IfNotPresent - command: ["/usr/sbin/init_directory_structure.sh"] - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - volumeMounts: - - name: init - mountPath: /usr/sbin - - name: temp - mountPath: /tmp - - name: data - mountPath: /data - - securityContext: - {} - resources: - limits: {} - requests: - cpu: 100m - memory: 128Mi - - name: init-app-ini - image: "code.forgejo.org/forgejo/forgejo:9.0.2-rootless" - imagePullPolicy: IfNotPresent - command: ["/usr/sbin/config_environment.sh"] - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - volumeMounts: - - name: config - mountPath: /usr/sbin - - name: temp - mountPath: /tmp - - name: data - mountPath: /data - - name: inline-config-sources - mountPath: /env-to-ini-mounts/inlines/ - - securityContext: - {} - resources: - limits: {} - requests: - cpu: 100m - memory: 128Mi - - name: configure-gitea - image: "code.forgejo.org/forgejo/forgejo:9.0.2-rootless" - command: ["/usr/sbin/configure_gitea.sh"] - imagePullPolicy: IfNotPresent - securityContext: - runAsUser: 1000 - env: - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - - name: GITEA_ADMIN_USERNAME - valueFrom: - secretKeyRef: - key: username - name: gitea-credential - - name: GITEA_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - key: password - name: gitea-credential - - name: GITEA_ADMIN_PASSWORD_MODE - value: keepUpdated - volumeMounts: - - name: init - mountPath: /usr/sbin - - name: temp - mountPath: /tmp - - name: data - mountPath: /data - - resources: - limits: {} - requests: - cpu: 100m - memory: 128Mi - terminationGracePeriodSeconds: 60 - containers: - - name: forgejo - image: "code.forgejo.org/forgejo/forgejo:9.0.2-rootless" - imagePullPolicy: IfNotPresent - env: - # SSH Port values have to be set here as well for openssh configuration - - name: SSH_LISTEN_PORT - value: "2222" - - name: SSH_PORT - value: "22" - - name: GITEA_APP_INI - value: /data/gitea/conf/app.ini - - name: GITEA_CUSTOM - value: /data/gitea - - name: GITEA_WORK_DIR - value: /data - - name: GITEA_TEMP - value: /tmp/gitea - - name: TMPDIR - value: /tmp/gitea - - name: HOME - value: /data/gitea/git - ports: - - name: ssh - containerPort: 2222 - - name: http - containerPort: 3000 - livenessProbe: - failureThreshold: 10 - initialDelaySeconds: 200 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: http - timeoutSeconds: 1 - readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: http - timeoutSeconds: 1 - resources: - {} - securityContext: - {} - volumeMounts: - - name: temp - mountPath: /tmp - - name: data - mountPath: /data - - volumes: - - name: init - secret: - secretName: forgejo-init - defaultMode: 110 - - name: config - secret: - secretName: forgejo - defaultMode: 110 - - name: inline-config-sources - secret: - secretName: forgejo-inline-config - - name: temp - emptyDir: {} - - name: data - persistentVolumeClaim: - claimName: gitea-shared-storage diff --git a/template/stacks/core/forgejo/values.yaml b/template/stacks/core/forgejo/values.yaml index bfcd384..1bf35c2 100644 --- a/template/stacks/core/forgejo/values.yaml +++ b/template/stacks/core/forgejo/values.yaml @@ -25,8 +25,8 @@ gitea: queue: TYPE: level server: - DOMAIN: 'gitea.{{{ .Env.DOMAIN }}}' - ROOT_URL: 'https://gitea.{{{ .Env.DOMAIN }}}:443' + DOMAIN: '{{{ .Env.DOMAIN_GITEA }}}' + ROOT_URL: 'https://{{{ .Env.DOMAIN_GITEA }}}:443' service: ssh: @@ -53,3 +53,4 @@ forgejo: - docker:docker://node:16-bullseye - self-hosted:docker://ghcr.io/catthehacker/ubuntu:act-22.04 - ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04 + - ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-22.04 diff --git a/template/stacks/core/ingress-apps.yaml b/template/stacks/core/ingress-apps.yaml index ae66d9f..ec156c5 100644 --- a/template/stacks/core/ingress-apps.yaml +++ b/template/stacks/core/ingress-apps.yaml @@ -11,7 +11,7 @@ spec: destination: server: "https://kubernetes.default.svc" source: - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD path: "stacks/core/ingress-apps" project: default diff --git a/template/stacks/core/ingress-apps/forgejo.yaml b/template/stacks/core/ingress-apps/forgejo.yaml index 3143875..a5657ca 100644 --- a/template/stacks/core/ingress-apps/forgejo.yaml +++ b/template/stacks/core/ingress-apps/forgejo.yaml @@ -6,7 +6,7 @@ metadata: nginx.ingress.kubernetes.io/proxy-body-size: 512m {{{ if eq .Env.CLUSTER_TYPE "osc" }}} dns.gardener.cloud/class: garden - dns.gardener.cloud/dnsnames: gitea.{{{ .Env.DOMAIN }}} + dns.gardener.cloud/dnsnames: {{{ .Env.DOMAIN_GITEA }}} dns.gardener.cloud/ttl: "600" {{{ end }}} name: forgejo @@ -14,7 +14,7 @@ metadata: spec: ingressClassName: nginx rules: - - host: gitea.{{{ .Env.DOMAIN }}} + - host: {{{ .Env.DOMAIN_GITEA }}} http: paths: - backend: @@ -26,5 +26,5 @@ spec: pathType: Prefix tls: - hosts: - - gitea.{{{ .Env.DOMAIN }}} + - {{{ .Env.DOMAIN_GITEA }}} secretName: forgejo-net-tls diff --git a/template/stacks/core/ingress-nginx.yaml b/template/stacks/core/ingress-nginx.yaml index 4e1f1a8..cb69681 100644 --- a/template/stacks/core/ingress-nginx.yaml +++ b/template/stacks/core/ingress-nginx.yaml @@ -22,6 +22,6 @@ spec: helm: valueFiles: - $values/stacks/core/ingress-nginx/values.yaml - - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + - repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD ref: values diff --git a/template/stacks/core/ingress-nginx/hydrated/install.yaml b/template/stacks/core/ingress-nginx/hydrated/install.yaml deleted file mode 100644 index 3e02155..0000000 --- a/template/stacks/core/ingress-nginx/hydrated/install.yaml +++ /dev/null @@ -1,816 +0,0 @@ ---- -# Source: ingress-nginx/templates/controller-serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: controller - name: ingress-nginx - namespace: ingress-nginx -automountServiceAccountToken: true ---- -# Source: ingress-nginx/templates/controller-configmap.