fix(server): make parameterized resource actions backwards-compatible (cherry-pick #23695) (#23709)

Signed-off-by: Michael Crenshaw <[email protected]>
Co-authored-by: Michael Crenshaw <[email protected]>

Author: gcp-cherry-pick-bot[bot]

assets/swagger.json

@@ -8,23 +8,23 @@ import (
 	"strconv"
 	"text/tabwriter"
 
-	"github.com/argoproj/argo-cd/v3/util/templates"
-
-	"github.com/argoproj/argo-cd/v3/cmd/util"
-
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+	"google.golang.org/grpc/codes"
 	"k8s.io/utils/ptr"
 	"sigs.k8s.io/yaml"
 
 	"github.com/argoproj/argo-cd/v3/cmd/argocd/commands/headless"
+	"github.com/argoproj/argo-cd/v3/cmd/util"
 	argocdclient "github.com/argoproj/argo-cd/v3/pkg/apiclient"
 	applicationpkg "github.com/argoproj/argo-cd/v3/pkg/apiclient/application"
 	"github.com/argoproj/argo-cd/v3/pkg/apis/application"
 	"github.com/argoproj/argo-cd/v3/pkg/apis/application/v1alpha1"
 	"github.com/argoproj/argo-cd/v3/util/argo"
 	"github.com/argoproj/argo-cd/v3/util/errors"
+	"github.com/argoproj/argo-cd/v3/util/grpc"
 	utilio "github.com/argoproj/argo-cd/v3/util/io"
+	"github.com/argoproj/argo-cd/v3/util/templates"
 )
 
 type DisplayedAction struct {
@@ -192,7 +192,26 @@ func NewApplicationResourceActionsRunCommand(clientOpts *argocdclient.ClientOpti
 			obj := filteredObjects[i]
 			gvk := obj.GroupVersionKind()
 			objResourceName := obj.GetName()
-			_, err := appIf.RunResourceAction(ctx, &applicationpkg.ResourceActionRunRequest{
+			_, err := appIf.RunResourceActionV2(ctx, &applicationpkg.ResourceActionRunRequestV2{
+				Name:         &appName,
+				AppNamespace: &appNs,
+				Namespace:    ptr.To(obj.GetNamespace()),
+				ResourceName: ptr.To(objResourceName),
+				Group:        ptr.To(gvk.Group),
+				Kind:         ptr.To(gvk.Kind),
+				Version:      ptr.To(gvk.GroupVersion().Version),
+				Action:       ptr.To(actionName),
+				// TODO: add support for parameters
+			})
+			if err == nil {
+				continue
+			}
+			if grpc.UnwrapGRPCStatus(err).Code() != codes.Unimplemented {
+				errors.CheckError(err)
+			}
+			fmt.Println("RunResourceActionV2 is not supported by the server, falling back to RunResourceAction.")
+			//nolint:staticcheck // RunResourceAction is deprecated, but we still need to support it for backward compatibility.
+			_, err = appIf.RunResourceAction(ctx, &applicationpkg.ResourceActionRunRequest{
 				Name:         &appName,
 				AppNamespace: &appNs,
 				Namespace:    ptr.To(obj.GetNamespace()),

cmd/argocd/commands/app_actions.go

@@ -2228,10 +2228,15 @@ func (c *fakeAppServiceClient) ListResourceActions(_ context.Context, _ *applica
 	return nil, nil
 }
 
+// nolint:staticcheck // ResourceActionRunRequest is deprecated, but we still need to implement it to satisfy the server interface.
 func (c *fakeAppServiceClient) RunResourceAction(_ context.Context, _ *applicationpkg.ResourceActionRunRequest, _ ...grpc.CallOption) (*applicationpkg.ApplicationResponse, error) {
 	return nil, nil
 }
 
+func (c *fakeAppServiceClient) RunResourceActionV2(_ context.Context, _ *applicationpkg.ResourceActionRunRequestV2, _ ...grpc.CallOption) (*applicationpkg.ApplicationResponse, error) {
+	return nil, nil
+}
+
 func (c *fakeAppServiceClient) DeleteResource(_ context.Context, _ *applicationpkg.ApplicationResourceDeleteRequest, _ ...grpc.CallOption) (*applicationpkg.ApplicationResponse, error) {
 	return nil, nil
 }

cmd/argocd/commands/app_test.go

@@ -20,6 +20,28 @@ The `--staticassets` directory in the API server (`/app/shared` by default) is n
 symlinks. This is to help protect against symlink attacks. If you have any symlinks in your `--staticassets` directory
 to a location outside the directory, they will return a 500 error starting with 3.1.
 
+## v1 Actions API Deprecated
+
+The `/api/v1/applications/{name}/resource/actions` endpoint is deprecated in favor of `/api/v1/applications/{name}/resource/actions/v2`.
+
+This endpoint allows API users to run a custom resource action on a specific resource in an application.
+
+The old endpoint accepted various parameters as query parameters. The POST body was the action name.
+
+The new endpoint accepts all parameters as part of the POST body as a JSON object. The new endpoint also supports a new
+`resourceActionParameters` field to parameterize action runs.
+
+The old endpoint will be removed in a future release, so users should migrate to the new endpoint as soon as possible.
+API clients will just need to change the endpoint URL and switch query string parameters to a JSON body.
+
+If the old endpoint is used, the API will log a warning message:
+
+> RunResourceAction was called. RunResourceAction is deprecated and will be removed in a future release. Use RunResourceActionV2 instead.
+
+The CLI will fall back to the old endpoint if the new one is not available. If it falls back, it will log a warning message:
+
+> RunResourceActionV2 is not supported by the server, falling back to RunResourceAction.
+
 ## OpenID Connect authorization code flow with PKCE is now handled by the server instead of the UI
 
 Previously, when PKCE was enabled, the authorization code flow (the process which happens when you log in to Argo CD using OpenID Connect) was handled by the UI, whereas this flow was handled by the server if PKCE was not enabled. The server now always handles this flow, PKCE being enabled or not.