From 9abcdfa98d264a396bc1b48d4eb349a865b0e76c Mon Sep 17 00:00:00 2001 From: Mayne0213 Date: Mon, 29 Dec 2025 15:57:47 +0900 Subject: [PATCH] REFACTOR(goldilocks): use managedNamespaceMetadata for namespace labels - Remove namespace.yaml files - Add managedNamespaceMetadata with Goldilocks label - Set CreateNamespace=true in syncOptions - Update kustomization.yaml to remove namespace.yaml references --- cnpg/argocd.yaml | 39 +++--- cnpg/kustomization.yaml | 4 +- cnpg/namespace.yaml | 6 - longhorn/argocd.yaml | 192 ++++++++++++++---------------- longhorn/kustomization.yaml | 11 +- longhorn/namespace.yaml | 6 - minio/argocd.yaml | 44 +++---- minio/kustomization.yaml | 6 +- minio/namespace.yaml | 6 - pgweb/argocd.yaml | 16 +-- pgweb/kustomization.yaml | 14 +-- pgweb/namespace.yaml | 6 - postgresql-dev/argocd.yaml | 42 +++---- postgresql-dev/kustomization.yaml | 6 +- postgresql-dev/namespace.yaml | 6 - velero/argocd.yaml | 67 +++++------ velero/kustomization.yaml | 6 +- velero/namespace.yaml | 6 - 18 files changed, 200 insertions(+), 283 deletions(-) delete mode 100644 cnpg/namespace.yaml delete mode 100644 longhorn/namespace.yaml delete mode 100644 minio/namespace.yaml delete mode 100644 pgweb/namespace.yaml delete mode 100644 postgresql-dev/namespace.yaml delete mode 100644 velero/namespace.yaml diff --git a/cnpg/argocd.yaml b/cnpg/argocd.yaml index 806ca1b..3004990 100644 --- a/cnpg/argocd.yaml +++ b/cnpg/argocd.yaml @@ -4,44 +4,39 @@ metadata: name: cnpg namespace: argocd finalizers: - - resources-finalizer.argocd.argoproj.io + - resources-finalizer.argocd.argoproj.io spec: project: default - sources: - # Helm chart from CloudNativePG repository - - repoURL: https://cloudnative-pg.github.io/charts - chart: cloudnative-pg - targetRevision: 0.23.0 - helm: - valueFiles: - - $values/cnpg/helm-values.yaml - # Values file from Git repository - - repoURL: https://gitea0213.kro.kr/bluemayne/cluster-infrastructure.git - targetRevision: main - ref: values - + - repoURL: https://cloudnative-pg.github.io/charts + chart: cloudnative-pg + targetRevision: 0.23.0 + helm: + valueFiles: + - $values/cnpg/helm-values.yaml + - repoURL: https://gitea0213.kro.kr/bluemayne/cluster-infrastructure.git + targetRevision: main + ref: values destination: server: https://kubernetes.default.svc namespace: cnpg - syncPolicy: automated: prune: true selfHeal: true allowEmpty: false - syncOptions: - - CreateNamespace=true - - PrunePropagationPolicy=foreground - - PruneLast=true - - ServerSideApply=true - + - CreateNamespace=true + - PrunePropagationPolicy=foreground + - PruneLast=true + - ServerSideApply=true retry: limit: 5 backoff: duration: 5s factor: 2 maxDuration: 3m - + managedNamespaceMetadata: + labels: + goldilocks.fairwinds.com/enabled: 'true' revisionHistoryLimit: 10 diff --git a/cnpg/kustomization.yaml b/cnpg/kustomization.yaml index dca4a51..b83b23e 100644 --- a/cnpg/kustomization.yaml +++ b/cnpg/kustomization.yaml @@ -1,5 +1,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization - -resources: - - namespace.yaml +resources: [] diff --git a/cnpg/namespace.yaml b/cnpg/namespace.yaml deleted file mode 100644 index 678b1da..0000000 --- a/cnpg/namespace.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: cnpg - labels: - goldilocks.fairwinds.com/enabled: "true" diff --git a/longhorn/argocd.yaml b/longhorn/argocd.yaml index 4e8eefd..2aadaba 100644 --- a/longhorn/argocd.yaml +++ b/longhorn/argocd.yaml @@ -4,123 +4,115 @@ metadata: name: longhorn namespace: argocd finalizers: - - resources-finalizer.argocd.argoproj.io + - resources-finalizer.argocd.argoproj.io spec: project: default - sources: - # Helm chart from Longhorn repository - - repoURL: https://charts.longhorn.io - chart: longhorn - targetRevision: 1.7.2 - helm: - valueFiles: - - $values/longhorn/helm-values.yaml - # Values