chore(bootstrap): First bootstrap for Artimis cluster

manifests/artimis/argocd/kustomization.yaml

@@ -0,0 +1,84 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - github.com/argoproj/argo-cd/manifests/cluster-install?ref=v2.14.15
+  - ingressRoute.yaml
+  - cert.yaml
+
+patches:
+  - target:
+      kind: ConfigMap
+      name: argocd-cmd-params-cm
+    patch: |-
+      apiVersion: v1
+      kind: ConfigMap
+      metadata:
+        name: argocd-cmd-params-cm
+      data:
+        server.insecure: "true"
+        application.namespaces: "*"
+  - target:
+      kind: ConfigMap
+      name: argocd-rbac-cm
+    patch: |-
+      apiVersion: v1
+      kind: ConfigMap
+      metadata:
+        name: argocd-rbac-cm
+      data:
+        policy.csv: |
+          g, argocd_admins, role:admin
+          p, argocd_users, applications, list, *, allow
+          p, argocd_users, applications, sync, *, allow
+          p, argocd_users, applications, refresh, *, allow
+          p, argocd_users, applications, get, *, allow
+  - target:
+      kind: ConfigMap
+      name: argocd-cm
+    patch: |-
+      apiVersion: v1
+      kind: ConfigMap
+      metadata:
+        name: argocd-cm
+      data:
+        admin.enabled: "false"
+        kustomize.buildOptions: --enable-helm
+        url: https://cd.dgse.cloud
+        oidc.config: |
+          name: DGSE
+          issuer: https://auth.dgse.cloud
+          clientID: 7f58ae97-de06-4de2-9be4-3bac6b58e6e7
+          clientSecret: $oidc.keycloak.clientSecret
+          requestedScopes: ["openid", "profile", "email", "groups"]
+          allowedAudiences:
+          - "7f58ae97-de06-4de2-9be4-3bac6b58e6e7"
+  - target:
+      kind: ClusterRole
+      name: argocd-application-controller
+    patch: |-
+      apiVersion: rbac.authorization.k8s.io/v1
+      kind: ClusterRole
+      metadata:
+        name: argocd-application-controller
+      rules:
+        - apiGroups: ["*"]
+          resources: ["*"]
+          verbs: ["*"]
+  - target:
+      kind: ClusterRoleBinding
+      name: argocd-application-controller
+    patch: |-
+      apiVersion: rbac.authorization.k8s.io/v1
+      kind: ClusterRoleBinding
+      metadata:
+        name: argocd-application-controller
+      subjects:
+        - kind: ServiceAccount
+          name: argocd-application-controller
+          namespace: argocd
+      roleRef:
+        apiGroup: rbac.authorization.k8s.io
+        kind: ClusterRole
+        name: argocd-application-controller