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: controller - name: ingress-nginx-controller - namespace: ingress-nginx -data: - allow-snippet-annotations: "true" - proxy-buffer-size: "32k" - use-forwarded-headers: "true" ---- -# Source: ingress-nginx/templates/clusterrole.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - name: ingress-nginx -rules: - - apiGroups: - - "" - resources: - - configmaps - - endpoints - - nodes - - pods - - secrets - - namespaces - verbs: - - list - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - list - - watch - - apiGroups: - - "" - resources: - - nodes - verbs: - - get - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch - - apiGroups: - - networking.k8s.io - resources: - - ingresses - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - networking.k8s.io - resources: - - ingresses/status - verbs: - - update - - apiGroups: - - networking.k8s.io - resources: - - ingressclasses - verbs: - - get - - list - - watch - - apiGroups: - - discovery.k8s.io - resources: - - endpointslices - verbs: - - list - - watch - - get ---- -# Source: ingress-nginx/templates/clusterrolebinding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - name: ingress-nginx -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: ingress-nginx -subjects: - - kind: ServiceAccount - name: ingress-nginx - namespace: ingress-nginx ---- -# Source: ingress-nginx/templates/controller-role.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: controller - name: ingress-nginx - namespace: ingress-nginx -rules: - - apiGroups: - - "" - resources: - - namespaces - verbs: - - get - - apiGroups: - - "" - resources: - - configmaps - - pods - - secrets - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch - - apiGroups: - - networking.k8s.io - resources: - - ingresses - verbs: - - get - - list - - watch - # Omit Ingress status permissions if `--update-status` is disabled. - - apiGroups: - - networking.k8s.io - resources: - - ingresses/status - verbs: - - update - - apiGroups: - - networking.k8s.io - resources: - - ingressclasses - verbs: - - get - - list - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leases - resourceNames: - - ingress-nginx-leader - verbs: - - get - - update - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - discovery.k8s.io - resources: - - endpointslices - verbs: - - list - - watch - - get ---- -# Source: ingress-nginx/templates/controller-rolebinding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: controller - name: ingress-nginx - namespace: ingress-nginx -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ingress-nginx -subjects: - - kind: ServiceAccount - name: ingress-nginx - namespace: ingress-nginx ---- -# Source: ingress-nginx/templates/controller-service-metrics.yaml -apiVersion: v1 -kind: Service -metadata: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: controller - name: ingress-nginx-controller-metrics - namespace: ingress-nginx -spec: - type: ClusterIP - ports: - - name: metrics - port: 10254 - protocol: TCP - targetPort: metrics - selector: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/component: controller ---- -# Source: ingress-nginx/templates/controller-service-webhook.yaml -apiVersion: v1 -kind: Service -metadata: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: controller - name: ingress-nginx-controller-admission - namespace: ingress-nginx -spec: - type: ClusterIP - ports: - - name: https-webhook - port: 443 - targetPort: webhook - appProtocol: https - selector: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/component: controller ---- -# Source: ingress-nginx/templates/controller-service.yaml -apiVersion: v1 -kind: Service -metadata: - annotations: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: controller - name: ingress-nginx-controller - namespace: ingress-nginx -spec: - type: NodePort - ipFamilyPolicy: SingleStack - ipFamilies: - - IPv4 - ports: - - name: http - port: 80 - protocol: TCP - targetPort: http - appProtocol: http - - name: https - port: 443 - protocol: TCP - targetPort: https - appProtocol: https - selector: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/component: controller ---- -# Source: ingress-nginx/templates/controller-deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: controller - name: ingress-nginx-controller - namespace: ingress-nginx -spec: - selector: - matchLabels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/component: controller - replicas: 1 - revisionHistoryLimit: 10 - strategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate - minReadySeconds: 0 - template: - metadata: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: controller - spec: - dnsPolicy: ClusterFirst - containers: - - name: controller - image: registry.k8s.io/ingress-nginx/controller:v1.11.3@sha256:d56f135b6462cfc476447cfe564b83a45e8bb7da2774963b00d12161112270b7 - imagePullPolicy: IfNotPresent - lifecycle: - preStop: - exec: - command: - - /wait-shutdown - args: - - /nginx-ingress-controller - - --election-id=ingress-nginx-leader - - --controller-class=k8s.io/ingress-nginx - - --ingress-class=nginx - - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller - - --validating-webhook=:8443 - - --validating-webhook-certificate=/usr/local/certificates/cert - - --validating-webhook-key=/usr/local/certificates/key - - --enable-ssl-passthrough - - --publish-status-address=localhost - securityContext: - runAsNonRoot: true - runAsUser: 101 - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - add: - - NET_BIND_SERVICE - readOnlyRootFilesystem: false - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: LD_PRELOAD - value: /usr/local/lib/libmimalloc.so - livenessProbe: - failureThreshold: 5 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - readinessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - ports: - - name: http - containerPort: 80 - protocol: TCP - hostPort: 80 - - name: https - containerPort: 443 - protocol: TCP - hostPort: 443 - - name: metrics - containerPort: 10254 - protocol: TCP - - name: webhook - containerPort: 8443 - protocol: TCP - volumeMounts: - - name: webhook-cert - mountPath: /usr/local/certificates/ - readOnly: true - resources: - requests: - cpu: 100m - memory: 90Mi - nodeSelector: - ingress-ready: "true" - kubernetes.io/os: linux - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Equal - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Equal - serviceAccountName: ingress-nginx - terminationGracePeriodSeconds: 0 - volumes: - - name: webhook-cert - secret: - secretName: ingress-nginx-admission ---- -# Source: ingress-nginx/templates/controller-ingressclass.yaml -apiVersion: networking.k8s.io/v1 -kind: IngressClass -metadata: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: controller - name: nginx -spec: - controller: k8s.io/ingress-nginx ---- -# Source: ingress-nginx/templates/controller-poddisruptionbudget.yaml -# PDB is not supported for DaemonSets. -# https://github.com/kubernetes/kubernetes/issues/108124 ---- -# Source: ingress-nginx/templates/controller-servicemonitor.yaml -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: ingress-nginx-controller - namespace: ingress-nginx - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: controller - release: ingress-nginx -spec: - endpoints: - - port: metrics - interval: 30s - namespaceSelector: - matchNames: - - ingress-nginx - selector: - matchLabels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/component: controller ---- -# Source: ingress-nginx/templates/admission-webhooks/validating-webhook.yaml -# before changing this value, check the required kubernetes version -# https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#prerequisites -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - annotations: - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: admission-webhook - name: ingress-nginx-admission -webhooks: - - name: validate.nginx.ingress.kubernetes.io - matchPolicy: Equivalent - rules: - - apiGroups: - - networking.k8s.io - apiVersions: - - v1 - operations: - - CREATE - - UPDATE - resources: - - ingresses - failurePolicy: Fail - sideEffects: None - admissionReviewVersions: - - v1 - clientConfig: - service: - name: ingress-nginx-controller-admission - namespace: ingress-nginx - port: 443 - path: /networking/v1/ingresses ---- -# Source: ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ingress-nginx-admission - namespace: ingress-nginx - annotations: - "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: admission-webhook -automountServiceAccountToken: true ---- -# Source: ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: ingress-nginx-admission - annotations: - "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: admission-webhook -rules: - - apiGroups: - - admissionregistration.k8s.io - resources: - - validatingwebhookconfigurations - verbs: - - get - - update ---- -# Source: ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: ingress-nginx-admission - annotations: - "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: admission-webhook -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: ingress-nginx-admission -subjects: - - kind: ServiceAccount - name: ingress-nginx-admission - namespace: ingress-nginx ---- -# Source: ingress-nginx/templates/admission-webhooks/job-patch/role.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: ingress-nginx-admission - namespace: ingress-nginx - annotations: - "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: admission-webhook -rules: - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - create ---- -# Source: ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ingress-nginx-admission - namespace: ingress-nginx - annotations: - "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: admission-webhook -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ingress-nginx-admission -subjects: - - kind: ServiceAccount - name: ingress-nginx-admission - namespace: ingress-nginx ---- -# Source: ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml -apiVersion: batch/v1 -kind: Job -metadata: - name: ingress-nginx-admission-create - namespace: ingress-nginx - annotations: - "helm.sh/hook": pre-install,pre-upgrade - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: admission-webhook -spec: - template: - metadata: - name: ingress-nginx-admission-create - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: admission-webhook - spec: - containers: - - name: create - image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.4@sha256:a9f03b34a3cbfbb26d103a14046ab2c5130a80c3d69d526ff8063d2b37b9fd3f - imagePullPolicy: IfNotPresent - args: - - create - - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc - - --namespace=$(POD_NAMESPACE) - - --secret-name=ingress-nginx-admission - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 65532 - seccompProfile: - type: RuntimeDefault - restartPolicy: OnFailure - serviceAccountName: ingress-nginx-admission - nodeSelector: - kubernetes.io/os: linux ---- -# Source: ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml -apiVersion: batch/v1 -kind: Job -metadata: - name: ingress-nginx-admission-patch - namespace: ingress-nginx - annotations: - "helm.sh/hook": post-install,post-upgrade - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: admission-webhook -spec: - template: - metadata: - name: ingress-nginx-admission-patch - labels: - helm.sh/chart: ingress-nginx-4.11.3 - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/instance: ingress-nginx - app.kubernetes.io/version: "1.11.3" - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/component: admission-webhook - spec: - containers: - - name: patch - image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.4.4@sha256:a9f03b34a3cbfbb26d103a14046ab2c5130a80c3d69d526ff8063d2b37b9fd3f - imagePullPolicy: IfNotPresent - args: - - patch - - --webhook-name=ingress-nginx-admission - - --namespace=$(POD_NAMESPACE) - - --patch-mutating=false - - --secret-name=ingress-nginx-admission - - --patch-failure-policy=Fail - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 65532 - seccompProfile: - type: RuntimeDefault - restartPolicy: OnFailure - serviceAccountName: ingress-nginx-admission - nodeSelector: - kubernetes.io/os: linux diff --git a/template/stacks/local-backup/minio.yaml b/template/stacks/local-backup/minio.yaml index 5163ef0..7de20cd 100644 --- a/template/stacks/local-backup/minio.yaml +++ b/template/stacks/local-backup/minio.yaml @@ -17,10 +17,10 @@ spec: valueFiles: - $values/stacks/local-backup/minio/helm/values.yaml chart: minio - - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + - repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD ref: values - - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + - repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD path: "stacks/local-backup/minio/manifests" destination: diff --git a/template/stacks/local-backup/velero.yaml b/template/stacks/local-backup/velero.yaml index a798f63..e668cf6 100644 --- a/template/stacks/local-backup/velero.yaml +++ b/template/stacks/local-backup/velero.yaml @@ -17,7 +17,7 @@ spec: valueFiles: - $values/stacks/local-backup/velero/helm/values.yaml chart: velero - - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + - repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD ref: values destination: diff --git a/template/stacks/ref-implementation/forgejo-runner.yaml b/template/stacks/monitoring/alloy.yaml similarity index 53% rename from template/stacks/ref-implementation/forgejo-runner.yaml rename to template/stacks/monitoring/alloy.yaml index bceefc7..7d4d614 100644 --- a/template/stacks/ref-implementation/forgejo-runner.yaml +++ b/template/stacks/monitoring/alloy.yaml @@ -1,7 +1,7 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: forgejo-runner + name: alloy namespace: argocd labels: env: dev @@ -16,14 +16,14 @@ spec: - CreateNamespace=true destination: name: in-cluster - namespace: gitea + namespace: monitoring sources: - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/forgejo-runner.git - path: forgejo-runner - targetRevision: HEAD + - repoURL: https://github.com/grafana/alloy.git + path: operations/helm/charts/alloy + targetRevision: HEAD helm: valueFiles: - - $values/stacks/ref-implementation/forgejo-runner/values.yaml - - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + - $values/stacks/monitoring/alloy/values.yaml + - repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD - ref: values + ref: values \ No newline at end of file diff --git a/template/stacks/monitoring/alloy/values.yaml b/template/stacks/monitoring/alloy/values.yaml new file mode 100644 index 0000000..3f038fa --- /dev/null +++ b/template/stacks/monitoring/alloy/values.yaml @@ -0,0 +1,4 @@ +alloy: + create: false + name: alloy-config + key: config.alloy diff --git a/template/stacks/monitoring/grafana-dashboards.yaml b/template/stacks/monitoring/grafana-dashboards.yaml index f27e669..186f692 100644 --- a/template/stacks/monitoring/grafana-dashboards.yaml +++ b/template/stacks/monitoring/grafana-dashboards.yaml @@ -10,7 +10,7 @@ metadata: spec: project: default source: - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD path: "stacks/monitoring/kube-prometheus/dashboards" destination: diff --git a/template/stacks/monitoring/kube-prometheus-sso.yaml b/template/stacks/monitoring/kube-prometheus-sso.yaml new file mode 100644 index 0000000..0e6e43a --- /dev/null +++ b/template/stacks/monitoring/kube-prometheus-sso.yaml @@ -0,0 +1,29 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kube-prometheus-sso + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder + targetRevision: HEAD + path: "stacks/monitoring/kube-prometheus-sso" + destination: + server: "https://kubernetes.default.svc" + namespace: monitoring + syncPolicy: + syncOptions: + - CreateNamespace=true + automated: + selfHeal: true + retry: + limit: -1 + backoff: + duration: 15s + factor: 1 + maxDuration: 15s diff --git a/template/stacks/monitoring/kube-prometheus-sso/secret-grafana.yaml b/template/stacks/monitoring/kube-prometheus-sso/secret-grafana.yaml new file mode 100644 index 0000000..896ec1b --- /dev/null +++ b/template/stacks/monitoring/kube-prometheus-sso/secret-grafana.yaml @@ -0,0 +1,21 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: auth-generic-oauth-secret + namespace: monitoring +spec: + secretStoreRef: + name: keycloak + kind: ClusterSecretStore + refreshInterval: "0" + target: + name: auth-generic-oauth-secret + template: + engineVersion: v2 + data: + client_secret: "{{.GRAFANA_CLIENT_SECRET}}" + data: + - secretKey: GRAFANA_CLIENT_SECRET + remoteRef: + key: keycloak-clients + property: GRAFANA_CLIENT_SECRET diff --git a/template/stacks/monitoring/kube-prometheus.yaml b/template/stacks/monitoring/kube-prometheus.yaml index f4f6ea5..7bcf3ca 100644 --- a/template/stacks/monitoring/kube-prometheus.yaml +++ b/template/stacks/monitoring/kube-prometheus.yaml @@ -15,6 +15,12 @@ spec: syncOptions: - CreateNamespace=true - ServerSideApply=true # do not copy metdata, since (because of its large size) it can lead to sync failure + retry: + limit: -1 + backoff: + duration: 15s + factor: 1 + maxDuration: 15s destination: name: in-cluster namespace: monitoring @@ -25,6 +31,6 @@ spec: helm: valueFiles: - $values/stacks/monitoring/kube-prometheus/values.yaml - - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + - repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD ref: values diff --git a/template/stacks/monitoring/kube-prometheus/values.yaml b/template/stacks/monitoring/kube-prometheus/values.yaml index 9c0ca32..901345f 100644 --- a/template/stacks/monitoring/kube-prometheus/values.yaml +++ b/template/stacks/monitoring/kube-prometheus/values.yaml @@ -33,7 +33,33 @@ grafana: domain: {{{ .Env.DOMAIN }}} root_url: "%(protocol)s://%(domain)s/grafana" serve_from_sub_path: true + auth: + disable_login: true + disable_login_form: true + auth.generic_oauth: + enabled: true + name: Keycloak-OAuth + allow_sign_up: true + use_refresh_token: true + client_id: grafana + client_secret: $__file{/etc/secrets/auth_generic_oauth/client_secret} + scopes: openid email profile offline_access roles + email_attribute_path: email + login_attribute_path: username + name_attribute_path: full_name + auth_url: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/protocol/openid-connect/auth + token_url: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/protocol/openid-connect/token + api_url: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/protocol/openid-connect/userinfo + redirect_uri: http://{{{ .Env.DOMAIN }}}/grafana/login/generic_oauth + role_attribute_path: "contains(groups[*], 'admin') && 'Admin' || contains(groups[*], 'editor') && 'Editor' || 'Viewer'" + extraSecretMounts: + - name: auth-generic-oauth-secret-mount + secretName: auth-generic-oauth-secret + defaultMode: 0440 + mountPath: /etc/secrets/auth_generic_oauth + readOnly: true + serviceMonitor: # If true, a ServiceMonitor CRD is created for a prometheus operator https://github.com/coreos/prometheus-operator enabled: true diff --git a/template/stacks/monitoring/loki.yaml b/template/stacks/monitoring/loki.yaml index 8494955..a2f0238 100644 --- a/template/stacks/monitoring/loki.yaml +++ b/template/stacks/monitoring/loki.yaml @@ -24,7 +24,7 @@ spec: helm: valueFiles: - $values/stacks/monitoring/loki/values.yaml - - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + - repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD ref: values diff --git a/template/stacks/monitoring/promtail.yaml b/template/stacks/monitoring/promtail.yaml index bc4682d..8f4af77 100644 --- a/template/stacks/monitoring/promtail.yaml +++ b/template/stacks/monitoring/promtail.yaml @@ -24,6 +24,6 @@ spec: helm: valueFiles: - $values/stacks/monitoring/promtail/values.yaml - - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + - repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD ref: values \ No newline at end of file diff --git a/template/stacks/ref-implementation/argo-workflows.yaml b/template/stacks/ref-implementation/argo-workflows.yaml index 93cc7b1..ef23482 100644 --- a/template/stacks/ref-implementation/argo-workflows.yaml +++ b/template/stacks/ref-implementation/argo-workflows.yaml @@ -10,7 +10,7 @@ metadata: spec: project: default source: - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD path: "stacks/ref-implementation/argo-workflows/manifests/dev" destination: @@ -23,3 +23,7 @@ spec: selfHeal: true retry: limit: -1 + backoff: + duration: 15s + factor: 1 + maxDuration: 15s diff --git a/template/stacks/ref-implementation/backstage-templates.yaml b/template/stacks/ref-implementation/backstage-templates.yaml index adb5f08..2749418 100644 --- a/template/stacks/ref-implementation/backstage-templates.yaml +++ b/template/stacks/ref-implementation/backstage-templates.yaml @@ -10,7 +10,7 @@ metadata: spec: project: default source: - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD path: "stacks/ref-implementation/backstage-templates/entities" directory: diff --git a/template/stacks/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/catalog-info.yaml b/template/stacks/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/catalog-info.yaml index bc52aa8..dbe0264 100644 --- a/template/stacks/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/catalog-info.yaml +++ b/template/stacks/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/catalog-info.yaml @@ -20,7 +20,7 @@ metadata: backstage.io/kubernetes-namespace: default argocd/app-name: ${{values.name | dump}} links: - - url: https://gitea.{{{ .Env.DOMAIN }}}:443 + - url: https://{{{ .Env.DOMAIN_GITEA }}}:443 title: Repo URL icon: github spec: diff --git a/template/stacks/ref-implementation/backstage-templates/entities/app-with-bucket/template.yaml b/template/stacks/ref-implementation/backstage-templates/entities/app-with-bucket/template.yaml index 34ee8da..fd440d3 100644 --- a/template/stacks/ref-implementation/backstage-templates/entities/app-with-bucket/template.yaml +++ b/template/stacks/ref-implementation/backstage-templates/entities/app-with-bucket/template.yaml @@ -100,7 +100,7 @@ spec: input: description: This is an example app # Hard coded value for this demo purposes only. - repoUrl: gitea.{{{ .Env.DOMAIN }}}:443/?repo=${{parameters.name}} + repoUrl: {{{ .Env.DOMAIN_GITEA }}}:443/?repo=${{parameters.name}} defaultBranch: main - id: create-argocd-app name: Create ArgoCD App @@ -111,7 +111,7 @@ spec: argoInstance: in-cluster projectName: default # necessary until we generate our own cert - repoUrl: https://gitea.{{{ .Env.DOMAIN }}}:443/giteaAdmin/${{parameters.name}} + repoUrl: https://{{{ .Env.DOMAIN_GITEA }}}:443/giteaAdmin/${{parameters.name}} path: "kustomize/base" - id: register name: Register diff --git a/template/stacks/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/catalog-info.yaml b/template/stacks/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/catalog-info.yaml index 04416ba..ccdf3d0 100644 --- a/template/stacks/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/catalog-info.yaml +++ b/template/stacks/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/catalog-info.yaml @@ -14,7 +14,7 @@ metadata: apache-spark.cnoe.io/label-selector: env=dev,entity-id=${{values.name}} apache-spark.cnoe.io/cluster-name: local links: - - url: https://gitea.{{{ .Env.DOMAIN }}}:443 + - url: https://{{{ .Env.DOMAIN_GITEA }}}:443 title: Repo URL icon: github spec: diff --git a/template/stacks/ref-implementation/backstage-templates/entities/argo-workflows/template.yaml b/template/stacks/ref-implementation/backstage-templates/entities/argo-workflows/template.yaml index f6e3083..12c68a3 100644 --- a/template/stacks/ref-implementation/backstage-templates/entities/argo-workflows/template.yaml +++ b/template/stacks/ref-implementation/backstage-templates/entities/argo-workflows/template.yaml @@ -35,7 +35,7 @@ spec: input: description: This is an example app # Hard coded value for this demo purposes only. - repoUrl: gitea.