-
Notifications
You must be signed in to change notification settings - Fork 5.7k
/
Copy pathapplicationset.yaml
299 lines (278 loc) · 11.8 KB
/
applicationset.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: test-hello-world-appset
namespace: argocd
spec:
generators:
# Using a generator plugin without combining it with Matrix or Merge
# Plugins allow you to provide your own generator
- plugin:
# Specify the configMap where the plugin configuration is located.
configMapRef:
name: my-plugin
# You can pass arbitrary parameters to the plugin. `input.parameters` is a map, but values may be any type.
# These parameters will also be available on the generator's output under the `generator.input.parameters` key.
input:
parameters:
key1: "value1"
key2: "value2"
list: ["list", "of", "values"]
boolean: true
map:
key1: "value1"
key2: "value2"
key3: "value3"
# You can also attach arbitrary values to the generator's output under the `values` key. These values will be
# available in templates under the `values` key.
values:
value1: something
# When using a Plugin generator, the ApplicationSet controller polls every `requeueAfterSeconds` interval (defaulting to every 30 minutes) to detect changes.
requeueAfterSeconds: 30
# to automatically discover repositories within an organization
- scmProvider:
# Which protocol to clone using.
cloneProtocol: ssh
# The GitHub mode uses the GitHub API to scan an organization in either github.com or GitHub Enterprise
github:
# The GitHub organization to scan.
organization: myorg
# For GitHub Enterprise:
api: https://git.example.com/
# If true, scan every branch of every repository. If false, scan only the default branch. Defaults to false.
allBranches: true
# Reference to a Secret containing an access token. (optional)
tokenRef:
secretName: github-token
key: token
# (optional) use a GitHub App to access the API instead of a PAT.
appSecretName: gh-app-repo-creds
#Pass additional key-value pairs via values field
values:
name: "{{organization}}-{{repository}}"
#The GitLab mode uses the GitLab API to scan and organization in either gitlab.com or self-hosted GitLab.
gitlab:
#The Gitea mode uses the Gitea API to scan organizations in your instance
gitea:
#Use the Bitbucket Server API (1.0) to scan repos in a project.
bitbucketServer:
#Uses the Azure DevOps API to look up eligible repositories
azureDevOps:
# The Bitbucket mode uses the Bitbucket API V2 to scan a workspace in bitbucket.org
bitbucket:
#Uses AWS ResourceGroupsTagging and AWS CodeCommit APIs to scan repos across AWS accounts and regionsz
awsCodeCommit:
#Filters allow selecting which repositories to generate for.
filters:
# Include any repository starting with "myapp" AND including a Kustomize config AND labeled with "deploy-ok" ...
- repositoryMatch: ^myapp
pathsExist: [kubernetes/kustomization.yaml]
labelMatch: deploy-ok
# ... OR include any repository starting with "otherapp" AND a Helm folder and doesn't have file disabledrepo.txt.
- repositoryMatch: ^otherapp
pathsExist: [helm]
pathsDoNotExist: [disabledrepo.txt]
# matrix 'parent' generator
- matrix:
generators:
# any of the top-level generators may be used here instead.
# merge 'parent' generator
# Use the selector set by both child generators to combine them.
- merge:
mergeKeys:
- server
# Note that this would not work with goTemplate enabled,
# nested merge keys are not supported there.
- values.selector
generators:
- clusters:
values:
kafka: 'true'
redis: 'false'
# For clusters with a specific label, enable Kafka.
- clusters:
selector:
matchLabels:
use-kafka: 'false'
values:
kafka: 'false'
# For a specific cluster, enable Redis.
- list:
elements:
- server: https://2.4.6.8
values.redis: 'true'
# Determines whether go templating will be used in the `template` field below.
goTemplate: true
# Optional list of go templating options, see https://pkg.go.dev/text/template#Template.Option
# This is only relevant if `goTemplate` is true
goTemplateOptions: ["missingkey=error"]
# These fields are identical to the Application spec.
# The generator's template field takes precedence over the spec's template fields
template:
metadata:
name: test-hello-world-app
spec:
project: my-project
syncPolicy:
automated:
selfHeal: true
syncOptions:
- CreateNamespace=true
# defines from which Git repository to extract the desired Application manifests
source:
- chart: '{{.chart}}'
# developers may customize app details using JSON files from above repo URL
repoURL: https://github.com/argoproj/argo-cd.git
targetRevision: HEAD
# Path within the repository where Kubernetes manifests are located
path: applicationset/examples/list-generator/guestbook/{{cluster}}
helm:
useCredentials: "{{.useCredentials}}" # This field may NOT be templated, because it is a boolean field
parameters:
- name: "image.tag"
value: "pull-{{head_sha}}"
- name: "{{.name}}"
value: "{{.value}}"
- name: throw-away
value: "{{end}}"
destination:
# Only one of name or server may be specified: if both are specified, an error is returned.
# Name of the cluster (within Argo CD) to deploy to
name: production-cluster # cluster is restricted
# API Server URL for the cluster
server: '{{.url}}'
# Target namespace in which to deploy the manifests from source
namespace: dev-team-one # namespace is restricted
# This sync policy pertains to the ApplicationSet, not to the Applications it creates.
syncPolicy:
# Prevents ApplicationSet controller from modifying or deleting Applications
applicationsSync: create-only
# Prevents ApplicationSet controller from deleting Applications. Update is allowed
# applicationsSync: create-update
# Prevents ApplicationSet controller from modifying Applications. Delete is allowed.
# applicationsSync: create-delete
# Prevent an Application's child resources from being deleted, when the parent Application is deleted
preserveResourcesOnDeletion: true
strategy:
# The RollingSync update strategy allows you to group Applications by labels present on the generated Application resources
# See documentation for "Progressive Syncs"
type: RollingSync
rollingSync:
steps:
# Application groups are selected using their labels and matchExpressions
- matchExpressions:
- key: envLabel
operator: In
values:
- env-dev
# maxUpdate: 100% # if undefined, all applications matched are updated together (default is 100%)
- matchExpressions:
- key: envLabel
operator: In
values:
- env-qa
maxUpdate: 0 # if 0, no matched applications will be synced unless they're synced manually
- matchExpressions:
- key: envLabel
operator: In
values:
- env-prod
maxUpdate: 10% # maxUpdate supports both integer and percentage string values (rounds down, but floored at 1 Application for >0%)
# Define annotations and labels of the Application that this ApplicationSet will ignore
# ignoreApplicationDifferences is the preferred way to accomplish this now.
preservedFields:
annotations: [ some-annotation-key ]
labels: [ some-label-key ]
# Define fields of the that should be ignored when comparing Applications
ignoreApplicationDifferences:
- jsonPointers:
- /spec/source/targetRevision
- name: some-app
jqPathExpressions:
- .spec.source.helm.values
# Cluster-decision-resource-based ApplicationSet generator
- clusterDecisionResource:
# ConfigMap with GVK information for the duck type resource
configMapRef: my-configmap
name: quak # Choose either "name" of the resource or "labelSelector"
labelSelector:
matchLabels: # OPTIONAL
duck: spotted
matchExpressions: # OPTIONAL
- key: duck
operator: In
values:
- "spotted"
- "canvasback"
# OPTIONAL: Checks for changes every 60sec (default 3min)
requeueAfterSeconds: 60
# The Pull Request generator uses the API of an SCMaaS provider to automatically discover open pull requests within a repository
- pullRequest:
# When using a Pull Request generator, the ApplicationSet controller polls every `requeueAfterSeconds` interval (defaulting to every 30 minutes) to detect changes.
requeueAfterSeconds: 1800
# See below for provider specific options.
# Specify the repository from which to fetch the GitHub Pull requests.
github:
# The GitHub organization or user.
owner: myorg
# The Github repository
repo: myrepository
# For GitHub Enterprise (optional)
api: https://git.example.com/
# Reference to a Secret containing an access token. (optional)
tokenRef:
secretName: github-token
key: token
# (optional) use a GitHub App to access the API instead of a PAT.
appSecretName: github-app-repo-creds
# Labels is used to filter the PRs that you want to target. (optional)
labels:
- preview
# Filters allow selecting which pull requests to generate for
# Include any pull request ending with "argocd". (optional)
filters:
- branchMatch: ".*-argocd"
# Specify the project from which to fetch the GitLab merge requests.
gitlab:
# Specify the repository from which to fetch the Gitea Pull requests.
gitea:
# Fetch pull requests from a repo hosted on a Bitbucket Server (not the same as Bitbucket Cloud).
bitbucketServer:
# Fetch pull requests from a repo hosted on a Bitbucket Cloud.
bitbucket:
# Specify the organization, project and repository from which you want to fetch pull requests.
azuredevops:
# Fetch pull requests from AWS CodeCommit repositories.
awsCodeCommit:
# The list generator generates a set of two application which then filter by the key value to only select the env with value staging
- list:
elements:
- cluster: engineering-dev
url: https://kubernetes.default.svc
env: staging
- cluster: engineering-prod
url: https://kubernetes.default.svc
env: prod
# The generator's template field takes precedence over the spec's template fields
template:
metadata: {}
spec:
project: "default"
source:
revision: HEAD
repoURL: https://github.com/argoproj/argo-cd.git
# New path value is generated here:
path: 'applicationset/examples/template-override/{{cluster}}-override'
destination: {}
selector:
matchLabels:
env: staging
# It is also possible to use matchExpressions for more powerful selectors
- clusters: {}
selector:
matchExpressions:
- key: server
operator: In
values:
- https://kubernetes.default.svc
- https://some-other-cluster