fix

apps/code-server/presentation.tf

@@ -10,7 +10,7 @@ locals {
 }
 
 module "service" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   namespace         = var.namespace
@@ -22,7 +22,7 @@ module "service" {
 }
 
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace
@@ -38,7 +38,7 @@ module "ingress" {
 }
 
 module "application" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group
@@ -61,7 +61,7 @@ provider "restapi" {
 }
 
 module "forward" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   domain            = var.domain

apps/dbgate/presentation.tf

@@ -10,7 +10,7 @@ locals {
 }
 
 module "service" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   namespace         = var.namespace
@@ -22,7 +22,7 @@ module "service" {
 }
 
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace
@@ -38,7 +38,7 @@ module "ingress" {
 }
 
 module "application" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group
@@ -51,7 +51,7 @@ module "application" {
 }
 
 module "oauth2" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   namespace         = var.namespace

apps/gitea/presentation.tf

@@ -16,7 +16,7 @@ locals {
 }
 
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace
@@ -32,7 +32,7 @@ module "ingress" {
 }
 
 module "application" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group
@@ -45,7 +45,7 @@ module "application" {
 }
 
 module "oauth2" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   namespace         = var.namespace

apps/gramo/check.rhai

@@ -0,0 +1,17 @@
+const DOMAIN = config.domain;
+fn check_domain() {
+    assert(have_namespace(`${global::DOMAIN}`),                         `There is no ${global::DOMAIN} namespace`);
+}
+fn check_authentik() {
+    assert(have_namespace(`${global::DOMAIN}-auth`),                    `There is no ${global::DOMAIN}-auth namespace`);
+    assert(have_install(`${global::DOMAIN}-auth`, "authentik"),         `No authentik installation in ${global::DOMAIN}-auth`);
+    assert(have_secret(`${global::DOMAIN}-auth`, "authentik"),          `No authentik secret in ${global::DOMAIN}-auth`);
+}
+fn check_authentik_forward() {
+    assert(have_install(`${global::DOMAIN}-auth`, "authentik-forward"), `No authentik-forward installation in ${global::DOMAIN}-auth`);
+}
+fn pre_check() {
+    check_domain();
+    check_authentik();
+    check_authentik_forward();
+}

apps/gramo/presentation.tf

@@ -10,7 +10,7 @@ locals {
 }
 
 module "service" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   namespace         = var.namespace
@@ -22,7 +22,7 @@ module "service" {
 }
 
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace
@@ -38,7 +38,7 @@ module "ingress" {
 }
 
 module "application" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group
@@ -61,7 +61,7 @@ provider "restapi" {
 }
 
 module "forward" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   domain            = var.domain

apps/infisical/check.rhai

@@ -0,0 +1,17 @@
+const DOMAIN = config.domain;
+fn check_domain() {
+    assert(have_namespace(`${global::DOMAIN}`),                         `There is no ${global::DOMAIN} namespace`);
+}
+fn check_authentik() {
+    assert(have_namespace(`${global::DOMAIN}-auth`),                    `There is no ${global::DOMAIN}-auth namespace`);
+    assert(have_install(`${global::DOMAIN}-auth`, "authentik"),         `No authentik installation in ${global::DOMAIN}-auth`);
+    assert(have_secret(`${global::DOMAIN}-auth`, "authentik"),          `No authentik secret in ${global::DOMAIN}-auth`);
+}
+fn check_authentik_forward() {
+    assert(have_install(`${global::DOMAIN}-auth`, "authentik-forward"), `No authentik-forward installation in ${global::DOMAIN}-auth`);
+}
+fn pre_check() {
+    check_domain();
+    check_authentik();
+    check_authentik_forward();
+}

apps/infisical/presentation.tf

@@ -9,7 +9,7 @@ locals {
 }
 
 module "service" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   namespace         = var.namespace
@@ -21,7 +21,7 @@ module "service" {
 }
 
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace
@@ -37,7 +37,7 @@ module "ingress" {
 }
 
 module "application" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group
@@ -60,7 +60,7 @@ provider "restapi" {
 }
 
 module "forward" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   domain            = var.domain

apps/infisical/storage.tf

@@ -1,5 +1,5 @@
 module "redis" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//redis"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//redis?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   namespace         = var.namespace
@@ -11,7 +11,7 @@ module "redis" {
   }
 }
 module "mongo" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//mongo"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//mongo?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   namespace         = var.namespace

apps/okd/check.rhai

@@ -0,0 +1,17 @@
+const DOMAIN = config.domain;
+fn check_domain() {
+    assert(have_namespace(`${global::DOMAIN}`),                         `There is no ${global::DOMAIN} namespace`);
+}
+fn check_authentik() {
+    assert(have_namespace(`${global::DOMAIN}-auth`),                    `There is no ${global::DOMAIN}-auth namespace`);
+    assert(have_install(`${global::DOMAIN}-auth`, "authentik"),         `No authentik installation in ${global::DOMAIN}-auth`);
+    assert(have_secret(`${global::DOMAIN}-auth`, "authentik"),          `No authentik secret in ${global::DOMAIN}-auth`);
+}
+fn check_authentik_forward() {
+    assert(have_install(`${global::DOMAIN}-auth`, "authentik-forward"), `No authentik-forward installation in ${global::DOMAIN}-auth`);
+}
+fn pre_check() {
+    check_domain();
+    check_authentik();
+    check_authentik_forward();
+}

apps/okd/presentation.tf

@@ -10,7 +10,7 @@ locals {
 }
 
 module "service" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   namespace         = var.namespace
@@ -22,7 +22,7 @@ module "service" {
 }
 
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace
@@ -38,7 +38,7 @@ module "ingress" {
 }
 
 module "application" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group
@@ -61,7 +61,7 @@ provider "restapi" {
 }
 
 module "forward" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   domain            = var.domain

apps/traefik-ui/check.rhai

@@ -0,0 +1,17 @@
+const DOMAIN = config.domain;
+fn check_domain() {
+    assert(have_namespace(`${global::DOMAIN}`),                         `There is no ${global::DOMAIN} namespace`);
+}
+fn check_authentik() {
+    assert(have_namespace(`${global::DOMAIN}-auth`),                    `There is no ${global::DOMAIN}-auth namespace`);
+    assert(have_install(`${global::DOMAIN}-auth`, "authentik"),         `No authentik installation in ${global::DOMAIN}-auth`);
+    assert(have_secret(`${global::DOMAIN}-auth`, "authentik"),          `No authentik secret in ${global::DOMAIN}-auth`);
+}
+fn check_authentik_forward() {
+    assert(have_install(`${global::DOMAIN}-auth`, "authentik-forward"), `No authentik-forward installation in ${global::DOMAIN}-auth`);
+}
+fn pre_check() {
+    check_domain();
+    check_authentik();
+    check_authentik_forward();
+}

apps/traefik-ui/presentation.tf

@@ -16,7 +16,7 @@ locals {
 }
 
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace
@@ -32,7 +32,7 @@ module "ingress" {
 }
 
 module "application" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group
@@ -55,7 +55,7 @@ provider "restapi" {
 }
 
 module "forward" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   domain            = var.domain

apps/woodpecker/check.rhai

@@ -0,0 +1,16 @@
+const DOMAIN = config.domain;
+fn check_domain() {
+    assert(have_namespace(`${global::DOMAIN}`),                         `There is no ${global::DOMAIN} namespace`);
+}
+fn check_gitea() {
+    assert(have_namespace(`${global::DOMAIN}-ci`),                      `There is no ${global::DOMAIN}-ci namespace`);
+    assert(have_install(`${global::DOMAIN}-ci`, "gitea"),               `No gitea installation in ${global::DOMAIN}-ci`);
+    assert(have_ingress(`${global::DOMAIN}-ci`, "gitea"),               `No gitea ingress in ${global::DOMAIN}-ci`);
+    assert(have_service(`${global::DOMAIN}-ci`, "gitea-ssh"),           `No gitea-ssh service in ${global::DOMAIN}-ci`);
+    assert(have_secret(`${global::DOMAIN}-ci`, "gitea"),                `No gitea secret in ${global::DOMAIN}-ci`);
+    assert(have_secret(`${global::DOMAIN}-ci`, "gitea-admin-user"),     `No gitea-admin-user secret in ${global::DOMAIN}-ci`);
+}
+fn pre_check() {
+    check_domain();
+    check_gitea();
+}

apps/woodpecker/presentation.tf

@@ -11,7 +11,7 @@ locals {
 }
 
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace
@@ -27,7 +27,7 @@ module "ingress" {
 }
 
