285 lines
8.5 KiB
YAML
285 lines
8.5 KiB
YAML
argo-cd:
|
|
crds:
|
|
install: true
|
|
configs:
|
|
cm:
|
|
admin.enabled: true
|
|
timeout.reconciliation: 100s
|
|
timeout.reconciliation.jitter: 60s
|
|
url: https://argocd.alexlebens.net
|
|
statusbadge.url: https://argocd.alexlebens.net/
|
|
statusbadge.enabled: true
|
|
dex.config: |
|
|
connectors:
|
|
- config:
|
|
issuer: https://authentik.alexlebens.net/application/o/argocd/
|
|
clientID: $argocd-oidc-secret:client
|
|
clientSecret: $argocd-oidc-secret:secret
|
|
insecureEnableGroups: true
|
|
scopes:
|
|
- openid
|
|
- profile
|
|
- email
|
|
name: authentik
|
|
type: oidc
|
|
id: authentik
|
|
params:
|
|
server.insecure: true
|
|
rbac:
|
|
policy.csv: |
|
|
g, ArgoCD Admins, role:admin
|
|
cmp:
|
|
create: true
|
|
plugins:
|
|
cdk8s:
|
|
init:
|
|
command: [cdk8s]
|
|
args: [import]
|
|
generate:
|
|
command: [cdk8s, synth]
|
|
args: [--stdout]
|
|
discover:
|
|
fileName: "*.go"
|
|
controller:
|
|
replicas: 1
|
|
metrics:
|
|
enabled: true
|
|
serviceMonitor:
|
|
enabled: true
|
|
dex:
|
|
enabled: true
|
|
metrics:
|
|
enabled: true
|
|
serviceMonitor:
|
|
enabled: true
|
|
livenessProbe:
|
|
enabled: true
|
|
readinessProbe:
|
|
enabled: true
|
|
redis-ha:
|
|
enabled: true
|
|
auth: false
|
|
redisSecretInit:
|
|
enabled: true
|
|
server:
|
|
replicas: 2
|
|
ingress:
|
|
enabled: false
|
|
metrics:
|
|
enabled: true
|
|
serviceMonitor:
|
|
enabled: true
|
|
repoServer:
|
|
replicas: 2
|
|
extraContainers:
|
|
- name: cmp-cdk8s
|
|
command:
|
|
- /var/run/argocd/argocd-cmp-server
|
|
image: ghcr.io/akuity/cdk8s-cmp-typescript:1.0
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 999
|
|
volumeMounts:
|
|
- mountPath: /var/run/argocd
|
|
name: var-files
|
|
- mountPath: /home/argocd/cmp-server/plugins
|
|
name: plugins
|
|
- mountPath: /home/argocd/cmp-server/config/plugin.yaml
|
|
subPath: cdk8s.yaml
|
|
name: argocd-cmp-cm
|
|
- mountPath: /tmp
|
|
name: cmp-tmp
|
|
volumes:
|
|
- name: argocd-cmp-cm
|
|
configMap:
|
|
name: argocd-cmp-cm
|
|
- name: cmp-tmp
|
|
emptyDir: {}
|
|
metrics:
|
|
enabled: true
|
|
serviceMonitor:
|
|
enabled: true
|
|
applicationSet:
|
|
replicas: 2
|
|
metrics:
|
|
enabled: true
|
|
serviceMonitor:
|
|
enabled: true
|
|
livenessProbe:
|
|
enabled: true
|
|
readinessProbe:
|
|
enabled: true
|
|
notifications:
|
|
enabled: true
|
|
metrics:
|
|
enabled: true
|
|
serviceMonitor:
|
|
enabled: true
|
|
notifiers:
|
|
service.webhook.ntfy: |
|
|
url: http://ntfy.ntfy/
|
|
headers:
|
|
- name: Title
|
|
value: ArgoCD
|
|
- name: Authorization
|
|
value: Bearer $argocd-ntfy-secret:token
|
|
livenessProbe:
|
|
enabled: true
|
|
readinessProbe:
|
|
enabled: true
|
|
subscriptions:
|
|
- recipients:
|
|
- ntfy
|
|
triggers:
|
|
- app-created
|
|
- app-deleted
|
|
- app-deployed
|
|
- app-health-degraded
|
|
- app-sync-failed
|
|
- app-sync-running
|
|
- app-sync-status-unknown
|
|
- app-sync-succeeded
|
|
templates:
|
|
template.app-created: |
|
|
webhook:
|
|
ntfy:
|
|
method: POST
|
|
path: argocd
|
|
headers:
|
|
- name: Priority
|
|
value: 4
|
|
body: |
|
|
Application {{.app.metadata.name}} has been created.
