ArgoCD is not able to create clusterrole and clusterrolebinding resources

Checklist:

[x] I've searched in the docs and FAQ for my answer: https://bit.ly/argocd-faq.
[x] I've included steps to reproduce the bug.
[x] I've pasted the output of argocd version.

Describe the bug

I have a k8s yaml spec file which contains multiple k8s resource definition, I want to deploy the following resources

apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: kubernetes.io/bootstrapping: rbac-defaults name: test-psp-infra rules:

apiGroups: [""] resources: [""] verbs: ["get", "watch", "list", "create", "update", "patch", "delete"]

apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: test-infra-binding subjects:
kind: Group name: system:serviceaccounts:psp apiGroup: rbac.authorization.k8s.io roleRef: kind: ClusterRole name: test-psp-infra apiGroup: rbac.authorization.k8s.io

Getting error in ArgoCD UI - Failed sync attempt to 7c9bbd967b1c6a0778bf65c0cc4c3793de0b493e: one or more objects failed to apply, reason: error running rbacReconcile: error running kubectl auth reconcile: admission webhook "cluster.kube-admission.kube-system.svc" denied the request: apps are not allowed to create cluster wide resources

To Reproduce

Trying to deploy the above resources with kubectl, and it's getting created but through ARGOCD both sync and refresh failed with the error mentioned above

Expected behavior

It should creates the cluster wide resources.

Screenshots

Version

Paste the output from `argocd version` here.

Logs

Paste any relevant application logs here.

argoproj / argo-cd

ArgoCD is not able to create clusterrole and clusterrolebinding resources #17353

apiGroups: [""] resources: [""] verbs: ["get", "watch", "list", "create", "update", "patch", "delete"]