-
Notifications
You must be signed in to change notification settings - Fork 1
/
terraform.tfstate
108 lines (108 loc) · 81.9 KB
/
terraform.tfstate
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
{
"version": 4,
"terraform_version": "1.0.0",
"serial": 8,
"lineage": "669966b6-f188-f8cc-fe59-f76ff9439bec",
"outputs": {},
"resources": [
{
"mode": "managed",
"type": "helm_release",
"name": "argo_cd_release",
"provider": "provider[\"registry.terraform.io/hashicorp/helm\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"atomic": false,
"chart": "argo-cd",
"cleanup_on_fail": false,
"create_namespace": false,
"dependency_update": false,
"description": null,
"devel": null,
"disable_crd_hooks": false,
"disable_openapi_validation": false,
"disable_webhooks": false,
"force_update": false,
"id": "argo-cd",
"keyring": null,
"lint": false,
"manifest": null,
"max_history": 0,
"metadata": [
{
"app_version": "v2.2.5",
"chart": "argo-cd",
"name": "argo-cd",
"namespace": "my-playground",
"revision": 3,
"values": "{\"apiVersionOverrides\":{\"certmanager\":\"\",\"ingress\":\"\"},\"configs\":{\"clusterCredentials\":[],\"credentialTemplates\":{},\"gpgKeys\":{},\"gpgKeysAnnotations\":{},\"knownHosts\":{\"data\":{\"ssh_known_hosts\":\"bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==\\ngithub.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=\\ngithub.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl\\ngithub.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\\ngitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=\\ngitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf\\ngitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9\\nssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H\\nvs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H\\n\"}},\"knownHostsAnnotations\":{},\"repositories\":{},\"repositoryCredentials\":{},\"secret\":{\"annotations\":{},\"argocdServerAdminPassword\":\"\",\"argocdServerAdminPasswordMtime\":\"\",\"argocdServerTlsConfig\":{},\"bitbucketServerSecret\":\"\",\"bitbucketUUID\":\"\",\"createSecret\":true,\"extra\":{},\"githubSecret\":\"\",\"gitlabSecret\":\"\",\"gogsSecret\":\"\"},\"styles\":\"\",\"tlsCerts\":{},\"tlsCertsAnnotations\":{}},\"controller\":{\"affinity\":{},\"args\":{\"appResyncPeriod\":\"180\",\"operationProcessors\":\"10\",\"repoServerTimeoutSeconds\":\"60\",\"selfHealTimeout\":\"5\",\"statusProcessors\":\"20\"},\"clusterAdminAccess\":{\"enabled\":true},\"clusterRoleRules\":{\"enabled\":false,\"rules\":[]},\"containerPort\":8082,\"containerSecurityContext\":{},\"enableStatefulSet\":false,\"env\":[],\"envFrom\":[],\"extraArgs\":[],\"extraContainers\":[],\"image\":{\"imagePullPolicy\":\"\",\"repository\":\"\",\"tag\":\"\"},\"initContainers\":[],\"livenessProbe\":{\"failureThreshold\":3,\"initialDelaySeconds\":10,\"periodSeconds\":10,\"successThreshold\":1,\"timeoutSeconds\":1},\"logFormat\":\"text\",\"logLevel\":\"info\",\"metrics\":{\"applicationLabels\":{\"enabled\":false,\"labels\":{}},\"enabled\":false,\"rules\":{\"enabled\":false,\"spec\":[]},\"service\":{\"annotations\":{},\"labels\":{},\"servicePort\":8082},\"serviceMonitor\":{\"additionalLabels\":{},\"enabled\":false,\"interval\":\"30s\",\"metricRelabelings\":[],\"namespace\":\"\",\"relabelings\":[],\"selector\":{}}},\"name\":\"application-controller\",\"nodeSelector\":{},\"pdb\":{\"annotations\":{},\"enabled\":false,\"labels\":{}},\"podAnnotations\":{},\"podLabels\":{},\"priorityClassName\":\"\",\"readinessProbe\":{\"failureThreshold\":3,\"initialDelaySeconds\":10,\"periodSeconds\":10,\"successThreshold\":1,\"timeoutSeconds\":1},\"replicas\":1,\"resources\":{},\"service\":{\"annotations\":{},\"labels\":{},\"port\":8082,\"portName\":\"https-controller\"},\"serviceAccount\":{\"annotations\":{},\"automountServiceAccountToken\":true,\"create\":true,\"name\":\"argocd-application-controller\"},\"tolerations\":[],\"topologySpreadConstraints\":[],\"volumeMounts\":[],\"volumes\":[]},\"createAggregateRoles\":false,\"dex\":{\"affinity\":{},\"containerPortGrpc\":5557,\"containerPortHttp\":5556,\"containerPortMetrics\":5558,\"containerSecurityContext\":{},\"enabled\":true,\"env\":[],\"envFrom\":[],\"extraArgs\":[],\"extraContainers\":[],\"extraVolumeMounts\":[],\"extraVolumes\":[],\"image\":{\"imagePullPolicy\":\"IfNotPresent\",\"repository\":\"ghcr.io/dexidp/dex\",\"tag\":\"v2.30.0\"},\"initContainers\":[],\"initImage\":{\"imagePullPolicy\":\"\",\"repository\":\"\",\"tag\":\"\"},\"livenessProbe\":{\"enabled\":false,\"failureThreshold\":3,\"initialDelaySeconds\":10,\"periodSeconds\":10,\"successThreshold\":1,\"timeoutSeconds\":1},\"metrics\":{\"enabled\":false,\"service\":{\"annotations\":{},\"labels\":{}},\"serviceMonitor\":{\"additionalLabels\":{},\"enabled\":false,\"interval\":\"30s\",\"metricRelabelings\":[],\"namespace\":\"\",\"relabelings\":[],\"selector\":{}}},\"name\":\"dex-server\",\"nodeSelector\":{},\"pdb\":{\"annotations\":{},\"enabled\":false,\"labels\":{}},\"podAnnotations\":{},\"podLabels\":{},\"priorityClassName\":\"\",\"readinessProbe\":{\"enabled\":false,\"failureThreshold\":3,\"initialDelaySeconds\":10,\"periodSeconds\":10,\"successThreshold\":1,\"timeoutSeconds\":1},\"resources\":{},\"serviceAccount\":{\"annotations\":{},\"automountServiceAccountToken\":true,\"create\":true,\"name\":\"argocd-dex-server\"},\"servicePortGrpc\":5557,\"servicePortGrpcName\":\"grpc\",\"servicePortHttp\":5556,\"servicePortHttpName\":\"http\",\"servicePortMetrics\":5558,\"tolerations\":[],\"topologySpreadConstraints\":[],\"volumeMounts\":[{\"mountPath\":\"/shared\",\"name\":\"static-files\"}],\"volumes\":[{\"emptyDir\":{},\"name\":\"static-files\"}]},\"extraObjects\":[],\"fullnameOverride\":\"\",\"global\":{\"additionalLabels\":{},\"hostAliases\":[],\"image\":{\"imagePullPolicy\":\"IfNotPresent\",\"repository\":\"quay.io/argoproj/argocd\",\"tag\":\"\"},\"imagePullSecrets\":[],\"networkPolicy\":{\"create\":false,\"defaultDenyIngress\":false},\"podAnnotations\":{},\"podLabels\":{},\"securityContext\":{}},\"kubeVersionOverride\":\"\",\"nameOverride\":\"argocd\",\"openshift\":{\"enabled\":false},\"redis\":{\"affinity\":{},\"containerPort\":6379,\"containerSecurityContext\":{},\"enabled\":true,\"env\":[],\"envFrom\":[],\"extraArgs\":[],\"extraContainers\":[],\"image\":{\"imagePullPolicy\":\"IfNotPresent\",\"repository\":\"redis\",\"tag\":\"6.2.6-alpine\"},\"initContainers\":[],\"metrics\":{\"containerPort\":9121,\"enabled\":false,\"image\":{\"imagePullPolicy\":\"IfNotPresent\",\"repository\":\"quay.io/bitnami/redis-exporter\",\"tag\":\"1.26.0-debian-10-r2\"},\"resources\":{},\"service\":{\"annotations\":{},\"clusterIP\":\"None\",\"labels\":{},\"portName\":\"http-metrics\",\"servicePort\":9121,\"type\":\"ClusterIP\"},\"serviceMonitor\":{\"additionalLabels\":{},\"enabled\":false,\"interval\":\"30s\",\"metricRelabelings\":[],\"namespace\":\"\",\"relabelings\":[],\"selector\":{}}},\"name\":\"redis\",\"nodeSelector\":{},\"pdb\":{\"annotations\":{},\"enabled\":false,\"labels\":{}},\"podAnnotations\":{},\"podLabels\":{},\"priorityClassName\":\"\",\"resources\":{},\"securityContext\":{\"runAsNonRoot\":true,\"runAsUser\":999},\"service\":{\"annotations\":{},\"labels\":{}},\"serviceAccount\":{\"annotations\":{},\"automountServiceAccountToken\":false,\"create\":false,\"name\":\"\"},\"servicePort\":6379,\"tolerations\":[],\"topologySpreadConstraints\":[],\"volumeMounts\":[],\"volumes\":[]},\"redis-ha\":{\"enabled\":false,\"exporter\":{\"enabled\":true},\"haproxy\":{\"enabled\":true,\"metrics\":{\"enabled\":true}},\"image\":{\"tag\":\"6.2.6-alpine\"},\"persistentVolume\":{\"enabled\":false},\"redis\":{\"config\":{\"save\":\"\\\"\\\"\"},\"masterGroupName\":\"argocd\"}},\"repoServer\":{\"affinity\":{},\"autoscaling\":{\"enabled\":false,\"maxReplicas\":5,\"minReplicas\":1,\"targetCPUUtilizationPercentage\":50,\"targetMemoryUtilizationPercentage\":50},\"clusterAdminAccess\":{\"enabled\":false},\"clusterRoleRules\":{\"enabled\":false,\"rules\":[]},\"containerPort\":8081,\"containerSecurityContext\":{},\"copyutil\":{\"resources\":{}},\"env\":[],\"envFrom\":[],\"extraArgs\":[],\"extraContainers\":[],\"image\":{\"imagePullPolicy\":\"\",\"repository\":\"\",\"tag\":\"\"},\"initContainers\":[],\"livenessProbe\":{\"failureThreshold\":3,\"initialDelaySeconds\":10,\"periodSeconds\":10,\"successThreshold\":1,\"timeoutSeconds\":1},\"logFormat\":\"text\",\"logLevel\":\"info\",\"metrics\":{\"enabled\":false,\"service\":{\"annotations\":{},\"labels\":{},\"servicePort\":8084},\"serviceMonitor\":{\"additionalLabels\":{},\"enabled\":false,\"interval\":\"30s\",\"metricRelabelings\":[],\"namespace\":\"\",\"relabelings\":[],\"selector\":{}}},\"name\":\"repo-server\",\"nodeSelector\":{},\"pdb\":{\"annotations\":{},\"enabled\":false,\"labels\":{}},\"podAnnotations\":{},\"podLabels\":{},\"priorityClassName\":\"\",\"rbac\":[],\"readinessProbe\":{\"failureThreshold\":3,\"initialDelaySeconds\":10,\"periodSeconds\":10,\"successThreshold\":1,\"timeoutSeconds\":1},\"replicas\":1,\"resources\":{},\"service\":{\"annotations\":{},\"labels\":{},\"port\":8081,\"portName\":\"https-repo-server\"},\"serviceAccount\":{\"annotations\":{},\"automountServiceAccountToken\":true,\"create\":false,\"name\":\"\"},\"tolerations\":[],\"topologySpreadConstraints\":[],\"volumeMounts\":[],\"volumes\":[]},\"server\":{\"GKEbackendConfig\":{\"enabled\":false,\"spec\":{}},\"GKEfrontendConfig\":{\"enabled\":false,\"spec\":{}},\"GKEmanagedCertificate\":{\"domains\":[\"argocd.example.com\"],\"enabled\":false},\"additionalApplications\":[{\"destination\":{\"namespace\":\"my-playground\",\"server\":\"https://kubernetes.default.svc\"},\"name\":\"flink\",\"namespace\":\"my-playground\",\"project\":\"flink\",\"source\":{\"path\":\"helm-chart\",\"repoURL\":\"https://github.com/my-playground/flink-operator.git\",\"targetRevision\":\"HEAD\"}}],\"additionalProjects\":[{\"description\":\"My