alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests Actions Activity

Automated Manifest Update (#2740)

Browse Source 
This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow.

Reviewed-on: #2740
Co-authored-by: gitea-bot <gitea-bot@alexlebens.net>
Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
This commit was merged in pull request #2740.
This commit is contained in:
gitea-bot
2025-12-20 01:22:33 +00:00
committed by Alex Lebens
parent cf65d02323
commit cbef5c4150
24 changed files with 338 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
clusters/cl01tl/manifests/booklore/Deployment-booklore.yaml
View File

@@ -50,7 +50,7 @@ spec:
value: "6060" value: "6060"
- name: SWAGGER_ENABLED - name: SWAGGER_ENABLED
value: "false" value: "false"
image: ghcr.io/booklore-app/booklore:v1.14.1 image: ghcr.io/booklore-app/booklore:v1.15.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
name: main name: main
resources: resources:

4
clusters/cl01tl/manifests/external-secrets/ClusterRole-external-secrets-cert-controller.yaml
View File

@@ -3,10 +3,10 @@ kind: ClusterRole
metadata: metadata:
name: external-secrets-cert-controller name: external-secrets-cert-controller
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/name: external-secrets-cert-controller
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
rules: rules:
- apiGroups: - apiGroups:

4
clusters/cl01tl/manifests/external-secrets/ClusterRole-external-secrets-controller.yaml
View File

@@ -3,10 +3,10 @@ kind: ClusterRole
metadata: metadata:
name: external-secrets-controller name: external-secrets-controller
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets app.kubernetes.io/name: external-secrets
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
rules: rules:
- apiGroups: - apiGroups:

4
clusters/cl01tl/manifests/external-secrets/ClusterRole-external-secrets-edit.yaml
View File

@@ -3,10 +3,10 @@ kind: ClusterRole
metadata: metadata:
name: external-secrets-edit name: external-secrets-edit
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets app.kubernetes.io/name: external-secrets
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true"

4
clusters/cl01tl/manifests/external-secrets/ClusterRole-external-secrets-servicebindings.yaml
View File

@@ -4,10 +4,10 @@ metadata:
name: external-secrets-servicebindings name: external-secrets-servicebindings
labels: labels:
servicebinding.io/controller: "true" servicebinding.io/controller: "true"
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets app.kubernetes.io/name: external-secrets
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
rules: rules:
- apiGroups: - apiGroups:

4
clusters/cl01tl/manifests/external-secrets/ClusterRole-external-secrets-view.yaml
View File

@@ -3,10 +3,10 @@ kind: ClusterRole
metadata: metadata:
name: external-secrets-view name: external-secrets-view
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets app.kubernetes.io/name: external-secrets
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true"

4
clusters/cl01tl/manifests/external-secrets/ClusterRoleBinding-external-secrets-cert-controller.yaml
View File

@@ -3,10 +3,10 @@ kind: ClusterRoleBinding
metadata: metadata:
name: external-secrets-cert-controller name: external-secrets-cert-controller
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/name: external-secrets-cert-controller
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io

4
clusters/cl01tl/manifests/external-secrets/ClusterRoleBinding-external-secrets-controller.yaml
View File

@@ -3,10 +3,10 @@ kind: ClusterRoleBinding
metadata: metadata:
name: external-secrets-controller name: external-secrets-controller
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets app.kubernetes.io/name: external-secrets
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io

148
clusters/cl01tl/manifests/external-secrets/CustomResourceDefinition-clustersecretstores.external-secrets.io.yaml
View File

@@ -765,8 +765,11 @@ spec:
type: string type: string
customCloudConfig: customCloudConfig:
description: |- description: |-
CustomCloudConfig defines custom Azure Stack Hub or Azure Stack Edge endpoints. CustomCloudConfig defines custom Azure endpoints for non-standard clouds.
Required when EnvironmentType is AzureStackCloud. Required when EnvironmentType is AzureStackCloud.
Optional for other environment types - useful for Azure China when using Workload Identity
with AKS, where the OIDC issuer (login.partner.microsoftonline.cn) differs from the
standard China Cloud endpoint (login.chinacloudapi.cn).
IMPORTANT: This feature REQUIRES UseAzureSDK to be set to true. Custom cloud IMPORTANT: This feature REQUIRES UseAzureSDK to be set to true. Custom cloud
configuration is not supported with the legacy go-autorest SDK. configuration is not supported with the legacy go-autorest SDK.
properties: properties:
@@ -850,6 +853,97 @@ spec:
required: required:
- vaultUrl - vaultUrl
type: object type: object
barbican:
description: Barbican configures this store to sync secrets using the OpenStack Barbican provider
properties:
auth:
description: BarbicanAuth contains the authentication information for Barbican.
properties:
password:
description: BarbicanProviderPasswordRef defines a reference to a secret containing password for the Barbican provider.
properties:
secretRef:
description: |-
SecretKeySelector is a reference to a specific 'key' within a Secret resource.
In some instances, `key` is a required field.
properties:
key:
description: |-
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
required:
- secretRef
type: object
username:
description: BarbicanProviderUsernameRef defines a reference to a secret containing username for the Barbican provider.
maxProperties: 1
minProperties: 1
properties:
secretRef:
description: |-
SecretKeySelector is a reference to a specific 'key' within a Secret resource.
In some instances, `key` is a required field.
properties:
key:
description: |-
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
value:
type: string
type: object
required:
- password
- username
type: object
authURL:
type: string
domainName:
type: string
region:
type: string
tenantName:
type: string
required:
- auth
type: object
beyondtrust: beyondtrust:
description: Beyondtrust configures this store to sync secrets using Password Safe provider. description: Beyondtrust configures this store to sync secrets using Password Safe provider.
properties: properties:
@@ -1607,8 +1701,53 @@ spec:
auth: auth:
description: Auth configures how the Operator authenticates with the Doppler API description: Auth configures how the Operator authenticates with the Doppler API
properties: properties:
oidcConfig:
description: OIDCConfig authenticates using Kubernetes ServiceAccount tokens via OIDC.
properties:
expirationSeconds:
default: 600
description: |-
ExpirationSeconds sets the ServiceAccount token validity duration.
Defaults to 10 minutes.
format: int64
type: integer
identity:
description: Identity is the Doppler Service Account Identity ID configured for OIDC authentication.
type: string
serviceAccountRef:
description: ServiceAccountRef specifies the Kubernetes ServiceAccount to use for authentication.
properties:
audiences:
description: |-
Audience specifies the `aud` claim for the service account token
If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity
then this audiences will be appended to the list
items:
type: string
type: array
name:
description: The name of the ServiceAccount resource being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
type: object
required:
- identity
- serviceAccountRef
type: object
secretRef: secretRef:
description: DopplerAuthSecretRef contains the secret reference for accessing the Doppler API. description: SecretRef authenticates using a Doppler service token stored in a Kubernetes Secret.
properties: properties:
dopplerToken: dopplerToken:
description: |- description: |-
@@ -1642,9 +1781,10 @@ spec:
required: required:
- dopplerToken - dopplerToken
type: object type: object
required:
- secretRef
type: object type: object
x-kubernetes-validations:
- message: Exactly one of 'secretRef' or 'oidcConfig' must be specified
rule: (has(self.secretRef) && !has(self.oidcConfig)) || (!has(self.secretRef) && has(self.oidcConfig))
config: config:
description: Doppler config (required if not using a Service Token) description: Doppler config (required if not using a Service Token)
type: string type: string

148
clusters/cl01tl/manifests/external-secrets/CustomResourceDefinition-secretstores.external-secrets.io.yaml
View File

