diff --git a/clusters/okd4/.sops.pub.asc b/clusters/okd4/.sops.pub.asc
deleted file mode 100644
index 2b591f0b42cd9d366674ff15fa4a806a34c50716..0000000000000000000000000000000000000000
--- a/clusters/okd4/.sops.pub.asc
+++ /dev/null
@@ -1,63 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-
-mQINBGEWu8EBEAC5AMZ9+nU0JgLgW1HqaLLIo30FKWU5o+e/Q73wqPnPhLVNhSAv
-VcgudK4w3W1WmSjO8HHk/tdUrACt5S0YlqViIopSEh805O9U45Gb/wNuqMpp/WcX
-0JiVh3AsildLJI54gdfqNUvWOg/HfUzxA5OBn1TvhCwMoif9gtDWCh3GZ2oIit1/
-GQk0HvDNhD3P+59tsGwKK1zky/3G1tqZmBMYLhOwbEGmmCYCvwbZmR+V/gjjGyV4
-hX9M+5ue5/DHUTEcX2h2wpj8e3eCyhNjKs54YWNaoHwf6vySq+sB2S4LKvNTswEi
-qJhDuHsgSduI4xXOIosHE3HCVJ4P9Y8ScIpcN/QnbtGD1FFBVKBuAj/CnFGFOO7Y
-OQYDIBvKXPCjyIeuly6sJe6SAhAF2s6pjWQe4loartmgbcPE2DcCswil8JBd8SbS
-CjCWO4lrjTB0gMuJMIo1YDJuVezfn7Pq0WhpKe2ehAfy0OdM8A6NIOAr9jPQN8l8
-ABvHY6jh7arj8kV0MhVpVY+s1vAf0z5taEijO/0QMTXUnF9WGW4WPPUtCHyYidRM
-HEDVLgFG0AeeZ2D6/OE6TBlANY/48aluXG2wc8PSJ0byFbs4a7xvnyeo3ObyWj7X
-5MtR38v4xC7GJPAPajP/LMA1PCr3z5qA8MGl1887UHDno5K15MUPTHfrJwARAQAB
-tCdva2Q0LnNoaXZlcmluZy1pc2xlcy5jb20gKGZsdXggc2VjcmV0cymJAk4EEwEI
-ADgWIQSdAqmtc+9/PV9lesKzkvbrMl6MUAUCYRa7wQIbLwULCQgHAgYVCgkICwIE
-FgIDAQIeAQIXgAAKCRCzkvbrMl6MUMOzD/oCN+prRIOsHdr1SQNH8IaqFymyLFmH
-j674BErThijIFjizaIAp2QOlKRqr1tbp0sHF7Q9XJ+BZQvWdKSOxKNFzz9MX59m5
-grR0D2ez5UdvqHcCr4GOHMVb4CfEhumWv/yt9zbHyvEeABYWpEYaLKFS07/JejNZ
-QMJ4C6Ks5xOPyT341c9j4PHLQY+oft4OgwV1/Cm1WAm/6TAXqqakolVMKG0ij08o
-RCJPQxHB54PhB6c1lkwculJ8k6R9SOEPnMbrr+6087sgKxQRougk/3U5mNUeNOMz
-FIaaq33sSkVJ8ENLa1+RnLNqtuzVhxuPqhrcFDp1/yylQOQV43RFN/h5y1PVw6RH
-4MJWLCZfVzwquhve00lS+2S5O+b/MeOE/4yhe8veJ7MIGgM/k/SBOuo8QSLy/5ci
-A0omJpd47+pjMXrqWa/hwLOkVpz0MtYOQbbhrJNfb00y/WYVkD1coKqO81mTf02D
-okTaVP6sF+plT1ReYrd7lMEwuZltFKBdysC9VTCPr5AWS0i14mBFJ8y8tg7la4j1
-ql3qW6V75ZyFGRc7KLIQsNJiGw8isL3sAEpYdx0l4snXJwrQJi9F9ffq+73D/5U8
-Hsazq9Px3ezqfVIXcGIbOVn6/rUJ9b8HQRFihffQaE+C6ial8ucJ4/SiAmBUoGV4
-+IBw0W+D3DVvV7kCDQRhFrvBARAA3m0tZlWSQ8EIU8a9qNcxDmT62WKEbWxY4wKf
-D1DVdAQMgArRscepboe537MP/d5dfi4Me4GE3MfigV/Z1t2hvGDf2pKkxf7KSHif
-zID+PK6wZV513myOf/LhQDtoshKGk99tBxrl7uJhNDpDOOlpjbbbt58arSKY0eXU
-2TI0O+NXlMby8a+Jyf2IyV2EnhcS/qzp8oLSshclpDKyIj7Oc/12IC41t0xbDcyh
-6iWGneg0ox0ISMAmcDg1ZlqMCQ/4sz8Wtvg46tEsP+8iBtaWQRwLzPYgEYw/ZBEM
-fxy3ANZXH8mpZ2rM4wJlpfHWfFKVPugdBioFQf2IN45ORgiwZ0/5M/1p4Io/cZ2W
-224o/zR4EoHspLr6c00bYWuGK09aoOUlc/UueN7KZyqOxUhGzpxAK1wxxv+Aizqu
-XoPrJv21iRtgtLYAQhaU7ptv9W/WV2H8N4RQUCCa5q8KcFyewlHyVjO/48EaubCJ
-SoAUS8Z5lqE208N5J1smC61KcjpR58yCsJqf7e2o9uOzl8cp0gSuEPstwOu7QUGg
-mpem5yrQxze7GkoCCGQxaymdrngwmeXSHXV6l8NQcQAmhmh4G7KJAR1dKP9t/JKh
-Pt7Gs0eIQBTvPb0jkBh6bADt0S4nHw2A6XhlhDlyVXXe4WlmTl8mwvqouW2BGmiI
-GCwFwc8AEQEAAYkEbAQYAQgAIBYhBJ0Cqa1z7389X2V6wrOS9usyXoxQBQJhFrvB
-AhsuAkAJELOS9usyXoxQwXQgBBkBCAAdFiEE0jYTQVAB73qOQPgJW7/+yWLj+fUF
-AmEWu8EACgkQW7/+yWLj+fVhWg/+KBHitGj+XrcW52fE7JWIMswQ7rlUM0HiEcEJ
-1kAtL9Rp45MiAM6rE6WPJANatptL2LP/8sfg2efRVdF80RfUHCN/ISbmc2ntvKd+
-rGnukq6jqIf6JnHjTC9lYkeu1uYEzjRdxyu0KwXddydzpWM/ofMjjp7yzF6CmXR5
-Ex7JLzYBiGmhmXXJ4hVhysvndsTzyT0xT2X2Rf739yZIg/Z+hvtNK5fS+3iXiTYT
-fS323XryHhApWV5r2u75/9FyL+IEngWm2pom7vBMax/fXbeS/woBfdcr7fagWGp+
-NgjYhiw4kIgVyMtvwDaBIWcMsRvlI2z7mZSSS8yb6Ty4aiIl8FO6v+EQYq2RK2Xt
-yaqKE80pJh11qzp6tI4jN4hnN7YSyTQuVfLMxeMSdRkSpyLASs0ZWoeTNorn9dKQ
-HPltQ0DP+OV/NgSfLWBPV2dKzM8squXR3Jdj+Lq6eEPUdu8sxxK2NcYFWuE0BujK
-aiIfxxw2IkfmrrWOVkGptjApSaROGr+wn0gkAnx1dvuLPMFphVPN5anzEilLNpeS
-NAKsyhTBDCyBSfjXrYBojg5jBWnda55Kr8DG7hbmRNxynfJ5FydEdrWAP2fxLb1Z
-7vWeUgePZhvv8HMPGwCIHK0M0qoKnbc90Iq0c5l7owXtncrbVrWR7l0yKyLRQAXn
-ly8v6uxxXw//b5x+yBgyOBUSZ9RkjIex1NA4cZ6BNkpzT5bnzGCINIqzqzig0OJK
-Fobs6uKRdv3ILicTrj0Hu6ANinzL/dlUS1BnArZ88zIdRpVaJozQkRtuL9S9PG2g
-fyQ7zuNbj25ZV4OLeo80Ddrq2Q4rb/yoPPLpgA5Hwu3bp2INqy0soiSm37oo1x6A
-7I9+sE09B6veHxyKyxQsf1H6Z/FzW5x6I9P+sPVOQVNcvzcZOt+32HV3/6N7gn//
-ZF7TWdqKt8LgbFDho9xR4y+Kon5xmmYg5J7Th8MEg2glj3wyMuxOcXOqRG/Dy3mf
-k0w6FZFmCyuiEWNc59gHcD7vJ3J8Wu6W0HqS4cn4j1JePYaZKg8w7+x5Kxe+AspO
-juHQwgqN+98IjcXk7HVpbjIubaRkRgVuB3+9hyP3WTDZdReVs0cqhkBsuvvxHOt8
-ysCSwTN0lh4IPg3KYCkuBQykYN/r/sFrVabyT/CCDWldicJRyTrBm6I1E9e/cFmn
-X2F/3CsAGfPev0IynHKZUtKyXj+5YnvBmPQjuEQv81bfO5qoq0Z+RRU1itzkviXi
-vMc4TINaJUeacMh4Ktxz0p3RfYJVMsooL8iYuSHDtvKUQWAakzr4rOfoM55gdMUq
-kHvjGR4UyX/W1XWC4A0NkeKxjDacSYGS/zkjNNa2sgooh8EU1TFG5zo=
-=anp/
------END PGP PUBLIC KEY BLOCK-----
diff --git a/clusters/okd4/apps.yaml b/clusters/okd4/apps.yaml
deleted file mode 100644
index 461f04b07cfd8a898642f2aaa2b0bae5df22b85e..0000000000000000000000000000000000000000
--- a/clusters/okd4/apps.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
-kind: Kustomization
-metadata:
- name: apps
- namespace: flux-system
-spec:
- dependsOn:
- - name: infrastructure
- interval: 10m0s
- sourceRef:
- kind: GitRepository
- name: flux-system
- path: ./apps/okd4
- prune: true
- validation: client
- decryption:
- provider: sops
- secretRef:
- name: sops-pgp
diff --git a/clusters/okd4/cert-manager/clusterIssuer.yaml b/clusters/okd4/cert-manager/clusterIssuer.yaml
deleted file mode 100644
index a2c29fe951e8ee146221237f9268b2ff45db34f5..0000000000000000000000000000000000000000
--- a/clusters/okd4/cert-manager/clusterIssuer.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
- name: letsencrypt
-spec:
- acme:
- email: ENC[AES256_GCM,data:eBPw+BiEJO67uRLlQf5i9J+phH+TbKiA8BNLfnA2zJ6thR3OeYYLc0p+SB5T9AQ=,iv:TyUprJrFiZJq9gOSN5H631JJIPeJLR4qvcgBXndLblk=,tag:AnXtN2+PggJy5CSSsjgD5A==,type:str]
- preferredChain: ""
- privateKeySecretRef:
- name: letsencrypt
- server: https://acme-v02.api.letsencrypt.org/directory
- solvers:
- - selector: {}
- http01:
- ingress: {}
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2021-08-15T19:23:40Z"
- mac: ENC[AES256_GCM,data:HjdQiXqim76IU60jTIGu+IHCaDGklc1ZdVRmxUaUi4LZxPwolAMAJpbVjW7AKnH34NmjPsBBydcO+l8QkRrAW+4Xb+JBY1BTU3a3WivIczyf8A9/2uZR8blGYo6HYhwyjDsWGueNKBXY0tx/RoVv5zYiL7RteBHntVaLweFr+aQ=,iv:Wt6CHwX88kXsi2uJHjKZwHoU0QIktae1QUtMqYo9LoM=,tag:p+8DEraXE4qfLi8AtBmW3g==,type:str]
- pgp:
- - created_at: "2021-08-13T23:58:48Z"
- enc: |
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1u//sli4/n1AQ/+I794GEYejSDFz4sVZAnBbN1bTpzT1dg4jbEbEtfDg65f
- 9Yqm8F9FENsIucN1XAkQWA0+UDLAHYV4pFOVi/4+LTX0HyOvVgUTSWspuF6JSMum
- UkfDNLZA4eC0eGqBeF6AaO2qEOxsyrzJz6YtOydevZgegEFnqpk/MdfmvZ29++D9
- LLgpPIxaRCTVH2wgFc8LOVqTwic7xtlRkT1DDbTI7yoN+KFUALNtFNjZBrIezuaK
- NoykPInUeBt9VaY6icvb3O+fwdphWh2ws+T/jmVszfaFJFWZDRsG9OTXVAhKPjeU
- nUmhAUaOr7nWsbYabn38Nxbx+LhrlStyvpTFbwFxcj/gQip4X4q9QOUu/n67E/R5
- m5XQSWB53vjbZKvpYyxTocUJskneTtS20xuj97/tTS+LjdaBD8E1X2Pr7ztrny5R
- vQ/PTpA/JProfI8No/HcFnYnXz8ZiRSbnD9ShMevK3CbedmMVRTNIY5y74i/EfV6
- cAQ1sd4sJ31DXl6YHSuhLl9c3IyN6h+cbaHDjdo0NOcWCXgfcVEu+6l/4TKv5Iqt
- k61CfQ0OhzRHOWJXcE5IXA4S6hyeLXlzVGWEQm/N1oFuX1/NrSrRI/W/ayFVJTOn
- cVdqcTVS44I8jPutzWbozy1arFAbQppE2Vyr56yhs/jQpsRBMSkO1zKd/0dzxUnS
- XAHF7kB8GlQanEFJeXBkzi9ro7UhxkB3ZbtR13sO2/bF/ufiLyASD8FMlZq/0cOh
- 72MIpxYrz84ISBpRPFxAIvAl9FoNbs4XafMKXfAIQH952tOLPZ42xcBZnelq
- =GaBa
- -----END PGP MESSAGE-----
- fp: 9D02A9AD73EF7F3D5F657AC2B392F6EB325E8C50
- - created_at: "2021-08-13T23:58:48Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- wcFMA7kpg2bgzVHcARAAZ9I+G7NhI9TYTfIb4MC/r5chkylncqxQgItsooJaGGLw
- DQOKDs9O8v9IHjGpLK8xv2Oae3VgL/IimkJJ8RmMvlFw8zG5h+9cOt5jwSUw9SE+
- Vu2kS+sjYy91kOAQR8kufi3gvZnotR0M0fZMaQyW2cUI3p/BVcXUDhPCUjlvE6Y8
- 4tBdCBTP/v5e6AncOijsskMzm0BkIUMYDOcYACOmTuRB7f7Vte3duNPKV3MI3fjZ
- UUFB3NYNiyP6GsodSjpZ0sXQ+LC2ePsrhpFryRRm1V2PRHhCwJeIvgbGqQTafOml
- cL61MdvZcZhi4ys2ap4sEWD9lNOorh/3NCJoIv6rCoVtWGqyceliCJUK/7JkqaMB
- ICh6z5l/6J9eVkoLFVaF+/E7DBWA2Tt3BBGU5+kA07OO3ew5bzk9AMw8hY2fK/DC
- nxmqf3WsWBulUv0/quOsP7zjjWlr9mnV1Vf98KpLLhtV+9V9Rw10t+EN5JbrhPwT
- dQYymhgy+E8RA/vxNX+fBeWuqpo9sFPBuBw3ogNVJUw0dXWXusQ1kKMPUCTdVIHS
- F0X0rRLIzFN/IvmIIlASdekW1DdrAhCbxtStVtn/xvDOF9TRE2/8BZvs9E5Dnu1b
- oFyBJH0O5DVjI7gRnbI1ntQtDwhvhUcJ0JUZtdiotU7lyMIs+GZaVAhD5qvTNoTS
- 5gEMzmTQCeHUOoKwPndd87s5I8zjqLw6YyQq9D546hglnq4EGg2Fo9grgJN7sdpf
- efSfct+ElolKYJ4Lfgg4isnkaw8s5HfT0zLXn7mJ5LpyleKNfAdLAA==
- =CWrw
- -----END PGP MESSAGE-----
- fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
- encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?)$
- version: 3.7.1
diff --git a/clusters/okd4/cert-manager/kustomization.yaml b/clusters/okd4/cert-manager/kustomization.yaml
deleted file mode 100644
index 22e43b0eb24cacc88dd3b4c3ab75fae91ec51ab3..0000000000000000000000000000000000000000
--- a/clusters/okd4/cert-manager/kustomization.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-- clusterIssuer.yaml
diff --git a/clusters/okd4/flux-system/gotk-components.yaml b/clusters/okd4/flux-system/gotk-components.yaml
deleted file mode 100644
index 3369531aadec1449685776fb363081ef2824c375..0000000000000000000000000000000000000000
--- a/clusters/okd4/flux-system/gotk-components.yaml
+++ /dev/null
@@ -1,3543 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: flux-system
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
- creationTimestamp: null
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: alerts.notification.toolkit.fluxcd.io
-spec:
- group: notification.toolkit.fluxcd.io
- names:
- kind: Alert
- listKind: AlertList
- plural: alerts
- singular: alert
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Alert is the Schema for the alerts API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: AlertSpec defines an alerting rule for events involving a
- list of objects
- properties:
- eventSeverity:
- default: info
- description: Filter events based on severity, defaults to ('info').
- If set to 'info' no events will be filtered.
- enum:
- - info
- - error
- type: string
- eventSources:
- description: Filter events based on the involved objects.
- items:
- description: CrossNamespaceObjectReference contains enough information
- to let you locate the typed referenced object at cluster level
- properties:
- apiVersion:
- description: API version of the referent
- type: string
- kind:
- description: Kind of the referent
- enum:
- - Bucket
- - GitRepository
- - Kustomization
- - HelmRelease
- - HelmChart
- - HelmRepository
- - ImageRepository
- - ImagePolicy
- - ImageUpdateAutomation
- type: string
- name:
- description: Name of the referent
- maxLength: 53
- minLength: 1
- type: string
- namespace:
- description: Namespace of the referent
- maxLength: 53
- minLength: 1
- type: string
- required:
- - name
- type: object
- type: array
- exclusionList:
- description: A list of Golang regular expressions to be used for excluding
- messages.
- items:
- type: string
- type: array
- providerRef:
- description: Send events using this provider.
- properties:
- name:
- description: Name of the referent
- type: string
- required:
- - name
- type: object
- summary:
- description: Short description of the impact and affected cluster.
- type: string
- suspend:
- description: This flag tells the controller to suspend subsequent
- events dispatching. Defaults to false.
- type: boolean
- required:
- - eventSources
- - providerRef
- type: object
- status:
- description: AlertStatus defines the observed state of Alert
- properties:
- conditions:
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a
- foo's current state. // Known .status.conditions.type are:
- \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
- \ // +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: message is a human readable message indicating
- details about the transition. This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers
- of specific condition types may define expected values and
- meanings for this field, and whether the values are considered
- a guaranteed API. The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- observedGeneration:
- description: ObservedGeneration is the last observed generation.
- format: int64
- type: integer
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
- creationTimestamp: null
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: buckets.source.toolkit.fluxcd.io
-spec:
- group: source.toolkit.fluxcd.io
- names:
- kind: Bucket
- listKind: BucketList
- plural: buckets
- singular: bucket
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .spec.url
- name: URL
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Bucket is the Schema for the buckets API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: BucketSpec defines the desired state of an S3 compatible
- bucket
- properties:
- bucketName:
- description: The bucket name.