Playground\",\"destinations\":[{\"namespace\":\"my-playground\",\"server\":\"https://kubernetes.default.svc\"}],\"name\":\"my-playground\",\"namespace\":\"my-playground\",\"sourceRepos\":[\"*\"]}],\"affinity\":{},\"autoscaling\":{\"enabled\":false,\"maxReplicas\":5,\"minReplicas\":1,\"targetCPUUtilizationPercentage\":50,\"targetMemoryUtilizationPercentage\":50},\"certificate\":{\"additionalHosts\":[],\"domain\":\"argocd.example.com\",\"enabled\":false,\"issuer\":{\"kind\":null,\"name\":null},\"secretName\":\"argocd-server-tls\"},\"clusterAdminAccess\":{\"enabled\":true},\"config\":{\"application.instanceLabelKey\":\"argocd.argoproj.io/instance\",\"url\":\"https://argocd.example.com\"},\"configAnnotations\":{},\"configEnabled\":true,\"containerPort\":8080,\"containerSecurityContext\":{},\"env\":[],\"envFrom\":[],\"extensions\":{\"contents\":[],\"enabled\":false,\"image\":{\"imagePullPolicy\":\"IfNotPresent\",\"repository\":\"ghcr.io/argoproj-labs/argocd-extensions\",\"tag\":\"v0.1.0\"},\"resources\":{}},\"extraArgs\":[],\"extraContainers\":[],\"image\":{\"imagePullPolicy\":\"\",\"repository\":\"\",\"tag\":\"\"},\"ingress\":{\"annotations\":{},\"enabled\":false,\"extraPaths\":[],\"hosts\":[],\"https\":false,\"ingressClassName\":\"\",\"labels\":{},\"pathType\":\"Prefix\",\"paths\":[\"/\"],\"tls\":[]},\"ingressGrpc\":{\"annotations\":{},\"awsALB\":{\"backendProtocolVersion\":\"HTTP2\",\"serviceType\":\"NodePort\"},\"enabled\":false,\"extraPaths\":[],\"hosts\":[],\"https\":false,\"ingressClassName\":\"\",\"isAWSALB\":false,\"labels\":{},\"pathType\":\"Prefix\",\"paths\":[\"/\"],\"tls\":[]},\"initContainers\":[],\"lifecycle\":{},\"livenessProbe\":{\"failureThreshold\":3,\"initialDelaySeconds\":10,\"periodSeconds\":10,\"successThreshold\":1,\"timeoutSeconds\":1},\"logFormat\":\"text\",\"logLevel\":\"info\",\"metrics\":{\"enabled\":false,\"service\":{\"annotations\":{},\"labels\":{},\"servicePort\":8083},\"serviceMonitor\":{\"additionalLabels\":{},\"enabled\":false,\"interval\":\"30s\",\"metricRelabelings\":[],\"namespace\":\"\",\"relabelings\":[],\"selector\":{}}},\"name\":\"server\",\"nodeSelector\":{},\"pdb\":{\"annotations\":{},\"enabled\":false,\"labels\":{}},\"podAnnotations\":{},\"podLabels\":{},\"priorityClassName\":\"\",\"rbacConfig\":{},\"rbacConfigAnnotations\":{},\"rbacConfigCreate\":true,\"readinessProbe\":{\"failureThreshold\":3,\"initialDelaySeconds\":10,\"periodSeconds\":10,\"successThreshold\":1,\"timeoutSeconds\":1},\"replicas\":1,\"resources\":{},\"route\":{\"annotations\":{},\"enabled\":false,\"hostname\":\"\",\"termination_policy\":\"None\",\"termination_type\":\"passthrough\"},\"service\":{\"annotations\":{},\"externalIPs\":[],\"externalTrafficPolicy\":\"\",\"labels\":{},\"loadBalancerIP\":\"\",\"loadBalancerSourceRanges\":[],\"namedTargetPort\":true,\"nodePortHttp\":30080,\"nodePortHttps\":30443,\"servicePortHttp\":80,\"servicePortHttpName\":\"http\",\"servicePortHttps\":443,\"servicePortHttpsName\":\"https\",\"sessionAffinity\":\"\",\"type\":\"ClusterIP\"},\"serviceAccount\":{\"annotations\":{},\"automountServiceAccountToken\":true,\"create\":true,\"name\":\"argocd-server\"},\"staticAssets\":{\"enabled\":true},\"tolerations\":[],\"topologySpreadConstraints\":[],\"volumeMounts\":[],\"volumes\":[]}}",
"version": "3.35.0"
}
],
"name": "argo-cd",
"namespace": "my-playground",
"postrender": [],
"recreate_pods": false,
"render_subchart_notes": true,
"replace": false,
"repository": "https://argoproj.github.io/argo-helm",
"repository_ca_file": null,
"repository_cert_file": null,
"repository_key_file": null,
"repository_password": null,
"repository_username": null,
"reset_values": false,
"reuse_values": false,
"set": [],
"set_sensitive": [],
"skip_crds": false,
"status": "deployed",
"timeout": 300,
"values": [
"## ArgoCD configuration\n## Ref: https://github.com/argoproj/argo-cd\n##\n\n# -- Provide a name in place of `argocd`\nnameOverride: argocd\n# -- String to fully override `\"argo-cd.fullname\"`\nfullnameOverride: \"\"\n# -- Override the Kubernetes version, which is used to evaluate certain manifests\nkubeVersionOverride: \"\"\n\nglobal:\n image:\n # -- If defined, a repository applied to all ArgoCD deployments\n repository: quay.io/argoproj/argocd\n # -- Overrides the global ArgoCD image tag whose default is the chart appVersion\n tag: \"\"\n # -- If defined, a imagePullPolicy applied to all ArgoCD deployments\n imagePullPolicy: IfNotPresent\n # -- Annotations for the all deployed pods\n podAnnotations: {}\n # -- Labels for the all deployed pods\n podLabels: {}\n # -- Toggle and define securityContext. See [values.yaml]\n securityContext: {}\n # runAsUser: 999\n # runAsGroup: 999\n # fsGroup: 999\n\n # -- If defined, uses a Secret to pull an image from a private Docker registry or repository\n imagePullSecrets: []\n # -- Mapping between IP and hostnames that will be injected as entries in the pod's hosts files\n hostAliases: []\n # - ip: 10.20.30.40\n # hostnames:\n # - git.myhostname\n\n # -- Additional labels to add to all resources\n additionalLabels: {}\n # app: argo-cd\n\n networkPolicy:\n # -- Create NetworkPolicy objects for all components\n create: false\n # -- Default deny all ingress traffic\n defaultDenyIngress: false\n\n# Override APIVersions\n# If you want to template helm charts but cannot access k8s API server\n# you can set api versions here\napiVersionOverrides:\n # -- String to override apiVersion of certmanager resources rendered by this helm chart\n certmanager: \"\" # cert-manager.io/v1\n # -- String to override apiVersion of ingresses rendered by this helm chart\n ingress: \"\" # networking.k8s.io/v1beta1\n\n# -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds\n## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles\ncreateAggregateRoles: false\n\n# -- Array of extra K8s manifests to deploy\nextraObjects: []\n # - apiVersion: secrets-store.csi.x-k8s.io/v1\n # kind: SecretProviderClass\n # metadata:\n # name: argocd-secrets-store\n # spec:\n # provider: aws\n # parameters:\n # objects: |\n # - objectName: \"argocd\"\n # objectType: \"secretsmanager\"\n # jmesPath:\n # - path: \"client_id\"\n # objectAlias: \"client_id\"\n # - path: \"client_secret\"\n # objectAlias: \"client_secret\"\n # secretObjects:\n # - data:\n # - key: client_id\n # objectName: client_id\n # - key: client_secret\n # objectName: client_secret\n # secretName: argocd-secrets-store\n # type: Opaque\n # labels:\n # app.kubernetes.io/part-of: argocd\n\n## Controller\ncontroller:\n # -- Application controller name string\n name: application-controller\n\n image:\n # -- Repository to use for the application controller\n # @default -- `\"\"` (defaults to global.image.repository)\n repository: \"\"\n # -- Tag to use for the application controller\n # @default -- `\"\"` (defaults to global.image.tag)\n tag: \"\"\n # -- Image pull policy for the application controller\n # @default -- `\"\"` (defaults to global.image.imagePullPolicy)\n imagePullPolicy: \"\"\n\n # -- The number of application controller pods to run.\n # If changing the number of replicas you must pass the number as `ARGOCD_CONTROLLER_REPLICAS` as an environment variable\n replicas: 1\n\n # -- Deploy the application controller as a StatefulSet instead of a Deployment, this is required for HA capability.