settings

package
v3.2.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 24, 2025 License: Apache-2.0 Imports: 44 Imported by: 1

Documentation

Index

Constants

View Source 
const (

	// ApplicationDeepLinks is the application deep link key
	ApplicationDeepLinks = "application.links"
	// ProjectDeepLinks is the project deep link key
	ProjectDeepLinks = "project.links"
	// ResourceDeepLinks is the resource deep link key
	ResourceDeepLinks = "resource.links"

	// RespectRBAC is the key to configure argocd to respect rbac while watching for resources
	RespectRBAC            = "resource.respectRBAC"
	RespectRBACValueStrict = "strict"
	RespectRBACValueNormal = "normal"
)

Variables

View Source 
var (
	ByClusterURLIndexer = "byClusterURL"

	ByClusterNameIndexer = "byClusterName"

	ByProjectClusterIndexer   = "byProjectCluster"
	ByProjectRepoIndexer      = "byProjectRepo"
	ByProjectRepoWriteIndexer = "byProjectRepoWrite"
)
View Source 
var CommitMessageTemplate = `` /* 340-byte string literal not displayed */

Functions

func GetKustomizeBinaryPath added in v3.2.0 

func GetKustomizeBinaryPath(ks *v1alpha1.KustomizeOptions, source v1alpha1.ApplicationSource) (string, error)

GetKustomizeBinaryPath returns the path to the kustomize binary based on the provided KustomizeOptions and ApplicationSource.

func ReplaceMapSecrets 

func ReplaceMapSecrets(obj map[string]any, secretValues map[string]string) map[string]any

ReplaceMapSecrets takes a json object and recursively looks for any secret key references in the object and replaces the value with the secret value

func ReplaceStringSecret 

func ReplaceStringSecret(val string, secretValues map[string]string) string

ReplaceStringSecret checks if given string is a secret key reference ( starts with $ ) and returns corresponding value from provided map

func UnmarshalDexConfig 

func UnmarshalDexConfig(config string) (map[string]any, error)

func ValidateOIDCConfig 

func ValidateOIDCConfig(configStr string) error

Types

type Account 

type Account struct {
	PasswordHash  string
	PasswordMtime *time.Time
	Enabled       bool
	Capabilities  []AccountCapability
	Tokens        []Token
}

Account holds local account information

func (*Account) FormatCapabilities 

func (a *Account) FormatCapabilities() string

FormatCapabilities returns comma separate list of user capabilities.

func (*Account) FormatPasswordMtime 

func (a *Account) FormatPasswordMtime() string

FormatPasswordMtime return the formatted password modify time or empty string of password modify time is nil.

func (*Account) HasCapability 

func (a *Account) HasCapability(capability AccountCapability) bool

HasCapability return true if the account has the specified capability.

func (*Account) TokenIndex 

func (a *Account) TokenIndex(id string) int

TokenIndex return an index of a token with the given identifier or -1 if token not found.

type AccountCapability 

type AccountCapability string
const (
	// AccountCapabilityLogin represents capability to create UI session tokens.
	AccountCapabilityLogin AccountCapability = "login"
	// AccountCapabilityLogin represents capability to generate API auth tokens.
	AccountCapabilityApiKey AccountCapability = "apiKey" //nolint:revive //FIXME(var-naming)
)

type ArgoCDDiffOptions 

type ArgoCDDiffOptions struct {
	IgnoreAggregatedRoles bool `json:"ignoreAggregatedRoles,omitempty"`

	// If set to true then differences caused by status are ignored.
	IgnoreResourceStatusField IgnoreStatus `json:"ignoreResourceStatusField,omitempty"`

	// If set to true then ignoreDifferences are applied to ignore application refresh on resource updates.
	IgnoreDifferencesOnResourceUpdates bool `json:"ignoreDifferencesOnResourceUpdates,omitempty"`
}

