{{- define "argo-values" }}

argo-cd:
  enabled: {{ default "false" (index .Values "argo" "argo-cd" "enabled") }}

  configs:
    {{- with index .Values "argo" "argo-cd" "configs" }}
    {{- toYaml . | nindent 4 }}
    {{- end }}
    params:
    {{- if not $.Values.global.highAvailable }}
      # Reduce load on API server on single node control plane
      controller.status.processors: 2
      controller.operation.processors: 1
      controller.kubectl.parallelism.limit: 1
    {{- else }}
      controller.status.processors: 8
      controller.operation.processors: 4
      controller.kubectl.parallelism.limit: 4
    {{- end }}

  controller:
    metrics:
      enabled: {{ .Values.metrics.enabled }}
  repoServer:
    {{- with index .Values "argo" "argo-cd" "repoServer" }}
    {{- toYaml . | nindent 4 }}
    {{- end }}

    metrics:
      enabled: {{ .Values.metrics.enabled }}

    volumes:
      - name: cmp-tmp
        emptyDir: {}
    {{- if eq .Values.global.platform "aws" }}
      {{- include "aws-iam-volumes" . | nindent 6 }}

    env:
      {{- include "aws-iam-env" (merge (dict "roleName" "argocd-repo-server") .) | nindent 6 }}
    volumeMounts:
      {{- include "aws-iam-volumemounts" . | nindent 6 }}

    extraContainers:
      - name: cmp-kubezero-git-sync
        image: '{{ "{{" }} default .Values.global.image.repository .Values.repoServer.image.repository {{ "}}" }}:{{ "{{" }} default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag {{ "}}" }}'
        imagePullPolicy: '{{ "{{" }} default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy {{ "}}" }}'
        command: ["/var/run/argocd/argocd-cmp-server"]
        env:
          {{- include "aws-iam-env" (merge (dict "roleName" "argocd-repo-server") .) | nindent 10 }}
        volumeMounts:
          - mountPath: /var/run/argocd
            name: var-files
          - mountPath: /home/argocd/cmp-server/plugins
            name: plugins
          - mountPath: /tmp
            name: cmp-tmp
          {{- include "aws-iam-volumemounts" . | nindent 10 }}
        securityContext:
          runAsNonRoot: true
          readOnlyRootFilesystem: true
          runAsUser: 999
          allowPrivilegeEscalation: false
          seccompProfile:
            type: RuntimeDefault
          capabilities:
            drop:
            - ALL
    {{- end }}

  server:
    metrics:
      enabled: {{ .Values.metrics.enabled }}

  {{- if and ( index .Values "argo" "argo-cd" "istio" "enabled" ) .Values.istio.enabled }}
  istio:
    {{- with index .Values "argo" "argo-cd" "istio" }}
    {{- toYaml . | nindent 4 }}
    {{- end }}
  {{- end }}

  {{- with index .Values "argo" "argo-cd" "kubezero" }}
  kubezero:
  {{- toYaml . | nindent 4 }}
  {{- end }}

argocd-image-updater:
  enabled: {{ default "false" (index .Values "argo" "argocd-image-updater" "enabled") }}

  {{- with omit (index .Values "argo" "argocd-image-updater") "enabled" }}
  {{- toYaml . | nindent 2 }}
  {{- end }}

  {{- if eq .Values.global.platform "aws" }}
  extraEnv:
    {{- include "aws-iam-env" (merge (dict "roleName" "argocd-image-updater") .) | nindent 4 }}
  volumes:
    {{- include "aws-iam-volumes" . | nindent 4 }}
  volumeMounts:
    {{- include "aws-iam-volumemounts" . | nindent 4 }}
  {{- end }}

  metrics:
    enabled: {{ .Values.metrics.enabled }}

{{- end }}

{{- define "argo-argo" }}
{{- end }}

{{ include "kubezero-app.app" . }}