Red Hat Summit Red Hat Summitサポートコンソール開発者トライアルの開始お問い合わせ

このコンテンツは選択した言語では利用できません。

Chapter 2. Argo CD custom resource and component properties

The Argo CD custom resource is a Kubernetes Custom Resource (CRD) that describes the desired state for a given Argo CD cluster and allows you to configure the components which make up an Argo CD cluster.

2.1. Argo CD custom resource properties
リンクのコピー

The Argo CD Custom Resource consists of the following properties:

Expand
NameDescriptionDefaultProperties

aggregatedClusterRoles

Use aggregated cluster roles for the Argo CD Application Controller component of a cluster-scoped instance.

false

 

applicationInstanceLabelKey

The metadata.label key name where Argo CD injects the app name as a tracking label.

app.kubernetes.io/instance

 

applicationSet

The ApplicationSet Controller configuration options.

object

  • annotations - List of custom annotations to add to pods deployed by the Operator. This field is optional.
  • enabled - The flag to use to enable the ApplicationSet Controller during the Argo CD installation.
  • env - Specify the environment for ApplicationSet Controller pods.
  • extraCommandArgs - List of additional arguments added to the existing arguments set by the Operator for the ApplicationSet workload.
  • image - The container image for the ApplicationSet Controller. This property overrides the ARGOCD_APPLICATIONSET_IMAGE environment variable.
  • labels - List of custom labels to add to pods deployed by the Operator. This field is optional.
  • logLevel - The log level used by the Argo CD Application Controller component. Valid options are debug, info, error, and warn.
  • logFormat - The log format used by the Argo CD Application Controller component. Valid options are text and json.
  • parallelismLimit - The kubectl parallelism limit to set for the controller (the --kubectl-parallelism-limit flag).
  • resources - The container compute resources.
  • scmProviders - The URLs of the allowed Source Code Manager (SCM) providers.
  • scmRootCAConfigMap - The name of the config map that stores the Gitlab SCM Provider’s TLS certificate that will be mounted on the Application Set Controller at the "/app/tls/scm/cert" path.
  • sourceNamespaces - The list of non-control plane namespaces for creating and managing Argo CD ApplicationSet resources in target namespaces.
  • version - The tag to use with the applicationSet container image.
  • volumes - List of addition volumes configured for the Argo CD ApplicationSet Controller component. This field is optional.
  • volumeMounts - List of addition volume mounts configured for the Argo CD ApplicationSet Controller component. This field is optional.
  • webhookServer - Defines the available options for the ApplicationSet webhook server.

banner

Adds a UI banner message.

object

  • banner.content - The banner message content. This content is required if a banner is displayed.
  • banner.url - An optional banner message link URL.

configManagementPlugins

Adds a configuration management plugin.

empty

 

controller

Argo CD Application Controller options.

object

  • annotations - List of custom annotations to add to pods deployed by the Operator. This field is optional.
  • appSync - AppSync is used to control the sync frequency of Argo CD applications.
  • env - Environment to set for the application controller workloads.
  • extraCommandArgs - List of arguments added to the existing arguments set by the Operator.
  • initContainers - List of init containers for the ArgoCD Application Controller component. This field is optional.
  • labels - List of custom labels to add to pods deployed by the Operator. This field is optional.
  • logLevel - The log level used by the Argo CD Application Controller component. Valid options are debug, info, error, and warn.
  • processors.operation - The number of operation processors.
  • processors.status - The number of status processors.
  • resources - The container compute resources.
  • sidecarContainers - List of sidecar containers for the ArgoCD Application Controller component. This field is optional.
  • sharding.enabled - Enable sharding on the Argo CD Application Controller component. Use this property to manage a large number of clusters and relieve memory pressure on the controller component.
  • sharding.replicas - The number of replicas that are used to support sharding of the Argo CD Application Controller.
  • sharding.dynamicScalingEnabled - Enables the dynamic scaling of the Argo CD Application Controller component. Use this property if you want the Operator to scale the number of replicas based on the number of clusters the controller component is managing. If you set this property to true, it overrides the configuration of the sharding.enabled and sharding.replicas properties.
  • sharding.minShards - The minimum number of Argo CD Application Controller replicas.
  • sharding.maxShards - The maximum number of Argo CD Application Controller replicas.
  • sharding.clustersPerShard - The number of clusters that need to be managed by each shard. When the replica count reaches the maxShards, the shards manage more than one cluster.
  • volumes - List of addition volumes configured for the Argo CD Application Controller component. This field is optional.
  • volumeMounts - List of addition volume mounts configured for the Argo CD Application Controller component. This field is optional.

disableAdmin

Disables the built-in admin user.

false

 

defaultClusterScopedRoleDisabled

Disables the creation of default cluster roles for a cluster-scoped instance.

false

 

extraConfig

Add any supplementary Argo CD settings to the argocd-cm config map that cannot be configured directly within the Argo CD custom resource.

empty

 

gaTrackingID

Use a Google Analytics tracking ID.

empty

 

gaAnonymizeUsers

Enable hashed usernames sent to Google Analytics.

false

 

ha

High-availability options.

object

  • enabled - Toggle high-availability support globally for Argo CD.
  • redisProxyImage - The Redis HAProxy container image. This property overrides the ARGOCD_REDIS_HA_PROXY_IMAGE environment variable.
  • redisProxyVersion - The tag to use for the Redis HAProxy container image.

helpChatURL

URL for getting chat help (this is typically your Slack channel for support).

https://mycorp.slack.com/argo-cd

 

helpChatText

The text that appears in a text box for getting chat help.

Chat now!

 

image

The container image for all Argo CD components. This overrides the ARGOCD_IMAGE environment variable.

argoproj/argocd

 

import

Import configuration options for Argo CD.

object

  • name - The name of an ArgoCDExport resource from which data can be imported.
  • namespace - The namespace for the ArgoCDExport resource referenced by name field. If this field is not set, the namespace of ArgoCDExport resource is set to the same namespace as Argo CD by default.

ingress

Ingress configuration options.

object

 

initialSSHKnownHosts

Defines the initial SSH Known Hosts data for Argo CD to use at cluster creation to connect to Git repositories through SSH.

default_Argo_CD_Known_Hosts

  • excludedefaulthosts - Indicates whether you want to add the default list of SSH Known Hosts provided by Argo CD.
  • keys - Describes a custom set of SSH Known Hosts that you want to incorporate into your Argo CD server.

kustomizeBuildOptions

The build options and parameters to use with kustomize build.

empty

 

kustomizeVersions

Defines a list of Kustomize versions that are configured in the Argo CD repo server container image.

empty

  • path - The path of the Kustomize version in the file system of the Argo CD repo server container image.
  • version - The Kustomize version in the vX.Y.Z format configured in the Argo CD repo server container image.

monitoring

Defines the workload status monitoring configuration for your instance.

object

  • disableMetrics - Configure this field to enable or disable the collection of metrics for your instance.
  • enabled - Indicates whether the workload status monitoring is enabled for your instance.

notifications

Notifications Controller configuration options.

object

  • enabled - The toggle to start the Notifications Controller.
  • env - The environment to set for the Notifications Controller workloads.
  • image - The container image for all Argo CD components. This property overrides the ARGOCD_IMAGE environment variable.
  • logLevel - The log level used by the Argo CD Application Controller component. Valid options are debug, info, error, and warn.
  • replicas - The number of replicas to be run for the Notifications Controller.
  • resources - The container compute resources.
  • version - The tag to use with the Notifications container image.

nodePlacement

Defines NodeSelectors and Tolerations for Argo CD workloads.

empty

  • nodeSelector - A map of key-value pairs for node selection.
  • tolerations - Tolerations allow pods to create a schedule for nodes with matching taints.

oidcConfig

The OIDC configuration as an alternative to Dex.

empty

 

prometheus

Prometheus configuration options.

object

  • enabled - Toggle Prometheus support globally for Argo CD.
  • host - The hostname to use for Ingress or Route resources.
  • ingress - Toggles ingress for Prometheus.
  • route - Route configuration options.
  • size - The replica count for the Prometheus StatefulSet.

rbac

RBAC configuration options.

object

  • defaultPolicy - The policy.default property in the argocd-rbac-cm config map. The name of the default role that Argo CD falls back to when authorizing API requests.
  • policy - The policy.csv property in the argocd-rbac-cm config map. This property includes CSV data about user-defined RBAC policies and role definitions.
  • policyMatcher - The policy.matchMode property in the argocd-rbac-cm config map. This property has two options: 'glob' for glob matcher and 'regex' for regex matcher.
  • scopes - The scopes property in the argocd-rbac-cm config map. Controls which OIDC scopes to examine during RBAC enforcement, in addition to sub scope.

redis

Redis configuration options.

object

  • autotls - Use the provider to create the Redis server’s TLS certificate. Only the openshift value is currently available.
  • disableTLSVerification - Defines whether the Redis server should be accessed using strict TLS validation.
  • image - The container image for Redis. This overrides the ARGOCD_REDIS_IMAGE environment variable.
  • resources - The container compute resources.
  • version - The tag to use with the Redis container image.

resourceActions

Customize resource action behavior.

empty

 

resourceExclusions

Completely ignore entire classes of resource group.

empty

 

resourceInclusions

The configuration to identify which resource group/kinds are applied.

empty

 

resourceHealthChecks

Customize resource health check behavior.

empty

 

resourceIgnoreDifferences

Customize resource ignore difference behavior.

empty

 

resourceTrackingMethod

The field used by Argo CD to monitor its managed resources.

label

 

server

Argo CD Server configuration options.

object

  • annotations - List of custom annotations to add to pods deployed by the Operator. This field is optional.
  • autoscale - Server autoscale configuration options.
  • env - Environment to set for the server workloads.
  • enabled - The flag to enable Argo CD server during the Argo CD installation.
  • enableRolloutsUI - When the parameter is set to true, the parameter enables the Argo Rollouts UI extension in Argo CD. The default value is set to false.
  • extraCommandArgs - List of arguments added to the existing arguments set by the Operator.
  • grpc - gRPC configuration options.
  • host - The hostname used for Ingress or Route resources.
  • initContainers - List of init containers for the Argo CD Application Controller component. This field is optional.
  • ingress - Ingress configuration for the Argo CD server component.
  • insecure - Toggles the insecure flag for Argo CD server.
  • labels - List of custom labels to add to pods deployed by the Operator. This field is optional.
  • logLevel - The log level to be used by the Argo CD server component. Valid options are debug, info, error, and warn.
  • logFormat - The log format used by the Argo CD server component. Valid options are text and json.
  • resources - The container compute resources.
  • replicas - The number of replicas for the Argo CD server. Must be greater than or equal to 0. If autoscale is enabled, replicas is ignored.
  • route - Route configuration options.
  • service.Type - The serviceType used for the service resource.
  • sidecarContainers - List of sidecar containers for the Argo CD Application Controller component. This field is optional.
  • volumes - List of addition volumes configured for the Argo CD Application Controller component. This field is optional.
  • volumeMounts - List of addition volume mounts configured for the Argo CD Application Controller component. This field is optional.

sourceNamespaces

Specifies the namespaces within which you can create application resources.

string

 

sso

Single Sign-on options.

object

  • dex - Configuration options for Dex SSO provider.
  • provider - The name of the provider used to configure Single Sign-on. Currently, the supported option is Dex.

statusBadgeEnabled

Enable application status badge.

true

 

tls

TLS configuration options.

object

  • ca.configMapName - The name of the ConfigMap which contains the CA certificate.
  • ca.secretName - The name of the secret which contains the CA certificate and key.
  • initialCerts - Initial set of certificates in the argocd-tls-certs-cm config map for connecting Git repositories through HTTPS.

usersAnonymousEnabled

Enables anonymous user access.

true

 

version

The tag to use with the container image for all Argo CD components.

 

Latest Argo CD version

2.2. Repo server properties
リンクのコピー

The following properties are available for configuring the repo server component:

Expand
NameDefaultDescription

annotations

empty

List of custom annotations to add to pods deployed by the Operator. This field is optional.

autotls

""

Provider to use to set up TLS for the repo-server’s gRPC TLS certificate. Currently, only the openshift value is acceptable.

env

empty

The environment to set for the Repo server workloads.

enabled

empty

Flag that enables the Repo server during Argo CD installation.

execTimeout

180

Execution timeout in seconds for rendering tools, for example, Helm or Kustomize.

extraRepoCommandArgs

empty

Passes command-line arguments to the Repo server workload. The command-line arguments are added to the list of arguments set by the Operator.

initContainers

empty

The number of init containers in the Argo CD Application Controller component. This field is optional.

image

argoproj/argocd

The container image for Argo CD Repo server. This property overrides the ARGOCD_REPOSERVER_IMAGE environment variable.

labels

empty

List of custom labels to add to pods deployed by the Operator. This field is optional.

