How to Add a Local User in OpenShift GitOps
Environment
- Red Hat OpenShift Container Platform (RHOCP)
- 4
- Red Hat OpenShift on AWS (ROSA)
- 4
- Red Hat OpenShift Dedicated (OSD)
- 4
- Azure Red Hat OpenShift (ARO)
- 4
- Red Hat OpenShift GitOps Operator
- 1.6+
Issue
- How to create local users in OpenShift GitOps
Resolution
- To add a user, modify the
ArgoCD
CRD instance to include theextraConfig
field in the spec. The Operator owns theargocd-cm
ConfigMap, so changes to thedata.accounts
field might not persist.
Example:
spec:
extraConfig:
accounts.<new-username>: apiKey, login
- Save and apply the changes. The Operator will update the
argocd-cm
ConfigMap accordingly.
Note: This solution applies to GitOps Operator version 1.6 and above.
Root Cause
For Red Hat OpenShift GitOps Operator version 1.6 and below, you can add a user to the ConfigMap argocd-cm
in openshift-gitops.
However, for versions greater than 1.6, the argocd-cm
is controlled by the operator and the data.accounts
field is not directly editable. In these versions, use the extraConfig
field in the ArgoCD
's spec.
Diagnostic Steps
Descriptions:
$ oc explain argocd.spec.extraConfig
KIND: ArgoCD
VERSION: argoproj.io/v1alpha1
FIELD: extraConfig <map[string]string>
DESCRIPTION:
ExtraConfig can be used to add fields to Argo CD configmap that are not
supported by Argo CD CRD. Note: ExtraConfig takes precedence over Argo CD
CRD. For example, A user sets `argocd.Spec.DisableAdmin` = true and also
`a.Spec.ExtraConfig["admin.enabled"]` = true. In this case, operator
updates Argo CD Configmap as follows -> argocd-cm.Data["admin.enabled"] =
true.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments