Sienna Meridian Satterwhite
d32d1435f9
- data: CNPG cluster tuning, OpenBao values, OpenSearch deployment fixes, OpenSearch PVC, barman vault secret for S3 backup credentials - storage: SeaweedFS filer updates (s3.json via secret subPath), PVC for filer persistent storage - devtools: Gitea values (SSH service, custom theme), gitea-theme-cm ConfigMap - ory: add kratos-selfservice-urls.yaml for self-service flow URLs - media: LiveKit values updated (TURN config, STUN, resource limits) - vso: kustomization cleanup
46 lines
1.3 KiB
YAML
46 lines
1.3 KiB
YAML
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
kind: Kustomization
|
|
|
|
# namespace: ory removed — all non-Helm resources already set namespace: ory
|
|
# explicitly, and the Helm charts use namespace: ory in their helmCharts spec.
|
|
# The kustomization-level transformer was incorrectly moving hydra-maester's
|
|
# enabledNamespaces Role (meant for lasuite) into the ory namespace, causing
|
|
# a duplicate-name conflict.
|
|
|
|
resources:
|
|
- namespace.yaml
|
|
- login-ui-deployment.yaml
|
|
- kratos-admin-deployment.yaml
|
|
# Hydra chart CRDs are not rendered by helm template; apply manually.
|
|
- hydra-oauth2client-crd.yaml
|
|
- vault-secrets.yaml
|
|
|
|
patches:
|
|
# Set Kratos selfservice UI URLs (DOMAIN_SUFFIX substituted at apply time).
|
|
- path: kratos-selfservice-urls.yaml
|
|
|
|
# The hydra-maester sub-chart does not set .Release.Namespace in its Deployment template.
|
|
- patch: |
|
|
- op: add
|
|
path: /metadata/namespace
|
|
value: ory
|
|
target:
|
|
kind: Deployment
|
|
name: hydra-hydra-maester
|
|
|
|
helmCharts:
|
|
# helm repo add ory https://k8s.ory.sh/helm/charts
|
|
- name: kratos
|
|
repo: https://k8s.ory.sh/helm/charts
|
|
version: "0.60.1"
|
|
releaseName: kratos
|
|
namespace: ory
|
|
valuesFile: kratos-values.yaml
|
|
|
|
- name: hydra
|
|
repo: https://k8s.ory.sh/helm/charts
|
|
version: "0.60.1"
|
|
releaseName: hydra
|
|
namespace: ory
|
|
valuesFile: hydra-values.yaml
|