helm部署argocd

# 添加argo repo
helm repo add argo https://argoproj.github.io/argo-helm

# 查看argo repo版本信息
# helm search repo argo

# 安装argocd
helm install -f argocd-values.yaml argocd argo/argo-cd

global:
  domain: argocd.lukelui.com

configs:
  params:
    server.insecure: true
  repositories:
    infra-charts:
      url: https://gitlab.lukelui.com/devops/infra-charts.git
      name: infra-charts
      type: git
      password: xxx
      username: argocd-test
  cm:
    exec.enabled: true
    oidc.config: |
      name: Keycloak
      issuer: https://keycloak.lukelui.com/realms/luke
      clientID: argocd-test
      clientSecret: xxxx
      requestedScopes: ["openid", "email", "groups"]
    resource.customizations: |
      networking.k8s.io/Ingress:
        health.lua: |
          local hs = {
            status = "Progressing",
          }
          if obj.metadata.annotations ~= nil and obj.metadata.annotations["crypto.op/argocd-ignore"] ~= nil then
            hs.status = "Healthy"
            hs.message = "Ignore"
            return hs
          end
          if obj.status.loadBalancer ~= nil then
            if obj.status.loadBalancer.ingress ~= nil then
              if #obj.status.loadBalancer.ingress > 0 then
                hs.status = "Healthy"
              end
            end
          end
          return hs
  rbac:
    policy.default: 'role:dummy'
    policy.csv: |
      p, role:image-updater, applications, get, */*, allow
      p, role:image-updater, applications, update, */*, allow
      g, image-updater, role:image-updater

      g, role:admindev, role:admin
      p, role:admindev, projects, *, devops, deny
      p, role:admindev, applications, *, devops/*, deny

      g, rd, role:admindev
      g, qa, role:admindev
      g, op, role:admin
  secret:
    gitlabSecret: gitlabtokenforwebhook
    # argocdServerAdminPassword: Aa123456

controller:
  resources:
    limits:
      cpu: 1000m
      memory: 2Gi
    requests:
      cpu: 100m
      memory: 256Mi

dex:
  resources:
    limits:
      cpu: 50m
      memory: 64Mi
    requests:
      cpu: 10m
      memory: 32Mi

redis:
  resources:
    limits:
      cpu: 200m
      memory: 512Mi
    requests:
      cpu: 50m
      memory: 128Mi

server:
  resources:
    limits:
      cpu: 1000m
      memory: 1Gi
    requests:
      cpu: 50m
      memory: 258Mi
  ingress:
    enabled: true
    ingressClassName: "nginx"
    annotations:
      nginx.ingress.kubernetes.io/ssl-passthrough: "true"
      nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
    hosts:
      - argocd.lukelui.com

repoServer:
  resources:
    limits:
      cpu: 2000m
      memory: 2Gi
    requests:
      cpu: 50m
      memory: 128Mi