80 lines
2.6 KiB
YAML
80 lines
2.6 KiB
YAML
global:
|
|
image:
|
|
tag: v3.3.3
|
|
|
|
configs:
|
|
cm:
|
|
url: https://argocd.dvirlabs.com
|
|
admin.enabled: "true"
|
|
exec.enabled: "true"
|
|
application.instanceLabelKey: argocd.argoproj.io/instance
|
|
application.sync.impersonation.enabled: "false"
|
|
server.rbac.log.enforce.enable: "false"
|
|
statusbadge.enabled: "false"
|
|
timeout.hard.reconciliation: 0s
|
|
timeout.reconciliation: 180s
|
|
resource.customizations.health.networking.k8s.io_Ingress: |
|
|
hs = {}
|
|
hs.status = "Healthy"
|
|
return hs
|
|
oidc.config: |
|
|
name: Keycloak
|
|
issuer: https://keycloak.dvirlabs.com/realms/lab
|
|
clientID: argocd
|
|
clientSecret: TReJ5S8anDsrHoAudKLPAgk8ss9G7vzz
|
|
requestedScopes: ["openid", "profile", "email", "groups", "offline_access"]
|
|
requestedIDTokenClaims:
|
|
groups:
|
|
essential: true
|
|
ssh:
|
|
knownHosts: |
|
|
[gitea-ssh.dev-tools.svc.cluster.local]:2222 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC2zbaUZ4jUfc6Z/e47AJUiOVv9p9OgRRwwCvDi5tDpntMWbl18NDI9jCVS27sGIxZ+wJmZFWR/gRIQahsmPPkjXHDcd16SxADC58OOa+DJDlr/iE4UyOSX1Gpa/uVtiBDIJF8G/wTMtsnHrbOFkONvIKqdnCOIVmQ9rJd6lqlgBQSzInSYa7ovZMXYeUDeiaGutHqVKW1OWF9toVlifnbGvn/WFJw0V5mjsXqOnRXWbn4amHc84GHw98wUATUv5uTYtmUdbfIAene3L4SlZetlNXRYTxcPieK0mx5iTZNuo4i782OP1PkJxKvW00bnpqFYlRsshOFcvQ0ioQM2ARUBADIiXe5cpHvvk2e24oqzGAVKRn0rS+ARKHgWzQif0sC4qS4KCdnGXgpR3ijJKSAwWWvNi2D6zLi39g7gaX8zjqMVSAMp7UcOC40QxNs0gxqwUUSUY7XYqxpKRvDS7b2aeeUgKGTAQmumXzgtUqzQ0kruCEHbVoNJmQsRgT4FYcDCDQQ/9HGlxkvzLqPT7DGPk0v3/7u184p8qzWmiOnERdflegp9BkQ008jps6wN75ohrEZJlFxKv+0+IE6OcyE9FgM8edejHcVE81tKHzM2nO795Ixl3UWAEHdUpZKZlvp0L6raOd0eGjR/jZO3D+fOX55OLKW+o4T7wodp/fey8w==
|
|
|
|
rbac:
|
|
scopes: '[groups]'
|
|
policy.csv: |
|
|
g, gitea-users-argocd, role:observability-admin
|
|
g, argocd-admins, role:admin
|
|
policy.default: role:readonly
|
|
roles: |
|
|
p, role:observability-admin, projects, get, observability, allow
|
|
p, role:observability-admin, projects, update, observability, allow
|
|
p, role:observability-admin, applications, *, observability/*, allow
|
|
p, role:observability-admin, repositories, *, *, allow
|
|
|
|
params:
|
|
server.insecure: "true"
|
|
|
|
dex:
|
|
enabled: false
|
|
|
|
server:
|
|
extraArgs:
|
|
- --insecure
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: traefik
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
hosts:
|
|
- argocd.dvirlabs.com
|
|
service:
|
|
type: ClusterIP
|
|
|
|
controller:
|
|
resources:
|
|
limits:
|
|
memory: 2Gi
|
|
requests:
|
|
cpu: 200m
|
|
memory: 1Gi
|
|
|
|
repoServer:
|
|
resources:
|
|
limits:
|
|
memory: 512Mi
|
|
requests:
|
|
cpu: 100m
|
|
memory: 256Mi
|
|
|