From 5265aefda1e3f4c5cb4844cc5950826883b604ac Mon Sep 17 00:00:00 2001 From: Hao Xin Date: Fri, 6 May 2022 12:09:21 +0800 Subject: [PATCH] feat(manifests): Add service account for repo server Signed-off-by: Hao Xin --- .../repo-server/argocd-repo-server-deployment.yaml | 1 + manifests/base/repo-server/argocd-repo-server-sa.yaml | 8 ++++++++ manifests/base/repo-server/kustomization.yaml | 3 ++- manifests/core-install.yaml | 10 ++++++++++ manifests/ha/install.yaml | 10 ++++++++++ manifests/ha/namespace-install.yaml | 10 ++++++++++ manifests/install.yaml | 10 ++++++++++ manifests/namespace-install.yaml | 10 ++++++++++ reposerver/repository/repository_test.go | 2 +- 9 files changed, 62 insertions(+), 2 deletions(-) create mode 100644 manifests/base/repo-server/argocd-repo-server-sa.yaml diff --git a/manifests/base/repo-server/argocd-repo-server-deployment.yaml b/manifests/base/repo-server/argocd-repo-server-deployment.yaml index bb8e333005bd8..565300134e02b 100644 --- a/manifests/base/repo-server/argocd-repo-server-deployment.yaml +++ b/manifests/base/repo-server/argocd-repo-server-deployment.yaml @@ -15,6 +15,7 @@ spec: labels: app.kubernetes.io/name: argocd-repo-server spec: + serviceAccountName: argocd-repo-server automountServiceAccountToken: false containers: - name: argocd-repo-server diff --git a/manifests/base/repo-server/argocd-repo-server-sa.yaml b/manifests/base/repo-server/argocd-repo-server-sa.yaml new file mode 100644 index 0000000000000..392b6cb41501d --- /dev/null +++ b/manifests/base/repo-server/argocd-repo-server-sa.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/part-of: argocd + app.kubernetes.io/component: repo-server + name: argocd-repo-server diff --git a/manifests/base/repo-server/kustomization.yaml b/manifests/base/repo-server/kustomization.yaml index 3bed9aa320bd2..877581a3b79b6 100644 --- a/manifests/base/repo-server/kustomization.yaml +++ b/manifests/base/repo-server/kustomization.yaml @@ -2,6 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: +- argocd-repo-server-sa.yaml - argocd-repo-server-deployment.yaml - argocd-repo-server-service.yaml -- argocd-repo-server-network-policy.yaml \ No newline at end of file +- argocd-repo-server-network-policy.yaml diff --git a/manifests/core-install.yaml b/manifests/core-install.yaml index 0d0b119f47f76..d4552e7f6f84c 100644 --- a/manifests/core-install.yaml +++ b/manifests/core-install.yaml @@ -9017,6 +9017,15 @@ metadata: app.kubernetes.io/part-of: argocd name: argocd-redis --- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: repo-server + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/part-of: argocd + name: argocd-repo-server +--- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -9650,6 +9659,7 @@ spec: volumeMounts: - mountPath: /var/run/argocd name: var-files + serviceAccountName: argocd-repo-server volumes: - configMap: name: argocd-ssh-known-hosts-cm diff --git a/manifests/ha/install.yaml b/manifests/ha/install.yaml index cf4f6bfc5d860..63fbd41b66e8c 100644 --- a/manifests/ha/install.yaml +++ b/manifests/ha/install.yaml @@ -9042,6 +9042,15 @@ metadata: --- apiVersion: v1 kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: repo-server + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/part-of: argocd + name: argocd-repo-server +--- +apiVersion: v1 +kind: ServiceAccount metadata: labels: app.kubernetes.io/component: server @@ -10748,6 +10757,7 @@ spec: volumeMounts: - mountPath: /var/run/argocd name: var-files + serviceAccountName: argocd-repo-server volumes: - configMap: name: argocd-ssh-known-hosts-cm diff --git a/manifests/ha/namespace-install.yaml b/manifests/ha/namespace-install.yaml index 857d4f7a04b67..aa2cc9455d365 100644 --- a/manifests/ha/namespace-install.yaml +++ b/manifests/ha/namespace-install.yaml @@ -51,6 +51,15 @@ metadata: --- apiVersion: v1 kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: repo-server + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/part-of: argocd + name: argocd-repo-server +--- +apiVersion: v1 +kind: ServiceAccount metadata: labels: app.kubernetes.io/component: server @@ -1672,6 +1681,7 @@ spec: volumeMounts: - mountPath: /var/run/argocd name: var-files + serviceAccountName: argocd-repo-server volumes: - configMap: name: argocd-ssh-known-hosts-cm diff --git a/manifests/install.yaml b/manifests/install.yaml index 2142b6aabb21f..e44b1e7e85263 100644 --- a/manifests/install.yaml +++ b/manifests/install.yaml @@ -9033,6 +9033,15 @@ metadata: --- apiVersion: v1 kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: repo-server + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/part-of: argocd + name: argocd-repo-server +--- +apiVersion: v1 +kind: ServiceAccount metadata: labels: app.kubernetes.io/component: server @@ -10089,6 +10098,7 @@ spec: volumeMounts: - mountPath: /var/run/argocd name: var-files + serviceAccountName: argocd-repo-server volumes: - configMap: name: argocd-ssh-known-hosts-cm diff --git a/manifests/namespace-install.yaml b/manifests/namespace-install.yaml index d2950d1994c37..665b9b56680c4 100644 --- a/manifests/namespace-install.yaml +++ b/manifests/namespace-install.yaml @@ -42,6 +42,15 @@ metadata: --- apiVersion: v1 kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: repo-server + app.kubernetes.io/name: argocd-repo-server + app.kubernetes.io/part-of: argocd + name: argocd-repo-server +--- +apiVersion: v1 +kind: ServiceAccount metadata: labels: app.kubernetes.io/component: server @@ -1013,6 +1022,7 @@ spec: volumeMounts: - mountPath: /var/run/argocd name: var-files + serviceAccountName: argocd-repo-server volumes: - configMap: name: argocd-ssh-known-hosts-cm diff --git a/reposerver/repository/repository_test.go b/reposerver/repository/repository_test.go index f726b48feb9d6..834f34166d22f 100644 --- a/reposerver/repository/repository_test.go +++ b/reposerver/repository/repository_test.go @@ -136,7 +136,7 @@ func TestGenerateYamlManifestInDir(t *testing.T) { q := apiclient.ManifestRequest{Repo: &argoappv1.Repository{}, ApplicationSource: &src} // update this value if we add/remove manifests - const countOfManifests = 46 + const countOfManifests = 47 res1, err := service.GenerateManifest(context.Background(), &q)