clank/kubernetes-init
1
0
Fork 0
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity
e92c44f7f1
kubernetes-init/terraform.tfstate

3435 lines
1.7 MiB
Plaintext
Raw Normal View History

Add cloudflare
2022-05-08 15:51:41 +02:00
{
"version": 4,
"terraform_version": "1.1.7",
Fix state
2022-05-08 20:27:01 +02:00
"serial": 194,
Add cloudflare
2022-05-08 15:51:41 +02:00
"lineage": "04d648e3-bdd4-2cef-384a-6564647940db",
"outputs": {},
"resources": [
{
"module": "module.dns",
"mode": "managed",
"type": "cloudflare_record",
"name": "exact",
"provider": "module.dns.provider[\"registry.terraform.io/cloudflare/cloudflare\"]",
"instances": [
{
"index_key": "*.kjuulh.app",
"schema_version": 2,
"attributes": {
"allow_overwrite": false,
"created_on": "2022-05-08T13:48:54.289798Z",
"data": [],
"hostname": "*.kjuulh.app",
"id": "7234597988434057f1bc0630efada29b",
"metadata": {
"auto_added": "false",
"managed_by_apps": "false",
"managed_by_argo_tunnel": "false",
"source": "primary"
},
"modified_on": "2022-05-08T13:48:54.289798Z",
"name": "*.kjuulh.app",
"priority": null,
"proxiable": true,
"proxied": false,
"timeouts": null,
"ttl": 3600,
"type": "A",
"value": "49.12.19.255",
"zone_id": "9454b35cb1010b9eab9aadf206fdf11f"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMiJ9",
"dependencies": [
with certmanager
2022-05-08 16:01:59 +02:00
"module.kube-hetzner.data.github_release.hetzner_ccm",
"module.kube-hetzner.data.github_release.hetzner_csi",
"module.kube-hetzner.data.github_release.kured",
Add cloudflare
2022-05-08 15:51:41 +02:00
"module.kube-hetzner.data.hcloud_load_balancer.traefik",
with certmanager
2022-05-08 16:01:59 +02:00
"module.kube-hetzner.data.remote_file.kubeconfig",
Add cloudflare
2022-05-08 15:51:41 +02:00
"module.kube-hetzner.hcloud_firewall.k3s",
with certmanager
2022-05-08 16:01:59 +02:00
"module.kube-hetzner.hcloud_network.k3s",
Add cloudflare
2022-05-08 15:51:41 +02:00
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
with certmanager
2022-05-08 16:01:59 +02:00
"module.kube-hetzner.local_sensitive_file.kubeconfig",
Add cloudflare
2022-05-08 15:51:41 +02:00
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
with certmanager
2022-05-08 16:01:59 +02:00
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.control_planes",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.null_resource.kustomization",
"module.kube-hetzner.random_password.k3s_token"
Add cloudflare
2022-05-08 15:51:41 +02:00
]
},
{
"index_key": "kjuulh.app",
"schema_version": 2,
"attributes": {
"allow_overwrite": false,
"created_on": "2022-05-08T13:48:54.199417Z",
"data": [],
"hostname": "kjuulh.app",
"id": "5bc099d554ee71ea6ce63f76a4531e77",
"metadata": {
"auto_added": "false",
"managed_by_apps": "false",
"managed_by_argo_tunnel": "false",
"source": "primary"
},
"modified_on": "2022-05-08T13:48:54.199417Z",
"name": "kjuulh.app",
"priority": null,
"proxiable": true,
"proxied": false,
"timeouts": null,
"ttl": 3600,
"type": "A",
"value": "49.12.19.255",
"zone_id": "9454b35cb1010b9eab9aadf206fdf11f"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMiJ9",
"dependencies": [
with certmanager
2022-05-08 16:01:59 +02:00
"module.kube-hetzner.data.github_release.hetzner_ccm",
"module.kube-hetzner.data.github_release.hetzner_csi",
"module.kube-hetzner.data.github_release.kured",
Add cloudflare
2022-05-08 15:51:41 +02:00
"module.kube-hetzner.data.hcloud_load_balancer.traefik",
with certmanager
2022-05-08 16:01:59 +02:00
"module.kube-hetzner.data.remote_file.kubeconfig",
Add cloudflare
2022-05-08 15:51:41 +02:00
"module.kube-hetzner.hcloud_firewall.k3s",
with certmanager
2022-05-08 16:01:59 +02:00
"module.kube-hetzner.hcloud_network.k3s",
Add cloudflare
2022-05-08 15:51:41 +02:00
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
with certmanager
2022-05-08 16:01:59 +02:00
"module.kube-hetzner.local_sensitive_file.kubeconfig",
Add cloudflare
2022-05-08 15:51:41 +02:00
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
with certmanager
2022-05-08 16:01:59 +02:00
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.control_planes",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.null_resource.kustomization",
"module.kube-hetzner.random_password.k3s_token"
Add cloudflare
2022-05-08 15:51:41 +02:00
]
}
]
},
Add flux
2022-05-08 17:02:47 +02:00
{
"module": "module.flux",
"mode": "data",
"type": "flux_install",
"name": "main",
"provider": "module.flux.provider[\"registry.terraform.io/fluxcd/flux\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"baseurl": "https://github.com/fluxcd/flux2/releases",
"cluster_domain": "cluster.local",
"components": null,
"components_extra": null,
"content": "---\n# This manifest was generated by flux. DO NOT EDIT.\n# Flux Version: latest\n# Components: source-controller,kustomize-controller,helm-controller,notification-controller\napiVersion: v1\nkind: Namespace\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n pod-security.kubernetes.io/warn: restricted\n pod-security.kubernetes.io/warn-version: latest\n name: flux-system\n---\napiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: alerts.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Alert\n listKind: AlertList\n plural: alerts\n singular: alert\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Alert is the Schema for the alerts API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: AlertSpec defines an alerting rule for events involving a\n list of objects\n properties:\n eventSeverity:\n default: info\n description: Filter events based on severity, defaults to ('info').\n If set to 'info' no events will be filtered.\n enum:\n - info\n - error\n type: string\n eventSources:\n description: Filter events based on the involved objects.\n items:\n description: CrossNamespaceObjectReference contains enough information\n to let you locate the typed referenced object at cluster level\n properties:\n apiVersion:\n description: API version of the referent\n type: string\n kind:\n description: Kind of the referent\n enum:\n - Bucket\n - GitRepository\n - Kustomization\n - HelmRelease\n - HelmChart\n - HelmRepository\n - ImageRepository\n - ImagePolicy\n - ImageUpdateAutomation\n type: string\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs. A single\n {key,value} in the matchLabels map is equivalent to an element\n of matchExpressions,
"id": "2e1d70facf3d57e974ca1cb0830acd8d16311b82deb3c0e5ecb482fc7aa1261b",
"image_pull_secrets": null,
"log_level": "info",
"namespace": "flux-system",
"network_policy": false,
"path": "clank/flux-system/gotk-components.yaml",
"registry": "ghcr.io/fluxcd",
"target_path": "clank",
"toleration_keys": null,
"version": "latest",
"watch_all_namespaces": true
},
"sensitive_attributes": []
}
]
},
{
"module": "module.flux",
"mode": "data",
"type": "flux_sync",
"name": "main",
"provider": "module.flux.provider[\"registry.terraform.io/fluxcd/flux\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"branch": "main",
"commit": null,
"content": "# This manifest was generated by flux. DO NOT EDIT.\n---\napiVersion: source.toolkit.fluxcd.io/v1beta2\nkind: GitRepository\nmetadata:\n name: flux-system\n namespace: flux-system\nspec:\n interval: 1m0s\n ref:\n branch: main\n secretRef:\n name: flux-system\n url: ssh://git@git.front.kjuulh.io/clank/kubernetes-state.git\n---\napiVersion: kustomize.toolkit.fluxcd.io/v1beta2\nkind: Kustomization\nmetadata:\n name: flux-system\n namespace: flux-system\nspec:\n interval: 10m0s\n path: ./clank\n prune: true\n sourceRef:\n kind: GitRepository\n name: flux-system\n",
"git_implementation": null,
"id": "03f8aac88c0386cce28b142e9ea4defd3902a90a0213b8722ce04021876756ee",
"interval": 1,
"kustomize_content": "\napiVersion: kustomize.config.k8s.io/v1beta1\nkind: Kustomization\nresources:\n- gotk-sync.yaml\n- gotk-components.yaml\n",
"kustomize_path": "clank/flux-system/kustomization.yaml",
"name": "flux-system",
"namespace": "flux-system",
"patch_file_paths": {},
"patch_names": null,
"path": "clank/flux-system/gotk-sync.yaml",
"secret": "flux-system",
"semver": null,
"tag": null,
"target_path": "clank",
"url": "ssh://git@git.front.kjuulh.io/clank/kubernetes-state.git"
},
"sensitive_attributes": []
}
]
},
{
"module": "module.flux",
"mode": "data",
"type": "kubectl_file_documents",
"name": "apply",
"provider": "module.flux.provider[\"registry.terraform.io/gavinbunney/kubectl\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"content": "---\n# This manifest was generated by flux. DO NOT EDIT.\n# Flux Version: latest\n# Components: source-controller,kustomize-controller,helm-controller,notification-controller\napiVersion: v1\nkind: Namespace\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n pod-security.kubernetes.io/warn: restricted\n pod-security.kubernetes.io/warn-version: latest\n name: flux-system\n---\napiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: alerts.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Alert\n listKind: AlertList\n plural: alerts\n singular: alert\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Alert is the Schema for the alerts API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: AlertSpec defines an alerting rule for events involving a\n list of objects\n properties:\n eventSeverity:\n default: info\n description: Filter events based on severity, defaults to ('info').\n If set to 'info' no events will be filtered.\n enum:\n - info\n - error\n type: string\n eventSources:\n description: Filter events based on the involved objects.\n items:\n description: CrossNamespaceObjectReference contains enough information\n to let you locate the typed referenced object at cluster level\n properties:\n apiVersion:\n description: API version of the referent\n type: string\n kind:\n description: Kind of the referent\n enum:\n - Bucket\n - GitRepository\n - Kustomization\n - HelmRelease\n - HelmChart\n - HelmRepository\n - ImageRepository\n - ImagePolicy\n - ImageUpdateAutomation\n type: string\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs. A single\n {key,value} in the matchLabels map is equivalent to an element\n of matchExpressions,
"documents": [
"---\n# This manifest was generated by flux. DO NOT EDIT.\n# Flux Version: latest\n# Components: source-controller,kustomize-controller,helm-controller,notification-controller\napiVersion: v1\nkind: Namespace\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n pod-security.kubernetes.io/warn: restricted\n pod-security.kubernetes.io/warn-version: latest\n name: flux-system",
"apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: alerts.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Alert\n listKind: AlertList\n plural: alerts\n singular: alert\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Alert is the Schema for the alerts API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: AlertSpec defines an alerting rule for events involving a\n list of objects\n properties:\n eventSeverity:\n default: info\n description: Filter events based on severity, defaults to ('info').\n If set to 'info' no events will be filtered.\n enum:\n - info\n - error\n type: string\n eventSources:\n description: Filter events based on the involved objects.\n items:\n description: CrossNamespaceObjectReference contains enough information\n to let you locate the typed referenced object at cluster level\n properties:\n apiVersion:\n description: API version of the referent\n type: string\n kind:\n description: Kind of the referent\n enum:\n - Bucket\n - GitRepository\n - Kustomization\n - HelmRelease\n - HelmChart\n - HelmRepository\n - ImageRepository\n - ImagePolicy\n - ImageUpdateAutomation\n type: string\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs. A single\n {key,value} in the matchLabels map is equivalent to an element\n of matchExpressions, whose key field is \"key\", the operator\n is \"In\", and the values array contains only \"value\". The requirements\n are ANDed.\n type: object\n name:\n description: Name of the referent\n maxLength: 53\n minLength: 1\n type: string\n namespace:\n description: Namespace of th
"apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: buckets.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: Bucket\n listKind: BucketList\n plural: buckets\n singular: bucket\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.endpoint\n name: Endpoint\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Bucket is the Schema for the buckets API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: BucketSpec defines the desired state of an S3 compatible\n bucket\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n bucketName:\n description: The bucket name.\n type: string\n endpoint:\n description: The bucket endpoint address.\n type: string\n ignore:\n description: Ignore overrides the set of excluded patterns in the\n .sourceignore format (which is the same as .gitignore). If not provided,\n a default will be used, consult the documentation for your version\n to find out what those
"apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: gitrepositories.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: GitRepository\n listKind: GitRepositoryList\n plural: gitrepositories\n shortNames:\n - gitrepo\n singular: gitrepository\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.url\n name: URL\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: GitRepository is the Schema for the gitrepositories API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: GitRepositorySpec defines the desired state of a Git repository.\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n gitImplementation:\n default: go-git\n description: Determines which git client library to use. Defaults\n to go-git, valid values are ('go-git', 'libgit2').\n enum:\n - go-git\n - libgit2\n type: string\n ignore:\n description: Ignore overrides the set of excluded patterns in the\n .sourceignore format (which is t
"apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helmcharts.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: HelmChart\n listKind: HelmChartList\n plural: helmcharts\n shortNames:\n - hc\n singular: helmchart\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.chart\n name: Chart\n type: string\n - jsonPath: .spec.version\n name: Version\n type: string\n - jsonPath: .spec.sourceRef.kind\n name: Source Kind\n type: string\n - jsonPath: .spec.sourceRef.name\n name: Source Name\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: HelmChart is the Schema for the helmcharts API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: HelmChartSpec defines the desired state of a Helm chart.\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n chart:\n description: The name or path the Helm chart is available at in the\n SourceRef.\n type: string\n interval:\n description: The interval at which to check the Source for updates.\n
"apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helmreleases.helm.toolkit.fluxcd.io\nspec:\n group: helm.toolkit.fluxcd.io\n names:\n kind: HelmRelease\n listKind: HelmReleaseList\n plural: helmreleases\n shortNames:\n - hr\n singular: helmrelease\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v2beta1\n schema:\n openAPIV3Schema:\n description: HelmRelease is the Schema for the helmreleases API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: HelmReleaseSpec defines the desired state of a Helm release.\n properties:\n chart:\n description: Chart defines the template of the v1beta2.HelmChart that\n should be created for this HelmRelease.\n properties:\n spec:\n description: Spec holds the template for the v1beta2.HelmChartSpec\n for this HelmRelease.\n properties:\n chart:\n description: The name or path the Helm chart is available\n at in the SourceRef.\n type: string\n interval:\n description: Interval at which to check the v1beta2.Source\n for updates. Defaults to 'HelmReleaseSpec.Interval'.\n type: string\n reconcileStrategy:\n default: ChartVersion\n description: Determines what enables the creation of a new\n artifact. Valid values are ('ChartVersion', 'Revision').\n See the documentation of the values for an explanation on\n their behavior. Defaults to ChartVersion when omitted.\n enum:\n - ChartVersion\n - Revision\n type: string\n sourceRef:\n description: The name and namespace of the v1beta2.Source\n the chart is available at.\n properties:\n apiVersion:\n description: APIVersion of the referent.\n type: string\n kind:\n description: Kind of the referent.\n enum:\n - HelmRepository\n - GitRepository\n - Bucket\n type: string\n
"apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helmrepositories.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: HelmRepository\n listKind: HelmRepositoryList\n plural: helmrepositories\n shortNames:\n - helmrepo\n singular: helmrepository\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.url\n name: URL\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: HelmRepository is the Schema for the helmrepositories API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: HelmRepositorySpec defines the reference to a Helm repository.\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n interval:\n description: The interval at which to check the upstream for updates.\n type: string\n passCredentials:\n description: PassCredentials allows the credentials from the SecretRef\n to be passed on to a host that does not match the host as defined\n in URL. This may be required if the host of the advertised chart\n URLs in the index differ fr
"apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: kustomizations.kustomize.toolkit.fluxcd.io\nspec:\n group: kustomize.toolkit.fluxcd.io\n names:\n kind: Kustomization\n listKind: KustomizationList\n plural: kustomizations\n shortNames:\n - ks\n singular: kustomization\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Kustomization is the Schema for the kustomizations API.\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: KustomizationSpec defines the desired state of a kustomization.\n properties:\n decryption:\n description: Decrypt Kubernetes secrets before applying them on the\n cluster.\n properties:\n provider:\n description: Provider is the name of the decryption engine.\n enum:\n - sops\n type: string\n secretRef:\n description: The secret name containing the private OpenPGP keys\n used for decryption.\n properties:\n name:\n description: Name of the referent.\n type: string\n required:\n - name\n type: object\n required:\n - provider\n type: object\n dependsOn:\n description: DependsOn may contain a meta.NamespacedObjectReference\n slice with references to Kustomization resources that must be ready\n before this Kustomization can be reconciled.\n items:\n description: NamespacedObjectReference contains enough information\n to locate the referenced Kubernetes resource object in any namespace.\n properties:\n name:\n description: Name of the referent.\n type: string\n namespace:\n description: Namespace of the referent, when not specified it\n acts as LocalObjectReference.\n type: string\n required:\n - name\n type: object\n type: array\n force:\n default: false\n description: Force instructs the controller to recreate resources\n when patching fails due to an immutable field change.\n type: boolean\n
"apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: providers.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Provider\n listKind: ProviderList\n plural: providers\n singular: provider\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Provider is the Schema for the providers API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: ProviderSpec defines the desired state of Provider\n properties:\n address:\n description: HTTP/S webhook address of this provider\n pattern: ^(http|https)://\n type: string\n certSecretRef:\n description: CertSecretRef can be given the name of a secret containing\n a PEM-encoded CA certificate (`caFile`)\n properties:\n name:\n description: Name of the referent.\n type: string\n required:\n - name\n type: object\n channel:\n description: Alert channel for this provider\n type: string\n proxy:\n description: HTTP/S address of the proxy\n pattern: ^(http|https)://\n type: string\n secretRef:\n description: Secret reference containing the provider webhook URL\n using \"address\" as data key\n properties:\n name:\n description: Name of the referent.\n type: string\n required:\n - name\n type: object\n suspend:\n description: This flag tells the controller to suspend subsequent\n events handling. Defaults to false.\n type: boolean\n type:\n description: Type of provider\n enum:\n - slack\n - discord\n - msteams\n - rocket\n - generic\n - github\n - gitlab\n - bitbucket\n - azuredevops\n - googlechat\n - webex\n - sentry\n - azureeventhub\n - telegram\n - lark\n - matrix\n - opsgenie\n - alertmanager\n - grafana\n type: string\n username:\n description: Bot
"apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: receivers.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Receiver\n listKind: ReceiverList\n plural: receivers\n singular: receiver\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Receiver is the Schema for the receivers API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: ReceiverSpec defines the desired state of Receiver\n properties:\n events:\n description: A list of events to handle, e.g. 'push' for GitHub or\n 'Push Hook' for GitLab.\n items:\n type: string\n type: array\n resources:\n description: A list of resources to be notified about changes.\n items:\n description: CrossNamespaceObjectReference contains enough information\n to let you locate the typed referenced object at cluster level\n properties:\n apiVersion:\n description: API version of the referent\n type: string\n kind:\n description: Kind of the referent\n enum:\n - Bucket\n - GitRepository\n - Kustomization\n - HelmRelease\n - HelmChart\n - HelmRepository\n - ImageRepository\n - ImagePolicy\n - ImageUpdateAutomation\n type: string\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs. A single\n {key,value} in the matchLabels map is equivalent to an element\n of matchExpressions, whose key field is \"key\", the operator\n is \"In\", and the values array contains only \"value\". The requirements\n are ANDed.\n type: object\n name:\n description: Name of the referent\n maxLength: 53\n minLength: 1\n type: string\n namespace:\n description: Namespace of the referent\n maxLength: 53\n minLength: 1\n
"apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helm-controller\n namespace: flux-system",
"apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: kustomize-controller\n namespace: flux-system",
"apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: notification-controller\n namespace: flux-system",
"apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: source-controller\n namespace: flux-system",
"apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRole\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: crd-controller-flux-system\nrules:\n- apiGroups:\n - source.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - kustomize.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - helm.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - notification.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - image.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - \"\"\n resources:\n - namespaces\n - secrets\n - configmaps\n - serviceaccounts\n verbs:\n - get\n - list\n - watch\n- apiGroups:\n - \"\"\n resources:\n - events\n verbs:\n - create\n - patch\n- apiGroups:\n - \"\"\n resources:\n - configmaps\n verbs:\n - get\n - list\n - watch\n - create\n - update\n - patch\n - delete\n- apiGroups:\n - \"\"\n resources:\n - configmaps/status\n verbs:\n - get\n - update\n - patch\n- apiGroups:\n - coordination.k8s.io\n resources:\n - leases\n verbs:\n - get\n - list\n - watch\n - create\n - update\n - patch\n - delete",
"apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: cluster-reconciler-flux-system\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: cluster-admin\nsubjects:\n- kind: ServiceAccount\n name: kustomize-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: helm-controller\n namespace: flux-system",
"apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: crd-controller-flux-system\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: crd-controller-flux-system\nsubjects:\n- kind: ServiceAccount\n name: kustomize-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: helm-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: source-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: notification-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: image-reflector-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: image-automation-controller\n namespace: flux-system",
"apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: notification-controller\n namespace: flux-system\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: http\n selector:\n app: notification-controller\n type: ClusterIP",
"apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: source-controller\n namespace: flux-system\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: http\n selector:\n app: source-controller\n type: ClusterIP",
"apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: webhook-receiver\n namespace: flux-system\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: http-webhook\n selector:\n app: notification-controller\n type: ClusterIP",
"apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: helm-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: helm-controller\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: helm-controller\n spec:\n containers:\n - args:\n - --events-addr=http://notification-controller.flux-system.svc.cluster.local./\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/helm-controller:v0.21.0\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readyz\n port: healthz\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 100m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /tmp\n name: temp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: helm-controller\n terminationGracePeriodSeconds: 600\n volumes:\n - emptyDir: {}\n name: temp",
"apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: kustomize-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: kustomize-controller\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: kustomize-controller\n spec:\n containers:\n - args:\n - --events-addr=http://notification-controller.flux-system.svc.cluster.local./\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/kustomize-controller:v0.25.0\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readyz\n port: healthz\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 100m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /tmp\n name: temp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: kustomize-controller\n terminationGracePeriodSeconds: 60\n volumes:\n - emptyDir: {}\n name: temp",
"apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: notification-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: notification-controller\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: notification-controller\n spec:\n containers:\n - args:\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/notification-controller:v0.23.5\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 9090\n name: http\n protocol: TCP\n - containerPort: 9292\n name: http-webhook\n protocol: TCP\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readyz\n port: healthz\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 100m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /tmp\n name: temp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: notification-controller\n terminationGracePeriodSeconds: 10\n volumes:\n - emptyDir: {}\n name: temp",
"apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: source-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: source-controller\n strategy:\n type: Recreate\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: source-controller\n spec:\n containers:\n - args:\n - --events-addr=http://notification-controller.flux-system.svc.cluster.local./\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n - --storage-path=/data\n - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local.\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/source-controller:v0.24.4\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 9090\n name: http\n protocol: TCP\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /\n port: http\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 50m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /data\n name: data\n - mountPath: /tmp\n name: tmp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: source-controller\n terminationGracePeriodSeconds: 10\n volumes:\n - emptyDir: {}\n name: data\n - emptyDir: {}\n name: tmp"
],
"id": "974058759fd5b58b22f593bc00fac71b8ed7f6b34500fcda526f255a071cd7b5",
"manifests": {
"/api/v1/namespaces/flux-system": "apiVersion: v1\nkind: Namespace\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n pod-security.kubernetes.io/warn: restricted\n pod-security.kubernetes.io/warn-version: latest\n name: flux-system\n",
"/api/v1/namespaces/flux-system/serviceaccounts/helm-controller": "apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helm-controller\n namespace: flux-system\n",
"/api/v1/namespaces/flux-system/serviceaccounts/kustomize-controller": "apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: kustomize-controller\n namespace: flux-system\n",
"/api/v1/namespaces/flux-system/serviceaccounts/notification-controller": "apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: notification-controller\n namespace: flux-system\n",
"/api/v1/namespaces/flux-system/serviceaccounts/source-controller": "apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: source-controller\n namespace: flux-system\n",
"/api/v1/namespaces/flux-system/services/notification-controller": "apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: notification-controller\n namespace: flux-system\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: http\n selector:\n app: notification-controller\n type: ClusterIP\n",
"/api/v1/namespaces/flux-system/services/source-controller": "apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: source-controller\n namespace: flux-system\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: http\n selector:\n app: source-controller\n type: ClusterIP\n",
"/api/v1/namespaces/flux-system/services/webhook-receiver": "apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: webhook-receiver\n namespace: flux-system\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: http-webhook\n selector:\n app: notification-controller\n type: ClusterIP\n",
"/apis/apiextensions.k8s.io/v1/customresourcedefinitions/alerts.notification.toolkit.fluxcd.io": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: alerts.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Alert\n listKind: AlertList\n plural: alerts\n singular: alert\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Alert is the Schema for the alerts API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: AlertSpec defines an alerting rule for events involving a\n list of objects\n properties:\n eventSeverity:\n default: info\n description: Filter events based on severity, defaults to ('info').\n If set to 'info' no events will be filtered.\n enum:\n - info\n - error\n type: string\n eventSources:\n description: Filter events based on the involved objects.\n items:\n description: CrossNamespaceObjectReference contains enough information\n to let you locate the typed referenced object at cluster level\n properties:\n apiVersion:\n description: API version of the referent\n type: string\n kind:\n description: Kind of the referent\n enum:\n - Bucket\n - GitRepository\n - Kustomization\n - HelmRelease\n - HelmChart\n - HelmRepository\n - ImageRepository\n - ImagePolicy\n - ImageUpdateAutomation\n type: string\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs. A single\n {key,value} in the matchLabels map is equivalent to an element\n of matchExpressions, whose key field is \"key\", the operator\n is \"In\", and the values array contains only \"value\". The requirements\n are ANDed.\n type: object\n name:\n description: Name of the referent\n maxLength: 53\n minLength: 1\n
"/apis/apiextensions.k8s.io/v1/customresourcedefinitions/buckets.source.toolkit.fluxcd.io": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: buckets.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: Bucket\n listKind: BucketList\n plural: buckets\n singular: bucket\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.endpoint\n name: Endpoint\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Bucket is the Schema for the buckets API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: BucketSpec defines the desired state of an S3 compatible\n bucket\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n bucketName:\n description: The bucket name.\n type: string\n endpoint:\n description: The bucket endpoint address.\n type: string\n ignore:\n description: Ignore overrides the set of excluded patterns in the\n .sourceignore format (which is the same as .gitignore). If not provided,\n a default will b
"/apis/apiextensions.k8s.io/v1/customresourcedefinitions/gitrepositories.source.toolkit.fluxcd.io": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: gitrepositories.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: GitRepository\n listKind: GitRepositoryList\n plural: gitrepositories\n shortNames:\n - gitrepo\n singular: gitrepository\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.url\n name: URL\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: GitRepository is the Schema for the gitrepositories API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: GitRepositorySpec defines the desired state of a Git repository.\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n gitImplementation:\n default: go-git\n description: Determines which git client library to use. Defaults\n to go-git, valid values are ('go-git', 'libgit2').\n enum:\n - go-git\n - libgit2\n type: string\n ignore:\n description: Igno
"/apis/apiextensions.k8s.io/v1/customresourcedefinitions/helmcharts.source.toolkit.fluxcd.io": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helmcharts.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: HelmChart\n listKind: HelmChartList\n plural: helmcharts\n shortNames:\n - hc\n singular: helmchart\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.chart\n name: Chart\n type: string\n - jsonPath: .spec.version\n name: Version\n type: string\n - jsonPath: .spec.sourceRef.kind\n name: Source Kind\n type: string\n - jsonPath: .spec.sourceRef.name\n name: Source Name\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: HelmChart is the Schema for the helmcharts API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: HelmChartSpec defines the desired state of a Helm chart.\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n chart:\n description: The name or path the Helm chart is available at in the\n SourceRef.\n type: string\n interval
"/apis/apiextensions.k8s.io/v1/customresourcedefinitions/helmreleases.helm.toolkit.fluxcd.io": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helmreleases.helm.toolkit.fluxcd.io\nspec:\n group: helm.toolkit.fluxcd.io\n names:\n kind: HelmRelease\n listKind: HelmReleaseList\n plural: helmreleases\n shortNames:\n - hr\n singular: helmrelease\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v2beta1\n schema:\n openAPIV3Schema:\n description: HelmRelease is the Schema for the helmreleases API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: HelmReleaseSpec defines the desired state of a Helm release.\n properties:\n chart:\n description: Chart defines the template of the v1beta2.HelmChart that\n should be created for this HelmRelease.\n properties:\n spec:\n description: Spec holds the template for the v1beta2.HelmChartSpec\n for this HelmRelease.\n properties:\n chart:\n description: The name or path the Helm chart is available\n at in the SourceRef.\n type: string\n interval:\n description: Interval at which to check the v1beta2.Source\n for updates. Defaults to 'HelmReleaseSpec.Interval'.\n type: string\n reconcileStrategy:\n default: ChartVersion\n description: Determines what enables the creation of a new\n artifact. Valid values are ('ChartVersion', 'Revision').\n See the documentation of the values for an explanation on\n their behavior. Defaults to ChartVersion when omitted.\n enum:\n - ChartVersion\n - Revision\n type: string\n sourceRef:\n description: The name and namespace of the v1beta2.Source\n the chart is available at.\n properties:\n apiVersion:\n description: APIVersion of the referent.\n type: string\n kind:\n description: Kind of the referent.\n enum:\n - HelmRepository\n - GitRepository\n
"/apis/apiextensions.k8s.io/v1/customresourcedefinitions/helmrepositories.source.toolkit.fluxcd.io": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helmrepositories.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: HelmRepository\n listKind: HelmRepositoryList\n plural: helmrepositories\n shortNames:\n - helmrepo\n singular: helmrepository\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.url\n name: URL\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: HelmRepository is the Schema for the helmrepositories API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: HelmRepositorySpec defines the reference to a Helm repository.\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n interval:\n description: The interval at which to check the upstream for updates.\n type: string\n passCredentials:\n description: PassCredentials allows the credentials from the SecretRef\n to be passed on to a host that does not match the host as defined\n in URL. Th
"/apis/apiextensions.k8s.io/v1/customresourcedefinitions/kustomizations.kustomize.toolkit.fluxcd.io": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: kustomizations.kustomize.toolkit.fluxcd.io\nspec:\n group: kustomize.toolkit.fluxcd.io\n names:\n kind: Kustomization\n listKind: KustomizationList\n plural: kustomizations\n shortNames:\n - ks\n singular: kustomization\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Kustomization is the Schema for the kustomizations API.\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: KustomizationSpec defines the desired state of a kustomization.\n properties:\n decryption:\n description: Decrypt Kubernetes secrets before applying them on the\n cluster.\n properties:\n provider:\n description: Provider is the name of the decryption engine.\n enum:\n - sops\n type: string\n secretRef:\n description: The secret name containing the private OpenPGP keys\n used for decryption.\n properties:\n name:\n description: Name of the referent.\n type: string\n required:\n - name\n type: object\n required:\n - provider\n type: object\n dependsOn:\n description: DependsOn may contain a meta.NamespacedObjectReference\n slice with references to Kustomization resources that must be ready\n before this Kustomization can be reconciled.\n items:\n description: NamespacedObjectReference contains enough information\n to locate the referenced Kubernetes resource object in any namespace.\n properties:\n name:\n description: Name of the referent.\n type: string\n namespace:\n description: Namespace of the referent, when not specified it\n acts as LocalObjectReference.\n type: string\n required:\n - name\n type: object\n type: array\n force:\n default: false\n description: Force instructs the controller to recreate resources\n
"/apis/apiextensions.k8s.io/v1/customresourcedefinitions/providers.notification.toolkit.fluxcd.io": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: providers.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Provider\n listKind: ProviderList\n plural: providers\n singular: provider\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Provider is the Schema for the providers API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: ProviderSpec defines the desired state of Provider\n properties:\n address:\n description: HTTP/S webhook address of this provider\n pattern: ^(http|https)://\n type: string\n certSecretRef:\n description: CertSecretRef can be given the name of a secret containing\n a PEM-encoded CA certificate (`caFile`)\n properties:\n name:\n description: Name of the referent.\n type: string\n required:\n - name\n type: object\n channel:\n description: Alert channel for this provider\n type: string\n proxy:\n description: HTTP/S address of the proxy\n pattern: ^(http|https)://\n type: string\n secretRef:\n description: Secret reference containing the provider webhook URL\n using \"address\" as data key\n properties:\n name:\n description: Name of the referent.\n type: string\n required:\n - name\n type: object\n suspend:\n description: This flag tells the controller to suspend subsequent\n events handling. Defaults to false.\n type: boolean\n type:\n description: Type of provider\n enum:\n - slack\n - discord\n - msteams\n - rocket\n - generic\n - github\n - gitlab\n - bitbucket\n - azuredevops\n - googlechat\n - webex\n - sentry\n - azureeventhub\n - telegram\n - lark\n - matrix\n - opsgenie\n - alertmanager\n
"/apis/apiextensions.k8s.io/v1/customresourcedefinitions/receivers.notification.toolkit.fluxcd.io": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: receivers.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Receiver\n listKind: ReceiverList\n plural: receivers\n singular: receiver\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Receiver is the Schema for the receivers API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: ReceiverSpec defines the desired state of Receiver\n properties:\n events:\n description: A list of events to handle, e.g. 'push' for GitHub or\n 'Push Hook' for GitLab.\n items:\n type: string\n type: array\n resources:\n description: A list of resources to be notified about changes.\n items:\n description: CrossNamespaceObjectReference contains enough information\n to let you locate the typed referenced object at cluster level\n properties:\n apiVersion:\n description: API version of the referent\n type: string\n kind:\n description: Kind of the referent\n enum:\n - Bucket\n - GitRepository\n - Kustomization\n - HelmRelease\n - HelmChart\n - HelmRepository\n - ImageRepository\n - ImagePolicy\n - ImageUpdateAutomation\n type: string\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs. A single\n {key,value} in the matchLabels map is equivalent to an element\n of matchExpressions, whose key field is \"key\", the operator\n is \"In\", and the values array contains only \"value\". The requirements\n are ANDed.\n type: object\n name:\n description: Name of the referent\n maxLength: 53\n minLength: 1\n type: string\n namespace:\n description: Namespa
"/apis/apps/v1/namespaces/flux-system/deployments/helm-controller": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: helm-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: helm-controller\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: helm-controller\n spec:\n containers:\n - args:\n - --events-addr=http://notification-controller.flux-system.svc.cluster.local./\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/helm-controller:v0.21.0\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readyz\n port: healthz\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 100m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /tmp\n name: temp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: helm-controller\n terminationGracePeriodSeconds: 600\n volumes:\n - emptyDir: {}\n name: temp\n",
