Elgato_dark/argo-cd
1
0
Fork 0
mirror of https://github.com/argoproj/argo-cd synced 2026-05-23 01:08:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Add patch audit (#1416)

Browse source 
* Add auditing to patching commands

* Omit Patch Resource logs to prevent secret leaks
This commit is contained in:
dthomson25 2019-04-09 09:57:22 -06:00 committed by Alexander Matyushentsev
parent dea731a6b2
commit ad5d26f08a
2 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
server/application/application.go
View file

@ -361,6 +361,8 @@ func (s *Server) Patch(ctx context.Context, q *ApplicationPatchRequest) (*appv1.
return nil, err
}
s.logEvent(app, ctx, argo.EventReasonResourceUpdated, fmt.Sprintf("patched application %s/%s",app.Namespace, app.Name))
err = json.Unmarshal(patchApp, &app)
if err != nil {
return nil, err
@ -616,6 +618,7 @@ func (s *Server) PatchResource(ctx context.Context, q *ApplicationResourcePatchR
if err != nil {
return nil, err
}
s.logEvent(a, ctx, argo.EventReasonResourceUpdated, fmt.Sprintf("patched resource %s/%s '%s'", q.Group, q.Kind, q.ResourceName))
return &ApplicationResourceResponse{
Manifest: string(data),
}, nil

1
server/server.go
View file

@ -377,6 +377,7 @@ func (a *ArgoCDServer) newGRPCServer() *grpc.Server {
"/account.AccountService/UpdatePassword": true,
"/repository.RepositoryService/Create": true,
"/repository.RepositoryService/Update": true,
"/application.ApplicationService/PatchResource": true,
}
// NOTE: notice we do not configure the gRPC server here with TLS (e.g. grpc.Creds(creds))
// This is because TLS handshaking occurs in cmux handling