From aed74785d64f55df1ef612b843d1185cb068bc8f Mon Sep 17 00:00:00 2001
From: Marcel Straub <m@straubs.eu>
Date: Sun, 7 Sep 2025 11:36:40 +0200
Subject: [PATCH 1/2] moved from stonegarden to own labels

---
 02-k8s/infra/application-set.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/02-k8s/infra/application-set.yaml b/02-k8s/infra/application-set.yaml
index 9feb8e6..d43ef02 100644
--- a/02-k8s/infra/application-set.yaml
+++ b/02-k8s/infra/application-set.yaml
@@ -4,7 +4,7 @@ metadata:
   name: infrastructure
   namespace: argocd
   labels:
-    dev.stonegarden: infrastructure
+    s5b.org: infrastructure
 spec:
   generators:
     - git:
@@ -16,7 +16,7 @@ spec:
     metadata:
       name: '{{ path.basename }}'
       labels:
-        dev.stonegarden: infrastructure
+        s5b.org: infrastructure
     spec:
       project: infrastructure
       source:
-- 
2.49.1


From 78a1ec78ce4ecddd778a06fafed9b755e6ee2cea Mon Sep 17 00:00:00 2001
From: Marcel Straub <m@straubs.eu>
Date: Sun, 7 Sep 2025 11:51:09 +0200
Subject: [PATCH 2/2] Applied patch in-hope to fix ArgoCD with helm + kustomize

---
 02-k8s/infra/controllers/argocd/values.yaml | 28 +++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/02-k8s/infra/controllers/argocd/values.yaml b/02-k8s/infra/controllers/argocd/values.yaml
index c95f406..fe02ba4 100644
--- a/02-k8s/infra/controllers/argocd/values.yaml
+++ b/02-k8s/infra/controllers/argocd/values.yaml
@@ -13,6 +13,12 @@ configs:
 
   cmp:
     create: true
+    plugins:
+      kustomize-build-with-helm:
+        generate:
+          command: [ sh, -c ]
+          args: [ kustomize build --enable-helm ]
+
   params:
     controller.diff.server.side: true
     server.insecure: false
@@ -96,6 +102,28 @@ repoServer:
       memory: 256Mi
     limits:
       memory: 2Gi
+  extraContainers:
+    - name: kustomize-build-with-helm
+      command:
+        - argocd-cmp-server
+      image: '{{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }}'
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 999
+        allowPrivilegeEscalation: false
+        readOnlyRootFilesystem: true
+        seccompProfile:
+          type: RuntimeDefault
+        capabilities:
+          drop: [ ALL ]
+      volumeMounts:
+        - name: plugins
+          mountPath: /home/argocd/cmp-server/plugins
+        - name: cmp-kustomize-build-with-helm
+          mountPath: /home/argocd/cmp-server/config/plugin.yaml
+          subPath: kustomize-build-with-helm.yaml
+        - mountPath: /tmp
+          name: cmp-tmp
 
 applicationSet:
   replicas: 2
-- 
2.49.1