From d851f5d108686c45fc5809c841d22c8af2ba0109 Mon Sep 17 00:00:00 2001
From: ugoogalizer <signup@mattcurtis.id.au>
Date: Mon, 27 Feb 2023 18:18:54 +1100
Subject: [PATCH] Added pods exec to role permissions

The argocd-server Role requires the pods/exec create permission in order to be able to start the web based terminal as per: https://argo-cd.readthedocs.io/en/stable/operator-manual/web_based_terminal/

This brings the Role in line with the ClusterRole change already made

Signed-off-by: ugoogalizer <signup@mattcurtis.id.au>
---
 charts/argo-cd/templates/argocd-server/role.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml
index f4c5d533..477aa7a3 100644
--- a/charts/argo-cd/templates/argocd-server/role.yaml
+++ b/charts/argo-cd/templates/argocd-server/role.yaml
@@ -42,3 +42,11 @@ rules:
   verbs:
   - create
   - list
+{{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }}
+- apiGroups:
+  - ""
+resources:
+  - pods/exec
+verbs:
+  - create
+{{- end }}