Created namespace is missing argocd label #1
Description
Ran into an issue where argo SA had insufficient permissions to create the tekton tasks.
Error message:
one or more objects failed to apply, reason: pipelines.tekton.dev is forbidden: User "system:serviceaccount:openshift-gitops:openshift-gitops-argocd-application-controller" cannot create resource "pipelines" in API group "tekton.dev" in the namespace "argo-spring-petclinic",tasks.tekton.dev is forbidden: User "system:serviceaccount:openshift-gitops:openshift-gitops-argocd-application-controller" cannot create resource "tasks" in API group "tekton.dev" in the namespace "argo-spring-petclinic"
I was able to work around it by disabling the 'auto create namespace' and editing the ploigos-quickstart namespace to include the following label.
argocd.argoproj.io/managed-by: openshift-gitops
The current app definition does include the create namespace option, so it looks like we need to make sure that the namespace it creates has that label.