73 lines
1.9 KiB
YAML
73 lines
1.9 KiB
YAML
configs:
|
|
cm:
|
|
url: https://argocd.dvirlabs.com
|
|
admin.enabled: "true"
|
|
exec.enabled: "true"
|
|
application.instanceLabelKey: argocd.argoproj.io/instance
|
|
application.sync.impersonation.enabled: "false"
|
|
server.rbac.log.enforce.enable: "false"
|
|
statusbadge.enabled: "false"
|
|
timeout.hard.reconciliation: 0s
|
|
timeout.reconciliation: 180s
|
|
resource.customizations.health.networking.k8s.io_Ingress: |
|
|
hs = {}
|
|
hs.status = "Healthy"
|
|
return hs
|
|
oidc.config: |
|
|
name: Keycloak
|
|
issuer: https://keycloak.dvirlabs.com/realms/lab
|
|
clientID: argocd
|
|
clientSecret: TReJ5S8anDsrHoAudKLPAgk8ss9G7vzz
|
|
requestedScopes: ["openid", "profile", "email", "groups", "offline_access"]
|
|
requestedIDTokenClaims:
|
|
groups:
|
|
essential: true
|
|
|
|
rbac:
|
|
scopes: '[groups]'
|
|
policy.csv: |
|
|
g, gitea-users-argocd, role:observability-admin
|
|
g, argocd-admins, role:admin
|
|
policy.default: role:readonly
|
|
roles: |
|
|
p, role:observability-admin, projects, get, observability, allow
|
|
p, role:observability-admin, projects, update, observability, allow
|
|
p, role:observability-admin, applications, *, observability/*, allow
|
|
p, role:observability-admin, repositories, *, *, allow
|
|
|
|
params:
|
|
server.insecure: "true"
|
|
|
|
dex:
|
|
enabled: false # 🚫 מבטל את Dex כדי לאפשר OIDC לעבוד
|
|
|
|
server:
|
|
extraArgs:
|
|
- --insecure
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: traefik
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
hosts:
|
|
- argocd.dvirlabs.com
|
|
service:
|
|
type: ClusterIP
|
|
|
|
controller:
|
|
resources:
|
|
limits:
|
|
memory: 2Gi
|
|
requests:
|
|
cpu: 200m
|
|
memory: 1Gi
|
|
|
|
repoServer:
|
|
resources:
|
|
limits:
|
|
memory: 512Mi
|
|
requests:
|
|
cpu: 100m
|
|
memory: 256Mi
|