apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

transformers:
  - |-
    apiVersion: builtin
    kind: NamespaceTransformer
    metadata:
      name: notImportantHere
      namespace: apps
    unsetOnly: true

namePrefix: forgejo-
resources:
  - ../../../kustomize/deployment/
  - extra/ssh-service.yaml
  - extra/ssh-tcproute.yaml

replacements:
  - source:
      kind: Service
      name: svc
    targets:
      - select:
          kind: HTTPRoute
        options:
          create: true
        fieldPaths:
          - spec.rules.0.backendRefs.0.name
  - source:
      kind: Deployment
      name: app
      fieldPath: metadata.labels.[app.kubernetes.io/appName]
    targets:
      - select:
          kind: InfisicalSecret
        options:
          delimiter: "-"
          index: 0
        fieldPaths:
          - spec.managedSecretReference.secretName
      - select:
          kind: InfisicalSecret
        options:
          delimiter: "/"
          index: 2
        fieldPaths:
          - spec.authentication.universalAuth.secretsScope.secretsPath
      - select:
          kind: Service
          name: svc
        fieldPaths:
          - spec.ports.0.name
          - spec.ports.0.targetPort
  - source:
      kind: Deployment
      name: app
      fieldPath: metadata.labels.[app.kubernetes.io/appNamespace]
    targets:
      - select:
          kind: InfisicalSecret
        fieldPaths:
          - spec.managedSecretReference.secretNamespace
  - source:
      kind: Deployment
      name: app
      fieldPath: metadata.labels.[app.kubernetes.io/routePrefix]
    targets:
      - select:
          kind: HTTPRoute
        options:
          create: true
          delimiter: "."
          index: 0
        fieldPaths:
          - spec.hostnames.0

patches:
  - path: patches/deployment.yaml
    target:
      kind: Deployment
      name: app
  - path: patches/pvc.yaml
    target:
      kind: PersistentVolumeClaim
      name: pvc

labels:
  - includeSelectors: true
    pairs:
      app.kubernetes.io/appName: forgejo
  - pairs:
      app.kubernetes.io/appNamespace: apps
  - pairs:
      app.kubernetes.io/routePrefix: forgejo

configMapGenerator:
  - name: config
    literals:
      - USER_UID=1000
      - USER_GID=1000
      - FORGEJO__database__DB_TYPE=postgres
      - FORGEJO__database__HOST=postgres.core.svc.cluster.local:5432
      - FORGEJO__database__NAME=forgejo
      - FORGEJO__database__USER=forgejo
      - FORGEJO__mailer__ENABLED=true
      - FORGEJO__mailer__PROTOCOL=smtps
      - FORGEJO__mailer__SMTP_ADDR=blizzard.mxrouting.net
      - FORGEJO__mailer__SMTP_PORT=465
      - FORGEJO__mailer__USER=homelab@leechpepin.com
      - FORGEJO__mailer__FROM=Forgejo <homelab@leechpepin.com>
      - FORGEJO__service__DISABLE_REGISTRATION=true
      - FORGEJO__oauth2_client__ENABLE_AUTO_REGISTRATION=true
      - FORGEJO__openid__ENABLE_OPENID_SIGNIN=false
      - FORGEJO__repository__ENABLE_PUSH_CREATE_ORG=true
      - FORGEJO__repository__ENABLE_PUSH_CREATE_USER=true