From 469836cf91ee18a55d53a26cfa8c97ad053c3707 Mon Sep 17 00:00:00 2001
From: nold <nold@gnu.one>
Date: Wed, 14 Feb 2024 10:00:40 +0100
Subject: [PATCH] add(argo-workflows)

---
 projects/workflows/project.yml               |  18 +++
 projects/workflows/values/argo-workflows.yml | 140 +++++++++++++++++++
 2 files changed, 158 insertions(+)
 create mode 100644 projects/workflows/project.yml
 create mode 100644 projects/workflows/values/argo-workflows.yml

diff --git a/projects/workflows/project.yml b/projects/workflows/project.yml
new file mode 100644
index 00000000..5212871c
--- /dev/null
+++ b/projects/workflows/project.yml
@@ -0,0 +1,18 @@
+config:
+  description: Argo-Workflows
+
+apps:
+- name: argo-workflows
+  repoURL: https://argoproj.github.io/argo-helm
+  chart: argo-workflows
+  targetRevision: 0.40.10
+  # secrets:
+  # - name: argocd-secret
+  #   keys:
+  #   - admin.password
+  #   - server.secretkey
+  #   - dex.authentik.clientSecret
+  #   - webhook.gogs.secret
+  # - name: ca-cert
+  #   keys:
+  #   - ca
diff --git a/projects/workflows/values/argo-workflows.yml b/projects/workflows/values/argo-workflows.yml
new file mode 100644
index 00000000..db5627d2
--- /dev/null
+++ b/projects/workflows/values/argo-workflows.yml
@@ -0,0 +1,140 @@
+images:
+  tag: "v3.5.4"
+  pullPolicy: Always
+
+workflow:
+  serviceAccount:
+    create: true
+    name: "argo-workflow"
+  rbac:
+    create: true
+
+controller:
+  image:
+    registry: quay.io
+    repository: argoproj/workflow-controller
+
+  # -- enable Workflow Archive to store the status of workflows. Postgres and MySQL (>= 5.7.8) are available.
+  ## Ref: https://argo-workflows.readthedocs.io/en/stable/workflow-archive/
+  persistence: {}
+  # connectionPool:
+  #   maxIdleConns: 100
+  #   maxOpenConns: 0
+  # # save the entire workflow into etcd and DB
+  # nodeStatusOffLoad: false
+  # # enable archiving of old workflows
+  # archive: false
+  # postgresql:
+  #   host: localhost
+  #   port: 5432
+  #   database: postgres
+  #   tableName: argo_workflows
+  #   # the database secrets must be in the same namespace of the controller
+  #   userNameSecret:
+  #     name: argo-postgres-config
+  #     key: username
+  #   passwordSecret:
+  #     name: argo-postgres-config
+  #     key: password
+  #   ssl: true
+  #   # sslMode must be one of: disable, require, verify-ca, verify-full
+  #   # you can find more information about those ssl options here: https://godoc.org/github.com/lib/pq
+  #   sslMode: require
+
+  # -- Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level.
+  # Only valid for 2.7+
+  ## See more: https://argo-workflows.readthedocs.io/en/stable/default-workflow-specs/
+  workflowDefaults:
+    spec:
+      serviceAccountName: argo-workflow
+  #   spec:
+  #     ttlStrategy:
+  #       secondsAfterCompletion: 84600
+  #     # Ref: https://argo-workflows.readthedocs.io/en/stable/artifact-repository-ref/
+  #     artifactRepositoryRef:
+  #       configMap: my-artifact-repository # default is "artifact-repositories"
+  #       key: v2-s3-artifact-repository # default can be set by the `workflows.argoproj.io/default-artifact-repository` annotation in config map.
+
+  # -- Number of workflow workers
+  workflowWorkers: 2 # 32
+  # -- Number of workflow TTL workers
+  workflowTTLWorkers: 1 # 4
+  # -- Number of pod cleanup workers
+  podCleanupWorkers: 1 # 4
+  # -- Number of cron workflow workers
+  # Only valid for 3.5+
+  cronWorkflowWorkers: 1 # 8
+  # -- Restricts the Workflows that the controller will process.
+  # Only valid for 2.9+
+  workflowRestrictions: {}
+    # templateReferencing: Strict|Secure
+
+  # workflows. This controls where the service account and RBAC resources will
+  # be created. Only valid when singleNamespace is false.
+  workflowNamespaces:
+    - workflows
+
+  extraEnv: []
+    # - name: FOO
+    #   value: "bar"
+
+  navColor: ""
+  clusterWorkflowTemplates:
+    # -- Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates.
+    enabled: true
+
+# mainContainer adds default config for main container that could be overriden in workflows template
+mainContainer:
+  imagePullPolicy: ""
+  resources: {}
+  env: []
+  envFrom: []
+  securityContext: {}
+
+# executor controls how the init and wait container should be customized
+executor:
+  image:
+    registry: quay.io
+    repository: argoproj/argoexec
+    tag: ""
+    pullPolicy: ""
+
+  resources: {}
+  # -- Passes arguments to the executor processes
+  args: []
+  # -- Adds environment variables for the executor.
+  env: []
+  # -- sets security context for the executor container
+  securityContext: {}
+
+server:
+  enabled: true
+  image:
+    registry: quay.io
+    repository: argoproj/argocli
+    tag: ""
+    
+  ## Ingress configuration.
+  # ref: https://kubernetes.io/docs/user-guide/ingress/
+  ingress:
+    # -- Enable an ingress resource
+    enabled: true
+    # -- Additional ingress annotations
+    annotations: 
+      cert-manager.io/cluster-issuer: vault-issuer
+
+    # -- Additional ingress labels
+    labels: {}
+    # -- Defines which ingress controller will implement the resource
+    ingressClassName: "ingress-internal"
+
+    # -- List of ingress hosts
+    ## Hostnames must be provided if Ingress is enabled.
+    ## Secrets must be manually created in the namespace
+    hosts:
+      - workflows.dc
+
+    tls:
+      - secretName: argoworkflows-tls
+        hosts:
+          - workflows.dc