From e716b76e75479a932f3368a80e07b8c345a00849 Mon Sep 17 00:00:00 2001
From: Marco Droll <marco@droll.at>
Date: Wed, 1 Oct 2025 13:32:31 +0200
Subject: [PATCH 1/4] add recent changes for upstream contribution

---
 argocd/argocd/operator/argocd.ftl.yaml                    | 4 ++--
 argocd/cluster-resources/argocd/misc.ftl.yaml             | 2 +-
 .../com/cloudogu/gitops/features/PrometheusStack.groovy   | 2 +-
 templates/kubernetes/rbac/argocd-role.ftl.yaml            | 8 ++++++--
 4 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/argocd/argocd/operator/argocd.ftl.yaml b/argocd/argocd/operator/argocd.ftl.yaml
index 5e280eef6..38985cdcf 100644
--- a/argocd/argocd/operator/argocd.ftl.yaml
+++ b/argocd/argocd/operator/argocd.ftl.yaml
@@ -8,7 +8,7 @@ spec:
     enabled: true
     resources:
       limits:
-        cpu: '2'
+        cpu: 500m
         memory: 1Gi
       requests:
         cpu: 250m
@@ -39,7 +39,7 @@ spec:
   controller:
     resources:
       limits:
-        cpu: "2000m"
+        cpu: "500m"
         memory: "2048Mi"
       requests:
         cpu: "250m"
diff --git a/argocd/cluster-resources/argocd/misc.ftl.yaml b/argocd/cluster-resources/argocd/misc.ftl.yaml
index 8cc086deb..fefe4ed37 100644
--- a/argocd/cluster-resources/argocd/misc.ftl.yaml
+++ b/argocd/cluster-resources/argocd/misc.ftl.yaml
@@ -9,7 +9,7 @@ spec:
   project: <#if config.multiTenant.useDedicatedInstance>${tenantName}<#else>cluster-resources</#if>
   destination:
     server: https://kubernetes.default.svc
-    namespace: <#if config.multiTenant.useDedicatedInstance>argocd<#else>${config.application.namePrefix}argocd</#if>
+    namespace: <#if config.multiTenant.useDedicatedInstance>${config.multiTenant.centralArgocdNamespace}<#else>${namePrefix}argocd</#if>
   source:
     path: misc/
 <#if config.multiTenant.useDedicatedInstance>
diff --git a/src/main/groovy/com/cloudogu/gitops/features/PrometheusStack.groovy b/src/main/groovy/com/cloudogu/gitops/features/PrometheusStack.groovy
index f932352d9..2cf7e2d20 100644
--- a/src/main/groovy/com/cloudogu/gitops/features/PrometheusStack.groovy
+++ b/src/main/groovy/com/cloudogu/gitops/features/PrometheusStack.groovy
@@ -201,7 +201,7 @@ class PrometheusStack extends Feature implements FeatureWithImage {
     }
 
     private String findValidOpenShiftUid() {
-        String uidRange = k8sClient.getAnnotation('namespace', 'monitoring', 'openshift.io/sa.scc.uid-range')
+        String uidRange = k8sClient.getAnnotation('namespace', namespace, 'openshift.io/sa.scc.uid-range')
 
         if (uidRange) {
             log.debug("found UID=${uidRange}")
diff --git a/templates/kubernetes/rbac/argocd-role.ftl.yaml b/templates/kubernetes/rbac/argocd-role.ftl.yaml
index b3dff552f..2737ee1a1 100644
--- a/templates/kubernetes/rbac/argocd-role.ftl.yaml
+++ b/templates/kubernetes/rbac/argocd-role.ftl.yaml
@@ -54,10 +54,13 @@ rules:
     resources: ["roles", "rolebindings"]
     verbs: ["create", "delete", "get", "list", "patch", "update", "watch"]
 
+  <#if config.features.secrets.active == true>
   - apiGroups: ["external-secrets.io"]
     resources: ["secretstores", "externalsecrets"]
     verbs: ["create", "delete", "get", "list", "patch", "update", "watch"]
-
+  </#if>
+  
+  <#if config.features.monitoring.active == true>
   - apiGroups: [ "monitoring.coreos.com" ]
     resources: [
       "alertmanagers",
@@ -74,4 +77,5 @@ rules:
       "podmonitors",
       "probes"
     ]
-    verbs: [ "create", "delete", "get", "list", "patch", "update", "watch" ]
\ No newline at end of file
+    verbs: [ "create", "delete", "get", "list", "patch", "update", "watch" ]
+  </#if>
\ No newline at end of file

From dc7f59fae22484c77d999f99bfd656ec81f80de5 Mon Sep 17 00:00:00 2001
From: Marco Droll <marco@droll.at>
Date: Thu, 2 Oct 2025 13:46:13 +0200
Subject: [PATCH 2/4] resolve issue caused by incorrect diff application

---
 argocd/cluster-resources/argocd/misc.ftl.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/argocd/cluster-resources/argocd/misc.ftl.yaml b/argocd/cluster-resources/argocd/misc.ftl.yaml
index fefe4ed37..e46133870 100644
--- a/argocd/cluster-resources/argocd/misc.ftl.yaml
+++ b/argocd/cluster-resources/argocd/misc.ftl.yaml
@@ -9,7 +9,7 @@ spec:
   project: <#if config.multiTenant.useDedicatedInstance>${tenantName}<#else>cluster-resources</#if>
   destination:
     server: https://kubernetes.default.svc
-    namespace: <#if config.multiTenant.useDedicatedInstance>${config.multiTenant.centralArgocdNamespace}<#else>${namePrefix}argocd</#if>
+    namespace: <#if config.multiTenant.useDedicatedInstance>${config.multiTenant.centralArgocdNamespace}<#else>${config.application.namePrefix}argocd</#if>
   source:
     path: misc/
 <#if config.multiTenant.useDedicatedInstance>

From 3fe13e88365e20c50c9a47e082ba53e22c943c60 Mon Sep 17 00:00:00 2001
From: Thomas <thomas@thomasmichael.de>
Date: Mon, 6 Oct 2025 12:03:20 +0200
Subject: [PATCH 3/4] Update argocd/argocd/operator/argocd.ftl.yaml
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Niklas Hußmann <niklas.hussmann-extern@cloudogu.com>
---
 argocd/argocd/operator/argocd.ftl.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/argocd/argocd/operator/argocd.ftl.yaml b/argocd/argocd/operator/argocd.ftl.yaml
index 38985cdcf..49e186cdf 100644
--- a/argocd/argocd/operator/argocd.ftl.yaml
+++ b/argocd/argocd/operator/argocd.ftl.yaml
@@ -8,7 +8,7 @@ spec:
     enabled: true
     resources:
       limits:
-        cpu: 500m
+        cpu: '2'
         memory: 1Gi
       requests:
         cpu: 250m

From 8de9d7527e7a630af1cb57064e3926be889cb161 Mon Sep 17 00:00:00 2001
From: Thomas <thomas@thomasmichael.de>
Date: Mon, 6 Oct 2025 12:03:26 +0200
Subject: [PATCH 4/4] Update argocd/argocd/operator/argocd.ftl.yaml
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Niklas Hußmann <niklas.hussmann-extern@cloudogu.com>
---
 argocd/argocd/operator/argocd.ftl.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/argocd/argocd/operator/argocd.ftl.yaml b/argocd/argocd/operator/argocd.ftl.yaml
index 49e186cdf..5e280eef6 100644
--- a/argocd/argocd/operator/argocd.ftl.yaml
+++ b/argocd/argocd/operator/argocd.ftl.yaml
@@ -39,7 +39,7 @@ spec:
   controller:
     resources:
       limits:
-        cpu: "500m"
+        cpu: "2000m"
         memory: "2048Mi"
       requests:
         cpu: "250m"