Core Components

Workflows are built on three main Kubernetes Custom Resource Definitions (CRDs):

WorkflowTemplate

A WorkflowTemplate is a reusable definition of a workflow. It contains:
  • Parameters: A list of input parameters that can be used to customize the workflow at runtime.
  • Jobs: A map of jobs that define the work to be done. Each job can have one or more steps.
  • Steps: The individual actions within a job, such as pulling a secret, running a generator, or pushing a secret to a new destination.
WorkflowTemplate resources are designed to be generic and reusable across different environments and use cases.

WorkflowRun

A WorkflowRun is an instance of a WorkflowTemplate. It is created to execute a workflow with a specific set of arguments. It contains:
  • templateRef: A reference to the WorkflowTemplate to be executed.
  • arguments: A set of key-value pairs that provide values for the parameters defined in the WorkflowTemplate.
A WorkflowRun is a one-time execution of a workflow. Once it completes, it will not run again.

WorkflowRunTemplate

A WorkflowRunTemplate is a controller that automates the creation of WorkflowRun resources. It allows you to run workflows on a schedule or in response to changes. It contains:
  • runSpec: A WorkflowRunSpec that defines the WorkflowRun to be created.
  • runPolicy: A policy that determines when to create a new WorkflowRun. The following policies are supported:
    • once: Creates a WorkflowRun only once.
    • scheduled: Creates WorkflowRun resources on a schedule, defined by a cron expression or a fixed every interval.
    • onChange: Creates a WorkflowRun whenever the WorkflowRunTemplate spec changes.