alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Activity

Merge pull request 'Automated Manifest Update' (#5691) from auto/update-manifests into manifests

Browse Source 
Reviewed-on: #5691
This commit was merged in pull request #5691.
This commit is contained in:
Alex Lebens
2026-04-08 00:06:35 +00:00
parent c1f1411cdc e61758db26
commit d52da50fd8
14 changed files with 320 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
clusters/cl01tl/manifests/gitea/StatefulSet-gitea-gitea-actions-act-runner.yaml
View File

@@ -47,7 +47,7 @@ spec:
done done
echo "Gitea has been reached!" echo "Gitea has been reached!"
- name: dind - name: dind
image: "docker.io/docker:29.3.1-dind@sha256:4d90f1f6c400315c2dba96d3ec93c01e64198395cbba04f79d12adce4f737029" image: "docker.io/docker:29.4.0-dind@sha256:f80c26212befc1c1988b529495532c6b9180d9b1dab1611f4a1efbe9da8ec821"
restartPolicy: Always restartPolicy: Always
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
securityContext: securityContext:

2
clusters/cl01tl/manifests/seerr/HTTPRoute-seerr-seerr-chart.yaml
View File

@@ -3,7 +3,7 @@ kind: HTTPRoute
metadata: metadata:
name: seerr-seerr-chart name: seerr-seerr-chart
labels: labels:
helm.sh/chart: seerr-chart-3.3.1 helm.sh/chart: seerr-chart-3.4.0
app.kubernetes.io/name: seerr-chart app.kubernetes.io/name: seerr-chart
app.kubernetes.io/instance: seerr app.kubernetes.io/instance: seerr
app.kubernetes.io/version: "v3.1.0" app.kubernetes.io/version: "v3.1.0"

2
clusters/cl01tl/manifests/seerr/PersistentVolumeClaim-seerr-seerr-chart-config.yaml
View File

@@ -3,7 +3,7 @@ kind: PersistentVolumeClaim
metadata: metadata:
name: seerr-seerr-chart-config name: seerr-seerr-chart-config
labels: labels:
helm.sh/chart: seerr-chart-3.3.1 helm.sh/chart: seerr-chart-3.4.0
app.kubernetes.io/name: seerr-chart app.kubernetes.io/name: seerr-chart
app.kubernetes.io/instance: seerr app.kubernetes.io/instance: seerr
app.kubernetes.io/version: "v3.1.0" app.kubernetes.io/version: "v3.1.0"

2
clusters/cl01tl/manifests/seerr/Pod-seerr-seerr-chart-test-connection.yaml
View File

@@ -3,7 +3,7 @@ kind: Pod
metadata: metadata:
name: "seerr-seerr-chart-test-connection" name: "seerr-seerr-chart-test-connection"
labels: labels:
helm.sh/chart: seerr-chart-3.3.1 helm.sh/chart: seerr-chart-3.4.0
app.kubernetes.io/name: seerr-chart app.kubernetes.io/name: seerr-chart
app.kubernetes.io/instance: seerr app.kubernetes.io/instance: seerr
app.kubernetes.io/version: "v3.1.0" app.kubernetes.io/version: "v3.1.0"

2
clusters/cl01tl/manifests/seerr/Service-seerr-seerr-chart.yaml
View File

@@ -3,7 +3,7 @@ kind: Service
metadata: metadata:
name: seerr-seerr-chart name: seerr-seerr-chart
labels: labels:
helm.sh/chart: seerr-chart-3.3.1 helm.sh/chart: seerr-chart-3.4.0
app.kubernetes.io/name: seerr-chart app.kubernetes.io/name: seerr-chart
app.kubernetes.io/instance: seerr app.kubernetes.io/instance: seerr
app.kubernetes.io/version: "v3.1.0" app.kubernetes.io/version: "v3.1.0"

2
clusters/cl01tl/manifests/seerr/ServiceAccount-seerr-seerr-chart.yaml
View File

@@ -3,7 +3,7 @@ kind: ServiceAccount
metadata: metadata:
name: seerr-seerr-chart name: seerr-seerr-chart
labels: labels:
helm.sh/chart: seerr-chart-3.3.1 helm.sh/chart: seerr-chart-3.4.0
app.kubernetes.io/name: seerr-chart app.kubernetes.io/name: seerr-chart
app.kubernetes.io/instance: seerr app.kubernetes.io/instance: seerr
app.kubernetes.io/version: "v3.1.0" app.kubernetes.io/version: "v3.1.0"

