chore(integrations/registry): remove deprecated kustomize features

Signed-off-by: Artem <67638547+Stringls@users.noreply.github.com>
2026-04-03 06:16:56 +00:00 · 2023-11-10 20:42:17 +02:00
parent 659ce798c9
commit e0dcd85e52
34 changed files with 242 additions and 218 deletions
--- a/manifests/integrations/registry-credentials-sync/azure/azure-identity-patch.yaml
+++ b/manifests/integrations/registry-credentials-sync/azure/azure-identity-patch.yaml
@@ -1,13 +1,3 @@
---
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: credentials-sync
-data:
-  ACR_NAME: my-registry
-  KUBE_SECRET: acr-my-registry  # does not yet exist -- will be created in the same Namespace
-  SYNC_PERIOD: "3600"  # ACR tokens expire every 3 hours; refresh faster than that
-
 # Create an identity in Azure and assign it a role to pull from ACR  (note: the identity's resourceGroup should match the desired ACR):
 #     az identity create -n acr-sync
 #     az role assignment create --role AcrPull --assignee-object-id "$(az identity show -n acr-sync -o tsv --query principalId)"
@@ -24,16 +14,3 @@ spec:
  clientID: 82d01fb0-7799-4d9d-92c7-21e7632c0000
  resourceID: /subscriptions/873c7e7f-76cd-4805-ae86-b923850b0000/resourcegroups/stealthybox/providers/Microsoft.ManagedIdentity/userAssignedIdentities/acr-sync
  type: 0  # user-managed identity
-
-# Specify the pod-identity via the aadpodidbinding label
---
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: credentials-sync
-  namespace: flux-system
-spec:
-  template:
-    metadata:
-      labels:
-        aadpodidbinding: $(AZ_IDENTITY_NAME)  # match the AzureIdentity name
--- a/manifests/integrations/registry-credentials-sync/azure/config-map-patch.yaml
+++ b/manifests/integrations/registry-credentials-sync/azure/config-map-patch.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: credentials-sync
+data:
+  ACR_NAME: my-registry
+  KUBE_SECRET: acr-my-registry  # does not yet exist -- will be created in the same Namespace
+  SYNC_PERIOD: "3600"  # ACR tokens expire every 3 hours; refresh faster than that
--- a/manifests/integrations/registry-credentials-sync/azure/kustomization.yaml
+++ b/manifests/integrations/registry-credentials-sync/azure/kustomization.yaml
@@ -7,14 +7,15 @@ commonLabels:

 namespace: flux-system

-bases:
- ../_base
 resources:
+- ../_base
 - az-identity.yaml

-patchesStrategicMerge:
- config-patches.yaml
- reconcile-patch.yaml
+patches:
+- path: config-map-patch.yaml
+- path: azure-identity-patch.yaml
+- path: pod-identity-injection-patch.yaml
+- path: reconcile-patch.yaml

 vars:
 - name: AZ_IDENTITY_NAME
--- a/manifests/integrations/registry-credentials-sync/azure/pod-identity-injection-patch.yaml
+++ b/manifests/integrations/registry-credentials-sync/azure/pod-identity-injection-patch.yaml
@@ -0,0 +1,12 @@
+# Specify the pod-identity via the aadpodidbinding label
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: credentials-sync
+  namespace: flux-system
+spec:
+  template:
+    metadata:
+      labels:
+        aadpodidbinding: $(AZ_IDENTITY_NAME)  # match the AzureIdentity name