feat: add extra volume and volumeMounts spec to Dex (#1693)

* feat: add Volumes,VolumeMounts field to ArgoCDDexSpec

Signed-off-by: miinsun <kor3334@naver.com>

* feat: add Volumes, VolumeMounts to dex deployment

Signed-off-by: miinsun <kor3334@naver.com>

* feat: update deep copy for generated

Signed-off-by: miinsun <kor3334@naver.com>

* feat: add dex volume unit test

Signed-off-by: miinsun <kor3334@naver.com>

* docs: add documentation for Dex deployment volumes and volume mounts

Signed-off-by: miinsun <kor3334@naver.com>

* feat: add e2e test

Signed-off-by: miinsun <kor3334@naver.com>

* feat: generate operator bundle manifests

Signed-off-by: miinsun <kor3334@naver.com>

* Update tests/k8s/1-007_validate_volume_mounts/03-install.yaml

Co-authored-by: Siddhesh Ghadi <61187612+svghadi@users.noreply.github.com>
Signed-off-by: 민선 (minnie) <61786235+miinsun@users.noreply.github.com>

* feat: generate operator bundle manifests

Signed-off-by: 민선 (minnie) <61786235+miinsun@users.noreply.github.com>

* Rebase and revert changes in 0.14.0 manifests

Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com>

* Add docs

Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com>

---------

Signed-off-by: miinsun <kor3334@naver.com>
Signed-off-by: 민선 (minnie) <61786235+miinsun@users.noreply.github.com>
Signed-off-by: Siddhesh Ghadi <sghadi1203@gmail.com>
Co-authored-by: Siddhesh Ghadi <61187612+svghadi@users.noreply.github.com>
Co-authored-by: Siddhesh Ghadi <sghadi1203@gmail.com>

Author: miinsun

api/v1beta1/argocd_types.go

@@ -268,6 +268,12 @@ type ArgoCDDexSpec struct {
 
 	// Env lets you specify environment variables for Dex.
 	Env []corev1.EnvVar `json:"env,omitempty"`
+
+	// Volumes adds volumes to the dex server container
+	Volumes []corev1.Volume `json:"volumes,omitempty"`
+
+	// VolumeMounts adds volumeMounts to the dex server container
+	VolumeMounts []corev1.VolumeMount `json:"volumeMounts,omitempty"`
 }
 
 // ArgoCDGrafanaSpec defines the desired state for the Grafana component.

api/v1beta1/zz_generated.deepcopy.go

@@ -247,7 +247,7 @@ metadata:
     capabilities: Deep Insights
     categories: Integration & Delivery
     certified: "false"
-    createdAt: "2025-07-24T05:46:40Z"
+    createdAt: "2025-07-26T07:37:32Z"
     description: Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
     operators.operatorframework.io/builder: operator-sdk-v1.35.0
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v4

bundle/manifests/argocd-operator.clusterserviceversion.yaml

@@ -253,8 +253,43 @@ func (r *ReconcileArgoCD) reconcileDexDeployment(cr *argoproj.ArgoCD) error {
 	AddSeccompProfileForOpenShift(r.Client, &deploy.Spec.Template.Spec)
 
 	dexEnv := proxyEnvVars()
+
+	dexVolumes := []corev1.Volume{
+		{
+			Name: "static-files",
+			VolumeSource: corev1.VolumeSource{
+				EmptyDir: &corev1.EmptyDirVolumeSource{},
+			},
+		},
+		{
+			Name: "dexconfig",
+			VolumeSource: corev1.VolumeSource{
+				EmptyDir: &corev1.EmptyDirVolumeSource{},
+			},
+		},
+	}
+
+	dexVolumeMounts := []corev1.VolumeMount{
+		{
+			Name:      "static-files",
+			MountPath: "/shared",
+		},
+		{
+			Name:      "dexconfig",
+			MountPath: "/tmp",
+		},
+	}
+
 	if cr.Spec.SSO != nil && cr.Spec.SSO.Dex != nil {
 		dexEnv = append(dexEnv, cr.Spec.SSO.Dex.Env...)
+
+		if cr.Spec.SSO.Dex.Volumes != nil {
+			dexVolumes = append(dexVolumes, cr.Spec.SSO.Dex.Volumes...)
+		}
+
+		if cr.Spec.SSO.Dex.VolumeMounts != nil {
+			dexVolumeMounts = append(dexVolumeMounts, cr.Spec.SSO.Dex.VolumeMounts...)
+		}
 	}
 
 	deploy.Spec.Template.Spec.Containers = []corev1.Container{{
@@ -301,16 +336,7 @@ func (r *ReconcileArgoCD) reconcileDexDeployment(cr *argoproj.ArgoCD) error {
 				Type: "RuntimeDefault",
 			},
 		},
-		VolumeMounts: []corev1.VolumeMount{
-			{
-				Name:      "static-files",
-				MountPath: "/shared",
-			},
-			{
-				Name:      "dexconfig",
-				MountPath: "/tmp",
-			},
-		},
+		VolumeMounts: dexVolumeMounts,
 	}}
 
