From abcb108104e886be01c681853a1c4e0862fade8b Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Fri, 16 May 2025 21:33:34 -0500 Subject: [PATCH] update app-template chart --- clusters/cl01tl/platform/authentik/Chart.yaml | 4 +- .../authentik/templates/config-map.yaml | 3 -- .../authentik/templates/external-secret.yaml | 15 ++---- .../authentik/templates/http-route.yaml | 5 +- .../platform/authentik/templates/ingress.yaml | 5 +- .../templates/cluster-secret-store.yaml | 3 -- clusters/cl01tl/platform/gitea/Chart.yaml | 6 +-- .../gitea/templates/external-secret.yaml | 50 ++++--------------- .../platform/gitea/templates/http-route.yaml | 5 +- .../platform/gitea/templates/ingress.yaml | 5 +- .../templates/persistent-volume-claim.yaml | 5 +- .../gitea/templates/role-binding.yaml | 5 +- .../cl01tl/platform/gitea/templates/role.yaml | 5 +- .../gitea/templates/service-monitor.yaml | 5 +- .../platform/gitea/templates/tcp-route.yaml | 5 +- clusters/cl01tl/platform/gitea/values.yaml | 7 ++- 16 files changed, 33 insertions(+), 100 deletions(-) diff --git a/clusters/cl01tl/platform/authentik/Chart.yaml b/clusters/cl01tl/platform/authentik/Chart.yaml index 2608bc756..ef40050f4 100644 --- a/clusters/cl01tl/platform/authentik/Chart.yaml +++ b/clusters/cl01tl/platform/authentik/Chart.yaml @@ -26,10 +26,10 @@ dependencies: - name: cloudflared alias: cloudflared repository: oci://harbor.alexlebens.net/helm-charts - version: 1.14.8 + version: 1.15.0 - name: postgres-cluster alias: postgres-17-cluster version: 5.1.0 repository: oci://harbor.alexlebens.net/helm-charts icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png -appVersion: 2025.4.0 +appVersion: 2025.4.1 diff --git a/clusters/cl01tl/platform/authentik/templates/config-map.yaml b/clusters/cl01tl/platform/authentik/templates/config-map.yaml index f749d50f5..59d949ac9 100644 --- a/clusters/cl01tl/platform/authentik/templates/config-map.yaml +++ b/clusters/cl01tl/platform/authentik/templates/config-map.yaml @@ -6,9 +6,6 @@ metadata: labels: app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} data: custom.css: | /* Change sign button color */ diff --git a/clusters/cl01tl/platform/authentik/templates/external-secret.yaml b/clusters/cl01tl/platform/authentik/templates/external-secret.yaml index 9bb1b2bbd..9819524df 100644 --- a/clusters/cl01tl/platform/authentik/templates/external-secret.yaml +++ b/clusters/cl01tl/platform/authentik/templates/external-secret.yaml @@ -4,11 +4,8 @@ metadata: name: authentik-key-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: authentik-key-secret + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore @@ -29,11 +26,8 @@ metadata: name: authentik-cloudflared-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: authentik-cloudflared-secret + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore @@ -54,11 +48,8 @@ metadata: name: authentik-postgresql-17-cluster-backup-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: authentik-postgresql-17-cluster-backup-secret + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/platform/authentik/templates/http-route.yaml b/clusters/cl01tl/platform/authentik/templates/http-route.yaml index 1f0f00364..979672c68 100644 --- a/clusters/cl01tl/platform/authentik/templates/http-route.yaml +++ b/clusters/cl01tl/platform/authentik/templates/http-route.yaml @@ -4,11 +4,8 @@ metadata: name: http-route-authentik namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: http-route-authentik + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} spec: parentRefs: - group: gateway.networking.k8s.io diff --git a/clusters/cl01tl/platform/authentik/templates/ingress.yaml b/clusters/cl01tl/platform/authentik/templates/ingress.yaml index 30d5e6da4..b771b3216 100644 --- a/clusters/cl01tl/platform/authentik/templates/ingress.yaml +++ b/clusters/cl01tl/platform/authentik/templates/ingress.yaml @@ -4,11 +4,8 @@ metadata: name: authentik-tailscale namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: authentik-tailscale + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} labels: tailscale.com/proxy-class: no-metrics annotations: diff --git a/clusters/cl01tl/platform/external-secrets/templates/cluster-secret-store.yaml b/clusters/cl01tl/platform/external-secrets/templates/cluster-secret-store.yaml index 83448a22c..c652a2b40 100644 --- a/clusters/cl01tl/platform/external-secrets/templates/cluster-secret-store.yaml +++ b/clusters/cl01tl/platform/external-secrets/templates/cluster-secret-store.yaml @@ -6,9 +6,6 @@ metadata: labels: app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: auth - app.kubernetes.io/part-of: {{ .Release.Name }} spec: provider: vault: diff --git a/clusters/cl01tl/platform/gitea/Chart.yaml b/clusters/cl01tl/platform/gitea/Chart.yaml index 9e7288f9b..2ecdcb289 100644 --- a/clusters/cl01tl/platform/gitea/Chart.yaml +++ b/clusters/cl01tl/platform/gitea/Chart.yaml @@ -33,11 +33,11 @@ dependencies: - name: app-template alias: renovate repository: https://bjw-s-labs.github.io/helm-charts/ - version: 3.7.3 + version: 4.0.1 - name: app-template alias: backup repository: https://bjw-s-labs.github.io/helm-charts/ - version: 3.7.3 + version: 4.0.1 - name: meilisearch version: 0.13.0 repository: https://meilisearch.github.io/meilisearch-kubernetes @@ -51,7 +51,7 @@ dependencies: - name: cloudflared alias: cloudflared repository: oci://harbor.alexlebens.net/helm-charts - version: 1.14.8 + version: 1.15.0 - name: postgres-cluster alias: postgres-17-cluster version: 5.1.0 diff --git a/clusters/cl01tl/platform/gitea/templates/external-secret.yaml b/clusters/cl01tl/platform/gitea/templates/external-secret.yaml index d733380ff..5347a7acf 100644 --- a/clusters/cl01tl/platform/gitea/templates/external-secret.yaml +++ b/clusters/cl01tl/platform/gitea/templates/external-secret.yaml @@ -4,11 +4,8 @@ metadata: name: gitea-admin-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-admin-secret + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore @@ -36,11 +33,8 @@ metadata: name: gitea-oidc-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-oidc-secret + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore @@ -68,11 +62,8 @@ metadata: name: gitea-runner-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-runner-secret + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: runner - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore @@ -93,11 +84,8 @@ metadata: name: gitea-renovate-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-renovate-secret + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: renovate - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore @@ -146,11 +134,8 @@ metadata: name: gitea-renovate-ssh-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-renovate-ssh-secret + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: renovate - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore @@ -185,11 +170,8 @@ metadata: name: gitea-backup-s3 namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-backup-s3 + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore @@ -224,11 +206,8 @@ metadata: name: gitea-s3cmd-config namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-s3cmd-s3 + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore @@ -249,11 +228,8 @@ metadata: name: gitea-meilisearch-master-key-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-meilisearch-master-key-secret + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: meilisearch - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore @@ -280,11 +256,8 @@ metadata: name: gitea-cloudflared-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-cloudflared-secret + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore @@ -305,11 +278,8 @@ metadata: name: gitea-postgresql-17-cluster-backup-secret namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-postgresql-17-cluster-backup-secret + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/platform/gitea/templates/http-route.yaml b/clusters/cl01tl/platform/gitea/templates/http-route.yaml index 6d5ace299..ebd4165e3 100644 --- a/clusters/cl01tl/platform/gitea/templates/http-route.yaml +++ b/clusters/cl01tl/platform/gitea/templates/http-route.yaml @@ -4,11 +4,8 @@ metadata: name: http-route-gitea namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: http-route-gitea + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} spec: parentRefs: - group: gateway.networking.k8s.io diff --git a/clusters/cl01tl/platform/gitea/templates/ingress.yaml b/clusters/cl01tl/platform/gitea/templates/ingress.yaml index 21666fe9c..9e93509ec 100644 --- a/clusters/cl01tl/platform/gitea/templates/ingress.yaml +++ b/clusters/cl01tl/platform/gitea/templates/ingress.yaml @@ -4,11 +4,8 @@ metadata: name: gitea-tailscale namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-tailscale + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} labels: tailscale.com/proxy-class: no-metrics annotations: diff --git a/clusters/cl01tl/platform/gitea/templates/persistent-volume-claim.yaml b/clusters/cl01tl/platform/gitea/templates/persistent-volume-claim.yaml index e3c2e4704..8fa9536a8 100644 --- a/clusters/cl01tl/platform/gitea/templates/persistent-volume-claim.yaml +++ b/clusters/cl01tl/platform/gitea/templates/persistent-volume-claim.yaml @@ -4,11 +4,8 @@ metadata: name: gitea-nfs-storage-backup namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-nfs-storage-backup + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: storage - app.kubernetes.io/part-of: {{ .Release.Name }} spec: volumeMode: Filesystem storageClassName: nfs-client diff --git a/clusters/cl01tl/platform/gitea/templates/role-binding.yaml b/clusters/cl01tl/platform/gitea/templates/role-binding.yaml index 527cf0f94..fa1d6ae6b 100644 --- a/clusters/cl01tl/platform/gitea/templates/role-binding.yaml +++ b/clusters/cl01tl/platform/gitea/templates/role-binding.yaml @@ -4,11 +4,8 @@ metadata: name: gitea-backup namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-backup + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/clusters/cl01tl/platform/gitea/templates/role.yaml b/clusters/cl01tl/platform/gitea/templates/role.yaml index 56908b3c8..9203b76f5 100644 --- a/clusters/cl01tl/platform/gitea/templates/role.yaml +++ b/clusters/cl01tl/platform/gitea/templates/role.yaml @@ -4,11 +4,8 @@ metadata: name: gitea-backup namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea-backup + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: backup - app.kubernetes.io/part-of: {{ .Release.Name }} rules: - apiGroups: - "" diff --git a/clusters/cl01tl/platform/gitea/templates/service-monitor.yaml b/clusters/cl01tl/platform/gitea/templates/service-monitor.yaml index 33809e2cd..fe7360b1c 100644 --- a/clusters/cl01tl/platform/gitea/templates/service-monitor.yaml +++ b/clusters/cl01tl/platform/gitea/templates/service-monitor.yaml @@ -4,11 +4,8 @@ metadata: name: gitea namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: gitea + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: metrics - app.kubernetes.io/part-of: {{ .Release.Name }} spec: selector: matchLabels: diff --git a/clusters/cl01tl/platform/gitea/templates/tcp-route.yaml b/clusters/cl01tl/platform/gitea/templates/tcp-route.yaml index c7c140e6b..e06ec210f 100644 --- a/clusters/cl01tl/platform/gitea/templates/tcp-route.yaml +++ b/clusters/cl01tl/platform/gitea/templates/tcp-route.yaml @@ -4,11 +4,8 @@ metadata: name: tcp-route-gitea-ssh namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: tcp-route-gitea-ssh + app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} spec: parentRefs: - group: gateway.networking.k8s.io diff --git a/clusters/cl01tl/platform/gitea/values.yaml b/clusters/cl01tl/platform/gitea/values.yaml index 2192405c5..64ab2bfd9 100644 --- a/clusters/cl01tl/platform/gitea/values.yaml +++ b/clusters/cl01tl/platform/gitea/values.yaml @@ -227,6 +227,10 @@ backup: failedJobsHistory: 3 backoffLimit: 3 parallelism: 1 + serviceAccount: + name: gitea-backup + pod: + automountServiceAccountToken: true initContainers: backup: image: @@ -299,7 +303,8 @@ backup: cpu: 100m memory: 128Mi serviceAccount: - create: true + gitea-backup: + enabled: true persistence: config: existingClaim: gitea-nfs-storage-backup