155 lines
6.1 KiB
YAML
155 lines
6.1 KiB
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: argocd-apps
|
|
namespace: argocd
|
|
spec:
|
|
destination:
|
|
namespace: argocd
|
|
server: 'https://kubernetes.default.svc'
|
|
source:
|
|
repoURL: 'https://argoproj.github.io/argo-helm'
|
|
targetRevision: {{ .Values.argocd_apps.version }}
|
|
chart: argocd-apps
|
|
helm:
|
|
values: |
|
|
projects:
|
|
# System component project
|
|
- name: sys
|
|
namespace: argocd
|
|
description: sys components project
|
|
sourceRepos:
|
|
- '{{ .Values.cluster_config.manifests }}'
|
|
- 'https://argoproj.github.io/argo-helm'
|
|
- 'https://gitlab.com/oceanbox/manifests.git'
|
|
- 'https://kubernetes-sigs.github.io/metrics-server/'
|
|
- 'https://kubernetes.github.io/ingress-nginx'
|
|
- 'https://cloudnative-pg.github.io/charts'
|
|
- 'https://charts.jetstack.io'
|
|
- 'https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/'
|
|
- 'https://github.com/kubernetes/dashboard'
|
|
- 'https://bitnami-labs.github.io/sealed-secrets'
|
|
- 'https://prometheus-community.github.io/helm-charts'
|
|
- 'https://github.com/prometheus-community/helm-charts.git'
|
|
- 'https://charts.gitlab.io/'
|
|
- 'https://charts.bitnami.com/bitnami'
|
|
- 'https://helm.linkerd.io/stable'
|
|
- 'https://github.com/jaegertracing/jaeger-operator'
|
|
- 'https://kyverno.github.io/kyverno/'
|
|
- 'https://vmware-tanzu.github.io/helm-charts'
|
|
- 'https://grafana.github.io/helm-charts'
|
|
- 'https://charts.enix.io'
|
|
- 'https://helm.mariadb.com/mariadb-operator'
|
|
- 'https://helm.cilium.io'
|
|
- 'https://chartmuseum.github.io/charts'
|
|
- 'https://open-telemetry.github.io/opentelemetry-helm-charts'
|
|
- 'https://strimzi.io/charts'
|
|
- 'https://helm.elastic.co'
|
|
- 'https://1password.github.io/connect-helm-charts'
|
|
- 'https://actions-runner-controller.github.io/actions-runner-controller'
|
|
- 'https://imio.github.io/helm-charts'
|
|
- 'https://docs.altinity.com/clickhouse-operator'
|
|
|
|
destinations:
|
|
- namespace: argocd
|
|
server: https://kubernetes.default.svc
|
|
- namespace: kube-system
|
|
server: https://kubernetes.default.svc
|
|
- namespace: ingress-nginx
|
|
server: https://kubernetes.default.svc
|
|
- namespace: prometheus
|
|
server: https://kubernetes.default.svc
|
|
- namespace: cnpg
|
|
server: https://kubernetes.default.svc
|
|
- namespace: cert-manager
|
|
server: https://kubernetes.default.svc
|
|
- namespace: kubernetes-dashboard
|
|
server: https://kubernetes.default.svc
|
|
- namespace: rabbitmq
|
|
server: https://kubernetes.default.svc
|
|
- namespace: sealed-secrets
|
|
server: https://kubernetes.default.svc
|
|
- namespace: gitlab
|
|
server: https://kubernetes.default.svc
|
|
- namespace: thanos
|
|
server: https://kubernetes.default.svc
|
|
- namespace: linkerd
|
|
server: https://kubernetes.default.svc
|
|
- namespace: linkerd-multicluster
|
|
server: https://kubernetes.default.svc
|
|
- namespace: observability
|
|
server: https://kubernetes.default.svc
|
|
- namespace: kyverno
|
|
server: https://kubernetes.default.svc
|
|
- namespace: velero
|
|
server: https://kubernetes.default.svc
|
|
- namespace: loki
|
|
server: https://kubernetes.default.svc
|
|
- namespace: tempo
|
|
server: https://kubernetes.default.svc
|
|
- namespace: otel
|
|
server: https://kubernetes.default.svc
|
|
- namespace: x509-exporter
|
|
server: https://kubernetes.default.svc
|
|
- namespace: mariadb-operator
|
|
server: https://kubernetes.default.svc
|
|
- namespace: cilium-spire
|
|
server: https://kubernetes.default.svc
|
|
- namespace: cilium-secrets
|
|
server: https://kubernetes.default.svc
|
|
- namespace: actions-runner-controller
|
|
server: https://kubernetes.default.svc
|
|
- namespace: analytics
|
|
server: https://kubernetes.default.svc
|
|
- namespace: clickhouse
|
|
server: https://kubernetes.default.svc
|
|
clusterResourceWhitelist:
|
|
- group: '*'
|
|
kind: '*'
|
|
|
|
{{- if .Values.argo_workflows.enabled }}
|
|
- name: argo-workflows
|
|
namespace: argocd
|
|
description: argo-workflows resources
|
|
sourceRepos:
|
|
- 'https://argoproj.github.io/argo-helm'
|
|
destinations:
|
|
- namespace: argocd
|
|
server: https://kubernetes.default.svc
|
|
{{- range .Values.argo_workflows.allowed_namespaces }}
|
|
- namespace: {{.}}
|
|
server: https://kubernetes.default.svc
|
|
{{- end }}
|
|
namespaceResourceWhitelist:
|
|
- group: "rbac.authorization.k8s.io"
|
|
kind: Role
|
|
- group: "rbac.authorization.k8s.io"
|
|
kind: RoleBinding
|
|
- group: ""
|
|
kind: ConfigMap
|
|
- group: ""
|
|
kind: Secret
|
|
- group: ""
|
|
kind: Service
|
|
- group: ""
|
|
kind: ServiceAccount
|
|
- group: apps
|
|
kind: Deployment
|
|
- group: "monitoring.coreos.com"
|
|
kind: ServiceMonitor
|
|
clusterResourceWhitelist:
|
|
- group: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
- group: rbac.authorization.k8s.io
|
|
kind: ClusterRoleBinding
|
|
- group: apiextensions.k8s.io
|
|
kind: CustomResourceDefinition
|
|
{{- end }}
|
|
project: sys
|
|
syncPolicy:
|
|
automated: {}
|
|
syncOptions:
|
|
- ServerSideApply=true
|
|
- CreateNamespace=true
|
|
- ApplyOutOfSyncOnly=true
|