blumeops/argocd/manifests/homepage/clusterrole.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: homepage
rules:
  - apiGroups: [""]
    resources: ["namespaces", "pods", "nodes"]
    verbs: ["get", "list"]
  - apiGroups: ["extensions", "networking.k8s.io"]
    resources: ["ingresses"]
    verbs: ["get", "list"]
  - apiGroups: ["traefik.containo.us", "traefik.io"]
    resources: ["ingressroutes"]
    verbs: ["get", "list"]
  - apiGroups: ["gateway.networking.k8s.io"]
    resources: ["gateways", "httproutes"]
    verbs: ["get", "list"]
  - apiGroups: ["metrics.k8s.io"]
    resources: ["nodes", "pods"]
    verbs: ["get", "list"]
  - apiGroups: ["apiextensions.k8s.io"]
    resources: ["customresourcedefinitions/status"]
    verbs: ["get"]
Replace Homepage Helm chart with kustomize manifests and custom Dockerfile (#221) ## Summary - Replace third-party Helm chart (jameswynn/homepage v2.1.0, pinned at app v1.2.0) with plain kustomize manifests and a custom Dockerfile building from forge mirror at v1.10.1 - Adds Dockerfile (`containers/homepage/`) with multi-stage build (node:22-slim builder, node:22-alpine runtime) - Creates kustomize manifests: Deployment, Service, ConfigMap (6 config files), ServiceAccount, ClusterRole, ClusterRoleBinding - Keeps existing ingress-tailscale.yaml and all 6 ExternalSecret resources unchanged - Updates ArgoCD app definition from multi-source Helm to single directory source ## Prerequisite - Homepage source mirrored at forge.ops.eblu.me/eblume/homepage.git ✅ - Container must be built and pushed before syncing: `mise run container-release homepage v1.10.1` ## Deployment and Testing - [ ] Build and push container image: `mise run container-release homepage v1.10.1` - [ ] Branch-test via ArgoCD: `argocd app set homepage --revision feature/homepage-kustomize && argocd app sync homepage` - [ ] Verify dashboard loads at go.ops.eblu.me / go.tail8d86e.ts.net - [ ] Verify k8s autodiscovery works (services appear on dashboard) - [ ] Verify widgets load (weather, Forgejo, Jellyfin, etc.) - [ ] After merge: `argocd app set homepage --revision main && argocd app sync homepage` 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/221 2026-02-19 18:29:19 -08:00			`apiVersion: rbac.authorization.k8s.io/v1`
			`kind: ClusterRole`
			`metadata:`
			`name: homepage`
			`rules:`
			`- apiGroups: [""]`
			`resources: ["namespaces", "pods", "nodes"]`
			`verbs: ["get", "list"]`
			`- apiGroups: ["extensions", "networking.k8s.io"]`
			`resources: ["ingresses"]`
			`verbs: ["get", "list"]`
			`- apiGroups: ["traefik.containo.us", "traefik.io"]`
			`resources: ["ingressroutes"]`
			`verbs: ["get", "list"]`
			`- apiGroups: ["gateway.networking.k8s.io"]`
			`resources: ["gateways", "httproutes"]`
			`verbs: ["get", "list"]`
			`- apiGroups: ["metrics.k8s.io"]`
			`resources: ["nodes", "pods"]`
			`verbs: ["get", "list"]`
			`- apiGroups: ["apiextensions.k8s.io"]`
			`resources: ["customresourcedefinitions/status"]`
			`verbs: ["get"]`