- type: string
- endpoint:
- description: The bucket endpoint address.
- type: string
- ignore:
- description: Ignore overrides the set of excluded patterns in the
- .sourceignore format (which is the same as .gitignore). If not provided,
- a default will be used, consult the documentation for your version
- to find out what those are.
- type: string
- insecure:
- description: Insecure allows connecting to a non-TLS S3 HTTP endpoint.
- type: boolean
- interval:
- description: The interval at which to check for bucket updates.
- type: string
- provider:
- default: generic
- description: The S3 compatible storage provider name, default ('generic').
- enum:
- - generic
- - aws
- type: string
- region:
- description: The bucket region.
- type: string
- secretRef:
- description: The name of the secret containing authentication credentials
- for the Bucket.
- properties:
- name:
- description: Name of the referent
- type: string
- required:
- - name
- type: object
- suspend:
- description: This flag tells the controller to suspend the reconciliation
- of this source.
- type: boolean
- timeout:
- default: 20s
- description: The timeout for download operations, defaults to 20s.
- type: string
- required:
- - bucketName
- - endpoint
- - interval
- type: object
- status:
- description: BucketStatus defines the observed state of a bucket
- properties:
- artifact:
- description: Artifact represents the output of the last successful
- Bucket sync.
- properties:
- checksum:
- description: Checksum is the SHA1 checksum of the artifact.
- type: string
- lastUpdateTime:
- description: LastUpdateTime is the timestamp corresponding to
- the last update of this artifact.
- format: date-time
- type: string
- path:
- description: Path is the relative file path of this artifact.
- type: string
- revision:
- description: Revision is a human readable identifier traceable
- in the origin source system. It can be a Git commit SHA, Git
- tag, a Helm index timestamp, a Helm chart version, etc.
- type: string
- url:
- description: URL is the HTTP address of this artifact.
- type: string
- required:
- - path
- - url
- type: object
- conditions:
- description: Conditions holds the conditions for the Bucket.
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a
- foo's current state. // Known .status.conditions.type are:
- \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
- \ // +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: message is a human readable message indicating
- details about the transition. This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers
- of specific condition types may define expected values and
- meanings for this field, and whether the values are considered
- a guaranteed API. The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- lastHandledReconcileAt:
- description: LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change can be detected.
- type: string
- observedGeneration:
- description: ObservedGeneration is the last observed generation.
- format: int64
- type: integer
- url:
- description: URL is the download link for the artifact output of the
- last Bucket sync.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
- creationTimestamp: null
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: gitrepositories.source.toolkit.fluxcd.io
-spec:
- group: source.toolkit.fluxcd.io
- names:
- kind: GitRepository
- listKind: GitRepositoryList
- plural: gitrepositories
- shortNames:
- - gitrepo
- singular: gitrepository
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .spec.url
- name: URL
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: GitRepository is the Schema for the gitrepositories API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: GitRepositorySpec defines the desired state of a Git repository.
- properties:
- gitImplementation:
- default: go-git
- description: Determines which git client library to use. Defaults
- to go-git, valid values are ('go-git', 'libgit2').
- enum:
- - go-git
- - libgit2
- type: string
- ignore:
- description: Ignore overrides the set of excluded patterns in the
- .sourceignore format (which is the same as .gitignore). If not provided,
- a default will be used, consult the documentation for your version
- to find out what those are.
- type: string
- include:
- description: Extra git repositories to map into the repository
- items:
- description: GitRepositoryInclude defines a source with a from and
- to path.
- properties:
- fromPath:
- description: The path to copy contents from, defaults to the
- root directory.
- type: string
- repository:
- description: Reference to a GitRepository to include.
- properties:
- name:
- description: Name of the referent
- type: string
- required:
- - name
- type: object
- toPath:
- description: The path to copy contents to, defaults to the name
- of the source ref.
- type: string
- required:
- - repository
- type: object
- type: array
- interval:
- description: The interval at which to check for repository updates.
- type: string
- recurseSubmodules:
- description: When enabled, after the clone is created, initializes
- all submodules within, using their default settings. This option
- is available only when using the 'go-git' GitImplementation.
- type: boolean
- ref:
- description: The Git reference to checkout and monitor for changes,
- defaults to master branch.
- properties:
- branch:
- default: master
- description: The Git branch to checkout, defaults to master.
- type: string
- commit:
- description: The Git commit SHA to checkout, if specified Tag
- filters will be ignored.
- type: string
- semver:
- description: The Git tag semver expression, takes precedence over
- Tag.
- type: string
- tag:
- description: The Git tag to checkout, takes precedence over Branch.
- type: string
- type: object
- secretRef:
- description: The secret name containing the Git credentials. For HTTPS
- repositories the secret must contain username and password fields.
- For SSH repositories the secret must contain identity, identity.pub
- and known_hosts fields.
- properties:
- name:
- description: Name of the referent
- type: string
- required:
- - name
- type: object
- suspend:
- description: This flag tells the controller to suspend the reconciliation
- of this source.
- type: boolean
- timeout:
- default: 20s
- description: The timeout for remote Git operations like cloning, defaults
- to 20s.
- type: string
- url:
- description: The repository URL, can be a HTTP/S or SSH address.
- pattern: ^(http|https|ssh)://
- type: string
- verify:
- description: Verify OpenPGP signature for the Git commit HEAD points
- to.
- properties:
- mode:
- description: Mode describes what git object should be verified,
- currently ('head').
- enum:
- - head
- type: string
- secretRef:
- description: The secret name containing the public keys of all
- trusted Git authors.
- properties:
- name:
- description: Name of the referent
- type: string
- required:
- - name
- type: object
- required:
- - mode
- type: object
- required:
- - interval
- - url
- type: object
- status:
- description: GitRepositoryStatus defines the observed state of a Git repository.
- properties:
- artifact:
- description: Artifact represents the output of the last successful
- repository sync.
- properties:
- checksum:
- description: Checksum is the SHA1 checksum of the artifact.
- type: string
- lastUpdateTime:
- description: LastUpdateTime is the timestamp corresponding to
- the last update of this artifact.
- format: date-time
- type: string
- path:
- description: Path is the relative file path of this artifact.
- type: string
- revision:
- description: Revision is a human readable identifier traceable
- in the origin source system. It can be a Git commit SHA, Git
- tag, a Helm index timestamp, a Helm chart version, etc.
- type: string
- url:
- description: URL is the HTTP address of this artifact.
- type: string
- required:
- - path
- - url
- type: object
- conditions:
- description: Conditions holds the conditions for the GitRepository.
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a
- foo's current state. // Known .status.conditions.type are:
- \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
- \ // +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: message is a human readable message indicating
- details about the transition. This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers
- of specific condition types may define expected values and
- meanings for this field, and whether the values are considered
- a guaranteed API. The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- includedArtifacts:
- description: IncludedArtifacts represents the included artifacts from
- the last successful repository sync.
- items:
- description: Artifact represents the output of a source synchronisation.
- properties:
- checksum:
- description: Checksum is the SHA1 checksum of the artifact.
- type: string
- lastUpdateTime:
- description: LastUpdateTime is the timestamp corresponding to
- the last update of this artifact.
- format: date-time
- type: string
- path:
- description: Path is the relative file path of this artifact.
- type: string
- revision:
- description: Revision is a human readable identifier traceable
- in the origin source system. It can be a Git commit SHA, Git
- tag, a Helm index timestamp, a Helm chart version, etc.
- type: string
- url:
- description: URL is the HTTP address of this artifact.
- type: string
- required:
- - path
- - url
- type: object
- type: array
- lastHandledReconcileAt:
- description: LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change can be detected.
- type: string
- observedGeneration:
- description: ObservedGeneration is the last observed generation.
- format: int64
- type: integer
- url:
- description: URL is the download link for the artifact output of the
- last repository sync.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
- creationTimestamp: null
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: helmcharts.source.toolkit.fluxcd.io
-spec:
- group: source.toolkit.fluxcd.io
- names:
- kind: HelmChart
- listKind: HelmChartList
- plural: helmcharts
- shortNames:
- - hc
- singular: helmchart
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .spec.chart
- name: Chart
- type: string
- - jsonPath: .spec.version
- name: Version
- type: string
- - jsonPath: .spec.sourceRef.kind
- name: Source Kind
- type: string
- - jsonPath: .spec.sourceRef.name
- name: Source Name
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: HelmChart is the Schema for the helmcharts API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: HelmChartSpec defines the desired state of a Helm chart.
- properties:
- chart:
- description: The name or path the Helm chart is available at in the
- SourceRef.
- type: string
- interval:
- description: The interval at which to check the Source for updates.
- type: string
- sourceRef:
- description: The reference to the Source the chart is available at.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: Kind of the referent, valid values are ('HelmRepository',
- 'GitRepository', 'Bucket').
- enum:
- - HelmRepository
- - GitRepository
- - Bucket
- type: string
- name:
- description: Name of the referent.
- type: string
- required:
- - kind
- - name
- type: object
- suspend:
- description: This flag tells the controller to suspend the reconciliation
- of this source.
- type: boolean
- valuesFile:
- description: Alternative values file to use as the default chart values,
- expected to be a relative path in the SourceRef. Deprecated in favor
- of ValuesFiles, for backwards compatibility the file defined here
- is merged before the ValuesFiles items. Ignored when omitted.
- type: string
- valuesFiles:
- description: Alternative list of values files to use as the chart
- values (values.yaml is not included by default), expected to be
- a relative path in the SourceRef. Values files are merged in the
- order of this list with the last file overriding the first. Ignored
- when omitted.
- items:
- type: string
- type: array
- version:
- default: '*'
- description: The chart version semver expression, ignored for charts
- from GitRepository and Bucket sources. Defaults to latest when omitted.
- type: string
- required:
- - chart
- - interval
- - sourceRef
- type: object
- status:
- description: HelmChartStatus defines the observed state of the HelmChart.
- properties:
- artifact:
- description: Artifact represents the output of the last successful
- chart sync.
- properties:
- checksum:
- description: Checksum is the SHA1 checksum of the artifact.
- type: string
- lastUpdateTime:
- description: LastUpdateTime is the timestamp corresponding to
- the last update of this artifact.
- format: date-time
- type: string
- path:
- description: Path is the relative file path of this artifact.
- type: string
- revision:
- description: Revision is a human readable identifier traceable
- in the origin source system. It can be a Git commit SHA, Git
- tag, a Helm index timestamp, a Helm chart version, etc.
- type: string
- url:
- description: URL is the HTTP address of this artifact.
- type: string
- required:
- - path
- - url
- type: object
- conditions:
- description: Conditions holds the conditions for the HelmChart.
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a
- foo's current state. // Known .status.conditions.type are:
- \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
- \ // +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: message is a human readable message indicating
- details about the transition. This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers
- of specific condition types may define expected values and
- meanings for this field, and whether the values are considered
- a guaranteed API. The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- lastHandledReconcileAt:
- description: LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change can be detected.
- type: string
- observedGeneration:
- description: ObservedGeneration is the last observed generation.
- format: int64
- type: integer
- url:
- description: URL is the download link for the last chart pulled.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
- creationTimestamp: null
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: helmreleases.helm.toolkit.fluxcd.io
-spec:
- group: helm.toolkit.fluxcd.io
- names:
- kind: HelmRelease
- listKind: HelmReleaseList
- plural: helmreleases
- shortNames:
- - hr
- singular: helmrelease
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v2beta1
- schema:
- openAPIV3Schema:
- description: HelmRelease is the Schema for the helmreleases API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: HelmReleaseSpec defines the desired state of a Helm release.
- properties:
- chart:
- description: Chart defines the template of the v1beta1.HelmChart that
- should be created for this HelmRelease.
- properties:
- spec:
- description: Spec holds the template for the v1beta1.HelmChartSpec
- for this HelmRelease.
- properties:
- chart:
- description: The name or path the Helm chart is available
- at in the SourceRef.
- type: string
- interval:
- description: Interval at which to check the v1beta1.Source
- for updates. Defaults to 'HelmReleaseSpec.Interval'.
- type: string
- sourceRef:
- description: The name and namespace of the v1beta1.Source
- the chart is available at.
- properties:
- apiVersion:
- description: APIVersion of the referent.
- type: string
- kind:
- description: Kind of the referent.
- enum:
- - HelmRepository
- - GitRepository
- - Bucket
- type: string
- name:
- description: Name of the referent.
- maxLength: 253
- minLength: 1
- type: string
- namespace:
- description: Namespace of the referent.
- maxLength: 63
- minLength: 1
- type: string
- required:
- - name
- type: object
- valuesFile:
- description: Alternative values file to use as the default
- chart values, expected to be a relative path in the SourceRef.
- Deprecated in favor of ValuesFiles, for backwards compatibility
- the file defined here is merged before the ValuesFiles items.
- Ignored when omitted.
- type: string
- valuesFiles:
- description: Alternative list of values files to use as the
- chart values (values.yaml is not included by default), expected
- to be a relative path in the SourceRef. Values files are
- merged in the order of this list with the last file overriding
- the first. Ignored when omitted.
- items:
- type: string
- type: array
- version:
- default: '*'
- description: Version semver expression, ignored for charts
- from v1beta1.GitRepository and v1beta1.Bucket sources. Defaults
- to latest when omitted.
- type: string
- required:
- - chart
- - sourceRef
- type: object
- required:
- - spec
- type: object
- dependsOn:
- description: DependsOn may contain a dependency.CrossNamespaceDependencyReference
- slice with references to HelmRelease resources that must be ready
- before this HelmRelease can be reconciled.
- items:
- description: CrossNamespaceDependencyReference holds the reference
- to a dependency.
- properties:
- name:
- description: Name holds the name reference of a dependency.
- type: string
- namespace:
- description: Namespace holds the namespace reference of a dependency.
- type: string
- required:
- - name
- type: object
- type: array
- install:
- description: Install holds the configuration for Helm install actions
- for this HelmRelease.
- properties:
- crds:
- description: "CRDs upgrade CRDs from the Helm Chart's crds directory
- according to the CRD upgrade policy provided here. Valid values
- are `Skip`, `Create` or `CreateReplace`. Default is `Create`
- and if omitted CRDs are installed but not updated. \n Skip:
- do neither install nor replace (update) any CRDs. \n Create:
- new CRDs are created, existing CRDs are neither updated nor
- deleted. \n CreateReplace: new CRDs are created, existing CRDs
- are updated (replaced) but not deleted. \n By default, CRDs
- are applied (installed) during Helm install action. With this
- option users can opt-in to CRD replace existing CRDs on Helm
- install actions, which is not (yet) natively supported by Helm.
- https://helm.sh/docs/chart_best_practices/custom_resource_definitions."
- enum:
- - Skip
- - Create
- - CreateReplace
- type: string
- createNamespace:
- description: CreateNamespace tells the Helm install action to
- create the HelmReleaseSpec.TargetNamespace if it does not exist
- yet. On uninstall, the namespace will not be garbage collected.
- type: boolean
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm install action.
- type: boolean
- disableOpenAPIValidation:
- description: DisableOpenAPIValidation prevents the Helm install
- action from validating rendered templates against the Kubernetes
- OpenAPI Schema.
- type: boolean
- disableWait:
- description: DisableWait disables the waiting for resources to
- be ready after a Helm install has been performed.
- type: boolean
- disableWaitForJobs:
- description: DisableWaitForJobs disables waiting for jobs to complete
- after a Helm install has been performed.
- type: boolean
- remediation:
- description: Remediation holds the remediation configuration for
- when the Helm install action for the HelmRelease fails. The
- default is to not perform any action.
- properties:
- ignoreTestFailures:
- description: IgnoreTestFailures tells the controller to skip
- remediation when the Helm tests are run after an install
- action but fail. Defaults to 'Test.IgnoreFailures'.
- type: boolean
- remediateLastFailure:
- description: RemediateLastFailure tells the controller to
- remediate the last failure, when no retries remain. Defaults
- to 'false'.
- type: boolean
- retries:
- description: Retries is the number of retries that should
- be attempted on failures before bailing. Remediation, using
- an uninstall, is performed between each attempt. Defaults
- to '0', a negative integer equals to unlimited retries.
- type: integer
- type: object
- replace:
- description: Replace tells the Helm install action to re-use the
- 'ReleaseName', but only if that name is a deleted release which
- remains in the history.
- type: boolean
- skipCRDs:
- description: "SkipCRDs tells the Helm install action to not install
- any CRDs. By default, CRDs are installed if not already present.
- \n Deprecated use CRD policy (`crds`) attribute with value `Skip`
- instead."
- type: boolean
- timeout:
- description: Timeout is the time to wait for any individual Kubernetes
- operation (like Jobs for hooks) during the performance of a
- Helm install action. Defaults to 'HelmReleaseSpec.Timeout'.
- type: string
- type: object
- interval:
- description: Interval at which to reconcile the Helm release.
- type: string
- kubeConfig:
- description: KubeConfig for reconciling the HelmRelease on a remote
- cluster. When specified, KubeConfig takes precedence over ServiceAccountName.
- properties:
- secretRef:
- description: SecretRef holds the name to a secret that contains
- a 'value' key with the kubeconfig file as the value. It must
- be in the same namespace as the HelmRelease. It is recommended
- that the kubeconfig is self-contained, and the secret is regularly
- updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without
- adding binaries and credentials to the Pod that is responsible
- for reconciling the HelmRelease.
- properties:
- name:
- description: Name of the referent
- type: string
- required:
- - name
- type: object
- type: object
- maxHistory:
- description: MaxHistory is the number of revisions saved by Helm for
- this HelmRelease. Use '0' for an unlimited number of revisions;
- defaults to '10'.
- type: integer
- postRenderers:
- description: PostRenderers holds an array of Helm PostRenderers, which
- will be applied in order of their definition.
- items:
- description: PostRenderer contains a Helm PostRenderer specification.
- properties:
- kustomize:
- description: Kustomization to apply as PostRenderer.
- properties:
- images:
- description: Images is a list of (image name, new name,
- new tag or digest) for changing image names, tags or digests.
- This can also be achieved with a patch, but this operator
- is simpler to specify.
- items:
- description: Image contains an image name, a new name,
- a new tag or digest, which will replace the original
- name and tag.
- properties:
- digest:
- description: Digest is the value used to replace the
- original image tag. If digest is present NewTag
- value is ignored.
- type: string
- name:
- description: Name is a tag-less image name.
- type: string
- newName:
- description: NewName is the value used to replace
- the original name.
- type: string
- newTag:
- description: NewTag is the value used to replace the
- original tag.
- type: string
- required:
- - name
- type: object
- type: array
- patchesJson6902:
- description: JSON 6902 patches, defined as inline YAML objects.
- items:
- description: JSON6902Patch contains a JSON6902 patch and
- the target the patch should be applied to.
- properties:
- patch:
- description: Patch contains the JSON6902 patch document
- with an array of operation objects.
- items:
- description: JSON6902 is a JSON6902 operation object.
- https://tools.ietf.org/html/rfc6902#section-4
- properties:
- from:
- type: string
- op:
- enum:
- - test
- - remove
- - add
- - replace
- - move
- - copy
- type: string
- path:
- type: string
- value:
- x-kubernetes-preserve-unknown-fields: true
- required:
- - op
- - path
- type: object
- type: array
- target:
- description: Target points to the resources that the
- patch document should be applied to.