\n # This is a feature flag that will become the default in chart version 3.x\n enableStatefulSet: false\n\n ## Application controller commandline flags\n args:\n # -- define the application controller `--status-processors`\n statusProcessors: \"20\"\n # -- define the application controller `--operation-processors`\n operationProcessors: \"10\"\n # -- define the application controller `--app-resync`\n appResyncPeriod: \"180\"\n # -- define the application controller `--self-heal-timeout-seconds`\n selfHealTimeout: \"5\"\n # -- define the application controller `--repo-server-timeout-seconds`\n repoServerTimeoutSeconds: \"60\"\n\n # -- Application controller log format. Either `text` or `json`\n logFormat: text\n # -- Application controller log level\n logLevel: info\n\n # -- Additional command line arguments to pass to application controller\n extraArgs: []\n\n # -- Environment variables to pass to application controller\n env:\n []\n # - name: \"ARGOCD_CONTROLLER_REPLICAS\"\n # value: \"\"\n\n # -- envFrom to pass to application controller\n # @default -- `[]` (See [values.yaml])\n envFrom: []\n # - configMapRef:\n # name: config-map-name\n # - secretRef:\n # name: secret-name\n\n # -- Annotations to be added to application controller pods\n podAnnotations: {}\n\n # -- Labels to be added to application controller pods\n podLabels: {}\n\n # -- Application controller container-level security context\n containerSecurityContext:\n {}\n # capabilities:\n # drop:\n # - all\n # readOnlyRootFilesystem: true\n # runAsNonRoot: true\n\n # -- Application controller listening port\n containerPort: 8082\n\n ## Readiness and liveness probes for default backend\n ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/\n ##\n readinessProbe:\n # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded\n failureThreshold: 3\n # -- Number of seconds after the container has started before [probe] is initiated\n initialDelaySeconds: 10\n # -- How often (in seconds) to perform the [probe]\n periodSeconds: 10\n # -- Minimum consecutive successes for the [probe] to be considered successful after having failed\n successThreshold: 1\n # -- Number of seconds after which the [probe] times out\n timeoutSeconds: 1\n livenessProbe:\n # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded\n failureThreshold: 3\n # -- Number of seconds after the container has started before [probe] is initiated\n initialDelaySeconds: 10\n # -- How often (in seconds) to perform the [probe]\n periodSeconds: 10\n # -- Minimum consecutive successes for the [probe] to be considered successful after having failed\n successThreshold: 1\n # -- Number of seconds after which the [probe] times out\n timeoutSeconds: 1\n\n # -- Additional volumeMounts to the application controller main container\n volumeMounts: []\n\n # -- Additional volumes to the application controller pod\n volumes: []\n\n ## Controller service configuration\n service:\n # -- Application controller service annotations\n annotations: {}\n # -- Application controller service labels\n labels: {}\n # -- Application controller service port\n port: 8082\n # -- Application controller service port name\n portName: https-controller\n\n # -- [Node selector]\n nodeSelector: {}\n # -- [Tolerations] for use with node taints\n tolerations: []\n # -- Assign custom [affinity] rules to the deployment\n affinity: {}\n\n # -- Assign custom [TopologySpreadConstraints] rules to the application controller\n ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/\n ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment\n topologySpreadConstraints: []\n # - maxSkew: 1\n # topologyKey: topology.kubernetes.io/zone\n # whenUnsatisfiable: DoNotSchedule\n\n # -- Priority class for the application controller pods\n priorityClassName: \"\"\n\n # -- Resource limits and requests for the application controller pods\n resources: {}\n # limits:\n # cpu: 500m\n # memory: 512Mi\n # requests:\n # cpu: 250m\n # memory: 256Mi\n\n serviceAccount:\n # -- Create a service account for the application controller\n create: true\n # -- Service account name\n name: argocd-application-controller\n # -- Annotations applied to created service account\n annotations: {}\n # -- Automount API credentials for the Service Account\n automountServiceAccountToken: true\n\n ## Application controller metrics configuration\n metrics:\n # -- Deploy metrics service\n enabled: false\n applicationLabels:\n # -- Enables additional labels in argocd_app_labels metric\n enabled: false\n # -- Additional labels\n labels: {}\n service:\n # -- Metrics service annotations\n annotations: {}\n # -- Metrics service labels\n labels: {}\n # -- Metrics service port\n servicePort: 8082\n serviceMonitor:\n # -- Enable a prometheus ServiceMonitor\n enabled: false\n # -- Prometheus ServiceMonitor interval\n interval: 30s\n # -- Prometheus [RelabelConfigs] to apply to samples before scraping\n relabelings: []\n # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion\n metricRelabelings: []\n # -- Prometheus ServiceMonitor selector\n selector: {}\n # prometheus: kube-prometheus\n\n # -- Prometheus ServiceMonitor namespace\n namespace: \"\" # \"monitoring\"\n # -- Prometheus ServiceMonitor labels\n additionalLabels: {}\n rules:\n # -- Deploy a PrometheusRule for the application controller\n enabled: false\n # -- PrometheusRule.Spec for the application controller\n spec: []\n # - alert: ArgoAppMissing\n # expr: |\n # absent(argocd_app_info)\n # for: 15m\n # labels:\n # severity: critical\n # annotations:\n # summary: \"[ArgoCD] No reported applications\"\n # description: \u003e\n # ArgoCD has not reported any applications data for the past 15 minutes which\n # means that it must be down or not functioning properly. This needs to be\n # resolved for this cloud to continue to maintain state.\n # - alert: ArgoAppNotSynced\n # expr: |\n # argocd_app_info{sync_status!=\"Synced\"} == 1\n # for: 12h\n # labels:\n # severity: warning\n # annotations:\n # summary: \"[{{`{{$labels.name}}`}}] Application not synchronized\"\n # description: \u003e\n # The application [{{`{{$labels.name}}`}} has not been synchronized for over\n # 12 hours which means that the state of this cloud has drifted away from the\n # state inside Git.\n # selector:\n # prometheus: kube-prometheus\n # namespace: monitoring\n # additionalLabels: {}\n\n ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster.\n clusterAdminAccess:\n # -- Enable RBAC for local cluster deployments\n enabled: true\n\n ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource.\n ## Defaults to off\n clusterRoleRules:\n # -- Enable custom rules for the application controller's ClusterRole resource\n enabled: false\n # -- List of custom rules for the application controller's ClusterRole resource\n rules: []\n\n # -- Additional containers to be added to the application controller pod\n extraContainers: []\n\n # -- Init containers to add to the application controller pod\n ## If your target Kubernetes cluster(s) require a custom auth provider executable\n ## you could use this (and the same in the server pod) to bootstrap\n ## that executable into your ArgoCD container\n initContainers: []\n # - name: download-tools\n # image: alpine:3.8\n # command: [sh, -c]\n # args:\n # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - \u0026\u0026\n # mv linux-amd64/helm /custom-tools/\n # volumeMounts:\n # - mountPath: /custom-tools\n # name: custom-tools\n # volumeMounts:\n # - mountPath: /usr/local/bin/helm\n # name: custom-tools\n # subPath: helm\n\n pdb:\n # -- Labels to be added to application controller pdb\n labels: {}\n # -- Annotations to be added to application controller pdb\n annotations: {}\n\n # -- Deploy a Poddisruptionbudget for the application controller\n enabled: false\n # minAvailable: 1\n # maxUnavailable: 0\n\n## Dex\ndex:\n # -- Enable dex\n enabled: true\n # -- Dex name\n name: dex-server\n\n # -- Additional command line arguments to pass to the Dex server\n extraArgs: []\n\n metrics:\n # -- Deploy metrics service\n enabled: false\n service:\n # -- Metrics service annotations\n annotations: {}\n # -- Metrics service labels\n labels: {}\n serviceMonitor:\n # -- Enable a prometheus ServiceMonitor\n enabled: false\n # -- Prometheus ServiceMonitor interval\n interval: 30s\n # -- Prometheus [RelabelConfigs] to apply to samples before scraping\n relabelings: []\n # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion\n metricRelabelings: []\n # -- Prometheus ServiceMonitor selector\n selector: {}\n # prometheus: kube-prometheus\n\n # -- Prometheus ServiceMonitor namespace\n namespace: \"\" # \"monitoring\"\n # -- Prometheus ServiceMonitor labels\n additionalLabels: {}\n\n image:\n # -- Dex image repository\n repository: ghcr.io/dexidp/dex\n # -- Dex image tag\n tag: v2.30.0\n # -- Dex imagePullPolicy\n imagePullPolicy: IfNotPresent\n initImage:\n # -- Argo CD init image repository\n # @default -- `\"\"` (defaults to global.image.repository)\n repository: \"\"\n # -- Argo CD init image tag\n # @default -- `\"\"` (defaults to global.image.tag)\n tag: \"\"\n # -- Argo CD init image imagePullPolicy\n # @default -- `\"\"` (defaults to global.image.imagePullPolicy)\n imagePullPolicy: \"\"\n\n # -- Environment variables to pass to the Dex server\n env: []\n\n # -- envFrom to pass to the Dex server\n # @default -- `[]` (See [values.yaml])\n envFrom: []\n # - configMapRef:\n # name: config-map-name\n # - secretRef:\n # name: secret-name\n\n # -- Annotations to be added to the Dex server pods\n podAnnotations: {}\n\n # -- Labels to be added to the Dex server pods\n podLabels: {}\n\n ## Probes for Dex server\n ## Supported from Dex \u003e= 2.28.0\n livenessProbe:\n # -- Enable Kubernetes liveness probe for Dex \u003e= 2.28.0\n enabled: false\n # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded\n failureThreshold: 3\n # -- Number of seconds after the container has started before [probe] is initiated\n initialDelaySeconds: 10\n # -- How often (in seconds) to perform the [probe]\n periodSeconds: 10\n # -- Minimum consecutive successes for the [probe] to be considered successful after having failed\n successThreshold: 1\n # -- Number of seconds after which the [probe] times out\n timeoutSeconds: 1\n readinessProbe:\n # -- Enable Kubernetes readiness probe for Dex \u003e= 2.28.0\n enabled: false\n # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded\n failureThreshold: 3\n # -- Number of seconds after the container has started before [probe] is initiated\n initialDelaySeconds: 10\n # -- How often (in seconds) to perform the [probe]\n periodSeconds: 10\n # -- Minimum consecutive successes for the [probe] to be considered successful after having failed\n successThreshold: 1\n # -- Number of seconds after which the [probe] times out\n timeoutSeconds: 1\n\n serviceAccount:\n # -- Create dex service account\n create: true\n # -- Dex service account name\n name: argocd-dex-server\n # -- Annotations applied to created service account\n annotations: {}\n # -- Automount API credentials for the Service Account\n automountServiceAccountToken: true\n\n # -- Additional volumeMounts to the dex main container\n volumeMounts:\n - name: static-files\n mountPath: /shared\n\n # -- Additional volumes to the dex pod\n volumes:\n - name: static-files\n emptyDir: {}\n\n # -- Extra volumes to the dex pod\n extraVolumes: []\n\n # -- Extra volumeMounts to the dex pod\n extraVolumeMounts: []\n\n # -- Container port for HTTP access\n containerPortHttp: 5556\n # -- Service port for HTTP access\n servicePortHttp: 5556\n # -- Service port name for HTTP access\n servicePortHttpName: http\n # -- Container port for gRPC access\n containerPortGrpc: 5557\n # -- Service port for gRPC access\n servicePortGrpc: 5557\n # -- Service port name for gRPC access\n servicePortGrpcName: grpc\n # -- Container port for metrics access\n containerPortMetrics: 5558\n # -- Service port for metrics access\n servicePortMetrics: 5558\n\n # -- [Node selector]\n nodeSelector: {}\n # -- [Tolerations] for use with node taints\n tolerations: []\n # -- Assign custom [affinity] rules to the deployment\n affinity: {}\n\n # -- Assign custom [TopologySpreadConstraints] rules to dex\n ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/\n ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment\n topologySpreadConstraints: []\n # - maxSkew: 1\n # topologyKey: topology.kubernetes.io/zone\n # whenUnsatisfiable: DoNotSchedule\n\n # -- Priority class for dex\n priorityClassName: \"\"\n\n # -- Dex container-level security context\n containerSecurityContext:\n {}\n # capabilities:\n # drop:\n # - all\n # readOnlyRootFilesystem: true\n\n# -- Resource limits and requests for dex\n resources: {}\n # limits:\n # cpu: 50m\n # memory: 64Mi\n # requests:\n # cpu: 10m\n # memory: 32Mi\n\n # -- Additional containers to be added to the dex pod\n extraContainers: []\n\n # -- Init containers to add to the dex pod\n initContainers: []\n # - name: download-tools\n # image: alpine:3.8\n # command: [sh, -c]\n # args:\n # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - \u0026\u0026\n # mv linux-amd64/helm /custom-tools/\n # volumeMounts:\n # - mountPath: /custom-tools\n # name: custom-tools\n # volumeMounts:\n # - mountPath: /usr/local/bin/helm\n # name: custom-tools\n # subPath: helm\n\n pdb:\n # -- Labels to be added to Dex server pdb\n labels: {}\n # -- Annotations to be added to Dex server pdb\n annotations: {}\n\n # -- Deploy a Poddisruptionbudget for the Dex server\n enabled: false\n # minAvailable: 1\n # maxUnavailable: 0\n\n## Redis\nredis:\n # -- Enable redis\n enabled: true\n # -- Redis name\n name: redis\n\n image:\n # -- Redis repository\n repository: redis\n # -- Redis tag\n tag: 6.2.6-alpine\n # -- Redis imagePullPolicy\n imagePullPolicy: IfNotPresent\n\n # -- Additional command line arguments to pass to redis-server\n extraArgs: []\n # - --bind\n # - \"0.0.0.0\"\n\n # -- Redis container port\n containerPort: 6379\n # -- Redis service port\n servicePort: 6379\n\n # -- Environment variables to pass to the Redis server\n env: []\n\n # -- envFrom to pass to the Redis server\n # @default -- `[]` (See [values.yaml])\n envFrom: []\n # - configMapRef:\n # name: config-map-name\n # - secretRef:\n # name: secret-name\n\n # -- Annotations to be added to the Redis server pods\n podAnnotations: {}\n\n # -- Labels to be added to the Redis server pods\n podLabels: {}\n\n # -- [Node selector]\n nodeSelector: {}\n # -- [Tolerations] for use with node taints\n tolerations: []\n # -- Assign custom [affinity] rules to the deployment\n affinity: {}\n\n # -- Assign custom [TopologySpreadConstraints] rules to redis\n ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/\n ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment\n topologySpreadConstraints: []\n # - maxSkew: 1\n # topologyKey: topology.kubernetes.io/zone\n # whenUnsatisfiable: DoNotSchedule\n\n # -- Priority class for redis\n priorityClassName: \"\"\n\n # -- Redis container-level security context\n containerSecurityContext:\n {}\n # capabilities:\n # drop:\n # - all\n # readOnlyRootFilesystem: true\n\n # -- Redis pod-level security context\n securityContext:\n runAsNonRoot: true\n runAsUser: 999\n\n serviceAccount:\n # -- Create a service account for the redis pod\n create: false\n # -- Service account name for redis pod\n name: \"\"\n # -- Annotations applied to created service account\n annotations: {}\n # -- Automount API credentials for the Service Account\n automountServiceAccountToken: false\n\n # -- Resource limits and requests for redis\n resources: {}\n # limits:\n # cpu: 200m\n # memory: 128Mi\n # requests:\n # cpu: 100m\n # memory: 64Mi\n\n # -- Additional volumeMounts to the redis container\n volumeMounts: []\n # -- Additional volumes to the redis pod\n volumes: []\n\n # -- Additional containers to be added to the redis pod\n extraContainers: []\n\n # -- Init containers to add to the redis pod\n initContainers: []\n # - name: download-tools\n # image: alpine:3.8\n # command: [sh, -c]\n # args:\n # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - \u0026\u0026\n # mv linux-amd64/helm /custom-tools/\n # volumeMounts:\n # - mountPath: /custom-tools\n # name: custom-tools\n # volumeMounts:\n # - mountPath: /usr/local/bin/helm\n # name: custom-tools\n # subPath: helm\n\n service:\n # -- Redis service annotations\n annotations: {}\n # -- Additional redis service labels\n labels: {}\n\n metrics:\n # -- Deploy metrics service and redis-exporter sidecar\n enabled: false\n image:\n # -- redis-exporter image repository\n repository: quay.io/bitnami/redis-exporter\n # -- redis-exporter image tag\n tag: 1.26.0-debian-10-r2\n # -- redis-exporter image PullPolicy\n imagePullPolicy: IfNotPresent\n # -- Port to use for redis-exporter sidecar\n containerPort: 9121\n # -- Resource limits and requests for redis-exporter sidecar\n resources: {}\n # limits:\n # cpu: 50m\n # memory: 64Mi\n # requests:\n # cpu: 10m\n # memory: 32Mi\n service:\n # -- Metrics service type\n type: ClusterIP\n # -- Metrics service clusterIP. `None` makes a \"headless service\" (no virtual IP)\n clusterIP: None\n # -- Metrics service annotations\n annotations: {}\n # -- Metrics service labels\n labels: {}\n # -- Metrics service port\n servicePort: 9121\n # -- Metrics service port name\n portName: http-metrics\n serviceMonitor:\n # -- Enable a prometheus ServiceMonitor\n enabled: false\n # -- Interval at which metrics should be scraped\n interval: 30s\n # -- Prometheus [RelabelConfigs] to apply to samples before scraping\n relabelings: []\n # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion\n metricRelabelings: []\n # -- Prometheus ServiceMonitor selector\n selector: {}\n # prometheus: kube-prometheus\n\n # -- Prometheus ServiceMonitor namespace\n namespace: \"\" # \"monitoring\"\n # -- Prometheus ServiceMonitor labels\n additionalLabels: {}\n\n pdb:\n # -- Labels to be added to Redis server pdb\n labels: {}\n # -- Annotations to be added to Redis server pdb\n annotations: {}\n\n # -- Deploy a Poddisruptionbudget for the Redis server\n enabled: false\n # minAvailable: 1\n # maxUnavailable: 0\n\n# This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true)\n# the custom redis deployment is omitted\n# Check the redis-ha chart for more properties\nredis-ha:\n # -- Enables the Redis HA subchart and disables the custom Redis single node deployment\n enabled: false\n exporter:\n # -- If `true`, the prometheus exporter sidecar is enabled\n enabled: true\n persistentVolume:\n # -- Configures persistency on Redis nodes\n enabled: false\n redis:\n # -- Redis convention for naming the cluster group: must match `^[\\\\w-\\\\.]