Open
Description
Is your feature request related to a problem? Please describe.
For now it's not possible to mount custom root-ca certificates to the dex container for allowing OIDC connections to servers secured by a private CA.
Describe the solution you'd like
Add new parameters in ArgoCD crd for modifying the dex deployment:
- .spec.sso.dex.volumes
- .spec.sso.dex.volumeMounts
Similar settings are already existing for other argocd deployments e.g.
- .spec.controller.volumes and
- .spec.controller.volumeMounts
Describe alternatives you've considered
As a workaround it is possible:
- to disable verifying certificates in the dex config. But this isn't secure.
- Volume mounting is also possible with a manual customization of the deployment manifest, after it was created by the operator. But this could lead to a loss of the mount after changing dex config in the ArgoCD crd