Updates core stack to support the OSC

template/stacks/core/argocd/values.osc.yaml

@@ -0,0 +1,53 @@
+global:
+  domain: {{ .Values.edfbuilderTargetDomain }}
+
+configs:
+  params:
+    server.insecure: true
+    server.basehref: /argocd
+  cm:
+    application.resourceTrackingMethod: annotation
+    timeout.reconciliation: 60s
+    resource.exclusions: |
+      - apiGroups:
+        - "*"
+        kinds:
+        - ProviderConfigUsage
+      - apiGroups:
+        - cilium.io
+        kinds:
+        - CiliumIdentity
+        clusters:
+        - "*"
+    accounts.provider-argocd: apiKey
+  rbac:
+    policy.csv: 'g, provider-argocd, role:admin'
+
+  tls:
+    certificates:
+
+notifications:
+  enabled: false
+
+dex:
+  enabled: false
+
+server:
+  ingress:
+    enabled: true
+    ingressClassName: nginx
+    annotations:
+      dns.gardener.cloud/class: garden
+      dns.gardener.cloud/dnsnames: {{ .Values.edfbuilderTargetDomain }}
+      dns.gardener.cloud/ttl: "600"
+      nginx.ingress.kubernetes.io/backend-protocol: HTTP
+      nginx.ingress.kubernetes.io/rewrite-target: /$2
+      nginx.ingress.kubernetes.io/use-regex: "true"
+      nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+    path: /argocd(/|$)(.*)
+    pathType: ImplementationSpecific
+    extraTls:
+      - hosts:
+        - {{ .Values.edfbuilderTargetDomain }}
+        secretName: argocd-net-tls
+

template/stacks/core/forgejo/values.osc.yaml

@@ -0,0 +1,75 @@
+redis-cluster:
+  enabled: false
+postgresql:
+  enabled: false
+postgresql-ha:
+  enabled: false
+
+persistence:
+  enabled: true
+  size: 5Gi
+
+test:
+  enabled: false
+
+gitea:
+  admin:
+    existingSecret: gitea-credential
+  config:
+    database:
+      DB_TYPE: sqlite3
+    session:
+      PROVIDER: memory
+    cache:
+      ADAPTER: memory
+    queue:
+      TYPE: level
+    server:
+      DOMAIN: 'gitea.{{ .Values.edfbuilderTargetDomain }}'
+      ROOT_URL: 'https://gitea.{{ .Values.edfbuilderTargetDomain }}:443'
+
+service:
+  ssh:
+    type: NodePort
+    nodePort: 32222
+    externalTrafficPolicy: Local
+
+ingress:
+  # NOTE: The ingress is generated in a later step for path based routing feature See: hack/argo-cd/generate-manifests.sh
+  enabled: true
+  className: nginx
+  annotations:
+    dns.gardener.cloud/class: garden
+    dns.gardener.cloud/dnsnames: gitea.{{ .Values.edfbuilderTargetDomain }}
+    dns.gardener.cloud/ttl: "600"
+    nginx.ingress.kubernetes.io/proxy-body-size: 512m
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+  hosts:
+    - host: gitea.{{ .Values.edfbuilderTargetDomain }}
+      paths:
+      - path: /
+        pathType: Prefix
+  tls:
+    - hosts:
+      - gitea.{{ .Values.edfbuilderTargetDomain }}
+      secretName: forgejo-net-tls
+
+image:
+  pullPolicy: "IfNotPresent"
+  # Overrides the image tag whose default is the chart appVersion.
+  #tag: "8.0.3"
+  # Adds -rootless suffix to image name
+  rootless: true
+
+forgejo:
+  runner:
+    enabled: true
+    image:
+      tag: latest
+    # replicas: 3
+    config:
+      runner:
+        labels:
+          - docker:docker://node:16-bullseye
+          - self-hosted:docker://ghcr.io/catthehacker/ubuntu:act-22.04
+          - ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04

template/stacks/core/ingress-nginx/values.osc.yaml

@@ -0,0 +1,16 @@
+controller:
+  updateStrategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 1
+
+  ingressClassResource:
+    name: nginx
+
+  # added for idpbuilder
+  allowSnippetAnnotations: true
+
+  # added for idpbuilder
+  config: 
+    proxy-buffer-size: 32k
+    use-forwarded-headers: "true"