From d73b9989c78d84d1555df75f61b7ec4cdaa293cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niklas=20Hu=C3=9Fmann?=
 <niklas.hussmann-extern@cloudogu.com>
Date: Tue, 24 Jun 2025 16:18:47 +0200
Subject: [PATCH] fixing RBACs not pushed to repo and missing the gitops
 process

---
 .../cloudogu/gitops/features/argocd/ArgoCD.groovy   | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/main/groovy/com/cloudogu/gitops/features/argocd/ArgoCD.groovy b/src/main/groovy/com/cloudogu/gitops/features/argocd/ArgoCD.groovy
index eedde7e9..c88ee6b5 100644
--- a/src/main/groovy/com/cloudogu/gitops/features/argocd/ArgoCD.groovy
+++ b/src/main/groovy/com/cloudogu/gitops/features/argocd/ArgoCD.groovy
@@ -319,6 +319,13 @@ class ArgoCD extends Feature {
         k8sClient.patch('secret', 'argocd-default-cluster-config', namespace,
                 [stringData: ['namespaces': namespaceList.join(',')]])
 
+        log.debug("Apply RBAC permissions for ArgoCD in all managed namespaces imperatively")
+        // Apply rbac yamls from operator/rbac folder
+        String argocdRbacPath = Path.of(argocdRepoInitializationAction.repo.getAbsoluteLocalRepoTmpDir(), OPERATOR_RBAC_PATH)
+        k8sClient.applyYaml(argocdRbacPath)
+    }
+
+    private void generateRBACs() {
         log.debug("Generate RBAC permissions for ArgoCD in all managed namespaces")
         for (String ns : namespaceList) {
             new RbacDefinition(Role.Variant.ARGOCD)
@@ -332,11 +339,6 @@ class ArgoCD extends Feature {
                     .withSubfolder(OPERATOR_RBAC_PATH)
                     .generate()
         }
-
-        log.debug("Apply RBAC permissions for ArgoCD in all managed namespaces imperatively")
-        // Apply rbac yamls from operator/rbac folder
-        String argocdRbacPath = Path.of(argocdRepoInitializationAction.repo.getAbsoluteLocalRepoTmpDir(), OPERATOR_RBAC_PATH)
-        k8sClient.applyYaml(argocdRbacPath)
     }
 
     protected void createMonitoringCrd() {
@@ -369,6 +371,7 @@ class ArgoCD extends Feature {
             deleteDir argocdRepoInitializationAction.repo.getAbsoluteLocalRepoTmpDir() + '/argocd'
             log.debug("Deleting unnecessary namespaces resources from clusterResources repo: ${clusterResourcesInitializationAction.repo.getAbsoluteLocalRepoTmpDir()}")
             deleteFile clusterResourcesInitializationAction.repo.getAbsoluteLocalRepoTmpDir() + '/misc/namespaces.yaml'
+            generateRBACs()
         } else {
             log.debug("Deleting unnecessary operator (argocd operator variant) folder from argocd repo: ${argocdRepoInitializationAction.repo.getAbsoluteLocalRepoTmpDir()}")
             deleteDir argocdRepoInitializationAction.repo.getAbsoluteLocalRepoTmpDir() + '/operator'