From 1602c62fe4e14a2eef917c7d9ee45a3e32cf3467 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Sat, 4 Apr 2026 22:26:55 +0000 Subject: [PATCH 1/2] chore: Update manifests after change --- .../manifests/descheduler/Deployment-descheduler.yaml | 2 +- .../external-dns/Deployment-external-dns-unifi.yaml | 2 +- .../manifests/medialyze/Deployment-medialyze.yaml | 10 ++++++---- .../manifests/medialyze/HTTPRoute-medialyze.yaml | 2 +- .../PersistentVolumeClaim-medialyze-data.yaml | 2 -- .../metrics-server/Deployment-metrics-server.yaml | 8 ++++---- 6 files changed, 13 insertions(+), 13 deletions(-) diff --git a/clusters/cl01tl/manifests/descheduler/Deployment-descheduler.yaml b/clusters/cl01tl/manifests/descheduler/Deployment-descheduler.yaml index f3c50627b..000caee6e 100644 --- a/clusters/cl01tl/manifests/descheduler/Deployment-descheduler.yaml +++ b/clusters/cl01tl/manifests/descheduler/Deployment-descheduler.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: descheduler containers: - name: descheduler - image: "registry.k8s.io/descheduler/descheduler:v0.35.1" + image: "registry.k8s.io/descheduler/descheduler:v0.35.1@sha256:871d3b804390b0b8c7cb09d4e9b7856cf30e31f9e9e3d29562b0301a10453bb1" imagePullPolicy: IfNotPresent command: - /bin/descheduler diff --git a/clusters/cl01tl/manifests/external-dns/Deployment-external-dns-unifi.yaml b/clusters/cl01tl/manifests/external-dns/Deployment-external-dns-unifi.yaml index 8b2a827e6..306187fba 100644 --- a/clusters/cl01tl/manifests/external-dns/Deployment-external-dns-unifi.yaml +++ b/clusters/cl01tl/manifests/external-dns/Deployment-external-dns-unifi.yaml @@ -42,7 +42,7 @@ spec: runAsGroup: 65532 runAsNonRoot: true runAsUser: 65532 - image: registry.k8s.io/external-dns/external-dns:v0.20.0 + image: registry.k8s.io/external-dns/external-dns:v0.20.0@sha256:ddc7f4212ed09a21024deb1f470a05240837712e74e4b9f6d1f2632ff10672e7 imagePullPolicy: IfNotPresent args: - --log-level=info diff --git a/clusters/cl01tl/manifests/medialyze/Deployment-medialyze.yaml b/clusters/cl01tl/manifests/medialyze/Deployment-medialyze.yaml index 3d44088c7..ac6fc2f28 100644 --- a/clusters/cl01tl/manifests/medialyze/Deployment-medialyze.yaml +++ b/clusters/cl01tl/manifests/medialyze/Deployment-medialyze.yaml @@ -29,6 +29,9 @@ spec: enableServiceLinks: false serviceAccountName: default automountServiceAccountToken: true + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch hostIPC: false hostNetwork: false hostPID: false @@ -43,13 +46,12 @@ spec: value: America/Chicago - name: MEDIA_HOST_DIR value: /media - image: ghcr.io/frederikemmer/medialyze:0.4.1 - imagePullPolicy: IfNotPresent + image: ghcr.io/frederikemmer/medialyze:0.4.1@sha256:d4f2e04d3759f308bea605c9b7242ab6da98813adc0b276dc3cbe9c283071eb8 name: main resources: requests: - cpu: 10m - memory: 128Mi + cpu: 5m + memory: 400Mi volumeMounts: - mountPath: /config name: data diff --git a/clusters/cl01tl/manifests/medialyze/HTTPRoute-medialyze.yaml b/clusters/cl01tl/manifests/medialyze/HTTPRoute-medialyze.yaml index ed706450e..598d376a7 100644 --- a/clusters/cl01tl/manifests/medialyze/HTTPRoute-medialyze.yaml +++ b/clusters/cl01tl/manifests/medialyze/HTTPRoute-medialyze.yaml @@ -23,7 +23,7 @@ spec: name: medialyze namespace: medialyze port: 80 - weight: 100 + weight: 1 matches: - path: type: PathPrefix diff --git a/clusters/cl01tl/manifests/medialyze/PersistentVolumeClaim-medialyze-data.yaml b/clusters/cl01tl/manifests/medialyze/PersistentVolumeClaim-medialyze-data.yaml index 2c1a7b656..861244ea7 100644 --- a/clusters/cl01tl/manifests/medialyze/PersistentVolumeClaim-medialyze-data.yaml +++ b/clusters/cl01tl/manifests/medialyze/PersistentVolumeClaim-medialyze-data.yaml @@ -7,8 +7,6 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: medialyze helm.sh/chart: medialyze-4.6.2 - annotations: - helm.sh/resource-policy: keep namespace: medialyze spec: accessModes: diff --git a/clusters/cl01tl/manifests/metrics-server/Deployment-metrics-server.yaml b/clusters/cl01tl/manifests/metrics-server/Deployment-metrics-server.yaml index da134c89d..1f8dd92d2 100644 --- a/clusters/cl01tl/manifests/metrics-server/Deployment-metrics-server.yaml +++ b/clusters/cl01tl/manifests/metrics-server/Deployment-metrics-server.yaml @@ -10,7 +10,7 @@ metadata: app.kubernetes.io/version: "0.8.0" app.kubernetes.io/managed-by: Helm spec: - replicas: 3 + replicas: 2 selector: matchLabels: app.kubernetes.io/name: metrics-server @@ -35,7 +35,7 @@ spec: runAsUser: 1000 seccompProfile: type: RuntimeDefault - image: registry.k8s.io/metrics-server/metrics-server:v0.8.0 + image: registry.k8s.io/metrics-server/metrics-server:v0.8.0@sha256:89258156d0e9af60403eafd44da9676fd66f600c7934d468ccc17e42b199aee2 imagePullPolicy: IfNotPresent args: - --secure-port=10250 @@ -70,8 +70,8 @@ spec: mountPath: /tmp resources: requests: - cpu: 100m - memory: 200Mi + cpu: 10m + memory: 60Mi volumes: - name: tmp emptyDir: {} From ada28308466f320deda5092a64670503b84b2069 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Sat, 4 Apr 2026 22:34:23 +0000 Subject: [PATCH 2/2] chore: Update manifests after change --- ...-argo-workflows-postgresql-18-cluster.yaml | 66 ----- .../ClusterRole-argo-events-webhook.yaml | 67 ----- .../ClusterRole-argo-workflows-admin.yaml | 42 --- ...kflows-argo-events-controller-manager.yaml | 92 ------ ...lusterRole-argo-workflows-crd-install.yaml | 20 -- .../ClusterRole-argo-workflows-edit.yaml | 42 --- ...rgo-workflows-server-cluster-template.yaml | 25 -- .../ClusterRole-argo-workflows-server.yaml | 92 ------ .../ClusterRole-argo-workflows-view.yaml | 37 --- ...-workflow-controller-cluster-template.yaml | 22 -- ...le-argo-workflows-workflow-controller.yaml | 155 ---------- ...kflows-argo-events-controller-manager.yaml | 19 -- ...-workflows-argo-events-events-webhook.yaml | 18 -- ...oleBinding-argo-workflows-crd-install.yaml | 24 -- ...rgo-workflows-server-cluster-template.yaml | 20 -- ...sterRoleBinding-argo-workflows-server.yaml | 20 -- ...-workflow-controller-cluster-template.yaml | 20 -- ...ng-argo-workflows-workflow-controller.yaml | 20 -- ...kflows-argo-events-controller-manager.yaml | 84 ------ ...rkflows-workflow-controller-configmap.yaml | 57 ---- ...sourceDefinition-eventbus.argoproj.io.yaml | 41 --- ...ceDefinition-eventsources.argoproj.io.yaml | 41 --- ...esourceDefinition-sensors.argoproj.io.yaml | 41 --- ...kflows-argo-events-controller-manager.yaml | 83 ------ .../Deployment-argo-workflows-server.yaml | 88 ------ ...nt-argo-workflows-workflow-controller.yaml | 96 ------- .../Deployment-events-webhook.yaml | 69 ----- ...rnalSecret-argo-workflows-oidc-secret.yaml | 22 -- ...tgresql-18-backup-garage-local-secret.yaml | 38 --- ...rkflows-postgresql-18-recovery-secret.yaml | 38 --- .../HTTPRoute-argo-workflows-server.yaml | 32 --- .../Job-argo-workflows-crd-install.yaml | 57 ---- ...ows-postgresql-18-backup-garage-local.yaml | 33 --- ...argo-workflows-postgresql-18-recovery.yaml | 32 --- ...o-workflows-postgresql-18-alert-rules.yaml | 270 ------------------ .../Role-argo-workflows-workflow.yaml | 21 -- .../RoleBinding-argo-workflows-workflow.yaml | 21 -- ...resql-18-scheduled-backup-live-backup.yaml | 24 -- ...rgo-events-controller-manager-metrics.yaml | 21 -- .../Service-argo-workflows-server.yaml | 23 -- ...ce-argo-workflows-workflow-controller.yaml | 25 -- .../Service-events-webhook.yaml | 18 -- ...kflows-argo-events-controller-manager.yaml | 13 - ...-workflows-argo-events-events-webhook.yaml | 13 - ...iceAccount-argo-workflows-crd-install.yaml | 17 -- .../ServiceAccount-argo-workflows-server.yaml | 13 - ...nt-argo-workflows-workflow-controller.yaml | 13 - ...kflows-argo-events-controller-manager.yaml | 25 -- .../manifests/blocky/ConfigMap-blocky.yaml | 3 - .../manifests/blocky/Deployment-blocky.yaml | 2 +- .../Deployment-code-server-cloudflared.yaml | 58 ---- .../code-server/Deployment-code-server.yaml | 64 ----- ...Secret-code-server-cloudflared-secret.yaml | 24 -- ...-server-config-backup-secret-external.yaml | 58 ---- ...ode-server-config-backup-secret-local.yaml | 58 ---- ...de-server-config-backup-secret-remote.yaml | 58 ---- ...rnalSecret-codeserver-password-secret.yaml | 22 -- .../code-server/HTTPRoute-code-server.yaml | 30 -- ...sistentVolumeClaim-code-server-config.yaml | 17 -- ...-server-config-backup-source-external.yaml | 34 --- ...ode-server-config-backup-source-local.yaml | 34 --- ...de-server-config-backup-source-remote.yaml | 34 --- .../code-server/Service-code-server.yaml | 22 -- .../manifests/gatus/ConfigMap-gatus.yaml | 27 -- .../manifests/gatus/Deployment-gatus.yaml | 2 +- .../homepage/ConfigMap-homepage.yaml | 18 -- .../homepage/Deployment-homepage.yaml | 2 +- .../Deployment-movie-roulette.yaml | 109 ------- ...alSecret-movie-roulette-config-secret.yaml | 42 --- .../HTTPRoute-movie-roulette.yaml | 30 -- ...istentVolumeClaim-movie-roulette-data.yaml | 19 -- .../Service-movie-roulette.yaml | 22 -- 72 files changed, 3 insertions(+), 2956 deletions(-) delete mode 100644 clusters/cl01tl/manifests/argo-workflows/Cluster-argo-workflows-postgresql-18-cluster.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-events-webhook.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-admin.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-argo-events-controller-manager.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-crd-install.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-edit.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-server-cluster-template.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-server.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-view.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-workflow-controller-cluster-template.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-workflow-controller.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-argo-events-controller-manager.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-argo-events-events-webhook.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-crd-install.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-server-cluster-template.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-server.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-workflow-controller-cluster-template.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-workflow-controller.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ConfigMap-argo-workflows-argo-events-controller-manager.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ConfigMap-argo-workflows-workflow-controller-configmap.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-eventbus.argoproj.io.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-eventsources.argoproj.io.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-sensors.argoproj.io.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-argo-events-controller-manager.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-server.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-workflow-controller.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/Deployment-events-webhook.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-oidc-secret.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-postgresql-18-backup-garage-local-secret.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-postgresql-18-recovery-secret.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/HTTPRoute-argo-workflows-server.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/Job-argo-workflows-crd-install.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ObjectStore-argo-workflows-postgresql-18-backup-garage-local.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ObjectStore-argo-workflows-postgresql-18-recovery.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/PrometheusRule-argo-workflows-postgresql-18-alert-rules.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/Role-argo-workflows-workflow.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/RoleBinding-argo-workflows-workflow.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ScheduledBackup-argo-workflows-postgresql-18-scheduled-backup-live-backup.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-argo-events-controller-manager-metrics.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-server.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-workflow-controller.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/Service-events-webhook.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-argo-events-controller-manager.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-argo-events-events-webhook.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-crd-install.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-server.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-workflow-controller.yaml delete mode 100644 clusters/cl01tl/manifests/argo-workflows/ServiceMonitor-argo-workflows-argo-events-controller-manager.