From d2cfa49d7101a2f5c4a1e45a064e8507375551fb Mon Sep 17 00:00:00 2001
From: Chris Rai <crai@fiskerinc.com>
Date: Sat, 31 Jan 2026 01:01:37 -0500
Subject: [PATCH] refactor: use configMapGenerator for auto-rolling updates

---
 deploy/base/config.env                        | 40 ++++++++++++++++
 deploy/base/configmap-common.yaml             | 47 -------------------
 deploy/base/kustomization.yaml                |  9 +++-
 .../overlays/development/kustomization.yaml   |  5 +-
 .../services/gateway/deployment.yaml          |  2 -
 .../services/gateway/kustomization.yaml       |  1 -
 6 files changed, 50 insertions(+), 54 deletions(-)
 create mode 100644 deploy/base/config.env
 delete mode 100644 deploy/base/configmap-common.yaml

diff --git a/deploy/base/config.env b/deploy/base/config.env
new file mode 100644
index 0000000..fadb7cd
--- /dev/null
+++ b/deploy/base/config.env
@@ -0,0 +1,40 @@
+# PostgreSQL
+DB_HOST=cloud-dev-rw.cnpg-system.svc.cluster.local
+DB_PORT=5432
+DB_NAME=cloud_dev
+DB_USER=cloud_dev
+DB_SSLMODE=disable
+DB_POOLSIZE=10
+
+# MongoDB
+MONGO_HOST=cloud-dev-svc.mongodb.svc.cluster.local
+MONGO_PORT=27017
+MONGO_DB_NAME=db
+MONGO_ODX_DB_NAME=odx_db
+MONGO_CLIENT_TIMEOUT=60
+
+# Redis (no auth required)
+REDIS_HOST=cloud-dev.redis.svc.cluster.local
+REDIS_PORT=6379
+REDIS_IDLETIMEOUT_MS=3600000
+REDIS_MAXIDLECONN=10
+REDIS_MAXACTIVECONN=10
+
+# Kafka (Strimzi)
+KAFKA_HOSTS=cloud-dev-kafka-bootstrap.kafka.svc.cluster.local:9092
+KAFKA_SECURITY_PROTOCOL=PLAINTEXT
+KAFKA_GO_BATCH_CONSUMER=true
+KAFKA_BATCH_NUM_MESSAGES=50000
+KAFKA_BATCH_SIZE=1000000
+KAFKA_LINGER_MS=50
+
+# Auth (Keycloak)
+OIDC_ISSUER=https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth
+OIDC_JWK_URL=https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth/protocol/openid-connect/certs
+JWK_URL=https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth/protocol/openid-connect/certs
+
+# Vault
+VAULT_URL=http://vault.vault.svc.cluster.local:8200/v1
+
+# Logging
+LOG_LEVEL=info
diff --git a/deploy/base/configmap-common.yaml b/deploy/base/configmap-common.yaml
deleted file mode 100644
index 0fbe541..0000000
--- a/deploy/base/configmap-common.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-# Common environment config shared by all services
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: cloud-common-config
-  namespace: cloud-services
-data:
-  # PostgreSQL
-  DB_HOST: cloud-dev-rw.cnpg-system.svc.cluster.local
-  DB_PORT: "5432"
-  DB_NAME: cloud_dev
-  DB_USER: cloud_dev
-  DB_SSLMODE: disable
-  DB_POOLSIZE: "10"
-  
-  # MongoDB
-  MONGO_HOST: cloud-dev-svc.mongodb.svc.cluster.local
-  MONGO_PORT: "27017"
-  MONGO_DB_NAME: db
-  MONGO_ODX_DB_NAME: odx_db
-  MONGO_CLIENT_TIMEOUT: "60"
-  
-  # Redis (no auth required)
-  REDIS_HOST: cloud-dev.redis.svc.cluster.local
-  REDIS_PORT: "6379"
-  REDIS_IDLETIMEOUT_MS: "3600000"
-  REDIS_MAXIDLECONN: "10"
-  REDIS_MAXACTIVECONN: "10"
-  
-  # Kafka (Strimzi)
-  KAFKA_HOSTS: cloud-dev-kafka-bootstrap.kafka.svc.cluster.local:9092
-  KAFKA_SECURITY_PROTOCOL: PLAINTEXT
-  KAFKA_GO_BATCH_CONSUMER: "true"
-  KAFKA_BATCH_NUM_MESSAGES: "50000"
-  KAFKA_BATCH_SIZE: "1000000"
-  KAFKA_LINGER_MS: "50"
-  
-  # Auth (Keycloak)
-  OIDC_ISSUER: https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth
-  OIDC_JWK_URL: https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth/protocol/openid-connect/certs
-  JWK_URL: https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth/protocol/openid-connect/certs
-  
-  # Vault
-  VAULT_URL: http://vault.vault.svc.cluster.local:8200/v1
-  
-  # Logging
-  LOG_LEVEL: info
diff --git a/deploy/base/kustomization.yaml b/deploy/base/kustomization.yaml
index f354355..be00dbf 100644
--- a/deploy/base/kustomization.yaml
+++ b/deploy/base/kustomization.yaml
@@ -1,5 +1,10 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
-resources:
-  - configmap-common.yaml
+configMapGenerator:
+  - name: cloud-common-config
+    envs:
+      - config.env
+
+generatorOptions:
+  disableNameSuffixHash: false
diff --git a/deploy/overlays/development/kustomization.yaml b/deploy/overlays/development/kustomization.yaml
index 6e87278..df20d1d 100644
--- a/deploy/overlays/development/kustomization.yaml
+++ b/deploy/overlays/development/kustomization.yaml
@@ -8,5 +8,6 @@ resources:
   - secrets.yaml
   - services/gateway/
 
-commonLabels:
-  environment: development
+labels:
+  - pairs:
+      environment: development
diff --git a/deploy/overlays/development/services/gateway/deployment.yaml b/deploy/overlays/development/services/gateway/deployment.yaml
index dcf9eb5..f56bd88 100644
--- a/deploy/overlays/development/services/gateway/deployment.yaml
+++ b/deploy/overlays/development/services/gateway/deployment.yaml
@@ -5,8 +5,6 @@ metadata:
   namespace: cloud-services
   labels:
     app: gateway
-  annotations:
-    reloader.stakater.com/auto: "true"
 spec:
   replicas: 1
   selector:
diff --git a/deploy/overlays/development/services/gateway/kustomization.yaml b/deploy/overlays/development/services/gateway/kustomization.yaml
index a1266fe..bc1cd23 100644
--- a/deploy/overlays/development/services/gateway/kustomization.yaml
+++ b/deploy/overlays/development/services/gateway/kustomization.yaml
@@ -5,7 +5,6 @@ namespace: cloud-services
 
 resources:
   - namespace.yaml
-  - ../../../../base
   - deployment.yaml
   - ingress.yaml
   - external-secret.yaml