Skip to content

Files

Latest commit

actions-useractions-user
Update Argo CD version to 2.14.4
Mar 4, 2025
b47892b · Mar 4, 2025

History

History

argocd

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
base
base
Oct 27, 2023
overlays
overlays
Nov 13, 2024
README.md
README.md
Sep 1, 2023
kustomization.yaml
kustomization.yaml
Mar 4, 2025

README.md

Argo CD

This folder contains the configuration-as-code for managing Argo CD itself.

It uses Kustomize for the config management. See the kustomization.yaml for the referenced configurations.

The Argo CD instance can be reached at https://argocd.baloise.dev.

Role Based Access Control (RBAC)

ArgoCD comes with a Bundled Dex OIDC Provider that has several connectors, we use the GitHub connector to manage RBAC. See the SSO Overview part in the Argo CD docs.

The dex GitHub connector options are descibed on this dex GitHub page. You can find our confiugration in overlays/argocd-cm.yaml at dex.config part.

For Role Base Access Control (RBAC) see the RBAC docs for Argo CD. Our configuration is located in overlays/argocd-rbac-cm.yaml. We are heavily relying on the default RBAC config, you can view it here.

The config does basically these things:

  • grant read access for anonymouse users
  • allow synchronization of repositories under the baloise-incubator organisation for members of this org
  • grant Argo CD admin access to a list of specific users

Secrets

Secrets are managed by sealed-secrets. See the docs for our sealed secret app for details.

The secret instances itself are managed by Argo CD, the configuration is located in the base/argocd-sealed-secret.yaml.