Oleks
bdc43bb1d6
ci/woodpecker/push/container Pipeline was successful
The deploy/fleet-overlay templates had drifted from what actually runs in anton-helm-workloads (verified live + against the emdash-kotkanagrilli reference). Canonical design co-locates everything in the `kotkan` namespace: - source.yaml: GitRepository flux-system -> kotkan, so the HelmRelease chart sourceRef resolves same-namespace (no cross-namespace ref). - secrets.yaml: deploy-key Secret -> kotkan, defined once in the staging overlay; dropped the duplicate definition from the production overlay (production references the shared key by name). - image-automation.yaml: IUA write-back sourceRef anton-workloads-image-automation/flux-system -> anton-helm-workloads/kotkan (the existing read source already has push access). - README.md / DEPLOYMENT.md: namespace + ownership docs corrected.
24 lines
772 B
YAML
24 lines
772 B
YAML
---
|
|
# Flux pulls the chart from the `production` branch of cms-plugins on Gitea.
|
|
# The `ignore` rule restricts reconciliation to /deploy/helm so app-code
|
|
# pushes don't trigger chart re-reconcile.
|
|
apiVersion: source.toolkit.fluxcd.io/v1
|
|
kind: GitRepository
|
|
metadata:
|
|
name: cms-plugins-production
|
|
# Co-located with the HelmRelease in `kotkan` so the chart sourceRef is a
|
|
# same-namespace reference (Flux commonly disables cross-namespace source
|
|
# refs). Matches the emdash-kotkanagrilli reference overlay and the live
|
|
# deploy in anton-helm-workloads.
|
|
namespace: kotkan
|
|
spec:
|
|
interval: 1m0s
|
|
url: ssh://git@git.oleks.space/oleks/cms-plugins.git
|
|
ref:
|
|
branch: production
|
|
secretRef:
|
|
name: cms-plugins-deploy-key
|
|
ignore: |
|
|
/*
|
|
!/deploy/helm
|