{{- if .Values.tailscaleOperator.enable -}}
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: tailscale-operator
  namespace: {{ .Values.argocd.namespace }} 
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  project: {{ .Values.argocd.project }}
  source:
    repoURL: "https://pkgs.tailscale.com/helmcharts"
    chart: tailscale-operator
    targetRevision: {{ .Values.tailscaleOperator.targetRevision }}
    helm:
      valuesObject:
        oauth:
          clientId: {{ .Vault.tailscaleOperator.oauth.clientId }}
          clientSecret: {{ .Vault.tailscaleOperator.oauth.clientSecret }}
        operatorConfig:
          hostname: {{ .Values.tailscaleOperator.operatorHostname }}
        apiServerProxyConfig:
          mode: "true"
  destination:
    server: {{ .Values.tailscaleOperator.destination.server }} 
    namespace: {{ .Values.tailscaleOperator.destination.namespace }}
  syncPolicy:
    automated:
      prune: true           # Automatically remove resources no longer in the repo
      selfHeal: true        # Automatically self-heal when drift is detected
    syncOptions:
      - ApplyOutOfSyncOnly=true
      - ServerSideApply=true
      - CreateNamespace=true
{{- end }}