Automated Manifest Update (#2790)

This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow. Reviewed-on: #2790 Co-authored-by: gitea-bot <gitea-bot@alexlebens.net> Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
2025-12-23 22:30:48 +00:00
parent 8c141ab734
commit b1be12c53a
10 changed files with 106 additions and 84 deletions
--- a/clusters/cl01tl/manifests/authentik/Cluster-authentik-postgresql-18-cluster.yaml
+++ b/clusters/cl01tl/manifests/authentik/Cluster-authentik-postgresql-18-cluster.yaml
@@ -4,11 +4,11 @@ metadata:
  name: authentik-postgresql-18-cluster
  namespace: authentik
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: authentik-postgresql-18
    app.kubernetes.io/instance: authentik
    app.kubernetes.io/part-of: authentik
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
 spec:
  instances: 3
--- a/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-postgresql-18-backup-garage-local-secret.yaml
+++ b/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-postgresql-18-backup-garage-local-secret.yaml
@@ -0,0 +1,39 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: authentik-postgresql-18-backup-garage-local-secret
+  namespace: authentik
+  labels:
+    helm.sh/chart: postgres-18-cluster-7.4.3
+    app.kubernetes.io/name: authentik-postgresql-18
+    app.kubernetes.io/instance: authentik
+    app.kubernetes.io/part-of: authentik
+    app.kubernetes.io/version: "7.4.3"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: authentik-postgresql-18-backup-garage-local-secret
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault
+  data:
+    - secretKey: ACCESS_REGION
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /garage/home-infra/postgres-backups
+        metadataPolicy: None
+        property: ACCESS_REGION
+    - secretKey: ACCESS_KEY_ID
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /garage/home-infra/postgres-backups
+        metadataPolicy: None
+        property: ACCESS_KEY_ID
+    - secretKey: ACCESS_SECRET_KEY
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /garage/home-infra/postgres-backups
+        metadataPolicy: None
+        property: ACCESS_SECRET_KEY
--- a/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-postgresql-18-cluster-backup-secret.yaml
+++ b/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-postgresql-18-cluster-backup-secret.yaml
@@ -1,28 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: authentik-postgresql-18-cluster-backup-secret
-  namespace: authentik
-  labels:
-    app.kubernetes.io/name: authentik-postgresql-18-cluster-backup-secret
-    app.kubernetes.io/instance: authentik
-    app.kubernetes.io/part-of: authentik
-spec:
-  secretStoreRef:
-    kind: ClusterSecretStore
-    name: vault
-  data:
-    - secretKey: ACCESS_KEY_ID
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/postgres-backups
-        metadataPolicy: None
-        property: access
-    - secretKey: ACCESS_SECRET_KEY
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /digital-ocean/home-infra/postgres-backups
-        metadataPolicy: None
-        property: secret
--- a/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-postgresql-18-cluster-backup-secret-garage.yaml
+++ b/clusters/cl01tl/manifests/authentik/ExternalSecret-authentik-postgresql-18-cluster-backup-secret-garage.yaml
@@ -1,17 +1,28 @@
 apiVersion: external-secrets.io/v1
 kind: ExternalSecret
 metadata:
-  name: authentik-postgresql-18-cluster-backup-secret-garage
+  name: authentik-postgresql-18-recovery-secret
  namespace: authentik
  labels:
-    app.kubernetes.io/name: authentik-postgresql-18-cluster-backup-secret-garage
+    helm.sh/chart: postgres-18-cluster-7.4.3
+    app.kubernetes.io/name: authentik-postgresql-18
    app.kubernetes.io/instance: authentik
    app.kubernetes.io/part-of: authentik
+    app.kubernetes.io/version: "7.4.3"
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: authentik-postgresql-18-recovery-secret
 spec:
  secretStoreRef:
    kind: ClusterSecretStore
    name: vault
  data:
+    - secretKey: ACCESS_REGION
+      remoteRef:
+        conversionStrategy: Default
+        decodingStrategy: None
+        key: /garage/home-infra/postgres-backups
+        metadataPolicy: None
+        property: ACCESS_REGION
    - secretKey: ACCESS_KEY_ID
      remoteRef:
        conversionStrategy: Default
@@ -26,10 +37,3 @@ spec:
        key: /garage/home-infra/postgres-backups
        metadataPolicy: None
        property: ACCESS_SECRET_KEY
-    - secretKey: ACCESS_REGION
-      remoteRef:
-        conversionStrategy: Default
-        decodingStrategy: None
-        key: /garage/home-infra/postgres-backups
-        metadataPolicy: None
-        property: ACCESS_REGION
--- a/clusters/cl01tl/manifests/authentik/HTTPRoute-authentik-server.yaml
+++ b/clusters/cl01tl/manifests/authentik/HTTPRoute-authentik-server.yaml
@@ -0,0 +1,29 @@
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
+metadata:
+  name: authentik-server
+  namespace: "authentik"
+  labels:
+    helm.sh/chart: "authentik-2025.10.3"
+    app.kubernetes.io/name: "authentik"
+    app.kubernetes.io/instance: "authentik"
+    app.kubernetes.io/component: "server"
+    app.kubernetes.io/managed-by: "Helm"
+    app.kubernetes.io/part-of: "authentik"
+    app.kubernetes.io/version: "2025.10.3"
+spec:
+  parentRefs:
+    - group: gateway.networking.k8s.io
+      kind: Gateway
+      name: traefik-gateway
+      namespace: traefik
+  hostnames:
+    - authentik.alexlebens.net
+  rules:
+    - backendRefs:
+        - name: authentik-server
+          port: 80
+      matches:
+        - path:
+            type: PathPrefix
+            value: /
--- a/clusters/cl01tl/manifests/authentik/HTTPRoute-http-route-authentik.yaml
+++ b/clusters/cl01tl/manifests/authentik/HTTPRoute-http-route-authentik.yaml
@@ -1,28 +0,0 @@
-apiVersion: gateway.networking.k8s.io/v1
-kind: HTTPRoute
-metadata:
-  name: http-route-authentik
-  namespace: authentik
-  labels:
-    app.kubernetes.io/name: http-route-authentik
-    app.kubernetes.io/instance: authentik
-    app.kubernetes.io/part-of: authentik
-spec:
-  parentRefs:
-    - group: gateway.networking.k8s.io
-      kind: Gateway
-      name: traefik-gateway
-      namespace: traefik
-  hostnames:
-    - authentik.alexlebens.net
-  rules:
-    - matches:
-        - path:
-            type: PathPrefix
-            value: /
-      backendRefs:
-        - group: ''
-          kind: Service
-          name: authentik-server
-          port: 80
-          weight: 100
--- a/clusters/cl01tl/manifests/authentik/ObjectStore-authentik-postgresql-18-backup-garage-local.yaml
+++ b/clusters/cl01tl/manifests/authentik/ObjectStore-authentik-postgresql-18-backup-garage-local.yaml
@@ -1,27 +1,28 @@
 apiVersion: barmancloud.cnpg.io/v1
 kind: ObjectStore
 metadata:
-  name: "authentik-postgresql-18-garage-local-backup"
+  name: authentik-postgresql-18-backup-garage-local
  namespace: authentik
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: authentik-postgresql-18
    app.kubernetes.io/instance: authentik
    app.kubernetes.io/part-of: authentik
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: authentik-postgresql-18-backup-garage-local
 spec:
-  retentionPolicy: 3d
+  retentionPolicy: 7d
  configuration:
    destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-18-cluster
    endpointURL: http://garage-main.garage:3900
    s3Credentials:
      accessKeyId:
-        name: authentik-postgresql-18-cluster-backup-secret-garage
+        name: authentik-postgresql-18-backup-garage-local-secret
        key: ACCESS_KEY_ID
      secretAccessKey:
-        name: authentik-postgresql-18-cluster-backup-secret-garage
+        name: authentik-postgresql-18-backup-garage-local-secret
        key: ACCESS_SECRET_KEY
      region:
-        name: authentik-postgresql-18-cluster-backup-secret-garage
+        name: authentik-postgresql-18-backup-garage-local-secret
        key: ACCESS_REGION
--- a/clusters/cl01tl/manifests/authentik/ObjectStore-authentik-postgresql-18-recovery.yaml
+++ b/clusters/cl01tl/manifests/authentik/ObjectStore-authentik-postgresql-18-recovery.yaml
@@ -4,12 +4,13 @@ metadata:
  name: "authentik-postgresql-18-recovery"
  namespace: authentik
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: authentik-postgresql-18
    app.kubernetes.io/instance: authentik
    app.kubernetes.io/part-of: authentik
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: "authentik-postgresql-18-recovery"
 spec:
  configuration:
    destinationPath: s3://postgres-backups/cl01tl/authentik/authentik-postgresql-18-cluster
@@ -22,8 +23,11 @@ spec:
      jobs: 1
    s3Credentials:
      accessKeyId:
-        name: authentik-postgresql-18-cluster-backup-secret-garage
+        name: authentik-postgresql-18-recovery-secret
        key: ACCESS_KEY_ID
      secretAccessKey:
-        name: authentik-postgresql-18-cluster-backup-secret-garage
+        name: authentik-postgresql-18-recovery-secret
        key: ACCESS_SECRET_KEY
+      region:
+        name: authentik-postgresql-18-recovery-secret
+        key: ACCESS_REGION
--- a/clusters/cl01tl/manifests/authentik/PrometheusRule-authentik-postgresql-18-alert-rules.yaml
+++ b/clusters/cl01tl/manifests/authentik/PrometheusRule-authentik-postgresql-18-alert-rules.yaml
@@ -4,11 +4,11 @@ metadata:
  name: authentik-postgresql-18-alert-rules
  namespace: authentik
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: authentik-postgresql-18
    app.kubernetes.io/instance: authentik
    app.kubernetes.io/part-of: authentik
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
 spec:
  groups:
--- a/clusters/cl01tl/manifests/authentik/ScheduledBackup-authentik-postgresql-18-scheduled-backup-live-backup.yaml
+++ b/clusters/cl01tl/manifests/authentik/ScheduledBackup-authentik-postgresql-18-scheduled-backup-live-backup.yaml
@@ -1,15 +1,16 @@
 apiVersion: postgresql.cnpg.io/v1
 kind: ScheduledBackup
 metadata:
-  name: "authentik-postgresql-18-live-backup-scheduled-backup"
+  name: "authentik-postgresql-18-scheduled-backup-live-backup"
  namespace: authentik
  labels:
-    helm.sh/chart: postgres-18-cluster-7.1.4
+    helm.sh/chart: postgres-18-cluster-7.4.3
    app.kubernetes.io/name: authentik-postgresql-18
    app.kubernetes.io/instance: authentik
    app.kubernetes.io/part-of: authentik
-    app.kubernetes.io/version: "7.1.4"
+    app.kubernetes.io/version: "7.4.3"
    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: "authentik-postgresql-18-scheduled-backup-live-backup"
 spec:
  immediate: true
  suspend: false
@@ -21,4 +22,4 @@ spec:
  pluginConfiguration:
    name: barman-cloud.cloudnative-pg.io
    parameters:
-      barmanObjectName: "authentik-postgresql-18-garage-local-backup"
+      barmanObjectName: "authentik-postgresql-18-backup-garage-local"