logLevel

info

The log level used by the Argo CD Repo server. Valid options are debug, info, error, and warn.

logFormat

text

The log format to be used by the Argo CD repo server. Valid options are text and json.

mountsatoken

false

Defines whether the serviceaccount token should be mounted to the repo-server pod.

remote

empty

Specifies the remote URL of the Repo server container.

replicas

empty

The number of replicas for the Argo CD Repo server. Must be greater than or equal to 0.

resources

empty

The container compute resources.

serviceaccount

""

The name of the serviceaccount to use with the repo-server pod.

sidecarContainers

empty

The number of sidecar containers in the Argo CD Application Controller component. This field is optional.

systemCAtrust

empty

Enables the use of custom CA certificates so that the repo server and its plugins can trust external source hosting sites.

verifytls

false

Defines whether to enforce strict TLS checking on all components when communicating with repo server.

version

same as .spec.Version

The tag to use with the Argo CD Repo server.

volumes

empty

Configures additional volumes used for the Repo server deployment. This field is optional.

volumeMounts

empty

Configures additional volume mounts used for the Repo server deployment. This field is optional.

2.2.1. Configure TLS trust for the repo server
リンクのコピー

You can configure the repo server to trust additional certificate authorities (CAs) by injecting custom TLS certificates into the repo server container and its Config Management Plugin sidecar containers.

The certificates can be provided through Kubernetes secrets and config maps.

The following example shows how to configure additional trusted certificates in the Argo CD custom resource. 

apiVersion: argoproj.io/v1beta1
kind: ArgoCD
metadata:
  name: example-argocd
  labels:
    example: repo
spec:
  repo:
    systemCATrust:
      secrets:
        - name: my-local-cert-secret
          items:
            - key: key-name-in-the-secret-object
              path: desired-file-name-of-the-certificate.crt
      configMaps:
        - name: my-local-cert-cm
          items: []

where:

  • spec.repo:: Configures settings for the Argo CD repo server component.
  • spec.repo.systemCATrust:: Defines additional certificate authorities that the repo server trusts.
  • spec.repo.systemCATrust.secrets:: Specifies kubernetes secrets that contain custom CA certificates.
  • spec.repo.systemCATrust.configMaps:: References config maps containing CA certificates to trust.

Consider the following behavior and configuration details when using this feature:

  • Certificates are not pinned to individual hosts, allowing the use of CA or wildcard certificates.

  • The injected certificates are configured directly inside the container, enabling more advanced plugin workflows. For example:

    • Kustomize can invoke Helm charts hosted on different repositories.
    • Kustomize can retrieve resources from other repositories or sources over HTTPS.
    • Config Management Plugins can invoke TLS-enabled tools available in the container image with TLS verification enabled.

Certificates from secrets or config maps must exist in the same namespace as the Argo CD instance. You can either map specific keys using the items field or include all keys by omitting the items field.

You can mark a trust source as optional. If a required source is missing, the deployment fails.

Unless spec.repo.systemCATrust.dropImageCertificates is set to true, the certificates provided by the user are merged with the certificates already included in the container image.

2.3. Enabling notifications with an Argo CD instance
リンクのコピー

Argo CD notifications allow you to send notifications to external services when events occur in your Argo CD instance. For example, you can send notifications to Slack or email when a sync operation fails. By default, notifications are disabled in Argo CD instances.

Prerequisites

  • You have access to an OpenShift Container Platform cluster with cluster-admin privileges and are logged in to the web console.
  • You have installed the Red Hat OpenShift GitOps Operator on your cluster.

Procedure

To enable notifications for an Argo CD instance using the OpenShift Container Platform web console, complete the following steps:

  1. Navigate to the Operators Installed Operators page.
  2. From the list of Installed Operators, select the Red Hat OpenShift GitOps Operator, and then click on the ArgoCD tab.
  3. Select the Argo CD instance name you want to enable notifications. For example, openshift-gitops.

  4. Click on the YAML tab, and then edit and set the spec.notifications.enabled parameter to true:

    Example: 

    apiVersion: argoproj.io/v1beta1
kind: ArgoCD
metadata:
  name: openshift-gitops
spec:
  notifications:
    enabled: true
#....
  5. Click Save.
Tip

Alternatively, you can enable notifications by using the oc patch command in the OpenShift CLI. For example: 

oc patch argocd openshift-gitops -n openshift-gitops --type merge --patch '{"spec": {"notifications": {"enabled": true}}}'

2.4. Enabling Config Management Plugins in an Argo CD CR
リンクのコピー

Argo CD provides support for Helm, Jsonnet, and Kustomize as built-in config management tools. To use a different config management tool, or to enable features not provided by the built-in config management tools, you can use the Config Management Plugin (CMP).

