Skip to content

Commit 91e627d

Browse files
committed
fix: Make Renewal Token Expiry Feature Configurable
Signed-off-by: akhil nittala <nakhil@redhat.com>
1 parent 3ae859a commit 91e627d

1 file changed

Lines changed: 2 additions & 2 deletions

File tree

controllers/argocd/dex.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -80,13 +80,13 @@ func needsDexTokenRenewal(secret *corev1.Secret) bool {
8080
// Users can set enableDexTokenExpiry: false (default) in the ArgoCD CR to use the legacy non-expiring token approach.
8181
func isDexTokenExpiryFeatureEnabled(cr *argoproj.ArgoCD) bool {
8282
if cr.Spec.EnableDexTokenExpiry == nil {
83-
return false // Enabled by default (old behavior with non-expiring tokens)
83+
return false // Disabled by default (old behavior with non-expiring tokens)
8484
}
8585
return *cr.Spec.EnableDexTokenExpiry
8686
}
8787

8888
// getDexOAuthClientSecret returns a time-limited Dex OAuth client token via the TokenRequest API.
89-
// If token renewal is disabled via the feature flag, it falls back to the legacy approach.
89+
// If token renewal is enabled via the feature flag, it falls back to the legacy approach, else non-expiring tokens are used.
9090
func (r *ReconcileArgoCD) getDexOAuthClientSecret(cr *argoproj.ArgoCD) (*string, error) {
9191
// Check if token expiry feature is enabled, by default it is false, so we use the non-expiry legacy approach
9292
if !isDexTokenExpiryFeatureEnabled(cr) {

0 commit comments

Comments
 (0)