chore(integrations/registry): remove deprecated kustomize features

Signed-off-by: Artem <67638547+Stringls@users.noreply.github.com>

manifests/integrations/registry-credentials-sync/_cronjobs/aws/bind-irsa-patch.yaml

@@ -0,0 +1,9 @@
+# Bind IRSA for the ServiceAccount 
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: credentials-sync
+  namespace: flux-system
+  annotations:
+    eks.amazonaws.com/role-arn: <role arn>  # set the ARN for your role

manifests/integrations/registry-credentials-sync/_cronjobs/aws/config-map-patch.yaml

@@ -0,0 +1,9 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: credentials-sync
+data:
+  ECR_REGION: us-east-1  # set the region
+  ECR_REGISTRY: <account id>.dkr.ecr.<region>.amazonaws.com  # fill in the account id and region
+  KUBE_SECRET: ecr-credentials  # does not yet exist -- will be created in the same Namespace

manifests/integrations/registry-credentials-sync/_cronjobs/aws/config-patches.yaml

@@ -1,52 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: credentials-sync
-data:
-  ECR_REGION: us-east-1  # set the region
-  ECR_REGISTRY: <account id>.dkr.ecr.<region>.amazonaws.com  # fill in the account id and region
-  KUBE_SECRET: ecr-credentials  # does not yet exist -- will be created in the same Namespace
-
-
-# Bind IRSA for the ServiceAccount 
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: credentials-sync
-  namespace: flux-system
-  annotations:
-    eks.amazonaws.com/role-arn: <role arn>  # set the ARN for your role
-
-
-# Set the reconcile period
----
-apiVersion: batch/v1beta1
-kind: CronJob
-metadata:
-  name: credentials-sync
-  namespace: flux-system
-spec:
-  schedule: 0 */6 * * *  # every 6hrs -- ECR tokens expire every 12 hours; refresh faster than that
-
-
-## If not using IRSA, set the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables
-## Store these values in a Secret and load them in the container using envFrom.
-## For managing this secret via GitOps, consider using SOPS or SealedSecrets and add that manifest in a resource file for this kustomize build.
-##   https://fluxcd.io/docs/guides/mozilla-sops/
-##   https://fluxcd.io/docs/guides/sealed-secrets/
-# ---
-# apiVersion: apps/v1
-# kind: Deployment
-# metadata:
-#   name: credentials-sync
-#   namespace: flux-system
-# spec:
-#   template:
-#     spec:
-#       containers:
-#       - name: sync
-#         envFrom:
-#           secretRef:
-#             name: $(ECR_SECRET_NAME)  # uncomment the var for this in kustomization.yaml

manifests/integrations/registry-credentials-sync/_cronjobs/aws/credentials-injection-patch.yaml

@@ -0,0 +1,21 @@
+# If not using IRSA, set the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables
+# Store these values in a Secret and load them in the container using envFrom.
+# For managing this secret via GitOps, consider using SOPS or SealedSecrets and add that manifest in a resource file for this kustomize build.
+#   https://fluxcd.io/docs/guides/mozilla-sops/
+#   https://fluxcd.io/docs/guides/sealed-secrets/
+---
+apiVersion: batch/v1beta1
+kind: CronJob
+metadata:
+  name: credentials-sync
+  namespace: flux-system
+spec:
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          containers:
+          - name: sync
+            envFrom:
+            - secretRef:
+                name: $(ECR_SECRET_NAME)  # uncomment the var for this in kustomization.yaml

manifests/integrations/registry-credentials-sync/_cronjobs/aws/ecr-token-refresh-patch.yaml

@@ -0,0 +1,9 @@
+# Set the reconcile period
+---
+apiVersion: batch/v1beta1
+kind: CronJob
+metadata:
+  name: credentials-sync
+  namespace: flux-system
+spec:
+  schedule: 0 */6 * * *  # every 6hrs -- ECR tokens expire every 12 hours; refresh faster than that

manifests/integrations/registry-credentials-sync/_cronjobs/aws/encrypted-secret.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: credentials-sync
+data:
+    AWS_ACCESS_KEY_ID: Zm9vCg==
+    AWS_SECRET_ACCESS_KEY: YmFyCg==
+type: Opaque

manifests/integrations/registry-credentials-sync/_cronjobs/aws/kustomization.yaml

@@ -7,19 +7,26 @@ commonLabels:
 
 namespace: flux-system
 
-bases:
+resources:
 - ../_base
-## If not using IRSA, consider creating the following file via SOPS or SealedSecrets
+# # If not using IRSA, consider creating the following file via SOPS or SealedSecrets
 # - encrypted-secret.yaml
 
-patchesStrategicMerge:
-- config-patches.yaml
-- reconcile-patch.yaml
+patches:
+- path: config-map-patch.yaml
+- path: reconcile-patch.yaml
+- path: ecr-token-refresh-patch.yaml
+# Comment out bind-irsa-patch.yaml if not using IRSA
+- path: bind-irsa-patch.yaml
+# # Uncomment if not using IRSA, please also check credentials-injection-patch.yaml
+# - path: credentials-injection-patch.yaml
 
-## uncomment if using encrypted-secret.yaml
+# # Uncomment if using encrypted-secret.yaml
 # vars:
 # - name: ECR_SECRET_NAME
 #   objref:
 #     kind: Secret
 #     name: credentials-sync
 #     apiVersion: v1
+# configurations:
+# - kustomizeconfig.yaml

manifests/integrations/registry-credentials-sync/_cronjobs/aws/kustomizeconfig.yaml

@@ -0,0 +1,3 @@
+varReference:
+- path: spec/jobTemplate/spec/template/spec/containers/envFrom/secretRef
+  kind: CronJob