125 lines
4.1 KiB
YAML
125 lines
4.1 KiB
YAML
---
|
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/ocirepository-source-v1beta2.json
|
|
apiVersion: source.toolkit.fluxcd.io/v1beta2
|
|
kind: OCIRepository
|
|
metadata:
|
|
name: flux-manifests
|
|
namespace: flux-system
|
|
spec:
|
|
interval: 10m
|
|
url: oci://ghcr.io/fluxcd/flux-manifests
|
|
ref:
|
|
tag: v2.4.0
|
|
---
|
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
|
|
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
|
kind: Kustomization
|
|
metadata:
|
|
name: flux
|
|
namespace: flux-system
|
|
spec:
|
|
interval: 10m
|
|
path: ./
|
|
prune: true
|
|
wait: true
|
|
sourceRef:
|
|
kind: OCIRepository
|
|
name: flux-manifests
|
|
patches:
|
|
- patch: |
|
|
$patch: delete
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: not-used
|
|
target:
|
|
group: networking.k8s.io
|
|
version: v1
|
|
kind: NetworkPolicy
|
|
# Increase the number of reconciliations that can be performed in parallel and bump the resources limits
|
|
# https://fluxcd.io/flux/cheatsheets/bootstrap/#increase-the-number-of-workers
|
|
- patch: |
|
|
- op: add
|
|
path: /spec/template/spec/containers/0/args/-
|
|
value: --concurrent=8
|
|
- op: add
|
|
path: /spec/template/spec/containers/0/args/-
|
|
value: --kube-api-qps=500
|
|
- op: add
|
|
path: /spec/template/spec/containers/0/args/-
|
|
value: --kube-api-burst=1000
|
|
- op: add
|
|
path: /spec/template/spec/containers/0/args/-
|
|
value: --requeue-dependency=5s
|
|
target:
|
|
kind: Deployment
|
|
name: "(kustomize-controller|helm-controller|source-controller)"
|
|
- patch: |
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: not-used
|
|
spec:
|
|
template:
|
|
spec:
|
|
containers:
|
|
- name: manager
|
|
resources:
|
|
limits:
|
|
memory: 2Gi
|
|
target:
|
|
kind: Deployment
|
|
name: "(kustomize-controller|helm-controller|source-controller)"
|
|
# Enable drift detection for HelmReleases and set the log level to debug
|
|
# https://fluxcd.io/flux/components/helm/helmreleases/#drift-detection
|
|
- patch: |
|
|
- op: add
|
|
path: /spec/template/spec/containers/0/args/-
|
|
value: --feature-gates=DetectDrift=true,CorrectDrift=false
|
|
- op: add
|
|
path: /spec/template/spec/containers/0/args/-
|
|
value: --log-level=debug
|
|
target:
|
|
kind: Deployment
|
|
name: helm-controller
|
|
# Enable Helm near OOM detection
|
|
# https://fluxcd.io/flux/cheatsheets/bootstrap/#enable-helm-near-oom-detection
|
|
- patch: |
|
|
- op: add
|
|
path: /spec/template/spec/containers/0/args/-
|
|
value: --feature-gates=OOMWatch=true
|
|
- op: add
|
|
path: /spec/template/spec/containers/0/args/-
|
|
value: --oom-watch-memory-threshold=95
|
|
- op: add
|
|
path: /spec/template/spec/containers/0/args/-
|
|
value: --oom-watch-interval=500ms
|
|
target:
|
|
kind: Deployment
|
|
name: helm-controller
|
|
# Enable notifications for 3rd party Flux controllers such as tf-controller
|
|
# https://fluxcd.io/flux/cheatsheets/bootstrap/#enable-notifications-for-third-party-controllers
|
|
- patch: |
|
|
- op: add
|
|
path: /spec/versions/1/schema/openAPIV3Schema/properties/spec/properties/eventSources/items/properties/kind/enum/-
|
|
value: Terraform
|
|
target:
|
|
kind: CustomResourceDefinition
|
|
name: alerts.notification.toolkit.fluxcd.io
|
|
- patch: |
|
|
- op: add
|
|
path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/resources/items/properties/kind/enum/-
|
|
value: Terraform
|
|
target:
|
|
kind: CustomResourceDefinition
|
|
name: receivers.notification.toolkit.fluxcd.io
|
|
- patch: |
|
|
- op: add
|
|
path: /rules/-
|
|
value:
|
|
apiGroups: ["infra.contrib.fluxcd.io"]
|
|
resources: ["*"]
|
|
verbs: ["*"]
|
|
target:
|
|
kind: ClusterRole
|
|
name: crd-controller-flux-system
|