feat(argocd-apps): Add permitOnlyProjectScopedClustersFlag

# Context This flag was added in this PR https://github.com/argoproj/argo-cd/pull/10237/files but is not possible to set it using the argocd-apps chart. # What it does this PR - It adds this flag as a value of the chart for projects in argocd-apps # Proof ``` echo "projects: (⎈ |kind-hnc:hnc-system) - name: orka-extensibility namespace: cre-system description: orka-extensibility clusterResourceWhitelist: - group: '*' kind: '*' destinations: - namespace: '*' server: '*' orphanedResources: warn: true sourceRepos: - '*' roles: # A role which provides read-only access to all applications in the project - name: read-only description: Read-only privileges to orka-extensibility policies: - p, proj:orka-extensibility:read-only, applications, get, orka-extensibility/*, allow - p, proj:orka-extensibility:read-only, applicationsets, get, orka-extensibility/*, allow - p, proj:orka-extensibility:read-only, applications, sync, orka-extensibility/*, allow - p, proj:orka-extensibility:read-only, applicationsets, sync, orka-extensibility/*, allow groups: - OrkA Team " > values-test.yaml helm template . -f values-test.yaml --- apiVersion: argoproj.io/v1alpha1 kind: AppProject metadata: name: orka-extensibility namespace: cre-system spec: permitOnlyProjectScopedClusters: false description: orka-extensibility sourceRepos: - '*' destinations: - namespace: '*' server: '*' clusterResourceWhitelist: - group: '*' kind: '*' orphanedResources: warn: true roles: - description: Read-only privileges to orka-extensibility groups: - OrkA Team name: read-only policies: - p, proj:orka-extensibility:read-only, applications, get, orka-extensibility/*, allow - p, proj:orka-extensibility:read-only, applicationsets, get, orka-extensibility/*, allow - p, proj:orka-extensibility:read-only, applications, sync, orka-extensibility/*, allow - p, proj:orka-extensibility:read-only, applicationsets, sync, orka-extensibility/*, allow ``` Change-Id: Ieddca7af228cbe0c4657fc907d078875daaa3eef Signed-off-by: fsero <fabian.selles@adevinta.com>
argoproj · Jul 11, 2023 · beaef0f · beaef0f
1 parent 4f6f251
commit beaef0f
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 2 deletions.
diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: argocd-apps
 description: A Helm chart for managing additional Argo CD Applications and Projects
 type: application
-version: 1.2.0
+version: 1.3.0
 home: https://github.com/argoproj/argo-helm
 icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
 keywords:
@@ -18,4 +18,4 @@ annotations:
     url: https://argoproj.github.io/argo-helm/pgp_keys.asc
   artifacthub.io/changes: |
     - kind: added
-      description: Rollout strategy for ApplicationSet
+      description: add permitOnlyProjectScopedClusters flag to Projects defaulting to false
diff --git a/charts/argocd-apps/templates/projects.yaml b/charts/argocd-apps/templates/projects.yaml
@@ -22,6 +22,7 @@ metadata:
     {{- toYaml . | nindent 4 }}
   {{- end }}
 spec:
+  permitOnlyProjectScopedClusters: {{ .permitOnlyProjectScopedClusters | default false }}
   description: {{ .description }}
   {{- with .sourceRepos }}
   sourceRepos:

diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml
@@ -48,6 +48,7 @@ projects: []
 #   namespace: argocd
 #   additionalLabels: {}
 #   additionalAnnotations: {}
+#   permitOnlyProjectScopedClusters: false
 #   finalizers:
 #   - resources-finalizer.argocd.argoproj.io
 #   description: Example Project