@@ -765,8 +765,11 @@ spec:
type: string type: string
customCloudConfig: customCloudConfig:
description: |- description: |-
CustomCloudConfig defines custom Azure Stack Hub or Azure Stack Edge endpoints. CustomCloudConfig defines custom Azure endpoints for non-standard clouds.
Required when EnvironmentType is AzureStackCloud. Required when EnvironmentType is AzureStackCloud.
Optional for other environment types - useful for Azure China when using Workload Identity
with AKS, where the OIDC issuer (login.partner.microsoftonline.cn) differs from the
standard China Cloud endpoint (login.chinacloudapi.cn).
IMPORTANT: This feature REQUIRES UseAzureSDK to be set to true. Custom cloud IMPORTANT: This feature REQUIRES UseAzureSDK to be set to true. Custom cloud
configuration is not supported with the legacy go-autorest SDK. configuration is not supported with the legacy go-autorest SDK.
properties: properties:
@@ -850,6 +853,97 @@ spec:
required: required:
- vaultUrl - vaultUrl
type: object type: object
barbican:
description: Barbican configures this store to sync secrets using the OpenStack Barbican provider
properties:
auth:
description: BarbicanAuth contains the authentication information for Barbican.
properties:
password:
description: BarbicanProviderPasswordRef defines a reference to a secret containing password for the Barbican provider.
properties:
secretRef:
description: |-
SecretKeySelector is a reference to a specific 'key' within a Secret resource.
In some instances, `key` is a required field.
properties:
key:
description: |-
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
required:
- secretRef
type: object
username:
description: BarbicanProviderUsernameRef defines a reference to a secret containing username for the Barbican provider.
maxProperties: 1
minProperties: 1
properties:
secretRef:
description: |-
SecretKeySelector is a reference to a specific 'key' within a Secret resource.
In some instances, `key` is a required field.
properties:
key:
description: |-
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
value:
type: string
type: object
required:
- password
- username
type: object
authURL:
type: string
domainName:
type: string
region:
type: string
tenantName:
type: string
required:
- auth
type: object
beyondtrust: beyondtrust:
description: Beyondtrust configures this store to sync secrets using Password Safe provider. description: Beyondtrust configures this store to sync secrets using Password Safe provider.
properties: properties:
@@ -1607,8 +1701,53 @@ spec:
auth: auth:
description: Auth configures how the Operator authenticates with the Doppler API description: Auth configures how the Operator authenticates with the Doppler API
properties: properties:
oidcConfig:
description: OIDCConfig authenticates using Kubernetes ServiceAccount tokens via OIDC.
properties:
expirationSeconds:
default: 600
description: |-
ExpirationSeconds sets the ServiceAccount token validity duration.
Defaults to 10 minutes.
format: int64
type: integer
identity:
description: Identity is the Doppler Service Account Identity ID configured for OIDC authentication.
type: string
serviceAccountRef:
description: ServiceAccountRef specifies the Kubernetes ServiceAccount to use for authentication.
properties:
audiences:
description: |-
Audience specifies the `aud` claim for the service account token
If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity
then this audiences will be appended to the list
items:
type: string
type: array
name:
description: The name of the ServiceAccount resource being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
type: object
required:
- identity
- serviceAccountRef
type: object
secretRef: secretRef:
description: DopplerAuthSecretRef contains the secret reference for accessing the Doppler API. description: SecretRef authenticates using a Doppler service token stored in a Kubernetes Secret.
properties: properties:
dopplerToken: dopplerToken:
description: |- description: |-
@@ -1642,9 +1781,10 @@ spec:
required: required:
- dopplerToken - dopplerToken
type: object type: object
required:
- secretRef
type: object type: object
x-kubernetes-validations:
- message: Exactly one of 'secretRef' or 'oidcConfig' must be specified
rule: (has(self.secretRef) && !has(self.oidcConfig)) || (!has(self.secretRef) && has(self.oidcConfig))
config: config:
description: Doppler config (required if not using a Service Token) description: Doppler config (required if not using a Service Token)
type: string type: string

10
clusters/cl01tl/manifests/external-secrets/Deployment-external-secrets-cert-controller.yaml
View File

@@ -4,10 +4,10 @@ metadata:
name: external-secrets-cert-controller name: external-secrets-cert-controller
namespace: external-secrets namespace: external-secrets
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/name: external-secrets-cert-controller
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
spec: spec:
replicas: 1 replicas: 1
@@ -19,10 +19,10 @@ spec:
template: template:
metadata: metadata:
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/name: external-secrets-cert-controller
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
spec: spec:
serviceAccountName: external-secrets-cert-controller serviceAccountName: external-secrets-cert-controller
@@ -40,7 +40,7 @@ spec:
runAsUser: 1000 runAsUser: 1000
seccompProfile: seccompProfile:
type: RuntimeDefault type: RuntimeDefault
image: ghcr.io/external-secrets/external-secrets:v1.1.1 image: ghcr.io/external-secrets/external-secrets:v1.2.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
args: args:
- certcontroller - certcontroller

10
clusters/cl01tl/manifests/external-secrets/Deployment-external-secrets-webhook.yaml
View File

@@ -4,10 +4,10 @@ metadata:
name: external-secrets-webhook name: external-secrets-webhook
namespace: external-secrets namespace: external-secrets
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/name: external-secrets-webhook
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
spec: spec:
replicas: 1 replicas: 1
@@ -19,10 +19,10 @@ spec:
template: template:
metadata: metadata:
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/name: external-secrets-webhook
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
spec: spec:
hostNetwork: false hostNetwork: false
@@ -40,7 +40,7 @@ spec:
runAsUser: 1000 runAsUser: 1000
seccompProfile: seccompProfile:
type: RuntimeDefault type: RuntimeDefault
image: ghcr.io/external-secrets/external-secrets:v1.1.1 image: ghcr.io/external-secrets/external-secrets:v1.2.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
args: args:
- webhook - webhook

10
clusters/cl01tl/manifests/external-secrets/Deployment-external-secrets.yaml
View File

@@ -4,10 +4,10 @@ metadata:
name: external-secrets name: external-secrets
namespace: external-secrets namespace: external-secrets
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets app.kubernetes.io/name: external-secrets
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
spec: spec:
replicas: 1 replicas: 1
@@ -19,10 +19,10 @@ spec:
template: template:
metadata: metadata:
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets app.kubernetes.io/name: external-secrets
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
spec: spec:
serviceAccountName: external-secrets serviceAccountName: external-secrets
@@ -40,7 +40,7 @@ spec:
runAsUser: 1000 runAsUser: 1000
seccompProfile: seccompProfile:
type: RuntimeDefault type: RuntimeDefault
image: ghcr.io/external-secrets/external-secrets:v1.1.1 image: ghcr.io/external-secrets/external-secrets:v1.2.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
args: args:
- --concurrent=1 - --concurrent=1

4
clusters/cl01tl/manifests/external-secrets/Role-external-secrets-leaderelection.yaml
View File

@@ -4,10 +4,10 @@ metadata:
name: external-secrets-leaderelection name: external-secrets-leaderelection
namespace: external-secrets namespace: external-secrets
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets app.kubernetes.io/name: external-secrets
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
rules: rules:
- apiGroups: - apiGroups:

4
clusters/cl01tl/manifests/external-secrets/RoleBinding-external-secrets-leaderelection.yaml
View File

@@ -4,10 +4,10 @@ metadata:
name: external-secrets-leaderelection name: external-secrets-leaderelection
namespace: external-secrets namespace: external-secrets
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets app.kubernetes.io/name: external-secrets
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io

4
clusters/cl01tl/manifests/external-secrets/Secret-external-secrets-webhook.yaml
View File

@@ -4,9 +4,9 @@ metadata:
name: external-secrets-webhook name: external-secrets-webhook
namespace: external-secrets namespace: external-secrets
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/name: external-secrets-webhook
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
external-secrets.io/component: webhook external-secrets.io/component: webhook

