From 247b5aebc9d573ef38ac44fd5238fe470024c67f Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Sun, 28 Jan 2024 23:56:22 +0100
Subject: [PATCH] feat(renovate): Use kustomize components

---
 apps/base/renovate/kustomization.yaml         |  3 +++
 apps/base/renovate/namespace.yaml             | 20 -------------------
 .../flux-namespace-admin/kustomization.yaml   |  6 ++++++
 .../flux-namespace-admin/rolebinding.yaml     | 12 +++++++++++
 .../flux-namespace-admin/serviceaccount.yaml  |  6 ++++++
 5 files changed, 27 insertions(+), 20 deletions(-)
 create mode 100644 shared/components/flux-namespace-admin/kustomization.yaml
 create mode 100644 shared/components/flux-namespace-admin/rolebinding.yaml
 create mode 100644 shared/components/flux-namespace-admin/serviceaccount.yaml

diff --git a/apps/base/renovate/kustomization.yaml b/apps/base/renovate/kustomization.yaml
index 2a59a6a42..68348b99c 100644
--- a/apps/base/renovate/kustomization.yaml
+++ b/apps/base/renovate/kustomization.yaml
@@ -5,3 +5,6 @@ resources:
   - namespace.yaml
   - repository.yaml
   - release.yaml
+
+components:
+  - ../../../shared/components/flux-namespace-admin
\ No newline at end of file
diff --git a/apps/base/renovate/namespace.yaml b/apps/base/renovate/namespace.yaml
index 0adc8bab8..572a3f4db 100644
--- a/apps/base/renovate/namespace.yaml
+++ b/apps/base/renovate/namespace.yaml
@@ -9,23 +9,3 @@ metadata:
     pod-security.kubernetes.io/audit-version: v1.26
     pod-security.kubernetes.io/enforce-version: v1.23
     pod-security.kubernetes.io/warn-version: v1.26
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: flux-reconciler
-  namespace: renovate
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: flux-reconciler
-  namespace: renovate
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: admin
-subjects:
-  - kind: ServiceAccount
-    name: flux-reconciler
-    namespace: renovate
diff --git a/shared/components/flux-namespace-admin/kustomization.yaml b/shared/components/flux-namespace-admin/kustomization.yaml
new file mode 100644
index 000000000..8fcddec13
--- /dev/null
+++ b/shared/components/flux-namespace-admin/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1alpha1
+kind: Component
+
+resources:
+  - serviceaccount.yaml
+  - rolebinding.yaml
\ No newline at end of file
diff --git a/shared/components/flux-namespace-admin/rolebinding.yaml b/shared/components/flux-namespace-admin/rolebinding.yaml
new file mode 100644
index 000000000..978cdf480
--- /dev/null
+++ b/shared/components/flux-namespace-admin/rolebinding.yaml
@@ -0,0 +1,12 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: flux-reconciler
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: admin
+subjects:
+  - kind: ServiceAccount
+    name: flux-reconciler
\ No newline at end of file
diff --git a/shared/components/flux-namespace-admin/serviceaccount.yaml b/shared/components/flux-namespace-admin/serviceaccount.yaml
new file mode 100644
index 000000000..eec7c282c
--- /dev/null
+++ b/shared/components/flux-namespace-admin/serviceaccount.yaml
@@ -0,0 +1,6 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: flux-reconciler
+automountServiceAccountToken: false
\ No newline at end of file
-- 
GitLab