--- # Source: argocd/charts/argo-cd/templates/dex/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: argocd-dex-server namespace: argocd labels: helm.sh/chart: argo-cd-9.1.5 app.kubernetes.io/name: argocd-dex-server app.kubernetes.io/instance: argocd app.kubernetes.io/component: dex-server app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: argocd app.kubernetes.io/version: "v3.2.1" spec: replicas: 1 revisionHistoryLimit: 3 selector: matchLabels: app.kubernetes.io/name: argocd-dex-server app.kubernetes.io/instance: argocd template: metadata: annotations: checksum/cmd-params: bf2519278596ec7cee3e61f230a7b6ebbdcc8a5166fe036da04fccfdfa4ac1d1 checksum/cm: b85950385c4567f0f6332e53f51df2bbe58a65f5771ac318c863d1b4e831ff9b labels: helm.sh/chart: argo-cd-9.1.5 app.kubernetes.io/name: argocd-dex-server app.kubernetes.io/instance: argocd app.kubernetes.io/component: dex-server app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: argocd app.kubernetes.io/version: "v3.2.1" spec: terminationGracePeriodSeconds: 30 serviceAccountName: argocd-dex-server automountServiceAccountToken: true containers: - name: dex-server image: ghcr.io/dexidp/dex:v2.44.0 imagePullPolicy: IfNotPresent command: - /shared/argocd-dex args: - rundex env: - name: ARGOCD_DEX_SERVER_LOGFORMAT valueFrom: configMapKeyRef: key: dexserver.log.format name: argocd-cmd-params-cm optional: true - name: ARGOCD_DEX_SERVER_LOGLEVEL valueFrom: configMapKeyRef: key: dexserver.log.level name: argocd-cmd-params-cm optional: true - name: ARGOCD_LOG_FORMAT_TIMESTAMP valueFrom: configMapKeyRef: name: argocd-cmd-params-cm key: log.format.timestamp optional: true - name: ARGOCD_DEX_SERVER_DISABLE_TLS valueFrom: configMapKeyRef: name: argocd-cmd-params-cm key: dexserver.disable.tls optional: true ports: - name: http containerPort: 5556 protocol: TCP - name: grpc containerPort: 5557 protocol: TCP - name: metrics containerPort: 5558 protocol: TCP livenessProbe: httpGet: path: /healthz/live port: metrics scheme: HTTP initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 1 successThreshold: 1 failureThreshold: 3 readinessProbe: httpGet: path: /healthz/ready port: metrics scheme: HTTP initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 1 successThreshold: 1 failureThreshold: 3 resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true seccompProfile: type: RuntimeDefault volumeMounts: - name: static-files mountPath: /shared - name: dexconfig mountPath: /tmp - name: argocd-dex-server-tls mountPath: /tls initContainers: - name: copyutil image: quay.io/argoproj/argocd:v3.2.1 imagePullPolicy: IfNotPresent command: - /bin/cp - -n - /usr/local/bin/argocd - /shared/argocd-dex volumeMounts: - mountPath: /shared name: static-files - mountPath: /tmp name: dexconfig resources: {} securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true seccompProfile: type: RuntimeDefault affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/name: argocd-dex-server topologyKey: kubernetes.io/hostname nodeSelector: kubernetes.io/os: linux volumes: - name: static-files emptyDir: {} - name: dexconfig emptyDir: {} - name: argocd-dex-server-tls secret: secretName: argocd-dex-server-tls optional: true items: - key: tls.crt path: tls.crt - key: tls.key path: tls.key - key: ca.crt path: ca.crt dnsPolicy: ClusterFirst