fix(kanidm): prevent ArgoCD from overwriting repl-cert ConfigMap data
Remove the data keys from kanidm-repl-certs in git so ArgoCD never takes SSA ownership of them. Add ignoreDifferences for /data on that ConfigMap in the ApplicationSet template so ArgoCD doesn't flag sidecar-patched cert values as out-of-sync.
This commit is contained in:
@@ -44,6 +44,12 @@ spec:
|
||||
destination:
|
||||
server: https://kubernetes.default.svc
|
||||
namespace: '{{path[3]}}' # Use directory name as namespace
|
||||
ignoreDifferences:
|
||||
- group: ""
|
||||
kind: ConfigMap
|
||||
name: kanidm-repl-certs
|
||||
jsonPointers:
|
||||
- /data
|
||||
syncPolicy:
|
||||
automated:
|
||||
prune: true
|
||||
|
||||
Reference in New Issue
Block a user