Skip to content

Deploy releases/k8s-manifests d9038b0 #81

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
themightychris merged 8 commits into from
May 15, 2025
Merged

Deploy releases/k8s-manifests d9038b0 #81

themightychris merged 8 commits into from
May 15, 2025

Conversation

@github-actions
Copy link

@github-actions github-actions bot commented May 11, 2025
edited
Loading

kubectl diff reports that applying d9038b0 will change:

diff -uN /tmp/LIVE-4081220551/rbac.authorization.k8s.io.v1.ClusterRole..sealed-secrets-access /tmp/MERGED-2679479339/rbac.authorization.k8s.io.v1.ClusterRole..sealed-secrets-access
--- /tmp/LIVE-4081220551/rbac.authorization.k8s.io.v1.ClusterRole..sealed-secrets-access	2025-05-15 21:19:52.542363540 +0000
+++ /tmp/MERGED-2679479339/rbac.authorization.k8s.io.v1.ClusterRole..sealed-secrets-access	2025-05-15 21:19:52.717364987 +0000
@@ -1 +1,23 @@
-{}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: sealed-secrets-access
+rules:
+- resourceNames:
+  - sealed-secrets-controller
+  resources:
+  - services
+  verbs:
+  - get
+- apiGroups:
+  - bitnami.com
+  resources:
+  - sealedsecrets
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
diff -uN /tmp/LIVE-4081220551/rbac.authorization.k8s.io.v1.ClusterRoleBinding..sealed-secrets-access-choose-native-plants /tmp/MERGED-2679479339/rbac.authorization.k8s.io.v1.ClusterRoleBinding..sealed-secrets-access-choose-native-plants
--- /tmp/LIVE-4081220551/rbac.authorization.k8s.io.v1.ClusterRoleBinding..sealed-secrets-access-choose-native-plants	2025-05-15 21:19:52.551363614 +0000
+++ /tmp/MERGED-2679479339/rbac.authorization.k8s.io.v1.ClusterRoleBinding..sealed-secrets-access-choose-native-plants	2025-05-15 21:19:52.724365045 +0000
@@ -1 +1,12 @@
-{}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: sealed-secrets-access-choose-native-plants
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: sealed-secrets-access
+subjects:
+- kind: ServiceAccount
+  name: deployment-admin
+  namespace: choose-native-plants
diff -uN /tmp/LIVE-3349692993/apps.v1.Deployment.choose-native-plants.choose-native-plants /tmp/MERGED-4254638731/apps.v1.Deployment.choose-native-plants.choose-native-plants
--- /tmp/LIVE-3349692993/apps.v1.Deployment.choose-native-plants.choose-native-plants	2025-05-15 21:19:55.548387124 +0000
+++ /tmp/MERGED-4254638731/apps.v1.Deployment.choose-native-plants.choose-native-plants	2025-05-15 21:19:55.561387224 +0000
@@ -42,18 +42,9 @@
               key: password
               name: mongo
               optional: false
-        - name: PAC_API_BASE_URL
-          valueFrom:
-            secretKeyRef:
-              key: PAC_API_BASE_URL
-              name: pac-api
-              optional: false
-        - name: PAC_API_KEY
-          valueFrom:
-            secretKeyRef:
-              key: PAC_API_KEY
-              name: pac-api
-              optional: false
+        envFrom:
+        - secretRef:
+            name: pac-api
         image: mongo:5.0.6
         imagePullPolicy: IfNotPresent
         name: choose-native-plants-db
@@ -106,6 +97,18 @@
               key: IMAGE_URLS_SHEET_ID
               name: app
               optional: false
+        - name: PAC_API_BASE_URL
+          valueFrom:
+            secretKeyRef:
+              key: PAC_API_BASE_URL
+              name: pac-api
+              optional: false
+        - name: PAC_API_KEY
+          valueFrom:
+            secretKeyRef:
+              key: PAC_API_KEY
+              name: pac-api
+              optional: false
         - name: SUPERPLANTS_CSV_URL
           valueFrom:
             secretKeyRef:
@@ -142,48 +145,6 @@
               key: SERVICE_ACCOUNT
               name: app
               optional: false
-        - name: PAC_API_BASE_URL
-          valueFrom:
-            secretKeyRef:
-              key: PAC_API_BASE_URL
-              name: pac-api
-              optional: false
-        - name: PAC_API_KEY
-          valueFrom:
-            secretKeyRef:
-              key: PAC_API_KEY
-              name: pac-api
-              optional: false
-        - name: AWS_ACCESS_KEY_ID
-          valueFrom:
-            secretKeyRef:
-              key: AWS_ACCESS_KEY_ID
-              name: linode-storage
-              optional: false
-        - name: AWS_SECRET_ACCESS_KEY
-          valueFrom:
-            secretKeyRef:
-              key: AWS_SECRET_ACCESS_KEY
-              name: linode-storage
-              optional: false
-        - name: AWS_DEFAULT_REGION
-          valueFrom:
-            secretKeyRef:
-              key: AWS_DEFAULT_REGION
-              name: linode-storage
-              optional: false
-        - name: LINODE_BUCKET_NAME
-          valueFrom:
-            secretKeyRef:
-              key: LINODE_BUCKET_NAME
-              name: linode-storage
-              optional: false
-        - name: LINODE_ENDPOINT_URL
-          valueFrom:
-            secretKeyRef:
-              key: LINODE_ENDPOINT_URL
-              name: linode-storage
-              optional: false
         envFrom:
         - configMapRef:
             name: app-config
@@ -205,11 +166,6 @@
         - containerPort: 3000
           name: http
           protocol: TCP
-        resources:
-          limits:
-            memory: 2Gi
-          requests:
-            memory: 1Gi
         terminationMessagePath: /dev/termination-log
         terminationMessagePolicy: File
         volumeMounts:
diff -uN /tmp/LIVE-3349692993/rbac.authorization.k8s.io.v1.Role.choose-native-plants.deployment-admin /tmp/MERGED-4254638731/rbac.authorization.k8s.io.v1.Role.choose-native-plants.deployment-admin
--- /tmp/LIVE-3349692993/rbac.authorization.k8s.io.v1.Role.choose-native-plants.deployment-admin	2025-05-15 21:19:55.553387163 +0000
+++ /tmp/MERGED-4254638731/rbac.authorization.k8s.io.v1.Role.choose-native-plants.deployment-admin	2025-05-15 21:19:55.565387255 +0000
@@ -77,3 +77,15 @@
   - update
   - patch
   - delete
+- apiGroups:
+  - bitnami.com
+  resources:
+  - sealedsecrets
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete

@github-actions github-actions bot changed the title Deploy releases/k8s-manifests 556ef13 Deploy releases/k8s-manifests 6dd03cd May 12, 2025
Zachary Leahan and others added 3 commits May 15, 2025 17:16
@github-actions github-actions bot changed the title Deploy releases/k8s-manifests 6dd03cd Deploy releases/k8s-manifests d9038b0 May 15, 2025
@themightychris themightychris merged commit ec117ad into deploys/k8s-manifests May 15, 2025
1 check passed
@github-actions
Copy link
Author

github-actions bot commented May 15, 2025

kubectl apply output (excluding unchanged) for ec117ad was:

customresourcedefinition.apiextensions.k8s.io/sealedsecrets.bitnami.com configured
clusterrole.rbac.authorization.k8s.io/grafana-clusterrole configured
clusterrole.rbac.authorization.k8s.io/prometheus-alertmanager configured
clusterrole.rbac.authorization.k8s.io/prometheus-pushgateway configured
clusterrole.rbac.authorization.k8s.io/sealed-secrets-access created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-webhook:subjectaccessreviews configured
clusterrolebinding.rbac.authorization.k8s.io/sealed-secrets-access-choose-native-plants created
clusterrolebinding.rbac.authorization.k8s.io/sealed-secrets configured
mutatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook configured
validatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook configured
validatingwebhookconfiguration.admissionregistration.k8s.io/ingress-nginx-admission configured
configmap/cert-manager-webhook configured
configmap/cert-manager configured
rolebinding.rbac.authorization.k8s.io/cert-manager-webhook:dynamic-serving configured
deployment.apps/choose-native-plants configured
role.rbac.authorization.k8s.io/deployment-admin configured
statefulset.apps/data-warehouse-postgresql configured
configmap/grafana-dashboards-default configured
deployment.apps/grafana configured
deployment.apps/ingress-nginx-controller configured
deployment.apps/metrics-server configured
rolebinding.rbac.authorization.k8s.io/cert-manager:leaderelection configured
secret/promtail configured
statefulset.apps/loki configured
statefulset.apps/database configured
deployment.apps/prometheus-alertmanager configured
deployment.apps/prometheus-kube-state-metrics configured
deployment.apps/prometheus-pushgateway configured
deployment.apps/prometheus-server configured
serviceaccount/prometheus-kube-state-metrics configured
deployment.apps/sealed-secrets configured
rolebinding.rbac.authorization.k8s.io/sealed-secrets-key-admin configured
service/sealed-secrets configured

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ZacharyLeahan @themightychris