You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This will bring the bitnami helm chart for argo-cd to support multiple namespaces by providing cluster roles for services that need them and allow configuration from helm user.
What is the feature you are proposing to solve the problem?
Adding cluster roles for the following:
applicationSet:
# Default value falseclusterAdminAccess: falseclusterRoleRules: []notifications:
# Default value falseclusterAdminAccess: falseclusterRoleRules: []repoServer:
# Default value falseclusterAdminAccess: falseclusterRoleRules: []server:
clusterAdminAccess: trueclusterRoleRules: []
This needs to be updated this currently has a cluster role, however there's no way to disable this access and given by default. Default is to give cluster admin access which should not be the case unless explicitly allowed.
Issues with Dynamic Cluster Distribution:
What:
When enabling Dynamic Cluster Distribution env on the controller it causes a issue with the application-set not being able to find the deployment name for the app-controller when multi-namespace is used
By default argo-cd looks for argocd-application-controller, this causes the applicationset to fail unless the provided env is set on the controller ARGOCD_APPLICATION_CONTROLLER_NAME
Changes:
Adding the ARGOCD_APPLICATION_CONTROLLER_NAME as a default env to be made providing the templated name to the controller in the templates here
New documentation in read-me for setting up any-namespace configurtation, just explaining what values to set to allow this. Links to upstream will be provided in this documentation.
Using extraDeploy to provide the cluster roles and bindings in the values file, and controller.extraEnvVars
# This requires makes for a unessaryly long values file# Also, requires you know the templated service account name for each service inside the cluster rolebindingextraDeploy:
- CLUSTER-ROLE-FOR-applicationset
- CLUSTER-ROLEBINDING-FOR-applicationset
- CLUSTER-ROLE-FOR-notifications
- CLUSTER-ROLEBINDING-FOR-notifications
- CLUSTER-ROLE-FOR-repoServer
- CLUSTER-ROLEBINDING-FOR-repoServer
- CLUSTER-ROLE-FOR-server
- CLUSTER-ROLEBINDING-FOR-servercontroller:
extraEnvVars:
- name: ARGOCD_APPLICATION_CONTROLLER_NAMEvalue: MANUALLY-SETTING-NAME-OF-TEMPLATED-DEPLOYMENT-NAME
The text was updated successfully, but these errors were encountered:
javsalgar
changed the title
Argo-CD Cluster Roles to support multiple namespaces, Dynamic Cluster Distribution issue with controller.
[bitnami/argo-cd] Argo-CD Cluster Roles to support multiple namespaces, Dynamic Cluster Distribution issue with controller.
Jun 20, 2024
Name and Version
bitnami/argo-cd 6.4.8
What is the problem this feature will solve?
This will bring the bitnami helm chart for argo-cd to support multiple namespaces by providing cluster roles for services that need them and allow configuration from helm user.
What is the feature you are proposing to solve the problem?
Adding cluster roles for the following:
Upstream examples (Check Mark = PR work done):
Issues with Dynamic Cluster Distribution:
What:
When enabling Dynamic Cluster Distribution env on the controller it causes a issue with the application-set not being able to find the deployment name for the app-controller when multi-namespace is used
By default argo-cd looks for argocd-application-controller, this causes the applicationset to fail unless the provided env is set on the controller ARGOCD_APPLICATION_CONTROLLER_NAME
Changes:
Adding the ARGOCD_APPLICATION_CONTROLLER_NAME as a default env to be made providing the templated name to the controller in the templates here
Additionally fix:
PR:
Documentaion for setting up any-namespace
New documentation in read-me for setting up any-namespace configurtation, just explaining what values to set to allow this. Links to upstream will be provided in this documentation.
Upstream documentation:
What alternatives have you considered?
Work arounds
Using extraDeploy to provide the cluster roles and bindings in the values file, and controller.extraEnvVars
The text was updated successfully, but these errors were encountered: