-
Notifications
You must be signed in to change notification settings - Fork 204
/
Copy pathargocd-cm.yaml
36 lines (32 loc) · 1.58 KB
/
argocd-cm.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
apiVersion: v1
kind: ConfigMap
metadata:
name: argocd-cm
data:
configManagementPlugins: |
- name: argocd-vault-plugin
generate:
command: ["argocd-vault-plugin"]
args: ["generate", "./"]
- name: argocd-vault-plugin-helm
generate:
command: ["sh", "-c"]
args: ['helm template "$ARGOCD_APP_NAME" -n "$ARGOCD_APP_NAMESPACE" . | argocd-vault-plugin generate -']
# This lets you pass args to the Helm invocation as described here: https://argocd-vault-plugin.readthedocs.io/en/stable/usage/#with-helm
# IMPORTANT: passing $helm_args effectively allows users to run arbitrary code in the Argo CD repo-server.
# Only use this when the users are completely trusted. If possible, determine which Helm arguments are needed by
# your users and explicitly pass only those arguments.
- name: argocd-vault-plugin-helm-with-args
generate:
command: ["sh", "-c"]
args: ['helm template "$ARGOCD_APP_NAME" -n "$ARGOCD_APP_NAMESPACE" ${helm_args} . | argocd-vault-plugin generate -']
# This lets you pass a values file as a string as described here:
# https://argocd-vault-plugin.readthedocs.io/en/stable/usage/#with-helm
- name: argocd-vault-plugin-helm-with-values
generate:
command: ["bash", "-c"]
args: ['helm template "$ARGOCD_APP_NAME" -n "$ARGOCD_APP_NAMESPACE" -f <(echo "$ARGOCD_ENV_HELM_VALUES") . | argocd-vault-plugin generate -']
- name: argocd-vault-plugin-kustomize
generate:
command: ["sh", "-c"]
args: ["kustomize build . | argocd-vault-plugin generate -"]