-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
all: remove bootstrapping of namespaces
This commit removes the bootstrap step used to install namespaces in a cluster. The step has been integrated into the new helmfile setup and namespaces are now managed by helm. Two new releases are added: "admin-namespaces" and "dev-namespaces", the latter of which is only relevant for wc clusters and it only includes the "alertmanager" namespace as of now. The "admin-namespace" includes all admin namespaces execpt for the "kube-*" namespaces. The "kube-*" namespaces are not managed by helm nor do they get any PSA or "owner=operator" labels set. Furthermore those namespaces are exempted from the OPA-Gatekeeper validating and mutating webhooks! Note, namespaces are not removed by Helm! If you destroy the namespace releases the namespace resources will be left behind. Furthermore, this commits sets the restricted PSA labels on the "thanos" namespace and the privileged PSA labels on the "falco" namespace in SC. In order set the restricted labels on the "thanos" namespace, seccomp profile and drop all capabilities is set on the thanos components.
- Loading branch information
1 parent
e53f104
commit 204c1c7
Showing
44 changed files
with
765 additions
and
361 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
77 changes: 0 additions & 77 deletions
77
bootstrap/namespaces/helmfile/values/namespaces-sc.yaml.gotmpl
This file was deleted.
Oops, something went wrong.
73 changes: 0 additions & 73 deletions
73
bootstrap/namespaces/helmfile/values/namespaces-wc.yaml.gotmpl
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.