- properties:
- annotationSelector:
- description: AnnotationSelector is a string that
- follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: Group is the API group to select
- resources from. Together with Version and Kind
- it is capable of unambiguously identifying and/or
- selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: Kind of the API Group to select resources
- from. Together with Group and Version it is
- capable of unambiguously identifying and/or
- selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: LabelSelector is a string that follows
- the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: Version of the API Group to select
- resources from. Together with Group and Kind
- it is capable of unambiguously identifying and/or
- selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - patch
- - target
- type: object
- type: array
- patchesStrategicMerge:
- description: Strategic merge patches, defined as inline
- YAML objects.
- items:
- x-kubernetes-preserve-unknown-fields: true
- type: array
- type: object
- type: object
- type: array
- releaseName:
- description: ReleaseName used for the Helm release. Defaults to a
- composition of '[TargetNamespace-]Name'.
- maxLength: 53
- minLength: 1
- type: string
- rollback:
- description: Rollback holds the configuration for Helm rollback actions
- for this HelmRelease.
- properties:
- cleanupOnFail:
- description: CleanupOnFail allows deletion of new resources created
- during the Helm rollback action when it fails.
- type: boolean
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm rollback action.
- type: boolean
- disableWait:
- description: DisableWait disables the waiting for resources to
- be ready after a Helm rollback has been performed.
- type: boolean
- disableWaitForJobs:
- description: DisableWaitForJobs disables waiting for jobs to complete
- after a Helm rollback has been performed.
- type: boolean
- force:
- description: Force forces resource updates through a replacement
- strategy.
- type: boolean
- recreate:
- description: Recreate performs pod restarts for the resource if
- applicable.
- type: boolean
- timeout:
- description: Timeout is the time to wait for any individual Kubernetes
- operation (like Jobs for hooks) during the performance of a
- Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'.
- type: string
- type: object
- serviceAccountName:
- description: The name of the Kubernetes service account to impersonate
- when reconciling this HelmRelease.
- type: string
- storageNamespace:
- description: StorageNamespace used for the Helm storage. Defaults
- to the namespace of the HelmRelease.
- maxLength: 63
- minLength: 1
- type: string
- suspend:
- description: Suspend tells the controller to suspend reconciliation
- for this HelmRelease, it does not apply to already started reconciliations.
- Defaults to false.
- type: boolean
- targetNamespace:
- description: TargetNamespace to target when performing operations
- for the HelmRelease. Defaults to the namespace of the HelmRelease.
- maxLength: 63
- minLength: 1
- type: string
- test:
- description: Test holds the configuration for Helm test actions for
- this HelmRelease.
- properties:
- enable:
- description: Enable enables Helm test actions for this HelmRelease
- after an Helm install or upgrade action has been performed.
- type: boolean
- ignoreFailures:
- description: IgnoreFailures tells the controller to skip remediation
- when the Helm tests are run but fail. Can be overwritten for
- tests run after install or upgrade actions in 'Install.IgnoreTestFailures'
- and 'Upgrade.IgnoreTestFailures'.
- type: boolean
- timeout:
- description: Timeout is the time to wait for any individual Kubernetes
- operation during the performance of a Helm test action. Defaults
- to 'HelmReleaseSpec.Timeout'.
- type: string
- type: object
- timeout:
- description: Timeout is the time to wait for any individual Kubernetes
- operation (like Jobs for hooks) during the performance of a Helm
- action. Defaults to '5m0s'.
- type: string
- uninstall:
- description: Uninstall holds the configuration for Helm uninstall
- actions for this HelmRelease.
- properties:
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm rollback action.
- type: boolean
- keepHistory:
- description: KeepHistory tells Helm to remove all associated resources
- and mark the release as deleted, but retain the release history.
- type: boolean
- timeout:
- description: Timeout is the time to wait for any individual Kubernetes
- operation (like Jobs for hooks) during the performance of a
- Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'.
- type: string
- type: object
- upgrade:
- description: Upgrade holds the configuration for Helm upgrade actions
- for this HelmRelease.
- properties:
- cleanupOnFail:
- description: CleanupOnFail allows deletion of new resources created
- during the Helm upgrade action when it fails.
- type: boolean
- crds:
- description: "CRDs upgrade CRDs from the Helm Chart's crds directory
- according to the CRD upgrade policy provided here. Valid values
- are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and
- if omitted CRDs are neither installed nor upgraded. \n Skip:
- do neither install nor replace (update) any CRDs. \n Create:
- new CRDs are created, existing CRDs are neither updated nor
- deleted. \n CreateReplace: new CRDs are created, existing CRDs
- are updated (replaced) but not deleted. \n By default, CRDs
- are not applied during Helm upgrade action. With this option
- users can opt-in to CRD upgrade, which is not (yet) natively
- supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions."
- enum:
- - Skip
- - Create
- - CreateReplace
- type: string
- disableHooks:
- description: DisableHooks prevents hooks from running during the
- Helm upgrade action.
- type: boolean
- disableOpenAPIValidation:
- description: DisableOpenAPIValidation prevents the Helm upgrade
- action from validating rendered templates against the Kubernetes
- OpenAPI Schema.
- type: boolean
- disableWait:
- description: DisableWait disables the waiting for resources to
- be ready after a Helm upgrade has been performed.
- type: boolean
- disableWaitForJobs:
- description: DisableWaitForJobs disables waiting for jobs to complete
- after a Helm upgrade has been performed.
- type: boolean
- force:
- description: Force forces resource updates through a replacement
- strategy.
- type: boolean
- preserveValues:
- description: PreserveValues will make Helm reuse the last release's
- values and merge in overrides from 'Values'. Setting this flag
- makes the HelmRelease non-declarative.
- type: boolean
- remediation:
- description: Remediation holds the remediation configuration for
- when the Helm upgrade action for the HelmRelease fails. The
- default is to not perform any action.
- properties:
- ignoreTestFailures:
- description: IgnoreTestFailures tells the controller to skip
- remediation when the Helm tests are run after an upgrade
- action but fail. Defaults to 'Test.IgnoreFailures'.
- type: boolean
- remediateLastFailure:
- description: RemediateLastFailure tells the controller to
- remediate the last failure, when no retries remain. Defaults
- to 'false' unless 'Retries' is greater than 0.
- type: boolean
- retries:
- description: Retries is the number of retries that should
- be attempted on failures before bailing. Remediation, using
- 'Strategy', is performed between each attempt. Defaults
- to '0', a negative integer equals to unlimited retries.
- type: integer
- strategy:
- description: Strategy to use for failure remediation. Defaults
- to 'rollback'.
- enum:
- - rollback
- - uninstall
- type: string
- type: object
- timeout:
- description: Timeout is the time to wait for any individual Kubernetes
- operation (like Jobs for hooks) during the performance of a
- Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'.
- type: string
- type: object
- values:
- description: Values holds the values for this Helm release.
- x-kubernetes-preserve-unknown-fields: true
- valuesFrom:
- description: ValuesFrom holds references to resources containing Helm
- values for this HelmRelease, and information about how they should
- be merged.
- items:
- description: ValuesReference contains a reference to a resource
- containing Helm values, and optionally the key they can be found
- at.
- properties:
- kind:
- description: Kind of the values referent, valid values are ('Secret',
- 'ConfigMap').
- enum:
- - Secret
- - ConfigMap
- type: string
- name:
- description: Name of the values referent. Should reside in the
- same namespace as the referring resource.
- maxLength: 253
- minLength: 1
- type: string
- optional:
- description: Optional marks this ValuesReference as optional.
- When set, a not found error for the values reference is ignored,
- but any ValuesKey, TargetPath or transient error will still
- result in a reconciliation failure.
- type: boolean
- targetPath:
- description: TargetPath is the YAML dot notation path the value
- should be merged at. When set, the ValuesKey is expected to
- be a single flat value. Defaults to 'None', which results
- in the values getting merged at the root.
- type: string
- valuesKey:
- description: ValuesKey is the data key where the values.yaml
- or a specific value can be found at. Defaults to 'values.yaml'.
- type: string
- required:
- - kind
- - name
- type: object
- type: array
- required:
- - chart
- - interval
- type: object
- status:
- default:
- observedGeneration: -1
- description: HelmReleaseStatus defines the observed state of a HelmRelease.
- properties:
- conditions:
- description: Conditions holds the conditions for the HelmRelease.
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a
- foo's current state. // Known .status.conditions.type are:
- \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
- \ // +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: message is a human readable message indicating
- details about the transition. This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers
- of specific condition types may define expected values and
- meanings for this field, and whether the values are considered
- a guaranteed API. The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- failures:
- description: Failures is the reconciliation failure count against
- the latest desired state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- helmChart:
- description: HelmChart is the namespaced name of the HelmChart resource
- created by the controller for the HelmRelease.
- type: string
- installFailures:
- description: InstallFailures is the install failure count against
- the latest desired state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- lastAppliedRevision:
- description: LastAppliedRevision is the revision of the last successfully
- applied source.
- type: string
- lastAttemptedRevision:
- description: LastAttemptedRevision is the revision of the last reconciliation
- attempt.
- type: string
- lastAttemptedValuesChecksum:
- description: LastAttemptedValuesChecksum is the SHA1 checksum of the
- values of the last reconciliation attempt.
- type: string
- lastHandledReconcileAt:
- description: LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change can be detected.
- type: string
- lastReleaseRevision:
- description: LastReleaseRevision is the revision of the last successful
- Helm release.
- type: integer
- observedGeneration:
- description: ObservedGeneration is the last observed generation.
- format: int64
- type: integer
- upgradeFailures:
- description: UpgradeFailures is the upgrade failure count against
- the latest desired state. It is reset after a successful reconciliation.
- format: int64
- type: integer
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
- creationTimestamp: null
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: helmrepositories.source.toolkit.fluxcd.io
-spec:
- group: source.toolkit.fluxcd.io
- names:
- kind: HelmRepository
- listKind: HelmRepositoryList
- plural: helmrepositories
- shortNames:
- - helmrepo
- singular: helmrepository
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .spec.url
- name: URL
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: HelmRepository is the Schema for the helmrepositories API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: HelmRepositorySpec defines the reference to a Helm repository.
- properties:
- interval:
- description: The interval at which to check the upstream for updates.
- type: string
- passCredentials:
- description: PassCredentials allows the credentials from the SecretRef
- to be passed on to a host that does not match the host as defined
- in URL. This may be required if the host of the advertised chart
- URLs in the index differ from the defined URL. Enabling this should
- be done with caution, as it can potentially result in credentials
- getting stolen in a MITM-attack.
- type: boolean
- secretRef:
- description: The name of the secret containing authentication credentials
- for the Helm repository. For HTTP/S basic auth the secret must contain
- username and password fields. For TLS the secret must contain a
- certFile and keyFile, and/or caCert fields.
- properties:
- name:
- description: Name of the referent
- type: string
- required:
- - name
- type: object
- suspend:
- description: This flag tells the controller to suspend the reconciliation
- of this source.
- type: boolean
- timeout:
- default: 60s
- description: The timeout of index downloading, defaults to 60s.
- type: string
- url:
- description: The Helm repository URL, a valid URL contains at least
- a protocol and host.
- type: string
- required:
- - interval
- - url
- type: object
- status:
- description: HelmRepositoryStatus defines the observed state of the HelmRepository.
- properties:
- artifact:
- description: Artifact represents the output of the last successful
- repository sync.
- properties:
- checksum:
- description: Checksum is the SHA1 checksum of the artifact.
- type: string
- lastUpdateTime:
- description: LastUpdateTime is the timestamp corresponding to
- the last update of this artifact.
- format: date-time
- type: string
- path:
- description: Path is the relative file path of this artifact.
- type: string
- revision:
- description: Revision is a human readable identifier traceable
- in the origin source system. It can be a Git commit SHA, Git
- tag, a Helm index timestamp, a Helm chart version, etc.
- type: string
- url:
- description: URL is the HTTP address of this artifact.
- type: string
- required:
- - path
- - url
- type: object
- conditions:
- description: Conditions holds the conditions for the HelmRepository.
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a
- foo's current state. // Known .status.conditions.type are:
- \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
- \ // +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: message is a human readable message indicating
- details about the transition. This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers
- of specific condition types may define expected values and
- meanings for this field, and whether the values are considered
- a guaranteed API. The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- lastHandledReconcileAt:
- description: LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change can be detected.
- type: string
- observedGeneration:
- description: ObservedGeneration is the last observed generation.
- format: int64
- type: integer
- url:
- description: URL is the download link for the last index fetched.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
- creationTimestamp: null
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: kustomizations.kustomize.toolkit.fluxcd.io
-spec:
- group: kustomize.toolkit.fluxcd.io
- names:
- kind: Kustomization
- listKind: KustomizationList
- plural: kustomizations
- shortNames:
- - ks
- singular: kustomization
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Kustomization is the Schema for the kustomizations API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: KustomizationSpec defines the desired state of a kustomization.
- properties:
- decryption:
- description: Decrypt Kubernetes secrets before applying them on the
- cluster.
- properties:
- provider:
- description: Provider is the name of the decryption engine.
- enum:
- - sops
- type: string
- secretRef:
- description: The secret name containing the private OpenPGP keys
- used for decryption.
- properties:
- name:
- description: Name of the referent
- type: string
- required:
- - name
- type: object
- required:
- - provider
- type: object
- dependsOn:
- description: DependsOn may contain a dependency.CrossNamespaceDependencyReference
- slice with references to Kustomization resources that must be ready
- before this Kustomization can be reconciled.
- items:
- description: CrossNamespaceDependencyReference holds the reference
- to a dependency.
- properties:
- name:
- description: Name holds the name reference of a dependency.
- type: string
- namespace:
- description: Namespace holds the namespace reference of a dependency.
- type: string
- required:
- - name
- type: object
- type: array
- force:
- default: false
- description: Force instructs the controller to recreate resources
- when patching fails due to an immutable field change.
- type: boolean
- healthChecks:
- description: A list of resources to be included in the health assessment.
- items:
- description: NamespacedObjectKindReference contains enough information
- to let you locate the typed referenced object in any namespace
- properties:
- apiVersion:
- description: API version of the referent, if not specified the
- Kubernetes preferred version will be used
- type: string
- kind:
- description: Kind of the referent
- type: string
- name:
- description: Name of the referent
- type: string
- namespace:
- description: Namespace of the referent, when not specified it
- acts as LocalObjectReference
- type: string
- required:
- - kind
- - name
- type: object
- type: array
- images:
- description: Images is a list of (image name, new name, new tag or
- digest) for changing image names, tags or digests. This can also
- be achieved with a patch, but this operator is simpler to specify.
- items:
- description: Image contains an image name, a new name, a new tag
- or digest, which will replace the original name and tag.
- properties:
- digest:
- description: Digest is the value used to replace the original
- image tag. If digest is present NewTag value is ignored.
- type: string
- name:
- description: Name is a tag-less image name.
- type: string
- newName:
- description: NewName is the value used to replace the original
- name.
- type: string
- newTag:
- description: NewTag is the value used to replace the original
- tag.
- type: string
- required:
- - name
- type: object
- type: array
- interval:
- description: The interval at which to reconcile the Kustomization.
- type: string
- kubeConfig:
- description: The KubeConfig for reconciling the Kustomization on a
- remote cluster. When specified, KubeConfig takes precedence over
- ServiceAccountName.
- properties:
- secretRef:
- description: SecretRef holds the name to a secret that contains
- a 'value' key with the kubeconfig file as the value. It must
- be in the same namespace as the Kustomization. It is recommended
- that the kubeconfig is self-contained, and the secret is regularly
- updated if credentials such as a cloud-access-token expire.
- Cloud specific `cmd-path` auth helpers will not function without
- adding binaries and credentials to the Pod that is responsible
- for reconciling the Kustomization.
- properties:
- name:
- description: Name of the referent
- type: string
- required:
- - name
- type: object
- type: object
- patches:
- description: Strategic merge and JSON patches, defined as inline YAML
- objects, capable of targeting objects based on kind, label and annotation
- selectors.
- items:
- description: Patch contains either a StrategicMerge or a JSON6902
- patch, either a file or inline, and the target the patch should
- be applied to.
- properties:
- patch:
- description: Patch contains the JSON6902 patch document with
- an array of operation objects.
- type: string
- target:
- description: Target points to the resources that the patch document
- should be applied to.
- properties:
- annotationSelector:
- description: AnnotationSelector is a string that follows
- the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: Group is the API group to select resources
- from. Together with Version and Kind it is capable of
- unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: LabelSelector is a string that follows the
- label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: Version of the API Group to select resources
- from. Together with Group and Kind it is capable of unambiguously
- identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- type: object
- type: array
- patchesJson6902:
- description: JSON 6902 patches, defined as inline YAML objects.
- items:
- description: JSON6902Patch contains a JSON6902 patch and the target
- the patch should be applied to.
- properties:
- patch:
- description: Patch contains the JSON6902 patch document with
- an array of operation objects.
- items:
- description: JSON6902 is a JSON6902 operation object. https://tools.ietf.org/html/rfc6902#section-4
- properties:
- from:
- type: string
- op:
- enum:
- - test
- - remove
- - add
- - replace
- - move
- - copy
- type: string
- path:
- type: string
- value:
- x-kubernetes-preserve-unknown-fields: true
- required:
- - op
- - path
- type: object
- type: array
- target:
- description: Target points to the resources that the patch document
- should be applied to.
- properties:
- annotationSelector:
- description: AnnotationSelector is a string that follows
- the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource annotations.
- type: string
- group:
- description: Group is the API group to select resources
- from. Together with Version and Kind it is capable of
- unambiguously identifying and/or selecting resources.
- https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- kind:
- description: Kind of the API Group to select resources from.
- Together with Group and Version it is capable of unambiguously
- identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- labelSelector:
- description: LabelSelector is a string that follows the
- label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
- It matches with the resource labels.
- type: string
- name:
- description: Name to match resources with.
- type: string
- namespace:
- description: Namespace to select resources from.
- type: string
- version:
- description: Version of the API Group to select resources
- from. Together with Group and Kind it is capable of unambiguously
- identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
- type: string
- type: object
- required:
- - patch
- - target
- type: object
- type: array
- patchesStrategicMerge:
- description: Strategic merge patches, defined as inline YAML objects.
- items:
- x-kubernetes-preserve-unknown-fields: true
- type: array
- path:
- description: Path to the directory containing the kustomization.yaml
- file, or the set of plain YAMLs a kustomization.yaml should be generated
- for. Defaults to 'None', which translates to the root path of the
- SourceRef.
- type: string
- postBuild:
- description: PostBuild describes which actions to perform on the YAML
- manifest generated by building the kustomize overlay.
- properties:
- substitute:
- additionalProperties:
- type: string
- description: Substitute holds a map of key/value pairs. The variables
- defined in your YAML manifests that match any of the keys defined
- in the map will be substituted with the set value. Includes
- support for bash string replacement functions e.g. ${var:=default},
- ${var:position} and ${var/substring/replacement}.
- type: object
- substituteFrom:
- description: SubstituteFrom holds references to ConfigMaps and
- Secrets containing the variables and their values to be substituted
- in the YAML manifests. The ConfigMap and the Secret data keys
- represent the var names and they must match the vars declared
- in the manifests for the substitution to happen.
- items:
- description: SubstituteReference contains a reference to a resource
- containing the variables name and value.
- properties:
- kind:
- description: Kind of the values referent, valid values are
- ('Secret', 'ConfigMap').
- enum:
- - Secret
- - ConfigMap
- type: string
- name:
- description: Name of the values referent. Should reside
- in the same namespace as the referring resource.
- maxLength: 253
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- type: array
- type: object
- prune:
- description: Prune enables garbage collection.
- type: boolean
- retryInterval:
- description: The interval at which to retry a previously failed reconciliation.
- When not specified, the controller uses the KustomizationSpec.Interval
- value to retry failures.
- type: string
- serviceAccountName:
- description: The name of the Kubernetes service account to impersonate
- when reconciling this Kustomization.
- type: string
- sourceRef:
- description: Reference of the source where the kustomization file
- is.
- properties:
- apiVersion:
- description: API version of the referent
- type: string
- kind:
- description: Kind of the referent
- enum:
- - GitRepository
- - Bucket
- type: string
- name:
- description: Name of the referent
- type: string
- namespace:
- description: Namespace of the referent, defaults to the Kustomization
- namespace
- type: string
- required:
- - kind
- - name
- type: object
- suspend:
- description: This flag tells the controller to suspend subsequent
- kustomize executions, it does not apply to already started executions.
- Defaults to false.
- type: boolean
- targetNamespace:
- description: TargetNamespace sets or overrides the namespace in the
- kustomization.yaml file.
- maxLength: 63
- minLength: 1
- type: string
- timeout:
- description: Timeout for validation, apply and health checking operations.
- Defaults to 'Interval' duration.
- type: string
- validation:
- description: Validate the Kubernetes objects before applying them
- on the cluster. The validation strategy can be 'client' (local dry-run),
- 'server' (APIServer dry-run) or 'none'. When 'Force' is 'true',
- validation will fallback to 'client' if set to 'server' because
- server-side validation is not supported in this scenario.
- enum:
- - none
- - client
- - server
- type: string
- required:
- - interval
- - prune
- - sourceRef
- type: object
- status:
- description: KustomizationStatus defines the observed state of a kustomization.
- properties:
- conditions:
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a
- foo's current state. // Known .status.conditions.type are:
- \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
- \ // +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: message is a human readable message indicating
- details about the transition. This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers
- of specific condition types may define expected values and
- meanings for this field, and whether the values are considered
- a guaranteed API. The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- lastAppliedRevision:
- description: The last successfully applied revision. The revision
- format for Git sources is <branch|tag>/<commit-sha>.
- type: string
- lastAttemptedRevision:
- description: LastAttemptedRevision is the revision of the last reconciliation
- attempt.
- type: string
- lastHandledReconcileAt:
- description: LastHandledReconcileAt holds the value of the most recent
- reconcile request value, so a change can be detected.
- type: string
- observedGeneration:
- description: ObservedGeneration is the last reconciled generation.
- format: int64
- type: integer
- snapshot:
- description: The last successfully applied revision metadata.
- properties:
- checksum:
- description: The manifests sha1 checksum.
- type: string
- entries:
- description: A list of Kubernetes kinds grouped by namespace.
- items:
- description: Snapshot holds the metadata of namespaced Kubernetes
- objects
- properties:
- kinds:
- additionalProperties:
- type: string
- description: The list of Kubernetes kinds.
- type: object
- namespace:
- description: The namespace of this entry.
- type: string
- required:
- - kinds
- type: object
- type: array
- required:
- - checksum
- - entries
- type: object
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
- creationTimestamp: null
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: providers.notification.toolkit.fluxcd.io
-spec:
- group: notification.toolkit.fluxcd.io
- names:
- kind: Provider
- listKind: ProviderList
- plural: providers
- singular: provider
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Provider is the Schema for the providers API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ProviderSpec defines the desired state of Provider
- properties:
- address:
- description: HTTP/S webhook address of this provider
- pattern: ^(http|https)://
- type: string
- certSecretRef:
- description: CertSecretRef can be given the name of a secret containing
- a PEM-encoded CA certificate (`caFile`)
- properties:
- name:
- description: Name of the referent
- type: string
- required:
- - name
- type: object
- channel:
- description: Alert channel for this provider
- type: string
- proxy:
- description: HTTP/S address of the proxy
- pattern: ^(http|https)://
- type: string
- secretRef:
- description: Secret reference containing the provider webhook URL
- using "address" as data key
- properties:
- name:
- description: Name of the referent
- type: string
- required:
- - name
- type: object
- type:
- description: Type of provider
- enum:
- - slack
- - discord
- - msteams
- - rocket
- - generic
- - github
- - gitlab
- - bitbucket
- - azuredevops
- - googlechat
- - webex
- - sentry
- - azureeventhub
- type: string
- username:
- description: Bot username for this provider
- type: string
- required:
- - type
- type: object
- status:
- description: ProviderStatus defines the observed state of Provider
- properties:
- conditions:
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a
- foo's current state. // Known .status.conditions.type are:
- \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
- \ // +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: message is a human readable message indicating
- details about the transition. This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers
- of specific condition types may define expected values and
- meanings for this field, and whether the values are considered
- a guaranteed API. The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
- creationTimestamp: null
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: receivers.notification.toolkit.fluxcd.io
-spec:
- group: notification.toolkit.fluxcd.io
- names:
- kind: Receiver
- listKind: ReceiverList
- plural: receivers
- singular: receiver
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].message
- name: Status
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Receiver is the Schema for the receivers API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ReceiverSpec defines the desired state of Receiver
- properties:
- events:
- description: A list of events to handle, e.g. 'push' for GitHub or
- 'Push Hook' for GitLab.
- items:
- type: string
- type: array
- resources:
- description: A list of resources to be notified about changes.
- items:
- description: CrossNamespaceObjectReference contains enough information
- to let you locate the typed referenced object at cluster level
- properties:
- apiVersion:
- description: API version of the referent
- type: string
- kind:
- description: Kind of the referent
- enum:
- - Bucket
- - GitRepository
- - Kustomization
- - HelmRelease
- - HelmChart
- - HelmRepository
- - ImageRepository
- - ImagePolicy
- - ImageUpdateAutomation
- type: string
- name:
- description: Name of the referent
- maxLength: 53
- minLength: 1
- type: string
- namespace:
- description: Namespace of the referent
- maxLength: 53
- minLength: 1
- type: string
- required:
- - name
- type: object
- type: array
- secretRef:
- description: Secret reference containing the token used to validate
- the payload authenticity
- properties:
- name:
- description: Name of the referent
- type: string
- required:
- - name
- type: object
- suspend:
- description: This flag tells the controller to suspend subsequent
- events handling. Defaults to false.
- type: boolean
- type:
- description: Type of webhook sender, used to determine the validation
- procedure and payload deserialization.
- enum:
- - generic
- - generic-hmac
- - github
- - gitlab
- - bitbucket
- - harbor
- - dockerhub
- - quay
- - gcr
- - nexus
- - acr
- type: string
- required:
- - resources
- - type
- type: object
- status:
- description: ReceiverStatus defines the observed state of Receiver
- properties:
- conditions:
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a
- foo's current state. // Known .status.conditions.type are:
- \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
- \ // +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: message is a human readable message indicating
- details about the transition. This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers
- of specific condition types may define expected values and
- meanings for this field, and whether the values are considered
- a guaranteed API. The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- observedGeneration:
- description: ObservedGeneration is the last observed generation.
- format: int64
- type: integer
- url:
- description: Generated webhook URL in the format of '/hook/sha256sum(token+name+namespace)'.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: helm-controller
- namespace: flux-system
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: kustomize-controller
- namespace: flux-system
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: notification-controller
- namespace: flux-system
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: source-controller
- namespace: flux-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: crd-controller-flux-system
-rules:
-- apiGroups:
- - source.toolkit.fluxcd.io
- resources:
- - '*'
- verbs:
- - '*'
-- apiGroups:
- - kustomize.toolkit.fluxcd.io
- resources:
- - '*'
- verbs:
- - '*'
-- apiGroups:
- - helm.toolkit.fluxcd.io
- resources:
- - '*'
- verbs:
- - '*'
-- apiGroups:
- - notification.toolkit.fluxcd.io
- resources:
- - '*'
- verbs:
- - '*'
-- apiGroups:
- - image.toolkit.fluxcd.io
- resources:
- - '*'
- verbs:
- - '*'
-- apiGroups:
- - ""
- resources:
- - secrets
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - patch
-- apiGroups:
- - ""
- resources:
- - configmaps
- - configmaps/status
- verbs:
- - get
- - list
- - watch
- - create
- - update
- - patch
- - delete
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- verbs:
- - get
- - list
- - watch
- - create
- - update
- - patch
- - delete
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: cluster-reconciler-flux-system
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: cluster-admin
-subjects:
-- kind: ServiceAccount
- name: kustomize-controller
- namespace: flux-system
-- kind: ServiceAccount
- name: helm-controller
- namespace: flux-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: crd-controller-flux-system
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: crd-controller-flux-system
-subjects:
-- kind: ServiceAccount
- name: kustomize-controller
- namespace: flux-system
-- kind: ServiceAccount
- name: helm-controller
- namespace: flux-system
-- kind: ServiceAccount
- name: source-controller
- namespace: flux-system
-- kind: ServiceAccount
- name: notification-controller
- namespace: flux-system
-- kind: ServiceAccount
- name: image-reflector-controller
- namespace: flux-system
-- kind: ServiceAccount
- name: image-automation-controller
- namespace: flux-system
----
-apiVersion: v1
-kind: Service
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- control-plane: controller
- name: notification-controller
- namespace: flux-system
-spec:
- ports:
- - name: http
- port: 80
- protocol: TCP
- targetPort: http
- selector:
- app: notification-controller
- type: ClusterIP
----
-apiVersion: v1
-kind: Service
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- control-plane: controller
- name: source-controller
- namespace: flux-system
-spec:
- ports:
- - name: http
- port: 80
- protocol: TCP
- targetPort: http
- selector:
- app: source-controller
- type: ClusterIP
----
-apiVersion: v1
-kind: Service
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- control-plane: controller
- name: webhook-receiver
- namespace: flux-system
-spec:
- ports:
- - name: http
- port: 80
- protocol: TCP
- targetPort: http-webhook
- selector:
- app: notification-controller
- type: ClusterIP
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- control-plane: controller
- name: helm-controller
- namespace: flux-system
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: helm-controller
- template:
- metadata:
- annotations:
- prometheus.io/port: "8080"
- prometheus.io/scrape: "true"
- labels:
- app: helm-controller
- spec:
- containers:
- - args:
- - --events-addr=http://notification-controller/
- - --watch-all-namespaces=true
- - --log-level=info
- - --log-encoding=json
- - --enable-leader-election
- env:
- - name: RUNTIME_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- image: ghcr.io/fluxcd/helm-controller:v0.11.2
- imagePullPolicy: IfNotPresent
- livenessProbe:
- httpGet:
- path: /healthz
- port: healthz
- name: manager
- ports:
- - containerPort: 8080
- name: http-prom
- - containerPort: 9440
- name: healthz
- protocol: TCP
- readinessProbe:
- httpGet:
- path: /readyz
- port: healthz
- resources:
- limits:
- cpu: 1000m
- memory: 1Gi
- requests:
- cpu: 100m
- memory: 64Mi
- securityContext:
- allowPrivilegeEscalation: false
- readOnlyRootFilesystem: true
- volumeMounts:
- - mountPath: /tmp
- name: temp
- nodeSelector:
- kubernetes.io/os: linux
- serviceAccountName: helm-controller
- terminationGracePeriodSeconds: 600
- volumes:
- - emptyDir: {}
- name: temp
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- control-plane: controller
- name: kustomize-controller
- namespace: flux-system
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: kustomize-controller
- template:
- metadata:
- annotations:
- prometheus.io/port: "8080"
- prometheus.io/scrape: "true"
- labels:
- app: kustomize-controller
- spec:
- containers:
- - args:
- - --events-addr=http://notification-controller/
- - --watch-all-namespaces=true
- - --log-level=info
- - --log-encoding=json
- - --enable-leader-election
- env:
- - name: RUNTIME_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- image: ghcr.io/fluxcd/kustomize-controller:v0.13.3
- imagePullPolicy: IfNotPresent
- livenessProbe:
- httpGet:
- path: /healthz
- port: healthz
- name: manager
- ports:
- - containerPort: 8080
- name: http-prom
- - containerPort: 9440
- name: healthz
- protocol: TCP
- readinessProbe:
- httpGet:
- path: /readyz
- port: healthz
- resources:
- limits:
- cpu: 1000m
- memory: 1Gi
- requests:
- cpu: 100m
- memory: 64Mi
- securityContext:
- allowPrivilegeEscalation: false
- readOnlyRootFilesystem: true
- volumeMounts:
- - mountPath: /tmp
- name: temp
- nodeSelector:
- kubernetes.io/os: linux
- serviceAccountName: kustomize-controller
- terminationGracePeriodSeconds: 60
- volumes:
- - emptyDir: {}
- name: temp
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- control-plane: controller
- name: notification-controller
- namespace: flux-system
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: notification-controller
- template:
- metadata:
- annotations:
- prometheus.io/port: "8080"
- prometheus.io/scrape: "true"
- labels:
- app: notification-controller
- spec:
- containers:
- - args:
- - --watch-all-namespaces=true
- - --log-level=info
- - --log-encoding=json
- - --enable-leader-election
- env:
- - name: RUNTIME_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- image: ghcr.io/fluxcd/notification-controller:v0.15.1
- imagePullPolicy: IfNotPresent
- livenessProbe:
- httpGet:
- path: /healthz
- port: healthz
- name: manager
- ports:
- - containerPort: 9090
- name: http
- - containerPort: 9292
- name: http-webhook
- - containerPort: 8080
- name: http-prom
- - containerPort: 9440
- name: healthz
- protocol: TCP
- readinessProbe:
- httpGet:
- path: /readyz
- port: healthz
- resources:
- limits:
- cpu: 1000m
- memory: 1Gi
- requests:
- cpu: 100m
- memory: 64Mi
- securityContext:
- allowPrivilegeEscalation: false
- readOnlyRootFilesystem: true
- volumeMounts:
- - mountPath: /tmp
- name: temp
- nodeSelector:
- kubernetes.io/os: linux
- serviceAccountName: notification-controller
- terminationGracePeriodSeconds: 10
- volumes:
- - emptyDir: {}
- name: temp
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- control-plane: controller
- name: source-controller
- namespace: flux-system
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: source-controller
- strategy:
- type: Recreate
- template:
- metadata:
- annotations:
- prometheus.io/port: "8080"
- prometheus.io/scrape: "true"
- labels:
- app: source-controller
- spec:
- containers:
- - args:
- - --events-addr=http://notification-controller/
- - --watch-all-namespaces=true
- - --log-level=info
- - --log-encoding=json
- - --enable-leader-election
- - --storage-path=/data
- - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local.