4
clusters/cl01tl/manifests/external-secrets/Service-external-secrets-webhook.yaml
View File

@@ -4,10 +4,10 @@ metadata:
name: external-secrets-webhook name: external-secrets-webhook
namespace: external-secrets namespace: external-secrets
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/name: external-secrets-webhook
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
external-secrets.io/component: webhook external-secrets.io/component: webhook
spec: spec:

4
clusters/cl01tl/manifests/external-secrets/ServiceAccount-external-secrets-cert-controller.yaml
View File

@@ -4,8 +4,8 @@ metadata:
name: external-secrets-cert-controller name: external-secrets-cert-controller
namespace: external-secrets namespace: external-secrets
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets-cert-controller app.kubernetes.io/name: external-secrets-cert-controller
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm

4
clusters/cl01tl/manifests/external-secrets/ServiceAccount-external-secrets-webhook.yaml
View File

@@ -4,8 +4,8 @@ metadata:
name: external-secrets-webhook name: external-secrets-webhook
namespace: external-secrets namespace: external-secrets
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/name: external-secrets-webhook
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm

4
clusters/cl01tl/manifests/external-secrets/ServiceAccount-external-secrets.yaml
View File

@@ -4,8 +4,8 @@ metadata:
name: external-secrets name: external-secrets
namespace: external-secrets namespace: external-secrets
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets app.kubernetes.io/name: external-secrets
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm

4
clusters/cl01tl/manifests/external-secrets/ValidatingWebhookConfiguration-externalsecret-validate.yaml
View File

@@ -3,10 +3,10 @@ kind: ValidatingWebhookConfiguration
metadata: metadata:
name: externalsecret-validate name: externalsecret-validate
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/name: external-secrets-webhook
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
external-secrets.io/component: webhook external-secrets.io/component: webhook
webhooks: webhooks:

4
clusters/cl01tl/manifests/external-secrets/ValidatingWebhookConfiguration-secretstore-validate.yaml
View File

@@ -3,10 +3,10 @@ kind: ValidatingWebhookConfiguration
metadata: metadata:
name: secretstore-validate name: secretstore-validate
labels: labels:
helm.sh/chart: external-secrets-1.1.1 helm.sh/chart: external-secrets-1.2.0
app.kubernetes.io/name: external-secrets-webhook app.kubernetes.io/name: external-secrets-webhook
app.kubernetes.io/instance: external-secrets app.kubernetes.io/instance: external-secrets
app.kubernetes.io/version: "v1.1.1" app.kubernetes.io/version: "v1.2.0"
app.kubernetes.io/managed-by: Helm app.kubernetes.io/managed-by: Helm
external-secrets.io/component: webhook external-secrets.io/component: webhook
webhooks: webhooks:

2
clusters/cl01tl/manifests/immich/Deployment-immich.yaml
View File

@@ -70,7 +70,7 @@ spec:
secretKeyRef: secretKeyRef:
key: password key: password
name: immich-postgresql-18-cluster-app name: immich-postgresql-18-cluster-app
image: ghcr.io/immich-app/immich-server:v2.3.1 image: ghcr.io/immich-app/immich-server:v2.4.1
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
livenessProbe: livenessProbe:
failureThreshold: 3 failureThreshold: 3

2
clusters/cl01tl/manifests/qbittorrent/Deployment-qbittorrent-qui.yaml
View File

@@ -59,7 +59,7 @@ spec:
value: https://qui.alexlebens.net/api/auth/oidc/callback value: https://qui.alexlebens.net/api/auth/oidc/callback
- name: QUI__OIDC_DISABLE_BUILT_IN_LOGIN - name: QUI__OIDC_DISABLE_BUILT_IN_LOGIN
value: "false" value: "false"
image: ghcr.io/autobrr/qui:v1.10.0 image: ghcr.io/autobrr/qui:v1.11.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
name: qui name: qui
resources: resources: