update the web based terminal docs

Signed-off-by: nitishfy <[email protected]> add fixes for the docs Signed-off-by: nitishfy <[email protected]> resolve minor fix Signed-off-by: nitishfy <[email protected]>
nitishfy · Aug 22, 2024 · 2a3070c · 2a3070c
1 parent 69ef68f
commit 2a3070c
Showing 1 changed file with 26 additions and 6 deletions.
diff --git a/docs/operator-manual/web_based_terminal.md b/docs/operator-manual/web_based_terminal.md
@@ -13,25 +13,45 @@ Kubernetes), then the user effectively has the same privileges as that ServiceAc
 ## Enabling the terminal
 <!-- Use indented code blocks for the numbered list to prevent breaking the numbering. See #11590 -->
 
-1. Set the `exec.enabled` key to `"true"` on the `argocd-cm` ConfigMap.
+1. In the `argocd-cm` ConfigMap, set the `exec.enabled` key to `"true"`. This enables the exec feature in Argo CD.
+
+    ```
+    apiVersion: v1
+    kind: ConfigMap
+    metadata:
+      name: argocd-cm
+      namespace: <namespace>  # Replace <namespace> with your actual namespace
+    data:
+      exec.enabled: "true"
+    ```
 
 2. Patch the `argocd-server` Role (if using namespaced Argo) or ClusterRole (if using clustered Argo) to allow `argocd-server`
-to exec into pods
+to `exec` into pods
 
         - apiGroups:
           - ""
           resources:
           - pods/exec
           verbs:
           - create
+   If you'd like to perform the patch imperatively, you can use the following command:
+        
+    - For namespaced Argo
+         ```
+         kubectl patch role <argocd-server-role-name> -n argocd - type='json' -p='[{"op": "add", "path": "/rules/-", "value": {"apiGroups": ["*"], "resources": ["pods/exec"], "verbs": ["create"]}}]'
+         ```
+    - For clustered Argo
+         ````
+         kubectl patch clusterrole <argocd-server-clusterrole-name> - type='json' -p='[{"op": "add", "path": "/rules/-", "value": {"apiGroups": ["*"], "resources": ["pods/exec"], "verbs": ["create"]}}]'
+         ```
 
+3. Add RBAC rules to allow your users to `create` the `exec` resource i.e. 
 
-3. Add RBAC rules to allow your users to `create` the `exec` resource, i.e. 
+        p, role:myrole, exec, create, */*, allow 
 
-        p, role:myrole, exec, create, */*, allow
+    This can be added either to the `argocd-cm` `Configmap` manifest or an `AppProject` manifest.
 
-
-See [RBAC Configuration](rbac.md#exec-resource) for more info.
+   See [RBAC Configuration](rbac.md#exec-resource) for more info.
 
 ## Changing allowed shells