k3s/namespaces/monitoring/diun/kustomization.yaml

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

transformers:
  - |-
    apiVersion: builtin
    kind: NamespaceTransformer
    metadata:
      name: notImportantHere
      namespace: monitoring
    unsetOnly: true

namePrefix: diun-
resources:
  - ../../../kustomize/noservice/
  - extra/serviceaccount.yaml
  - extra/clusterrole.yaml
  - extra/clusterrolebinding.yaml

replacements:
  - source:
      kind: Deployment
      name: app
      fieldPath: metadata.labels.[app.kubernetes.io/appName]
    targets:
      - select:
          kind: InfisicalSecret
        options:
          delimiter: "-"
          index: 0
        fieldPaths:
          - spec.managedSecretReference.secretName
      - select:
          kind: InfisicalSecret
        options:
          delimiter: "/"
          index: 2
        fieldPaths:
          - spec.authentication.universalAuth.secretsScope.secretsPath
  - source:
      kind: Deployment
      name: app
      fieldPath: metadata.labels.[app.kubernetes.io/appNamespace]
    targets:
      - select:
          kind: InfisicalSecret
        fieldPaths:
          - spec.managedSecretReference.secretNamespace
      - select:
          kind: InfisicalSecret
        options:
          delimiter: "/"
          index: 1
        fieldPaths:
          - spec.authentication.universalAuth.secretsScope.secretsPath

patches:
  - path: patches/deployment.yaml
    target:
      kind: Deployment
      name: app
  - path: patches/pvc.yaml
    target:
      kind: PersistentVolumeClaim
      name: pvc

labels:
  - includeSelectors: true
    pairs:
      app.kubernetes.io/appName: diun
  - pairs:
      app.kubernetes.io/appNamespace: monitoring

configMapGenerator:
  - name: config
    literals:
      - TZ=America/New_York
      - DIUN_DEFAULTS_MAXTAGS=10
      # Watch setup
      - DIUN_WATCH_WORKERS=10
      - DIUN_WATCH_JITTER=30s
      - DIUN_WATCH_SCHEDULE=0 */6 * * *
      - DIUN_WATCH_FIRSTCHECKNOTIF=true
      # Diun k8s provider
      - DIUN_PROVIDERS_KUBERNETES=true
      - DIUN_PROVIDERS_KUBERNETES_NAMESPACES=ai,apps,auth,core,homelab,monitoring
      - DIUN_PROVIDERS_KUBERNETES_WATCHBYDEFAULT=true
      # # Notifications to self-hosted healthcheck.io
      # - DIUN_WATCH_HEALTHCHECKS_BASEURL=https://health.leechpepin.com
      # - DIUN_WATCH_HEALTHCHECKS_UUID=<UUID>
      # Ntfy
      - DIUN_NOTIF_NTFY_ENDPOINT=https://ntfy.leechpepin.com
Add ntfy and diun 2025-02-05 16:26:41 -05:00			`apiVersion: kustomize.config.k8s.io/v1beta1`
			`kind: Kustomization`

			`transformers:`
			`- \|-`
			`apiVersion: builtin`
			`kind: NamespaceTransformer`
			`metadata:`
			`name: notImportantHere`
			`namespace: monitoring`
			`unsetOnly: true`

			`namePrefix: diun-`
			`resources:`
			`- ../../../kustomize/noservice/`
			`- extra/serviceaccount.yaml`
			`- extra/clusterrole.yaml`
			`- extra/clusterrolebinding.yaml`

			`replacements:`
			`- source:`
			`kind: Deployment`
			`name: app`
			`fieldPath: metadata.labels.[app.kubernetes.io/appName]`
			`targets:`
			`- select:`
			`kind: InfisicalSecret`
			`options:`
			`delimiter: "-"`
			`index: 0`
			`fieldPaths:`
			`- spec.managedSecretReference.secretName`
			`- select:`
			`kind: InfisicalSecret`
			`options:`
			`delimiter: "/"`
			`index: 2`
			`fieldPaths:`
			`- spec.authentication.universalAuth.secretsScope.secretsPath`
			`- source:`
			`kind: Deployment`
			`name: app`
			`fieldPath: metadata.labels.[app.kubernetes.io/appNamespace]`
			`targets:`
			`- select:`
			`kind: InfisicalSecret`
			`fieldPaths:`
			`- spec.managedSecretReference.secretNamespace`
			`- select:`
			`kind: InfisicalSecret`
			`options:`
			`delimiter: "/"`
			`index: 1`
			`fieldPaths:`
			`- spec.authentication.universalAuth.secretsScope.secretsPath`

			`patches:`
			`- path: patches/deployment.yaml`
			`target:`
			`kind: Deployment`
			`name: app`
			`- path: patches/pvc.yaml`
			`target:`
			`kind: PersistentVolumeClaim`
			`name: pvc`

			`labels:`
			`- includeSelectors: true`
			`pairs:`
			`app.kubernetes.io/appName: diun`
			`- pairs:`
			`app.kubernetes.io/appNamespace: monitoring`

			`configMapGenerator:`
			`- name: config`
			`literals:`
			`- TZ=America/New_York`
			`- DIUN_DEFAULTS_MAXTAGS=10`
			`# Watch setup`
			`- DIUN_WATCH_WORKERS=10`
			`- DIUN_WATCH_JITTER=30s`
			`- DIUN_WATCH_SCHEDULE=0 /6 * *`
			`- DIUN_WATCH_FIRSTCHECKNOTIF=true`
			`# Diun k8s provider`
			`- DIUN_PROVIDERS_KUBERNETES=true`
			`- DIUN_PROVIDERS_KUBERNETES_NAMESPACES=ai,apps,auth,core,homelab,monitoring`
			`- DIUN_PROVIDERS_KUBERNETES_WATCHBYDEFAULT=true`
			`# # Notifications to self-hosted healthcheck.io`
			`# - DIUN_WATCH_HEALTHCHECKS_BASEURL=https://health.leechpepin.com`
			`# - DIUN_WATCH_HEALTHCHECKS_UUID=<UUID>`
			`# Ntfy`
			`- DIUN_NOTIF_NTFY_ENDPOINT=https://ntfy.leechpepin.com`