5
clusters/cl01tl/manifests/seerr/StatefulSet-seerr-seerr-chart.yaml
View File

@@ -3,7 +3,7 @@ kind: StatefulSet
metadata: metadata:
name: seerr-seerr-chart name: seerr-seerr-chart
labels: labels:
helm.sh/chart: seerr-chart-3.3.1 helm.sh/chart: seerr-chart-3.4.0
app.kubernetes.io/name: seerr-chart app.kubernetes.io/name: seerr-chart
app.kubernetes.io/instance: seerr app.kubernetes.io/instance: seerr
app.kubernetes.io/version: "v3.1.0" app.kubernetes.io/version: "v3.1.0"
@@ -18,7 +18,7 @@ spec:
template: template:
metadata: metadata:
labels: labels:
helm.sh/chart: seerr-chart-3.3.1 helm.sh/chart: seerr-chart-3.4.0
app.kubernetes.io/name: seerr-chart app.kubernetes.io/name: seerr-chart
app.kubernetes.io/instance: seerr app.kubernetes.io/instance: seerr
app.kubernetes.io/version: "v3.1.0" app.kubernetes.io/version: "v3.1.0"
@@ -70,6 +70,7 @@ spec:
volumeMounts: volumeMounts:
- name: config - name: config
mountPath: /app/config mountPath: /app/config
subPath:
volumes: volumes:
- name: config - name: config
persistentVolumeClaim: persistentVolumeClaim:

9
clusters/cl01tl/manifests/tailscale-operator/ClusterRole-tailscale-operator.yaml
View File

@@ -24,6 +24,12 @@ rules:
- apiGroups: ["tailscale.com"] - apiGroups: ["tailscale.com"]
resources: ["dnsconfigs", "dnsconfigs/status"] resources: ["dnsconfigs", "dnsconfigs/status"]
verbs: ["get", "list", "watch", "update"] verbs: ["get", "list", "watch", "update"]
- apiGroups: ["tailscale.com"]
resources: ["tailnets", "tailnets/status"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["tailscale.com"]
resources: ["proxygrouppolicies", "proxygrouppolicies/status"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["tailscale.com"] - apiGroups: ["tailscale.com"]
resources: ["recorders", "recorders/status"] resources: ["recorders", "recorders/status"]
verbs: ["get", "list", "watch", "update"] verbs: ["get", "list", "watch", "update"]
@@ -31,3 +37,6 @@ rules:
resources: ["customresourcedefinitions"] resources: ["customresourcedefinitions"]
verbs: ["get", "list", "watch"] verbs: ["get", "list", "watch"]
resourceNames: ["servicemonitors.monitoring.coreos.com"] resourceNames: ["servicemonitors.monitoring.coreos.com"]
- apiGroups: ["admissionregistration.k8s.io"]
resources: ["validatingadmissionpolicies", "validatingadmissionpolicybindings"]
verbs: ["list", "create", "delete", "update", "get", "watch"]

8
clusters/cl01tl/manifests/tailscale-operator/CustomResourceDefinition-connectors.tailscale.com.yaml
View File

@@ -181,6 +181,14 @@ spec:
items: items:
type: string type: string
pattern: ^tag:[a-zA-Z][a-zA-Z0-9-]*$ pattern: ^tag:[a-zA-Z][a-zA-Z0-9-]*$
tailnet:
description: |-
Tailnet specifies the tailnet this Connector should join. If blank, the default tailnet is used. When set, this
name must match that of a valid Tailnet resource. This field is immutable and cannot be changed once set.
type: string
x-kubernetes-validations:
- rule: self == oldSelf
message: Connector tailnet is immutable
x-kubernetes-validations: x-kubernetes-validations:
- rule: has(self.subnetRouter) || (has(self.exitNode) && self.exitNode == true) || has(self.appConnector) - rule: has(self.subnetRouter) || (has(self.exitNode) && self.exitNode == true) || has(self.appConnector)
message: A Connector needs to have at least one of exit node, subnet router or app connector configured. message: A Connector needs to have at least one of exit node, subnet router or app connector configured.

135
clusters/cl01tl/manifests/tailscale-operator/CustomResourceDefinition-proxygrouppolicies.tailscale.com.yaml Normal file
View File

@@ -0,0 +1,135 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.17.0
name: proxygrouppolicies.tailscale.com
spec:
group: tailscale.com
names:
kind: ProxyGroupPolicy
listKind: ProxyGroupPolicyList
plural: proxygrouppolicies
shortNames:
- pgp
singular: proxygrouppolicy
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
type: object
required:
- metadata
- spec
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: |-
Spec describes the desired state of the ProxyGroupPolicy.
More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
type: object
properties:
egress:
description: |-
Names of ProxyGroup resources that can be used by Service resources within this namespace. An empty list
denotes that no egress via ProxyGroups is allowed within this namespace.
type: array
items:
type: string
ingress:
description: |-
Names of ProxyGroup resources that can be used by Ingress resources within this namespace. An empty list
denotes that no ingress via ProxyGroups is allowed within this namespace.
type: array
items:
type: string
status:
description: |-
Status describes the status of the ProxyGroupPolicy. This is set
and managed by the Tailscale operator.
type: object
properties:
conditions:
type: array
items:
description: Condition contains details for one aspect of the current state of this API Resource.
type: object
required:
- lastTransitionTime
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
served: true
storage: true
subresources:
status: {}