- env:
- - name: RUNTIME_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- image: ghcr.io/fluxcd/source-controller:v0.15.4
- imagePullPolicy: IfNotPresent
- livenessProbe:
- httpGet:
- path: /healthz
- port: healthz
- name: manager
- ports:
- - containerPort: 9090
- name: http
- - containerPort: 8080
- name: http-prom
- - containerPort: 9440
- name: healthz
- readinessProbe:
- httpGet:
- path: /
- port: http
- resources:
- limits:
- cpu: 1000m
- memory: 1Gi
- requests:
- cpu: 50m
- memory: 64Mi
- securityContext:
- allowPrivilegeEscalation: false
- readOnlyRootFilesystem: true
- volumeMounts:
- - mountPath: /data
- name: data
- - mountPath: /tmp
- name: tmp
- nodeSelector:
- kubernetes.io/os: linux
- serviceAccountName: source-controller
- terminationGracePeriodSeconds: 10
- volumes:
- - emptyDir: {}
- name: data
- - emptyDir: {}
- name: tmp
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: allow-egress
- namespace: flux-system
-spec:
- egress:
- - {}
- ingress:
- - from:
- - podSelector: {}
- podSelector: {}
- policyTypes:
- - Ingress
- - Egress
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: allow-scraping
- namespace: flux-system
-spec:
- ingress:
- - from:
- - namespaceSelector: {}
- ports:
- - port: 8080
- protocol: TCP
- podSelector: {}
- policyTypes:
- - Ingress
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
- labels:
- app.kubernetes.io/instance: flux-system
- app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.16.2
- name: allow-webhooks
- namespace: flux-system
-spec:
- ingress:
- - from:
- - namespaceSelector: {}
- podSelector:
- matchLabels:
- app: notification-controller
- policyTypes:
- - Ingress
diff --git a/clusters/okd4/flux-system/gotk-sync.yaml b/clusters/okd4/flux-system/gotk-sync.yaml
deleted file mode 100644
index adf2cf49f6778d9a34480ea1ab6edd78f833b344..0000000000000000000000000000000000000000
--- a/clusters/okd4/flux-system/gotk-sync.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
----
-apiVersion: source.toolkit.fluxcd.io/v1beta1
-kind: GitRepository
-metadata:
- name: flux-system
- namespace: flux-system
-spec:
- interval: 5m0s
- ref:
- branch: main
- secretRef:
- name: flux-system
- url: ssh://git@git.shivering-isles.com:2222/shivering-isles/infrastructure-gitops
- verify:
- mode: head
- secretRef:
- name: pgp-public-keys
----
-apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
-kind: Kustomization
-metadata:
- name: flux-system
- namespace: flux-system
-spec:
- interval: 10m0s
- path: ./clusters/okd4
- prune: true
- sourceRef:
- kind: GitRepository
- name: flux-system
- validation: client
- decryption:
- provider: sops
- secretRef:
- name: sops-pgp
diff --git a/clusters/okd4/flux-system/gpg-keys.yaml b/clusters/okd4/flux-system/gpg-keys.yaml
deleted file mode 100644
index 111c06cfd4da4bff4a5253f91b9be65b49cfdd0e..0000000000000000000000000000000000000000
--- a/clusters/okd4/flux-system/gpg-keys.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-apiVersion: v1
-data:
- sheogorath.asc: LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCgptUUlOQkYxdnFEVUJFQUM2RGF0K01hcXlkWkhIeEl3Y0h5Yk1TMFBBaklXZkR3WTcxZnM4SHBrRG95SS9EM2dRCmZmWU9pWGE0ZUpMS2ttb1Z6REpTcHQyWUhNdWdEU1pPWHFiaGFUcnB5NUdaeGw0bmxCaWxCc2FkYmpvWGQ3Z1oKbTVhdlRWeXJhTlFNRU5Yb1c3ZTh4RlRCMGNuY1YwbHYyemttekU5K0xUNDhXbnJoWm43MXdRRm9tNTFabVlZdgpmeXd5MzVHNzc4ME1pR0FQdy9vYUdFZSsxbjk1UW5yL1lFUDAwQjRLcTJUU09MOW9UY2N2RjZQKzVmN3FrNDBTCk1rRUN2eWJjbmlOMHNUdXpUSFk4eHU2TU4wcW1OZGRlWFBLNXkrOHFZcVRpUVl0VnQxRndyTUN3QTRRTGRvSnkKQThzVnppNmpkb1VSb1FsSkxxcWJyNjV4Mm5VaFltTzBDYXZBR2V4R3AvaldtU3FIUXg4R3ZuQWR2akNtQ3pFYQp0ajFENERxSUhpTk12SXlsVW90SEZpR0hwVGZ1bDVGb2FEbFhxbmc5QUd6QzNzK3A5aytkOC90L2wwN3BBdnAvCnB1WDVGdnh3Y0xwd1lJZmpKOEFnSjF4SzI5MlJSbVpxbERwOGpEcWlqZU1QOUo2dE9rZ1FXMGdSTGg5RmFBNVYKVG5zT1M4ampmYXU0ZmxmTys4NDcvcWM3MFJTSC9QSDBUbDJ2ZmlyQmF5MUN3cUJMUkNrSzZYaHRCL1VJQjdUeApEUXRzbjlvVUV6Z2NOeVV2aXlwRUhvbUlBcWg2djN2ajd4UVQwcDMrUVY0TWd1Y3Z6M2Z1ZUgrSlJQS3cxMUN5CmMrMjI0SzlmQnRIY1Q3N3pzcWpRcllSa1Uvblo5clRrbkhuVzdWMXZ5UEl2S3BIOEsrSDhFWTJxV1FBUkFRQUIKdEN0VGFHVnZaMjl5WVhSb0lEeHphR1Z2WjI5eVlYUm9RSE5vYVhabGNtbHVaeTFwYzJ4bGN5NWpiMjAraVFKTwpCQk1CQ0FBNEZpRUVLR2VSKzJaSVU1ZDEyekc0L0xtTUtqN0c5Z0VGQWwxdnFEVUNHd0VGQ3drSUJ3SUdGUW9KCkNBc0NCQllDQXdFQ0hnRUNGNEFBQ2drUS9MbU1LajdHOWdHZUZBLytLei9BQkRZTS9NZFlrWmlqMTdabVprdDMKQW9ncEw3SlorNmJEL2RrSXgzMVdhdXhaQjhTSTZBZFQyTjRqL2dVYlZ4NHlLM20raFZadXJBd1F1Y3F6WWRnNwprZzgxRWdMSVJvakwwRXZuVnB5WU9INmJWdUVYall6R2ZmM2F1aGpCek1SRyt0b29kUXhDenY2YzFyM3dBL3UxCmYzUTQ0ZnJUU2t6R1k4L2tjUU54ckRzVW55ejVvZk9LaG9DdGFMRmN4ckFrb0hLaTV1TmJZajNzV3R0UnFkQ0UKendacEd4YVhpdm5FL2IzR2c0K3J3Ymc2TVVyaHJwUDdnd1pLN2xCN3FONU1aWWpsYm1ZM0hkK05DR2NxT2pobQoySXFqWFFPWi9GVHFhd0RmdGhsNHh2dHNHVmxSL0I1Tzk3R2lRYzhzYmtxNk1RRVZ2MkJTaHlmd2FuWjVTUHA4Ci9qU1oxekp1ckprZDh1ckNMZUpYeUpjdzkwT0ErRFJ6bjhGUXA2WDQvSUI0dnl6ZTBIVUFzTHAyLzdURkNFbGsKY3hrcVdHMHk0Z2lGeHhvM0c5WVpoNHVRbVFaMWgvNXV4dXFRM1V4Nlk0Qk5GKzFxYy9UWXRXSVh2Y2NXTEJicAp2RTVIRGdhZTRKQjFaTkcwUUg0ZklyRlRTNDhkUng0bEZZS2l1OVJIeXFNNFJvUE9xUTFpZkU3RDBDcEpaaGN3CjNOYjk5ZTYwM2pUU3VPaFVsVHJHOTdtY0kzdndRVnIwVmltdzVBZkFTeWNsdFhQeGQ5WFRKcCsxU0V3Qit4WmkKYjl6ck5TdGtxbWJXTEUwUkdyQzJ5bFl1Q2xZNHl4NFMvTU1xQ3c0bGR3ekNCL0N6OVVLeXdVd25GL1pDb1ByMQoyWVRGeU00NU8yMzYwb0xsV1ZPSkFqTUVFQUVJQUIwV0lRUUI1YlBLd01Kb0ZrZ3ErMGdmQmN3Mk5jM2YvUVVDClhXK3BQd0FLQ1JBZkJjdzJOYzNmL2JhWEQvNC94cWZuNmdJUnZ6dWZsOTFFZHVKbFVldG9rbEsrV0F2elN5MHAKZnVRTEVTakZ0TjkyUzVid3N4ZFZGN25NVjNEbGVEQnFwNDFMRHZVaDZSbUkxT1NHa1F6WC9TZEtDL2tVNDFkZgpoRktjbmk2OUh4U21ETzRIVGpSNXBYdzZmN1QwVENmeWZBYkF5WGhuWDQ5T2pRVjR4NFpCSVdoTWs5aEJET0xJClRzQzlXTFhJSGpCcEFLclZobCtRM0ZmWkJHbDZZZWpUTlRPWXpGcGc2NEVxTDJIaHUvYVBpV2RieWRJeW9ZT0IKOENoN2pCZ0tMdEFrZnByR1R5Wm9DM2hSTFZmT2kyN1UwcHp4MUZOV1V4bXN5cGxld1RqS0dLbWN1aGpJWDRFTwpUZ2xmWlJUdjh0WmI2eDdRNzZyaGw2bGJCakdFcGJFQmd4WlVwL2c3RURFZG5GWXVtWmUzL09lUktCem5QWVc0CnMwZ1NoR1lEWGplODZXMWM3MHY0RDJ3d3lDVUR3SWYyQ2hqdm5Yc3NHWXlzRERUVW4wamRNQXdMYUlRWXpWWUcKaWpMR0I5V0hVdEpmTG9RRjJzclI3ZC90Qk5YZkxlVjFMSEllREpEdEF5SGFXOC92cEJWeHllOEtVWGZHYnFSbQpwQm5BMmR6cFhOL1huS2pOV2JtbjhZaXhXd05zT2RMQVBkV1FnU0lKWkV3VnVzby9nQlVLN25sdFZ2ZXFuWHNtCmpxYnEwb0JNT0REcGI3cW5VNzkzT2JSbVc2S3VrMWJ2L1pQN0pWaklnUmdXdWttcU5oa0hncjNQU2txYThLTVIKcFVKN1hsaHZlQTNHcWt1eUlWeWh0VGJERjdjOUlyN2htcGtBZEppT1VPTVVubWpla1I5QUE0OHBuOUVhcDlyQQpLNWZoMTdrQ0RRUmRiNnBKQVJBQXpEYU5NalBWY2tVSjR0eVdGTitjOWl2ZnpQZTg3ZGUrZHZPUmE2aUlGa1JyCkJWZ2k5ZjRJU3lyWnpNTTlmZzdURHVuSW5RdWs5eGtCZjFtQjZaSFFBMjRFaHRPd1ptWEN1elhZNTRVMUNMcTcKNXBUU2NoQUlOOUg1dUxIZVYvamlSWHJEVjQvSjRjNzgwVXNLdnB6ZWZQaDl4T3lvSTV4ZjRIZm5CdnJYT0Q3RwpocEk0R3lFaFVWeWpkaFVoVEhtVUt1YUR6Z3J1emhRWGJLN1o4a2VTWG5ITkNHRTgvbldiTzZ6Z2tIQ0NVY2F5ClNmVCsrVU9iamU5TTBoNTR6a1VmTzRISzNmQVBLNWtwZ0tYWXMzQkVDcWdJanFGSElLQzR1SUtVeXRZRVYzN0sKN1dmY1NnRGo0UmJ5U1E0b3VHMjZjSEYrQ1ZkSUF0WjkrTDFuYWVQRVUveDVnc0NlYllyaEFwVFFYQkJKa3pEdApyMWN2OFlMaHhUTCtVODFyb0JvMHR0RjhuL1RDMFdtcFFOT0Z1Vklxa29LN2hPNHdScWVMbWtZQlNFSnRsbHo2CmxremRJdUUxV0xLRm4zeUFadS9Qb3Rzd3RZOUU0dTZvZklucXBWUUhsWHFhUTVteXVpa25VOFVtY3JIOGhkOEUKTFd5L3lCN2FIWkQrMjFaZy9nOUo2VTBpYjAwZFBlNDVFTVl5Q2x1OTZrQ3AvOXRVTFRoYlRaZ1NxdU5xMGg4Kwpxc2lIWUlxVTFlM0kxdGc2Ym4wOE0xZ0JRbGgrS2R5aUl5ZGZhVUpSVmtjNjRVaC80QjlhVHRSUERxQmdYNmsxClhQUjMybStyVWpJNHVqdnlSSytaWHVNbEFOMkloOUh0MzRrYVFud2ZWanE2cllMNVkvK2FlS2I4T3hvRmFROEEKRVFFQUFZa0VjZ1FZQVFnQUpnSWJBaFloQkNobmtmdG1TRk9YZGRzeHVQeTVqQ28reHZZQkJRSmhNQm92QlFrRgpvYU5tQWtEQmRDQUVHUUVJQUIwV0lRUmVwL2dadm4vWkE1cHJ2WG5Kc2NnSE43bk9HQVVDWFcrcVNRQUtDUkRKCnNjZ0hON25PR0NBVUQvMGZEMDlJTHBGQXNmcW9iWkpqaDNGcHMzRys0VThzckoyemUrL2hQb1ZvNk5ybDB3M1oKemE1WUFpMnlzMzdSYzFIKzFMUmlyRlVwalNKQXA4K0tOZ3kzWG41UlNBSkRIQlN2ZjQraTdoZ1NTeEhYMnhhTQpqZmh3RzNkOUpCZ0c5eUk5K0o5MzBTcHV6eHlTVmRNOWFRRXdOSVZNU3E2dUZuOExpYnlYOWo2RzA2NmFTb1loCkxPWi94NEw1cmJFRVArYzNtditCcExHL0FrNmVNeFdkblhIa1NsOEM2dXZtS1FzSzZaSk1FUytkZ2F2UXA0aHcKVGF0dFV5dlhYRU9lcTVSVWo2b0tlUThUTnlNVkdSQ054MkgrRlFnRW9kalMxQjN1bWN6Z25DWENUVW5tNkR2ZgpKb1YxNzY1dEZteDBqQk1rTWx0YUszYVhPYkRuMzh6OUF2VmhNb0Faa2hndkZ0Q2lReFQ5VkhUdGoxby8yNldFCnIyaFlpUUV3WG1WWWw1NEFwUGptODhuUWYveXlPYVBha3RwWUtTSE5zTk5PK1owQ0p4ZFgwck1kMlVkQ280L1EKY1MyREYwR21mK3VoNFo3ckN0V2lVWWZ3QllrYkYySGk5aHJZNUNNenlVK2FYaDh1eEhjMGwrUnYvQ3diVmF4UApiVEhxNFdJbmpzUmhwbFY3eEFuckNXYkg5UVB0SHRudFp3SVVQcjF3ckRRM1FyUzRtNGs0T3l5Ylh1eE5TLzg1CnFzWnE4YXdxTXFPQlJqZTVwMFdFT0pnQVJqS0pPdjgwMll0SGYzL250cWlyVkk4YnV6c2dmSWRmZzBaV2ZNSGQKTk5XbEZNeXlwancyWnF2aWJSRlZOd2YwN1QyZlVUMUVTcUJGVTQxd08wd2M5U1FIaXUzTUFwZS9EZ2tRL0xtTQpLajdHOWdFcGFoQUFoaDhqVEFBdmFTbmpubG9ieE5ia3dKemx6S08rclpXMTNJK25hRTZCYVlBcitheDlwOS9HClc2S21COTFORThXVzNHQWN2Wm9uOHpuMUY3dDRXbjdlMEMyOWg5WHllK2JSckRJU2NuL2UxbzJ4RllDV1ovUzEKaXFvUkp5L01QSk1FaUNuV3Jwb04xUys4Y2FTcmEvamlUWTFJcDQ5eTRVQ1Z1eTgzNzJ2UEF4dzE1ZThPY1BNVQpiWGZjcDFlRUtWZGxzUDJXTWovaGMxRnM0cXJSK2pYZitTbFFDdmhIZnJXNTVSak9aWnpPakFxRDNoOGYwRExICmxwaU9pMWUyUHFjRDdrY3FCTFM3bVZROEFSbmI5dzFGbnBOM1RLeGlOcVJhM1AyN3ZvcG9XL3BkUlcyaFRjS1YKTVZaL1RLVXpUeEl6bVo1K0FwZjBialhlSk80cEZxeFN5S0FkdXNwNEZuSnJuS08rOC9DR0xLdEJZb3l3WDdxMgpSdk1va2RVRWNoWXU0YUw3WHY0NGNsLzBFWENrd3hCcVV2bUFXclliU29oaDZOWHJCNHhCc2dHVEEyb0VMTWY2ClJXeDliank1V0ZwY25zWTNnS29mazE4S1pEWDBjcUZWRjFOc2JaRms2TjRYSUIycEFFaGJBcmttZXpMVUl6Ky8KdTdQM1Q2cW5GS3FUdG9Ob1FRS2U2UGlVYXF0TDFEcHNhVUZkN2xPTmRLelBGQkFEVUNGTTlIMTAzZ2NZOW95OApNUVBJeEY4bDBGalZ4ZlVzRlltSlpFQzFWWmNJdzd1Y0oxUkFsdm9Cc3NaRUxsb3dWdTE4d3hEazhQSjV5N1k1CmZReVVpaVVmNUpmRTdER2JOUzJ3dlZHZ2dvcUl3YzU0dFZNL3Z4QzFjRzQrY1QxNmdabmt2QW01QWcwRVhXK3YKRkFFUUFMN29ZcExJeTJMZ3pjd2I1V3B5ZXZkNEVXN0NwT0NKcUdaMFRaUFhMV0U4anFZbytGcmRWTG1mVTgzQQpBcDE4d21xNVViNmxyczNpZ3I1eEZ6Z2draFd1YUl4aEZabGhHSG56LzdDK2Uyb3JKdUFQekI2aklkcExLeFFVCmdJUkV5NEtnclhhMlNYdisycTZTVUZ5cVFUUVBpR1FkVmN4eTd5RmRJZGZpSDBUbEd0ZUE1eFNPMmxkVlV3MkgKNEg5S3JvNDV3SDl5VHczSTBabG5ZMmdNWlYwVVU4VlVaUDFXUWY3Mk45dU1UKzFEZ3Jxcm9KWWxUbWxjeTl3eAp6UURtMVpRNjFKYTZ4NzRHcDJsWGJvRFg4N3JINklveURXVnVaekpDd3NlVk5RZEVJcGR3OFF0cEEyRG1RZ2hzCmIzMzJZWEFZV3FZVjh4Q3pCQUxxVi9wM3F2dFBjSGVnV3BHa2FVTWV1SFZaN016Ulh0c0huZy9hWjhURXVvVlgKV3VleXhBWFEvbCtMeHNkOXZNT3ZEd2VsTzluUWh6OFBEeFRST3VJeFBmTFlQbmpVOEhEWnZzZWt0OUY4VlhRcwpZTHIzTTcveEdIc2VSV1FmL3JvbWd5c1F3NTRxUUtnYVNpTzQ3R2dsVlJoYmFJL1JYVlMzQU52R2dEVVpFbDN5CkxFcjFLQm9KK1ZVQS9xVDZqNFhkdVphQTV4Q1UyNDI0U3A2Y3RGL1dwQnVKeGpwcFJMbnptL2FiV2lhV0hseFMKclRUNTk1aG9QeU5sek9BamV3U2IvZkIwcXpWT3NaRUE0L0hRdVBhYjYycW10aXI2eDNiemMyYWJoWTM2T3crUwpIdlRlTExPN2puQTBsdEIrN1JzZUlFMklYb3JFSkxIMlNzRFc1dVlDUjBITi82bmZBQkVCQUFHSkFqd0VHQUVJCkFDWUNHd3dXSVFRb1o1SDdaa2hUbDNYYk1iajh1WXdxUHNiMkFRVUNZVEFhUmdVSkJhR2VzZ0FLQ1JEOHVZd3EKUHNiMkFRWklFQUNUWEs5Nm1HV3dxZkJDMU9GK1dkdEx1VlRsd25OT2Z2NW5lV0s0RXZsenFhdlFoOE53bDdETQpnc0Q3ZER6eXNBTjZXb3hxZHVpelJic3VRUVB6dTZUZ205eWxLUU5MQ29LbjBleHNTTTArMkNaejVEakJ6dUVwCldkS2xuRDdSb01OT1NiWlJaTktoUGRyRGNyN2U2SThKa2JlVVduNVoyWjRSUzJKUHJVRHVmbEErWjMzdHE0QUcKcldJeXBYdXRhTjVaWkxPOXM5ZW00NEVvbkpDUFg1ZCsyNkpGUnJlYklBZzBGWmU5c3d5QUVyM0dCb1J2dEI5Twppd2pXd0NMbEtuRSs4SGI0VFlTUU50Rmk1NEx0ZStyYnFiSEZTbmx5MnRSNUREQ3BaMS9uY2VwOGlVVTF5d25HCjNHWGNXcCtBKzlMcXNZaDNRMDhtVWVLZWtQdW05U0RoU0d0YmJtLzVGMTFqYU5kOEROSkhBbjBiaGZ2Q29UdlgKRHVBRjRCeGoxbXZZQkFpVEdJZWdBOXNIZUpVZ1k3b3VUSDJ3VmkwOXBhTEQ0Sk1nbzJvK04wVkEyWm9VR0g2egoxUXNoaEs2ZVk4NkZ5U2FrbEVIalRmZUtzL245YkhYbk9ua21ad29aTUxLOVdadHpmVTRoNFNORFJTanh5RzNNCmxjb2tIOWpNVVRmQk4rdER6TXdZVTFpU3JqSHBJWWZOdlQ4L0lvQUlUTE41MjVnbXdiS2tyZGY1a01CSllRRVoKK0o5UE92Mmc4VDRMM3BlaE5PQzBrUEYwWUpSWUMxd2hiZmJDUFJPT1hjVGszWmJJVk1HVkJEZXNHekk3QUpxTwo5WjVKM3BhUk5lamdSV1J6MENOTjNmQU5kOUc5MUFWNXY0dzlidG9id0ZSZXZTbG1nTnAzR2c9PQo9SU92WgotLS0tLUVORCBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCg==
-kind: Secret
-metadata:
- name: pgp-public-keys
- namespace: flux-system
-type: Opaque
diff --git a/clusters/okd4/flux-system/kustomization.yaml b/clusters/okd4/flux-system/kustomization.yaml
deleted file mode 100644
index f7b86f909486e9afc1d0e2d532fe7d62267092a5..0000000000000000000000000000000000000000
