chore: Update manifests after change
This commit is contained in:
133
clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cm.yml
Normal file
133
clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cm.yml
Normal file
@@ -0,0 +1,133 @@
|
||||
---
|
||||
# Source: argocd/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: argocd-cm
|
||||
namespace: argocd
|
||||
labels:
|
||||
helm.sh/chart: argo-cd-9.1.5
|
||||
app.kubernetes.io/name: argocd-cm
|
||||
app.kubernetes.io/instance: argocd
|
||||
app.kubernetes.io/component: server
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/part-of: argocd
|
||||
app.kubernetes.io/version: "v3.2.1"
|
||||
data:
|
||||
admin.enabled: "true"
|
||||
application.instanceLabelKey: argocd.argoproj.io/instance
|
||||
application.sync.impersonation.enabled: "false"
|
||||
dex.config: |
|
||||
connectors:
|
||||
- config:
|
||||
issuer: https://authentik.alexlebens.net/application/o/argocd/
|
||||
clientID: $argocd-oidc-secret:client
|
||||
clientSecret: $argocd-oidc-secret:secret
|
||||
insecureEnableGroups: true
|
||||
scopes:
|
||||
- openid
|
||||
- profile
|
||||
- email
|
||||
name: authentik
|
||||
type: oidc
|
||||
id: authentik
|
||||
exec.enabled: "false"
|
||||
resource.customizations.ignoreResourceUpdates.ConfigMap: |
|
||||
jqPathExpressions:
|
||||
# Ignore the cluster-autoscaler status
|
||||
- '.metadata.annotations."cluster-autoscaler.kubernetes.io/last-updated"'
|
||||
# Ignore the annotation of the legacy Leases election
|
||||
- '.metadata.annotations."control-plane.alpha.kubernetes.io/leader"'
|
||||
resource.customizations.ignoreResourceUpdates.Endpoints: |
|
||||
jsonPointers:
|
||||
- /metadata
|
||||
- /subsets
|
||||
resource.customizations.ignoreResourceUpdates.all: |
|
||||
jsonPointers:
|
||||
- /status
|
||||
resource.customizations.ignoreResourceUpdates.apps_ReplicaSet: |
|
||||
jqPathExpressions:
|
||||
- '.metadata.annotations."deployment.kubernetes.io/desired-replicas"'
|
||||
- '.metadata.annotations."deployment.kubernetes.io/max-replicas"'
|
||||
- '.metadata.annotations."rollout.argoproj.io/desired-replicas"'
|
||||
resource.customizations.ignoreResourceUpdates.argoproj.io_Application: |
|
||||
jqPathExpressions:
|
||||
- '.metadata.annotations."notified.notifications.argoproj.io"'
|
||||
- '.metadata.annotations."argocd.argoproj.io/refresh"'
|
||||
- '.metadata.annotations."argocd.argoproj.io/hydrate"'
|
||||
- '.operation'
|
||||
resource.customizations.ignoreResourceUpdates.argoproj.io_Rollout: |
|
||||
jqPathExpressions:
|
||||
- '.metadata.annotations."notified.notifications.argoproj.io"'
|
||||
resource.customizations.ignoreResourceUpdates.autoscaling_HorizontalPodAutoscaler: |
|
||||
jqPathExpressions:
|
||||
- '.metadata.annotations."autoscaling.alpha.kubernetes.io/behavior"'
|
||||
- '.metadata.annotations."autoscaling.alpha.kubernetes.io/conditions"'
|
||||
- '.metadata.annotations."autoscaling.alpha.kubernetes.io/metrics"'
|
||||
- '.metadata.annotations."autoscaling.alpha.kubernetes.io/current-metrics"'
|
||||
resource.customizations.ignoreResourceUpdates.discovery.k8s.io_EndpointSlice: |
|
||||
jsonPointers:
|
||||
- /metadata
|
||||
- /endpoints
|
||||
- /ports
|
||||
resource.exclusions: |
|
||||
### Network resources created by the Kubernetes control plane and excluded to reduce the number of watched events and UI clutter
|
||||
- apiGroups:
|
||||
- ''
|
||||
- discovery.k8s.io
|
||||
kinds:
|
||||
- Endpoints
|
||||
- EndpointSlice
|
||||
### Internal Kubernetes resources excluded reduce the number of watched events
|
||||
- apiGroups:
|
||||
- coordination.k8s.io
|
||||
kinds:
|
||||
- Lease
|
||||
### Internal Kubernetes Authz/Authn resources excluded reduce the number of watched events
|
||||
- apiGroups:
|
||||
- authentication.k8s.io
|
||||
- authorization.k8s.io
|
||||
kinds:
|
||||
- SelfSubjectReview
|
||||
- TokenReview
|
||||
- LocalSubjectAccessReview
|
||||
- SelfSubjectAccessReview
|
||||
- SelfSubjectRulesReview
|
||||
- SubjectAccessReview
|
||||
### Intermediate Certificate Request excluded reduce the number of watched events
|
||||
- apiGroups:
|
||||
- certificates.k8s.io
|
||||
kinds:
|
||||
- CertificateSigningRequest
|
||||
- apiGroups:
|
||||
- cert-manager.io
|
||||
kinds:
|
||||
- CertificateRequest
|
||||
### Cilium internal resources excluded reduce the number of watched events and UI Clutter
|
||||
- apiGroups:
|
||||
- cilium.io
|
||||
kinds:
|
||||
- CiliumIdentity
|
||||
- CiliumEndpoint
|
||||
- CiliumEndpointSlice
|
||||
### Kyverno intermediate and reporting resources excluded reduce the number of watched events and improve performance
|
||||
- apiGroups:
|
||||
- kyverno.io
|
||||
- reports.kyverno.io
|
||||
- wgpolicyk8s.io
|
||||
kinds:
|
||||
- PolicyReport
|
||||
- ClusterPolicyReport
|
||||
- EphemeralReport
|
||||
- ClusterEphemeralReport
|
||||
- AdmissionReport
|
||||
- ClusterAdmissionReport
|
||||
- BackgroundScanReport
|
||||
- ClusterBackgroundScanReport
|
||||
- UpdateRequest
|
||||
statusbadge.enabled: "true"
|
||||
statusbadge.url: https://argocd.alexlebens.net/
|
||||
timeout.hard.reconciliation: 0s
|
||||
timeout.reconciliation: 100s
|
||||
timeout.reconciliation.jitter: 60s
|
||||
url: https://argocd.alexlebens.net
|
||||
Reference in New Issue
Block a user