Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-5229

Automatic Namespace Discovery for External Cluster Secrets in Argo CD

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • GitOps
    • False
    • None
    • False
    • Not Selected
    • 0
    • 0% 0%

      Proposed Title of this Feature Request :

      "Automatic Namespace Discovery for External Secrets in Argo CD"
      Nature and Description of the Request :

      The request is for Argo CD to enhance its capability to automatically discover namespaces when configured with an external secret for cluster access, rather than the default "in-cluster" secret. Currently, if a user switches to an external secret for cluster connectivity (e.g., pointing to an external Openshift API ), they must manually update the namespace list within the Cluster object settings. This manual process is cumbersome, error-prone, and not scalable, especially in dynamic environments where namespaces are frequently added or removed. The enhancement would ideally include the ability to automatically discover namespaces or support a more flexible mechanism (such as regex patterns) to define accessible namespaces without requiring manual updates or opting for the resource-intensive "All Namespaces" option.

      Why Does the Customer Need This? (Business Requirements)

      Efficiency and Automation: Eliminates the need for manual intervention to update namespace lists, aligning with DevOps principles of automation and efficiency.
      Resource Optimization: Avoids the need to grant access to "All Namespaces," which is not feasible in resource-constrained environments due to high RAM consumption.
      Dynamic Environment Support: Supports dynamic and multi-tenant environments where namespaces can change frequently, ensuring that Argo CD can adapt to these changes without manual updates.
      Risk Reduction: Reduces the risk of human error in manual updates and improves the security posture by precisely defining the scope of access.

      List Any Affected Packages or Components

      The primary component affected would be the Argo CD Cluster configuration and secret management subsystems. Specifically, changes may be required in how Argo CD interacts with Kubernetes APIs for namespace discovery and how it processes and utilizes secrets for cluster access. This feature may also necessitate updates to the Argo CD documentation to guide users on configuring and utilizing this new capability.

            halawren@redhat.com Harriet Lawrence
            rhn-support-sburhade Satyam Burhade
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: