-
Notifications
You must be signed in to change notification settings - Fork 790
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Add support for respectRBAC configuration. (#1612)
* feat: Add support for respectRBAC configuration. Signed-off-by: Jayendra Parsai <[email protected]> * docs: add Respect RBAC page to TOC Signed-off-by: Jonathan West <[email protected]> --------- Signed-off-by: Jayendra Parsai <[email protected]> Signed-off-by: Jonathan West <[email protected]> Co-authored-by: Jayendra Parsai <[email protected]> Co-authored-by: Jonathan West <[email protected]>
- Loading branch information
1 parent
0ca1920
commit 28659bf
Showing
19 changed files
with
177 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
# Respect RBAC for controller | ||
|
||
See the [upstream documentation](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#auto-respect-rbac-for-controller) for more information. | ||
|
||
This feature can be enabled by setting `respectRBAC` field in ArgoCD resource. To configure value in `argocd-cm` ConfigMap via ArgoCD resource, users need to configure `argocd.spec.controller.respectRBAC` field. Possible values for this field are `strict`, `normal` or empty (default). | ||
|
||
|
||
```yaml | ||
apiVersion: argoproj.io/v1beta1 | ||
kind: ArgoCD | ||
metadata: | ||
name: example-argocd | ||
spec: | ||
controller: | ||
respectRBAC: strict | ||
``` | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
14 changes: 14 additions & 0 deletions
14
tests/k8s/1-045_validate_controller_respect_rbac/01-assert.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
--- | ||
apiVersion: argoproj.io/v1beta1 | ||
kind: ArgoCD | ||
metadata: | ||
name: example-argocd | ||
status: | ||
phase: Available | ||
--- | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: argocd-cm | ||
data: | ||
resource.respectRBAC: normal |
7 changes: 7 additions & 0 deletions
7
tests/k8s/1-045_validate_controller_respect_rbac/01-install.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
apiVersion: argoproj.io/v1beta1 | ||
kind: ArgoCD | ||
metadata: | ||
name: example-argocd | ||
spec: | ||
controller: | ||
respectRBAC: normal |
14 changes: 14 additions & 0 deletions
14
tests/k8s/1-045_validate_controller_respect_rbac/02-assert.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
--- | ||
apiVersion: argoproj.io/v1beta1 | ||
kind: ArgoCD | ||
metadata: | ||
name: example-argocd | ||
status: | ||
phase: Available | ||
--- | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: argocd-cm | ||
data: | ||
resource.respectRBAC: strict |
7 changes: 7 additions & 0 deletions
7
tests/k8s/1-045_validate_controller_respect_rbac/02-install.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
apiVersion: argoproj.io/v1beta1 | ||
kind: ArgoCD | ||
metadata: | ||
name: example-argocd | ||
spec: | ||
controller: | ||
respectRBAC: strict |
7 changes: 7 additions & 0 deletions
7
tests/k8s/1-045_validate_controller_respect_rbac/03-errors.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
--- | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: argocd-cm | ||
data: | ||
resource.respectRBAC: strict |
7 changes: 7 additions & 0 deletions
7
tests/k8s/1-045_validate_controller_respect_rbac/03-install.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
apiVersion: argoproj.io/v1beta1 | ||
kind: ArgoCD | ||
metadata: | ||
name: example-argocd | ||
spec: | ||
controller: | ||
respectRBAC: somethibg |
7 changes: 7 additions & 0 deletions
7
tests/k8s/1-045_validate_controller_respect_rbac/04-errors.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
--- | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: argocd-cm | ||
data: | ||
resource.respectRBAC: "" |
7 changes: 7 additions & 0 deletions
7
tests/k8s/1-045_validate_controller_respect_rbac/04-install.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
apiVersion: argoproj.io/v1beta1 | ||
kind: ArgoCD | ||
metadata: | ||
name: example-argocd | ||
spec: | ||
controller: | ||
respectRBAC: "" |