apiVersion: v1 kind: ConfigMap metadata: labels: app.kubernetes.io/name: argocd-cm app.kubernetes.io/part-of: argocd name: argocd-cm namespace: argocd data: oidc.config: | name: Ysoft SSO issuer: https://sso.ysoft.cloud/auth/realms/SafeQEdgeCore clientID: argocd enablePKCEAuthentication: true requestedScopes: ["openid", "profile", "email", "groups"] url: "https://web.argo.ysoft-dev.com" resource.customizations.ignoreResourceUpdates.ConfigMap: | jqPathExpressions: # Ignore the cluster-autoscaler status - '.metadata.annotations."cluster-autoscaler.kubernetes.io/last-updated"' # Ignore the annotation of the legacy Leases election - '.metadata.annotations."control-plane.alpha.kubernetes.io/leader"' resource.customizations.ignoreResourceUpdates.Endpoints: | jsonPointers: - /metadata - /subsets resource.customizations.ignoreResourceUpdates.all: | jsonPointers: - /status resource.customizations.ignoreResourceUpdates.apps_ReplicaSet: | jqPathExpressions: - '.metadata.annotations."deployment.kubernetes.io/desired-replicas"' - '.metadata.annotations."deployment.kubernetes.io/max-replicas"' - '.metadata.annotations."rollout.argoproj.io/desired-replicas"' resource.customizations.ignoreResourceUpdates.argoproj.io_Application: | jqPathExpressions: - '.metadata.annotations."notified.notifications.argoproj.io"' - '.metadata.annotations."argocd.argoproj.io/refresh"' - '.metadata.annotations."argocd.argoproj.io/hydrate"' - '.operation' resource.customizations.ignoreResourceUpdates.argoproj.io_Rollout: | jqPathExpressions: - '.metadata.annotations."notified.notifications.argoproj.io"' resource.customizations.ignoreResourceUpdates.autoscaling_HorizontalPodAutoscaler: | jqPathExpressions: - '.metadata.annotations."autoscaling.alpha.kubernetes.io/behavior"' - '.metadata.annotations."autoscaling.alpha.kubernetes.io/conditions"' - '.metadata.annotations."autoscaling.alpha.kubernetes.io/metrics"' - '.metadata.annotations."autoscaling.alpha.kubernetes.io/current-metrics"' resource.customizations.ignoreResourceUpdates.discovery.k8s.io_EndpointSlice: | jsonPointers: - /metadata - /endpoints - /ports resource.exclusions: | ### Network resources created by the Kubernetes control plane and excluded to reduce the number of watched events and UI clutter - apiGroups: - '' - discovery.k8s.io kinds: - Endpoints - EndpointSlice ### Internal Kubernetes resources excluded reduce the number of watched events - apiGroups: - apiregistration.k8s.io kinds: - APIService - apiGroups: - coordination.k8s.io kinds: - Lease ### Internal Kubernetes Authz/Authn resources excluded reduce the number of watched events - apiGroups: - authentication.k8s.io - authorization.k8s.io kinds: - SelfSubjectReview - TokenReview - LocalSubjectAccessReview - SelfSubjectAccessReview - SelfSubjectRulesReview - SubjectAccessReview ### Intermediate Certificate Request excluded reduce the number of watched events - apiGroups: - certificates.k8s.io kinds: - CertificateSigningRequest - apiGroups: - cert-manager.io kinds: - CertificateRequest ### Cilium internal resources excluded reduce the number of watched events and UI Clutter - apiGroups: - cilium.io kinds: - CiliumIdentity - CiliumEndpoint - CiliumEndpointSlice ### Kyverno intermediate and reporting resources excluded reduce the number of watched events and improve performance - apiGroups: - kyverno.io - reports.kyverno.io - wgpolicyk8s.io kinds: - PolicyReport - ClusterPolicyReport - EphemeralReport - ClusterEphemeralReport - AdmissionReport - ClusterAdmissionReport - BackgroundScanReport - ClusterBackgroundScanReport - UpdateRequest