Skip to main content

Documentation Index

Fetch the complete documentation index at: https://dorguai.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

The dorgu operator is a Kubernetes operator built with controller-runtime that manages two custom resources: ApplicationPersona and ClusterPersona. It follows the standard operator pattern of watching resources and reconciling desired state.

Design principles

PrincipleDescription
Read-only workloadsThe operator NEVER writes to workload resources (Deployments, Services). It only updates Persona CRD status fields.
Fail-openIf the operator is down or encounters errors, workloads are unaffected. The webhook uses failurePolicy: Ignore.
Opt-in featuresOnly the core controllers are enabled by default. Webhook, Prometheus, and WebSocket require explicit opt-in.
No ArgoCD dependencyArgoCD integration uses the unstructured API — no compile-time dependency on ArgoCD types.
Graceful degradationMissing integrations (no Prometheus, no ArgoCD) are silently skipped without affecting core functionality.

Project structure

dorgu-operator/
├── api/v1/                           # CRD type definitions
│   ├── applicationpersona_types.go   # ApplicationPersona spec + status
│   ├── clusterpersona_types.go       # ClusterPersona spec + status
│   ├── groupversion_info.go          # API group registration
│   └── zz_generated.deepcopy.go     # Generated deep copy methods

├── cmd/                              # Entrypoint
│   ├── main.go                       # Manager setup, controller registration
│   └── config.go                     # CLI flag parsing

├── internal/
│   ├── controller/                   # Reconciliation controllers
│   │   ├── applicationpersona_controller.go    # Main reconciler
│   │   ├── applicationpersona_validation.go    # Validation logic
│   │   ├── applicationpersona_status.go        # Status update helpers
│   │   ├── clusterpersona_controller.go        # Cluster reconciler
│   │   ├── clusterpersona_discovery.go         # Node/resource discovery
│   │   ├── clusterpersona_addons.go            # Add-on detection
│   │   ├── argocd_watcher.go                   # ArgoCD Application watcher
│   │   └── controller_helpers.go               # Shared utilities
│   │
│   ├── metrics/                      # Prometheus integration
│   │   └── prometheus_client.go      # PromQL queries for baselines
│   │
│   ├── webhook/                      # Admission webhook
│   │   └── deployment_validator.go   # Validating webhook handler
│   │
│   └── websocket/                    # WebSocket server
│       ├── server.go                 # Server lifecycle, client management
│       ├── handlers.go               # Message handlers
│       └── protocol.go              # Message types and payloads

├── charts/dorgu-operator/            # Helm chart
├── config/                           # Kustomize manifests (CRDs, RBAC)
└── test/e2e/                         # End-to-end tests

Reconciliation model

The operator runs three independent controllers, each watching different resources:
ControllerWatchesUpdatesRequeue interval
ApplicationPersonaDeployments, Pods.status on ApplicationPersona60 seconds
ClusterPersonaNodes, Namespaces, Pods.status on ClusterPersona5 minutes
ArgoCD WatcherArgoCD Applications.status.argocd on ApplicationPersona30 seconds

Startup sequence

CRD ownership model

The operator follows a strict ownership model for the two CRDs:
CRDScopeCreated bySpec owned byStatus owned by
ApplicationPersonaNamespacedUser / CLIUser / CLIOperator
ClusterPersonaCluster-scopedUser / CLIUser / CLIOperator
The user (or CLI) creates and manages the .spec of each persona. The operator exclusively manages .status, writing validation results, health information, resource baselines, and ArgoCD sync state.

RBAC model

The operator needs read access to cluster resources and write access only to Persona status:
ResourceVerbsPurpose
ApplicationPersonasget, list, watch, update (status)Reconcile and update status
ClusterPersonasget, list, watch, update (status)Reconcile and update status
Deploymentsget, list, watchValidate against persona constraints
Podsget, listCheck pod health, count running pods
Nodesget, listDiscover cluster capacity
Namespacesget, listCount namespaces
ArgoCD Applicationsget, list, watchSync status tracking (optional)

CRD specification

Full ApplicationPersona and ClusterPersona schema

Configuration

All operator configuration options