From c2f3d9967d2f8b626ec48fe60784477a3477eaf4 Mon Sep 17 00:00:00 2001 From: Nick Heijmink <75807895+Nheijmink19@users.noreply.github.com> Date: Mon, 27 Jan 2025 16:31:51 +0100 Subject: [PATCH] feat(argo-cd): Add an extra feature toggle to the argocd configmap that allows sync impersonation (#3138) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/values.yaml | 4 ++++ 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 05c614ff..d7c85587 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.13.3 kubeVersion: ">=1.25.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 7.7.17 +version: 7.7.18 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Address ingress regression of PR #3081, use toString before tpl function + - kind: added + description: Add feature toggle to ArgoCD configmap allowing sync impersonation diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 2b223a6f..04d8f1ad 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -726,6 +726,7 @@ NAME: my-release | configs.clusterCredentials | object | `{}` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | | configs.cm."admin.enabled" | bool | `true` | Enable local admin user | | configs.cm."application.instanceLabelKey" | string | `"argocd.argoproj.io/instance"` | The name of tracking label used by Argo CD for resource pruning | +| configs.cm."application.sync.impersonation.enabled" | bool | `false` | Enable control of the service account used for the sync operation (alpha) | | configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | | configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement | | configs.cm."statusbadge.enabled" | bool | `false` | Enable Status Badge | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c5dcf150..b802d1ea 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -175,6 +175,10 @@ configs: # -- The name of tracking label used by Argo CD for resource pruning application.instanceLabelKey: argocd.argoproj.io/instance + # -- Enable control of the service account used for the sync operation (alpha) + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-sync-using-impersonation/ + application.sync.impersonation.enabled: false + # -- Enable logs RBAC enforcement ## Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/upgrading/2.3-2.4/#enable-logs-rbac-enforcement server.rbac.log.enforce.enable: false