Skip to content

Commit

Permalink
feat(argocd-apps): Add permitOnlyProjectScopedClustersFlag
Browse files Browse the repository at this point in the history
  # Context

  This flag was added in this PR https://github.com/argoproj/argo-cd/pull/10237/files but is not possible to set it using the argocd-apps chart.

  # What it does this PR

  - It adds this flag as a value of the chart for projects in
    argocd-apps

  # Proof

```
echo "projects:                                                                                                                                                                                                                                                         (⎈ |kind-hnc:hnc-system)
  - name: orka-extensibility
    namespace: cre-system
    description: orka-extensibility
    clusterResourceWhitelist:
    - group: '*'
      kind: '*'
    destinations:
    - namespace: '*'
      server: '*'
    orphanedResources:
      warn: true
    sourceRepos:
    - '*'
    roles:
    # A role which provides read-only access to all applications in the project
    - name: read-only
      description: Read-only privileges to orka-extensibility
      policies:
      - p, proj:orka-extensibility:read-only, applications, get, orka-extensibility/*, allow
      - p, proj:orka-extensibility:read-only, applicationsets, get, orka-extensibility/*, allow
      - p, proj:orka-extensibility:read-only, applications, sync, orka-extensibility/*, allow
      - p, proj:orka-extensibility:read-only, applicationsets, sync, orka-extensibility/*, allow
      groups:
      - OrkA Team
" > values-test.yaml

helm template . -f values-test.yaml

---
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
  name: orka-extensibility
  namespace: cre-system
spec:
  permitOnlyProjectScopedClusters: false
  description: orka-extensibility
  sourceRepos:
    - '*'
  destinations:
    - namespace: '*'
      server: '*'
  clusterResourceWhitelist:
    - group: '*'
      kind: '*'
  orphanedResources:
    warn: true
  roles:
    - description: Read-only privileges to orka-extensibility
      groups:
      - OrkA Team
      name: read-only
      policies:
      - p, proj:orka-extensibility:read-only, applications, get, orka-extensibility/*,
        allow
      - p, proj:orka-extensibility:read-only, applicationsets, get, orka-extensibility/*,
        allow
      - p, proj:orka-extensibility:read-only, applications, sync, orka-extensibility/*,
        allow
      - p, proj:orka-extensibility:read-only, applicationsets, sync, orka-extensibility/*,
        allow

```

Change-Id: Ieddca7af228cbe0c4657fc907d078875daaa3eef
Signed-off-by: fsero <fabian.selles@adevinta.com>
  • Loading branch information
Fsero committed Jul 11, 2023
1 parent 4f6f251 commit beaef0f
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 2 deletions.
4 changes: 2 additions & 2 deletions charts/argocd-apps/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: argocd-apps
description: A Helm chart for managing additional Argo CD Applications and Projects
type: application
version: 1.2.0
version: 1.3.0
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
keywords:
Expand All @@ -18,4 +18,4 @@ annotations:
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: added
description: Rollout strategy for ApplicationSet
description: add permitOnlyProjectScopedClusters flag to Projects defaulting to false
1 change: 1 addition & 0 deletions charts/argocd-apps/templates/projects.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ metadata:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
permitOnlyProjectScopedClusters: {{ .permitOnlyProjectScopedClusters | default false }}
description: {{ .description }}
{{- with .sourceRepos }}
sourceRepos:
Expand Down
1 change: 1 addition & 0 deletions charts/argocd-apps/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ projects: []
# namespace: argocd
# additionalLabels: {}
# additionalAnnotations: {}
# permitOnlyProjectScopedClusters: false
# finalizers:
# - resources-finalizer.argocd.argoproj.io
# description: Example Project
Expand Down

0 comments on commit beaef0f

Please sign in to comment.