From 69ff253ad4b3674606ccd083fb5b33e739c8ad60 Mon Sep 17 00:00:00 2001
From: krrrr38 <k.kaizu38@gmail.com>
Date: Wed, 30 Dec 2020 18:54:54 +0900
Subject: [PATCH] feat(argo): Add argo SSO/RBAC support server cluster role

Signed-off-by: krrrr38 <k.kaizu38@gmail.com>
---
 charts/argo/Chart.yaml                        |  2 +-
 .../argo/templates/server-cluster-roles.yaml  | 23 ++++++++++++++++---
 2 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/charts/argo/Chart.yaml b/charts/argo/Chart.yaml
index 0a90e20f..3096c874 100644
--- a/charts/argo/Chart.yaml
+++ b/charts/argo/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: v2.11.7
 description: A Helm chart for Argo Workflows
 name: argo
-version: 0.14.0
+version: 0.14.1
 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
 home: https://github.com/argoproj/argo-helm
 maintainers:
diff --git a/charts/argo/templates/server-cluster-roles.yaml b/charts/argo/templates/server-cluster-roles.yaml
index ac51e455..9424e83c 100644
--- a/charts/argo/templates/server-cluster-roles.yaml
+++ b/charts/argo/templates/server-cluster-roles.yaml
@@ -30,6 +30,7 @@ rules:
   - serviceaccounts
   verbs:
   - get
+  - list
 - apiGroups:
   - ""
   resources:
@@ -45,6 +46,22 @@ rules:
   - events
   verbs:
   - watch
+{{- if .Values.server.sso }}
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  resourceNames:
+  - sso
+  verbs:
+  - get
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - create
+{{- end }}
 {{- if .Values.controller.persistence }}
 - apiGroups:
   - ""
@@ -54,14 +71,14 @@ rules:
   {{- with .Values.controller.persistence.postgresql }}
   - {{ .userNameSecret.name }}
   - {{ .passwordSecret.name }}
-  {{- end}}
+  {{- end }}
   {{- with .Values.controller.persistence.mysql }}
   - {{ .userNameSecret.name }}
   - {{ .passwordSecret.name }}
-  {{- end}}
+  {{- end }}
   verbs:
   - get
-{{- end}}
+{{- end }}
 - apiGroups:
   - argoproj.io
   resources: