---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: huawei-csi
  namespace: argocd
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  project: huawei-csi
  destination:
    server: https://kubernetes.default.svc
    namespace: huawei-csi
  sources:
    - repoURL: https://git.avroid.tech/K8s/k8s-configs.git
      targetRevision: master
      ref: values
    - repoURL: https://nexus.avroid.tech/repository/devops-helm-release
      chart: "esdk"
      targetRevision: 4.6.0
      helm:
        valueFiles:
          - $values/clusters/k8s-avroid-office.prod.local/namespaces/huawei-csi/values-ovveride.yaml
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
      - Validate=false
      - ApplyOutOfSyncOnly=true
      - CreateNamespace=true
---
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
  name: huawei-csi
  namespace: argocd
  # Finalizer that ensures that project is not deleted until it is not referenced by any application
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  sourceRepos:
    - https://git.avroid.tech/K8s/k8s-configs.git
    - https://nexus.avroid.tech/repository/devops-helm-release
  # Only permit applications to deploy to the guestbook namespace in the same cluster
  destinations:
    - namespace: huawei-csi
      server: https://kubernetes.default.svc
  # Deny all cluster-scoped resources from being created, except for Namespace
  clusterResourceWhitelist:
    - group: ''
      kind: Namespace
    - group: '*'
      kind: ClusterRole
    - group: '*'
      kind: ClusterRoleBinding
    - group: '*'
      kind: CustomResourceDefinition