After upgrading to 2.12 we were denied access to our argocd_repository

dreinhardt89 commented 2 months ago

After upgrading to 2.12 we were denied access to our argocd_repository resources. Reverting back to 2.11 fixed it and doing a terraform state remove then import also fixed it.

We have a lot of apps so upgrading without messing with the state file would be big help

Terraform Version, ArgoCD Provider Version and ArgoCD Version

Terraform version: 1.8.1
ArgoCD provider version: 6.1.1
ArgoCD version: 2.12

Affected Resource(s)

Terraform Configuration Files

resource "argocd_repository" "github" {
  repo    = data.github_repository.this.http_clone_url
  project = argocd_project.this[0].metadata[0].name
  name    = local.infra_repo_name

  lifecycle {
    # these get populated upstream by argo
    ignore_changes = [githubapp_id, githubapp_installation_id]
  }
}

Debug Output

│ Error: failed to read repository https://github.com/GetTerminus/api-key-idp-infra.git
│ 
│   with module.this_app.argocd_repository.github[0],
│   on .terraform/modules/this_app/main.tf line 6, in resource "argocd_repository" "github":
│    6: resource "argocd_repository" "github" {
│ 
│ rpc error: code = PermissionDenied desc = permission denied

Steps to Reproduce

upgrade argocd from 2.11 > 2.12
run tf plan or apply with an existing argocd_repository

Expected Behavior

Nothing should change as just the argocd version is updated

Actual Behavior

argocd_repository fails to be read

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

dreinhardt89 commented 2 months ago

Adding some more info. This only seems to occur when we change the provider to point to a new argo cd instance.

mkilchhofer commented 3 weeks ago

Potential upstream reference:

https://github.com/argoproj/argo-cd/issues/13000

nic-avant commented 2 weeks ago

I believe I am having this same issue with my ArgoCD upgrade although I am going to 2.11

Currently we are using Helm Chart: 5.16.13 and I'm trying to upgrade to 6.9.3 (reason for this is a different bug introduced in 6.10 - I think irrelevant to this). This means we're going from App version 2.5 to 2.11, and in this upgrade I am now seeing this permission error when I go to deploy applications.

The errors looked potentially related to grpc but if I login with the cli I can provision applications using the --grpc-web flag so I am definitely at a loss as to where to go from here

argoproj-labs / terraform-provider-argocd