jannfis
commented
6 months ago To be honest, I think this is kinda out of scope for Argo CD itself. IMHO, for a GitOps tool, these kind of configurations should be in the source manifests.
Open avo-sepp opened 6 months ago
jannfis
commented
6 months ago To be honest, I think this is kinda out of scope for Argo CD itself. IMHO, for a GitOps tool, these kind of configurations should be in the source manifests.
Summary
ArgoCD has projects which we assign a application to. It would be cool if there was a mechanism whereby a RoleBinding could be generated and applied to a namespace automatically when an application is deployed. Maybe this is a generator that detects when an application is connected with a specific ArgoCD project and then automatically creates a new deployment that points to RoleBindings.
Or it could be even more generic. A generator which creates a new deployment based on Application -> Project assignment. Then I could define any generic YAML manifest to apply if some new application is assigned to a target cluster/namespace.
Motivation
I would specifically use this for RoleBindings. If a team creates a new application and assigns it to their ArgoCD project. Then the target namespace will also get the appropriate RoleBindings so the developers can access that project.
This could be done as part of the developers application as well. But then we might have more than one identical binding coming from different deployments. I'm not sure how this would stack.
Proposal
A new kind of ArgoCD generator which relates Applciation and Project. Or, if it's possible with existing generators, documentation to highlight this usecase.