|
|
template.app-deleted: |
|
|
webhook:
|
|
ntfy:
|
|
method: POST
|
|
path: argocd
|
|
headers:
|
|
- name: Priority
|
|
value: 4
|
|
body: |
|
|
Application {{.app.metadata.name}} has been deleted.
|
|
template.app-deployed: |
|
|
webhook:
|
|
ntfy:
|
|
method: POST
|
|
path: argocd
|
|
headers:
|
|
- name: Priority
|
|
value: 4
|
|
body: |
|
|
Application {{.app.metadata.name}} is now running new version of deployments manifests.
|
|
template.app-health-degraded: |
|
|
webhook:
|
|
ntfy:
|
|
method: POST
|
|
path: argocd
|
|
headers:
|
|
- name: Priority
|
|
value: 5
|
|
body: |
|
|
Application {{.app.metadata.name}} has degraded.
|
|
Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}.
|
|
template.app-sync-failed: |
|
|
webhook:
|
|
ntfy:
|
|
method: POST
|
|
path: argocd
|
|
headers:
|
|
- name: Priority
|
|
value: 5
|
|
body: |
|
|
The sync operation of application {{.app.metadata.name}} has failed at {{.app.status.operationState.finishedAt}} with the following error: {{.app.status.operationState.message}}
|
|
Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true .
|
|
template.app-sync-running: |
|
|
webhook:
|
|
ntfy:
|
|
method: POST
|
|
path: argocd
|
|
headers:
|
|
- name: Priority
|
|
value: 3
|
|
body: |
|
|
The sync operation of application {{.app.metadata.name}} has started at {{.app.status.operationState.startedAt}}.
|
|
Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true .
|
|
template.app-sync-status-unknown: |
|
|
webhook:
|
|
ntfy:
|
|
method: POST
|
|
path: argocd
|
|
headers:
|
|
- name: Priority
|
|
value: 4
|
|
body: |
|
|
{{if eq .serviceType "slack"}}:exclamation:{{end}} Application {{.app.metadata.name}} sync is 'Unknown'.
|
|
Application details: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}.
|
|
{{if ne .serviceType "slack"}}
|
|
{{range $c := .app.status.conditions}}
|
|
* {{$c.message}}
|
|
{{end}}
|
|
{{end}}
|
|
template.app-sync-succeeded: |
|
|
webhook:
|
|
ntfy:
|
|
method: POST
|
|
path: argocd
|
|
headers:
|
|
- name: Priority
|
|
value: 3
|
|
body: |
|
|
Application {{.app.metadata.name}} has been successfully synced at {{.app.status.operationState.finishedAt}}.
|
|
Sync operation details are available at: {{.context.argocdUrl}}/applications/{{.app.metadata.name}}?operation=true .
|
|
triggers:
|
|
trigger.on-created: |
|
|
- description: Application {{.app.metadata.name}} has been created.
|
|
oncePer: app.metadata.name
|
|
send:
|
|
- app-created
|
|
when: "true"
|
|
trigger.on-deleted: |
|
|
- description: Application {{.app.metadata.name}} has been deleted.
|
|
oncePer: app.metadata.name
|
|
send:
|
|
- app-deleted
|
|
when: app.metadata.deletionTimestamp != nil
|
|
trigger.on-deployed: |
|
|
- description: Application is synced and healthy. Triggered once per commit.
|
|
oncePer: app.status.operationState.syncResult.revision
|
|
send:
|
|
- app-deployed
|
|
when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy'
|
|
trigger.on-health-degraded: |
|
|
- description: Application has degraded
|
|
send:
|
|
- app-health-degraded
|
|
when: app.status.health.status == 'Degraded'
|
|
trigger.on-sync-failed: |
|
|
- description: Application syncing has failed
|
|
send:
|
|
- app-sync-failed
|
|
when: app.status.operationState.phase in ['Error', 'Failed']
|
|
trigger.on-sync-running: |
|
|
- description: Application is being synced
|
|
send:
|
|
- app-sync-running
|
|
when: app.status.operationState.phase in ['Running']
|
|
trigger.on-sync-status-unknown: |
|
|
- description: Application status is 'Unknown'
|
|
send:
|
|
- app-sync-status-unknown
|
|
when: app.status.sync.status == 'Unknown'
|
|
trigger.on-sync-succeeded: |
|
|
- description: Application syncing has succeeded
|
|
send:
|
|
- app-sync-succeeded
|
|
when: app.status.operationState.phase in ['Succeeded']
|
|
defaultTriggers: |
|
|
- on-created
|
|
- on-deleted
|
|
- on-deployed
|
|
- on-health-degraded
|
|
- on-sync-failed
|
|
- on-sync-status-unknown
|
|
- on-sync-succeeded
|