In Argo CD, the CMP is specified as a sidecar container for the Argo CD repo server container. For more information, see "Config Management Plugins".

In the Red Hat OpenShift GitOps Operator, you can configure the Config Management plugin as a sidecar container in the Argo CD custom resource (CR). When you configure the sidecar container, you either specify an off-the-shelf or a custom-built container image. If you do not specify an image, the system uses the same image as the repo server for the plugin.

To configure a sidecar container in the Red Hat OpenShift GitOps Operator, add the .spec.repo.sidecarContainers key in the Argo CD CR.

Example Config Management Plugin configuration: 

apiVersion: argoproj.io/v1alpha1
kind: ArgoCD
metadata:
 name: <my_argocd>
spec:
 repo:
   sidecarContainers:
     - name: <my_cmp>
       command: [/var/run/argocd/argocd-cmp-server]
       image: <my_image>
       securityContext:
         runAsNonRoot: <true>
         runAsUser:
1 

       volumeMounts:
         - mountPath: /var/run/argocd
           name: <var_files>
         - mountPath: /home/argocd/cmp-server/plugins
           name: plugins
         - mountPath: /tmp
           name: tmp
         - mountPath: /home/argocd/cmp-server/config/plugin.yaml
           subPath: <plugin.yaml>
           name: <cmp_plugin>

where:

metadata.name
Specifies the name of an Argo CD CR instance.
spec.repo.sidecarContainers.name
Specifies the name of a sidecar container used in the repo server.
spec.repo.sidecarContainers.volumeMounts
Specifies the name of volume mounts used in the repo server.

2.5. NotificationsConfiguration custom resource properties
リンクのコピー

The NotificationsConfiguration resource is a Kubernetes custom resource (CR) that manages notifications in a Kubernetes cluster. In Red Hat OpenShift GitOps, you can add templates, triggers, services, and subscription resources to an Argo CD Notifications config map by using the NotificationsConfiguration CR.

When you create a cluster in Red Hat OpenShift GitOps with notifications enabled, a NotificationsConfiguration CR is created by default with the name default-notifications-configuration.

Any change made in the existing configuration of the NotificationsConfiguration CR is replicated in the Argo CD Notifications config map. For example, if the user adds trigger configuration in the NotificationsConfiguration resource, this configuration is read, processed, and updated in the Argo CD Notifications config map.

Important

Any configuration changes must be updated in the default-notifications-configuration CR. Custom resources created by the users for NotificationsConfiguration resource are not supported.

Any modification to the Argo CD argocd-notifications-cm config map is overridden by the changes made in the NotificationsConfiguration CR.

Expand
Table 2.1. NotificationsConfiguration custom resource properties
PropertiesDefaultDescription

Templates

<empty>

Templates are used to generate the notification template message.

Triggers

<empty>

Triggers are used to define the condition when a notification is sent to the user and the list of templates required to generate the message.

Services

<empty>

Services are used to deliver a message.

Subscriptions

<empty>

Subscriptions contain centrally-managed global application subscriptions.

The following examples define how to add templates, triggers, services, and subscription resources to the Argo CD argocd-notification-cm config map by using the default-notifications-configuration custom resource.

Example for templates: 

apiVersion: argoproj.io/v1alpha1
kind: NotificationsConfiguration
metadata:
 name: default-notifications-configuration
spec:
 templates:
  template.my-custom-template: |
    message: |
     Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}.

where:

metadata.name
Specifies the default name of the NotificationsConfiguration CR in a cluster.
spec.template.my-custom-template
Specifies an example custom template configuration for the NotificationsConfiguration CR.

Example for triggers: 

apiVersion: argoproj.io/v1alpha1
kind: NotificationsConfiguration
metadata:
 name: default-notifications-configuration
spec:
 triggers:
  trigger.on-sync-status-unknown: |
   - when: app.status.sync.status == 'Unknown'
   send: [my-custom-template]

where:

metadata.name
Specifies the default name of the NotificationsConfiguration CR in a cluster.
spec.trigger.on-sync-status-unknown
Specifies an example custom trigger configuration for the NotificationsConfiguration CR.

