infra
/
kubernetes
1
0
Fork 0
Code Pull Requests 4 Activity

argocd: Configure SSO for CLI 

The `argocd` command needs to have its own OIDC client configuration,
since it works like a "public" client.  To log in, run

```sh
argocd login argocd.pyrocufflink.blue --sso
```
dch-webhooks-secrets
Dustin 2023-10-14 11:11:54 -05:00
parent e6f0261a44
commit 629d1bb93a
3 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
argocd/argocd-cm.yml
View File

@ -1,7 +0,0 @@
url: https://argocd.pyrocufflink.blue
oidc.config: |
name: Authelia
issuer: https://auth.pyrocufflink.blue
clientID: argocd
clientSecret: $oidc.authelia.clientSecret

1
argocd/oidc.config
View File

@ -2,3 +2,4 @@ name: Authelia
issuer: https://auth.pyrocufflink.blue issuer: https://auth.pyrocufflink.blue
clientID: argocd clientID: argocd
clientSecret: $oidc.authelia.clientSecret clientSecret: $oidc.authelia.clientSecret
cliClientID: argocd-cli

13
authelia/configuration.yml
View File

@ -67,10 +67,23 @@ identity_providers:
pre_configured_consent_duration: 7d pre_configured_consent_duration: 7d
- id: argocd - id: argocd
description: Argo CD description: Argo CD
pre_configured_consent_duration: 7d
redirect_uris: redirect_uris:
- https://argocd.pyrocufflink.blue/auth/callback - https://argocd.pyrocufflink.blue/auth/callback
secret: >- secret: >-
$pbkdf2-sha512$310000$l/uOezgWjqe3boGLYAnKcg$uqn1FC8Lj2y1NG5Q91PeLfLLUQ.qtlKFLd0AWJ56owLME9mV/Zx8kQ2x7OS/MOoMLmUgKd4zogYKab2HGFr0kw $pbkdf2-sha512$310000$l/uOezgWjqe3boGLYAnKcg$uqn1FC8Lj2y1NG5Q91PeLfLLUQ.qtlKFLd0AWJ56owLME9mV/Zx8kQ2x7OS/MOoMLmUgKd4zogYKab2HGFr0kw
- id: argocd-cli
description: argocd CLI
public: true
pre_configured_consent_duration: 7d
redirect_uris:
- http://localhost:8085/auth/callback
scopes:
- openid
- profile
- email
- groups
- offline_access
log: log:
level: trace level: trace