-
torgiren authored
Signed-off-by:Marcin Fabrykowski <git@fabrykowski.pl>
Unverifiedf372ccde
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: argocd
namespace: argocd
annotations:
argocd.argoproj.io/sync-options: Prune=true
argocd.argoproj.io/sync-wave: "-1"
spec:
project: exphost
source:
repoURL: 'https://argoproj.github.io/argo-helm'
targetRevision: 7.3.9
chart: argo-cd
helm:
values: |
controller:
metrics:
enabled: true
serviceMonitor:
enabled: true
server:
extraArgs:
- --insecure
metrics:
enabled: true
serviceMonitor:
enabled: true
ingress:
enabled: true
hostname: argocd.{{ .Values.domain}}
tls: true
#https: false
annotations:
cert-manager.io/cluster-issuer: acme-issuer
ingressGrpc:
enabled: false
hostname: argocd.{{ .Values.domain}}
tls: true
#https: false
config:
cm:
url: https://argocd.{{ .Values.domain }}
oidc.config: |
name: dex
issuer: "https://auth.{{ .Values.domain }}/dex"
clientID: argo
cliClientID: argocli
clientSecret: nY4pHGFH0dXKARUWwsxh1Q==
requestedIDTokenClaims:
groups:
essential: true
requestedScopes:
- openid
- profile
- email
- groups
rbac:
policy.csv: |
g, argo-admins, role:admin
repoServer:
metrics:
enabled: true
serviceMonitor:
enabled: true
destination:
server: 'https://kubernetes.default.svc'
namespace: argocd
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true