Example for services: 

apiVersion: argoproj.io/v1alpha1
kind: NotificationsConfiguration
metadata:
 name: default-notifications-configuration
spec:
 services:
  service.slack: |
    token: $slack-token
    username: <override-username> # optional username
    icon: <override-icon> # optional icon for the message (supports both emoji and url notation)

where:

metadata.name
Specifies the default name of the NotificationsConfiguration CR in a cluster.
spec.service.slack
Specifies an example custom service configuration for the NotificationsConfiguration CR.

Example for subscriptions: 

apiVersion: argoproj.io/v1alpha1
kind: NotificationsConfiguration
metadata:
 name: default-notifications-configuration
spec:
 subscriptions:
  subscriptions: |
    # subscription for on-sync-status-unknown trigger notifications
    - recipients:
      - slack:test2
      - email:test@gmail.com
      triggers:
      - on-sync-status-unknown
    # subscription restricted to applications with matching labels only
    - recipients:
      - slack:test3
      selector: test=true
      triggers:
      - on-sync-status-unknown

where:

metadata.name
Specifies the default name of the NotificationsConfiguration CR in a cluster.
spec.subscriptions
Specifies an example custom subscription configuration for the NotificationsConfiguration CR.

You can configure the NotificationsConfiguration CR by using the OpenShift Container Platform web console or the CLI (oc).

2.5.1. Configuring the NotificationsConfiguration CR by using the web console
リンクのコピー

You can configure the NotificationsConfiguration custom resource (CR) by using the web console.

Prerequisites

  • You have access to an OpenShift Container Platform cluster with cluster-admin privileges and are logged in to the web console.
  • You have installed the Red Hat OpenShift GitOps Operator on your cluster.
  • You have enabled notifications for the Argo CD instance. For more information, see "Enabling notifications with an Argo CD instance".

Procedure

  1. In the Administrator perspective of the OpenShift Container Platform web console, expand Operators Installed Operators.
  2. From the list of Installed Operators, select the Red Hat OpenShift GitOps Operator, and then click on the NotificationsConfiguration tab.
  3. On the NotificationsConfigurations page, click default-notifications-configuration.

  4. On the default-notifications-configuration page, click YAML and add the configuration for any supported resources such as templates, triggers, services, and subscriptions. For example, under templates in the code, add the following sample configuration:

    Example template configuration: 

      template.my-custom-template: |
    message: |
    Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}.
  5. Click Save.

  6. Verify that the configuration changes made in the NotificationsConfiguration CR are reflected in the argocd-notifications-cm config map:

    1. Go to Workloads ConfigMaps.
    2. Click argocd-notifications-cm and select the YAML tab.
    3. Scroll through the page in the YAML tab to verify the sample configuration added for the supported resources.

2.5.2. Configuring the NotificationsConfiguration CR by using the CLI
リンクのコピー

You can configure the NotificationsConfiguration custom resource (CR) by using the CLI (oc).

Prerequisites

  • You have access to an OpenShift Container Platform cluster with cluster-admin privileges.
  • You have installed the Red Hat OpenShift GitOps Operator on your cluster.
  • You have enabled notifications for the Argo CD instance. For more information, see "Enabling notifications with an Argo CD instance".

Procedure

  1. Edit the default NotificationsConfiguration CR in the cluster by running the following command: 

    $ oc edit notificationsconfiguration default-notifications-configuration -n <namespace>

    where:

    default-notifications-configuration
    Specifies the name of the default NotificationsConfiguration CR.
    <namespace>
    Specifies the name of the namespace.

  2. Under the templates section of the CR, add a configuration similar to the following example:

    Example template configuration: 

      template.my-custom-template: |
    message: |
    Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}.

  3. Verify the contents of the argocd-notifications-cm config map by running the following command: 

    $ oc edit cm argocd-notifications-cm -n <namespace>

    The changes made in the existing configuration of the NotificationsConfiguration CR are reflected in the argocd-notifications-cm config map.

2.6. Configuring notifications in any Namespace
リンクのコピー

By default, Argo CD manages notification configuration only within the control plane namespace. With Red Hat OpenShift GitOps Operator, cluster administrators can enable teams to manage notification settings for their applications from additional namespaces.

To enable this functionality, configure the target namespaces in the Argo CD custom resource (CR). The Red Hat OpenShift GitOps Operator reconciles the corresponding notification resources only for namespaces that are explicitly defined in the ArgoCD CR.