func GetDefaultDiffOptions 

func GetDefaultDiffOptions() ArgoCDDiffOptions

type ArgoCDSettings 

type ArgoCDSettings struct {
	// URL is the externally facing URL users will visit to reach Argo CD.
	// The value here is used when configuring SSO. Omitting this value will disable SSO.
	URL string `json:"url,omitempty"`
	// URLs is a list of externally facing URLs users will visit to reach Argo CD.
	// The value here is used when configuring SSO reachable from multiple domains.
	AdditionalURLs []string `json:"additionalUrls,omitempty"`
	// Indicates if status badge is enabled or not.
	StatusBadgeEnabled bool `json:"statusBadgeEnable"`
	// Indicates if status badge custom root URL should be used.
	StatusBadgeRootUrl string `json:"statusBadgeRootUrl,omitempty"` //nolint:revive //FIXME(var-naming)
	// DexConfig contains portions of a dex config yaml
	DexConfig string `json:"dexConfig,omitempty"`
	// OIDCConfigRAW holds OIDC configuration as a raw string
	OIDCConfigRAW string `json:"oidcConfig,omitempty"`
	// ServerSignature holds the key used to generate JWT tokens.
	ServerSignature []byte `json:"serverSignature,omitempty"`
	// Certificate holds the certificate/private key for the Argo CD API server.
	// If nil, will run insecure without TLS.
	Certificate *tls.Certificate `json:"-"`
	// CertificateIsExternal indicates whether Certificate was loaded from external secret
	CertificateIsExternal bool `json:"-"`
	// WebhookGitLabSecret holds the shared secret for authenticating GitHub webhook events
	WebhookGitHubSecret string `json:"webhookGitHubSecret,omitempty"`
	// WebhookGitLabSecret holds the shared secret for authenticating GitLab webhook events
	WebhookGitLabSecret string `json:"webhookGitLabSecret,omitempty"`
	// WebhookBitbucketUUID holds the UUID for authenticating Bitbucket webhook events
	WebhookBitbucketUUID string `json:"webhookBitbucketUUID,omitempty"`
	// WebhookBitbucketServerSecret holds the shared secret for authenticating BitbucketServer webhook events
	WebhookBitbucketServerSecret string `json:"webhookBitbucketServerSecret,omitempty"`
	// WebhookGogsSecret holds the shared secret for authenticating Gogs webhook events
	WebhookGogsSecret string `json:"webhookGogsSecret,omitempty"`
	// WebhookAzureDevOpsUsername holds the username for authenticating Azure DevOps webhook events
	WebhookAzureDevOpsUsername string `json:"webhookAzureDevOpsUsername,omitempty"`
	// WebhookAzureDevOpsPassword holds the password for authenticating Azure DevOps webhook events
	WebhookAzureDevOpsPassword string `json:"webhookAzureDevOpsPassword,omitempty"`
	// Secrets holds all secrets in argocd-secret as a map[string]string
	Secrets map[string]string `json:"secrets,omitempty"`
	// KustomizeBuildOptions is a string of kustomize build parameters
	KustomizeBuildOptions string `json:"kustomizeBuildOptions,omitempty"`
	// Indicates if anonymous user is enabled or not
	AnonymousUserEnabled bool `json:"anonymousUserEnabled,omitempty"`
	// Specifies token expiration duration
	UserSessionDuration time.Duration `json:"userSessionDuration,omitempty"`
	// UiCssURL local or remote path to user-defined CSS to customize ArgoCD UI
	UiCssURL string `json:"uiCssURL,omitempty"` //nolint:revive //FIXME(var-naming)
	// Content of UI Banner
	UiBannerContent string `json:"uiBannerContent,omitempty"` //nolint:revive //FIXME(var-naming)
	// URL for UI Banner
	UiBannerURL string `json:"uiBannerURL,omitempty"` //nolint:revive //FIXME(var-naming)
	// Make Banner permanent and not closeable
	UiBannerPermanent bool `json:"uiBannerPermanent,omitempty"` //nolint:revive //FIXME(var-naming)
	// Position of UI Banner
	UiBannerPosition string `json:"uiBannerPosition,omitempty"` //nolint:revive //FIXME(var-naming)
	// PasswordPattern for password regular expression
	PasswordPattern string `json:"passwordPattern,omitempty"`
	// BinaryUrls contains the URLs for downloading argocd binaries
	BinaryUrls map[string]string `json:"binaryUrls,omitempty"`
	// InClusterEnabled indicates whether to allow in-cluster server address
	InClusterEnabled bool `json:"inClusterEnabled"`
	// ServerRBACLogEnforceEnable temporary var indicates whether rbac will be enforced on logs
	ServerRBACLogEnforceEnable bool `json:"serverRBACLogEnforceEnable"`
	// MaxPodLogsToRender the maximum number of pod logs to render
	MaxPodLogsToRender int64 `json:"maxPodLogsToRender"`
	// ExecEnabled indicates whether the UI exec feature is enabled
	ExecEnabled bool `json:"execEnabled"`
	// ExecShells restricts which shells are allowed for `exec` and in which order they are tried
	ExecShells []string `json:"execShells"`
	// TrackingMethod defines the resource tracking method to be used
	TrackingMethod string `json:"application.resourceTrackingMethod,omitempty"`
	// OIDCTLSInsecureSkipVerify determines whether certificate verification is skipped when verifying tokens with the
	// configured OIDC provider (either external or the bundled Dex instance). Setting this to `true` will cause JWT
	// token verification to pass despite the OIDC provider having an invalid certificate. Only set to `true` if you
	// understand the risks.
	OIDCTLSInsecureSkipVerify bool `json:"oidcTLSInsecureSkipVerify"`
	// AppsInAnyNamespaceEnabled indicates whether applications are allowed to be created in any namespace
	AppsInAnyNamespaceEnabled bool `json:"appsInAnyNamespaceEnabled"`
	// ExtensionConfig configurations related to ArgoCD proxy extensions. The keys are the extension name.
	// The value is a yaml string defined in extension.ExtensionConfigs struct.
	ExtensionConfig map[string]string `json:"extensionConfig,omitempty"`
	// ImpersonationEnabled indicates whether Application sync privileges can be decoupled from control plane
	// privileges using impersonation
	ImpersonationEnabled bool `json:"impersonationEnabled"`
}

