Merge branch 'feat-argocd-sso' into 'master'

feat argocd sso See merge request platform-one/big-bang/bigbang!228

Merge branch 'feat-argocd-sso' into 'master'
b02f5275 · runyontr · b6c6a9a5 · e5c3408b · b02f5275 · b02f5275
Commit b02f5275 authored 4 years ago by runyontr
--- a/chart/templates/argocd/argocd-helmrelease.yaml
+++ b/chart/templates/argocd/argocd-helmrelease.yaml
@@ -57,7 +57,20 @@ spec:
    server:
      config:
        url: https://argocd.{{ .Values.hostname }}
-
+    {{- if .Values.addons.argocd.sso.enabled }}
+    sso:
+      enabled: {{ .Values.addons.argocd.sso.enabled }}
+      rbac:
+        policy.csv: {{- toYaml .Values.addons.argocd.sso.groups | nindent 8 }}
+      keycloakClientSecret: {{ .Values.addons.argocd.sso.client_secret }}
+      config:
+        oidc.config: |
+          name: {{ .Values.addons.argocd.sso.provider_name }}
+          issuer: https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}
+          clientID: {{ .Values.addons.argocd.sso.client_id }}
+          clientSecret: $oidc.keycloak.clientSecret
+          requestedScopes: ["openid","ArgoCD"]
+    {{- end }}
  {{- if or .Values.monitoring.enabled .Values.istio.enabled }}
  dependsOn:
  {{- if .Values.istio.enabled }}
@@ -69,4 +82,4 @@ spec:
    namespace: {{ .Release.Namespace }}
  {{- end }}
  {{- end }}
-{{- end }}
\ No newline at end of file
+{{- end }}
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -196,6 +196,13 @@ addons:
      repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/argocd.git
      path: "./chart"
      tag: "2.9.5-bb.4"
+    sso:
+      enabled: false
+      client_id: "" # sso clientID example: platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-argocd
+      provider_name: "" # login as name example: P1 SSO
+      client_secret: ""  # for dev this can be set to anything
+      groups: |
+        g, Impact Level 2 Authorized, role:admin
    values: {}

  authservice: