Automated upload for edp.buildth.ing

otc/edp.buildth.ing/stacks/core/argocd.yaml

@@ -23,7 +23,7 @@ spec:
       # TODO: RIRE Can be updated when https://github.com/argoproj/argo-cd/issues/20790 is fixed and merged
       # As logout make problems, it is suggested to switch from path based routing to an own argocd domain,
       # similar to the CNOE amazon reference implementation and in our case, Forgejo
-      targetRevision: argo-cd-7.8.28
+      targetRevision: argo-cd-9.1.5
       helm:
         valueFiles:
           - $values/otc/edp.buildth.ing/stacks/core/argocd/values.yaml
@@ -32,4 +32,4 @@ spec:
       ref: values
     - repoURL: https://observability.buildth.ing/DevFW-CICD/stacks-instances
       targetRevision: HEAD
-      path: "otc/edp.buildth.ing/stacks/core/argocd/manifests"
+      path: "otc/edp.buildth.ing/stacks/core/argocd/manifests"

otc/edp.buildth.ing/stacks/core/argocd/values.yaml

@@ -5,6 +5,18 @@ configs:
   params:
     server.insecure: true
   cm:
+    # This code never quite worked, always led to 503 errors
+    # In theory it allows access to ArgoCD via OIDC through Forgejo
+    # oidc.config: |
+    #   name: FORGEJO
+    #   issuer: https://dex.edp.buildth.ing
+    #   clientID: controller-argocd-dex
+    #   clientSecret: $dex-argo-client:clientSecret
+    #   requestedScopes:
+    #   - openid
+    #   - profile
+    #   - email
+    #   - groups
     application.resourceTrackingMethod: annotation
     timeout.reconciliation: 60s
     resource.exclusions: |
@@ -18,10 +30,9 @@ configs:
         - CiliumIdentity
         clusters:
         - "*"
-    accounts.provider-argocd: apiKey
     url: https://argocd.edp.buildth.ing
   rbac:
-    policy.csv: 'g, provider-argocd, role:admin'
+    policy.csv: 'g, DevFW, role:admin'
 
   tls:
     certificates:

otc/edp.buildth.ing/stacks/core/cloudnative-pg.yaml

@@ -0,0 +1,29 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: cloudnative-pg
+  namespace: argocd
+  labels:
+    env: dev
+spec:
+  project: default
+  syncPolicy:
+    automated:
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+    retry:
+      limit: -1
+  destination:
+    name: in-cluster
+    namespace: cloudnative-pg
+  sources:
+    - repoURL: https://cloudnative-pg.github.io/charts
+      chart: cloudnative-pg
+      targetRevision: 0.26.1
+      helm:
+        valueFiles:
+          - $values/otc/edp.buildth.ing/stacks/core/cloudnative-pg/values.yaml
+    - repoURL: https://observability.buildth.ing/DevFW-CICD/stacks-instances
+      targetRevision: HEAD
+      ref: values

otc/edp.buildth.ing/stacks/core/dex.yaml

@@ -1,29 +1,31 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: dex
-  namespace: argocd
-  labels:
-    env: dev
-spec:
-  project: default
-  syncPolicy:
-    automated:
-      selfHeal: true
-    syncOptions:
-      - CreateNamespace=true
-    retry:
-      limit: -1
-  destination:
-    name: in-cluster
-    namespace: dex
-  sources:
-    - repoURL: https://charts.dexidp.io
-      chart: dex
-      targetRevision: 0.23.0
-      helm:
-        valueFiles:
-          - $values/otc/edp.buildth.ing/stacks/core/dex/values.yaml
-    - repoURL: https://observability.buildth.ing/DevFW-CICD/stacks-instances
-      targetRevision: HEAD
-      ref: values
+# NOTE Dex is disabled as it never quite worked, and was taking up pods which caused us to hit node capacity.
+
+# apiVersion: argoproj.io/v1alpha1
+# kind: Application
+# metadata:
+#   name: dex
+#   namespace: argocd
+#   labels:
+#     env: dev
+# spec:
+#   project: default
+#   syncPolicy:
+#     automated:
+#       selfHeal: true
+#     syncOptions:
+#       - CreateNamespace=true
+#     retry:
+#       limit: -1
+#   destination:
+#     name: in-cluster
+#     namespace: dex
+#   sources:
+#     - repoURL: https://charts.dexidp.io
+#       chart: dex
+#       targetRevision: 0.23.0
+#       helm:
+#         valueFiles:
+#           - $values/otc/edp.buildth.ing/stacks/core/dex/values.yaml
+#     - repoURL: https://observability.buildth.ing/DevFW-CICD/stacks-instances
+#       targetRevision: HEAD
+#       ref: values

otc/edp.buildth.ing/stacks/core/dex/values.yaml

@@ -67,7 +67,7 @@ config:
     - id: controller-argocd-dex
       name: ArgoCD Client
       redirectURIs:
-        - "http://argocd.edp.buildth.ing/auth/callback"
+        - "https://argocd.edp.buildth.ing/auth/callback"
       secretEnv: "OIDC_DEX_ARGO_CLIENT_SECRET"
     - id: grafana
       redirectURIs: