From 227ef7bed502cfd8a4042dc865e47990b507b5f4 Mon Sep 17 00:00:00 2001
From: Jory Irving <jory@jory.dev>
Date: Fri, 10 Jan 2025 08:47:40 -0700
Subject: [PATCH 1/5] fix: add cluster-repos

---
 kubernetes/main/flux/config/cluster.yaml    | 19 +++++++++++++++++++
 kubernetes/utility/flux/config/cluster.yaml | 19 +++++++++++++++++++
 2 files changed, 38 insertions(+)

diff --git a/kubernetes/main/flux/config/cluster.yaml b/kubernetes/main/flux/config/cluster.yaml
index feecf0b13..2c72e988c 100644
--- a/kubernetes/main/flux/config/cluster.yaml
+++ b/kubernetes/main/flux/config/cluster.yaml
@@ -21,6 +21,25 @@ spec:
 # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
+metadata:
+  name: cluster-repos
+  namespace: flux-system
+spec:
+  interval: 30m
+  path: ./kubernetes/main/flux/repos
+  prune: true
+  wait: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  decryption:
+    provider: sops
+    secretRef:
+      name: sops-age
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
 metadata:
   name: cluster-settings
   namespace: flux-system
diff --git a/kubernetes/utility/flux/config/cluster.yaml b/kubernetes/utility/flux/config/cluster.yaml
index 9290d8f9d..06ce445a9 100644
--- a/kubernetes/utility/flux/config/cluster.yaml
+++ b/kubernetes/utility/flux/config/cluster.yaml
@@ -21,6 +21,25 @@ spec:
 # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
+metadata:
+  name: cluster-repos
+  namespace: flux-system
+spec:
+  interval: 30m
+  path: ./kubernetes/utility/flux/repos
+  prune: true
+  wait: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  decryption:
+    provider: sops
+    secretRef:
+      name: sops-age
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
 metadata:
   name: cluster-settings
   namespace: flux-system

From e8d66facbe8b711947f07e9c9b3215a0b4e9075e Mon Sep 17 00:00:00 2001
From: Jory Irving <jory@jory.dev>
Date: Fri, 10 Jan 2025 08:49:23 -0700
Subject: [PATCH 2/5] fix: point at consistent schema

