Update role/binding unit tests, add a new line to the doc

Signed-off-by: Jonathan West <[email protected]>
argoproj-labs · May 24, 2024 · 3703fda · 3703fda
1 parent ba56f54
commit 3703fda
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 2 deletions.
diff --git a/controllers/argocd/role_test.go b/controllers/argocd/role_test.go
@@ -172,8 +172,11 @@ func TestReconcileArgoCD_reconcileClusterRole_disabled(t *testing.T) {
 	// Disable creation of default ClusterRole
 	a.Spec.DefaultClusterScopedRoleDisabled = true
 
+	err := cl.Update(context.Background(), a)
+	assert.NoError(t, err)
+
 	// Reconcile ClusterRole
-	_, err := r.reconcileClusterRole(workloadIdentifier, expectedRules, a)
+	_, err = r.reconcileClusterRole(workloadIdentifier, expectedRules, a)
 	assert.NoError(t, err)
 
 	// Ensure default ClusterRole is not created
@@ -184,6 +187,8 @@ func TestReconcileArgoCD_reconcileClusterRole_disabled(t *testing.T) {
 
 	// Now enable creation of default ClusterRole
 	a.Spec.DefaultClusterScopedRoleDisabled = false
+	err = cl.Update(context.Background(), a)
+	assert.NoError(t, err)
 
 	// Again reconcile ClusterRole
 	_, err = r.reconcileClusterRole(workloadIdentifier, expectedRules, a)
@@ -194,6 +199,8 @@ func TestReconcileArgoCD_reconcileClusterRole_disabled(t *testing.T) {
 
 	// Once again disable creation of default ClusterRole
 	a.Spec.DefaultClusterScopedRoleDisabled = true
+	err = cl.Update(context.Background(), a)
+	assert.NoError(t, err)
 
 	// Once again reconcile ClusterRole
 	_, err = r.reconcileClusterRole(workloadIdentifier, expectedRules, a)

diff --git a/controllers/argocd/rolebinding_test.go b/controllers/argocd/rolebinding_test.go
@@ -198,19 +198,23 @@ func TestReconcileArgoCD_reconcileClusterRoleBinding_disabled(t *testing.T) {
 
 	// Disable creation of default ClusterRole, hence RoleBinding won't be created either.
 	a.Spec.DefaultClusterScopedRoleDisabled = true
+	err := cl.Update(context.Background(), a)
+	assert.NoError(t, err)
 
 	// Reconcile ClusterRoleBinding
 	assert.NoError(t, r.reconcileClusterRoleBinding(workloadIdentifier, expectedClusterRole, a))
 
 	// Ensure default ClusterRoleBinding is not created
 	clusterRoleBinding := &rbacv1.ClusterRoleBinding{}
 	expectedName := fmt.Sprintf("%s-%s-%s", a.Name, a.Namespace, workloadIdentifier)
-	err := r.Client.Get(context.TODO(), types.NamespacedName{Name: expectedName}, clusterRoleBinding)
+	err = r.Client.Get(context.TODO(), types.NamespacedName{Name: expectedName}, clusterRoleBinding)
 	assert.Error(t, err)
 	assert.ErrorContains(t, err, "not found")
 
 	// Now enable creation of default ClusterRole, hence RoleBinding should be created aw well.
 	a.Spec.DefaultClusterScopedRoleDisabled = false
+	err = cl.Update(context.Background(), a)
+	assert.NoError(t, err)
 
 	// Again reconcile ClusterRoleBinding
 	assert.NoError(t, r.reconcileClusterRoleBinding(workloadIdentifier, expectedClusterRole, a))
@@ -220,6 +224,8 @@ func TestReconcileArgoCD_reconcileClusterRoleBinding_disabled(t *testing.T) {
 
 	// Once again disable creation of default ClusterRole
 	a.Spec.DefaultClusterScopedRoleDisabled = true
+	err = cl.Update(context.Background(), a)
+	assert.NoError(t, err)
 
 	// Once again reconcile ClusterRoleBinding
 	assert.NoError(t, r.reconcileClusterRoleBinding(workloadIdentifier, expectedClusterRole, a))

diff --git a/docs/usage/custom_roles.md b/docs/usage/custom_roles.md
@@ -59,3 +59,5 @@ metadata:
 spec:
   defaultClusterScopedRoleDisabled: true
 ```
+
+When `defaultClusterScopedRoleDisabled` is `true`, the default ClusterRole/ClusterRoleBindings for the Argo CD instance will not be created, and the administrative user is free to create and customize these independent of the operator. The field can later be set to `false`, to recreate these resources, if needed.
-Original file line number
+Diff line change
@@ Expand Up / @@ -59,3 +59,5 @@ metadata: @@
     spec:
       defaultClusterScopedRoleDisabled: true
     ```
+    When `defaultClusterScopedRoleDisabled` is `true`, the default ClusterRole/ClusterRoleBindings for the Argo CD instance will not be created, and the administrative user is free to create and customize these independent of the operator. The field can later be set to `false`, to recreate these resources, if needed.