Description of Problem

Any changes to serviceAccount and serviceAccountName field in redis deployment are not reconciled by GitOps Operator. The update logic for these fields is missing in the operator causing upgrade issues in 1.15 if somehow the serviceAccount and serviceAccountName field values are not set to "<argocd-instance-name>-argocd-redis". 

Additional Info

• This is an old bug but caught due to recent SCC changes made in 1.15 release. Not all users are affected by this bug, only installations which somehow don't reference operator created service account in redis deployment are failing. 

Problem Reproduction

• Install GitOps Operator 1.15.0
• Edit redis deployment to remove serviceAccount & serviceAccountName
• Rollout a restart of redis deployment
• Observe following error

  • pods "openshift-gitops-redis-cdf95588d-" is forbidden: unable to validate against any security context constraint: [provider "anyuid": Forbidden: not usable by user or serviceaccount, provider restricted-v2: .containers[0].runAsUser: Invalid value: 999: must be in the ranges: [1000720000, 1000729999], provider "restricted": Forbidden: not usable by user or serviceaccount, provider "nonroot-v2": Forbidden: not usable by user or serviceaccount, provider "nonroot": Forbidden: not usable by user or serviceaccount, provider "hostmount-anyuid": Forbidden: not usable by user or serviceaccount, provider "logging-scc": Forbidden: not usable by user or serviceaccount, provider "machine-api-termination-handler": Forbidden: not usable by user or serviceaccount, provider "hostnetwork-v2": Forbidden: not usable by user or serviceaccount, provider "hostnetwork": Forbidden: not 

Reproducibility

• Always

Root Cause

• Missing update logic for serviceAccount fields in operator for redis deployment

Workaround (If Possible)

• Just delete the redis deployment so that operator can create a new one with correct serviceaccount values

Acceptance Criteria

• ...

Definition of Done

• Code Complete:
  • All code has been written, reviewed, and approved.
• Tested:
  • Unit tests have been written and passed.
  • Ensure code coverage is not reduced with the changes.
  • Integration tests have been automated.
  • System tests have been conducted, and all critical bugs have been fixed.
  • Tested and merged on OpenShift either upstream or downstream on a local build.
• Documentation:
  • User documentation or release notes have been written (if applicable).
• Build:
  • Code has been successfully built and integrated into the main repository / project.
  • Midstream changes (if applicable) are done, reviewed, approved and merged.
• Review:
  • Code has been peer-reviewed and meets coding standards.
  • All acceptance criteria defined in the user story have been met.
  • Tested by reviewer on OpenShift.
• Deployment:
  • The feature has been deployed on OpenShift cluster for testing.