file from Git repository - - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git - targetRevision: main - ref: values - # Ingress and Nodes from Git repository - - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git - targetRevision: main - path: longhorn - kustomize: {} - + - repoURL: https://charts.longhorn.io + chart: longhorn + targetRevision: 1.7.2 + helm: + valueFiles: + - $values/longhorn/helm-values.yaml + - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git + targetRevision: main + ref: values + - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git + targetRevision: main + path: longhorn + kustomize: {} destination: server: https://kubernetes.default.svc namespace: longhorn-system - syncPolicy: automated: prune: true selfHeal: true allowEmpty: false - syncOptions: - - CreateNamespace=true - - PrunePropagationPolicy=foreground - - PruneLast=true - - RespectIgnoreDifferences=true - - ServerSideApply=true - + - CreateNamespace=true + - PrunePropagationPolicy=foreground + - PruneLast=true + - RespectIgnoreDifferences=true + - ServerSideApply=true retry: limit: 5 backoff: duration: 5s factor: 2 maxDuration: 3m - + managedNamespaceMetadata: + labels: + goldilocks.fairwinds.com/enabled: 'true' revisionHistoryLimit: 10 - - # Ignore differences in CRDs managed by Longhorn ignoreDifferences: - - group: apiextensions.k8s.io - kind: CustomResourceDefinition - name: engines.longhorn.io - jqPathExpressions: - - .spec.conversion.webhook.clientConfig - - .status - - .metadata.annotations - - .metadata.generation - - .metadata.resourceVersion - - .spec.preserveUnknownFields - - group: apiextensions.k8s.io - kind: CustomResourceDefinition - name: engineimages.longhorn.io - jqPathExpressions: - - .spec.conversion.webhook.clientConfig - - .status - - .metadata.annotations - - .metadata.generation - - .metadata.resourceVersion - - .spec.preserveUnknownFields - - group: apiextensions.k8s.io - kind: CustomResourceDefinition - name: instancemanagers.longhorn.io - jqPathExpressions: - - .spec.conversion.webhook.clientConfig - - .status - - .metadata.annotations - - .metadata.generation - - .metadata.resourceVersion - - .spec.preserveUnknownFields - - group: apiextensions.k8s.io - kind: CustomResourceDefinition - name: nodes.longhorn.io - jqPathExpressions: - - .spec.conversion.webhook.clientConfig - - .status - - .metadata.annotations - - .metadata.generation - - .metadata.resourceVersion - - .spec.preserveUnknownFields - - group: apiextensions.k8s.io - kind: CustomResourceDefinition - name: replicas.longhorn.io - jqPathExpressions: - - .spec.conversion.webhook.clientConfig - - .status - - .metadata.annotations - - .metadata.generation - - .metadata.resourceVersion - - .spec.preserveUnknownFields - - group: apiextensions.k8s.io - kind: CustomResourceDefinition - name: settings.longhorn.io - jqPathExpressions: - - .spec.conversion.webhook.clientConfig - - .status - - .metadata.annotations - - .metadata.generation - - .metadata.resourceVersion - - .spec.preserveUnknownFields - - group: apiextensions.k8s.io - kind: CustomResourceDefinition - name: volumes.longhorn.io - jqPathExpressions: - - .spec.conversion.webhook.clientConfig - - .status - - .metadata.annotations - - .metadata.generation - - .metadata.resourceVersion - - .spec.preserveUnknownFields + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: engines.longhorn.io + jqPathExpressions: + - .spec.conversion.webhook.clientConfig + - .status + - .metadata.annotations + - .metadata.generation + - .metadata.resourceVersion + - .spec.preserveUnknownFields + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: engineimages.longhorn.io + jqPathExpressions: + - .spec.conversion.webhook.clientConfig + - .status + - .metadata.annotations + - .metadata.generation + - .metadata.resourceVersion + - .spec.preserveUnknownFields + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: instancemanagers.longhorn.io + jqPathExpressions: + - .spec.conversion.webhook.clientConfig + - .status + - .metadata.annotations + - .metadata.generation + - .metadata.resourceVersion + - .spec.preserveUnknownFields + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: nodes.longhorn.io + jqPathExpressions: + - .spec.conversion.webhook.clientConfig + - .status + - .metadata.annotations + - .metadata.generation + - .metadata.resourceVersion + - .spec.preserveUnknownFields + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: replicas.longhorn.io + jqPathExpressions: + - .spec.conversion.webhook.clientConfig + - .status + - .metadata.annotations + - .metadata.generation + - .metadata.resourceVersion + - .spec.preserveUnknownFields + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: settings.longhorn.io + jqPathExpressions: + - .spec.conversion.webhook.clientConfig + - .status + - .metadata.annotations + - .metadata.generation + - .metadata.resourceVersion + - .spec.preserveUnknownFields + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: volumes.longhorn.io + jqPathExpressions: + - .spec.conversion.webhook.clientConfig + - .status + - .metadata.annotations + - .metadata.generation + - .metadata.resourceVersion + - .spec.preserveUnknownFields diff --git a/longhorn/kustomization.yaml b/longhorn/kustomization.yaml index 6836d2c..c2bddaa 100644 --- a/longhorn/kustomization.yaml +++ b/longhorn/kustomization.yaml @@ -1,11 +1,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization - namespace: longhorn-system - resources: - - namespace.yaml - - ingress.yaml - - nodes/mayne-vcn.yaml - - nodes/mayne-worker-1.yaml - - nodes/mayne-worker-2.yaml +- ingress.yaml +- nodes/mayne-vcn.yaml +- nodes/mayne-worker-1.yaml +- nodes/mayne-worker-2.yaml diff --git a/longhorn/namespace.yaml b/longhorn/namespace.yaml deleted file mode 100644 index 8a9e178..0000000 --- a/longhorn/namespace.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: longhorn-system - labels: - goldilocks.fairwinds.com/enabled: "true" diff --git a/minio/argocd.yaml b/minio/argocd.yaml index 9b59715..57907db 100644 --- a/minio/argocd.yaml +++ b/minio/argocd.yaml @@ -4,47 +4,41 @@ metadata: name: minio namespace: argocd finalizers: - - resources-finalizer.argocd.argoproj.io + - resources-finalizer.argocd.argoproj.io spec: project: default - sources: - # Official MinIO Helm chart - - repoURL: https://charts.min.io - chart: minio - targetRevision: 5.2.0 - helm: - valueFiles: - - $values/minio/helm-values.yaml - # Values file from Git repository - - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git - targetRevision: main - ref: values - # Vault secrets from Git repository - - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git - targetRevision: main - path: minio - + - repoURL: https://charts.min.io + chart: minio + targetRevision: 5.2.0 + helm: + valueFiles: + - $values/minio/helm-values.yaml + - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git + targetRevision: main + ref: values + - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git + targetRevision: main + path: minio destination: server: https://kubernetes.default.svc namespace: minio - syncPolicy: automated: prune: true selfHeal: true allowEmpty: false - syncOptions: - - CreateNamespace=true - - PrunePropagationPolicy=foreground - - PruneLast=true - + - CreateNamespace=true + - PrunePropagationPolicy=foreground + - PruneLast=true retry: limit: 5 backoff: duration: 5s factor: 2 maxDuration: 3m - + managedNamespaceMetadata: + labels: + goldilocks.fairwinds.com/enabled: 'true' revisionHistoryLimit: 10 diff --git a/minio/kustomization.yaml b/minio/kustomization.yaml index a12d846..ec23a55 100644 --- a/minio/kustomization.yaml +++ b/minio/kustomization.yaml @@ -1,7 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization - resources: - - namespace.yaml - - vault/minio-root-password.yaml - - ingress.yaml +- vault/minio-root-password.yaml +- ingress.yaml diff --git a/minio/namespace.yaml b/minio/namespace.yaml deleted file mode 100644 index 89e75c8..0000000 --- a/minio/namespace.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: minio - labels: - goldilocks.fairwinds.com/enabled: "true" diff --git a/pgweb/argocd.yaml b/pgweb/argocd.yaml index 8cb2b1d..249f38e 100644 --- a/pgweb/argocd.yaml +++ b/pgweb/argocd.yaml @@ -4,28 +4,28 @@ metadata: name: pgweb namespace: argocd finalizers: - - resources-finalizer.argocd.argoproj.io + - resources-finalizer.argocd.argoproj.io spec: project: default - sources: - - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git - targetRevision: main - path: pgweb - + - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git + targetRevision: main + path: pgweb destination: server: https://kubernetes.default.svc namespace: pgweb - syncPolicy: automated: prune: true selfHeal: true syncOptions: - - CreateNamespace=true + - CreateNamespace=true retry: limit: 5 backoff: duration: 5s factor: 2 maxDuration: 3m + managedNamespaceMetadata: + labels: + goldilocks.fairwinds.com/enabled: 'true' diff --git a/pgweb/kustomization.yaml b/pgweb/kustomization.yaml index 1ab516c..cc2594b 100644 --- a/pgweb/kustomization.yaml +++ b/pgweb/kustomization.yaml @@ -1,12 +1,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization - resources: - # argocd.yaml은 수동으로 관리 (순환 참조 방지) - # - argocd.yaml - - namespace.yaml - - deployment.yaml - - vault/serviceaccount.yaml - - vault/secretstore.yaml - - vault/pgweb-secret.yaml - - ingress.yaml +- deployment.yaml +- vault/serviceaccount.yaml +- vault/secretstore.yaml +- vault/pgweb-secret.yaml +- ingress.yaml diff --git a/pgweb/namespace.yaml b/pgweb/namespace.yaml deleted file mode 100644 index 7a16c6a..0000000 --- a/pgweb/namespace.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: pgweb - labels: - goldilocks.fairwinds.com/enabled: "true" diff --git a/postgresql-dev/argocd.yaml b/postgresql-dev/argocd.yaml index 0a1d6db..59473cf 100644 --- a/postgresql-dev/argocd.yaml +++ b/postgresql-dev/argocd.yaml @@ -4,45 +4,41 @@ metadata: name: postgresql-dev namespace: argocd finalizers: - - resources-finalizer.argocd.argoproj.io + - resources-finalizer.argocd.argoproj.io spec: project: default - sources: - - repoURL: https://charts.bitnami.com/bitnami - chart: postgresql - targetRevision: 16.2.1 - helm: - valueFiles: - - $values/postgresql-dev/helm-values.yaml - - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git - targetRevision: main - ref: values - # Vault secrets from Git repository - - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git - targetRevision: main - path: postgresql-dev - + - repoURL: https://charts.bitnami.com/bitnami + chart: postgresql + targetRevision: 16.2.1 + helm: + valueFiles: + - $values/postgresql-dev/helm-values.yaml + - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git + targetRevision: main + ref: values + - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git + targetRevision: main + path: postgresql-dev destination: server: https://kubernetes.default.svc namespace: postgresql-dev - syncPolicy: automated: prune: true selfHeal: true allowEmpty: false - syncOptions: - - CreateNamespace=true - - PrunePropagationPolicy=foreground - - PruneLast=true - + - CreateNamespace=true + - PrunePropagationPolicy=foreground + - PruneLast=true retry: limit: 5 backoff: duration: 5s factor: 2 maxDuration: 3m - + managedNamespaceMetadata: + labels: + goldilocks.fairwinds.com/enabled: 'true' revisionHistoryLimit: 10 diff --git a/postgresql-dev/kustomization.yaml b/postgresql-dev/kustomization.yaml index 7a3efce..f94515d 100644 --- a/postgresql-dev/kustomization.yaml +++ b/postgresql-dev/kustomization.yaml @@ -1,8 +1,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization - resources: - # argocd.yaml은 수동으로 관리 (순환 참조 방지) - # - argocd.yaml - - namespace.yaml - - vault/postgresql-password-dev.yaml +- vault/postgresql-password-dev.yaml diff --git a/postgresql-dev/namespace.yaml b/postgresql-dev/namespace.yaml deleted file mode 100644 index 2b34c50..0000000 --- a/postgresql-dev/namespace.