You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi all!
Currently, when some custom resource action is executed, ArgoCD server runs bare lua script without importing standard libraries. This setup limits the use of custom actions only to a trivial use cases which eg. dont require manipulation with strings.
Motivation
Our team manages hundreds of ArgoCD Applications of our customers. We try to follow strict gitops model - customers have only get & sync permissions in their Applications and are supposed to manage their resources - create/update/delete only by altering the spec of their resource manifest in repository.
In order to address some aspects and improve UX, eg. when update of some service failed and needs to be retriggered, we would like to have a custom action which would do that instead of requiring customer to update their manifest with increased generation number or some dummy annotation which would trigger it.
In some cases, to make a decision, we would need string library to match particular substring or os to parse a timestamp.
Proposal
One possibility could be a new flag for ArgoCDServer eg. --lua-allow-openlib=string --lua-allow-openlib=math which would pass whitelisted libs in VM struct and then compose an array of libs in (vm VM) runLua()
Please let me know what are your thoughts. Im happy to open a PR if the proposal makes sense and aligns with a plan
The text was updated successfully, but these errors were encountered:
Summary
Hi all!
Currently, when some custom resource action is executed, ArgoCD server runs bare lua script without importing standard libraries. This setup limits the use of custom actions only to a trivial use cases which eg. dont require manipulation with strings.
Motivation
Our team manages hundreds of ArgoCD Applications of our customers. We try to follow strict gitops model - customers have only get & sync permissions in their Applications and are supposed to manage their resources - create/update/delete only by altering the spec of their resource manifest in repository.
In order to address some aspects and improve UX, eg. when update of some service failed and needs to be retriggered, we would like to have a custom action which would do that instead of requiring customer to update their manifest with increased generation number or some dummy annotation which would trigger it.
In some cases, to make a decision, we would need
string
library to match particular substring oros
to parse a timestamp.Proposal
One possibility could be a new flag for ArgoCDServer eg.
--lua-allow-openlib=string --lua-allow-openlib=math
which would pass whitelisted libs inVM
struct and then compose an array of libs in(vm VM) runLua()
Please let me know what are your thoughts. Im happy to open a PR if the proposal makes sense and aligns with a plan
The text was updated successfully, but these errors were encountered: