fix(gateways): add explicit group: "" to all certificateRefs entries
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful

The Gateway API admission server defaults certificateRefs[].group to ""
when it is omitted. ArgoCD diffed the desired state (no group field) against
the live state (group: "") and flagged every gateway as out of sync.

Fix: explicitly set group: "" in all certificateRefs entries so the
rendered manifest matches the API server's canonical form exactly.

Affected: artifactapi, cattle-system, consul, litellm, paperclip,
puppet (puppetboard + puppetdb), vault.
This commit is contained in:
2026-05-23 23:39:42 +10:00
parent c6f9893804
commit 4ec7c61757
8 changed files with 20 additions and 10 deletions
+2 -1
View File
@@ -31,6 +31,7 @@ spec:
protocol: HTTPS
tls:
certificateRefs:
- kind: Secret
- group: ""
kind: Secret
name: artifactapi-tls
mode: Terminate
+2 -1
View File
@@ -31,6 +31,7 @@ spec:
protocol: HTTPS
tls:
certificateRefs:
- kind: Secret
- group: ""
kind: Secret
name: rancher-tls
mode: Terminate
+4 -2
View File
@@ -35,7 +35,8 @@ spec:
tls:
mode: Terminate
certificateRefs:
- kind: Secret
- group: ""
kind: Secret
name: consul-tls
- name: consul-svc
port: 443
@@ -47,5 +48,6 @@ spec:
tls:
mode: Terminate
certificateRefs:
- kind: Secret
- group: ""
kind: Secret
name: consul-tls
+2 -1
View File
@@ -31,6 +31,7 @@ spec:
protocol: HTTPS
tls:
certificateRefs:
- kind: Secret
- group: ""
kind: Secret
name: litellm-tls
mode: Terminate
+2 -1
View File
@@ -31,6 +31,7 @@ spec:
protocol: HTTPS
tls:
certificateRefs:
- kind: Secret
- group: ""
kind: Secret
name: paperclip-tls
mode: Terminate
+2 -1
View File
@@ -35,6 +35,7 @@ spec:
protocol: HTTPS
tls:
certificateRefs:
- kind: Secret
- group: ""
kind: Secret
name: puppetboard-tls
mode: Terminate
+2 -1
View File
@@ -28,6 +28,7 @@ spec:
protocol: HTTPS
tls:
certificateRefs:
- kind: Secret
- group: ""
kind: Secret
name: puppetdb-tls
mode: Terminate
+4 -2
View File
@@ -35,7 +35,8 @@ spec:
tls:
mode: Terminate
certificateRefs:
- kind: Secret
- group: ""
kind: Secret
name: vault-tls
- name: vault-direct
port: 8200
@@ -46,5 +47,6 @@ spec:
tls:
mode: Terminate
certificateRefs:
- kind: Secret
- group: ""
kind: Secret
name: vault-tls