8
clusters/cl01tl/manifests/tailscale-operator/CustomResourceDefinition-proxygroups.tailscale.com.yaml
View File

@@ -139,6 +139,14 @@ spec:
items: items:
type: string type: string
pattern: ^tag:[a-zA-Z][a-zA-Z0-9-]*$ pattern: ^tag:[a-zA-Z][a-zA-Z0-9-]*$
tailnet:
description: |-
Tailnet specifies the tailnet this ProxyGroup should join. If blank, the default tailnet is used. When set, this
name must match that of a valid Tailnet resource. This field is immutable and cannot be changed once set.
type: string
x-kubernetes-validations:
- rule: self == oldSelf
message: ProxyGroup tailnet is immutable
type: type:
description: |- description: |-
Type of the ProxyGroup proxies. Supported types are egress, ingress, and kube-apiserver. Type of the ProxyGroup proxies. Supported types are egress, ingress, and kube-apiserver.

9
clusters/cl01tl/manifests/tailscale-operator/CustomResourceDefinition-recorders.tailscale.com.yaml
View File

@@ -72,6 +72,7 @@ spec:
description: Replicas specifies how many instances of tsrecorder to run. Defaults to 1. description: Replicas specifies how many instances of tsrecorder to run. Defaults to 1.
type: integer type: integer
format: int32 format: int32
default: 1
minimum: 0 minimum: 0
statefulSet: statefulSet:
description: |- description: |-
@@ -1680,6 +1681,14 @@ spec:
items: items:
type: string type: string
pattern: ^tag:[a-zA-Z][a-zA-Z0-9-]*$ pattern: ^tag:[a-zA-Z][a-zA-Z0-9-]*$
tailnet:
description: |-
Tailnet specifies the tailnet this Recorder should join. If blank, the default tailnet is used. When set, this
name must match that of a valid Tailnet resource. This field is immutable and cannot be changed once set.
type: string
x-kubernetes-validations:
- rule: self == oldSelf
message: Recorder tailnet is immutable
x-kubernetes-validations: x-kubernetes-validations:
- rule: '!(self.replicas > 1 && (!has(self.storage) || !has(self.storage.s3)))' - rule: '!(self.replicas > 1 && (!has(self.storage) || !has(self.storage.s3)))'
message: S3 storage must be used when deploying multiple Recorder replicas message: S3 storage must be used when deploying multiple Recorder replicas

141
clusters/cl01tl/manifests/tailscale-operator/CustomResourceDefinition-tailnets.tailscale.com.yaml Normal file
View File

@@ -0,0 +1,141 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.17.0
name: tailnets.tailscale.com
spec:
group: tailscale.com
names:
kind: Tailnet
listKind: TailnetList
plural: tailnets
shortNames:
- tn
singular: tailnet
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- description: Status of the deployed Tailnet resources.
jsonPath: .status.conditions[?(@.type == "TailnetReady")].reason
name: Status
type: string
name: v1alpha1
schema:
openAPIV3Schema:
type: object
required:
- metadata
- spec
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: |-
Spec describes the desired state of the Tailnet.
More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
type: object
required:
- credentials
properties:
credentials:
description: Denotes the location of the OAuth credentials to use for authenticating with this Tailnet.
type: object
required:
- secretName
properties:
secretName:
description: |-
The name of the secret containing the OAuth credentials. This secret must contain two fields "client_id" and
"client_secret".
type: string
loginUrl:
description: URL of the control plane to be used by all resources managed by the operator using this Tailnet.
type: string
status:
description: |-
Status describes the status of the Tailnet. This is set
and managed by the Tailscale operator.
type: object
properties:
conditions:
type: array
items:
description: Condition contains details for one aspect of the current state of this API Resource.
type: object
required:
- lastTransitionTime
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
served: true
storage: true
subresources:
status: {}

2
clusters/cl01tl/manifests/tailscale-operator/DNSConfig-ts-dns.yaml
View File

@@ -11,4 +11,4 @@ spec:
nameserver: nameserver:
image: image:
repo: tailscale/k8s-nameserver repo: tailscale/k8s-nameserver
tag: v1.94.2 tag: v1.96.5