Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(argo-cd): add multi-namespace support for ApplicationSet controller RBAC #2935

Merged
merged 5 commits into from
Sep 25, 2024
Merged

feat(argo-cd): add multi-namespace support for ApplicationSet controller RBAC #2935

merged 5 commits into from
Sep 25, 2024

Conversation

leehosu
Copy link
Member

@leehosu leehosu commented Sep 24, 2024
edited
Loading

related #2919

Checklist:

  • I have bumped the chart version according to versioning
  • I have updated the documentation according to documentation
  • I have updated the chart changelog with all the changes that come with this pull request according to changelog.
  • Any new values are backwards compatible and/or have sensible default.
  • I have signed off all my commits as required by DCO.
  • My build is green (troubleshooting builds).

@leehosu
feat(argo-cd): support multiple namespaces in applicationsetcontroller
df4beaa 
Signed-off-by: leehosu <hosu4549@gmail.com>
@leehosu
fetch upstream
0745a74 
Signed-off-by: leehosu <hosu4549@gmail.com>
@leehosu
fetch upstream
c4171c6 
Signed-off-by: leehosu <hosu4549@gmail.com>
@leehosu
update README
4df6715 
Signed-off-by: leehosu <hosu4549@gmail.com>
@leehosu
change a values about namespace
77118d3 
Signed-off-by: leehosu <hosu4549@gmail.com>
yu-croco
yu-croco approved these changes Sep 25, 2024
View reviewed changes
Copy link
Collaborator

@yu-croco yu-croco left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your contribution. LGTM

@mbevc1 mbevc1 merged commit 0afd9e6 into argoproj:main Sep 25, 2024
6 checks passed
rouke-broersma referenced this pull request in broersma-forslund/homelab Sep 25, 2024
@renovate
chore(deps): update helm release argo-cd to v7.6.3 (#564)
ecb4489 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [argo-cd](https://redirect.github.com/argoproj/argo-helm) | patch |
`7.6.2` -> `7.6.3` |

---

### Release Notes

<details>
<summary>argoproj/argo-helm (argo-cd)</summary>

###
[`v7.6.3`](https://redirect.github.com/argoproj/argo-helm/releases/tag/argo-cd-7.6.3)

A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool
for Kubernetes.

#### What's Changed

- feat(argo-cd): add multi-namespace support for ApplicationSet
controller RBAC by
[@&#8203;leehosu](https://redirect.github.com/leehosu) in
[https://github.com/argoproj/argo-helm/pull/2935](https://redirect.github.com/argoproj/argo-helm/pull/2935)

#### New Contributors

- [@&#8203;leehosu](https://redirect.github.com/leehosu) made their
first contribution in
[https://github.com/argoproj/argo-helm/pull/2935](https://redirect.github.com/argoproj/argo-helm/pull/2935)

**Full Changelog**:
argoproj/argo-helm@argo-cd-7.6.2...argo-cd-7.6.3

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/broersma-forslund/homelab).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC44MC4wIiwidXBkYXRlZEluVmVyIjoiMzguODAuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@spirkaa
Copy link

spirkaa commented Sep 26, 2024

This change was unnecessary, ApplicationSet in any namespace feature already working beginning from chart version 6.6.0.

Additional subjects in ClusterRoleBinding do nothing, because these namespaces don't contain this service account. ApplicationSet controller uses single account in argocd namespace.

@Skaronator
Copy link

Additionally, this will result in a RBAC that doesn't work. My ArgoCD config looks like this:

configs:
  params:
    application.namespaces: project-*
    applicationsetcontroller.namespaces: project-*

Which will result in the following RBAC:

subjects:
- kind: ServiceAccount
  name: argocd-application-controllerargocd-applicationset-controller
  namespace: ops
- kind: ServiceAccount
  name: argocd-applicationset-controller
  namespace: project-*  # <-- doesn't work

But kubernetes doesn't support wildcard syntax

@yu-croco yu-croco mentioned this pull request Sep 29, 2024
Merged
6 tasks
@leehosu leehosu mentioned this pull request Oct 1, 2024
Closed
6 tasks
@renovate renovate bot mentioned this pull request Jan 24, 2025
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mbevc1 mbevc1 mbevc1 approved these changes

@yu-croco yu-croco yu-croco approved these changes

@mkilchhofer mkilchhofer Awaiting requested review from mkilchhofer mkilchhofer is a code owner

@jmeridth jmeridth Awaiting requested review from jmeridth jmeridth is a code owner

@pdrastil pdrastil Awaiting requested review from pdrastil pdrastil is a code owner

@tico24 tico24 Awaiting requested review from tico24 tico24 is a code owner

Assignees
No one assigned
Labels
argo-cd size/S
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@leehosu @spirkaa @Skaronator @mbevc1 @yu-croco