fix(local): kustomize render passes cleanly

- Remove base/mesh from local overlay (Linkerd installed via CLI in local-up.sh) - Fix LiveKit namespace: chart doesn't set .Release.Namespace, add explicit patches - Fix release names: livekit-server and cloudnative-pg match chart names (avoid double-prefix) - Disable hydra-maester (not needed for local dev) - Add memory limits for cloudnative-pg operator and livekit-server deployments - Remove non-functional values-ory.yaml patch (DOMAIN_SUFFIX handled by sed in local-up.sh) - Gitignore **/charts/ (kustomize helm cache, generated artifact)
2026-02-28 14:00:31 +00:00
parent 5d9bd7b067
commit 886c4221b2
6 changed files with 84 additions and 19 deletions
--- a/base/data/kustomization.yaml
+++ b/base/data/kustomization.yaml
@@ -12,10 +12,10 @@ resources:
  - opensearch-service.yaml

 helmCharts:
-  # CloudNativePG operator — chart name: cloudnative-pg
  # helm repo add cnpg https://cloudnative-pg.github.io/charts
+  # releaseName=cloudnative-pg matches chart name → operator Deployment is named `cloudnative-pg`
  - name: cloudnative-pg
    repo: https://cloudnative-pg.github.io/charts
    version: "0.27.1"
-    releaseName: cnpg
+    releaseName: cloudnative-pg
    namespace: data
--- a/base/media/kustomization.yaml
+++ b/base/media/kustomization.yaml
@@ -7,11 +7,45 @@ resources:
  - namespace.yaml

 helmCharts:
-  # chart name is `livekit-server`, not `livekit-helm`
  # helm repo add livekit https://helm.livekit.io
+  # releaseName=livekit-server matches chart name → Helm deduplicates the prefix,
+  # so resources are named `livekit-server` instead of `livekit-livekit-server`.
  - name: livekit-server
    repo: https://helm.livekit.io
    version: "1.9.0"
-    releaseName: livekit
+    releaseName: livekit-server
    namespace: media
    valuesFile: livekit-values.yaml
+
+# The livekit-server chart does not set .Release.Namespace in its templates,
+# so kustomize's namespace field doesn't inject it automatically.
+# Patch namespace onto each chart-rendered resource explicitly.
+patches:
+  - patch: |
+      - op: add
+        path: /metadata/namespace
+        value: media
+    target:
+      kind: Deployment
+      name: livekit-server
+  - patch: |
+      - op: add
+        path: /metadata/namespace
+        value: media
+    target:
+      kind: Service
+      name: livekit-server
+  - patch: |
+      - op: add
+        path: /metadata/namespace
+        value: media
+    target:
+      kind: Service
+      name: livekit-server-turn
+  - patch: |
+      - op: add
+        path: /metadata/namespace
+        value: media
+    target:
+      kind: ConfigMap
+      name: livekit-server
--- a/base/ory/hydra-values.yaml
+++ b/base/ory/hydra-values.yaml
@@ -2,6 +2,11 @@
 # DOMAIN_SUFFIX is replaced by overlay patches.
 # DSN and system secrets come from the overlay-specific Secret.

+# Disable the maester controller — it manages OAuth2Client CRDs which we don't use locally.
+# OAuth2 clients are registered directly via the Hydra admin API.
+maester:
+  enabled: false
+
 hydra:
  config:
    dsn: "postgresql://hydra:$(HYDRA_DB_PASSWORD)@postgres-rw.data.svc.cluster.local:5432/hydra_db"