+$` and can be templated\n masterGroupName: argocd\n # -- Any valid redis config options in this section will be applied to each server (see `redis-ha` chart)\n # @default -- See [values.yaml]\n config:\n # -- Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `\"\"` is disabled\n save: '\"\"'\n haproxy:\n # -- Enabled HAProxy LoadBalancing/Proxy\n enabled: true\n metrics:\n # -- HAProxy enable prometheus metric scraping\n enabled: true\n image:\n # -- Redis tag\n tag: 6.2.6-alpine\n\n## Server\nserver:\n # -- Argo CD server name\n name: server\n\n # -- The number of server pods to run\n replicas: 1\n\n autoscaling:\n # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server\n enabled: false\n # -- Minimum number of replicas for the Argo CD server [HPA]\n minReplicas: 1\n # -- Maximum number of replicas for the Argo CD server [HPA]\n maxReplicas: 5\n # -- Average CPU utilization percentage for the Argo CD server [HPA]\n targetCPUUtilizationPercentage: 50\n # -- Average memory utilization percentage for the Argo CD server [HPA]\n targetMemoryUtilizationPercentage: 50\n\n image:\n # -- Repository to use for the Argo CD server\n # @default -- `\"\"` (defaults to global.image.repository)\n repository: \"\" # defaults to global.image.repository\n # -- Tag to use for the Argo CD server\n # @default -- `\"\"` (defaults to global.image.tag)\n tag: \"\" # defaults to global.image.tag\n # -- Image pull policy for the Argo CD server\n # @default -- `\"\"` (defaults to global.image.imagePullPolicy)\n imagePullPolicy: \"\" # IfNotPresent\n\n # -- Additional command line arguments to pass to Argo CD server\n extraArgs: []\n # - --insecure\n\n # This flag is used to either remove or pass the CLI flag --staticassets /shared/app to the Argo CD server app\n staticAssets:\n # -- Disable deprecated flag `--staticassets`\n enabled: true\n\n # -- Environment variables to pass to Argo CD server\n env: []\n\n # -- envFrom to pass to Argo CD server\n # @default -- `[]` (See [values.yaml])\n envFrom: []\n # - configMapRef:\n # name: config-map-name\n # - secretRef:\n # name: secret-name\n\n # -- Specify postStart and preStop lifecycle hooks for your argo-cd-server container\n lifecycle: {}\n\n # -- Argo CD server log format: Either `text` or `json`\n logFormat: text\n # -- Argo CD server log level\n logLevel: info\n\n # -- Annotations to be added to server pods\n podAnnotations: {}\n\n # -- Labels to be added to server pods\n podLabels: {}\n\n # -- Configures the server port\n containerPort: 8080\n\n ## Readiness and liveness probes for default backend\n ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/\n ##\n readinessProbe:\n # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded\n failureThreshold: 3\n # -- Number of seconds after the container has started before [probe] is initiated\n initialDelaySeconds: 10\n # -- How often (in seconds) to perform the [probe]\n periodSeconds: 10\n # -- Minimum consecutive successes for the [probe] to be considered successful after having failed\n successThreshold: 1\n # -- Number of seconds after which the [probe] times out\n timeoutSeconds: 1\n livenessProbe:\n # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded\n failureThreshold: 3\n # -- Number of seconds after the container has started before [probe] is initiated\n initialDelaySeconds: 10\n # -- How often (in seconds) to perform the [probe]\n periodSeconds: 10\n # -- Minimum consecutive successes for the [probe] to be considered successful after having failed\n successThreshold: 1\n # -- Number of seconds after which the [probe] times out\n timeoutSeconds: 1\n\n # -- Additional volumeMounts to the server main container\n volumeMounts: []\n\n # -- Additional volumes to the server pod\n volumes: []\n\n # -- [Node selector]\n nodeSelector: {}\n # -- [Tolerations] for use with node taints\n tolerations: []\n # -- Assign custom [affinity] rules to the deployment\n affinity: {}\n\n # -- Assign custom [TopologySpreadConstraints] rules to the Argo CD server\n ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/\n ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment\n topologySpreadConstraints: []\n # - maxSkew: 1\n # topologyKey: topology.kubernetes.io/zone\n # whenUnsatisfiable: DoNotSchedule\n\n # -- Priority class for the Argo CD server\n priorityClassName: \"\"\n\n # -- Servers container-level security context\n containerSecurityContext:\n {}\n # capabilities:\n # drop:\n # - all\n # readOnlyRootFilesystem: true\n\n # -- Resource limits and requests for the Argo CD server\n resources: {}\n # limits:\n # cpu: 100m\n # memory: 128Mi\n # requests:\n # cpu: 50m\n # memory: 64Mi\n\n ## Certificate configuration\n certificate:\n # -- Enables a certificate manager certificate\n enabled: false\n # -- Certificate manager domain\n domain: argocd.example.com\n issuer:\n # -- Certificate manager issuer\n kind: # ClusterIssuer\n # -- Certificate manager name\n name: # letsencrypt\n # -- Certificate manager additional hosts\n additionalHosts: []\n # -- Certificate manager secret name\n secretName: argocd-server-tls\n\n ## Server service configuration\n service:\n # -- Server service annotations\n annotations: {}\n # -- Server service labels\n labels: {}\n # -- Server service type\n type: ClusterIP\n # -- Server service http port for NodePort service type (only if `server.service.type` is set to \"NodePort\")\n nodePortHttp: 30080\n # -- Server service https port for NodePort service type (only if `server.service.type` is set to \"NodePort\")\n nodePortHttps: 30443\n # -- Server service http port\n servicePortHttp: 80\n # -- Server service https port\n servicePortHttps: 443\n # -- Server service http port name, can be used to route traffic via istio\n servicePortHttpName: http\n # -- Server service https port name, can be used to route traffic via istio\n servicePortHttpsName: https\n # -- Use named target port for argocd\n ## Named target ports are not supported by GCE health checks, so when deploying argocd on GKE\n ## and exposing it via GCE ingress, the health checks fail and the load balancer returns a 502.\n namedTargetPort: true\n # -- LoadBalancer will get created with the IP specified in this field\n loadBalancerIP: \"\"\n # -- Source IP ranges to allow access to service from\n loadBalancerSourceRanges: []\n # -- Server service external IPs\n externalIPs: []\n # -- Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints\n externalTrafficPolicy: \"\"\n # -- Used to maintain session affinity. Supports `ClientIP` and `None`\n sessionAffinity: \"\"\n\n ## Server metrics service configuration\n metrics:\n # -- Deploy metrics service\n enabled: false\n service:\n # -- Metrics service annotations\n annotations: {}\n # -- Metrics service labels\n labels: {}\n # -- Metrics service port\n servicePort: 8083\n serviceMonitor:\n # -- Enable a prometheus ServiceMonitor\n enabled: false\n # -- Prometheus ServiceMonitor interval\n interval: 30s\n # -- Prometheus [RelabelConfigs] to apply to samples before scraping\n relabelings: []\n # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion\n metricRelabelings: []\n # -- Prometheus ServiceMonitor selector\n selector: {}\n # prometheus: kube-prometheus\n\n # -- Prometheus ServiceMonitor namespace\n namespace: \"\" # monitoring\n # -- Prometheus ServiceMonitor labels\n additionalLabels: {}\n\n serviceAccount:\n # -- Create server service account\n create: true\n # -- Server service account name\n name: argocd-server\n # -- Annotations applied to created service account\n annotations: {}\n # -- Automount API credentials for the Service Account\n automountServiceAccountToken: true\n\n ingress:\n # -- Enable an ingress resource for the Argo CD server\n enabled: false\n # -- Additional ingress annotations\n annotations: {}\n # -- Additional ingress labels\n labels: {}\n # -- Defines which ingress controller will implement the resource\n ingressClassName: \"\"\n\n # -- List of ingress hosts\n ## Argo Ingress.\n ## Hostnames must be provided if Ingress is enabled.