From 3b742878608eba697f594b88c688daedf83e3e41 Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Sun, 24 May 2026 23:49:18 +1000 Subject: [PATCH] fix(kanidm): add explicit group/kind/weight to TLSRoute refs The Gateway API controller defaults group, kind, and weight on parentRefs and backendRefs. ArgoCD diffs desired vs live by string comparison, so omitting these fields causes permanent OutOfSync. Same root cause as #162 (HTTPRoutes) but applied to TLSRoute. --- apps/base/kanidm/tlsroute.yaml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/apps/base/kanidm/tlsroute.yaml b/apps/base/kanidm/tlsroute.yaml index fb14f65..c27980d 100644 --- a/apps/base/kanidm/tlsroute.yaml +++ b/apps/base/kanidm/tlsroute.yaml @@ -13,9 +13,14 @@ spec: - auth.unkin.net - au.auth.unkin.net parentRefs: - - name: kanidm + - group: gateway.networking.k8s.io + kind: Gateway + name: kanidm sectionName: https-passthrough rules: - backendRefs: - - name: kanidm + - group: "" + kind: Service + name: kanidm port: 8443 + weight: 1 -- 2.47.3