24 lines
929 B
YAML
24 lines
929 B
YAML
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: argocd-cm
|
|
data:
|
|
url: https://argocd.kluster.moll.re
|
|
|
|
oidc.config: |
|
|
name: Authelia
|
|
issuer: https://auth.kluster.moll.re
|
|
clientID: argocd
|
|
# If you want to store sensitive data in another Kubernetes Secret, instead of argocd-secret. ArgoCD knows to check the keys under data in your Kubernetes Secret for a corresponding key whenever a value in a configmap or secret starts with $, then your Kubernetes Secret name and : (colon).
|
|
clientSecret: $argocd-oauth:client-secret
|
|
|
|
skipAudienceCheckWhenTokenHasNoAudience: true
|
|
|
|
# Optional set of OIDC scopes to request. If omitted, defaults to: ["openid", "profile", "email", "groups"]
|
|
requestedScopes: ["openid", "profile", "email", "groups"]
|
|
|
|
# Optional set of OIDC claims to request on the ID token.
|
|
requestedIDTokenClaims: {"groups": {"essential": true}}
|
|
allowedAudiences:
|
|
- argocd
|
|
|