Skip to content

A dedicated field to enable or disable application syncPolicy #21647

New issue
New issue
Closed
#22482
#21999
Closed
A dedicated field to enable or disable application syncPolicy#21647
#22482
#21999
Assignees
anandrkskd
Labels
component:syncenhancementNew feature or requestgood first issueGood for newcomers
@anandrkskd

Description

@anandrkskd
anandrkskd
opened on Jan 23, 2025

Summary

Adding a dedicated field to set application sync Policy to enable or disable automated sync.

Motivation

An Application (app-of-apps pattern) which contains child Application resources only and which have autoSync with selfHeal enabled. The parent Application to force child Applications to have autoSync completely disabled. I need parent Application selfHeal to disable autoSync of child applications again when somebody enables it directly in Kubernetes.

Autosync is disabled only when spec.syncPolicy.automated is not present on resource and to write child Application resources in the way that ArgoCD forces it in Kubernetes with field spec.syncPolicy.automated absent.
Setting field spec.syncPolicy: {} and spec.syncPolicy.automated: null none of them works if set in child application in ArgoCD.

example scenario
  • creating an application (apps of apps) 
        cat <<EOF | kubectl create -f-
    apiVersion: argoproj.io/v1alpha1
    kind: Application
    metadata:
      name: app-of-apps
      namespace: argocd1
      finalizers:
      - resources-finalizer.argocd.argoproj.io
    spec:
      destination:
        namespace: helm-guestbook-1
        server: https://kubernetes.default.svc
      project: default
      source:
        path: .
        repoURL: https://github.com/anandrkskd/argocd-issue-autosync.git
        targetRevision: main
      syncPolicy:
        automated:
          selfHeal: true
          prune: true
    EOF
  • once the applications are up, updating syncPolicy
    $ argocd app set --sync-policy auto --sync-option CreateNamespace=true helm-guestbook-1
    $ argocd app set --sync-policy auto --sync-option CreateNamespace=true helm-guestbook-2

Automatic synchronization on child Applications is supposed to be turned off, but it is turned on (didn't revert to what is present in git), even though the parent Application has selfHeal enabled.

Proposal

Expected behavior is to have a possibility to enforce autosync disabled on child Application by parent Application selfHeal by having a flag to disable autosync in automated block, like:

syncPolicy:
    automated:
      enabled: true           <- new flag proposal
      prune: true
      selfHeal: true

To make compatible,

  • if the syncPolicy block is absent, no syncPolicy will change
  • if the syncPolicy contains automated field, the default will be set to true
  • if the syncPolicy.automated.enabled field is set to false, it will stop automated sync, even if the syncPolicy.automated.prune/selfHeal is set.

Metadata

Metadata

Assignees

Labels

component:syncenhancementNew feature or requestgood first issueGood for newcomers

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions