From af931f5ba07564c0e0bad7996908a1b0685cf758 Mon Sep 17 00:00:00 2001 From: Jazzlyn <9011011+jazzlyn@users.noreply.github.com> Date: Sun, 2 Feb 2025 00:37:13 +0100 Subject: [PATCH] feat(kube-nas): standardisation kustomizations and flux-sync --- .../apps/auth-system/kustomization.yaml | 2 +- .../oauth2-proxy/app/kustomization.yaml | 1 - .../auth-system/oauth2-proxy/flux-sync.yaml | 18 +++--- .../volsync/app/kustomization.yaml | 2 +- .../apps/backup-system/volsync/flux-sync.yaml | 13 ++-- .../bunkerweb/flux-sync.yaml | 6 +- .../apps/bunkerweb-ingress/kustomization.yaml | 2 +- .../cert-manager/app/kustomization.yaml | 1 - .../cert-manager/cert-manager/flux-sync.yaml | 21 +++++-- .../cert-manager/issuers/kustomization.yaml | 1 - .../apps/cert-manager/kustomization.yaml | 2 +- .../cloudnative-pg/flux-sync.yaml | 26 ++++---- .../apps/database-system/dbman/flux-sync.yaml | 8 +-- .../database-system/dragonfly/flux-sync.yaml | 5 +- .../apps/database-system/kustomization.yaml | 2 +- .../echo-server/app/kustomization.yaml | 6 +- .../apps/default/echo-server/flux-sync.yaml | 10 +++- .../kube-nas/apps/default/kustomization.yaml | 2 +- .../kube-system/cilium/app/kustomization.yaml | 7 +-- .../apps/kube-system/cilium/flux-sync.yaml | 8 ++- .../coredns/app/kustomization.yaml | 3 +- .../apps/kube-system/coredns/flux-sync.yaml | 8 ++- .../app/kustomization.yaml | 3 +- .../kubelet-csr-approver/flux-sync.yaml | 8 ++- .../metrics-server/app/kustomization.yaml | 3 +- .../kube-system/metrics-server/flux-sync.yaml | 8 ++- .../reloader/app/kustomization.yaml | 1 - .../apps/kube-tools/reloader/flux-sync.yaml | 10 +++- .../apps/minio-system/kustomization.yaml | 2 +- .../minio-system/minio/app/kustomization.yaml | 4 +- .../apps/nginx-ingress/kustomization.yaml | 2 +- .../nginx/app/kustomization.yaml | 1 - .../apps/nginx-ingress/nginx/flux-sync.yaml | 16 +++-- .../harbor/app/kustomization.yaml | 8 +-- .../apps/oci-registry/harbor/flux-sync.yaml | 17 ++++-- .../apps/oci-registry/kustomization.yaml | 2 +- .../apps/openebs-system/kustomization.yaml | 2 +- .../openebs-system/openebs/flux-sync.yaml | 2 +- .../secops/external-secrets/flux-sync.yaml | 22 +++++-- .../kube-nas/apps/secops/kustomization.yaml | 4 +- kubernetes/kube-nas/flux/flux-sync.yaml | 60 +++++++++++++------ kubernetes/kube-nas/flux/kustomization.yaml | 1 - 42 files changed, 202 insertions(+), 128 deletions(-) diff --git a/kubernetes/kube-nas/apps/auth-system/kustomization.yaml b/kubernetes/kube-nas/apps/auth-system/kustomization.yaml index 8053b7d85..c888fea55 100644 --- a/kubernetes/kube-nas/apps/auth-system/kustomization.yaml +++ b/kubernetes/kube-nas/apps/auth-system/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./namespace.yaml + - namespace.yaml - ./oauth2-proxy/flux-sync.yaml diff --git a/kubernetes/kube-nas/apps/auth-system/oauth2-proxy/app/kustomization.yaml b/kubernetes/kube-nas/apps/auth-system/oauth2-proxy/app/kustomization.yaml index 8b6fb203e..944921343 100644 --- a/kubernetes/kube-nas/apps/auth-system/oauth2-proxy/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/auth-system/oauth2-proxy/app/kustomization.yaml @@ -2,7 +2,6 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: auth-system resources: - secrets.sops.yaml - helm-release.yaml diff --git a/kubernetes/kube-nas/apps/auth-system/oauth2-proxy/flux-sync.yaml b/kubernetes/kube-nas/apps/auth-system/oauth2-proxy/flux-sync.yaml index 51aae19b7..ac9d1d36e 100644 --- a/kubernetes/kube-nas/apps/auth-system/oauth2-proxy/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/auth-system/oauth2-proxy/flux-sync.yaml @@ -3,19 +3,21 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: oauth2-proxy + name: &appname oauth2-proxy namespace: flux-system spec: - dependsOn: - - name: dragonfly-cluster - interval: 