From fb49caa1d4c28139bc101569526daaa4c6c42fdf Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Thu, 16 Jan 2025 12:11:36 -0500 Subject: [PATCH] feat(flux): remove cluster setting/secret and decryption patches Signed-off-by: Devin Buhl --- kubernetes/apps/default/qbittorrent/ks.yaml | 4 ++ .../flux-operator/instance/helm-values.yaml | 11 ----- kubernetes/flux/cluster/ks.yaml | 41 +------------------ kubernetes/flux/meta/kustomization.yaml | 1 - .../flux/meta/settings/kustomization.yaml | 5 --- 5 files changed, 6 insertions(+), 56 deletions(-) delete mode 100644 kubernetes/flux/meta/settings/kustomization.yaml diff --git a/kubernetes/apps/default/qbittorrent/ks.yaml b/kubernetes/apps/default/qbittorrent/ks.yaml index 0800129aa7523..01f5cdd234854 100644 --- a/kubernetes/apps/default/qbittorrent/ks.yaml +++ b/kubernetes/apps/default/qbittorrent/ks.yaml @@ -45,6 +45,10 @@ spec: dependsOn: - name: external-secrets-stores path: ./kubernetes/apps/default/qbittorrent/tools + decryption: + provider: sops + secretRef: + name: sops-age prune: true sourceRef: kind: GitRepository diff --git a/kubernetes/apps/flux-system/flux-operator/instance/helm-values.yaml b/kubernetes/apps/flux-system/flux-operator/instance/helm-values.yaml index 6f77e46bacedc..266127b1d3e02 100644 --- a/kubernetes/apps/flux-system/flux-operator/instance/helm-values.yaml +++ b/kubernetes/apps/flux-system/flux-operator/instance/helm-values.yaml @@ -20,17 +20,6 @@ instance: app.kubernetes.io/name: flux kustomize: patches: - # Add Sops decryption to Kustomizations - - patch: | - - op: add - path: /spec/decryption - value: - provider: sops - secretRef: - name: sops-age - target: - group: kustomize.toolkit.fluxcd.io - kind: Kustomization # Increase the number of workers and limits # Ref: https://fluxcd.io/flux/installation/configuration/vertical-scaling/#increase-the-number-of-workers-and-limits - patch: | diff --git a/kubernetes/flux/cluster/ks.yaml b/kubernetes/flux/cluster/ks.yaml index 83726ab981c1d..f4a0443a78f7f 100644 --- a/kubernetes/flux/cluster/ks.yaml +++ b/kubernetes/flux/cluster/ks.yaml @@ -15,10 +15,7 @@ spec: name: flux-system wait: true interval: 30m - decryption: - provider: sops - secretRef: - name: sops-age + timeout: 5m --- # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json apiVersion: kustomize.toolkit.fluxcd.io/v1 @@ -36,38 +33,4 @@ spec: name: flux-system wait: false interval: 30m - decryption: - provider: sops - secretRef: - name: sops-age - postBuild: - substituteFrom: - - name: cluster-settings - kind: ConfigMap - optional: true - - name: cluster-secrets - kind: Secret - optional: true - patches: - - patch: |- - apiVersion: kustomize.toolkit.fluxcd.io/v1 - kind: Kustomization - metadata: - name: not-used - spec: - decryption: - provider: sops - secretRef: - name: sops-age - postBuild: - substituteFrom: - - name: cluster-settings - kind: ConfigMap - optional: true - - name: cluster-secrets - kind: Secret - optional: true - target: - group: kustomize.toolkit.fluxcd.io - kind: Kustomization - labelSelector: substitution.flux.home.arpa/disabled notin (true) + timeout: 5m diff --git a/kubernetes/flux/meta/kustomization.yaml b/kubernetes/flux/meta/kustomization.yaml index 24a9b1c4a34c0..37c36764e4ac9 100644 --- a/kubernetes/flux/meta/kustomization.yaml +++ b/kubernetes/flux/meta/kustomization.yaml @@ -4,4 +4,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./repositories - - ./settings diff --git a/kubernetes/flux/meta/settings/kustomization.yaml b/kubernetes/flux/meta/settings/kustomization.yaml deleted file mode 100644 index 8fb7c1427d883..0000000000000 --- a/kubernetes/flux/meta/settings/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/kustomization -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: []