From 042f905bbbc8c9343a6b4cbcf8e324ad41ec53c5 Mon Sep 17 00:00:00 2001
From: Nikolai Rodionov <allanger@zohomail.com>
Date: Sun, 21 May 2023 17:56:46 +0200
Subject: [PATCH] build: Move to a separate project

---
 kube/application.yaml |  2 +-
 kube/project.yaml     | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 kube/project.yaml

diff --git a/kube/application.yaml b/kube/application.yaml
index 810570c..bb48690 100644
--- a/kube/application.yaml
+++ b/kube/application.yaml
@@ -11,7 +11,7 @@ spec:
   destination:
     namespace: badhouseplants-$ARGO_APP_BRANCH
     server: https://kubernetes.default.svc
-  project: default
+  project: badhouseplants
   source:
     chart: badhouseplants-net
     targetRevision: $ARGO_APP_CHART_VERSION
diff --git a/kube/project.yaml b/kube/project.yaml
new file mode 100644
index 0000000..fcb23c4
--- /dev/null
+++ b/kube/project.yaml
@@ -0,0 +1,34 @@
+apiVersion: argoproj.io/v1alpha1
+kind: AppProject
+metadata:
+  name: badhouseplants
+  namespace: argo-system
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  description: BadHouseplants Blog
+  sourceRepos:
+  - '*'
+
+  destinations:
+  - namespace: badhouseplants-*
+    server: https://kubernetes.default.svc
+    name: in-cluster
+
+  # Deny all cluster-scoped resources from being created, except for Namespace
+  clusterResourceWhitelist:
+  - group: ''
+    kind: Namespace
+
+  # Allow all namespaced-scoped resources to be created, except for ResourceQuota, LimitRange, NetworkPolicy
+  namespaceResourceBlacklist:
+  - group: ''
+    kind: ResourceQuota
+  - group: ''
+    kind: LimitRange
+  - group: ''
+    kind: NetworkPolicy
+
+  # Enables namespace orphaned resource monitoring.
+  orphanedResources:
+    warn: false
\ No newline at end of file