infrastructure/clusters/cl01tl/helm/argo-workflows/values.yaml

argo-workflows:
  crds:
    install: true
    keep: true
    full: true
    upgradeJob:
      image:
        repository: registry.k8s.io/kubectl
        tag: v1.35.3
  controller:
    metricsConfig:
      enabled: true
    persistence:
      postgresql:
        host: argo-workflows-postgresql-18-cluster-rw
        port: 5432
        database: app
        tableName: app
        userNameSecret:
          name: argo-workflows-postgresql-18-cluster-app
          key: username
        passwordSecret:
          name: argo-workflows-postgresql-18-cluster-app
          key: password
        ssl: false
        sslMode: disable
    workflowWorkers: 2
    workflowTTLWorkers: 2
    podCleanupWorkers: 2
    cronWorkflowWorkers: 2
    resources:
      requests:
        cpu: 10m
        memory: 32Mi
    serviceMonitor:
      enabled: true
    workflowNamespaces:
      - argo-workflows
  server:
    authModes:
      - sso
    httproute:
      enabled: true
      parentRefs:
        - group: gateway.networking.k8s.io
          kind: Gateway
          name: traefik-gateway
          namespace: traefik
      hostnames:
        - argo-workflows.alexlebens.net
      rules:
        - matches:
            - path:
                type: PathPrefix
                value: /
    sso:
      enabled: true
      issuer: https://authentik.alexlebens.net/application/o/argo-workflows/
      clientId:
        name: argo-workflows-oidc-secret
        key: client
      clientSecret:
        name: argo-workflows-oidc-secret
        key: secret
      redirectUrl: https://argo-workflows.alexlebens.net/oauth2/callback
      rbac:
        enabled: false
      scopes:
        - openid
        - email
        - profile
argo-events:
  crds:
    install: true
    keep: true
  controller:
    resources:
      requests:
        cpu: 10m
        memory: 32Mi
    metrics:
      enabled: true
      serviceMonitor:
        enabled: true
  webhook:
    enabled: true
    resources:
      requests:
        cpu: 10m
        memory: 32Mi
postgres-18-cluster:
  mode: recovery
  recovery:
    method: objectStore
    objectStore:
      index: 1
  backup:
    objectStore:
      - name: garage-local
        index: 1
        destinationBucket: postgres-backups
        externalSecretCredentialPath: /garage/home-infra/postgres-backups
        isWALArchiver: true
    scheduledBackups:
      - name: live-backup
        suspend: false
        immediate: true
        schedule: "0 0 14 * * *"
        backupName: garage-local