fixup! refactor: components

2025-09-17 18:24:14 +02:00 · 2025-04-16 01:43:20 +02:00
parent 2f3f781494
commit 2a0e3d44c6
39 changed files with 46 additions and 37 deletions
--- a/kubernetes/apps/external-secrets/external-secrets/app/helmrelease.yaml
+++ b/kubernetes/apps/external-secrets/external-secrets/app/helmrelease.yaml
@@ -10,13 +10,8 @@ spec:
    mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
    operation: copy
  ref:
-    tag: 0.16.0@sha256:73d56ac13a838ae4d6025e0f5e021dca4e48f833b5b0aa1e2f81a51d5e33f6d1
+    tag: 0.16.0
  url: oci://ghcr.io/external-secrets/charts/external-secrets
-  verify:
-    provider: cosign
-    matchOIDCIdentity:
-      - issuer: ^https://token.actions.githubusercontent.com$
-        subject: ^https://github.com/external-secrets/external-secrets.*$
 ---
 # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json
 apiVersion: helm.toolkit.fluxcd.io/v2
--- a/kubernetes/apps/external-secrets/external-secrets/ks.yaml
+++ b/kubernetes/apps/external-secrets/external-secrets/ks.yaml
@@ -4,7 +4,7 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: &app external-secrets
-  namespace: &namespace flux-system
+  namespace: &namespace external-secrets
 spec:
  commonMetadata:
    labels:
@@ -13,7 +13,7 @@ spec:
    - apiVersion: helm.toolkit.fluxcd.io/v2
      kind: HelmRelease
      name: *app
-      namespace: external-secrets
+      namespace: *namespace
  interval: 1h
  path: ./kubernetes/apps/external-secrets/external-secrets/app
  prune: true
@@ -21,28 +21,16 @@ spec:
  sourceRef:
    kind: GitRepository
    name: home-ops-kubernetes
-    namespace: *namespace
-  targetNamespace: external-secrets
+    namespace: flux-system
+  targetNamespace: *namespace
  timeout: 15m
-  decryption:
-    provider: sops
-    secretRef:
-      name: sops-age
-  postBuild:
-    substituteFrom:
-      - kind: ConfigMap
-        name: cluster-settings
-        optional: false
-      - kind: Secret
-        name: cluster-secrets
-        optional: false
 ---
 # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: &app external-secrets-stores
-  namespace: &namespace flux-system
+  namespace: &namespace external-secrets
 spec:
  commonMetadata:
    labels:
@@ -59,18 +47,6 @@ spec:
  sourceRef:
    kind: GitRepository
    name: home-ops-kubernetes
-    namespace: *namespace
-  targetNamespace: external-secrets
+    namespace: flux-system
+  targetNamespace: *namespace
  timeout: 15m
-  decryption:
-    provider: sops
-    secretRef:
-      name: sops-age
-  postBuild:
-    substituteFrom:
-      - kind: ConfigMap
-        name: cluster-settings
-        optional: false
-      - kind: Secret
-        name: cluster-secrets
-        optional: false