{{- define "argo-values" }}

argo-cd:
  enabled: {{ default "false" (index .Values "argo" "argo-cd" "enabled") }}
  {{- with index .Values "argo" "argo-cd" "configs" }}
  configs:
    {{- toYaml . | nindent 4 }}
  {{- end }}

  controller:
    metrics:
      enabled: {{ .Values.metrics.enabled }}
  repoServer:
    metrics:
      enabled: {{ .Values.metrics.enabled }}
    {{- with index .Values "argo" "argo-cd" "repoServer" }}
    {{- toYaml . | nindent 4 }}
    {{- end }}
  server:
    metrics:
      enabled: {{ .Values.metrics.enabled }}

  {{- if and ( index .Values "argo" "argo-cd" "istio" "enabled" ) .Values.istio.enabled }}
  istio:
    {{- with index .Values "argo" "argo-cd" "istio" }}
    {{- toYaml . | nindent 4 }}
    {{- end }}
  {{- end }}

argocd-apps:
  enabled: {{ default "false" (index .Values "argo" "argo-cd" "enabled") }}
  projects:
    kubezero:
      namespace: argocd
      description: KubeZero - ZeroDownTime Kubernetes Platform
      sourceRepos:
      - {{ .Values.kubezero.repoURL }}
      {{- with .Values.kubezero.gitSync.repoURL }}
      - {{ . }}
      {{- end }}
      destinations:
      - namespace: '*'
        server: https://kubernetes.default.svc
      clusterResourceWhitelist:
      - group: '*'
        kind: '*'
  applications:
    kubezero-git-sync:
      namespace: argocd
      project: kubezero
      source:
        repoURL: {{ .Values.kubezero.gitSync.repoURL }}
        targetRevision: {{ .Values.kubezero.gitSync.targetRevision }}
        path: {{ .Values.kubezero.gitSync.path }}

        directory:
          recurse: true

      destination:
        server: https://kubernetes.default.svc
        namespace: argocd

      syncPolicy:
        {{- toYaml (default dict .Values.kubezero.syncPolicy) | nindent 8 }}

argocd-image-updater:
  enabled: {{ default "false" (index .Values "argo" "argocd-image-updater" "enabled") }}

  {{- with omit (index .Values "argo" "argocd-image-updater") "enabled" }}
  {{- toYaml . | nindent 2 }}
  {{- end }}

  {{- if .Values.global.aws }}
  extraEnv:
    - name: AWS_ROLE_ARN
      value: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.argocd-image-updater"
    - name: AWS_WEB_IDENTITY_TOKEN_FILE
      value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
    - name: AWS_STS_REGIONAL_ENDPOINTS
      value: "regional"
    - name: METADATA_TRIES
      value: "0"
    - name: AWS_REGION
      value: {{ .Values.global.aws.region }}
  volumes:
  - name: aws-token
    projected:
      sources:
      - serviceAccountToken:
          path: token
          expirationSeconds: 86400
          audience: "sts.amazonaws.com"
  volumeMounts:
  - name: aws-token
    mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
    readOnly: true
  {{- end }}

  metrics:
    enabled: {{ .Values.metrics.enabled }}

{{- end }}

{{- define "argo-argo" }}
{{- end }}

{{ include "kubezero-app.app" . }}