🔧 stakater on controller for rolling updates

kubernetes/cluster-0/apps/authentication/authelia/helm-release.yaml

@@ -32,12 +32,14 @@ spec:
     controller:
       replicas: 2
       strategy: RollingUpdate
+      annotations:
+        reloader.stakater.com/auto: "true"
     image:
       repository: ghcr.io/authelia/authelia
       tag: 4.37.2
     envFrom:
       - secretRef:
-          name: *app
+          name: authelia-secret
     enableServiceLinks: false
     service:
       main:
@@ -84,13 +86,10 @@ spec:
       config:
         enabled: true
         type: configMap
-        name: *app
+        name: authelia-configmap
         subPath: configuration.yml
         mountPath: /config/configuration.yml
         readOnly: false
-    podAnnotations:
-      configmap.reloader.stakater.com/reload: *app
-      secret.reloader.stakater.com/reload: *app
     topologySpreadConstraints:
       - maxSkew: 1
         topologyKey: kubernetes.io/hostname

kubernetes/cluster-0/apps/authentication/authelia/kustomization.yaml

@@ -9,7 +9,7 @@ patchesStrategicMerge:
   - patches/env.yaml
   - patches/postgres.yaml
 configMapGenerator:
-  - name: authelia
+  - name: authelia-configmap
     files:
       - config/configuration.yml
 generatorOptions:

kubernetes/cluster-0/apps/authentication/authelia/patches/postgres.yaml

@@ -22,10 +22,10 @@ spec:
           - name: POSTGRES_USER
             valueFrom:
               secretKeyRef:
-                name: authelia
+                name: authelia-secret
                 key: AUTHELIA_STORAGE_POSTGRES_USERNAME
           - name: POSTGRES_PASS
             valueFrom:
               secretKeyRef:
-                name: authelia
+                name: authelia-secret
                 key: AUTHELIA_STORAGE_POSTGRES_PASSWORD

kubernetes/cluster-0/apps/authentication/authelia/secret.sops.yaml

@@ -2,7 +2,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-    name: authelia
+    name: authelia-secret
     namespace: default
 type: Opaque
 stringData:
@@ -29,8 +29,8 @@ sops:
             Ny9OQ0l4ZXMrdW40NmRsbzgvZ0w5V3cKqTGvN5zk2TPgtxoVfwI7Wsz4N+lC9+Kq
             DCXTgTU/QXm9dvo4ErPPzeWFqdk4JchExhvSJV2JfM32O+3z+EGhNg==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2022-09-13T21:14:03Z"
-    mac: ENC[AES256_GCM,data:ujW5w84/5GmwWvH8RdAoMdEXDNQptKhK0Whbd3Byg0o02NDA3SkQsMJsaSNG9Sp5CZnYxSBHdL1AT/1pldFsrxU7TcIpU1mh9zs4nf9B8x/9CEH/3fKSOZuHRKF56LHkqXLFbcC1o+GQHfg1zWlNFWBQ4ToPnqFlLneKFcHT/Sc=,iv:15KsYWcwbuCnsNOvjh7iMuv9gOsLnbvldUlUOl1l2eI=,tag:spHas6eWDLhcaK4cFStnww==,type:str]
+    lastmodified: "2022-12-01T22:11:20Z"
+    mac: ENC[AES256_GCM,data:XESKuMlJEXGzkbW1CnAoXxRONq3BqQT/Y9fi7Los+ILtHjo1lEHmj3yCSDhn7uVDQJALLu9pz/Ra36/gine7VUqJwooDV2OeWs7VvBmGTxLOxeH/24AipiAPnRYjXWQY0Zfh0/h0H88jJSB3D+bCMW+WpEWfdmHWMQ/Y54pQ3mQ=,iv:q0ALv44alplmtt2NKbRyVzy/yxoIQ9FUN1zLjEMViCU=,tag:Zq9r4Eo2UsGYTIscEdAMVQ==,type:str]
     pgp: []
     encrypted_regex: ^(data|stringData)$
     version: 3.7.3

kubernetes/cluster-0/apps/authentication/glauth/helm-release.yaml

@@ -25,6 +25,8 @@ spec:
     controller:
       replicas: 1
       strategy: RollingUpdate
+      annotations:
+        reloader.stakater.com/auto: "true"
     image:
       repository: docker.io/glauth/glauth
       tag: v2.1.0
@@ -46,7 +48,7 @@ spec:
       config:
         enabled: true
         type: secret
-        name: *app
+        name: glauth-secret
         items:
           - key: server.toml
             path: server.toml
@@ -54,8 +56,6 @@ spec:
             path: groups.toml
           - key: users.toml
             path: users.toml
-    podAnnotations:
-      secret.reloader.stakater.com/reload: *app
     resources:
       requests:
         cpu: 15m

kubernetes/cluster-0/apps/authentication/glauth/kustomization.yaml

@@ -5,7 +5,7 @@ namespace: default
 resources:
   - helm-release.yaml
 secretGenerator:
-  - name: glauth
+  - name: glauth-secret
     files:
       - server.toml=config/server.sops.toml
       - groups.toml=config/groups.sops.toml