Support scanning for updates to Helm-backed ArgoCD Application CRDs

Question

Support scanning for updates to Helm-backed ArgoCD Application CRDs

jstewart612 opened this issue 4 years ago · 11 comments

Is your feature request related to a problem? Please describe.
ArgoCD has the concept of Application CRDs. These can source from Helm charts themselves, but do not install helm in the traditional manner. Rather, it renders the templates, and then applies those to the cluster. As such, you do not see helm installs with the helm cli, and as such, Nova seems not to be able to find them and assess upgradable candidates.

This feature request is to add this functionality to Nova.

Describe the solution you'd like
Add a flag to Nova to allow it to also scan ArgoCD Application CRD instances on your cluster and check them for updates if they are based on Helm charts.

Describe alternatives you've considered
I am unaware that any exist.

Additional context
I don't see that any is required here but let me know if you do.

Answer 1 · 2021-06-19T00:54:23.000Z

If it is helpful for implementation, the fields you'd be looking to scan of that CRD are:

.spec.source.helm.chart: the chart name
.spec.source.helm.targetRevision: A Semantic Release compatible version value

Answer 2 · 2021-06-21T12:27:48.000Z

Thanks for the request! This is a great idea

Answer 3 · 2021-07-21T13:50:40.000Z

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Answer 4 · 2021-08-26T17:43:52.000Z

still needed

Answer 5 · 2022-03-24T21:12:31.000Z

A colleague actually did work on this locally and I have recommended submission here for wider adoption of the feature.

Answer 6 · 2022-11-15T04:30:50.000Z

+1 on this feature, we have a lot of external applications implement by gitops approach - argocd then we are finding a way to check if whether they was update or release.

Answer 7 · 2023-04-17T03:51:58.000Z

@lucasreed is it safe to say no maintainer of this repository will accept the last PR submitted to address this issue while it requires an additional external binary? That you compel a native library be used for the purpose? This is not to voice disagreement: merely to establish the terms.

Answer 8 · 2023-04-22T22:19:02.000Z

Hey @jstewart612, I'm afraid I am no longer a maintainer here, so I'll let someone else answer that.

Answer 9 · 2023-05-26T18:32:47.000Z

Catching up on this now, and I would say that is correct @jstewart612. Adding another third-party binary introduces maintenance cost that we are not willing to incur at this time. If we were to implement a dynamic client instead, that could be covered by unit tests and much easier/safer to maintain. Additionally, it would not require a new method of keeping up on dependencies beyond dependabot.

Answer 10 · 2023-09-16T20:00:20.000Z

Flux is a great gitops tool and widely used.