---
 .../instance/github/notifications/externalsecret.yaml         | 2 +-
 .../flux-system/flux-operator/instance/prometheusrule.yaml    | 2 +-
 kubernetes/main/apps/flux-system/flux-operator/ks.yaml        | 4 ++--
 .../main/apps/network/nginx/certificates/pushsecret.yaml      | 2 +-
 .../observability/kube-prometheus-stack/app/scrapeconfig.yaml | 2 +-
 .../main/apps/storage/csi-driver-nfs/app/helmrelease.yaml     | 2 +-
 kubernetes/main/flux/config/cluster.yaml                      | 4 ++--
 .../instance/github/notifications/externalsecret.yaml         | 2 +-
 .../flux-system/flux-operator/instance/prometheusrule.yaml    | 2 +-
 kubernetes/utility/apps/flux-system/flux-operator/ks.yaml     | 4 ++--
 .../node-feature-discovery/features/rtl-sdr-device.yaml       | 2 +-
 .../utility/apps/network/nginx/certificates/pushsecret.yaml   | 2 +-
 kubernetes/utility/flux/config/cluster.yaml                   | 4 ++--
 13 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/kubernetes/main/apps/flux-system/flux-operator/instance/github/notifications/externalsecret.yaml b/kubernetes/main/apps/flux-system/flux-operator/instance/github/notifications/externalsecret.yaml
index e4c3ba024..d33dafe1d 100644
--- a/kubernetes/main/apps/flux-system/flux-operator/instance/github/notifications/externalsecret.yaml
+++ b/kubernetes/main/apps/flux-system/flux-operator/instance/github/notifications/externalsecret.yaml
@@ -1,5 +1,5 @@
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
 apiVersion: external-secrets.io/v1beta1
 kind: ExternalSecret
 metadata:
diff --git a/kubernetes/main/apps/flux-system/flux-operator/instance/prometheusrule.yaml b/kubernetes/main/apps/flux-system/flux-operator/instance/prometheusrule.yaml
index d5d8ba1ee..92dca7a4a 100644
--- a/kubernetes/main/apps/flux-system/flux-operator/instance/prometheusrule.yaml
+++ b/kubernetes/main/apps/flux-system/flux-operator/instance/prometheusrule.yaml
@@ -1,5 +1,5 @@
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/monitoring.coreos.com/prometheusrule_v1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/monitoring.coreos.com/prometheusrule_v1.json
 apiVersion: monitoring.coreos.com/v1
 kind: PrometheusRule
 metadata:
diff --git a/kubernetes/main/apps/flux-system/flux-operator/ks.yaml b/kubernetes/main/apps/flux-system/flux-operator/ks.yaml
index 3e0077016..104d407f9 100644
--- a/kubernetes/main/apps/flux-system/flux-operator/ks.yaml
+++ b/kubernetes/main/apps/flux-system/flux-operator/ks.yaml
@@ -1,5 +1,5 @@
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
@@ -19,7 +19,7 @@ spec:
   interval: 30m
   timeout: 5m
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
diff --git a/kubernetes/main/apps/network/nginx/certificates/pushsecret.yaml b/kubernetes/main/apps/network/nginx/certificates/pushsecret.yaml
index 0c2e3cda9..92b150ec9 100644
--- a/kubernetes/main/apps/network/nginx/certificates/pushsecret.yaml
+++ b/kubernetes/main/apps/network/nginx/certificates/pushsecret.yaml
@@ -1,5 +1,5 @@
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/pushsecret_v1alpha1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/external-secrets.io/pushsecret_v1alpha1.json
 apiVersion: external-secrets.io/v1alpha1
 kind: PushSecret
 metadata:
diff --git a/kubernetes/main/apps/observability/kube-prometheus-stack/app/scrapeconfig.yaml b/kubernetes/main/apps/observability/kube-prometheus-stack/app/scrapeconfig.yaml
index c24669980..8b91eb62b 100644
--- a/kubernetes/main/apps/observability/kube-prometheus-stack/app/scrapeconfig.yaml
+++ b/kubernetes/main/apps/observability/kube-prometheus-stack/app/scrapeconfig.yaml
@@ -30,7 +30,7 @@ spec:
       targetLabel: job
       replacement: *name
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/monitoring.coreos.com/scrapeconfig_v1alpha1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/monitoring.coreos.com/scrapeconfig_v1alpha1.json
 apiVersion: monitoring.coreos.com/v1alpha1
 kind: ScrapeConfig
 metadata:
diff --git a/kubernetes/main/apps/storage/csi-driver-nfs/app/helmrelease.yaml b/kubernetes/main/apps/storage/csi-driver-nfs/app/helmrelease.yaml
index debd4a0aa..69800287f 100644
--- a/kubernetes/main/apps/storage/csi-driver-nfs/app/helmrelease.yaml
