7 Commits

Author SHA1 Message Date
d2c329e1be docs(README): adapt jq expression to ignore reloader annotation
All checks were successful
Generate README / generate-parameters (push) Successful in 29s
Helm / helm-lint (push) Successful in 16s
Helm / helm-unittest (push) Successful in 15s
Markdown linter / markdown-link-checker (push) Successful in 31s
Markdown linter / markdown-lint (push) Successful in 29s
2025-10-21 22:32:23 +02:00
db5e38cef1 docs(README): adapt description of RespectIgnoreDifferences
All checks were successful
Generate README / generate-parameters (push) Successful in 29s
Helm / helm-lint (push) Successful in 16s
Helm / helm-unittest (push) Successful in 17s
Markdown linter / markdown-link-checker (push) Successful in 31s
Markdown linter / markdown-lint (push) Successful in 29s
2025-10-21 22:28:23 +02:00
1fe7bc604e docs(README): adjust highlighted text
All checks were successful
Generate README / generate-parameters (push) Successful in 29s
Helm / helm-lint (push) Successful in 16s
Helm / helm-unittest (push) Successful in 16s
Markdown linter / markdown-link-checker (push) Successful in 31s
Markdown linter / markdown-lint (push) Successful in 27s
2025-10-21 22:26:15 +02:00
fa43188e03 docs(README): add tip how to ignore stakater's reloader annotations
All checks were successful
Generate README / generate-parameters (push) Successful in 29s
Helm / helm-lint (push) Successful in 16s
Helm / helm-unittest (push) Successful in 15s
Markdown linter / markdown-link-checker (push) Successful in 32s
Markdown linter / markdown-lint (push) Successful in 29s
2025-10-21 22:22:26 +02:00
99ed88068a docs(README): add further jqPathExpressions if stakaters reloader is configured
All checks were successful
Generate README / generate-parameters (push) Successful in 29s
Helm / helm-lint (push) Successful in 16s
Helm / helm-unittest (push) Successful in 16s
Markdown linter / markdown-link-checker (push) Successful in 32s
Markdown linter / markdown-lint (push) Successful in 27s
2025-10-19 19:08:18 +02:00
95fd713da6 fix(renovate): update packageRule for helm-unittest/helm-unittest
All checks were successful
Helm / helm-unittest (push) Successful in 1m58s
Helm / helm-lint (push) Successful in 2m3s
2025-10-16 22:01:54 +02:00
671a635627 fix(renovate): update packageRule for helm-unittest/helm-unittest
All checks were successful
Helm / helm-unittest (push) Successful in 7s
Helm / helm-lint (push) Successful in 14s
2025-10-16 21:39:56 +02:00
2 changed files with 63 additions and 6 deletions

View File

@@ -203,7 +203,8 @@ helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \
The behavior whereby ArgoCD triggers a rolling update even though nothing appears to have changed often occurs in
connection with the helm concept `checksum/secret`, `checksum/configmap` or more generally, [Automatically Roll
Deployments](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments).
Deployments](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments). Please ensure, that no
third party application modifies the config maps or secret afterwards.
The problem with combining this concept with ArgoCD is that ArgoCD re-renders the Helm chart every time. Even if the
content of the config map or secret has not changed, there may be minimal differences (e.g., whitespace, chart version,
@@ -212,20 +213,50 @@ Helm render order, different timestamps).
This changes the SHA256 hash, Argo sees a drift and trigger a rolling update of the deployment. Among other things, this
can lead to unnecessary notifications from ArgoCD.
To avoid this, the annotation with the shasum must be ignored. Below is a diff that adds the `Application` to ignore all
annotations with the prefix `checksum`.
To avoid this, the annotation with the shasum can be ignored. However, this negates the mechanism of [Automatically Roll
Deployments](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments).
Below is a diff that adds the `Application` to ignore all annotations with the prefix `checksum`.
> [!WARNING]
> Configurations of `ignoreDifferences` always refer to the determination of a drift and whether a possible sync is
> necessary. If the selected attributes should also be ignored in deployment afterwards, define
> `RespectIgnoreDifferences=true` in your `Application` resource. Further information can be found in the ArgoCD
> [documentation](https://argo-cd.readthedocs.io/en/latest/user-guide/sync-options/#respect-ignore-differences-configs).
```diff
apiVersion: argoproj.io/v1alpha1
kind: Application
spec:
+ ignoreDifferences:
+ - group: apps/v1
+ - group: apps
+ kind: Deployment
+ jqPathExpressions:
+ - '.spec.template.metadata.annotations | with_entries(select(.key | startswith("checksum")))'
```
The definition of ignoreDifferences ensures that annotations with the prefix checksum are ignored during a diff.
> [!TIP]
> If the [reloader](https://github.com/stakater/Reloader) is configured as described in section [TLS certificate
> rotation](#tls-certificate-rotation), ensure that the shasum defined as annotation or environment variable is also
> ignored. The [reloader](https://github.com/stakater/Reloader) will modify the deployment based on his configuration
> and append additional annotations or environment variables containing the shasum. Below are some examples how to adapt
> the `ignoreDifferences` configuration to ignore only the annotations and environment variables of stakater's
> [reloader](https://github.com/stakater/Reloader).
```diff
apiVersion: argoproj.io/v1alpha1
kind: Application
spec:
ignoreDifferences:
- group: apps
kind: Deployment
jqPathExpressions:
+ - '.spec.template.metadata.annotations | with_entries(select(.key | startswith("reloader")))'
+ - '.spec.template.spec.containers[].env[] | select(.name | startswith("STAKATER_"))'
```
## Parameters
### Global

View File

@@ -23,7 +23,9 @@
},
{
"customType": "regex",
"fileMatch": ["^README\\.md$"],
"fileMatch": [
"^README\\.md$"
],
"matchStrings": [
"CHART_VERSION=(?<currentValue>.*)"
],
@@ -31,6 +33,16 @@
"packageNameTemplate": "https://git.cryptic.systems/volker.raschek/reposilite-charts",
"datasourceTemplate": "git-tags",
"versioningTemplate": "semver"
},
{
"customType": "regex",
"datasourceTemplate": "github-releases",
"fileMatch": [
".vscode/settings\\.json$"
],
"matchStrings": [
"https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json"
]
}
],
"packageRules": [
@@ -41,6 +53,20 @@
"volkerraschek/helm"
]
},
{
"automerge": true,
"groupName": "Update helm plugin 'unittest'",
"matchDepNames": [
"helm-unittest/helm-unittest"
],
"matchDatasources": [
"github-releases"
],
"matchUpdateTypes": [
"minor",
"patch"
]
},
{
"groupName": "Update docker.io/library/node",
"matchDepNames": [