From 0fc0cc5d23ca1c8ae6aca640a37519a8a063e2bd Mon Sep 17 00:00:00 2001 From: Sergio Santiago Date: Fri, 12 Jun 2026 20:57:20 +0200 Subject: [PATCH 1/5] Revert "fix: revert #24197 (#25294)" This reverts commit 5444415c868bf2f935f112a2423dc069cd798dec. Signed-off-by: Sergio Santiago --- controller/sync.go | 81 +++++-- controller/sync_test.go | 226 +++++++++++++++++- controller/testdata/data.go | 12 + controller/testdata/live-rollout.yaml | 25 ++ .../schemas/httpproxy_openapi_v2.yaml | 62 +++++ .../testdata/schemas/rollout-schema.yaml | 67 ++++++ controller/testdata/schemas/simple-app.yaml | 29 +++ controller/testdata/simple-app-live.yaml | 12 + controller/testdata/simple-app-target.yaml | 12 + controller/testdata/target-rollout.yaml | 25 ++ 10 files changed, 523 insertions(+), 28 deletions(-) create mode 100644 controller/testdata/live-rollout.yaml create mode 100644 controller/testdata/schemas/httpproxy_openapi_v2.yaml create mode 100644 controller/testdata/schemas/rollout-schema.yaml create mode 100644 controller/testdata/schemas/simple-app.yaml create mode 100644 controller/testdata/simple-app-live.yaml create mode 100644 controller/testdata/simple-app-target.yaml create mode 100644 controller/testdata/target-rollout.yaml diff --git a/controller/sync.go b/controller/sync.go index d8c606fc66f90..d8297767df2a1 100644 --- a/controller/sync.go +++ b/controller/sync.go @@ -2,6 +2,7 @@ package controller import ( "context" + "encoding/json" stderrors "errors" "fmt" "os" @@ -9,6 +10,7 @@ import ( "time" "k8s.io/apimachinery/pkg/util/strategicpatch" + "k8s.io/kubectl/pkg/util/openapi" cdcommon "github.com/argoproj/argo-cd/v3/common" @@ -43,6 +45,14 @@ const ( EnvVarSyncWaveDelay = "ARGOCD_SYNC_WAVE_DELAY" ) +func (m *appStateManager) getOpenAPISchema(server *v1alpha1.Cluster) (openapi.Resources, error) { + cluster, err := m.liveStateCache.GetClusterCache(server) + if err != nil { + return nil, err + } + return cluster.GetOpenAPISchema(), nil +} + func (m *appStateManager) getGVKParser(server *v1alpha1.Cluster) (*managedfields.GvkParser, error) { cluster, err := m.liveStateCache.GetClusterCache(server) if err != nil { @@ -230,13 +240,20 @@ func (m *appStateManager) SyncAppState(app *v1alpha1.Application, project *v1alp clientSideApplyManager = managerValue } + openAPISchema, err := m.getOpenAPISchema(destCluster) + if err != nil { + state.Phase = common.OperationError + state.Message = fmt.Sprintf("failed to load openAPISchema: %v", err) + return + } + reconciliationResult := compareResult.reconciliationResult // if RespectIgnoreDifferences is enabled, it should normalize the target // resources which in this case applies the live values in the configured // ignore differences fields. if syncOp.SyncOptions.HasOption("RespectIgnoreDifferences=true") { - patchedTargets, err := normalizeTargetResources(compareResult) + patchedTargets, err := normalizeTargetResources(openAPISchema, compareResult) if err != nil { state.Phase = common.OperationError state.Message = fmt.Sprintf("Failed to normalize target resources: %s", err) @@ -396,33 +413,42 @@ func (m *appStateManager) SyncAppState(app *v1alpha1.Application, project *v1alp // - applies normalization to the target resources based on the live resources // - copies ignored fields from the matching live resources: apply normalizer to the live resource, // calculates the patch performed by normalizer and applies the patch to the target resource -func normalizeTargetResources(cr *comparisonResult) ([]*unstructured.Unstructured, error) { - // normalize live and target resources +func normalizeTargetResources(openAPISchema openapi.Resources, cr *comparisonResult) ([]*unstructured.Unstructured, error) { + // Normalize live and target resources (cleaning or aligning them) normalized, err := diff.Normalize(cr.reconciliationResult.Live, cr.reconciliationResult.Target, cr.diffConfig) if err != nil { return nil, err } + patchedTargets := []*unstructured.Unstructured{} + for idx, live := range cr.reconciliationResult.Live { normalizedTarget := normalized.Targets[idx] if normalizedTarget == nil { patchedTargets = append(patchedTargets, nil) continue } + gvk := normalizedTarget.GroupVersionKind() + originalTarget := cr.reconciliationResult.Target[idx] if live == nil { + // No live resource, just use target patchedTargets = append(patchedTargets, originalTarget) continue } - var lookupPatchMeta *strategicpatch.PatchMetaFromStruct - versionedObject, err := scheme.Scheme.New(normalizedTarget.GroupVersionKind()) - if err == nil { - meta, err := strategicpatch.NewPatchMetaFromStruct(versionedObject) - if err != nil { + var ( + lookupPatchMeta strategicpatch.LookupPatchMeta + versionedObject any + ) + + // Load patch meta struct or OpenAPI schema for CRDs + if versionedObject, err = scheme.Scheme.New(gvk); err == nil { + if lookupPatchMeta, err = strategicpatch.NewPatchMetaFromStruct(versionedObject); err != nil { return nil, err } - lookupPatchMeta = &meta + } else if crdSchema := openAPISchema.LookupResource(gvk); crdSchema != nil { + lookupPatchMeta = strategicpatch.NewPatchMetaFromOpenAPI(crdSchema) } // RespectIgnoreDifferences preserves ignored fields by copying their live @@ -447,19 +473,21 @@ func normalizeTargetResources(cr *comparisonResult) ([]*unstructured.Unstructure return nil, err } - normalizedTarget, err = applyMergePatch(normalizedTarget, livePatch, versionedObject) + // Apply the patch to the normalized target + // This ensures ignored fields in live are restored into the target before syncing + normalizedTarget, err = applyMergePatch(normalizedTarget, livePatch, versionedObject, lookupPatchMeta) if err != nil { return nil, err } - patchedTargets = append(patchedTargets, normalizedTarget) } + return patchedTargets, nil } // getMergePatch calculates and returns the patch between the original and the // modified unstructures. -func getMergePatch(original, modified *unstructured.Unstructured, lookupPatchMeta *strategicpatch.PatchMetaFromStruct) ([]byte, error) { +func getMergePatch(original, modified *unstructured.Unstructured, lookupPatchMeta strategicpatch.LookupPatchMeta) ([]byte, error) { originalJSON, err := original.MarshalJSON() if err != nil { return nil, err @@ -475,18 +503,35 @@ func getMergePatch(original, modified *unstructured.Unstructured, lookupPatchMet return jsonpatch.CreateMergePatch(originalJSON, modifiedJSON) } -// applyMergePatch will apply the given patch in the obj and return the patched -// unstructure. -func applyMergePatch(obj *unstructured.Unstructured, patch []byte, versionedObject any) (*unstructured.Unstructured, error) { +// applyMergePatch will apply the given patch in the obj and return the patched unstructure. +func applyMergePatch(obj *unstructured.Unstructured, patch []byte, versionedObject any, meta strategicpatch.LookupPatchMeta) (*unstructured.Unstructured, error) { originalJSON, err := obj.MarshalJSON() if err != nil { return nil, err } var patchedJSON []byte - if versionedObject == nil { - patchedJSON, err = jsonpatch.MergePatch(originalJSON, patch) - } else { + switch { + case versionedObject != nil: patchedJSON, err = strategicpatch.StrategicMergePatch(originalJSON, patch, versionedObject) + case meta != nil: + var originalMap, patchMap map[string]any + if err := json.Unmarshal(originalJSON, &originalMap); err != nil { + return nil, err + } + if err := json.Unmarshal(patch, &patchMap); err != nil { + return nil, err + } + + patchedMap, err := strategicpatch.StrategicMergeMapPatchUsingLookupPatchMeta(originalMap, patchMap, meta) + if err != nil { + return nil, err + } + patchedJSON, err = json.Marshal(patchedMap) + if err != nil { + return nil, err + } + default: + patchedJSON, err = jsonpatch.MergePatch(originalJSON, patch) } if err != nil { return nil, err diff --git a/controller/sync_test.go b/controller/sync_test.go index f9c3529ca4989..829c361d1a164 100644 --- a/controller/sync_test.go +++ b/controller/sync_test.go @@ -1,9 +1,16 @@ package controller import ( + "fmt" + "os" "strconv" "testing" + openapi_v2 "github.com/google/gnostic-models/openapiv2" + "k8s.io/kubectl/pkg/util/openapi" + + "sigs.k8s.io/yaml" + "github.com/argoproj/argo-cd/gitops-engine/pkg/sync" synccommon "github.com/argoproj/argo-cd/gitops-engine/pkg/sync/common" "github.com/argoproj/argo-cd/gitops-engine/pkg/utils/kube" @@ -25,6 +32,29 @@ import ( "github.com/argoproj/argo-cd/v3/util/settings" ) +type fakeDiscovery struct { + schema *openapi_v2.Document +} + +func (f *fakeDiscovery) OpenAPISchema() (*openapi_v2.Document, error) { + return f.schema, nil +} + +func loadCRDSchema(t *testing.T, path string) *openapi_v2.Document { + t.Helper() + + data, err := os.ReadFile(path) + require.NoError(t, err) + + jsonData, err := yaml.YAMLToJSON(data) + require.NoError(t, err) + + doc, err := openapi_v2.ParseDocument(jsonData) + require.NoError(t, err) + + return doc +} + func TestPersistRevisionHistory(t *testing.T) { app := newFakeApp() app.Status.OperationState = nil @@ -390,7 +420,7 @@ func TestNormalizeTargetResources(t *testing.T) { f := setup(t, ignores) // when - targets, err := normalizeTargetResources(f.comparisonResult) + targets, err := normalizeTargetResources(nil, f.comparisonResult) // then require.NoError(t, err) @@ -413,7 +443,7 @@ func TestNormalizeTargetResources(t *testing.T) { live.Object, "Running", "status", "operationState", "phase")) // when - targets, err := normalizeTargetResources(f.comparisonResult) + targets, err := normalizeTargetResources(nil, f.comparisonResult) // then: live status must not be merged into the target that gets applied, // otherwise the SSA sync manager co-owns and freezes operationState.phase. @@ -428,7 +458,7 @@ func TestNormalizeTargetResources(t *testing.T) { f := setup(t, []v1alpha1.ResourceIgnoreDifferences{}) // when - targets, err := normalizeTargetResources(f.comparisonResult) + targets, err := normalizeTargetResources(nil, f.comparisonResult) // then require.NoError(t, err) @@ -448,7 +478,7 @@ func TestNormalizeTargetResources(t *testing.T) { unstructured.RemoveNestedField(live.Object, "metadata", "annotations", "iksm-version") // when - targets, err := normalizeTargetResources(f.comparisonResult) + targets, err := normalizeTargetResources(nil, f.comparisonResult) // then require.NoError(t, err) @@ -473,7 +503,7 @@ func TestNormalizeTargetResources(t *testing.T) { f := setup(t, ignores) // when - targets, err := normalizeTargetResources(f.comparisonResult) + targets, err := normalizeTargetResources(nil, f.comparisonResult) // then require.NoError(t, err) @@ -488,7 +518,6 @@ func TestNormalizeTargetResources(t *testing.T) { assert.Equal(t, int64(4), replicas) }) t.Run("will keep new array entries not found in live state if not ignored", func(t *testing.T) { - t.Skip("limitation in the current implementation") // given ignores := []v1alpha1.ResourceIgnoreDifferences{ { @@ -502,7 +531,7 @@ func TestNormalizeTargetResources(t *testing.T) { f.comparisonResult.reconciliationResult.Target = []*unstructured.Unstructured{target} // when - targets, err := normalizeTargetResources(f.comparisonResult) + targets, err := normalizeTargetResources(nil, f.comparisonResult) // then require.NoError(t, err) @@ -539,6 +568,11 @@ func TestNormalizeTargetResourcesWithList(t *testing.T) { } t.Run("will properly ignore nested fields within arrays", func(t *testing.T) { + doc := loadCRDSchema(t, "testdata/schemas/httpproxy_openapi_v2.yaml") + disco := &fakeDiscovery{schema: doc} + oapiGetter := openapi.NewOpenAPIGetter(disco) + oapiResources, err := openapi.NewOpenAPIParser(oapiGetter).Parse() + require.NoError(t, err) // given ignores := []v1alpha1.ResourceIgnoreDifferences{ { @@ -552,8 +586,11 @@ func TestNormalizeTargetResourcesWithList(t *testing.T) { target := test.YamlToUnstructured(testdata.TargetHTTPProxy) f.comparisonResult.reconciliationResult.Target = []*unstructured.Unstructured{target} + gvk := schema.GroupVersionKind{Group: "projectcontour.io", Version: "v1", Kind: "HTTPProxy"} + fmt.Printf("LookupResource result: %+v\n", oapiResources.LookupResource(gvk)) + // when - patchedTargets, err := normalizeTargetResources(f.comparisonResult) + patchedTargets, err := normalizeTargetResources(oapiResources, f.comparisonResult) // then require.NoError(t, err) @@ -592,7 +629,7 @@ func TestNormalizeTargetResourcesWithList(t *testing.T) { f.comparisonResult.reconciliationResult.Target = []*unstructured.Unstructured{target} // when - targets, err := normalizeTargetResources(f.comparisonResult) + targets, err := normalizeTargetResources(nil, f.comparisonResult) // then require.NoError(t, err) @@ -644,7 +681,7 @@ func TestNormalizeTargetResourcesWithList(t *testing.T) { f.comparisonResult.reconciliationResult.Target = []*unstructured.Unstructured{target} // when - targets, err := normalizeTargetResources(f.comparisonResult) + targets, err := normalizeTargetResources(nil, f.comparisonResult) // then require.NoError(t, err) @@ -698,6 +735,175 @@ func TestNormalizeTargetResourcesWithList(t *testing.T) { assert.Equal(t, "EV", env0["name"]) assert.Equal(t, "here", env0["value"]) }) + + t.Run("patches ignored differences in individual array elements of HTTPProxy CRD", func(t *testing.T) { + doc := loadCRDSchema(t, "testdata/schemas/httpproxy_openapi_v2.yaml") + disco := &fakeDiscovery{schema: doc} + oapiGetter := openapi.NewOpenAPIGetter(disco) + oapiResources, err := openapi.NewOpenAPIParser(oapiGetter).Parse() + require.NoError(t, err) + + ignores := []v1alpha1.ResourceIgnoreDifferences{ + { + Group: "projectcontour.io", + Kind: "HTTPProxy", + JQPathExpressions: []string{".spec.routes[].rateLimitPolicy.global.descriptors[].entries[]"}, + }, + } + + f := setupHTTPProxy(t, ignores) + + target := test.YamlToUnstructured(testdata.TargetHTTPProxy) + f.comparisonResult.reconciliationResult.Target = []*unstructured.Unstructured{target} + + live := test.YamlToUnstructured(testdata.LiveHTTPProxy) + f.comparisonResult.reconciliationResult.Live = []*unstructured.Unstructured{live} + + patchedTargets, err := normalizeTargetResources(oapiResources, f.comparisonResult) + require.NoError(t, err) + require.Len(t, patchedTargets, 1) + patched := patchedTargets[0] + + // verify descriptors array in patched target + descriptors := dig(patched.Object, "spec", "routes", 0, "rateLimitPolicy", "global", "descriptors").([]any) + require.Len(t, descriptors, 1) // Only the descriptors with ignored entries should remain + + // verify individual entries array inside the descriptor + entriesArr := dig(patched.Object, "spec", "routes", 0, "rateLimitPolicy", "global", "descriptors", 0, "entries").([]any) + require.Len(t, entriesArr, 1) // Only the ignored entry should be patched + + // verify the content of the entry is preserved correctly + entry := entriesArr[0].(map[string]any) + requestHeader := entry["requestHeader"].(map[string]any) + assert.Equal(t, "sample-header", requestHeader["headerName"]) + assert.Equal(t, "sample-key", requestHeader["descriptorKey"]) + }) +} + +func TestNormalizeTargetResourcesCRDs(t *testing.T) { + type fixture struct { + comparisonResult *comparisonResult + } + setupHTTPProxy := func(t *testing.T, ignores []v1alpha1.ResourceIgnoreDifferences) *fixture { + t.Helper() + dc, err := diff.NewDiffConfigBuilder(). + WithDiffSettings(ignores, nil, true, normalizers.IgnoreNormalizerOpts{}). + WithNoCache(). + Build() + require.NoError(t, err) + live := test.YamlToUnstructured(testdata.SimpleAppLiveYaml) + target := test.YamlToUnstructured(testdata.SimpleAppTargetYaml) + return &fixture{ + &comparisonResult{ + reconciliationResult: sync.ReconciliationResult{ + Live: []*unstructured.Unstructured{live}, + Target: []*unstructured.Unstructured{target}, + }, + diffConfig: dc, + }, + } + } + + t.Run("sample-app", func(t *testing.T) { + doc := loadCRDSchema(t, "testdata/schemas/simple-app.yaml") + disco := &fakeDiscovery{schema: doc} + oapiGetter := openapi.NewOpenAPIGetter(disco) + oapiResources, err := openapi.NewOpenAPIParser(oapiGetter).Parse() + require.NoError(t, err) + + ignores := []v1alpha1.ResourceIgnoreDifferences{ + { + Group: "example.com", + Kind: "SimpleApp", + JQPathExpressions: []string{".spec.servers[1].enabled", ".spec.servers[0].port"}, + }, + } + + f := setupHTTPProxy(t, ignores) + + target := test.YamlToUnstructured(testdata.SimpleAppTargetYaml) + f.comparisonResult.reconciliationResult.Target = []*unstructured.Unstructured{target} + + live := test.YamlToUnstructured(testdata.SimpleAppLiveYaml) + f.comparisonResult.reconciliationResult.Live = []*unstructured.Unstructured{live} + + patchedTargets, err := normalizeTargetResources(oapiResources, f.comparisonResult) + require.NoError(t, err) + require.Len(t, patchedTargets, 1) + + patched := patchedTargets[0] + require.NotNil(t, patched) + + // 'spec.servers' array has length 2 + servers := dig(patched.Object, "spec", "servers").([]any) + require.Len(t, servers, 2) + + // first server's 'name' is 'server1' + name1 := dig(patched.Object, "spec", "servers", 0, "name").(string) + assert.Equal(t, "server1", name1) + + assert.Equal(t, int64(8081), dig(patched.Object, "spec", "servers", 0, "port").(int64)) + assert.Equal(t, int64(9090), dig(patched.Object, "spec", "servers", 1, "port").(int64)) + + // first server's 'enabled' should be true + enabled1 := dig(patched.Object, "spec", "servers", 0, "enabled").(bool) + assert.True(t, enabled1) + + // second server's 'name' should be 'server2' + name2 := dig(patched.Object, "spec", "servers", 1, "name").(string) + assert.Equal(t, "server2", name2) + + // second server's 'enabled' should be true (respected from live due to ignoreDifferences) + enabled2 := dig(patched.Object, "spec", "servers", 1, "enabled").(bool) + assert.True(t, enabled2) + }) + t.Run("rollout-obj", func(t *testing.T) { + // Load Rollout CRD schema like SimpleApp + doc := loadCRDSchema(t, "testdata/schemas/rollout-schema.yaml") + disco := &fakeDiscovery{schema: doc} + oapiGetter := openapi.NewOpenAPIGetter(disco) + oapiResources, err := openapi.NewOpenAPIParser(oapiGetter).Parse() + require.NoError(t, err) + + ignores := []v1alpha1.ResourceIgnoreDifferences{ + { + Group: "argoproj.io", + Kind: "Rollout", + JQPathExpressions: []string{`.spec.template.spec.containers[] | select(.name == "init") | .image`}, + }, + } + + f := setupHTTPProxy(t, ignores) + + live := test.YamlToUnstructured(testdata.LiveRolloutYaml) + target := test.YamlToUnstructured(testdata.TargetRolloutYaml) + f.comparisonResult.reconciliationResult.Live = []*unstructured.Unstructured{live} + f.comparisonResult.reconciliationResult.Target = []*unstructured.Unstructured{target} + + targets, err := normalizeTargetResources(oapiResources, f.comparisonResult) + require.NoError(t, err) + require.Len(t, targets, 1) + + patched := targets[0] + require.NotNil(t, patched) + + containers := dig(patched.Object, "spec", "template", "spec", "containers").([]any) + require.Len(t, containers, 2) + + initContainer := containers[0].(map[string]any) + mainContainer := containers[1].(map[string]any) + + // Assert init container image is preserved (ignoreDifferences works) + initImage := dig(initContainer, "image").(string) + assert.Equal(t, "init-container:v1", initImage) + + // Assert main container fields as expected + mainName := dig(mainContainer, "name").(string) + assert.Equal(t, "main", mainName) + + mainImage := dig(mainContainer, "image").(string) + assert.Equal(t, "main-container:v1", mainImage) + }) } func TestDeriveServiceAccountMatchingNamespaces(t *testing.T) { diff --git a/controller/testdata/data.go b/controller/testdata/data.go index 6bb0d5ed320b4..c71c2018fe729 100644 --- a/controller/testdata/data.go +++ b/controller/testdata/data.go @@ -32,4 +32,16 @@ var ( //go:embed additional-image-replicas-deployment.yaml AdditionalImageReplicaDeploymentYaml string + + //go:embed simple-app-live.yaml + SimpleAppLiveYaml string + + //go:embed simple-app-target.yaml + SimpleAppTargetYaml string + + //go:embed target-rollout.yaml + TargetRolloutYaml string + + //go:embed live-rollout.yaml + LiveRolloutYaml string ) diff --git a/controller/testdata/live-rollout.yaml b/controller/testdata/live-rollout.yaml new file mode 100644 index 0000000000000..a8d52fd743b46 --- /dev/null +++ b/controller/testdata/live-rollout.yaml @@ -0,0 +1,25 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Rollout +metadata: + name: rollout-sample +spec: + replicas: 2 + strategy: + canary: + steps: + - setWeight: 20 + selector: + matchLabels: + app: rollout-sample + template: + metadata: + labels: + app: rollout-sample + spec: + containers: + - name: init + image: init-container:v1 + livenessProbe: + initialDelaySeconds: 10 + - name: main + image: main-container:v1 diff --git a/controller/testdata/schemas/httpproxy_openapi_v2.yaml b/controller/testdata/schemas/httpproxy_openapi_v2.yaml new file mode 100644 index 0000000000000..00a42f54ed5b4 --- /dev/null +++ b/controller/testdata/schemas/httpproxy_openapi_v2.yaml @@ -0,0 +1,62 @@ +swagger: "2.0" +info: + title: HTTPProxy + version: "v1" +paths: {} +definitions: + io.projectcontour.v1.HTTPProxy: + type: object + x-kubernetes-group-version-kind: + - group: projectcontour.io + version: v1 + kind: HTTPProxy + properties: + spec: + type: object + properties: + routes: + type: array + items: + type: object + properties: + rateLimitPolicy: + type: object + properties: + global: + type: object + properties: + descriptors: + type: array + x-kubernetes-list-map-keys: + - entries + items: + type: object + properties: + entries: + type: array + x-kubernetes-list-map-keys: + - headerName + items: + type: object + properties: + requestHeader: + type: object + properties: + descriptorKey: + type: string + headerName: + type: string + requestHeaderValueMatch: + type: object + properties: + headers: + type: array + items: + type: object + properties: + name: + type: string + contains: + type: string + value: + type: string diff --git a/controller/testdata/schemas/rollout-schema.yaml b/controller/testdata/schemas/rollout-schema.yaml new file mode 100644 index 0000000000000..0edd9b18837ff --- /dev/null +++ b/controller/testdata/schemas/rollout-schema.yaml @@ -0,0 +1,67 @@ +swagger: "2.0" +info: + title: Rollout + version: "v1alpha1" +paths: {} +definitions: + argoproj.io.v1alpha1.Rollout: + type: object + x-kubernetes-group-version-kind: + - group: argoproj.io + version: v1alpha1 + kind: Rollout + properties: + spec: + type: object + properties: + replicas: + type: integer + strategy: + type: object + properties: + canary: + type: object + properties: + steps: + type: array + items: + type: object + properties: + setWeight: + type: integer + selector: + type: object + properties: + matchLabels: + type: object + additionalProperties: + type: string + template: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + additionalProperties: + type: string + spec: + type: object + properties: + containers: + type: array + x-kubernetes-list-map-keys: + - name + items: + type: object + properties: + name: + type: string + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer diff --git a/controller/testdata/schemas/simple-app.yaml b/controller/testdata/schemas/simple-app.yaml new file mode 100644 index 0000000000000..73277c7b4e49b --- /dev/null +++ b/controller/testdata/schemas/simple-app.yaml @@ -0,0 +1,29 @@ +swagger: "2.0" +info: + title: SimpleApp + version: "v1" +paths: {} +definitions: + example.com.v1.SimpleApp: + type: object + x-kubernetes-group-version-kind: + - group: example.com + version: v1 + kind: SimpleApp + properties: + spec: + type: object + properties: + servers: + type: array + x-kubernetes-list-map-keys: + - name + items: + type: object + properties: + name: + type: string + port: + type: integer + enabled: + type: boolean diff --git a/controller/testdata/simple-app-live.yaml b/controller/testdata/simple-app-live.yaml new file mode 100644 index 0000000000000..1f910a3d60df3 --- /dev/null +++ b/controller/testdata/simple-app-live.yaml @@ -0,0 +1,12 @@ +apiVersion: example.com/v1 +kind: SimpleApp +metadata: + name: simpleapp-sample +spec: + servers: + - name: server1 + port: 8081 # port changed in live from 8080 + enabled: true + - name: server2 + port: 9090 + enabled: true # enabled changed in live from false diff --git a/controller/testdata/simple-app-target.yaml b/controller/testdata/simple-app-target.yaml new file mode 100644 index 0000000000000..cfcf692743c3d --- /dev/null +++ b/controller/testdata/simple-app-target.yaml @@ -0,0 +1,12 @@ +apiVersion: example.com/v1 +kind: SimpleApp +metadata: + name: simpleapp-sample +spec: + servers: + - name: server1 + port: 8080 + enabled: true + - name: server2 + port: 9090 + enabled: false diff --git a/controller/testdata/target-rollout.yaml b/controller/testdata/target-rollout.yaml new file mode 100644 index 0000000000000..a42d2abd2088f --- /dev/null +++ b/controller/testdata/target-rollout.yaml @@ -0,0 +1,25 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Rollout +metadata: + name: rollout-sample +spec: + replicas: 2 + strategy: + canary: + steps: + - setWeight: 20 + selector: + matchLabels: + app: rollout-sample + template: + metadata: + labels: + app: rollout-sample + spec: + containers: + - name: init + image: init-container:v1 + livenessProbe: + initialDelaySeconds: 15 + - name: main + image: main-container:v1 From d6102e13cb14cbfe6280c6a9e6b82c1a9ef3839d Mon Sep 17 00:00:00 2001 From: Sergio Santiago Date: Fri, 12 Jun 2026 21:05:43 +0200 Subject: [PATCH 2/5] chore: run go mod tidy to promote gnostic-models to direct dependency Signed-off-by: Sergio Santiago --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 3417f5c0d8111..6716762424d84 100644 --- a/go.mod +++ b/go.mod @@ -214,7 +214,7 @@ require ( github.com/gobwas/ws v1.2.1 // indirect github.com/golang-jwt/jwt/v4 v4.5.2 // indirect github.com/golang/glog v1.2.5 // indirect - github.com/google/gnostic-models v0.7.0 // indirect + github.com/google/gnostic-models v0.7.0 github.com/google/go-github/v84 v84.0.0 // indirect github.com/google/go-querystring v1.2.0 // indirect github.com/google/s2a-go v0.1.9 // indirect From 2d42cc1c3c7790575a3287d2921790b75c194205 Mon Sep 17 00:00:00 2001 From: Sergio Santiago Date: Fri, 12 Jun 2026 21:58:31 +0200 Subject: [PATCH 3/5] fix: only fetch openAPISchema when RespectIgnoreDifferences is enabled Move the getOpenAPISchema call inside the RespectIgnoreDifferences=true block so it is only invoked when the feature is actually used. This avoids requiring all existing tests to stub GetOpenAPISchema on their ClusterCache mocks. Signed-off-by: Sergio Santiago --- controller/sync.go | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/controller/sync.go b/controller/sync.go index d8297767df2a1..7b2941aa95564 100644 --- a/controller/sync.go +++ b/controller/sync.go @@ -240,19 +240,18 @@ func (m *appStateManager) SyncAppState(app *v1alpha1.Application, project *v1alp clientSideApplyManager = managerValue } - openAPISchema, err := m.getOpenAPISchema(destCluster) - if err != nil { - state.Phase = common.OperationError - state.Message = fmt.Sprintf("failed to load openAPISchema: %v", err) - return - } - reconciliationResult := compareResult.reconciliationResult // if RespectIgnoreDifferences is enabled, it should normalize the target // resources which in this case applies the live values in the configured // ignore differences fields. if syncOp.SyncOptions.HasOption("RespectIgnoreDifferences=true") { + openAPISchema, err := m.getOpenAPISchema(destCluster) + if err != nil { + state.Phase = common.OperationError + state.Message = fmt.Sprintf("failed to load openAPISchema: %v", err) + return + } patchedTargets, err := normalizeTargetResources(openAPISchema, compareResult) if err != nil { state.Phase = common.OperationError From d16bbd68394a7598ad75d9c9e5429af1e928bf9e Mon Sep 17 00:00:00 2001 From: Sergio Santiago Date: Sat, 13 Jun 2026 10:47:25 +0200 Subject: [PATCH 4/5] test: add coverage for getOpenAPISchema and RespectIgnoreDifferences sync path - Register GetOpenAPISchema on shared clusterCacheMock with Maybe() so tests that don't use RespectIgnoreDifferences are unaffected - Add TestProcessRequestedAppOperation_Successful_RespectIgnoreDifferences covering the SyncAppState path when RespectIgnoreDifferences=true - Add TestGetOpenAPISchema_ClusterCacheError covering the error branch when GetClusterCache fails Signed-off-by: Sergio Santiago --- controller/appcontroller_test.go | 44 ++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/controller/appcontroller_test.go b/controller/appcontroller_test.go index 6290c5281e4c5..b86b020120052 100644 --- a/controller/appcontroller_test.go +++ b/controller/appcontroller_test.go @@ -245,6 +245,7 @@ func newFakeControllerWithResync(ctx context.Context, data *fakeData, appResyncP clusterCacheMock := &mocks.ClusterCache{} clusterCacheMock.EXPECT().IsNamespaced(mock.Anything).Return(true, nil) clusterCacheMock.EXPECT().GetGVKParser().Return(nil) + clusterCacheMock.EXPECT().GetOpenAPISchema().Return(nil).Maybe() mockStateCache := &mockstatecache.LiveStateCache{} ctrl.appStateManager.(*appStateManager).liveStateCache = mockStateCache @@ -3188,6 +3189,35 @@ func TestProcessRequestedAppOperation_Successful(t *testing.T) { assert.Equal(t, CompareWithLatestForceResolve, level) } +func TestProcessRequestedAppOperation_Successful_RespectIgnoreDifferences(t *testing.T) { + app := newFakeApp() + app.Spec.Project = "default" + app.Operation = &v1alpha1.Operation{ + Sync: &v1alpha1.SyncOperation{ + SyncOptions: v1alpha1.SyncOptions{"RespectIgnoreDifferences=true"}, + }, + } + ctrl := newFakeController(t.Context(), &fakeData{ + apps: []runtime.Object{app, &defaultProj}, + manifestResponses: []*apiclient.ManifestResponse{{ + Manifests: []string{}, + }}, + }, nil) + fakeAppCs := ctrl.applicationClientset.(*appclientset.Clientset) + receivedPatch := map[string]any{} + fakeAppCs.PrependReactor("patch", "*", func(action kubetesting.Action) (handled bool, ret runtime.Object, err error) { + if patchAction, ok := action.(kubetesting.PatchAction); ok { + require.NoError(t, json.Unmarshal(patchAction.GetPatch(), &receivedPatch)) + } + return true, &v1alpha1.Application{}, nil + }) + + ctrl.processRequestedAppOperation(app) + + phase, _, _ := unstructured.NestedString(receivedPatch, "status", "operationState", "phase") + assert.Equal(t, string(synccommon.OperationSucceeded), phase) +} + func TestProcessRequestedAppAutomatedOperation_Successful(t *testing.T) { app := newFakeApp() app.Spec.Project = "default" @@ -4091,3 +4121,17 @@ func TestPersistAppStatus_AnnotationManagement(t *testing.T) { assert.Equal(t, "other-value", otherValue) }) } + +func TestGetOpenAPISchema_ClusterCacheError(t *testing.T) { + mockStateCache := &mockstatecache.LiveStateCache{} + mockStateCache.EXPECT().GetClusterCache(mock.Anything).Return(nil, errors.New("cluster not found")) + + m := &appStateManager{ + liveStateCache: mockStateCache, + } + + cluster := &v1alpha1.Cluster{Server: "https://localhost:6443"} + _, err := m.getOpenAPISchema(cluster) + require.Error(t, err) + assert.Contains(t, err.Error(), "cluster not found") +} From fd8cfba8537f7a414937fa9b89ef516bc55c0af4 Mon Sep 17 00:00:00 2001 From: Sergio Santiago Date: Sun, 14 Jun 2026 13:27:09 +0200 Subject: [PATCH 5/5] test: add app-of-apps child Application panic regression test Adds the test case requested by blakepettersson to confirm that the bug from #25199 is no longer present. The test reproduces the panic that occurred when an app-of-apps with RespectIgnoreDifferences=true synced a child Application resource and the Application CRD OpenAPI schema caused a nil dereference in strategicpatch.handleSliceDiff during array field processing. Signed-off-by: Sergio Santiago --- controller/sync_test.go | 54 + controller/testdata/data.go | 6 + .../testdata/live-child-application.yaml | 1240 ++++ .../schemas/application-openapi-v2.yaml | 5993 +++++++++++++++++ .../testdata/target-child-application.yaml | 80 + 5 files changed, 7373 insertions(+) create mode 100644 controller/testdata/live-child-application.yaml create mode 100644 controller/testdata/schemas/application-openapi-v2.yaml create mode 100644 controller/testdata/target-child-application.yaml diff --git a/controller/sync_test.go b/controller/sync_test.go index 829c361d1a164..e71f56441b476 100644 --- a/controller/sync_test.go +++ b/controller/sync_test.go @@ -904,6 +904,60 @@ func TestNormalizeTargetResourcesCRDs(t *testing.T) { mainImage := dig(mainContainer, "image").(string) assert.Equal(t, "main-container:v1", mainImage) }) + + t.Run("app-of-apps-child-application-chart-version-update-panic", func(t *testing.T) { + // Reproduces the panic from https://github.com/blakepettersson/broken-app-of-apps + // An app-of-apps with RespectIgnoreDifferences=true managing a child Application + // panics on a Helm chart version update when the Application CRD schema has array + // fields with incomplete strategic merge directives. + doc := loadCRDSchema(t, "testdata/schemas/application-openapi-v2.yaml") + disco := &fakeDiscovery{schema: doc} + oapiGetter := openapi.NewOpenAPIGetter(disco) + oapiResources, err := openapi.NewOpenAPIParser(oapiGetter).Parse() + require.NoError(t, err) + + ignores := []v1alpha1.ResourceIgnoreDifferences{ + { + Group: "argoproj.io", + Kind: "Application", + JQPathExpressions: []string{".spec.syncPolicy.automated"}, + }, + } + + dc, err := diff.NewDiffConfigBuilder(). + WithDiffSettings(ignores, nil, true, normalizers.IgnoreNormalizerOpts{}). + WithNoCache(). + Build() + require.NoError(t, err) + + live := test.YamlToUnstructured(testdata.LiveChildApplicationYaml) + target := test.YamlToUnstructured(testdata.TargetChildApplicationYaml) + + cr := &comparisonResult{ + reconciliationResult: sync.ReconciliationResult{ + Live: []*unstructured.Unstructured{live}, + Target: []*unstructured.Unstructured{target}, + }, + diffConfig: dc, + } + + // Should NOT panic — before the fix this panicked with: + // "runtime error: invalid memory address or nil pointer dereference" + // at k8s.io/apimachinery/pkg/util/strategicpatch.handleSliceDiff:306 + patchedTargets, err := normalizeTargetResources(oapiResources, cr) + if err != nil { + t.Logf("Got error (non-panic): %v", err) + } else { + require.Len(t, patchedTargets, 1) + patched := patchedTargets[0] + require.NotNil(t, patched) + + targetRevision, ok, nestedErr := unstructured.NestedString(patched.Object, "spec", "source", "targetRevision") + require.NoError(t, nestedErr) + require.True(t, ok) + assert.Equal(t, "0.45.28", targetRevision) + } + }) } func TestDeriveServiceAccountMatchingNamespaces(t *testing.T) { diff --git a/controller/testdata/data.go b/controller/testdata/data.go index c71c2018fe729..b87ae3a3e65cc 100644 --- a/controller/testdata/data.go +++ b/controller/testdata/data.go @@ -44,4 +44,10 @@ var ( //go:embed live-rollout.yaml LiveRolloutYaml string + + //go:embed live-child-application.yaml + LiveChildApplicationYaml string + + //go:embed target-child-application.yaml + TargetChildApplicationYaml string ) diff --git a/controller/testdata/live-child-application.yaml b/controller/testdata/live-child-application.yaml new file mode 100644 index 0000000000000..ffbc7bb6e3101 --- /dev/null +++ b/controller/testdata/live-child-application.yaml @@ -0,0 +1,1240 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + annotations: + argocd.argoproj.io/tracking-id: 'app-of-apps:argoproj.io/Application:argocd/argo-workflows' + kubectl.kubernetes.io/last-applied-configuration: > + {"apiVersion":"argoproj.io/v1alpha1","kind":"Application","metadata":{"annotations":{"argocd.argoproj.io/tracking-id":"app-of-apps:argoproj.io/Application:argocd/argo-workflows"},"name":"argo-workflows","namespace":"argocd"},"spec":{"destination":{"name":"in-cluster","namespace":"argo-workflows"},"project":"default","revisionHistoryLimit":1,"source":{"chart":"argo-workflows","helm":{"valuesObject":{"controller":{"podSecurityContext":{"runAsGroup":1000,"runAsUser":1000,"seccompProfile":{"type":"RuntimeDefault"}},"resources":{"requests":{"cpu":"12m","memory":"70M"}},"volumeMounts":[{"mountPath":"/tmp","name":"tmp"}],"volumes":[{"emptyDir":{},"name":"tmp"}]},"crds":{"keep":false},"executor":{"securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"runAsGroup":1000,"runAsNonRoot":true,"runAsUser":1000}},"server":{"extraArgs":["--auth-mode=server"],"ingress":{"annotations":{"cert-manager.io/cluster-issuer":"letsencrypt-dns01-issuer"},"enabled":true,"hosts":["argo-workflows.hankeln.work"],"ingressClassName":"nginx","tls":[{"hosts":["argo-workflows.hankeln.work"],"secretName":"argo-workflows-cert"}]},"podSecurityContext":{"runAsGroup":1000,"runAsUser":1000,"seccompProfile":{"type":"RuntimeDefault"}},"resources":{"requests":{"cpu":"12m","memory":"50M"}},"securityContext":{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsNonRoot":true}},"workflow":{"serviceAccount":{"create":true}}}},"repoURL":"https://argoproj.github.io/argo-helm","targetRevision":"0.45.27"},"syncPolicy":{"automated":{"allowEmpty":true,"prune":true}}}} + creationTimestamp: '2025-11-14T12:35:57Z' + generation: 56 + managedFields: + - apiVersion: argoproj.io/v1alpha1 + fieldsType: FieldsV1 + fieldsV1: + 'f:metadata': + 'f:annotations': + .: {} + 'f:argocd.argoproj.io/tracking-id': {} + 'f:kubectl.kubernetes.io/last-applied-configuration': {} + 'f:spec': + .: {} + 'f:destination': + .: {} + 'f:name': {} + 'f:namespace': {} + 'f:project': {} + 'f:revisionHistoryLimit': {} + 'f:source': + .: {} + 'f:chart': {} + 'f:helm': + .: {} + 'f:valuesObject': + .: {} + 'f:controller': + .: {} + 'f:podSecurityContext': + .: {} + 'f:runAsGroup': {} + 'f:runAsUser': {} + 'f:seccompProfile': + .: {} + 'f:type': {} + 'f:resources': + .: {} + 'f:requests': + .: {} + 'f:cpu': {} + 'f:memory': {} + 'f:volumeMounts': {} + 'f:volumes': {} + 'f:crds': + .: {} + 'f:keep': {} + 'f:executor': + .: {} + 'f:securityContext': + .: {} + 'f:allowPrivilegeEscalation': {} + 'f:capabilities': + .: {} + 'f:drop': {} + 'f:runAsGroup': {} + 'f:runAsNonRoot': {} + 'f:runAsUser': {} + 'f:server': + .: {} + 'f:extraArgs': {} + 'f:ingress': + .: {} + 'f:annotations': + .: {} + 'f:cert-manager.io/cluster-issuer': {} + 'f:enabled': {} + 'f:hosts': {} + 'f:ingressClassName': {} + 'f:tls': {} + 'f:podSecurityContext': + .: {} + 'f:runAsGroup': {} + 'f:runAsUser': {} + 'f:seccompProfile': + .: {} + 'f:type': {} + 'f:resources': + .: {} + 'f:requests': + .: {} + 'f:cpu': {} + 'f:memory': {} + 'f:securityContext': + .: {} + 'f:allowPrivilegeEscalation': {} + 'f:readOnlyRootFilesystem': {} + 'f:runAsNonRoot': {} + 'f:workflow': + .: {} + 'f:serviceAccount': + .: {} + 'f:create': {} + 'f:repoURL': {} + 'f:targetRevision': {} + 'f:syncPolicy': + .: {} + 'f:automated': + .: {} + 'f:allowEmpty': {} + 'f:prune': {} + manager: argocd-controller + operation: Update + time: '2025-11-14T12:35:57Z' + - apiVersion: argoproj.io/v1alpha1 + fieldsType: FieldsV1 + fieldsV1: + 'f:status': + .: {} + 'f:controllerNamespace': {} + 'f:health': + .: {} + 'f:lastTransitionTime': {} + 'f:status': {} + 'f:history': {} + 'f:operationState': + .: {} + 'f:finishedAt': {} + 'f:message': {} + 'f:operation': + .: {} + 'f:initiatedBy': + .: {} + 'f:automated': {} + 'f:retry': + .: {} + 'f:limit': {} + 'f:sync': + .: {} + 'f:prune': {} + 'f:revision': {} + 'f:source': + .: {} + 'f:chart': {} + 'f:helm': + .: {} + 'f:valuesObject': + .: {} + 'f:controller': + .: {} + 'f:podSecurityContext': + .: {} + 'f:runAsGroup': {} + 'f:runAsUser': {} + 'f:seccompProfile': + .: {} + 'f:type': {} + 'f:resources': + .: {} + 'f:requests': + .: {} + 'f:cpu': {} + 'f:memory': {} + 'f:volumeMounts': {} + 'f:volumes': {} + 'f:crds': + .: {} + 'f:keep': {} + 'f:executor': + .: {} + 'f:securityContext': + .: {} + 'f:allowPrivilegeEscalation': {} + 'f:capabilities': + .: {} + 'f:drop': {} + 'f:runAsGroup': {} + 'f:runAsNonRoot': {} + 'f:runAsUser': {} + 'f:server': + .: {} + 'f:extraArgs': {} + 'f:ingress': + .: {} + 'f:annotations': + .: {} + 'f:cert-manager.io/cluster-issuer': {} + 'f:enabled': {} + 'f:hosts': {} + 'f:ingressClassName': {} + 'f:tls': {} + 'f:podSecurityContext': + .: {} + 'f:runAsGroup': {} + 'f:runAsUser': {} + 'f:seccompProfile': + .: {} + 'f:type': {} + 'f:resources': + .: {} + 'f:requests': + .: {} + 'f:cpu': {} + 'f:memory': {} + 'f:securityContext': + .: {} + 'f:allowPrivilegeEscalation': {} + 'f:readOnlyRootFilesystem': {} + 'f:runAsNonRoot': {} + 'f:workflow': + .: {} + 'f:serviceAccount': + .: {} + 'f:create': {} + 'f:repoURL': {} + 'f:targetRevision': {} + 'f:phase': {} + 'f:startedAt': {} + 'f:syncResult': + .: {} + 'f:resources': {} + 'f:revision': {} + 'f:source': + .: {} + 'f:chart': {} + 'f:helm': + .: {} + 'f:valuesObject': + .: {} + 'f:controller': + .: {} + 'f:podSecurityContext': + .: {} + 'f:runAsGroup': {} + 'f:runAsUser': {} + 'f:seccompProfile': + .: {} + 'f:type': {} + 'f:resources': + .: {} + 'f:requests': + .: {} + 'f:cpu': {} + 'f:memory': {} + 'f:volumeMounts': {} + 'f:volumes': {} + 'f:crds': + .: {} + 'f:keep': {} + 'f:executor': + .: {} + 'f:securityContext': + .: {} + 'f:allowPrivilegeEscalation': {} + 'f:capabilities': + .: {} + 'f:drop': {} + 'f:runAsGroup': {} + 'f:runAsNonRoot': {} + 'f:runAsUser': {} + 'f:server': + .: {} + 'f:extraArgs': {} + 'f:ingress': + .: {} + 'f:annotations': + .: {} + 'f:cert-manager.io/cluster-issuer': {} + 'f:enabled': {} + 'f:hosts': {} + 'f:ingressClassName': {} + 'f:tls': {} + 'f:podSecurityContext': + .: {} + 'f:runAsGroup': {} + 'f:runAsUser': {} + 'f:seccompProfile': + .: {} + 'f:type': {} + 'f:resources': + .: {} + 'f:requests': + .: {} + 'f:cpu': {} + 'f:memory': {} + 'f:securityContext': + .: {} + 'f:allowPrivilegeEscalation': {} + 'f:readOnlyRootFilesystem': {} + 'f:runAsNonRoot': {} + 'f:workflow': + .: {} + 'f:serviceAccount': + .: {} + 'f:create': {} + 'f:repoURL': {} + 'f:targetRevision': {} + 'f:reconciledAt': {} + 'f:resourceHealthSource': {} + 'f:resources': {} + 'f:sourceHydrator': {} + 'f:sourceType': {} + 'f:summary': + .: {} + 'f:externalURLs': {} + 'f:images': {} + 'f:sync': + .: {} + 'f:comparedTo': + .: {} + 'f:destination': + .: {} + 'f:name': {} + 'f:namespace': {} + 'f:source': + .: {} + 'f:chart': {} + 'f:helm': + .: {} + 'f:valuesObject': + .: {} + 'f:controller': + .: {} + 'f:podSecurityContext': + .: {} + 'f:runAsGroup': {} + 'f:runAsUser': {} + 'f:seccompProfile': + .: {} + 'f:type': {} + 'f:resources': + .: {} + 'f:requests': + .: {} + 'f:cpu': {} + 'f:memory': {} + 'f:volumeMounts': {} + 'f:volumes': {} + 'f:crds': + .: {} + 'f:keep': {} + 'f:executor': + .: {} + 'f:securityContext': + .: {} + 'f:allowPrivilegeEscalation': {} + 'f:capabilities': + .: {} + 'f:drop': {} + 'f:runAsGroup': {} + 'f:runAsNonRoot': {} + 'f:runAsUser': {} + 'f:server': + .: {} + 'f:extraArgs': {} + 'f:ingress': + .: {} + 'f:annotations': + .: {} + 'f:cert-manager.io/cluster-issuer': {} + 'f:enabled': {} + 'f:hosts': {} + 'f:ingressClassName': {} + 'f:tls': {} + 'f:podSecurityContext': + .: {} + 'f:runAsGroup': {} + 'f:runAsUser': {} + 'f:seccompProfile': + .: {} + 'f:type': {} + 'f:resources': + .: {} + 'f:requests': + .: {} + 'f:cpu': {} + 'f:memory': {} + 'f:securityContext': + .: {} + 'f:allowPrivilegeEscalation': {} + 'f:readOnlyRootFilesystem': {} + 'f:runAsNonRoot': {} + 'f:workflow': + .: {} + 'f:serviceAccount': + .: {} + 'f:create': {} + 'f:repoURL': {} + 'f:targetRevision': {} + 'f:revision': {} + 'f:status': {} + manager: argocd-application-controller + operation: Update + time: '2025-11-14T16:33:21Z' + name: argo-workflows + namespace: argocd + resourceVersion: '3000237' + uid: c3ec7180-99b0-431a-adda-63c5eddcde3a +spec: + destination: + name: in-cluster + namespace: argo-workflows + project: default + revisionHistoryLimit: 1 + source: + chart: argo-workflows + helm: + valuesObject: + controller: + podSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 12m + memory: 70M + volumeMounts: + - mountPath: /tmp + name: tmp + volumes: + - emptyDir: {} + name: tmp + crds: + keep: false + executor: + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + server: + extraArgs: + - '--auth-mode=server' + ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-dns01-issuer + enabled: true + hosts: + - argo-workflows.hankeln.work + ingressClassName: nginx + tls: + - hosts: + - argo-workflows.hankeln.work + secretName: argo-workflows-cert + podSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 12m + memory: 50M + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + workflow: + serviceAccount: + create: true + repoURL: 'https://argoproj.github.io/argo-helm' + targetRevision: 0.45.27 + syncPolicy: + automated: + allowEmpty: true + prune: true +status: + controllerNamespace: argocd + health: + lastTransitionTime: '2025-11-14T12:35:59Z' + status: Progressing + history: + - deployStartedAt: '2025-11-14T12:35:57Z' + deployedAt: '2025-11-14T12:35:58Z' + id: 0 + initiatedBy: + automated: true + revision: 0.45.27 + source: + chart: argo-workflows + helm: + valuesObject: + controller: + podSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 12m + memory: 70M + volumeMounts: + - mountPath: /tmp + name: tmp + volumes: + - emptyDir: {} + name: tmp + crds: + keep: false + executor: + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + server: + extraArgs: + - '--auth-mode=server' + ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-dns01-issuer + enabled: true + hosts: + - argo-workflows.hankeln.work + ingressClassName: nginx + tls: + - hosts: + - argo-workflows.hankeln.work + secretName: argo-workflows-cert + podSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 12m + memory: 50M + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + workflow: + serviceAccount: + create: true + repoURL: 'https://argoproj.github.io/argo-helm' + targetRevision: 0.45.27 + operationState: + finishedAt: '2025-11-14T12:35:58Z' + message: successfully synced (all tasks run) + operation: + initiatedBy: + automated: true + retry: + limit: 5 + sync: + prune: true + revision: 0.45.27 + source: + chart: argo-workflows + helm: + valuesObject: + controller: + podSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 12m + memory: 70M + volumeMounts: + - mountPath: /tmp + name: tmp + volumes: + - emptyDir: {} + name: tmp + crds: + keep: false + executor: + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + server: + extraArgs: + - '--auth-mode=server' + ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-dns01-issuer + enabled: true + hosts: + - argo-workflows.hankeln.work + ingressClassName: nginx + tls: + - hosts: + - argo-workflows.hankeln.work + secretName: argo-workflows-cert + podSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 12m + memory: 50M + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + workflow: + serviceAccount: + create: true + repoURL: 'https://argoproj.github.io/argo-helm' + targetRevision: 0.45.27 + phase: Succeeded + startedAt: '2025-11-14T12:35:57Z' + syncResult: + resources: + - group: '' + hookPhase: Running + kind: ServiceAccount + message: serviceaccount/argo-workflow created + name: argo-workflow + namespace: default + status: Synced + syncPhase: Sync + version: v1 + - group: '' + hookPhase: Running + kind: ServiceAccount + message: serviceaccount/argo-workflow created + name: argo-workflow + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: '' + hookPhase: Running + kind: ServiceAccount + message: serviceaccount/argo-workflows-server created + name: argo-workflows-server + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: '' + hookPhase: Running + kind: ServiceAccount + message: serviceaccount/argo-workflows-workflow-controller created + name: argo-workflows-workflow-controller + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: '' + hookPhase: Running + kind: ConfigMap + message: configmap/argo-workflows-workflow-controller-configmap created + name: argo-workflows-workflow-controller-configmap + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: apiextensions.k8s.io + hookPhase: Running + kind: CustomResourceDefinition + message: >- + customresourcedefinition.apiextensions.k8s.io/cronworkflows.argoproj.io + configured + name: cronworkflows.argoproj.io + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: apiextensions.k8s.io + hookPhase: Running + kind: CustomResourceDefinition + message: >- + customresourcedefinition.apiextensions.k8s.io/workflows.argoproj.io + configured + name: workflows.argoproj.io + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: apiextensions.k8s.io + hookPhase: Running + kind: CustomResourceDefinition + message: >- + customresourcedefinition.apiextensions.k8s.io/workflowtasksets.argoproj.io + configured + name: workflowtasksets.argoproj.io + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: apiextensions.k8s.io + hookPhase: Running + kind: CustomResourceDefinition + message: >- + customresourcedefinition.apiextensions.k8s.io/clusterworkflowtemplates.argoproj.io + configured + name: clusterworkflowtemplates.argoproj.io + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: apiextensions.k8s.io + hookPhase: Running + kind: CustomResourceDefinition + message: >- + customresourcedefinition.apiextensions.k8s.io/workflowtemplates.argoproj.io + configured + name: workflowtemplates.argoproj.io + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: apiextensions.k8s.io + hookPhase: Running + kind: CustomResourceDefinition + message: >- + customresourcedefinition.apiextensions.k8s.io/workfloweventbindings.argoproj.io + configured + name: workfloweventbindings.argoproj.io + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: apiextensions.k8s.io + hookPhase: Running + kind: CustomResourceDefinition + message: >- + customresourcedefinition.apiextensions.k8s.io/workflowtaskresults.argoproj.io + configured + name: workflowtaskresults.argoproj.io + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: apiextensions.k8s.io + hookPhase: Running + kind: CustomResourceDefinition + message: >- + customresourcedefinition.apiextensions.k8s.io/workflowartifactgctasks.argoproj.io + configured + name: workflowartifactgctasks.argoproj.io + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: ClusterRole + message: "clusterrole.rbac.authorization.k8s.io/argo-workflows-workflow-controller-cluster-template reconciled. reconciliation required create\n\tmissing rules added:\n\t\t{Verbs:[get list watch] APIGroups:[argoproj.io] Resources:[clusterworkflowtemplates clusterworkflowtemplates/finalizers] ResourceNames:[] NonResourceURLs:[]}. clusterrole.rbac.authorization.k8s.io/argo-workflows-workflow-controller-cluster-template configured. Warning: resource clusterroles/argo-workflows-workflow-controller-cluster-template is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-workflow-controller-cluster-template + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: ClusterRole + message: "clusterrole.rbac.authorization.k8s.io/argo-workflows-admin reconciled. reconciliation required create\n\tmissing rules added:\n\t\t{Verbs:[create delete deletecollection get list patch update watch] APIGroups:[argoproj.io] Resources:[workflows workflows/finalizers workfloweventbindings workfloweventbindings/finalizers workflowtemplates workflowtemplates/finalizers cronworkflows cronworkflows/finalizers clusterworkflowtemplates clusterworkflowtemplates/finalizers workflowtasksets workflowtasksets/finalizers workflowtaskresults workflowtaskresults/finalizers workflowartifactgctasks workflowartifactgctasks/finalizers] ResourceNames:[] NonResourceURLs:[]}. clusterrole.rbac.authorization.k8s.io/argo-workflows-admin configured. Warning: resource clusterroles/argo-workflows-admin is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-admin + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: ClusterRole + message: "clusterrole.rbac.authorization.k8s.io/argo-workflows-server reconciled. reconciliation required create\n\tmissing rules added:\n\t\t{Verbs:[get watch list] APIGroups:[] Resources:[configmaps events] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[get list watch delete] APIGroups:[] Resources:[pods] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[get list] APIGroups:[] Resources:[pods/log] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[get] APIGroups:[] Resources:[secrets] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[watch create patch] APIGroups:[] Resources:[events] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[create get list watch update patch delete] APIGroups:[argoproj.io] Resources:[eventsources sensors workflows workfloweventbindings workflowtemplates cronworkflows] ResourceNames:[] NonResourceURLs:[]}. clusterrole.rbac.authorization.k8s.io/argo-workflows-server configured. Warning: resource clusterroles/argo-workflows-server is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-server + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: ClusterRole + message: "clusterrole.rbac.authorization.k8s.io/argo-workflows-server-cluster-template reconciled. reconciliation required create\n\tmissing rules added:\n\t\t{Verbs:[get list watch create update patch delete] APIGroups:[argoproj.io] Resources:[clusterworkflowtemplates] ResourceNames:[] NonResourceURLs:[]}. clusterrole.rbac.authorization.k8s.io/argo-workflows-server-cluster-template configured. Warning: resource clusterroles/argo-workflows-server-cluster-template is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-server-cluster-template + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: ClusterRole + message: "clusterrole.rbac.authorization.k8s.io/argo-workflows-workflow-controller reconciled. reconciliation required create\n\tmissing rules added:\n\t\t{Verbs:[create get list watch update patch delete] APIGroups:[] Resources:[pods] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[create] APIGroups:[] Resources:[pods/exec] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[get watch list] APIGroups:[] Resources:[configmaps namespaces] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[create update delete get] APIGroups:[] Resources:[persistentvolumeclaims persistentvolumeclaims/finalizers] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[get list watch update patch delete create] APIGroups:[argoproj.io] Resources:[workflows workflows/finalizers workflowtasksets workflowtasksets/finalizers workflowtasksets/status workflowartifactgctasks] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[get list watch] APIGroups:[argoproj.io] Resources:[workflowtemplates workflowtemplates/finalizers] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[list watch deletecollection] APIGroups:[argoproj.io] Resources:[workflowtaskresults workflowtaskresults/finalizers] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[get list watch update patch delete] APIGroups:[argoproj.io] Resources:[cronworkflows cronworkflows/finalizers] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[create patch] APIGroups:[] Resources:[events] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[get list] APIGroups:[] Resources:[serviceaccounts] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[create get delete] APIGroups:[policy] Resources:[poddisruptionbudgets] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[create] APIGroups:[coordination.k8s.io] Resources:[leases] ResourceNames:[] NonResourceURLs:[]}\n\t\t{Verbs:[get watch update patch delete] APIGroups:[coordination.k8s.io] Resources:[leases] ResourceNames:[workflow-controller workflow-controller-lease] NonResourceURLs:[]}\n\t\t{Verbs:[get] APIGroups:[] Resources:[secrets] ResourceNames:[argo-workflows-agent-ca-certificates] NonResourceURLs:[]}. clusterrole.rbac.authorization.k8s.io/argo-workflows-workflow-controller configured. Warning: resource clusterroles/argo-workflows-workflow-controller is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-workflow-controller + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: ClusterRole + message: "clusterrole.rbac.authorization.k8s.io/argo-workflows-edit reconciled. reconciliation required create\n\tmissing rules added:\n\t\t{Verbs:[create delete deletecollection get list patch update watch] APIGroups:[argoproj.io] Resources:[workflows workflows/finalizers workfloweventbindings workfloweventbindings/finalizers workflowtemplates workflowtemplates/finalizers cronworkflows cronworkflows/finalizers clusterworkflowtemplates clusterworkflowtemplates/finalizers workflowtasksets workflowtasksets/finalizers workflowtaskresults workflowtaskresults/finalizers workflowartifactgctasks workflowartifactgctasks/finalizers] ResourceNames:[] NonResourceURLs:[]}. clusterrole.rbac.authorization.k8s.io/argo-workflows-edit configured. Warning: resource clusterroles/argo-workflows-edit is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-edit + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: ClusterRole + message: "clusterrole.rbac.authorization.k8s.io/argo-workflows-view reconciled. reconciliation required create\n\tmissing rules added:\n\t\t{Verbs:[get list watch] APIGroups:[argoproj.io] Resources:[workflows workflows/finalizers workfloweventbindings workfloweventbindings/finalizers workflowtemplates workflowtemplates/finalizers cronworkflows cronworkflows/finalizers clusterworkflowtemplates clusterworkflowtemplates/finalizers workflowtasksets workflowtasksets/finalizers workflowtaskresults workflowtaskresults/finalizers workflowartifactgctasks workflowartifactgctasks/finalizers] ResourceNames:[] NonResourceURLs:[]}. clusterrole.rbac.authorization.k8s.io/argo-workflows-view configured. Warning: resource clusterroles/argo-workflows-view is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-view + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: ClusterRoleBinding + message: "clusterrolebinding.rbac.authorization.k8s.io/argo-workflows-workflow-controller reconciled. reconciliation required create\n\tmissing subjects added:\n\t\t{Kind:ServiceAccount APIGroup: Name:argo-workflows-workflow-controller Namespace:argo-workflows}. clusterrolebinding.rbac.authorization.k8s.io/argo-workflows-workflow-controller configured. Warning: resource clusterrolebindings/argo-workflows-workflow-controller is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-workflow-controller + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: ClusterRoleBinding + message: "clusterrolebinding.rbac.authorization.k8s.io/argo-workflows-workflow-controller-cluster-template reconciled. reconciliation required create\n\tmissing subjects added:\n\t\t{Kind:ServiceAccount APIGroup: Name:argo-workflows-workflow-controller Namespace:argo-workflows}. clusterrolebinding.rbac.authorization.k8s.io/argo-workflows-workflow-controller-cluster-template configured. Warning: resource clusterrolebindings/argo-workflows-workflow-controller-cluster-template is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-workflow-controller-cluster-template + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: ClusterRoleBinding + message: "clusterrolebinding.rbac.authorization.k8s.io/argo-workflows-server-cluster-template reconciled. reconciliation required create\n\tmissing subjects added:\n\t\t{Kind:ServiceAccount APIGroup: Name:argo-workflows-server Namespace:argo-workflows}. clusterrolebinding.rbac.authorization.k8s.io/argo-workflows-server-cluster-template configured. Warning: resource clusterrolebindings/argo-workflows-server-cluster-template is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-server-cluster-template + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: ClusterRoleBinding + message: "clusterrolebinding.rbac.authorization.k8s.io/argo-workflows-server reconciled. reconciliation required create\n\tmissing subjects added:\n\t\t{Kind:ServiceAccount APIGroup: Name:argo-workflows-server Namespace:argo-workflows}. clusterrolebinding.rbac.authorization.k8s.io/argo-workflows-server configured. Warning: resource clusterrolebindings/argo-workflows-server is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-server + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: Role + message: "role.rbac.authorization.k8s.io/argo-workflows-workflow reconciled. reconciliation required create\n\tmissing rules added:\n\t\t{Verbs:[create patch] APIGroups:[argoproj.io] Resources:[workflowtaskresults] ResourceNames:[] NonResourceURLs:[]}. role.rbac.authorization.k8s.io/argo-workflows-workflow configured. Warning: resource roles/argo-workflows-workflow is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-workflow + namespace: default + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: Role + message: "role.rbac.authorization.k8s.io/argo-workflows-workflow reconciled. reconciliation required create\n\tmissing rules added:\n\t\t{Verbs:[create patch] APIGroups:[argoproj.io] Resources:[workflowtaskresults] ResourceNames:[] NonResourceURLs:[]}. role.rbac.authorization.k8s.io/argo-workflows-workflow configured. Warning: resource roles/argo-workflows-workflow is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-workflow + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: RoleBinding + message: "rolebinding.rbac.authorization.k8s.io/argo-workflows-workflow reconciled. reconciliation required create\n\tmissing subjects added:\n\t\t{Kind:ServiceAccount APIGroup: Name:argo-workflow Namespace:default}. rolebinding.rbac.authorization.k8s.io/argo-workflows-workflow configured. Warning: resource rolebindings/argo-workflows-workflow is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-workflow + namespace: default + status: Synced + syncPhase: Sync + version: v1 + - group: rbac.authorization.k8s.io + hookPhase: Running + kind: RoleBinding + message: "rolebinding.rbac.authorization.k8s.io/argo-workflows-workflow reconciled. reconciliation required create\n\tmissing subjects added:\n\t\t{Kind:ServiceAccount APIGroup: Name:argo-workflow Namespace:argo-workflows}. rolebinding.rbac.authorization.k8s.io/argo-workflows-workflow configured. Warning: resource rolebindings/argo-workflows-workflow is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by apply. apply should only be used on resources created declaratively by either create --save-config or apply. The missing annotation will be patched automatically." + name: argo-workflows-workflow + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: '' + hookPhase: Running + kind: Service + message: service/argo-workflows-server created + name: argo-workflows-server + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: apps + hookPhase: Running + images: + - 'quay.io/argoproj/workflow-controller:v3.7.3' + kind: Deployment + message: deployment.apps/argo-workflows-workflow-controller created + name: argo-workflows-workflow-controller + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: apps + hookPhase: Running + images: + - 'quay.io/argoproj/argocli:v3.7.3' + kind: Deployment + message: deployment.apps/argo-workflows-server created + name: argo-workflows-server + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + - group: networking.k8s.io + hookPhase: Running + kind: Ingress + message: ingress.networking.k8s.io/argo-workflows-server created + name: argo-workflows-server + namespace: argo-workflows + status: Synced + syncPhase: Sync + version: v1 + revision: 0.45.27 + source: + chart: argo-workflows + helm: + valuesObject: + controller: + podSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 12m + memory: 70M + volumeMounts: + - mountPath: /tmp + name: tmp + volumes: + - emptyDir: {} + name: tmp + crds: + keep: false + executor: + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + server: + extraArgs: + - '--auth-mode=server' + ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-dns01-issuer + enabled: true + hosts: + - argo-workflows.hankeln.work + ingressClassName: nginx + tls: + - hosts: + - argo-workflows.hankeln.work + secretName: argo-workflows-cert + podSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 12m + memory: 50M + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + workflow: + serviceAccount: + create: true + repoURL: 'https://argoproj.github.io/argo-helm' + targetRevision: 0.45.27 + reconciledAt: '2025-11-14T16:33:19Z' + resourceHealthSource: appTree + resources: + - kind: ConfigMap + name: argo-workflows-workflow-controller-configmap + namespace: argo-workflows + status: Synced + version: v1 + - kind: Service + name: argo-workflows-server + namespace: argo-workflows + status: Synced + version: v1 + - kind: ServiceAccount + name: argo-workflow + namespace: argo-workflows + status: Synced + version: v1 + - kind: ServiceAccount + name: argo-workflows-server + namespace: argo-workflows + status: Synced + version: v1 + - kind: ServiceAccount + name: argo-workflows-workflow-controller + namespace: argo-workflows + status: Synced + version: v1 + - kind: ServiceAccount + name: argo-workflow + namespace: default + status: Synced + version: v1 + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: clusterworkflowtemplates.argoproj.io + status: Synced + version: v1 + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: cronworkflows.argoproj.io + status: Synced + version: v1 + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: workflowartifactgctasks.argoproj.io + status: Synced + version: v1 + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: workfloweventbindings.argoproj.io + status: Synced + version: v1 + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: workflows.argoproj.io + status: Synced + version: v1 + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: workflowtaskresults.argoproj.io + status: Synced + version: v1 + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: workflowtasksets.argoproj.io + status: Synced + version: v1 + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: workflowtemplates.argoproj.io + status: Synced + version: v1 + - group: apps + kind: Deployment + name: argo-workflows-server + namespace: argo-workflows + status: Synced + version: v1 + - group: apps + kind: Deployment + name: argo-workflows-workflow-controller + namespace: argo-workflows + status: Synced + version: v1 + - group: networking.k8s.io + kind: Ingress + name: argo-workflows-server + namespace: argo-workflows + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: ClusterRole + name: argo-workflows-admin + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: ClusterRole + name: argo-workflows-edit + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: ClusterRole + name: argo-workflows-server + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: ClusterRole + name: argo-workflows-server-cluster-template + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: ClusterRole + name: argo-workflows-view + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: ClusterRole + name: argo-workflows-workflow-controller + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: ClusterRole + name: argo-workflows-workflow-controller-cluster-template + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: ClusterRoleBinding + name: argo-workflows-server + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: ClusterRoleBinding + name: argo-workflows-server-cluster-template + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: ClusterRoleBinding + name: argo-workflows-workflow-controller + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: ClusterRoleBinding + name: argo-workflows-workflow-controller-cluster-template + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: Role + name: argo-workflows-workflow + namespace: argo-workflows + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: Role + name: argo-workflows-workflow + namespace: default + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: RoleBinding + name: argo-workflows-workflow + namespace: argo-workflows + status: Synced + version: v1 + - group: rbac.authorization.k8s.io + kind: RoleBinding + name: argo-workflows-workflow + namespace: default + status: Synced + version: v1 + sourceHydrator: {} + sourceType: Helm + summary: + externalURLs: + - 'https://argo-workflows.hankeln.work/' + images: + - 'quay.io/argoproj/argocli:v3.7.3' + - 'quay.io/argoproj/workflow-controller:v3.7.3' + sync: + comparedTo: + destination: + name: in-cluster + namespace: argo-workflows + source: + chart: argo-workflows + helm: + valuesObject: + controller: + podSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 12m + memory: 70M + volumeMounts: + - mountPath: /tmp + name: tmp + volumes: + - emptyDir: {} + name: tmp + crds: + keep: false + executor: + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + server: + extraArgs: + - '--auth-mode=server' + ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-dns01-issuer + enabled: true + hosts: + - argo-workflows.hankeln.work + ingressClassName: nginx + tls: + - hosts: + - argo-workflows.hankeln.work + secretName: argo-workflows-cert + podSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 12m + memory: 50M + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + workflow: + serviceAccount: + create: true + repoURL: 'https://argoproj.github.io/argo-helm' + targetRevision: 0.45.27 + revision: 0.45.27 + status: Synced diff --git a/controller/testdata/schemas/application-openapi-v2.yaml b/controller/testdata/schemas/application-openapi-v2.yaml new file mode 100644 index 0000000000000..58ef5ba172f6d --- /dev/null +++ b/controller/testdata/schemas/application-openapi-v2.yaml @@ -0,0 +1,5993 @@ +swagger: "2.0" +info: + title: Application + version: "v1alpha1" +paths: {} +definitions: + io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference: + description: OwnerReference contains enough information to let you identify an + owning object. An owning object must be in the same namespace as the + dependent, or be cluster-scoped, so there is no namespace field. + type: object + required: + - apiVersion + - kind + - name + - uid + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" finalizer, + then the owner cannot be deleted from the key-value store until this + reference is removed. See + https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion + for how the garbage collector interacts with this field and enforces + the foreground deletion. Defaults to false. To set this field, a user + needs "delete" permission of the owner, otherwise 422 (Unprocessable + Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean + kind: + description: "Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-\ + conventions.md#types-kinds" + type: string + name: + description: "Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/nam\ + es#names" + type: string + uid: + description: "UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/nam\ + es#uids" + type: string + x-kubernetes-map-type: atomic + io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1: + description: >- + FieldsV1 stores a set of fields in a data structure like a Trie, in JSON + format. + + + Each key is either a '.' representing the field itself, and will always + map to an empty set, or a string representing a sub-field or item. The + string will follow one of these four formats: 'f:', where is + the name of a field in a struct, or key in a map 'v:', where + is the exact json formatted value of a list item 'i:', + where is position of a item in a list 'k:', where is + a map of a list item's key fields to their unique values If a key maps to + an empty Fields value, the field that key represents is part of the set. + + + The exact format is defined in sigs.k8s.io/structured-merge-diff + type: object + io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry: + description: ManagedFieldsEntry is a workflow-id, a FieldSet and the group + version of the resource that the fieldset applies to. + type: object + properties: + apiVersion: + description: APIVersion defines the version of this resource that this field set + applies to. The format is "group/version" just like the top-level + APIVersion field. It is necessary to track the version of a field set + because it cannot be automatically converted. + type: string + fieldsType: + description: 'FieldsType is the discriminator for the different fields format + and version. There is currently only one possible value: "FieldsV1"' + type: string + fieldsV1: + description: FieldsV1 holds the first JSON version format as described in the + "FieldsV1" type. + $ref: "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.FieldsV1" + manager: + description: Manager is an identifier of the workflow managing these fields. + type: string + operation: + description: Operation is the type of operation which lead to this + ManagedFieldsEntry being created. The only valid values for this field + are 'Apply' and 'Update'. + type: string + subresource: + description: Subresource is the name of the subresource used to update that + object, or empty string if the object was updated through the main + resource. The value of this field is used to distinguish between + managers, even if they share the same name. For example, a status + update will be distinct from a regular update using the same manager + name. Note that the APIVersion field is not related to the Subresource + field and it always corresponds to the version of the main resource. + type: string + time: + description: Time is the timestamp of when the ManagedFields entry was added. + The timestamp will also be updated if a field is added, the manager + changes any of the owned fields value or removes a field. The + timestamp does not update when a field is removed from the entry + because another manager took it over. + $ref: "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" + io.k8s.apimachinery.pkg.apis.meta.v1.Time: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of the + factory methods that the time package offers. + type: string + format: date-time + io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta: + description: ObjectMeta is metadata that all persisted resources must have, + which includes all objects users must create. + type: object + properties: + annotations: + description: "Annotations is an unstructured key value map stored with a + resource that may be set by external tools to store and retrieve + arbitrary metadata. They are not queryable and should be preserved + when modifying objects. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/ann\ + otations" + type: object + additionalProperties: + type: string + creationTimestamp: + description: |- + CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + + Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + $ref: "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully terminate + before it will be removed from the system. Only set when + deletionTimestamp is also set. May only be shortened. Read-only. + type: integer + format: int64 + deletionTimestamp: + description: |- + DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. + + Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + $ref: "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Time" + finalizers: + description: Must be empty before the object is deleted from the registry. Each + entry is an identifier for the responsible component that will remove + the entry from the list. If the deletionTimestamp of the object is + non-nil, entries in this list can only be removed. Finalizers may be + processed and removed in any order. Order is NOT enforced because it + introduces significant risk of stuck finalizers. finalizers is a + shared field, any actor with permission can reorder it. If the + finalizer list is processed in order, then this can lead to a + situation in which the component responsible for the first finalizer + in the list is waiting for a signal (field value, external system, or + other) produced by a component responsible for a finalizer later in + the list, resulting in a deadlock. Without enforced ordering + finalizers are free to order amongst themselves and are not vulnerable + to ordering changes in the list. + type: array + items: + type: string + x-kubernetes-list-type: set + x-kubernetes-patch-strategy: merge + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will return a 409. + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation of the desired + state. Populated by the system. Read-only. + type: integer + format: int64 + labels: + description: "Map of string keys and values that can be used to organize and + categorize (scope and select) objects. May match selectors of + replication controllers and services. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/lab\ + els" + type: object + additionalProperties: + type: string + managedFields: + description: ManagedFields maps workflow-id and version to the set of fields + that are managed by that workflow. This is mostly for internal + housekeeping, and users typically shouldn't need to set or understand + this field. A workflow can be the user's name, a controller's name, or + the name of a specific apply path like "ci-cd". The set of fields is + always in the version that the workflow used when modifying the + object. + type: array + items: + $ref: "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry" + x-kubernetes-list-type: atomic + name: + description: "Name must be unique within a namespace. Is required when creating + resources, although some resources may allow a client to request the + generation of an appropriate name automatically. Name is primarily + intended for creation idempotence and configuration definition. Cannot + be updated. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/nam\ + es#names" + type: string + namespace: + description: |- + Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects in the list + have been deleted, this object will be garbage collected. If this + object is managed by a controller, then an entry in this list will + point to this controller, with the controller field set to true. There + cannot be more than one managing controller. + type: array + items: + $ref: "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference" + x-kubernetes-list-map-keys: + - uid + x-kubernetes-list-type: map + x-kubernetes-patch-merge-key: uid + x-kubernetes-patch-strategy: merge + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: "Deprecated: selfLink is a legacy read-only field that is no longer + populated by the system." + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids + type: string + io.argoproj.v1alpha1.Application: + description: Application is a definition of Application resource. + type: object + required: + - metadata + - spec + properties: + apiVersion: + description: "APIVersion defines the versioned schema of this representation of + an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-\ + conventions.md#resources" + type: string + kind: + description: "Kind is a string value representing the REST resource this object + represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-\ + conventions.md#types-kinds" + type: string + metadata: + description: "Standard object's metadata. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-\ + conventions.md#metadata" + $ref: "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta" + operation: + description: Operation contains information about a requested or running operation + type: object + properties: + info: + description: Info is a list of informational items for this operation + type: array + items: + type: object + required: + - name + - value + properties: + name: + type: string + value: + type: string + initiatedBy: + description: InitiatedBy contains information about who initiated the operations + type: object + properties: + automated: + description: Automated is set to true if operation was initiated automatically + by the application controller. + type: boolean + username: + description: Username contains the name of a user who started operation + type: string + retry: + description: Retry controls the strategy to apply if a sync fails + type: object + properties: + backoff: + description: Backoff controls how to backoff on subsequent retries of failed + syncs + type: object + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but + could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed + retry + type: integer + format: int64 + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff + strategy + type: string + limit: + description: Limit is the maximum number of attempts for retrying a failed sync. + If set to 0, no retries will be performed. + type: integer + format: int64 + sync: + description: Sync contains parameters for the operation + type: object + properties: + autoHealAttemptsCount: + description: SelfHealAttemptsCount contains the number of auto-heal attempts + type: integer + format: int64 + dryRun: + description: DryRun specifies to perform a `kubectl apply --dry-run` without + actually performing the sync + type: boolean + manifests: + description: Manifests is an optional field that overrides sync source with a + local directory for development + type: array + items: + type: string + prune: + description: Prune specifies to delete resources from the cluster that are no + longer tracked in git + type: boolean + resources: + description: Resources describes which resources shall be part of the sync + type: array + items: + description: SyncOperationResource contains resources to sync. + type: object + required: + - kind + - name + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + revision: + description: >- + Revision is the revision (Git) or chart version (Helm) which + to sync the application to + + If omitted, will use the revision specified in app spec. + type: string + revisions: + description: >- + Revisions is the list of revision (Git) or chart version + (Helm) which to sync each source in sources field for the + application to + + If omitted, will use the revision specified in app spec. + type: array + items: + type: string + source: + description: >- + Source overrides the source definition set in the application. + + This is typically set in a Rollback operation and is nil + during a Sync operation + type: object + required: + - repoURL + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications + sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + type: object + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should + be explicitly excluded from being used during manifest + generation + type: string + include: + description: Include contains a glob pattern to match paths against that should + be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + type: object + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + libs: + description: Additional library search dirs + type: array + items: + type: string + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + recurse: + description: Recurse specifies whether to scan a directory recursively for + manifests + type: boolean + helm: + description: Helm holds helm specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating manifests. By + default, + + Argo CD uses the API versions of the target cluster. + The format is [group/]version/kind. + type: array + items: + type: string + fileParameters: + description: FileParameters are file parameters to the helm template + type: array + items: + description: HelmFileParameter is a file parameter that's passed to helm + template during manifest generation + type: object + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm + parameter + type: string + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template from failing when + valueFiles do not exist locally by not appending them + to helm template --values + type: boolean + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version to + pass to Helm when templating manifests. By default, + Argo CD + + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template with. If left empty, + defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which are passed to the + helm template command upon manifest generation + type: array + items: + description: HelmParameter is a parameter that's passed to helm template during + manifest generation + type: object + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans + and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + passCredentials: + description: PassCredentials pass credentials to all domains (Helm's + --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use + the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation step (Helm's + --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation (Helm's + --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step (Helm's + --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a + template + type: array + items: + type: string + values: + description: Values specifies Helm values to be passed to helm template, + typically defined as a block. ValuesObject takes + precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed to helm template, + defined as a map. This takes precedence over Values. + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating ("3") + type: string + kustomize: + description: Kustomize holds kustomize specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating manifests. By + default, + + Argo CD uses the API versions of the target cluster. + The format is [group/]version/kind. + type: array + items: + type: string + commonAnnotations: + description: CommonAnnotations is a list of additional annotations to add to + rendered manifests + type: object + additionalProperties: + type: string + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to apply env variables + substitution for annotation values + type: boolean + commonLabels: + description: CommonLabels is a list of additional labels to add to rendered + manifests + type: object + additionalProperties: + type: string + components: + description: Components specifies a list of kustomize components to add to the + kustomization before building + type: array + items: + type: string + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common + annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels + to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from failing when + components do not exist locally by not appending them + to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override specifications + type: array + items: + description: KustomizeImage represents a Kustomize image definition in the + format [old_image_name=]: + type: string + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version to + pass to Helm when templating manifests. By default, + Argo CD + + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply common labels to + resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply common labels to + resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + type: array + items: + type: object + properties: + options: + type: object + additionalProperties: + type: boolean + patch: + type: string + path: + type: string + target: + type: object + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override specifications + type: array + items: + type: object + required: + - count + - name + properties: + count: + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + version: + description: Version controls which version of Kustomize to use for rendering + manifests + type: string + name: + description: Name is used to refer to a source and is displayed in the UI. It is + used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, and is only + valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + type: object + properties: + env: + description: Env is a list of environment variable entries + type: array + items: + description: EnvEntry represents an entry in the application's environment + type: object + required: + - name + - value + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + name: + type: string + parameters: + type: array + items: + type: object + properties: + array: + description: Array is the value of an array type parameter. + type: array + items: + type: string + map: + description: Map is the value of a map type parameter. + type: object + additionalProperties: + type: string + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + ref: + description: Ref is reference to another source within sources field. This field + will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains + the application manifests + type: string + targetRevision: + description: >- + TargetRevision defines the revision of the source to sync + the application to. + + In case of Git, this can be commit, tag, or branch. If + omitted, will equal to HEAD. + + In case of Helm, this is a semver tag for the Chart's + version. + type: string + sources: + description: >- + Sources overrides the source definition set in the + application. + + This is typically set in a Rollback operation and is nil + during a Sync operation + type: array + items: + description: ApplicationSource contains all required information about the + source of an application + type: object + required: + - repoURL + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications + sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + type: object + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should + be explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should + be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + type: object + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + libs: + description: Additional library search dirs + type: array + items: + type: string + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + recurse: + description: Recurse specifies whether to scan a directory recursively for + manifests + type: boolean + helm: + description: Helm holds helm specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating manifests. + By default, + + Argo CD uses the API versions of the target cluster. + The format is [group/]version/kind. + type: array + items: + type: string + fileParameters: + description: FileParameters are file parameters to the helm template + type: array + items: + description: HelmFileParameter is a file parameter that's passed to helm + template during manifest generation + type: object + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm + parameter + type: string + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template from failing when + valueFiles do not exist locally by not appending + them to helm template --values + type: boolean + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version to + pass to Helm when templating manifests. By default, + Argo CD + + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template with. If left empty, + defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which are passed to the + helm template command upon manifest generation + type: array + items: + description: HelmParameter is a parameter that's passed to helm template during + manifest generation + type: object + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans + and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + passCredentials: + description: PassCredentials pass credentials to all domains (Helm's + --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use + the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation step (Helm's + --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation (Helm's + --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step (Helm's + --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a + template + type: array + items: + type: string + values: + description: Values specifies Helm values to be passed to helm template, + typically defined as a block. ValuesObject takes + precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed to helm template, + defined as a map. This takes precedence over Values. + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating ("3") + type: string + kustomize: + description: Kustomize holds kustomize specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating manifests. + By default, + + Argo CD uses the API versions of the target cluster. + The format is [group/]version/kind. + type: array + items: + type: string + commonAnnotations: + description: CommonAnnotations is a list of additional annotations to add to + rendered manifests + type: object + additionalProperties: + type: string + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to apply env variables + substitution for annotation values + type: boolean + commonLabels: + description: CommonLabels is a list of additional labels to add to rendered + manifests + type: object + additionalProperties: + type: string + components: + description: Components specifies a list of kustomize components to add to the + kustomization before building + type: array + items: + type: string + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common + annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels + to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from failing when + components do not exist locally by not appending + them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override specifications + type: array + items: + description: KustomizeImage represents a Kustomize image definition in the + format [old_image_name=]: + type: string + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version to + pass to Helm when templating manifests. By default, + Argo CD + + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply common labels to + resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply common labels to + resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + type: array + items: + type: object + properties: + options: + type: object + additionalProperties: + type: boolean + patch: + type: string + path: + type: string + target: + type: object + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override specifications + type: array + items: + type: object + required: + - count + - name + properties: + count: + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + version: + description: Version controls which version of Kustomize to use for rendering + manifests + type: string + name: + description: Name is used to refer to a source and is displayed in the UI. It is + used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, and is only + valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + type: object + properties: + env: + description: Env is a list of environment variable entries + type: array + items: + description: EnvEntry represents an entry in the application's environment + type: object + required: + - name + - value + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + name: + type: string + parameters: + type: array + items: + type: object + properties: + array: + description: Array is the value of an array type parameter. + type: array + items: + type: string + map: + description: Map is the value of a map type parameter. + type: object + additionalProperties: + type: string + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + ref: + description: Ref is reference to another source within sources field. This field + will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains + the application manifests + type: string + targetRevision: + description: >- + TargetRevision defines the revision of the source to + sync the application to. + + In case of Git, this can be commit, tag, or branch. If + omitted, will equal to HEAD. + + In case of Helm, this is a semver tag for the Chart's + version. + type: string + syncOptions: + description: SyncOptions provide per-sync sync-options, e.g. Validate=false + type: array + items: + type: string + syncStrategy: + description: SyncStrategy describes how to perform the sync + type: object + properties: + apply: + description: Apply will perform a `kubectl apply` to perform the sync. + type: object + properties: + force: + description: >- + Force indicates whether or not to supply the --force + flag to `kubectl apply`. + + The --force flag deletes and re-create the resource, + when PATCH encounters conflict and has + + retried for 5 times. + type: boolean + hook: + description: Hook will submit any referenced resources to perform the sync. This + is the default strategy + type: object + properties: + force: + description: >- + Force indicates whether or not to supply the --force + flag to `kubectl apply`. + + The --force flag deletes and re-create the resource, + when PATCH encounters conflict and has + + retried for 5 times. + type: boolean + spec: + description: ApplicationSpec represents desired application state. Contains link + to repository with application definition and additional parameters + link definition revision. + type: object + required: + - destination + - project + properties: + destination: + description: Destination is a reference to the target Kubernetes server and + namespace + type: object + properties: + name: + description: Name is an alternate way of specifying the target cluster by its + symbolic name. This must be set if Server is not set. + type: string + namespace: + description: >- + Namespace specifies the target namespace for the application's + resources. + + The namespace will only be set for namespace-scoped resources + that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster's Kubernetes control + plane API. This must be set if Name is not set. + type: string + ignoreDifferences: + description: IgnoreDifferences is a list of resources and their fields which + should be ignored during comparison + type: array + items: + description: ResourceIgnoreDifferences contains resource filter and list of json + paths which should be ignored during comparison with live state. + type: object + required: + - kind + properties: + group: + type: string + jqPathExpressions: + type: array + items: + type: string + jsonPointers: + type: array + items: + type: string + kind: + type: string + managedFieldsManagers: + description: >- + ManagedFieldsManagers is a list of trusted managers. Fields + mutated by those managers will take precedence over the + + desired state defined in the SCM and won't be displayed in + diffs + type: array + items: + type: string + name: + type: string + namespace: + type: string + info: + description: Info contains a list of information (URLs, email addresses, and + plain text) that relates to the application + type: array + items: + type: object + required: + - name + - value + properties: + name: + type: string + value: + type: string + project: + description: >- + Project is a reference to the project this application belongs to. + + The empty string means that application belongs to the 'default' + project. + type: string + revisionHistoryLimit: + description: >- + RevisionHistoryLimit limits the number of items kept in the + application's revision history, which is used for informational + purposes as well as for rollbacks to previous versions. + + This should only be changed in exceptional circumstances. + + Setting to zero will store no history. This will reduce storage + used. + + Increasing will increase the space used to store the history, so + we do not recommend increasing it. + + Default is 10. + type: integer + format: int64 + source: + description: Source is a reference to the location of the application's + manifests or chart + type: object + required: + - repoURL + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications + sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + type: object + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should + be explicitly excluded from being used during manifest + generation + type: string + include: + description: Include contains a glob pattern to match paths against that should + be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + type: object + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + libs: + description: Additional library search dirs + type: array + items: + type: string + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + recurse: + description: Recurse specifies whether to scan a directory recursively for + manifests + type: boolean + helm: + description: Helm holds helm specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API versions + to pass to Helm when templating manifests. By default, + + Argo CD uses the API versions of the target cluster. The + format is [group/]version/kind. + type: array + items: + type: string + fileParameters: + description: FileParameters are file parameters to the helm template + type: array + items: + description: HelmFileParameter is a file parameter that's passed to helm + template during manifest generation + type: object + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm + parameter + type: string + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template from failing when + valueFiles do not exist locally by not appending them to + helm template --values + type: boolean + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version to pass + to Helm when templating manifests. By default, Argo CD + + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template with. If left empty, + defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which are passed to the + helm template command upon manifest generation + type: array + items: + description: HelmParameter is a parameter that's passed to helm template during + manifest generation + type: object + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans + and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + passCredentials: + description: PassCredentials pass credentials to all domains (Helm's + --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use + the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation step (Helm's + --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation (Helm's + --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step (Helm's + --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a + template + type: array + items: + type: string + values: + description: Values specifies Helm values to be passed to helm template, + typically defined as a block. ValuesObject takes + precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed to helm template, + defined as a map. This takes precedence over Values. + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating ("3") + type: string + kustomize: + description: Kustomize holds kustomize specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API versions + to pass to Helm when templating manifests. By default, + + Argo CD uses the API versions of the target cluster. The + format is [group/]version/kind. + type: array + items: + type: string + commonAnnotations: + description: CommonAnnotations is a list of additional annotations to add to + rendered manifests + type: object + additionalProperties: + type: string + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to apply env variables + substitution for annotation values + type: boolean + commonLabels: + description: CommonLabels is a list of additional labels to add to rendered + manifests + type: object + additionalProperties: + type: string + components: + description: Components specifies a list of kustomize components to add to the + kustomization before building + type: array + items: + type: string + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common + annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels + to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from failing when + components do not exist locally by not appending them to + kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override specifications + type: array + items: + description: KustomizeImage represents a Kustomize image definition in the + format [old_image_name=]: + type: string + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version to pass + to Helm when templating manifests. By default, Argo CD + + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply common labels to + resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply common labels to + resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + type: array + items: + type: object + properties: + options: + type: object + additionalProperties: + type: boolean + patch: + type: string + path: + type: string + target: + type: object + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override specifications + type: array + items: + type: object + required: + - count + - name + properties: + count: + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + version: + description: Version controls which version of Kustomize to use for rendering + manifests + type: string + name: + description: Name is used to refer to a source and is displayed in the UI. It is + used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, and is only + valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + type: object + properties: + env: + description: Env is a list of environment variable entries + type: array + items: + description: EnvEntry represents an entry in the application's environment + type: object + required: + - name + - value + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + name: + type: string + parameters: + type: array + items: + type: object + properties: + array: + description: Array is the value of an array type parameter. + type: array + items: + type: string + map: + description: Map is the value of a map type parameter. + type: object + additionalProperties: + type: string + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + ref: + description: Ref is reference to another source within sources field. This field + will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains + the application manifests + type: string + targetRevision: + description: >- + TargetRevision defines the revision of the source to sync the + application to. + + In case of Git, this can be commit, tag, or branch. If + omitted, will equal to HEAD. + + In case of Helm, this is a semver tag for the Chart's version. + type: string + sourceHydrator: + description: SourceHydrator provides a way to push hydrated manifests back to + git before syncing them to the cluster. + type: object + required: + - drySource + - syncSource + properties: + drySource: + description: DrySource specifies where the dry "don't repeat yourself" manifest + source lives. + type: object + required: + - path + - repoURL + - targetRevision + properties: + path: + description: Path is a directory path within the Git repository where the + manifests are located + type: string + repoURL: + description: RepoURL is the URL to the git repository that contains the + application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source to hydrate + type: string + hydrateTo: + description: >- + HydrateTo specifies an optional "staging" location to push + hydrated manifests to. An external system would then + + have to move manifests to the SyncSource, e.g. by pull + request. + type: object + required: + - targetBranch + properties: + targetBranch: + description: TargetBranch is the branch to which hydrated manifests should be + committed + type: string + syncSource: + description: SyncSource specifies where to sync hydrated manifests from. + type: object + required: + - path + - targetBranch + properties: + path: + description: >- + Path is a directory path within the git repository where + hydrated manifests should be committed to and synced + + from. If hydrateTo is set, this is just the path from + which hydrated manifests will be synced. + type: string + targetBranch: + description: TargetBranch is the branch to which hydrated manifests should be + committed + type: string + sources: + description: Sources is a reference to the location of the application's + manifests or chart + type: array + items: + description: ApplicationSource contains all required information about the + source of an application + type: object + required: + - repoURL + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications + sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + type: object + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should + be explicitly excluded from being used during manifest + generation + type: string + include: + description: Include contains a glob pattern to match paths against that should + be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + type: object + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + libs: + description: Additional library search dirs + type: array + items: + type: string + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + recurse: + description: Recurse specifies whether to scan a directory recursively for + manifests + type: boolean + helm: + description: Helm holds helm specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating manifests. By + default, + + Argo CD uses the API versions of the target cluster. The + format is [group/]version/kind. + type: array + items: + type: string + fileParameters: + description: FileParameters are file parameters to the helm template + type: array + items: + description: HelmFileParameter is a file parameter that's passed to helm + template during manifest generation + type: object + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm + parameter + type: string + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template from failing when + valueFiles do not exist locally by not appending them to + helm template --values + type: boolean + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version to pass + to Helm when templating manifests. By default, Argo CD + + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template with. If left empty, + defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which are passed to the + helm template command upon manifest generation + type: array + items: + description: HelmParameter is a parameter that's passed to helm template during + manifest generation + type: object + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans + and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + passCredentials: + description: PassCredentials pass credentials to all domains (Helm's + --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use + the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation step (Helm's + --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation (Helm's + --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step (Helm's + --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a + template + type: array + items: + type: string + values: + description: Values specifies Helm values to be passed to helm template, + typically defined as a block. ValuesObject takes + precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed to helm template, + defined as a map. This takes precedence over Values. + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating ("3") + type: string + kustomize: + description: Kustomize holds kustomize specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating manifests. By + default, + + Argo CD uses the API versions of the target cluster. The + format is [group/]version/kind. + type: array + items: + type: string + commonAnnotations: + description: CommonAnnotations is a list of additional annotations to add to + rendered manifests + type: object + additionalProperties: + type: string + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to apply env variables + substitution for annotation values + type: boolean + commonLabels: + description: CommonLabels is a list of additional labels to add to rendered + manifests + type: object + additionalProperties: + type: string + components: + description: Components specifies a list of kustomize components to add to the + kustomization before building + type: array + items: + type: string + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common + annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels + to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from failing when + components do not exist locally by not appending them to + kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override specifications + type: array + items: + description: KustomizeImage represents a Kustomize image definition in the + format [old_image_name=]: + type: string + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version to pass + to Helm when templating manifests. By default, Argo CD + + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply common labels to + resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply common labels to + resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + type: array + items: + type: object + properties: + options: + type: object + additionalProperties: + type: boolean + patch: + type: string + path: + type: string + target: + type: object + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override specifications + type: array + items: + type: object + required: + - count + - name + properties: + count: + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + version: + description: Version controls which version of Kustomize to use for rendering + manifests + type: string + name: + description: Name is used to refer to a source and is displayed in the UI. It is + used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, and is only + valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + type: object + properties: + env: + description: Env is a list of environment variable entries + type: array + items: + description: EnvEntry represents an entry in the application's environment + type: object + required: + - name + - value + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + name: + type: string + parameters: + type: array + items: + type: object + properties: + array: + description: Array is the value of an array type parameter. + type: array + items: + type: string + map: + description: Map is the value of a map type parameter. + type: object + additionalProperties: + type: string + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + ref: + description: Ref is reference to another source within sources field. This field + will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains + the application manifests + type: string + targetRevision: + description: >- + TargetRevision defines the revision of the source to sync + the application to. + + In case of Git, this can be commit, tag, or branch. If + omitted, will equal to HEAD. + + In case of Helm, this is a semver tag for the Chart's + version. + type: string + syncPolicy: + description: SyncPolicy controls when and how a sync will be performed + type: object + properties: + automated: + description: Automated will keep an application synced to the target revision + type: object + properties: + allowEmpty: + description: "AllowEmpty allows apps have zero live resources (default: false)" + type: boolean + enabled: + description: Enable allows apps to explicitly control automated sync + type: boolean + prune: + description: "Prune specifies whether to delete resources from the cluster that + are not found in the sources anymore as part of automated + sync (default: false)" + type: boolean + selfHeal: + description: "SelfHeal specifies whether to revert resources back to their + desired state upon modification in the cluster (default: + false)" + type: boolean + managedNamespaceMetadata: + description: ManagedNamespaceMetadata controls metadata in the given namespace + (if CreateNamespace=true) + type: object + properties: + annotations: + type: object + additionalProperties: + type: string + labels: + type: object + additionalProperties: + type: string + retry: + description: Retry controls failed sync retry behavior + type: object + properties: + backoff: + description: Backoff controls how to backoff on subsequent retries of failed + syncs + type: object + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but + could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed + retry + type: integer + format: int64 + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff + strategy + type: string + limit: + description: Limit is the maximum number of attempts for retrying a failed sync. + If set to 0, no retries will be performed. + type: integer + format: int64 + syncOptions: + description: Options allow you to specify whole app sync-options + type: array + items: + type: string + status: + description: ApplicationStatus contains status information for the application + type: object + properties: + conditions: + description: Conditions is a list of currently observed application conditions + type: array + items: + description: ApplicationCondition contains details about an application + condition, which is usually an error or warning + type: object + required: + - message + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the time the condition was last observed + type: string + format: date-time + message: + description: Message contains human-readable message indicating details about + condition + type: string + type: + description: Type is an application condition type + type: string + controllerNamespace: + description: ControllerNamespace indicates the namespace in which the + application controller is located + type: string + health: + description: Health contains information about the application's current health + status + type: object + properties: + lastTransitionTime: + description: LastTransitionTime is the time the HealthStatus was set or updated + type: string + format: date-time + message: + description: >- + Message is a human-readable informational message describing + the health status + + + Deprecated: this field is not used and will be removed in a + future release. + type: string + status: + description: Status holds the status code of the application + type: string + history: + description: History contains information about the application's sync history + type: array + items: + description: RevisionHistory contains history information about a previous sync + type: object + required: + - deployedAt + - id + properties: + deployStartedAt: + description: DeployStartedAt holds the time the sync operation started + type: string + format: date-time + deployedAt: + description: DeployedAt holds the time the sync operation completed + type: string + format: date-time + id: + description: ID is an auto incrementing identifier of the RevisionHistory + type: integer + format: int64 + initiatedBy: + description: InitiatedBy contains information about who initiated the operations + type: object + properties: + automated: + description: Automated is set to true if operation was initiated automatically + by the application controller. + type: boolean + username: + description: Username contains the name of a user who started operation + type: string + revision: + description: Revision holds the revision the sync was performed against + type: string + revisions: + description: Revisions holds the revision of each source in sources field the + sync was performed against + type: array + items: + type: string + source: + description: Source is a reference to the application source used for the sync + operation + type: object + required: + - repoURL + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications + sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + type: object + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should + be explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should + be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + type: object + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + libs: + description: Additional library search dirs + type: array + items: + type: string + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + recurse: + description: Recurse specifies whether to scan a directory recursively for + manifests + type: boolean + helm: + description: Helm holds helm specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating manifests. + By default, + + Argo CD uses the API versions of the target cluster. + The format is [group/]version/kind. + type: array + items: + type: string + fileParameters: + description: FileParameters are file parameters to the helm template + type: array + items: + description: HelmFileParameter is a file parameter that's passed to helm + template during manifest generation + type: object + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm + parameter + type: string + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template from failing when + valueFiles do not exist locally by not appending + them to helm template --values + type: boolean + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version to + pass to Helm when templating manifests. By default, + Argo CD + + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template with. If left empty, + defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which are passed to the + helm template command upon manifest generation + type: array + items: + description: HelmParameter is a parameter that's passed to helm template during + manifest generation + type: object + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans + and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + passCredentials: + description: PassCredentials pass credentials to all domains (Helm's + --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use + the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation step (Helm's + --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation (Helm's + --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step (Helm's + --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a + template + type: array + items: + type: string + values: + description: Values specifies Helm values to be passed to helm template, + typically defined as a block. ValuesObject takes + precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed to helm template, + defined as a map. This takes precedence over Values. + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating ("3") + type: string + kustomize: + description: Kustomize holds kustomize specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating manifests. + By default, + + Argo CD uses the API versions of the target cluster. + The format is [group/]version/kind. + type: array + items: + type: string + commonAnnotations: + description: CommonAnnotations is a list of additional annotations to add to + rendered manifests + type: object + additionalProperties: + type: string + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to apply env variables + substitution for annotation values + type: boolean + commonLabels: + description: CommonLabels is a list of additional labels to add to rendered + manifests + type: object + additionalProperties: + type: string + components: + description: Components specifies a list of kustomize components to add to the + kustomization before building + type: array + items: + type: string + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common + annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels + to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from failing when + components do not exist locally by not appending + them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override specifications + type: array + items: + description: KustomizeImage represents a Kustomize image definition in the + format [old_image_name=]: + type: string + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version to + pass to Helm when templating manifests. By default, + Argo CD + + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply common labels to + resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply common labels to + resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + type: array + items: + type: object + properties: + options: + type: object + additionalProperties: + type: boolean + patch: + type: string + path: + type: string + target: + type: object + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override specifications + type: array + items: + type: object + required: + - count + - name + properties: + count: + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + version: + description: Version controls which version of Kustomize to use for rendering + manifests + type: string + name: + description: Name is used to refer to a source and is displayed in the UI. It is + used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, and is only + valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + type: object + properties: + env: + description: Env is a list of environment variable entries + type: array + items: + description: EnvEntry represents an entry in the application's environment + type: object + required: + - name + - value + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + name: + type: string + parameters: + type: array + items: + type: object + properties: + array: + description: Array is the value of an array type parameter. + type: array + items: + type: string + map: + description: Map is the value of a map type parameter. + type: object + additionalProperties: + type: string + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + ref: + description: Ref is reference to another source within sources field. This field + will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains + the application manifests + type: string + targetRevision: + description: >- + TargetRevision defines the revision of the source to + sync the application to. + + In case of Git, this can be commit, tag, or branch. If + omitted, will equal to HEAD. + + In case of Helm, this is a semver tag for the Chart's + version. + type: string + sources: + description: Sources is a reference to the application sources used for the sync + operation + type: array + items: + description: ApplicationSource contains all required information about the + source of an application + type: object + required: + - repoURL + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications + sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + type: object + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should + be explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should + be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + type: object + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + libs: + description: Additional library search dirs + type: array + items: + type: string + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + recurse: + description: Recurse specifies whether to scan a directory recursively for + manifests + type: boolean + helm: + description: Helm holds helm specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating + manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + fileParameters: + description: FileParameters are file parameters to the helm template + type: array + items: + description: HelmFileParameter is a file parameter that's passed to helm + template during manifest generation + type: object + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm + parameter + type: string + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template from failing when + valueFiles do not exist locally by not appending + them to helm template --values + type: boolean + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version + to pass to Helm when templating manifests. By + default, Argo CD + + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template with. If left empty, + defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which are passed to the + helm template command upon manifest generation + type: array + items: + description: HelmParameter is a parameter that's passed to helm template during + manifest generation + type: object + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans + and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + passCredentials: + description: PassCredentials pass credentials to all domains (Helm's + --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use + the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation step (Helm's + --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation (Helm's + --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step (Helm's + --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a + template + type: array + items: + type: string + values: + description: Values specifies Helm values to be passed to helm template, + typically defined as a block. ValuesObject takes + precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed to helm template, + defined as a map. This takes precedence over + Values. + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating ("3") + type: string + kustomize: + description: Kustomize holds kustomize specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating + manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + commonAnnotations: + description: CommonAnnotations is a list of additional annotations to add to + rendered manifests + type: object + additionalProperties: + type: string + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to apply env variables + substitution for annotation values + type: boolean + commonLabels: + description: CommonLabels is a list of additional labels to add to rendered + manifests + type: object + additionalProperties: + type: string + components: + description: Components specifies a list of kustomize components to add to the + kustomization before building + type: array + items: + type: string + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common + annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels + to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from failing when + components do not exist locally by not appending + them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override specifications + type: array + items: + description: KustomizeImage represents a Kustomize image definition in the + format [old_image_name=]: + type: string + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version + to pass to Helm when templating manifests. By + default, Argo CD + + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply common labels to + resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply common labels to + resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + type: array + items: + type: object + properties: + options: + type: object + additionalProperties: + type: boolean + patch: + type: string + path: + type: string + target: + type: object + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override specifications + type: array + items: + type: object + required: + - count + - name + properties: + count: + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + version: + description: Version controls which version of Kustomize to use for rendering + manifests + type: string + name: + description: Name is used to refer to a source and is displayed in the UI. It is + used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, and is only + valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + type: object + properties: + env: + description: Env is a list of environment variable entries + type: array + items: + description: EnvEntry represents an entry in the application's environment + type: object + required: + - name + - value + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + name: + type: string + parameters: + type: array + items: + type: object + properties: + array: + description: Array is the value of an array type parameter. + type: array + items: + type: string + map: + description: Map is the value of a map type parameter. + type: object + additionalProperties: + type: string + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + ref: + description: Ref is reference to another source within sources field. This field + will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains + the application manifests + type: string + targetRevision: + description: >- + TargetRevision defines the revision of the source to + sync the application to. + + In case of Git, this can be commit, tag, or branch. If + omitted, will equal to HEAD. + + In case of Helm, this is a semver tag for the Chart's + version. + type: string + observedAt: + description: >- + ObservedAt indicates when the application state was updated + without querying latest git state + + Deprecated: controller no longer updates ObservedAt field + type: string + format: date-time + operationState: + description: OperationState contains information about any ongoing operations, + such as a sync + type: object + required: + - operation + - phase + - startedAt + properties: + finishedAt: + description: FinishedAt contains time of operation completion + type: string + format: date-time + message: + description: Message holds any pertinent messages when attempting to perform + operation (typically errors). + type: string + operation: + description: Operation is the original requested operation + type: object + properties: + info: + description: Info is a list of informational items for this operation + type: array + items: + type: object + required: + - name + - value + properties: + name: + type: string + value: + type: string + initiatedBy: + description: InitiatedBy contains information about who initiated the operations + type: object + properties: + automated: + description: Automated is set to true if operation was initiated automatically + by the application controller. + type: boolean + username: + description: Username contains the name of a user who started operation + type: string + retry: + description: Retry controls the strategy to apply if a sync fails + type: object + properties: + backoff: + description: Backoff controls how to backoff on subsequent retries of failed + syncs + type: object + properties: + duration: + description: Duration is the amount to back off. Default unit is seconds, but + could also be a duration (e.g. "2m", "1h") + type: string + factor: + description: Factor is a factor to multiply the base duration after each failed + retry + type: integer + format: int64 + maxDuration: + description: MaxDuration is the maximum amount of time allowed for the backoff + strategy + type: string + limit: + description: Limit is the maximum number of attempts for retrying a failed sync. + If set to 0, no retries will be performed. + type: integer + format: int64 + sync: + description: Sync contains parameters for the operation + type: object + properties: + autoHealAttemptsCount: + description: SelfHealAttemptsCount contains the number of auto-heal attempts + type: integer + format: int64 + dryRun: + description: DryRun specifies to perform a `kubectl apply --dry-run` without + actually performing the sync + type: boolean + manifests: + description: Manifests is an optional field that overrides sync source with a + local directory for development + type: array + items: + type: string + prune: + description: Prune specifies to delete resources from the cluster that are no + longer tracked in git + type: boolean + resources: + description: Resources describes which resources shall be part of the sync + type: array + items: + description: SyncOperationResource contains resources to sync. + type: object + required: + - kind + - name + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + revision: + description: >- + Revision is the revision (Git) or chart version (Helm) + which to sync the application to + + If omitted, will use the revision specified in app + spec. + type: string + revisions: + description: >- + Revisions is the list of revision (Git) or chart + version (Helm) which to sync each source in sources + field for the application to + + If omitted, will use the revision specified in app + spec. + type: array + items: + type: string + source: + description: >- + Source overrides the source definition set in the + application. + + This is typically set in a Rollback operation and is + nil during a Sync operation + type: object + required: + - repoURL + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications + sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + type: object + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should + be explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should + be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + type: object + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + libs: + description: Additional library search dirs + type: array + items: + type: string + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + recurse: + description: Recurse specifies whether to scan a directory recursively for + manifests + type: boolean + helm: + description: Helm holds helm specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource + API versions to pass to Helm when templating + manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + fileParameters: + description: FileParameters are file parameters to the helm template + type: array + items: + description: HelmFileParameter is a file parameter that's passed to helm + template during manifest generation + type: object + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm + parameter + type: string + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template from failing when + valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API + version to pass to Helm when templating + manifests. By default, Argo CD + + uses the Kubernetes version of the target + cluster. + type: string + namespace: + description: Namespace is an optional namespace to template with. If left empty, + defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which are passed to the + helm template command upon manifest generation + type: array + items: + description: HelmParameter is a parameter that's passed to helm template during + manifest generation + type: object + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans + and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + passCredentials: + description: PassCredentials pass credentials to all domains (Helm's + --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use + the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation step (Helm's + --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation (Helm's + --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step (Helm's + --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a + template + type: array + items: + type: string + values: + description: Values specifies Helm values to be passed to helm template, + typically defined as a block. ValuesObject + takes precedence over Values, so use one or + the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed to helm template, + defined as a map. This takes precedence over + Values. + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating ("3") + type: string + kustomize: + description: Kustomize holds kustomize specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource + API versions to pass to Helm when templating + manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + commonAnnotations: + description: CommonAnnotations is a list of additional annotations to add to + rendered manifests + type: object + additionalProperties: + type: string + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to apply env variables + substitution for annotation values + type: boolean + commonLabels: + description: CommonLabels is a list of additional labels to add to rendered + manifests + type: object + additionalProperties: + type: string + components: + description: Components specifies a list of kustomize components to add to the + kustomization before building + type: array + items: + type: string + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common + annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels + to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from failing when + components do not exist locally by not + appending them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override specifications + type: array + items: + description: KustomizeImage represents a Kustomize image definition in the + format + [old_image_name=]: + type: string + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API + version to pass to Helm when templating + manifests. By default, Argo CD + + uses the Kubernetes version of the target + cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply common labels to + resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply common labels to + resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + type: array + items: + type: object + properties: + options: + type: object + additionalProperties: + type: boolean + patch: + type: string + path: + type: string + target: + type: object + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override specifications + type: array + items: + type: object + required: + - count + - name + properties: + count: + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + version: + description: Version controls which version of Kustomize to use for rendering + manifests + type: string + name: + description: Name is used to refer to a source and is displayed in the UI. It is + used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, and is only + valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + type: object + properties: + env: + description: Env is a list of environment variable entries + type: array + items: + description: EnvEntry represents an entry in the application's environment + type: object + required: + - name + - value + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + name: + type: string + parameters: + type: array + items: + type: object + properties: + array: + description: Array is the value of an array type parameter. + type: array + items: + type: string + map: + description: Map is the value of a map type parameter. + type: object + additionalProperties: + type: string + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + ref: + description: Ref is reference to another source within sources field. This field + will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains + the application manifests + type: string + targetRevision: + description: >- + TargetRevision defines the revision of the source + to sync the application to. + + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. + + In case of Helm, this is a semver tag for the + Chart's version. + type: string + sources: + description: >- + Sources overrides the source definition set in the + application. + + This is typically set in a Rollback operation and is + nil during a Sync operation + type: array + items: + description: ApplicationSource contains all required information about the + source of an application + type: object + required: + - repoURL + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications + sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + type: object + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should + be explicitly excluded from being used + during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should + be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + type: object + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + libs: + description: Additional library search dirs + type: array + items: + type: string + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + recurse: + description: Recurse specifies whether to scan a directory recursively for + manifests + type: boolean + helm: + description: Helm holds helm specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes + resource API versions to pass to Helm when + templating manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + fileParameters: + description: FileParameters are file parameters to the helm template + type: array + items: + description: HelmFileParameter is a file parameter that's passed to helm + template during manifest generation + type: object + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm + parameter + type: string + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template from failing when + valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API + version to pass to Helm when templating + manifests. By default, Argo CD + + uses the Kubernetes version of the target + cluster. + type: string + namespace: + description: Namespace is an optional namespace to template with. If left empty, + defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which are passed to the + helm template command upon manifest + generation + type: array + items: + description: HelmParameter is a parameter that's passed to helm template during + manifest generation + type: object + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans + and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + passCredentials: + description: PassCredentials pass credentials to all domains (Helm's + --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use + the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation step (Helm's + --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation (Helm's + --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step (Helm's + --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a + template + type: array + items: + type: string + values: + description: Values specifies Helm values to be passed to helm template, + typically defined as a block. ValuesObject + takes precedence over Values, so use one or + the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed to helm template, + defined as a map. This takes precedence over + Values. + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating ("3") + type: string + kustomize: + description: Kustomize holds kustomize specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes + resource API versions to pass to Helm when + templating manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + commonAnnotations: + description: CommonAnnotations is a list of additional annotations to add to + rendered manifests + type: object + additionalProperties: + type: string + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to apply env variables + substitution for annotation values + type: boolean + commonLabels: + description: CommonLabels is a list of additional labels to add to rendered + manifests + type: object + additionalProperties: + type: string + components: + description: Components specifies a list of kustomize components to add to the + kustomization before building + type: array + items: + type: string + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common + annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels + to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from failing when + components do not exist locally by not + appending them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override specifications + type: array + items: + description: KustomizeImage represents a Kustomize image definition in the + format + [old_image_name=]: + type: string + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API + version to pass to Helm when templating + manifests. By default, Argo CD + + uses the Kubernetes version of the target + cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply common labels to + resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply common labels to + resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + type: array + items: + type: object + properties: + options: + type: object + additionalProperties: + type: boolean + patch: + type: string + path: + type: string + target: + type: object + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override specifications + type: array + items: + type: object + required: + - count + - name + properties: + count: + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + version: + description: Version controls which version of Kustomize to use for rendering + manifests + type: string + name: + description: Name is used to refer to a source and is displayed in the UI. It is + used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, and is only + valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + type: object + properties: + env: + description: Env is a list of environment variable entries + type: array + items: + description: EnvEntry represents an entry in the application's environment + type: object + required: + - name + - value + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + name: + type: string + parameters: + type: array + items: + type: object + properties: + array: + description: Array is the value of an array type parameter. + type: array + items: + type: string + map: + description: Map is the value of a map type parameter. + type: object + additionalProperties: + type: string + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + ref: + description: Ref is reference to another source within sources field. This field + will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains + the application manifests + type: string + targetRevision: + description: >- + TargetRevision defines the revision of the + source to sync the application to. + + In case of Git, this can be commit, tag, or + branch. If omitted, will equal to HEAD. + + In case of Helm, this is a semver tag for the + Chart's version. + type: string + syncOptions: + description: SyncOptions provide per-sync sync-options, e.g. Validate=false + type: array + items: + type: string + syncStrategy: + description: SyncStrategy describes how to perform the sync + type: object + properties: + apply: + description: Apply will perform a `kubectl apply` to perform the sync. + type: object + properties: + force: + description: >- + Force indicates whether or not to supply the + --force flag to `kubectl apply`. + + The --force flag deletes and re-create the + resource, when PATCH encounters conflict and + has + + retried for 5 times. + type: boolean + hook: + description: Hook will submit any referenced resources to perform the sync. This + is the default strategy + type: object + properties: + force: + description: >- + Force indicates whether or not to supply the + --force flag to `kubectl apply`. + + The --force flag deletes and re-create the + resource, when PATCH encounters conflict and + has + + retried for 5 times. + type: boolean + phase: + description: Phase is the current phase of the operation + type: string + retryCount: + description: RetryCount contains time of operation retries + type: integer + format: int64 + startedAt: + description: StartedAt contains time of operation start + type: string + format: date-time + syncResult: + description: SyncResult is the result of a Sync operation + type: object + required: + - revision + properties: + managedNamespaceMetadata: + description: ManagedNamespaceMetadata contains the current sync state of managed + namespace metadata + type: object + properties: + annotations: + type: object + additionalProperties: + type: string + labels: + type: object + additionalProperties: + type: string + resources: + description: Resources contains a list of sync result items for each individual + resource in a sync operation + type: array + items: + description: ResourceResult holds the operation result details of a specific + resource + type: object + required: + - group + - kind + - name + - namespace + - version + properties: + group: + description: Group specifies the API group of the resource + type: string + hookPhase: + description: >- + HookPhase contains the state of any operation + associated with this resource OR hook + + This can also contain values for non-hook resources. + type: string + hookType: + description: HookType specifies the type of the hook. Empty for non-hook + resources + type: string + images: + description: Images contains the images related to the ResourceResult + type: array + items: + type: string + kind: + description: Kind specifies the API kind of the resource + type: string + message: + description: Message contains an informational or error message for the last + sync OR operation + type: string + name: + description: Name specifies the name of the resource + type: string + namespace: + description: Namespace specifies the target namespace of the resource + type: string + status: + description: Status holds the final result of the sync. Will be empty if the + resources is yet to be applied/pruned and is always + zero-value for hooks + type: string + syncPhase: + description: SyncPhase indicates the particular phase of the sync that this + result was acquired in + type: string + version: + description: Version specifies the API version of the resource + type: string + revision: + description: Revision holds the revision this sync operation was performed to + type: string + revisions: + description: Revisions holds the revision this sync operation was performed for + respective indexed source in sources field + type: array + items: + type: string + source: + description: Source records the application source information of the sync, used + for comparing auto-sync + type: object + required: + - repoURL + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications + sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + type: object + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should + be explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should + be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + type: object + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + libs: + description: Additional library search dirs + type: array + items: + type: string + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + recurse: + description: Recurse specifies whether to scan a directory recursively for + manifests + type: boolean + helm: + description: Helm holds helm specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating + manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + fileParameters: + description: FileParameters are file parameters to the helm template + type: array + items: + description: HelmFileParameter is a file parameter that's passed to helm + template during manifest generation + type: object + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm + parameter + type: string + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template from failing when + valueFiles do not exist locally by not appending + them to helm template --values + type: boolean + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version + to pass to Helm when templating manifests. By + default, Argo CD + + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template with. If left empty, + defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which are passed to the + helm template command upon manifest generation + type: array + items: + description: HelmParameter is a parameter that's passed to helm template during + manifest generation + type: object + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans + and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + passCredentials: + description: PassCredentials pass credentials to all domains (Helm's + --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use + the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation step (Helm's + --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation (Helm's + --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step (Helm's + --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a + template + type: array + items: + type: string + values: + description: Values specifies Helm values to be passed to helm template, + typically defined as a block. ValuesObject takes + precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed to helm template, + defined as a map. This takes precedence over + Values. + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating ("3") + type: string + kustomize: + description: Kustomize holds kustomize specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating + manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + commonAnnotations: + description: CommonAnnotations is a list of additional annotations to add to + rendered manifests + type: object + additionalProperties: + type: string + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to apply env variables + substitution for annotation values + type: boolean + commonLabels: + description: CommonLabels is a list of additional labels to add to rendered + manifests + type: object + additionalProperties: + type: string + components: + description: Components specifies a list of kustomize components to add to the + kustomization before building + type: array + items: + type: string + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common + annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels + to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from failing when + components do not exist locally by not appending + them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override specifications + type: array + items: + description: KustomizeImage represents a Kustomize image definition in the + format [old_image_name=]: + type: string + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version + to pass to Helm when templating manifests. By + default, Argo CD + + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply common labels to + resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply common labels to + resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + type: array + items: + type: object + properties: + options: + type: object + additionalProperties: + type: boolean + patch: + type: string + path: + type: string + target: + type: object + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override specifications + type: array + items: + type: object + required: + - count + - name + properties: + count: + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + version: + description: Version controls which version of Kustomize to use for rendering + manifests + type: string + name: + description: Name is used to refer to a source and is displayed in the UI. It is + used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, and is only + valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + type: object + properties: + env: + description: Env is a list of environment variable entries + type: array + items: + description: EnvEntry represents an entry in the application's environment + type: object + required: + - name + - value + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + name: + type: string + parameters: + type: array + items: + type: object + properties: + array: + description: Array is the value of an array type parameter. + type: array + items: + type: string + map: + description: Map is the value of a map type parameter. + type: object + additionalProperties: + type: string + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + ref: + description: Ref is reference to another source within sources field. This field + will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains + the application manifests + type: string + targetRevision: + description: >- + TargetRevision defines the revision of the source to + sync the application to. + + In case of Git, this can be commit, tag, or branch. If + omitted, will equal to HEAD. + + In case of Helm, this is a semver tag for the Chart's + version. + type: string + sources: + description: Source records the application source information of the sync, used + for comparing auto-sync + type: array + items: + description: ApplicationSource contains all required information about the + source of an application + type: object + required: + - repoURL + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications + sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + type: object + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should + be explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should + be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + type: object + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + libs: + description: Additional library search dirs + type: array + items: + type: string + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + recurse: + description: Recurse specifies whether to scan a directory recursively for + manifests + type: boolean + helm: + description: Helm holds helm specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource + API versions to pass to Helm when templating + manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + fileParameters: + description: FileParameters are file parameters to the helm template + type: array + items: + description: HelmFileParameter is a file parameter that's passed to helm + template during manifest generation + type: object + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm + parameter + type: string + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template from failing when + valueFiles do not exist locally by not appending + them to helm template --values + type: boolean + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version + to pass to Helm when templating manifests. By + default, Argo CD + + uses the Kubernetes version of the target + cluster. + type: string + namespace: + description: Namespace is an optional namespace to template with. If left empty, + defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which are passed to the + helm template command upon manifest generation + type: array + items: + description: HelmParameter is a parameter that's passed to helm template during + manifest generation + type: object + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans + and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + passCredentials: + description: PassCredentials pass credentials to all domains (Helm's + --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use + the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation step (Helm's + --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation (Helm's + --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step (Helm's + --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a + template + type: array + items: + type: string + values: + description: Values specifies Helm values to be passed to helm template, + typically defined as a block. ValuesObject takes + precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed to helm template, + defined as a map. This takes precedence over + Values. + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating ("3") + type: string + kustomize: + description: Kustomize holds kustomize specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource + API versions to pass to Helm when templating + manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + commonAnnotations: + description: CommonAnnotations is a list of additional annotations to add to + rendered manifests + type: object + additionalProperties: + type: string + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to apply env variables + substitution for annotation values + type: boolean + commonLabels: + description: CommonLabels is a list of additional labels to add to rendered + manifests + type: object + additionalProperties: + type: string + components: + description: Components specifies a list of kustomize components to add to the + kustomization before building + type: array + items: + type: string + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common + annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels + to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from failing when + components do not exist locally by not appending + them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override specifications + type: array + items: + description: KustomizeImage represents a Kustomize image definition in the + format + [old_image_name=]: + type: string + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version + to pass to Helm when templating manifests. By + default, Argo CD + + uses the Kubernetes version of the target + cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply common labels to + resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply common labels to + resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + type: array + items: + type: object + properties: + options: + type: object + additionalProperties: + type: boolean + patch: + type: string + path: + type: string + target: + type: object + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override specifications + type: array + items: + type: object + required: + - count + - name + properties: + count: + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + version: + description: Version controls which version of Kustomize to use for rendering + manifests + type: string + name: + description: Name is used to refer to a source and is displayed in the UI. It is + used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, and is only + valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + type: object + properties: + env: + description: Env is a list of environment variable entries + type: array + items: + description: EnvEntry represents an entry in the application's environment + type: object + required: + - name + - value + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + name: + type: string + parameters: + type: array + items: + type: object + properties: + array: + description: Array is the value of an array type parameter. + type: array + items: + type: string + map: + description: Map is the value of a map type parameter. + type: object + additionalProperties: + type: string + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + ref: + description: Ref is reference to another source within sources field. This field + will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains + the application manifests + type: string + targetRevision: + description: >- + TargetRevision defines the revision of the source to + sync the application to. + + In case of Git, this can be commit, tag, or branch. + If omitted, will equal to HEAD. + + In case of Helm, this is a semver tag for the + Chart's version. + type: string + reconciledAt: + description: ReconciledAt indicates when the application state was reconciled + using the latest git version + type: string + format: date-time + resourceHealthSource: + description: "ResourceHealthSource indicates where the resource health status is + stored: inline if not set or appTree" + type: string + resources: + description: Resources is a list of Kubernetes resources managed by this + application + type: array + items: + description: ResourceStatus holds the current synchronization and health status + of a Kubernetes resource. + type: object + properties: + group: + description: Group represents the API group of the resource (e.g., "apps" for + Deployments). + type: string + health: + description: Health indicates the health status of the resource (e.g., Healthy, + Degraded, Progressing). + type: object + properties: + lastTransitionTime: + description: >- + LastTransitionTime is the time the HealthStatus was set + or updated + + + Deprecated: this field is not used and will be removed + in a future release. + type: string + format: date-time + message: + description: Message is a human-readable informational message describing the + health status + type: string + status: + description: Status holds the status code of the resource + type: string + hook: + description: Hook is true if the resource is used as a lifecycle hook in an Argo + CD application. + type: boolean + kind: + description: Kind specifies the type of the resource (e.g., "Deployment", + "Service"). + type: string + name: + description: Name is the unique name of the resource within the namespace. + type: string + namespace: + description: Namespace defines the Kubernetes namespace where the resource is + located. + type: string + requiresDeletionConfirmation: + description: RequiresDeletionConfirmation is true if the resource requires + explicit user confirmation before deletion. + type: boolean + requiresPruning: + description: RequiresPruning is true if the resource needs to be pruned + (deleted) as part of synchronization. + type: boolean + status: + description: Status represents the synchronization state of the resource (e.g., + Synced, OutOfSync). + type: string + syncWave: + description: >- + SyncWave determines the order in which resources are applied + during a sync operation. + + Lower values are applied first. + type: integer + format: int64 + version: + description: Version indicates the API version of the resource (e.g., "v1", + "v1beta1"). + type: string + sourceHydrator: + description: SourceHydrator stores information about the current state of source + hydration + type: object + properties: + currentOperation: + description: CurrentOperation holds the status of the hydrate operation + type: object + required: + - message + - phase + properties: + drySHA: + description: DrySHA holds the resolved revision (sha) of the dry source as of + the most recent reconciliation + type: string + finishedAt: + description: FinishedAt indicates when the hydrate operation finished + type: string + format: date-time + hydratedSHA: + description: HydratedSHA holds the resolved revision (sha) of the hydrated + source as of the most recent reconciliation + type: string + message: + description: Message contains a message describing the current status of the + hydrate operation + type: string + phase: + description: Phase indicates the status of the hydrate operation + type: string + enum: + - Hydrating + - Failed + - Hydrated + sourceHydrator: + description: SourceHydrator holds the hydrator config used for the hydrate + operation + type: object + required: + - drySource + - syncSource + properties: + drySource: + description: DrySource specifies where the dry "don't repeat yourself" manifest + source lives. + type: object + required: + - path + - repoURL + - targetRevision + properties: + path: + description: Path is a directory path within the Git repository where the + manifests are located + type: string + repoURL: + description: RepoURL is the URL to the git repository that contains the + application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source to hydrate + type: string + hydrateTo: + description: >- + HydrateTo specifies an optional "staging" location to + push hydrated manifests to. An external system would + then + + have to move manifests to the SyncSource, e.g. by pull + request. + type: object + required: + - targetBranch + properties: + targetBranch: + description: TargetBranch is the branch to which hydrated manifests should be + committed + type: string + syncSource: + description: SyncSource specifies where to sync hydrated manifests from. + type: object + required: + - path + - targetBranch + properties: + path: + description: >- + Path is a directory path within the git repository + where hydrated manifests should be committed to + and synced + + from. If hydrateTo is set, this is just the path + from which hydrated manifests will be synced. + type: string + targetBranch: + description: TargetBranch is the branch to which hydrated manifests should be + committed + type: string + startedAt: + description: StartedAt indicates when the hydrate operation started + type: string + format: date-time + lastSuccessfulOperation: + description: LastSuccessfulOperation holds info about the most recent successful + hydration + type: object + properties: + drySHA: + description: DrySHA holds the resolved revision (sha) of the dry source as of + the most recent reconciliation + type: string + hydratedSHA: + description: HydratedSHA holds the resolved revision (sha) of the hydrated + source as of the most recent reconciliation + type: string + sourceHydrator: + description: SourceHydrator holds the hydrator config used for the hydrate + operation + type: object + required: + - drySource + - syncSource + properties: + drySource: + description: DrySource specifies where the dry "don't repeat yourself" manifest + source lives. + type: object + required: + - path + - repoURL + - targetRevision + properties: + path: + description: Path is a directory path within the Git repository where the + manifests are located + type: string + repoURL: + description: RepoURL is the URL to the git repository that contains the + application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source to hydrate + type: string + hydrateTo: + description: >- + HydrateTo specifies an optional "staging" location to + push hydrated manifests to. An external system would + then + + have to move manifests to the SyncSource, e.g. by pull + request. + type: object + required: + - targetBranch + properties: + targetBranch: + description: TargetBranch is the branch to which hydrated manifests should be + committed + type: string + syncSource: + description: SyncSource specifies where to sync hydrated manifests from. + type: object + required: + - path + - targetBranch + properties: + path: + description: >- + Path is a directory path within the git repository + where hydrated manifests should be committed to + and synced + + from. If hydrateTo is set, this is just the path + from which hydrated manifests will be synced. + type: string + targetBranch: + description: TargetBranch is the branch to which hydrated manifests should be + committed + type: string + sourceType: + description: SourceType specifies the type of this application + type: string + sourceTypes: + description: SourceTypes specifies the type of the sources included in the + application + type: array + items: + description: ApplicationSourceType specifies the type of the application's + source + type: string + summary: + description: Summary contains a list of URLs and container images used by this + application + type: object + properties: + externalURLs: + description: ExternalURLs holds all external URLs of application child + resources. + type: array + items: + type: string + images: + description: Images holds all images of application child resources. + type: array + items: + type: string + sync: + description: Sync contains information about the application's current sync + status + type: object + required: + - status + properties: + comparedTo: + description: ComparedTo contains information about what has been compared + type: object + required: + - destination + properties: + destination: + description: Destination is a reference to the application's destination used + for comparison + type: object + properties: + name: + description: Name is an alternate way of specifying the target cluster by its + symbolic name. This must be set if Server is not set. + type: string + namespace: + description: >- + Namespace specifies the target namespace for the + application's resources. + + The namespace will only be set for namespace-scoped + resources that have not set a value for + .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster's Kubernetes control + plane API. This must be set if Name is not set. + type: string + ignoreDifferences: + description: IgnoreDifferences is a reference to the application's ignored + differences used for comparison + type: array + items: + description: ResourceIgnoreDifferences contains resource filter and list of json + paths which should be ignored during comparison with + live state. + type: object + required: + - kind + properties: + group: + type: string + jqPathExpressions: + type: array + items: + type: string + jsonPointers: + type: array + items: + type: string + kind: + type: string + managedFieldsManagers: + description: >- + ManagedFieldsManagers is a list of trusted managers. + Fields mutated by those managers will take + precedence over the + + desired state defined in the SCM and won't be + displayed in diffs + type: array + items: + type: string + name: + type: string + namespace: + type: string + source: + description: Source is a reference to the application's source used for + comparison + type: object + required: + - repoURL + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications + sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + type: object + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should + be explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should + be explicitly included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + type: object + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + libs: + description: Additional library search dirs + type: array + items: + type: string + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + recurse: + description: Recurse specifies whether to scan a directory recursively for + manifests + type: boolean + helm: + description: Helm holds helm specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating + manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + fileParameters: + description: FileParameters are file parameters to the helm template + type: array + items: + description: HelmFileParameter is a file parameter that's passed to helm + template during manifest generation + type: object + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm + parameter + type: string + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template from failing when + valueFiles do not exist locally by not appending + them to helm template --values + type: boolean + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version + to pass to Helm when templating manifests. By + default, Argo CD + + uses the Kubernetes version of the target cluster. + type: string + namespace: + description: Namespace is an optional namespace to template with. If left empty, + defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which are passed to the + helm template command upon manifest generation + type: array + items: + description: HelmParameter is a parameter that's passed to helm template during + manifest generation + type: object + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans + and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + passCredentials: + description: PassCredentials pass credentials to all domains (Helm's + --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use + the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation step (Helm's + --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation (Helm's + --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step (Helm's + --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a + template + type: array + items: + type: string + values: + description: Values specifies Helm values to be passed to helm template, + typically defined as a block. ValuesObject takes + precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed to helm template, + defined as a map. This takes precedence over + Values. + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating ("3") + type: string + kustomize: + description: Kustomize holds kustomize specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource API + versions to pass to Helm when templating + manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + commonAnnotations: + description: CommonAnnotations is a list of additional annotations to add to + rendered manifests + type: object + additionalProperties: + type: string + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to apply env variables + substitution for annotation values + type: boolean + commonLabels: + description: CommonLabels is a list of additional labels to add to rendered + manifests + type: object + additionalProperties: + type: string + components: + description: Components specifies a list of kustomize components to add to the + kustomization before building + type: array + items: + type: string + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common + annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels + to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from failing when + components do not exist locally by not appending + them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override specifications + type: array + items: + description: KustomizeImage represents a Kustomize image definition in the + format [old_image_name=]: + type: string + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version + to pass to Helm when templating manifests. By + default, Argo CD + + uses the Kubernetes version of the target cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply common labels to + resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply common labels to + resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + type: array + items: + type: object + properties: + options: + type: object + additionalProperties: + type: boolean + patch: + type: string + path: + type: string + target: + type: object + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override specifications + type: array + items: + type: object + required: + - count + - name + properties: + count: + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + version: + description: Version controls which version of Kustomize to use for rendering + manifests + type: string + name: + description: Name is used to refer to a source and is displayed in the UI. It is + used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, and is only + valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + type: object + properties: + env: + description: Env is a list of environment variable entries + type: array + items: + description: EnvEntry represents an entry in the application's environment + type: object + required: + - name + - value + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + name: + type: string + parameters: + type: array + items: + type: object + properties: + array: + description: Array is the value of an array type parameter. + type: array + items: + type: string + map: + description: Map is the value of a map type parameter. + type: object + additionalProperties: + type: string + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + ref: + description: Ref is reference to another source within sources field. This field + will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains + the application manifests + type: string + targetRevision: + description: >- + TargetRevision defines the revision of the source to + sync the application to. + + In case of Git, this can be commit, tag, or branch. If + omitted, will equal to HEAD. + + In case of Helm, this is a semver tag for the Chart's + version. + type: string + sources: + description: Sources is a reference to the application's multiple sources used + for comparison + type: array + items: + description: ApplicationSource contains all required information about the + source of an application + type: object + required: + - repoURL + properties: + chart: + description: Chart is a Helm chart name, and must be specified for applications + sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + type: object + properties: + exclude: + description: Exclude contains a glob pattern to match paths against that should + be explicitly excluded from being used during + manifest generation + type: string + include: + description: Include contains a glob pattern to match paths against that should + be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + type: object + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + libs: + description: Additional library search dirs + type: array + items: + type: string + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + type: array + items: + description: JsonnetVar represents a variable to be passed to jsonnet during + manifest generation + type: object + required: + - name + - value + properties: + code: + type: boolean + name: + type: string + value: + type: string + recurse: + description: Recurse specifies whether to scan a directory recursively for + manifests + type: boolean + helm: + description: Helm holds helm specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource + API versions to pass to Helm when templating + manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + fileParameters: + description: FileParameters are file parameters to the helm template + type: array + items: + description: HelmFileParameter is a file parameter that's passed to helm + template during manifest generation + type: object + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing the values for the Helm + parameter + type: string + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template from failing when + valueFiles do not exist locally by not appending + them to helm template --values + type: boolean + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version + to pass to Helm when templating manifests. By + default, Argo CD + + uses the Kubernetes version of the target + cluster. + type: string + namespace: + description: Namespace is an optional namespace to template with. If left empty, + defaults to the app's destination namespace. + type: string + parameters: + description: Parameters is a list of Helm parameters which are passed to the + helm template command upon manifest generation + type: array + items: + description: HelmParameter is a parameter that's passed to helm template during + manifest generation + type: object + properties: + forceString: + description: ForceString determines whether to tell Helm to interpret booleans + and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + passCredentials: + description: PassCredentials pass credentials to all domains (Helm's + --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. If omitted it will use + the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation step (Helm's + --skip-crds) + type: boolean + skipSchemaValidation: + description: SkipSchemaValidation skips JSON schema validation (Helm's + --skip-schema-validation) + type: boolean + skipTests: + description: SkipTests skips test manifest installation step (Helm's + --skip-tests). + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to use when generating a + template + type: array + items: + type: string + values: + description: Values specifies Helm values to be passed to helm template, + typically defined as a block. ValuesObject takes + precedence over Values, so use one or the other. + type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed to helm template, + defined as a map. This takes precedence over + Values. + x-kubernetes-preserve-unknown-fields: true + version: + description: Version is the Helm version to use for templating ("3") + type: string + kustomize: + description: Kustomize holds kustomize specific options + type: object + properties: + apiVersions: + description: >- + APIVersions specifies the Kubernetes resource + API versions to pass to Helm when templating + manifests. By default, + + Argo CD uses the API versions of the target + cluster. The format is [group/]version/kind. + type: array + items: + type: string + commonAnnotations: + description: CommonAnnotations is a list of additional annotations to add to + rendered manifests + type: object + additionalProperties: + type: string + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to apply env variables + substitution for annotation values + type: boolean + commonLabels: + description: CommonLabels is a list of additional labels to add to rendered + manifests + type: object + additionalProperties: + type: string + components: + description: Components specifies a list of kustomize components to add to the + kustomization before building + type: array + items: + type: string + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to force applying common + annotations to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force applying common labels + to resources for Kustomize apps + type: boolean + ignoreMissingComponents: + description: IgnoreMissingComponents prevents kustomize from failing when + components do not exist locally by not appending + them to kustomization file + type: boolean + images: + description: Images is a list of Kustomize image override specifications + type: array + items: + description: KustomizeImage represents a Kustomize image definition in the + format + [old_image_name=]: + type: string + kubeVersion: + description: >- + KubeVersion specifies the Kubernetes API version + to pass to Helm when templating manifests. By + default, Argo CD + + uses the Kubernetes version of the target + cluster. + type: string + labelIncludeTemplates: + description: LabelIncludeTemplates specifies whether to apply common labels to + resource templates or not + type: boolean + labelWithoutSelector: + description: LabelWithoutSelector specifies whether to apply common labels to + resource selectors or not + type: boolean + namePrefix: + description: NamePrefix is a prefix appended to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources for Kustomize apps + type: string + namespace: + description: Namespace sets the namespace that Kustomize adds to all resources + type: string + patches: + description: Patches is a list of Kustomize patches + type: array + items: + type: object + properties: + options: + type: object + additionalProperties: + type: boolean + patch: + type: string + path: + type: string + target: + type: object + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override specifications + type: array + items: + type: object + required: + - count + - name + properties: + count: + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + version: + description: Version controls which version of Kustomize to use for rendering + manifests + type: string + name: + description: Name is used to refer to a source and is displayed in the UI. It is + used in multi-source Applications. + type: string + path: + description: Path is a directory path within the Git repository, and is only + valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific options + type: object + properties: + env: + description: Env is a list of environment variable entries + type: array + items: + description: EnvEntry represents an entry in the application's environment + type: object + required: + - name + - value + properties: + name: + description: Name is the name of the variable, usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + name: + type: string + parameters: + type: array + items: + type: object + properties: + array: + description: Array is the value of an array type parameter. + type: array + items: + type: string + map: + description: Map is the value of a map type parameter. + type: object + additionalProperties: + type: string + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + ref: + description: Ref is reference to another source within sources field. This field + will not be used if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) that contains + the application manifests + type: string + targetRevision: + description: >- + TargetRevision defines the revision of the source to + sync the application to. + + In case of Git, this can be commit, tag, or branch. + If omitted, will equal to HEAD. + + In case of Helm, this is a semver tag for the + Chart's version. + type: string + revision: + description: Revision contains information about the revision the comparison has + been performed to + type: string + revisions: + description: Revisions contains information about the revisions of multiple + sources the comparison has been performed to + type: array + items: + type: string + status: + description: Status is the sync state of the comparison + type: string + x-kubernetes-group-version-kind: + - group: argoproj.io + kind: Application + version: v1alpha1 \ No newline at end of file diff --git a/controller/testdata/target-child-application.yaml b/controller/testdata/target-child-application.yaml new file mode 100644 index 0000000000000..5161de8d53588 --- /dev/null +++ b/controller/testdata/target-child-application.yaml @@ -0,0 +1,80 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + annotations: + argocd.argoproj.io/tracking-id: 'app-of-apps:argoproj.io/Application:argocd/argo-workflows' + name: argo-workflows + namespace: argocd +spec: + destination: + name: in-cluster + namespace: argo-workflows + project: default + revisionHistoryLimit: 1 + source: + chart: argo-workflows + helm: + valuesObject: + controller: + podSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 12m + memory: 70M + volumeMounts: + - mountPath: /tmp + name: tmp + volumes: + - emptyDir: {} + name: tmp + crds: + keep: false + executor: + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + server: + extraArgs: + - '--auth-mode=server' + ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-dns01-issuer + enabled: true + hosts: + - argo-workflows.hankeln.work + ingressClassName: nginx + tls: + - hosts: + - argo-workflows.hankeln.work + secretName: argo-workflows-cert + podSecurityContext: + runAsGroup: 1000 + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 12m + memory: 50M + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsNonRoot: true + workflow: + serviceAccount: + create: true + repoURL: 'https://argoproj.github.io/argo-helm' + targetRevision: 0.45.28 + syncPolicy: + automated: + allowEmpty: true + prune: true