applicationController:
  containerPort: 8082
  servicePort: 8082
  image:
    repository: argoproj/argocd
    tag: v1.2.1
    pullPolicy: Always
  volumeMounts: []
  volumes: []

server:
  containerPort: 8080
  metricsPort: 8083
  servicePortHttp: 80
  servicePortHttps: 443
  serviceAnnotations: {}
  image:
    repository: argoproj/argocd
    tag: v1.2.1
    pullPolicy: Always
  serviceType: ClusterIP
  extraArgs: []
  volumeMounts: []
  # - name: ssh-known-hosts
  #   mountPath: /app/config/ssh
  volumes: []
  # - name: ssh-known-hosts
  #   configMap:
  #     name: argocd-ssh-known-hosts-cm
  annotations: {}

repoServer:
  containerPort: 8081
  servicePort: 8081
  image:
    repository: argoproj/argocd
    tag: v1.2.1
    pullPolicy: Always
  volumeMounts: []
  volumes: []

dexServer:
  containerPortHttp: 5556
  containerPortGrpc: 5557
  servicePortHttp: 5556
  servicePortGrpc: 5557
  image:
    repository: quay.io/dexidp/dex
    tag: v2.14.0
    pullPolicy: Always
  initImage:
    repository: argoproj/argocd
    tag: v1.2.1
    pullPolicy: Always
  volumeMounts: []
  volumes: []

# terminate tls at ArgoCD level
ingress:
  enabled: false
  annotations:
    {}
    # kubernetes.io/ingress.class: nginx
    # nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
    # nginx.ingress.kubernetes.io/ssl-passthrough: "true"
  path: /
  additionalHosts: []
  tls:
    # Secrets must be manually created in the namespace.
    # - secretName: chart-example-tls
    #   hosts:
    #     - chart-example.local

certificate:
  enabled: false
  issuer:
    kind: # ClusterIssuer
    name: # letsencrypt

clusterAdminAccess:
  enabled: true

config:
  createSecret: true
  enableAnonymousAccess: false
  resourceExclusions:
    # - apiGroups:
    #   - "*"
    #   kinds:
    #   - "*"
    #   clusters:
    #   - https://192.168.0.20
  helmRepositories:
    # - name: privateRepo
    #   url: http://chartmuseum.privatecloud.com
    #   usernameSecret:
    #     name: private-chartmuseum
    #     key: username
    #   passwordSecret:
    #     name: private-chartmuseum
    #     key: password
    # - name: incubator
    #   url: https://kubernetes-charts-incubator.storage.googleapis.com/
  repositories:
    # - url: git@gitlab.com:usersprivategroup/users-gitops-config.git
    #   sshPrivateKeySecret:
    #     key: privateKey
    #     name: argocd-dev-key
    # - url: git@gitlab.com:accountingprivategroup/accounting-gitops-config.git
    #   sshPrivateKeySecret:
    #     key: privateKey
    #     name: argocd-dev-key
  dexConfig:
    #   # Argo CD's externally facing base URL. Required for configuring SSO
    #   # url: https://argo-cd-demo.argoproj.io
    #
    #   # A dex connector configuration. See documentation on how to configure SSO:
    #   # https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/sso.md#2-configure-argo-cd-for-sso
    # connectors:
    #   # GitHub example
    #   - type: github
    #     id: github
    #     name: GitHub
    #     config:
    #       clientID: aabbccddeeff00112233
    #       clientSecret: $dex.github.clientSecret
    #       orgs:
    #       - name: your-github-org
    #         teams:
  url: # https://argocd.example.com/
  oidcConfig:
    # name: Okta
    # issuer: https://dev-123456.oktapreview.com
    # clientID: aaaabbbbccccddddeee
    # clientSecret: $oidc.okta.clientSecret
  # The following keys hold the shared secret for authenticating GitHub/GitLab/BitBucket webhook
  # events. To enable webhooks, configure one or more of the following keys with the shared git
  # provider webhook secret. The payload URL configured in the git provider should use the
  # /api/webhook endpoint of your Argo CD instance (e.g. https://argocd.example.com/api/webhook)
  webhook:
    githubSecret:
    gitlabSecret:
    bitbucketSecret:
  resourceCustomizations:
  #   certmanager.k8s.io/Certificate:
  #     health.lua: |
  #       hs = {}
  #       ...
  #       return hs
  configManagementPlugins:
    # - name: pluginName
    #   init:                          # Optional command to initialize application source directory
    #     command: ["sample command"]
    #     args: ["sample args"]
    #   generate:                      # Command to generate manifests YAML
    #     command: ["sample command"]
    #     args: ["sample args"]

rbac:
  #   # An RBAC policy .csv file containing additional policy and role definitions.
  #   # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md on how to write RBAC policies.
  #   policy.csv: |
  #     # Give all members of "my-org:team-alpha" the ability to sync apps in "my-project"
  #     p, my-org:team-alpha, applications, sync, my-project/*, allow
  #     # Make all members of "my-org:team-beta" admins
  #     g, my-org:team-beta, role:admin
  policyCsv: #|
  #   p, role:org-admin, applications, *, */*, allow
  #   p, role:org-admin, clusters, get, *, allow
  #   p, role:org-admin, repositories, get, *, allow
  #   p, role:org-admin, repositories, create, *, allow
  #   p, role:org-admin, repositories, update, *, allow
  #   p, role:org-admin, repositories, delete, *, allow
  #   g, your-github-org:your-team, role:org-admin
  policyDefault: #role:readonly
  scopes: #[groups]

redis:
  image:
    repository: redis
    tag: 5.0.3
    pullPolicy: Always
  containerPort: 6379
  servicePort: 6379