Sienna Meridian Satterwhite
8621c0dd65
pingora-config.yaml: kratos-public and people-backend K8s Services expose port 80, not 4433/8000. The wrong ports caused Pingora to return timeouts for /kratos/* and all people.* routes. ory/kustomization.yaml: remove kustomization-level namespace: ory transformer. All non-Helm resources already declare namespace: ory explicitly. The transformer was incorrectly moving hydra-maester's enabledNamespaces Role (generated for the lasuite namespace) into ory, producing a duplicate-name conflict during kustomize build.
42 lines
1.2 KiB
YAML
42 lines
1.2 KiB
YAML
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
kind: Kustomization
|
|
|
|
# namespace: ory removed — all non-Helm resources already set namespace: ory
|
|
# explicitly, and the Helm charts use namespace: ory in their helmCharts spec.
|
|
# The kustomization-level transformer was incorrectly moving hydra-maester's
|
|
# enabledNamespaces Role (meant for lasuite) into the ory namespace, causing
|
|
# a duplicate-name conflict.
|
|
|
|
resources:
|
|
- namespace.yaml
|
|
- login-ui-deployment.yaml
|
|
# Hydra chart CRDs are not rendered by helm template; apply manually.
|
|
- hydra-oauth2client-crd.yaml
|
|
- vault-secrets.yaml
|
|
|
|
# The hydra-maester sub-chart does not set .Release.Namespace in its Deployment template.
|
|
patches:
|
|
- patch: |
|
|
- op: add
|
|
path: /metadata/namespace
|
|
value: ory
|
|
target:
|
|
kind: Deployment
|
|
name: hydra-hydra-maester
|
|
|
|
helmCharts:
|
|
# helm repo add ory https://k8s.ory.sh/helm/charts
|
|
- name: kratos
|
|
repo: https://k8s.ory.sh/helm/charts
|
|
version: "0.60.1"
|
|
releaseName: kratos
|
|
namespace: ory
|
|
valuesFile: kratos-values.yaml
|
|
|
|
- name: hydra
|
|
repo: https://k8s.ory.sh/helm/charts
|
|
version: "0.60.1"
|
|
releaseName: hydra
|
|
namespace: ory
|
|
valuesFile: hydra-values.yaml
|