feat(manager/argocd): Add support for Kustomize image overrides (#27670)

Co-authored-by: Michael Kriese <[email protected]>
Co-authored-by: Rhys Arkins <[email protected]>

lib/modules/manager/argocd/__fixtures__/validApplication.yml

@@ -30,12 +30,18 @@ spec:
     repoURL: gs://helm-charts-internal
     targetRevision: 0.0.2
 ---
+# application with kustomize image overrides
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 spec:
   source:
     repoURL: https://git.example.com/foo/bar.git
     targetRevision: v1.2.0
+    kustomize:
+      images:
+        - someImage=somecontainer.registry.io/someContainer:v2.3.4
+        - otherImage=othercontainer.registry.io/other/container@sha256:8be5de38826b494a8ad1565b8d1eb49183d736d0277a89191bd1100d78479a42
+        - notActuallyValidAndShouldBeIgnored
 ---
 # malformed application as the source section is missing
 apiVersion: argoproj.io/v1alpha1

lib/modules/manager/argocd/extract.spec.ts

@@ -108,6 +108,24 @@ spec:
             datasource: 'git-tags',
             depName: 'https://git.example.com/foo/bar.git',
           },
+          {
+            autoReplaceStringTemplate:
+              '{{depName}}{{#if newValue}}:{{newValue}}{{/if}}{{#if newDigest}}@{{newDigest}}{{/if}}',
+            currentValue: 'v2.3.4',
+            datasource: 'docker',
+            depName: 'somecontainer.registry.io/someContainer',
+            replaceString: 'somecontainer.registry.io/someContainer:v2.3.4',
+          },
+          {
+            autoReplaceStringTemplate:
+              '{{depName}}{{#if newValue}}:{{newValue}}{{/if}}{{#if newDigest}}@{{newDigest}}{{/if}}',
+            currentDigest:
+              'sha256:8be5de38826b494a8ad1565b8d1eb49183d736d0277a89191bd1100d78479a42',
+            datasource: 'docker',
+            depName: 'othercontainer.registry.io/other/container',
+            replaceString:
+              'othercontainer.registry.io/other/container@sha256:8be5de38826b494a8ad1565b8d1eb49183d736d0277a89191bd1100d78479a42',
+          },
           {
             currentValue: '1.2.0',
             datasource: 'docker',

lib/modules/manager/argocd/extract.ts

@@ -1,11 +1,13 @@
 import is from '@sindresorhus/is';
 import { logger } from '../../../logger';
 import { coerceArray } from '../../../util/array';
+import { regEx } from '../../../util/regex';
 import { trimTrailingSlash } from '../../../util/url';
 import { parseYaml } from '../../../util/yaml';
 import { DockerDatasource } from '../../datasource/docker';
 import { GitTagsDatasource } from '../../datasource/git-tags';
 import { HelmDatasource } from '../../datasource/helm';
+import { getDep } from '../dockerfile/extract';
 import { isOCIRegistry, removeOCIPrefix } from '../helmv3/oci';
 import type {
   ExtractConfig,
@@ -19,6 +21,8 @@ import {
 } from './schema';
 import { fileTestRegex } from './util';
 
+const kustomizeImageRe = regEx(/=(?<image>.+)$/);
+
 export function extractPackageFile(
   content: string,
   packageFile: string,
@@ -49,33 +53,48 @@ export function extractPackageFile(
   return deps.length ? { deps } : null;
 }
 
-function processSource(source: ApplicationSource): PackageDependency | null {
+function processSource(source: ApplicationSource): PackageDependency[] {
   // a chart variable is defined this is helm declaration
   if (source.chart) {
     // assume OCI helm chart if repoURL doesn't contain explicit protocol
     if (isOCIRegistry(source.repoURL) || !source.repoURL.includes('://')) {
       const registryURL = trimTrailingSlash(removeOCIPrefix(source.repoURL));
 
-      return {
-        depName: `${registryURL}/${source.chart}`,
-        currentValue: source.targetRevision,
-        datasource: DockerDatasource.id,
-      };
+      return [
+        {
+          depName: `${registryURL}/${source.chart}`,
+          currentValue: source.targetRevision,
+          datasource: DockerDatasource.id,
+        },
+      ];
     }
 
-    return {
-      depName: source.chart,
-      registryUrls: [source.repoURL],
+    return [
+      {
+        depName: source.chart,
+        registryUrls: [source.repoURL],
+        currentValue: source.targetRevision,
+        datasource: HelmDatasource.id,
+      },
+    ];
+  }
+
+  const dependencies: PackageDependency[] = [
+    {
+      depName: source.repoURL,
       currentValue: source.targetRevision,
-      datasource: HelmDatasource.id,
-    };
+      datasource: GitTagsDatasource.id,
+    },
+  ];
+
+  // Git repo is pointing to a Kustomize resources
+  if (source.kustomize?.images) {
+    dependencies.push(
+      ...source.kustomize.images.map(processKustomizeImage).filter(is.truthy),
+    );
   }
 
-  return {
-    depName: source.repoURL,
-    currentValue: source.targetRevision,
-    datasource: GitTagsDatasource.id,
-  };
+  return dependencies;
 }
 
 function processAppSpec(
@@ -86,15 +105,26 @@ function processAppSpec(
       ? definition.spec
       : definition.spec.template.spec;
 
-  const deps: (PackageDependency | null)[] = [];
+  const deps: PackageDependency[] = [];
 
   if (is.nonEmptyObject(spec.source)) {
-    deps.push(processSource(spec.source));
+    deps.push(...processSource(spec.source));
   }
 
   for (const source of coerceArray(spec.sources)) {
-    deps.push(processSource(source));
+    deps.push(...processSource(source));
+  }
+
+  return deps;
+}
+
+function processKustomizeImage(
+  kustomizeImage: string,
+): PackageDependency | null {
+  const parts = kustomizeImageRe.exec(kustomizeImage);
+  if (!parts?.groups?.image) {
+    return null;
   }
 
-  return deps.filter(is.truthy);
+  return getDep(parts.groups.image);
 }

lib/modules/manager/argocd/schema.ts

@@ -5,10 +5,14 @@ export const KubernetesResource = z.object({
   apiVersion: z.string(),
 });
 
+export const ApplicationKustomize = z.object({
+  images: LooseArray(z.string()).optional(),
+});
 export const ApplicationSource = z.object({
   chart: z.string().optional(),
   repoURL: z.string(),
   targetRevision: z.string(),
+  kustomize: ApplicationKustomize.optional(),
 });
 export type ApplicationSource = z.infer<typeof ApplicationSource>;