diff --git a/charts/opscenter-features/templates/featuresets/opscenter-backup/kubestash.yaml b/charts/opscenter-features/templates/featuresets/opscenter-backup/kubestash.yaml index 1e4e36dcd..1be39cd5b 100644 --- a/charts/opscenter-features/templates/featuresets/opscenter-backup/kubestash.yaml +++ b/charts/opscenter-features/templates/featuresets/opscenter-backup/kubestash.yaml @@ -39,6 +39,26 @@ spec: selector: app.kubernetes.io/instance: kubestash app.kubernetes.io/name: kubestash-operator + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: kubestash-kubestash-operator-cert + namespace: {{ printf "{{ .Release.Namespace }}" }} + - group: apps + kind: Deployment + name: kubestash-kubestash-operator-operator + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: Deployment + name: kubestash-kubestash-operator-webhook-server + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/reload + chart: name: kubestash namespace: stash diff --git a/charts/opscenter-features/templates/featuresets/opscenter-backup/stash.yaml b/charts/opscenter-features/templates/featuresets/opscenter-backup/stash.yaml index a044e4e4c..96b3f1563 100644 --- a/charts/opscenter-features/templates/featuresets/opscenter-backup/stash.yaml +++ b/charts/opscenter-features/templates/featuresets/opscenter-backup/stash.yaml @@ -40,6 +40,37 @@ spec: kind: Deployment selector: app.kubernetes.io/name: stash-enterprise + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: stash-stash-enterprise-apiserver-cert + namespace: {{ printf "{{ .Release.Namespace }}" }} + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.admission.stash.appscode.com + jsonPointers: + - /spec/caBundle + - /metadata/annotations/admission-webhook.appscode.com~1active + - /metadata/annotations/admission-webhook.appscode.com~1status + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.repositories.stash.appscode.com + jsonPointers: + - /spec/caBundle + - group: apiregistration.k8s.io + kind: APIService + name: v1beta1.admission.stash.appscode.com + jsonPointers: + - /spec/caBundle + - group: apps + kind: Deployment + name: stash-stash-enterprise + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/checksum~1apiregistration.yaml + chart: name: stash namespace: stash diff --git a/charts/opscenter-features/templates/featuresets/opscenter-core/flux2.yaml b/charts/opscenter-features/templates/featuresets/opscenter-core/flux2.yaml index 4e022aec1..1b8475553 100644 --- a/charts/opscenter-features/templates/featuresets/opscenter-core/flux2.yaml +++ b/charts/opscenter-features/templates/featuresets/opscenter-core/flux2.yaml @@ -64,6 +64,7 @@ spec: - group: apps version: v1 kind: Deployment + optional: "fluxcd" selector: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system @@ -72,11 +73,20 @@ spec: - group: apps version: v1 kind: Deployment + optional: "fluxcd" selector: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux control-plane: controller + # fargocd controller + - group: apps + version: v1 + kind: Deployment + optional: "fargocd" + selector: + app.kubernetes.io/instance: fargocd + app.kubernetes.io/name: fargocd chart: name: flux2 namespace: flux-system diff --git a/charts/opscenter-features/templates/featuresets/opscenter-core/kube-ui-server.yaml b/charts/opscenter-features/templates/featuresets/opscenter-core/kube-ui-server.yaml index a818b1abb..bb5cbbe71 100644 --- a/charts/opscenter-features/templates/featuresets/opscenter-core/kube-ui-server.yaml +++ b/charts/opscenter-features/templates/featuresets/opscenter-core/kube-ui-server.yaml @@ -53,6 +53,56 @@ spec: selector: app.kubernetes.io/name: kube-ui-server app.kubernetes.io/instance: kube-ui-server + +spec: + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: kube-ui-server-apiserver-cert + namespace: {{ printf "{{ .Release.Namespace }}" }} + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.core.k8s.appscode.com + jsonPointers: + - /spec/caBundle + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.cost.k8s.appscode.com + jsonPointers: + - /spec/caBundle + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.identity.k8s.appscode.com + jsonPointers: + - /spec/caBundle + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.meta.k8s.appscode.com + jsonPointers: + - /spec/caBundle + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.offline.licenses.appscode.com + jsonPointers: + - /spec/caBundle + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.policy.k8s.appscode.com + jsonPointers: + - /spec/caBundle + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.reports.scanner.appscode.com + jsonPointers: + - /spec/caBundle + - group: apps + kind: Deployment + name: kube-ui-server + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/checksum~1apiregistration.yaml + chart: name: kube-ui-server namespace: kubeops diff --git a/charts/opscenter-features/templates/featuresets/opscenter-core/license-proxyserver.yaml b/charts/opscenter-features/templates/featuresets/opscenter-core/license-proxyserver.yaml index 38364e775..7ae6a9c94 100644 --- a/charts/opscenter-features/templates/featuresets/opscenter-core/license-proxyserver.yaml +++ b/charts/opscenter-features/templates/featuresets/opscenter-core/license-proxyserver.yaml @@ -31,6 +31,19 @@ spec: kind: Deployment selector: app.kubernetes.io/name: license-proxyserver + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: license-proxyserver-apiserver-cert + namespace: {{ printf "{{ .Release.Namespace }}" }} + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.proxyserver.licenses.appscode.com + jsonPointers: + - /spec/caBundle + chart: name: license-proxyserver namespace: kubeops diff --git a/charts/opscenter-features/templates/featuresets/opscenter-core/opscenter-features.yaml b/charts/opscenter-features/templates/featuresets/opscenter-core/opscenter-features.yaml index 4dd00ef3a..c06a19605 100644 --- a/charts/opscenter-features/templates/featuresets/opscenter-core/opscenter-features.yaml +++ b/charts/opscenter-features/templates/featuresets/opscenter-core/opscenter-features.yaml @@ -21,6 +21,27 @@ spec: kind: HelmRepository selector: kubernetes.io/metadata.name: appscode-charts-oci + ignoreDifferences: + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: features.ui.k8s.appscode.com + jsonPointers: + - /spec + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: featuresets.ui.k8s.appscode.com + jsonPointers: + - /spec + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: helmrepositories.source.toolkit.fluxcd.io + jsonPointers: + - /spec + - group: ui.k8s.appscode.com + kind: Feature + name: metrics-server + jsonPointers: + - /spec/recommended chart: name: opscenter-features namespace: kubeops diff --git a/charts/opscenter-features/templates/featuresets/opscenter-datastore/kubedb.yaml b/charts/opscenter-features/templates/featuresets/opscenter-datastore/kubedb.yaml index b0654c909..8b43947e4 100644 --- a/charts/opscenter-features/templates/featuresets/opscenter-datastore/kubedb.yaml +++ b/charts/opscenter-features/templates/featuresets/opscenter-datastore/kubedb.yaml @@ -60,6 +60,119 @@ spec: kind: StatefulSet selector: app.kubernetes.io/name: kubedb-provisioner + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: kubedb-kubedb-webhook-server-cert + namespace: {{ printf "{{ .Release.Namespace }}" }} + - jsonPointers: + - /data + kind: Secret + name: kubedb-petset-cert + namespace: {{ printf "{{ .Release.Namespace }}" }} + - jsonPointers: + - /data + kind: Secret + name: kubedb-sidekick-cert + namespace: {{ printf "{{ .Release.Namespace }}" }} + + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.petset.appscode.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.autoscaling.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.elasticsearch.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.schema.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.autoscaling.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.elasticsearch.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.ops.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.petset.appscode.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.schema.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + + + - group: apps + kind: StatefulSet + name: kubedb-kubedb-autoscaler + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: StatefulSet + name: kubedb-kubedb-ops-manager + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: StatefulSet + name: kubedb-kubedb-provisioner + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: Deployment + name: kubedb-kubedb-webhook-server + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: Deployment + name: kubedb-petset + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: Deployment + name: kubedb-sidekick + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/reload + chart: name: kubedb namespace: kubedb diff --git a/charts/opscenter-features/templates/featuresets/opscenter-observability/monitoring/monitoring-operator.yaml b/charts/opscenter-features/templates/featuresets/opscenter-observability/monitoring/monitoring-operator.yaml index 95ff8d876..ac0343fc7 100644 --- a/charts/opscenter-features/templates/featuresets/opscenter-observability/monitoring/monitoring-operator.yaml +++ b/charts/opscenter-features/templates/featuresets/opscenter-observability/monitoring/monitoring-operator.yaml @@ -26,6 +26,25 @@ spec: kind: Deployment selector: app.kubernetes.io/name: monitoring-operator + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: monitoring-operator-apiserver-cert + namespace: {{ printf "{{ .Release.Namespace }}" }} + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.ui.openviz.dev + jsonPointers: + - /spec/caBundle + - group: apps + kind: Deployment + name: monitoring-operator + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/checksum~1apiregistration.yaml + chart: name: monitoring-operator namespace: monitoring diff --git a/charts/opscenter-features/templates/featuresets/opscenter-observability/monitoring/panopticon.yaml b/charts/opscenter-features/templates/featuresets/opscenter-observability/monitoring/panopticon.yaml index ea72a8140..7e575201e 100644 --- a/charts/opscenter-features/templates/featuresets/opscenter-observability/monitoring/panopticon.yaml +++ b/charts/opscenter-features/templates/featuresets/opscenter-observability/monitoring/panopticon.yaml @@ -33,6 +33,23 @@ spec: kind: Deployment selector: app.kubernetes.io/name: panopticon + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: panopticon-apiserver-cert + namespace: {{ printf "{{ .Release.Namespace }}" }} + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.validators.metrics.appscode.com + jsonPointers: + - /spec/caBundle + - group: apps + kind: Deployment + name: panopticon + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/checksum~1apiregistration.yaml chart: name: panopticon namespace: monitoring diff --git a/charts/opscenter-features/templates/featuresets/opscenter-secret-management/kubevault/kubevault.yaml b/charts/opscenter-features/templates/featuresets/opscenter-secret-management/kubevault/kubevault.yaml index 31892980a..1a5cf24e4 100644 --- a/charts/opscenter-features/templates/featuresets/opscenter-secret-management/kubevault/kubevault.yaml +++ b/charts/opscenter-features/templates/featuresets/opscenter-secret-management/kubevault/kubevault.yaml @@ -33,6 +33,78 @@ spec: kind: Deployment selector: app.kubernetes.io/name: kubevault-operator + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: kubevault-kubevault-webhook-server-apiserver-cert + namespace: {{ printf "{{ .Release.Namespace }}" }} + + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.engine.kubevault.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.kubevault.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.policy.kubevault.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.engine.kubevault.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.kubevault.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.mutators.engine.kubevault.com + jsonPointers: + - /spec/caBundle + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.mutators.kubevault.com + jsonPointers: + - /spec/caBundle + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.mutators.policy.kubevault.com + jsonPointers: + - /spec/caBundle + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.validators.engine.kubevault.com + jsonPointers: + - /spec/caBundle + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.validators.kubevault.com + jsonPointers: + - /spec/caBundle + - group: apps + kind: Deployment + name: kubevault-kubevault-operator + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: Deployment + name: kubevault-kubevault-webhook-server + namespace: {{ printf "{{ .Release.Namespace }}" }} + jsonPointers: + - /spec/template/metadata/annotations/reload + chart: name: kubevault namespace: kubevault