Ignore OOB Symlinks rather than error out #12593
Description
Summary
In both 'normal' repo-server & ConfigManagementPlugins, can ArgoCD simply log and ignore OOB Symlinks, rather than error out on it? Largely opening this for discussion as I do understand this might introduce more edge cases than desired in manifest processing.
Motivation
Many users of ArgoCD are consuming monorepos, with less control over what other users of the monorepo are doing. We've run into issues upgrading due to the new OOB Symlink checks conflicting with symlinks in place outside of our application specs but otherwise within the monorepo.
Proposal
Simply log and ignore/remove symlinks from ArgoCD processing. Perhaps it could still error out if the symlink is within the application spec.
Notes
While attempting to upgrade to CMP Sidecar plugins I ran into some of the edge cases with OOB symlink detection. Primarily that the reposerver.allow.oob.symlinks option has no effect on sidecar plugins because there appears to be another symlink check in the sidecar tar process that does not use this option (and seems intended). We were able to work around this by adding the directories with bad symlinks to --plugin-tar-exclusion list. I don't think there is a similar option for 'normal' applications that are not using sidecars however, though the reposerver.allow.oob.symlinks` option still works for those.
This I think is also somewhat related to #11198 which would also potentially resolve or make this less of an issue for monorepo users.