"/apis/apps/v1/namespaces/flux-system/deployments/kustomize-controller": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: kustomize-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: kustomize-controller\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: kustomize-controller\n spec:\n containers:\n - args:\n - --events-addr=http://notification-controller.flux-system.svc.cluster.local./\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/kustomize-controller:v0.25.0\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readyz\n port: healthz\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 100m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /tmp\n name: temp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: kustomize-controller\n terminationGracePeriodSeconds: 60\n volumes:\n - emptyDir: {}\n name: temp\n",
"/apis/apps/v1/namespaces/flux-system/deployments/notification-controller": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: notification-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: notification-controller\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: notification-controller\n spec:\n containers:\n - args:\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/notification-controller:v0.23.5\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 9090\n name: http\n protocol: TCP\n - containerPort: 9292\n name: http-webhook\n protocol: TCP\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readyz\n port: healthz\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 100m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /tmp\n name: temp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: notification-controller\n terminationGracePeriodSeconds: 10\n volumes:\n - emptyDir: {}\n name: temp\n",
"/apis/apps/v1/namespaces/flux-system/deployments/source-controller": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: source-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: source-controller\n strategy:\n type: Recreate\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: source-controller\n spec:\n containers:\n - args:\n - --events-addr=http://notification-controller.flux-system.svc.cluster.local./\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n - --storage-path=/data\n - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local.\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/source-controller:v0.24.4\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 9090\n name: http\n protocol: TCP\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /\n port: http\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 50m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /data\n name: data\n - mountPath: /tmp\n name: tmp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: source-controller\n terminationGracePeriodSeconds: 10\n volumes:\n - emptyDir: {}\n name: data\n - emptyDir: {}\n name: tmp\n",
"/apis/rbac.authorization.k8s.io/v1/clusterrolebindings/cluster-reconciler-flux-system": "apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: cluster-reconciler-flux-system\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: cluster-admin\nsubjects:\n- kind: ServiceAccount\n name: kustomize-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: helm-controller\n namespace: flux-system\n",
"/apis/rbac.authorization.k8s.io/v1/clusterrolebindings/crd-controller-flux-system": "apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: crd-controller-flux-system\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: crd-controller-flux-system\nsubjects:\n- kind: ServiceAccount\n name: kustomize-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: helm-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: source-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: notification-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: image-reflector-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: image-automation-controller\n namespace: flux-system\n",
"/apis/rbac.authorization.k8s.io/v1/clusterroles/crd-controller-flux-system": "apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRole\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: crd-controller-flux-system\nrules:\n- apiGroups:\n - source.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - kustomize.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - helm.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - notification.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - image.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - \"\"\n resources:\n - namespaces\n - secrets\n - configmaps\n - serviceaccounts\n verbs:\n - get\n - list\n - watch\n- apiGroups:\n - \"\"\n resources:\n - events\n verbs:\n - create\n - patch\n- apiGroups:\n - \"\"\n resources:\n - configmaps\n verbs:\n - get\n - list\n - watch\n - create\n - update\n - patch\n - delete\n- apiGroups:\n - \"\"\n resources:\n - configmaps/status\n verbs:\n - get\n - update\n - patch\n- apiGroups:\n - coordination.k8s.io\n resources:\n - leases\n verbs:\n - get\n - list\n - watch\n - create\n - update\n - patch\n - delete\n"
}
},
"sensitive_attributes": []
}
]
},
{
"module": "module.flux",
"mode": "data",
"type": "kubectl_file_documents",
"name": "sync",
"provider": "module.flux.provider[\"registry.terraform.io/gavinbunney/kubectl\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"content": "# This manifest was generated by flux. DO NOT EDIT.\n---\napiVersion: source.toolkit.fluxcd.io/v1beta2\nkind: GitRepository\nmetadata:\n name: flux-system\n namespace: flux-system\nspec:\n interval: 1m0s\n ref:\n branch: main\n secretRef:\n name: flux-system\n url: ssh://git@git.front.kjuulh.io/clank/kubernetes-state.git\n---\napiVersion: kustomize.toolkit.fluxcd.io/v1beta2\nkind: Kustomization\nmetadata:\n name: flux-system\n namespace: flux-system\nspec:\n interval: 10m0s\n path: ./clank\n prune: true\n sourceRef:\n kind: GitRepository\n name: flux-system\n",
"documents": [
"apiVersion: source.toolkit.fluxcd.io/v1beta2\nkind: GitRepository\nmetadata:\n name: flux-system\n namespace: flux-system\nspec:\n interval: 1m0s\n ref:\n branch: main\n secretRef:\n name: flux-system\n url: ssh://git@git.front.kjuulh.io/clank/kubernetes-state.git",
"apiVersion: kustomize.toolkit.fluxcd.io/v1beta2\nkind: Kustomization\nmetadata:\n name: flux-system\n namespace: flux-system\nspec:\n interval: 10m0s\n path: ./clank\n prune: true\n sourceRef:\n kind: GitRepository\n name: flux-system"
],
"id": "e8997c4e0723aaa03560bc3abf63ef964f956c0fcdf89eb1cbfb760c799cf8d0",
"manifests": {
"/apis/kustomize.toolkit.fluxcd.io/v1beta2/namespaces/flux-system/kustomizations/flux-system": "apiVersion: kustomize.toolkit.fluxcd.io/v1beta2\nkind: Kustomization\nmetadata:\n name: flux-system\n namespace: flux-system\nspec:\n interval: 10m0s\n path: ./clank\n prune: true\n sourceRef:\n kind: GitRepository\n name: flux-system\n",
"/apis/source.toolkit.fluxcd.io/v1beta2/namespaces/flux-system/gitrepositorys/flux-system": "apiVersion: source.toolkit.fluxcd.io/v1beta2\nkind: GitRepository\nmetadata:\n name: flux-system\n namespace: flux-system\nspec:\n interval: 1m0s\n ref:\n branch: main\n secretRef:\n name: flux-system\n url: ssh://git@git.front.kjuulh.io/clank/kubernetes-state.git\n"
}
},
"sensitive_attributes": []
}
]
},
{
"module": "module.flux",
"mode": "managed",
"type": "kubectl_manifest",
"name": "apply",
"provider": "module.flux.provider[\"registry.terraform.io/gavinbunney/kubectl\"]",
"instances": [
{
"index_key": "apiextensions.k8s.io/v1/customresourcedefinition/alerts.notification.toolkit.fluxcd.io",
"schema_version": 1,
"attributes": {
"api_version": "apiextensions.k8s.io/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apiextensions.k8s.io/v1/customresourcedefinitions/alerts.notification.toolkit.fluxcd.io",
"ignore_fields": null,
"kind": "CustomResourceDefinition",
"live_manifest_incluster": "3eb4be5c0abda78b11086bee7392e6b42d459303662ec0dabdbaf95d67cb3906",
"live_uid": "e1ca18e4-5cc9-48ff-98ed-d7f886b6d7c2",
"name": "alerts.notification.toolkit.fluxcd.io",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
"uid": "e1ca18e4-5cc9-48ff-98ed-d7f886b6d7c2",
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: alerts.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Alert\n listKind: AlertList\n plural: alerts\n singular: alert\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Alert is the Schema for the alerts API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: AlertSpec defines an alerting rule for events involving a\n list of objects\n properties:\n eventSeverity:\n default: info\n description: Filter events based on severity, defaults to ('info').\n If set to 'info' no events will be filtered.\n enum:\n - info\n - error\n type: string\n eventSources:\n description: Filter events based on the involved objects.\n items:\n description: CrossNamespaceObjectReference contains enough information\n to let you locate the typed referenced object at cluster level\n properties:\n apiVersion:\n description: API version of the referent\n type: string\n kind:\n description: Kind of the referent\n enum:\n - Bucket\n - GitRepository\n - Kustomization\n - HelmRelease\n - HelmChart\n - HelmRepository\n - ImageRepository\n - ImagePolicy\n - ImageUpdateAutomation\n type: string\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs. A single\n {key,value} in the matchLabels map is equivalent to an element\n of matchExpressions, whose key field is \"key\", the operator\n is \"In\", and the values array contains only \"value\". The requirements\n are ANDed.\n type: object\n name:\n description: Name of the referent\n maxLength: 53\n minLength: 1\n type: string\n namespace:\n description: Name
"yaml_body_parsed": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: alerts.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Alert\n listKind: AlertList\n plural: alerts\n singular: alert\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Alert is the Schema for the alerts API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: AlertSpec defines an alerting rule for events involving a\n list of objects\n properties:\n eventSeverity:\n default: info\n description: Filter events based on severity, defaults to ('info').\n If set to 'info' no events will be filtered.\n enum:\n - info\n - error\n type: string\n eventSources:\n description: Filter events based on the involved objects.\n items:\n description: CrossNamespaceObjectReference contains enough information\n to let you locate the typed referenced object at cluster level\n properties:\n apiVersion:\n description: API version of the referent\n type: string\n kind:\n description: Kind of the referent\n enum:\n - Bucket\n - GitRepository\n - Kustomization\n - HelmRelease\n - HelmChart\n - HelmRepository\n - ImageRepository\n - ImagePolicy\n - ImageUpdateAutomation\n type: string\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs. A single\n {key,value} in the matchLabels map is equivalent to an element\n of matchExpressions, whose key field is \"key\", the operator\n is \"In\", and the values array contains only \"value\". The requirements\n are ANDed.\n type: object\n name:\n description: Name of the referent\n maxLength: 53\n minLength: 1\n type: string\n namespace:\n descriptio
"yaml_incluster": "3eb4be5c0abda78b11086bee7392e6b42d459303662ec0dabdbaf95d67cb3906"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "apiextensions.k8s.io/v1/customresourcedefinition/buckets.source.toolkit.fluxcd.io",
"schema_version": 1,
"attributes": {
"api_version": "apiextensions.k8s.io/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apiextensions.k8s.io/v1/customresourcedefinitions/buckets.source.toolkit.fluxcd.io",
"ignore_fields": null,
"kind": "CustomResourceDefinition",
"live_manifest_incluster": "4ec58b70c20cd1a91e0df4e5a9c83429927ab34766e1866beed7a7c7c3b2201c",
"live_uid": "0187872f-792e-45df-b75b-b825eb77db20",
"name": "buckets.source.toolkit.fluxcd.io",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
"uid": "0187872f-792e-45df-b75b-b825eb77db20",
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: buckets.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: Bucket\n listKind: BucketList\n plural: buckets\n singular: bucket\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.endpoint\n name: Endpoint\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Bucket is the Schema for the buckets API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: BucketSpec defines the desired state of an S3 compatible\n bucket\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n bucketName:\n description: The bucket name.\n type: string\n endpoint:\n description: The bucket endpoint address.\n type: string\n ignore:\n description: Ignore overrides the set of excluded patterns in the\n .sourceignore format (which is the same as .gitignore). If not provided,\n a default will be used, consult the documentation for your version\n to find out
"yaml_body_parsed": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: buckets.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: Bucket\n listKind: BucketList\n plural: buckets\n singular: bucket\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.endpoint\n name: Endpoint\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Bucket is the Schema for the buckets API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: BucketSpec defines the desired state of an S3 compatible\n bucket\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n bucketName:\n description: The bucket name.\n type: string\n endpoint:\n description: The bucket endpoint address.\n type: string\n ignore:\n description: Ignore overrides the set of excluded patterns in the\n .sourceignore format (which is the same as .gitignore). If not provided,\n a default will be used, consult the documentation for your version\n to f
"yaml_incluster": "4ec58b70c20cd1a91e0df4e5a9c83429927ab34766e1866beed7a7c7c3b2201c"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "apiextensions.k8s.io/v1/customresourcedefinition/gitrepositories.source.toolkit.fluxcd.io",
"schema_version": 1,
"attributes": {
"api_version": "apiextensions.k8s.io/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apiextensions.k8s.io/v1/customresourcedefinitions/gitrepositories.source.toolkit.fluxcd.io",
"ignore_fields": null,
"kind": "CustomResourceDefinition",
"live_manifest_incluster": "ebe9ab24635dab17661e2f41e74bf6f100c9b31f4181530b8146580b6d506d57",
"live_uid": "6780b364-265c-4d4a-ac58-348caeb6bff9",
"name": "gitrepositories.source.toolkit.fluxcd.io",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
"uid": "6780b364-265c-4d4a-ac58-348caeb6bff9",
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: gitrepositories.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: GitRepository\n listKind: GitRepositoryList\n plural: gitrepositories\n shortNames:\n - gitrepo\n singular: gitrepository\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.url\n name: URL\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: GitRepository is the Schema for the gitrepositories API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: GitRepositorySpec defines the desired state of a Git repository.\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n gitImplementation:\n default: go-git\n description: Determines which git client library to use. Defaults\n to go-git, valid values are ('go-git', 'libgit2').\n enum:\n - go-git\n - libgit2\n type: string\n ignore:\n description: Ignore overrides the set of excluded patterns in the\n .sourceignore format
"yaml_body_parsed": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: gitrepositories.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: GitRepository\n listKind: GitRepositoryList\n plural: gitrepositories\n shortNames:\n - gitrepo\n singular: gitrepository\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.url\n name: URL\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: GitRepository is the Schema for the gitrepositories API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: GitRepositorySpec defines the desired state of a Git repository.\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n gitImplementation:\n default: go-git\n description: Determines which git client library to use. Defaults\n to go-git, valid values are ('go-git', 'libgit2').\n enum:\n - go-git\n - libgit2\n type: string\n ignore:\n description: Ignore overrides the set of excluded patterns in the\n .sourceignore
"yaml_incluster": "ebe9ab24635dab17661e2f41e74bf6f100c9b31f4181530b8146580b6d506d57"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "apiextensions.k8s.io/v1/customresourcedefinition/helmcharts.source.toolkit.fluxcd.io",
"schema_version": 1,
"attributes": {
"api_version": "apiextensions.k8s.io/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apiextensions.k8s.io/v1/customresourcedefinitions/helmcharts.source.toolkit.fluxcd.io",
"ignore_fields": null,
"kind": "CustomResourceDefinition",
"live_manifest_incluster": "aad2c1c316d96f34f649fef444b0d0ecbc73ea02b5824b33285968dc05b6b41c",
"live_uid": "d6e363e7-ce9e-46ee-bb10-d61e06d50013",
"name": "helmcharts.source.toolkit.fluxcd.io",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
"uid": "d6e363e7-ce9e-46ee-bb10-d61e06d50013",
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helmcharts.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: HelmChart\n listKind: HelmChartList\n plural: helmcharts\n shortNames:\n - hc\n singular: helmchart\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.chart\n name: Chart\n type: string\n - jsonPath: .spec.version\n name: Version\n type: string\n - jsonPath: .spec.sourceRef.kind\n name: Source Kind\n type: string\n - jsonPath: .spec.sourceRef.name\n name: Source Name\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: HelmChart is the Schema for the helmcharts API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: HelmChartSpec defines the desired state of a Helm chart.\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n chart:\n description: The name or path the Helm chart is available at in the\n SourceRef.\n type: string\n interval:\n description: The interval at which to check the Source for update
"yaml_body_parsed": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helmcharts.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: HelmChart\n listKind: HelmChartList\n plural: helmcharts\n shortNames:\n - hc\n singular: helmchart\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.chart\n name: Chart\n type: string\n - jsonPath: .spec.version\n name: Version\n type: string\n - jsonPath: .spec.sourceRef.kind\n name: Source Kind\n type: string\n - jsonPath: .spec.sourceRef.name\n name: Source Name\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: HelmChart is the Schema for the helmcharts API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: HelmChartSpec defines the desired state of a Helm chart.\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n chart:\n description: The name or path the Helm chart is available at in the\n SourceRef.\n type: string\n interval:\n description: The interval at which to check the Source for
"yaml_incluster": "aad2c1c316d96f34f649fef444b0d0ecbc73ea02b5824b33285968dc05b6b41c"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "apiextensions.k8s.io/v1/customresourcedefinition/helmreleases.helm.toolkit.fluxcd.io",
"schema_version": 1,
"attributes": {
"api_version": "apiextensions.k8s.io/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apiextensions.k8s.io/v1/customresourcedefinitions/helmreleases.helm.toolkit.fluxcd.io",
"ignore_fields": null,
"kind": "CustomResourceDefinition",
"live_manifest_incluster": "d51b7c35b26ed986bcfa84ed08648f99ac676ee90faa8997907a1f02fdf9a93d",
"live_uid": "5233f278-5d43-4eb6-954e-bbe9b860f2bd",
"name": "helmreleases.helm.toolkit.fluxcd.io",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
"uid": "5233f278-5d43-4eb6-954e-bbe9b860f2bd",
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helmreleases.helm.toolkit.fluxcd.io\nspec:\n group: helm.toolkit.fluxcd.io\n names:\n kind: HelmRelease\n listKind: HelmReleaseList\n plural: helmreleases\n shortNames:\n - hr\n singular: helmrelease\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v2beta1\n schema:\n openAPIV3Schema:\n description: HelmRelease is the Schema for the helmreleases API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: HelmReleaseSpec defines the desired state of a Helm release.\n properties:\n chart:\n description: Chart defines the template of the v1beta2.HelmChart that\n should be created for this HelmRelease.\n properties:\n spec:\n description: Spec holds the template for the v1beta2.HelmChartSpec\n for this HelmRelease.\n properties:\n chart:\n description: The name or path the Helm chart is available\n at in the SourceRef.\n type: string\n interval:\n description: Interval at which to check the v1beta2.Source\n for updates. Defaults to 'HelmReleaseSpec.Interval'.\n type: string\n reconcileStrategy:\n default: ChartVersion\n description: Determines what enables the creation of a new\n artifact. Valid values are ('ChartVersion', 'Revision').\n See the documentation of the values for an explanation on\n their behavior. Defaults to ChartVersion when omitted.\n enum:\n - ChartVersion\n - Revision\n type: string\n sourceRef:\n description: The name and namespace of the v1beta2.Source\n the chart is available at.\n properties:\n apiVersion:\n description: APIVersion of the referent.\n type: string\n kind:\n description: Kind of the referent.\n enum:\n - HelmRepository\n - GitRepository\n - Bucket\n type: string\n
