gitea-bot
fe83b21fa0
This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow. ### Details - **Trigger**: `pull_request` by `@alexlebens` - **Commit**: `3599b7a` (on `3599b7a8a6f746eea6c161535c1975bec9e607a6`) - **Charts Updated**: `argocd` ### Update Details (2026-03-23 01:20 UTC) - **Trigger**: `pull_request` by `@alexlebens` - **Commit**: `48a3afd` (on `48a3afd121657733b8d1438b5b04491b1a54dd99`) - **Charts Updated**: `argocd` ### Update Details (2026-03-23 01:22 UTC) - **Trigger**: `pull_request` by `@alexlebens` - **Commit**: `ad89a09` (on `ad89a094826de9b3e68f3ffa598b46e99cb7a67b`) - **Charts Updated**: `argocd` Reviewed-on: #4990 Co-authored-by: gitea-bot <gitea-bot@alexlebens.net> Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
178 lines
5.4 KiB
YAML
178 lines
5.4 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: argocd-dex-server
|
|
namespace: argocd
|
|
labels:
|
|
helm.sh/chart: argo-cd-9.4.15
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
app.kubernetes.io/instance: argocd
|
|
app.kubernetes.io/component: dex-server
|
|
app.kubernetes.io/managed-by: Helm
|
|
app.kubernetes.io/part-of: argocd
|
|
app.kubernetes.io/version: "v3.3.4"
|
|
spec:
|
|
replicas: 1
|
|
revisionHistoryLimit: 3
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
app.kubernetes.io/instance: argocd
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
checksum/cmd-params: 362141fbaf5ddcad145ee51a3a6db083fab8509f6c73479f1359ffe75d7589be
|
|
checksum/cm: 7e934038471270914ddb1112d29a81a9239f0edb8dece4e96029b7edee00e3a2
|
|
labels:
|
|
helm.sh/chart: argo-cd-9.4.15
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
app.kubernetes.io/instance: argocd
|
|
app.kubernetes.io/component: dex-server
|
|
app.kubernetes.io/managed-by: Helm
|
|
app.kubernetes.io/part-of: argocd
|
|
app.kubernetes.io/version: "v3.3.4"
|
|
spec:
|
|
terminationGracePeriodSeconds: 30
|
|
serviceAccountName: argocd-dex-server
|
|
automountServiceAccountToken: true
|
|
containers:
|
|
- name: dex-server
|
|
image: ghcr.io/dexidp/dex:v2.45.1
|
|
imagePullPolicy: IfNotPresent
|
|
command:
|
|
- /shared/argocd-dex
|
|
args:
|
|
- rundex
|
|
env:
|
|
- name: ARGOCD_DEX_SERVER_LOGFORMAT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: dexserver.log.format
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_DEX_SERVER_LOGLEVEL
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
key: dexserver.log.level
|
|
name: argocd-cmd-params-cm
|
|
optional: true
|
|
- name: ARGOCD_LOG_FORMAT_TIMESTAMP
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: argocd-cmd-params-cm
|
|
key: log.format.timestamp
|
|
optional: true
|
|
- name: ARGOCD_DEX_SERVER_DISABLE_TLS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: argocd-cmd-params-cm
|
|
key: dexserver.disable.tls
|
|
optional: true
|
|
ports:
|
|
- name: http
|
|
containerPort: 5556
|
|
protocol: TCP
|
|
- name: grpc
|
|
containerPort: 5557
|
|
protocol: TCP
|
|
- name: metrics
|
|
containerPort: 5558
|
|
protocol: TCP
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz/live
|
|
port: metrics
|
|
scheme: HTTP
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 10
|
|
timeoutSeconds: 1
|
|
successThreshold: 1
|
|
failureThreshold: 3
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /healthz/ready
|
|
port: metrics
|
|
scheme: HTTP
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 10
|
|
timeoutSeconds: 1
|
|
successThreshold: 1
|
|
failureThreshold: 3
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 64Mi
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
runAsUser: 1001
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- name: static-files
|
|
mountPath: /shared
|
|
- name: dexconfig
|
|
mountPath: /tmp
|
|
- name: argocd-dex-server-tls
|
|
mountPath: /tls
|
|
initContainers:
|
|
- name: copyutil
|
|
image: quay.io/argoproj/argocd:v3.3.4
|
|
imagePullPolicy: IfNotPresent
|
|
command:
|
|
- /bin/cp
|
|
- -n
|
|
- /usr/local/bin/argocd
|
|
- /shared/argocd-dex
|
|
volumeMounts:
|
|
- mountPath: /shared
|
|
name: static-files
|
|
- mountPath: /tmp
|
|
name: dexconfig
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 64Mi
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
runAsUser: 1001
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 100
|
|
podAffinityTerm:
|
|
labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: argocd-dex-server
|
|
topologyKey: kubernetes.io/hostname
|
|
nodeSelector:
|
|
kubernetes.io/os: linux
|
|
volumes:
|
|
- name: static-files
|
|
emptyDir: {}
|
|
- name: dexconfig
|
|
emptyDir: {}
|
|
- name: argocd-dex-server-tls
|
|
secret:
|
|
secretName: argocd-dex-server-tls
|
|
optional: true
|
|
items:
|
|
- key: tls.crt
|
|
path: tls.crt
|
|
- key: tls.key
|
|
path: tls.key
|
|
- key: ca.crt
|
|
path: ca.crt
|
|
dnsPolicy: ClusterFirst
|