Skip to main content
Version: 0.17.0

List generator enterprise

The list generator is a simple generator that generates a list of params from a list of elements.

This is the simplest generator, this is a hard-coded array of JSON objects, described as YAML mappings.

Example

apiVersion: templates.weave.works/v1alpha1
kind: GitOpsSet
metadata:
labels:
app.kubernetes.io/name: gitopsset
app.kubernetes.io/instance: gitopsset-sample
app.kubernetes.io/part-of: gitopssets-controller
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/created-by: gitopssets-controller
name: gitopsset-sample
spec:
generators:
- list:
elements:
- env: dev
team: dev-team
- env: production
team: ops-team
- env: staging
team: ops-team
templates:
- content:
kind: Kustomization
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
metadata:
name: "{{ .element.env }}-demo"
labels:
app.kubernetes.io/name: go-demo
app.kubernetes.io/instance: "{{ .element.env }}"
com.example/team: "{{ .element.team }}"
spec:
interval: 5m
path: "./examples/kustomize/environments/{{ .element.env }}"
prune: true
sourceRef:
kind: GitRepository
name: go-demo-repo
caution

To run this example you will need extra RBAC

This particular example creates kustomizations, so you will need to add the below RBAC to the gitopssets-controller-manager service account to allow it to create kustomizations.

Check out the Security section for more information.

However this will change in the next release with impersonation. Instead you can choose a service account for each GitOpsSet that has the required permissions for creating the rendered resources in the templates section.

Additional RBAC for the gitopssets-controller-manager service account:

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: demo-role
rules:
- apiGroups:
- kustomize.toolkit.fluxcd.io
resources:
- kustomizations
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: demo-role-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: demo-role
subjects:
- kind: ServiceAccount
name: gitopssets-controller-manager
namespace: flux-system