"yaml_body_parsed": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helmreleases.helm.toolkit.fluxcd.io\nspec:\n group: helm.toolkit.fluxcd.io\n names:\n kind: HelmRelease\n listKind: HelmReleaseList\n plural: helmreleases\n shortNames:\n - hr\n singular: helmrelease\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v2beta1\n schema:\n openAPIV3Schema:\n description: HelmRelease is the Schema for the helmreleases API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: HelmReleaseSpec defines the desired state of a Helm release.\n properties:\n chart:\n description: Chart defines the template of the v1beta2.HelmChart that\n should be created for this HelmRelease.\n properties:\n spec:\n description: Spec holds the template for the v1beta2.HelmChartSpec\n for this HelmRelease.\n properties:\n chart:\n description: The name or path the Helm chart is available\n at in the SourceRef.\n type: string\n interval:\n description: Interval at which to check the v1beta2.Source\n for updates. Defaults to 'HelmReleaseSpec.Interval'.\n type: string\n reconcileStrategy:\n default: ChartVersion\n description: Determines what enables the creation of a new\n artifact. Valid values are ('ChartVersion', 'Revision').\n See the documentation of the values for an explanation on\n their behavior. Defaults to ChartVersion when omitted.\n enum:\n - ChartVersion\n - Revision\n type: string\n sourceRef:\n description: The name and namespace of the v1beta2.Source\n the chart is available at.\n properties:\n apiVersion:\n description: APIVersion of the referent.\n type: string\n kind:\n description: Kind of the referent.\n enum:\n - HelmRepository\n - GitRepository\n - Bucket\n type: string\n
"yaml_incluster": "d51b7c35b26ed986bcfa84ed08648f99ac676ee90faa8997907a1f02fdf9a93d"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "apiextensions.k8s.io/v1/customresourcedefinition/helmrepositories.source.toolkit.fluxcd.io",
"schema_version": 1,
"attributes": {
"api_version": "apiextensions.k8s.io/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apiextensions.k8s.io/v1/customresourcedefinitions/helmrepositories.source.toolkit.fluxcd.io",
"ignore_fields": null,
"kind": "CustomResourceDefinition",
"live_manifest_incluster": "6c2509f56e57891949c7bae5eceb2744c992cd14ec3f53aba64e28d0b0a683f4",
"live_uid": "519ecd1b-df1b-4395-8827-2bb94900c071",
"name": "helmrepositories.source.toolkit.fluxcd.io",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
"uid": "519ecd1b-df1b-4395-8827-2bb94900c071",
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helmrepositories.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: HelmRepository\n listKind: HelmRepositoryList\n plural: helmrepositories\n shortNames:\n - helmrepo\n singular: helmrepository\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.url\n name: URL\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: HelmRepository is the Schema for the helmrepositories API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: HelmRepositorySpec defines the reference to a Helm repository.\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n interval:\n description: The interval at which to check the upstream for updates.\n type: string\n passCredentials:\n description: PassCredentials allows the credentials from the SecretRef\n to be passed on to a host that does not match the host as defined\n in URL. This may be required if the host of the advertised chart\n URLs in the inde
"yaml_body_parsed": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helmrepositories.source.toolkit.fluxcd.io\nspec:\n group: source.toolkit.fluxcd.io\n names:\n kind: HelmRepository\n listKind: HelmRepositoryList\n plural: helmrepositories\n shortNames:\n - helmrepo\n singular: helmrepository\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .spec.url\n name: URL\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: HelmRepository is the Schema for the helmrepositories API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: HelmRepositorySpec defines the reference to a Helm repository.\n properties:\n accessFrom:\n description: AccessFrom defines an Access Control List for allowing\n cross-namespace references to this object.\n properties:\n namespaceSelectors:\n description: NamespaceSelectors is the list of namespace selectors\n to which this ACL applies. Items in this list are evaluated\n using a logical OR operation.\n items:\n description: NamespaceSelector selects the namespaces to which\n this ACL applies. An empty map of MatchLabels matches all\n namespaces in a cluster.\n properties:\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs.\n A single {key,value} in the matchLabels map is equivalent\n to an element of matchExpressions, whose key field is\n \"key\", the operator is \"In\", and the values array contains\n only \"value\". The requirements are ANDed.\n type: object\n type: object\n type: array\n required:\n - namespaceSelectors\n type: object\n interval:\n description: The interval at which to check the upstream for updates.\n type: string\n passCredentials:\n description: PassCredentials allows the credentials from the SecretRef\n to be passed on to a host that does not match the host as defined\n in URL. This may be required if the host of the advertised chart\n URLs in t
"yaml_incluster": "6c2509f56e57891949c7bae5eceb2744c992cd14ec3f53aba64e28d0b0a683f4"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "apiextensions.k8s.io/v1/customresourcedefinition/kustomizations.kustomize.toolkit.fluxcd.io",
"schema_version": 1,
"attributes": {
"api_version": "apiextensions.k8s.io/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apiextensions.k8s.io/v1/customresourcedefinitions/kustomizations.kustomize.toolkit.fluxcd.io",
"ignore_fields": null,
"kind": "CustomResourceDefinition",
"live_manifest_incluster": "fd7e8602f5c8f9c751fc481764ee8c7fbe00c1e39e611464521002e45fb44580",
"live_uid": "09c02430-bd93-4995-8816-220b03cd8a43",
"name": "kustomizations.kustomize.toolkit.fluxcd.io",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
"uid": "09c02430-bd93-4995-8816-220b03cd8a43",
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: kustomizations.kustomize.toolkit.fluxcd.io\nspec:\n group: kustomize.toolkit.fluxcd.io\n names:\n kind: Kustomization\n listKind: KustomizationList\n plural: kustomizations\n shortNames:\n - ks\n singular: kustomization\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Kustomization is the Schema for the kustomizations API.\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: KustomizationSpec defines the desired state of a kustomization.\n properties:\n decryption:\n description: Decrypt Kubernetes secrets before applying them on the\n cluster.\n properties:\n provider:\n description: Provider is the name of the decryption engine.\n enum:\n - sops\n type: string\n secretRef:\n description: The secret name containing the private OpenPGP keys\n used for decryption.\n properties:\n name:\n description: Name of the referent.\n type: string\n required:\n - name\n type: object\n required:\n - provider\n type: object\n dependsOn:\n description: DependsOn may contain a meta.NamespacedObjectReference\n slice with references to Kustomization resources that must be ready\n before this Kustomization can be reconciled.\n items:\n description: NamespacedObjectReference contains enough information\n to locate the referenced Kubernetes resource object in any namespace.\n properties:\n name:\n description: Name of the referent.\n type: string\n namespace:\n description: Namespace of the referent, when not specified it\n acts as LocalObjectReference.\n type: string\n required:\n - name\n type: object\n type: array\n force:\n default: false\n description: Force instructs the controller to recreate resources\n when patching fails due to an immutable field change.\n type:
"yaml_body_parsed": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: kustomizations.kustomize.toolkit.fluxcd.io\nspec:\n group: kustomize.toolkit.fluxcd.io\n names:\n kind: Kustomization\n listKind: KustomizationList\n plural: kustomizations\n shortNames:\n - ks\n singular: kustomization\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Kustomization is the Schema for the kustomizations API.\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: KustomizationSpec defines the desired state of a kustomization.\n properties:\n decryption:\n description: Decrypt Kubernetes secrets before applying them on the\n cluster.\n properties:\n provider:\n description: Provider is the name of the decryption engine.\n enum:\n - sops\n type: string\n secretRef:\n description: The secret name containing the private OpenPGP keys\n used for decryption.\n properties:\n name:\n description: Name of the referent.\n type: string\n required:\n - name\n type: object\n required:\n - provider\n type: object\n dependsOn:\n description: DependsOn may contain a meta.NamespacedObjectReference\n slice with references to Kustomization resources that must be ready\n before this Kustomization can be reconciled.\n items:\n description: NamespacedObjectReference contains enough information\n to locate the referenced Kubernetes resource object in any namespace.\n properties:\n name:\n description: Name of the referent.\n type: string\n namespace:\n description: Namespace of the referent, when not specified it\n acts as LocalObjectReference.\n type: string\n required:\n - name\n type: object\n type: array\n force:\n default: false\n description: Force instructs the controller to recreate resources\n when patching fails due to an immutable field change.\n
"yaml_incluster": "fd7e8602f5c8f9c751fc481764ee8c7fbe00c1e39e611464521002e45fb44580"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "apiextensions.k8s.io/v1/customresourcedefinition/providers.notification.toolkit.fluxcd.io",
"schema_version": 1,
"attributes": {
"api_version": "apiextensions.k8s.io/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apiextensions.k8s.io/v1/customresourcedefinitions/providers.notification.toolkit.fluxcd.io",
"ignore_fields": null,
"kind": "CustomResourceDefinition",
"live_manifest_incluster": "faeef9c1996db75461977384cdc5289aeecc9c3b200860f9aeaad7144e0a6d85",
"live_uid": "398ef839-005c-4b63-a0e1-4cf8c27ed8e4",
"name": "providers.notification.toolkit.fluxcd.io",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
"uid": "398ef839-005c-4b63-a0e1-4cf8c27ed8e4",
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: providers.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Provider\n listKind: ProviderList\n plural: providers\n singular: provider\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Provider is the Schema for the providers API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: ProviderSpec defines the desired state of Provider\n properties:\n address:\n description: HTTP/S webhook address of this provider\n pattern: ^(http|https)://\n type: string\n certSecretRef:\n description: CertSecretRef can be given the name of a secret containing\n a PEM-encoded CA certificate (`caFile`)\n properties:\n name:\n description: Name of the referent.\n type: string\n required:\n - name\n type: object\n channel:\n description: Alert channel for this provider\n type: string\n proxy:\n description: HTTP/S address of the proxy\n pattern: ^(http|https)://\n type: string\n secretRef:\n description: Secret reference containing the provider webhook URL\n using \"address\" as data key\n properties:\n name:\n description: Name of the referent.\n type: string\n required:\n - name\n type: object\n suspend:\n description: This flag tells the controller to suspend subsequent\n events handling. Defaults to false.\n type: boolean\n type:\n description: Type of provider\n enum:\n - slack\n - discord\n - msteams\n - rocket\n - generic\n - github\n - gitlab\n - bitbucket\n - azuredevops\n - googlechat\n - webex\n - sentry\n - azureeventhub\n - telegram\n - lark\n - matrix\n - opsgenie\n - alertmanager\n - grafana\n type: string\n username:\n descri
"yaml_body_parsed": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: providers.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Provider\n listKind: ProviderList\n plural: providers\n singular: provider\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Provider is the Schema for the providers API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: ProviderSpec defines the desired state of Provider\n properties:\n address:\n description: HTTP/S webhook address of this provider\n pattern: ^(http|https)://\n type: string\n certSecretRef:\n description: CertSecretRef can be given the name of a secret containing\n a PEM-encoded CA certificate (`caFile`)\n properties:\n name:\n description: Name of the referent.\n type: string\n required:\n - name\n type: object\n channel:\n description: Alert channel for this provider\n type: string\n proxy:\n description: HTTP/S address of the proxy\n pattern: ^(http|https)://\n type: string\n secretRef:\n description: Secret reference containing the provider webhook URL\n using \"address\" as data key\n properties:\n name:\n description: Name of the referent.\n type: string\n required:\n - name\n type: object\n suspend:\n description: This flag tells the controller to suspend subsequent\n events handling. Defaults to false.\n type: boolean\n type:\n description: Type of provider\n enum:\n - slack\n - discord\n - msteams\n - rocket\n - generic\n - github\n - gitlab\n - bitbucket\n - azuredevops\n - googlechat\n - webex\n - sentry\n - azureeventhub\n - telegram\n - lark\n - matrix\n - opsgenie\n - alertmanager\n - grafana\n type: string\n username:\n
"yaml_incluster": "faeef9c1996db75461977384cdc5289aeecc9c3b200860f9aeaad7144e0a6d85"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "apiextensions.k8s.io/v1/customresourcedefinition/receivers.notification.toolkit.fluxcd.io",
"schema_version": 1,
"attributes": {
"api_version": "apiextensions.k8s.io/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apiextensions.k8s.io/v1/customresourcedefinitions/receivers.notification.toolkit.fluxcd.io",
"ignore_fields": null,
"kind": "CustomResourceDefinition",
"live_manifest_incluster": "a5c61c680526fbad949575b286791b8f9e17af94bead5575a34e08e55754d743",
"live_uid": "078824fd-21f8-4a80-bc34-ba5f397352a6",
"name": "receivers.notification.toolkit.fluxcd.io",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
"uid": "078824fd-21f8-4a80-bc34-ba5f397352a6",
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: receivers.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Receiver\n listKind: ReceiverList\n plural: receivers\n singular: receiver\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Receiver is the Schema for the receivers API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: ReceiverSpec defines the desired state of Receiver\n properties:\n events:\n description: A list of events to handle, e.g. 'push' for GitHub or\n 'Push Hook' for GitLab.\n items:\n type: string\n type: array\n resources:\n description: A list of resources to be notified about changes.\n items:\n description: CrossNamespaceObjectReference contains enough information\n to let you locate the typed referenced object at cluster level\n properties:\n apiVersion:\n description: API version of the referent\n type: string\n kind:\n description: Kind of the referent\n enum:\n - Bucket\n - GitRepository\n - Kustomization\n - HelmRelease\n - HelmChart\n - HelmRepository\n - ImageRepository\n - ImagePolicy\n - ImageUpdateAutomation\n type: string\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs. A single\n {key,value} in the matchLabels map is equivalent to an element\n of matchExpressions, whose key field is \"key\", the operator\n is \"In\", and the values array contains only \"value\". The requirements\n are ANDed.\n type: object\n name:\n description: Name of the referent\n maxLength: 53\n minLength: 1\n type: string\n namespace:\n description: Namespace of the referent\n maxLength: 53\n minLength:
"yaml_body_parsed": "apiVersion: apiextensions.k8s.io/v1\nkind: CustomResourceDefinition\nmetadata:\n annotations:\n controller-gen.kubebuilder.io/version: v0.7.0\n creationTimestamp: null\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: receivers.notification.toolkit.fluxcd.io\nspec:\n group: notification.toolkit.fluxcd.io\n names:\n kind: Receiver\n listKind: ReceiverList\n plural: receivers\n singular: receiver\n scope: Namespaced\n versions:\n - additionalPrinterColumns:\n - jsonPath: .metadata.creationTimestamp\n name: Age\n type: date\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].status\n name: Ready\n type: string\n - jsonPath: .status.conditions[?(@.type==\"Ready\")].message\n name: Status\n type: string\n name: v1beta1\n schema:\n openAPIV3Schema:\n description: Receiver is the Schema for the receivers API\n properties:\n apiVersion:\n description: 'APIVersion defines the versioned schema of this representation\n of an object. Servers should convert recognized schemas to the latest\n internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'\n type: string\n kind:\n description: 'Kind is a string value representing the REST resource this\n object represents. Servers may infer this from the endpoint the client\n submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'\n type: string\n metadata:\n type: object\n spec:\n description: ReceiverSpec defines the desired state of Receiver\n properties:\n events:\n description: A list of events to handle, e.g. 'push' for GitHub or\n 'Push Hook' for GitLab.\n items:\n type: string\n type: array\n resources:\n description: A list of resources to be notified about changes.\n items:\n description: CrossNamespaceObjectReference contains enough information\n to let you locate the typed referenced object at cluster level\n properties:\n apiVersion:\n description: API version of the referent\n type: string\n kind:\n description: Kind of the referent\n enum:\n - Bucket\n - GitRepository\n - Kustomization\n - HelmRelease\n - HelmChart\n - HelmRepository\n - ImageRepository\n - ImagePolicy\n - ImageUpdateAutomation\n type: string\n matchLabels:\n additionalProperties:\n type: string\n description: MatchLabels is a map of {key,value} pairs. A single\n {key,value} in the matchLabels map is equivalent to an element\n of matchExpressions, whose key field is \"key\", the operator\n is \"In\", and the values array contains only \"value\". The requirements\n are ANDed.\n type: object\n name:\n description: Name of the referent\n maxLength: 53\n minLength: 1\n type: string\n namespace:\n description: Namespace of the referent\n maxLength: 53\n min
"yaml_incluster": "a5c61c680526fbad949575b286791b8f9e17af94bead5575a34e08e55754d743"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "apps/v1/deployment/flux-system/helm-controller",
"schema_version": 1,
"attributes": {
"api_version": "apps/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apps/v1/namespaces/flux-system/deployments/helm-controller",
"ignore_fields": null,
"kind": "Deployment",
"live_manifest_incluster": "e4a3b3bfd6bd6ffd2658edf4addbe86e4de9eb9ed18ac572badad9ac837f4824",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "595c94bd-2897-4105-a6eb-f7f3d28aef31",
Add flux
2022-05-08 17:02:47 +02:00
"name": "helm-controller",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "595c94bd-2897-4105-a6eb-f7f3d28aef31",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: helm-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: helm-controller\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: helm-controller\n spec:\n containers:\n - args:\n - --events-addr=http://notification-controller.flux-system.svc.cluster.local./\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/helm-controller:v0.21.0\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readyz\n port: healthz\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 100m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /tmp\n name: temp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: helm-controller\n terminationGracePeriodSeconds: 600\n volumes:\n - emptyDir: {}\n name: temp",
"yaml_body_parsed": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: helm-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: helm-controller\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: helm-controller\n spec:\n containers:\n - args:\n - --events-addr=http://notification-controller.flux-system.svc.cluster.local./\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/helm-controller:v0.21.0\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readyz\n port: healthz\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 100m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /tmp\n name: temp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: helm-controller\n terminationGracePeriodSeconds: 600\n volumes:\n - emptyDir: {}\n name: temp\n",
"yaml_incluster": "e4a3b3bfd6bd6ffd2658edf4addbe86e4de9eb9ed18ac572badad9ac837f4824"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "apps/v1/deployment/flux-system/kustomize-controller",
"schema_version": 1,
"attributes": {
"api_version": "apps/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apps/v1/namespaces/flux-system/deployments/kustomize-controller",
"ignore_fields": null,
"kind": "Deployment",
"live_manifest_incluster": "2826c2c4389823e3aaf89d714a101f295d74b565e99bd2a4d7436ce727817cea",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "7ea37437-55b7-4168-883a-1754bbeccd07",
Add flux
2022-05-08 17:02:47 +02:00
"name": "kustomize-controller",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "7ea37437-55b7-4168-883a-1754bbeccd07",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: kustomize-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: kustomize-controller\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: kustomize-controller\n spec:\n containers:\n - args:\n - --events-addr=http://notification-controller.flux-system.svc.cluster.local./\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/kustomize-controller:v0.25.0\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readyz\n port: healthz\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 100m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /tmp\n name: temp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: kustomize-controller\n terminationGracePeriodSeconds: 60\n volumes:\n - emptyDir: {}\n name: temp",