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/Deployment-code-server-cloudflared.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/Deployment-code-server.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-cloudflared-secret.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-external.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-local.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-remote.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/ExternalSecret-codeserver-password-secret.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/HTTPRoute-code-server.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/PersistentVolumeClaim-code-server-config.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-external.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-local.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-remote.yaml delete mode 100644 clusters/cl01tl/manifests/code-server/Service-code-server.yaml delete mode 100644 clusters/cl01tl/manifests/movie-roulette/Deployment-movie-roulette.yaml delete mode 100644 clusters/cl01tl/manifests/movie-roulette/ExternalSecret-movie-roulette-config-secret.yaml delete mode 100644 clusters/cl01tl/manifests/movie-roulette/HTTPRoute-movie-roulette.yaml delete mode 100644 clusters/cl01tl/manifests/movie-roulette/PersistentVolumeClaim-movie-roulette-data.yaml delete mode 100644 clusters/cl01tl/manifests/movie-roulette/Service-movie-roulette.yaml diff --git a/clusters/cl01tl/manifests/argo-workflows/Cluster-argo-workflows-postgresql-18-cluster.yaml b/clusters/cl01tl/manifests/argo-workflows/Cluster-argo-workflows-postgresql-18-cluster.yaml deleted file mode 100644 index d8849e289..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/Cluster-argo-workflows-postgresql-18-cluster.yaml +++ /dev/null @@ -1,66 +0,0 @@ -apiVersion: postgresql.cnpg.io/v1 -kind: Cluster -metadata: - name: argo-workflows-postgresql-18-cluster - namespace: argo-workflows - labels: - app.kubernetes.io/name: argo-workflows-postgresql-18-cluster - helm.sh/chart: postgres-18-cluster-7.11.1 - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "7.11.1" - app.kubernetes.io/managed-by: Helm -spec: - instances: 3 - imageName: "ghcr.io/cloudnative-pg/postgresql:18.3-standard-trixie" - imagePullPolicy: IfNotPresent - postgresUID: 26 - postgresGID: 26 - storage: - size: 10Gi - storageClass: local-path - walStorage: - size: 2Gi - storageClass: local-path - resources: - limits: - hugepages-2Mi: 256Mi - requests: - cpu: 20m - memory: 80Mi - affinity: - enablePodAntiAffinity: true - topologyKey: kubernetes.io/hostname - primaryUpdateMethod: switchover - primaryUpdateStrategy: unsupervised - logLevel: info - enableSuperuserAccess: false - enablePDB: true - postgresql: - parameters: - hot_standby_feedback: "on" - max_slot_wal_keep_size: 2000MB - shared_buffers: 128MB - monitoring: - enablePodMonitor: true - disableDefaultQueries: false - plugins: - - name: barman-cloud.cloudnative-pg.io - enabled: true - isWALArchiver: true - parameters: - barmanObjectName: "argo-workflows-postgresql-18-backup-garage-local" - serverName: "argo-workflows-postgresql-18-backup-1" - bootstrap: - recovery: - database: app - source: argo-workflows-postgresql-18-backup-1 - externalClusters: - - name: argo-workflows-postgresql-18-backup-1 - plugin: - name: barman-cloud.cloudnative-pg.io - enabled: true - isWALArchiver: false - parameters: - barmanObjectName: "argo-workflows-postgresql-18-recovery" - serverName: argo-workflows-postgresql-18-backup-1 diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-events-webhook.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-events-webhook.yaml deleted file mode 100644 index 005fc0ccd..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-events-webhook.yaml +++ /dev/null @@ -1,67 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argo-events-webhook - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-events-webhook - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events -rules: - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - apps - resources: - - deployments - verbs: - - get - - list - - apiGroups: - - admissionregistration.k8s.io - resources: - - validatingwebhookconfigurations - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - argoproj.io - resources: - - eventbus - - eventsources - - sensors - verbs: - - get - - list - - watch - - apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterroles - verbs: - - get - - list diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-admin.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-admin.yaml deleted file mode 100644 index 9c63fdf0c..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-admin.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argo-workflows-admin - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: server - app: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - rbac.authorization.k8s.io/aggregate-to-admin: "true" -rules: - - apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workfloweventbindings - - workfloweventbindings/finalizers - - workflowtemplates - - workflowtemplates/finalizers - - cronworkflows - - cronworkflows/finalizers - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - - workflowtasksets - - workflowtasksets/finalizers - - workflowtaskresults - - workflowtaskresults/finalizers - - workflowartifactgctasks - - workflowartifactgctasks/finalizers - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-argo-events-controller-manager.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-argo-events-controller-manager.yaml deleted file mode 100644 index a54d04d75..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-argo-events-controller-manager.yaml +++ /dev/null @@ -1,92 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argo-workflows-argo-events-controller-manager - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-controller-manager - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: controller-manager - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events -rules: - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - apiGroups: - - argoproj.io - resources: - - sensors - - sensors/finalizers - - sensors/status - - eventsources - - eventsources/finalizers - - eventsources/status - - eventbus - - eventbus/finalizers - - eventbus/status - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - pods - - pods/exec - - configmaps - - services - - persistentvolumeclaims - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - "" - resources: - - secrets - verbs: - - create - - get - - list - - update - - patch - - delete - - apiGroups: - - apps - resources: - - deployments - - statefulsets - verbs: - - create - - get - - list - - watch - - update - - patch - - delete diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-crd-install.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-crd-install.yaml deleted file mode 100644 index 31ae7e743..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-crd-install.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argo-workflows-crd-install - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-crd-install - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: crds - app: crds - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - annotations: - "helm.sh/hook": pre-install,pre-upgrade - "helm.sh/hook-weight": "-10" - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded -rules: - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["create", "get", "list", "patch", "update"] diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-edit.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-edit.yaml deleted file mode 100644 index b9d90f648..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-edit.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argo-workflows-edit - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: server - app: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - rbac.authorization.k8s.io/aggregate-to-edit: "true" -rules: - - apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workfloweventbindings - - workfloweventbindings/finalizers - - workflowtemplates - - workflowtemplates/finalizers - - cronworkflows - - cronworkflows/finalizers - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - - workflowtasksets - - workflowtasksets/finalizers - - workflowtaskresults - - workflowtaskresults/finalizers - - workflowartifactgctasks - - workflowartifactgctasks/finalizers - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-server-cluster-template.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-server-cluster-template.yaml deleted file mode 100644 index 02f8e33fc..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-server-cluster-template.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argo-workflows-server-cluster-template - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: server - app: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows -rules: - - apiGroups: - - argoproj.io - resources: - - clusterworkflowtemplates - verbs: - - get - - list - - watch - - create - - update - - patch - - delete diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-server.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-server.yaml deleted file mode 100644 index d5518a344..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-server.yaml +++ /dev/null @@ -1,92 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argo-workflows-server - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: server - app: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows -rules: - - apiGroups: - - "" - resources: - - configmaps - - events - verbs: - - get - - watch - - list - - apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch - - delete - - apiGroups: - - "" - resources: - - pods/log - verbs: - - get - - list - - apiGroups: - - "" - resources: - - secrets - resourceNames: - - sso - verbs: - - get - - apiGroups: - - "" - resources: - - secrets - verbs: - - create - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - apiGroups: - - "" - resources: - - events - verbs: - - watch - - create - - patch - - apiGroups: - - "" - resources: - - secrets - resourceNames: - - argo-workflows-postgresql-18-cluster-app - - argo-workflows-postgresql-18-cluster-app - verbs: - - get - - apiGroups: - - argoproj.io - resources: - - eventsources - - sensors - - workflows - - workfloweventbindings - - workflowtemplates - - cronworkflows - verbs: - - create - - get - - list - - watch - - update - - patch - - delete diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-view.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-view.yaml deleted file mode 100644 index 9934d2504..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-view.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argo-workflows-view - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: workflow-controller - app: workflow-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - rbac.authorization.k8s.io/aggregate-to-view: "true" -rules: - - apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workfloweventbindings - - workfloweventbindings/finalizers - - workflowtemplates - - workflowtemplates/finalizers - - cronworkflows - - cronworkflows/finalizers - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - - workflowtasksets - - workflowtasksets/finalizers - - workflowtaskresults - - workflowtaskresults/finalizers - - workflowartifactgctasks - - workflowartifactgctasks/finalizers - verbs: - - get - - list - - watch diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-workflow-controller-cluster-template.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-workflow-controller-cluster-template.yaml deleted file mode 100644 index cbe4588e3..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-workflow-controller-cluster-template.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argo-workflows-workflow-controller-cluster-template - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: workflow-controller - app: workflow-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows -rules: - - apiGroups: - - argoproj.io - resources: - - clusterworkflowtemplates - - clusterworkflowtemplates/finalizers - verbs: - - get - - list - - watch diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-workflow-controller.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-workflow-controller.yaml deleted file mode 100644 index 334993e04..