Does Helm Secrets also support 'ArgoCD - ApplicationSet'?

[oliverpark999]

Current Behavior

I succeeded in 'encrypting' and 'decrypting' using 'Helm Secrets' and Argocd's 'Application'.
But now I want to ‘encrypt’ and ‘decrypt’ using Argocd’s ‘ApplicationSet’.
But an error occurs.
Is 'ApplicationSet' not supported?

Expected Behavior

If you specify two '.yaml' files as in 'application' and deploy them to Argocd, deployment is successful.

Steps To Reproduce

The same as 'application', an error occurs if you specify two '.yaml' files and deploy them in Argocd.

## Error
Failed to load target state: failed to generate manifest for source 1 of 2: rpc error: code = Unknown desc = `helm template . --name-template karpenter --namespace xxxx --kube-version 1.30 --values /tmp/xxxxxx/xxx/values.yaml --values secrets://xxx.yaml <api versions removed> --include-crds` failed exit status 1: [helm-secrets] File does not exist: sensitive.yaml Error: failed parsing --set-file data: plugin "scripts/run.sh downloader" exited with error [helm-secrets] helm template command errored on value 'secrets://xxx.yaml' [helm-secrets] File does not exist: secrets://xxx.yaml Error: plugin "secrets" exited with error

Environment

• Helm Version: v3.15.0
• Helm Secrets Version: 4.6.0
• ArgoCD Version:: v2.11.3
• OS:
• Shell:

Anything else?

No response

[jkroepke]

I never tested ApplicationSet, but as I know, ApplicationSet only generated Application in back based on templates.

Maybe this https://github.com/jkroepke/helm-secrets/wiki/ArgoCD-Integration#multi-source-application-support is also required for ApplicationSet.

[oliverpark999]

I never tested ApplicationSet, but as I know, ApplicationSet only generated Application in back based on templates.

Maybe this https://github.com/jkroepke/helm-secrets/wiki/ArgoCD-Integration#multi-source-application-support is also required for ApplicationSet.

It would be nice to be able to check that behavior in "ApplicationSet" as well.
The “application” works great.

[oliverpark999]

I never tested ApplicationSet, but as I know, ApplicationSet only generated Application in back based on templates.

Maybe this https://github.com/jkroepke/helm-secrets/wiki/ArgoCD-Integration#multi-source-application-support is also required for ApplicationSet.

Unlike "Application", 'secrets://' seems to be incompatible in "ApplicationSet".
So I applied it like below.

 helm:
 valueFiles:
 - "$values/values.yaml"
 - "$values/secrets.yaml"

However, in ArgoCD, only the default 'values' values ​​are distributed.
Of course, the Pod is abnormal.
What should I do?

[jkroepke]

I need the full AppSet to get the context

[oliverpark999]

I need the full AppSet to get the context

What AppSet do you mean?
Do I need to have the full code for my AppSet?

[jkroepke]

The full YAML manifest, yes.

[oliverpark999]

The full YAML manifest, yes.

My 'Application' and 'ApplicationSet' are as follows.
In ApplicationSet, an error occurred in the '- secrets://secrets.yaml' line, so 'secrets://' was removed. Any clues?

# Application
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: foobar
  namespace: argocd
spec:
  project: default
  source:
    repoURL: 'xxxxx/foobar.yaml'
    targetRevision: HEAD
    path: foo/foobar
    helm:
      valueFiles:
        - values.yaml
        - secrets://secrets.yaml
  destination:
    server: 'https://xxxxx'
    namespace: foobar
  syncPolicy:
    syncOptions:
    - CreateNamespace=false

# ApplicationSet
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
  name: foobar-helm
  namespace: argocd
spec:
  generators:
    - git:
        repoURL: xxxxxx
        revision: HEAD
        files:
          - path: "xxxxx/foobar.yaml"
  syncPolicy:
    preserveResourcesOnDeletion: true
  template:
    metadata:
      name: foobar
      namespace: argocd
    spec:
      project: default
      sources:
      - repoURL: xxxxxx
        chart: foobar
        targetRevision: v0.13
        helm:
          valueFiles:
          - "$values/values.yaml"
          - "$values/secrets.yaml"
      - repoURL: 'xxxxxx'
        targetRevision: HEAD
        ref: values
      destination:
        server: 'https://xxxxx'
        namespace: foobar
      syncPolicy:
        syncOptions:
        - CreateNamespace=false

[jkroepke]

The ApplicationSet and the Application is completely different.

In ApplicationSet, the spec contains a Multi-Source application. However, the Application contains a single-source application.

[oliverpark999]

The ApplicationSet and the Application is completely different.

In ApplicationSet, the spec contains a Multi-Source application. However, the Application contains a single-source application.

So how can I use it in ApplicationSet ?
Is it available?

[jkroepke]

In general yes.

[oliverpark999]

In general yes.

How can I use it in ApplicationSet?
If it's impossible, Are there any plans to update ApplicationSet to also use Helm Secrets?