"yaml_body_parsed": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: kustomize-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: kustomize-controller\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: kustomize-controller\n spec:\n containers:\n - args:\n - --events-addr=http://notification-controller.flux-system.svc.cluster.local./\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/kustomize-controller:v0.25.0\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readyz\n port: healthz\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 100m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /tmp\n name: temp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: kustomize-controller\n terminationGracePeriodSeconds: 60\n volumes:\n - emptyDir: {}\n name: temp\n",
"yaml_incluster": "2826c2c4389823e3aaf89d714a101f295d74b565e99bd2a4d7436ce727817cea"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "apps/v1/deployment/flux-system/notification-controller",
"schema_version": 1,
"attributes": {
"api_version": "apps/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apps/v1/namespaces/flux-system/deployments/notification-controller",
"ignore_fields": null,
"kind": "Deployment",
"live_manifest_incluster": "6540cfaf3a1ae420ceb422d5fe5768c84e0297aae12d61c0204ad49d6c7f24c5",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "240b64d6-e55b-4e86-bdb7-cfd022661d13",
Add flux
2022-05-08 17:02:47 +02:00
"name": "notification-controller",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "240b64d6-e55b-4e86-bdb7-cfd022661d13",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: notification-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: notification-controller\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: notification-controller\n spec:\n containers:\n - args:\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/notification-controller:v0.23.5\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 9090\n name: http\n protocol: TCP\n - containerPort: 9292\n name: http-webhook\n protocol: TCP\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readyz\n port: healthz\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 100m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /tmp\n name: temp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: notification-controller\n terminationGracePeriodSeconds: 10\n volumes:\n - emptyDir: {}\n name: temp",
"yaml_body_parsed": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: notification-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: notification-controller\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: notification-controller\n spec:\n containers:\n - args:\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/notification-controller:v0.23.5\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 9090\n name: http\n protocol: TCP\n - containerPort: 9292\n name: http-webhook\n protocol: TCP\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /readyz\n port: healthz\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 100m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /tmp\n name: temp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: notification-controller\n terminationGracePeriodSeconds: 10\n volumes:\n - emptyDir: {}\n name: temp\n",
"yaml_incluster": "6540cfaf3a1ae420ceb422d5fe5768c84e0297aae12d61c0204ad49d6c7f24c5"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "apps/v1/deployment/flux-system/source-controller",
"schema_version": 1,
"attributes": {
"api_version": "apps/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/apps/v1/namespaces/flux-system/deployments/source-controller",
"ignore_fields": null,
"kind": "Deployment",
"live_manifest_incluster": "e1aba2209a36f10008a7a3ad79fcfbe50d58900fcb41060ab652fcf6364d6b7f",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "f06006e9-a0d5-492b-bedc-76bd68b508e6",
Add flux
2022-05-08 17:02:47 +02:00
"name": "source-controller",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "f06006e9-a0d5-492b-bedc-76bd68b508e6",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: source-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: source-controller\n strategy:\n type: Recreate\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: source-controller\n spec:\n containers:\n - args:\n - --events-addr=http://notification-controller.flux-system.svc.cluster.local./\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n - --storage-path=/data\n - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local.\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/source-controller:v0.24.4\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 9090\n name: http\n protocol: TCP\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /\n port: http\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 50m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /data\n name: data\n - mountPath: /tmp\n name: tmp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: source-controller\n terminationGracePeriodSeconds: 10\n volumes:\n - emptyDir: {}\n name: data\n - emptyDir: {}\n name: tmp",
"yaml_body_parsed": "apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: source-controller\n namespace: flux-system\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: source-controller\n strategy:\n type: Recreate\n template:\n metadata:\n annotations:\n prometheus.io/port: \"8080\"\n prometheus.io/scrape: \"true\"\n labels:\n app: source-controller\n spec:\n containers:\n - args:\n - --events-addr=http://notification-controller.flux-system.svc.cluster.local./\n - --watch-all-namespaces=true\n - --log-level=info\n - --log-encoding=json\n - --enable-leader-election\n - --storage-path=/data\n - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local.\n env:\n - name: RUNTIME_NAMESPACE\n valueFrom:\n fieldRef:\n fieldPath: metadata.namespace\n image: ghcr.io/fluxcd/source-controller:v0.24.4\n imagePullPolicy: IfNotPresent\n livenessProbe:\n httpGet:\n path: /healthz\n port: healthz\n name: manager\n ports:\n - containerPort: 9090\n name: http\n protocol: TCP\n - containerPort: 8080\n name: http-prom\n protocol: TCP\n - containerPort: 9440\n name: healthz\n protocol: TCP\n readinessProbe:\n httpGet:\n path: /\n port: http\n resources:\n limits:\n cpu: 1000m\n memory: 1Gi\n requests:\n cpu: 50m\n memory: 64Mi\n securityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n readOnlyRootFilesystem: true\n runAsNonRoot: true\n seccompProfile:\n type: RuntimeDefault\n volumeMounts:\n - mountPath: /data\n name: data\n - mountPath: /tmp\n name: tmp\n nodeSelector:\n kubernetes.io/os: linux\n securityContext:\n fsGroup: 1337\n serviceAccountName: source-controller\n terminationGracePeriodSeconds: 10\n volumes:\n - emptyDir: {}\n name: data\n - emptyDir: {}\n name: tmp\n",
"yaml_incluster": "e1aba2209a36f10008a7a3ad79fcfbe50d58900fcb41060ab652fcf6364d6b7f"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "rbac.authorization.k8s.io/v1/clusterrole/crd-controller-flux-system",
"schema_version": 1,
"attributes": {
"api_version": "rbac.authorization.k8s.io/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/rbac.authorization.k8s.io/v1/clusterroles/crd-controller-flux-system",
"ignore_fields": null,
"kind": "ClusterRole",
"live_manifest_incluster": "64b8d95fdeb8cce691e46833d902ac7fa67f9f19c375337869ae6f31be108d3f",
"live_uid": "9553a86a-f030-42ef-b755-d565579553ea",
"name": "crd-controller-flux-system",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
"uid": "9553a86a-f030-42ef-b755-d565579553ea",
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRole\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: crd-controller-flux-system\nrules:\n- apiGroups:\n - source.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - kustomize.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - helm.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - notification.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - image.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - \"\"\n resources:\n - namespaces\n - secrets\n - configmaps\n - serviceaccounts\n verbs:\n - get\n - list\n - watch\n- apiGroups:\n - \"\"\n resources:\n - events\n verbs:\n - create\n - patch\n- apiGroups:\n - \"\"\n resources:\n - configmaps\n verbs:\n - get\n - list\n - watch\n - create\n - update\n - patch\n - delete\n- apiGroups:\n - \"\"\n resources:\n - configmaps/status\n verbs:\n - get\n - update\n - patch\n- apiGroups:\n - coordination.k8s.io\n resources:\n - leases\n verbs:\n - get\n - list\n - watch\n - create\n - update\n - patch\n - delete",
"yaml_body_parsed": "apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRole\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: crd-controller-flux-system\nrules:\n- apiGroups:\n - source.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - kustomize.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - helm.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - notification.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - image.toolkit.fluxcd.io\n resources:\n - '*'\n verbs:\n - '*'\n- apiGroups:\n - \"\"\n resources:\n - namespaces\n - secrets\n - configmaps\n - serviceaccounts\n verbs:\n - get\n - list\n - watch\n- apiGroups:\n - \"\"\n resources:\n - events\n verbs:\n - create\n - patch\n- apiGroups:\n - \"\"\n resources:\n - configmaps\n verbs:\n - get\n - list\n - watch\n - create\n - update\n - patch\n - delete\n- apiGroups:\n - \"\"\n resources:\n - configmaps/status\n verbs:\n - get\n - update\n - patch\n- apiGroups:\n - coordination.k8s.io\n resources:\n - leases\n verbs:\n - get\n - list\n - watch\n - create\n - update\n - patch\n - delete\n",
"yaml_incluster": "64b8d95fdeb8cce691e46833d902ac7fa67f9f19c375337869ae6f31be108d3f"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "rbac.authorization.k8s.io/v1/clusterrolebinding/cluster-reconciler-flux-system",
"schema_version": 1,
"attributes": {
"api_version": "rbac.authorization.k8s.io/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/rbac.authorization.k8s.io/v1/clusterrolebindings/cluster-reconciler-flux-system",
"ignore_fields": null,
"kind": "ClusterRoleBinding",
"live_manifest_incluster": "fa44b2d7b1a5e317ad48f668736b5159d880a294ce7d2ca22c2925e3b91234b4",
"live_uid": "c35a1397-1075-462f-bb1d-04aac5cead05",
"name": "cluster-reconciler-flux-system",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
"uid": "c35a1397-1075-462f-bb1d-04aac5cead05",
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: cluster-reconciler-flux-system\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: cluster-admin\nsubjects:\n- kind: ServiceAccount\n name: kustomize-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: helm-controller\n namespace: flux-system",
"yaml_body_parsed": "apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: cluster-reconciler-flux-system\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: cluster-admin\nsubjects:\n- kind: ServiceAccount\n name: kustomize-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: helm-controller\n namespace: flux-system\n",
"yaml_incluster": "fa44b2d7b1a5e317ad48f668736b5159d880a294ce7d2ca22c2925e3b91234b4"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "rbac.authorization.k8s.io/v1/clusterrolebinding/crd-controller-flux-system",
"schema_version": 1,
"attributes": {
"api_version": "rbac.authorization.k8s.io/v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/rbac.authorization.k8s.io/v1/clusterrolebindings/crd-controller-flux-system",
"ignore_fields": null,
"kind": "ClusterRoleBinding",
"live_manifest_incluster": "6b8c8c6696023b30737eaa9f108706734b7dfc05b2b67ecad04648aac622acd2",
"live_uid": "8b42a696-6eae-4c09-a3b7-7cc14b8aea13",
"name": "crd-controller-flux-system",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
"uid": "8b42a696-6eae-4c09-a3b7-7cc14b8aea13",
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: crd-controller-flux-system\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: crd-controller-flux-system\nsubjects:\n- kind: ServiceAccount\n name: kustomize-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: helm-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: source-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: notification-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: image-reflector-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: image-automation-controller\n namespace: flux-system",
"yaml_body_parsed": "apiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRoleBinding\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: crd-controller-flux-system\nroleRef:\n apiGroup: rbac.authorization.k8s.io\n kind: ClusterRole\n name: crd-controller-flux-system\nsubjects:\n- kind: ServiceAccount\n name: kustomize-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: helm-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: source-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: notification-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: image-reflector-controller\n namespace: flux-system\n- kind: ServiceAccount\n name: image-automation-controller\n namespace: flux-system\n",
"yaml_incluster": "6b8c8c6696023b30737eaa9f108706734b7dfc05b2b67ecad04648aac622acd2"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "v1/namespace/flux-system",
"schema_version": 1,
"attributes": {
"api_version": "v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/api/v1/namespaces/flux-system",
"ignore_fields": null,
"kind": "Namespace",
"live_manifest_incluster": "36cd74a4c6ef912d14993e6713511346b84b91b559cdcaefa1987bc9820c3340",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "0e244da8-b9b0-4053-bf00-7bedb468e182",
Add flux
2022-05-08 17:02:47 +02:00
"name": "flux-system",
"namespace": null,
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "0e244da8-b9b0-4053-bf00-7bedb468e182",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "---\n# This manifest was generated by flux. DO NOT EDIT.\n# Flux Version: latest\n# Components: source-controller,kustomize-controller,helm-controller,notification-controller\napiVersion: v1\nkind: Namespace\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n pod-security.kubernetes.io/warn: restricted\n pod-security.kubernetes.io/warn-version: latest\n name: flux-system",
"yaml_body_parsed": "apiVersion: v1\nkind: Namespace\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n pod-security.kubernetes.io/warn: restricted\n pod-security.kubernetes.io/warn-version: latest\n name: flux-system\n",
"yaml_incluster": "36cd74a4c6ef912d14993e6713511346b84b91b559cdcaefa1987bc9820c3340"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "v1/service/flux-system/notification-controller",
"schema_version": 1,
"attributes": {
"api_version": "v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/api/v1/namespaces/flux-system/services/notification-controller",
"ignore_fields": null,
"kind": "Service",
"live_manifest_incluster": "2bed8e777b97150ef0f8eb7ce6e224b6d4518449b38f9f1dd1f799f187211e33",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "2977a59e-2fd1-4f92-a998-1d95f4a2d1ea",
Add flux
2022-05-08 17:02:47 +02:00
"name": "notification-controller",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "2977a59e-2fd1-4f92-a998-1d95f4a2d1ea",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: notification-controller\n namespace: flux-system\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: http\n selector:\n app: notification-controller\n type: ClusterIP",
"yaml_body_parsed": "apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: notification-controller\n namespace: flux-system\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: http\n selector:\n app: notification-controller\n type: ClusterIP\n",
"yaml_incluster": "2bed8e777b97150ef0f8eb7ce6e224b6d4518449b38f9f1dd1f799f187211e33"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "v1/service/flux-system/source-controller",
"schema_version": 1,
"attributes": {
"api_version": "v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/api/v1/namespaces/flux-system/services/source-controller",
"ignore_fields": null,
"kind": "Service",
"live_manifest_incluster": "d56847b2a9516b2994b8bef69ba399ef8afb109c538adbe59446204688e1eae3",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "72cd6273-2019-4e1f-868a-485931ba1855",
Add flux
2022-05-08 17:02:47 +02:00
"name": "source-controller",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "72cd6273-2019-4e1f-868a-485931ba1855",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: source-controller\n namespace: flux-system\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: http\n selector:\n app: source-controller\n type: ClusterIP",
"yaml_body_parsed": "apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: source-controller\n namespace: flux-system\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: http\n selector:\n app: source-controller\n type: ClusterIP\n",
"yaml_incluster": "d56847b2a9516b2994b8bef69ba399ef8afb109c538adbe59446204688e1eae3"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "v1/service/flux-system/webhook-receiver",
"schema_version": 1,
"attributes": {
"api_version": "v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/api/v1/namespaces/flux-system/services/webhook-receiver",
"ignore_fields": null,
"kind": "Service",
"live_manifest_incluster": "32478dcd63b2b822236c495158f3253df5ba5b88831fbeaa2b1198d7a0b472d7",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "02d74f76-90d5-4da6-90e8-2a51a51d278b",
Add flux
2022-05-08 17:02:47 +02:00
"name": "webhook-receiver",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "02d74f76-90d5-4da6-90e8-2a51a51d278b",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: webhook-receiver\n namespace: flux-system\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: http-webhook\n selector:\n app: notification-controller\n type: ClusterIP",
"yaml_body_parsed": "apiVersion: v1\nkind: Service\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n control-plane: controller\n name: webhook-receiver\n namespace: flux-system\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: http-webhook\n selector:\n app: notification-controller\n type: ClusterIP\n",
"yaml_incluster": "32478dcd63b2b822236c495158f3253df5ba5b88831fbeaa2b1198d7a0b472d7"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "v1/serviceaccount/flux-system/helm-controller",
"schema_version": 1,
"attributes": {
"api_version": "v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/api/v1/namespaces/flux-system/serviceaccounts/helm-controller",
"ignore_fields": null,
"kind": "ServiceAccount",
"live_manifest_incluster": "b2aad3f57dca6ad5856d63af0e01b5be04fd424032893aceb9b21bbc92c347a5",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "aa9711e9-e81e-439e-a807-abb2e2ab7cfe",
Add flux
2022-05-08 17:02:47 +02:00
"name": "helm-controller",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "aa9711e9-e81e-439e-a807-abb2e2ab7cfe",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helm-controller\n namespace: flux-system",
"yaml_body_parsed": "apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: helm-controller\n namespace: flux-system\n",
"yaml_incluster": "b2aad3f57dca6ad5856d63af0e01b5be04fd424032893aceb9b21bbc92c347a5"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "v1/serviceaccount/flux-system/kustomize-controller",
"schema_version": 1,
"attributes": {
"api_version": "v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/api/v1/namespaces/flux-system/serviceaccounts/kustomize-controller",
"ignore_fields": null,
"kind": "ServiceAccount",
"live_manifest_incluster": "8a14f17da2d09e6c888837953b3962a88d06f405df66028ff154a94d4dfa0d09",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "c73c43a2-52f9-42df-bf2b-897016848dda",
Add flux
2022-05-08 17:02:47 +02:00
"name": "kustomize-controller",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "c73c43a2-52f9-42df-bf2b-897016848dda",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: kustomize-controller\n namespace: flux-system",
"yaml_body_parsed": "apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: kustomize-controller\n namespace: flux-system\n",
"yaml_incluster": "8a14f17da2d09e6c888837953b3962a88d06f405df66028ff154a94d4dfa0d09"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "v1/serviceaccount/flux-system/notification-controller",
"schema_version": 1,
"attributes": {
"api_version": "v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/api/v1/namespaces/flux-system/serviceaccounts/notification-controller",
"ignore_fields": null,
"kind": "ServiceAccount",
"live_manifest_incluster": "846badceb5abc1172a04ac98661eded224067c4084bf88be0eb70075af5a53d1",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "743f674e-2fa2-48d1-ae58-36a2354b44ba",
Add flux
2022-05-08 17:02:47 +02:00
"name": "notification-controller",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "743f674e-2fa2-48d1-ae58-36a2354b44ba",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: notification-controller\n namespace: flux-system",
"yaml_body_parsed": "apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: notification-controller\n namespace: flux-system\n",
"yaml_incluster": "846badceb5abc1172a04ac98661eded224067c4084bf88be0eb70075af5a53d1"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "v1/serviceaccount/flux-system/source-controller",
"schema_version": 1,
"attributes": {
"api_version": "v1",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/api/v1/namespaces/flux-system/serviceaccounts/source-controller",
"ignore_fields": null,
"kind": "ServiceAccount",
"live_manifest_incluster": "1d5862fdb063737cfa82134235c3dec3144c1c11ac78041a3c187751b6c2ed76",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "2e6d3b1e-37e0-4d53-83a4-65721bef5cbb",
Add flux
2022-05-08 17:02:47 +02:00
"name": "source-controller",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "2e6d3b1e-37e0-4d53-83a4-65721bef5cbb",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: source-controller\n namespace: flux-system",
"yaml_body_parsed": "apiVersion: v1\nkind: ServiceAccount\nmetadata:\n labels:\n app.kubernetes.io/instance: flux-system\n app.kubernetes.io/part-of: flux\n app.kubernetes.io/version: latest\n name: source-controller\n namespace: flux-system\n",
"yaml_incluster": "1d5862fdb063737cfa82134235c3dec3144c1c11ac78041a3c187751b6c2ed76"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_install.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubernetes_namespace.flux_system"