Note

To enable notification configuration in a namespace, you must add the namespace to the following fields in the Argo CD CR:

  • .spec.sourceNamespaces: Enables the Apps in Any Namespace feature for the Application controller.
  • .spec.notifications.sourceNamespaces: Allows the Notifications controller to read configuration from that namespace.

If a namespace is not included in these fields, notification configuration for that namespace is not processed.

Procedure

  1. List the ArgoCD CRs in the cluster: 

    $ oc get argocd -A

  2. Edit the target ArgoCD CR: 

    $ oc edit argocd <cr_name> -n <namespace>

  3. Under the spec section, add each target namespace to the sourceNamespaces and notifications.sourceNamespaces fields.

    The following example enables the example-argocd instance to manage applications and notification configurations in the foo namespace: 

    apiVersion: argoproj.io/v1alpha1
kind: ArgoCD
metadata:
  name: example-argocd
spec:
  sourceNamespaces:
    - foo
  notifications:
    enabled: true
    sourceNamespaces:
      - foo

Verification

  1. Verify that the Argo CD instance recognizes the updated sourceNamespaces configuration by checking the settings in the Argo CD CR.

2.6.1. Understanding configuration notifications behavior across namespaces
リンクのコピー

When the Configuring notifications in any namespace feature is enabled, the Red Hat OpenShift GitOps Operator performs additional actions to support delegated notification configuration. For each delegated namespace, the Red Hat OpenShift GitOps Operator automatically creates a NotificationsConfiguration custom resource (CR) named default-notifications-configuration. Application teams can update this CR to define or modify their notification settings.

The Notifications controller determines which configuration to apply by using the following resolution behavior:

  • The controller first checks for the delegated NotificationsConfiguration CR or the corresponding config map (argocd-notifications-cm) and Secret (argocd-notification-secret) in the namespace of the application.
  • If no delegated configuration is found, the controller falls back to the central configuration resources (ConfigMap and Secret) defined in the control plane namespace.

To enable this model, the Red Hat OpenShift GitOps Operator creates a Role and a RoleBinding in each delegated namespace, granting the Notifications controller permission to read ConfigMaps and Secrets. The Red Hat OpenShift GitOps Operator also applies the argocd.argoproj.io/notifications-managed-by-cluster-argocd label to each delegated namespace.

2.7. Enabling annotation-based resource tracking in Argo CD
リンクのコピー

Red Hat OpenShift GitOps Operator enhances multi-instance support by improving annotation-based resource tracking in Argo CD.Multiple Argo CD instances can use annotation-based tracking by assigning each instance a unique installationID, which enables them to correctly differentiate resources with identical application names, prevent conflicts, avoid infinite sync loops, and operate safely in parallel.

You can perform the following actions by using the OpenShift Container Platform web console:

  • Set up multiple Argo CD instances
  • Configure annotation-based tracking by associating them with namespaces
  • Verify deployments
Note
  • Each Argo CD instance must have a unique installationID to prevent resource tracking conflicts.
  • Ensure that namespaces are labeled accurately because it allows each Argo CD instance to manage only the intended resources.
  • If multiple instances have applications with the same name, set resource tracking to annotation+label.
  • If issues arise, check the Argo CD Application status and logs in the OpenShift Container Platform web console.

2.7.1. Configuring annotation-based tracking in multiple Argo CD instances
リンクのコピー

You can configure annotation-based tracking in multiple Argo CD instances.

Note

This procedure uses the following example values:

  • repoURL: https://github.com/redhat-developer/gitops-operator
  • server: https://kubernetes.default.svc

When you follow these steps, replace the example values with the actual values.

Prerequisites

  • You have logged in to the OpenShift Container Platform cluster as an administrator.
  • You have installed the Red Hat OpenShift GitOps Operator on your OpenShift Container Platform cluster.

Procedure

  1. Log in to the OpenShift Container Platform web console.

  2. In the Administrator perspective of the web console, click Operators Installed Operators.

    • In the Project list, create or select the project where you want to install the user-defined Argo CD instance.
  3. Select Red Hat OpenShift GitOps from the installed Operators list and click the Argo CD tab.