 module "application" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group

apps/wordpress/database.tf

@@ -80,7 +80,7 @@ resource "kubectl_manifest" "pre_backup_pod_db" {
       namespace: "${var.namespace}"
       labels: ${jsonencode(local.secrets_labels)}
     spec:
-      backupCommand: mysqldump --all-databases	--password=$$MYSQL_PWD --host=${var.instance}-${var.component}-mysqld.${var.namespace}.svc --no-create-db --add-drop-table
+      backupCommand: mysqldump --all-databases --password=$$MYSQL_PWD --host=${var.instance}-${var.component}-mysqld.${var.namespace}.svc --no-create-db --add-drop-table
       pod:
         spec:
           containers:

apps/wordpress/presentation.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 module "service" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//service?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   namespace         = var.namespace
@@ -31,7 +31,7 @@ module "service" {
 }
 
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace
@@ -47,7 +47,7 @@ module "ingress" {
 }
 
 module "application" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group
@@ -60,7 +60,7 @@ module "application" {
 }
 
 module "oauth2" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   namespace         = var.namespace

monitor/alertmanager/datas.tf

@@ -40,7 +40,7 @@ data "kustomization_overlay" "data" {
       spec:
         image: "${var.images.alertmanager.registry}/${var.images.alertmanager.repository}:${var.images.alertmanager.tag}"
         version: ${var.images.alertmanager.tag}
-        externalUrl: http://${var.component}-${var.instance}.${var.namespace}:9093
+        externalUrl: http://${var.instance}-${var.component}.${var.namespace}:9093
         replicas: ${var.replicas}
         listenLocal: ${var.listenLocal}
         logLevel:  "${var.logLevel}"
@@ -64,7 +64,7 @@ data "kustomization_overlay" "data" {
             - name: Alertmanager
               type: alertmanager
               uid: alertmanager
-              url: http://${var.component}-${var.instance}.${var.namespace}:9093/
+              url: http://${var.instance}-${var.component}.${var.namespace}:9093/
               access: proxy
               jsonData:
                 handleGrafanaManagedAlerts: false

monitor/alertmanager/index.rhai

@@ -0,0 +1,29 @@
+const NS=config.namespace;
+const SRC=src;
+const DEST=dest;
+fn pre_pack() {
+    shell("helm repo add prometheus-community https://prometheus-community.github.io/helm-charts");
+    shell(`helm template alertmanager prometheus-community/kube-prometheus-stack --namespace=vynil-monitor -a "monitoring.coreos.com/v1/ServiceMonitor" -a "monitoring.coreos.com/v1/PrometheusRule"  --values values.yml >${global::SRC}/chart.yaml`);
+}
+fn post_pack() {
+    for file in [ // v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-cluster
+        "v1_ConfigMap_alertmanager-kube-promethe-cluster-total.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-grafana-overview.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-cluster.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-multicluster.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-namespace.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-node.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-pod.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-workloads-namespace.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-k8s-resources-workload.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-namespace-by-pod.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-namespace-by-workload.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-persistentvolumesusage.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-pod-total.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-prometheus.yaml",
+        "v1_ConfigMap_alertmanager-kube-promethe-workload-total.yaml",
+        "v1_Service_alertmanager-kube-promethe-alertmanager.yaml",
+    ] {
+        shell(`rm -f ${global::DEST}/${file}`);
+    }
+}

monitor/alertmanager/index.yaml

@@ -8,26 +8,21 @@ metadata:
     An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach.
     The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integration such as email, PagerDuty, or OpsGenie. It also takes care of silencing and inhibition of alerts.
 options:
-  listenLocal:
-    default: false
-    examples:
-    - false
-    type: boolean
   app_group:
     default: monitor
     examples:
     - monitor
     type: string
-  ingress_class:
+  domain:
-    default: traefik
+    default: your-company
     examples:
-    - traefik
+    - your-company
     type: string
-  replicas:
+  domain_name:
-    default: 1
+    default: your_company.com
     examples:
-    - 1
+    - your_company.com
-    type: integer
+    type: string
   images:
     default:
       alertmanager:
@@ -67,16 +62,31 @@ options:
             type: string
         type: object
     type: object
+  ingress_class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
   issuer:
     default: letsencrypt-prod
     examples:
     - letsencrypt-prod
     type: string
+  listenLocal:
+    default: false
+    examples:
+    - false
+    type: boolean
   logLevel:
     default: info
     examples:
     - info
     type: string
+  replicas:
+    default: 1
+    examples:
+    - 1
+    type: integer
   retention:
     default: 120h
     examples:
@@ -87,16 +97,6 @@ options:
     examples:
     - alertmanager
     type: string
-  domain:
-    default: your-company
-    examples:
-    - your-company
-    type: string
-  domain_name:
-    default: your_company.com
-    examples:
-    - your_company.com
-    type: string
 dependencies:
 - dist: null
   category: share

monitor/alertmanager/monitoring.coreos.com_v1_Alertmanager_alertmanager-kube-promethe-alertmanager.yaml

@@ -9,17 +9,18 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: alertmanager
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "alertmanager"
     heritage: "Helm"
 spec:
-  image: "quay.io/prometheus/alertmanager:v0.26.0"
+  image: "quay.io/prometheus/alertmanager:v0.27.0"
-  version: v0.26.0
+  version: v0.27.0
   replicas: 1
   listenLocal: false
   serviceAccountName: alertmanager-kube-promethe-alertmanager
+  automountServiceAccountToken: true
   externalUrl: http://alertmanager-kube-promethe-alertmanager.vynil-monitor:9093
   paused: false
   logFormat: "logfmt"

monitor/alertmanager/monitoring.coreos.com_v1_PrometheusRule_alertmanager-kube-promethe-alertmanager.rules.yaml

@@ -9,9 +9,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: alertmanager
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "alertmanager"
     heritage: "Helm"
 spec:

monitor/alertmanager/monitoring.coreos.com_v1_ServiceMonitor_alertmanager-kube-promethe-alertmanager.yaml

@@ -9,9 +9,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: alertmanager
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "alertmanager"
     heritage: "Helm"
 spec:
@@ -29,5 +29,4 @@ spec:
     enableHttp2: true
     path: "/metrics"
   - port: reloader-web
-    scheme: http
     path: "/metrics"

monitor/alertmanager/presentation.tf

@@ -16,7 +16,7 @@ locals {
 }
 
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace
@@ -32,7 +32,7 @@ module "ingress" {
 }
 
 module "application" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group
@@ -55,7 +55,7 @@ provider "restapi" {
 }
 
 module "forward" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   domain            = var.domain

monitor/alertmanager/svc.tf

@@ -11,7 +11,7 @@ resource "kubectl_manifest" "svc" {
     apiVersion: v1
     kind: Service
     metadata:
-      name: "${var.component}-${var.instance}"
+      name: "${var.instance}-${var.component}"
       namespace: "${var.namespace}"
       labels: ${jsonencode(local.svc-label)}
     spec:

monitor/alertmanager/v1_ConfigMap_alertmanager-kube-promethe-alertmanager-overview.yaml

@@ -12,9 +12,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: alertmanager
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "alertmanager"
     heritage: "Helm"
 data:

monitor/alertmanager/v1_Secret_alertmanager-alertmanager-kube-promethe-alertmanager.yaml

@@ -9,9 +9,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: alertmanager
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "alertmanager"
     heritage: "Helm"
 data:

monitor/alertmanager/v1_ServiceAccount_alertmanager-kube-promethe-alertmanager.yaml

@@ -12,9 +12,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: alertmanager
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "alertmanager"
     heritage: "Helm"
 automountServiceAccountToken: true

monitor/grafana/presentation.tf

@@ -16,7 +16,7 @@ locals {
 }
 
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace
@@ -32,7 +32,7 @@ module "ingress" {
 }
 
  module "application" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group
@@ -46,7 +46,7 @@ module "ingress" {
 }
 
 module "oauth2" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//oauth2?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   namespace         = var.namespace

monitor/prometheus/datas.tf

@@ -44,7 +44,7 @@ data "kustomization_overlay" "data" {
           - name: Prometheus
             type: prometheus
             uid: prometheus
-            url: http://${var.component}-${var.instance}.${var.namespace}:9090/
+            url: http://${var.instance}-${var.component}.${var.namespace}:9090/
             access: proxy
             isDefault: false
             jsonData:

monitor/prometheus/index.rhai

@@ -0,0 +1,30 @@
+const NS=config.namespace;
+const SRC=src;
+const DEST=dest;
+fn pre_pack() {
+    shell("helm repo add prometheus-community https://prometheus-community.github.io/helm-charts");
+    shell(`helm template prometheus prometheus-community/kube-prometheus-stack --namespace=vynil-monitor -a "monitoring.coreos.com/v1/ServiceMonitor" -a "monitoring.coreos.com/v1/PrometheusRule" --values values.yml >${global::SRC}/chart.yaml`);
+}
+fn post_pack() {
+    for file in [
+        "monitoring.coreos.com_v1_Prometheus_prometheus-kube-prometheus-prometheus.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-alertmanager-overview.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-cluster-total.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-grafana-overview.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-cluster.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-multicluster.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-namespace.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-node.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-pod.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-workloads-namespace.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-k8s-resources-workload.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-namespace-by-pod.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-namespace-by-workload.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-persistentvolumesusage.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-pod-total.yaml",
+        "v1_ConfigMap_prometheus-kube-prometheus-workload-total.yaml",
+        "v1_Service_prometheus-kube-prometheus-prometheus.yaml",
+    ] {
+        shell(`rm -f ${global::DEST}/${file}`);
+    }
+}

monitor/prometheus/index.yaml

@@ -6,51 +6,31 @@ metadata:
   name: prometheus
   description: An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach.
 options:
-  domain:
-    default: your-company
-    examples:
-    - your-company
-    type: string
-  ingress_class:
-    default: traefik
-    examples:
-    - traefik
-    type: string
-  shards:
-    default: 1
-    examples:
-    - 1
-    type: integer
-  logLevel:
-    default: info
-    examples:
-    - info
-    type: string
-  listenLocal:
-    default: false
-    examples:
-    - false
-    type: boolean
-  enableAdminAPI:
-    default: false
-    examples:
-    - false
-    type: boolean
-  issuer:
-    default: letsencrypt-prod
-    examples:
-    - letsencrypt-prod
-    type: string
   alertmanager:
     default: alertmanager-alertmanager
     examples:
     - alertmanager-alertmanager
     type: string
+  app_group:
+    default: monitor
+    examples:
+    - monitor
+    type: string
+  domain:
+    default: your-company
+    examples:
+    - your-company
+    type: string
   domain_name:
     default: your_company.com
     examples:
     - your_company.com
     type: string
+  enableAdminAPI:
+    default: false
+    examples:
+    - false
+    type: boolean
   images:
     default:
       prometheus:
@@ -90,6 +70,26 @@ options:
             type: string
         type: object
     type: object
+  ingress_class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
+  listenLocal:
+    default: false
+    examples:
+    - false
+    type: boolean
+  logLevel:
+    default: info
+    examples:
+    - info
+    type: string
   replicas:
     default: 1
     examples:
@@ -100,11 +100,11 @@ options:
     examples:
     - 10d
     type: string
-  app_group:
+  shards:
-    default: monitor
+    default: 1
     examples:
-    - monitor
+    - 1
-    type: string
+    type: integer
   sub_domain:
     default: prometheus
     examples:

monitor/prometheus/monitoring.coreos.com_v1_PrometheusRule_prometheus-kube-prometheus-kubelet.rules.yaml

@@ -9,9 +9,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
     heritage: "Helm"
 spec:

monitor/prometheus/monitoring.coreos.com_v1_PrometheusRule_prometheus-kube-prometheus-kubernetes-system-kube-proxy.yaml

@@ -9,9 +9,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
     heritage: "Helm"
 spec:

monitor/prometheus/monitoring.coreos.com_v1_PrometheusRule_prometheus-kube-prometheus-prometheus.yaml

@@ -9,9 +9,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
     heritage: "Helm"
 spec:

monitor/prometheus/monitoring.coreos.com_v1_ServiceMonitor_prometheus-kube-prometheus-coredns.yaml

@@ -9,9 +9,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
     heritage: "Helm"
 spec:

monitor/prometheus/monitoring.coreos.com_v1_ServiceMonitor_prometheus-kube-prometheus-kube-proxy.yaml

@@ -9,9 +9,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
     heritage: "Helm"
 spec:

monitor/prometheus/monitoring.coreos.com_v1_ServiceMonitor_prometheus-kube-prometheus-kubelet.yaml

@@ -8,9 +8,9 @@ metadata:
     app: kube-prometheus-stack-kubelet    
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
     heritage: "Helm"
 spec:

monitor/prometheus/monitoring.coreos.com_v1_ServiceMonitor_prometheus-kube-prometheus-prometheus.yaml

