ThomasSteinbach
commented
2 months ago Here is in bash, what I logically expect from the feature in Argo CD:
#!/usr/bin/env bash
# Check if the required parameters are provided
if [ $# -ne 1 ]; then
echo "Usage: $0 <APP_NAME>"
exit 1
fi
APP_NAME=$1
echo "# Step 1: Checking changes of the application '$APP_NAME' ..."
app_diff=$(argocd app diff "$APP_NAME")
# Check if there are actually changes for this application
line_count=$(echo "$app_diff" | wc -l | tr -d ' ')
if [ "$line_count" -eq 0 ]; then
echo "There are no changes in the application."
echo "Exiting..."
exit 1
fi
# Filter out all legit lines of the diff
# - ^$ - empty lines
# - ^\d+[cd]\d+$ - the indicator for changed/deleted lines (e.g. '297c297')
# - ^---$ - all separators between diffs
# - ^===== - all separators between files
# - ^[<>]\s+(...) - all changed lines with keywords we accept
line_count=$(echo "$app_diff" | grep -v -E '^$|^\d+[cd]\d+$|^---$|^=====|^[<>]\s+(annotations:|image:|app.kubernetes.io|helm.sh/chart|checksum/)' | wc -l | tr -d ' ')
# Expect no remaining lines
if [ "$line_count" -ne 0 ]; then
echo "There are more changes to the application than just image updates."
echo "No sync will be done."
echo "Exiting..."
exit 1
fi
echo "# Step 2: Syncing the application '$APP_NAME' ..."
argocd app sync "$APP_NAME"
Summary
I would like Argo CD to automatically sync changes, when they comprise specific fields. If more fields than the specified ones change, Argo CD should wait for a manual sync.
Motivation
When our developers publish new images to the registry, our Renovate bot automatically updates image tags/digests within the Kubernetes deployment specification. Those changes should automatically be synced by Argo CD.
However, if someone will change any other fields in the Kubernetes manifests, Argo CD should not automatically sync them and wait for manual sync.
Proposal
That could be done by specifiying the Argo CD application the fields, that can change. If in the diff different fields has changed, Argo CD would not sync automatically.