Loading...

XML

Word

Printable

Type: Epic
Resolution: Unresolved
Priority: Undefined
Fix Version/s: 1.16.0
Affects Version/s: None
Component/s: ArgoCD
Labels:

Epic Name:
Add support for respectRBAC to operator
Blocked:
False
Blocked Reason:
None
Ready:
False
Epic Status:
To Do
Hierarchy Progress Bar:

50% To Do, 0% In Progress, 50% Done
Intelligence Requested:
Market:

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Epic Goal

Add support for the Argo CD resource.respectRBAC field to the operator instead of having users use extraConfig to set it.

Why is this important?

respectRBAC enables users to have Argo CD respect the permissions set in Kubernetes without having to explicitly set resource exclusions. It enables users to eeasily reduce the scope of permissions for the application-controller in an easy and efficient way
This is very useful for customers that want to lock down Argo CD to specific resources.

Scenarios

Argo administrator wants to set this switch to lock down permissions

Acceptance Criteria (Mandatory)

CI - MUST be running successfully with tests automated
Release Technical Enablement - Provide necessary release enablement details and documents.
...

Dependencies (internal and external)

...

Previous Work (Optional):

The respectRBAC feature is documented here: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#auto-respect-rbac-for-controller

Open questions::

...

Done Checklist

Acceptance criteria are met
Non-functional properties of the Feature have been validated (such as performance, resource, UX, security or privacy aspects)
User Journey automation is delivered
Support and SRE teams are provided with enough skills to support the feature in production environment

Assignee:: Jayendra Parsai

Reporter:: Gerald Nunn

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2024/08/09 7:26 PM

Updated:: 2024/12/04 7:41 AM