k3s/namespaces/monitoring/diun/kustomization.yaml

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

transformers:
  - |-
    apiVersion: builtin
    kind: NamespaceTransformer
    metadata:
      name: notImportantHere
      namespace: monitoring
    unsetOnly: true

namePrefix: diun-
resources:
  - ../../../kustomize/bases/noservice/
  - extra/serviceaccount.yaml
  - extra/clusterrole.yaml
  - extra/clusterrolebinding.yaml

replacements:
  - source:
      kind: Deployment
      name: app
      fieldPath: metadata.labels.[app.kubernetes.io/appName]
    targets:
      - select:
          kind: InfisicalSecret
        options:
          delimiter: "-"
          index: 0
        fieldPaths:
          - spec.managedSecretReference.secretName
      - select:
          kind: InfisicalSecret
        options:
          delimiter: "/"
          index: 2
        fieldPaths:
          - spec.authentication.universalAuth.secretsScope.secretsPath
  - source:
      kind: Deployment
      name: app
      fieldPath: metadata.labels.[app.kubernetes.io/appNamespace]
    targets:
      - select:
          kind: InfisicalSecret
        fieldPaths:
          - spec.managedSecretReference.secretNamespace
      - select:
          kind: InfisicalSecret
        options:
          delimiter: "/"
          index: 1
        fieldPaths:
          - spec.authentication.universalAuth.secretsScope.secretsPath

patches:
  - path: patches/deployment.yaml
    target:
      kind: Deployment
      name: app
  - path: patches/pvc.yaml
    target:
      kind: PersistentVolumeClaim
      name: pvc

labels:
  - includeSelectors: true
    pairs:
      app.kubernetes.io/appName: diun
  - pairs:
      app.kubernetes.io/appNamespace: monitoring

configMapGenerator:
  - name: config
    literals:
      - TZ=America/New_York
      - DIUN_DEFAULTS_MAXTAGS=10
      # Watch setup
      - DIUN_WATCH_WORKERS=10
      - DIUN_WATCH_JITTER=30s
      - DIUN_WATCH_SCHEDULE=0 9,17 * * 1-5
      - DIUN_WATCH_FIRSTCHECKNOTIF=true
      # Diun k8s provider
      - DIUN_PROVIDERS_KUBERNETES=true
      - DIUN_PROVIDERS_KUBERNETES_NAMESPACES=ai,apps,auth,core,homelab,monitoring
      - DIUN_PROVIDERS_KUBERNETES_WATCHBYDEFAULT=true
      # # Notifications to self-hosted healthcheck.io
      # - DIUN_WATCH_HEALTHCHECKS_BASEURL=https://health.leechpepin.com
      # - DIUN_WATCH_HEALTHCHECKS_UUID=<UUID>
      # Ntfy
      - DIUN_NOTIF_NTFY_ENDPOINT=https://ntfy.leechpepin.com