diff --git a/resources/atlantis/host-manifests/add-ingress-whitelist.yaml b/resources/atlantis/host-manifests/add-ingress-whitelist.yaml index f21f7455..58c7b529 100644 --- a/resources/atlantis/host-manifests/add-ingress-whitelist.yaml +++ b/resources/atlantis/host-manifests/add-ingress-whitelist.yaml @@ -4,7 +4,7 @@ metadata: name: add-ingress-whitelist spec: background: true - generateExistingOnPolicyUpdate: true + generateExisting: true rules: - name: set-whitelist-internal mutate: @@ -18,4 +18,3 @@ spec: - Ingress annotations: atlantis.oceanbox.io/expose: internal - validationFailureAction: audit diff --git a/resources/atlantis/host-manifests/sync-archmeister-secrets.yaml b/resources/atlantis/host-manifests/sync-archmeister-secrets.yaml index 9bcb9626..3da81b3b 100644 --- a/resources/atlantis/host-manifests/sync-archmeister-secrets.yaml +++ b/resources/atlantis/host-manifests/sync-archmeister-secrets.yaml @@ -38,4 +38,3 @@ spec: - Namespace names: - '*-vcluster' - validationFailureAction: audit diff --git a/resources/atlantis/host-manifests/sync-rabbitmq-secrets.yaml b/resources/atlantis/host-manifests/sync-rabbitmq-secrets.yaml index 946ecf97..6eb40961 100644 --- a/resources/atlantis/host-manifests/sync-rabbitmq-secrets.yaml +++ b/resources/atlantis/host-manifests/sync-rabbitmq-secrets.yaml @@ -45,4 +45,3 @@ spec: - Namespace names: - rabbitmq - validationFailureAction: audit diff --git a/resources/atlantis/host-manifests/sync-redis-secrets.yaml b/resources/atlantis/host-manifests/sync-redis-secrets.yaml index b8428fc2..ba129f1f 100644 --- a/resources/atlantis/host-manifests/sync-redis-secrets.yaml +++ b/resources/atlantis/host-manifests/sync-redis-secrets.yaml @@ -42,4 +42,3 @@ spec: - Namespace names: - "vcluster-009dba7e-*" - validationFailureAction: audit diff --git a/vcluster/argo-staging-cluster.yaml b/vcluster/argo-staging-cluster.yaml index 9c05593a..9f9de0b3 100644 --- a/vcluster/argo-staging-cluster.yaml +++ b/vcluster/argo-staging-cluster.yaml @@ -9,7 +9,7 @@ metadata: namespace: argocd stringData: config: | - {"bearerToken":"eyJhbGciOiJSUzI1NiIsImtpZCI6IlhjQmkwcEtPTU0yVUw1Z2lmTHN3RlhFeUViSS1wY3Rid1RPMlphZ0dzT0EifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi10b2tlbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJhZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjdjNmUzZmQ4LWFmZmItNDQ4Yi1hZTJhLTlmYjA5N2ZkMjA5MCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTphZG1pbiJ9.uqszE0yNek682Eme9j-Ht66CPfbi01W4-p7hce6ug0MLPMjqXhikJV94wyNZtVT71YmHXRARA1_Fa08OFvvgvzKlEP1BE-vn1V6g8tHPOr-oR26ikKKQ9qYLol4yyaR3y8kMd5KlWxNbRIcHNj95AEm_RjCJwKICB3fd6DU0mEFBv9TloclilqKV0Mgjz3fsugLkJdgcR0VSG2_O_zlk99MY8wCIm0MYonH9plBPbNtwVUXzENb3K1qWpnro_5i28vjlKvo1ANhLMMlsulQxBmM76WJgForZR6iQNMZUtUjjxPbbyTqg7oxbPePSI7V2FGtzRavCzxRJdW2tOIu9qg","tlsClientConfig":{"insecure":true}} + {"bearerToken":"eyJhbGciOiJSUzI1NiIsImtpZCI6Ii1xcTRkUFFqQXdZWnVucXN3VGNNQnI2X1FGSnZwMjhUWnpGN3BOenJ3V2cifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiLCJodHRwczovL2t1YmVybmV0ZXMuZGVmYXVsdC5zdmMiLCJodHRwczovL2t1YmVybmV0ZXMuZGVmYXVsdCJdLCJleHAiOjIwMjMzNzg2OTIsImlhdCI6MTcwODAxODY5MiwiaXNzIjoiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiLCJrdWJlcm5ldGVzLmlvIjp7Im5hbWVzcGFjZSI6Imt1YmUtc3lzdGVtIiwic2VydmljZWFjY291bnQiOnsibmFtZSI6ImFkbWluIiwidWlkIjoiZjM3YjM5YzYtNjVlMC00NTM4LWFmNjItYTZiNmMzMzU3ZWJmIn19LCJuYmYiOjE3MDgwMTg2OTIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTphZG1pbiJ9.Zc1sNktNpnwJ5BK1buNIfLZS8JIFDcnj7CU86Hq9ZFYNr5H8vnvvSdu7EBYPW5xfC6F_y71NQZjED42zFnCUCWzUj_QGrwUjGockLUQAEab6_CrUpjGgaHgqvUh2v5vrw0sD21Qz9E5imc6-m4RQHXFCgB_-zdi6DtjTCts6zT844dOAFrqYZJ_tvMiZu-k4hlYTHnCUUGqzqReu1einMzIa7hZZ1B7842ReU6NRX-1z84CsuONvr1kjHov2jJLu8HM8q5jx-_oDBzZj6oiT-QisSY9H8k3x7xN7lqQw0tSGAjvnYoxL7EPG4oNrgRHBaUQCeZlt2Y7RncXW4WgF7A","tlsClientConfig":{"insecure":true}} name: vcluster-staging server: https://staging-vcluster.staging-vcluster:443 type: Opaque diff --git a/vcluster/chart/templates/allow-vcluster-atlantis-services.yaml b/vcluster/chart/templates/allow-vcluster-atlantis-services.yaml index 933f967f..77edc569 100644 --- a/vcluster/chart/templates/allow-vcluster-atlantis-services.yaml +++ b/vcluster/chart/templates/allow-vcluster-atlantis-services.yaml @@ -5,7 +5,7 @@ metadata: name: "allow-{{ $name }}-vcluster-services" spec: background: true - generateExistingOnPolicyUpdate: true + generateExisting: true rules: - name: allow-atlantis-services generate: diff --git a/vcluster/chart/templates/generate-cnp-rules.yaml b/vcluster/chart/templates/generate-cnp-rules.yaml index effc77f3..f6a3b2b7 100644 --- a/vcluster/chart/templates/generate-cnp-rules.yaml +++ b/vcluster/chart/templates/generate-cnp-rules.yaml @@ -13,8 +13,7 @@ metadata: namespace: {{ .Release.Namespace }} spec: background: true - generateExistingOnPolicyUpdate: true - validationFailureAction: audit + generateExisting: true rules: - name: generate-vcluster-apiserver-networkpolicy generate: diff --git a/vcluster/chart/templates/vcluster.yaml b/vcluster/chart/templates/vcluster.yaml index 8c91be0f..9f9c9374 100644 --- a/vcluster/chart/templates/vcluster.yaml +++ b/vcluster/chart/templates/vcluster.yaml @@ -9,6 +9,8 @@ spec: project: atlantis syncPolicy: automated: {} + syncOptions: + - createNamespace=true destination: server: https://kubernetes.default.svc namespace: {{ .Release.Namespace }}