+++ b/kubernetes/main/apps/storage/csi-driver-nfs/app/helmrelease.yaml
@@ -1,5 +1,5 @@
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
diff --git a/kubernetes/main/flux/config/cluster.yaml b/kubernetes/main/flux/config/cluster.yaml
index 2c72e988c..1e6482930 100644
--- a/kubernetes/main/flux/config/cluster.yaml
+++ b/kubernetes/main/flux/config/cluster.yaml
@@ -18,7 +18,7 @@ spec:
     secretRef:
       name: sops-age
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
@@ -37,7 +37,7 @@ spec:
     secretRef:
       name: sops-age
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
diff --git a/kubernetes/utility/apps/flux-system/flux-operator/instance/github/notifications/externalsecret.yaml b/kubernetes/utility/apps/flux-system/flux-operator/instance/github/notifications/externalsecret.yaml
index e4c3ba024..d33dafe1d 100644
--- a/kubernetes/utility/apps/flux-system/flux-operator/instance/github/notifications/externalsecret.yaml
+++ b/kubernetes/utility/apps/flux-system/flux-operator/instance/github/notifications/externalsecret.yaml
@@ -1,5 +1,5 @@
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
 apiVersion: external-secrets.io/v1beta1
 kind: ExternalSecret
 metadata:
diff --git a/kubernetes/utility/apps/flux-system/flux-operator/instance/prometheusrule.yaml b/kubernetes/utility/apps/flux-system/flux-operator/instance/prometheusrule.yaml
index d5d8ba1ee..92dca7a4a 100644
--- a/kubernetes/utility/apps/flux-system/flux-operator/instance/prometheusrule.yaml
+++ b/kubernetes/utility/apps/flux-system/flux-operator/instance/prometheusrule.yaml
@@ -1,5 +1,5 @@
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/monitoring.coreos.com/prometheusrule_v1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/monitoring.coreos.com/prometheusrule_v1.json
 apiVersion: monitoring.coreos.com/v1
 kind: PrometheusRule
 metadata:
diff --git a/kubernetes/utility/apps/flux-system/flux-operator/ks.yaml b/kubernetes/utility/apps/flux-system/flux-operator/ks.yaml
index 3962a70e0..986a72d12 100644
--- a/kubernetes/utility/apps/flux-system/flux-operator/ks.yaml
+++ b/kubernetes/utility/apps/flux-system/flux-operator/ks.yaml
@@ -1,5 +1,5 @@
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
@@ -19,7 +19,7 @@ spec:
   interval: 30m
   timeout: 5m
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
diff --git a/kubernetes/utility/apps/kube-tools/node-feature-discovery/features/rtl-sdr-device.yaml b/kubernetes/utility/apps/kube-tools/node-feature-discovery/features/rtl-sdr-device.yaml
index fbafe477d..9eed2e487 100644
--- a/kubernetes/utility/apps/kube-tools/node-feature-discovery/features/rtl-sdr-device.yaml
+++ b/kubernetes/utility/apps/kube-tools/node-feature-discovery/features/rtl-sdr-device.yaml
@@ -1,5 +1,5 @@
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/nfd.k8s-sigs.io/nodefeaturerule_v1alpha1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/nfd.k8s-sigs.io/nodefeaturerule_v1alpha1.json
 apiVersion: nfd.k8s-sigs.io/v1alpha1
 kind: NodeFeatureRule
 metadata:
diff --git a/kubernetes/utility/apps/network/nginx/certificates/pushsecret.yaml b/kubernetes/utility/apps/network/nginx/certificates/pushsecret.yaml
index 0c2e3cda9..92b150ec9 100644
--- a/kubernetes/utility/apps/network/nginx/certificates/pushsecret.yaml
+++ b/kubernetes/utility/apps/network/nginx/certificates/pushsecret.yaml
@@ -1,5 +1,5 @@
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/pushsecret_v1alpha1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/external-secrets.io/pushsecret_v1alpha1.json
 apiVersion: external-secrets.io/v1alpha1
 kind: PushSecret
 metadata:
diff --git a/kubernetes/utility/flux/config/cluster.yaml b/kubernetes/utility/flux/config/cluster.yaml
index 06ce445a9..82438d526 100644
--- a/kubernetes/utility/flux/config/cluster.yaml
+++ b/kubernetes/utility/flux/config/cluster.yaml
@@ -18,7 +18,7 @@ spec:
     secretRef:
       name: sops-age
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
@@ -37,7 +37,7 @@ spec:
     secretRef:
       name: sops-age
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+# yaml-language-server: $schema=https://kube-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