ArgoCDSettings holds in-memory runtime configuration options.

func (*ArgoCDSettings) ArgoURLForRequest 

func (a *ArgoCDSettings) ArgoURLForRequest(r *http.Request) (string, error)

func (*ArgoCDSettings) DexOAuth2ClientSecret 

func (a *ArgoCDSettings) DexOAuth2ClientSecret() string

DexOAuth2ClientSecret calculates an arbitrary, but predictable OAuth2 client secret string derived from the server secret. This is called by the dex startup wrapper (argocd-dex rundex), as well as the API server, such that they both independently come to the same conclusion of what the OAuth2 shared client secret should be.

func (*ArgoCDSettings) DexRedirectURL 

func (a *ArgoCDSettings) DexRedirectURL() (string, error)

func (*ArgoCDSettings) GetServerEncryptionKey 

func (a *ArgoCDSettings) GetServerEncryptionKey() ([]byte, error)

GetServerEncryptionKey generates a new server encryption key using the server signature as a passphrase

func (*ArgoCDSettings) GetWebhookAzureDevOpsPassword added in v3.2.0 

func (a *ArgoCDSettings) GetWebhookAzureDevOpsPassword() string

GetWebhookAzureDevOpsPassword returns the resolved Azure DevOps webhook password

func (*ArgoCDSettings) GetWebhookAzureDevOpsUsername added in v3.2.0 

func (a *ArgoCDSettings) GetWebhookAzureDevOpsUsername() string

GetWebhookAzureDevOpsUsername returns the resolved Azure DevOps webhook username

func (*ArgoCDSettings) GetWebhookBitbucketServerSecret added in v3.2.0 

func (a *ArgoCDSettings) GetWebhookBitbucketServerSecret() string

GetWebhookBitbucketServerSecret returns the resolved Bitbucket Server webhook secret

func (*ArgoCDSettings) GetWebhookBitbucketUUID added in v3.2.0 

func (a *ArgoCDSettings) GetWebhookBitbucketUUID() string

GetWebhookBitbucketUUID returns the resolved Bitbucket webhook UUID

func (*ArgoCDSettings) GetWebhookGitHubSecret added in v3.2.0 

func (a *ArgoCDSettings) GetWebhookGitHubSecret() string

GetWebhookGitHubSecret returns the resolved GitHub webhook secret

func (*ArgoCDSettings) GetWebhookGitLabSecret added in v3.2.0 

func (a *ArgoCDSettings) GetWebhookGitLabSecret() string

GetWebhookGitLabSecret returns the resolved GitLab webhook secret

func (*ArgoCDSettings) GetWebhookGogsSecret added in v3.2.0 

func (a *ArgoCDSettings) GetWebhookGogsSecret() string

GetWebhookGogsSecret returns the resolved Gogs webhook secret

func (*ArgoCDSettings) IsDexConfigured 

func (a *ArgoCDSettings) IsDexConfigured() bool

func (*ArgoCDSettings) IsSSOConfigured 

func (a *ArgoCDSettings) IsSSOConfigured() bool

IsSSOConfigured returns whether or not single-sign-on is configured

func (*ArgoCDSettings) IssuerURL 

func (a *ArgoCDSettings) IssuerURL() string

func (*ArgoCDSettings) OAuth2AllowedAudiences 

func (a *ArgoCDSettings) OAuth2AllowedAudiences() []string

OAuth2AllowedAudiences returns a list of audiences that are allowed for the OAuth2 client. If the user has not explicitly configured the list of audiences (or has configured an empty list), then the OAuth2 client ID is returned as the only allowed audience. When using the bundled Dex, that client ID is always "argo-cd".

func (*ArgoCDSettings) OAuth2ClientID 

func (a *ArgoCDSettings) OAuth2ClientID() string

func (*ArgoCDSettings) OAuth2ClientSecret 

func (a *ArgoCDSettings) OAuth2ClientSecret() string

func (*ArgoCDSettings) OAuth2UsePKCE added in v3.1.0 

func (a *ArgoCDSettings) OAuth2UsePKCE() bool

func (*ArgoCDSettings) OIDCConfig 

func (a *ArgoCDSettings) OIDCConfig() *OIDCConfig

func (*ArgoCDSettings) OIDCTLSConfig 

func (a *ArgoCDSettings) OIDCTLSConfig() *tls.Config

OIDCTLSConfig returns the TLS config for the OIDC provider. If an external provider is configured, returns a TLS config using the root CAs (if any) specified in the OIDC config. If an external OIDC provider is not configured, returns the API server TLS config, because the API server proxies requests to Dex.

func (*ArgoCDSettings) RedirectAdditionalURLs 

func (a *ArgoCDSettings) RedirectAdditionalURLs() ([]string, error)

func (*ArgoCDSettings) RedirectURL 

func (a *ArgoCDSettings) RedirectURL() (string, error)

func (*ArgoCDSettings) RedirectURLForRequest 

func (a *ArgoCDSettings) RedirectURLForRequest(r *http.Request) (string, error)

func (*ArgoCDSettings) SkipAudienceCheckWhenTokenHasNoAudience 

func (a *ArgoCDSettings) SkipAudienceCheckWhenTokenHasNoAudience() bool

func (*ArgoCDSettings) TLSConfig 

func (a *ArgoCDSettings) TLSConfig() *tls.Config

TLSConfig returns a tls.Config with the configured certificates

func (*ArgoCDSettings) UseAzureWorkloadIdentity 

func (a *ArgoCDSettings) UseAzureWorkloadIdentity() bool

func (*ArgoCDSettings) UserInfoCacheExpiration 

func (a *ArgoCDSettings) UserInfoCacheExpiration() time.Duration

UserInfoCacheExpiration returns the expiry time of the UserInfo cache

func (*ArgoCDSettings) UserInfoGroupsEnabled 

func (a *ArgoCDSettings) UserInfoGroupsEnabled() bool

UserInfoGroupsEnabled returns whether group claims should be fetch from UserInfo endpoint

func (*ArgoCDSettings) UserInfoPath 

func (a *ArgoCDSettings) UserInfoPath() string

UserInfoPath returns the sub-path on which the IDP exposes the UserInfo endpoint

type AzureOIDCConfig 

type AzureOIDCConfig struct {
	UseWorkloadIdentity bool `json:"useWorkloadIdentity,omitempty"`
}
type DeepLink struct {
	// URL that the deep link will redirect to
	URL string `json:"url"`
	// Title that will be displayed in the UI corresponding to that link
	Title string `json:"title"`
	// Description (optional) a description for what the deep link is about
	Description *string `json:"description,omitempty"`
	// IconClass (optional) a font-awesome icon class to be used when displaying the links in dropdown menus.
	IconClass *string `json:"icon.class,omitempty"`
	// Condition (optional) a conditional statement depending on which the deep link shall be rendered
	Condition *string `json:"if,omitempty"`
}

DeepLink structure

type FilteredResource 

type FilteredResource struct {
	APIGroups []string `json:"apiGroups,omitempty"`
	Kinds     []string `json:"kinds,omitempty"`
	Clusters  []string `json:"clusters,omitempty"`
}

func (FilteredResource) Match 

func (r FilteredResource) Match(apiGroup, kind, cluster string) bool

func (FilteredResource) MatchCluster 

func (r FilteredResource) MatchCluster(cluster string) bool

type GlobalProjectSettings 

type GlobalProjectSettings struct {
	ProjectName   string               `json:"projectName,omitempty"`
	LabelSelector metav1.LabelSelector `json:"labelSelector,omitempty"`
}

type GoogleAnalytics 

type GoogleAnalytics struct {
	TrackingID     string `json:"trackingID,omitempty"`
	AnonymizeUsers bool   `json:"anonymizeUsers,omitempty"`
}

type HelmRepoCredentials 

type HelmRepoCredentials struct {
	URL            string                    `json:"url,omitempty"`
	Name           string                    `json:"name,omitempty"`
	UsernameSecret *corev1.SecretKeySelector `json:"usernameSecret,omitempty"`
	PasswordSecret *corev1.SecretKeySelector `json:"passwordSecret,omitempty"`
	CertSecret     *corev1.SecretKeySelector `json:"certSecret,omitempty"`
	KeySecret      *corev1.SecretKeySelector `json:"keySecret,omitempty"`
}