\n ## Secrets must be manually created in the namespace\n hosts:\n []\n # - argocd.example.com\n\n # -- List of ingress paths\n paths:\n - /\n # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific`\n pathType: Prefix\n # -- Additional ingress paths\n extraPaths:\n []\n # - path: /*\n # backend:\n # serviceName: ssl-redirect\n # servicePort: use-annotation\n ## for Kubernetes \u003e=1.19 (when \"networking.k8s.io/v1\" is used)\n # - path: /*\n # pathType: Prefix\n # backend:\n # service:\n # name: ssl-redirect\n # port:\n # name: use-annotation\n\n # -- Ingress TLS configuration\n tls:\n []\n # - secretName: argocd-tls-certificate\n # hosts:\n # - argocd.example.com\n\n # -- Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp`\n https: false\n\n # dedicated ingress for gRPC as documented at\n # Ref: https://argoproj.github.io/argo-cd/operator-manual/ingress/\n ingressGrpc:\n # -- Enable an ingress resource for the Argo CD server for dedicated [gRPC-ingress]\n enabled: false\n # -- Setup up gRPC ingress to work with an AWS ALB\n isAWSALB: false\n # -- Additional ingress annotations for dedicated [gRPC-ingress]\n annotations: {}\n # -- Additional ingress labels for dedicated [gRPC-ingress]\n labels: {}\n # -- Defines which ingress controller will implement the resource [gRPC-ingress]\n ingressClassName: \"\"\n\n awsALB:\n # -- Service type for the AWS ALB gRPC service\n ## Service Type if isAWSALB is set to true\n ## Can be of type NodePort or ClusterIP depending on which mode you are\n ## are running. Instance mode needs type NodePort, IP mode needs type\n ## ClusterIP\n ## Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/how-it-works/#ingress-traffic\n serviceType: NodePort\n # -- Backend protocol version for the AWS ALB gRPC service\n ## This tells AWS to send traffic from the ALB using HTTP2. Can use gRPC as well if you want to leverage gRPC specific features\n backendProtocolVersion: HTTP2\n\n # -- List of ingress hosts for dedicated [gRPC-ingress]\n ## Argo Ingress.\n ## Hostnames must be provided if Ingress is enabled.\n ## Secrets must be manually created in the namespace\n ##\n hosts:\n []\n # - argocd.example.com\n\n # -- List of ingress paths for dedicated [gRPC-ingress]\n paths:\n - /\n # -- Ingress path type for dedicated [gRPC-ingress]. One of `Exact`, `Prefix` or `ImplementationSpecific`\n pathType: Prefix\n # -- Additional ingress paths for dedicated [gRPC-ingress]\n extraPaths:\n []\n # - path: /*\n # backend:\n # serviceName: ssl-redirect\n # servicePort: use-annotation\n ## for Kubernetes \u003e=1.19 (when \"networking.k8s.io/v1\" is used)\n # - path: /*\n # pathType: Prefix\n # backend:\n # service:\n # name: ssl-redirect\n # port:\n # name: use-annotation\n\n # -- Ingress TLS configuration for dedicated [gRPC-ingress]\n tls:\n []\n # - secretName: argocd-tls-certificate\n # hosts:\n # - argocd.example.com\n\n # -- Uses `server.service.servicePortHttps` instead `server.service.servicePortHttp`\n https: false\n\n # Create a OpenShift Route with SSL passthrough for UI and CLI\n # Consider setting 'hostname' e.g. https://argocd.apps-crc.testing/ using your Default Ingress Controller Domain\n # Find your domain with: kubectl describe --namespace=openshift-ingress-operator ingresscontroller/default | grep Domain:\n # If 'hostname' is an empty string \"\" OpenShift will create a hostname for you.\n route:\n # -- Enable an OpenShift Route for the Argo CD server\n enabled: false\n # -- Openshift Route annotations\n annotations: {}\n # -- Hostname of OpenShift Route\n hostname: \"\"\n # -- Termination type of Openshift Route\n termination_type: passthrough\n # -- Termination policy of Openshift Route\n termination_policy: None\n\n # -- Manage ArgoCD configmap (Declarative Setup)\n ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cm.yaml\n configEnabled: true\n # -- [General Argo CD configuration]\n # @default -- See [values.yaml]\n config:\n # Argo CD's externally facing base URL (optional). Required when configuring SSO\n url: https://argocd.example.com\n # Argo CD instance label key\n application.instanceLabelKey: argocd.argoproj.io/instance\n\n # DEPRECATED: Please instead use configs.credentialTemplates and configs.repositories\n # repositories: |\n # - url: [email protected]:group/repo.git\n # sshPrivateKeySecret:\n # name: secret-name\n # key: sshPrivateKey\n # - type: helm\n # url: https://charts.helm.sh/stable\n # name: stable\n # - type: helm\n # url: https://argoproj.github.io/argo-helm\n # name: argo\n\n # oidc.config: |\n # name: AzureAD\n # issuer: https://login.microsoftonline.com/TENANT_ID/v2.0\n # clientID: CLIENT_ID\n # clientSecret: $oidc.azuread.clientSecret\n # requestedIDTokenClaims:\n # groups:\n # essential: true\n # requestedScopes:\n # - openid\n # - profile\n # - email\n\n # -- Annotations to be added to ArgoCD ConfigMap\n configAnnotations: {}\n\n # -- ArgoCD rbac config ([ArgoCD RBAC policy])\n ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md\n rbacConfig:\n {}\n # policy.csv is a file containing user-defined RBAC policies and role definitions (optional).\n # Policy rules are in the form:\n # p, subject, resource, action, object, effect\n # Role definitions and bindings are in the form:\n # g, subject, inherited-subject\n # See https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md for additional information.\n # policy.csv: |\n # # Grant all members of the group 'my-org:team-alpha; the ability to sync apps in 'my-project'\n # p, my-org:team-alpha, applications, sync, my-project/*, allow\n # # Grant all members of 'my-org:team-beta' admins\n # g, my-org:team-beta, role:admin\n # policy.default is the name of the default role which Argo CD will falls back to, when\n # authorizing API requests (optional). If omitted or empty, users may be still be able to login,\n # but will see no apps, projects, etc...\n # policy.default: role:readonly\n # scopes controls which OIDC scopes to examine during rbac enforcement (in addition to `sub` scope).\n # If omitted, defaults to: '[groups]'. The scope value can be a string, or a list of strings.\n # scopes: '[cognito:groups, email]'\n\n # -- Annotations to be added to ArgoCD rbac ConfigMap\n rbacConfigAnnotations: {}\n\n # -- Whether or not to create the configmap. If false, it is expected the configmap will be created\n # by something else. ArgoCD will not work if there is no configMap created with the name above.\n rbacConfigCreate: true\n\n # -- Deploy ArgoCD Applications within this helm release\n # @default -- `[]` (See [values.yaml])\n ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/\n additionalApplications: \n - name: flink \n namespace: my-playground # \u003c-- will be replaced by templatefile\n project: flink \n source:\n repoURL: https://github.com/my-playground/flink-operator.git # \u003c-- this will be the repoitory of our operator\n targetRevision: HEAD\n path: helm-chart \n destination:\n server: https://kubernetes.default.svc\n namespace: my-playground \n\n # -- Deploy ArgoCD Projects within this helm release\n # @default -- `[]` (See [values.yaml])\n ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/\n additionalProjects:\n - name: my-playground\n namespace: my-playground\n description: My Playground\n sourceRepos:\n - '*'\n destinations:\n - namespace: my-playground\n server: https://kubernetes.default.svc\n\n ## Enable Admin ClusterRole resources.\n ## Enable if you would like to grant rights to ArgoCD to deploy to the local Kubernetes cluster.\n clusterAdminAccess:\n # -- Enable RBAC for local cluster deployments\n enabled: true\n\n GKEbackendConfig:\n # -- Enable BackendConfig custom resource for Google Kubernetes Engine\n enabled: false\n # -- [BackendConfigSpec]\n spec: {}\n # spec:\n # iap:\n # enabled: true\n # oauthclientCredentials:\n # secretName: argocd-secret\n\n ## Create a Google Managed Certificate for use with the GKE Ingress Controller\n ## https://cloud.google.com/kubernetes-engine/docs/how-to/managed-certs\n GKEmanagedCertificate:\n # -- Enable ManagedCertificate custom resource for Google Kubernetes Engine.\n enabled: false\n # -- Domains for the Google Managed Certificate\n domains:\n - argocd.example.com\n\n ## Create a Google FrontendConfig Custom Resource, for use with the GKE Ingress Controller\n ## https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters\n GKEfrontendConfig:\n # -- Enable FrontConfig custom resource for Google Kubernetes Engine\n enabled: false\n # -- [FrontendConfigSpec]\n spec: {}\n # spec:\n # redirectToHttps:\n # enabled: true\n # responseCodeName: RESPONSE_CODE\n\n # -- Additional containers to be added to the server pod\n ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example.\n extraContainers: []\n # - name: my-sidecar\n # image: nginx:latest\n # - name: lemonldap-ng-controller\n # image: lemonldapng/lemonldap-ng-controller:0.2.0\n # args:\n # - /lemonldap-ng-controller\n # - --alsologtostderr\n # - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration\n # env:\n # - name: POD_NAME\n # valueFrom:\n # fieldRef:\n # fieldPath: metadata.name\n # - name: POD_NAMESPACE\n # valueFrom:\n # fieldRef:\n # fieldPath: metadata.namespace\n # volumeMounts:\n # - name: copy-portal-skins\n # mountPath: /srv/var/lib/lemonldap-ng/portal/skins\n\n # -- Init containers to add to the server pod\n ## If your target Kubernetes cluster(s) require a custom auth provider executable\n ## you could use this (and the same in the application controller pod) to bootstrap\n ## that executable into your ArgoCD container\n initContainers: []\n # - name: download-tools\n # image: alpine:3.8\n # command: [sh, -c]\n # args:\n # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - \u0026\u0026\n # mv linux-amd64/helm /custom-tools/\n # volumeMounts:\n # - mountPath: /custom-tools\n # name: custom-tools\n # volumeMounts:\n # - mountPath: /usr/local/bin/helm\n # name: custom-tools\n # subPath: helm\n\n extensions:\n # -- Enable support for extensions\n ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. Bump image.tag if necessary.\n enabled: false\n\n image:\n # -- Repository to use for extensions image\n repository: \"ghcr.io/argoproj-labs/argocd-extensions\"\n # -- Tag to use for extensions image\n tag: \"v0.1.0\"\n # -- Image pull policy for extensions\n imagePullPolicy: IfNotPresent\n\n # -- Resource limits and requests for the argocd-extensions container\n resources: {}\n # limits:\n # cpu: 50m\n # memory: 128Mi\n # requests:\n # cpu: 10m\n # memory: 64Mi\n\n # -- Extensions to be loaded into the server\n contents: []\n # - name: argo-rollouts\n # url: https://github.com/argoproj-labs/rollout-extension/releases/download/v0.1.0/extension.tar\n\n pdb:\n # -- Labels to be added to server pdb\n labels: {}\n # -- Annotations to be added to server pdb\n annotations: {}\n\n # -- Deploy a Poddisruptionbudget for the server\n enabled: false\n # minAvailable: 1\n # maxUnavailable: 0\n\n## Repo Server\nrepoServer:\n # -- Repo server name\n name: repo-server\n\n # -- The number of repo server pods to run\n replicas: 1\n\n autoscaling:\n # -- Enable Horizontal Pod Autoscaler ([HPA]) for the repo server\n enabled: false\n # -- Minimum number of replicas for the repo server [HPA]\n minReplicas: 1\n # -- Maximum number of replicas for the repo server [HPA]\n maxReplicas: 5\n # -- Average CPU utilization percentage for the repo server [HPA]\n targetCPUUtilizationPercentage: 50\n # -- Average memory utilization percentage for the repo server [HPA]\n targetMemoryUtilizationPercentage: 50\n\n image:\n # -- Repository to use for the repo server\n # @default -- `\"\"` (defaults to global.image.repository)\n repository: \"\" # defaults to global.image.repository\n # -- Tag to use for the repo server\n # @default -- `\"\"` (defaults to global.image.tag)\n tag: \"\" # defaults to global.image.tag\n # -- Image pull policy for the repo server\n # @default -- `\"\"` (defaults to global.image.imagePullPolicy)\n imagePullPolicy: \"\" # IfNotPresent\n\n # -- Additional command line arguments to pass to repo server\n extraArgs: []\n\n # -- Environment variables to pass to repo server\n env: []\n\n # -- envFrom to pass to repo server\n # @default -- `[]` (See [values.yaml])\n envFrom: []\n # - configMapRef:\n # name: config-map-name\n # - secretRef:\n # name: secret-name\n\n # -- Repo server log format: Either `text` or `json`\n logFormat: text\n # -- Repo server log level\n logLevel: info\n\n # -- Annotations to be added to repo server pods\n podAnnotations: {}\n\n # -- Labels to be added to repo server pods\n podLabels: {}\n\n # -- Configures the repo server port\n containerPort: 8081\n\n ## Readiness and liveness probes for default backend\n ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/\n ##\n readinessProbe:\n # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded\n failureThreshold: 3\n # -- Number of seconds after the container has started before [probe] is initiated\n initialDelaySeconds: 10\n # -- How often (in seconds) to perform the [probe]\n periodSeconds: 10\n # -- Minimum consecutive successes for the [probe] to be considered successful after having failed\n successThreshold: 1\n # -- Number of seconds after which the [probe] times out\n timeoutSeconds: 1\n livenessProbe:\n # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded\n failureThreshold: 3\n # -- Number of seconds after the container has started before [probe] is initiated\n initialDelaySeconds: 10\n # -- How often (in seconds) to perform the [probe]\n periodSeconds: 10\n # -- Minimum consecutive successes for the [probe] to be considered successful after having failed\n successThreshold: 1\n # -- Number of seconds after which the [probe] times out\n timeoutSeconds: 1\n\n # -- Additional volumeMounts to the repo server main container\n volumeMounts: []\n\n # -- Additional volumes to the repo server pod\n volumes: []\n ## Use init containers to configure custom tooling\n ## https://argoproj.github.io/argo-cd/operator-manual/custom_tools/\n ## When using the volumes \u0026 volumeMounts section bellow, please comment out those above.\n # - name: custom-tools\n # emptyDir: {}\n\n # -- [Node selector]\n nodeSelector: {}\n # -- [Tolerations] for use with node taints\n tolerations: []\n # -- Assign custom [affinity] rules to the deployment\n affinity: {}\n\n # -- Assign custom [TopologySpreadConstraints] rules to the repo server\n ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/\n ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment\n topologySpreadConstraints: []\n # - maxSkew: 1\n # topologyKey: topology.kubernetes.io/zone\n # whenUnsatisfiable: DoNotSchedule\n\n # -- Priority class for the repo server\n priorityClassName: \"\"\n\n # -- Repo server container-level security context\n containerSecurityContext:\n {}\n # capabilities:\n # drop:\n # - all\n # readOnlyRootFilesystem: true\n\n # -- Resource limits and requests for the repo server pods\n resources: {}\n # limits:\n # cpu: 50m\n # memory: 128Mi\n # requests:\n # cpu: 10m\n # memory: 64Mi\n\n ## Repo server service configuration\n service:\n # -- Repo server service annotations\n annotations: {}\n # -- Repo server service labels\n labels: {}\n # -- Repo server service port\n port: 8081\n # -- Repo server service port name\n portName: https-repo-server\n\n ## Repo server metrics service configuration\n metrics:\n # -- Deploy metrics service\n enabled: false\n service:\n # -- Metrics service annotations\n annotations: {}\n # -- Metrics service labels\n labels: {}\n # -- Metrics service port\n servicePort: 8084\n serviceMonitor:\n # -- Enable a prometheus ServiceMonitor\n enabled: false\n # -- Prometheus ServiceMonitor interval\n interval: 30s\n # -- Prometheus [RelabelConfigs] to apply to samples before scraping\n relabelings: []\n # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion\n metricRelabelings: []\n # -- Prometheus ServiceMonitor selector\n selector: {}\n # prometheus: kube-prometheus\n\n # -- Prometheus ServiceMonitor namespace\n namespace: \"\" # \"monitoring\"\n # -- Prometheus ServiceMonitor labels\n additionalLabels: {}\n\n ## Enable Admin ClusterRole resources.\n ## Enable if you would like to grant cluster rights to ArgoCD repo server.\n clusterAdminAccess:\n # -- Enable RBAC for local cluster deployments\n enabled: false\n ## Enable Custom Rules for the Repo server's Cluster Role resource\n ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource.\n ## Defaults to off\n clusterRoleRules:\n # -- Enable custom rules for the Repo server's Cluster Role resource\n enabled: false\n # -- List of custom rules for the Repo server's Cluster Role resource\n rules: []\n\n ## Repo server service account\n ## If create is set to true, make sure to uncomment the name and update the rbac section below\n serviceAccount:\n # -- Create repo server service account\n create: false\n # -- Repo server service account name\n name: \"\" # \"argocd-repo-server\"\n # -- Annotations applied to created service account\n annotations: {}\n # -- Automount API credentials for the Service Account\n automountServiceAccountToken: true\n\n # -- Additional containers to be added to the repo server pod\n extraContainers: []\n\n # -- Repo server rbac rules\n rbac: []\n # - apiGroups:\n # - argoproj.io\n # resources:\n # - applications\n # verbs:\n # - get\n # - list\n # - watch\n\n # Init container to copy argocd binary\n copyutil:\n # -- Resource limits and requests for the copyutil initContainer\n resources: {}\n # limits:\n # cpu: 50m\n # memory: 64Mi\n # requests:\n # cpu: 10m\n # memory: 32Mi\n\n # -- Init containers to add to the repo server pods\n initContainers: []\n # - name: download-tools\n # image: alpine:3.8\n # command: [sh, -c]\n # args:\n # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - \u0026\u0026\n # mv linux-amd64/helm /custom-tools/\n # volumeMounts:\n # - mountPath: /custom-tools\n # name: custom-tools\n # volumeMounts:\n # - mountPath: /usr/local/bin/helm\n # name: custom-tools\n # subPath: helm\n\n pdb:\n # -- Labels to be added to Repo server pdb\n labels: {}\n # -- Annotations to be added to Repo server pdb\n annotations: {}\n\n # -- Deploy a Poddisruptionbudget for the Repo server\n enabled: false\n # minAvailable: 1\n # maxUnavailable: 0\n\n## Argo Configs\nconfigs:\n # -- Provide one or multiple [external cluster credentials]\n # @default -- `[]` (See [values.yaml])\n ## Ref:\n ## - https://argoproj.github.io/argo-cd/operator-manual/declarative-setup/#clusters\n ## - https://argoproj.github.io/argo-cd/operator-manual/security/#external-cluster-credentials\n clusterCredentials: []\n # - name: mycluster\n # server: https://mycluster.com\n # labels: {}\n # annotations: {}\n # config:\n # bearerToken: \"\u003cauthentication token\u003e\"\n # tlsClientConfig:\n # insecure: false\n # caData: \"\u003cbase64 encoded certificate\u003e\"\n # - name: mycluster2\n # server: https://mycluster2.com\n # labels: {}\n # annotations: {}\n # namespaces: namespace1,namespace2\n # clusterResources: true\n # config:\n # bearerToken: \"\u003cauthentication token\u003e\"\n # tlsClientConfig:\n # insecure: false\n # caData: \"\u003cbase64 encoded certificate\u003e\"\n\n # -- GnuPG key ring annotations\n gpgKeysAnnotations: {}\n # -- [GnuPG](https://argoproj.github.io/argo-cd/user-guide/gpg-verification/) keys to add to the key ring\n # @default -- `{}` (See [values.yaml])\n gpgKeys: {}\n # 4AEE18F83AFDEB23: |\n # -----BEGIN PGP PUBLIC KEY BLOCK-----\n #\n # mQENBFmUaEEBCACzXTDt6ZnyaVtueZASBzgnAmK13q9Urgch+sKYeIhdymjuMQta\n # x15OklctmrZtqre5kwPUosG3/B2/ikuPYElcHgGPL4uL5Em6S5C/oozfkYzhwRrT\n # SQzvYjsE4I34To4UdE9KA97wrQjGoz2Bx72WDLyWwctD3DKQtYeHXswXXtXwKfjQ\n # 7Fy4+Bf5IPh76dA8NJ6UtjjLIDlKqdxLW4atHe6xWFaJ+XdLUtsAroZcXBeWDCPa\n # buXCDscJcLJRKZVc62gOZXXtPfoHqvUPp3nuLA4YjH9bphbrMWMf810Wxz9JTd3v\n # yWgGqNY0zbBqeZoGv+TuExlRHT8ASGFS9SVDABEBAAG0NUdpdEh1YiAod2ViLWZs\n # b3cgY29tbWl0IHNpZ25pbmcpIDxub3JlcGx5QGdpdGh1Yi5jb20+iQEiBBMBCAAW\n # BQJZlGhBCRBK7hj4Ov3rIwIbAwIZAQAAmQEH/iATWFmi2oxlBh3wAsySNCNV4IPf\n # DDMeh6j80WT7cgoX7V7xqJOxrfrqPEthQ3hgHIm7b5MPQlUr2q+UPL22t/I+ESF6\n # 9b0QWLFSMJbMSk+BXkvSjH9q8jAO0986/pShPV5DU2sMxnx4LfLfHNhTzjXKokws\n # +8ptJ8uhMNIDXfXuzkZHIxoXk3rNcjDN5c5X+sK8UBRH092BIJWCOfaQt7v7wig5\n # 4Ra28pM9GbHKXVNxmdLpCFyzvyMuCmINYYADsC848QQFFwnd4EQnupo6QvhEVx1O\n # j7wDwvuH5dCrLuLwtwXaQh0onG4583p0LGms2Mf5F+Ick6o/4peOlBoZz48=\n # =Bvzs\n # -----END PGP PUBLIC KEY BLOCK-----\n\n # -- Known Hosts configmap annotations\n knownHostsAnnotations: {}\n knownHosts:\n data:\n # -- Known Hosts\n # @default -- See [values.yaml]\n ssh_known_hosts: |\n bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==\n github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=\n github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl\n github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=\n gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf\n gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9\n ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H\n vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H\n # -- TLS certificate configmap annotations\n tlsCertsAnnotations: {}\n # -- TLS certificate\n # @default -- See [values.yaml]\n tlsCerts:\n {}\n # data:\n # argocd.example.com: |\n # -----BEGIN CERTIFICATE-----\n # MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL\n # BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE\n # BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0\n # c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda\n # Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT\n # YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES\n # MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi\n # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5\n # NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc\n # CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u\n # P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G\n # ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+\n # YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E\n # Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko\n # Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J\n # kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u\n # kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO\n # gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7\n # bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86\n # r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/\n # BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn\n # Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx\n # CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2\n # XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT\n # +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr\n # d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO\n # OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so\n # 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr\n # jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8\n # 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W\n # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK\n # XWyb96wrUlv+E8I=\n # -----END CERTIFICATE-----\n\n # -- *DEPRECATED:* Instead, use `configs.credentialTemplates` and/or `configs.repositories`\n repositoryCredentials: {}\n\n # -- Repository credentials to be used as Templates for other repos\n ## Creates a secret for each key/value specified below to create repository credentials\n credentialTemplates: {}\n # github-enterprise-creds-1:\n # url: https://github.com/argoproj\n # githubAppID: 1\n # githubAppInstallationID: 2\n # githubAppEnterpriseBaseUrl: https://ghe.example.com/api/v3\n # githubAppPrivateKey: |\n # -----BEGIN OPENSSH PRIVATE KEY-----\n # ...\n # -----END OPENSSH PRIVATE KEY-----\n # https-creds:\n # url: https://github.com/argoproj\n # password: my-password\n # username: my-username\n # ssh-creds:\n # url: [email protected]:argoproj-labs\n # sshPrivateKey: |\n # -----BEGIN OPENSSH PRIVATE KEY-----\n # ...\n # -----END OPENSSH PRIVATE KEY-----\n\n # -- Repositories list to be used by applications\n ## Creates a secret for each key/value specified below to create repositories\n ## Note: the last example in the list would use a repository credential template, configured under \"configs.repositoryCredentials\".\n repositories: {}\n # istio-helm-repo:\n # url: https://storage.googleapis.com/istio-prerelease/daily-build/master-latest-daily/charts\n # name: istio.io\n # type: helm\n # private-helm-repo:\n # url: https://my-private-chart-repo.internal\n # name: private-repo\n # type: helm\n # password: my-password\n # username: my-username\n # private-repo:\n # url: https://github.com/argoproj/private-repo\n\n secret:\n # -- Create the argocd-secret\n createSecret: true\n # -- Annotations to be added to argocd-secret\n annotations: {}\n\n # -- Shared secret for authenticating GitHub webhook events\n githubSecret: \"\"\n # -- Shared secret for authenticating GitLab webhook events\n gitlabSecret: \"\"\n # -- Shared secret for authenticating BitbucketServer webhook events\n bitbucketServerSecret: \"\"\n # -- UUID for authenticating Bitbucket webhook events\n bitbucketUUID: \"\"\n # -- Shared secret for authenticating Gogs webhook events\n gogsSecret: \"\"\n\n # -- add additional secrets to be added to argocd-secret\n ## Custom secrets. Useful for injecting SSO secrets into environment variables.\n ## Ref: https://argoproj.github.io/argo-cd/operator-manual/sso/\n ## Note that all values must be non-empty.\n extra:\n {}\n # LDAP_PASSWORD: \"mypassword\"\n\n # -- Argo TLS Data\n argocdServerTlsConfig:\n {}\n # key:\n # crt: |\n # -----BEGIN CERTIFICATE-----\n # \u003ccert data\u003e\n # -----END CERTIFICATE-----\n # -----BEGIN CERTIFICATE-----\n # \u003cca cert data\u003e\n # -----END CERTIFICATE-----\n\n # -- Bcrypt hashed admin password\n ## Argo expects the password in the secret to be bcrypt hashed. You can create this hash with\n ## `htpasswd -nbBC 10 \"\" $ARGO_PWD | tr -d ':\\n' | sed 's/$2y/$2a/'`\n argocdServerAdminPassword: \"\"\n # -- Admin password modification time. Eg. `\"2006-01-02T15:04:05Z\"`\n # @default -- `\"\"` (defaults to current time)\n argocdServerAdminPasswordMtime: \"\"\n\n # -- Define custom [CSS styles] for your argo instance.\n # This setting will automatically mount the provided CSS and reference it in the argo configuration.\n # @default -- `\"\"` (See [values.yaml])\n ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/\n styles: \"\"\n # styles: |\n # .nav-bar {\n # background: linear-gradient(to bottom, #999, #777, #333, #222, #111);\n # }\n\nopenshift:\n # -- enables using arbitrary uid for argo repo server\n enabled: false\n"
],
"verify": false,
"version": "3.35.0",
"wait": true,
"wait_for_jobs": false
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"kubernetes_namespace.playground_namespace"
]
}
]
},
{
"mode": "managed",
"type": "kubernetes_namespace",
"name": "playground_namespace",
"provider": "provider[\"registry.terraform.io/hashicorp/kubernetes\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "my-playground",
"metadata": [
{
"annotations": {},
"generate_name": "",
"generation": 0,
"labels": {},
"name": "my-playground",
"resource_version": "618",
"uid": "20c99b69-289d-4a65-90a4-e8ee0aecc78c"
}
],
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjozMDAwMDAwMDAwMDB9fQ=="
}
]
}
]
}