Added Argocd
This commit is contained in:
Ultradesu
15
k8s/core/argocd/kustomization.yaml
Normal file
15
k8s/core/argocd/kustomization.yaml
Normal file
@ -0,0 +1,15 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources: []
|
||||
# - external-secrets.yaml
|
||||
|
||||
helmCharts:
|
||||
- name: argo-cd
|
||||
repo: https://argoproj.github.io/argo-helm
|
||||
version: 7.8.23
|
||||
releaseName: argocd
|
||||
namespace: argocd
|
||||
valuesFile: values.yaml
|
||||
includeCRDs: true
|
||||
|
||||
124
k8s/core/argocd/values.yaml
Normal file
124
k8s/core/argocd/values.yaml
Normal file
@ -0,0 +1,124 @@
|
||||
# Argo CD Helm Chart Values
|
||||
# Includes Redis HA, Ingress for Traefik/cert-manager, and global Kustomize Helm support.
|
||||
|
||||
global:
|
||||
# Default domain (can be overridden in ingress)
|
||||
domain: ag.hexor.cy
|
||||
logging:
|
||||
format: text
|
||||
level: info
|
||||
|
||||
crds:
|
||||
install: true
|
||||
keep: true # Recommended to keep true so CRDs are not deleted on uninstall
|
||||
|
||||
configs:
|
||||
# Settings for argocd-cm ConfigMap
|
||||
cm:
|
||||
create: true
|
||||
# --- GLOBAL KUSTOMIZE OPTION ---
|
||||
# Enables --enable-helm flag for all Kustomize builds managed by this Argo CD instance
|
||||
kustomize.buildOptions: --enable-helm
|
||||
# ----------------------------------
|
||||
# Standard/recommended values:
|
||||
application.instanceLabelKey: argocd.argoproj.io/instance
|
||||
admin.enabled: true
|
||||
timeout.reconciliation: 180s
|
||||
# Add other necessary keys for argocd-cm here
|
||||
|
||||
# Settings for argocd-rbac-cm ConfigMap
|
||||
rbac:
|
||||
create: true
|
||||
policy.default: ""
|
||||
# policy.csv: |
|
||||
# p, role:org-admin, applications, *, */*, allow
|
||||
# g, your-github-group, role:org-admin
|
||||
|
||||
# Settings for argocd-secret Secret
|
||||
secret:
|
||||
createSecret: true
|
||||
# IMPORTANT: Set admin password hash below or manage the secret externally.
|
||||
# How to generate hash: htpasswd -nbBC 10 "" PASSWORD | tr -d ':\n' | sed 's/$2y/$2a/'
|
||||
argocdServerAdminPassword: "" # <--- SET BCRYPT HASH HERE OR MANAGE EXTERNALLY
|
||||
# Add other secrets like webhook secrets, OIDC client secrets etc. if needed
|
||||
# githubSecret: ""
|
||||
# gitlabSecret: ""
|
||||
|
||||
# Application Controller
|
||||
controller:
|
||||
replicas: 1
|
||||
# Add resources (requests/limits), PDB etc. if needed
|
||||
|
||||
# Dex OIDC provider
|
||||
dex:
|
||||
enabled: true # Keep enabled unless using external OIDC/SAML directly
|
||||
# Add resources, PDB etc. if needed
|
||||
|
||||
# Standard Redis disabled because Redis HA is enabled
|
||||
redis:
|
||||
enabled: false
|
||||
|
||||
# Redis HA (replaces standard Redis)
|
||||
redis-ha:
|
||||
enabled: true
|
||||
# Default settings usually work, including auth via 'argocd-redis' secret.
|
||||
# Assumes 'redisSecretInit' job is enabled (default) to create the secret.
|
||||
haproxy:
|
||||
enabled: true
|
||||
redis:
|
||||
config:
|
||||
# Disable Redis disk persistence for cache performance (Argo CD uses it as a cache)
|
||||
save: '""'
|
||||
|
||||
# Argo CD Server (API and UI)
|
||||
server:
|
||||
replicas: 1
|
||||
|
||||
# Ingress settings
|
||||
ingress:
|
||||
enabled: true
|
||||
ingressClassName: traefik
|
||||
annotations:
|
||||
# For cert-manager
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
# For Traefik middleware (ensure it exists)
|
||||
traefik.ingress.kubernetes.io/router.middlewares: kube-system-https-redirect@kubernetescrd
|
||||
# For cert-manager HTTP01 challenge
|
||||
acme.cert-manager.io/http01-edit-in-place: "true"
|
||||
hostname: ag.hexor.cy
|
||||
path: /
|
||||
pathType: Prefix
|
||||
# --- TLS Settings ---
|
||||
# Disable default chart TLS mechanism
|
||||
tls: false
|
||||
# Use extraTls for custom secret name
|
||||
extraTls:
|
||||
- secretName: argocd-tls # Secret name for Ingress to use (must be created by cert-manager)
|
||||
hosts:
|
||||
- ag.hexor.cy
|
||||
|
||||
# --- Certificate Settings ---
|
||||
# Disable automatic Certificate resource creation by the chart.
|
||||
# IMPORTANT: You MUST create a Certificate resource manually or via extraObjects
|
||||
# that uses the 'letsencrypt' ClusterIssuer and targets 'secretName: argocd-tls'.
|
||||
certificate:
|
||||
enabled: false
|
||||
certificateSecret:
|
||||
enabled: false
|
||||
# Add resources (requests/limits), PDB etc. if needed
|
||||
|
||||
# Repository Server
|
||||
repoServer:
|
||||
replicas: 1
|
||||
# Add resources (requests/limits), PDB etc. if needed
|
||||
|
||||
# ApplicationSet Controller
|
||||
applicationSet:
|
||||
enabled: true # Enabled by default
|
||||
replicas: 1
|
||||
# Add resources (requests/limits), PDB etc. if needed
|
||||
|
||||
# Notifications Controller
|
||||
notifications:
|
||||
enabled: true # Enabled by default
|
||||
# Add notifiers, triggers, templates configurations if needed
|
||||
Reference in New Issue
Block a user