adds argocd application for argocd-sso

template/stacks/core/argocd-sso.yaml

@@ -0,0 +1,29 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: argocd-sso
+  namespace: argocd
+  labels:
+    env: dev
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder
+    targetRevision: HEAD
+    path: "stacks/core/argocd-sso"
+  destination:
+    server: "https://kubernetes.default.svc"
+    namespace: monitoring
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+    automated:
+      selfHeal: true
+    retry:
+      limit: -1
+      backoff:
+        duration: 15s
+        factor: 1
+        maxDuration: 15s

template/stacks/core/argocd-sso/argocd-secret.yaml

@@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: auth-generic-oauth-secret
+  namespace: argocd 
+spec:
+  secretStoreRef:
+    name: keycloak
+    kind: ClusterSecretStore
+  refreshInterval: "0"
+  target:
+    name: auth-generic-oauth-secret
+    template:
+      engineVersion: v2
+      data:
+        client_secret: "{{.ARGOCD_CLIENT_SECRET}}"
+  data:
+    - secretKey: ARGOCD_CLIENT_SECRET
+      remoteRef:
+        key: keycloak-clients
+        property: ARGOCD_CLIENT_SECRET

template/stacks/core/argocd/argocd-sso/argocd-secret.yaml

@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  labels:
-    app.kubernetes.io/part-of: argocd
-  name: keycloak-oidc
-  namespace: argocd
-type: Opaque
-data:
-  clientSecret: RktYc3hFWXJabW5RbnlmdDdKbXpUUTF6OEZvalV1cnUK
-immutable: false

template/stacks/ref-implementation/keycloak/manifests/keycloak-config.yaml

@@ -500,5 +500,4 @@ spec:
                 ARGOCD_CLIENT_ID: argocd
               " > /tmp/secret.yaml
               
-              ./kubectl apply -f /tmp/secret.yaml
-              
+              ./kubectl apply -f /tmp/secret.yaml