Skip to content

Commit 5137c23

Browse files
chetan-rnschetan-rns
committed
include allowed namespaces flag
Signed-off-by: Chetan Banavikalmutt <chetanrns1997@gmail.com>
1 parent 0b67573 commit 5137c23

File tree

3 files changed

+9
-5
lines changed

3 files changed

+9
-5
lines changed

agent/filters.go

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -29,11 +29,7 @@ func (a *Agent) DefaultAppFilterChain() *filter.Chain[*v1alpha1.Application] {
2929

3030
// Admit based on namespace of the application
3131
fc.AppendAdmitFilter(func(app *v1alpha1.Application) bool {
32-
nsList := append([]string{a.namespace}, a.allowedNamespaces...)
33-
if a.destinationBasedMapping {
34-
nsList = append(nsList, app.Namespace)
35-
}
36-
if !glob.MatchStringInList(nsList, app.Namespace, glob.REGEXP) {
32+
if !glob.MatchStringInList(append([]string{a.namespace}, a.allowedNamespaces...), app.Namespace, glob.REGEXP) {
3733
log().Warnf("namespace not allowed: %s", app.QualifiedName())
3834
return false
3935
}

cmd/argocd-agent/agent.go

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,9 @@ func NewAgentRunCommand() *cobra.Command {
8787
// Destination-based mapping options
8888
createNamespace bool
8989
destinationBasedMapping bool
90+
91+
// Allowed namespaces for filtering applications
92+
allowedNamespaces []string
9093
)
9194
command := &cobra.Command{
9295
Use: "agent",
@@ -238,6 +241,7 @@ func NewAgentRunCommand() *cobra.Command {
238241
agentOpts = append(agentOpts, agent.WithHeartbeatInterval(heartbeatInterval))
239242
agentOpts = append(agentOpts, agent.WithCreateNamespace(createNamespace))
240243
agentOpts = append(agentOpts, agent.WithDestinationBasedMapping(destinationBasedMapping))
244+
agentOpts = append(agentOpts, agent.WithAllowedNamespaces(allowedNamespaces...))
241245

242246
if metricsPort > 0 {
243247
agentOpts = append(agentOpts, agent.WithMetricsPort(metricsPort))
@@ -362,6 +366,9 @@ func NewAgentRunCommand() *cobra.Command {
362366
command.Flags().BoolVar(&createNamespace, "create-namespace",
363367
env.BoolWithDefault("ARGOCD_AGENT_CREATE_NAMESPACE", false),
364368
"Create target namespace if it doesn't exist when syncing applications (used with destination-based-mapping)")
369+
command.Flags().StringSliceVar(&allowedNamespaces, "allowed-namespaces",
370+
env.StringSliceWithDefault("ARGOCD_AGENT_ALLOWED_NAMESPACES", nil, []string{}),
371+
"List of additional namespaces the agent is allowed to manage applications in")
365372

366373
command.Flags().StringVar(&kubeConfig, "kubeconfig", "", "Path to a kubeconfig file to use")
367374
command.Flags().StringVar(&kubeContext, "kubecontext", "", "Override the default kube context")

hack/dev-env/start-agent-managed.sh

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@ fi
3838

3939
go run github.com/argoproj-labs/argocd-agent/cmd/argocd-agent agent \
4040
--agent-mode managed \
41+
--allowed-namespaces '*' \
4142
--creds "mtls:any" \
4243
--server-address 127.0.0.1 \
4344
--kubecontext vcluster-agent-managed \

0 commit comments

Comments
 (0)