-
Notifications
You must be signed in to change notification settings - Fork 5.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(notifications): Allow notifications controller to notify on all n…
…amespaces (cherry-pick 2.7) (#15856) * fix(notifications): Allow notifications controller to notify on all namespaces (#15702) * Allow notifications controller to notify on all namespaces This adds functionality to the notifications controller to be notified of and send notifications for applications in any namespace. The namespaces to watch are controlled by the same --application-namespaces and ARGOCD_APPLICATION_NAMESPACES variables as in the application controller. Signed-off-by: Nikolas Skoufis <nskoufis@seek.com.au> * Add SEEK to users.md Signed-off-by: Nikolas Skoufis <nskoufis@seek.com.au> * Remove unused fields Signed-off-by: Nikolas Skoufis <nskoufis@seek.com.au> * Revert changes to Procfile Signed-off-by: Nik Skoufis <n.skoufis@gmail.com> * Fix unit tests Signed-off-by: Nikolas Skoufis <nskoufis@seek.com.au> * - add argocd namespaces environment variable to notifications controller Signed-off-by: Stewart Thomson <sthomson@wynshop.com> * - add example cluster role rbac Signed-off-by: Stewart Thomson <sthomson@wynshop.com> * - only look for projects in the controller's namespace (argocd by default) Signed-off-by: Stewart Thomson <sthomson@wynshop.com> * - update base manifest Signed-off-by: Stewart Thomson <sthomson@wynshop.com> * - skip app processing in notification controller Signed-off-by: Stewart Thomson <sthomson@wynshop.com> * added unit test and updated doc Signed-off-by: May Zhang <may_zhang@intuit.com> * added unit test and updated doc Signed-off-by: May Zhang <may_zhang@intuit.com> * updated examples/k8s-rbac/argocd-server-applications/kustomization.yaml's resources Signed-off-by: May Zhang <may_zhang@intuit.com> --------- Signed-off-by: Nikolas Skoufis <nskoufis@seek.com.au> Signed-off-by: Nik Skoufis <n.skoufis@gmail.com> Signed-off-by: Stewart Thomson <sthomson@wynshop.com> Signed-off-by: May Zhang <may_zhang@intuit.com> Co-authored-by: Nikolas Skoufis <nskoufis@seek.com.au> Co-authored-by: Nik Skoufis <n.skoufis@gmail.com> Co-authored-by: Stewart Thomson <sthomson@wynshop.com> undo unnecessary manifest changes Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> undo unnecessary manifest changes Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * revert unnecessary changes Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --------- Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Co-authored-by: May Zhang <may_zhang@intuit.com>
- Loading branch information
1 parent
007dc54
commit e74c6ca
Showing
11 changed files
with
142 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
19 changes: 19 additions & 0 deletions
19
...k8s-rbac/argocd-server-applications/argocd-notifications-controller-rbac-clusterrole.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
apiVersion: rbac.authorization.k8s.io/v1 | ||
kind: ClusterRole | ||
metadata: | ||
labels: | ||
app.kubernetes.io/name: argocd-notifications-controller-cluster-apps | ||
app.kubernetes.io/part-of: argocd | ||
app.kubernetes.io/component: notifications-controller | ||
name: argocd-notifications-controller-cluster-apps | ||
rules: | ||
- apiGroups: | ||
- "argoproj.io" | ||
resources: | ||
- "applications" | ||
verbs: | ||
- get | ||
- list | ||
- watch | ||
- update | ||
- patch |
16 changes: 16 additions & 0 deletions
16
...c/argocd-server-applications/argocd-notifications-controller-rbac-clusterrolebinding.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
apiVersion: rbac.authorization.k8s.io/v1 | ||
kind: ClusterRoleBinding | ||
metadata: | ||
labels: | ||
app.kubernetes.io/name: argocd-notifications-controller-cluster-apps | ||
app.kubernetes.io/part-of: argocd | ||
app.kubernetes.io/component: notifications-controller | ||
name: argocd-notifications-controller-cluster-apps | ||
roleRef: | ||
apiGroup: rbac.authorization.k8s.io | ||
kind: ClusterRole | ||
name: argocd-notifications-controller-cluster-apps | ||
subjects: | ||
- kind: ServiceAccount | ||
name: argocd-notifications-controller | ||
namespace: argocd |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
package controller | ||
|
||
import ( | ||
"testing" | ||
|
||
"github.com/stretchr/testify/assert" | ||
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" | ||
) | ||
|
||
func TestCheckAppNotInAdditionalNamespaces(t *testing.T) { | ||
app := &unstructured.Unstructured{ | ||
Object: map[string]interface{}{ | ||
"spec": map[string]interface{}{}, | ||
}, | ||
} | ||
namespace := "argocd" | ||
var applicationNamespaces []string | ||
applicationNamespaces = append(applicationNamespaces, "namespace1") | ||
applicationNamespaces = append(applicationNamespaces, "namespace2") | ||
|
||
// app is in same namespace as controller's namespace | ||
app.SetNamespace(namespace) | ||
assert.False(t, checkAppNotInAdditionalNamespaces(app, namespace, applicationNamespaces)) | ||
|
||
// app is not in the namespace as controller's namespace, but it is in one of the applicationNamespaces | ||
app.SetNamespace("namespace2") | ||
assert.False(t, checkAppNotInAdditionalNamespaces(app, "", applicationNamespaces)) | ||
|
||
// app is not in the namespace as controller's namespace, and it is not in any of the applicationNamespaces | ||
app.SetNamespace("namespace3") | ||
assert.True(t, checkAppNotInAdditionalNamespaces(app, "", applicationNamespaces)) | ||
} |