---
kind: ConfigMap
apiVersion: v1
metadata:
  name: argocd-cm
  namespace: argocd
  labels:
    app.kubernetes.io/instance: argocd-ingress
    app.kubernetes.io/name: argocd-cm
    app.kubernetes.io/part-of: argocd
data:
  kustomize.buildOptions: "--enable-alpha-plugins --enable-exec"
  statusbadge.enabled: "true"
  resource.customizations: |
    networking.k8s.io/Ingress:
      health.lua: |
        hs = {}
        hs.status = "Healthy"
        return hs
  resource.exclusions: |
   - apiGroups:
       - cilium.io
     kinds:
       - CiliumIdentity
     clusters:
       - "*"
  url: https://aaron-argo.services.yolokube.de
  oidc.config: |
    name: aaronID
    issuer: https://auth.ar21.de/application/o/vcluster-argocd/
    clientID: PaYnOPK9WlGlHe6BRdB20lJVUFwbJAKslLkEMk22
    clientSecret: $oidc.aaronid.clientSecret

    # Optional set of OIDC scopes to request. If omitted, defaults to: ["openid", "profile", "email", "groups"]
    requestedScopes: ["openid", "profile", "email"]
    logoutURL: https://auth.ar21.de/application/o/vcluster-argocd/end-session/
---
kind: ConfigMap
apiVersion: v1
metadata:
  name: argocd-cmd-params-cm
  namespace: argocd
  labels:
    app.kubernetes.io/instance: argocd-ingress
    app.kubernetes.io/name: argocd-cm
    app.kubernetes.io/part-of: argocd
data:
  server.insecure: "true"
---
kind: ConfigMap
apiVersion: v1
metadata:
  name: argocd-rbac-cm
  namespace: argocd
  labels:
    app.kubernetes.io/instance: argocd-ingress
    app.kubernetes.io/name: argocd-cm
    app.kubernetes.io/part-of: argocd
data:
  policy.csv: |
    g, ar21-general, role:admin