Add kustomize images: and configMapGenerator: across services #264

Merged

eblume merged 1 commit from feature/kustomize-images-configmapgen into main 2026-02-24 14:25:20 -08:00

Conversation 0 Commits 1 Files changed 79 +956 -905

eblume commented 2026-02-24 14:24:17 -08:00

Owner

Copy link

Summary

• Move hardcoded image tags to kustomization.yaml images: transformer across 22 services — image names in manifests become version-agnostic templates, with tags centralized in one place per service
• Replace hand-written ConfigMap manifests with configMapGenerator: in 12 services — config data extracted to standalone files, generated ConfigMaps include content hashes that trigger automatic pod rollouts on changes
• Create new kustomization.yaml for forgejo-runner and nvidia-device-plugin (switches ArgoCD from directory mode to kustomize mode, rendered output identical)

Services modified

Images only (8): cv, devpi, docs, kube-state-metrics, miniflux, navidrome, teslamate, torrent

Images + configMapGenerator (10): alloy-k8s, forgejo-runner, frigate, grafana, homepage, kiwix, loki, mosquitto, ntfy, prometheus

Images only, no configMapGenerator (4): authentik (skip blueprints — special YAML tags), tailscale-operator-base (Deployment only, CRD image fields left as-is)

Skipped entirely (6): argocd (remote upstream), databases (no image fields), external-secrets, grafana-config (cross-kustomization dashboards), immich (Helm-managed), 1password-connect/cloudnative-pg (no kustomization.yaml)

What changes at deploy time

• images: — no functional diff, kustomize build produces identical output with tags
• configMapGenerator: — ConfigMap names gain hash suffixes (e.g., prometheus-config → prometheus-config-6f42fhctcb) and all Deployment/StatefulSet/DaemonSet references are updated automatically. Pods will restart once per service on first sync due to the name change

Test plan

• kubectl kustomize builds all 30 service directories successfully
• Image tags verified in rendered output for all modified services
• ConfigMap hash suffixes verified in rendered output
• ConfigMap references in Deployments/StatefulSets confirmed to use hashed names
• All pre-commit hooks pass (yamllint, shellcheck, prettier, etc.)
• argocd app diff each service to confirm only expected ConfigMap name changes
• Deploy from branch starting with a low-risk service (e.g., mosquitto)

## Summary - Move hardcoded image tags to kustomization.yaml `images:` transformer across **22 services** — image names in manifests become version-agnostic templates, with tags centralized in one place per service - Replace hand-written ConfigMap manifests with `configMapGenerator:` in **12 services** — config data extracted to standalone files, generated ConfigMaps include content hashes that trigger automatic pod rollouts on changes - Create new `kustomization.yaml` for **forgejo-runner** and **nvidia-device-plugin** (switches ArgoCD from directory mode to kustomize mode, rendered output identical) ### Services modified **Images only (8):** cv, devpi, docs, kube-state-metrics, miniflux, navidrome, teslamate, torrent **Images + configMapGenerator (10):** alloy-k8s, forgejo-runner, frigate, grafana, homepage, kiwix, loki, mosquitto, ntfy, prometheus **Images only, no configMapGenerator (4):** authentik (skip blueprints — special YAML tags), tailscale-operator-base (Deployment only, CRD image fields left as-is) **Skipped entirely (6):** argocd (remote upstream), databases (no image fields), external-secrets, grafana-config (cross-kustomization dashboards), immich (Helm-managed), 1password-connect/cloudnative-pg (no kustomization.yaml) ### What changes at deploy time - **images:** — no functional diff, `kustomize build` produces identical output with tags - **configMapGenerator:** — ConfigMap names gain hash suffixes (e.g., `prometheus-config` → `prometheus-config-6f42fhctcb`) and all Deployment/StatefulSet/DaemonSet references are updated automatically. Pods will restart once per service on first sync due to the name change ## Test plan - [x] `kubectl kustomize` builds all 30 service directories successfully - [x] Image tags verified in rendered output for all modified services - [x] ConfigMap hash suffixes verified in rendered output - [x] ConfigMap references in Deployments/StatefulSets confirmed to use hashed names - [x] All pre-commit hooks pass (yamllint, shellcheck, prettier, etc.) - [ ] `argocd app diff` each service to confirm only expected ConfigMap name changes - [ ] Deploy from branch starting with a low-risk service (e.g., mosquitto)

eblume added 1 commit 2026-02-24 14:24:18 -08:00

Add kustomize images: transformer and configMapGenerator across services ... 34925cb94b

Move hardcoded image tags to kustomization.yaml images: sections (22
services) and replace hand-written ConfigMap manifests with
configMapGenerator (12 services). Image tags are now centralized in
kustomization.yaml, and generated ConfigMaps include content hashes
that trigger automatic pod rollouts on config changes.

New kustomization.yaml files for forgejo-runner and nvidia-device-plugin
switch ArgoCD from directory mode to kustomize mode.

Skipped: argocd (remote upstream), databases, external-secrets,
grafana-config (cross-kustomization dashboards), immich (Helm),
authentik blueprints (special YAML tags).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

eblume merged commit 9b44a8ec51 into main 2026-02-24 14:25:20 -08:00

eblume referenced this pull request from a commit 2026-02-24 14:25:21 -08:00

Add kustomize images: and configMapGenerator: across services (#264)

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

eblume/blumeops!264

No description provided.