argoproj.v1alpha1.appProject

"AppProject provides a logical grouping of applications, providing controls for: * where the apps may deploy to (cluster whitelist) * what may be deployed (repository whitelist, resource whitelist/blacklist) * who can access these applications (roles, OIDC group claims bindings) * and what they can do (RBAC policies) * automation access to these roles (JWT tokens)"

Fields

fn new

new(name)

new returns an instance of AppProject

obj metadata

"ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create."

fn metadata.withAnnotations

withAnnotations(annotations)

"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations"

fn metadata.withAnnotationsMixin

withAnnotationsMixin(annotations)

"Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations"

Note: This function appends passed data to existing values

fn metadata.withClusterName

withClusterName(clusterName)

"The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request."

fn metadata.withCreationTimestamp

withCreationTimestamp(creationTimestamp)

"Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers."

fn metadata.withDeletionGracePeriodSeconds

withDeletionGracePeriodSeconds(deletionGracePeriodSeconds)

"Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only."

fn metadata.withDeletionTimestamp

withDeletionTimestamp(deletionTimestamp)

"Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers."

fn metadata.withFinalizers

withFinalizers(finalizers)

"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list."

fn metadata.withFinalizersMixin

withFinalizersMixin(finalizers)

"Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list."

Note: This function appends passed data to existing values

fn metadata.withGenerateName

withGenerateName(generateName)

"GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency"

fn metadata.withGeneration

withGeneration(generation)

"A sequence number representing a specific generation of the desired state. Populated by the system. Read-only."

fn metadata.withLabels

withLabels(labels)

"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels"

fn metadata.withLabelsMixin

withLabelsMixin(labels)

"Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels"

Note: This function appends passed data to existing values

fn metadata.withName

withName(name)

"Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names"

fn metadata.withNamespace

withNamespace(namespace)

"Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces"

fn metadata.withOwnerReferences

withOwnerReferences(ownerReferences)

"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller."

fn metadata.withOwnerReferencesMixin

withOwnerReferencesMixin(ownerReferences)

"List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller."

Note: This function appends passed data to existing values

fn metadata.withResourceVersion

withResourceVersion(resourceVersion)

"An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency"

fn metadata.withSelfLink

withSelfLink(selfLink)

"SelfLink is a URL representing this object. Populated by the system. Read-only.\n\nDEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release."

fn metadata.withUid

withUid(uid)

"UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids"

obj spec

"AppProjectSpec is the specification of an AppProject"

fn spec.withClusterResourceBlacklist

withClusterResourceBlacklist(clusterResourceBlacklist)

"ClusterResourceBlacklist contains list of blacklisted cluster level resources"

fn spec.withClusterResourceBlacklistMixin

withClusterResourceBlacklistMixin(clusterResourceBlacklist)

"ClusterResourceBlacklist contains list of blacklisted cluster level resources"

Note: This function appends passed data to existing values

fn spec.withClusterResourceWhitelist

withClusterResourceWhitelist(clusterResourceWhitelist)

"ClusterResourceWhitelist contains list of whitelisted cluster level resources"

fn spec.withClusterResourceWhitelistMixin

withClusterResourceWhitelistMixin(clusterResourceWhitelist)

"ClusterResourceWhitelist contains list of whitelisted cluster level resources"

Note: This function appends passed data to existing values

fn spec.withDescription

withDescription(description)

"Description contains optional project description"

fn spec.withDestinations

withDestinations(destinations)

"Destinations contains list of destinations available for deployment"

fn spec.withDestinationsMixin

withDestinationsMixin(destinations)

"Destinations contains list of destinations available for deployment"

Note: This function appends passed data to existing values

fn spec.withNamespaceResourceBlacklist

withNamespaceResourceBlacklist(namespaceResourceBlacklist)

"NamespaceResourceBlacklist contains list of blacklisted namespace level resources"

fn spec.withNamespaceResourceBlacklistMixin

withNamespaceResourceBlacklistMixin(namespaceResourceBlacklist)

"NamespaceResourceBlacklist contains list of blacklisted namespace level resources"

Note: This function appends passed data to existing values

fn spec.withNamespaceResourceWhitelist

withNamespaceResourceWhitelist(namespaceResourceWhitelist)