DEPRECATED. Helm repository credentials are now managed using RepoCredentials

type Help 

type Help struct {
	// the URL for getting chat help, this will typically be your Slack channel for support
	ChatURL string `json:"chatUrl,omitempty"`
	// the text for getting chat help, defaults to "Chat now!"
	ChatText string `json:"chatText,omitempty"`
	// the URLs for downloading argocd binaries
	BinaryURLs map[string]string `json:"binaryUrl,omitempty"`
}

Help settings

type IgnoreStatus 

type IgnoreStatus string
const (
	// IgnoreResourceStatusInCRD ignores status changes for all CRDs
	IgnoreResourceStatusInCRD IgnoreStatus = "crd"
	// IgnoreResourceStatusInAll ignores status changes for all resources
	IgnoreResourceStatusInAll IgnoreStatus = "all"
	// IgnoreResourceStatusInNone ignores status changes for no resources
	IgnoreResourceStatusInNone IgnoreStatus = "none"
)

type KustomizeVersionNotRegisteredError added in v3.2.0 

type KustomizeVersionNotRegisteredError struct {
	// Version is the Kustomize version that is not registered
	Version string
}

KustomizeVersionNotRegisteredError is an error type that indicates a requested Kustomize version is not registered in the Kustomize options in argocd-cm.

func (KustomizeVersionNotRegisteredError) Error added in v3.2.0 

func (e KustomizeVersionNotRegisteredError) Error() string

type OIDCConfig 

type OIDCConfig struct {
	Name                     string                 `json:"name,omitempty"`
	Issuer                   string                 `json:"issuer,omitempty"`
	ClientID                 string                 `json:"clientID,omitempty"`
	ClientSecret             string                 `json:"clientSecret,omitempty"`
	CLIClientID              string                 `json:"cliClientID,omitempty"`
	EnableUserInfoGroups     bool                   `json:"enableUserInfoGroups,omitempty"`
	UserInfoPath             string                 `json:"userInfoPath,omitempty"`
	UserInfoCacheExpiration  string                 `json:"userInfoCacheExpiration,omitempty"`
	RequestedScopes          []string               `json:"requestedScopes,omitempty"`
	RequestedIDTokenClaims   map[string]*oidc.Claim `json:"requestedIDTokenClaims,omitempty"`
	LogoutURL                string                 `json:"logoutURL,omitempty"`
	RootCA                   string                 `json:"rootCA,omitempty"`
	EnablePKCEAuthentication bool                   `json:"enablePKCEAuthentication,omitempty"`
	DomainHint               string                 `json:"domainHint,omitempty"`
	Azure                    *AzureOIDCConfig       `json:"azure,omitempty"`
}

type Repository 

type Repository struct {
	// The URL to the repository
	URL string `json:"url,omitempty"`
	// the type of the repo, "git" or "helm", assumed to be "git" if empty or absent
	Type string `json:"type,omitempty"`
	// helm only
	Name string `json:"name,omitempty"`
	// Name of the secret storing the username used to access the repo
	UsernameSecret *corev1.SecretKeySelector `json:"usernameSecret,omitempty"`
	// Name of the secret storing the password used to access the repo
	PasswordSecret *corev1.SecretKeySelector `json:"passwordSecret,omitempty"`
	// Name of the secret storing the SSH private key used to access the repo. Git only
	SSHPrivateKeySecret *corev1.SecretKeySelector `json:"sshPrivateKeySecret,omitempty"`
	// Whether to connect the repository in an insecure way (deprecated)
	InsecureIgnoreHostKey bool `json:"insecureIgnoreHostKey,omitempty"`
	// Whether to connect the repository in an insecure way
	Insecure bool `json:"insecure,omitempty"`
	// Whether the repo is git-lfs enabled. Git only.
	EnableLFS bool `json:"enableLfs,omitempty"`
	// Name of the secret storing the TLS client cert data
	TLSClientCertDataSecret *corev1.SecretKeySelector `json:"tlsClientCertDataSecret,omitempty"`
	// Name of the secret storing the TLS client cert's key data
	TLSClientCertKeySecret *corev1.SecretKeySelector `json:"tlsClientCertKeySecret,omitempty"`
	// Whether the repo is helm-oci enabled. Git only.
	EnableOci bool `json:"enableOci,omitempty"`
	// Github App Private Key PEM data
	GithubAppPrivateKeySecret *corev1.SecretKeySelector `json:"githubAppPrivateKeySecret,omitempty"`
	// Github App ID of the app used to access the repo
	GithubAppId int64 `json:"githubAppID,omitempty"`
	// Github App Installation ID of the installed GitHub App
	GithubAppInstallationId int64 `json:"githubAppInstallationID,omitempty"`
	// Github App Enterprise base url if empty will default to https://api.github.com
	GithubAppEnterpriseBaseURL string `json:"githubAppEnterpriseBaseUrl,omitempty"`
	// Proxy specifies the HTTP/HTTPS proxy used to access the repo
	Proxy string `json:"proxy,omitempty"`
	// NoProxy specifies a list of targets where the proxy isn't used, applies only in cases where the proxy is applied
	NoProxy string `json:"noProxy,omitempty"`
	// GCPServiceAccountKey specifies the service account key in JSON format to be used for getting credentials to Google Cloud Source repos
	GCPServiceAccountKey *corev1.SecretKeySelector `json:"gcpServiceAccountKey,omitempty"`
	// ForceHttpBasicAuth determines whether Argo CD should force use of basic auth for HTTP connected repositories
	ForceHttpBasicAuth bool `json:"forceHttpBasicAuth,omitempty"` //nolint:revive //FIXME(var-naming)
	// UseAzureWorkloadIdentity specifies whether to use Azure Workload Identity for authentication
	UseAzureWorkloadIdentity bool `json:"useAzureWorkloadIdentity,omitempty"`
}

Credentials for accessing a Git repository

type RepositoryCredentials 

type RepositoryCredentials struct {
	// The URL pattern the repository URL has to match
	URL string `json:"url,omitempty"`
	// Name of the secret storing the username used to access the repo
	UsernameSecret *corev1.SecretKeySelector `json:"usernameSecret,omitempty"`
	// Name of the secret storing the password used to access the repo
	PasswordSecret *corev1.SecretKeySelector `json:"passwordSecret,omitempty"`
	// Name of the secret storing the SSH private key used to access the repo. Git only
	SSHPrivateKeySecret *corev1.SecretKeySelector `json:"sshPrivateKeySecret,omitempty"`
	// Name of the secret storing the TLS client cert data
	TLSClientCertDataSecret *corev1.SecretKeySelector `json:"tlsClientCertDataSecret,omitempty"`
	// Name of the secret storing the TLS client cert's key data
	TLSClientCertKeySecret *corev1.SecretKeySelector `json:"tlsClientCertKeySecret,omitempty"`
	// Github App Private Key PEM data
	GithubAppPrivateKeySecret *corev1.SecretKeySelector `json:"githubAppPrivateKeySecret,omitempty"`
	// Github App ID of the app used to access the repo
	GithubAppId int64 `json:"githubAppID,omitempty"`
	// Github App Installation ID of the installed GitHub App
	GithubAppInstallationId int64 `json:"githubAppInstallationID,omitempty"`
	// Github App Enterprise base url if empty will default to https://api.github.com
	GithubAppEnterpriseBaseURL string `json:"githubAppEnterpriseBaseUrl,omitempty"`
	// EnableOCI specifies whether helm-oci support should be enabled for this repo
	EnableOCI bool `json:"enableOCI,omitempty"`
	// the type of the repositoryCredentials, "git" or "helm", assumed to be "git" if empty or absent
	Type string `json:"type,omitempty"`
	// GCPServiceAccountKey specifies the service account key in JSON format to be used for getting credentials to Google Cloud Source repos
	GCPServiceAccountKey *corev1.SecretKeySelector `json:"gcpServiceAccountKey,omitempty"`
	// ForceHttpBasicAuth determines whether Argo CD should force use of basic auth for HTTP connected repositories
	ForceHttpBasicAuth bool `json:"forceHttpBasicAuth,omitempty"` //nolint:revive //FIXME(var-naming)
	// UseAzureWorkloadIdentity specifies whether to use Azure Workload Identity for authentication
	UseAzureWorkloadIdentity bool `json:"useAzureWorkloadIdentity,omitempty"`
}

Credential template for accessing repositories

type ResourcesFilter 

type ResourcesFilter struct {
	// ResourceExclusions holds the api groups, kinds per cluster to exclude from Argo CD's watch
	ResourceExclusions []FilteredResource
	// ResourceInclusions holds the only api groups, kinds per cluster that Argo CD will watch
	ResourceInclusions []FilteredResource
}

func (*ResourcesFilter) IsExcludedResource 

func (rf *ResourcesFilter) IsExcludedResource(apiGroup, kind, cluster string) bool