10m + targetNamespace: auth-system + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/auth-system/oauth2-proxy/app prune: true sourceRef: kind: GitRepository name: home-ops - targetNamespace: auth-system - commonMetadata: - labels: - app.kubernetes.io/name: oauth2-proxy wait: true + interval: 30m + retryInterval: 1m + timeout: 5m + dependsOn: + - name: dragonfly-cluster diff --git a/kubernetes/kube-nas/apps/backup-system/volsync/app/kustomization.yaml b/kubernetes/kube-nas/apps/backup-system/volsync/app/kustomization.yaml index c727ac99b..51567a423 100644 --- a/kubernetes/kube-nas/apps/backup-system/volsync/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/backup-system/volsync/app/kustomization.yaml @@ -3,4 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./helm-release.yaml + - helm-release.yaml diff --git a/kubernetes/kube-nas/apps/backup-system/volsync/flux-sync.yaml b/kubernetes/kube-nas/apps/backup-system/volsync/flux-sync.yaml index 0539c77cc..4aefba91f 100644 --- a/kubernetes/kube-nas/apps/backup-system/volsync/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/backup-system/volsync/flux-sync.yaml @@ -8,17 +8,18 @@ metadata: labels: substitution.flux.home.arpa/enabled: "true" spec: + targetNamespace: backup-system commonMetadata: labels: app.kubernetes.io/name: *appname - targetNamespace: backup-system - dependsOn: - - name: snapshot-controller - interval: 10m path: ./kubernetes/kube-nas/apps/backup-system/volsync/app prune: true - wait: true sourceRef: kind: GitRepository name: home-ops - timeout: 3m + wait: true + interval: 30m + retryInterval: 1m + timeout: 5m + dependsOn: + - name: snapshot-controller diff --git a/kubernetes/kube-nas/apps/bunkerweb-ingress/bunkerweb/flux-sync.yaml b/kubernetes/kube-nas/apps/bunkerweb-ingress/bunkerweb/flux-sync.yaml index ff550f75c..7b823a491 100644 --- a/kubernetes/kube-nas/apps/bunkerweb-ingress/bunkerweb/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/bunkerweb-ingress/bunkerweb/flux-sync.yaml @@ -12,14 +12,14 @@ spec: commonMetadata: labels: app.kubernetes.io/name: *appname - interval: 10m - dependsOn: - - name: cert-manager-issuers path: ./kubernetes/kube-nas/apps/bunkerweb-ingress/bunkerweb/app prune: true sourceRef: kind: GitRepository name: home-ops wait: true + interval: 30m retryInterval: 1m timeout: 5m + dependsOn: + - name: cert-manager-issuers diff --git a/kubernetes/kube-nas/apps/bunkerweb-ingress/kustomization.yaml b/kubernetes/kube-nas/apps/bunkerweb-ingress/kustomization.yaml index dfb219cc4..c09161404 100644 --- a/kubernetes/kube-nas/apps/bunkerweb-ingress/kustomization.yaml +++ b/kubernetes/kube-nas/apps/bunkerweb-ingress/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./namespace.yaml + - namespace.yaml - ./bunkerweb/flux-sync.yaml diff --git a/kubernetes/kube-nas/apps/cert-manager/cert-manager/app/kustomization.yaml b/kubernetes/kube-nas/apps/cert-manager/cert-manager/app/kustomization.yaml index 361272635..51567a423 100644 --- a/kubernetes/kube-nas/apps/cert-manager/cert-manager/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/cert-manager/cert-manager/app/kustomization.yaml @@ -2,6 +2,5 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: cert-manager resources: - helm-release.yaml diff --git a/kubernetes/kube-nas/apps/cert-manager/cert-manager/flux-sync.yaml b/kubernetes/kube-nas/apps/cert-manager/cert-manager/flux-sync.yaml index 9ab92f0c5..4801c08b7 100644 --- a/kubernetes/kube-nas/apps/cert-manager/cert-manager/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/cert-manager/cert-manager/flux-sync.yaml @@ -3,30 +3,43 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cert-manager + name: &appname cert-manager namespace: flux-system spec: - interval: 10m + targetNamespace: cert-manager + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/cert-manager/cert-manager/app prune: true sourceRef: kind: GitRepository name: home-ops wait: true + interval: 30m + retryInterval: 1m + timeout: 5m + --- # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cert-manager-issuers + name: &appname cert-manager-issuers namespace: flux-system spec: - interval: 10m + targetNamespace: cert-manager + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/cert-manager/cert-manager/issuers prune: true sourceRef: kind: GitRepository name: home-ops wait: true + interval: 30m + retryInterval: 1m + timeout: 5m dependsOn: - name: cert-manager diff --git a/kubernetes/kube-nas/apps/cert-manager/cert-manager/issuers/kustomization.yaml b/kubernetes/kube-nas/apps/cert-manager/cert-manager/issuers/kustomization.yaml index daca95aa1..429841784 100644 --- a/kubernetes/kube-nas/apps/cert-manager/cert-manager/issuers/kustomization.yaml +++ b/kubernetes/kube-nas/apps/cert-manager/cert-manager/issuers/kustomization.yaml @@ -2,7 +2,6 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: cert-manager resources: - cluster-issuer-self-signed.yaml - secret.sops.yaml diff --git a/kubernetes/kube-nas/apps/cert-manager/kustomization.yaml b/kubernetes/kube-nas/apps/cert-manager/kustomization.yaml index 8c10c4f57..2916e9064 100644 --- a/kubernetes/kube-nas/apps/cert-manager/kustomization.yaml +++ b/kubernetes/kube-nas/apps/cert-manager/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./namespace.yaml + - namespace.yaml - ./cert-manager/flux-sync.yaml diff --git a/kubernetes/kube-nas/apps/database-system/cloudnative-pg/flux-sync.yaml b/kubernetes/kube-nas/apps/database-system/cloudnative-pg/flux-sync.yaml index e077dc457..0fff161a2 100644 --- a/kubernetes/kube-nas/apps/database-system/cloudnative-pg/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/database-system/cloudnative-pg/flux-sync.yaml @@ -6,19 +6,19 @@ metadata: name: &appname cloudnative-pg namespace: flux-system spec: + targetNamespace: database-system commonMetadata: labels: app.kubernetes.io/name: *appname - interval: 30m path: ./kubernetes/kube-nas/apps/database-system/cloudnative-pg/operator prune: true - retryInterval: 1m sourceRef: kind: GitRepository name: home-ops - targetNamespace: database-system - timeout: 3m wait: true + interval: 30m + retryInterval: 1m + timeout: 5m --- # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json @@ -28,21 +28,21 @@ metadata: name: &appname cloudnative-pg-cluster namespace: flux-system spec: + targetNamespace: database-system commonMetadata: labels: app.kubernetes.io/name: *appname - dependsOn: - - name: cloudnative-pg - - name: dbman - - name: minio - - name: openebs - interval: 30m path: ./kubernetes/kube-nas/apps/database-system/cloudnative-pg/cluster prune: true - retryInterval: 15s sourceRef: kind: GitRepository name: home-ops - targetNamespace: database-system - timeout: 3m wait: true + interval: 30m + retryInterval: 1m + timeout: 5m + dependsOn: + - name: cloudnative-pg + - name: dbman + - name: minio + - name: openebs diff --git a/kubernetes/kube-nas/apps/database-system/dbman/flux-sync.yaml b/kubernetes/kube-nas/apps/database-system/dbman/flux-sync.yaml index fc9ec0c7b..b63bc3c21 100644 --- a/kubernetes/kube-nas/apps/database-system/dbman/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/database-system/dbman/flux-sync.yaml @@ -6,16 +6,16 @@ metadata: name: &appname dbman namespace: flux-system spec: + targetNamespace: database-system commonMetadata: labels: app.kubernetes.io/name: *appname - interval: 30m path: ./kubernetes/kube-nas/apps/database-system/dbman/operator prune: true sourceRef: kind: GitRepository name: home-ops - targetNamespace: database-system - timeout: 3m - retryInterval: 1m wait: true + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/kube-nas/apps/database-system/dragonfly/flux-sync.yaml b/kubernetes/kube-nas/apps/database-system/dragonfly/flux-sync.yaml index dec7f6ea9..e0f92b44a 100644 --- a/kubernetes/kube-nas/apps/database-system/dragonfly/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/database-system/dragonfly/flux-sync.yaml @@ -21,6 +21,7 @@ spec: interval: 30m retryInterval: 1m timeout: 5m + --- # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 @@ -35,8 +36,6 @@ spec: app.kubernetes.io/name: *appname app.kubernetes.io/instance: *appname app.kubernetes.io/component: dragonfly - dependsOn: - - name: dragonfly-operator path: ./kubernetes/kube-nas/apps/database-system/dragonfly/cluster prune: true sourceRef: @@ -46,3 +45,5 @@ spec: interval: 30m retryInterval: 1m timeout: 5m + dependsOn: + - name: dragonfly-operator diff --git a/kubernetes/kube-nas/apps/database-system/kustomization.yaml b/kubernetes/kube-nas/apps/database-system/kustomization.yaml index 1bdaefc1d..a36dcc1c2 100644 --- a/kubernetes/kube-nas/apps/database-system/kustomization.yaml +++ b/kubernetes/kube-nas/apps/database-system/kustomization.yaml @@ -3,7 +3,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./namespace.yaml + - namespace.yaml - ./cloudnative-pg/flux-sync.yaml - ./dbman/flux-sync.yaml - ./dragonfly/flux-sync.yaml diff --git a/kubernetes/kube-nas/apps/default/echo-server/app/kustomization.yaml b/kubernetes/kube-nas/apps/default/echo-server/app/kustomization.yaml index 6c08326a6..51567a423 100644 --- a/kubernetes/kube-nas/apps/default/echo-server/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/default/echo-server/app/kustomization.yaml @@ -2,9 +2,5 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: default resources: - - ./helm-release.yaml -commonLabels: - app.kubernetes.io/name: echo-server - app.kubernetes.io/instance: echo-server + - helm-release.yaml diff --git a/kubernetes/kube-nas/apps/default/echo-server/flux-sync.yaml b/kubernetes/kube-nas/apps/default/echo-server/flux-sync.yaml index e7f13b27d..d579fcae6 100644 --- a/kubernetes/kube-nas/apps/default/echo-server/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/default/echo-server/flux-sync.yaml @@ -3,15 +3,21 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: echo-server + name: &appname echo-server namespace: flux-system labels: substitution.flux.home.arpa/enabled: "true" spec: - interval: 10m + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/default/echo-server/app prune: true sourceRef: kind: GitRepository name: home-ops wait: true + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/kube-nas/apps/default/kustomization.yaml b/kubernetes/kube-nas/apps/default/kustomization.yaml index adf33b9de..70d5f0baa 100644 --- a/kubernetes/kube-nas/apps/default/kustomization.yaml +++ b/kubernetes/kube-nas/apps/default/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./namespace.yaml + - namespace.yaml - ./echo-server/flux-sync.yaml diff --git a/kubernetes/kube-nas/apps/kube-system/cilium/app/kustomization.yaml b/kubernetes/kube-nas/apps/kube-system/cilium/app/kustomization.yaml index 8a66b80e4..f7e4a90d5 100644 --- a/kubernetes/kube-nas/apps/kube-system/cilium/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/kube-system/cilium/app/kustomization.yaml @@ -2,9 +2,8 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: kube-system resources: - - ./helm-release.yaml + - helm-release.yaml # as we need to bootstrap cilium it is fine to use crd before install - - ./cilium-l2-announcement-policy.yaml - - ./cilium-load-balancer-ip-pool.yaml + - cilium-l2-announcement-policy.yaml + - cilium-load-balancer-ip-pool.yaml diff --git a/kubernetes/kube-nas/apps/kube-system/cilium/flux-sync.yaml b/kubernetes/kube-nas/apps/kube-system/cilium/flux-sync.yaml