apps
infrastructure
argocd
argo-apps.application.yaml
argocd-cmd-params.configmap.yaml
argocd-oauth.configmap.yaml
argocd-oauth.sealedsecret.yaml
argocd-rbac.configmap.yaml
argocd.configmap.yaml
bootstrap-repo.sealedsecret.yaml
ingress.yaml
known-hosts.configmap.yaml
kustomization.yaml
namespace.yaml
servicemonitor.yaml
authelia
backup
external
external-dns
gitea
metallb-system
monitoring
nfs-provisioner
pg-ha
renovate
sealedsecrets
traefik-system
kluster-deployments
.gitignore
README.md
renovate.json
12 lines
307 B
YAML
12 lines
307 B
YAML
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: argocd-rbac-cm
|
|
data:
|
|
policy.csv: |
|
|
# use oidc group apps_admin as admin group in argocd
|
|
g, apps_admin, role:admin
|
|
g, argocd, role:readonly
|
|
# all other user that might have entered via oidc, are blocked: deny everything
|
|
policy.default: deny
|