Skip to content

Commit

Permalink
Add ability to specify system namespace during cluster add operation (a…
Browse files Browse the repository at this point in the history
  • Loading branch information
jannfis authored and alexec committed Jun 3, 2019
1 parent c214ed9 commit 64a1ea9
Show file tree
Hide file tree
Showing 18 changed files with 340 additions and 251 deletions.
34 changes: 19 additions & 15 deletions assets/swagger.json
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@
"ApplicationService"
],
"summary": "List returns list of applications",
"operationId": "ListMixin5",
"operationId": "ListMixin1",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -89,7 +89,7 @@
"ApplicationService"
],
"summary": "Create creates an application",
"operationId": "CreateMixin5",
"operationId": "CreateMixin1",
"parameters": [
{
"name": "body",
Expand All @@ -116,7 +116,7 @@
"ApplicationService"
],
"summary": "Update updates an application",
"operationId": "UpdateMixin5",
"operationId": "UpdateMixin1",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -197,7 +197,7 @@
"ApplicationService"
],
"summary": "Get returns an application by name",
"operationId": "GetMixin5",
"operationId": "Get",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -238,7 +238,7 @@
"ApplicationService"
],
"summary": "Delete deletes an application",
"operationId": "DeleteMixin5",
"operationId": "DeleteMixin1",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -744,7 +744,7 @@
"ClusterService"
],
"summary": "List returns list of clusters",
"operationId": "List",
"operationId": "ListMixin2",
"parameters": [
{
"type": "string",
Expand All @@ -766,7 +766,7 @@
"ClusterService"
],
"summary": "Create creates a cluster",
"operationId": "Create",
"operationId": "CreateMixin2",
"parameters": [
{
"name": "body",
Expand Down Expand Up @@ -820,7 +820,7 @@
"ClusterService"
],
"summary": "Update updates a cluster",
"operationId": "Update",
"operationId": "UpdateMixin2",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -853,7 +853,7 @@
"ClusterService"
],
"summary": "Get returns a cluster by server address",
"operationId": "GetMixin1",
"operationId": "GetMixin2",
"parameters": [
{
"type": "string",
Expand All @@ -876,7 +876,7 @@
"ClusterService"
],
"summary": "Delete deletes a cluster",
"operationId": "Delete",
"operationId": "DeleteMixin2",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -1133,7 +1133,7 @@
"RepositoryService"
],
"summary": "List returns list of repos",
"operationId": "ListMixin2",
"operationId": "List",
"parameters": [
{
"type": "string",
Expand All @@ -1155,7 +1155,7 @@
"RepositoryService"
],
"summary": "Create creates a repo",
"operationId": "CreateMixin2",
"operationId": "Create",
"parameters": [
{
"name": "body",
Expand All @@ -1182,7 +1182,7 @@
"RepositoryService"
],
"summary": "Update updates a repo",
"operationId": "UpdateMixin2",
"operationId": "Update",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -1215,7 +1215,7 @@
"RepositoryService"
],
"summary": "Delete deletes a repo",
"operationId": "DeleteMixin2",
"operationId": "Delete",
"parameters": [
{
"type": "string",
Expand Down Expand Up @@ -1361,7 +1361,7 @@
"SettingsService"
],
"summary": "Get returns Argo CD settings",
"operationId": "Get",
"operationId": "GetMixin4",
"responses": {
"200": {
"description": "(empty)",
Expand Down Expand Up @@ -1568,6 +1568,10 @@
"kubeconfig": {
"type": "string"
},
"systemNamespace": {
"type": "string",
"title": "Optional alternative system namespace to use (defaults to \"kube-system\")"
},
"upsert": {
"type": "boolean",
"format": "boolean"
Expand Down
12 changes: 7 additions & 5 deletions cmd/argocd/commands/cluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,10 +45,11 @@ func NewClusterCommand(clientOpts *argocdclient.ClientOptions, pathOpts *clientc
// NewClusterAddCommand returns a new instance of an `argocd cluster add` command
func NewClusterAddCommand(clientOpts *argocdclient.ClientOptions, pathOpts *clientcmd.PathOptions) *cobra.Command {
var (
inCluster bool
upsert bool
awsRoleArn string
awsClusterName string
inCluster bool
upsert bool
awsRoleArn string
awsClusterName string
systemNamespace string
)
var command = &cobra.Command{
Use: "add",
Expand Down Expand Up @@ -85,7 +86,7 @@ func NewClusterAddCommand(clientOpts *argocdclient.ClientOptions, pathOpts *clie
// Install RBAC resources for managing the cluster
clientset, err := kubernetes.NewForConfig(conf)
errors.CheckError(err)
managerBearerToken, err = common.InstallClusterManagerRBAC(clientset)
managerBearerToken, err = common.InstallClusterManagerRBAC(clientset, systemNamespace)
errors.CheckError(err)
}
conn, clusterIf := argocdclient.NewClientOrDie(clientOpts).NewClusterClientOrDie()
Expand All @@ -108,6 +109,7 @@ func NewClusterAddCommand(clientOpts *argocdclient.ClientOptions, pathOpts *clie
command.Flags().BoolVar(&upsert, "upsert", false, "Override an existing cluster with the same name even if the spec differs")
command.Flags().StringVar(&awsClusterName, "aws-cluster-name", "", "AWS Cluster name if set then aws-iam-authenticator will be used to access cluster")
command.Flags().StringVar(&awsRoleArn, "aws-role-arn", "", "Optional AWS role arn. If set then AWS IAM Authenticator assume a role to perform cluster operations instead of the default AWS credential provider chain.")
command.Flags().StringVar(&systemNamespace, "system-namespace", common.DefaultSystemNamespace, "Use different system namespace")
return command
}

Expand Down
5 changes: 5 additions & 0 deletions common/common.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,11 @@ const (
ArgoCDRBACConfigMapName = "argocd-rbac-cm"
)

// Default system namespace
const (
DefaultSystemNamespace = "kube-system"
)

// Default listener ports for ArgoCD components
const (
DefaultPortAPIServer = 8080
Expand Down
11 changes: 5 additions & 6 deletions common/installer.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ var ArgoCDManagerPolicyRules = []rbacv1.PolicyRule{
},
}

// CreateServiceAccount creates a service account
// CreateServiceAccount creates a service account in a given namespace
func CreateServiceAccount(
clientset kubernetes.Interface,
serviceAccountName string,
Expand All @@ -52,12 +52,12 @@ func CreateServiceAccount(
_, err := clientset.CoreV1().ServiceAccounts(namespace).Create(&serviceAccount)
if err != nil {
if !apierr.IsAlreadyExists(err) {
return fmt.Errorf("Failed to create service account %q: %v", serviceAccountName, err)
return fmt.Errorf("Failed to create service account %q in namespace %q: %v", serviceAccountName, namespace, err)
}
log.Infof("ServiceAccount %q already exists", serviceAccountName)
log.Infof("ServiceAccount %q already exists in namespace %q", serviceAccountName, namespace)
return nil
}
log.Infof("ServiceAccount %q created", serviceAccountName)
log.Infof("ServiceAccount %q created in namespace %q", serviceAccountName, namespace)
return nil
}

Expand Down Expand Up @@ -136,8 +136,7 @@ func CreateClusterRoleBinding(
}

// InstallClusterManagerRBAC installs RBAC resources for a cluster manager to operate a cluster. Returns a token
func InstallClusterManagerRBAC(clientset kubernetes.Interface) (string, error) {
const ns = "kube-system"
func InstallClusterManagerRBAC(clientset kubernetes.Interface, ns string) (string, error) {

err := CreateServiceAccount(clientset, ArgoCDManagerServiceAccount, ns)
if err != nil {
Expand Down
45 changes: 45 additions & 0 deletions pkg/apis/api-rules/violation_exceptions.list
Original file line number Diff line number Diff line change
@@ -1,3 +1,48 @@
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,AppProjectList,Items
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,AppProjectSpec,ClusterResourceWhitelist
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,AppProjectSpec,Destinations
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,AppProjectSpec,NamespaceResourceBlacklist
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,AppProjectSpec,Roles
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,AppProjectSpec,SourceRepos
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationList,Items
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceHelm,Parameters
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceHelm,ValueFiles
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceJsonnet,ExtVars
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceJsonnet,TLAs
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceKsonnet,Parameters
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceKustomize,ImageTags
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceKustomize,Images
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSpec,IgnoreDifferences
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationStatus,Conditions
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationStatus,History
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationStatus,Resources
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSummary,ExternalURLs
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSummary,Images
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationTree,Nodes
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ClusterList,Items
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,Command,Args
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,Command,Command
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,HelmRepository,CAData
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,HelmRepository,CertData
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,HelmRepository,KeyData
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ProjectRole,Groups
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ProjectRole,JWTTokens
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ProjectRole,Policies
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,RepositoryList,Items
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceAction,Params
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceActions,Definitions
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceIgnoreDifferences,JSONPointers
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceNetworkingInfo,ExternalURLs
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceNetworkingInfo,Ingress
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceNetworkingInfo,TargetRefs
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceNode,Images
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceNode,Info
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ResourceNode,ParentRefs
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,SyncOperation,Resources
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,SyncOperationResult,Resources
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,TLSClientConfig,CAData
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,TLSClientConfig,CertData
API rule violation: list_type_missing,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,TLSClientConfig,KeyData
API rule violation: names_match,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ApplicationSourceJsonnet,TLAs
API rule violation: names_match,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,ConnectionState,ModifiedAt
API rule violation: names_match,github.com/argoproj/argo-cd/pkg/apis/application/v1alpha1,JWTToken,ExpiresAt
Expand Down
Loading

0 comments on commit 64a1ea9

Please sign in to comment.