Issue with credentials for private repo and oidc.azuread.clientSecret in Helm ArgoCD

Question

I'd like to deploy ArgoCD using helm and include credentials for my private repo as long as $oidc.azuread.clientSecret for the SSO integration.

My questions are:

1- Do I need to create manually a secrert called "argocd-secret" to include the secret for $oidc.azuread.clientSecret ?

2- How can I include the username and personal token from Azure to get access to my private repo in Azure Git? If not possible with personal token how can I do that with SSH keys using the helm values?

https://github.com/kurtburak/argocd/blob/main/argocd-install/argo-cd/values.yaml

I think this is the interesing part from the argocd helm chart:

  application.instanceLabelKey: argocd.argoproj.io/instance
    # repositories: |
    #   - url: git@github.com:group/repo.git
    #     sshPrivateKeySecret:
    #       name: secret-name
    #       key: sshPrivateKey
    #   - type: helm
    #     url: https://charts.helm.sh/stable
    #     name: stable
    #   - type: helm
    #     url: https://argoproj.github.io/argo-helm
    #     name: argo
    # oidc.config: |
    #   name: AzureAD
    #   issuer: https://login.microsoftonline.com/TENANT_ID/v2.0
    #   clientID: CLIENT_ID
    #   clientSecret: $oidc.azuread.clientSecret
    #   requestedIDTokenClaims:
    #     groups:
    #       essential: true
    #   requestedScopes:
    #     - openid
    #     - profile
    #     - email

Answer 1

I just struggled with the first problem myself, and seeing as no one has replied to you;

1. You need to create an extra secret when deploying the helm chart, this can be done in the values.yaml or with parameter --set "configs.secret.extra.oidc\.azure\.clientSecret=$argosecret" (where $argosecret preferably is a secret variable passed from e.g. your CD). This will create oidc.azure.clientSecret in the secret argocd-secret.