1. Proposed title of this feature request
Sync Windows as Standalone CRDs in OpenShift GitOps/ArgoCD

2. What is the nature and description of the request?
Request to implement sync windows as standalone Custom Resource Definitions (CRDs) instead of embedded specifications within AppProject CRs, enabling better tracking, auditability, and management capabilities.

3. Why does the customer need this? (List the business requirements here)

Our organization frequently needs to freeze one or more applications during maintenance windows, change freezes, or specific operational scenarios. The current implementation where sync windows are embedded in AppProject CRs creates significant operational challenges and risks.

4.  Current Limitations

1. Lack of Audit Trail

• No version history for sync window modifications
• Unable to track who made changes and when
• Difficult to perform audits or compliance reviews
• No rollback capability for sync window configurations

2. Concurrent Modification Risks

• High risk of losing values when multiple GitOps tools access the same AppProject file
• Race conditions when different teams or automation tools update sync windows simultaneously
• No conflict resolution mechanism

3. Poor Visibility and Attribution

• Very difficult to identify the author of changes
• No clear reason/justification captured with changes
• Troubleshooting sync window issues requires extensive investigation

4. Scalability and Flexibility Constraints

• Only one AppProject CR to declare all sync windows
• Cannot easily share sync windows across multiple projects
• Difficult to implement global or organizational-wide sync windows

Proposed Solution
Feature Request
Implement sync windows as standalone CRDs that can be:

• Referenced by AppProjects
• Referenced by Applications (individually)
• Applied globally across the cluster

Key Capabilities Needed

1. Standalone CRD for Sync Windows

apiVersion: argoproj.io/v1alpha1 
kind: SyncWindow
metadata:
  name: maintenance-window-q4
  namespace: argocd
spec:
  schedule: "0 2 * * 0" # Example: Every Sunday at 2 AM
  duration: 4h
  applications: ["*"]
  kind: deny

2. Referenceable by AppProjects and Applications

• Projects can reference one or more SyncWindow CRs
• Individual applications can override or add specific sync windows
• Global sync windows can be applied cluster-wide

3. Self-Service Capabilities

• Enable RBAC for sync window management
• Allow non-admin users to create/modify sync windows with proper permissions
• Integration with automation tools for sync window lifecycle management

4. History and Auditability

• Track all changes to sync window resources (similar to Application history in ArgoCD)
• Capture metadata: author, timestamp, reason for change
• Enable rollback to previous sync window configurations
• Support audit logs for compliance requirements

Benefits

• {}Improved Auditability{}: Full history tracking and change attribution
• {}Reduced Risk{}: Eliminates concurrent modification conflicts
• {}Better Scalability{}: Reusable sync windows across multiple projects/applications
• {}Enhanced Self-Service{}: Enables delegation through RBAC and automation
• {}Operational Excellence{}: Clear visibility into active and historical sync windows
• {}Compliance{}: Better support for change management and audit requirements

Upstream Reference
This enhancement aligns with an existing feature request in the ArgoCD upstream project:

• GitHub Issue: https://github.com/argoproj/argo-cd/issues/11755

Priority
{}High{} - This impacts our daily operational workflows and introduces risks in our current multi-team GitOps environment.

Additional Context

• Current Product: OpenShift GitOps / ArgoCD
• Environment: Multi-tenant, multiple teams managing applications
• Use Case: Frequent maintenance windows requiring application sync freezes