index b3a42e18e..0e6a83adb 100644 --- a/kubernetes/kube-nas/apps/kube-system/cilium/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/kube-system/cilium/flux-sync.yaml @@ -3,11 +3,15 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: cilium + name: &appname cilium namespace: flux-system spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/kube-system/cilium/app - prune: false # never should be deleted + prune: false # should never be deleted sourceRef: kind: GitRepository name: home-ops diff --git a/kubernetes/kube-nas/apps/kube-system/coredns/app/kustomization.yaml b/kubernetes/kube-nas/apps/kube-system/coredns/app/kustomization.yaml index f02b6a024..51567a423 100644 --- a/kubernetes/kube-nas/apps/kube-system/coredns/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/kube-system/coredns/app/kustomization.yaml @@ -2,6 +2,5 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: kube-system resources: - - ./helm-release.yaml + - helm-release.yaml diff --git a/kubernetes/kube-nas/apps/kube-system/coredns/flux-sync.yaml b/kubernetes/kube-nas/apps/kube-system/coredns/flux-sync.yaml index c1bdc7f43..057228d63 100644 --- a/kubernetes/kube-nas/apps/kube-system/coredns/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/kube-system/coredns/flux-sync.yaml @@ -3,13 +3,17 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: coredns + name: &appname coredns namespace: flux-system labels: substitution.flux.home.arpa/enabled: "true" spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/kube-system/coredns/app - prune: false # never should be deleted + prune: false # should never be deleted sourceRef: kind: GitRepository name: home-ops diff --git a/kubernetes/kube-nas/apps/kube-system/kubelet-csr-approver/app/kustomization.yaml b/kubernetes/kube-nas/apps/kube-system/kubelet-csr-approver/app/kustomization.yaml index f02b6a024..51567a423 100644 --- a/kubernetes/kube-nas/apps/kube-system/kubelet-csr-approver/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/kube-system/kubelet-csr-approver/app/kustomization.yaml @@ -2,6 +2,5 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: kube-system resources: - - ./helm-release.yaml + - helm-release.yaml diff --git a/kubernetes/kube-nas/apps/kube-system/kubelet-csr-approver/flux-sync.yaml b/kubernetes/kube-nas/apps/kube-system/kubelet-csr-approver/flux-sync.yaml index 20a3ba72a..70d43f5fd 100644 --- a/kubernetes/kube-nas/apps/kube-system/kubelet-csr-approver/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/kube-system/kubelet-csr-approver/flux-sync.yaml @@ -3,13 +3,17 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: kubelet-csr-approver + name: &appname kubelet-csr-approver namespace: flux-system labels: substitution.flux.home.arpa/enabled: "true" spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/kube-system/kubelet-csr-approver/app - prune: false # never should be deleted + prune: false # should never be deleted sourceRef: kind: GitRepository name: home-ops diff --git a/kubernetes/kube-nas/apps/kube-system/metrics-server/app/kustomization.yaml b/kubernetes/kube-nas/apps/kube-system/metrics-server/app/kustomization.yaml index f02b6a024..51567a423 100644 --- a/kubernetes/kube-nas/apps/kube-system/metrics-server/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/kube-system/metrics-server/app/kustomization.yaml @@ -2,6 +2,5 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: kube-system resources: - - ./helm-release.yaml + - helm-release.yaml diff --git a/kubernetes/kube-nas/apps/kube-system/metrics-server/flux-sync.yaml b/kubernetes/kube-nas/apps/kube-system/metrics-server/flux-sync.yaml index e9f6678bf..4a9a15aea 100644 --- a/kubernetes/kube-nas/apps/kube-system/metrics-server/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/kube-system/metrics-server/flux-sync.yaml @@ -3,13 +3,17 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: metrics-server + name: &appname metrics-server namespace: flux-system labels: substitution.flux.home.arpa/enabled: "true" spec: + targetNamespace: kube-system + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/kube-system/metrics-server/app - prune: false # never should be deleted + prune: false # should never be deleted sourceRef: kind: GitRepository name: home-ops diff --git a/kubernetes/kube-nas/apps/kube-tools/reloader/app/kustomization.yaml b/kubernetes/kube-nas/apps/kube-tools/reloader/app/kustomization.yaml index 8efbfd9ea..51567a423 100644 --- a/kubernetes/kube-nas/apps/kube-tools/reloader/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/kube-tools/reloader/app/kustomization.yaml @@ -2,6 +2,5 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: kube-tools resources: - helm-release.yaml diff --git a/kubernetes/kube-nas/apps/kube-tools/reloader/flux-sync.yaml b/kubernetes/kube-nas/apps/kube-tools/reloader/flux-sync.yaml index b6c2b8d6b..b64dffa7f 100644 --- a/kubernetes/kube-nas/apps/kube-tools/reloader/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/kube-tools/reloader/flux-sync.yaml @@ -3,15 +3,21 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: reloader + name: &appname reloader namespace: flux-system labels: substitution.flux.home.arpa/enabled: "true" spec: - interval: 10m + targetNamespace: kube-tools + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/kube-tools/reloader/app prune: true sourceRef: kind: GitRepository name: home-ops wait: true + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/kube-nas/apps/minio-system/kustomization.yaml b/kubernetes/kube-nas/apps/minio-system/kustomization.yaml index e7b1398ce..0754e6fb9 100644 --- a/kubernetes/kube-nas/apps/minio-system/kustomization.yaml +++ b/kubernetes/kube-nas/apps/minio-system/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./namespace.yaml + - namespace.yaml - ./minio/flux-sync.yaml diff --git a/kubernetes/kube-nas/apps/minio-system/minio/app/kustomization.yaml b/kubernetes/kube-nas/apps/minio-system/minio/app/kustomization.yaml index 9dcee7686..944921343 100644 --- a/kubernetes/kube-nas/apps/minio-system/minio/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/minio-system/minio/app/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./secrets.sops.yaml - - ./helm-release.yaml + - secrets.sops.yaml + - helm-release.yaml diff --git a/kubernetes/kube-nas/apps/nginx-ingress/kustomization.yaml b/kubernetes/kube-nas/apps/nginx-ingress/kustomization.yaml index 2410b91d2..b3cf022ef 100644 --- a/kubernetes/kube-nas/apps/nginx-ingress/kustomization.yaml +++ b/kubernetes/kube-nas/apps/nginx-ingress/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./namespace.yaml + - namespace.yaml - ./nginx/flux-sync.yaml diff --git a/kubernetes/kube-nas/apps/nginx-ingress/nginx/app/kustomization.yaml b/kubernetes/kube-nas/apps/nginx-ingress/nginx/app/kustomization.yaml index 3bf6698f7..51567a423 100644 --- a/kubernetes/kube-nas/apps/nginx-ingress/nginx/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/nginx-ingress/nginx/app/kustomization.yaml @@ -2,6 +2,5 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: nginx-ingress resources: - helm-release.yaml diff --git a/kubernetes/kube-nas/apps/nginx-ingress/nginx/flux-sync.yaml b/kubernetes/kube-nas/apps/nginx-ingress/nginx/flux-sync.yaml index 1faaa92c0..637c488c6 100644 --- a/kubernetes/kube-nas/apps/nginx-ingress/nginx/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/nginx-ingress/nginx/flux-sync.yaml @@ -3,17 +3,23 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: nginx-ingress + name: &appname nginx-ingress namespace: flux-system labels: substitution.flux.home.arpa/enabled: "true" spec: - dependsOn: - - name: cert-manager-issuers - interval: 10m + targetNamespace: nginx-ingress + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/nginx-ingress/nginx/app prune: true - wait: true sourceRef: kind: GitRepository name: home-ops + wait: true + interval: 30m + retryInterval: 1m + timeout: 5m + dependsOn: + - name: cert-manager-issuers diff --git a/kubernetes/kube-nas/apps/oci-registry/harbor/app/kustomization.yaml b/kubernetes/kube-nas/apps/oci-registry/harbor/app/kustomization.yaml index b3cf7df28..ce2796149 100644 --- a/kubernetes/kube-nas/apps/oci-registry/harbor/app/kustomization.yaml +++ b/kubernetes/kube-nas/apps/oci-registry/harbor/app/kustomization.yaml @@ -3,7 +3,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./secrets.sops.yaml - - ./pvc.yaml - - ./database.yaml - - ./helm-release.yaml + - secrets.sops.yaml + - pvc.yaml + - database.yaml + - helm-release.yaml diff --git a/kubernetes/kube-nas/apps/oci-registry/harbor/flux-sync.yaml b/kubernetes/kube-nas/apps/oci-registry/harbor/flux-sync.yaml index 59dbca4a7..2341f4112 100644 --- a/kubernetes/kube-nas/apps/oci-registry/harbor/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/oci-registry/harbor/flux-sync.yaml @@ -3,18 +3,23 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: harbor + name: &appname harbor namespace: flux-system labels: substitution.flux.home.arpa/enabled: "true" spec: - dependsOn: - - name: nginx-ingress - interval: 10m + targetNamespace: oci-registry + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/oci-registry/harbor/app prune: true - targetNamespace: oci-registry - wait: true sourceRef: kind: GitRepository name: home-ops + wait: true + interval: 30m + retryInterval: 1m + timeout: 5m + dependsOn: + - name: nginx-ingress diff --git a/kubernetes/kube-nas/apps/oci-registry/kustomization.yaml b/kubernetes/kube-nas/apps/oci-registry/kustomization.yaml index 2a04b3eb5..0d513c35c 100644 --- a/kubernetes/kube-nas/apps/oci-registry/kustomization.yaml +++ b/kubernetes/kube-nas/apps/oci-registry/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./namespace.yaml + - namespace.yaml - ./harbor/flux-sync.yaml diff --git a/kubernetes/kube-nas/apps/openebs-system/kustomization.yaml b/kubernetes/kube-nas/apps/openebs-system/kustomization.yaml index f1a898c18..8a994302c 100644 --- a/kubernetes/kube-nas/apps/openebs-system/kustomization.yaml +++ b/kubernetes/kube-nas/apps/openebs-system/kustomization.yaml @@ -3,5 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./namespace.yaml + - namespace.yaml - ./openebs/flux-sync.yaml diff --git a/kubernetes/kube-nas/apps/openebs-system/openebs/flux-sync.yaml b/kubernetes/kube-nas/apps/openebs-system/openebs/flux-sync.yaml index ccabe94aa..c26b8fc53 100644 --- a/kubernetes/kube-nas/apps/openebs-system/openebs/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/openebs-system/openebs/flux-sync.yaml @@ -10,12 +10,12 @@ spec: commonMetadata: labels: app.kubernetes.io/name: *appname - interval: 10m path: ./kubernetes/kube-nas/apps/openebs-system/openebs/app prune: false sourceRef: kind: GitRepository name: home-ops wait: true + interval: 30m retryInterval: 1m timeout: 5m diff --git a/kubernetes/kube-nas/apps/secops/external-secrets/flux-sync.yaml b/kubernetes/kube-nas/apps/secops/external-secrets/flux-sync.yaml index 58f173dc5..3d73b7545 100644 --- a/kubernetes/kube-nas/apps/secops/external-secrets/flux-sync.yaml +++ b/kubernetes/kube-nas/apps/secops/external-secrets/flux-sync.yaml @@ -3,37 +3,47 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: external-secrets + name: &appname external-secrets namespace: flux-system labels: substitution.flux.home.arpa/enabled: "true" spec: - interval: 10m + targetNamespace: secops + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/secops/external-secrets/app prune: true sourceRef: kind: GitRepository name: home-ops wait: true - targetNamespace: secops + interval: 30m + retryInterval: 1m + timeout: 5m --- # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: external-secrets-stores + name: &appname external-secrets-stores namespace: flux-system labels: substitution.flux.home.arpa/enabled: "true" spec: - interval: 10m + targetNamespace: secops + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps/secops/external-secrets/stores prune: true sourceRef: kind: GitRepository name: home-ops wait: true - targetNamespace: secops + interval: 30m + retryInterval: 1m + timeout: 5m dependsOn: - name: external-secrets diff --git a/kubernetes/kube-nas/apps/secops/kustomization.yaml b/kubernetes/kube-nas/apps/secops/kustomization.yaml index e7c92663f..65d0849f2 100644 --- a/kubernetes/kube-nas/apps/secops/kustomization.yaml +++ b/kubernetes/kube-nas/apps/secops/kustomization.yaml @@ -3,7 +3,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./namespace.yaml - - ./vault-auth.yaml + - namespace.yaml + - vault-auth.yaml - ./external-secrets/flux-sync.yaml - ./vault/flux-sync.yaml diff --git a/kubernetes/kube-nas/flux/flux-sync.yaml b/kubernetes/kube-nas/flux/flux-sync.yaml index 6fe56c9a5..ce130ba70 100644 --- a/kubernetes/kube-nas/flux/flux-sync.yaml +++ b/kubernetes/kube-nas/flux/flux-sync.yaml @@ -3,74 +3,96 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: flux-repositories + name: &appname flux-repositories namespace: flux-system spec: targetNamespace: flux-system - interval: 30m + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/base/flux/repositories/helm prune: false - wait: true sourceRef: kind: GitRepository name: home-ops + wait: true + interval: 30m + retryInterval: 1m + timeout: 5m --- # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: flux-operator + name: &appname flux-operator namespace: flux-system spec: - dependsOn: - - name: flux-system - - name: flux-repositories targetNamespace: flux-system - interval: 30m + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/flux/operator prune: false - wait: false sourceRef: kind: GitRepository name: home-ops + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + dependsOn: + - name: flux-system + - name: flux-repositories --- # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: flux-instance + name: &appname flux-instance namespace: flux-system spec: - dependsOn: - - name: flux-operator targetNamespace: flux-system - interval: 30m + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/flux/instance prune: false - wait: false sourceRef: kind: GitRepository name: home-ops + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + dependsOn: + - name: flux-operator --- # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: flux-apps + name: &appname flux-apps namespace: flux-system spec: - dependsOn: - - name: flux-system - - name: flux-repositories - interval: 10m + targetNamespace: flux-system + commonMetadata: + labels: + app.kubernetes.io/name: *appname path: ./kubernetes/kube-nas/apps prune: false sourceRef: kind: GitRepository name: home-ops + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + dependsOn: + - name: flux-system + - name: flux-repositories decryption: provider: sops secretRef: diff --git a/kubernetes/kube-nas/flux/kustomization.yaml b/kubernetes/kube-nas/flux/kustomization.yaml index ecf968982..25428b85a 100644 --- a/kubernetes/kube-nas/flux/kustomization.yaml +++ b/kubernetes/kube-nas/flux/kustomization.yaml @@ -2,7 +2,6 @@ # yaml-language-server: $schema=https://json.schemastore.org/kustomization apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: flux-system resources: - flux-sync.yaml - config/cluster-secrets.sops.yaml