cluster-platform-v3/templates at c26ee5b3c6a15bdfc8fb24ecdfe2fa24c7974bdd - cluster-platform-v3 - Gitea: Git with a cup of tea

odoo-tower/cluster-platform-v3

Files

History

OdooSky v3 c26ee5b3c6 feat(eso): chart 0.7.0 — migrate all 4 remaining Tower-stamped Secrets to ExternalSecret

Phase 2 of Item #9. Adds ExternalSecret manifests for:
  - docker-mirror-pull (×2 namespaces, dockerconfigjson template)
  - cloudflare-api-token-<slug> (per-tenant, gated on tenant.id+slug)
  - s3-backup-creds (per-tenant, in tenants ns)
  - longhorn-s3-creds (per-tenant, gated on tenant.s3Endpoint)

New helm values: tenant.id, tenant.slug, tenant.s3Endpoint. Tower must
pass these per-cluster (next ship). All manifests gated on
externalSecrets.enabled + mountPath set + tenant.id set, so old apps
without the new params remain on the legacy Tower-stamped path until
the operator opts them in.

2026-05-07 21:25:41 +03:00

..

cert-manager-crds.yaml

vendor cert-manager v1.16.1 CRDs (resource-policy:keep stripped); subchart crds.enabled=false

2026-04-29 21:55:56 +02:00

cloudflare-api-token-externalsecret.yaml

feat(eso): chart 0.7.0 — migrate all 4 remaining Tower-stamped Secrets to ExternalSecret

2026-05-07 21:25:41 +03:00

cluster-issuer.yaml

feat(slice 2B.1.1): sync waves — kill the cert-manager-webhook race (chart 0.5.5)

2026-05-04 13:09:47 +03:00

csi-snapshotter.yaml

0.5.2: api-approved annotation on CSI snapshot CRDs + spec.name on RecurringJobs (validator fixes)

2026-05-02 23:21:08 +03:00

docker-mirror-pull-externalsecret.yaml

feat(eso): chart 0.7.0 — migrate all 4 remaining Tower-stamped Secrets to ExternalSecret

2026-05-07 21:25:41 +03:00

gitea-archive-pull-externalsecret.yaml

feat(eso): chart 0.6.0 - ESO subchart + ClusterSecretStore + gitea-archive-pull ExternalSecret

2026-05-07 20:46:22 +03:00

longhorn-recurringjobs.yaml

0.5.2: api-approved annotation on CSI snapshot CRDs + spec.name on RecurringJobs (validator fixes)

2026-05-02 23:21:08 +03:00

longhorn-s3-creds-externalsecret.yaml

feat(eso): chart 0.7.0 — migrate all 4 remaining Tower-stamped Secrets to ExternalSecret

2026-05-07 21:25:41 +03:00

longhorn.yaml

0.3.1: drop premature VolumeSnapshotClass — depends on external snapshotter CRDs (deferred to phase 3)

2026-05-02 21:16:41 +03:00

namespace.yaml

Initial chart: odoosky-system namespace + local container registry (Distribution v2)

2026-04-27 00:47:07 +03:00

openbao-secretstore.yaml

fix(eso): chart 0.6.2 - revert fullnameOverride; use templated SA in ClusterSecretStore

2026-05-07 21:01:38 +03:00

registry.yaml

Registry as NodePort (30500) so kubelet can pull via host loopback while in-cluster pods push via cluster DNS

2026-04-27 00:56:47 +03:00

s3-backup-creds-externalsecret.yaml

feat(eso): chart 0.7.0 — migrate all 4 remaining Tower-stamped Secrets to ExternalSecret

2026-05-07 21:25:41 +03:00

tenants-default-middlewares.yaml

feat(traefik): tenants-default-retry Middleware (3 attempts, 200ms init)

2026-05-05 12:12:57 +02:00

tenants-namespace.yaml

0.2.0 — vendor cert-manager + traefik; parameterized substrate

2026-04-29 15:09:33 +03:00

tenants-wildcard-cert.yaml

feat(slice 2B.3): chart Restore half — injectedWildcards conditional (0.5.7)

2026-05-04 14:27:30 +03:00

tenants-wildcard-secret.yaml

feat(slice 2B.3): chart Restore half — injectedWildcards conditional (0.5.7)

2026-05-04 14:27:30 +03:00