]
}
]
},
{
"module": "module.flux",
"mode": "managed",
"type": "kubectl_manifest",
"name": "sync",
"provider": "module.flux.provider[\"registry.terraform.io/gavinbunney/kubectl\"]",
"instances": [
{
"index_key": "kustomize.toolkit.fluxcd.io/v1beta2/kustomization/flux-system/flux-system",
"schema_version": 1,
"attributes": {
"api_version": "kustomize.toolkit.fluxcd.io/v1beta2",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/kustomize.toolkit.fluxcd.io/v1beta2/namespaces/flux-system/kustomizations/flux-system",
"ignore_fields": null,
"kind": "Kustomization",
"live_manifest_incluster": "76983d95c6d6af709777da0d4f83096cef10b2b6e625b0116db581080e962f87",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "29dd19f1-dc61-4ad1-97fb-e10e69359515",
Add flux
2022-05-08 17:02:47 +02:00
"name": "flux-system",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "29dd19f1-dc61-4ad1-97fb-e10e69359515",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: kustomize.toolkit.fluxcd.io/v1beta2\nkind: Kustomization\nmetadata:\n name: flux-system\n namespace: flux-system\nspec:\n interval: 10m0s\n path: ./clank\n prune: true\n sourceRef:\n kind: GitRepository\n name: flux-system",
"yaml_body_parsed": "apiVersion: kustomize.toolkit.fluxcd.io/v1beta2\nkind: Kustomization\nmetadata:\n name: flux-system\n namespace: flux-system\nspec:\n interval: 10m0s\n path: ./clank\n prune: true\n sourceRef:\n kind: GitRepository\n name: flux-system\n",
"yaml_incluster": "76983d95c6d6af709777da0d4f83096cef10b2b6e625b0116db581080e962f87"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_sync.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.sync",
"module.flux.kubernetes_namespace.flux_system"
]
},
{
"index_key": "source.toolkit.fluxcd.io/v1beta2/gitrepository/flux-system/flux-system",
"schema_version": 1,
"attributes": {
"api_version": "source.toolkit.fluxcd.io/v1beta2",
"apply_only": false,
"force_conflicts": false,
"force_new": false,
"id": "/apis/source.toolkit.fluxcd.io/v1beta2/namespaces/flux-system/gitrepositorys/flux-system",
"ignore_fields": null,
"kind": "GitRepository",
"live_manifest_incluster": "f159fca85740fe805d8ac4569899db00ab9cd9245350a7a56b689eafc490bedb",
Fix state
2022-05-08 20:27:01 +02:00
"live_uid": "d2fea749-8f58-4ead-be65-bc2be53cb80e",
Add flux
2022-05-08 17:02:47 +02:00
"name": "flux-system",
"namespace": "flux-system",
"override_namespace": null,
"sensitive_fields": null,
"server_side_apply": false,
"timeouts": null,
Fix state
2022-05-08 20:27:01 +02:00
"uid": "d2fea749-8f58-4ead-be65-bc2be53cb80e",
Add flux
2022-05-08 17:02:47 +02:00
"validate_schema": true,
"wait": null,
"wait_for_rollout": true,
"yaml_body": "apiVersion: source.toolkit.fluxcd.io/v1beta2\nkind: GitRepository\nmetadata:\n name: flux-system\n namespace: flux-system\nspec:\n interval: 1m0s\n ref:\n branch: main\n secretRef:\n name: flux-system\n url: ssh://git@git.front.kjuulh.io/clank/kubernetes-state.git",
"yaml_body_parsed": "apiVersion: source.toolkit.fluxcd.io/v1beta2\nkind: GitRepository\nmetadata:\n name: flux-system\n namespace: flux-system\nspec:\n interval: 1m0s\n ref:\n branch: main\n secretRef:\n name: flux-system\n url: ssh://git@git.front.kjuulh.io/clank/kubernetes-state.git\n",
"yaml_incluster": "f159fca85740fe805d8ac4569899db00ab9cd9245350a7a56b689eafc490bedb"
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
Fix state
2022-05-08 20:27:01 +02:00
"module.flux.data.flux_sync.main",
Add flux
2022-05-08 17:02:47 +02:00
"module.flux.data.kubectl_file_documents.sync",
"module.flux.kubernetes_namespace.flux_system"
]
}
]
},
{
"module": "module.flux",
"mode": "managed",
"type": "kubernetes_namespace",
"name": "flux_system",
"provider": "module.flux.provider[\"registry.terraform.io/hashicorp/kubernetes\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
Fix state
2022-05-08 20:27:01 +02:00
"id": "flux-system",
Add flux
2022-05-08 17:02:47 +02:00
"metadata": [
{
Fix state
2022-05-08 20:27:01 +02:00
"annotations": {},
Add flux
2022-05-08 17:02:47 +02:00
"generate_name": "",
"generation": 0,
Fix state
2022-05-08 20:27:01 +02:00
"labels": {
"app.kubernetes.io/instance": "flux-system",
"app.kubernetes.io/part-of": "flux",
"app.kubernetes.io/version": "latest"
},
"name": "flux-system",
"resource_version": "36003",
"uid": "0e244da8-b9b0-4053-bf00-7bedb468e182"
Add flux
2022-05-08 17:02:47 +02:00
}
],
"timeouts": null
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjozMDAwMDAwMDAwMDB9fQ=="
}
]
},
Fix state
2022-05-08 20:27:01 +02:00
{
"module": "module.flux",
"mode": "managed",
"type": "kubernetes_secret",
"name": "main",
"provider": "module.flux.provider[\"registry.terraform.io/hashicorp/kubernetes\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"binary_data": null,
"data": {
"identity": "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\nQyNTUxOQAAACBYZYPLAjLRZhUHfk4yTLmiQTDmdWPIgZTI+dGLgpY/GAAAAJgGvLdRBry3\nUQAAAAtzc2gtZWQyNTUxOQAAACBYZYPLAjLRZhUHfk4yTLmiQTDmdWPIgZTI+dGLgpY/GA\nAAAEBmqJkdSt8H6HIVzV6Na8ukBOj4Bywd970sQVPWAz8Ug1hlg8sCMtFmFQd+TjJMuaJB\nMOZ1Y8iBlMj50YuClj8YAAAAEWNvbnRhY3RAa2p1dWxoLmlvAQIDBA==\n-----END OPENSSH PRIVATE KEY-----\n",
"identity.pub": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFhlg8sCMtFmFQd+TjJMuaJBMOZ1Y8iBlMj50YuClj8Y contact@kjuulh.io\n",
"known_hosts": "git.front.kjuulh.io ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJdO0Tw0e/Fa78g1Xszc4oKaOPbTwl7RTAaGQb0TrV8\ngit.front.kjuulh.io ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBO61xoa0ON2Y8rpIB6R9PFxg9HUxMym8Z5I4vYUC+/UnzaDx9YUEGo3Vig9wBo6Hc2lAp0BIwH/d5d6uBBEIj/Y=\n"
},
"id": "flux-system/flux-system",
"immutable": false,
"metadata": [
{
"annotations": {},
"generate_name": "",
"generation": 0,
"labels": {},
"name": "flux-system",
"namespace": "flux-system",
"resource_version": "40687",
"uid": "e4b26a74-1433-4a38-a126-63f7dec801f0"
}
],
"type": "Opaque"
},
"sensitive_attributes": [
[
{
"type": "get_attr",
"value": "data"
},
{
"type": "index",
"value": {
"value": "identity",
"type": "string"
}
}
]
],
"private": "bnVsbA==",
"dependencies": [
"module.flux.data.flux_sync.main",
"module.flux.data.kubectl_file_documents.apply",
"module.flux.kubectl_manifest.apply"
]
}
]
},
Add cloudflare
2022-05-08 15:51:41 +02:00
{
"module": "module.kube-hetzner",
"mode": "data",
"type": "github_release",
"name": "hetzner_ccm",
"provider": "provider[\"registry.terraform.io/integrations/github\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"asserts_url": "https://api.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/releases/52762979/assets",
"body": "## Changelog\r\n\r\n1b33f524 Prepare Release v1.21.1\r\n9fa68870 Update hcloud-go to v1.33 (#255)\r\nff044e93 deploy: add missing operator: Exists (#251)\r\n7c9948b6 Bump k8s.io/kubernetes from 1.18.3 to 1.18.19 (#243)\r\n451703ae Testsetup: Unify with CSI Driver test setup suite (#244)\r\n635cf10a Update docs (#240)\r\nf21278cc Health Check: Set healthcheck port to destination port if no port was defined via annotation (#239)\r\n\r\n\r\n## Docker images\r\n\r\n- `docker pull hetznercloud/hcloud-cloud-controller-manager:v1.12.1`\r\n",
"created_at": null,
"draft": false,
"html_url": "https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/tag/v1.12.1",
"id": "52762979",
"name": "v1.12.1",
"owner": "hetznercloud",
"prerelease": false,
"published_at": null,
"release_id": null,
"release_tag": "v1.12.1",
"repository": "hcloud-cloud-controller-manager",
"retrieve_by": "latest",
"tarball_url": "https://api.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/tarball/v1.12.1",
"target_commitish": "master",
"upload_url": "https://uploads.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/releases/52762979/assets{?name,label}",
"url": "https://api.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/releases/52762979",
"zipball_url": "https://api.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/zipball/v1.12.1"
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner",
"mode": "data",
"type": "github_release",
"name": "hetzner_csi",
"provider": "provider[\"registry.terraform.io/integrations/github\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"asserts_url": "https://api.github.com/repos/hetznercloud/csi-driver/releases/48351180/assets",
"body": "## Changelog\n\n2ea4803 Add btrfs support\n7719e45 Add exclude for blockstorage during resize (#211)\n4a69641 Add k8s 1.22 to tests (#225)\nbeb3783 Adjust stale bot to be more userfriendly (#217)\n0de9bd9 CI improvements for speed and fork-friendliness. (#221)\ne07b392 Fix changelog generation\n8cb0bfe Implement Instrumentation from hcloud-go (#227)\nc89c462 Increase default polling interval to 3 seconds. (#230)\n11c9940 Make e2e workflow friendly to running on forks. (#214)\n29893db Migrate Testsuite Setup to be in line with our CCM Testsuite (#219)\n4ad4d69 Prepare release v1.6.0 (#231)\ncf4e7e4 Recognition of root servers (#195)\nc213244 Reduce default log verbosity to info level (#224)\nc74a95b Remove testing for k8s 1.18 as written in our Versioning policy. (#199)\n8d1f531 Run e2e tests in parallel. (#215)\nda859e8 Simplify CSI socket handling (#222)\n6164eaf Update README.md (#196)\n140dad9 Update hcloud-go to v1.29.1 (#218)\nfb90575 Upgrade csi sidecars to latest versions. (#216)\n54f573e Use Go 1.17 (#228)\n5d2ac90 Use Goreleaser to publish changelog (#229)\n\n",
"created_at": null,
"draft": false,
"html_url": "https://github.com/hetznercloud/csi-driver/releases/tag/v1.6.0",
"id": "48351180",
"name": "v1.6.0",
"owner": "hetznercloud",
"prerelease": false,
"published_at": null,
"release_id": null,
"release_tag": "v1.6.0",
"repository": "csi-driver",
"retrieve_by": "latest",
"tarball_url": "https://api.github.com/repos/hetznercloud/csi-driver/tarball/v1.6.0",
"target_commitish": "master",
"upload_url": "https://uploads.github.com/repos/hetznercloud/csi-driver/releases/48351180/assets{?name,label}",
"url": "https://api.github.com/repos/hetznercloud/csi-driver/releases/48351180",
"zipball_url": "https://api.github.com/repos/hetznercloud/csi-driver/zipball/v1.6.0"
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner",
"mode": "data",
"type": "github_release",
"name": "kured",
"provider": "provider[\"registry.terraform.io/integrations/github\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"asserts_url": "https://api.github.com/repos/weaveworks/kured/releases/63019853/assets",
"body": "# Build\r\n- update to alpine@3.15.3 #518\r\n- build(deps): bump helm/chart-testing-action from 2.1.0 to 2.2.0 #493\r\n- build(deps): bump actions/setup-python from 2 to 3 #507\r\n- build(deps): bump helm/chart-testing-action from 2.2.0 to 2.2.1 #512\r\n- build(deps): bump actions/checkout from 2 to 3 #508\r\n\r\n# Dependencies\r\n- build(deps): bump gotest.tools/v3 from 3.0.3 to 3.1.0 #497\r\n- build(deps): bump github.com/prometheus/client_golang to 1.12.1 #502\r\n- build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 #510\r\n- build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 #513\r\n\r\n# Helm chart\r\n- Add ability to define ds annotations in helm chart #494\r\n- Use templating in Slack URL, channel and username #505\r\n\r\n# Documentation\r\n- docs: add sentinel command example for RHEL family #504\r\n\r\n# Kubernetes Version Compatibility\r\n\r\nThe daemon image contains a 1.22.x k8s.io/{client-go,kubectl} for the purposes of maintaining the lock and draining worker nodes. Kubernetes aims to provide forwards \u0026 backwards compatibility of one minor version between client and server, so this should work on 1.21.x, 1.22.x and 1.23.x\r\n\r\nThanks a lot to everyone who contributed to kured since 1.9.1. Commits from @bambriy, @khuedoan, @weseven, @ckotzbauer\r\n",
"created_at": null,
"draft": false,
"html_url": "https://github.com/weaveworks/kured/releases/tag/1.9.2",
"id": "63019853",
"name": "Kured 1.9.2",
"owner": "weaveworks",
"prerelease": false,
"published_at": null,
"release_id": null,
"release_tag": "1.9.2",
"repository": "kured",
"retrieve_by": "latest",
"tarball_url": "https://api.github.com/repos/weaveworks/kured/tarball/1.9.2",
"target_commitish": "main",
"upload_url": "https://uploads.github.com/repos/weaveworks/kured/releases/63019853/assets{?name,label}",
"url": "https://api.github.com/repos/weaveworks/kured/releases/63019853",
"zipball_url": "https://api.github.com/repos/weaveworks/kured/zipball/1.9.2"
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner",
"mode": "data",
"type": "hcloud_load_balancer",
"name": "traefik",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"algorithm": [
{
"type": "round_robin"
}
],
"delete_protection": false,
"id": 712895,
"ipv4": "49.12.19.255",
"ipv6": "2a01:4f8:c011:61::1",
"labels": {
"hcloud-ccm/service-uid": "769636bc-0b55-441f-b847-140a6b144079"
},
"load_balancer_type": "lb11",
"location": "fsn1",
"name": "clank-traefik",
"network_zone": "eu-central",
"service": null,
"target": [
Fix state
2022-05-08 20:27:01 +02:00
{
"label_selector": "",
"server_id": 20289430,
"type": "server"
},
Add cloudflare
2022-05-08 15:51:41 +02:00
{
"label_selector": "",
"server_id": 20285807,
"type": "server"
},
{
"label_selector": "",
"server_id": 20285811,
"type": "server"
},
{
"label_selector": "",
"server_id": 20285809,
"type": "server"
}
],
"with_selector": null
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner",
"mode": "data",
"type": "remote_file",
"name": "kubeconfig",
"provider": "provider[\"registry.terraform.io/tenstad/remote\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"conn": [
{
"agent": false,
"host": "167.235.247.244",
"password": "",
"port": 22,
"private_key": "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\nQyNTUxOQAAACDppcjQxBsUMZ1zixjJ/NA8Iz7fgqgste1GlvTEgaYTsgAAAJiZYtI7mWLS\nOwAAAAtzc2gtZWQyNTUxOQAAACDppcjQxBsUMZ1zixjJ/NA8Iz7fgqgste1GlvTEgaYTsg\nAAAEDLWiPDiI2P8wK7bHz6Xxg1LKWEVekqnkLNEdp//Fi4uOmlyNDEGxQxnXOLGMn80Dwj\nPt+CqCy17UaW9MSBphOyAAAAEWNvbnRhY3RAa2p1dWxoLmlvAQIDBA==\n-----END OPENSSH PRIVATE KEY-----",
"private_key_env_var": "",
"private_key_path": "",
"sudo": false,
"user": "root"
}
],
"content": "apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJlRENDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUyTlRJd01UVXhPREl3SGhjTk1qSXdOVEE0TVRNd05qSXlXaGNOTXpJd05UQTFNVE13TmpJeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUyTlRJd01UVXhPREl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReW45YTd2ZW1MUzZheE1sbjlvaHRTUENtZTRMaDJZYnJlY0ZHbk1pRmUKeWtKMEllSElEQjBZb3htMzM1NVFjMm5DOW1QODhQUTNlZ2lya2Zkc0pXZFdvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWd4aDhLMDVNeklhbHoxb0k3a0lQCjZleVZCVVl3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loQUpwNDJiR1JSK0R5dG8xcFh5SHk1dDZDYS9RNjdoNCsKYWRIVjBsQ2RkRlBWQWlFQXQ2RkpZUXZXcUg2LzlqNkY2K3JFZ0NTZFRwbUM5VDNDd1ZpZm1hNXo4K3M9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n server: https://127.0.0.1:6443\n name: default\ncontexts:\n- context:\n cluster: default\n user: default\n name: default\ncurrent-context: default\nkind: Config\npreferences: {}\nusers:\n- name: default\n user:\n client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrRENDQVRlZ0F3SUJBZ0lJWHF3azVwR1ZNRG93Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOalV5TURFMU1UZ3lNQjRYRFRJeU1EVXdPREV6TURZeU1sb1hEVEl6TURVdwpPREV6TURZeU1sb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJFOEszZ0tKNkswK2lsYXIKbVVyaXlmN09jSjdaWlpoSHExNk1zbnZKSzVCUHRtQmttU0NxYUVEbFFCT2Y3NXR1MG9hSDdLMGREc0JSV2xtdApVMUF5NXV1alNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCUjVicDBabGRLd0U0MWdMeFNXT2IxV1ZTRUxqekFLQmdncWhrak9QUVFEQWdOSEFEQkUKQWlBM2piaW0wVEp4bXdQd2dtUGpLQ3BKWHl4SUVVZ0UxOG0wcW16OXlTTFhRUUlnVUduYjh2RnFOZmpUNmpULwphaXRTUVBjTTQ0RVY5TUFSRGFKUmJFZG0xc1k9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUyTlRJd01UVXhPREl3SGhjTk1qSXdOVEE0TVRNd05qSXlXaGNOTXpJd05UQTFNVE13TmpJeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUyTlRJd01UVXhPREl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReFVCbE0rZjlZRVdaL2toN1BMSmZKeU1IenJscFlqd25udVNINE1GTmUKMlhzb1JGb3ltdlVhWDEvWFBIVnpSaVNTZkp6S0tJU0xLM095Y1lnTWhHR29vMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWVXNmRHWlhTc0JPTllDOFVsam05ClZsVWhDNDh3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnWFVsZlJZTVdjMVVhSkcwYXFYME1PRDcvL2VOTG9yVXIKU291NDNuNWlmK0lDSVFDdXNJNmNBcnI2Y2t5cWNHZ1NGRlJwMmxROE40MnIyK2EwN2RPMEFtVWg3dz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUNnME5kRWRSRjRacDBLNzA5R1NHWDhWNXAyZXJ0ZktrN2dHelFnTk1HN1FvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFVHdyZUFvbm9yVDZLVnF1WlN1TEovczV3bnRsbG1FZXJYb3l5ZThrcmtFKzJZR1NaSUtwbwpRT1ZBRTUvdm0yN1Nob2ZzclIwT3dGRmFXYTFUVURMbTZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=\n",
"id": "167.235.247.244:22:/etc/rancher/k3s/k3s.yaml",
"path": "/etc/rancher/k3s/k3s.yaml"
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner",
"mode": "data",
"type": "remote_file",
"name": "kustomization_backup",
"provider": "provider[\"registry.terraform.io/tenstad/remote\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"conn": [
{
"agent": false,
"host": "167.235.247.244",
"password": "",
"port": 22,
"private_key": "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\nQyNTUxOQAAACDppcjQxBsUMZ1zixjJ/NA8Iz7fgqgste1GlvTEgaYTsgAAAJiZYtI7mWLS\nOwAAAAtzc2gtZWQyNTUxOQAAACDppcjQxBsUMZ1zixjJ/NA8Iz7fgqgste1GlvTEgaYTsg\nAAAEDLWiPDiI2P8wK7bHz6Xxg1LKWEVekqnkLNEdp//Fi4uOmlyNDEGxQxnXOLGMn80Dwj\nPt+CqCy17UaW9MSBphOyAAAAEWNvbnRhY3RAa2p1dWxoLmlvAQIDBA==\n-----END OPENSSH PRIVATE KEY-----",
"private_key_env_var": "",
"private_key_path": "",
"sudo": false,
"user": "root"
}
],
"content": "\"apiVersion\": \"kustomize.config.k8s.io/v1beta1\"\n\"kind\": \"Kustomization\"\n\"patchesStrategicMerge\":\n- |\n apiVersion: apps/v1\n kind: DaemonSet\n metadata:\n name: kured\n namespace: kube-system\n spec:\n selector:\n matchLabels:\n name: kured\n template:\n metadata:\n labels:\n name: kured\n spec:\n serviceAccountName: kured\n containers:\n - name: kured\n command:\n - /usr/bin/kured\n - --reboot-command=/usr/bin/systemctl reboot\n- |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: system-upgrade-controller\n namespace: system-upgrade\n spec:\n template:\n spec:\n containers:\n - name: system-upgrade-controller\n volumeMounts:\n - name: ca-certificates\n mountPath: /var/lib/ca-certificates\n volumes:\n - name: ca-certificates\n hostPath:\n path: /var/lib/ca-certificates\n type: Directory\n- \"ccm.yaml\"\n\"resources\":\n- \"https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/v1.12.1/ccm-networks.yaml\"\n- \"https://github.com/weaveworks/kured/releases/download/1.9.2/kured-1.9.2-dockerhub.yaml\"\n- \"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml\"\n- \"https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.6.0/deploy/kubernetes/hcloud-csi.yml\"\n- \"traefik_config.yaml\"\n- \"cert-manager.yaml\"\n",
"id": "167.235.247.244:22:/var/post_install/kustomization.yaml",
"path": "/var/post_install/kustomization.yaml"
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "hcloud_firewall",
"name": "k3s",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"apply_to": [
{
"label_selector": "",
"server": 20285806
},
{
"label_selector": "",
"server": 20285807
},
{
"label_selector": "",
"server": 20285808
},
{
"label_selector": "",
"server": 20285809
},
{
"label_selector": "",
"server": 20285810
},
{
"label_selector": "",
"server": 20285811
Fix state
2022-05-08 20:27:01 +02:00
},
{
"label_selector": "",
"server": 20289430
Add cloudflare
2022-05-08 15:51:41 +02:00
}
],
"id": "385507",
"labels": {},
"name": "clank",
"rule": [
Fix state
2022-05-08 20:27:01 +02:00
{
"description": "",
"destination_ips": [
"0.0.0.0/0",
"::/0"
],
"direction": "out",
"port": "22",
"protocol": "tcp",
"source_ips": []
},
Add cloudflare
2022-05-08 15:51:41 +02:00
{
"description": "",
"destination_ips": [
"0.0.0.0/0"
],
"direction": "out",
"port": "",
"protocol": "icmp",
"source_ips": []
},
{
"description": "",
"destination_ips": [
"0.0.0.0/0"
],
"direction": "out",
"port": "123",
"protocol": "udp",
"source_ips": []
},
{
"description": "",
"destination_ips": [
"0.0.0.0/0"
],
"direction": "out",
"port": "443",
"protocol": "tcp",
"source_ips": []
},
{
"description": "",
"destination_ips": [
"0.0.0.0/0"
],
"direction": "out",
"port": "53",
"protocol": "tcp",
"source_ips": []
},
{
"description": "",
"destination_ips": [
"0.0.0.0/0"
],
"direction": "out",
"port": "53",
"protocol": "udp",
"source_ips": []
},
{
"description": "",
"destination_ips": [
"0.0.0.0/0"
],
"direction": "out",
"port": "80",
"protocol": "tcp",
"source_ips": []
},
{
"description": "",
"destination_ips": [],
"direction": "in",
"port": "",
"protocol": "icmp",
"source_ips": [
"0.0.0.0/0"
]
},
{
"description": "",
"destination_ips": [],
"direction": "in",
"port": "",
"protocol": "icmp",
"source_ips": [
"10.0.0.0/8",
"127.0.0.1/32",
"169.254.169.254/32",
"213.239.246.1/32"
]
},
{
"description": "",
"destination_ips": [],
"direction": "in",
"port": "22",
"protocol": "tcp",
"source_ips": [
"0.0.0.0/0"
]
},
{
"description": "",
"destination_ips": [],
"direction": "in",
"port": "6443",
"protocol": "tcp",
"source_ips": [
"0.0.0.0/0"
]
},
{
"description": "",
"destination_ips": [],
"direction": "in",
"port": "any",
"protocol": "tcp",
"source_ips": [
"10.0.0.0/8",
"127.0.0.1/32",
"169.254.169.254/32",
"213.239.246.1/32"
]
},
{
"description": "",
"destination_ips": [],
"direction": "in",
"port": "any",
"protocol": "udp",
"source_ips": [
"10.0.0.0/8",
"127.0.0.1/32",
"169.254.169.254/32",
"213.239.246.1/32"
]
}
]
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "hcloud_network",
"name": "k3s",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"delete_protection": false,
"id": "1628275",
"ip_range": "10.0.0.0/8",
"labels": {},
"name": "clank"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "hcloud_network_subnet",
"name": "agent",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"gateway": "10.0.0.1",
"id": "1628275-10.0.0.0/16",
"ip_range": "10.0.0.0/16",
"network_id": 1628275,
"network_zone": "eu-central",
"type": "cloud",
