-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathkustomization.yaml
More file actions
22 lines (22 loc) · 869 Bytes
/
kustomization.yaml
File metadata and controls
22 lines (22 loc) · 869 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
# Wave 0: Configure ArgoCD (KSOPS + GitHub OAuth + RBAC)
# NOTE: cluster-admin ClusterRoleBinding is managed by ansible-role-crc
# (ArgoCD cannot grant itself permissions it doesn't have)
- argocd-config.yaml
# Wave 0: GitHub-team-to-cluster-admin RBAC for OIDC users (Headlamp, kubectl)
- oidc-rbac.yaml
# Wave 0: CI/CD service account with cluster-admin for GitHub Actions
- ci-service-account.yaml
# PostSync: Sync ci-deployer token to GitHub Actions secrets
- ci-token-sync-job.yaml
- wait-for-repo-server.yaml
# Wave 1: Bootstrap secrets (KSOPS-dependent)
- bootstrap-secrets-app.yaml
# Wave 1: Deploy operators (install CRDs)
- operators-app.yaml
- wait-for-crds.yaml
# Wave 2: Deploy workloads (CRs that depend on CRDs)
- workloads-app.yaml