{{{ .Env.DOMAIN }}}:443/?repo=${{parameters.name}} + repoUrl: {{{ .Env.DOMAIN_GITEA }}}:443/?repo=${{parameters.name}} defaultBranch: main - id: create-argocd-app name: Create ArgoCD App @@ -46,7 +46,7 @@ spec: argoInstance: in-cluster projectName: default # necessary until we generate our own cert - repoUrl: https://gitea.{{{ .Env.DOMAIN }}}:443/giteaAdmin/${{parameters.name}} + repoUrl: https://{{{ .Env.DOMAIN_GITEA }}}:443/giteaAdmin/${{parameters.name}} path: "manifests" - id: register name: Register diff --git a/template/stacks/ref-implementation/backstage-templates/entities/basic/skeleton/catalog-info.yaml b/template/stacks/ref-implementation/backstage-templates/entities/basic/skeleton/catalog-info.yaml index 102ff01..e583206 100644 --- a/template/stacks/ref-implementation/backstage-templates/entities/basic/skeleton/catalog-info.yaml +++ b/template/stacks/ref-implementation/backstage-templates/entities/basic/skeleton/catalog-info.yaml @@ -10,7 +10,7 @@ metadata: backstage.io/kubernetes-namespace: default argocd/app-name: ${{values.name | dump}} links: - - url: https://gitea.{{{ .Env.DOMAIN }}}:443 + - url: https://{{{ .Env.DOMAIN_GITEA }}}:443 title: Repo URL icon: github spec: diff --git a/template/stacks/ref-implementation/backstage-templates/entities/basic/template.yaml b/template/stacks/ref-implementation/backstage-templates/entities/basic/template.yaml index 7fb96a7..e69d13c 100644 --- a/template/stacks/ref-implementation/backstage-templates/entities/basic/template.yaml +++ b/template/stacks/ref-implementation/backstage-templates/entities/basic/template.yaml @@ -31,7 +31,7 @@ spec: input: description: This is an example app # Hard coded value for this demo purposes only. - repoUrl: gitea.{{{ .Env.DOMAIN }}}:443/?repo=${{parameters.name}} + repoUrl: {{{ .Env.DOMAIN_GITEA }}}:443/?repo=${{parameters.name}} defaultBranch: main - id: create-argocd-app name: Create ArgoCD App @@ -42,7 +42,7 @@ spec: argoInstance: in-cluster projectName: default # necessary until we generate our own cert - repoUrl: https://gitea.{{{ .Env.DOMAIN }}}:443/giteaAdmin/${{parameters.name}} + repoUrl: https://{{{ .Env.DOMAIN_GITEA }}}:443/giteaAdmin/${{parameters.name}} path: "manifests" - id: register name: Register diff --git a/template/stacks/ref-implementation/backstage-templates/entities/demo-go-hello-world/skeleton/catalog-info.yaml b/template/stacks/ref-implementation/backstage-templates/entities/demo-go-hello-world/skeleton/catalog-info.yaml index f75a37f..07090f2 100644 --- a/template/stacks/ref-implementation/backstage-templates/entities/demo-go-hello-world/skeleton/catalog-info.yaml +++ b/template/stacks/ref-implementation/backstage-templates/entities/demo-go-hello-world/skeleton/catalog-info.yaml @@ -9,7 +9,7 @@ metadata: backstage.io/kubernetes-label-selector: 'entity-id=${{ values.name }}' backstage.io/kubernetes-namespace: gitea links: - - url: https://gitea.{{{ .Env.DOMAIN }}}:443 + - url: https://{{{ .Env.DOMAIN_GITEA }}}:443 title: Repo URL icon: git spec: @@ -26,7 +26,7 @@ metadata: annotations: backstage.io/techdocs-ref: dir:. links: - - url: https://gitea.{{{ .Env.DOMAIN }}}:443 + - url: https://{{{ .Env.DOMAIN_GITEA }}}:443 title: Gitea Repo icon: git spec: diff --git a/template/stacks/ref-implementation/backstage-templates/entities/demo-go-hello-world/template.yaml b/template/stacks/ref-implementation/backstage-templates/entities/demo-go-hello-world/template.yaml index 133e70e..6e9421d 100644 --- a/template/stacks/ref-implementation/backstage-templates/entities/demo-go-hello-world/template.yaml +++ b/template/stacks/ref-implementation/backstage-templates/entities/demo-go-hello-world/template.yaml @@ -33,7 +33,7 @@ spec: name: Publish to Gitea action: publish:gitea input: - repoUrl: gitea.{{{ .Env.DOMAIN }}}:443/?repo=${{parameters.name}} + repoUrl: {{{ .Env.DOMAIN_GITEA }}}:443/?repo=${{parameters.name}} description: This is the repository for ${{ parameters.name }} sourcePath: ./skeleton defaultBranch: main diff --git a/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/.github/workflows/gradle-build.yml b/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/.github/workflows/gradle-build.yml deleted file mode 100644 index 61fadfd..0000000 --- a/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/.github/workflows/gradle-build.yml +++ /dev/null @@ -1,32 +0,0 @@ -# This workflow will build a Java project with Gradle, and cache/restore any dependencies to improve the workflow execution time -# For more information see: https://docs.github.com/en/actions/use-cases-and-examples/building-and-testing/building-and-testing-java-with-gradle - -name: Java CI with Gradle - -on: - push: - branches: [ main ] - pull_request: - branches: [ main ] - -jobs: - build: - - runs-on: ubuntu-latest - strategy: - matrix: - java: [ '17' ] - - steps: - - uses: actions/checkout@v4 - - name: Set up JDK {% raw %}${{matrix.java}}{% endraw %} - uses: https://github.com/actions/setup-java@v4 - with: - java-version: '{% raw %}${{matrix.java}}{% endraw %}' - distribution: 'adopt' - cache: maven - - name: Setup Gradle - uses: https://github.com/gradle/actions/setup-gradle@v4 - - name: Build with Gradle - run: ./gradlew build - diff --git a/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/.github/workflows/maven-build.yml b/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/.github/workflows/maven-build.yml index f04cf78..62cbd53 100644 --- a/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/.github/workflows/maven-build.yml +++ b/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/.github/workflows/maven-build.yml @@ -28,12 +28,12 @@ jobs: distribution: 'adopt' cache: maven - name: Build with Maven Wrapper - run: ./mvnw -B verify + run: ./mvnw -B -DskipTests verify - name: Build image #run: ./mvnw spring-boot:build-image # the original image build run: | export CONTAINER_REPO=$(echo {% raw %}${{ env.GITHUB_REPOSITORY }}{% endraw %} | tr '[:upper:]' '[:lower:]') - ./mvnw com.google.cloud.tools:jib-maven-plugin:3.4.4:build -Djib.allowInsecureRegistries=true -Dimage=gitea.{{{ .Env.DOMAIN }}}/${CONTAINER_REPO}:latest -Djib.to.auth.username={% raw %}${{ github.actor }}{% endraw %} -Djib.to.auth.password={% raw %}${{ secrets.PACKAGES_TOKEN }}{% endraw %} + ./mvnw com.google.cloud.tools:jib-maven-plugin:3.4.4:build -Djib.allowInsecureRegistries=true -Dimage={{{ .Env.DOMAIN_GITEA }}}/${CONTAINER_REPO}:latest -Djib.to.auth.username={% raw %}${{ github.actor }}{% endraw %} -Djib.to.auth.password={% raw %}${{ secrets.PACKAGES_TOKEN }}{% endraw %} -Djib.from.platforms=linux/arm64,linux/amd64 - name: Build image as tar run: | ./mvnw com.google.cloud.tools:jib-maven-plugin:3.4.4:buildTar -Djib.allowInsecureRegistries=true @@ -57,7 +57,11 @@ jobs: NODE_TLS_REJECT_UNAUTHORIZED: 0 # This is necessary due to self signed certs for forgejo, proper setups can skip this - name: install trivy from deb package run: | - wget -O trivy.deb https://github.com/aquasecurity/trivy/releases/download/v0.58.0/trivy_0.58.0_Linux-64bit.deb + if [[ "$(uname -m)" == "x86_64" ]]; then + wget -O trivy.deb https://github.com/aquasecurity/trivy/releases/download/v0.58.0/trivy_0.58.0_Linux-64bit.deb + else + wget -O trivy.deb https://github.com/aquasecurity/trivy/releases/download/v0.58.0/trivy_0.58.0_Linux-ARM64.deb + fi DEBIAN_FRONTEND=noninteractive dpkg -i trivy.deb - name: scan the image run: trivy image --input jib-image.tar diff --git a/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/catalog-info.yaml b/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/catalog-info.yaml index 94a7880..f9d4b3d 100644 --- a/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/catalog-info.yaml +++ b/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/catalog-info.yaml @@ -9,7 +9,7 @@ metadata: backstage.io/kubernetes-label-selector: 'entity-id=${{ values.name }}' backstage.io/kubernetes-namespace: gitea links: - - url: https://gitea.{{{ .Env.DOMAIN }}}:443 + - url: https://{{{ .Env.DOMAIN_GITEA }}}:443 title: Repo URL icon: git spec: @@ -26,7 +26,7 @@ metadata: annotations: backstage.io/techdocs-ref: dir:. links: - - url: https://gitea.{{{ .Env.DOMAIN }}}:443 + - url: https://{{{ .Env.DOMAIN_GITEA }}}:443 title: Gitea Repo icon: git spec: diff --git a/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/k8s/petclinic.yml b/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/k8s/petclinic.yml index 5098ca3..aa6b3d4 100644 --- a/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/k8s/petclinic.yml +++ b/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/skeleton/k8s/petclinic.yml @@ -58,7 +58,7 @@ spec: spec: containers: - name: workload - image: gitea.{{{ .Env.DOMAIN }}}/giteaadmin/${{ values.name }} + image: {{{ .Env.DOMAIN_GITEA }}}/giteaadmin/${{ values.name }} env: - name: SPRING_PROFILES_ACTIVE value: postgres diff --git a/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/template.yaml b/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/template.yaml index 50afc43..84dc871 100644 --- a/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/template.yaml +++ b/template/stacks/ref-implementation/backstage-templates/entities/spring-petclinic/template.yaml @@ -50,7 +50,7 @@ spec: name: Publish to Gitea action: publish:gitea input: - repoUrl: gitea.{{{ .Env.DOMAIN }}}:443/?repo=${{parameters.name}} + repoUrl: {{{ .Env.DOMAIN_GITEA }}}:443/?repo=${{parameters.name}} description: This is the repository for ${{ parameters.name }} sourcePath: ./ defaultBranch: main @@ -64,7 +64,7 @@ spec: argoInstance: in-cluster projectName: default # necessary until we generate our own cert - repoUrl: https://gitea.{{{ .Env.DOMAIN }}}:443/giteaAdmin/${{parameters.name}} + repoUrl: https://{{{ .Env.DOMAIN_GITEA }}}:443/giteaAdmin/${{parameters.name}} path: "k8s" - id: register diff --git a/template/stacks/ref-implementation/backstage.yaml b/template/stacks/ref-implementation/backstage.yaml index f162001..01932dc 100644 --- a/template/stacks/ref-implementation/backstage.yaml +++ b/template/stacks/ref-implementation/backstage.yaml @@ -10,7 +10,7 @@ metadata: spec: project: default source: - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD path: "stacks/ref-implementation/backstage/manifests" destination: @@ -23,3 +23,7 @@ spec: selfHeal: true retry: limit: -1 + backoff: + duration: 15s + factor: 1 + maxDuration: 15s diff --git a/template/stacks/ref-implementation/backstage/manifests/install.yaml b/template/stacks/ref-implementation/backstage/manifests/install.yaml index b46fbd4..b3bfd57 100644 --- a/template/stacks/ref-implementation/backstage/manifests/install.yaml +++ b/template/stacks/ref-implementation/backstage/manifests/install.yaml @@ -106,12 +106,12 @@ data: integrations: gitea: - - baseUrl: https://gitea.{{{ .Env.DOMAIN }}}:443 - host: gitea.{{{ .Env.DOMAIN }}}:443 + - baseUrl: https://{{{ .Env.DOMAIN_GITEA }}}:443 + host: {{{ .Env.DOMAIN_GITEA }}}:443 username: ${GITEA_USERNAME} password: ${GITEA_PASSWORD} - - baseUrl: https://gitea.{{{ .Env.DOMAIN }}} - host: gitea.{{{ .Env.DOMAIN }}} + - baseUrl: https://{{{ .Env.DOMAIN_GITEA }}} + host: {{{ .Env.DOMAIN_GITEA }}} username: ${GITEA_USERNAME} password: ${GITEA_PASSWORD} - baseUrl: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live @@ -167,7 +167,7 @@ data: locations: # Examples from a public GitHub repository. - type: url - target: https://gitea.