Argo/Charts/argo-cd/values.yaml

argo-cd:
  dex:
    enabled: true
  server:
    rbacConfig:
      policy.csv: |
        g, roxedus, role:admin
        g, ArgoCD Admins, role:admin
    #service:
    #  type: NodePort
    extraArgs:
      - --insecure

    ingress:
      enabled: true
      ingressClassName: traefik
      annotations:
        cert-manager.io/acme-challenge-type: dns01
        cert-manager.io/cluster-issuer: roxedus.com-cloudflare
      hosts:
        - argo.roxedus.com
      tls:
        - hosts:
            - argo.roxedus.com
          secretName: argo-roxedus-com-cert

    config:
      accounts.roxedus: apiKey, login
      #      accounts.admin.enabled: "false"
      repositories: |
        - type: helm
          name: argo-cd
          url: https://argoproj.github.io/argo-helm
  configs:
    cm:
      #      admin.enabled: false
      url: https://argo.roxedus.com

      resource.customizations.health.networking.k8s.io_Ingress: |
        hs = {}
        hs.status = "Healthy"
        return hs

      ? resource.customizations.ignoreDifferences.admissionregistration.k8s.io_MutatingWebhookConfiguration
      : |
        jqPathExpressions:
        - '.webhooks[]?.clientConfig.caBundle'

      resource.customizations.health.cert-manager.io_Certificate: |
        hs = {}
        if obj.status ~= nil then
          if obj.status.conditions ~= nil then
            for i, condition in ipairs(obj.status.conditions) do
              if condition.type == "Ready" and condition.status == "False" then
                hs.status = "Degraded"
                hs.message = condition.message
                return hs
              end
              if condition.type == "Ready" and condition.status == "True" then
                hs.status = "Healthy"
                hs.message = condition.message
                return hs
              end
            end
          end
        end

        hs.status = "Progressing"
        hs.message = "Waiting for certificate"
        return hs

      # dex.config: |

      #   connectors:
      #   - config:
      #       issuer: https://authentik.roxedus.com/application/o/argo/
      #       clientID: 509095b1ecd5117c95b9a2879d1cbcd5adc0b5d9
      #       clientSecret: $authentik-sso:oidc.auth0.clientSecret
      #       insecureEnableGroups: true
      #       scopes:
      #         - openid
      #         - profile
      #         - email
      #         - groups
      #     name: authentik
      #     type: oidc
      #     id: authentik
Cleaned history 2023-02-07 09:17:49 +01:00			`argo-cd:`
			`dex:`
SSO? 2022-12-05 15:18:00 +01:00			`enabled: true`
Cleaned history 2023-02-07 09:17:49 +01:00			`server:`
			`rbacConfig:`
			`policy.csv: \|`
			`g, roxedus, role:admin`
SSO? 2022-12-05 15:18:00 +01:00			`g, ArgoCD Admins, role:admin`
Ingress! 2022-12-15 14:10:52 +01:00			`#service:`
			`# type: NodePort`
Cleaned history 2023-02-07 09:17:49 +01:00			`extraArgs:`
			`- --insecure`
ingress 2022-12-05 15:41:09 +01:00
ingress test 2022-12-15 13:57:16 +01:00			`ingress:`
			`enabled: true`
			`ingressClassName: traefik`
			`annotations:`
			`cert-manager.io/acme-challenge-type: dns01`
			`cert-manager.io/cluster-issuer: roxedus.com-cloudflare`
			`hosts:`
			`- argo.roxedus.com`
			`tls:`
			`- hosts:`
			`- argo.roxedus.com`
			`secretName: argo-roxedus-com-cert`
ingress 2022-12-05 15:41:09 +01:00
Cleaned history 2023-02-07 09:17:49 +01:00			`config:`
			`accounts.roxedus: apiKey, login`
start again, again 2022-12-13 16:18:52 +01:00			`# accounts.admin.enabled: "false"`
Cleaned history 2023-02-07 09:17:49 +01:00			`repositories: \|`
			`- type: helm`
			`name: argo-cd`
			`url: https://argoproj.github.io/argo-helm`
aa 2022-12-05 14:24:52 +01:00			`configs:`
			`cm:`
start again, again 2022-12-13 16:18:52 +01:00			`# admin.enabled: false`
SSO? 2022-12-05 15:18:00 +01:00			`url: https://argo.roxedus.com`

test2 2022-12-05 14:40:48 +01:00			`resource.customizations.health.networking.k8s.io_Ingress: \|`
			`hs = {}`
			`hs.status = "Healthy"`
			`return hs`
test 2022-12-05 14:33:10 +01:00
diff 2022-12-15 11:51:55 +01:00			`? resource.customizations.ignoreDifferences.admissionregistration.k8s.io_MutatingWebhookConfiguration`
			`: \|`
			`jqPathExpressions:`
			`- '.webhooks[]?.clientConfig.caBundle'`

test2 2022-12-05 14:40:48 +01:00			`resource.customizations.health.cert-manager.io_Certificate: \|`
			`hs = {}`
			`if obj.status ~= nil then`
			`if obj.status.conditions ~= nil then`
			`for i, condition in ipairs(obj.status.conditions) do`
			`if condition.type == "Ready" and condition.status == "False" then`
			`hs.status = "Degraded"`
			`hs.message = condition.message`
			`return hs`
			`end`
			`if condition.type == "Ready" and condition.status == "True" then`
			`hs.status = "Healthy"`
			`hs.message = condition.message`
			`return hs`
test 2022-12-05 14:33:10 +01:00			`end`
			`end`
			`end`
test2 2022-12-05 14:40:48 +01:00			`end`
test 2022-12-05 14:33:10 +01:00
test2 2022-12-05 14:40:48 +01:00			`hs.status = "Progressing"`
			`hs.message = "Waiting for certificate"`
			`return hs`
SSO? 2022-12-05 15:18:00 +01:00
start again, again 2022-12-13 16:18:52 +01:00			`# dex.config: \|`
SSO? 2022-12-05 15:18:00 +01:00
start again, again 2022-12-13 16:18:52 +01:00			`# connectors:`
			`# - config:`
			`# issuer: https://authentik.roxedus.com/application/o/argo/`
			`# clientID: 509095b1ecd5117c95b9a2879d1cbcd5adc0b5d9`
			`# clientSecret: $authentik-sso:oidc.auth0.clientSecret`
			`# insecureEnableGroups: true`
			`# scopes:`
			`# - openid`
			`# - profile`
			`# - email`
			`# - groups`
			`# name: authentik`
			`# type: oidc`
			`# id: authentik`