wip: Match chart to k8s state

2025-06-05 13:52:36 +02:00
parent 1bb720840d
commit 9249f0eb18
82 changed files with 28211 additions and 329 deletions
@@ -0,0 +1,16 @@
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: allow-api-server
+  namespace: x509-exporter
+spec:
+  egress:
+    - toEntities:
+        - kube-apiserver
+      toPorts:
+        - ports:
+            - port: "6443"
+              protocol: TCP
+  endpointSelector:
+    matchLabels:
+      app.kubernetes.io/instance: x509-exporter
@@ -0,0 +1,17 @@
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+  name: allow-prometheus-metrics
+  namespace: x509-exporter
+spec:
+  endpointSelector:
+    matchLabels:
+      app.kubernetes.io/instance: x509-exporter
+  ingress:
+    - fromEndpoints:
+        - matchLabels:
+            io.kubernetes.pod.namespace: prometheus
+    - toPorts:
+        - ports:
+            - port: "9793"
+              protocol: TCP
@@ -14,13 +14,18 @@ spec:
    server: 'https://kubernetes.default.svc'
  sources:
  - repoURL: {{ .Values.clusterConfig.manifests }}
-    targetRevision: HEAD
-    path: helmfiles/x509-exporter
+    # targetRevision: HEAD
+    targetRevision: mrtz/helmify
+    path: helmfile.d
    plugin:
-      name: helmfile
+      name: helmfile-cmp
      env:
      - name: CLUSTER_NAME
        value: {{ .Values.clusterConfig.cluster }}
+      - name: HELMFILE_ENVIRONMENT
+        value: default
+      - name: HELMFILE_FILE_PATH
+        value: x509-exporter.yaml.gotmpl
  project: sys
  syncPolicy:
    managedNamespaceMetadata:
@@ -4,13 +4,13 @@ secretsExporter:
    excludeLabels:
    - cert-manager.io/*
    resources:
-    limits:
-        memory: 100Mi
-    requests:
-        cpu: 20m
-        memory: 100Mi
+        limits:
+            memory: 100Mi
+        requests:
+            cpu: 20m
+            memory: 100Mi
 prometheusServiceMonitor:
    extraLabels:
    k8s-app: x509-exporter
 prometheusRules:
-    create: false
+    create: false