Behavior of this function is as follows: +-------------+-------------+-------------+ | Inclusions | Exclusions | Result | +-------------+-------------+-------------+ | Empty | Empty | Allowed | +-------------+-------------+-------------+ | Present | Empty | Allowed | +-------------+-------------+-------------+ | Not Present | Empty | Not Allowed | +-------------+-------------+-------------+ | Empty | Present | Not Allowed | +-------------+-------------+-------------+ | Empty | Not Present | Allowed | +-------------+-------------+-------------+ | Present | Not Present | Allowed | +-------------+-------------+-------------+ | Not Present | Present | Not Allowed | +-------------+-------------+-------------+ | Not Present | Not Present | Not Allowed | +-------------+-------------+-------------+ | Present | Present | Not Allowed | +-------------+-------------+-------------+

type SettingsManager 

type SettingsManager struct {
	// contains filtered or unexported fields
}

SettingsManager holds config info for a new manager with which to access Kubernetes ConfigMaps.

func NewSettingsManager 

func NewSettingsManager(ctx context.Context, clientset kubernetes.Interface, namespace string, opts ...SettingsManagerOpts) *SettingsManager

NewSettingsManager generates a new SettingsManager pointer and returns it

func (*SettingsManager) AddAccount 

func (mgr *SettingsManager) AddAccount(name string, account Account) error

AddAccount save an account with the given name and properties.

func (*SettingsManager) ApplicationFineGrainedRBACInheritanceDisabled 

func (mgr *SettingsManager) ApplicationFineGrainedRBACInheritanceDisabled() (bool, error)

func (*SettingsManager) GetAccount 

func (mgr *SettingsManager) GetAccount(name string) (*Account, error)

GetAccount return an account info by the specified name.

func (*SettingsManager) GetAccounts 

func (mgr *SettingsManager) GetAccounts() (map[string]Account, error)

GetAccounts returns list of configured accounts

func (*SettingsManager) GetAllowedNodeLabels added in v3.1.0 

func (mgr *SettingsManager) GetAllowedNodeLabels() []string

func (*SettingsManager) GetAppInstanceLabelKey 

func (mgr *SettingsManager) GetAppInstanceLabelKey() (string, error)

func (*SettingsManager) GetConfigMapByName 

func (mgr *SettingsManager) GetConfigMapByName(configMapName string) (*corev1.ConfigMap, error)

Returns the ConfigMap with the given name from the cluster. The ConfigMap must be labeled with "app.kubernetes.io/part-of: argocd" in order to be retrievable. 

func (mgr *SettingsManager) GetDeepLinks(deeplinkType string) ([]DeepLink, error)

func (*SettingsManager) GetEnabledSourceTypes 

func (mgr *SettingsManager) GetEnabledSourceTypes() (map[string]bool, error)

func (*SettingsManager) GetExcludeEventLabelKeys 

func (mgr *SettingsManager) GetExcludeEventLabelKeys() []string

func (*SettingsManager) GetGlobalProjectsSettings 

func (mgr *SettingsManager) GetGlobalProjectsSettings() ([]GlobalProjectSettings, error)

GetGlobalProjectsSettings loads the global project settings from argocd-cm ConfigMap

func (*SettingsManager) GetGoogleAnalytics 

func (mgr *SettingsManager) GetGoogleAnalytics() (*GoogleAnalytics, error)

func (*SettingsManager) GetHelmSettings 

func (mgr *SettingsManager) GetHelmSettings() (*v1alpha1.HelmOptions, error)

GetHelmSettings returns helm settings

func (*SettingsManager) GetHelp 

func (mgr *SettingsManager) GetHelp() (*Help, error)

func (*SettingsManager) GetIgnoreResourceUpdatesOverrides 

func (mgr *SettingsManager) GetIgnoreResourceUpdatesOverrides() (map[string]v1alpha1.ResourceOverride, error)

func (*SettingsManager) GetIncludeEventLabelKeys 

func (mgr *SettingsManager) GetIncludeEventLabelKeys() []string

func (*SettingsManager) GetInstallationID 

func (mgr *SettingsManager) GetInstallationID() (string, error)

func (*SettingsManager) GetIsIgnoreResourceUpdatesEnabled 

func (mgr *SettingsManager) GetIsIgnoreResourceUpdatesEnabled() (bool, error)

func (*SettingsManager) GetKustomizeSettings 

func (mgr *SettingsManager) GetKustomizeSettings() (*v1alpha1.KustomizeOptions, error)

GetKustomizeSettings loads the kustomize settings from argocd-cm ConfigMap

func (*SettingsManager) GetMaxPodLogsToRender 

func (mgr *SettingsManager) GetMaxPodLogsToRender() (int64, error)

func (*SettingsManager) GetMaxWebhookPayloadSize 

func (mgr *SettingsManager) GetMaxWebhookPayloadSize() int64

func (*SettingsManager) GetNamespace 

func (mgr *SettingsManager) GetNamespace() string

func (*SettingsManager) GetPasswordPattern 

func (mgr *SettingsManager) GetPasswordPattern() (string, error)

func (*SettingsManager) GetResourceCompareOptions 

func (mgr *SettingsManager) GetResourceCompareOptions() (ArgoCDDiffOptions, error)

GetResourceCompareOptions loads the resource compare options settings from the ConfigMap

func (*SettingsManager) GetResourceCustomLabels 

func (mgr *SettingsManager) GetResourceCustomLabels() ([]string, error)

func (*SettingsManager) GetResourceOverrides 

func (mgr *SettingsManager) GetResourceOverrides() (map[string]v1alpha1.ResourceOverride, error)

GetResourceOverrides loads Resource Overrides from argocd-cm ConfigMap

func (*SettingsManager) GetResourcesFilter 

func (mgr *SettingsManager) GetResourcesFilter() (*ResourcesFilter, error)

func (*SettingsManager) GetSecretByName 

func (mgr *SettingsManager) GetSecretByName(secretName string) (*corev1.Secret, error)

GetSecretByName returns the Secret with the given name from the cluster.

func (*SettingsManager) GetSecretsInformer 

func (mgr *SettingsManager) GetSecretsInformer() (cache.SharedIndexInformer, error)

func (*SettingsManager) GetSecretsLister 

func (mgr *SettingsManager) GetSecretsLister() (v1listers.SecretLister, error)

func (*SettingsManager) GetSensitiveAnnotations 

func (mgr *SettingsManager) GetSensitiveAnnotations() map[string]bool

func (*SettingsManager) GetSettings 

func (mgr *SettingsManager) GetSettings() (*ArgoCDSettings, error)

GetSettings retrieves settings from the ArgoCDConfigMap and secret.

func (*SettingsManager) GetSourceHydratorCommitMessageTemplate added in v3.2.0 

func (mgr *SettingsManager) GetSourceHydratorCommitMessageTemplate() (string, error)

func (*SettingsManager) GetTrackingMethod 

func (mgr *SettingsManager) GetTrackingMethod() (string, error)

func (*SettingsManager) InitializeSettings 

func (mgr *SettingsManager) InitializeSettings(insecureModeEnabled bool) (*ArgoCDSettings, error)

InitializeSettings is used to initialize empty admin password, signature, certificate etc if missing

func (*SettingsManager) IsImpersonationEnabled 

func (mgr *SettingsManager) IsImpersonationEnabled() (bool, error)

IsImpersonationEnabled returns true if application sync with impersonation feature is enabled in argocd-cm configmap

func (*SettingsManager) RespectRBAC 

func (mgr *SettingsManager) RespectRBAC() (int, error)

func (*SettingsManager) ResyncInformers 

func (mgr *SettingsManager) ResyncInformers() error

func (*SettingsManager) SaveGPGPublicKeyData 

func (mgr *SettingsManager) SaveGPGPublicKeyData(ctx context.Context, gpgPublicKeys map[string]string) error

func (*SettingsManager) SaveSSHKnownHostsData 

func (mgr *SettingsManager) SaveSSHKnownHostsData(ctx context.Context, knownHostsList []string) error

Save the SSH known host data into the corresponding ConfigMap

func (*SettingsManager) SaveTLSCertificateData 

func (mgr *SettingsManager) SaveTLSCertificateData(ctx context.Context, tlsCertificates map[string]string) error

func (*SettingsManager) Subscribe 

func (mgr *SettingsManager) Subscribe(subCh chan<- *ArgoCDSettings)

Subscribe registers a channel in which to subscribe to settings updates

func (*SettingsManager) Unsubscribe 

func (mgr *SettingsManager) Unsubscribe(subCh chan<- *ArgoCDSettings)

Unsubscribe unregisters a channel from receiving of settings updates

func (*SettingsManager) UpdateAccount 

func (mgr *SettingsManager) UpdateAccount(name string, callback func(account *Account) error) error

UpdateAccount runs the callback function against an account that matches to the specified name and persist changes applied by the callback.

type SettingsManagerOpts 

type SettingsManagerOpts func(mgs *SettingsManager)

func WithRepoOrClusterChangedHandler 

func WithRepoOrClusterChangedHandler(handler func()) SettingsManagerOpts

type Token 

type Token struct {
	ID        string `json:"id"`
	IssuedAt  int64  `json:"iat"`
	ExpiresAt int64  `json:"exp,omitempty"`
}

Token holds the information about the generated auth token.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.