DevFW-CICD/argocd-helm
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(argo-cd): Provide Casbin matcher explicitly (#2445)

Browse source 
Signed-off-by: yu-croco <yu.croco@gmail.com>
This commit is contained in:
Aikawa 2024-01-22 22:09:08 +09:00 committed by GitHub
parent 53620e3102
commit 5ac542fabb
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 7 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
charts/argo-cd/Chart.yaml
View file

@ -3,7 +3,7 @@ appVersion: v2.9.5
kubeVersion: ">=1.23.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
version: 5.53.5
version: 5.53.6
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
sources:
@ -26,5 +26,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: fixed
description: Fix fail to render `.Values.configs.secret.azureDevops`
- kind: added
description: Provide Casbin matcher explicitly

1
charts/argo-cd/README.md
View file

@ -485,6 +485,7 @@ NAME: my-release
| configs.params.create | bool | `true` | Create the argocd-cmd-params-cm configmap If false, it is expected the configmap will be created by something else. |
| configs.rbac."policy.csv" | string | `''` (See [values.yaml]) | File containing user-defined policies and role definitions. |
| configs.rbac."policy.default" | string | `""` | The name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc... |
| configs.rbac."policy.matchMode" | string | `"glob"` | Matcher function for Casbin, `glob` for glob matcher and `regex` for regex matcher. |
| configs.rbac.annotations | object | `{}` | Annotations to be added to argocd-rbac-cm configmap |
| configs.rbac.create | bool | `true` | Create the argocd-rbac-cm configmap with ([Argo CD RBAC policy]) definitions. If false, it is expected the configmap will be created by something else. Argo CD will not work if there is no configmap created with the name above. |
| configs.rbac.scopes | string | `"[groups]"` | OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). The scope value can be a string, or a list of strings. |

3
charts/argo-cd/values.yaml
View file

@ -303,6 +303,9 @@ configs:
# The scope value can be a string, or a list of strings.
scopes: "[groups]"
# -- Matcher function for Casbin, `glob` for glob matcher and `regex` for regex matcher.
policy.matchMode: "glob"
# GnuPG public keys for commit verification
## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/
gpg: