argo workflows --- 配置持久化 persistence

argo submit hello-example-workflow.yaml -n argo 提交工作流报错

failed to check if secret argo-workflows-agent-ca-certificates exists: secrets "argo-workflows-agent-ca-certificates" is forbidden: User "system:serviceaccount:argo:argo-workflows-workflow-controller" cannot get resource "secrets" in API group "" in the namespace "argo"

查看argo-workflows-workflow-controller 这clusterRole确实没有secrets的get权限

我用的是helm方式安装的argo workflows，查看资源文件，发现需要使能持久化才行

直接修改values文件，修改配置就好了

  # -- enable persistence using postgres
  persistence:
    connectionPool:
      maxIdleConns: 100
      maxOpenConns: 0
    # save the entire workflow into etcd and DB
    nodeStatusOffLoad: false
    # enable archiving of old workflows
    archive: false

   # Optional config for mysql:
    mysql:
      host: 110.30.41.15
      port: 3306
      database: argo
      tableName: argo_workflows
      userNameSecret:
        name: root
        key: username
      passwordSecret:
        name: Happy_xxxxxx
        key: password

参考： argoproj.github.io/argo-workfl…

argoproj.github.io/argo-workfl…

  # enable persistence using postgres
  persistence: |
    connectionPool:
      maxIdleConns: 100
      maxOpenConns: 0
      connMaxLifetime: 0s # 0 means connections don't have a max lifetime
    #  if true node status is only saved to the persistence DB to avoid the 1MB limit in etcd
    nodeStatusOffLoad: false
    # save completed workloads to the workflow archive
    archive: false
    # the number of days to keep archived workflows (the default is forever)
    archiveTTL: 180d
    # skip database migration if needed.
    # skipMigration: true

    # LabelSelector determines the workflow that matches with the matchlabels or matchrequirements, will be archived.
    # https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
    archiveLabelSelector:
      matchLabels:
        workflows.argoproj.io/archive-strategy: "always"

    # Optional name of the cluster I'm running in. This must be unique for your cluster.
    clusterName: default
    postgresql:
      host: localhost
      port: 5432
      database: postgres
      tableName: argo_workflows
      # the database secrets must be in the same namespace of the controller
      userNameSecret:
        name: argo-postgres-config
        key: username
      passwordSecret:
        name: argo-postgres-config
        key: password
      ssl: true
      # sslMode must be one of: disable, require, verify-ca, verify-full
      # you can find more information about those ssl options here: https://godoc.org/github.com/lib/pq
      sslMode: require

    # Optional config for mysql:
    # mysql:
    #   host: localhost
    #   port: 3306
    #   database: argo
    #   tableName: argo_workflows
    #   userNameSecret:
    #     name: argo-mysql-config
    #     key: username
    #   passwordSecret:
    #     name: argo-mysql-config
    #     key: password