ildrummer
commented
10 months ago Open ildrummer opened 10 months ago
ildrummer
commented
10 months ago ildrummer
commented
7 months ago bump?
Summary
ArgoCD provides the ability to add scripted health checks for custom resources. The Keycloak and KeycloakRealmImport custom resources do not yet have custom health scripts but require them in practice for the ArgoCD post-sync-hook to trigger at the right time.
Motivation
In order for the ArgoCD post-sync-hook to trigger after Keycloak and KeycloakRealmImport resources are actually created, ArgoCD needs to be configured with custom health checks. Currently, the Application assumes those resources are healthy immediately after manifest creation and triggers the post-sync-hook well before the resources are declared healthy by the Keycloak Operator.
My work needs an ArgoCD post-sync hook to trigger a K8s Job that interacts with the Keycloak Realm API. In order for the API to be available, the Realm must be installed and ready to accept connections. This requires Argo to understand the Realm's readiness (according to the Keycloak Operator's status updates) so it doesn't trigger the post-sync hook until the correct time.
Proposal
I have implemented custom health checks (and tests) and confirmed they work according to this use-case. They correctly show the status of Keycloak and KeycloakReamImport custom resources on the ArgoCD UI and delay the post-sync-hook job until the Keycloak Operator updates the resource status to 'ready'. I'd like to PR these custom health checks once this proposal is accepted.