platform/manifests
1
0
Fork 0
Code Issues 7 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

fix: sync redis and rabbitmq secrets only if they exist

Browse Source
This commit is contained in:
Jonas Juselius
2024-06-13 13:04:43 +02:00
parent 569e12ad59
commit bfef95f5ec
2 changed files with 38 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
resources/atlantis/host-manifests/sync-rabbitmq-secrets.yaml
+20 -7
View File
@@ -11,7 +11,7 @@ spec:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
name: '{{ request.object.metadata.name }}' name: '{{ request.object.metadata.name }}'
namespace: atlantis namespace: '{{ request.object.metadata.namespace }}'
synchronize: true synchronize: true
clone: clone:
name: prod-rabbitmq name: prod-rabbitmq
@@ -23,14 +23,20 @@ spec:
- Secret - Secret
names: names:
- prod-rabbitmq - prod-rabbitmq
namespaces: exclude:
- rabbitmq any:
- resources:
kinds:
- Secret
selector:
matchLabels:
generate.kyverno.io/clone-source: ""
- name: sync-staging-rabbitmq-secret - name: sync-staging-rabbitmq-secret
generate: generate:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
name: staging-rabbitmq name: '{{ request.object.metadata.name }}'
namespace: '{{ request.object.metadata.name }}' namespace: '{{ request.object.metadata.namespace }}'
synchronize: true synchronize: true
clone: clone:
name: staging-rabbitmq name: staging-rabbitmq
@@ -39,10 +45,17 @@ spec:
any: any:
- resources: - resources:
kinds: kinds:
- Namespace - Secret
names:
- staging-rabbitmq
exclude:
any:
- resources:
kinds:
- Secret
selector: selector:
matchLabels: matchLabels:
vcluster.loft.sh/label-*: sync-staging-rabbitmq-secret generate.kyverno.io/clone-source: ""
- name: add-rabbitmq-connstring - name: add-rabbitmq-connstring
mutate: mutate:
patchStrategicMerge: patchStrategicMerge:
resources/atlantis/host-manifests/sync-redis-secrets.yaml
+18 -9
View File
@@ -11,7 +11,7 @@ spec:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
name: '{{ request.object.metadata.name }}' name: '{{ request.object.metadata.name }}'
namespace: atlantis namespace: '{{ request.object.metadata.namespace }}'
synchronize: true synchronize: true
clone: clone:
name: prod-redis name: prod-redis
@@ -23,14 +23,20 @@ spec:
- Secret - Secret
names: names:
- prod-redis - prod-redis
namespaces: exclude:
- redis any:
- resources:
kinds:
- Secret
selector:
matchLabels:
generate.kyverno.io/clone-source: ""
- name: sync-staging-redis-secret - name: sync-staging-redis-secret
generate: generate:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
name: staging-redis name: '{{ request.object.metadata.name }}'
namespace: '{{ request.object.metadata.name }}' namespace: '{{ request.object.metadata.namespace }}'
synchronize: true synchronize: true
clone: clone:
name: staging-redis name: staging-redis
@@ -39,12 +45,15 @@ spec:
any: any:
- resources: - resources:
kinds: kinds:
- Namespace - Secret
names: names:
- "vcluster-009dba7e-*" - staging-redis
exclude:
any:
- resources: - resources:
kinds: kinds:
- Namespace - Secret
selector: selector:
matchLabels: matchLabels:
vcluster.loft.sh/label-*: sync-staging-redis-secret generate.kyverno.io/clone-source: ""