feat: Support custom rules for the Application Controller Cluster Role (#730)

* feat: Support custom rules for the Application Controller Cluster Role

Signed-off-by: Lorelei McCollum <lorelei.mccollum@endurance.com>

* Add newline at end of file

Signed-off-by: Lorelei McCollum <lorelei.mccollum@endurance.com>

CONTRIBUTING.md

@@ -22,6 +22,12 @@ helm delete argo-cd --purge
 kubectl delete crd -l app.kubernetes.io/part-of=argocd
 ```
 
+Pre-requisites:
+```
+helm repo add redis-ha https://dandydeveloper.github.io/charts/
+helm dependency update
+```
+
 Minimally:
 
 ```

charts/argo-cd/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: 2.0.0
 description: A Helm chart for ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 3.2.3
+version: 3.2.4
 home: https://github.com/argoproj/argo-helm
 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
 keywords:

charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml

@@ -6,6 +6,9 @@ metadata:
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
 rules:
+{{- if .Values.controller.clusterRoleRules.enabled }}
+{{- toYaml .Values.controller.clusterRoleRules.rules | nindent 2 }}
+{{ else }}
 - apiGroups:
   - '*'
   resources:
@@ -17,3 +20,4 @@ rules:
   verbs:
   - '*'
 {{- end }}
+{{- end }}

charts/argo-cd/values.yaml

@@ -183,6 +183,13 @@ controller:
   ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster.
   clusterAdminAccess:
     enabled: true
+  ## Enable Custom Rules for the Application Controller's Cluster Role resource
+  ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource.
+  ## Defaults to off
+  clusterRoleRules:
+    enabled: false
+    rules: []
+
 
 ## Dex
 dex: