deploy/base/deploy-external-dns.yaml

@@ -1,20 +0,0 @@
-# Patch external-dns with AWS credentials because helm chart inflation happens
-# too early.
----
-- op: add
-  path: /spec/template/spec/containers/0/volumeMounts
-  value:
-  - name: aws-credentials
-    mountPath: /.aws
-    readOnly: true
-- op: replace
-  path: /spec/template/spec/volumes
-  value:
-  - name: aws-credentials
-    secret:
-      secretName: aws-do-external-dns-credentials
-- op: add
-  path: /spec/template/spec/containers/0/env
-  value:
-    - name: AWS_SHARED_CREDENTIALS_FILE
-      value: /.aws/credentials

deploy/base/inflated/external-dns/templates/clusterrole.yaml

@@ -1,92 +0,0 @@
----
-# Source: external-dns/templates/clusterrole.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: external-dns
-  labels: 
-    app.kubernetes.io/name: external-dns
-    helm.sh/chart: external-dns-6.3.0
-    app.kubernetes.io/instance: external-dns
-    app.kubernetes.io/managed-by: Helm
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - services
-      - pods
-      - nodes
-      - endpoints
-    verbs:
-      - get
-      - list
-      - watch
-  - apiGroups:
-      - extensions
-      - "networking.k8s.io"
-      - getambassador.io
-    resources:
-      - ingresses
-      - hosts
-    verbs:
-      - get
-      - list
-      - watch
-  - apiGroups:
-      - route.openshift.io
-    resources:
-      - routes
-    verbs:
-      - get
-      - list
-      - watch
-  - apiGroups:
-      - networking.istio.io
-    resources:
-      - gateways
-      - virtualservices
-    verbs:
-      - get
-      - list
-      - watch
-  - apiGroups:
-      - zalando.org
-    resources:
-      - routegroups
-    verbs:
-      - get
-      - list
-      - watch
-  - apiGroups:
-      - zalando.org
-    resources:
-      - routegroups/status
-    verbs:
-      - patch
-      - update
-  - apiGroups:
-      - projectcontour.io
-    resources:
-      - httpproxies
-    verbs:
-      - get
-      - watch
-      - list
-  - apiGroups:
-      - gloo.solo.io
-      - gateway.solo.io
-    resources:
-      - proxies
-      - virtualservices
-    verbs:
-      - get
-      - list
-      - watch
-  - apiGroups:
-      - configuration.konghq.com
-    resources:
-      - tcpingresses
-    verbs:
-      - get
-      - list
-      - watch

deploy/base/inflated/external-dns/templates/clusterrolebinding.yaml

@@ -1,19 +0,0 @@
----
-# Source: external-dns/templates/clusterrolebinding.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: external-dns
-  labels: 
-    app.kubernetes.io/name: external-dns
-    helm.sh/chart: external-dns-6.3.0
-    app.kubernetes.io/instance: external-dns
-    app.kubernetes.io/managed-by: Helm
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: external-dns
-subjects:
-  - kind: ServiceAccount
-    name: external-dns
-    namespace: default

deploy/base/inflated/external-dns/templates/deployment.yaml

@@ -1,106 +0,0 @@
----
-# Source: external-dns/templates/deployment.yaml
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: external-dns
-  namespace: default
-  labels: 
-    app.kubernetes.io/name: external-dns
-    helm.sh/chart: external-dns-6.3.0
-    app.kubernetes.io/instance: external-dns
-    app.kubernetes.io/managed-by: Helm
-spec:
-  replicas: 1
-  selector:
-    matchLabels: 
-      app.kubernetes.io/name: external-dns
-      app.kubernetes.io/instance: external-dns
-  template:
-    metadata:
-      labels: 
-        app.kubernetes.io/name: external-dns
-        helm.sh/chart: external-dns-6.3.0
-        app.kubernetes.io/instance: external-dns
-        app.kubernetes.io/managed-by: Helm
-      annotations:
-    spec:
-      
-      securityContext:
-        fsGroup: 1001
-        runAsUser: 1001
-      affinity:
-        podAffinity:
-          
-        podAntiAffinity:
-          preferredDuringSchedulingIgnoredDuringExecution:
-            - podAffinityTerm:
-                labelSelector:
-                  matchLabels:
-                    app.kubernetes.io/name: external-dns
-                    app.kubernetes.io/instance: external-dns
-                namespaces:
-                  - "default"
-                topologyKey: kubernetes.io/hostname
-              weight: 1
-        nodeAffinity:
-          
-      serviceAccountName: external-dns
-      containers:
-        - name: external-dns
-          image: "docker.io/bitnami/external-dns:0.11.1-debian-10-r1"
-          imagePullPolicy: "IfNotPresent"
-          args:
-            # Generic arguments
-            - --metrics-address=:7979
-            - --log-level=info
-            - --log-format=text
-            - --policy=upsert-only
-            - --provider=aws
-            - --registry=txt
-            - --interval=1m
-            - --source=service
-            - --source=ingress
-            # AWS arguments
-            - --aws-api-retries=3
-            - --aws-zone-type=
-            - --aws-batch-change-size=1000
-          env:
-            # AWS environment variables
-            - name: AWS_DEFAULT_REGION
-              value: us-east-1
-          envFrom:
-          ports:
-            - name: http
-              containerPort: 7979
-          livenessProbe:
-            httpGet:
-              path: /healthz
-              port: http
-            initialDelaySeconds: 10
-            periodSeconds: 10
-            timeoutSeconds: 5
-            successThreshold: 1
-            failureThreshold: 2
-          readinessProbe:
-            httpGet:
-              path: /healthz
-              port: http
-            initialDelaySeconds: 5
-            periodSeconds: 10
-            timeoutSeconds: 5
-            successThreshold: 1
-            failureThreshold: 6
-          resources:
-            limits: {}
-            requests: {}
-          volumeMounts:
-            # AWS mountPath(s)
-            - name: aws-credentials
-              mountPath: /.aws
-              readOnly: true
-      volumes:
-        # AWS volume(s)
-        - name: aws-credentials
-          secret:
-            secretName: foo

deploy/base/inflated/external-dns/templates/service.yaml

@@ -1,22 +0,0 @@
----
-# Source: external-dns/templates/service.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  name: external-dns
-  namespace: default
-  labels: 
-    app.kubernetes.io/name: external-dns
-    helm.sh/chart: external-dns-6.3.0
-    app.kubernetes.io/instance: external-dns
-    app.kubernetes.io/managed-by: Helm
-spec:
-  ports:
-    - name: http
-      port: 7979
-      protocol: TCP
-      targetPort: http
-  selector: 
-    app.kubernetes.io/name: external-dns
-    app.kubernetes.io/instance: external-dns
-  type: ClusterIP

deploy/base/inflated/external-dns/templates/serviceaccount.yaml

@@ -1,13 +0,0 @@
----
-# Source: external-dns/templates/serviceaccount.yaml
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: external-dns
-  namespace: default
-  labels: 
-    app.kubernetes.io/name: external-dns
-    helm.sh/chart: external-dns-6.3.0
-    app.kubernetes.io/instance: external-dns
-    app.kubernetes.io/managed-by: Helm
-automountServiceAccountToken: true

deploy/base/inflated/kubernetes-replicator/templates/deployment.yaml

@@ -1,59 +0,0 @@
----
-# Source: kubernetes-replicator/templates/deployment.yaml
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: kubernetes-replicator
-  labels:
-    helm.sh/chart: kubernetes-replicator-2.7.3
-    app.kubernetes.io/name: kubernetes-replicator
-    app.kubernetes.io/instance: kubernetes-replicator
-    app.kubernetes.io/version: "v2.7.3"
-    app.kubernetes.io/managed-by: Helm
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: kubernetes-replicator
-      app.kubernetes.io/instance: kubernetes-replicator
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: kubernetes-replicator
-        app.kubernetes.io/instance: kubernetes-replicator
-    spec:
-      serviceAccountName: kubernetes-replicator
-      securityContext:
-        {}
-      containers:
-        - name: kubernetes-replicator
-          securityContext:
-            {}
-          image: "quay.io/mittwald/kubernetes-replicator:v2.7.3"
-          imagePullPolicy: Always
-          args:
-            []
-          ports:
-            - name: health
-              containerPort: 9102
-              protocol: TCP
-          livenessProbe:
-            httpGet:
-              path: /healthz
-              port: health
-            initialDelaySeconds: 60
-            periodSeconds: 10
-            timeoutSeconds: 1
-            successThreshold: 1
-            failureThreshold: 3
-          readinessProbe:
-            httpGet:
-              path: /healthz
-              port: health
-            initialDelaySeconds: 60
-            periodSeconds: 10
-            timeoutSeconds: 1
-            successThreshold: 1
-            failureThreshold: 3
-          resources:
-            {}

