eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions

Externalize Tailscale operator to forge mirror #295

Merged
eblume merged 3 commits from externalize-tailscale-operator-base into main 2026-03-15 17:44:35 -07:00
Conversation 0 Commits 3 Files changed 5 +23 -5395
eblume commented 2026-03-15 17:34:02 -07:00
Owner
Copy link

Summary

  • Mirrors tailscale/tailscale on forge (mirrors/tailscale)
  • Replaces vendored operator.yaml (495 KB / 5,386 lines) with ArgoCD apps sourcing the upstream static manifest, pinned via targetRevision: v1.94.2
  • Adds tailscale-operator-base app for indri and tailscale-operator-base-ringtail for ringtail
  • Local kustomization retains only ProxyClass and DNSConfig custom resources
  • Updates [[tailscale-operator]] doc to reflect new sourcing

Deployment and Testing

  • Register mirrors/tailscale repo in ArgoCD (it needs to know about the new repo)
  • Sync apps app to pick up the new tailscale-operator-base app definitions
  • Sync tailscale-operator-base — verify CRDs, RBAC, operator Deployment come up
  • Sync tailscale-operator — verify ProxyClass, DNSConfig still apply cleanly
  • Verify existing Tailscale Ingresses still work (ProxyGroup pods healthy)
  • Repeat for ringtail cluster
  • After merge: apps already point at tags, no revision reset needed
## Summary - Mirrors `tailscale/tailscale` on forge (`mirrors/tailscale`) - Replaces vendored `operator.yaml` (495 KB / 5,386 lines) with ArgoCD apps sourcing the upstream static manifest, pinned via `targetRevision: v1.94.2` - Adds `tailscale-operator-base` app for indri and `tailscale-operator-base-ringtail` for ringtail - Local kustomization retains only ProxyClass and DNSConfig custom resources - Updates `[[tailscale-operator]]` doc to reflect new sourcing ## Deployment and Testing - [ ] Register `mirrors/tailscale` repo in ArgoCD (it needs to know about the new repo) - [ ] Sync `apps` app to pick up the new `tailscale-operator-base` app definitions - [ ] Sync `tailscale-operator-base` — verify CRDs, RBAC, operator Deployment come up - [ ] Sync `tailscale-operator` — verify ProxyClass, DNSConfig still apply cleanly - [ ] Verify existing Tailscale Ingresses still work (ProxyGroup pods healthy) - [ ] Repeat for ringtail cluster - [ ] After merge: apps already point at tags, no revision reset needed
Replace vendored operator.yaml (495 KB) with ArgoCD apps sourcing the
upstream static manifest from mirrors/tailscale on forge, pinned to
v1.94.2 via targetRevision. Adds apps for both indri and ringtail
clusters. Local kustomization retains only ProxyClass and DNSConfig.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Use HTTPS raw URL from forge mirror instead of a separate ArgoCD app.
Pins operator image to v1.94.2 via kustomize images transformer,
avoiding the upstream's floating "stable" tag.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The upstream manifest includes a Secret with empty client_id/client_secret
placeholders. We manage this via ExternalSecret, so drop the upstream copy
to avoid ownership conflicts in ArgoCD.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
eblume merged commit 2bea048dbf into main 2026-03-15 17:44:35 -07:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
eblume/blumeops!295
No description provided.