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-workflow-controller.yaml +++ /dev/null @@ -1,155 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: argo-workflows-workflow-controller - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: workflow-controller - app: workflow-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows -rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - create - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - "" - resources: - - pods/exec - verbs: - - create - - apiGroups: - - "" - resources: - - configmaps - - namespaces - verbs: - - get - - watch - - list - - apiGroups: - - "" - resources: - - persistentvolumeclaims - - persistentvolumeclaims/finalizers - verbs: - - create - - update - - delete - - get - - apiGroups: - - argoproj.io - resources: - - workflows - - workflows/finalizers - - workflowtasksets - - workflowtasksets/finalizers - - workflowtasksets/status - - workflowartifactgctasks - verbs: - - get - - list - - watch - - update - - patch - - delete - - create - - apiGroups: - - argoproj.io - resources: - - workflowtemplates - - workflowtemplates/finalizers - verbs: - - get - - list - - watch - - apiGroups: - - argoproj.io - resources: - - workflowtaskresults - - workflowtaskresults/finalizers - verbs: - - list - - watch - - deletecollection - - apiGroups: - - argoproj.io - resources: - - cronworkflows - - cronworkflows/finalizers - verbs: - - get - - list - - watch - - update - - patch - - delete - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - get - - list - - apiGroups: - - "policy" - resources: - - poddisruptionbudgets - verbs: - - create - - get - - delete - - apiGroups: - - "" - resources: - - secrets - resourceNames: - - argo-workflows-postgresql-18-cluster-app - - argo-workflows-postgresql-18-cluster-app - verbs: - - get - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - apiGroups: - - coordination.k8s.io - resources: - - leases - resourceNames: - - workflow-controller - - workflow-controller-lease - verbs: - - get - - watch - - update - - patch - - delete - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - resourceNames: - - argo-workflows-agent-ca-certificates diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-argo-events-controller-manager.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-argo-events-controller-manager.yaml deleted file mode 100644 index 579cdc3a3..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-argo-events-controller-manager.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: argo-workflows-argo-events-controller-manager - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-controller-manager - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: controller-manager - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argo-workflows-argo-events-controller-manager -subjects: - - kind: ServiceAccount - name: argo-workflows-argo-events-controller-manager - namespace: "argo-workflows" diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-argo-events-events-webhook.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-argo-events-events-webhook.yaml deleted file mode 100644 index 36b8ebcc7..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-argo-events-events-webhook.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: argo-workflows-argo-events-events-webhook - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-events-webhook - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argo-events-webhook -subjects: - - kind: ServiceAccount - name: argo-workflows-argo-events-events-webhook - namespace: "argo-workflows" diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-crd-install.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-crd-install.yaml deleted file mode 100644 index 170e984e4..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-crd-install.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: argo-workflows-crd-install - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-crd-install - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: crds - app: crds - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - annotations: - "helm.sh/hook": pre-install,pre-upgrade - "helm.sh/hook-weight": "-10" - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded -subjects: - - kind: ServiceAccount - name: argo-workflows-crd-install - namespace: argo-workflows -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argo-workflows-crd-install diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-server-cluster-template.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-server-cluster-template.yaml deleted file mode 100644 index 54460f776..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-server-cluster-template.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: argo-workflows-server-cluster-template - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: server - app: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argo-workflows-server-cluster-template -subjects: - - kind: ServiceAccount - name: argo-workflows-server - namespace: "argo-workflows" diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-server.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-server.yaml deleted file mode 100644 index b2e654412..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-server.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: argo-workflows-server - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: server - app: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argo-workflows-server -subjects: - - kind: ServiceAccount - name: argo-workflows-server - namespace: "argo-workflows" diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-workflow-controller-cluster-template.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-workflow-controller-cluster-template.yaml deleted file mode 100644 index acd686364..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-workflow-controller-cluster-template.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: argo-workflows-workflow-controller-cluster-template - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: workflow-controller - app: workflow-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argo-workflows-workflow-controller-cluster-template -subjects: - - kind: ServiceAccount - name: argo-workflows-workflow-controller - namespace: "argo-workflows" diff --git a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-workflow-controller.yaml b/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-workflow-controller.yaml deleted file mode 100644 index 6b3cf8bb9..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-workflow-controller.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: argo-workflows-workflow-controller - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: workflow-controller - app: workflow-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argo-workflows-workflow-controller -subjects: - - kind: ServiceAccount - name: argo-workflows-workflow-controller - namespace: "argo-workflows" diff --git a/clusters/cl01tl/manifests/argo-workflows/ConfigMap-argo-workflows-argo-events-controller-manager.yaml b/clusters/cl01tl/manifests/argo-workflows/ConfigMap-argo-workflows-argo-events-controller-manager.yaml deleted file mode 100644 index 5e2ab0714..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ConfigMap-argo-workflows-argo-events-controller-manager.yaml +++ /dev/null @@ -1,84 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: argo-workflows-argo-events-controller-manager - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-controller-manager - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events -data: - controller-config.yaml: | - eventBus: - nats: - versions: - - version: latest - natsStreamingImage: nats-streaming:latest - metricsExporterImage: natsio/prometheus-nats-exporter:latest - - version: 0.22.1 - natsStreamingImage: nats-streaming:0.22.1 - metricsExporterImage: natsio/prometheus-nats-exporter:0.8.0 - jetstream: - # Default JetStream settings, could be overridden by EventBus JetStream specs - settings: | - # https://docs.nats.io/running-a-nats-service/configuration#jetstream - # Only configure "max_memory_store" or "max_file_store", do not set "store_dir" as it has been hardcoded. - max_memory_store: -1 - max_file_store: -1 - # The default properties of the streams to be created in this JetStream service - streamConfig: | - maxMsgs: 1e+06 - maxAge: 72h - maxBytes: 1GB - replicas: 3 - duplicates: 300s - retention: 0 - discard: 0 - versions: - - version: latest - natsImage: nats:2.10.10 - metricsExporterImage: natsio/prometheus-nats-exporter:0.14.0 - configReloaderImage: natsio/nats-server-config-reloader:0.14.0 - startCommand: /nats-server - - version: 2.8.1 - natsImage: nats:2.8.1 - metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - configReloaderImage: natsio/nats-server-config-reloader:0.7.0 - startCommand: /nats-server - - version: 2.8.1-alpine - natsImage: nats:2.8.1-alpine - metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - configReloaderImage: natsio/nats-server-config-reloader:0.7.0 - startCommand: nats-server - - version: 2.8.2 - natsImage: nats:2.8.2 - metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - configReloaderImage: natsio/nats-server-config-reloader:0.7.0 - startCommand: /nats-server - - version: 2.8.2-alpine - natsImage: nats:2.8.2-alpine - metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - configReloaderImage: natsio/nats-server-config-reloader:0.7.0 - startCommand: nats-server - - version: 2.9.1 - natsImage: nats:2.9.1 - metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - configReloaderImage: natsio/nats-server-config-reloader:0.7.0 - startCommand: /nats-server - - version: 2.9.12 - natsImage: nats:2.9.12 - metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - configReloaderImage: natsio/nats-server-config-reloader:0.7.0 - startCommand: /nats-server - - version: 2.9.16 - natsImage: nats:2.9.16 - metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1 - configReloaderImage: natsio/nats-server-config-reloader:0.7.0 - startCommand: /nats-server - - version: 2.10.10 - natsImage: nats:2.10.10 - metricsExporterImage: natsio/prometheus-nats-exporter:0.14.0 - configReloaderImage: natsio/nats-server-config-reloader:0.14.0 - startCommand: /nats-server diff --git a/clusters/cl01tl/manifests/argo-workflows/ConfigMap-argo-workflows-workflow-controller-configmap.yaml b/clusters/cl01tl/manifests/argo-workflows/ConfigMap-argo-workflows-workflow-controller-configmap.yaml deleted file mode 100644 index 16f12fdfd..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ConfigMap-argo-workflows-workflow-controller-configmap.yaml +++ /dev/null @@ -1,57 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: argo-workflows-workflow-controller-configmap - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-cm - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: workflow-controller - app: workflow-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows -data: - config: | - metricsConfig: - enabled: true - path: /metrics - port: 9090 - ignoreErrors: false - secure: false - persistence: - postgresql: - database: app - host: argo-workflows-postgresql-18-cluster-rw - passwordSecret: - key: password - name: argo-workflows-postgresql-18-cluster-app - port: 5432 - ssl: false - sslMode: disable - tableName: app - userNameSecret: - key: username - name: argo-workflows-postgresql-18-cluster-app - sso: - issuer: https://authentik.alexlebens.net/application/o/argo-workflows/ - clientId: - name: argo-workflows-oidc-secret - key: client - clientSecret: - name: argo-workflows-oidc-secret - key: secret - redirectUrl: "https://argo-workflows.alexlebens.net/oauth2/callback" - rbac: - enabled: false - scopes: - - openid - - email - - profile - nodeEvents: - enabled: true - workflowEvents: - enabled: true - failedPodRestart: - enabled: false - maxRestarts: 3 diff --git a/clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-eventbus.argoproj.io.yaml b/clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-eventbus.argoproj.io.yaml deleted file mode 100644 index 9ddacfffd..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-eventbus.argoproj.io.yaml +++ /dev/null @@ -1,41 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventbus.argoproj.io - annotations: - "helm.sh/resource-policy": keep -spec: - group: argoproj.io - names: - kind: EventBus - listKind: EventBusList - plural: eventbus - shortNames: - - eb - singular: eventbus - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-eventsources.argoproj.io.yaml b/clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-eventsources.argoproj.io.yaml deleted file mode 100644 index 78eddec38..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-eventsources.argoproj.io.yaml +++ /dev/null @@ -1,41 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: eventsources.argoproj.io - annotations: - "helm.sh/resource-policy": keep -spec: - group: argoproj.io - names: - kind: EventSource - listKind: EventSourceList - plural: eventsources - shortNames: - - es - singular: eventsource - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-sensors.argoproj.io.yaml b/clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-sensors.argoproj.io.yaml deleted file mode 100644 index cde07e7da..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-sensors.argoproj.io.yaml +++ /dev/null @@ -1,41 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: sensors.argoproj.io - annotations: - "helm.sh/resource-policy": keep -spec: - group: argoproj.io - names: - kind: Sensor - listKind: SensorList - plural: sensors - shortNames: - - sn - singular: sensor - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-argo-events-controller-manager.yaml b/clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-argo-events-controller-manager.yaml deleted file mode 100644 index 6797788db..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-argo-events-controller-manager.yaml +++ /dev/null @@ -1,83 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argo-workflows-argo-events-controller-manager - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-controller-manager - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: controller-manager - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events - app.kubernetes.io/version: "v1.9.10" -spec: - selector: - matchLabels: - app.kubernetes.io/name: argo-events-controller-manager - app.kubernetes.io/instance: argo-workflows - revisionHistoryLimit: 5 - replicas: 1 - template: - metadata: - annotations: - checksum/config: 135092f269aed133f5f437effc0a0fe89934a0ca8f97a823a64f6b0e0b564a35 - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-controller-manager - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: controller-manager - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events - app.kubernetes.io/version: "v1.9.10" - spec: - containers: - - name: controller-manager - image: quay.io/argoproj/argo-events:v1.9.10 - imagePullPolicy: IfNotPresent - args: - - controller - env: - - name: ARGO_EVENTS_IMAGE - value: quay.io/argoproj/argo-events:v1.9.10 - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - volumeMounts: - - name: config - mountPath: /etc/argo-events - ports: - - name: metrics - containerPort: 7777 - protocol: TCP - - name: probe - containerPort: 8081 - protocol: TCP - livenessProbe: - httpGet: - port: probe - path: /healthz - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - readinessProbe: - httpGet: - port: probe - path: /readyz - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - resources: - requests: - cpu: 1m - memory: 32Mi - serviceAccountName: argo-workflows-argo-events-controller-manager - volumes: - - name: config - configMap: - name: argo-workflows-argo-events-controller-manager diff --git a/clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-server.yaml b/clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-server.yaml deleted file mode 100644 index 98b66aa37..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-server.yaml +++ /dev/null @@ -1,88 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argo-workflows-server - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: server - app: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "v4.0.4" -spec: - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - template: - metadata: - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: server - app: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "v4.0.4" - annotations: - checksum/cm: 527b60fba5bef1214c12ff954d6874c870bd0fafe7690c97fef9b3472caeb5c6 - spec: - serviceAccountName: argo-workflows-server - containers: - - name: argo-server - image: "quay.io/argoproj/argocli:v4.0.4" - imagePullPolicy: Always - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: false - runAsNonRoot: true - args: - - server - - --configmap=argo-workflows-workflow-controller-configmap - - "--auth-mode=sso" - - "--secure=false" - - "--loglevel" - - "info" - - "--gloglevel" - - "0" - - "--log-format" - - "text" - ports: - - name: web - containerPort: 2746 - readinessProbe: - httpGet: - path: / - port: 2746 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 20 - env: - - name: IN_CLUSTER - value: "true" - - name: ARGO_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: ARGO_BASE_HREF - value: "/" - resources: {} - volumeMounts: - - name: tmp - mountPath: /tmp - terminationGracePeriodSeconds: 30 - volumes: - - name: tmp - emptyDir: {} - nodeSelector: - kubernetes.io/os: linux diff --git a/clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-workflow-controller.yaml b/clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-workflow-controller.yaml deleted file mode 100644 index b5359c6f5..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-workflow-controller.yaml +++ /dev/null @@ -1,96 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: argo-workflows-workflow-controller - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: workflow-controller - app: workflow-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "v4.0.4" -spec: - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - template: - metadata: - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: workflow-controller - app: workflow-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "v4.0.4" - spec: - serviceAccountName: argo-workflows-workflow-controller - containers: - - name: controller - image: "quay.io/argoproj/workflow-controller:v4.0.4" - imagePullPolicy: Always - command: ["workflow-controller"] - args: - - "--configmap" - - "argo-workflows-workflow-controller-configmap" - - "--executor-image" - - "quay.io/argoproj/argoexec:v4.0.4" - - "--loglevel" - - "info" - - "--gloglevel" - - "0" - - "--log-format" - - "text" - - "--workflow-workers" - - "2" - - "--workflow-ttl-workers" - - "2" - - "--pod-cleanup-workers" - - "2" - - "--cron-workflow-workers" - - "2" - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - env: - - name: ARGO_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: LEADER_ELECTION_IDENTITY - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: LEADER_ELECTION_DISABLE - value: "true" - resources: - requests: - cpu: 1m - memory: 20Mi - ports: - - name: metrics - containerPort: 9090 - - containerPort: 6060 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 6060 - initialDelaySeconds: 90 - periodSeconds: 60 - timeoutSeconds: 30 - nodeSelector: - kubernetes.io/os: linux diff --git a/clusters/cl01tl/manifests/argo-workflows/Deployment-events-webhook.yaml b/clusters/cl01tl/manifests/argo-workflows/Deployment-events-webhook.yaml deleted file mode 100644 index 2354b774b..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/Deployment-events-webhook.yaml +++ /dev/null @@ -1,69 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: events-webhook - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-events-webhook - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: events-webhook - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events - app.kubernetes.io/version: "v1.9.10" -spec: - selector: - matchLabels: - app.kubernetes.io/name: argo-events-events-webhook - app.kubernetes.io/instance: argo-workflows - revisionHistoryLimit: 5 - replicas: 1 - template: - metadata: - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-events-webhook - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: events-webhook - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events - app.kubernetes.io/version: "v1.9.10" - spec: - containers: - - name: events-webhook - image: quay.io/argoproj/argo-events:v1.9.10 - imagePullPolicy: IfNotPresent - args: - - webhook-service - env: - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: PORT - value: "443" - ports: - - name: webhook - containerPort: 443 - protocol: TCP - livenessProbe: - tcpSocket: - port: webhook - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - readinessProbe: - tcpSocket: - port: webhook - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - resources: - requests: - cpu: 1m - memory: 20Mi - serviceAccountName: argo-workflows-argo-events-events-webhook diff --git a/clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-oidc-secret.yaml b/clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-oidc-secret.yaml deleted file mode 100644 index 426ead29c..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-oidc-secret.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: argo-workflows-oidc-secret - namespace: argo-workflows - labels: - app.kubernetes.io/name: argo-workflows-oidc-secret - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/part-of: argo-workflows -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: secret - remoteRef: - key: /authentik/oidc/argo-workflows - property: secret - - secretKey: client - remoteRef: - key: /authentik/oidc/argo-workflows - property: client diff --git a/clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-postgresql-18-backup-garage-local-secret.yaml b/clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-postgresql-18-backup-garage-local-secret.yaml deleted file mode 100644 index 55fe0dc1f..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-postgresql-18-backup-garage-local-secret.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: argo-workflows-postgresql-18-backup-garage-local-secret - namespace: argo-workflows - labels: - app.kubernetes.io/name: argo-workflows-postgresql-18-backup-garage-local-secret - helm.sh/chart: postgres-18-cluster-7.11.1 - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "7.11.1" - app.kubernetes.io/managed-by: Helm -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_REGION - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-postgresql-18-recovery-secret.yaml b/clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-postgresql-18-recovery-secret.yaml deleted file mode 100644 index 5ab59ae3c..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-postgresql-18-recovery-secret.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: argo-workflows-postgresql-18-recovery-secret - namespace: argo-workflows - labels: - helm.sh/chart: postgres-18-cluster-7.11.1 - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "7.11.1" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: argo-workflows-postgresql-18-recovery-secret -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_REGION - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/postgres-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/argo-workflows/HTTPRoute-argo-workflows-server.yaml b/clusters/cl01tl/manifests/argo-workflows/HTTPRoute-argo-workflows-server.yaml deleted file mode 100644 index 6841e0026..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/HTTPRoute-argo-workflows-server.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: argo-workflows-server - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: server - app: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - argo-workflows.alexlebens.net - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - group: '' - kind: Service - name: argo-workflows-server - port: 2746 - weight: 1 diff --git a/clusters/cl01tl/manifests/argo-workflows/Job-argo-workflows-crd-install.yaml b/clusters/cl01tl/manifests/argo-workflows/Job-argo-workflows-crd-install.yaml deleted file mode 100644 index 39f9d3767..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/Job-argo-workflows-crd-install.yaml +++ /dev/null @@ -1,57 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: argo-workflows-crd-install - namespace: argo-workflows - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-crd-install - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: crds - app: crds - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - annotations: - "helm.sh/hook": pre-install,pre-upgrade - "helm.sh/hook-weight": "-5" - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded -spec: - template: - metadata: - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-crd-install - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: crds - app: crds - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - spec: - serviceAccountName: argo-workflows-crd-install - containers: - - name: apply - image: "registry.k8s.io/kubectl:v1.35.3" - env: - command: - - kubectl - - apply - - --server-side - - --force-conflicts - - -f - - "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.7/charts/argo-workflows/files/crds/full/argoproj.io_clusterworkflowtemplates.yaml" - - -f - - "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.7/charts/argo-workflows/files/crds/full/argoproj.io_cronworkflows.yaml" - - -f - - "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.7/charts/argo-workflows/files/crds/full/argoproj.io_workflowartifactgctasks.yaml" - - -f - - "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.7/charts/argo-workflows/files/crds/full/argoproj.io_workfloweventbindings.yaml" - - -f - - "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.7/charts/argo-workflows/files/crds/full/argoproj.io_workflows.yaml" - - -f - - "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.7/charts/argo-workflows/files/crds/full/argoproj.io_workflowtaskresults.yaml" - - -f - - "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.7/charts/argo-workflows/files/crds/full/argoproj.io_workflowtasksets.yaml" - - -f - - "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.7/charts/argo-workflows/files/crds/full/argoproj.io_workflowtemplates.yaml" - restartPolicy: Never - backoffLimit: 3 diff --git a/clusters/cl01tl/manifests/argo-workflows/ObjectStore-argo-workflows-postgresql-18-backup-garage-local.yaml b/clusters/cl01tl/manifests/argo-workflows/ObjectStore-argo-workflows-postgresql-18-backup-garage-local.yaml deleted file mode 100644 index 97ed69e16..