argo-cd: crds: install: true configs: cm: admin.enabled: true timeout.reconciliation: 100s timeout.reconciliation.jitter: 60s url: https://argocd.alexlebens.net statusbadge.url: https://argocd.alexlebens.net/ statusbadge.enabled: true dex.config: | connectors: - config: issuer: https://authentik.alexlebens.net/application/o/argocd/ clientID: $argocd-oidc-secret:client clientSecret: $argocd-oidc-secret:secret insecureEnableGroups: true scopes: - openid - profile - email name: authentik type: oidc id: authentik params: server.insecure: true rbac: policy.csv: | g, ArgoCD Admins, role:admin cmp: create: true plugins: cdk8s: init: command: [cdk8s] args: [import] generate: command: [cdk8s, synth] args: [--stdout] discover: fileName: "*.go" controller: replicas: 1 metrics: enabled: true serviceMonitor: enabled: true dex: enabled: true metrics: enabled: true serviceMonitor: enabled: true livenessProbe: enabled: true readinessProbe: enabled: true redis-ha: enabled: true auth: false redisSecretInit: enabled: true server: replicas: 2 ingress: enabled: false metrics: enabled: true serviceMonitor: enabled: true repoServer: replicas: 2 extraContainers: - name: cmp-cdk8s command: - /var/run/argocd/argocd-cmp-server image: ghcr.io/akuity/cdk8s-cmp-typescript:1.0 securityContext: runAsNonRoot: true runAsUser: 999 volumeMounts: - mountPath: /var/run/argocd name: var-files - mountPath: /home/argocd/cmp-server/plugins name: plugins - mountPath: /home/argocd/cmp-server/config/plugin.yaml subPath: cdk8s.yaml name: argocd-cmp-cm - mountPath: /tmp name: cmp-tmp volumes: - name: argocd-cmp-cm configMap: name: argocd-cmp-cm - name: cmp-tmp emptyDir: {} metrics: enabled: true serviceMonitor: enabled: true applicationSet: replicas: 2 metrics: enabled: true serviceMonitor: enabled: true livenessProbe: enabled: true readinessProbe: enabled: true notifications: enabled: true context: argocdUrl: https://argocd.alexlebens.net secret: create: false name: argocd-notifications-secret metrics: enabled: true serviceMonitor: enabled: true notifiers: service.webhook.ntfy: | url: http://ntfy.ntfy/ headers: - name: Authorization value: Bearer $ntfy-token livenessProbe: enabled: true readinessProbe: enabled: true subscriptions: - recipients: - ntfy triggers: - on-created - on-deleted - on-deployed - on-health-degraded - on-sync-failed - on-sync-running - on-sync-status-unknown - on-sync-succeeded templates: template.app-created: | webhook: ntfy: method: POST body: | { "topic": "argocd", "message": "{{.app.metadata.name}} has been created.", "title": "Created: {{.app.metadata.name}}", "tags": ["building_construction"], "priority": 4, "click": "{{.context.argocdUrl}}/applications/argocd/{{.app.metadata.name}}" } template.app-deleted: | webhook: ntfy: method: POST body: | { "topic": "argocd", "message": "{{.app.metadata.name}} has been deleted", "title": "Deleted: {{.app.metadata.name}}", "tags": ["warning"], "priority": 4, "click": "{{.context.argocdUrl}}" } template.app-deployed: | webhook: ntfy: method: POST body: | { "topic": "argocd", "message": "{{.app.metadata.name}} is now running new version of deployments manifests", "title": "Deployed: {{.app.metadata.name}}", "tags": ["+1"], "priority": 3, "click": "{{.context.argocdUrl}}/applications/argocd/{{.app.metadata.name}}" } template.app-health-degraded: | webhook: ntfy: method: POST body: | { "topic": "argocd", "message": "{{.app.metadata.name}} health has degraded", "title": "Degraded: {{.app.metadata.name}}", "tags": ["rotating_light"], "priority": 5, "click": "{{.context.argocdUrl}}/applications/argocd/{{.app.metadata.name}}" } template.app-sync-failed: | webhook: ntfy: method: POST body: | { "topic": "argocd", "message": "{{.app.metadata.name}} sync has failed at {{.app.status.operationState.finishedAt}} with the following error: {{.app.status.operationState.message}}", "title": "Sync Failed: {{.app.metadata.name}}", "tags": ["rotating_light"], "priority": 5, "click": "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true" } template.app-sync-running: | webhook: ntfy: method: POST body: | { "topic": "argocd", "message": "{{.app.metadata.name}} sync has started at {{.app.status.operationState.startedAt}}", "title": "Sync Running: {{.app.metadata.name}}", "tags": ["runner"], "priority": 3, "click": "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true" } template.app-sync-status-unknown: | webhook: ntfy: method: POST body: | { "topic": "argocd", "message": "{{.app.metadata.name}} sync status is unknown", "title": "Sync Unknown: {{.app.metadata.name}}", "tags": ["question"], "priority": 5, "click": "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}" } template.app-sync-succeeded: | webhook: ntfy: method: POST body: | { "topic": "argocd", "message": "{{.app.metadata.name}} has been successfully synced at {{.app.status.operationState.finishedAt}}", "title": "Sync Succeeded: {{.app.metadata.name}}", "tags": ["+1"], "priority": 3, "click": "{{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true" } triggers: trigger.on-created: | - description: Application {{.app.metadata.name}} has been created. oncePer: app.metadata.name send: - app-created when: "true" trigger.on-deleted: | - description: Application {{.app.metadata.name}} has been deleted. oncePer: app.metadata.name send: - app-deleted when: app.metadata.deletionTimestamp != nil trigger.on-deployed: | - description: Application is synced and healthy. Triggered once per commit. oncePer: app.status.operationState.syncResult.revision send: - app-deployed when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy' trigger.on-health-degraded: | - description: Application has degraded send: - app-health-degraded when: app.status.health.status == 'Degraded' trigger.on-sync-failed: | - description: Application syncing has failed send: - app-sync-failed when: app.status.operationState.phase in ['Error', 'Failed'] trigger.on-sync-running: | - description: Application is being synced send: - app-sync-running when: app.status.operationState.phase in ['Running'] trigger.on-sync-status-unknown: | - description: Application status is 'Unknown' send: - app-sync-status-unknown when: app.status.sync.status == 'Unknown' trigger.on-sync-succeeded: | - description: Application syncing has succeeded send: - app-sync-succeeded when: app.status.operationState.phase in ['Succeeded']