@@ -9,9 +9,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
     heritage: "Helm"
 spec:
@@ -28,5 +28,4 @@ spec:
   - port: http-web
     path: "/metrics"
   - port: reloader-web
-    scheme: http
     path: "/metrics"

monitor/prometheus/presentation.tf

@@ -16,7 +16,7 @@ locals {
 }
 
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace
@@ -32,7 +32,7 @@ module "ingress" {
 }
 
 module "application" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//application?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   app_group         = var.app_group
@@ -55,7 +55,7 @@ provider "restapi" {
 }
 
 module "forward" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//forward?ref=0.3.0"
   component         = var.component
   instance          = var.instance
   domain            = var.domain

monitor/prometheus/prometheus.tf

@@ -9,7 +9,7 @@ resource "kubectl_manifest" "prometheus" {
     spec:
       image: "${var.images.prometheus.registry}/${var.images.prometheus.repository}:${var.images.prometheus.tag}"
       version: ${var.images.prometheus.tag}
-      externalUrl: http://${var.component}-${var.instance}.${var.namespace}:9090
+      externalUrl: http://${var.instance}-${var.component}.${var.namespace}:9090
       replicas: ${var.replicas}
       shards: ${var.shards}
       logLevel:  ${var.logLevel}

monitor/prometheus/rbac.authorization.k8s.io_v1_ClusterRoleBinding_prometheus-kube-prometheus-prometheus.yaml

@@ -8,9 +8,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
     heritage: "Helm"
 roleRef:

monitor/prometheus/rbac.authorization.k8s.io_v1_ClusterRole_prometheus-kube-prometheus-prometheus.yaml

@@ -8,9 +8,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
     heritage: "Helm"
 rules:

monitor/prometheus/svc.tf

@@ -11,7 +11,7 @@ resource "kubectl_manifest" "svc" {
     apiVersion: v1
     kind: Service
     metadata:
-      name: "${var.component}-${var.instance}"
+      name: "${var.instance}-${var.component}"
       namespace: "${var.namespace}"
       labels: ${jsonencode(local.svc-label)}
     spec:

monitor/prometheus/v1_ConfigMap_prometheus-kube-prometheus-grafana-datasource.yaml

@@ -10,9 +10,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
     heritage: "Helm"
 data:

monitor/prometheus/v1_Secret_prometheus-kube-prometheus-prometheus.yaml

@@ -1,18 +0,0 @@
-# Source: kube-prometheus-stack/templates/prometheus/secret.yaml
-apiVersion: v1
-kind: Secret
-metadata:
-  name: prometheus-kube-prometheus-prometheus
-  namespace: vynil-monitor
-  labels:
-    app: kube-prometheus-stack-prometheus
-    app.kubernetes.io/component: prometheus
-    
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
-    app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
-    release: "prometheus"
-    heritage: "Helm"
-data:

monitor/prometheus/v1_ServiceAccount_prometheus-kube-prometheus-prometheus.yaml

@@ -12,8 +12,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
-    heritage: "Helm"
+    heritage: "Helm"
+automountServiceAccountToken: true

monitor/prometheus/v1_Service_prometheus-kube-prometheus-coredns.yaml

@@ -9,9 +9,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
     heritage: "Helm"
   namespace: kube-system

monitor/prometheus/v1_Service_prometheus-kube-prometheus-kube-proxy.yaml

@@ -9,9 +9,9 @@ metadata:
     
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/instance: prometheus
-    app.kubernetes.io/version: "56.9.0"
+    app.kubernetes.io/version: "58.7.2"
     app.kubernetes.io/part-of: kube-prometheus-stack
-    chart: kube-prometheus-stack-56.9.0
+    chart: kube-prometheus-stack-58.7.2
     release: "prometheus"
     heritage: "Helm"
   namespace: kube-system

share/authentik/common.tf

@@ -36,119 +36,3 @@ locals {
   }:{}
 }
 
-
-data "kustomization_overlay" "data" {
-  namespace = var.namespace
-  common_labels = local.common_labels
-  resources = [for file in fileset(path.module, "*.yaml"): file if file != "index.yaml"]
-  images {
-    name = "ghcr.io/goauthentik/server"
-    new_name = "${var.images.app.registry}/${var.images.app.repository}"
-    new_tag  = "${var.images.app.tag}"
-  }
-  config_map_generator {
-    name = var.component
-    behavior = "create"
-    literals = [
-      "AUTHENTIK_EMAIL__PORT=${var.email.port}",
-      "AUTHENTIK_EMAIL__TIMEOUT=${var.email.timeout}",
-      "AUTHENTIK_EMAIL__USE_TLS=${var.email.use_tls}",
-      "AUTHENTIK_EMAIL__USE_SSL=${var.email.use_ssl}",
-      "AUTHENTIK_ERROR_REPORTING__ENABLED=${var.error_reporting.enabled}",
-      "AUTHENTIK_ERROR_REPORTING__ENVIRONMENT=${var.error_reporting.environment}",
-      "AUTHENTIK_ERROR_REPORTING__SEND_PII=${var.error_reporting.send_pii}",
-      "AUTHENTIK_GEOIP=${var.geoip}",
-      "AUTHENTIK_LOG_LEVEL=${var.loglevel}",
-      "AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=${var.images.app.registry}/${var.images.app.project}/%(type)s:%(version)s",
-      "AUTHENTIK_POSTGRESQL__NAME=${var.component}",
-      "AUTHENTIK_POSTGRESQL__PORT=5432",
-      "AUTHENTIK_POSTGRESQL__USER=${var.component}",
-      "AUTHENTIK_REDIS__HOST=${var.name}-${var.component}-redis",
-      "AUTHENTIK_BOOTSTRAP_EMAIL=${var.admin.email}@${var.domain_name}",
-      "GUNICORN_CMD_ARGS=--timeout=90",
-    ]
-  }
-  patches {
-    target {
-      kind = "Deployment"
-      name = "authentik-server"
-    }
-    patch = join("", concat([<<EOF
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: authentik-server
-  annotations: ${jsonencode(local.server_annotations)}
-spec:
-  template:
-    spec:
-      containers:
-      - name: authentik
-        image: "${var.images.app.registry}/${var.images.app.repository}:${var.images.app.tag}"
-        imagePullPolicy: "${var.images.app.pull_policy}"
-        env:
-        - name: AUTHENTIK_POSTGRESQL__PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: "${var.instance}-${var.component}-pg-app"
-              key: password
-        envFrom:
-        - secretRef:
-            name: ${var.component}
-        - configMapRef:
-            name: ${var.component}
-EOF
-    ], var.customisation.configmap_name!="" && var.customisation.use_icon_left && var.customisation.use_custom_css?[<<EOF
-        volumeMounts:
-        - name: custom-css
-          mountPath: /web/dist/custom.css
-          subPath: custom.css
-        - name: custom-left
-          mountPath: /web/dist/assets/icons/icon_left_brand.svg
-          subPath: icon_left_brand.svg
-      volumes:
-      - name: custom-css
-        configMap:
-          name: "${var.customisation.configmap_name}"
-          items:
-          - key: custom.css
-            path: custom.css
-      - name: custom-left
-        configMap:
-          name: "${var.customisation.configmap_name}"
-          items:
-          - key: icon_left_brand.svg
-            path: icon_left_brand.svg
-EOF
-    ]
-    :var.customisation.configmap_name!="" && var.customisation.use_icon_left && !var.customisation.use_custom_css?[<<EOF
-        volumeMounts:
-        - name: custom-left
-          mountPath: /web/dist/assets/icons/icon_left_brand.svg
-          subPath: icon_left_brand.svg
-      volumes:
-      - name: custom-left
-        configMap:
-          name: "${var.customisation.configmap_name}"
-          items:
-          - key: icon_left_brand.svg
-            path: icon_left_brand.svg
-EOF
-    ]
-    :var.customisation.configmap_name!="" && !var.customisation.use_icon_left && var.customisation.use_custom_css?[<<EOF
-        volumeMounts:
-        - name: custom-css
-          mountPath: /web/dist/custom.css
-          subPath: custom.css
-      volumes:
-      - name: custom-css
-        configMap:
-          name: "${var.customisation.configmap_name}"
-          items:
-          - key: custom.css
-            path: custom.css
-EOF
-    ]
-    :[""] ))
-  }
-}

share/authentik/index.yaml

@@ -452,9 +452,6 @@ dependencies:
 - dist: null
   category: core
   component: secret-generator
-- dist: null
-  category: crd
-  component: prometheus
 - dist: null
   category: crd
   component: traefik

share/authentik/presentation.tf

@@ -50,7 +50,7 @@ resource "kubectl_manifest" "gitlab_token" {
     EOF
 }
 module "ingress" {
-  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress"
+  source = "git::https://git.solidite.fr/vynil/kydah-modules.git//ingress?ref=0.3.0"
   component         = ""
   instance          = var.instance
   namespace         = var.namespace