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ObjectStore-argo-workflows-postgresql-18-backup-garage-local.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: barmancloud.cnpg.io/v1 -kind: ObjectStore -metadata: - name: argo-workflows-postgresql-18-backup-garage-local - namespace: argo-workflows - labels: - app.kubernetes.io/name: argo-workflows-postgresql-18-backup-garage-local - helm.sh/chart: postgres-18-cluster-7.11.1 - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "7.11.1" - app.kubernetes.io/managed-by: Helm -spec: - retentionPolicy: 7d - instanceSidecarConfiguration: - env: - - name: AWS_REQUEST_CHECKSUM_CALCULATION - value: when_required - - name: AWS_RESPONSE_CHECKSUM_VALIDATION - value: when_required - configuration: - destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-18-cluster - endpointURL: http://garage-main.garage:3900 - s3Credentials: - accessKeyId: - name: argo-workflows-postgresql-18-backup-garage-local-secret - key: ACCESS_KEY_ID - secretAccessKey: - name: argo-workflows-postgresql-18-backup-garage-local-secret - key: ACCESS_SECRET_KEY - region: - name: argo-workflows-postgresql-18-backup-garage-local-secret - key: ACCESS_REGION diff --git a/clusters/cl01tl/manifests/argo-workflows/ObjectStore-argo-workflows-postgresql-18-recovery.yaml b/clusters/cl01tl/manifests/argo-workflows/ObjectStore-argo-workflows-postgresql-18-recovery.yaml deleted file mode 100644 index 4294cc771..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ObjectStore-argo-workflows-postgresql-18-recovery.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: barmancloud.cnpg.io/v1 -kind: ObjectStore -metadata: - name: "argo-workflows-postgresql-18-recovery" - namespace: argo-workflows - labels: - helm.sh/chart: postgres-18-cluster-7.11.1 - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "7.11.1" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: "argo-workflows-postgresql-18-recovery" -spec: - configuration: - destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-18-cluster - endpointURL: http://garage-main.garage:3900 - wal: - compression: snappy - maxParallel: 1 - data: - compression: snappy - jobs: 1 - s3Credentials: - accessKeyId: - name: argo-workflows-postgresql-18-recovery-secret - key: ACCESS_KEY_ID - secretAccessKey: - name: argo-workflows-postgresql-18-recovery-secret - key: ACCESS_SECRET_KEY - region: - name: argo-workflows-postgresql-18-recovery-secret - key: ACCESS_REGION diff --git a/clusters/cl01tl/manifests/argo-workflows/PrometheusRule-argo-workflows-postgresql-18-alert-rules.yaml b/clusters/cl01tl/manifests/argo-workflows/PrometheusRule-argo-workflows-postgresql-18-alert-rules.yaml deleted file mode 100644 index 4bc785c5a..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/PrometheusRule-argo-workflows-postgresql-18-alert-rules.yaml +++ /dev/null @@ -1,270 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: argo-workflows-postgresql-18-alert-rules - namespace: argo-workflows - labels: - app.kubernetes.io/name: argo-workflows-postgresql-18-alert-rules - helm.sh/chart: postgres-18-cluster-7.11.1 - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "7.11.1" - app.kubernetes.io/managed-by: Helm -spec: - groups: - - name: cloudnative-pg/argo-workflows-postgresql-18 - rules: - - alert: CNPGClusterBackendsWaitingWarning - annotations: - summary: CNPG Cluster a backend is waiting for longer than 5 minutes. - description: |- - Pod {{ $labels.pod }} - has been waiting for longer than 5 minutes - expr: | - cnpg_backends_waiting_total{namespace="argo-workflows"} > 300 - for: 1m - labels: - severity: warning - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterDatabaseDeadlockConflictsWarning - annotations: - summary: CNPG Cluster has over 10 deadlock conflicts. - description: |- - There are over 10 deadlock conflicts in - {{ $labels.pod }} - expr: | - cnpg_pg_stat_database_deadlocks{namespace="argo-workflows"} > 10 - for: 1m - labels: - severity: warning - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterHACritical - annotations: - summary: CNPG Cluster has no standby replicas! - description: |- - CloudNativePG Cluster "{{`{{`}} $labels.job {{`}}`}}" has no ready standby replicas. Your cluster at a severe - risk of data loss and downtime if the primary instance fails. - - The primary instance is still online and able to serve queries, although connections to the `-ro` endpoint - will fail. The `-r` endpoint os operating at reduced capacity and all traffic is being served by the main. - - This can happen during a normal fail-over or automated minor version upgrades in a cluster with 2 or less - instances. The replaced instance may need some time to catch-up with the cluster primary instance. - - This alarm will be always trigger if your cluster is configured to run with only 1 instance. In this - case you may want to silence it. - runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHACritical.md - expr: | - max by (job) (cnpg_pg_replication_streaming_replicas{namespace="argo-workflows"} - cnpg_pg_replication_is_wal_receiver_up{namespace="argo-workflows"}) < 1 - for: 5m - labels: - severity: critical - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterHAWarning - annotations: - summary: CNPG Cluster less than 2 standby replicas. - description: |- - CloudNativePG Cluster "{{`{{`}} $labels.job {{`}}`}}" has only {{`{{`}} $value {{`}}`}} standby replicas, putting - your cluster at risk if another instance fails. The cluster is still able to operate normally, although - the `-ro` and `-r` endpoints operate at reduced capacity. - - This can happen during a normal fail-over or automated minor version upgrades. The replaced instance may - need some time to catch-up with the cluster primary instance. - - This alarm will be constantly triggered if your cluster is configured to run with less than 3 instances. - In this case you may want to silence it. - runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHAWarning.md - expr: | - max by (job) (cnpg_pg_replication_streaming_replicas{namespace="argo-workflows"} - cnpg_pg_replication_is_wal_receiver_up{namespace="argo-workflows"}) < 2 - for: 5m - labels: - severity: warning - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterHighConnectionsCritical - annotations: - summary: CNPG Instance maximum number of connections critical! - description: |- - CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" instance {{`{{`}} $labels.pod {{`}}`}} is using {{`{{`}} $value {{`}}`}}% of - the maximum number of connections. - runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHighConnectionsCritical.md - expr: | - sum by (pod) (cnpg_backends_total{namespace="argo-workflows", pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) / max by (pod) (cnpg_pg_settings_setting{name="max_connections", namespace="argo-workflows", pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) * 100 > 95 - for: 5m - labels: - severity: critical - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterHighConnectionsWarning - annotations: - summary: CNPG Instance is approaching the maximum number of connections. - description: |- - CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" instance {{`{{`}} $labels.pod {{`}}`}} is using {{`{{`}} $value {{`}}`}}% of - the maximum number of connections. - runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHighConnectionsWarning.md - expr: | - sum by (pod) (cnpg_backends_total{namespace="argo-workflows", pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) / max by (pod) (cnpg_pg_settings_setting{name="max_connections", namespace="argo-workflows", pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) * 100 > 80 - for: 5m - labels: - severity: warning - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterHighReplicationLag - annotations: - summary: CNPG Cluster high replication lag - description: |- - CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" is experiencing a high replication lag of - {{`{{`}} $value {{`}}`}}ms. - - High replication lag indicates network issues, busy instances, slow queries or suboptimal configuration. - runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHighReplicationLag.md - expr: | - max(cnpg_pg_replication_lag{namespace="argo-workflows",pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) * 1000 > 1000 - for: 5m - labels: - severity: warning - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterInstancesOnSameNode - annotations: - summary: CNPG Cluster instances are located on the same node. - description: |- - CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" has {{`{{`}} $value {{`}}`}} - instances on the same node {{`{{`}} $labels.node {{`}}`}}. - - A failure or scheduled downtime of a single node will lead to a potential service disruption and/or data loss. - runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterInstancesOnSameNode.md - expr: | - count by (node) (kube_pod_info{namespace="argo-workflows", pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) > 1 - for: 5m - labels: - severity: warning - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterLongRunningTransactionWarning - annotations: - summary: CNPG Cluster query is taking longer than 5 minutes. - description: |- - CloudNativePG Cluster Pod {{ $labels.pod }} - is taking more than 5 minutes (300 seconds) for a query. - expr: |- - cnpg_backends_max_tx_duration_seconds{namespace="argo-workflows"} > 300 - for: 1m - labels: - severity: warning - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterLowDiskSpaceCritical - annotations: - summary: CNPG Instance is running out of disk space! - description: |- - CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" is running extremely low on disk space. Check attached PVCs! - runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterLowDiskSpaceCritical.md - expr: | - max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"} / kubelet_volume_stats_capacity_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"})) > 0.9 OR - max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-wal"} / kubelet_volume_stats_capacity_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-wal"})) > 0.9 OR - max(sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_used_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"}) - / - sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_capacity_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"}) - * - on(namespace, persistentvolumeclaim) group_left(volume) - kube_pod_spec_volumes_persistentvolumeclaims_info{pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"} - ) > 0.9 - for: 5m - labels: - severity: critical - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterLowDiskSpaceWarning - annotations: - summary: CNPG Instance is running out of disk space. - description: |- - CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" is running low on disk space. Check attached PVCs. - runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterLowDiskSpaceWarning.md - expr: | - max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"} / kubelet_volume_stats_capacity_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"})) > 0.7 OR - max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-wal"} / kubelet_volume_stats_capacity_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-wal"})) > 0.7 OR - max(sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_used_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"}) - / - sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_capacity_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"}) - * - on(namespace, persistentvolumeclaim) group_left(volume) - kube_pod_spec_volumes_persistentvolumeclaims_info{pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"} - ) > 0.7 - for: 5m - labels: - severity: warning - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterOffline - annotations: - summary: CNPG Cluster has no running instances! - description: |- - CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" has no ready instances. - - Having an offline cluster means your applications will not be able to access the database, leading to - potential service disruption and/or data loss. - runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterOffline.md - expr: | - (count(cnpg_collector_up{namespace="argo-workflows",pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) OR on() vector(0)) == 0 - for: 5m - labels: - severity: critical - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterPGDatabaseXidAgeWarning - annotations: - summary: CNPG Cluster has a number of transactions from the frozen XID to the current one. - description: |- - Over 300,000,000 transactions from frozen xid - on pod {{ $labels.pod }} - expr: | - cnpg_pg_database_xid_age{namespace="argo-workflows"} > 300000000 - for: 1m - labels: - severity: warning - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterPGReplicationWarning - annotations: - summary: CNPG Cluster standby is lagging behind the primary. - description: |- - Standby is lagging behind by over 300 seconds (5 minutes) - expr: | - cnpg_pg_replication_lag{namespace="argo-workflows"} > 300 - for: 1m - labels: - severity: warning - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterReplicaFailingReplicationWarning - annotations: - summary: CNPG Cluster has a replica is failing to replicate. - description: |- - Replica {{ $labels.pod }} - is failing to replicate - expr: | - cnpg_pg_replication_in_recovery{namespace="argo-workflows"} > cnpg_pg_replication_is_wal_receiver_up{namespace="argo-workflows"} - for: 1m - labels: - severity: warning - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster - - alert: CNPGClusterZoneSpreadWarning - annotations: - summary: CNPG Cluster instances in the same zone. - description: |- - CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" has instances in the same availability zone. - - A disaster in one availability zone will lead to a potential service disruption and/or data loss. - runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterZoneSpreadWarning.md - expr: | - 3 > count(count by (label_topology_kubernetes_io_zone) (kube_pod_info{namespace="argo-workflows", pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"} * on(node,instance) group_left(label_topology_kubernetes_io_zone) kube_node_labels)) < 3 - for: 5m - labels: - severity: warning - namespace: argo-workflows - cnpg_cluster: argo-workflows-postgresql-18-cluster diff --git a/clusters/cl01tl/manifests/argo-workflows/Role-argo-workflows-workflow.yaml b/clusters/cl01tl/manifests/argo-workflows/Role-argo-workflows-workflow.yaml deleted file mode 100644 index 3408f4fb0..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/Role-argo-workflows-workflow.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: argo-workflows-workflow - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: workflow-controller - app: workflow-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - namespace: argo-workflows -rules: - - apiGroups: - - argoproj.io - resources: - - workflowtaskresults - verbs: - - create - - patch diff --git a/clusters/cl01tl/manifests/argo-workflows/RoleBinding-argo-workflows-workflow.yaml b/clusters/cl01tl/manifests/argo-workflows/RoleBinding-argo-workflows-workflow.yaml deleted file mode 100644 index 1fe5e1d89..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/RoleBinding-argo-workflows-workflow.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: argo-workflows-workflow - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: workflow-controller - app: workflow-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - namespace: argo-workflows -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argo-workflows-workflow -subjects: - - kind: ServiceAccount - name: argo-workflow - namespace: argo-workflows diff --git a/clusters/cl01tl/manifests/argo-workflows/ScheduledBackup-argo-workflows-postgresql-18-scheduled-backup-live-backup.yaml b/clusters/cl01tl/manifests/argo-workflows/ScheduledBackup-argo-workflows-postgresql-18-scheduled-backup-live-backup.yaml deleted file mode 100644 index 0c770da58..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ScheduledBackup-argo-workflows-postgresql-18-scheduled-backup-live-backup.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: postgresql.cnpg.io/v1 -kind: ScheduledBackup -metadata: - name: "argo-workflows-postgresql-18-scheduled-backup-live-backup" - namespace: argo-workflows - labels: - app.kubernetes.io/name: "argo-workflows-postgresql-18-scheduled-backup-live-backup" - helm.sh/chart: postgres-18-cluster-7.11.1 - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "7.11.1" - app.kubernetes.io/managed-by: Helm -spec: - immediate: true - suspend: false - schedule: "0 0 14 * * *" - backupOwnerReference: self - cluster: - name: argo-workflows-postgresql-18-cluster - method: plugin - pluginConfiguration: - name: barman-cloud.cloudnative-pg.io - parameters: - barmanObjectName: "argo-workflows-postgresql-18-backup-garage-local" diff --git a/clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-argo-events-controller-manager-metrics.yaml b/clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-argo-events-controller-manager-metrics.yaml deleted file mode 100644 index 62f2bb7ab..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-argo-events-controller-manager-metrics.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: argo-workflows-argo-events-controller-manager-metrics - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-controller-manager-metrics - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: controller-manager - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events -spec: - ports: - - name: metrics - protocol: TCP - port: 8082 - targetPort: metrics - selector: - app.kubernetes.io/name: argo-events-controller-manager - app.kubernetes.io/instance: argo-workflows diff --git a/clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-server.yaml b/clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-server.yaml deleted file mode 100644 index aff2cf9de..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-server.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: argo-workflows-server - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: server - app: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "v4.0.4" -spec: - ports: - - port: 2746 - targetPort: 2746 - selector: - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - sessionAffinity: None - type: ClusterIP diff --git a/clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-workflow-controller.yaml b/clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-workflow-controller.yaml deleted file mode 100644 index f437d1374..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-workflow-controller.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: argo-workflows-workflow-controller - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: workflow-controller - app: workflow-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - app.kubernetes.io/version: "v4.0.4" -spec: - ports: - - name: metrics - port: 8080 - protocol: TCP - targetPort: 9090 - selector: - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - sessionAffinity: None - type: ClusterIP diff --git a/clusters/cl01tl/manifests/argo-workflows/Service-events-webhook.yaml b/clusters/cl01tl/manifests/argo-workflows/Service-events-webhook.yaml deleted file mode 100644 index 11856c169..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/Service-events-webhook.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: events-webhook - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-events-webhook - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events -spec: - ports: - - port: 443 - targetPort: webhook - selector: - app.kubernetes.io/name: argo-events-events-webhook - app.kubernetes.io/instance: argo-workflows diff --git a/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-argo-events-controller-manager.yaml b/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-argo-events-controller-manager.yaml deleted file mode 100644 index ebbcba7a5..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-argo-events-controller-manager.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: true -metadata: - name: argo-workflows-argo-events-controller-manager - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-controller-manager - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: controller-manager - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events diff --git a/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-argo-events-events-webhook.yaml b/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-argo-events-events-webhook.yaml deleted file mode 100644 index cd90ee7b3..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-argo-events-events-webhook.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: true -metadata: - name: argo-workflows-argo-events-events-webhook - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-events-webhook - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: events-webhook - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events diff --git a/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-crd-install.yaml b/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-crd-install.yaml deleted file mode 100644 index 03efffa14..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-crd-install.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: argo-workflows-crd-install - namespace: argo-workflows - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-crd-install - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: crds - app: crds - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows - annotations: - "helm.sh/hook": pre-install,pre-upgrade - "helm.sh/hook-weight": "-10" - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded diff --git a/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-server.yaml b/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-server.yaml deleted file mode 100644 index 8dbbb3f91..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-server.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: argo-workflows-server - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-server - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: server - app: server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows diff --git a/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-workflow-controller.yaml b/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-workflow-controller.yaml deleted file mode 100644 index 6f7dbb6aa..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-workflow-controller.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: argo-workflows-workflow-controller - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-workflows-1.0.7 - app.kubernetes.io/name: argo-workflows-workflow-controller - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: workflow-controller - app: workflow-controller - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-workflows diff --git a/clusters/cl01tl/manifests/argo-workflows/ServiceMonitor-argo-workflows-argo-events-controller-manager.yaml b/clusters/cl01tl/manifests/argo-workflows/ServiceMonitor-argo-workflows-argo-events-controller-manager.yaml deleted file mode 100644 index 6a8209add..000000000 --- a/clusters/cl01tl/manifests/argo-workflows/ServiceMonitor-argo-workflows-argo-events-controller-manager.