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: postgresql-dev - labels: - goldilocks.fairwinds.com/enabled: "true" diff --git a/velero/argocd.yaml b/velero/argocd.yaml index 4745042..b60ef7d 100644 --- a/velero/argocd.yaml +++ b/velero/argocd.yaml @@ -4,50 +4,46 @@ metadata: name: velero namespace: argocd finalizers: - - resources-finalizer.argocd.argoproj.io + - resources-finalizer.argocd.argoproj.io spec: project: default - sources: - - repoURL: https://vmware-tanzu.github.io/helm-charts - chart: velero - targetRevision: 11.2.0 - helm: - valueFiles: - - $values/velero/helm-values.yaml - - repoURL: https://gitea0213.kro.kr/bluemayne/cluster-infrastructure.git - targetRevision: main - ref: values - - repoURL: https://gitea0213.kro.kr/bluemayne/cluster-infrastructure.git - targetRevision: main - path: velero - kustomize: {} - + - repoURL: https://vmware-tanzu.github.io/helm-charts + chart: velero + targetRevision: 11.2.0 + helm: + valueFiles: + - $values/velero/helm-values.yaml + - repoURL: https://gitea0213.kro.kr/bluemayne/cluster-infrastructure.git + targetRevision: main + ref: values + - repoURL: https://gitea0213.kro.kr/bluemayne/cluster-infrastructure.git + targetRevision: main + path: velero + kustomize: {} destination: server: https://kubernetes.default.svc namespace: velero - syncPolicy: automated: prune: true selfHeal: true allowEmpty: false - syncOptions: - - CreateNamespace=true - - PrunePropagationPolicy=foreground - - PruneLast=true - - ServerSideApply=true - + - CreateNamespace=true + - PrunePropagationPolicy=foreground + - PruneLast=true + - ServerSideApply=true retry: limit: 5 backoff: duration: 5s factor: 2 maxDuration: 3m - + managedNamespaceMetadata: + labels: + goldilocks.fairwinds.com/enabled: 'true' revisionHistoryLimit: 10 - --- apiVersion: argoproj.io/v1alpha1 kind: Application @@ -55,14 +51,13 @@ metadata: name: velero-ui namespace: argocd finalizers: - - resources-finalizer.argocd.argoproj.io + - resources-finalizer.argocd.argoproj.io spec: project: default - source: repoURL: https://helm.otwld.com/ chart: velero-ui - targetRevision: "*" + targetRevision: '*' helm: values: | image: @@ -108,28 +103,26 @@ spec: serviceAccount: create: true name: velero-ui - destination: server: https://kubernetes.default.svc namespace: velero - syncPolicy: automated: prune: true selfHeal: true allowEmpty: false - syncOptions: - - CreateNamespace=false - - PrunePropagationPolicy=foreground - - PruneLast=true - - ServerSideApply=true - + - CreateNamespace=true + - PrunePropagationPolicy=foreground + - PruneLast=true + - ServerSideApply=true retry: limit: 5 backoff: duration: 5s factor: 2 maxDuration: 3m - + managedNamespaceMetadata: + labels: + goldilocks.fairwinds.com/enabled: 'true' revisionHistoryLimit: 10 diff --git a/velero/kustomization.yaml b/velero/kustomization.yaml index b8b32ed..3ae7c9f 100644 --- a/velero/kustomization.yaml +++ b/velero/kustomization.yaml @@ -1,7 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization - resources: - - namespace.yaml - - vault/velero-secrets.yaml - - ingress.yaml +- vault/velero-secrets.yaml +- ingress.yaml diff --git a/velero/namespace.yaml b/velero/namespace.yaml deleted file mode 100644 index 0aae7dc..0000000 --- a/velero/namespace.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: velero - labels: - goldilocks.fairwinds.com/enabled: "true"