From 98689b5520459bb8d6a9f7f22bdfc81cb6e696d6 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Mon, 29 Jan 2024 02:06:41 +0100
Subject: [PATCH] feat(forecastle): Move to new kustomize-optimised config

---
 apps/base/forecastle/kustomization.yaml |  9 +++++++--
 apps/base/forecastle/namespace.yaml     | 27 -------------------------
 apps/base/forecastle/networkpolicy.yaml |  9 ---------
 apps/base/forecastle/release.yaml       |  2 ++
 4 files changed, 9 insertions(+), 38 deletions(-)
 delete mode 100644 apps/base/forecastle/networkpolicy.yaml

diff --git a/apps/base/forecastle/kustomization.yaml b/apps/base/forecastle/kustomization.yaml
index 6969d8b91..0c988e077 100644
--- a/apps/base/forecastle/kustomization.yaml
+++ b/apps/base/forecastle/kustomization.yaml
@@ -7,5 +7,10 @@ resources:
   - release.yaml
   - ../../../shared/networkpolicies/allow-from-same-namespace.yaml
   - ../../../shared/networkpolicies/allow-from-ingress.yaml
-patchesStrategicMerge:
-  - networkpolicy.yaml
+
+commonLabels:
+  app: forecastle
+
+components:
+  - ../../../shared/components/flux-namespace-admin
+  - ../../../shared/components/namespace-baseline
\ No newline at end of file
diff --git a/apps/base/forecastle/namespace.yaml b/apps/base/forecastle/namespace.yaml
index e64cf34a0..e154a059d 100644
--- a/apps/base/forecastle/namespace.yaml
+++ b/apps/base/forecastle/namespace.yaml
@@ -2,30 +2,3 @@ apiVersion: v1
 kind: Namespace
 metadata:
   name: forecastle
-  labels:
-    pod-security.kubernetes.io/audit: restricted
-    pod-security.kubernetes.io/enforce: baseline
-    pod-security.kubernetes.io/warn: restricted
-    pod-security.kubernetes.io/audit-version: v1.26
-    pod-security.kubernetes.io/enforce-version: v1.23
-    pod-security.kubernetes.io/warn-version: v1.26
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: flux-reconciler
-  namespace: forecastle
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: flux-reconciler
-  namespace: forecastle
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: admin
-subjects:
-  - kind: ServiceAccount
-    name: flux-reconciler
-    namespace: forecastle
diff --git a/apps/base/forecastle/networkpolicy.yaml b/apps/base/forecastle/networkpolicy.yaml
deleted file mode 100644
index c21414a42..000000000
--- a/apps/base/forecastle/networkpolicy.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: allow-from-ingress
-spec:
-  podSelector:
-    matchLabels:
-      app: forecastle
diff --git a/apps/base/forecastle/release.yaml b/apps/base/forecastle/release.yaml
index d766de55f..618a5155c 100644
--- a/apps/base/forecastle/release.yaml
+++ b/apps/base/forecastle/release.yaml
@@ -3,6 +3,8 @@ kind: HelmRelease
 metadata:
   name: forecastle
   namespace: forecastle
+  annotations:
+    flux-namespace-admin.kustomize.si-infra.de/exclude-helmrelease: "true"
 spec:
   timeout: 15m
   releaseName: forecastle
-- 
GitLab