{{{ .Env.DOMAIN }}}:443/giteaAdmin/edfbuilder/raw/branch/main/stacks/ref-implementation/backstage-templates/entities/catalog-info.yaml + target: https://{{{ .Env.DOMAIN_GITEA }}}:443/giteaAdmin/edfbuilder/raw/branch/main/stacks/ref-implementation/backstage-templates/entities/catalog-info.yaml rules: - allow: [Component, System, API, Resource, Location, Template, User, Group] kubernetes: diff --git a/template/stacks/ref-implementation/external-secrets.yaml b/template/stacks/ref-implementation/external-secrets.yaml index de2c53a..37e8004 100644 --- a/template/stacks/ref-implementation/external-secrets.yaml +++ b/template/stacks/ref-implementation/external-secrets.yaml @@ -12,7 +12,7 @@ spec: namespace: external-secrets server: "https://kubernetes.default.svc" source: - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD path: "stacks/ref-implementation/external-secrets/manifests" project: default diff --git a/template/stacks/ref-implementation/fibonacci-app.yaml b/template/stacks/ref-implementation/fibonacci-app.yaml index b049686..91b7b2f 100644 --- a/template/stacks/ref-implementation/fibonacci-app.yaml +++ b/template/stacks/ref-implementation/fibonacci-app.yaml @@ -10,7 +10,7 @@ metadata: spec: project: default source: - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD path: "stacks/ref-implementation/fibonacci-app" destination: diff --git a/template/stacks/ref-implementation/forgejo-runner/values.yaml b/template/stacks/ref-implementation/forgejo-runner/values.yaml deleted file mode 100644 index 2fdc97c..0000000 --- a/template/stacks/ref-implementation/forgejo-runner/values.yaml +++ /dev/null @@ -1,8 +0,0 @@ -replicaCount: 2 - -image: - repository: code.forgejo.org/forgejo/runner - pullPolicy: IfNotPresent - tag: "6.0.1" - -forgejoUrl: http://forgejo-http.gitea.svc.cluster.local:3000 diff --git a/template/stacks/ref-implementation/keycloak.yaml b/template/stacks/ref-implementation/keycloak.yaml index e4fb166..93d8db7 100644 --- a/template/stacks/ref-implementation/keycloak.yaml +++ b/template/stacks/ref-implementation/keycloak.yaml @@ -12,7 +12,7 @@ spec: namespace: keycloak server: "https://kubernetes.default.svc" source: - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD path: "stacks/ref-implementation/keycloak/manifests" project: default diff --git a/template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml b/template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml index e2a0981..6c8d603 100644 --- a/template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml +++ b/template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml @@ -100,11 +100,11 @@ data: user-user1.json: | { "username": "user1", - "email": "", + "email": "user1@user.de", "firstName": "user", "lastName": "one", "requiredActions": [], - "emailVerified": false, + "emailVerified": true, "groups": [ "/admin" ], @@ -113,11 +113,11 @@ data: user-user2.json: | { "username": "user2", - "email": "", + "email": "user2@user.de", "firstName": "user", "lastName": "two", "requiredActions": [], - "emailVerified": false, + "emailVerified": true, "groups": [ "/base-user" ], @@ -181,6 +181,44 @@ data: ] } + grafana-client-payload.json: | + { + "clientId": "grafana", + "name": "Grafana Client", + "description": "Used for Grafana SSO", + "rootUrl": "https://{{{ .Env.DOMAIN }}}/grafana", + "adminUrl": "https://{{{ .Env.DOMAIN }}}/grafana", + "baseUrl": "https://{{{ .Env.DOMAIN }}}/grafana", + "alwaysDisplayInConsole": false, + "redirectUris": [ + "http://{{{ .Env.DOMAIN }}}/grafana/*" + ], + "webOrigins": [ + "https://{{{ .Env.DOMAIN }}}/grafana" + ], + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": true, + "protocol": "openid-connect", + "attributes": { + "saml_idp_initiated_sso_url_name": "", + "oidc.ciba.grant.enabled": "false", + "oauth2.device.authorization.grant.enabled": "false" + }, + "defaultClientScopes": [ + "web-origins", + "acr", + "offline_access", + "roles", + "profile", + "groups", + "email" + ] + } + --- apiVersion: batch/v1 kind: Job @@ -247,7 +285,11 @@ spec: fi set -e - curl -sS -LO "https://dl.k8s.io/release/v1.28.3//bin/linux/amd64/kubectl" + if [[ "$(uname -m)" == "x86_64" ]]; then + curl -sS -LO "https://dl.k8s.io/release/v1.28.3//bin/linux/amd64/kubectl" + else + curl -sS -LO "https://dl.k8s.io/release/v1.28.3//bin/linux/arm64/kubectl" + fi chmod +x kubectl echo "creating cnoe realm and groups" @@ -330,7 +372,24 @@ spec: ARGO_WORKFLOWS_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \ -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret') + + echo "creating Grafana client" + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X POST --data @/var/config/grafana-client-payload.json \ + ${KEYCLOAK_URL}/admin/realms/cnoe/clients + CLIENT_ID=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients | jq -e -r '.[] | select(.clientId == "grafana") | .id') + + CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id') + curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID} + + GRAFANA_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret') + echo "creating Backstage client" curl -sS -H "Content-Type: application/json" \ -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ @@ -365,6 +424,8 @@ spec: ARGOCD_SESSION_TOKEN: ${ARGOCD_SESSION_TOKEN} BACKSTAGE_CLIENT_SECRET: ${BACKSTAGE_CLIENT_SECRET} BACKSTAGE_CLIENT_ID: backstage + GRAFANA_CLIENT_SECRET: ${GRAFANA_CLIENT_SECRET} + GRAFANA_CLIENT_ID: grafana " > /tmp/secret.yaml ./kubectl apply -f /tmp/secret.yaml diff --git a/template/stacks/ref-implementation/openbao.yaml b/template/stacks/ref-implementation/openbao.yaml index a6f3ec8..ffc2923 100644 --- a/template/stacks/ref-implementation/openbao.yaml +++ b/template/stacks/ref-implementation/openbao.yaml @@ -24,7 +24,7 @@ spec: helm: valueFiles: - $values/stacks/ref-implementation/openbao/values.yaml - - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + - repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD ref: values ignoreDifferences: diff --git a/template/stacks/second-cluster/create-new-cluster-guestbook.yaml b/template/stacks/second-cluster/create-new-cluster-guestbook.yaml index e71b4f0..26a70eb 100644 --- a/template/stacks/second-cluster/create-new-cluster-guestbook.yaml +++ b/template/stacks/second-cluster/create-new-cluster-guestbook.yaml @@ -19,5 +19,5 @@ spec: namespace: crossplane-system source: path: stacks/second-cluster/create-new-cluster-guestbook - repoURL: https://gitea.{{{ .Env.DOMAIN }}}/giteaAdmin/edfbuilder + repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder targetRevision: HEAD