deploy/base/inflated/kubernetes-replicator/templates/rbac.yaml

@@ -1,54 +0,0 @@
----
-# Source: kubernetes-replicator/templates/rbac.yaml
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: kubernetes-replicator
-  labels:
-    helm.sh/chart: kubernetes-replicator-2.7.3
-    app.kubernetes.io/name: kubernetes-replicator
-    app.kubernetes.io/instance: kubernetes-replicator
-    app.kubernetes.io/version: "v2.7.3"
-    app.kubernetes.io/managed-by: Helm
----
-# Source: kubernetes-replicator/templates/rbac.yaml
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: kubernetes-replicator
-  labels:
-    helm.sh/chart: kubernetes-replicator-2.7.3
-    app.kubernetes.io/name: kubernetes-replicator
-    app.kubernetes.io/instance: kubernetes-replicator
-    app.kubernetes.io/version: "v2.7.3"
-    app.kubernetes.io/managed-by: Helm
-rules:
-  - apiGroups: [ "" ]
-    resources: [ "namespaces" ]
-    verbs: [ "get", "watch", "list" ]
-  - apiGroups: [""]
-    resources: ["secrets", "configmaps"]
-    verbs: ["get", "watch", "list", "create", "update", "patch", "delete"]
-  - apiGroups: ["rbac.authorization.k8s.io"]
-    resources: ["roles", "rolebindings"]
-    verbs: ["get", "watch", "list", "create", "update", "patch", "delete"]
----
-# Source: kubernetes-replicator/templates/rbac.yaml
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: kubernetes-replicator
-  labels:
-    helm.sh/chart: kubernetes-replicator-2.7.3
-    app.kubernetes.io/name: kubernetes-replicator
-    app.kubernetes.io/instance: kubernetes-replicator
-    app.kubernetes.io/version: "v2.7.3"
-    app.kubernetes.io/managed-by: Helm
-roleRef:
-  kind: ClusterRole
-  name: kubernetes-replicator
-  apiGroup: rbac.authorization.k8s.io
-subjects:
-  - kind: ServiceAccount
-    name: kubernetes-replicator
-    namespace: "default"

deploy/base/kustomization.yaml

@@ -69,15 +69,6 @@ resources:
 - inflated/grafana/templates/podsecuritypolicy.yaml
 - inflated/grafana/templates/configmap.yaml
 - inflated/grafana/templates/clusterrolebinding.yaml
-# kubernetes-replicator
-- inflated/kubernetes-replicator/templates/deployment.yaml
-- inflated/kubernetes-replicator/templates/rbac.yaml
-# external-dns
-- inflated/external-dns/templates/serviceaccount.yaml
-- inflated/external-dns/templates/deployment.yaml
-- inflated/external-dns/templates/service.yaml
-- inflated/external-dns/templates/clusterrole.yaml
-- inflated/external-dns/templates/clusterrolebinding.yaml
 
 - ingress.yaml
 
@@ -114,11 +105,6 @@ configMapGenerator:
   - init-directory-structure.sh=gitea-init-directory-structure.sh
   - setup.sh=gitea-setup.sh
 
-secretGenerator:
-- name: aws-do-external-dns-credentials
-  files:
-  - credentials=secrets/aws-do-external-dns-credentials
-
 patches:
 # Patch the ingress-nginx service to expose port 22 for Gitea SSH access.
 - target:
@@ -130,8 +116,3 @@ patches:
     kind: Deployment
     name: ingress-nginx-controller
   path: deploy-ingress-nginx.yaml
-
-- target:
-    kind: Deployment
-    name: external-dns
-  path: deploy-external-dns.yaml