Erich Blume
4381e1d86f
Kustomize's images: directive only rewrites image fields on built-in k8s
kinds (Pod, Deployment, etc.), not on custom resources like ProxyClass.
The first attempt left the rendered ProxyClass pointing at upstream
docker.io. Replaces it with a strategic merge patch over
spec.statefulSet.pod.tailscale{Container,InitContainer}.image.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
24 lines
757 B
YAML
24 lines
757 B
YAML
---
|
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
kind: Kustomization
|
|
|
|
namespace: tailscale
|
|
|
|
resources:
|
|
- ../tailscale-operator-base
|
|
- proxygroup-ingress.yaml
|
|
- external-secret.yaml
|
|
|
|
# Rewrite the proxyclass image to our local nix-built mirror.
|
|
# Scoped to ringtail only; indri's tailscale-operator/kustomization.yaml still
|
|
# pulls from upstream docker.io. A strategic merge patch is used instead of
|
|
# kustomize's `images:` directive because that directive only rewrites images
|
|
# in standard k8s container fields, not custom-resource fields like
|
|
# ProxyClass.spec.statefulSet.pod.tailscaleContainer.image.
|
|
patches:
|
|
- path: proxyclass-image.yaml
|
|
target:
|
|
group: tailscale.com
|
|
version: v1alpha1
|
|
kind: ProxyClass
|
|
name: default
|