kubezero:
  global:
    # kubezero.global.defaultDestination -- Destination cluster
    defaultDestination:
      server: https://kubernetes.default.svc

    # This repoURL is used a base for all the repoURLs applications
    # Setting this to a eg. private git repo incl. the use of pathPrefix allows kubezero to be
    # integrated into any repository as a git subtree if for example public internet access is unavailable
    defaultSource:
      # kubezero.global.defaultSource.repoURL -- default repository for argocd applications
      repoURL: https://github.com/zero-down-time/kubezero
      # kubezero.global.defaultSource.targetRevision -- default tracking of repoURL
      targetRevision: HEAD
      # kubezero.global.defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees
      pathPrefix: ''

    # syncPolicy, details see: https://argoproj.github.io/argo-cd/user-guide/auto_sync
    #syncPolicy:
    #  automated:
    #    prune: true

argo-cd:
  installCRDs: false

  #configs:
  #  secret:
  #    `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'`
  #    argocdServerAdminPassword: "$2a$10$ivKzaXVxMqdeDSfS3nqi1Od3iDbnL7oXrixzDfZFRHlXHnAG6LydG"
  #    argocdServerAdminPasswordMtime: "2020-04-24T15:33:09BST"

  global:
    image:
      tag: v1.7.8

  controller:
    args:
      statusProcessors: "4"
      operationProcessors: "2"
      appResyncPeriod: "300"
    logFormat: json

    metrics:
      enabled: false
      serviceMonitor:
        enabled: true
        namespace: monitoring
        additionalLabels:
          release: metrics

    resources:
      # limits:
        # cpu: 500m
        # memory: 2048Mi
      requests:
        cpu: 100m
        memory: 256Mi

  repoServer:
    logFormat: json
    metrics:
      enabled: false
      serviceMonitor:
        enabled: true
        namespace: monitoring
        additionalLabels:
          release: metrics

  server:
    logFormat: json
    config:
      # argo-cd.server.config.url -- ArgoCD hostname to be exposed via Istio
      url: argocd.example.com

      resource.customizations: |
        cert-manager.io/Certificate:
          # Lua script for customizing the health status assessment
          health.lua: |
            hs = {}
            if obj.status ~= nil then
              if obj.status.conditions ~= nil then
                for i, condition in ipairs(obj.status.conditions) do
                  if condition.type == "Ready" and condition.status == "False" then
                    hs.status = "Degraded"
                    hs.message = condition.message
                    return hs
                  end
                  if condition.type == "Ready" and condition.status == "True" then
                    hs.status = "Healthy"
                    hs.message = condition.message
                    return hs
                  end
                end
              end
            end
            hs.status = "Progressing"
            hs.message = "Waiting for certificate"
            return hs

    # Rename former https port to grpc, works with istio + insecure
    service:
      servicePortHttpsName: grpc

    metrics:
      enabled: false
      serviceMonitor:
        enabled: true
        namespace: monitoring
        additionalLabels:
          release: metrics

    extraArgs:
    - --insecure

  # redis:
  # We might want to try to keep redis close to the controller
  #   affinity:

  dex:
    enabled: false

  istio:
    # argo-cd.istio.enabled -- Deploy Istio VirtualService to expose ArgoCD
    enabled: false
    # argo-cd.istio.gateway -- Name of the Istio gateway to add the VirtualService to
    gateway: istio-system/ingressgateway
    ipBlocks: []