github.com/argoproj/argo-cd/v2@v2.10.9/applicationset/controllers/templatePatch.go

github.com/argoproj/argo-cd/v2@v2.10.9/applicationset/controllers/templatePatch.go (about)

     1  package controllers
     2  
     3  import (
     4  	"encoding/json"
     5  	"fmt"
     6  
     7  	"k8s.io/apimachinery/pkg/util/strategicpatch"
     8  
     9  	"github.com/argoproj/argo-cd/v2/applicationset/utils"
    10  	appv1 "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1"
    11  )
    12  
    13  func applyTemplatePatch(app *appv1.Application, templatePatch string) (*appv1.Application, error) {
    14  
    15  	appString, err := json.Marshal(app)
    16  	if err != nil {
    17  		return nil, fmt.Errorf("error while marhsalling Application %w", err)
    18  	}
    19  
    20  	convertedTemplatePatch, err := utils.ConvertYAMLToJSON(templatePatch)
    21  
    22  	if err != nil {
    23  		return nil, fmt.Errorf("error while converting template to json %q: %w", convertedTemplatePatch, err)
    24  	}
    25  
    26  	if err := json.Unmarshal([]byte(convertedTemplatePatch), &appv1.Application{}); err != nil {
    27  		return nil, fmt.Errorf("invalid templatePatch %q: %w", convertedTemplatePatch, err)
    28  	}
    29  
    30  	data, err := strategicpatch.StrategicMergePatch(appString, []byte(convertedTemplatePatch), appv1.Application{})
    31  
    32  	if err != nil {
    33  		return nil, fmt.Errorf("error while applying templatePatch template to json %q: %w", convertedTemplatePatch, err)
    34  	}
    35  
    36  	finalApp := appv1.Application{}
    37  	err = json.Unmarshal(data, &finalApp)
    38  	if err != nil {
    39  		return nil, fmt.Errorf("error while unmarhsalling patched application: %w", err)
    40  	}
    41  
    42  	// Prevent changes to the `project` field. This helps prevent malicious template patches
    43  	finalApp.Spec.Project = app.Spec.Project
    44  
    45  	return &finalApp, nil
    46  }