Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ability to specify system namespace during cluster add operation #1661

Merged
merged 5 commits into from
Jun 3, 2019
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 19 additions & 15 deletions assets/swagger.json
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@
"ApplicationService"
],
"summary": "List returns list of applications",
"operationId": "ListMixin5",
"operationId": "ListMixin1",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -89,7 +89,7 @@
"ApplicationService"
],
"summary": "Create creates an application",
"operationId": "CreateMixin5",
"operationId": "CreateMixin1",
"parameters": [
{
"name": "body",
Expand All @@ -116,7 +116,7 @@
"ApplicationService"
],
"summary": "Update updates an application",
"operationId": "UpdateMixin5",
"operationId": "UpdateMixin1",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -197,7 +197,7 @@
"ApplicationService"
],
"summary": "Get returns an application by name",
"operationId": "GetMixin5",
"operationId": "Get",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -238,7 +238,7 @@
"ApplicationService"
],
"summary": "Delete deletes an application",
"operationId": "DeleteMixin5",
"operationId": "DeleteMixin1",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -744,7 +744,7 @@
"ClusterService"
],
"summary": "List returns list of clusters",
"operationId": "List",
"operationId": "ListMixin2",
"parameters": [
{
"type": "string",
Expand All @@ -766,7 +766,7 @@
"ClusterService"
],
"summary": "Create creates a cluster",
"operationId": "Create",
"operationId": "CreateMixin2",
"parameters": [
{
"name": "body",
Expand Down Expand Up @@ -820,7 +820,7 @@
"ClusterService"
],
"summary": "Update updates a cluster",
"operationId": "Update",
"operationId": "UpdateMixin2",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -853,7 +853,7 @@
"ClusterService"
],
"summary": "Get returns a cluster by server address",
"operationId": "GetMixin1",
"operationId": "GetMixin2",
"parameters": [
{
"type": "string",
Expand All @@ -876,7 +876,7 @@
"ClusterService"
],
"summary": "Delete deletes a cluster",
"operationId": "Delete",
"operationId": "DeleteMixin2",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -1133,7 +1133,7 @@
"RepositoryService"
],
"summary": "List returns list of repos",
"operationId": "ListMixin2",
"operationId": "List",
"parameters": [
{
"type": "string",
Expand All @@ -1155,7 +1155,7 @@
"RepositoryService"
],
"summary": "Create creates a repo",
"operationId": "CreateMixin2",
"operationId": "Create",
"parameters": [
{
"name": "body",
Expand All @@ -1182,7 +1182,7 @@
"RepositoryService"
],
"summary": "Update updates a repo",
"operationId": "UpdateMixin2",
"operationId": "Update",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -1215,7 +1215,7 @@
"RepositoryService"
],
"summary": "Delete deletes a repo",
"operationId": "DeleteMixin2",
"operationId": "Delete",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -1361,7 +1361,7 @@
"SettingsService"
],
"summary": "Get returns Argo CD settings",
"operationId": "Get",
"operationId": "GetMixin4",
"responses": {
"200": {
"description": "(empty)",
Expand Down Expand Up @@ -1568,6 +1568,10 @@
"kubeconfig": {
"type": "string"
},
"systemNamespace": {
"type": "string",
"title": "Optional alternative system namespace to use (defaults to \"kube-system\")"
},
"upsert": {
"type": "boolean",
"format": "boolean"
Expand Down
12 changes: 7 additions & 5 deletions cmd/argocd/commands/cluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,10 +45,11 @@ func NewClusterCommand(clientOpts *argocdclient.ClientOptions, pathOpts *clientc
// NewClusterAddCommand returns a new instance of an `argocd cluster add` command
func NewClusterAddCommand(clientOpts *argocdclient.ClientOptions, pathOpts *clientcmd.PathOptions) *cobra.Command {
var (
inCluster bool
upsert bool
awsRoleArn string
awsClusterName string
inCluster bool
upsert bool
awsRoleArn string
awsClusterName string
systemNamespace string
)
var command = &cobra.Command{
Use: "add",
Expand Down Expand Up @@ -85,7 +86,7 @@ func NewClusterAddCommand(clientOpts *argocdclient.ClientOptions, pathOpts *clie
// Install RBAC resources for managing the cluster
clientset, err := kubernetes.NewForConfig(conf)
errors.CheckError(err)
managerBearerToken, err = common.InstallClusterManagerRBAC(clientset)
managerBearerToken, err = common.InstallClusterManagerRBAC(clientset, systemNamespace)
errors.CheckError(err)
}
conn, clusterIf := argocdclient.NewClientOrDie(clientOpts).NewClusterClientOrDie()
Expand All @@ -108,6 +109,7 @@ func NewClusterAddCommand(clientOpts *argocdclient.ClientOptions, pathOpts *clie
command.Flags().BoolVar(&upsert, "upsert", false, "Override an existing cluster with the same name even if the spec differs")
command.Flags().StringVar(&awsClusterName, "aws-cluster-name", "", "AWS Cluster name if set then aws-iam-authenticator will be used to access cluster")
command.Flags().StringVar(&awsRoleArn, "aws-role-arn", "", "Optional AWS role arn. If set then AWS IAM Authenticator assume a role to perform cluster operations instead of the default AWS credential provider chain.")
command.Flags().StringVar(&systemNamespace, "system-namespace", common.DefaultSystemNamespace, "Use different system namespace")
return command
}

