From 7b2002088b00bec44cd398920c39199f2325447c Mon Sep 17 00:00:00 2001 From: Aaron Riedel Date: Sun, 29 Sep 2024 18:03:01 +0200 Subject: [PATCH] add oidc to argocd --- argocd/cm.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/argocd/cm.yaml b/argocd/cm.yaml index ac7cc39..c661353 100644 --- a/argocd/cm.yaml +++ b/argocd/cm.yaml @@ -22,6 +22,16 @@ data: - CiliumIdentity clusters: - "*" + url: https://aaron-argo.services.yolokube.de + oidc.config: | + name: aaronID + issuer: https://auth.ar21.de/application/o/vcluster-argocd/ + clientID: PaYnOPK9WlGlHe6BRdB20lJVUFwbJAKslLkEMk22 + clientSecret: $oidc.aaronid.clientSecret + + # Optional set of OIDC scopes to request. If omitted, defaults to: ["openid", "profile", "email", "groups"] + requestedScopes: ["openid", "profile", "email"] + logoutURL: https://auth.ar21.de/application/o/vcluster-argocd/end-session/ --- kind: ConfigMap apiVersion: v1 @@ -33,3 +43,16 @@ metadata: app.kubernetes.io/part-of: argocd data: server.insecure: "true" +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: argocd-rbac-cm + namespace: argocd + labels: + app.kubernetes.io/instance: argocd-ingress + app.kubernetes.io/name: argocd-cm + app.kubernetes.io/part-of: argocd +data: + policy.csv: | + g, ar21-general, role:admin