argo-cd:
  crds:
    install: true
  configs:
    cm:
      admin.enabled: true
      resource.customizations.ignoreDifferences.apps_Deployment: |
        jqPathExpressions:
          - '.spec.template.spec.hostUsers'
      resource.customizations.ignoreDifferences.batch_CronJob: |
        jqPathExpressions:
          - '.spec.jobTemplate.spec.template.spec.hostUsers'
      resource.customizations.ignoreDifferences.batch_Job: |
        jqPathExpressions:
          - '.spec.template.spec.hostUsers'
      timeout.reconciliation: 100s
      timeout.reconciliation.jitter: 60s
      url: https://argocd.alexlebens.net
      statusbadge.enabled: true
      # dex.config: |
      #   connectors:
      #   - config:
      #       issuer: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/argocd/
      #       clientID: $argocd-oidc-secret:client
      #       clientSecret: $argocd-oidc-secret:secret
      #       insecureEnableGroups: true
      #       scopes:
      #         - openid
      #         - profile
      #         - email
      #     name: authentik
      #     type: oidc
      #     id: authentik
    rbac:
      policy.csv: |
        g, ArgoCD Admins, role:admin
    params:
      server.insecure: true
  server:
    replicas: 2
    ingress:
      enabled: false
      controller: generic
      ingressClassName: cilium
      annotations:
        cert-manager.io/cluster-issuer: letsencrypt-issuer
      hostname: argocd.alexlebens.net
      tls: true
    metrics:
      enabled: true
      serviceMonitor:
        enabled: true
  dex:
    enabled: true
  redis-ha:
    enabled: true
  redisSecretInit:
    enabled: false
  controller:
    replicas: 1
    metrics:
      enabled: true
      serviceMonitor:
        enabled: true
  repoServer:
    replicas: 2
    metrics:
      enabled: true
      serviceMonitor:
        enabled: true
  applicationSet:
    replicas: 2
    metrics:
      enabled: true
      serviceMonitor:
        enabled: true