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: argo-workflows-argo-events-controller-manager - namespace: "argo-workflows" - labels: - helm.sh/chart: argo-events-2.4.21 - app.kubernetes.io/name: argo-events-controller-manager - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: controller-manager - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/part-of: argo-events -spec: - endpoints: - - port: metrics - interval: 30s - path: /metrics - namespaceSelector: - matchNames: - - "argo-workflows" - selector: - matchLabels: - app.kubernetes.io/name: argo-events-controller-manager-metrics - app.kubernetes.io/instance: argo-workflows - app.kubernetes.io/component: controller-manager diff --git a/clusters/cl01tl/manifests/blocky/ConfigMap-blocky.yaml b/clusters/cl01tl/manifests/blocky/ConfigMap-blocky.yaml index 8244d11eb..85c2738e2 100644 --- a/clusters/cl01tl/manifests/blocky/ConfigMap-blocky.yaml +++ b/clusters/cl01tl/manifests/blocky/ConfigMap-blocky.yaml @@ -91,14 +91,12 @@ data: ;; Application Names actual IN CNAME traefik-cl01tl alertmanager IN CNAME traefik-cl01tl - argo-workflows IN CNAME traefik-cl01tl argocd IN CNAME traefik-cl01tl audiobookshelf IN CNAME traefik-cl01tl authentik IN CNAME traefik-cl01tl backrest IN CNAME traefik-cl01tl bazarr IN CNAME traefik-cl01tl ceph IN CNAME traefik-cl01tl - code-server IN CNAME traefik-cl01tl dawarich IN CNAME traefik-cl01tl directus IN CNAME traefik-cl01tl excalidraw IN CNAME traefik-cl01tl @@ -126,7 +124,6 @@ data: lidarr IN CNAME traefik-cl01tl mail IN CNAME traefik-cl01tl medialyze IN CNAME traefik-cl01tl - movie-roulette IN CNAME traefik-cl01tl music-grabber IN CNAME traefik-cl01tl navidrome IN CNAME traefik-cl01tl ntfy IN CNAME traefik-cl01tl diff --git a/clusters/cl01tl/manifests/blocky/Deployment-blocky.yaml b/clusters/cl01tl/manifests/blocky/Deployment-blocky.yaml index 7631f1fb2..b81a842af 100644 --- a/clusters/cl01tl/manifests/blocky/Deployment-blocky.yaml +++ b/clusters/cl01tl/manifests/blocky/Deployment-blocky.yaml @@ -22,7 +22,7 @@ spec: template: metadata: annotations: - checksum/configMaps: d46129f10ef23f392c8d5ca28b7bbc5aba6deb158f1a6675eca8816f90baae43 + checksum/configMaps: 1e50d70ecca4e5208d6b585c76462b65bb9fe68fb24eb0ad29d93a1cba14660e labels: app.kubernetes.io/controller: main app.kubernetes.io/instance: blocky diff --git a/clusters/cl01tl/manifests/code-server/Deployment-code-server-cloudflared.yaml b/clusters/cl01tl/manifests/code-server/Deployment-code-server-cloudflared.yaml deleted file mode 100644 index 8bd6cfca5..000000000 --- a/clusters/cl01tl/manifests/code-server/Deployment-code-server-cloudflared.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: code-server-cloudflared - labels: - app.kubernetes.io/controller: main - app.kubernetes.io/instance: code-server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: cloudflared - app.kubernetes.io/version: 2026.3.0 - helm.sh/chart: cloudflared-2.4.0 - namespace: code-server -spec: - revisionHistoryLimit: 3 - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/controller: main - app.kubernetes.io/name: cloudflared - app.kubernetes.io/instance: code-server - template: - metadata: - labels: - app.kubernetes.io/controller: main - app.kubernetes.io/instance: code-server - app.kubernetes.io/name: cloudflared - spec: - enableServiceLinks: false - serviceAccountName: default - automountServiceAccountToken: true - hostIPC: false - hostNetwork: false - hostPID: false - dnsPolicy: ClusterFirst - containers: - - args: - - tunnel - - --protocol - - http2 - - --no-autoupdate - - run - - --token - - $(CF_MANAGED_TUNNEL_TOKEN) - env: - - name: CF_MANAGED_TUNNEL_TOKEN - valueFrom: - secretKeyRef: - key: cf-tunnel-token - name: code-server-cloudflared-secret - image: cloudflare/cloudflared:2026.3.0 - imagePullPolicy: IfNotPresent - name: main - resources: - requests: - cpu: 10m - memory: 128Mi diff --git a/clusters/cl01tl/manifests/code-server/Deployment-code-server.yaml b/clusters/cl01tl/manifests/code-server/Deployment-code-server.yaml deleted file mode 100644 index 5a8e84d41..000000000 --- a/clusters/cl01tl/manifests/code-server/Deployment-code-server.yaml +++ /dev/null @@ -1,64 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: code-server - labels: - app.kubernetes.io/controller: main - app.kubernetes.io/instance: code-server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: code-server - helm.sh/chart: code-server-4.6.2 - namespace: code-server -spec: - revisionHistoryLimit: 3 - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/controller: main - app.kubernetes.io/name: code-server - app.kubernetes.io/instance: code-server - template: - metadata: - labels: - app.kubernetes.io/controller: main - app.kubernetes.io/instance: code-server - app.kubernetes.io/name: code-server - spec: - enableServiceLinks: false - serviceAccountName: default - automountServiceAccountToken: true - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - hostIPC: false - hostNetwork: false - hostPID: false - dnsPolicy: ClusterFirst - containers: - - env: - - name: TZ - value: America/Chicago - - name: PUID - value: "1000" - - name: PGID - value: "1000" - - name: DEFAULT_WORKSPACE - value: /config - envFrom: - - secretRef: - name: codeserver-password-secret - image: ghcr.io/linuxserver/code-server:4.114.0-ls328@sha256:928e63f0b775d76cda606f181bae9d81c6d3fbd2d1daeef9438e3ba5579f391d - name: main - resources: - requests: - cpu: 1m - memory: 40Mi - volumeMounts: - - mountPath: /config - name: config - volumes: - - name: config - persistentVolumeClaim: - claimName: code-server-config diff --git a/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-cloudflared-secret.yaml b/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-cloudflared-secret.yaml deleted file mode 100644 index 0a10623b8..000000000 --- a/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-cloudflared-secret.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: code-server-cloudflared-secret - namespace: code-server - labels: - helm.sh/chart: cloudflared-2.4.0 - app.kubernetes.io/instance: code-server - app.kubernetes.io/part-of: code-server - app.kubernetes.io/version: "2.4.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: code-server-cloudflared-secret -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/code-server - metadataPolicy: None - property: token diff --git a/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-external.yaml b/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-external.yaml deleted file mode 100644 index 121d10690..000000000 --- a/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-external.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: code-server-config-backup-secret-external - namespace: code-server - labels: - helm.sh/chart: volsync-target-config-0.8.0 - app.kubernetes.io/instance: code-server - app.kubernetes.io/part-of: code-server - app.kubernetes.io/version: "0.8.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: code-server-config-backup-secret-external -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/code-server/code-server-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/digital-ocean - metadataPolicy: None - property: BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/digital-ocean - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: AWS_DEFAULT_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: AWS_ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/volsync-backups - metadataPolicy: None - property: AWS_SECRET_ACCESS_KEY diff --git a/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-local.yaml b/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-local.yaml deleted file mode 100644 index f4b369f05..000000000 --- a/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-local.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: code-server-config-backup-secret-local - namespace: code-server - labels: - helm.sh/chart: volsync-target-config-0.8.0 - app.kubernetes.io/instance: code-server - app.kubernetes.io/part-of: code-server - app.kubernetes.io/version: "0.8.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: code-server-config-backup-secret-local -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/code-server/code-server-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/garage-local - metadataPolicy: None - property: BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/garage-local - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-remote.yaml b/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-remote.yaml deleted file mode 100644 index 79669c434..000000000 --- a/clusters/cl01tl/manifests/code-server/ExternalSecret-code-server-config-backup-secret-remote.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: code-server-config-backup-secret-remote - namespace: code-server - labels: - helm.sh/chart: volsync-target-config-0.8.0 - app.kubernetes.io/instance: code-server - app.kubernetes.io/part-of: code-server - app.kubernetes.io/version: "0.8.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: code-server-config-backup-secret-remote -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - target: - template: - mergePolicy: Merge - engineVersion: v2 - data: - RESTIC_REPOSITORY: "{{ .BUCKET_ENDPOINT }}/code-server/code-server-config" - data: - - secretKey: BUCKET_ENDPOINT - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/garage-remote - metadataPolicy: None - property: BUCKET_ENDPOINT - - secretKey: RESTIC_PASSWORD - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /volsync/restic/garage-remote - metadataPolicy: None - property: RESTIC_PASSWORD - - secretKey: AWS_DEFAULT_REGION - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_REGION - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /garage/home-infra/volsync-backups - metadataPolicy: None - property: ACCESS_SECRET_KEY diff --git a/clusters/cl01tl/manifests/code-server/ExternalSecret-codeserver-password-secret.yaml b/clusters/cl01tl/manifests/code-server/ExternalSecret-codeserver-password-secret.yaml deleted file mode 100644 index f58e308ac..000000000 --- a/clusters/cl01tl/manifests/code-server/ExternalSecret-codeserver-password-secret.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: codeserver-password-secret - namespace: code-server - labels: - app.kubernetes.io/name: codeserver-password-secret - app.kubernetes.io/instance: code-server - app.kubernetes.io/part-of: code-server -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: PASSWORD - remoteRef: - key: /cl01tl/code-server/auth - property: PASSWORD - - secretKey: SUDO_PASSWORD - remoteRef: - key: /cl01tl/code-server/auth - property: SUDO_PASSWORD diff --git a/clusters/cl01tl/manifests/code-server/HTTPRoute-code-server.yaml b/clusters/cl01tl/manifests/code-server/HTTPRoute-code-server.yaml deleted file mode 100644 index c88c186c4..000000000 --- a/clusters/cl01tl/manifests/code-server/HTTPRoute-code-server.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: code-server - labels: - app.kubernetes.io/instance: code-server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: code-server - helm.sh/chart: code-server-4.6.2 - namespace: code-server -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - "code-server.alexlebens.net" - rules: - - backendRefs: - - group: "" - kind: Service - name: code-server - namespace: code-server - port: 8443 - weight: 1 - matches: - - path: - type: PathPrefix - value: / diff --git a/clusters/cl01tl/manifests/code-server/PersistentVolumeClaim-code-server-config.yaml b/clusters/cl01tl/manifests/code-server/PersistentVolumeClaim-code-server-config.yaml deleted file mode 100644 index f913f54fd..000000000 --- a/clusters/cl01tl/manifests/code-server/PersistentVolumeClaim-code-server-config.yaml +++ /dev/null @@ -1,17 +0,0 @@ -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: code-server-config - labels: - app.kubernetes.io/instance: code-server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: code-server - helm.sh/chart: code-server-4.6.2 - namespace: code-server -spec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "2Gi" - storageClassName: "ceph-block" diff --git a/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-external.yaml b/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-external.yaml deleted file mode 100644 index 56fd3af0b..000000000 --- a/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-external.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: code-server-config-backup-source-external - namespace: code-server - labels: - helm.sh/chart: volsync-target-config-0.8.0 - app.kubernetes.io/instance: code-server - app.kubernetes.io/part-of: code-server - app.kubernetes.io/version: "0.8.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: code-server-config-backup -spec: - sourcePVC: code-server-config - trigger: - schedule: 16 10 * * * - restic: - pruneIntervalDays: 7 - repository: code-server-config-backup-secret-external - retain: - daily: 7 - hourly: 0 - monthly: 3 - weekly: 4 - yearly: 1 - moverSecurityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsUser: 1000 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot - cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-local.yaml b/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-local.yaml deleted file mode 100644 index 4c3e6ac24..000000000 --- a/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-local.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: code-server-config-backup-source-local - namespace: code-server - labels: - helm.sh/chart: volsync-target-config-0.8.0 - app.kubernetes.io/instance: code-server - app.kubernetes.io/part-of: code-server - app.kubernetes.io/version: "0.8.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: code-server-config-backup -spec: - sourcePVC: code-server-config - trigger: - schedule: 16 8 * * * - restic: - pruneIntervalDays: 7 - repository: code-server-config-backup-secret-local - retain: - daily: 7 - hourly: 0 - monthly: 3 - weekly: 4 - yearly: 1 - moverSecurityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsUser: 1000 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot - cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-remote.yaml b/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-remote.yaml deleted file mode 100644 index 8744aa60a..000000000 --- a/clusters/cl01tl/manifests/code-server/ReplicationSource-code-server-config-backup-source-remote.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: volsync.backube/v1alpha1 -kind: ReplicationSource -metadata: - name: code-server-config-backup-source-remote - namespace: code-server - labels: - helm.sh/chart: volsync-target-config-0.8.0 - app.kubernetes.io/instance: code-server - app.kubernetes.io/part-of: code-server - app.kubernetes.io/version: "0.8.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: code-server-config-backup -spec: - sourcePVC: code-server-config - trigger: - schedule: 16 9 * * * - restic: - pruneIntervalDays: 7 - repository: code-server-config-backup-secret-remote - retain: - daily: 7 - hourly: 0 - monthly: 3 - weekly: 4 - yearly: 1 - moverSecurityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsGroup: 1000 - runAsUser: 1000 - copyMethod: Snapshot - storageClassName: ceph-block - volumeSnapshotClassName: ceph-blockpool-snapshot - cacheCapacity: 1Gi diff --git a/clusters/cl01tl/manifests/code-server/Service-code-server.yaml b/clusters/cl01tl/manifests/code-server/Service-code-server.yaml deleted file mode 100644 index 45bdd12ef..000000000 --- a/clusters/cl01tl/manifests/code-server/Service-code-server.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: code-server - labels: - app.kubernetes.io/instance: code-server - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: code-server - app.kubernetes.io/service: code-server - helm.sh/chart: code-server-4.6.2 - namespace: code-server -spec: - type: ClusterIP - ports: - - port: 8443 - targetPort: 8443 - protocol: TCP - name: http - selector: - app.kubernetes.io/controller: main - app.kubernetes.io/instance: code-server - app.kubernetes.io/name: code-server diff --git a/clusters/cl01tl/manifests/gatus/ConfigMap-gatus.yaml b/clusters/cl01tl/manifests/gatus/ConfigMap-gatus.yaml index ecc41a2db..52f8c8dcd 100644 --- a/clusters/cl01tl/manifests/gatus/ConfigMap-gatus.yaml +++ b/clusters/cl01tl/manifests/gatus/ConfigMap-gatus.yaml @@ -60,15 +60,6 @@ data: interval: 30s name: yamtrack url: https://yamtrack.alexlebens.net - - alerts: - - type: ntfy - conditions: - - '[STATUS] == 200' - - '[CERTIFICATE_EXPIRATION] > 240h' - group: core - interval: 30s - name: movie-roulette - url: https://movie-roulette.alexlebens.net - alerts: - type: ntfy conditions: @@ -276,15 +267,6 @@ data: interval: 30s name: komodo url: https://komodo.alexlebens.net - - alerts: - - type: ntfy - conditions: - - '[STATUS] == 200' - - '[CERTIFICATE_EXPIRATION] > 240h' - group: core - interval: 30s - name: argo-workflows - url: https://argo-workflows.alexlebens.net - alerts: - type: ntfy conditions: @@ -725,15 +707,6 @@ data: interval: 30s name: gitea-external url: https://gitea.alexlebens.dev - - alerts: - - type: ntfy - conditions: - - '[STATUS] == 200' - - '[CERTIFICATE_EXPIRATION] > 240h' - group: external - interval: 30s - name: codeserver - url: https://codeserver.alexlebens.dev - alerts: - type: ntfy conditions: diff --git a/clusters/cl01tl/manifests/gatus/Deployment-gatus.yaml b/clusters/cl01tl/manifests/gatus/Deployment-gatus.yaml index b97f2e0b1..b6f8e0264 100644 --- a/clusters/cl01tl/manifests/gatus/Deployment-gatus.yaml +++ b/clusters/cl01tl/manifests/gatus/Deployment-gatus.yaml @@ -26,7 +26,7 @@ spec: app.kubernetes.io/name: gatus app.kubernetes.io/instance: gatus annotations: - checksum/config: 7d4de2aabf87644e8c8fdfd240605942fd0b0fcbcfb920b201cc532d7fd7026d + checksum/config: ede49cbb6e94476d1cd8d52679fa01b682931441825d620269df7d7cbbd7c398 spec: serviceAccountName: default automountServiceAccountToken: false diff --git a/clusters/cl01tl/manifests/homepage/ConfigMap-homepage.yaml b/clusters/cl01tl/manifests/homepage/ConfigMap-homepage.yaml index 8a85b6337..9620c4fca 100644 --- a/clusters/cl01tl/manifests/homepage/ConfigMap-homepage.yaml +++ b/clusters/cl01tl/manifests/homepage/ConfigMap-homepage.yaml @@ -75,12 +75,6 @@ data: href: https://yamtrack.alexlebens.net siteMonitor: http://yamtrack.yamtrack:80 statusStyle: dot - - Movie Roulette: - icon: https://raw.githubusercontent.com/sahara101/Movie-Roulette/refs/heads/main/static/icons/icon.png - description: Movie Roulette - href: https://movie-roulette.alexlebens.net - siteMonitor: http://movie-roulette.movie-roulette:80 - statusStyle: dot - Movies and TV: icon: sh-jellyfin.webp description: Jellyfin @@ -280,12 +274,6 @@ data: href: https://gitea-ps10rp.boreal-beaufort.ts.net siteMonitor: https://gitea-ps10rp.boreal-beaufort.ts.net statusStyle: dot - - IDE (External): - icon: sh-visual-studio-code.webp - description: VS Code - href: https://codeserver.alexlebens.dev - siteMonitor: https://codeserver.alexlebens.dev - statusStyle: dot - IDE (Home Assistant): icon: sh-visual-studio-code.webp description: Edit config for Home Assistant @@ -323,12 +311,6 @@ data: secret: {{HOMEPAGE_VAR_KOMODO_API_SECRET}} showStacks: true fields: ["running", "down", "unhealthy", "unknown"] - - Deployment Workflows: - icon: sh-argo-cd.webp - description: Argo Workflows - href: https://argo-workflows.alexlebens.net - siteMonitor: http://argo-workflows-server.argo-workflows:2746 - statusStyle: dot - Uptime: icon: sh-gatus.webp description: Gatus diff --git a/clusters/cl01tl/manifests/homepage/Deployment-homepage.yaml b/clusters/cl01tl/manifests/homepage/Deployment-homepage.yaml index 95b902396..de18ad7aa 100644 --- a/clusters/cl01tl/manifests/homepage/Deployment-homepage.yaml +++ b/clusters/cl01tl/manifests/homepage/Deployment-homepage.yaml @@ -24,7 +24,7 @@ spec: template: metadata: annotations: - checksum/configMaps: 1693a6a4c40f579772c8a06b1115d6384219dbc25514b07b412a4e73ea36642b + checksum/configMaps: 50f931b34e6426dd49ee991e141af06691c31a739759f30cc262f461e4aa9e15 checksum/secrets: d3ba83f111cd32f92c909268c55ad8bbd4f9e299b74b35b33c1a011180d8b378 labels: app.kubernetes.io/controller: main diff --git a/clusters/cl01tl/manifests/movie-roulette/Deployment-movie-roulette.yaml b/clusters/cl01tl/manifests/movie-roulette/Deployment-movie-roulette.yaml deleted file mode 100644 index 1cfc7638b..000000000 --- a/clusters/cl01tl/manifests/movie-roulette/Deployment-movie-roulette.yaml +++ /dev/null @@ -1,109 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: movie-roulette - labels: - app.kubernetes.io/controller: main - app.kubernetes.io/instance: movie-roulette - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: movie-roulette - helm.sh/chart: movie-roulette-4.6.2 - namespace: movie-roulette -spec: - revisionHistoryLimit: 3 - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/controller: main - app.kubernetes.io/name: movie-roulette - app.kubernetes.io/instance: movie-roulette - template: - metadata: - labels: - app.kubernetes.io/controller: main - app.kubernetes.io/instance: movie-roulette - app.kubernetes.io/name: movie-roulette - spec: - enableServiceLinks: false - serviceAccountName: default - automountServiceAccountToken: true - hostIPC: false - hostNetwork: false - hostPID: false - dnsPolicy: ClusterFirst - containers: - - env: - - name: FLASK_SECRET_KEY - valueFrom: - secretKeyRef: - key: secret-key - name: movie-roulette-config-secret - - name: CORS_ALLOWED_ORIGINS - value: movie-roulette.alexlebens.net - - name: DISABLE_SETTINGS - value: "TRUE" - - name: AUTH_ENABLED - value: "TRUE" - - name: AUTH_SESSION_LIFETIME - value: "86400" - - name: JELLYFIN_URL - value: http://jellyfin.alexlebens.net - - name: JELLYFIN_API_KEY - valueFrom: - secretKeyRef: - key: jellyfin-key - name: movie-roulette-config-secret - - name: JELLYFIN_USER_ID - valueFrom: - secretKeyRef: - key: jellyfin-user - name: movie-roulette-config-secret - - name: LOGIN_BACKDROP_ENABLED - value: "TRUE" - - name: HOMEPAGE_MODE - value: "FALSE" - - name: USE_LINKS - value: "TRUE" - - name: USE_FILTER - value: "TRUE" - - name: USE_WATCH_BUTTON - value: "TRUE" - - name: USE_NEXT_BUTTON - value: "TRUE" - - name: USE_GRID_VIEW - value: "true" - - name: ENABLE_MOBILE_TRUNCATION - value: "TRUE" - - name: SHOW_NOW_WATCHING_CARD - value: "FALSE" - - name: USE_HEROUI_THEME - value: "FALSE" - - name: ENABLE_MOVIE_LOGOS - value: "TRUE" - - name: LOAD_MOVIE_ON_START - value: "FALSE" - - name: SEERR_URL - value: http://seerr.alexlebens.net - - name: SEERR_API_KEY - valueFrom: - secretKeyRef: - key: seerr-key - name: movie-roulette-config-secret - - name: REQUEST_SERVICE_DEFAULT - value: seerr - image: ghcr.io/sahara101/movie-roulette:v5.4.2 - imagePullPolicy: IfNotPresent - name: main - resources: - requests: - cpu: 10m - memory: 128Mi - volumeMounts: - - mountPath: /config - name: data - volumes: - - name: data - persistentVolumeClaim: - claimName: movie-roulette-data diff --git a/clusters/cl01tl/manifests/movie-roulette/ExternalSecret-movie-roulette-config-secret.yaml b/clusters/cl01tl/manifests/movie-roulette/ExternalSecret-movie-roulette-config-secret.yaml deleted file mode 100644 index 4e0f2c3c4..000000000 --- a/clusters/cl01tl/manifests/movie-roulette/ExternalSecret-movie-roulette-config-secret.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: movie-roulette-config-secret - namespace: movie-roulette - labels: - app.kubernetes.io/name: movie-roulette-config-secret - app.kubernetes.io/instance: movie-roulette - app.kubernetes.io/part-of: movie-roulette -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: secret-key - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/movie-roulette/key - metadataPolicy: None - property: secret-key - - secretKey: jellyfin-key - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/jellyfin/movie-roulette - metadataPolicy: None - property: jellyfin-key - - secretKey: jellyfin-user - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/jellyfin/movie-roulette - metadataPolicy: None - property: user - - secretKey: seerr-key - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/seerr/key - metadataPolicy: None - property: key diff --git a/clusters/cl01tl/manifests/movie-roulette/HTTPRoute-movie-roulette.yaml b/clusters/cl01tl/manifests/movie-roulette/HTTPRoute-movie-roulette.yaml deleted file mode 100644 index 632f6ddce..000000000 --- a/clusters/cl01tl/manifests/movie-roulette/HTTPRoute-movie-roulette.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: movie-roulette - labels: - app.kubernetes.io/instance: movie-roulette - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: movie-roulette - helm.sh/chart: movie-roulette-4.6.2 - namespace: movie-roulette -spec: - parentRefs: - - group: gateway.networking.k8s.io - kind: Gateway - name: traefik-gateway - namespace: traefik - hostnames: - - "movie-roulette.alexlebens.net" - rules: - - backendRefs: - - group: "" - kind: Service - name: movie-roulette - namespace: movie-roulette - port: 80 - weight: 100 - matches: - - path: - type: PathPrefix - value: / diff --git a/clusters/cl01tl/manifests/movie-roulette/PersistentVolumeClaim-movie-roulette-data.yaml b/clusters/cl01tl/manifests/movie-roulette/PersistentVolumeClaim-movie-roulette-data.yaml deleted file mode 100644 index 06156629a..000000000 --- a/clusters/cl01tl/manifests/movie-roulette/PersistentVolumeClaim-movie-roulette-data.yaml +++ /dev/null @@ -1,19 +0,0 @@ -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: movie-roulette-data - labels: - app.kubernetes.io/instance: movie-roulette - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: movie-roulette - helm.sh/chart: movie-roulette-4.6.2 - annotations: - helm.sh/resource-policy: keep - namespace: movie-roulette -spec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "1Gi" - storageClassName: "ceph-block" diff --git a/clusters/cl01tl/manifests/movie-roulette/Service-movie-roulette.yaml b/clusters/cl01tl/manifests/movie-roulette/Service-movie-roulette.yaml deleted file mode 100644 index 688628876..000000000 --- a/clusters/cl01tl/manifests/movie-roulette/Service-movie-roulette.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: movie-roulette - labels: - app.kubernetes.io/instance: movie-roulette - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: movie-roulette - app.kubernetes.io/service: movie-roulette - helm.sh/chart: movie-roulette-4.6.2 - namespace: movie-roulette -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: 4000 - protocol: TCP - name: http - selector: - app.kubernetes.io/controller: main - app.kubernetes.io/instance: movie-roulette - app.kubernetes.io/name: movie-roulette