argoproj
/
argo-helm
mirror of https://github.com/argoproj/argo-helm.git
1
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity

chore(argo-cd): Disable argocd-repo-server cluster role by default (#2498) 

Signed-off-by: Petr Drastil <petr.drastil@gmail.com>
pull/2508/head argo-cd-6.0.12
Petr Drastil 2024-02-13 16:26:29 +01:00 committed by GitHub
parent 6c47b2a69b
commit c0b7a7e074
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
charts/argo-cd/Chart.yaml
View File

@ -3,7 +3,7 @@ appVersion: v2.10.0
kubeVersion: ">=1.23.0-0" kubeVersion: ">=1.23.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd name: argo-cd
version: 6.0.11 version: 6.0.12
home: https://github.com/argoproj/argo-helm home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
sources: sources:
@ -26,5 +26,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: | artifacthub.io/changes: |
- kind: fixed - kind: security
description: Use `with` instead of `range` on reposerver serviceaccount description: Argo CD repo-server cluster role is not deployed by default

6
charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml
View File

@ -1,4 +1,4 @@
{{- if .Values.createClusterRoles }} {{- if and .Values.createClusterRoles .Values.repoServer.clusterRoleRules.enabled }}
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
@ -6,8 +6,8 @@ metadata:
labels: labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
rules: rules:
{{- if .Values.repoServer.clusterRoleRules.enabled }} {{- with .Values.repoServer.clusterRoleRules.rules }}
{{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 2 }} {{- toYaml . | nindent 2 }}
{{- else }} {{- else }}
- apiGroups: - apiGroups:
- '*' - '*'

2
charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml
View File

@ -1,4 +1,4 @@
{{- if .Values.createClusterRoles }} {{- if and .Values.createClusterRoles .Values.repoServer.clusterRoleRules.enabled }}
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata: