fix(argo-cd): Added pod exec permission to argo-server Role when exec.enabled is True. (#1867)

* Added pods exec to role permissions

The argocd-server Role requires the pods/exec create permission in order to be able to start the web based terminal as per: https://argo-cd.readthedocs.io/en/stable/operator-manual/web_based_terminal/

This brings the Role in line with the ClusterRole change already made

Signed-off-by: ugoogalizer <signup@mattcurtis.id.au>

* bumped version

Signed-off-by: ugoogalizer <signup@mattcurtis.id.au>

* Added description of change

Signed-off-by: ugoogalizer <signup@mattcurtis.id.au>

* Removed trailing whitespace

Signed-off-by: ugoogalizer <signup@mattcurtis.id.au>

---------

Signed-off-by: ugoogalizer <signup@mattcurtis.id.au>
Signed-off-by: Petr Drastil <petr.drastil@gmail.com>
Co-authored-by: Petr Drastil <petr.drastil@gmail.com>

charts/argo-cd/Chart.yaml

@@ -3,7 +3,7 @@ appVersion: v2.6.3
 kubeVersion: ">=1.22.0-0"
 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
 name: argo-cd
-version: 5.23.3
+version: 5.23.4
 home: https://github.com/argoproj/argo-helm
 icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
 sources:
@@ -23,5 +23,5 @@ dependencies:
     condition: redis-ha.enabled
 annotations:
   artifacthub.io/changes: |
-    - kind: changed
+    - kind: added
-      description: Upgrade Argo CD to v.2.6.3
+      description: Added pod exec permission to argo-server Role when exec.enabled is True.

charts/argo-cd/templates/argocd-server/role.yaml

@@ -42,3 +42,11 @@ rules:
   verbs:
   - create
   - list
+{{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }}
+- apiGroups:
+  - ""
+resources:
+  - pods/exec
+verbs:
+  - create
+{{- end }}