stacks/jupyterhub/jupyterhub.yaml

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: jupyterhub
  namespace: argocd
  labels:
    env: dev
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  project: default
  sources:
    - repoURL: 'https://jupyterhub.github.io/helm-chart/'
      targetRevision: 3.3.7
      helm:
        releaseName: jupyterhub
        values: |
          hub:
            baseUrl: /jupyterhub
            extraEnv:
              - name: OAUTH_TLS_VERIFY # for getting around self signed certificate issue
                value: "0"
              - name: OAUTH_CLIENT_SECRET
                valueFrom:
                  secretKeyRef:
                    name: jupyterhub-oidc
                    key: JUPYTERHUB_OAUTH_CLIENT_SECRET
            config:
              GenericOAuthenticator:
                oauth_callback_url: https://cnoe.localtest.me:8443/jupyterhub/hub/oauth_callback
                client_id: jupyterhub
                authorize_url: https://cnoe.localtest.me:8443/keycloak/realms/cnoe/protocol/openid-connect/auth
                token_url: https://cnoe.localtest.me:8443/keycloak/realms/cnoe/protocol/openid-connect/token
                userdata_url: https://cnoe.localtest.me:8443/keycloak/realms/cnoe/protocol/openid-connect/userinfo
                scope:
                  - openid
                  - profile
                username_key: "preferred_username"
                login_service: "keycloak"
                allow_all: true # Allows all oauth authenticated users to use Jupyterhub. For finer grained control, you can use `allowed_users`: https://jupyterhub.readthedocs.io/en/stable/tutorial/getting-started/authenticators-users-basics.html#deciding-who-is-allowed
              JupyterHub:
                authenticator_class: generic-oauth
      chart: jupyterhub
    - repoURL: cnoe://jupyterhub
      targetRevision: HEAD
      path: "manifests"
  destination:
    server: "https://kubernetes.default.svc"
    namespace: jupyterhub
  syncPolicy:
    syncOptions:
      - CreateNamespace=true
    automated:
      selfHeal: true
Jupyterhub stack (#21) Signed-off-by: omrishiv <327609+omrishiv@users.noreply.github.com> 2024-08-26 17:18:51 +00:00			`apiVersion: argoproj.io/v1alpha1`
			`kind: Application`
			`metadata:`
			`name: jupyterhub`
			`namespace: argocd`
			`labels:`
			`env: dev`
			`finalizers:`
			`- resources-finalizer.argocd.argoproj.io`
			`spec:`
			`project: default`
			`sources:`
			`- repoURL: 'https://jupyterhub.github.io/helm-chart/'`
			`targetRevision: 3.3.7`
			`helm:`
			`releaseName: jupyterhub`
			`values: \|`
			`hub:`
			`baseUrl: /jupyterhub`
			`extraEnv:`
			`- name: OAUTH_TLS_VERIFY # for getting around self signed certificate issue`
			`value: "0"`
			`- name: OAUTH_CLIENT_SECRET`
			`valueFrom:`
			`secretKeyRef:`
			`name: jupyterhub-oidc`
			`key: JUPYTERHUB_OAUTH_CLIENT_SECRET`
			`config:`
			`GenericOAuthenticator:`
			`oauth_callback_url: https://cnoe.localtest.me:8443/jupyterhub/hub/oauth_callback`
			`client_id: jupyterhub`
			`authorize_url: https://cnoe.localtest.me:8443/keycloak/realms/cnoe/protocol/openid-connect/auth`
			`token_url: https://cnoe.localtest.me:8443/keycloak/realms/cnoe/protocol/openid-connect/token`
			`userdata_url: https://cnoe.localtest.me:8443/keycloak/realms/cnoe/protocol/openid-connect/userinfo`
			`scope:`
			`- openid`
			`- profile`
			`username_key: "preferred_username"`
			`login_service: "keycloak"`
			allow_all: true # Allows all oauth authenticated users to use Jupyterhub. For finer grained control, you can use `allowed_users`: https://jupyterhub.readthedocs.io/en/stable/tutorial/getting-started/authenticators-users-basics.html#deciding-who-is-allowed
			`JupyterHub:`
			`authenticator_class: generic-oauth`
			`chart: jupyterhub`
			`- repoURL: cnoe://jupyterhub`
			`targetRevision: HEAD`
			`path: "manifests"`
			`destination:`
			`server: "https://kubernetes.default.svc"`
			`namespace: jupyterhub`
			`syncPolicy:`
			`syncOptions:`
			`- CreateNamespace=true`
			`automated:`
			`selfHeal: true`