REFACTOR(goldilocks): use managedNamespaceMetadata for namespace labels

- Remove namespace.yaml files - Add managedNamespaceMetadata with Goldilocks label - Set CreateNamespace=true in syncOptions - Update kustomization.yaml to remove namespace.yaml references
2025-12-29 15:57:47 +09:00
parent 1aca10fb2d
commit a2682e292b
9 changed files with 57 additions and 95 deletions
--- a/falco/argocd.yaml
+++ b/falco/argocd.yaml
@@ -4,12 +4,10 @@ metadata:
  name: falco
  namespace: argocd
  finalizers:
-    - resources-finalizer.argocd.argoproj.io
+  - resources-finalizer.argocd.argoproj.io
 spec:
  project: default
-
  source:
-    # Helm chart from Falcosecurity repository
    repoURL: https://falcosecurity.github.io/charts
    chart: falco
    targetRevision: 4.20.0
@@ -81,41 +79,37 @@ spec:
            key: node-role.kubernetes.io/master
          - effect: NoSchedule
            key: node-role.kubernetes.io/control-plane
-
  destination:
    server: https://kubernetes.default.svc
    namespace: falco
-
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
      allowEmpty: false
-
    syncOptions:
-      - CreateNamespace=true
-      - PrunePropagationPolicy=foreground
-      - PruneLast=true
-      - ServerSideApply=true
-      - RespectIgnoreDifferences=true
-      - ApplyOutOfSyncOnly=true
-
+    - CreateNamespace=true
+    - PrunePropagationPolicy=foreground
+    - PruneLast=true
+    - ServerSideApply=true
+    - RespectIgnoreDifferences=true
+    - ApplyOutOfSyncOnly=true
    retry:
      limit: 5
      backoff:
        duration: 5s
        factor: 2
        maxDuration: 3m
-
-  # Ignore StatefulSet differences managed by Kubernetes
+    managedNamespaceMetadata:
+      labels:
+        goldilocks.fairwinds.com/enabled: 'true'
  ignoreDifferences:
-    - group: apps
-      kind: StatefulSet
-      jqPathExpressions:
-        - '.spec.persistentVolumeClaimRetentionPolicy'
-        - '.spec.volumeClaimTemplates[].metadata.creationTimestamp'
-        - '.spec.volumeClaimTemplates[].status'
-        - '.spec.volumeClaimTemplates[].apiVersion'
-        - '.spec.volumeClaimTemplates[].kind'
-
+  - group: apps
+    kind: StatefulSet
+    jqPathExpressions:
+    - .spec.persistentVolumeClaimRetentionPolicy
+    - .spec.volumeClaimTemplates[].metadata.creationTimestamp
+    - .spec.volumeClaimTemplates[].status
+    - .spec.volumeClaimTemplates[].apiVersion
+    - .spec.volumeClaimTemplates[].kind
  revisionHistoryLimit: 10