2023-02-07 09:17:49 +01:00
|
|
|
argo-cd:
|
|
|
|
dex:
|
2022-12-05 15:18:00 +01:00
|
|
|
enabled: true
|
2023-02-07 09:17:49 +01:00
|
|
|
server:
|
|
|
|
rbacConfig:
|
|
|
|
policy.csv: |
|
|
|
|
g, roxedus, role:admin
|
2022-12-05 15:18:00 +01:00
|
|
|
g, ArgoCD Admins, role:admin
|
2022-12-15 14:10:52 +01:00
|
|
|
#service:
|
|
|
|
# type: NodePort
|
2023-02-07 09:17:49 +01:00
|
|
|
extraArgs:
|
|
|
|
- --insecure
|
2022-12-05 15:41:09 +01:00
|
|
|
|
2022-12-15 13:57:16 +01:00
|
|
|
ingress:
|
|
|
|
enabled: true
|
|
|
|
ingressClassName: traefik
|
|
|
|
annotations:
|
|
|
|
cert-manager.io/acme-challenge-type: dns01
|
|
|
|
cert-manager.io/cluster-issuer: roxedus.com-cloudflare
|
|
|
|
hosts:
|
|
|
|
- argo.roxedus.com
|
|
|
|
tls:
|
|
|
|
- hosts:
|
|
|
|
- argo.roxedus.com
|
|
|
|
secretName: argo-roxedus-com-cert
|
2022-12-05 15:41:09 +01:00
|
|
|
|
2023-02-07 09:17:49 +01:00
|
|
|
config:
|
|
|
|
accounts.roxedus: apiKey, login
|
2022-12-20 10:39:01 +01:00
|
|
|
accounts.admin.enabled: "false"
|
2023-02-07 09:17:49 +01:00
|
|
|
repositories: |
|
|
|
|
- type: helm
|
|
|
|
name: argo-cd
|
|
|
|
url: https://argoproj.github.io/argo-helm
|
2022-12-05 14:24:52 +01:00
|
|
|
configs:
|
|
|
|
cm:
|
2022-12-05 15:18:00 +01:00
|
|
|
url: https://argo.roxedus.com
|
|
|
|
|
2022-12-05 14:40:48 +01:00
|
|
|
resource.customizations.health.networking.k8s.io_Ingress: |
|
|
|
|
hs = {}
|
|
|
|
hs.status = "Healthy"
|
|
|
|
return hs
|
2022-12-05 14:33:10 +01:00
|
|
|
|
2022-12-15 11:51:55 +01:00
|
|
|
? resource.customizations.ignoreDifferences.admissionregistration.k8s.io_MutatingWebhookConfiguration
|
|
|
|
: |
|
|
|
|
jqPathExpressions:
|
|
|
|
- '.webhooks[]?.clientConfig.caBundle'
|
|
|
|
|
2022-12-05 14:40:48 +01:00
|
|
|
resource.customizations.health.cert-manager.io_Certificate: |
|
|
|
|
hs = {}
|
|
|
|
if obj.status ~= nil then
|
|
|
|
if obj.status.conditions ~= nil then
|
|
|
|
for i, condition in ipairs(obj.status.conditions) do
|
|
|
|
if condition.type == "Ready" and condition.status == "False" then
|
|
|
|
hs.status = "Degraded"
|
|
|
|
hs.message = condition.message
|
|
|
|
return hs
|
|
|
|
end
|
|
|
|
if condition.type == "Ready" and condition.status == "True" then
|
|
|
|
hs.status = "Healthy"
|
|
|
|
hs.message = condition.message
|
|
|
|
return hs
|
2022-12-05 14:33:10 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2022-12-05 14:40:48 +01:00
|
|
|
end
|
2022-12-05 14:33:10 +01:00
|
|
|
|
2022-12-05 14:40:48 +01:00
|
|
|
hs.status = "Progressing"
|
|
|
|
hs.message = "Waiting for certificate"
|
|
|
|
return hs
|
2022-12-05 15:18:00 +01:00
|
|
|
|
2022-12-20 10:39:01 +01:00
|
|
|
dex.config: |
|
2022-12-05 15:18:00 +01:00
|
|
|
|
2022-12-20 10:39:01 +01:00
|
|
|
connectors:
|
|
|
|
- config:
|
|
|
|
issuer: https://authentik.roxedus.com/application/o/argo/
|
2022-12-20 10:51:46 +01:00
|
|
|
clientID: $argo-cd-sso:clientID
|
|
|
|
clientSecret: $argo-cd-sso:clientSecret
|
2022-12-20 10:39:01 +01:00
|
|
|
insecureEnableGroups: true
|
|
|
|
scopes:
|
|
|
|
- openid
|
|
|
|
- profile
|
|
|
|
- email
|
|
|
|
- groups
|
|
|
|
name: authentik
|
|
|
|
type: oidc
|
|
|
|
id: authentik
|