OneLab Kubernetes GitOps (Argo CD)

- Helm charts: onelab app + observability (Loki/Promtail/Grafana)
- Values under gitops/values/ with public-safe placeholders
- Argo CD Application (spec.sources, 2.6+)

Made-with: Cursor

gitops/values/env-example.yaml

@@ -0,0 +1,48 @@
+# Example environment overrides — copy patterns to a gitignored file (e.g. secrets.local.yaml)
+# and add it to Argo helm.valueFiles after this file so secrets stay out of Git.
+# See gitops/values/README.md and gitops/values/secrets.example.yaml.
+
+registry:
+  createPullSecret: true
+  pullSecretName: hub-andrewalliance
+  server: hub.andrewalliance.com
+  username: public
+  password: "REPLACE_REGISTRY_PASSWORD"
+
+imagePullSecrets:
+  - name: hub-andrewalliance
+
+persistence:
+  mode: hostPath
+  hostPath:
+    data: /opt/onelab/data
+    logs: /opt/onelab/logs
+
+postgresql:
+  auth:
+    password: "REPLACE_POSTGRES_PASSWORD"
+
+onelab:
+  domain: "https://onelab.example.com"
+  secrets:
+    authTokenKey: "REPLACE_AUTH_TOKEN_KEY"
+    monitoringToken: "REPLACE_MONITORING_TOKEN"
+    rabbitToken: "REPLACE_RABBIT_TOKEN"
+  intercom:
+    appid: "REPLACE_INTERCOM_APP_ID"
+    secret: "REPLACE_INTERCOM_SECRET"
+
+revproxy:
+  serviceType: ClusterIP
+
+ingress:
+  enabled: true
+  className: traefik
+  host: onelab.example.com
+  path: /
+  pathType: Prefix
+  tls: true
+  tlsSecretName: onelab-tls
+  certManager:
+    clusterIssuer: letsencrypt-prod
+  annotations: {}