feat(forecastle): Move to new kustomize-optimised config

98689b55 · Sheogorath · 6cd1b35b · 98689b55 · 98689b55 · 6cd1b35b
Verified Commit 98689b55 authored 1 year ago by Sheogorath
--- a/apps/base/forecastle/kustomization.yaml
+++ b/apps/base/forecastle/kustomization.yaml
@@ -7,5 +7,10 @@ resources:
  - release.yaml
  - ../../../shared/networkpolicies/allow-from-same-namespace.yaml
  - ../../../shared/networkpolicies/allow-from-ingress.yaml
-patchesStrategicMerge:
-  - networkpolicy.yaml
+
+commonLabels:
+  app: forecastle
+
+components:
+  - ../../../shared/components/flux-namespace-admin
+  - ../../../shared/components/namespace-baseline
\ No newline at end of file
--- a/apps/base/forecastle/namespace.yaml
+++ b/apps/base/forecastle/namespace.yaml
@@ -2,30 +2,3 @@ apiVersion: v1
 kind: Namespace
 metadata:
  name: forecastle
-  labels:
-    pod-security.kubernetes.io/audit: restricted
-    pod-security.kubernetes.io/enforce: baseline
-    pod-security.kubernetes.io/warn: restricted
-    pod-security.kubernetes.io/audit-version: v1.26
-    pod-security.kubernetes.io/enforce-version: v1.23
-    pod-security.kubernetes.io/warn-version: v1.26
---
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: flux-reconciler
-  namespace: forecastle
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: flux-reconciler
-  namespace: forecastle
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: admin
-subjects:
-  - kind: ServiceAccount
-    name: flux-reconciler
-    namespace: forecastle
--- a/apps/base/forecastle/networkpolicy.yaml
+++ b/apps/base/forecastle/networkpolicy.yaml
---
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: allow-from-ingress
-spec:
-  podSelector:
-    matchLabels:
-      app: forecastle
--- a/apps/base/forecastle/release.yaml
+++ b/apps/base/forecastle/release.yaml
@@ -3,6 +3,8 @@ kind: HelmRelease
 metadata:
  name: forecastle
  namespace: forecastle
+  annotations:
+    flux-namespace-admin.kustomize.si-infra.de/exclude-helmrelease: "true"
 spec:
  timeout: 15m
  releaseName: forecastle