OIDC for argo

README.md

@@ -27,6 +27,10 @@ kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.pas
 ```
 kubectl apply -f application-cluster-kaisers-info.yaml
 ```
+MISSING: argo cli call to sync applications
+```
+kubectl apply -f gitops-kaisers-info/templates/argocd-kaisers-info-secrets-sealed.yaml 
+```
 
 ### GitOps
 ```

gitops-kaisers-info/templates/argocd.yaml

@@ -40,17 +40,17 @@ spec:
           extraArgs:
             - --insecure
 
-          #config:
-          #  oidc.config: |
-          #    name: Authentik
-          #    issuer: https://authentik.kaisers.info/TENANT_ID/v2.0
-          #    clientID: $argocd-kaisers-info-secrets:oidc.auth0.clientID
-          #    clientSecret: $argocd-kaisers-info-secrets:oidc.auth0.clientSecret
-          #    requestedIDTokenClaims:
-          #      groups:
-          #        essential: true
-          #   requestedScopes:
-          #     - openid
-          #     - profile
-          #     - email
+          config:
+            oidc.config: |
+              name: Authentik
+              issuer: https://authentik.kaisers.info/TENANT_ID/v2.0
+              clientID: $argocd-kaisers-info-secrets:oidc.auth0.clientID
+              clientSecret: $argocd-kaisers-info-secrets:oidc.auth0.clientSecret
+              requestedIDTokenClaims:
+                groups:
+                  essential: true
+             requestedScopes:
+               - openid
+               - profile
+               - email