"NamespaceResourceWhitelist contains list of whitelisted namespace level resources"

fn spec.withNamespaceResourceWhitelistMixin

withNamespaceResourceWhitelistMixin(namespaceResourceWhitelist)

"NamespaceResourceWhitelist contains list of whitelisted namespace level resources"

Note: This function appends passed data to existing values

fn spec.withPermitOnlyProjectScopedClusters

withPermitOnlyProjectScopedClusters(permitOnlyProjectScopedClusters)

"PermitOnlyProjectScopedClusters determines whether destinations can only reference clusters which are project-scoped"

fn spec.withRoles

withRoles(roles)

"Roles are user defined RBAC roles associated with this project"

fn spec.withRolesMixin

withRolesMixin(roles)

"Roles are user defined RBAC roles associated with this project"

Note: This function appends passed data to existing values

fn spec.withSignatureKeys

withSignatureKeys(signatureKeys)

"SignatureKeys contains a list of PGP key IDs that commits in Git must be signed with in order to be allowed for sync"

fn spec.withSignatureKeysMixin

withSignatureKeysMixin(signatureKeys)

"SignatureKeys contains a list of PGP key IDs that commits in Git must be signed with in order to be allowed for sync"

Note: This function appends passed data to existing values

fn spec.withSourceNamespaces

withSourceNamespaces(sourceNamespaces)

"SourceNamespaces defines the namespaces application resources are allowed to be created in"

fn spec.withSourceNamespacesMixin

withSourceNamespacesMixin(sourceNamespaces)

"SourceNamespaces defines the namespaces application resources are allowed to be created in"

Note: This function appends passed data to existing values

fn spec.withSourceRepos

withSourceRepos(sourceRepos)

"SourceRepos contains list of repository URLs which can be used for deployment"

fn spec.withSourceReposMixin

withSourceReposMixin(sourceRepos)

"SourceRepos contains list of repository URLs which can be used for deployment"

Note: This function appends passed data to existing values

fn spec.withSyncWindows

withSyncWindows(syncWindows)

"SyncWindows controls when syncs can be run for apps in this project"

fn spec.withSyncWindowsMixin

withSyncWindowsMixin(syncWindows)

"SyncWindows controls when syncs can be run for apps in this project"

Note: This function appends passed data to existing values

obj spec.clusterResourceBlacklist

"ClusterResourceBlacklist contains list of blacklisted cluster level resources"

fn spec.clusterResourceBlacklist.withGroup

withGroup(group)

fn spec.clusterResourceBlacklist.withKind

withKind(kind)

obj spec.clusterResourceWhitelist

"ClusterResourceWhitelist contains list of whitelisted cluster level resources"

fn spec.clusterResourceWhitelist.withGroup

withGroup(group)

fn spec.clusterResourceWhitelist.withKind

withKind(kind)

obj spec.destinations

"Destinations contains list of destinations available for deployment"

fn spec.destinations.withName

withName(name)

"Name is an alternate way of specifying the target cluster by its symbolic name. This must be set if Server is not set."

fn spec.destinations.withNamespace

withNamespace(namespace)

"Namespace specifies the target namespace for the application's resources. The namespace will only be set for namespace-scoped resources that have not set a value for .metadata.namespace"

fn spec.destinations.withServer

withServer(server)

"Server specifies the URL of the target cluster's Kubernetes control plane API. This must be set if Name is not set."

obj spec.namespaceResourceBlacklist

"NamespaceResourceBlacklist contains list of blacklisted namespace level resources"

fn spec.namespaceResourceBlacklist.withGroup

withGroup(group)

fn spec.namespaceResourceBlacklist.withKind

withKind(kind)

obj spec.namespaceResourceWhitelist

"NamespaceResourceWhitelist contains list of whitelisted namespace level resources"

fn spec.namespaceResourceWhitelist.withGroup

withGroup(group)

fn spec.namespaceResourceWhitelist.withKind

withKind(kind)

obj spec.orphanedResources

"OrphanedResources specifies if controller should monitor orphaned resources of apps in this project"

fn spec.orphanedResources.withIgnore

withIgnore(ignore)

