diff --git a/kube/clusters/nuclear/flux/flux-repo.yaml b/kube/clusters/nuclear/flux/flux-repo.yaml index 66a96009..359d9cd8 100644 --- a/kube/clusters/nuclear/flux/flux-repo.yaml +++ b/kube/clusters/nuclear/flux/flux-repo.yaml @@ -150,8 +150,8 @@ spec: metadata: name: not-used spec: - # prune: true - prune: false # disable prune for Flux restructure + prune: true + # prune: false target: group: kustomize.toolkit.fluxcd.io version: v1 diff --git a/kube/deploy/core/secrets/external-secrets/app/hr.yaml b/kube/deploy/core/secrets/external-secrets/app/hr.yaml index 5ade5fe6..c0b95d21 100644 --- a/kube/deploy/core/secrets/external-secrets/app/hr.yaml +++ b/kube/deploy/core/secrets/external-secrets/app/hr.yaml @@ -3,7 +3,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: name: &app external-secrets - namespace: external-secrets-system + namespace: *app spec: chart: spec: diff --git a/kube/deploy/core/secrets/external-secrets/ns.yaml b/kube/deploy/core/secrets/external-secrets/ns.yaml index e131bc43..ed289191 100644 --- a/kube/deploy/core/secrets/external-secrets/ns.yaml +++ b/kube/deploy/core/secrets/external-secrets/ns.yaml @@ -2,13 +2,6 @@ apiVersion: v1 kind: Namespace metadata: - name: external-secrets-system - labels: - kustomize.toolkit.fluxcd.io/prune: disabled ---- -apiVersion: v1 -kind: Namespace -metadata: - name: es-aws-ssm + name: external-secrets labels: kustomize.toolkit.fluxcd.io/prune: disabled \ No newline at end of file diff --git a/kube/deploy/core/secrets/external-secrets/stores/aws-ssm/clustersecretstore.yaml b/kube/deploy/core/secrets/external-secrets/stores/aws-ssm/clustersecretstore.yaml index 92195132..1f1ab5d9 100644 --- a/kube/deploy/core/secrets/external-secrets/stores/aws-ssm/clustersecretstore.yaml +++ b/kube/deploy/core/secrets/external-secrets/stores/aws-ssm/clustersecretstore.yaml @@ -3,9 +3,8 @@ apiVersion: external-secrets.io/v1beta1 kind: ClusterSecretStore metadata: name: aws-ssm - namespace: es-aws-ssm spec: - refreshInterval: 3600 + refreshInterval: 60 provider: aws: service: ParameterStore @@ -16,9 +15,9 @@ spec: accessKeyIDSecretRef: name: aws-ssm-auth key: access-key - namespace: es-aws-ssm + namespace: external-secrets secretAccessKeySecretRef: name: aws-ssm-auth key: secret-key - namespace: es-aws-ssm + namespace: external-secrets # conditions: # TODO: add namespace conditions \ No newline at end of file diff --git a/kube/deploy/core/secrets/external-secrets/stores/aws-ssm/secrets.yaml b/kube/deploy/core/secrets/external-secrets/stores/aws-ssm/secrets.yaml index e7c763a3..a98d1412 100644 --- a/kube/deploy/core/secrets/external-secrets/stores/aws-ssm/secrets.yaml +++ b/kube/deploy/core/secrets/external-secrets/stores/aws-ssm/secrets.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: aws-ssm-auth - namespace: es-aws-ssm + namespace: external-secrets type: Opaque stringData: access-key: "${SECRET_EXTERNAL_SECRETS_AWS_SSM_ACCESS_KEY}" diff --git a/kube/templates/test/app/pvc.yaml b/kube/templates/test/app/pvc.yaml new file mode 100644 index 00000000..783d0543 --- /dev/null +++ b/kube/templates/test/app/pvc.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: "${APPNAME}-data" + namespace: &app "${APPNAME}" + labels: + app.kubernetes.io/name: *app + app.kubernetes.io/instance: *app + snapshot.home.arpa/enabled: "true" +spec: + storageClassName: "file" + accessModes: ["ReadWriteMany"] + resources: + requests: + storage: "50Gi" + dataSourceRef: + apiGroup: "volsync.backube" + kind: "ReplicationDestination" + name: "${APPNAME}-data-bootstrap"