Skip to content

Commit

Permalink
fix: new argocd version
Browse files Browse the repository at this point in the history
  • Loading branch information
@cedi
cedi committed Mar 26, 2024
1 parent b4afe4a commit 4658b85
Showing 1 changed file with 80 additions and 34 deletions.
114 changes: 80 additions & 34 deletions kustomize/bases/argocd/helm-values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,34 @@ global:
topologyKey: topology.kubernetes.io/zone
whenUnsatisfiable: ScheduleAnyway

domain: argocd.cedi.dev

image:
repository: "ghcr.io/cedi-dev/argocd-custom-container"
imagePullPolicy: "Always"

logging:
format: json

deploymentStrategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%

dex:
enabled: true

containerSecurityContext:
runAsNonRoot: false
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL

metrics:
enabled: true
serviceMonitor:
Expand All @@ -20,6 +46,10 @@ dex:
redis:
serviceAccount:
create: true

exporter:
enabled: false

metrics:
enabled: true
serviceMonitor:
Expand All @@ -34,10 +64,6 @@ redis:
repoServer:
replicas: 2

image:
repository: "ghcr.io/cedi-dev/argocd-custom-container"
imagePullPolicy: "Always"

volumes:
- name: helm-secrets
secret:
Expand Down Expand Up @@ -68,27 +94,11 @@ repoServer:
server:
replicas: 2

image:
repository: "ghcr.io/cedi-dev/argocd-custom-container"
imagePullPolicy: "Always"
certificate:
enabled: false
domain: argocd.cedi.dev

config:
url: https://argocd.cedi.dev
kustomize.buildOptions: "--enable-alpha-plugins --enable-helm"
exec.enabled: "true"
dex.config: |
connectors:
- type: github
id: github
name: GitHub
config:
clientID: $dex.oauth.github.clientID
clientSecret: $dex.oauth.github.clientSecret
orgs:
- name: cedi-dev
resource.exclusions: |
- apiGroups:
- cilium.io
Expand All @@ -105,25 +115,13 @@ server:
pathType: ImplementationSpecific
hosts:
- argocd.cedi.dev
tls:
- secretName: argocd-secret
hosts:
- argocd.cedi.dev
tls: true

annotations:
"cert-manager.io/cluster-issuer": "letsencrypt-prod"
"nginx.ingress.kubernetes.io/backend-protocol": HTTPS
"nginx.ingress.kubernetes.io/ssl-passthrough": "true"

rbacConfig:
policy.default: role:readonly
policy.csv: |
p, role:org-admin, *, *, *, allow
p, role:viewer, *, get, *, allow
g, cedi-dev:argocd, role:viewer
g, cedi-dev:admin, role:org-admin
metrics:
enabled: true
serviceMonitor:
Expand All @@ -140,6 +138,17 @@ server:

applicationSet:
replicas: 2

containerSecurityContext:
runAsNonRoot: false
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL

metrics:
enabled: true
serviceMonitor:
Expand All @@ -154,7 +163,20 @@ applicationSet:
controller:
# -- The number of application controller pods to run.
# If changing the number of replicas you must pass the number as `ARGOCD_CONTROLLER_REPLICAS` as an environment variable
replicas: 1
replicas: 2

dynamicClusterDistribution: true

containerSecurityContext:
runAsNonRoot: false
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL

metrics:
enabled: true
serviceMonitor:
Expand All @@ -170,9 +192,33 @@ notifications:
enabled: false

configs:
cm:
exec.enabled: "true"
kustomize.buildOptions: "--enable-alpha-plugins --enable-helm"
dex.config: |
connectors:
- type: github
id: github
name: GitHub
config:
clientID: $dex.oauth.github.clientID
clientSecret: $dex.oauth.github.clientSecret
orgs:
- name: cedi-dev
params:
create: true
otlp.address: "tempo-distributor.observability.svc.cluster.local:4317"

rbac:
create: true
policy.default: role:readonly
policy.csv: |
p, role:org-admin, *, *, *, allow
p, role:viewer, *, get, *, allow
g, cedi-dev:argocd, role:viewer
g, cedi-dev:admin, role:org-admin
secret:
extra:
dex.oauth.github.clientID: foobar1234
Expand Down

0 comments on commit 4658b85

Please sign in to comment.