From c3b345524b6ceaa9b077899ad3f54c52c5e6f294 Mon Sep 17 00:00:00 2001
From: Jory Irving <jory@jory.dev>
Date: Fri, 10 Jan 2025 08:52:48 -0700
Subject: [PATCH 3/5] fix: add output

---
 .github/workflows/pre-pull-images.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/pre-pull-images.yaml b/.github/workflows/pre-pull-images.yaml
index 56a8fa559..7027e583f 100644
--- a/.github/workflows/pre-pull-images.yaml
+++ b/.github/workflows/pre-pull-images.yaml
@@ -73,6 +73,7 @@ jobs:
         paths: ${{ fromJSON(needs.changed-clusters.outputs.matrix) }}
       fail-fast: false
     outputs:
+      paths: ${{ needs.changed-clusters.outputs.matrix }}
       default: ${{ steps.extract-images.outputs.default }}
       pull: ${{ steps.extract-images.outputs.pull }}
     steps:

From f464092bc2ce83cc3f64b62c625b5f139d1048e3 Mon Sep 17 00:00:00 2001
From: Jory Irving <jory@jory.dev>
Date: Fri, 10 Jan 2025 08:56:08 -0700
Subject: [PATCH 4/5] fix: cleanup workflow

---
 .github/workflows/pre-pull-images.yaml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/pre-pull-images.yaml b/.github/workflows/pre-pull-images.yaml
index 7027e583f..2e6360565 100644
--- a/.github/workflows/pre-pull-images.yaml
+++ b/.github/workflows/pre-pull-images.yaml
@@ -73,7 +73,6 @@ jobs:
         paths: ${{ fromJSON(needs.changed-clusters.outputs.matrix) }}
       fail-fast: false
     outputs:
-      paths: ${{ needs.changed-clusters.outputs.matrix }}
       default: ${{ steps.extract-images.outputs.default }}
       pull: ${{ steps.extract-images.outputs.pull }}
     steps:
@@ -142,11 +141,11 @@ jobs:
     if: ${{ needs.compare-images.outputs.images != '[]' }}
     name: Pre-pull Images
     runs-on: ["gha-runner-scale-set"]
-    needs: ["compare-images"]
+    needs: ["compare-images", "changed-clusters"]
     strategy:
       matrix:
         images: ${{ fromJSON(needs.compare-images.outputs.images) }}
-        paths: ${{ fromJSON(needs.extract-images.outputs.paths) }}
+        paths: ${{ fromJSON(needs.changed-clusters.outputs.matrix) }}
       max-parallel: 4
       fail-fast: false
     steps:

From 0f3ce807f44387bba0886ad728b8c8ba3ffa1a8b Mon Sep 17 00:00:00 2001
From: "smurf-bot[bot]" <137516995+smurf-bot[bot]@users.noreply.github.com>
Date: Fri, 10 Jan 2025 08:59:32 -0700
Subject: [PATCH 5/5] =?UTF-8?q?fix(container):=20update=20ghcr.io/joryirvi?=
 =?UTF-8?q?ng/home-assistant=20(=202025.1.1=20=E2=86=92=202025.1.2=20)=20(?=
 =?UTF-8?q?#3488)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

| datasource | package                           | from     | to       |
| ---------- | --------------------------------- | -------- | -------- |
| docker     | ghcr.io/joryirving/home-assistant | 2025.1.1 | 2025.1.2 |

Co-authored-by: smurf-bot[bot] <137516995+smurf-bot[bot]@users.noreply.github.com>
Co-authored-by: Jory Irving <46251616+joryirving@users.noreply.github.com>
---
 .../apps/home-automation/home-assistant/app/helmrelease.yaml    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kubernetes/utility/apps/home-automation/home-assistant/app/helmrelease.yaml b/kubernetes/utility/apps/home-automation/home-assistant/app/helmrelease.yaml
index 36251860f..c67cc4c3e 100644
--- a/kubernetes/utility/apps/home-automation/home-assistant/app/helmrelease.yaml
+++ b/kubernetes/utility/apps/home-automation/home-assistant/app/helmrelease.yaml
@@ -34,7 +34,7 @@ spec:
           app:
             image:
               repository: ghcr.io/joryirving/home-assistant
-              tag: 2025.1.1@sha256:3c334a549b7a57bc4da2e3ccdee424eb1873a191eca192ee6b602d8e0a5891bb
+              tag: 2025.1.2@sha256:4a2ee8f33242e13ed8754413a6fab5e3457c125eef01571a02e5cd6662320557
             env:
               TZ: ${TIMEZONE}
             securityContext: