You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
62 lines
1.7 KiB
YAML
62 lines
1.7 KiB
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: AppProject
|
|
metadata:
|
|
name: mobene
|
|
namespace: argo-cd
|
|
finalizers:
|
|
- resources-finalizer.argocd.argoproj.io
|
|
spec:
|
|
description: ArgoCD project for clustering apps for mobene
|
|
|
|
# Allow manifests to deploy from any Git repos
|
|
sourceRepos:
|
|
- 'https://prodnso-gitea-01.smardigo.digital/argocd/prodwork01-mobene-deployment'
|
|
|
|
# Deny all cluster-scoped resources from being created
|
|
clusterResourceWhitelist:
|
|
- group: ''
|
|
kind: 'namespace'
|
|
|
|
# Allow all namespaced-scoped resources to be created, except for ResourceQuota, LimitRange, NetworkPolicy
|
|
namespaceResourceBlacklist:
|
|
- group: ''
|
|
kind: ResourceQuota
|
|
- group: ''
|
|
kind: LimitRange
|
|
|
|
# allowed destinations for deployments:
|
|
destinations:
|
|
- namespace: mobene-nsodev
|
|
server: https://kubernetes.default.svc
|
|
- namespace: mobene-cusqa
|
|
server: https://kubernetes.default.svc
|
|
- namespace: mobene-cusprod
|
|
server: https://kubernetes.default.svc
|
|
- namespace: mobene-keycloak
|
|
server: https://kubernetes.default.svc
|
|
|
|
roles:
|
|
- description: Group to developers to deploy on DEV environment
|
|
groups:
|
|
- mobenedevs
|
|
name: mobene-devs
|
|
policies:
|
|
- >-
|
|
p, proj:mobene:mobenedevs, applications, get,
|
|
mobene/*, allow
|
|
- >-
|
|
p, proj:mobene:mobenedevs, applications, create,
|
|
mobene/*, deny
|
|
- >-
|
|
p, proj:mobene:mobenedevs, applications, update,
|
|
mobene/*, deny
|
|
- >-
|
|
p, proj:mobene:mobenedevs, applications, delete,
|
|
mobene/*, deny
|
|
- >-
|
|
p, proj:mobene:mobenedevs, applications, sync,
|
|
mobene/*, allow
|
|
- >-
|
|
p, proj:mobene:mobenedevs, applications, override,
|
|
mobene/*, deny
|