diff --git a/templates/config/kubernetes/apps/cert-manager/cert-manager/issuers/issuers.yaml.j2 b/templates/config/kubernetes/apps/cert-manager/cert-manager/issuers/clusterissuers.yaml.j2 similarity index 100% rename from templates/config/kubernetes/apps/cert-manager/cert-manager/issuers/issuers.yaml.j2 rename to templates/config/kubernetes/apps/cert-manager/cert-manager/issuers/clusterissuers.yaml.j2 diff --git a/templates/config/kubernetes/apps/cert-manager/cert-manager/issuers/kustomization.yaml.j2 b/templates/config/kubernetes/apps/cert-manager/cert-manager/issuers/kustomization.yaml.j2 index fd43d965ee7..74f27f036b0 100644 --- a/templates/config/kubernetes/apps/cert-manager/cert-manager/issuers/kustomization.yaml.j2 +++ b/templates/config/kubernetes/apps/cert-manager/cert-manager/issuers/kustomization.yaml.j2 @@ -4,4 +4,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./secret.sops.yaml - - ./issuers.yaml + - ./clusterissuers.yaml diff --git a/templates/config/kubernetes/apps/cert-manager/cert-manager/issuers/secret.sops.yaml.j2 b/templates/config/kubernetes/apps/cert-manager/cert-manager/issuers/secret.sops.yaml.j2 index 16e7020fce1..76d98ebf177 100644 --- a/templates/config/kubernetes/apps/cert-manager/cert-manager/issuers/secret.sops.yaml.j2 +++ b/templates/config/kubernetes/apps/cert-manager/cert-manager/issuers/secret.sops.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/secret-v1.json apiVersion: v1 kind: Secret metadata: diff --git a/templates/config/kubernetes/apps/cert-manager/namespace.yaml.j2 b/templates/config/kubernetes/apps/cert-manager/namespace.yaml.j2 index ed788350f1a..4c97ba2ae2a 100644 --- a/templates/config/kubernetes/apps/cert-manager/namespace.yaml.j2 +++ b/templates/config/kubernetes/apps/cert-manager/namespace.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/namespace-v1.json apiVersion: v1 kind: Namespace metadata: diff --git a/templates/config/kubernetes/apps/flux-system/flux-operator/instance/github/webhooks/secret.sops.yaml.j2 b/templates/config/kubernetes/apps/flux-system/flux-operator/instance/github/webhooks/secret.sops.yaml.j2 index ba68848aa7c..ae3b6eeaf77 100644 --- a/templates/config/kubernetes/apps/flux-system/flux-operator/instance/github/webhooks/secret.sops.yaml.j2 +++ b/templates/config/kubernetes/apps/flux-system/flux-operator/instance/github/webhooks/secret.sops.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/secret-v1.json apiVersion: v1 kind: Secret metadata: diff --git a/templates/config/kubernetes/apps/flux-system/namespace.yaml.j2 b/templates/config/kubernetes/apps/flux-system/namespace.yaml.j2 index b48db4521b3..2f99e33251f 100644 --- a/templates/config/kubernetes/apps/flux-system/namespace.yaml.j2 +++ b/templates/config/kubernetes/apps/flux-system/namespace.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/namespace-v1.json apiVersion: v1 kind: Namespace metadata: diff --git a/templates/config/kubernetes/apps/kube-system/cilium/config/cilium-l3.yaml.j2 b/templates/config/kubernetes/apps/kube-system/cilium/config/bgppeeringpolicy.yaml.j2 similarity index 78% rename from templates/config/kubernetes/apps/kube-system/cilium/config/cilium-l3.yaml.j2 rename to templates/config/kubernetes/apps/kube-system/cilium/config/bgppeeringpolicy.yaml.j2 index 1c25cd17252..bbd3c0f3338 100644 --- a/templates/config/kubernetes/apps/kube-system/cilium/config/cilium-l3.yaml.j2 +++ b/templates/config/kubernetes/apps/kube-system/cilium/config/bgppeeringpolicy.yaml.j2 @@ -1,6 +1,6 @@ #% if bgp.enabled %# --- -# https://docs.cilium.io/en/latest/network/bgp-control-plane/ +# yaml-language-server: $schema=https://datreeio.github.io/CRDs-catalog/cilium.io/ciliumbgppeeringpolicy_v2alpha1.json apiVersion: cilium.io/v2alpha1 kind: CiliumBGPPeeringPolicy metadata: @@ -29,13 +29,4 @@ spec: serviceSelector: matchExpressions: - {key: somekey, operator: NotIn, values: ['never-used-value']} ---- -apiVersion: cilium.io/v2alpha1 -kind: CiliumLoadBalancerIPPool -metadata: - name: l3-pool -spec: - allowFirstLastIPs: "Yes" - blocks: - - cidr: "#{ bgp.advertised_network }#" #% endif %# diff --git a/templates/config/kubernetes/apps/kube-system/cilium/config/kustomization.yaml.j2 b/templates/config/kubernetes/apps/kube-system/cilium/config/kustomization.yaml.j2 index b07720f29de..33dc04b7349 100644 --- a/templates/config/kubernetes/apps/kube-system/cilium/config/kustomization.yaml.j2 +++ b/templates/config/kubernetes/apps/kube-system/cilium/config/kustomization.yaml.j2 @@ -4,9 +4,11 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: #% if bgp.enabled %# - - ./cilium-l3.yaml + - ./bgppeeringpolicy.yaml + - ./loadbalancerippool.yaml #% elif not feature_gates.dual_stack_ipv4_first %# - - ./cilium-l2.yaml + - ./l2announcementpolicy.yaml + - ./loadbalancerippool.yaml #% else %# [] #% endif %# diff --git a/templates/config/kubernetes/apps/kube-system/cilium/config/cilium-l2.yaml.j2 b/templates/config/kubernetes/apps/kube-system/cilium/config/l2announcementpolicy.yaml.j2 similarity index 64% rename from templates/config/kubernetes/apps/kube-system/cilium/config/cilium-l2.yaml.j2 rename to templates/config/kubernetes/apps/kube-system/cilium/config/l2announcementpolicy.yaml.j2 index 48e614a68a9..4ee8918dea7 100644 --- a/templates/config/kubernetes/apps/kube-system/cilium/config/cilium-l2.yaml.j2 +++ b/templates/config/kubernetes/apps/kube-system/cilium/config/l2announcementpolicy.yaml.j2 @@ -1,6 +1,6 @@ #% if ((not bgp.enabled) and (not feature_gates.dual_stack_ipv4_first)) %# --- -# https://docs.cilium.io/en/latest/network/l2-announcements +# yaml-language-server: $schema=https://datreeio.github.io/CRDs-catalog/cilium.io/ciliuml2announcementpolicy_v2alpha1.json apiVersion: cilium.io/v2alpha1 kind: CiliumL2AnnouncementPolicy metadata: @@ -14,13 +14,4 @@ spec: nodeSelector: matchLabels: kubernetes.io/os: linux ---- -apiVersion: cilium.io/v2alpha1 -kind: CiliumLoadBalancerIPPool -metadata: - name: l2-pool -spec: - allowFirstLastIPs: "Yes" - blocks: - - cidr: "#{ node_network }#" #% endif %# diff --git a/templates/config/kubernetes/apps/kube-system/cilium/config/loadbalancerippool.yaml.j2 b/templates/config/kubernetes/apps/kube-system/cilium/config/loadbalancerippool.yaml.j2 new file mode 100644 index 00000000000..590b322a945 --- /dev/null +++ b/templates/config/kubernetes/apps/kube-system/cilium/config/loadbalancerippool.yaml.j2 @@ -0,0 +1,18 @@ +--- +# yaml-language-server: $schema=https://datreeio.github.io/CRDs-catalog/cilium.io/ciliumloadbalancerippool_v2alpha1.json +apiVersion: cilium.io/v2alpha1 +kind: CiliumLoadBalancerIPPool +metadata: +#% if bgp.enabled %# + name: l3-pool +#% elif not feature_gates.dual_stack_ipv4_first %# + name: l2-pool +#% endif %# +spec: + allowFirstLastIPs: "Yes" + blocks: +#% if bgp.enabled %# + - cidr: "#{ bgp.advertised_network }#" +#% elif not feature_gates.dual_stack_ipv4_first %# + - cidr: "#{ node_network }#" +#% endif %# diff --git a/templates/config/kubernetes/apps/kube-system/namespace.yaml.j2 b/templates/config/kubernetes/apps/kube-system/namespace.yaml.j2 index 5eeb2c9183c..efe70796b00 100644 --- a/templates/config/kubernetes/apps/kube-system/namespace.yaml.j2 +++ b/templates/config/kubernetes/apps/kube-system/namespace.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/namespace-v1.json apiVersion: v1 kind: Namespace metadata: diff --git a/templates/config/kubernetes/apps/network/cloudflared/app/dnsendpoint.yaml.j2 b/templates/config/kubernetes/apps/network/cloudflared/app/dnsendpoint.yaml.j2 index 43d7d7b2955..32d50ee6aab 100644 --- a/templates/config/kubernetes/apps/network/cloudflared/app/dnsendpoint.yaml.j2 +++ b/templates/config/kubernetes/apps/network/cloudflared/app/dnsendpoint.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/externaldns.k8s.io/dnsendpoint_v1alpha1.json apiVersion: externaldns.k8s.io/v1alpha1 kind: DNSEndpoint metadata: diff --git a/templates/config/kubernetes/apps/network/cloudflared/app/secret.sops.yaml.j2 b/templates/config/kubernetes/apps/network/cloudflared/app/secret.sops.yaml.j2 index 6a024e253fe..08f59ae34e6 100644 --- a/templates/config/kubernetes/apps/network/cloudflared/app/secret.sops.yaml.j2 +++ b/templates/config/kubernetes/apps/network/cloudflared/app/secret.sops.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/secret-v1.json apiVersion: v1 kind: Secret metadata: diff --git a/templates/config/kubernetes/apps/network/external-dns/app/secret.sops.yaml.j2 b/templates/config/kubernetes/apps/network/external-dns/app/secret.sops.yaml.j2 index 4239a8b1892..72e14fcbdc0 100644 --- a/templates/config/kubernetes/apps/network/external-dns/app/secret.sops.yaml.j2 +++ b/templates/config/kubernetes/apps/network/external-dns/app/secret.sops.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/secret-v1.json apiVersion: v1 kind: Secret metadata: diff --git a/templates/config/kubernetes/apps/network/ingress-nginx/certificates/production.yaml.j2 b/templates/config/kubernetes/apps/network/ingress-nginx/certificates/production.yaml.j2 index b5afdf41986..3853a103933 100644 --- a/templates/config/kubernetes/apps/network/ingress-nginx/certificates/production.yaml.j2 +++ b/templates/config/kubernetes/apps/network/ingress-nginx/certificates/production.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/cert-manager.io/certificate_v1.json apiVersion: cert-manager.io/v1 kind: Certificate metadata: diff --git a/templates/config/kubernetes/apps/network/ingress-nginx/certificates/staging.yaml.j2 b/templates/config/kubernetes/apps/network/ingress-nginx/certificates/staging.yaml.j2 index 9c869425177..20cc4cecaa5 100644 --- a/templates/config/kubernetes/apps/network/ingress-nginx/certificates/staging.yaml.j2 +++ b/templates/config/kubernetes/apps/network/ingress-nginx/certificates/staging.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/cert-manager.io/certificate_v1.json apiVersion: cert-manager.io/v1 kind: Certificate metadata: diff --git a/templates/config/kubernetes/apps/network/namespace.yaml.j2 b/templates/config/kubernetes/apps/network/namespace.yaml.j2 index 4d78d7b11b1..da22bc6b0f4 100644 --- a/templates/config/kubernetes/apps/network/namespace.yaml.j2 +++ b/templates/config/kubernetes/apps/network/namespace.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/namespace-v1.json apiVersion: v1 kind: Namespace metadata: diff --git a/templates/config/kubernetes/apps/observability/namespace.yaml.j2 b/templates/config/kubernetes/apps/observability/namespace.yaml.j2 index ce3a5bd22a0..6e8f157d6a1 100644 --- a/templates/config/kubernetes/apps/observability/namespace.yaml.j2 +++ b/templates/config/kubernetes/apps/observability/namespace.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/namespace-v1.json apiVersion: v1 kind: Namespace metadata: diff --git a/templates/config/kubernetes/apps/openebs-system/namespace.yaml.j2 b/templates/config/kubernetes/apps/openebs-system/namespace.yaml.j2 index f173c6c9cd8..e6b60553b62 100644 --- a/templates/config/kubernetes/apps/openebs-system/namespace.yaml.j2 +++ b/templates/config/kubernetes/apps/openebs-system/namespace.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/namespace-v1.json apiVersion: v1 kind: Namespace metadata: diff --git a/templates/config/kubernetes/bootstrap/flux/github-deploy-key.sops.yaml.j2 b/templates/config/kubernetes/bootstrap/flux/github-deploy-key.sops.yaml.j2 index 2b0ef8525a7..c62310c53e7 100644 --- a/templates/config/kubernetes/bootstrap/flux/github-deploy-key.sops.yaml.j2 +++ b/templates/config/kubernetes/bootstrap/flux/github-deploy-key.sops.yaml.j2 @@ -1,5 +1,6 @@ #% if github.private_key %# --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/secret-v1.json apiVersion: v1 kind: Secret metadata: diff --git a/templates/config/kubernetes/flux/settings/cluster-secrets.sops.yaml.j2 b/templates/config/kubernetes/flux/settings/cluster-secrets.sops.yaml.j2 index 991eb3a6c87..ce2fc0c867c 100644 --- a/templates/config/kubernetes/flux/settings/cluster-secrets.sops.yaml.j2 +++ b/templates/config/kubernetes/flux/settings/cluster-secrets.sops.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/secret-v1.json apiVersion: v1 kind: Secret metadata: diff --git a/templates/config/kubernetes/flux/settings/cluster-settings.yaml.j2 b/templates/config/kubernetes/flux/settings/cluster-settings.yaml.j2 index 8b63c343907..a4b7c45990a 100644 --- a/templates/config/kubernetes/flux/settings/cluster-settings.yaml.j2 +++ b/templates/config/kubernetes/flux/settings/cluster-settings.yaml.j2 @@ -1,4 +1,5 @@ --- +# yaml-language-server: $schema=https://kubernetesjsonschema.dev/v1.18.1-standalone-strict/configmap-v1.json apiVersion: v1 kind: ConfigMap metadata: