WIP: Add support for extraObjects at the application and top-level intended to be used for ArgoCD resource hooks #19
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We change the version because we now a collection in a container to run the imperative bits
This way we will be able to point a single chart to a git repository, while keeping the compatibility. Also drop .repoURL from the values files section of the multisource app. There is no scenario where we currently want a single .repoURL to point to both.
There have been zero users in the last year or so, we can safely drop this now that we have made the 0.9.x versioning jump.
Added delete/prune annotations so it doesn't fails and prevents a successfull cascade deletion of all resources when removing a pattern which configures the scheduler. Maybe the ServerSideApply=true would also help to be less intrusive.
We do two main changes: 1. We set the `defaultPolicy` to `role:readonly`. This allows any authenticated user to see the the argo applications 2. We add a `g, admin, role:admin` and make sure that we get the `email` scope from the OIDC as well. This allows the RHDP user `admin` to work out of the box. Tested as follows: 1. Logged in on the clusterwide argo as kube admin and could still see all apps and could refresh/sync 2. Logged in as htpasswd user foo and could see the apps in read-only and could not sync 3. Logged in as htpasswd user admin and could see the apps and could sync/refresh them Co-Authored-By: Akos Eros <aeros@redhat.com>
Also add some tests for annotations in general
Otherwise we will have two levels of indentation whenever one of the
optional variables is set:
...
- name: global.multiSourceTargetRevision
value: 0.9.*
- name: global.localClusterDomain
value: apps.sno5.ocplab.ocp
- name: global.privateRepo
value: "'false'"
- name: global.experimentalCapabilities
value:
- name: acm.mce_operator.channel
value: "stable-2.7"
- name: acm.mce_operator.source
value: "iib-840483"
- name: clusterGroup.subscriptions.acm.channel
value: "release-2.12"
- name: clusterGroup.subscriptions.acm.name
value: "advanced-cluster-management"
- name: clusterGroup.subscriptions.acm.source
value: "iib-840983"
This should allow us to never regress at least when extraParameters are used
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.