Description of Problem

A set of default resource exclusions were added as part of 1.18 to match the upstream behaviour (https://issues.redhat.com/browse/GITOPS-6890). However, this list is overridden by the old list of exclusions for instances created in the console (unless its removed manually during creation) as the default template for the same was not updated

Additional Info

Slack thread: https://redhat-internal.slack.com/archives/C01RQH8KQ87/p1758746959054779

Problem Reproduction

• Creating the instance via OCP console 

Reproducibility

• Always

Prerequisites/Environment

• Regular OCP, 1.18.0 version of operator

Steps to Reproduce

• Install the 1.18 version of operator
• Create an argocd instance in user defined ns
• Observe the resource exclusion list

Expected Results

Expected list:

    - apiGroups:
       - ""
       - discovery.k8s.io
       kinds:
       - Endpoints
       - EndpointSlice
     - apiGroups:
       - apiregistration.k8s.io
       kinds:
       - APIService
     - apiGroups:
       - coordination.k8s.io
       kinds:
       - Lease
     - apiGroups:
       - authentication.k8s.io
       - authorization.k8s.io
       kinds:
       - SelfSubjectReview
       - TokenReview
       - LocalSubjectAccessReview
       - SelfSubjectAccessReview
       - SelfSubjectRulesReview
       - SubjectAccessReview
     - apiGroups:
       - certificates.k8s.io
       kinds:
       - CertificateSigningRequest
     - apiGroups:
       - cert-manager.io
       kinds:
       - CertificateRequest
     - apiGroups:
       - cilium.io
       kinds:
       - CiliumIdentity
       - CiliumEndpoint
       - CiliumEndpointSlice
     - apiGroups:
       - kyverno.io
       - reports.kyverno.io
       - wgpolicyk8s.io
       kinds:
       - PolicyReport
       - ClusterPolicyReport
       - EphemeralReport
       - ClusterEphemeralReport
       - AdmissionReport
       - ClusterAdmissionReport
       - BackgroundScanReport
       - ClusterBackgroundScanReport
       - UpdateRequest 

Actual Results

This is what gets created by default in an instance created in UI

  resourceExclusions: |
    - apiGroups:
      - tekton.dev
      clusters:
      - '*'
      kinds:
      - TaskRun
      - PipelineRun     

Problem Analysis

• <Completed by engineering team as part of the triage/refinement process>

Root Cause

• Update needed in https://github.com/redhat-developer/gitops-operator/blob/78c59ae6854aa684f21ca790284a9a4bf1b78192/bundle/manifests/gitops-operator.clusterserviceversion.yaml#L137

Workaround (If Possible)

• Remove the resourceExclusions field from ArgoCD CR in order to get the default list

Fix Approaches

• <If we decide to fix this bug, how will we do it?>

Acceptance Criteria

• ...

Definition of Done

• Code Complete:
  • All code has been written, reviewed, and approved.
• Tested:
  • Unit tests have been written and passed.
  • Ensure code coverage is not reduced with the changes.
  • Integration tests have been automated.
  • System tests have been conducted, and all critical bugs have been fixed.
  • Tested and merged on OpenShift either upstream or downstream on a local build.
• Documentation:
  • User documentation or release notes have been written (if applicable).
• Build:
  • Code has been successfully built and integrated into the main repository / project.
  • Midstream changes (if applicable) are done, reviewed, approved and merged.
• Review:
  • Code has been peer-reviewed and meets coding standards.
  • All acceptance criteria defined in the user story have been met.
  • Tested by reviewer on OpenShift.
• Deployment:
  • The feature has been deployed on OpenShift cluster for testing.