apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: ${cluster_name}-cluster
  labels:
    cluster: ${cluster_name}
    app: infrastructure
  namespace: argocd
  annotations:
    %{~ for a in argocd_annotations ~}
    ${a}
    %{~ endfor ~}
spec:
  project: ${cluster_name}
  destination:
    server: https://kubernetes.default.svc
    namespace: argocd
  syncPolicy:
    %{~ if argocd_sync ~}
    automated:
      prune: true
      selfHeal: true
      allowEmpty: false
    %{~ endif ~}
    syncOptions:
      - CreateNamespace=true
  source:
    repoURL: ${argocd_repo_url}
    path: charts/apps
    targetRevision: ${argocd_repo_version}
    helm:
      version: v3
      releaseName: ${cluster_name}
      values: |
        cluster:
          name: ${cluster_name}
          url: ${argocd_url}
          rancher:
            id: ${cluster_kube_id}

        openstack:
          project: ${openstack_project}
          auth_url: ${openstack_url}
          region: ${openstack_region_name}
          credential_id: ${openstack_credential_id}
          credential_secret: ${openstack_credential_secret}

        sync: ${argocd_sync}

        notifications:
          %{~ for a in argocd_annotations ~}
          ${a}
          %{~ endfor ~}

        metallb:
          enabled: ${metallb_enabled}
          %{~ if metallb_enabled ~}
          addresses:
          %{~ for ip in floating_ip ~}
            %{~ if ip.private_ip != "" ~}
            - ${ip.private_ip}/32
            %{~ endif ~}
          %{~ endfor ~}
          %{~ endif ~}

        ingresscontroller:
          enabled: ${ingress_controller_enabled}
          %{~ if ingress_controller_enabled ~}
          %{~ if ingress_controller == "traefik2" ~}
          class: traefik
          %{~ else ~}
          class: ${ingress_controller}
          %{~ endif ~}
          %{~ if length(floating_ip) > 0 ~}
          publicIP: ${floating_ip[0].public_ip}
          privateIP: ${floating_ip[0].private_ip}
          %{~ endif ~}
          %{~ if ingress_controller == "traefik" ||  ingress_controller == "traefik2" ~}
          traefik:
            storageClass: "${traefik_storageclass}"
            acme:
              staging: ${acme_staging} 
              %{~ if (acme_staging) ~}
              server: https://acme-staging-v02.api.letsencrypt.org/directory
              %{~ else ~}
              server: https://acme-v02.api.letsencrypt.org/directory
              %{~ endif ~}
              email: ${acme_email}
            ports:
              ${traefik_ports}
          %{~ endif ~}
          %{~ endif ~}

        sealedsecrets:
          enabled: ${sealedsecrets_enabled}

        monitoring:
          enabled: ${monitoring_enabled}

        healthmonitor:
          enabled: ${healthmonitor_enabled}
          %{~ if healthmonitor_enabled ~}
          nfs: ${healthmonitor_nfs}
          existingSecret: ${healthmonitor_secrets}
          %{~ endif ~}

        nfs:
          enabled: ${nfs_enabled}
          %{~ if nfs_enabled ~}
          servers:
            taiga:
              server: taiga-nfs.ncsa.illinois.edu
              path: "/taiga/ncsa/radiant/${openstack_project}"
              defaultClass: true
          %{~ endif ~}

        longhorn:
          enabled: ${longhorn_enabled}
          %{~ if longhorn_enabled ~}
          replicas: ${longhorn_replicas}
          %{~ endif ~}

        cinder:
          enabled: ${cinder_enabled}

        manila:
          enabled: ${manila_enabled}
          %{~ if manila_enabled ~}
          protocols:
          %{~ if manila_nfs_enabled ~}
            - name: NFS
              storageClass: true
              fsGroupPolicy: None
              type: default
          %{~ endif ~}
          %{~ if manila_cephfs_enabled ~}
            - name: CEPHFS
              storageClass: true
              fsGroupPolicy: None
              type: ${manila_cephfs_type}
          %{~ endif ~}
          %{~ endif ~}