Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Argo CD UI fails to create applications on OpenShift 4.12 clusters on AWS #502

Open
jianrongzhang89 opened this issue May 9, 2023 · 4 comments
Open

Argo CD UI fails to create applications on OpenShift 4.12 clusters on AWS #502

jianrongzhang89 opened this issue May 9, 2023 · 4 comments

Comments

@jianrongzhang89
Copy link

Describe the bug
After the OpenShift GitOps operator was deployed on new OpenShift 4.12 clusters on AWS, I ran into permission errors when creating an application via Argo CD UI, and as such the creation failed.

To Reproduce
Steps to reproduce the behavior:

  1. Create a new OpenShift 4.12 cluster on AWS.
  2. Deploy OpenShift GitOps operator through the OpenShift console Operator Hub.
  3. After the operator is deployed successfully, go to the Argo CD UI via the "CLuster Argo CD" link from the top of the console.
  4. Log into the Argo CD UI with OpoenShift Log in.
  5. Grant permission to access the Argo CD UI.
  6. In the Argo CD UI, click "+ NEW APP" button and enter the following details for your new application in the form.
  • Application Name: spring-petclinic
  • Project: default
  • Sync Policy: Automatic
  • Self-heal: checked
  • Repository URL: https://github.com/siamaksade/openshift-gitops-getting-started
  • Revision: HEAD
  • Path: app
  • Destination: https://kubernetes.default.svc
  • Namespace: spring-petclinic
  • Directory Recurse: checked
    The click "CREATE" and an error gets displayed (see the screenshot)and the operation failed.

Expected behavior
The application shall be created successfully without errors.

Screenshots
Screenshot 2023-05-09 at 11 23 58 AM

Additional context
As a workaround, run the following commands and then the application creation is done without issue. So such configuration should be added into the OpenShift GitOps configuration so that it works out-of-box.
oc adm groups new cluster-admins
oc adm groups add-users cluster-admins admin
@wtam2018
Copy link
Collaborator

wtam2018 commented Jun 1, 2023

Hi @jianrongzhang89 , what is the GitOps Operator version you are running?

@jianrongzhang89
Copy link
Author

@wtam2018 The GitOps Operator version is 1.8.2.

@wtam2018
Copy link
Collaborator

wtam2018 commented Jun 1, 2023

Hi @jianrongzhang89, an Argo CD instance does not have permission to manage resources in any arbitrary namespace. However, you can configure that by using the managed-by label. Please see the documentation here.
https://argocd-operator.readthedocs.io/en/latest/usage/deploy-to-different-namespaces/ What you would do is to add the managed-by label to the spring-petclinic namespace. The label is

argocd.argoproj.io/managed-by: foo // namespace of the Argo CD instance

Then, the operator will set up the permission for the Argo CD instance to manage the resources in the spring-petclinic namespace.

@jianrongzhang89
Copy link
Author

hi @wtam2018 I added the following label to my target namespace:
argocd.argoproj.io/managed-by=openshift-gitops
The error still happens in the Argo CD UI when I tried to create an application.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wtam2018 @jianrongzhang89