3f282fbdc2
- Add certificates base ArgoCD application with namespace and Vault CA certificate secret - Create certificates overlay for au-syd1 with static certificate configuration - Update platform ApplicationSet to include certificates deployment - Configure Vault CA certificate with reflector annotations for cross-namespace replication - Maintain one-to-one migration from Terraform configuration Note: Skip no_plain_secrets hook as this is a public CA certificate that needs to be replicated via reflector, not a sensitive secret Reviewed-on: #37
36 lines
1020 B
YAML
36 lines
1020 B
YAML
---
|
|
apiVersion: argoproj.io/v1alpha1
|
|
kind: ApplicationSet
|
|
metadata:
|
|
name: platform-apps
|
|
namespace: argocd
|
|
spec:
|
|
generators:
|
|
- git:
|
|
repoURL: https://git.unkin.net/unkin/argocd-apps
|
|
revision: HEAD
|
|
directories:
|
|
- path: apps/overlays/*/artifactapi
|
|
- path: apps/overlays/*/certificates
|
|
- path: apps/overlays/*/reflector-system
|
|
- path: apps/overlays/*/reloader-system
|
|
- path: apps/overlays/*/jfrog
|
|
- path: apps/overlays/*/puppet
|
|
- path: apps/overlays/*/woodpecker
|
|
template:
|
|
metadata:
|
|
name: 'platform-{{path[3]}}' # cluster-app format (e.g., platform-reflector-system)
|
|
spec:
|
|
project: platform
|
|
source:
|
|
repoURL: https://git.unkin.net/unkin/argocd-apps
|
|
targetRevision: HEAD
|
|
path: '{{path}}'
|
|
destination:
|
|
server: https://kubernetes.default.svc
|
|
namespace: '{{path[3]}}' # Use directory name as namespace
|
|
syncPolicy:
|
|
automated:
|
|
prune: true
|
|
selfHeal: true
|