Example of gitops-bridge on how to pass structure metadata annotations to helm charts in
ArgoCD application sets using tempaltePAtch
Original idea from grayson user in CNCF ArgoCD Slack https://cloud-native.slack.com/archives/C01U45M2SVB/p1742224380346179?thread_ts=1741717876.631309&cid=C01U45M2SVB
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: karpenter
namespace: argocd
spec:
goTemplate: true
goTemplateOptions: ["missingkey=error"]
generators:
- clusters:
selector:
matchLabels:
prod: "false"
template:
metadata:
name: "{{lower .name}}-karpenter"
namespace: argocd
spec:
project: default
source:
repoURL: <...>
targetRevision: <...>
path: <...>
helm:
ignoreMissingValueFiles: true
valueFiles:
- values.yaml
destination:
name: "{{.name}}"
namespace: karpenter
syncPolicy:
automated: {}
syncOptions:
- CreateNamespace=true
templatePatch: |
spec:
source:
helm:
values: |
ec2NodeClasses:
{{- range $nodeclass := list "default" "gvisor" }}
{{ $nodeclass }}:
enabled: "true"
role: role-{{$.name}}
securityGroupSelectorTerms:
- tags:
karpenter.sh/discovery: {{$.name}}
subnetSelectorTerms:
{{- range $subnetId := index $.metadata.annotations "karpenter-subnet-ids" | fromJson }}
- id: {{ $subnetId }}
{{- end }}
{{- $tagJson := index $.metadata.annotations "karpenter-node-tags" | fromJson }}
{{- if not (empty $tagJson) }}
tags:
{{- range $tag, $tagValue := $tagJson }}
"{{ $tag }}": "{{ $tagValue }}"
{{- end }}
{{- end }}
{{- end }}Cluster Secret:
kind: Secret
metadata:
annotations:
karpenter-node-tags: '{"team": "A-Team"}'
karpenter-subnet-ids: '["subnet-abcd", "subnet-def1"]'
labels:
argocd.argoproj.io/secret-type: cluster