global:
  domain: argocd.edp.buildth.ing

configs:
  params:
    server.insecure: true
  cm:
    # This code never quite worked, always led to 503 errors
    # In theory it allows access to ArgoCD via OIDC through Forgejo
    # oidc.config: |
    #   name: FORGEJO
    #   issuer: https://dex.edp.buildth.ing
    #   clientID: controller-argocd-dex
    #   clientSecret: $dex-argo-client:clientSecret
    #   requestedScopes:
    #   - openid
    #   - profile
    #   - email
    #   - groups
    application.resourceTrackingMethod: annotation
    timeout.reconciliation: 60s
    resource.exclusions: |
      - apiGroups:
        - "*"
        kinds:
        - ProviderConfigUsage
      - apiGroups:
        - cilium.io
        kinds:
        - CiliumIdentity
        clusters:
        - "*"
    url: https://argocd.edp.buildth.ing
  rbac:
    policy.csv: 'g, DevFW, role:admin'

  tls:
    certificates:

notifications:
  enabled: false

dex:
  enabled: false