Open Josephred999 opened 1 year ago
@Josephred999 It's tough to get more permissive than * https://github.com/argoproj/argo-cd/blob/bb1c1ed44d3c802329c5437f3904852dc3ea98de/util/clusterauth/clusterauth.go#L30
this is still an issue right, im running into that after a fresh install
The service account (kube-system:argocd-manager) thats gets created (on the target cluster) when adding a K8s Cluster in Argo dont have enough permissions on the target cluster when pulling the resources
I can modify the service account to give cluster admin role binding but doesnt the ArgoCD should have added the necessary permissions to pull the needed resources?
So we had to manually add needed cluster level permissions to this service account to list the resources to work.