  4. To create two Argo CD instances, click Create ArgoCD and create two YAML files similar to the following examples:

    Example first Argo CD instance with an annotation label: 

    apiVersion: argoproj.io/v1beta1
kind: ArgoCD
metadata:
  name: argocd-instance-demo-1
  namespace: argocd-test-demo-1
spec:
  installationID: "instance-demo-1"
  resourceTrackingMethod: "annotation+label"

    where:

    metadata.name
    Specifies the name of the first Argo CD instance.
    metadata.namespace
    Specifies the namespace used for the first Argo CD instance.
    spec.installationID
    Specifies the name of the installationID object for the first Argo CD instance.

    Example second Argo CD instance with an annotation label: 

    apiVersion: argoproj.io/v1beta1
kind: ArgoCD
metadata:
  name: argocd-instance-demo-2
  namespace: argocd-test-demo-2
spec:
  installationID: "instance-demo-2"
  resourceTrackingMethod: "annotation+label"

    where:

    metadata.name
    Specifies the name of the second Argo CD instance.
    metadata.namespace
    Specifies the namespace used for the second Argo CD instance.
    spec.installationID
    Specifies the name of the installationID object for the second Argo CD instance.

  5. Configure and label target namespaces to associate namespaces with their Argo CD instances.

    1. Navigate to Administration Namespaces.
    2. Create namespaces for application deployments, app-ns-1 and app-ns-2.

    3. Associate each namespace with their respective Argo CD instance:

      1. Associate the app-ns-1 namespace with the argocd-test-demo-1 Argo CD instance by running the following command:

        Example command: 

        $ oc label namespace app-ns-1 argocd.argoproj.io/managed-by=argocd-test-demo-1

      2. Associate the app-ns-2 namespace with the argocd-test-demo-2 Argo CD instance by running the following command:

        Example command: 

        $ oc label namespace app-ns-2 argocd.argoproj.io/managed-by=argocd-test-demo-2

  6. Create two applications in Argo CD.

    1. In the OpenShift Container Platform web console, go to Operators Installed Operators OpenShift GitOps Operator.
    2. Select Argo CD and navigate to the Applications tab.
    3. Click Create Application.

    4. Enter the following YAML snippet to create two applications in Argo CD.

      Example first application using Argo CD: 

      apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: sprint-petclinic
  namespace: argocd-test-demo-1
spec:
  project: default
  source:
    repoURL: https://github.com/redhat-developer/gitops-operator
    path: test/examples/nginx
    targetRevision: HEAD
  destination:
    server: https://kubernetes.default.svc
    namespace: app-ns-1
  syncPolicy:
    automated: {}

      where:

      metadata.name
      Specifies the name of the first application.
      metadata.namespace
      Specifies the namespace used for the first application.

      Example second application using Argo CD: 

      apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: sprint-petclinic
  namespace: argocd-test-demo-2
spec:
  project: default
  source:
    repoURL: https://github.com/redhat-developer/gitops-operator
    path: test/examples/nginx
    targetRevision: HEAD
  destination:
    server: https://kubernetes.default.svc
    namespace: app-ns-2
  syncPolicy:
    automated: {}

      where:

      metadata.name
      Specifies the name of the second application that is created with the same name as the first application.
      metadata.namespace
      Specifies the namespace used for the second application.

Verification

  1. Navigate to Workloads Pods in the OpenShift Container Platform web console.
  2. Ensure that the pods for Argo CD instances argocd-instance-demo-1 and argocd-instance-demo-2 are running.
  3. Check the application synchronization status in the Argo CD Applications YAML tab.
  4. Navigate to the argocd-cm config map in argocd-test-demo-1 and argocd-test-demo-2 namespaces and verify that the installationID object is configured successfully.
Red Hat logoGithubredditYoutubeTwitter

詳細情報

試用、購入および販売

コミュニティー

Red Hat ドキュメントについて

Red Hat をお使いのお客様が、信頼できるコンテンツが含まれている製品やサービスを活用することで、イノベーションを行い、目標を達成できるようにします。 最新の更新を見る.

多様性を受け入れるオープンソースの強化

Red Hat では、コード、ドキュメント、Web プロパティーにおける配慮に欠ける用語の置き換えに取り組んでいます。このような変更は、段階的に実施される予定です。詳細情報: Red Hat ブログ.

会社概要

Red Hat は、企業がコアとなるデータセンターからネットワークエッジに至るまで、各種プラットフォームや環境全体で作業を簡素化できるように、強化されたソリューションを提供しています。

Theme

© 2026 Red Hatトップに戻る