Switch syncthing stateful set kustomize

kustomize/statefulset/statefulset.yaml

@@ -2,7 +2,6 @@ apiVersion: apps/v1
 kind: StatefulSet
 metadata:
   name: ss
-  namespace: core
 spec:
   serviceName: ss-svc
   replicas: 1

namespaces/apps/kustomization.yaml

@@ -10,4 +10,5 @@ resources:
   - linkwarden/
   - mealie/
   - paperless/
+  - syncthing/
   - vaultwarden/

namespaces/apps/syncthing/kustomization.yaml

@@ -0,0 +1,145 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+transformers:
+  - |-
+    apiVersion: builtin
+    kind: NamespaceTransformer
+    metadata:
+      name: notImportantHere
+      namespace: apps
+    unsetOnly: true
+
+namePrefix: syncthing-
+resources:
+  - ../../../kustomize/statefulset/
+
+labels:
+  - includeSelectors: true
+    pairs:
+      app.kubernetes.io/appName: syncthing
+  - pairs:
+      app.kubernetes.io/appNamespace: apps
+
+patches:
+  - path: patches/statefulset.yaml
+    target:
+      kind: StatefulSet
+      name: ss
+
+replacements:
+  # Infisical Secret
+  - source:
+      kind: StatefulSet
+      name: ss
+      fieldPath: metadata.labels.[app.kubernetes.io/appNamespace]
+    targets:
+      - select:
+          kind: InfisicalSecret
+        fieldPaths:
+          - spec.managedSecretReference.secretNamespace
+      - select:
+          kind: InfisicalSecret
+        options:
+          delimiter: "/"
+          index: 1
+        fieldPaths:
+          - spec.authentication.universalAuth.secretsScope.secretsPath
+      - select:
+          kind: InfisicalSecret
+        options:
+          delimiter: "/"
+          index: 2
+        fieldPaths:
+          - spec.authentication.universalAuth.secretsScope.secretsPath
+  - source:
+      kind: StatefulSet
+      name: ss
+      fieldPath: metadata.labels.[app.kubernetes.io/appName]
+    targets:
+      - select:
+          kind: InfisicalSecret
+        options:
+          delimiter: "-"
+          index: 0
+        fieldPaths:
+          - spec.managedSecretReference.secretName
+      - select:
+          kind: InfisicalSecret
+        options:
+          delimiter: "/"
+          index: 2
+        fieldPaths:
+          - spec.authentication.universalAuth.secretsScope.secretsPath
+  # Service
+  - source:
+      kind: StatefulSet
+      name: ss
+      fieldPath: spec.template.spec.containers.0.ports.0.name
+    targets:
+      - select:
+          kind: Service
+        fieldPaths:
+          - spec.ports.0.name
+          - spec.ports.0.targetPort
+  - source:
+      kind: Service
+    targets:
+      - select:
+          kind: HTTPRoute
+        fieldPaths:
+          - spec.rules.0.backendRefs.0.name
+  - source:
+      kind: StatefulSet
+      name: ss
+      fieldPath: spec.template.spec.containers.0.ports.0.containerPort
+    targets:
+      - select:
+          kind: Service
+        fieldPaths:
+          - spec.ports.0.port
+  # HTTPRoute
+  - source:
+      kind: StatefulSet
+      name: ss
+      fieldPath: metadata.labels.[app.kubernetes.io/appName]
+    targets:
+      - select:
+          kind: HTTPRoute
+        options:
+          create: true
+          delimiter: "."
+          index: 0
+        fieldPaths:
+          - spec.hostnames.0
+  - source:
+      kind: Service
+    targets:
+      - select:
+          kind: HTTPRoute
+        fieldPaths:
+          - spec.rules.0.backendRefs.0.name
+  - source:
+      kind: StatefulSet
+      name: ss
+      fieldPath: spec.template.spec.containers.0.ports.0.containerPort
+    targets:
+      - select:
+          kind: HTTPRoute
+        fieldPaths:
+          - spec.rules.0.backendRefs.0.port
+  # StatefulSet
+  - source:
+      kind: StatefulSet
+      name: ss
+      fieldPath: metadata.labels.[app.kubernetes.io/appName]
+    targets:
+      - select:
+          kind: StatefulSet
+        options:
+          delimiter: "-"
+          index: 0
+        fieldPaths:
+          - spec.volumeClaimTemplates.0.metadata.annotations.name
+          - spec.volumeClaimTemplates.0.metadata.name
+          - spec.serviceName

namespaces/apps/syncthing/patches/statefulset.yaml

@@ -0,0 +1,36 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: app
+spec:
+  template:
+    spec:
+      restartPolicy: Always
+      containers:
+        - name: syncthing
+          image: syncthing/syncthing:1.29
+          ports:
+            - name: syncthing
+              containerPort: 8384
+              protocol: TCP
+          volumeMounts:
+            - mountPath: /var/syncthing
+              name: syncthing-data
+              subPath: "data"
+          env:
+            - name: PUID
+              value: "976"
+            - name: PGID
+              value: "976"
+  volumeClaimTemplates:
+    - metadata:
+        name: ss-data
+        annotations:
+          name: ss-data
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        storageClassName: longhorn-private
+        resources:
+          requests:
+            storage: 50Gi

namespaces/core/syncthing.yaml

@@ -1,91 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: syncthing
-  namespace: core
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      name: syncthing
-  template:
-    metadata:
-      labels:
-        name: syncthing
-    spec:
-      restartPolicy: Always
-      containers:
-        - name: syncthing
-          image: syncthing/syncthing:1.29
-          ports:
-            - name: http
-              containerPort: 8384
-              protocol: TCP
-          volumeMounts:
-            - mountPath: /var/syncthing
-              name: syncthing-data
-              subPath: "data"
-          env:
-            - name: PUID
-              value: "976"
-            - name: PGID
-              value: "976"
-      volumes:
-        - name: syncthing-data
-          persistentVolumeClaim:
-            claimName: syncthing-data
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: syncthing-data
-  namespace: core
-spec:
-  accessModes:
-    - ReadWriteOnce
-  storageClassName: longhorn-private
-  resources:
-    requests:
-      storage: 50Gi
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: syncthing
-  namespace: core
-spec:
-  type: ClusterIP
-  selector:
-    name: syncthing
-  ports:
-    - port: 8384
-      name: http
-      targetPort: http
-      protocol: TCP
----
-apiVersion: gateway.networking.k8s.io/v1
-kind: HTTPRoute
-metadata:
-  name: syncthing
-  namespace: core
-spec:
-  parentRefs:
-    - name: homelab-gateway
-      sectionName: web
-      kind: Gateway
-      namespace: homelab
-
-  hostnames:
-    - syncthing.leechpepin.local
-
-  rules:
-    - matches:
-        - path:
-            type: PathPrefix
-            value: /
-
-      backendRefs:
-        - name: syncthing
-          namespace: core
-          port: 8384