Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Applications in any namespace #9755

Merged
merged 37 commits into from
Aug 10, 2022
Merged

feat: Applications in any namespace #9755

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
37 commits
Select commit Hold shift + click to select a range
6aac75e
feat: Applications in any namespace
jannfis May 24, 2022
3f20a8b
Fix typo in CI
jannfis Jun 22, 2022
e71d320
Create argocd-e2e-external namespace
jannfis Jun 22, 2022
6a2193b
Update from codegen
jannfis Jun 22, 2022
46f8bd0
Remove debug code
jannfis Jun 30, 2022
60a1225
Update help text for -N option to app create
jannfis Jun 30, 2022
04cbff0
Wrap error when retrieving AppProject from cache
jannfis Jun 30, 2022
84b196c
Check for controller namespace first before matching on additional ns
jannfis Jun 30, 2022
5f17811
Improve TestAppProjectIsSourceNamespacePermitted unit test
jannfis Jun 30, 2022
7509db8
Get rid of some debug leftovers
jannfis Jun 30, 2022
dcf0749
Better error wrapping; return IsNotFound as-is
jannfis Jul 7, 2022
7d91ece
Updates from codegen
jannfis Jul 7, 2022
49485f3
We don't need AppShortName() anymore
jannfis Jul 7, 2022
afa5787
Update end-to-end tests to use annotation methods
jannfis Jul 7, 2022
0bdea96
Add e2e tests to test for app creation in not permitted ns
jannfis Jul 7, 2022
bb7c0f0
Remove deprecated code
jannfis Jul 7, 2022
e2242ea
Remove dead code
jannfis Jul 7, 2022
b57f289
Add RBACName() method to application type
jannfis Jul 8, 2022
b096cb3
Update from codegen
jannfis Jul 18, 2022
50f48b9
Fix e2e test
jannfis Jul 18, 2022
81f6da1
Update codegen
jannfis Jul 19, 2022
0d9eea7
Move RBAC name generation to an application receiver
jannfis Aug 1, 2022
45b482a
Fix sync window status in UI
jannfis Aug 1, 2022
52b5027
Fix pod logs viewer
jannfis Aug 1, 2022
1dd0120
Fix application events in UI
jannfis Aug 1, 2022
b5a4941
Fix application search in UI
jannfis Aug 1, 2022
716b458
Fix yarn lint
jannfis Aug 1, 2022
2161698
Merge branch 'master' of github.com:argoproj/argo-cd into feat/apps-i…
jannfis Aug 5, 2022
b873029
Only set up cluster-wide application informer when additional namespa…
jannfis Aug 5, 2022
de825d1
Merge branch 'master' of github.com:argoproj/argo-cd into feat/apps-i…
jannfis Aug 9, 2022
5d99371
Adapt e2e test to a changed error message
jannfis Aug 9, 2022
194da5d
Application namespace should be taken into account for create
jannfis Aug 9, 2022
dcde56c
Use non-qualified application name as Helm release name
jannfis Aug 9, 2022
360d267
Support --app-namespace in e2e tests
jannfis Aug 9, 2022
77d3658
Enable more e2e tests
jannfis Aug 9, 2022
4f0f27e
Merge branch 'master' of github.com:argoproj/argo-cd into feat/apps-i…
jannfis Aug 9, 2022
c10a381
Increase e2e timeout for newly added tests
jannfis Aug 10, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 1 addition & 0 deletions .github/workflows/ci-build.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -354,6 +354,7 @@ jobs:
ARGOCD_E2E_K3S: "true"
ARGOCD_IN_CI: "true"
ARGOCD_E2E_APISERVER_PORT: "8088"
ARGOCD_APPLICATION_NAMESPACES: "argocd-e2e-external"
ARGOCD_SERVER: "127.0.0.1:8088"
GITHUB_TOKEN: ${{ secrets.E2E_TEST_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
GITLAB_TOKEN: ${{ secrets.E2E_TEST_GITLAB_TOKEN }}
Expand Down
10 changes: 7 additions & 3 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ ARGOCD_E2E_DEX_PORT?=5556
ARGOCD_E2E_YARN_HOST?=localhost
ARGOCD_E2E_DISABLE_AUTH?=

ARGOCD_E2E_TEST_TIMEOUT?=30m
ARGOCD_E2E_TEST_TIMEOUT?=45m

ARGOCD_IN_CI?=false
ARGOCD_TEST_E2E?=true
Expand Down Expand Up @@ -81,6 +81,7 @@ define run-in-test-server
-e ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} \
-e ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} \
-e ARGOCD_GPG_DATA_PATH=${ARGOCD_GPG_DATA_PATH:-/tmp/argocd-local/gpg/source} \
-e ARGOCD_APPLICATION_NAMESPACES \
-e GITHUB_TOKEN \
-v ${DOCKER_SRC_MOUNT} \
-v ${GOPATH}/pkg/mod:/go/pkg/mod${VOLUME_MOUNT} \
Expand Down Expand Up @@ -118,7 +119,7 @@ endef

#
define exec-in-test-server
docker exec -it -u $(shell id -u):$(shell id -g) -e ARGOCD_E2E_K3S=$(ARGOCD_E2E_K3S) argocd-test-server $(1)
docker exec -it -u $(shell id -u):$(shell id -g) -e ARGOCD_E2E_RECORD=$(ARGOCD_E2E_RECORD) -e ARGOCD_E2E_K3S=$(ARGOCD_E2E_K3S) argocd-test-server $(1)
endef

PATH:=$(PATH):$(PWD)/hack
Expand Down Expand Up @@ -405,7 +406,7 @@ test-e2e:
test-e2e-local: cli-local
# NO_PROXY ensures all tests don't go out through a proxy if one is configured on the test system
export GO111MODULE=off
ARGOCD_GPG_ENABLED=true NO_PROXY=* ./hack/test.sh -timeout $(ARGOCD_E2E_TEST_TIMEOUT) -v ./test/e2e
ARGOCD_E2E_RECORD=${ARGOCD_E2E_RECORD} ARGOCD_GPG_ENABLED=true NO_PROXY=* ./hack/test.sh -timeout $(ARGOCD_E2E_TEST_TIMEOUT) -v ./test/e2e

# Spawns a shell in the test server container for debugging purposes
debug-test-server: test-tools-image
Expand All @@ -426,6 +427,7 @@ start-e2e: test-tools-image
.PHONY: start-e2e-local
start-e2e-local: mod-vendor-local dep-ui-local cli-local
kubectl create ns argocd-e2e || true
kubectl create ns argocd-e2e-external || true
kubectl config set-context --current --namespace=argocd-e2e
kustomize build test/manifests/base | kubectl apply -f -
kubectl apply -f https://raw.githubusercontent.com/open-cluster-management/api/a6845f2ebcb186ec26b832f60c988537a58f3859/cluster/v1alpha1/0000_04_clusters.open-cluster-management.io_placementdecisions.crd.yaml
Expand All @@ -446,6 +448,7 @@ start-e2e-local: mod-vendor-local dep-ui-local cli-local
ARGOCD_ZJWT_FEATURE_FLAG=always \
ARGOCD_IN_CI=$(ARGOCD_IN_CI) \
BIN_MODE=$(ARGOCD_BIN_MODE) \
ARGOCD_APPLICATION_NAMESPACES=argocd-e2e-external \
ARGOCD_E2E_TEST=true \
goreman -f $(ARGOCD_PROCFILE) start ${ARGOCD_START}

Expand Down Expand Up @@ -477,6 +480,7 @@ start-local: mod-vendor-local dep-ui-local cli-local
ARGOCD_IN_CI=false \
ARGOCD_GPG_ENABLED=$(ARGOCD_GPG_ENABLED) \
ARGOCD_E2E_TEST=false \
ARGOCD_APPLICATION_NAMESPACES=$(ARGOCD_APPLICATION_NAMESPACES) \
goreman -f $(ARGOCD_PROCFILE) start ${ARGOCD_START}

# Run goreman start with exclude option , provide exclude env variable with list of services
Expand Down
4 changes: 2 additions & 2 deletions Procfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
controller: [ "$BIN_MODE" == 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-application-controller $COMMAND --loglevel debug --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081} --otlp-address=${ARGOCD_OTLP_ADDRESS}"
api-server: [ "$BIN_MODE" == 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-server $COMMAND --loglevel debug --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --disable-auth=${ARGOCD_E2E_DISABLE_AUTH:-'true'} --insecure --dex-server http://localhost:${ARGOCD_E2E_DEX_PORT:-5556} --repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081} --port ${ARGOCD_E2E_APISERVER_PORT:-8080} --otlp-address=${ARGOCD_OTLP_ADDRESS}"
controller: [ "$BIN_MODE" == 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-application-controller $COMMAND --loglevel debug --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081} --otlp-address=${ARGOCD_OTLP_ADDRESS} --application-namespaces=${ARGOCD_APPLICATION_NAMESPACES:-''}"
api-server: [ "$BIN_MODE" == 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-server $COMMAND --loglevel debug --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --disable-auth=${ARGOCD_E2E_DISABLE_AUTH:-'true'} --insecure --dex-server http://localhost:${ARGOCD_E2E_DEX_PORT:-5556} --repo-server localhost:${ARGOCD_E2E_REPOSERVER_PORT:-8081} --port ${ARGOCD_E2E_APISERVER_PORT:-8080} --otlp-address=${ARGOCD_OTLP_ADDRESS} --application-namespaces=${ARGOCD_APPLICATION_NAMESPACES:-''}"
dex: sh -c "ARGOCD_BINARY_NAME=argocd-dex go run github.com/argoproj/argo-cd/v2/cmd gendexcfg -o `pwd`/dist/dex.yaml && docker run --rm -p ${ARGOCD_E2E_DEX_PORT:-5556}:${ARGOCD_E2E_DEX_PORT:-5556} -v `pwd`/dist/dex.yaml:/dex.yaml ghcr.io/dexidp/dex:$(grep "image: ghcr.io/dexidp/dex" manifests/base/dex/argocd-dex-server-deployment.yaml | cut -d':' -f3) dex serve /dex.yaml"
redis: bash -c "if [ \"$ARGOCD_REDIS_LOCAL\" == 'true' ]; then redis-server --save '' --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}; else docker run --rm --name argocd-redis -i -p ${ARGOCD_E2E_REDIS_PORT:-6379}:${ARGOCD_E2E_REDIS_PORT:-6379} redis:$(grep "image: redis" manifests/base/redis/argocd-redis-deployment.yaml | cut -d':' -f3) --save '' --appendonly no --port ${ARGOCD_E2E_REDIS_PORT:-6379}; fi"
repo-server: [ "$BIN_MODE" == 'true' ] && COMMAND=./dist/argocd || COMMAND='go run ./cmd/main.go' && sh -c "FORCE_LOG_COLORS=1 ARGOCD_FAKE_IN_CLUSTER=true ARGOCD_GNUPGHOME=${ARGOCD_GNUPGHOME:-/tmp/argocd-local/gpg/keys} ARGOCD_PLUGINSOCKFILEPATH=${ARGOCD_PLUGINSOCKFILEPATH:-./test/cmp} ARGOCD_GPG_DATA_PATH=${ARGOCD_GPG_DATA_PATH:-/tmp/argocd-local/gpg/source} ARGOCD_TLS_DATA_PATH=${ARGOCD_TLS_DATA_PATH:-/tmp/argocd-local/tls} ARGOCD_SSH_DATA_PATH=${ARGOCD_SSH_DATA_PATH:-/tmp/argocd-local/ssh} ARGOCD_BINARY_NAME=argocd-repo-server ARGOCD_GPG_ENABLED=${ARGOCD_GPG_ENABLED:-false} $COMMAND --loglevel debug --port ${ARGOCD_E2E_REPOSERVER_PORT:-8081} --redis localhost:${ARGOCD_E2E_REDIS_PORT:-6379} --otlp-address=${ARGOCD_OTLP_ADDRESS}"
Expand Down
123 changes: 123 additions & 0 deletions assets/swagger.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -265,6 +265,12 @@
"description": "the repoURL to restrict returned list applications.",
"name": "repo",
"in": "query"
},
{
"type": "string",
"description": "the application's namespace.",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -407,6 +413,11 @@
"type": "string",
"name": "kind",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -463,6 +474,11 @@
"type": "string",
"name": "kind",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -529,6 +545,12 @@
"description": "the repoURL to restrict returned list applications.",
"name": "repo",
"in": "query"
},
{
"type": "string",
"description": "the application's namespace.",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -568,6 +590,11 @@
"type": "string",
"name": "propagationPolicy",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -651,6 +678,11 @@
"type": "string",
"name": "resourceUID",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -758,6 +790,11 @@
"type": "boolean",
"name": "previous",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -803,6 +840,11 @@
"type": "string",
"name": "revision",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -834,6 +876,11 @@
"name": "name",
"in": "path",
"required": true
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -942,6 +989,11 @@
"type": "boolean",
"name": "previous",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -1007,6 +1059,11 @@
"type": "string",
"name": "kind",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -1074,6 +1131,11 @@
"type": "string",
"name": "patchType",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -1138,6 +1200,11 @@
"type": "boolean",
"name": "orphan",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -1194,6 +1261,11 @@
"type": "string",
"name": "kind",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -1256,6 +1328,11 @@
"type": "string",
"name": "kind",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -1295,6 +1372,12 @@
"name": "revision",
"in": "path",
"required": true
},
{
"type": "string",
"description": "the application's namespace.",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -1378,6 +1461,11 @@
"type": "boolean",
"name": "validate",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -1448,6 +1536,11 @@
"name": "name",
"in": "path",
"required": true
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -3167,6 +3260,12 @@
"description": "the repoURL to restrict returned list applications.",
"name": "repo",
"in": "query"
},
{
"type": "string",
"description": "the application's namespace.",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -3232,6 +3331,11 @@
"type": "string",
"name": "kind",
"in": "query"
},
{
"type": "string",
"name": "appNamespace",
"in": "query"
}
],
"responses": {
Expand Down Expand Up @@ -3390,6 +3494,9 @@
"type": "object",
"title": "ApplicationPatchRequest is a request to patch an application",
"properties": {
"appNamespace": {
"type": "string"
},
"name": {
"type": "string"
},
Expand All @@ -3415,6 +3522,9 @@
"applicationApplicationRollbackRequest": {
"type": "object",
"properties": {
"appNamespace": {
"type": "string"
},
"dryRun": {
"type": "boolean"
},
Expand All @@ -3434,6 +3544,9 @@
"type": "object",
"title": "ApplicationSyncRequest is a request to apply the config state to live state",
"properties": {
"appNamespace": {
"type": "string"
},
"dryRun": {
"type": "boolean"
},
Expand Down Expand Up @@ -3704,6 +3817,9 @@
"$ref": "#/definitions/v1alpha1ConfigManagementPlugin"
}
},
"controllerNamespace": {
"type": "string"
},
"dexConfig": {
"$ref": "#/definitions/clusterDexConfig"
},
Expand Down Expand Up @@ -4755,6 +4871,13 @@
"$ref": "#/definitions/v1alpha1SignatureKey"
}
},
"sourceNamespaces": {
"type": "array",
"title": "SourceNamespaces defines the namespaces application resources are allowed to be created in",
"items": {
"type": "string"
}
},
"sourceRepos": {
"type": "array",
"title": "SourceRepos contains list of repository URLs which can be used for deployment",
Expand Down
5 changes: 4 additions & 1 deletion cmd/argocd-application-controller/commands/argocd_application_controller.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@ func NewCommand() *cobra.Command {
repoServerPlaintext bool
repoServerStrictTLS bool
otlpAddress string
applicationNamespaces []string
)
var command = cobra.Command{
Use: cliName,
Expand Down Expand Up @@ -148,7 +149,8 @@ func NewCommand() *cobra.Command {
metricsCacheExpiration,
metricsAplicationLabels,
kubectlParallelismLimit,
clusterFilter)
clusterFilter,
applicationNamespaces)
errors.CheckError(err)
cacheutil.CollectMetrics(redisClient, appController.GetMetricsServer())

Expand Down Expand Up @@ -189,6 +191,7 @@ func NewCommand() *cobra.Command {
command.Flags().BoolVar(&repoServerStrictTLS, "repo-server-strict-tls", env.ParseBoolFromEnv("ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_STRICT_TLS", false), "Whether to use strict validation of the TLS cert presented by the repo server")
command.Flags().StringSliceVar(&metricsAplicationLabels, "metrics-application-labels", []string{}, "List of Application labels that will be added to the argocd_application_labels metric")
command.Flags().StringVar(&otlpAddress, "otlp-address", env.StringFromEnv("ARGOCD_APPLICATION_CONTROLLER_OTLP_ADDRESS", ""), "OpenTelemetry collector address to send traces to")
command.Flags().StringSliceVar(&applicationNamespaces, "application-namespaces", []string{}, "List of additional namespaces that applications are allowed to be created in")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like this isn't making use of the ARGOCD_APPLICATION_NAMESPACES env var. Should it be?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe this setting should just live in argocd-cm, since it's shared by multiple components (the controller and the API)?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we could make the env var ARGOCD_APPLICATION_NAMESPACES live in argocd-cmd-params-cm ConfigMap and have it consumed by both, argocd-server and argocd-application-controller in the Cobra commands instead of putting it in the argocd-cm ConfigMap.

A change to this setting would require restart of both, server and controller, so I think argocd-cm might not be the right place for it.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense to me!

cacheSrc = appstatecache.AddCacheFlagsToCmd(&command, func(client *redis.Client) {
redisClient = client
})
Expand Down