chore: Update manifests after change
This commit is contained in:
@@ -14,85 +14,49 @@ spec:
|
|||||||
data:
|
data:
|
||||||
- secretKey: HARBOR_ADMIN_PASSWORD
|
- secretKey: HARBOR_ADMIN_PASSWORD
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/harbor/config
|
key: /cl01tl/harbor/config
|
||||||
metadataPolicy: None
|
|
||||||
property: admin-password
|
property: admin-password
|
||||||
- secretKey: secretKey
|
- secretKey: secretKey
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/harbor/config
|
key: /cl01tl/harbor/config
|
||||||
metadataPolicy: None
|
|
||||||
property: secretKey
|
property: secretKey
|
||||||
- secretKey: CSRF_KEY
|
- secretKey: CSRF_KEY
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/harbor/core
|
key: /cl01tl/harbor/core
|
||||||
metadataPolicy: None
|
|
||||||
property: CSRF_KEY
|
property: CSRF_KEY
|
||||||
- secretKey: secret
|
- secretKey: secret
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/harbor/core
|
key: /cl01tl/harbor/core
|
||||||
metadataPolicy: None
|
|
||||||
property: secret
|
property: secret
|
||||||
- secretKey: tls.crt
|
- secretKey: tls.crt
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/harbor/core
|
key: /cl01tl/harbor/core
|
||||||
metadataPolicy: None
|
|
||||||
property: tls.crt
|
property: tls.crt
|
||||||
- secretKey: tls.key
|
- secretKey: tls.key
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/harbor/core
|
key: /cl01tl/harbor/core
|
||||||
metadataPolicy: None
|
|
||||||
property: tls.key
|
property: tls.key
|
||||||
- secretKey: JOBSERVICE_SECRET
|
- secretKey: JOBSERVICE_SECRET
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/harbor/jobservice
|
key: /cl01tl/harbor/jobservice
|
||||||
metadataPolicy: None
|
|
||||||
property: JOBSERVICE_SECRET
|
property: JOBSERVICE_SECRET
|
||||||
- secretKey: REGISTRY_HTTP_SECRET
|
- secretKey: REGISTRY_HTTP_SECRET
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/harbor/registry
|
key: /cl01tl/harbor/registry
|
||||||
metadataPolicy: None
|
|
||||||
property: REGISTRY_HTTP_SECRET
|
property: REGISTRY_HTTP_SECRET
|
||||||
- secretKey: REGISTRY_REDIS_PASSWORD
|
- secretKey: REGISTRY_REDIS_PASSWORD
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/harbor/registry
|
key: /cl01tl/harbor/registry
|
||||||
metadataPolicy: None
|
|
||||||
property: REGISTRY_REDIS_PASSWORD
|
property: REGISTRY_REDIS_PASSWORD
|
||||||
- secretKey: REGISTRY_HTPASSWD
|
- secretKey: REGISTRY_HTPASSWD
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/harbor/registry
|
key: /cl01tl/harbor/registry
|
||||||
metadataPolicy: None
|
|
||||||
property: REGISTRY_HTPASSWD
|
property: REGISTRY_HTPASSWD
|
||||||
- secretKey: REGISTRY_CREDENTIAL_PASSWORD
|
- secretKey: REGISTRY_CREDENTIAL_PASSWORD
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/harbor/registry
|
key: /cl01tl/harbor/registry
|
||||||
metadataPolicy: None
|
|
||||||
property: REGISTRY_CREDENTIAL_PASSWORD
|
property: REGISTRY_CREDENTIAL_PASSWORD
|
||||||
- secretKey: REGISTRY_PASSWD
|
- secretKey: REGISTRY_PASSWD
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/harbor/registry
|
key: /cl01tl/harbor/registry
|
||||||
metadataPolicy: None
|
|
||||||
property: REGISTRY_CREDENTIAL_PASSWORD
|
property: REGISTRY_CREDENTIAL_PASSWORD
|
||||||
|
|||||||
@@ -46,7 +46,7 @@ spec:
|
|||||||
automountServiceAccountToken: false
|
automountServiceAccountToken: false
|
||||||
containers:
|
containers:
|
||||||
- name: trivy
|
- name: trivy
|
||||||
image: goharbor/trivy-adapter-photon:v2.14.3
|
image: ghcr.io/goharbor/trivy-adapter-photon:v2.15.0@sha256:6fd6de9cfbbb04cb1d94722cfa01cf71b8994d3f9e7891d3b03a89a7536480ba
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
securityContext:
|
securityContext:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
|
|||||||
@@ -32,7 +32,7 @@ spec:
|
|||||||
runAsGroup: 101
|
runAsGroup: 101
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
runAsUser: 100
|
runAsUser: 100
|
||||||
image: "ghcr.io/headlamp-k8s/headlamp:v0.41.0"
|
image: "ghcr.io/headlamp-k8s/headlamp:v0.41.0@sha256:89c6c65810bfde61796483c93c70d659104355593792bf55cab680d685da8eeb"
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
envFrom:
|
envFrom:
|
||||||
- secretRef:
|
- secretRef:
|
||||||
@@ -60,8 +60,8 @@ spec:
|
|||||||
port: http
|
port: http
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 10m
|
cpu: 1m
|
||||||
memory: 128Mi
|
memory: 80Mi
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: plugins-dir
|
- name: plugins-dir
|
||||||
mountPath: /headlamp/plugins
|
mountPath: /headlamp/plugins
|
||||||
|
|||||||
@@ -14,43 +14,25 @@ spec:
|
|||||||
data:
|
data:
|
||||||
- secretKey: OIDC_CLIENT_ID
|
- secretKey: OIDC_CLIENT_ID
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /authentik/oidc/headlamp
|
key: /authentik/oidc/headlamp
|
||||||
metadataPolicy: None
|
|
||||||
property: client
|
property: client
|
||||||
- secretKey: OIDC_CLIENT_SECRET
|
- secretKey: OIDC_CLIENT_SECRET
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /authentik/oidc/headlamp
|
key: /authentik/oidc/headlamp
|
||||||
metadataPolicy: None
|
|
||||||
property: secret
|
property: secret
|
||||||
- secretKey: OIDC_ISSUER_URL
|
- secretKey: OIDC_ISSUER_URL
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /authentik/oidc/headlamp
|
key: /authentik/oidc/headlamp
|
||||||
metadataPolicy: None
|
|
||||||
property: issuer
|
property: issuer
|
||||||
- secretKey: OIDC_SCOPES
|
- secretKey: OIDC_SCOPES
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /authentik/oidc/headlamp
|
key: /authentik/oidc/headlamp
|
||||||
metadataPolicy: None
|
|
||||||
property: scopes
|
property: scopes
|
||||||
- secretKey: HEADLAMP_CONFIG_OIDC_VALIDATOR_IDP_ISSUER_URL
|
- secretKey: HEADLAMP_CONFIG_OIDC_VALIDATOR_IDP_ISSUER_URL
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /authentik/oidc/headlamp
|
key: /authentik/oidc/headlamp
|
||||||
metadataPolicy: None
|
|
||||||
property: validator-issuer-url
|
property: validator-issuer-url
|
||||||
- secretKey: HEADLAMP_CONFIG_OIDC_VALIDATOR_CLIENT_ID
|
- secretKey: HEADLAMP_CONFIG_OIDC_VALIDATOR_CLIENT_ID
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /authentik/oidc/headlamp
|
key: /authentik/oidc/headlamp
|
||||||
metadataPolicy: None
|
|
||||||
property: validator-client-id
|
property: validator-client-id
|
||||||
|
|||||||
@@ -4,9 +4,11 @@ metadata:
|
|||||||
name: headlamp
|
name: headlamp
|
||||||
namespace: headlamp
|
namespace: headlamp
|
||||||
labels:
|
labels:
|
||||||
|
helm.sh/chart: headlamp-0.41.0
|
||||||
app.kubernetes.io/name: headlamp
|
app.kubernetes.io/name: headlamp
|
||||||
app.kubernetes.io/instance: headlamp
|
app.kubernetes.io/instance: headlamp
|
||||||
app.kubernetes.io/part-of: headlamp
|
app.kubernetes.io/version: "0.41.0"
|
||||||
|
app.kubernetes.io/managed-by: Helm
|
||||||
spec:
|
spec:
|
||||||
parentRefs:
|
parentRefs:
|
||||||
- group: gateway.networking.k8s.io
|
- group: gateway.networking.k8s.io
|
||||||
@@ -16,13 +18,13 @@ spec:
|
|||||||
hostnames:
|
hostnames:
|
||||||
- headlamp.alexlebens.net
|
- headlamp.alexlebens.net
|
||||||
rules:
|
rules:
|
||||||
- matches:
|
- backendRefs:
|
||||||
- path:
|
- group: ""
|
||||||
type: PathPrefix
|
|
||||||
value: /
|
|
||||||
backendRefs:
|
|
||||||
- group: ''
|
|
||||||
kind: Service
|
kind: Service
|
||||||
name: headlamp
|
name: headlamp
|
||||||
port: 80
|
port: 80
|
||||||
weight: 100
|
weight: 100
|
||||||
|
matches:
|
||||||
|
- path:
|
||||||
|
type: PathPrefix
|
||||||
|
value: /
|
||||||
|
|||||||
@@ -29,6 +29,9 @@ spec:
|
|||||||
enableServiceLinks: false
|
enableServiceLinks: false
|
||||||
serviceAccountName: default
|
serviceAccountName: default
|
||||||
automountServiceAccountToken: true
|
automountServiceAccountToken: true
|
||||||
|
securityContext:
|
||||||
|
fsGroup: 1000
|
||||||
|
fsGroupChangePolicy: OnRootMismatch
|
||||||
hostIPC: false
|
hostIPC: false
|
||||||
hostNetwork: false
|
hostNetwork: false
|
||||||
hostPID: false
|
hostPID: false
|
||||||
@@ -36,7 +39,7 @@ spec:
|
|||||||
containers:
|
containers:
|
||||||
- env:
|
- env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
value: US/Central
|
value: America/Chicago
|
||||||
- name: PUID
|
- name: PUID
|
||||||
value: "1000"
|
value: "1000"
|
||||||
- name: PGID
|
- name: PGID
|
||||||
@@ -47,25 +50,19 @@ spec:
|
|||||||
- secretRef:
|
- secretRef:
|
||||||
name: home-assistant-code-server-password-secret
|
name: home-assistant-code-server-password-secret
|
||||||
image: ghcr.io/linuxserver/code-server:4.112.0@sha256:4bb5b8ad22268001687c047f0f04933799fb03df1eb0e1e266ba15ed2d9f4e8b
|
image: ghcr.io/linuxserver/code-server:4.112.0@sha256:4bb5b8ad22268001687c047f0f04933799fb03df1eb0e1e266ba15ed2d9f4e8b
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
name: code-server
|
name: code-server
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: 10m
|
|
||||||
memory: 128Mi
|
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /config/home-assistant
|
- mountPath: /config/home-assistant
|
||||||
name: config
|
name: config
|
||||||
- env:
|
- env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
value: US/Central
|
value: America/Chicago
|
||||||
image: ghcr.io/home-assistant/home-assistant:2026.3.4
|
image: ghcr.io/home-assistant/home-assistant:2026.3.4@sha256:916682086154a7390114a9788782b8efb199852d4f7d47066722c2bc5d1829e6
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
name: main
|
name: main
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 50m
|
cpu: 1m
|
||||||
memory: 512Mi
|
memory: 400Mi
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /config
|
- mountPath: /config
|
||||||
name: config
|
name: config
|
||||||
|
|||||||
@@ -14,15 +14,9 @@ spec:
|
|||||||
data:
|
data:
|
||||||
- secretKey: PASSWORD
|
- secretKey: PASSWORD
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/home-assistant/code-server/auth
|
key: /cl01tl/home-assistant/code-server/auth
|
||||||
metadataPolicy: None
|
|
||||||
property: PASSWORD
|
property: PASSWORD
|
||||||
- secretKey: SUDO_PASSWORD
|
- secretKey: SUDO_PASSWORD
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/home-assistant/code-server/auth
|
key: /cl01tl/home-assistant/code-server/auth
|
||||||
metadataPolicy: None
|
|
||||||
property: SUDO_PASSWORD
|
property: SUDO_PASSWORD
|
||||||
|
|||||||
@@ -14,8 +14,5 @@ spec:
|
|||||||
data:
|
data:
|
||||||
- secretKey: bearer-token
|
- secretKey: bearer-token
|
||||||
remoteRef:
|
remoteRef:
|
||||||
conversionStrategy: Default
|
|
||||||
decodingStrategy: None
|
|
||||||
key: /cl01tl/home-assistant/auth
|
key: /cl01tl/home-assistant/auth
|
||||||
metadataPolicy: None
|
|
||||||
property: bearer-token
|
property: bearer-token
|
||||||
|
|||||||
@@ -23,7 +23,7 @@ spec:
|
|||||||
name: home-assistant-code-server
|
name: home-assistant-code-server
|
||||||
namespace: home-assistant
|
namespace: home-assistant
|
||||||
port: 8443
|
port: 8443
|
||||||
weight: 100
|
weight: 1
|
||||||
matches:
|
matches:
|
||||||
- path:
|
- path:
|
||||||
type: PathPrefix
|
type: PathPrefix
|
||||||
|
|||||||
@@ -23,7 +23,7 @@ spec:
|
|||||||
name: home-assistant-main
|
name: home-assistant-main
|
||||||
namespace: home-assistant
|
namespace: home-assistant
|
||||||
port: 80
|
port: 80
|
||||||
weight: 100
|
weight: 1
|
||||||
matches:
|
matches:
|
||||||
- path:
|
- path:
|
||||||
type: PathPrefix
|
type: PathPrefix
|
||||||
|
|||||||
Reference in New Issue
Block a user