--- a/clusters/okd4/flux-system/kustomization.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-- gotk-components.yaml
-- gotk-sync.yaml
-- gpg-keys.yaml
-- receiver.yaml
-- webhook-secret.yaml
diff --git a/clusters/okd4/flux-system/receiver.yaml b/clusters/okd4/flux-system/receiver.yaml
deleted file mode 100644
index 34f78f883f961370b3793ce36e28526283b8db27..0000000000000000000000000000000000000000
--- a/clusters/okd4/flux-system/receiver.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: notification.toolkit.fluxcd.io/v1beta1
-kind: Receiver
-metadata:
- name: gitlab-receiver
- namespace: flux-system
-spec:
- events:
- - Push Hook
- - Tag Push Hook
- resources:
- - kind: GitRepository
- name: flux-system
- secretRef:
- name: gitlab-webhook-token
- type: gitlab
diff --git a/clusters/okd4/flux-system/webhook-secret.yaml b/clusters/okd4/flux-system/webhook-secret.yaml
deleted file mode 100644
index 06c19479a1eb730dd2a4514d682e618c36ceade3..0000000000000000000000000000000000000000
--- a/clusters/okd4/flux-system/webhook-secret.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
- name: gitlab-webhook-token
- namespace: flux-system
-type: Opaque
-data:
- token: ENC[AES256_GCM,data:OH3a73YY8Oii3q/gyzllsk2BX8phUMXe8nZNXjUT7CZk6UlWtXY3/c0rAZon3FBDaH1hKDhtsWVVdVcZ07kNOOtlc0ezdHkN5cD/fEfdPR8U+XttLsr+DQ==,iv:2wqK2ufJTV5MdRmDBKx+f+PxVGwoNox/MTJk4RXIml8=,tag:y/fvRyAYXdPKOCjBOsx3BA==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2021-08-13T22:24:25Z"
- mac: ENC[AES256_GCM,data:wbKWI4Qdjg8FYA56ASgchwZWT+yi6HT9ix1kwpH6wQ8hkVLTvNa2/tPQCILGcG/6DWGWtgQbKLp8wqp15MpRy5t/FqH2xTBXr6dY/5iDbvAgUA17QQI1w6xFIJoxdanthGFtrlZZTPz8YC9bAXpCN3Y1Icj4ZWgkzeqrn/QPd8Q=,iv:pm29MkED8RzetecXrrAOJtRQZmolKCLW1L5tF2hB+F0=,tag:VQym4XS8vbzWTaxydHYKJg==,type:str]
- pgp:
- - created_at: "2021-08-13T22:23:22Z"
- enc: |
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1u//sli4/n1ARAAyPUuDlqcn8uoyARE0anQfduu8UdylmAUBixoc7HqZy8t
- E8psRdURyyMrqCinFQKiJIYaK5BAB80WNx5dw0tYz6HRmiojQVtyxcwle8edtiZO
- jnw22USDiIfqNrYQd1lxE4pFKLKOwq897oXiLcwK4tdItCrlFWrklNetDZhEEfdB
- /1Oz28lnHBsxmQyxYu8gsgQ2MekYMek1FTBP9ht/xWFH1GoASU27jeOxtUPre9QT
- 3Wf9NmgCPf0BW09S3DprUdjcphZ0qLp8xYkZ8FNyVWXAJ+EjoTO/AXbsNqAN8BF+
- G8HGbV9QtXAUDT8zhF8nf7BVeKdTc5jhPaFlXOc9UwzdZfAuFwOw4Js34uIHC2lz
- nVrn9qKlfsr3D9ab7Q7OoRnftXpbsnthCV5kkHWdnb5JbMkVxep001TVSbJoh97P
- aTR4xCOcHvrDx9LR7ydXX0vMzki2k7zzJvcDtn9GwGAljz2M8epAi4BxEIPjyY52
- yQMEErjFBUs48flB8sL/JIuBlxX5DlxekNuXBdTaoeYTN+AKgXEaH02FPgL8K3SY
- mkc9bDEtTGo6PLpVaF/8qk1BRaoQ4yOrjASqrlzzbb8oZywSu39JvvwBesyBsXUs
- RtRbop9hb5MYJ51010FBRMXuqbr2j9C4vMGgv4HtpOpKm0rmDFIB2uUoqfg6Pe7S
- XgFd+cr4u3bHPsPnOgYxqhfG6aIj4cJyFmiBSH1yjcFUYBW+5i4pMeMYB+RQ/W2+
- hfPYxkboXoZXwJbJYMhwh56UvaH8jcV1idzthoRNPngHG3WbYNwVarGHRScwhyU=
- =tTg4
- -----END PGP MESSAGE-----
- fp: 9D02A9AD73EF7F3D5F657AC2B392F6EB325E8C50
- - created_at: "2021-08-13T22:23:22Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- wcFMA7kpg2bgzVHcARAAjUgfdKLRkCovt4OvijlWqmOwemHvD5btBERoGvAR0Icu
- xHcvUGdPtoMQ0JsZ71HT5Bt2efcmrYbBsUPSbXbbrWzqCx+JvO93oeBxY3AaVbzz
- NmHOBY/VyTyzxIOxtW/Ob7VDAuDD4bv0NhtHJBcyqh9gdNXtZxTCbnyXvk6rbH7Q
- k9HIw/A68QfR5rHppHmByBzc5OfuEvcGBInZgUUATUvYkEn2TfB4LLZ++L0jX8C6
- 2lqqURTOTZ2TVq8qijUXa+hNt4kYpHojySyUeNWTwCgAxAeMw++DGKciA5WzKTAY
- bLALBcYMAh8lydJ//ISi3pyMvVsCjlN3BpM4VA/+0v5fkEtFd7GDMhuB1/CYza9n
- YTo0tE9mZapoDmlIs6q7mDiD7xs4iNBeGpTU3vcDgImFZjNzHFWddN8s3ujzPZlD
- 7tDCcXh7mPFlWq0EUSy7DWbgbj945OuEKEplV/h0lVf93D67KpJEkaH/TnnYjXCQ
- t51r+wAg8naC9Dfj3QHZt9xrmk3j3uMQBM6rzGMRvXqdwjSOH1uqULxTTVZzJryP
- 2LftqLxZrD5zdG8Gs0lYe+iwmHVhIOOfY1weLN3Y4yKbhk8aHUKFxhoTN/bPDBgk
- sLBL4uqNSL1tku/ShZ+UOK1Rh82Q0wpUit+8OXi5biNGwkcEIwhpPpfm8yorL4bS
- 5gFWiuXXESNKa0ArSBrrLp5bncIMfIQ7wGohlKMVSf7NRzDFk49u+KC/10NBFaVP
- 0yRB+wxhQBMr8fxVAJsThqTkJr6FK6FD70/La76QSdJlmuJS19f5AA==
- =l6ls
- -----END PGP MESSAGE-----
- fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
- encrypted_regex: ^(data|stringData)$
- version: 3.7.1
diff --git a/clusters/okd4/hcloud-csi/kustomization.yaml b/clusters/okd4/hcloud-csi/kustomization.yaml
deleted file mode 100644
index bc946ea94a5be2c2b38eed3a3b0f3430f309f41d..0000000000000000000000000000000000000000
--- a/clusters/okd4/hcloud-csi/kustomization.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-- secret.yaml
diff --git a/clusters/okd4/hcloud-csi/secret.yaml b/clusters/okd4/hcloud-csi/secret.yaml
deleted file mode 100644
index b91e1837c79978b2c4e74cfc80a9bcce5dbe9ca4..0000000000000000000000000000000000000000
--- a/clusters/okd4/hcloud-csi/secret.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
- name: hcloud-csi
- namespace: kube-system
-type: Opaque
-data:
- token: ENC[AES256_GCM,data:NEhbkxG+z7UK4A0TwAoey6By6v6DKZsQ8GT1e6XSZzBVraO/RKeTmqsHp4EhSmPnQ1YU7sv1mdAFytuRJ6g+Lxs5qwC4aMspnBTPsV9NLbsqcETquvOCEA==,iv:zooUdFweYXwkyHqVdCCDFBdlxfCK2vdcqERAYfBSMDA=,tag:1t5SjdLKnFcSSK4TZ0jPDg==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2021-08-14T20:22:25Z"
- mac: ENC[AES256_GCM,data:7Pd35kpA86DQKygM7Y0q1cgBKAetkTW1rmHqfe9OCHfaZkmGauUHxFog0D+tR/Qqm0qv1vIU760zhRrCj1ORvs5i1feADfYAlzeXv+0bNkk56OsZZJF1Tza9J+XCbGxeh4Kjtms0Sec3KPXM3R6p4ojMpYZWZ+3jBISBqx1KbE4=,iv:GUfyc4LIJSUeD54tu1If+nPQ+9S+y50HrYoF09Y0W4E=,tag:ahy00+vsnykG5vsO+KeCKA==,type:str]
- pgp:
- - created_at: "2021-08-14T20:21:51Z"
- enc: |
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1u//sli4/n1ARAAvak9ROJMBlj8ahbLEGN8+S/GI1n45Rrl3OtDj9sx5aD3
- h9IpUJjqX4vHjWRQrQVkpLQeUuOKrQwodRaaRPhhmhbbjmaVg253gQkOmnZtoNoS
- aWUld/W3vCF1CmgKdHlwEnhNZIMp9ncp3ZZQZagV9oQtGP99cgKqDMiEi++y0xfy
- vS1BmmMf2Ar7T1HMbbAHbwwkcvBeU4Qq4BnwnX+486KWCkv38kFUkNs+8M+kyqFj
- IhJIJ5OEbB/eAlpTA5byFB276wGTbLE/dBa5dHYystwkB2bJhkVdHtfD7GybXoQM
- EPhAJ91pzUj3q9DGPuDZ69gu2n1BRBdRrL1AkWyUrVJ8o+O9NmmXSJIIDBtNCo3X
- t7cgy9hjRK/OVJZXY1f6YqSq6KQNvmSlJF9ZnhjKCF1IaP/mnbs6Uh7lc+VNDyvL
- 3vXXO6YpR2uoWOriw9B1b2RAGNh8wGgj3qLryFvnwo1GFkKh7KG4jODwgFKpZlCZ
- aReoiuUEFZDoTgTdtbfr6yDOgX/cjSjZYxBcHu7jRZHMCK5wTOV1RgLw9/hYWWcd
- ZIYNiV69trt11oBzEzGTMRbkntwxzne3Vs9gA9l/HlKtKLeXhmZSoppM4H8lybRk
- EhMcVVb9SxiZ1TQLbVvkcfUA4T31nYj5j8+74xxWKAv+2js7upmj0NSGTwvs9KzS
- XgEbTeSnKHGALkSJInum+kL6Ns+RRIRIl6c3GLLm3tAXCoycQ+KWOS9dOESIv52k
- 3oyGfmcUIQIHIn5qdkAAcJdyXc6LlDBG1e0vgPzvu8otiNfavWcK0BLL/ZsSL7I=
- =R9t/
- -----END PGP MESSAGE-----
- fp: 9D02A9AD73EF7F3D5F657AC2B392F6EB325E8C50
- - created_at: "2021-08-14T20:21:51Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- wcFMA7kpg2bgzVHcARAAW+9m6FDhB6PJXjFEPv2PoL/zUAoajArvYl3WytiWYoUs
- O/MXImHj2S8cJBpzk8j3S7G/LUXy4SQwSGj4+TParE6muaqm9vFjBNongzSnQxI5
- f/osU+TZnkc7YPaMoa2492DT1VKaoD4eigBsAgTPfZ7jAn7HVCnb/Lsqn6WnSzCu
- v2eDTfnor6MJ/malIxsTLoS5Yg1H7Ljhfgaih99nOiH7sqgiztZssBOlCh8ctkrd
- zU3SFK4LrfVPhFW/MC8jBxSr/+KY12hUppPavDsSyePDHirCRIwu8TD/Mu/VMGqe
- 0DxHy2jVFc2w4+RT2Zw8+qi6WzByxktpmmp7rpgP96tiWBl0wL92NqHm3mzSvael
- 3Bv1l37XlajVTaJmbdPnGo0DcFWhIGuwe6ZLi8eo8n7ofG/mCbnOrgQTpltNYDMV
- BNpEmVv1WqVHQqBXQGqvvExkpUJAAF9z2NINIyhojFHwcil8NH8pvNEEKL8YCSfl
- JC2ae4yNzXbIDU58oO6jCdX5Wfw0nIhg5QXwh+9YdzyOVyaGSMtynsqMRKAKC1WT
- uMMi/qqpw/FAP+UiRsR6x4VxgGM44Upi9zmojWYKGcYL2gkoOvAxNoLNX9/cltYU
- PPB4dD1m3fstMyuv22VoGdT0ORE4JGbldxKmLorWHv6xZ9aySy3IpswMUaD14YPS
- 5gGEi2vzvGQ4ynQQgiQwrwgMdJMRBowB6c8ABlc8iJWAvhi3cPxxImOZSo7Ob91x
- 6YyA4sDGR1yYfm8W5PieL53kAlyB02uv01f+VemPxQSlcuLIE25JAA==
- =R7NR
- -----END PGP MESSAGE-----
- fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
- encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?)$
- version: 3.7.1
diff --git a/clusters/okd4/infrastructure.yaml b/clusters/okd4/infrastructure.yaml
deleted file mode 100644
index 46249239f8ae52fb6356a2369688d628eb60978d..0000000000000000000000000000000000000000
--- a/clusters/okd4/infrastructure.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
-kind: Kustomization
-metadata:
- name: infrastructure
- namespace: flux-system
-spec:
- interval: 10m0s
- sourceRef:
- kind: GitRepository
- name: flux-system
- path: ./infrastructure
- prune: true
- validation: client
diff --git a/clusters/okd4/machine-config/kustomization.yaml b/clusters/okd4/machine-config/kustomization.yaml
deleted file mode 100644
index 674f6efba9db50db91da16bc8a89885596784ec7..0000000000000000000000000000000000000000
--- a/clusters/okd4/machine-config/kustomization.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-- worker/99-worker-chrony.yaml
-- worker/99-worker-disk-encryption.yaml
-- master/99-master-chrony.yaml
-- master/99-master-disk-encryption.yaml
diff --git a/clusters/okd4/machine-config/master/99-master-chrony.yaml b/clusters/okd4/machine-config/master/99-master-chrony.yaml
deleted file mode 100644
index 66674416c377ef5fc4b61b60b5f3cb5c05411b9a..0000000000000000000000000000000000000000
--- a/clusters/okd4/machine-config/master/99-master-chrony.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-apiVersion: machineconfiguration.openshift.io/v1
-kind: MachineConfig
-metadata:
- name: 99-master-chrony
- labels:
- machineconfiguration.openshift.io/role: master
-spec:
- config:
- ignition:
- version: 3.2.0
- storage:
- files:
- - contents:
- source: data:,server%20time.cloudflare.com%20iburst%20nts%0Aserver%20nts.sth1.ntp.se%20iburst%20nts%0Aserver%20nts.sth2.ntp.se%20iburst%20nts%0A%0Adriftfile%20%2Fvar%2Flib%2Fchrony%2Fdrift%0Amakestep%201.0%203%0Artcsync%0Akeyfile%20%2Fetc%2Fchrony.keys%0Antsdumpdir%20%2Fvar%2Flib%2Fchrony%0Aleapsectz%20right%2FUTC%0Alogdir%20%2Fvar%2Flog%2Fchrony%0A
- mode: 420
- overwrite: true
- path: /etc/chrony.conf
diff --git a/clusters/okd4/machine-config/master/99-master-disk-encryption.yaml b/clusters/okd4/machine-config/master/99-master-disk-encryption.yaml
deleted file mode 100644
index 943c0cd2306c040e4bad208fc8fd7cfef5b1f0de..0000000000000000000000000000000000000000
--- a/clusters/okd4/machine-config/master/99-master-disk-encryption.yaml
+++ /dev/null
@@ -1,80 +0,0 @@
-apiVersion: machineconfiguration.openshift.io/v1
-kind: MachineConfig
-metadata:
- name: 99-master-tang
- labels:
- machineconfiguration.openshift.io/role: master
-spec:
- config:
- ignition:
- version: 3.2.0
- storage:
- luks:
- - name: root
- device: /dev/disk/by-partlabel/root
- clevis:
- tang:
- - url: ENC[AES256_GCM,data:b/wCa4GtPLFVDNQJH2ixhDMJMCTYGN2GGxYrvMU2eIwd49Te,iv:3ogfJlgxyyV1ZVTPGUA/OSMgWk9NR2JQjU/LSrE/19U=,tag:84T+FTPRBHY20onFc/eFhg==,type:str]
- thumbprint: ENC[AES256_GCM,data:2/2ii6uptjqAunn2gKxa9MfR6jrQoyoccS0EuMyXqnRUTHOdmXrDxyyDTg==,iv:Yk+/iYDfsxiOFvadl1kN7QQeFnW4YfesfLTZe8VqpY8=,tag:uJG9C7NlHR96v2IRrauUWw==,type:str]
- options:
- - --cipher
- - aes-cbc-essiv:sha256
- wipeVolume: true
- filesystems:
- - device: /dev/mapper/root
- format: xfs
- wipeFilesystem: true
- label: root
- kernelArguments:
- - rd.neednet=1
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2021-08-16T18:44:40Z"
- mac: ENC[AES256_GCM,data:FVzDsD2xS64sLy45DjWwzskoC1NSdzoknoYOCC1KhmYQpY8LjeUwqoKUUa7iK3ecaHSTwlacygefFLdAJGWCcvyPLLE9Zerjk+kw7O3mGOVoP+4BdwWYQQYbIhBJZ5ERo19Dr+wwQe8DHR3IrThouzrSASstQYiAGpN4DXz72sw=,iv:gckENeDJuaVn2lovZOk2NrUuqumYlPvFdfi67p5qS0c=,tag:zIHG/TWNHKbXTJCCZQCLqw==,type:str]
- pgp:
- - created_at: "2021-08-16T18:44:40Z"
- enc: |
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1u//sli4/n1ARAAg+39LJBPbxoHZeupBcpEocVYTxsXsdeH9cclDLzVy+oE
- mpPYkoUBypXg8y+681Di6dUuDGp2z8rEa66a3e1DeJGaAUlGmRjz9i7YSb1vy9ds
- Th3NgvDfUnV11EQWPUMVy5CSFOU6VAq52RHO6CbeoDrkFxbp3LwQVuwEfh3zLS8+
- 3wC4KUGfbFvSvXH/7ULTsaGgibPXAw+XXHfQkkPM6Aywt4mDtlrbGAKT8zYSmqfc
- LxmDYQ4HXK5hhL6cGNdVs0FasROAhZqYg9CnNQx0GraFVtP7pzt1OEOxY+ashgDb
- SSz7OjxnfxSApZyHnF4g89b7bGD9yYbQ0jSYtHFoWp1Czj0osbHn2Ptpegc8sSv3
- 1/Rgya6pzuFK85xo2ptJUnOU6rlgDmNIrpd1mk0Tdc1lTxKj7wXriLt97EPqtb1k
- het2m2nfg6uzkcUWrfJsdDIlmrEWIYgPGtaZaRz49LyCwaociceGmAZKGmQX4A1d
- 8GXS88LdZPR6+LOPBQxxq2Mmvr1aWIhyzDrXsZp/eAFvq/ek/XfuGmFiUfoBEis2
- 8SYzBoulmizHm4kA0vc2+wDy3XdpkoojXWm2FoDASVSKgzIldwpHu4HzH9QM+XaA
- EiecF//VhkScUiuQEyZ443t5Huyoo2lz4MELC5WEiRaXyvYcZEbgqKqJaFptS+7S
- XAEQOvDAcDZyi+L5gl52tR+MdjYx4BlucWEgHRUGTRjQ6PuZ7IhbacBfZu0t9djT
- KGMTj1mmy60so8BllBzCKSCUSlGxQUE0lpOMS6Nl5C2FJ/DtkWX4z4AV5x40
- =szed
- -----END PGP MESSAGE-----
- fp: 9D02A9AD73EF7F3D5F657AC2B392F6EB325E8C50
- - created_at: "2021-08-16T18:44:40Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- wcFMA7kpg2bgzVHcARAAgpvpN/X3e7svTUWOhWxKa1mIcuUScBvCgOIiwQJSEBOU
- QFuckyf5KaaKgX6+WHbS7MBx+6PeBHsX1fZNQmsvYMQFYfw6vzpvJ8w2HUn0eSJy
- I7RRXwJg3mpAcltZm2EK74GE1wF08+DW53n4uLAceTB2/2aA4KxVaYSL7Zuwd89o
- 0cG8siyt+rCwzziGOxtTsUJwx9yrV5011ON7eBtbh73wjrhxwgdDMxb+yNyM6wSp
- hfOrHI7hYrdETV3v085IQIghOUOokvVDjUmF22HCaIOnCniqyoKbg8rjwJtY9VaM
- TgfiAThk8HLJ/0FKfUZspdMykhhSAWkoqKV0zjt+tPfkrggMLN7oe+ql9xyISMjl
- LS3pKNUSceCoSHXadIXAgCaqcAJcnUXD9H6gK+IPbJ6GHSL9uPpK8fx12pWLoXH5
- E+v2uyFTkS66YVqhnZaVuE5PyPNwp/Hqm7awv1WEnm7Lx3YSIaeR7FmDGkGnj79Y
- Eru8ea5QItoujTnW2wOobNLB2RAdMETwqxY4CkGxWg6XyxeAq59icIijkXkwkm7l
- tf5O87I+jFX0BTz90yYTP9GlSKbFdgriBWZIWChnFrHPXCwCtC+Rhdc/b1/rvVcq
- CL5Hq41byxiXyW0i9KmQMzveTTnfsbi6708ppBh/pCGIhBzn7ptRgYOzBpQZ00rS
- 5gEENb9DyHgvupo+FbfSDmj7wX46bcemFNLAiXGIO7HIy69RsmfqF7Fox2QLRkN7
- Wjva8FEcH24hIEchgiP/Fg3k4c2++yVN34pPljwrS+GmIeLuv8CwAA==
- =dKsE
- -----END PGP MESSAGE-----
- fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
- encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|hosts?|tang)$
- version: 3.7.1
diff --git a/clusters/okd4/machine-config/worker/99-worker-chrony.yaml b/clusters/okd4/machine-config/worker/99-worker-chrony.yaml
deleted file mode 100644
index 0cfe5e8e0cef254768b67dc06b8fcb80cf240371..0000000000000000000000000000000000000000
--- a/clusters/okd4/machine-config/worker/99-worker-chrony.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-apiVersion: machineconfiguration.openshift.io/v1
-kind: MachineConfig
-metadata:
- name: 99-worker-chrony
- labels:
- machineconfiguration.openshift.io/role: worker
-spec:
- config:
- ignition:
- version: 3.2.0
- storage:
- files:
- - contents:
- source: data:,server%20time.cloudflare.com%20iburst%20nts%0Aserver%20nts.sth1.ntp.se%20iburst%20nts%0Aserver%20nts.sth2.ntp.se%20iburst%20nts%0A%0Adriftfile%20%2Fvar%2Flib%2Fchrony%2Fdrift%0Amakestep%201.0%203%0Artcsync%0Akeyfile%20%2Fetc%2Fchrony.keys%0Antsdumpdir%20%2Fvar%2Flib%2Fchrony%0Aleapsectz%20right%2FUTC%0Alogdir%20%2Fvar%2Flog%2Fchrony%0A
- mode: 420
- overwrite: true
- path: /etc/chrony.conf
diff --git a/clusters/okd4/machine-config/worker/99-worker-disk-encryption.yaml b/clusters/okd4/machine-config/worker/99-worker-disk-encryption.yaml
deleted file mode 100644
index 3d060d3b0b5d1d71f9f8e6c5a7afccbe20d3af7a..0000000000000000000000000000000000000000
--- a/clusters/okd4/machine-config/worker/99-worker-disk-encryption.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-apiVersion: machineconfiguration.openshift.io/v1
-kind: MachineConfig
-metadata:
- name: 99-worker-tang
- labels:
- machineconfiguration.openshift.io/role: worker
-spec:
- config:
- ignition:
- version: 3.2.0
- storage:
- luks:
- - name: root
- device: /dev/disk/by-partlabel/root
- clevis:
- tang:
- - url: ENC[AES256_GCM,data:2mnPUg++s2YWJqwuJavNemaBCc1rPomb+3QV/8WE/hjhj8aQ,iv:yMaX5T7Rxx7U7ibApFez/Glv6nblzyAc/RDToqUzN9Q=,tag:Noo3ERo1chDJWi/yPFdbOw==,type:str]
- thumbprint: ENC[AES256_GCM,data:dVll1JONSc6PS3D5PwL3nM/kBEgKw0cEt1xjYzF91sIRBx8H4JHAKSf0XQ==,iv:3x1aLK5NRiDfFg8X8y4qBtsy6rpfPoJHsWNxHj7VaXU=,tag:zwdE1K2kFi1k4eOqGuebrA==,type:str]
- options: null
- wipeVolume: true
- filesystems:
- - device: /dev/mapper/root
- format: xfs
- wipeFilesystem: true
- label: root
- kernelArguments:
- - rd.neednet=1
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2021-08-26T18:09:23Z"
- mac: ENC[AES256_GCM,data:3oTrdaBsw1QI5Fd9xiitZ9saGBZItct78X6m7UkyaenOaSANPdsICm2DZC9ALbeN1ka9D8p7CtmSt+n+dATTmCv+UpEbef9K4rUYJiTPLAVHszu1OUPt/UHEkPlY1eF+42euiHclB4PE5FMkvTsNNcR1RFTUliM+bHbm/nmYd2k=,iv:BVim68EFzdDYygi120zFs6f/SJw8MsWx2cJ+7QyCMQ4=,tag:QiQxMB8TY1mv5U0KTvOq3A==,type:str]
- pgp:
- - created_at: "2021-08-26T18:09:22Z"
- enc: |
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1u//sli4/n1AQ//TtKQyQx1eqdh/xsUAarkziF/r2YCFIdLnJFLXuCwS8fy
- 5ELhmIWmRlufiKaeRvcvr5y32g4p/Y/PyupLPZ7h4uggeT2XG5ppErT+runkMCuk
- 6SqJV2wamOYdnMlX0vc2DSuoy1IkAuf9E4M+J0IFL8edhJEo4CpQQ0dJA894ug93
- 977fgdmQjY4pfSys0G9R3qYpKrVjArCx5u89vVIbTz93uMAOpNb/IjlW4BaYyHoJ
- 71fnAnvG0pVG+/I1qIocD5zf2q0o1XhE1XAGcMNC2+Rb61qFQbEnO+HbalJNP0Al
- VB87jFWO4uL/Ve7kJ3Y3jEAdB+Q2jB8pytPv/mGRGu8dfNWniFlpPLzgm81JfHPv
- 8CmmXDZtCGVZ66NanEECtFRSrg+OL5qvZWvgDreOaR6wrAs2BcHswCvySneZSGRp
- LJpL+KYE7laLtFPl91vA2W74gWgcfMWgfSSTXCUYJm/wcZ+VTsNqKaW0V6lugiOg
- y/qrrWOYcCXfEFf0RJZ4NpHCXjFqyDr07JF5haZbNHD/oufUvOWuVdXZcB7C3GRp
- 96+JQ7FR8FHwOrX477LG2WjUuXjm4umkcouJ3lYLCLUSNvzAkCTaidao06WDrW2U
- NeyxdZhvLqj9n0VYzzhLxVKL1MvnBwI6rZtsQv3GbZBRG6nSq6DMz58VmP457ovS
- XAG6m5bIND7y2eanBhFD/+jSnvneOkjN7pqDezrIsp9UawkHm7L+Zhbp0H6FIXM4
- N+KrqtOsmtdhd4BKVmNnp6fWc7Lv/B5ny2g5pMl1jDk2IxUnfLL1t3TN6m1v
- =VXAR
- -----END PGP MESSAGE-----
- fp: 9D02A9AD73EF7F3D5F657AC2B392F6EB325E8C50
- - created_at: "2021-08-26T18:09:22Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- wcFMA7kpg2bgzVHcARAAVjlVvZLX/RhhTJQarRo4l3HqweLQRcRrZZrenI+sjjOx
- R5S0GxBiK4Wo6YAnJRLWcBkUD47X+wZhN2+Wwc+e6nj5ml2duc4QfHDyMMrTYc+o
- 6IdwpMXOkzlzJkx9KPwgT0trCbv746inO2vVB5GBi+djN96j4a76awUNbLphgaI3
- j5Ap8BZWmxh+W65p29WCHK83ckW79q7S8z6AhJIJi6+6DpPsb1b2n0doR/nSbXLg
- VmXvtpsyTTnbzt5WhQUHTBVFEyBwOR4suhXXRBGnUG/IANCiPaQrS+xlUX02ldwC
- weMiZgEo9ndRCHfDLfTfBRRlZOpSevcVbpJciCKpFUlqgpqXXs1UaWpr19CPkuh4
- MT+4r+bEEl1g5N56PWTb0DZgFciCddwr9VhwoJ7b0Gg/uZcMKBIovCZqKR4gvaJf
- ktAXbDST1WQrEMdJNeqHbfgrpKmRlJUtJOsIvo8O7q4cIW0/eZGZYIVVnjggPJy8
- RmtsZDECvQM5b9FerraOwhqmavt3l0lXTpQ1l7Cg08tWeOVYh9LXpE4gcw8gw+xz
- jQ67cl5DP+6OsGK9l7CPnbvAOOTHSGB1mL/sx4bYdjUzjc6QMpRU8EH1MPtPFblc
- xAenmRXWsCoLVG930Sj9+XpAwbJtzZTgqj3RnaiN/TDZqkukXhSTDF0gV1cJWJzS
- 5gEuXbn6MH6dD+TcLbrLGCDdT6pZaVnYZbz6YVc/5GXmgbVzTFIYH4dSaOSA0jKb
- bXletXV84P5DvhjJskDepAbkfZha1frR0OR36lElLt4QheI1tJCvAA==
- =2GMF
- -----END PGP MESSAGE-----
- fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
- encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|hosts?|tang)$
- version: 3.7.1
diff --git a/clusters/okd4/openshift-image-registry/default-registry-config.yaml b/clusters/okd4/openshift-image-registry/default-registry-config.yaml
deleted file mode 100644
index 343cc0f820973f409465f34cdfe06929e3bde838..0000000000000000000000000000000000000000
--- a/clusters/okd4/openshift-image-registry/default-registry-config.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: config.openshift.io/v1
-kind: Image
-metadata:
- name: cluster
- annotations:
- kustomize.toolkit.fluxcd.io/prune: disabled
-spec:
- registrySources:
- containerRuntimeSearchRegistries:
- - image-registry.openshift-image-registry.svc:5000
- - quay.io
- - docker.io
diff --git a/clusters/okd4/openshift-image-registry/kustomization.yaml b/clusters/okd4/openshift-image-registry/kustomization.yaml
deleted file mode 100644
index b6439fc2c71718150f0f2a4e017bb7648e0f064e..0000000000000000000000000000000000000000
--- a/clusters/okd4/openshift-image-registry/kustomization.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-- s3-credentials.yaml
-- operator-config.yaml
-- default-registry-config.yaml
-- samples-config.yaml
diff --git a/clusters/okd4/openshift-image-registry/operator-config.yaml b/clusters/okd4/openshift-image-registry/operator-config.yaml
deleted file mode 100644
index 6cf003b373d6d5116e033d3e7ade22a51c68a7cb..0000000000000000000000000000000000000000
--- a/clusters/okd4/openshift-image-registry/operator-config.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: imageregistry.operator.openshift.io/v1
-kind: Config
-metadata:
- name: cluster
- annotations:
- kustomize.toolkit.fluxcd.io/prune: disabled
-spec:
- managementState: Managed
- replicas: 1
- storage:
- s3:
- bucket: si-okd-registry
- region: eu-central-003
- regionEndpoint: s3.eu-central-003.backblazeb2.com
- virtualHostedStyle: false
diff --git a/clusters/okd4/openshift-image-registry/s3-credentials.yaml b/clusters/okd4/openshift-image-registry/s3-credentials.yaml
deleted file mode 100644
index b57cead4b736a52f5248103a7ccb0724963bfcfe..0000000000000000000000000000000000000000
--- a/clusters/okd4/openshift-image-registry/s3-credentials.yaml
+++ /dev/null
@@ -1,60 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
- name: image-registry-private-configuration-user
- namespace: openshift-image-registry
-type: Opaque
-data:
- REGISTRY_STORAGE_S3_ACCESSKEY: ENC[AES256_GCM,data:FVP4wUXXmdicHDct7RSmvEBo3/JSVroRiS6vjg9/PKGMuZ44,iv:YvoQSTREyfTiRA0yjZuGNuFk9g9RPcBhyf4IuXseK3s=,tag:yEPbv4eWXGtuw9Oi8gm8RQ==,type:str]
- REGISTRY_STORAGE_S3_SECRETKEY: ENC[AES256_GCM,data:X6W0etxDCWK8fdxOcsT0RLylpgws41R6z+oYM4Ep/yD7qDCwGILhgb8pGY8=,iv:2yWHZaDq+1B9Y1Dvlc87ZS8dEM4OpR+owM66YPjDipQ=,tag:035WiPMu8DsqR7s4oDS8vA==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2021-08-13T22:56:30Z"
- mac: ENC[AES256_GCM,data:ofer7/EAvAzie/+DxsVuFItqX3ZKtjUnps6ZtqoEaVjWsiB7eS6WlfBRaftIXLeWC5g5y3xj17V/j6ThJJu/5uWKf3ljaCOZngu+fQ/hmS6piTlamuP5u7WlgNYe3zsvexHy23aQO6ILqQEgc43U3OFHzT5PVz0rX7Q/oRfejAU=,iv:KLIsoyrkDsdu0qh9u9a3Kua8Fb+3prKE5cpl/5RlzuI=,tag:/w/hZ187x/dvF2qySdw4Kw==,type:str]
- pgp:
- - created_at: "2021-08-13T22:55:58Z"
- enc: |
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1u//sli4/n1ARAA2IH94ioP3WfBzavZINIhV394JsrNrQWBDZkkDuknxZDG
- uTK0LiLqVEZFLQjvSop41xOXR4H4OZ74KpaJ5C9nS4JUn9ieOaQncuIA6K81ONWC
- K6VcpvMoLqkHKxy5XZVon25sCEEzj3+jbcUZHsYaUizFLjVHfek8DKjw2ohiXwti
- 7FwL4M2GIt4f79ZiRMMroJbU9IFAwHiGzbnMx+XT4YxK62pE5+tcFyyU+mMkzgJ6
- lmug8/eoqwc424PY7+iJXvVNfbdSDXw5VPkmvv56dilqLw+Ojwx+siS+EKyYr1an
- uMexsMcbVqWaMLPNga4Ctu742NB/IGw+QtvR3w4Nvui2q5EXVUlUc0iKi6QUWAy0
- joAMqdXvlyyLP039STMPklfd5oNuIvym0Luar9ucKo2DZQTDLg3S42KabKYRrMCf
- mkRY0HZgRQOHQPIdkLWRQxJ9BK+NJqd54WRLiDcXcLVKybYgS56mmYwTslSVDNOO
- c7qjBmsHm+UbE8M4AcQ1yESIZvpamZwPCuSfzuAbs/qAnwMVAoF84/c9RZbbJ2Yq
- PtJ9Z/8Z/QmKsK7zxJddPql18ST/zUZCc7lWM3RDCZ86zKLhMpilFBXjfIZ/zmWh
- 2DrvZrAs2qofuYst89FBKICQHoirkcXWbFogWKKjlGdaC2xytZMS9JHIK4qqNwrS
- XgHBudSpsHoYVit8CLqtl4I76v+gwo4A+KWav0rHHcX1oiQxo/t9jvSlumH+YLHD
- EULi7V1H+PQhfc4cFZHnWb0kpap/APSjGkx+IV8jvFkGVBWaQN84VDmrHyqJdxk=
- =Na/5
- -----END PGP MESSAGE-----
- fp: 9D02A9AD73EF7F3D5F657AC2B392F6EB325E8C50
- - created_at: "2021-08-13T22:55:58Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- wcFMA7kpg2bgzVHcARAANtQtckormdW+njfoPmtjJE/GOZA5NANTItahVA6UB5Vc
- ydq5VxvVhHcFfaJWF8yr8suUz7cOqFoLjF3K95E/MF1n22qBNbZfOCV+iPIMOMUV
- vzjCquPmfdhq+oSS9FrXj2E83hIaAipNRmEUb4q0PXGOw0tiJxqyi9uKd8II+QRM
- 3Juat0yX3NR+a1Cnm7MSJMFuvyee9nXw8m2WQacobbl8GDHq4YynaSgaWcz0NYcH
- cBASANGhthVYGYw++5nj5QrVIXH8CVNmkc7U4/aPZ//ZqRuBbdMRhAq35cCREKHb
- aPr8vMUr2DoTURVpYSeoSe1hybyCB4zokVzE4u/iEM/gpGYnlvBB4QLn+zxjaE2Y
- wFGuNkuNo9fgdYkhzt9/6dgNpub43lpDCgwbUmv7cfF2MfAIwp18dgxmwVsMa3sA
- qmAz2I7QxZVRzj5DKfchk0S6/E1dJfH3UIt8MAiJO0Dyg9UGKo7hqn8dt+hkAVlv
- ZYWWcNVQY4ePLw9pAAVVA16hvQOLRbqvI7FL6ci3XqReyGVEF2Jt8en+u88PJ8l+
- l5gp2VBMshJNqEiPmFqoU6C0LYE52XUUAyXEDLNx2Afp6DDIZlNEhc66ut9NpWo3
- b6nPpQHuVhkplGJDvinkygMmtI0YOsDMHPmSxlWhQ/sT7GU86EDBDsoAJ9w6L2DS
- 5gHurxMX1P71CxIMCtNz4pePIeY2x/AVhbhCNFoe3UJHQ33g+J7t0XfVbt+VjKcj
- LKet+Pl9O7xe07lcVEjpjxXkMX7fcOhrrI8gkY5h1I+qvOKp2fKJAA==
- =3/xn
- -----END PGP MESSAGE-----
- fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
- encrypted_regex: ^(data|stringData)$
- version: 3.7.1
diff --git a/clusters/okd4/openshift-image-registry/samples-config.yaml b/clusters/okd4/openshift-image-registry/samples-config.yaml
deleted file mode 100644
index e9c5569d94590c561c181c59a90bb1132d0a10cd..0000000000000000000000000000000000000000
