You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/user-guide/source-hydrator.md
+22-8Lines changed: 22 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,12 +6,9 @@ Tools like Helm and Kustomize allow users to express their Kubernetes manifests
6
6
(keeping it DRY - Don't Repeat Yourself). However, these tools can obscure the actual Kubernetes manifests that are
7
7
applied to the cluster.
8
8
9
-
The "rendered manifest pattern" is a way to push the hydrated manifests to git before syncing them to the cluster. This
9
+
The "rendered manifest pattern" is a feature of Argo CD that allows users to push the hydrated manifests to git before syncing them to the cluster. This
10
10
allows users to see the actual Kubernetes manifests that are applied to the cluster.
11
11
12
-
The source hydrator is a feature of Argo CD that allows users to push the hydrated manifests to git before syncing them
13
-
to the cluster.
14
-
15
12
## Enabling the Source Hydrator
16
13
17
14
The source hydrator is disabled by default.
@@ -49,7 +46,7 @@ With hydrator: https://raw.githubusercontent.com/argoproj/argo-cd/stable/mani
49
46
50
47
## Using the Source Hydrator
51
48
52
-
To use the source hydrator, you must first install a push secret. This example uses a GitHub App for authentication, but
49
+
To use the source hydrator, you must first install a push and a pull secret. This example uses a GitHub App for authentication, but
53
50
you can use [any authentication method that Argo CD supports for repository access](../operator-manual/declarative-setup.md#repositories).
54
51
55
52
```yaml
@@ -61,6 +58,22 @@ metadata:
61
58
labels:
62
59
argocd.argoproj.io/secret-type: repository-write
63
60
type: Opaque
61
+
stringData:
62
+
url: "https://github.com"
63
+
type: "git"
64
+
githubAppID: "<your app ID here>"
65
+
githubAppInstallationID: "<your installation ID here>"
66
+
githubAppPrivateKey: |
67
+
<your private key here>
68
+
---
69
+
apiVersion: v1
70
+
kind: Secret
71
+
metadata:
72
+
name: my-pull-secret
73
+
namespace: argocd
74
+
labels:
75
+
argocd.argoproj.io/secret-type: repository
76
+
type: Opaque
64
77
stringData:
65
78
url: "https://github.com"
66
79
type: "git"
@@ -70,10 +83,11 @@ stringData:
70
83
<your private key here>
71
84
```
72
85
73
-
The label `argocd.argoproj.io/secret-type: repository-write` causes this Secret to be used for pushing manifests to git
74
-
instead of pulling from git.
86
+
The only difference between the secrets above, besides the resource name, is that the push secret contains the label
87
+
`argocd.argoproj.io/secret-type: repository-write`, which causes the Secret to be used for pushing manifests to git
88
+
instead of pulling from git. Argo CD requires different secrets for pushing and pulling to provide better isolation.
75
89
76
-
Once your push secret is installed, set the `spec.sourceHydrator` field of the Application. For example:
90
+
Once your secrets are installed, set the `spec.sourceHydrator` field of the Application. For example:
0 commit comments