Uploaded image for project: 'OpenShift GitOps'
  1. OpenShift GitOps
  2. GITOPS-1027

Remove `admin` permissions for ArgoCD instance when namespace label is removed

    XMLWordPrintable

Details

    • Story
    • Resolution: Done
    • Major
    • 1.2
    • None
    • None
    • None
    • GITOPS Sprint 204

    Description

      When a namespace is labelled which is recognised by the operator to grant `admin` privileges to the ArgoCD instance is removed, the Operator must remove the privileges as well, i.e remove the following -

      • Role and Role Binding created by the operator
      • Remove namespace from the list of namespaces defined in the Cluster Secret.

       

      Acceptance Criteria

      • Implement the "renmoving" side of the requirements per https://docs.google.com/document/d/1CDm-J8QPItELQv_GIzs1Y89miXNVUh7RZS85PsxYuwg/edit#heading=h.obahgj87nfva
      • All the Role/Role Bindings should be removed.
      • Cluster Secret must not have the namespace present in the list of namespace
      • A user should be able to remove label on the target namespace and the argocd instance cannot create/manage resources on the target namespace due to permission
      • Tested upgrade
      • Tested and documented upstream (argocd operator)
      • unit test added
      • e2e tests added

       

      Attachments

        Activity

          People

            shuagarw@redhat.com Shubham Agarwal (Inactive)
            shuagarw@redhat.com Shubham Agarwal (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: