refactor: use configMapGenerator for auto-rolling updates

deploy/base/config.env

@@ -0,0 +1,40 @@
+# PostgreSQL
+DB_HOST=cloud-dev-rw.cnpg-system.svc.cluster.local
+DB_PORT=5432
+DB_NAME=cloud_dev
+DB_USER=cloud_dev
+DB_SSLMODE=disable
+DB_POOLSIZE=10
+
+# MongoDB
+MONGO_HOST=cloud-dev-svc.mongodb.svc.cluster.local
+MONGO_PORT=27017
+MONGO_DB_NAME=db
+MONGO_ODX_DB_NAME=odx_db
+MONGO_CLIENT_TIMEOUT=60
+
+# Redis (no auth required)
+REDIS_HOST=cloud-dev.redis.svc.cluster.local
+REDIS_PORT=6379
+REDIS_IDLETIMEOUT_MS=3600000
+REDIS_MAXIDLECONN=10
+REDIS_MAXACTIVECONN=10
+
+# Kafka (Strimzi)
+KAFKA_HOSTS=cloud-dev-kafka-bootstrap.kafka.svc.cluster.local:9092
+KAFKA_SECURITY_PROTOCOL=PLAINTEXT
+KAFKA_GO_BATCH_CONSUMER=true
+KAFKA_BATCH_NUM_MESSAGES=50000
+KAFKA_BATCH_SIZE=1000000
+KAFKA_LINGER_MS=50
+
+# Auth (Keycloak)
+OIDC_ISSUER=https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth
+OIDC_JWK_URL=https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth/protocol/openid-connect/certs
+JWK_URL=https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth/protocol/openid-connect/certs
+
+# Vault
+VAULT_URL=http://vault.vault.svc.cluster.local:8200/v1
+
+# Logging
+LOG_LEVEL=info

deploy/base/configmap-common.yaml

@@ -1,47 +0,0 @@
-# Common environment config shared by all services
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: cloud-common-config
-  namespace: cloud-services
-data:
-  # PostgreSQL
-  DB_HOST: cloud-dev-rw.cnpg-system.svc.cluster.local
-  DB_PORT: "5432"
-  DB_NAME: cloud_dev
-  DB_USER: cloud_dev
-  DB_SSLMODE: disable
-  DB_POOLSIZE: "10"
-  
-  # MongoDB
-  MONGO_HOST: cloud-dev-svc.mongodb.svc.cluster.local
-  MONGO_PORT: "27017"
-  MONGO_DB_NAME: db
-  MONGO_ODX_DB_NAME: odx_db
-  MONGO_CLIENT_TIMEOUT: "60"
-  
-  # Redis (no auth required)
-  REDIS_HOST: cloud-dev.redis.svc.cluster.local
-  REDIS_PORT: "6379"
-  REDIS_IDLETIMEOUT_MS: "3600000"
-  REDIS_MAXIDLECONN: "10"
-  REDIS_MAXACTIVECONN: "10"
-  
-  # Kafka (Strimzi)
-  KAFKA_HOSTS: cloud-dev-kafka-bootstrap.kafka.svc.cluster.local:9092
-  KAFKA_SECURITY_PROTOCOL: PLAINTEXT
-  KAFKA_GO_BATCH_CONSUMER: "true"
-  KAFKA_BATCH_NUM_MESSAGES: "50000"
-  KAFKA_BATCH_SIZE: "1000000"
-  KAFKA_LINGER_MS: "50"
-  
-  # Auth (Keycloak)
-  OIDC_ISSUER: https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth
-  OIDC_JWK_URL: https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth/protocol/openid-connect/certs
-  JWK_URL: https://keycloak.mini.cloud.fiskerinc.com/realms/compute-auth/protocol/openid-connect/certs
-  
-  # Vault
-  VAULT_URL: http://vault.vault.svc.cluster.local:8200/v1
-  
-  # Logging
-  LOG_LEVEL: info

deploy/base/kustomization.yaml

@@ -1,5 +1,10 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
-resources:
+configMapGenerator:
-  - configmap-common.yaml
+  - name: cloud-common-config
+    envs:
+      - config.env
+
+generatorOptions:
+  disableNameSuffixHash: false

deploy/overlays/development/kustomization.yaml

@@ -8,5 +8,6 @@ resources:
   - secrets.yaml
   - services/gateway/
 
-commonLabels:
+labels:
-  environment: development
+  - pairs:
+      environment: development

deploy/overlays/development/services/gateway/deployment.yaml

@@ -5,8 +5,6 @@ metadata:
   namespace: cloud-services
   labels:
     app: gateway
-  annotations:
-    reloader.stakater.com/auto: "true"
 spec:
   replicas: 1
   selector:

deploy/overlays/development/services/gateway/kustomization.yaml

@@ -5,7 +5,6 @@ namespace: cloud-services
 
 resources:
   - namespace.yaml
-  - ../../../../base
   - deployment.yaml
   - ingress.yaml
   - external-secret.yaml