Disable dex (not yet functional) to save node capacity

2026-01-29 09:29:14 +01:00 · 2026-01-29 09:29:14 +01:00 · 95e86b2711
commit 95e86b2711
parent ce8865007c
2 changed files with 43 additions and 39 deletions
--- a/template/stacks/core/argocd/values.yaml
+++ b/template/stacks/core/argocd/values.yaml
@ -5,16 +5,18 @@ configs:
  params:
    server.insecure: true
  cm:
-    oidc.config: |
+    # This code never quite worked, always led to 503 errors
-      name: FORGEJO
+    # In theory it allows access to ArgoCD via OIDC through Forgejo
-      issuer: https://{{{ .Env.DOMAIN_DEX }}}
+    # oidc.config: |
-      clientID: controller-argocd-dex
+    #   name: FORGEJO
-      clientSecret: $dex-argo-client:clientSecret
+    #   issuer: https://{{{ .Env.DOMAIN_DEX }}}
-      requestedScopes:
+    #   clientID: controller-argocd-dex
-      - openid
+    #   clientSecret: $dex-argo-client:clientSecret
-      - profile
+    #   requestedScopes:
-      - email
+    #   - openid
-      - groups
+    #   - profile
    #   - email
    #   - groups
    application.resourceTrackingMethod: annotation
    timeout.reconciliation: 60s
    resource.exclusions: |
--- a/template/stacks/core/dex.yaml
+++ b/template/stacks/core/dex.yaml
@ -1,29 +1,31 @@
-apiVersion: argoproj.io/v1alpha1
+# NOTE Dex is disabled as it never quite worked, and was taking up pods which caused us to hit node capacity.
-kind: Application
+
-metadata:
+# apiVersion: argoproj.io/v1alpha1
-  name: dex
+# kind: Application
-  namespace: argocd
+# metadata:
-  labels:
+#   name: dex
-    env: dev
+#   namespace: argocd
-spec:
+#   labels:
-  project: default
+#     env: dev
-  syncPolicy:
+# spec:
-    automated:
+#   project: default
-      selfHeal: true
+#   syncPolicy:
-    syncOptions:
+#     automated:
-      - CreateNamespace=true
+#       selfHeal: true
-    retry:
+#     syncOptions:
-      limit: -1
+#       - CreateNamespace=true
-  destination:
+#     retry:
-    name: in-cluster
+#       limit: -1
-    namespace: dex
+#   destination:
-  sources:
+#     name: in-cluster
-    - repoURL: https://charts.dexidp.io
+#     namespace: dex
-      chart: dex
+#   sources:
-      targetRevision: 0.23.0
+#     - repoURL: https://charts.dexidp.io
-      helm:
+#       chart: dex
-        valueFiles:
+#       targetRevision: 0.23.0
-          - $values/{{{ .Env.CLIENT_REPO_ID }}}/{{{ .Env.DOMAIN }}}/stacks/core/dex/values.yaml
+#       helm:
-    - repoURL: https://{{{ .Env.CLIENT_REPO_DOMAIN }}}/{{{ .Env.CLIENT_REPO_ORG_NAME }}}
+#         valueFiles:
-      targetRevision: HEAD
+#           - $values/{{{ .Env.CLIENT_REPO_ID }}}/{{{ .Env.DOMAIN }}}/stacks/core/dex/values.yaml
-      ref: values
+#     - repoURL: https://{{{ .Env.CLIENT_REPO_DOMAIN }}}/{{{ .Env.CLIENT_REPO_ORG_NAME }}}
 #       targetRevision: HEAD
 #       ref: values