 	deploy.Spec.Template.Spec.InitContainers = []corev1.Container{{
@@ -338,32 +364,11 @@ func (r *ReconcileArgoCD) reconcileDexDeployment(cr *argoproj.ArgoCD) error {
 				Type: "RuntimeDefault",
 			},
 		},
-		VolumeMounts: []corev1.VolumeMount{
-			{
-				Name:      "static-files",
-				MountPath: "/shared",
-			},
-			{
-				Name:      "dexconfig",
-				MountPath: "/tmp",
-			}},
+		VolumeMounts: dexVolumeMounts,
 	}}
 
 	deploy.Spec.Template.Spec.ServiceAccountName = fmt.Sprintf("%s-%s", cr.Name, common.ArgoCDDefaultDexServiceAccountName)
-	deploy.Spec.Template.Spec.Volumes = []corev1.Volume{
-		{
-			Name: "static-files",
-			VolumeSource: corev1.VolumeSource{
-				EmptyDir: &corev1.EmptyDirVolumeSource{},
-			},
-		},
-		{
-			Name: "dexconfig",
-			VolumeSource: corev1.VolumeSource{
-				EmptyDir: &corev1.EmptyDirVolumeSource{},
-			},
-		},
-	}
+	deploy.Spec.Template.Spec.Volumes = dexVolumes
 
 	existing := newDeploymentWithSuffix("dex-server", "dex-server", cr)
 	deplExists, err := argoutil.IsObjectFound(r.Client, cr.Namespace, existing.Name, existing)

bundle/manifests/argoproj.io_argocds.yaml

@@ -229,6 +229,93 @@ func TestReconcileArgoCD_reconcileDeployments_Dex_with_resources(t *testing.T) {
 	}
 }
 
+func TestReconcileArgoCD_reconcileDeployments_Dex_with_volumes(t *testing.T) {
+	logf.SetLogger(ZapLogger(true))
+
+	tests := []struct {
+		name       string
+		setEnvFunc func(*testing.T, string)
+		argoCD     *argoproj.ArgoCD
+	}{
+		{
+			name:       "dex with volumes - .spec.sso.provider=dex",
+			setEnvFunc: nil,
+			argoCD: makeTestArgoCD(func(cr *argoproj.ArgoCD) {
+				cr.Spec.SSO = &argoproj.ArgoCDSSOSpec{
+					Provider: argoproj.SSOProviderTypeDex,
+					Dex: &argoproj.ArgoCDDexSpec{
+						Volumes: []corev1.Volume{
+							{Name: "custom-config", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{}}},
+						},
+						VolumeMounts: []corev1.VolumeMount{
+							{Name: "custom-config", MountPath: "/etc/custom-config"},
+						},
+					},
+				}
+			}),
+		},
+	}
+
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+
+			resObjs := []client.Object{test.argoCD}
+			subresObjs := []client.Object{test.argoCD}
+			runtimeObjs := []runtime.Object{}
+			sch := makeTestReconcilerScheme(argoproj.AddToScheme)
+			cl := makeTestReconcilerClient(sch, resObjs, subresObjs, runtimeObjs)
+			r := makeTestReconciler(cl, sch)
+
+			if test.setEnvFunc != nil {
+				test.setEnvFunc(t, "false")
+			}
+
+			assert.NoError(t, r.reconcileDexDeployment(test.argoCD))
+
+			deployment := &appsv1.Deployment{}
+			assert.NoError(t, r.Client.Get(
+				context.TODO(),
+				types.NamespacedName{
+					Name:      test.argoCD.Name + "-dex-server",
+					Namespace: test.argoCD.Namespace,
+				},
+				deployment))
+
+			testVolumes := []corev1.Volume{
+				{
+					Name: "static-files",
+					VolumeSource: corev1.VolumeSource{
+						EmptyDir: &corev1.EmptyDirVolumeSource{},
+					},
+				},
+				{
+					Name: "dexconfig",
+					VolumeSource: corev1.VolumeSource{
+						EmptyDir: &corev1.EmptyDirVolumeSource{},
+					},
+				},
+				{
+					Name: "custom-config",
+					VolumeSource: corev1.VolumeSource{
+						EmptyDir: &corev1.EmptyDirVolumeSource{},
+					},
+				},
+			}
+
+			testVolumeMounts := []corev1.VolumeMount{
+				{Name: "static-files", MountPath: "/shared"},
+				{Name: "dexconfig", MountPath: "/tmp"},
+				{Name: "custom-config", MountPath: "/etc/custom-config"},
+			}
+
+			assert.Equal(t, deployment.Spec.Template.Spec.Volumes, testVolumes)
+
+			assert.Equal(t, deployment.Spec.Template.Spec.InitContainers[0].VolumeMounts, testVolumeMounts)
+			assert.Equal(t, deployment.Spec.Template.Spec.Containers[0].VolumeMounts, testVolumeMounts)
+		})
+	}
+}
+
 func TestReconcileArgoCD_reconcileDexDeployment(t *testing.T) {
 	logf.SetLogger(ZapLogger(true))
 	a := makeTestArgoCD()

config/crd/bases/argoproj.io_argocds.yaml

@@ -247,7 +247,7 @@ metadata:
     capabilities: Deep Insights
     categories: Integration & Delivery
     certified: "false"
-    createdAt: "2025-07-24T05:46:40Z"
+    createdAt: "2025-07-26T07:37:32Z"
     description: Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
     operators.operatorframework.io/builder: operator-sdk-v1.35.0
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v4