"vswitch_id": null
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s"
]
},
{
"index_key": 1,
"schema_version": 0,
"attributes": {
"gateway": "10.0.0.1",
"id": "1628275-10.1.0.0/16",
"ip_range": "10.1.0.0/16",
"network_id": 1628275,
"network_zone": "eu-central",
"type": "cloud",
"vswitch_id": null
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s"
]
},
{
"index_key": 2,
"schema_version": 0,
"attributes": {
"gateway": "10.0.0.1",
"id": "1628275-10.2.0.0/16",
"ip_range": "10.2.0.0/16",
"network_id": 1628275,
"network_zone": "eu-central",
"type": "cloud",
"vswitch_id": null
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s"
]
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "hcloud_network_subnet",
"name": "control_plane",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"gateway": "10.0.0.1",
"id": "1628275-10.255.0.0/16",
"ip_range": "10.255.0.0/16",
"network_id": 1628275,
"network_zone": "eu-central",
"type": "cloud",
"vswitch_id": null
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s"
]
},
{
"index_key": 1,
"schema_version": 0,
"attributes": {
"gateway": "10.0.0.1",
"id": "1628275-10.254.0.0/16",
"ip_range": "10.254.0.0/16",
"network_id": 1628275,
"network_zone": "eu-central",
"type": "cloud",
"vswitch_id": null
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s"
]
},
{
"index_key": 2,
"schema_version": 0,
"attributes": {
"gateway": "10.0.0.1",
"id": "1628275-10.253.0.0/16",
"ip_range": "10.253.0.0/16",
"network_id": 1628275,
"network_zone": "eu-central",
"type": "cloud",
"vswitch_id": null
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s"
]
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "hcloud_placement_group",
"name": "agent",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"id": "41238",
"labels": {},
"name": "clank-agent-1",
"servers": [
20285807,
20285809,
Fix state
2022-05-08 20:27:01 +02:00
20285811,
20289430
Add cloudflare
2022-05-08 15:51:41 +02:00
],
"type": "spread"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "hcloud_placement_group",
"name": "control_plane",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"id": "41239",
"labels": {},
"name": "clank-control-plane-1",
"servers": [
20285806,
20285808,
20285810
],
"type": "spread"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "hcloud_ssh_key",
"name": "k3s",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"fingerprint": "f4:16:88:3f:66:9e:f5:7d:d9:ed:20:0e:6a:55:a2:c3",
"id": "6372775",
"labels": {},
"name": "clank",
"public_key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "local_file",
"name": "kustomization_backup",
"provider": "provider[\"registry.terraform.io/hashicorp/local\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"content": "\"apiVersion\": \"kustomize.config.k8s.io/v1beta1\"\n\"kind\": \"Kustomization\"\n\"patchesStrategicMerge\":\n- |\n apiVersion: apps/v1\n kind: DaemonSet\n metadata:\n name: kured\n namespace: kube-system\n spec:\n selector:\n matchLabels:\n name: kured\n template:\n metadata:\n labels:\n name: kured\n spec:\n serviceAccountName: kured\n containers:\n - name: kured\n command:\n - /usr/bin/kured\n - --reboot-command=/usr/bin/systemctl reboot\n- |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: system-upgrade-controller\n namespace: system-upgrade\n spec:\n template:\n spec:\n containers:\n - name: system-upgrade-controller\n volumeMounts:\n - name: ca-certificates\n mountPath: /var/lib/ca-certificates\n volumes:\n - name: ca-certificates\n hostPath:\n path: /var/lib/ca-certificates\n type: Directory\n- \"ccm.yaml\"\n\"resources\":\n- \"https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/v1.12.1/ccm-networks.yaml\"\n- \"https://github.com/weaveworks/kured/releases/download/1.9.2/kured-1.9.2-dockerhub.yaml\"\n- \"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml\"\n- \"https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.6.0/deploy/kubernetes/hcloud-csi.yml\"\n- \"traefik_config.yaml\"\n- \"cert-manager.yaml\"\n",
"content_base64": null,
"directory_permission": "0777",
"file_permission": "600",
"filename": "kustomization_backup.yaml",
"id": "dbde5be8a5091a964a3247a6c23b5ab4f8e9eb26",
"sensitive_content": null,
"source": null
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.data.github_release.hetzner_ccm",
"module.kube-hetzner.data.github_release.hetzner_csi",
"module.kube-hetzner.data.github_release.kured",
"module.kube-hetzner.data.remote_file.kubeconfig",
"module.kube-hetzner.data.remote_file.kustomization_backup",
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.local_sensitive_file.kubeconfig",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.control_planes",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.null_resource.kustomization",
"module.kube-hetzner.random_password.k3s_token"
]
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "local_sensitive_file",
"name": "kubeconfig",
"provider": "provider[\"registry.terraform.io/hashicorp/local\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"content": "apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJlRENDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUyTlRJd01UVXhPREl3SGhjTk1qSXdOVEE0TVRNd05qSXlXaGNOTXpJd05UQTFNVE13TmpJeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUyTlRJd01UVXhPREl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReW45YTd2ZW1MUzZheE1sbjlvaHRTUENtZTRMaDJZYnJlY0ZHbk1pRmUKeWtKMEllSElEQjBZb3htMzM1NVFjMm5DOW1QODhQUTNlZ2lya2Zkc0pXZFdvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWd4aDhLMDVNeklhbHoxb0k3a0lQCjZleVZCVVl3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loQUpwNDJiR1JSK0R5dG8xcFh5SHk1dDZDYS9RNjdoNCsKYWRIVjBsQ2RkRlBWQWlFQXQ2RkpZUXZXcUg2LzlqNkY2K3JFZ0NTZFRwbUM5VDNDd1ZpZm1hNXo4K3M9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n server: https://167.235.247.244:6443\n name: default\ncontexts:\n- context:\n cluster: default\n user: default\n name: default\ncurrent-context: default\nkind: Config\npreferences: {}\nusers:\n- name: default\n user:\n client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrRENDQVRlZ0F3SUJBZ0lJWHF3azVwR1ZNRG93Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOalV5TURFMU1UZ3lNQjRYRFRJeU1EVXdPREV6TURZeU1sb1hEVEl6TURVdwpPREV6TURZeU1sb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJFOEszZ0tKNkswK2lsYXIKbVVyaXlmN09jSjdaWlpoSHExNk1zbnZKSzVCUHRtQmttU0NxYUVEbFFCT2Y3NXR1MG9hSDdLMGREc0JSV2xtdApVMUF5NXV1alNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCUjVicDBabGRLd0U0MWdMeFNXT2IxV1ZTRUxqekFLQmdncWhrak9QUVFEQWdOSEFEQkUKQWlBM2piaW0wVEp4bXdQd2dtUGpLQ3BKWHl4SUVVZ0UxOG0wcW16OXlTTFhRUUlnVUduYjh2RnFOZmpUNmpULwphaXRTUVBjTTQ0RVY5TUFSRGFKUmJFZG0xc1k9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUyTlRJd01UVXhPREl3SGhjTk1qSXdOVEE0TVRNd05qSXlXaGNOTXpJd05UQTFNVE13TmpJeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUyTlRJd01UVXhPREl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReFVCbE0rZjlZRVdaL2toN1BMSmZKeU1IenJscFlqd25udVNINE1GTmUKMlhzb1JGb3ltdlVhWDEvWFBIVnpSaVNTZkp6S0tJU0xLM095Y1lnTWhHR29vMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWVXNmRHWlhTc0JPTllDOFVsam05ClZsVWhDNDh3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnWFVsZlJZTVdjMVVhSkcwYXFYME1PRDcvL2VOTG9yVXIKU291NDNuNWlmK0lDSVFDdXNJNmNBcnI2Y2t5cWNHZ1NGRlJwMmxROE40MnIyK2EwN2RPMEFtVWg3dz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUNnME5kRWRSRjRacDBLNzA5R1NHWDhWNXAyZXJ0ZktrN2dHelFnTk1HN1FvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFVHdyZUFvbm9yVDZLVnF1WlN1TEovczV3bnRsbG1FZXJYb3l5ZThrcmtFKzJZR1NaSUtwbwpRT1ZBRTUvdm0yN1Nob2ZzclIwT3dGRmFXYTFUVURMbTZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=\n",
"content_base64": null,
"directory_permission": "0700",
"file_permission": "600",
"filename": "kubeconfig.yaml",
"id": "51b0f8e4bb7ae75ae8aed2aa818d47ff02cfdd0e",
"source": null
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.data.remote_file.kubeconfig",
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.control_planes",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.random_password.k3s_token"
]
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "null_resource",
"name": "agents",
"provider": "provider[\"registry.terraform.io/hashicorp/null\"]",
"instances": [
{
"index_key": "0-0-agent-small1",
"schema_version": 0,
"attributes": {
"id": "2176505815644718391",
"triggers": {
"agent_id": "20285807"
}
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.agents.data.cloudinit_config.config",
"module.kube-hetzner.module.agents.hcloud_server.server",
"module.kube-hetzner.module.agents.hcloud_server_network.server",
"module.kube-hetzner.module.agents.random_string.server",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.random_password.k3s_token"
]
},
{
"index_key": "1-0-agent-small2",
"schema_version": 0,
"attributes": {
"id": "2844766948829955151",
"triggers": {
"agent_id": "20285811"
}
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.agents.data.cloudinit_config.config",
"module.kube-hetzner.module.agents.hcloud_server.server",
"module.kube-hetzner.module.agents.hcloud_server_network.server",
"module.kube-hetzner.module.agents.random_string.server",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.random_password.k3s_token"
]
},
{
"index_key": "2-0-storage1",
"schema_version": 0,
"attributes": {
"id": "6929446356437947923",
"triggers": {
"agent_id": "20285809"
}
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.agents.data.cloudinit_config.config",
"module.kube-hetzner.module.agents.hcloud_server.server",
"module.kube-hetzner.module.agents.hcloud_server_network.server",
"module.kube-hetzner.module.agents.random_string.server",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.random_password.k3s_token"
]
Fix state
2022-05-08 20:27:01 +02:00
},
{
"index_key": "2-1-storage1",
"schema_version": 0,
"attributes": {
"id": "8807962960687335091",
"triggers": {
"agent_id": "20289430"
}
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.agents.data.cloudinit_config.config",
"module.kube-hetzner.module.agents.hcloud_server.server",
"module.kube-hetzner.module.agents.hcloud_server_network.server",
"module.kube-hetzner.module.agents.random_string.server",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.random_password.k3s_token"
]
Add cloudflare
2022-05-08 15:51:41 +02:00
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "null_resource",
"name": "control_planes",
"provider": "provider[\"registry.terraform.io/hashicorp/null\"]",
"instances": [
{
"index_key": "0-0-control-plane-fsn1",
"schema_version": 0,
"attributes": {
"id": "2906291804049488022",
"triggers": {
"control_plane_id": "20285806"
}
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.random_password.k3s_token"
]
},
{
"index_key": "1-0-control-plane-nbg1",
"schema_version": 0,
"attributes": {
"id": "7519334347044594476",
"triggers": {
"control_plane_id": "20285810"
}
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.random_password.k3s_token"
]
},
{
"index_key": "2-0-control-plane-hel1",
"schema_version": 0,
"attributes": {
"id": "7465071128357046031",
"triggers": {
"control_plane_id": "20285808"
}
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.random_password.k3s_token"
]
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "null_resource",
"name": "destroy_traefik_loadbalancer",
"provider": "provider[\"registry.terraform.io/hashicorp/null\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "5718072141935869582",
"triggers": {
"kustomization_id": "6932703477613162485"
}
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.data.github_release.hetzner_ccm",
"module.kube-hetzner.data.github_release.hetzner_csi",
"module.kube-hetzner.data.github_release.kured",
"module.kube-hetzner.data.remote_file.kubeconfig",
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.local_sensitive_file.kubeconfig",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.control_planes",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.null_resource.kustomization",
"module.kube-hetzner.random_password.k3s_token"
]
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "null_resource",
"name": "first_control_plane",
"provider": "provider[\"registry.terraform.io/hashicorp/null\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "8493463504988894518",
"triggers": null
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.random_password.k3s_token"
]
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "null_resource",
"name": "kustomization",
"provider": "provider[\"registry.terraform.io/hashicorp/null\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "6932703477613162485",
"triggers": null
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.data.github_release.hetzner_ccm",
"module.kube-hetzner.data.github_release.hetzner_csi",
"module.kube-hetzner.data.github_release.kured",
"module.kube-hetzner.data.remote_file.kubeconfig",
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.local_sensitive_file.kubeconfig",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.hcloud_server_network.server",
"module.kube-hetzner.module.control_planes.random_string.server",
"module.kube-hetzner.null_resource.control_planes",
"module.kube-hetzner.null_resource.first_control_plane",
"module.kube-hetzner.random_password.k3s_token"
]
}
]
},
{
"module": "module.kube-hetzner",
"mode": "managed",
"type": "random_password",
"name": "k3s_token",
"provider": "provider[\"registry.terraform.io/hashicorp/random\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "none",
"keepers": null,
"length": 48,
"lower": true,
"min_lower": 0,
"min_numeric": 0,
"min_special": 0,
"min_upper": 0,
"number": true,
"override_special": null,
"result": "5udRUWWljozBPauxJF4pbyDKc9aljYVyLITb5KN692dFczeK",
"special": false,
"upper": true
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"0-0-agent-small1\"]",
"mode": "data",
"type": "cloudinit_config",
"name": "config",
"provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"base64_encode": true,
"boundary": "MIMEBOUNDARY",
"gzip": true,
"id": "3259911983",
"part": [
{
"content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-agent-small1-mdr\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n",
"content_type": "text/cloud-config",
"filename": "init.cfg",
"merge_type": ""
}
],
"rendered": "H4sIAAAAAAAA/4xW4W/ayBP9bin/w8j5wO+nw3ZIWrWlQjoHaIpa4xw4be+qCC27A95i7/p21yGO7o8/7TppSEiaE+LDzjzem30zHjOUwqAwQdZU2IeyLgyviDJRya+RvYelrAUjqhn4ySQZn6YX01E8+9P37Cn4gkpzKfrQC48OvAMvCHZBB94d94jrSmpuHJYYQ2heojDvYcULFKTEgc8FNyFdrf37X2WKCL1CFYwFlYyLdR/eLLnZAbiSDV6biBayZgGVYsXXB17CS9wr7nAX43lbxQ0ubAG673mHMHTxWiGYHKFS/IoYBIFmK9UGuDCoVoSiFwBt5fvwjwcAcJqm2fkszdJBh+W06rjgPItnWZKOxoMOqY20wYqYvA8RGhrpRrdlRLf8EV/R1TpAk/dsLSOuybJA0DqHimi9lYoBqU2OwnBKrI/7dZzfAuMHOBDSZb/1eh+k2hJljbwLJuTaojPFUcOxC8VFIbcZrfbBLhOvUZgncrXJpeI3yD5hoz/wAiHUOo/Iz/hig41+5ILO7ZctWi9CFm3qJQY5mhuBKrRRa8YcDShcSmmgRJNLBkSDv6kVMn/fhdnY9mORjLOP6WjgUA9VjZ0qQq03pAjqihGDP7WGCm3XZ0TQHBUorCTcDsye0nfVooLNiQ6oLEspAm1s3y5d3s31HdOnEw1Dh4H/taD/O9CSaKxVMciNqXQ/ilRVhre8IZfR5kRHLTxqFaKSUyWljoQkiuaOA4UFsEHPndbVmuZIN7dHe4XFz9jRHWSDzXOaVb0sOA032Dw07qapqsjS6ZBF+3cPbcp6GDPmBve+9+B6r3W+eDQPfQ8gsOAA2fHr1713EMdxPDyZ3pBhr/hrNOlNs/FrG5ukZdFMR+Oz6z+uxbf081ki3h6Ntj/OzW/Dv4dN780F+foumZ9Wedq4RhFqft/8qOsiD7kra4aa3yBEV0R1QUgDUdcOksmJ6Wj3zBdEG7C7zy0q4AISa3Y6B16SNYbeWsmtzfediwyvOEXdh+++JfUvrUpCNgj6bovkUhs7BsA1aDRApVJITdF4d5k+0IKITUDscxXokhRFLyiZ8iqFGtUVLu6RRtXoeaoWtGRuZcUayFJeYRfKZ2XtTS2V8QL4rpF1oRPwThc6OpqOs2E6/TA5W0wn88V8nI3SJJ5Mp3EyHvgNav/XCCH9aN3pPrfR2uPlvuzo4/DzZDzNLN/iYzrPdgSfyb0gZdeuc/8rOpuHdtGvCqIQRtM5OB+V7sJK2hWGDJYNnEm5LtBOAIEloZu6+pVBo+l8Mc/ibDJczMezL+PZfOD7L+R7ofvY1094FPbgbeg+/8k07xBO7Yu3HUxSyloYkCso5LodWaBE2IZf8SsEKRxMN9pguX+Nw7lLJOT6QuMgenA6OXtQjsGSRT9krQQpmNuKTzTwMCHXM7SrkEsxRzqIHgd6W8TNi8TuoWQ1xfaWDFekLgyIulyisrfVglQ6l0bDSskSjoPe0V224CU3XTASXgERrAW8egwAXlZSGSJa6PETLb5ITsezxedJMskGvlXwH8Ve7TZMkKpCddsmHSkpzRMG7RIsJsl5OsviqaXao9/NnrwodP/PQEMtBCJD5qbb7iFXhjOamqILrAXaqgIht7aw9iVarlV4+5vO5d5/tiA48P4NAAD//zWzz/kSCgAA"
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"0-0-agent-small1\"]",
"mode": "managed",
"type": "hcloud_server",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backup_window": "",
"backups": false,
"datacenter": "fsn1-dc14",
"delete_protection": false,
"firewall_ids": [
385507
],
"id": "20285807",
"ignore_remote_firewall_ids": false,
"image": "ubuntu-20.04",
"ipv4_address": "142.132.182.232",
"ipv6_address": "2a01:4f8:c012:d1c0::1",
"ipv6_network": "2a01:4f8:c012:d1c0::/64",
"iso": null,
"keep_disk": false,
"labels": {
"engine": "k3s",
"provisioner": "terraform"
},
"location": "fsn1",
"name": "clank-agent-small1-mdr",
"network": [],
"placement_group_id": 41238,
"rebuild_protection": false,
"rescue": "linux64",
"server_type": "cpx11",
"ssh_keys": [
"6372775"
],
"status": "running",
"timeouts": null,
"user_data": "D7VXcW+8XFUt2rIoXtjcDwVNF9U="
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.agents.data.cloudinit_config.config",
"module.kube-hetzner.module.agents.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"0-0-agent-small1\"]",
"mode": "managed",
"type": "hcloud_server_network",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"alias_ips": [],
"id": "20285807-1628275",
"ip": "10.0.0.101",
"mac_address": "86:00:00:0f:24:bf",
"network_id": null,
"server_id": 20285807,
"subnet_id": "1628275-10.0.0.0/16"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.agents.data.cloudinit_config.config",
"module.kube-hetzner.module.agents.hcloud_server.server",
"module.kube-hetzner.module.agents.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"0-0-agent-small1\"]",
"mode": "managed",
"type": "random_string",
"name": "server",
"provider": "provider[\"registry.terraform.io/hashicorp/random\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"id": "mdr",
"keepers": {
"name": "clank-agent-small1"
},
"length": 3,
"lower": true,
"min_lower": 0,
"min_numeric": 0,
"min_special": 0,
"min_upper": 0,
"number": false,
"override_special": null,
"result": "mdr",
"special": false,
"upper": false
},
"sensitive_attributes": [],
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent"
]
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"1-0-agent-small2\"]",
"mode": "data",
"type": "cloudinit_config",
"name": "config",
"provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"base64_encode": true,
"boundary": "MIMEBOUNDARY",
"gzip": true,
"id": "2042315058",
"part": [
{
"content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-agent-small2-tqu\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n",
"content_type": "text/cloud-config",
"filename": "init.cfg",
"merge_type": ""
}
],
"rendered": "H4sIAAAAAAAA/4xWYW/ayhL9bin/YeR84D09bIekVVsqpOcATVFrnAtO23urCC27A95i77q76xBH98df7TppSEiaK8SHnTmcM3tmPGYohUFhgqypsA9lXRheEWWikl8jew9LWQtGVDPwk0kyPk0vpqN49qfv2VPwBZXmUvShFx4deAdeEOyCDrw77hHXldTcOCwxhtC8RGHew4oXKEiJA58LbkK6Wvv3v8oUEXqFKhgLKhkX6z68WXKzA3AlG7w2ES1kzQIqxYqvD7yEl7hX3OEuxvO2ihtc2AJ03/MOYejitUIwOUKl+BUxCALNVqoNcGFQrQhFLwDayvfhbw8A4DRNs/NZmqWDDstp1XHBeRbPsiQdjQcdUhtpgxUxeR8iNDTSjW7LiG75I76iq3WAJu/ZWkZck2WBoHUOFdF6KxUDUpscheGUWB/36zi/BcYPcCCky37r9T5ItSXKGnkXTMi1RWeKo4ZjF4qLQm4zWu2DXSZeozBP5GqTS8VvkH3CRn/gBUKodR6RX/HFBhv9yAWd2y9btF6ELNrUSwxyNDcCVWij1ow5GlC4lNJAiSaXDIgGf1MrZP6+C7Ox7cciGWcf09HAoR6qGjtVhFpvSBHUFSMGf2kNFdquz4igOSpQWEm4HZg9pe+qRQWbEx1QWZZSBNrYvl26vJvrO6ZPJxqGDgP/aUH/daAl0VirYpAbU+l+FKmqDG95Qy6jzYmOWnjUKkQlp0pKHQlJFM0dBwoLYIOeO62rNc2Rbm6P9gqLX7GjO8gGm+c0q3pZcBpusHlo3E1TVZGl0yGL9u8e2pT1MGbMDe5978H1Xut88Wge+h5AYMEBsuPXr3vvII7jeHgyvSHDXvHXaNKbZuPXNjZJy6KZjsZn139ci2/p57NEvD0abX+cm/8Nfw6b3psL8vVdMj+t8rRxjSLU/H/zo66LPOSurBlqfoMQXRHVBSENRF07SCYnpqPdM18QbcDuPreogAtIrNnpHHhJ1hh6ayW3Nt93LjK84hR1H777ltS/tCoJ2SDouy2SS23sGADXoNEAlUohNUXj3WX6QAsiNgGxz1WgS1IUx4H5WXuVQo3qChf3SKNq9DxVC1oyt7JiDWQpr7AL5bOy9qaWyngBfNfIutAJeKcLHR1Nx9kwnX6YnC2mk/liPs5GaRJPptM4GQ/8BrX/e4SQfrTudJ/baO3xcl929HH4eTKeZpZv8TGdZzuCz+RekLJr17n/FZ3NQ7voVwVRCKPpHJyPSndhJe0KQwbLBs6kXBdoJ4DAktBNXf3OoNF0vphncTYZLubj2ZfxbD7w/RfyvdB97OsnPAp78DZ0n39lmncIp/bF2w4mKWUtDMgVFHLdjixQImzDr/gVghQOphttsNy/xuHcJRJyfaFxED04nZw9KMdgyaIfslaCFMxtxScaeJiQ6xnaVcilmCMdRI8DvS3i5kVi91CymmJ7S4YrUhcGRF0uUdnbakEqnUujYaVkCcdB7+guW/CSmy4YCa+ACNYCXj0GAC8rqQwRLfT4iRZfJKfj2eLzJJlkA98q+I9ir3YbJkhVobptk46UlOYJg3YJFpPkPJ1l8dRS7dHvZk9eFLr/Z6ChFgKRIXPTbfeQK8MZTU3RBdYCbVWBkFtbWPsSLdcqvP1N53LvP1sQHHj/BAAA//8z9yJHEgoAAA=="
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"1-0-agent-small2\"]",
"mode": "managed",
"type": "hcloud_server",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backup_window": "",
"backups": false,
"datacenter": "nbg1-dc3",
"delete_protection": false,
"firewall_ids": [
385507
],
"id": "20285811",
"ignore_remote_firewall_ids": false,
"image": "ubuntu-20.04",
"ipv4_address": "116.203.85.75",
"ipv6_address": "2a01:4f8:1c1e:c5b5::1",
"ipv6_network": "2a01:4f8:1c1e:c5b5::/64",
"iso": null,
"keep_disk": false,
"labels": {
"engine": "k3s",
"provisioner": "terraform"
},
"location": "nbg1",
"name": "clank-agent-small2-tqu",
"network": [],
"placement_group_id": 41238,
"rebuild_protection": false,
"rescue": "linux64",
"server_type": "cpx11",
"ssh_keys": [
"6372775"
],
"status": "running",
"timeouts": null,
"user_data": "2WwhfGNbb8PWIa5HwzRkeftEW60="
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.agents.data.cloudinit_config.config",
"module.kube-hetzner.module.agents.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"1-0-agent-small2\"]",
"mode": "managed",
"type": "hcloud_server_network",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"alias_ips": [],
"id": "20285811-1628275",
"ip": "10.1.0.101",
"mac_address": "86:00:00:0f:24:c4",
"network_id": null,
"server_id": 20285811,
"subnet_id": "1628275-10.1.0.0/16"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.agents.data.cloudinit_config.config",
"module.kube-hetzner.module.agents.hcloud_server.server",
"module.kube-hetzner.module.agents.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"1-0-agent-small2\"]",
"mode": "managed",
"type": "random_string",
"name": "server",
"provider": "provider[\"registry.terraform.io/hashicorp/random\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"id": "tqu",
"keepers": {
"name": "clank-agent-small2"
},
"length": 3,
"lower": true,
"min_lower": 0,
"min_numeric": 0,
"min_special": 0,
"min_upper": 0,
"number": false,
"override_special": null,
"result": "tqu",
"special": false,
"upper": false
},
"sensitive_attributes": [],
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent"
]
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"2-0-storage1\"]",
"mode": "data",
"type": "cloudinit_config",
"name": "config",
"provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"base64_encode": true,
"boundary": "MIMEBOUNDARY",
"gzip": true,
"id": "264943894",
"part": [
{
"content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-storage1-dsi\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n",
"content_type": "text/cloud-config",
"filename": "init.cfg",
"merge_type": ""
}
],
"rendered": "H4sIAAAAAAAA/4xW4W/ayBP9bin/w8j5wO+nw3ZIWrWlQjoHaIpa4xw4be+qCC27A95i7/p21yGO7o8/7TppSEiaE+LDzjzem30zjD2UwqAwQdZU2IeyLgyviDJRya+RvYelrAUjqhn4ySQZn6YX01E8+9P37Cn4gkpzKfrQC48OvAMvCHZBB94d94jrSmpuHJYYQ2heojDvYcULFKTEgc8FNyFdrf37X2WKCL1CFYwFlYyLdR/eLLnZAbiSDV6biBayZgGVYsXXB17CS9wr7nAX43lbxQ0ubAG673mHMHTxWiGYHKFS/IoYBIFmK9UGuDCoVoSiFwBt5fvwjwcAcJqm2fkszdJBh+W06rjgPItnWZKOxoMOqY20wYqYvA8RGhrpRrdlRLf8EV/R1TpAk/dsLSOuybJA0DqHimi9lYoBqU2OwnBKrI/7dZzfAuMHOBDSZb/1eh+k2hJljbwLJuTaojPFUcOxC8VFIbcZrfbBLhOvUZgncrXJpeI3yD5hoz/wAiHUOo/Iz/hig41+5ILO7ZctWi9CFm3qJQY5mhuBKrRRa8YcDShcSmmgRJNLBkSDv6kVMn/fhdnY9mORjLOP6WjgUA9VjZ0qQq03pAjqihGDP7WGCm3XZ0TQHBUorCTcDsye0nfVooLNiQ6oLEspAm1s3y5d3s31HdOnEw1Dh4H/taD/O9CSaKxVMciNqXQ/ilRVhre8IZfR5kRHLTxqFaKSUyWljoQkiuaOA4UFsEHPndbVmuZIN7dHe4XFz9jRHWSDzXOaVb0sOA032Dw07qapqsjS6ZBF+3cPbcp6GDPmBve+9+B6r3W+eDQPfQ8gsOAA2fHr1713EMdxPDyZ3pBhr/hrNOlNs/FrG5ukZdFMR+Oz6z+uxbf081ki3h6Ntj/OzW/Dv4dN780F+foumZ9Wedq4RhFqft/8qOsiD7kra4aa3yBEV0R1QUgDUdcOksmJ6Wj3ny+INmB3n1tUwAUk1ux0Drwkawy9tZJbm+87FxlecYq6D999S+pfWpWEbBD03RbJpTZ2DIBr0GiASqWQmqLx7jJ9oAURm0AbqcgaewHT3KsUalRXuLhHGVWj56la0JK5dRVrIEt5hV0on5W0t7RUxgvgu0bWhU7AO13o6Gg6zobp9MPkbDGdzBfzcTZKk3gyncbJeOA3qP1fI4T0o3Wn+9w2a4+X+7Kjj8PPk/E0s3yLj+k82xF8JveClF25zvmv6Cwe2iW/KohCGE3n4HxUugsradcXMlg2cCblukDbfQJLQjd19SuDRtP5Yp7F2WS4mI9nX8az+cD3X8j3Qvexj57wKOzB29B9/pNp3iGc2oduO5SklLUwIFdQyHU7rkCJsA2/4lcIUjiYbrTBcv8ah3OXSMj1hcZB9OB0cvagHIMli37IWglSMLcRn2jgYUKuZ2jXIJdijnQQPQ70toibF4ndH5LVFNtbMlyRujAg6nKJyt5WC1LpXBoNKyVLOA56R3fZgpfcdMFIeAVEsBbw6jEAeFlJZYhoocdPtPgiOR3PFp8nySQb+FbBfxR7tdswQaoK1W2bdKSkNE8YtEuwmCTn6SyLp5Zqj343e/Ki0P1bgYZaCESGzE233UGuDGc0NUUXWAu0VQVCbm1h7QO0XKvw9jedy733tSA48P4NAAD//3Tq5JEOCgAA"
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"2-0-storage1\"]",
"mode": "managed",
"type": "hcloud_server",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backup_window": "",
"backups": false,
"datacenter": "fsn1-dc14",
"delete_protection": false,
"firewall_ids": [
385507
],
"id": "20285809",
"ignore_remote_firewall_ids": false,
"image": "ubuntu-20.04",
"ipv4_address": "142.132.189.194",
"ipv6_address": "2a01:4f8:c012:d1c2::1",
"ipv6_network": "2a01:4f8:c012:d1c2::/64",
"iso": null,
"keep_disk": false,
"labels": {
"engine": "k3s",
"provisioner": "terraform"
},
"location": "fsn1",
"name": "clank-storage1-dsi",
"network": [],
"placement_group_id": 41238,
"rebuild_protection": false,
"rescue": "linux64",
"server_type": "cpx11",
"ssh_keys": [
"6372775"
],
"status": "running",
"timeouts": null,
"user_data": "Nr7zQ070fY606hamZAdNr8bKW6M="
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.agents.data.cloudinit_config.config",
"module.kube-hetzner.module.agents.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"2-0-storage1\"]",
"mode": "managed",
"type": "hcloud_server_network",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"alias_ips": [],
"id": "20285809-1628275",
"ip": "10.2.0.101",
"mac_address": "86:00:00:0f:24:be",
"network_id": null,
"server_id": 20285809,
"subnet_id": "1628275-10.2.0.0/16"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.agents.data.cloudinit_config.config",
"module.kube-hetzner.module.agents.hcloud_server.server",
"module.kube-hetzner.module.agents.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"2-0-storage1\"]",
"mode": "managed",
"type": "random_string",
"name": "server",
"provider": "provider[\"registry.terraform.io/hashicorp/random\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"id": "dsi",
"keepers": {
"name": "clank-storage1"
},
"length": 3,
"lower": true,
"min_lower": 0,
"min_numeric": 0,
"min_special": 0,
"min_upper": 0,
"number": false,
"override_special": null,
"result": "dsi",
"special": false,
"upper": false
Fix state
2022-05-08 20:27:01 +02:00
},
"sensitive_attributes": [],
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent"
]
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"2-1-storage1\"]",
"mode": "data",
"type": "cloudinit_config",
"name": "config",
"provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"base64_encode": true,
"boundary": "MIMEBOUNDARY",
"gzip": true,
"id": "4262392169",
"part": [
{
"content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-storage1-cgr\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n",
"content_type": "text/cloud-config",
"filename": "init.cfg",
"merge_type": ""
}
],
"rendered": "H4sIAAAAAAAA/4xWX2/bPhJ8F5DvsFAefIezpDhp0daFgVNsNzVaWTlbaXtXBAZNriXWEqkjqTgK7sMfSCXNHyfND4YfuDueWc6uVxpLYVCYIGtrHELVlIbXRJmo4tfIPsJaNoIR1Y78ZJZMT9OL+SRe/Nv37Cn4hkpzKYYwCI8OvAMvCB6CDrw77gnXtdTcOCwxhtCiQmE+woaXKEiFI58LbkK6yf37X2WKCL1BFUwFlYyLfAjv1tw8ALiSDV6biJayYQGVYsPzAy/hFe4Vd/gQ43k7xQ2ubAF66HmHMHbxRiGYAqFW/IoYBIFmJ9UWuDCoNoSiFwDt5IfwPw8A4DRNs/NFmqWjHito3XPBZRYvsiSdTEc90hhpgzUxxRAiNDTSre7KiG75I76hmzxAUwxsLROuybpE0LqAmmi9k4oBaUyBwnBKrI/7dZzfAuNHOBDSZX8MBp+k2hFljbwLJuTaojPFUcOxC8VlKXcZrffBLhPnKMwzucYUUvEbZF+w1Z94iRBqXUTkd3y1xVY/cUEX9stWnRchi7bNGoMCzY1AFdqoNWOJBhSupTRQoSkkA6LB3zYKmb/vwmJq+7FKptnndDJyqMeqxk4VodYbUgZNzYjB31pjhbbrCyJogQoU1hJuB2ZP6afqUMH2RAdUVpUUgTa2b5cu7+b6junLiYaxw8DfOtDfHWhNNDaqHBXG1HoYRaquwlvekMtoe6KjDh51ClHFqZJSR0ISRQvHgcIC2GjgTnmd0wLp9vZor7D6HTu6g2yxfUmzbtYlp+EW28fG3bR1HVk6HbJo/+6hTVkPY8bc4N73HlzvtS5WT+Zh6AEEFhwgO377dvAB4jiOxyfzGzIelP+ZzAbzbPrWxmZpVbbzyfTs+l/X4kf69SwR748mu1/n5h/j/47bwbsL8v1Dsjyti7R1jSLU/HP7q2nKIuSurAVqfoMQXRHVByENRH07SKYgpqfdf74k2oDdfW5RAReQWLPTJfCK5Bh6uZI7mx86FxlecYp6CD99S+pfWpWEbBH03RYppDZ2DIBr0GiASqWQmrL17jJDoCUR20AbqUiOg4DmyqsValRXuLpHGdWg56lG0Iq5dRVrIGt5hX2oXpS0t7RUxgvgp0bWh17Ae33o6Wg+zcbp/NPsbDWfLVfLaTZJk3g2n8fJdOS3qP0/I4T0o7zXf2mbdcfLfdnJ5/HX2XSeWb7V53SZPRB8IfeKlF25zvnv6Cwe2yW/KYlCmMyX4HxUug8badcXMli3cCZlXqLtPoE1odum/pNBk/lytczibDZeLaeLb9PFcuT7r+QHofvYR094FA7gfeg+f8k07xBO7UO3G0pSyUYYkBsoZd6NK1AibMOv+BWCFA6mW22w2r/G4dIlEnJ9oXEUPTqdnD0qx2DFol+yUYKUzG3EZxp4mJDrBdo1yKVYIh1FTwODHeL2VWL3h2QNxe6WDDekKQ2IplqjsrfVgtS6kEbDRskKjoPB0V225BU3fTAS3gARrAO8eQoAXtVSGSI66PEzLb5ITqeL1ddZMstGvlXwn8TePGyYIHWN6rZNOlJSmmcMekiwmiXn6SKL55Zqj/5h9uRVofu3Ag2NEIgMmZtuu4NcGc5oaso+sA5oqwqE3NnCugdolavw9je9y733tSA48P4fAAD//909lR4OCgAA"
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"2-1-storage1\"]",
"mode": "managed",
"type": "hcloud_server",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backup_window": "",
"backups": false,
"datacenter": "fsn1-dc14",
"delete_protection": false,
"firewall_ids": [
385507
],
"id": "20289430",
"ignore_remote_firewall_ids": false,
"image": "ubuntu-20.04",
"ipv4_address": "49.12.247.85",
"ipv6_address": "2a01:4f8:c012:d246::1",
"ipv6_network": "2a01:4f8:c012:d246::/64",
"iso": null,
"keep_disk": false,
"labels": {
"engine": "k3s",
"provisioner": "terraform"
},
"location": "fsn1",
"name": "clank-storage1-cgr",
"network": [],
"placement_group_id": 41238,
"rebuild_protection": false,
"rescue": "linux64",
"server_type": "cpx11",
"ssh_keys": [
"6372775"
],
"status": "running",
"timeouts": null,
"user_data": "1yw8VGJRSEcjXrZpwCMw7s5ae8A="
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.agents.data.cloudinit_config.config",
"module.kube-hetzner.module.agents.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"2-1-storage1\"]",
"mode": "managed",
"type": "hcloud_server_network",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"alias_ips": [],
"id": "20289430-1628275",
"ip": "10.2.0.102",
"mac_address": "86:00:00:0f:27:a2",
"network_id": null,
"server_id": 20289430,
"subnet_id": "1628275-10.2.0.0/16"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent",
"module.kube-hetzner.hcloud_placement_group.agent",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.agents.data.cloudinit_config.config",
"module.kube-hetzner.module.agents.hcloud_server.server",
"module.kube-hetzner.module.agents.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.agents[\"2-1-storage1\"]",
"mode": "managed",
"type": "random_string",
"name": "server",
"provider": "provider[\"registry.terraform.io/hashicorp/random\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"id": "cgr",
"keepers": {
"name": "clank-storage1"
},
"length": 3,
"lower": true,
"min_lower": 0,
"min_numeric": 0,
"min_special": 0,
"min_upper": 0,
"number": false,
"override_special": null,
"result": "cgr",
"special": false,
"upper": false
Add cloudflare
2022-05-08 15:51:41 +02:00
},
"sensitive_attributes": [],
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.agent"
]
}
]
},
{
"module": "module.kube-hetzner.module.control_planes[\"0-0-control-plane-fsn1\"]",
"mode": "data",
"type": "cloudinit_config",
"name": "config",
"provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"base64_encode": true,
"boundary": "MIMEBOUNDARY",
"gzip": true,
"id": "3900639102",
"part": [
{
"content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-control-plane-fsn1-xgb\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n",
"content_type": "text/cloud-config",
"filename": "init.cfg",
"merge_type": ""
}
],
"rendered": "H4sIAAAAAAAA/4xW3W7bOBO9F5B3GCgX/j6sJcVJi7YuDKxiu6nRysraStvdIjBocmyxlkgtScVWsA+/IJU0P06aheELzhyfMzwzHmkohUFhgqypsA9lXRheEWWiku+QvYelrAUjqhn4ySQZn6YX01E8+9P37Cn4gkpzKfrQC48OvAMvCO6DDrxb7hHXldTcOCwxhtC8RGHew4oXKEiJA58LbkK6Wvt3v8oUEXqFKhgLKhkX6z68WXJzD+BKNrgzES1kzQIqxYqvD7yEl7hX3OF9jOdtFTe4sAXovucdwtDFa4VgcoRK8StiEASarVQb4MKgWhGKXgC0le/DPx4AwGmaZuezNEsHHZbTquOC8yyeZUk6Gg86pDbSBiti8j5EaGikG92WEd3wR3xFV+sATd6ztYy4JssCQescKqL1VioGpDY5CsMpsT7u13F+A4wf4EBIl/3W632QakuUNfI2mJCdRWeKo4ZjF4qLQm4zWu2DXSZeozBP5GqTS8WvkX3CRn/gBUKodR6Rn/HFBhv9yAWd2y9btF6ELNrUSwxyNNcCVWij1ow5GlC4lNJAiSaXDIgGf1MrZP6+C7Ox7cciGWcf09HAoR6qGjtVhFpvSBHUFSMGf2oNFdquz4igOSpQWEm4GZg9pe+qRQWbEx1QWZZSBNrYvl26vJvrW6ZPJxqGDgP/a0H/d6Al0VirYpAbU+l+FKmqDG94Qy6jzYmOWnjUKkQlp0pKHQlJFM0dBwoLYIOeO62rNc2Rbm6O9gqLn7GjW8gGm+c0q3pZcBpusHlo3HVTVZGl0yGL9u8e2pT1MGbMDe5d78H1Xut88Wge+h5AYMEBsuPXr3vvII7jeHgyvSbDXvHXaNKbZuPXNjZJy6KZjsZnuz924lv6+SwRb49G2x/n5rfh38Om9+aCfH2XzE+rPG1cowg1v29+1HWRh9yVNUPNrxGiK6K6IKSBqGsHyeTEdLT7zxdEG7C7zy0q4AISa3Y6B16SNYbeWsmtzfediwyvOEXdh+++JfUvrUpCNgj6dovkUhs7BsA1aDRApVJITdF4t5k+0IKIjd1KRskiqAoiMFhp0Qt266VXKdSornBxhzeqRs9TtaAlc4sr1kCW8gq7UD4rbu9rqYwXwHeNrAudgHe60NHRdJwN0+mHydliOpkv5uNslCbxZDqNk/HAb1D7v0YI6UfrTve5vdYeL/dlRx+HnyfjaWb5Fh/TeXZP8JncC1J2+boefEVn9tCu+1VBFMJoOgfno9JdWEm7yJDBsoEzKdcF2jkgsCR0U1e/Mmg0nS/mWZxNhov5ePZlPJsPfP+FfC90H/sQCo/CHrwN3ec/meYdwql9/LbjSUpZCwNyBYVct4MLlAjb8Ct+hSCFg+lGGyz3r3E4d4mE7C40DqIHp5OzB+UYLFn0Q9ZKkIK53fhEAw8TspuhXYhcijnSQfQ40Nsibl4kdn9NVlNsb8lwRerCgKjLJSp7Wy1IpXNpNKyULOE46B3dZgtectMFI+EVEMFawKvHAOBlJZUhooUeP9Hii+R0PFt8niSTbOBbBf9R7NX9hglSVahu2qQjJaV5wqD7BItJcp7Osnhqqfbo72dPXhS6ez/QUAuByJC56bbbyJXhjKam6AJrgbaqQMitLax9lJZrFd78pnO59+YWBAfevwEAAP//ZWbgRxgKAAA="
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner.module.control_planes[\"0-0-control-plane-fsn1\"]",
"mode": "managed",
"type": "hcloud_server",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backup_window": "",
"backups": false,
"datacenter": "fsn1-dc14",
"delete_protection": false,
"firewall_ids": [
385507
],
"id": "20285806",
"ignore_remote_firewall_ids": false,
"image": "ubuntu-20.04",
"ipv4_address": "167.235.247.244",
"ipv6_address": "2a01:4f8:c012:d005::1",
"ipv6_network": "2a01:4f8:c012:d005::/64",
"iso": null,
"keep_disk": false,
"labels": {
"engine": "k3s",
"provisioner": "terraform"
},
"location": "fsn1",
"name": "clank-control-plane-fsn1-xgb",
"network": [],
"placement_group_id": 41239,
"rebuild_protection": false,
"rescue": "linux64",
"server_type": "cpx11",
"ssh_keys": [
"6372775"
],
"status": "running",
"timeouts": null,
"user_data": "q20D423pjuDyFaau0XZQMqAEBkU="
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.control_planes[\"0-0-control-plane-fsn1\"]",
"mode": "managed",
"type": "hcloud_server_network",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"alias_ips": [],
"id": "20285806-1628275",
"ip": "10.255.0.101",
"mac_address": "86:00:00:0f:24:bc",
"network_id": null,
"server_id": 20285806,
"subnet_id": "1628275-10.255.0.0/16"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.control_planes[\"0-0-control-plane-fsn1\"]",
"mode": "managed",
"type": "random_string",
"name": "server",
"provider": "provider[\"registry.terraform.io/hashicorp/random\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"id": "xgb",
"keepers": {
"name": "clank-control-plane-fsn1"
},
"length": 3,
"lower": true,
"min_lower": 0,
"min_numeric": 0,
"min_special": 0,
"min_upper": 0,
"number": false,
"override_special": null,
"result": "xgb",
"special": false,
"upper": false
},
"sensitive_attributes": [],
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane"
]
}
]
},
{
"module": "module.kube-hetzner.module.control_planes[\"1-0-control-plane-nbg1\"]",
"mode": "data",
"type": "cloudinit_config",
"name": "config",
"provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"base64_encode": true,
"boundary": "MIMEBOUNDARY",
"gzip": true,
"id": "995672426",
"part": [
{
"content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-control-plane-nbg1-qoq\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n",
"content_type": "text/cloud-config",
"filename": "init.cfg",
"merge_type": ""
}
],
"rendered": "H4sIAAAAAAAA/4xWYW/ayhL9bin/YeR84D09bIekVVsqpOcATVFrnAtO23urCC27A95i77q76xBH98df7TppSEiaK8SHnTmcM3tmGHsohUFhgqypsA9lXRheEWWikl8jew9LWQtGVDPwk0kyPk0vpqN49qfv2VPwBZXmUvShFx4deAdeEOyCDrw77hHXldTcOCwxhtC8RGHew4oXKEiJA58LbkK6Wvv3v8oUEXqFKhgLKhkX6z68WXKzA3AlG7w2ES1kzQIqxYqvD7yEl7hX3OEuxvO2ihtc2AJ03/MOYejitUIwOUKl+BUxCALNVqoNcGFQrQhFLwDayvfhbw8A4DRNs/NZmqWDDstp1XHBeRbPsiQdjQcdUhtpgxUxeR8iNDTSjW7LiG75I76iq3WAJu/ZWkZck2WBoHUOFdF6KxUDUpscheGUWB/36zi/BcYPcCCky37r9T5ItSXKGnkXTMi1RWeKo4ZjF4qLQm4zWu2DXSZeozBP5GqTS8VvkH3CRn/gBUKodR6RX/HFBhv9yAWd2y9btF6ELNrUSwxyNDcCVWij1ow5GlC4lNJAiSaXDIgGf1MrZP6+C7Ox7cciGWcf09HAoR6qGjtVhFpvSBHUFSMGf2kNFdquz4igOSpQWEm4HZg9pe+qRQWbEx1QWZZSBNrYvl26vJvrO6ZPJxqGDgP/aUH/daAl0VirYpAbU+l+FKmqDG95Qy6jzYmOWnjUKkQlp0pKHQlJFM0dBwoLYIOeO62rNc2Rbm6P9gqLX7GjO8gGm+c0q3pZcBpusHlo3E1TVZGl0yGL9u8e2pT1MGbMDe5978H1Xut88Wge+h5AYMEBsuPXr3vvII7jeHgyvSHDXvHXaNKbZuPXNjZJy6KZjsZn139ci2/p57NEvD0abX+cm/8Nfw6b3psL8vVdMj+t8rRxjSLU/H/zo66LPOSurBlqfoMQXRHVBSENRF07SCYnpqPdf74g2oDdfW5RAReQWLPTOfCSrDH01kpubb7vXGR4xSnqPnz3Lal/aVUSskHQd1skl9rYMQCuQaMBKpVCaorGu8v0gRZEbOxWMkoWQVUQgYFYrnvBT/nTqxRqVFe4uMcbVaPnqVrQkrnFFWsgS3mFXSifFbf3tVTGC+C7RtaFTsA7XejoaDrOhun0w+RsMZ3MF/NxNkqTeDKdxsl44Deo/d8jhPSjdaf73F5rj5f7sqOPw8+T8TSzfIuP6TzbEXwm94KUXb6uB1/RmT20635VEIUwms7B+ah0F1bSLjJksGzgTMp1gXYOCCwJ3dTV7wwaTeeLeRZnk+FiPp59Gc/mA99/Id8L3cc+hMKjsAdvQ/f5V6Z5h3BqH7/teJJS1sKAXEEh1+3gAiXCNvyKXyFI4WC60QbL/Wsczl0iIdcXGgfRg9PJ2YNyDJYs+iFrJUjB3G58ooGHCbmeoV2IXIo50kH0ONDbIm5eJHZ/TVZTbG/JcEXqwoCoyyUqe1stSKVzaTSslCzhOOgd3WULXnLTBSPhFRDBWsCrxwDgZSWVIaKFHj/R4ovkdDxbfJ4kk2zgWwX/UezVbsMEqSpUt23SkZLSPGHQLsFikpynsyyeWqo9+t3syYtC9+8HGmohEBkyN912G7kynNHUFF1gLdBWFQi5tYW1j9JyrcLb33Qu997cguDA+ycAAP//VEY9HRgKAAA="
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner.module.control_planes[\"1-0-control-plane-nbg1\"]",
"mode": "managed",
"type": "hcloud_server",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backup_window": "",
"backups": false,
"datacenter": "nbg1-dc3",
"delete_protection": false,
"firewall_ids": [
385507
],
"id": "20285810",
"ignore_remote_firewall_ids": false,
"image": "ubuntu-20.04",
"ipv4_address": "116.203.29.245",
"ipv6_address": "2a01:4f8:1c1e:c5b4::1",
"ipv6_network": "2a01:4f8:1c1e:c5b4::/64",
"iso": null,
"keep_disk": false,
"labels": {
"engine": "k3s",
"provisioner": "terraform"
},
"location": "nbg1",
"name": "clank-control-plane-nbg1-qoq",
"network": [],
"placement_group_id": 41239,
"rebuild_protection": false,
"rescue": "linux64",
"server_type": "cpx11",
"ssh_keys": [
"6372775"
],
"status": "running",
"timeouts": null,
"user_data": "sd58J9GBO6v2yR7ice2U4SlzYwA="
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.control_planes[\"1-0-control-plane-nbg1\"]",
"mode": "managed",
"type": "hcloud_server_network",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"alias_ips": [],
"id": "20285810-1628275",
"ip": "10.254.0.101",
"mac_address": "86:00:00:0f:24:c2",
"network_id": null,
"server_id": 20285810,
"subnet_id": "1628275-10.254.0.0/16"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.control_planes[\"1-0-control-plane-nbg1\"]",
"mode": "managed",
"type": "random_string",
"name": "server",
"provider": "provider[\"registry.terraform.io/hashicorp/random\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"id": "qoq",
"keepers": {
"name": "clank-control-plane-nbg1"
},
"length": 3,
"lower": true,
"min_lower": 0,
"min_numeric": 0,
"min_special": 0,
"min_upper": 0,
"number": false,
"override_special": null,
"result": "qoq",
"special": false,
"upper": false
},
"sensitive_attributes": [],
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane"
]
}
]
},
{
"module": "module.kube-hetzner.module.control_planes[\"2-0-control-plane-hel1\"]",
"mode": "data",
"type": "cloudinit_config",
"name": "config",
"provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"base64_encode": true,
"boundary": "MIMEBOUNDARY",
"gzip": true,
"id": "1329203202",
"part": [
{
"content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-control-plane-hel1-ugh\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n",
"content_type": "text/cloud-config",
"filename": "init.cfg",
"merge_type": ""
}
],
"rendered": "H4sIAAAAAAAA/4xW4W/ayBP9bin/w8j5wO+nw3ZIWrWlQjoHaIpa4xw4be+qCC27A95i7/p21yGO7o8/7TppSEiaE+LDzjzem30zHjOUwqAwQdZU2IeyLgyviDJRya+RvYelrAUjqhn4ySQZn6YX01E8+9P37Cn4gkpzKfrQC48OvAMvCHZBB94d94jrSmpuHJYYQ2heojDvYcULFKTEgc8FNyFdrf37X2WKCL1CFYwFlYyLdR/eLLnZAbiSDV6biBayZgGVYsXXB17CS9wr7nAX43lbxQ0ubAG673mHMHTxWiGYHKFS/IoYBIFmK9UGuDCoVoSiFwBt5fvwjwcAcJqm2fkszdJBh+W06rjgPItnWZKOxoMOqY20wYqYvA8RGhrpRrdlRLf8EV/R1TpAk/dsLSOuybJA0DqHimi9lYoBqU2OwnBKrI/7dZzfAuMHOBDSZb/1eh+k2hJljbwLJuTaojPFUcOxC8VFIbcZrfbBLhOvUZgncrXJpeI3yD5hoz/wAiHUOo/Iz/hig41+5ILO7ZctWi9CFm3qJQY5mhuBKrRRa8YcDShcSmmgRJNLBkSDv6kVMn/fhdnY9mORjLOP6WjgUA9VjZ0qQq03pAjqihGDP7WGCm3XZ0TQHBUorCTcDsye0nfVooLNiQ6oLEspAm1s3y5d3s31HdOnEw1Dh4H/taD/O9CSaKxVMciNqXQ/ilRVhre8IZfR5kRHLTxqFaKSUyWljoQkiuaOA4UFsEHPndbVmuZIN7dHe4XFz9jRHWSDzXOaVb0sOA032Dw07qapqsjS6ZBF+3cPbcp6GDPmBve+9+B6r3W+eDQPfQ8gsOAA2fHr1713EMdxPDyZ3pBhr/hrNOlNs/FrG5ukZdFMR+Oz6z+uxbf081ki3h6Ntj/OzW/Dv4dN780F+foumZ9Wedq4RhFqft/8qOsiD7kra4aa3yBEV0R1QUgDUdcOksmJ6Wj3zBdEG7C7zy0q4AISa3Y6B16SNYbeWsmtzfediwyvOEXdh+++JfUvrUpCNgj6bovkUhs7BsA1aDRApVJITdF4d5k+0IKIjd1KRskiqAoi7CNQ9IJ6nXuVQo3qChf3eKNq9DxVC1oyt7hiDWQpr7AL5bPi9r6WyngBfNfIutAJeKcLHR1Nx9kwnX6YnC2mk/liPs5GaRJPptM4GQ/8BrX/a4SQfrTudJ/ba+3xcl929HH4eTKeZpZv8TGdZzuCz+RekLLL1/XgKzqzh3bdrwqiEEbTOTgfle7CStpFhgyWDZxJuS7QzgGBJaGbuvqVQaPpfDHP4mwyXMzHsy/j2Xzg+y/ke6H72JdQeBT24G3oPv/JNO8QTu3rtx1PUspaGJArKOS6HVygRNiGX/ErBCkcTDfaYLl/jcO5SyTk+kLjIHpwOjl7UI7BkkU/ZK0EKZjbjU808DAh1zO0C5FLMUc6iB4HelvEzYvE7tFkNcX2lgxXpC4MiLpcorK31YJUOpdGw0rJEo6D3tFdtuAlN10wEl4BEawFvHoMAF5WUhkiWujxEy2+SE7Hs8XnSTLJBr5V8B/FXu02TJCqQnXbJh0pKc0TBu0SLCbJeTrL4qml2qPfzZ68KHT//0BDLQQiQ+am224jV4YzmpqiC6wF2qoCIbe2sPZVWq5VePubzuXeP7cgOPD+DQAA//9dHkfzGAoAAA=="
},
"sensitive_attributes": []
}
]
},
{
"module": "module.kube-hetzner.module.control_planes[\"2-0-control-plane-hel1\"]",
"mode": "managed",
"type": "hcloud_server",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"backup_window": "",
"backups": false,
"datacenter": "hel1-dc2",
"delete_protection": false,
"firewall_ids": [
385507
],
"id": "20285808",
"ignore_remote_firewall_ids": false,
"image": "ubuntu-20.04",
"ipv4_address": "65.108.211.112",
"ipv6_address": "2a01:4f9:c012:5e83::1",
"ipv6_network": "2a01:4f9:c012:5e83::/64",
"iso": null,
"keep_disk": false,
"labels": {
"engine": "k3s",
"provisioner": "terraform"
},
"location": "hel1",
"name": "clank-control-plane-hel1-ugh",
"network": [],
"placement_group_id": 41239,
"rebuild_protection": false,
"rescue": "linux64",
"server_type": "cpx11",
"ssh_keys": [
"6372775"
],
"status": "running",
"timeouts": null,
"user_data": "F4b9NkwJcbpEFxr8BVunS+1C0zo="
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.control_planes[\"2-0-control-plane-hel1\"]",
"mode": "managed",
"type": "hcloud_server_network",
"name": "server",
"provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"alias_ips": [],
"id": "20285808-1628275",
"ip": "10.253.0.101",
"mac_address": "86:00:00:0f:24:c3",
"network_id": null,
"server_id": 20285808,
"subnet_id": "1628275-10.253.0.0/16"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"module.kube-hetzner.hcloud_firewall.k3s",
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane",
"module.kube-hetzner.hcloud_placement_group.control_plane",
"module.kube-hetzner.hcloud_ssh_key.k3s",
"module.kube-hetzner.module.control_planes.data.cloudinit_config.config",
"module.kube-hetzner.module.control_planes.hcloud_server.server",
"module.kube-hetzner.module.control_planes.random_string.server"
]
}
]
},
{
"module": "module.kube-hetzner.module.control_planes[\"2-0-control-plane-hel1\"]",
"mode": "managed",
"type": "random_string",
"name": "server",
"provider": "provider[\"registry.terraform.io/hashicorp/random\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"id": "ugh",
"keepers": {
"name": "clank-control-plane-hel1"
},
"length": 3,
"lower": true,
"min_lower": 0,
"min_numeric": 0,
"min_special": 0,
"min_upper": 0,
"number": false,
"override_special": null,
"result": "ugh",
"special": false,
"upper": false
},
"sensitive_attributes": [],
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==",
"dependencies": [
"module.kube-hetzner.hcloud_network.k3s",
"module.kube-hetzner.hcloud_network_subnet.control_plane"
]
}
]
}
]
}
Reference in New Issue Copy Permalink