ArgoCD RBAC - Almax84/consulting-wiki GitHub Wiki
- Create group oc adm groups new argocd
- Add user to group oc adm groups add-users argocd admin
- Edit ArgoCD operator CRD: oc edit argocd openshift-gitops
- add permissions:
defaultPolicy: ""
policy: |
g, system:cluster-admins, role:admin
g, cluster-admins, role:admin
g, argocd, role:admin
scopes: '[groups]'
https://access.redhat.com/solutions/6955405
Come è la risorsa con CNPADC TEST
apiVersion: v1
data:
policy.csv: |
g, system:cluster-admins, role:admin
g, cluster-admins, role:admin
g, argocd, role:admin
policy.default: role:admin
scopes: '[groups]'
kind: ConfigMap
metadata:
creationTimestamp: "2022-04-26T14:06:19Z"
labels:
app.kubernetes.io/managed-by: openshift-gitops
app.kubernetes.io/name: argocd-rbac-cm
app.kubernetes.io/part-of: argocd
name: argocd-rbac-cm
namespace: openshift-gitops
ownerReferences:
- apiVersion: argoproj.io/v1alpha1
blockOwnerDeletion: true
controller: true
kind: ArgoCD
name: openshift-gitops
uid: 9088024a-ef2c-4a6e-aa3d-fa08fd808ea0
resourceVersion: "64456338"
uid: ad621011-815e-406c-b95b-e9a49131ad54
Come è in PROD
apiVersion: v1
data:
policy.csv: |
g, system:cluster-admins, role:admin
g, cluster-admins, role:admin
g, argocd, role:admin
policy.default: ""
scopes: '[groups]'
kind: ConfigMap
metadata:
creationTimestamp: "2022-04-26T14:07:14Z"
labels:
app.kubernetes.io/managed-by: openshift-gitops
app.kubernetes.io/name: argocd-rbac-cm
app.kubernetes.io/part-of: argocd
name: argocd-rbac-cm
namespace: openshift-gitops
ownerReferences:
- apiVersion: argoproj.io/v1alpha1
blockOwnerDeletion: true
controller: true
kind: ArgoCD
name: openshift-gitops
uid: e42d333e-3aee-412c-b906-fc7a1310efca
resourceVersion: "30228408"
uid: 99f414f4-9162-4f1e-8b0c-46e4212f2de9