Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-4034

Default ArgoCD "openshift-gitops" instance's role should be set to ""

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • GitOps
    • None
    • False
    • None
    • False
    • Not Selected

      What is the nature and description of the request?

      The default instance of ArgoCD openshift-gitops in namespace openshift-gitops has the default role set to role:readonly. The Role should be set to "" instead.

      Why does the customer need this?

      This is a potential security risk as any user (Without nay privileges) that is able to login to OCP can see all resources managed by the ArgoCD instance (secrets, network policies, routes, ...). This ArgoCD instance is intended for Cluster management so there is high chance of potential misuse us sensitive data.

      List any affected packages or components.

      GitOps operator

              halawren@redhat.com Harriet Lawrence
              rhn-support-rhodain1 Roman Hodain
              Harriet Lawrence, Jann Fischer
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: