platform/manifests
1
1
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

fix: sync redis and rabbitmq secrets only if they exist

Browse Source
This commit is contained in:
Jonas Juselius
2024-06-13 13:04:43 +02:00
parent 569e12ad59
commit bfef95f5ec
2 changed files with 38 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
resources/atlantis/host-manifests/sync-rabbitmq-secrets.yaml
+20 -7
View File
@@ -11,7 +11,7 @@ spec:
apiVersion: v1
kind: Secret
name: '{{ request.object.metadata.name }}'
namespace: atlantis
namespace: '{{ request.object.metadata.namespace }}'
synchronize: true
clone:
name: prod-rabbitmq
@@ -23,14 +23,20 @@ spec:
- Secret
names:
- prod-rabbitmq
namespaces:
- rabbitmq
exclude:
any:
- resources:
kinds:
- Secret
selector:
matchLabels:
generate.kyverno.io/clone-source: ""
- name: sync-staging-rabbitmq-secret
generate:
apiVersion: v1
kind: Secret
name: staging-rabbitmq
namespace: '{{ request.object.metadata.name }}'
name: '{{ request.object.metadata.name }}'
namespace: '{{ request.object.metadata.namespace }}'
synchronize: true
clone:
name: staging-rabbitmq
@@ -39,10 +45,17 @@ spec:
any:
- resources:
kinds:
- Namespace
- Secret
names:
- staging-rabbitmq
exclude:
any:
- resources:
kinds:
- Secret
selector:
matchLabels:
vcluster.loft.sh/label-*: sync-staging-rabbitmq-secret
generate.kyverno.io/clone-source: ""
- name: add-rabbitmq-connstring
mutate:
patchStrategicMerge:
resources/atlantis/host-manifests/sync-redis-secrets.yaml
+18 -9
View File
@@ -11,7 +11,7 @@ spec:
apiVersion: v1
kind: Secret
name: '{{ request.object.metadata.name }}'
namespace: atlantis
namespace: '{{ request.object.metadata.namespace }}'
synchronize: true
clone:
name: prod-redis
@@ -23,14 +23,20 @@ spec:
- Secret
names:
- prod-redis
namespaces:
- redis
exclude:
any:
- resources:
kinds:
- Secret
selector:
matchLabels:
generate.kyverno.io/clone-source: ""
- name: sync-staging-redis-secret
generate:
apiVersion: v1
kind: Secret
name: staging-redis
namespace: '{{ request.object.metadata.name }}'
name: '{{ request.object.metadata.name }}'
namespace: '{{ request.object.metadata.namespace }}'
synchronize: true
clone:
name: staging-redis
@@ -39,12 +45,15 @@ spec:
any:
- resources:
kinds:
- Namespace
- Secret
names:
- "vcluster-009dba7e-*"
- staging-redis
exclude:
any:
- resources:
kinds:
- Namespace
- Secret
selector:
matchLabels:
vcluster.loft.sh/label-*: sync-staging-redis-secret
generate.kyverno.io/clone-source: ""