Expand Down
5 changes: 5 additions & 0 deletions common/common.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,11 @@ const (
ArgoCDRBACConfigMapName = "argocd-rbac-cm"
)

// Default system namespace
const (
DefaultSystemNamespace = "kube-system"
)

// Default listener ports for ArgoCD components
const (
DefaultPortAPIServer = 8080
Expand Down
11 changes: 5 additions & 6 deletions common/installer.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ var ArgoCDManagerPolicyRules = []rbacv1.PolicyRule{
},
}

// CreateServiceAccount creates a service account
// CreateServiceAccount creates a service account in a given namespace
func CreateServiceAccount(
clientset kubernetes.Interface,
serviceAccountName string,
Expand All @@ -52,12 +52,12 @@ func CreateServiceAccount(
_, err := clientset.CoreV1().ServiceAccounts(namespace).Create(&serviceAccount)
if err != nil {
if !apierr.IsAlreadyExists(err) {
return fmt.Errorf("Failed to create service account %q: %v", serviceAccountName, err)
return fmt.Errorf("Failed to create service account %q in namespace %q: %v", serviceAccountName, namespace, err)
}
log.Infof("ServiceAccount %q already exists", serviceAccountName)
log.Infof("ServiceAccount %q already exists in namespace %q", serviceAccountName, namespace)
return nil
}
log.Infof("ServiceAccount %q created", serviceAccountName)
log.Infof("ServiceAccount %q created in namespace %q", serviceAccountName, namespace)
return nil
}

Expand Down Expand Up @@ -136,8 +136,7 @@ func CreateClusterRoleBinding(
}

// InstallClusterManagerRBAC installs RBAC resources for a cluster manager to operate a cluster. Returns a token
func InstallClusterManagerRBAC(clientset kubernetes.Interface) (string, error) {
const ns = "kube-system"
func InstallClusterManagerRBAC(clientset kubernetes.Interface, ns string) (string, error) {

err := CreateServiceAccount(clientset, ArgoCDManagerServiceAccount, ns)
if err != nil {
Expand Down
45 changes: 45 additions & 0 deletions pkg/apis/api-rules/violation_exceptions.list
Original file line number Diff line number Diff line change
@@ -1,3 +1,48 @@
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,AppProjectList,Items
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,AppProjectSpec,ClusterResourceWhitelist
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,AppProjectSpec,Destinations
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,AppProjectSpec,NamespaceResourceBlacklist
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,AppProjectSpec,Roles
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,AppProjectSpec,SourceRepos
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationList,Items
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceHelm,Parameters
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceHelm,ValueFiles
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceJsonnet,ExtVars
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceJsonnet,TLAs
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceKsonnet,Parameters
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceKustomize,ImageTags
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceKustomize,Images
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSpec,IgnoreDifferences
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationStatus,Conditions
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationStatus,History
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationStatus,Resources
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSummary,ExternalURLs
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSummary,Images
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationTree,Nodes
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ClusterList,Items
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,Command,Args
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,Command,Command
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,HelmRepository,CAData
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,HelmRepository,CertData
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,HelmRepository,KeyData
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ProjectRole,Groups
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ProjectRole,JWTTokens
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ProjectRole,Policies
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,RepositoryList,Items
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceAction,Params
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceActions,Definitions
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceIgnoreDifferences,JSONPointers
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceNetworkingInfo,ExternalURLs
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceNetworkingInfo,Ingress
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceNetworkingInfo,TargetRefs
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceNode,Images
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceNode,Info
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceNode,ParentRefs
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,SyncOperation,Resources
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,SyncOperationResult,Resources
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,TLSClientConfig,CAData
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,TLSClientConfig,CertData
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,TLSClientConfig,KeyData
API rule violation: names_match,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceJsonnet,TLAs
API rule violation: names_match,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ConnectionState,ModifiedAt
API rule violation: names_match,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,JWTToken,ExpiresAt
Expand Down
Loading