From f195e594da2473536c5177f6d4d5ec32233b6e50 Mon Sep 17 00:00:00 2001 From: outductor Date: Thu, 21 Dec 2023 12:17:31 +0900 Subject: [PATCH] fix argo workflows --- .../apps/cloudflared-tunnel-exits/http-exits.yaml | 5 ----- .../apps/cloudflared-tunnel-exits/https-exits.yaml | 6 ++++++ .../cluster-wide-apps/app-of-other-apps/argo-workflows.yaml | 1 + 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cloudflared-tunnel-exits/http-exits.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cloudflared-tunnel-exits/http-exits.yaml index 2a6363e36..74f82f172 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cloudflared-tunnel-exits/http-exits.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cloudflared-tunnel-exits/http-exits.yaml @@ -95,11 +95,6 @@ spec: external-hostname: phpmyadmin.onp-k8s.admin.seichi.click internal-authority: "phpmyadmin.seichi-minecraft:80" - # Argo Eventsの管理画面。 - # 今は特に何も表示してないのとSSOを入れるので認証は噛まさない。 - - name: argo-workflows - external-hostname: argo-workflows.onp-k8s.admin.seichi.click - internal-authority: "argo-workflows-server.argo:2746" template: metadata: name: "cloudflared-tunnel-http-exit--{{name}}" diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cloudflared-tunnel-exits/https-exits.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cloudflared-tunnel-exits/https-exits.yaml index 95b25941a..eb547317d 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cloudflared-tunnel-exits/https-exits.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cloudflared-tunnel-exits/https-exits.yaml @@ -19,6 +19,12 @@ spec: external-hostname: argocd.onp-k8s.admin.seichi.click internal-authority: argocd-server.argocd:443 + # Argo Eventsの管理画面。 + # 今は特に何も表示してないのとSSOを入れるので認証は噛まさない。 + - name: argo-workflows + external-hostname: argo-workflows.onp-k8s.admin.seichi.click + internal-authority: argo-workflows-server.argo:2746 + # 管理者からの直アクセスを想定するため、GitHub TeamsによるSSOを設定している # (terraform/cloudflare_network_admin_services.yaml 参照) # diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/argo-workflows.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/argo-workflows.yaml index b64315a4d..06d711c6e 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/argo-workflows.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/argo-workflows.yaml @@ -21,6 +21,7 @@ spec: extraArgs: - --auth-mode=sso sso: + enabled: true issuer: https://argocd.onp-k8s.admin.seichi.click/api/dex # sessionExpiry defines how long your login is valid for in hours. (optional, default: 10h) sessionExpiry: 240h