fix(kanidm): prevent ArgoCD from overwriting repl-cert ConfigMap data
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful

Remove the data keys from kanidm-repl-certs in git so ArgoCD never takes
SSA ownership of them. Add ignoreDifferences for /data on that ConfigMap
in the ApplicationSet template so ArgoCD doesn't flag sidecar-patched
cert values as out-of-sync.
This commit is contained in:
2026-05-24 00:07:02 +10:00
parent 11286a1f89
commit 7d2e0dfa0f
2 changed files with 7 additions and 4 deletions
+6
View File
@@ -44,6 +44,12 @@ spec:
destination:
server: https://kubernetes.default.svc
namespace: '{{path[3]}}' # Use directory name as namespace
ignoreDifferences:
- group: ""
kind: ConfigMap
name: kanidm-repl-certs
jsonPointers:
- /data
syncPolicy:
automated:
prune: true