--- a/clusters/okd4/openshift-image-registry/samples-config.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: samples.operator.openshift.io/v1
-kind: Config
-metadata:
- name: cluster
- annotations:
- kustomize.toolkit.fluxcd.io/prune: disabled
-spec:
- architectures:
- - x86_64
- managementState: Removed
diff --git a/clusters/okd4/openshift-ingress/cert.yaml b/clusters/okd4/openshift-ingress/cert.yaml
deleted file mode 100644
index 5e166a086f2eb7bb4cc947afec1f764630b575a0..0000000000000000000000000000000000000000
--- a/clusters/okd4/openshift-ingress/cert.yaml
+++ /dev/null
@@ -1,63 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: default-letsencrypt
- namespace: openshift-ingress
-spec:
- dnsNames:
- - ENC[AES256_GCM,data:FoKfuGGS8WGvtu9D26c3NmdadJKDe9Rl6hXJxhYRbw==,iv:eu69Y0Fw6zyOyFt0cqVQnvVQ+xsiKu53dzmjfn3Zjgs=,tag:YFOY3tcmRhBnq0/6Hs88KA==,type:str]
- issuerRef:
- name: letsencrypt-ingress
- kind: Issuer
- secretName: default-letsencrypt
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2021-08-15T20:59:12Z"
- mac: ENC[AES256_GCM,data:zIPiZRnO9f4nWbfmtof8D7VpSjzLNNK6/RRzJ4ySEo6krB4LTayq23yb+W6ZmJ6hdE7nZLgQ8DudmEzzuN1yJUEohANGcIwuIsyT1imXLRfjx7FDwVbkDkEav77rzknpCGVRGQMkDdzNthgt1uG7gI3QQndo1bturJ93hRP28pc=,iv:bKhGnu7oSUMGwnEEKXk//uPg7KSIh/sprXZJVPtf2PI=,tag:7r1ZudGXgG0Mj7YTIIvJoQ==,type:str]
- pgp:
- - created_at: "2021-08-13T23:57:46Z"
- enc: |
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1u//sli4/n1AQ/+P9a2Xo942rbnqz5KlvwrcAVHyO40a+GD1mlIxNBY1ppc
- o9YLeBCIMl2WQjldBjemXIyflnjxvUgyPTT1xMC8Zqadbmb2+lavkBO5kNIdxByH
- RCQJB3Bsqg1P9Hqvb4TLyAMZWt1KN48+NNQ/CAMkudw+3WLbgad1XEM+9RM5dkU0
- 5bAmZN5mBf5svgsclKSF3W5tyzLiKZuw5gXbJE9sWRfzreOKJYmrIVUXpg6TwQSJ
- ofZNiVfi1dMyb/RGwmUMzizPKSU50a7rCvg3eDtWKVVK4xgiiW6k+Mt6N3vG2k9O
- nzpPyqnTGJ/fqj4ipr+n/eoz+amfADKAx64pE5YgqliTlqUslFjVTdEVpjcf/jFB
- PZ+GsGKjBrHZVRJ4u1ZI15vWnbDKbWVYsg87v1dFBLecefWYjBf4gU20LSwpOYGL
- UKw7pEADAGlG+vfCnW0apAJLpTvIry7s5K6xFqjKuM3S+UZK76o9bJPlGibC1WRH
- ZPGQExC/G/bsmXLI5uTajyo2H/S1A+xlRuEu3YTTgfUgv4C+g7eQZsr/WioddNAk
- V2i8aemMK9/upuaT8gKt0zX7qj6FVD2MUjAGkotvyX5AiRmYlUaMhZ0FNShXcnYt
- H0lpiEKPpgY9Ud+CFoEt6A62cNYZPmWjK6v6KVq+Y/35q5Jvj+47HECu4T2c1onS
- XgEwkPoYObLClI9gk55d7uNAkeani8AB9/Yf6rTVOGRzhMT5UNu5x+hXRnKg2Dm1
- kF5Bj7K9PDsgR7wSzvEoCqCs8v4+rIOr9Zkn8+TOxsnnUYBj3dNwVBjqflZ1Jh0=
- =F1um
- -----END PGP MESSAGE-----
- fp: 9D02A9AD73EF7F3D5F657AC2B392F6EB325E8C50
- - created_at: "2021-08-13T23:57:46Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- wcFMA7kpg2bgzVHcARAAoCIDfkytMm8oZXj+nxfSYMp6wQvvcDCOXuP6PHDKq5Gg
- sT2jw2QgCKEChSRiysvGV7T7yOu5C4Hqk+QGdEiYscwrzf2ngD40z8q2gDyJEhXT
- uyeqh0RtO6LKtAseB4JuQbjbnMO78REhyp4wagO2bUaSD6Z+tM0+sfACWB8+Z83m
- Spx+jg4RBOdPc94xtcIX1nLxhxDqRl0vF2igaUZfWCpkfcEINkFyrkh2fwaeq/Kq
- 62gYPoXwUHTpF/l0x2pQAW52VJSslX+Cjscn4zk0LFG6w5rQTIAZutSwIOfNT0qZ
- /JlHe9ptc4JTxrXQXSsAVmxjABKzeo1Io5jpqBYu8J1R58HVeEsda8Cll5UsUhIQ
- CV69cSPCk72LJqVa6fMyH2GfbJ0EbBwAY3oFygRdW6hOLemJqd7Zq4uQMb1fJjw7
- 3FkA3xv4gsTepsDPFtKA9YnsOX175P2tUmd5bw1Hdnqw4XQtgAsN7NH6NWKv2afT
- xIJAi8UAwBJJl9BMDaeph4gV00dOBGtoYHo/iqEibgjSgVRYbozX1/daB20117V1
- C3km/LP/+8xbPAF4kDcNf1n1ezS6xY0gKeS5z284VV/uvo+Ww2dXNxpHvDXFUTYR
- ZhyHYxW3d1YZVEdNHgIkPQmu/3mMnEvNFyTS8Sb7fW+leNHOd60UFpE8RE9eGODS
- 5gEPngNxBZum2+G4gFclNfi9IoRlegoRewncMXWbpanAkhISMknBXGiyw8sxLjUt
- cu1SGvdKYdfUwpWu+X0jr8vkO80RVv3FyRTQzHk/iIQJeOI6mJcMAA==
- =z2t5
- -----END PGP MESSAGE-----
- fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
- encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?)$
- version: 3.7.1
diff --git a/clusters/okd4/openshift-ingress/credentials.yaml b/clusters/okd4/openshift-ingress/credentials.yaml
deleted file mode 100644
index d4cb378297d266e820ef6cefea5769b6e87c1d4b..0000000000000000000000000000000000000000
--- a/clusters/okd4/openshift-ingress/credentials.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
- name: cloudflare-token
- namespace: openshift-ingress
-type: Opaque
-data:
- token: ENC[AES256_GCM,data:WegdVaHNQhN2VWfzc6LuSVJ/JCqAYMD/kycEedrZxNIOLkhFc/E+WCi50mx5Sv6A0UqVo7f2LbY=,iv:q/QWZouLRrdP4UjbGVthvymbeG8Pfg6nczESNYzBK6U=,tag:poUE1TSwmnp4onvVF4zAuA==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2021-08-14T23:59:48Z"
- mac: ENC[AES256_GCM,data:YhmKLWEDhmdLZdr1WYHAobkYVfo8q/do8tN83bYLQmcnchHeSjPdiHJ1FU7KvFI/E2hXGPPNjtExIpeSOcJ3K7WDM1Qi8r6FeCroySBNkolq63u5/TI4umiWKDUBXEvv6H9MIfy7+zIzJ/fl1bKze9P1IggHlWC9vhL+uGnwyVc=,iv:85JnGYtz5yIpZpxJCa0vV5l7XMsDE66cwg4aaU0Retw=,tag:h68lmun+hHb4Hdb3/v4afw==,type:str]
- pgp:
- - created_at: "2021-08-13T23:42:09Z"
- enc: |
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1u//sli4/n1ARAAr3Y+LDoHcRSvotgmcWFF34p0OtC4ytAKmyOsK5D9voaf
- 6o96qWD01VA6jQ6Cp4UXhEAdTezfKllGUjMwLHbS30bCtwo8gRznRAPStY3u2rcZ
- ZgV2QKJBEM0bm3vtO1UT94IbMas4GwvdO8qxltFn0yBy0TQI5E9+js+b2/Cyyy3L
- wnXT93p4HLBkhMGD43eYxZWW4i+vHrEx6efOahpyIuJqpNo+IiNhCT5TQzqkmfBZ
- BQImX+EOeMMzvZO3WPUgvxeph+qb7pLOlXP8b0AK1qrZ2/jq1/aF4RwU+Kx/8By4
- Wmq47P/++IL/I4rLAGKry5xr7eFHH6ltfjfJd48aqiNb0jeKi/TlmAew4RcTMlrF
- Tfo/lCjQPet7OKHY6Fh7n2vniKej6IeEkaakIbexAhugI14i5/63HjBt8Us/951+
- 1j+QT5jN3BcrvJORCkDetJ2YVaSqPdCnf+9jkOqocLDR31pSvBBvqVAO7DNWYwjk
- fX9G/HUa3k2SYHd6OP0dWji7qQzjmNWQN2lGvTrCkV6IIyC9h5wEfXZ/1VnP9QSb
- QDlh6ln5RlKVe+HrhtO4luG8vMXBY78sZ1PC8KPBcS7kz7v0CB7FOMuh06nzby+D
- nv9nvBwGXIQ3zI3gGYHX3XHmRmPpuXjuEoc5ru70mo8uAz7JgBSnRO5/0xpH9jPS
- XgGsoCtK7Sh60yN4BVBiTiABHReMSXEjBjuwTtZt89lHST5EswZ4VdhJHcIXPqqj
- QSipFXeX99C6EoYvFxYq7QOrp4rwt5j7YXP/+9nVDpXMFohN3Zrc2FNAExkc2N0=
- =OHq8
- -----END PGP MESSAGE-----
- fp: 9D02A9AD73EF7F3D5F657AC2B392F6EB325E8C50
- - created_at: "2021-08-13T23:42:09Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- wcFMA7kpg2bgzVHcARAAsydPjUm/G6Vd6b61e3b+NOu4YWp4IMRirA6Shxp2PBM7
- Ch+K6WXvE6KRwHcJMG66rDj0W9p0kA6tQhC1HkzU/3U+cUnITT/SFOtlywOH+29c
- 7xVEmOcwcvlFYO99fJIb0KslyzRHj3FLYp75VBLGDbVMIgaUqjZwRwO6g9N0MyS3
- UE2+BXXHzvHSep2ylMd+y6afe+jcEDISF6G8s7xgjdyvdhWfQv5Bbib9laKAnCqr
- 4qKTspa/ePVT+frwwcict85F6EcB5SY37uUwEZ1P+jJDU2S58PfLvdVCKejEzKyh
- B7N/86jUucYdqOVZsewN99Unrrvq+f7q8EulQ08XcmZ8J7DDOXHqNgUcw/Sfgp4v
- aVGSeQNUGuHFc7q32K8+7zkbo9FrpIV4RhztKrmKUZy5QrkFxm8NVol1DVzPtlBj
- GH1Pqcoa7UWeyvBd1/c729Xfu48iP1z70RCu54a6qr01xloJBQBIU6OlsfxpvVif
- /Dx660riAtr4RKhPQ7sHNO49ibjXqMsche6hB7LR7lt8oPxB8yru270qf/URnvsK
- b+AmATezCJo6QVLfNH9o6ZY5K+HTy3cJyl0PMtctvNyhaK9ch84/MpHUfckHLbrl
- Is22TNqkSZoZSeyDzfALU8Z0k4neGRgroyLpc1voNVYBwlnu7RuPuU0SCXx5CKfS
- 5gFntAmaLLls7msGCX1vzSgeQYkVG/j9Vn4L087Os/mW9TbRvvu6p/JuyRTzPgbb
- J0wF2YgidKqRIAOtMUbupiLkoA0L3xfXhmIOYVcURJ6aneL1vPJOAA==
- =10Xq
- -----END PGP MESSAGE-----
- fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
- encrypted_regex: ^(data|stringData)$
- version: 3.7.1
diff --git a/clusters/okd4/openshift-ingress/issuer.yaml b/clusters/okd4/openshift-ingress/issuer.yaml
deleted file mode 100644
index ae74861d8fa700514c86d11189940f3903ee202a..0000000000000000000000000000000000000000
--- a/clusters/okd4/openshift-ingress/issuer.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: letsencrypt-ingress
- namespace: openshift-ingress
-spec:
- acme:
- email: ENC[AES256_GCM,data:eBPw+BiEJO67uRLlQf5i9J+phH+TbKiA8BNLfnA2zJ6thR3OeYYLc0p+SB5T9AQ=,iv:TyUprJrFiZJq9gOSN5H631JJIPeJLR4qvcgBXndLblk=,tag:AnXtN2+PggJy5CSSsjgD5A==,type:str]
- preferredChain: ""
- privateKeySecretRef:
- name: letsencrypt
- server: https://acme-v02.api.letsencrypt.org/directory
- solvers:
- - dns01:
- cloudflare:
- apiTokenSecretRef:
- key: token
- name: cloudflare-token
- email: ENC[AES256_GCM,data:QReTFOsJN+Jl/xyzQ6VJM19RXEYhS1bRuzCQTdq5dj1VksTiL/qhWM4=,iv:GceeVKhraaRk3ouDqvZqGA1CYInjDvuOtjuE6QvLbTI=,tag:QuCITSfHEaSAPAiA22zXPA==,type:str]
- selector:
- dnsZones:
- - ENC[AES256_GCM,data:EzKtWo8ajzsoIE+8t41Hx8VtGlv0T9R8,iv:VKx/WpGonUqcACliZ1YjCGJjfrQr+w0oQmz5uJXO8oA=,tag:j0EEcoTYzxTJrXfF2Gqbcg==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2021-08-15T20:59:01Z"
- mac: ENC[AES256_GCM,data:gtXTL2iB7FR/w2qJ0t8w/nVJLdnL2cOL5RHtKXT4k7UeA9FvrDYD4Dw+WIb8HQD7quAa8QxeJgKDlFTPEnndyffnhUz21bHzJcRKQFBmSdaV8pjoFtC41eu0Hyaj3lUpi6ndKTbvuvPouKrABa1zXzv0yWansIUCK1+Gg2mKMbU=,iv:pS0ukw1ezqr0hm1vhUExuxDW1VpFmb0WDCOBHLG3yH4=,tag:uCvhNgxwzHMhpOxA1eliCg==,type:str]
- pgp:
- - created_at: "2021-08-13T23:58:48Z"
- enc: |
- -----BEGIN PGP MESSAGE-----
-
- hQIMA1u//sli4/n1AQ/+I794GEYejSDFz4sVZAnBbN1bTpzT1dg4jbEbEtfDg65f
- 9Yqm8F9FENsIucN1XAkQWA0+UDLAHYV4pFOVi/4+LTX0HyOvVgUTSWspuF6JSMum
- UkfDNLZA4eC0eGqBeF6AaO2qEOxsyrzJz6YtOydevZgegEFnqpk/MdfmvZ29++D9
- LLgpPIxaRCTVH2wgFc8LOVqTwic7xtlRkT1DDbTI7yoN+KFUALNtFNjZBrIezuaK
- NoykPInUeBt9VaY6icvb3O+fwdphWh2ws+T/jmVszfaFJFWZDRsG9OTXVAhKPjeU
- nUmhAUaOr7nWsbYabn38Nxbx+LhrlStyvpTFbwFxcj/gQip4X4q9QOUu/n67E/R5
- m5XQSWB53vjbZKvpYyxTocUJskneTtS20xuj97/tTS+LjdaBD8E1X2Pr7ztrny5R
- vQ/PTpA/JProfI8No/HcFnYnXz8ZiRSbnD9ShMevK3CbedmMVRTNIY5y74i/EfV6
- cAQ1sd4sJ31DXl6YHSuhLl9c3IyN6h+cbaHDjdo0NOcWCXgfcVEu+6l/4TKv5Iqt
- k61CfQ0OhzRHOWJXcE5IXA4S6hyeLXlzVGWEQm/N1oFuX1/NrSrRI/W/ayFVJTOn
- cVdqcTVS44I8jPutzWbozy1arFAbQppE2Vyr56yhs/jQpsRBMSkO1zKd/0dzxUnS
- XAHF7kB8GlQanEFJeXBkzi9ro7UhxkB3ZbtR13sO2/bF/ufiLyASD8FMlZq/0cOh
- 72MIpxYrz84ISBpRPFxAIvAl9FoNbs4XafMKXfAIQH952tOLPZ42xcBZnelq
- =GaBa
- -----END PGP MESSAGE-----
- fp: 9D02A9AD73EF7F3D5F657AC2B392F6EB325E8C50
- - created_at: "2021-08-13T23:58:48Z"
- enc: |-
- -----BEGIN PGP MESSAGE-----
-
- wcFMA7kpg2bgzVHcARAAZ9I+G7NhI9TYTfIb4MC/r5chkylncqxQgItsooJaGGLw
- DQOKDs9O8v9IHjGpLK8xv2Oae3VgL/IimkJJ8RmMvlFw8zG5h+9cOt5jwSUw9SE+
- Vu2kS+sjYy91kOAQR8kufi3gvZnotR0M0fZMaQyW2cUI3p/BVcXUDhPCUjlvE6Y8
- 4tBdCBTP/v5e6AncOijsskMzm0BkIUMYDOcYACOmTuRB7f7Vte3duNPKV3MI3fjZ
- UUFB3NYNiyP6GsodSjpZ0sXQ+LC2ePsrhpFryRRm1V2PRHhCwJeIvgbGqQTafOml
- cL61MdvZcZhi4ys2ap4sEWD9lNOorh/3NCJoIv6rCoVtWGqyceliCJUK/7JkqaMB
- ICh6z5l/6J9eVkoLFVaF+/E7DBWA2Tt3BBGU5+kA07OO3ew5bzk9AMw8hY2fK/DC
- nxmqf3WsWBulUv0/quOsP7zjjWlr9mnV1Vf98KpLLhtV+9V9Rw10t+EN5JbrhPwT
- dQYymhgy+E8RA/vxNX+fBeWuqpo9sFPBuBw3ogNVJUw0dXWXusQ1kKMPUCTdVIHS
- F0X0rRLIzFN/IvmIIlASdekW1DdrAhCbxtStVtn/xvDOF9TRE2/8BZvs9E5Dnu1b
- oFyBJH0O5DVjI7gRnbI1ntQtDwhvhUcJ0JUZtdiotU7lyMIs+GZaVAhD5qvTNoTS
- 5gEMzmTQCeHUOoKwPndd87s5I8zjqLw6YyQq9D546hglnq4EGg2Fo9grgJN7sdpf
- efSfct+ElolKYJ4Lfgg4isnkaw8s5HfT0zLXn7mJ5LpyleKNfAdLAA==
- =CWrw
- -----END PGP MESSAGE-----
- fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
- encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?)$
- version: 3.7.1
diff --git a/clusters/okd4/openshift-ingress/kustomization.yaml b/clusters/okd4/openshift-ingress/kustomization.yaml
deleted file mode 100644
index 724c44ceb92a09ff38272aa8de9ce019df15097b..0000000000000000000000000000000000000000
--- a/clusters/okd4/openshift-ingress/kustomization.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-- credentials.yaml
-- cert.yaml
-- issuer.yaml
diff --git a/clusters/okd4/openshift-user-workload-monitoring/configmap.yaml b/clusters/okd4/openshift-user-workload-monitoring/configmap.yaml
deleted file mode 100644
index 2b9a3ddd43e94606d3f37084e35cecdc4b2c4eb4..0000000000000000000000000000000000000000
--- a/clusters/okd4/openshift-user-workload-monitoring/configmap.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: user-workload-monitoring-config
- namespace: openshift-user-workload-monitoring
-data:
- config.yaml: |
- prometheus:
- volumeClaimTemplate:
- spec:
- storageClassName: rook-ceph-block
- resources:
- requests:
- storage: 5Gi
diff --git a/clusters/okd4/openshift-user-workload-monitoring/kustomization.yaml b/clusters/okd4/openshift-user-workload-monitoring/kustomization.yaml
deleted file mode 100644
index 38089494bcf0326127404eee98aaa30ecb2ec37e..0000000000000000000000000000000000000000
--- a/clusters/okd4/openshift-user-workload-monitoring/kustomization.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-- configmap.yaml