Parameters

The parent key for all of the following parameters is argocd.

namespace

type

string
default

syn

The namespace in which to deploy this component.

distribution

type

string
default

${facts:distribution}

The Kubernetes distribution of the cluster.

network_policies

This parameter configures network policies for ArgoCD.

network_policies.enabled

type

boolean
default

true

Whether to enable NetworkPolicies that isolate ArgoCD from the rest of the cluster.

network_policies.allow_from_namespaces

type

List(string)
default

`[]

Additional namespaces which should be able to access ArgoCD.

monitoring

This section configures monitoring for ArgoCD.

monitoring.enabled

type

bool
default

true

If monitoring should be enabled for this component. Requires the Prometheus Operator to be installed.

monitoring.dashboards

type

bool
default

true

If dashboards should be enabled for this component. Requires the Grafana Operator to be installed.

monitoring.prometheus_rule_labels

type

dict
default

{"prometheus":"platform"}

Labels to set on the alert rule configuration. Can be used to ensure prometheus-operator picks up the PrometheusRule object by setting appropriate labels.

resync_time

type

string
default

3m0s

Resync interval. Lower values mean quicker sync but higher CPU usage and more Git traffic.

log_format

type

object
default 
default: text

This parameter exposes the log format for the ArgoCD components. By default, all components are configured to use the log format given for key default. The log format can be customized for individual components by providing the desired log format in keys server, application_controller or repo_server.

log_level

type

object
default 
default: info

This parameter exposes the log level for the ArgoCD components. By default, all components are configured with the log level given in key default. The log level can be customized for individual components by providing the desired level in keys server, application_controller or repo_server

override

type

dictionary
default

{}

Override specs of the ProjectSyn ArgoCD instance.

http_credentials_secret_name

type

string
default

catalog-https-credentials

The name of the externally managed secret which holds the username and password for fetching the catalog repo over HTTPS in fields username and password.

This parameter is only used when the cluster’s catalog repo URL starts with https://.

Users must ensure that this secret is in place before this component is synced.

images

type

dictionary

Dictionary containing the container images used by this component. Each entry follows the Commodore component best practices for specifying container images.

instances

type

dictionary
default

{}

This section allows the definition of arbitrary ArgoCD instances, and associated AppProject resources. The keys of this parameter are parsed as namespaced names (<namespace>/<name>) and used as namespaces and names of the created resources.

Namespace management

  1. Each ArgoCD instance must be deployed to its own namespace

  2. You MUST create the target namespace manually before deploying ArgoCD using this component

Due to how Argo CD works, namespaces holding Argo CD instances cannot be created by other Argo CD instances.

Example

parameters:
  argocd:
    instances:
      some-namespace/some-argocd:
        config:
          spec:
            sso:
              provider: dex
              dex:
                openShiftOAuth: true
          ...
        projects:
          some-project:
            spec:
              clusterResourceWhitelist: []
              destinations:
                - namespace: corp-*
                  server: https://kubernetes.default.svc

instances.<namespace>/<name>.config

type

dictionary
default 
spec:
  applicationInstanceLabelKey: <name>.<namespace>/instance

Plain configuration that will be merged verbatim into the created ArgoCD resource.

See the ArgoCD reference of the Argo CD Operator for available fields.

To avoid common issues, some defaults are configured. They can be overwritten via the inventory.

instances.<namespace>/<name>.projects

type

dictionary
default

{}

Arbitrary AppProject instances to be deployed on the cluster.

The keys of this parameter are used as the generated resource’s metadata.name, while the parent `ArgoCD’s namespace will be inherited.

See the AppProject reference of Argo CD for available fields.

instances.<namespace>/<name>.projectDefaults

type

dictionary
default

{}

Default values that will be applied for all AppProjects created for this instance.

resources

type

dictionary
defaults

See class/defaults.yml

Dictionary containing the resource requests and limits for the different components. Keys correspond to different pods/containers:

  • application_controller

  • redis

  • repo_server

  • repo_server_vault_agent - for the vault_agent container in the repo-server pod

  • server

Users can remove configured requests and limits by setting any keys or subkeys in the dictionary to null.

ssh_known_hosts

type

string
default

See class/defaults.yml

SSH known hosts for Git servers.

resource_exclusions

type

dictionary(list|dictionary)
default 
cilium:
- apiGroups:
  - cilium.io
  kinds:
  - CiliumIdentity
  clusters:
  - "*"
example 
custom:
- apiGroups:
  - custom.io
  kinds:
  - ClusterWrecker
  clusters:
  - "*"
backup: null

A dictionary of resource exclusions for the ArgoCD instance. Those resources will not be managed by ArgoCD.

The keys are the names of the exclusion groups. Keys are not used, they are exclusively for hierarchical structuring.

The values are lists of resource definitions that should be excluded from the ArgoCD instance. Those lists get concatenated.

Check ArgoCD documentation for more information.

operator

type

dict
defaults

See class/defaults.yml

Configuration for the ArgoCD operator which is deployed as part of this component.

operator.namespace

type

string

default

syn-argocd-operator

The namespace in which to deploy the argocd operator

operator.cluster_scope_namespaces

type

array

default

["${argocd:namespace}"]

List of namespaces in which argocd is allowed to be installed at the cluster scope.

operator.migrate

type

string

default

false

Whether to migrate from v5 or earlier. If you are upgrading from v5, set this to true on the first catalog compilation.

operator.images

type

dictionary
defaults

See class/defaults.yml

Dictionary containing the container images used by the operator

operator.manifests_version

type

string
default

${argocd:images:argocd_operator:tag}

Version of the kubernetes manifests for the operator

operator.kustomization_url

type

string
default

github.com/argoproj-labs/argocd-operator//config/default/

URL of the kustomization to deploy the operator

operator.kustomize_input

type

dictionary
defaults

See class/defaults.yml

Kustomize inputs supplied to the argocd operator kustomization

Example

parameters:
  argocd:
    resync_seconds: 3
    ssh_known_hosts: |
      git.example.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO9EkPcVdsz/oVTI2VJkBlq8Mv/dg3rhcbgzAEKyiwUG
    monitoring:
      dashboards: true