"Ignore contains a list of resources that are to be excluded from orphaned resources monitoring"

fn spec.orphanedResources.withIgnoreMixin

withIgnoreMixin(ignore)

"Ignore contains a list of resources that are to be excluded from orphaned resources monitoring"

Note: This function appends passed data to existing values

fn spec.orphanedResources.withWarn

withWarn(warn)

"Warn indicates if warning condition should be created for apps which have orphaned resources"

obj spec.orphanedResources.ignore

"Ignore contains a list of resources that are to be excluded from orphaned resources monitoring"

fn spec.orphanedResources.ignore.withGroup

withGroup(group)

fn spec.orphanedResources.ignore.withKind

withKind(kind)

fn spec.orphanedResources.ignore.withName

withName(name)

obj spec.roles

"Roles are user defined RBAC roles associated with this project"

fn spec.roles.withDescription

withDescription(description)

"Description is a description of the role"

fn spec.roles.withGroups

withGroups(groups)

"Groups are a list of OIDC group claims bound to this role"

fn spec.roles.withGroupsMixin

withGroupsMixin(groups)

"Groups are a list of OIDC group claims bound to this role"

Note: This function appends passed data to existing values

fn spec.roles.withJwtTokens

withJwtTokens(jwtTokens)

"JWTTokens are a list of generated JWT tokens bound to this role"

fn spec.roles.withJwtTokensMixin

withJwtTokensMixin(jwtTokens)

"JWTTokens are a list of generated JWT tokens bound to this role"

Note: This function appends passed data to existing values

fn spec.roles.withName

withName(name)

"Name is a name for this role"

fn spec.roles.withPolicies

withPolicies(policies)

"Policies Stores a list of casbin formatted strings that define access policies for the role in the project"

fn spec.roles.withPoliciesMixin

withPoliciesMixin(policies)

"Policies Stores a list of casbin formatted strings that define access policies for the role in the project"

Note: This function appends passed data to existing values

obj spec.roles.jwtTokens

"JWTTokens are a list of generated JWT tokens bound to this role"

fn spec.roles.jwtTokens.withExp

withExp(exp)

fn spec.roles.jwtTokens.withIat

withIat(iat)

fn spec.roles.jwtTokens.withId

withId(id)

obj spec.signatureKeys

"SignatureKeys contains a list of PGP key IDs that commits in Git must be signed with in order to be allowed for sync"

fn spec.signatureKeys.withKeyID

withKeyID(keyID)

"The ID of the key in hexadecimal notation"

obj spec.syncWindows

"SyncWindows controls when syncs can be run for apps in this project"

fn spec.syncWindows.withApplications

withApplications(applications)

"Applications contains a list of applications that the window will apply to"

fn spec.syncWindows.withApplicationsMixin

withApplicationsMixin(applications)

"Applications contains a list of applications that the window will apply to"

Note: This function appends passed data to existing values

fn spec.syncWindows.withClusters

withClusters(clusters)

"Clusters contains a list of clusters that the window will apply to"

fn spec.syncWindows.withClustersMixin

withClustersMixin(clusters)

"Clusters contains a list of clusters that the window will apply to"

Note: This function appends passed data to existing values

fn spec.syncWindows.withDuration

withDuration(duration)

"Duration is the amount of time the sync window will be open"

fn spec.syncWindows.withKind

withKind(kind)

"Kind defines if the window allows or blocks syncs"

fn spec.syncWindows.withManualSync

withManualSync(manualSync)

"ManualSync enables manual syncs when they would otherwise be blocked"

fn spec.syncWindows.withNamespaces

withNamespaces(namespaces)

"Namespaces contains a list of namespaces that the window will apply to"

fn spec.syncWindows.withNamespacesMixin

withNamespacesMixin(namespaces)

"Namespaces contains a list of namespaces that the window will apply to"

Note: This function appends passed data to existing values

fn spec.syncWindows.withSchedule

withSchedule(schedule)

"Schedule is the time the window will begin, specified in cron format"

fn spec.syncWindows.withTimeZone

withTimeZone(timeZone)

"TimeZone of the sync that will be applied to the schedule"