diff --git a/clusters/cl01tl/deployment/argocd/templates/external-secret.yaml b/clusters/cl01tl/deployment/argocd/templates/external-secret.yaml index b0a23a26d..59aeb2649 100644 --- a/clusters/cl01tl/deployment/argocd/templates/external-secret.yaml +++ b/clusters/cl01tl/deployment/argocd/templates/external-secret.yaml @@ -27,6 +27,29 @@ spec: metadataPolicy: None property: client +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: argocd-ntfy-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: argocd-ntfy-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: token + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /ntfy/user/cl01tl + metadataPolicy: None + property: token + # --- # apiVersion: external-secrets.io/v1 # kind: ExternalSecret diff --git a/clusters/cl01tl/deployment/argocd/values.yaml b/clusters/cl01tl/deployment/argocd/values.yaml index d68f3202d..54e0992b3 100644 --- a/clusters/cl01tl/deployment/argocd/values.yaml +++ b/clusters/cl01tl/deployment/argocd/values.yaml @@ -115,7 +115,162 @@ argo-cd: enabled: true serviceMonitor: enabled: true + notifiers: + service.webhook.ntfy-5: | + url: http://ntfy.ntfy/ + headers: + - name: Title + value: ArgoCD + - name: Authorization + value: Bearer $argocd-ntfy-secret:token livenessProbe: enabled: true readinessProbe: enabled: true + subscriptions: + - recipients: + - ntfy + triggers: + - app-created + - app-deleted + - app-deployed + - app-health-degraded + - app-sync-failed + - app-sync-running + - app-sync-status-unknown + - app-sync-succeeded + templates: + template.app-created: | + webhook: + ntfy: + method: POST + path: argocd + headers: + - name: Priority + value: 4 + body: | + Application {{.app.metadata.name}} has been created. + template.app-deleted: | + webhook: + ntfy: + method: POST + path: argocd + headers: + - name: Priority + value: 4 + body: | + Application {{.app.metadata.name}} has been deleted. + template.app-deployed: | + webhook: + ntfy: + method: POST + path: argocd + headers: + - name: Priority + value: 4 + body: | + Application {{.app.metadata.name}} is now running new version of deployments manifests. + template.app-health-degraded: | + webhook: + ntfy: + method: POST + path: argocd + headers: + - name: Priority + value: 5 + body: | + Application {{.app.metadata.name}} has degraded. + Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}. + template.app-sync-failed: | + webhook: + ntfy: + method: POST + path: argocd + headers: + - name: Priority + value: 5 + body: | + The sync operation of application {{.app.metadata.name}} has failed at {{.app.status.operationState.finishedAt}} with the following error: {{.app.status.operationState.message}} + Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . + template.app-sync-running: | + webhook: + ntfy: + method: POST + path: argocd + headers: + - name: Priority + value: 3 + body: | + The sync operation of application {{.app.metadata.name}} has started at {{.app.status.operationState.startedAt}}. + Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . + template.app-sync-status-unknown: | + webhook: + ntfy: + method: POST + path: argocd + headers: + - name: Priority + value: 4 + body: | + {{if eq .serviceType "slack"}}:exclamation:{{end}} Application {{.app.metadata.name}} sync is 'Unknown'. + Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}. + {{if ne .serviceType "slack"}} + {{range $c := .app.status.conditions}} + * {{$c.message}} + {{end}} + {{end}} + template.app-sync-succeeded: | + webhook: + ntfy: + method: POST + path: argocd + headers: + - name: Priority + value: 3 + body: | + Application {{.app.metadata.name}} has been successfully synced at {{.app.status.operationState.finishedAt}}. + Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true . + triggers: + trigger.on-created: | + - description: Application {{.app.metadata.name}} has been created. + oncePer: app.metadata.name + send: + - app-created + when: "true" + trigger.on-deleted: | + - description: Application {{.app.metadata.name}} has been deleted. + oncePer: app.metadata.name + send: + - app-deleted + when: app.metadata.deletionTimestamp != nil + trigger.on-deployed: | + - description: Application is synced and healthy. Triggered once per commit. + oncePer: app.status.operationState.syncResult.revision + send: + - app-deployed + when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy' + trigger.on-health-degraded: | + - description: Application has degraded + send: + - app-health-degraded + when: app.status.health.status == 'Degraded' + trigger.on-sync-failed: | + - description: Application syncing has failed + send: + - app-sync-failed + when: app.status.operationState.phase in ['Error', 'Failed'] + trigger.on-sync-running: | + - description: Application is being synced + send: + - app-sync-running + when: app.status.operationState.phase in ['Running'] + trigger.on-sync-status-unknown: | + - description: Application status is 'Unknown' + send: + - app-sync-status-unknown + when: app.status.sync.status == 'Unknown' + trigger.on-sync-succeeded: | + - description: Application syncing has succeeded + send: + - app-sync-succeeded + when: app.status.operationState.phase in ['Succeeded']