ArgoCD Complementary Operator

Manage your ArgoCD users and project with ease and some labels!

Add ArgocdUser CRD to be able to create static ArgoCD user for each ArgocdUser. Also, it creates ArgoCD projects based on labels you have on the namespaces beside the users defined as ArgocdUser.

How it works?

ArgoCD Project

Each ArgoCD project in Snapp is mapped into a team. For each project you need to have destinations which are namespaces that project can deploy resources on them, using this operator you can label these namespaces as follows:

apiVersion: "v1"
kind: "Namespace"
metadata:
  labels:
    argocd.snappcloud.io/appproj: A.B

Which means ArgoCD projects A and B can deploy resources into namespace NS. Also, there are some cases in which you want to create ArgoCD applications by submitting them from CLI instead of using UI. For these cases you can use ApplicationSet or you can use your team namespace. By default, ArgoCD applications are created in the user-argocd which is the namespace that (in Snapp) we deployed our ArgoCD. For having team namespace instead of user-argocd you need to label that namespace as follows:

apiVersion: "v1"
kind: "Namespace"
metadata:
  labels:
    argocd.snappcloud.io/appproj: A
    argocd.snappcloud.io/source: A

Please note that, because of the current architecture of this operator you need both of these label on the namespace.

ArgoCD User

Here is the ArgoCD user created using operator:

apiVersion: argocd.snappcloud.io/v1alpha1
kind: ArgocdUser
metadata:
  name: {{argocduserName}}
spec:
  admin:
    ciPass: ******
    users:
    - user1
    - user2
  view:
    ciPass: ******
    users:
    - user1
    - user2

Instructions

Development

• make generate update the generated code for that resource type.
• make manifests Generating CRD manifests.
• make test Run tests.

Build

Export your image name:

export IMG=ghcr.io/your-repo-path/image-name:latest

• make build builds Golang app locally.
• make docker-build build docker image locally.
• make docker-push push container image to registry.

Run, Deploy

• make run run app locally
• make deploy deploy to k8s.

Clean up

• make undeploy delete resouces in k8s.

Metrics

Metric	Notes
controller_runtime_active_workers	Number of currently used workers per controller
controller_runtime_max_concurrent_reconciles	Maximum number of concurrent reconciles per controller
controller_runtime_reconcile_errors_total	Total number of reconciliation errors per controller
controller_runtime_reconcile_time_seconds	Length of time per reconciliation per controller
controller_runtime_reconcile_total	Total number of reconciliations per controller
rest_client_request_latency_seconds	Request latency in seconds. Broken down by verb and URL.
rest_client_requests_total	Number of HTTP requests, partitioned by status code, method, and host.
workqueue_adds_total	Total number of adds handled by workqueue
workqueue_depth	Current depth of workqueue
workqueue_longest_running_processor_seconds	How many seconds has the longest running processor for workqueue been running.
workqueue_queue_duration_seconds	How long in seconds an item stays in workqueue before being requested
workqueue_retries_total	Total number of retries handled by workqueue
workqueue_unfinished_work_seconds	How many seconds of work has been done that is in progress and hasn't been observed by work_duration. Large values indicate stuck threads. One can deduce the number of stuck threads by observing the rate at which this increases.
workqueue_work_duration_seconds	How long in seconds processing an item from workqueue takes.

Security

Reporting security vulnerabilities

If you find a security vulnerability or any security related issues, please DO NOT file a public issue, instead send your report privately to [email protected]. Security reports are greatly appreciated and we will publicly thank you for it.

License

Apache-2.0 License, see LICENSE.