search

redhat-developer / gitops-operator

An operator that gets you an ArgoCD for cluster configuration out-of-the-box on OpenShift along with the UI for visualizing environments.
Apache License 2.0
151 stars 283 forks source link

Argo CD UI fails to create applications on OpenShift 4.12 clusters on AWS #502

Open jianrongzhang89 opened 1 year ago

jianrongzhang89 commented 1 year ago

Describe the bug After the OpenShift GitOps operator was deployed on new OpenShift 4.12 clusters on AWS, I ran into permission errors when creating an application via Argo CD UI, and as such the creation failed.

To Reproduce Steps to reproduce the behavior:

  1. Create a new OpenShift 4.12 cluster on AWS.
  2. Deploy OpenShift GitOps operator through the OpenShift console Operator Hub.
  3. After the operator is deployed successfully, go to the Argo CD UI via the "CLuster Argo CD" link from the top of the console.
  4. Log into the Argo CD UI with OpoenShift Log in.
  5. Grant permission to access the Argo CD UI.
  6. In the Argo CD UI, click "+ NEW APP" button and enter the following details for your new application in the form.
    • Application Name: spring-petclinic
    • Project: default
    • Sync Policy: Automatic
    • Self-heal: checked
    • Repository URL: https://github.com/siamaksade/openshift-gitops-getting-started
    • Revision: HEAD
    • Path: app
    • Destination: https://kubernetes.default.svc
    • Namespace: spring-petclinic
    • Directory Recurse: checked The click "CREATE" and an error gets displayed (see the screenshot)and the operation failed.

Expected behavior The application shall be created successfully without errors.

Screenshots Screenshot 2023-05-09 at 11 23 58 AM

Additional context As a workaround, run the following commands and then the application creation is done without issue. So such configuration should be added into the OpenShift GitOps configuration so that it works out-of-box. oc adm groups new cluster-admins oc adm groups add-users cluster-admins admin

wtam2018 commented 1 year ago

Hi @jianrongzhang89 , what is the GitOps Operator version you are running?

jianrongzhang89 commented 1 year ago

@wtam2018 The GitOps Operator version is 1.8.2.

wtam2018 commented 1 year ago

Hi @jianrongzhang89, an Argo CD instance does not have permission to manage resources in any arbitrary namespace. However, you can configure that by using the managed-by label. Please see the documentation here. https://argocd-operator.readthedocs.io/en/latest/usage/deploy-to-different-namespaces/ What you would do is to add the managed-by label to the spring-petclinic namespace. The label is 

argocd.argoproj.io/managed-by: foo // namespace of the Argo CD instance

Then, the operator will set up the permission for the Argo CD instance to manage the resources in the spring-petclinic namespace.

jianrongzhang89 commented 1 year ago

hi @wtam2018 I added the following label to my target namespace: argocd.argoproj.io/managed-by=openshift-gitops The error still happens in the Argo CD UI when I tried to create an application.