feat: add flux alert template with namespace transformer

Signed-off-by: Devin Buhl <[email protected]>

kubernetes/apps/actions-runner-system/kustomization.yaml

@@ -5,6 +5,15 @@ kind: Kustomization
 resources:
   # Pre Flux-Kustomizations
   - ./namespace.yaml
+  - ../../templates/flux
   # Flux-Kustomizations
   - ./gha-runner-scale-set-controller/ks.yaml
   - ./gha-runner-scale-set/ks.yaml
+transformers:
+  - |-
+    apiVersion: builtin
+    kind: NamespaceTransformer
+    metadata:
+      name: not-used
+      namespace: actions-runner-system
+    unsetOnly: true

kubernetes/apps/actions-runner-system/namespace.yaml

@@ -6,33 +6,3 @@ metadata:
   annotations:
     kustomize.toolkit.fluxcd.io/prune: disabled
     volsync.backube/privileged-movers: "true"
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/provider_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Provider
-metadata:
-  name: alert-manager
-  namespace: actions-runner-system
-spec:
-  type: alertmanager
-  address: http://alertmanager-operated.observability.svc.cluster.local:9093/api/v2/alerts/
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/alert_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Alert
-metadata:
-  name: alert-manager
-  namespace: actions-runner-system
-spec:
-  providerRef:
-    name: alert-manager
-  eventSeverity: error
-  eventSources:
-    - kind: HelmRelease
-      name: "*"
-  exclusionList:
-    - "error.*lookup github\\.com"
-    - "error.*lookup raw\\.githubusercontent\\.com"
-    - "dial.*tcp.*timeout"
-    - "waiting.*socket"
-  suspend: false

kubernetes/apps/cert-manager/kustomization.yaml

@@ -5,5 +5,14 @@ kind: Kustomization
 resources:
   # Pre Flux-Kustomizations
   - ./namespace.yaml
+  - ../../templates/flux
   # Flux-Kustomizations
   - ./cert-manager/ks.yaml
+transformers:
+  - |-
+    apiVersion: builtin
+    kind: NamespaceTransformer
+    metadata:
+      name: not-used
+      namespace: cert-manager
+    unsetOnly: true

kubernetes/apps/cert-manager/namespace.yaml

@@ -6,33 +6,3 @@ metadata:
   annotations:
     kustomize.toolkit.fluxcd.io/prune: disabled
     volsync.backube/privileged-movers: "true"
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/provider_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Provider
-metadata:
-  name: alert-manager
-  namespace: cert-manager
-spec:
-  type: alertmanager
-  address: http://alertmanager-operated.observability.svc.cluster.local:9093/api/v2/alerts/
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/alert_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Alert
-metadata:
-  name: alert-manager
-  namespace: cert-manager
-spec:
-  providerRef:
-    name: alert-manager
-  eventSeverity: error
-  eventSources:
-    - kind: HelmRelease
-      name: "*"
-  exclusionList:
-    - "error.*lookup github\\.com"
-    - "error.*lookup raw\\.githubusercontent\\.com"
-    - "dial.*tcp.*timeout"
-    - "waiting.*socket"
-  suspend: false

kubernetes/apps/default/kustomization.yaml

@@ -5,6 +5,7 @@ kind: Kustomization
 resources:
   # Pre Flux-Kustomizations
   - ./namespace.yaml
+  - ../../templates/flux
   # Flux-Kustomizations
   - ./atuin/ks.yaml
   - ./autobrr/ks.yaml
@@ -28,3 +29,11 @@ resources:
   - ./unpackerr/ks.yaml
   - ./zigbee/ks.yaml
   - ./zwave/ks.yaml
+transformers:
+  - |-
+    apiVersion: builtin
+    kind: NamespaceTransformer
+    metadata:
+      name: not-used
+      namespace: default
+    unsetOnly: true

kubernetes/apps/default/namespace.yaml

@@ -6,33 +6,3 @@ metadata:
   annotations:
     kustomize.toolkit.fluxcd.io/prune: disabled
     volsync.backube/privileged-movers: "true"
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/provider_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Provider
-metadata:
-  name: alert-manager
-  namespace: default
-spec:
-  type: alertmanager
-  address: http://alertmanager-operated.observability.svc.cluster.local:9093/api/v2/alerts/
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/alert_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Alert
-metadata:
-  name: alert-manager
-  namespace: default
-spec:
-  providerRef:
-    name: alert-manager
-  eventSeverity: error
-  eventSources:
-    - kind: HelmRelease
-      name: "*"
-  exclusionList:
-    - "error.*lookup github\\.com"
-    - "error.*lookup raw\\.githubusercontent\\.com"
-    - "dial.*tcp.*timeout"
-    - "waiting.*socket"
-  suspend: false

kubernetes/apps/external-secrets/kustomization.yaml

@@ -5,6 +5,15 @@ kind: Kustomization
 resources:
   # Pre Flux-Kustomizations
   - ./namespace.yaml
+  - ../../templates/flux
   # Flux-Kustomizations
   - ./external-secrets/ks.yaml
   - ./onepassword-connect/ks.yaml
+transformers:
+  - |-
+    apiVersion: builtin
+    kind: NamespaceTransformer
+    metadata:
+      name: not-used
+      namespace: external-secrets
+    unsetOnly: true

kubernetes/apps/external-secrets/namespace.yaml

@@ -5,33 +5,3 @@ metadata:
   name: external-secrets
   labels:
     kustomize.toolkit.fluxcd.io/prune: disabled
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/provider_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Provider
-metadata:
-  name: alert-manager
-  namespace: external-secrets
-spec:
-  type: alertmanager
-  address: http://alertmanager-operated.observability.svc.cluster.local:9093/api/v2/alerts/
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/alert_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Alert
-metadata:
-  name: alert-manager
-  namespace: external-secrets
-spec:
-  providerRef:
-    name: alert-manager
-  eventSeverity: error
-  eventSources:
-    - kind: HelmRelease
-      name: "*"
-  exclusionList:
-    - "error.*lookup github\\.com"
-    - "error.*lookup raw\\.githubusercontent\\.com"
-    - "dial.*tcp.*timeout"
-    - "waiting.*socket"
-  suspend: false

kubernetes/apps/flux-system/kustomization.yaml

@@ -5,5 +5,14 @@ kind: Kustomization
 resources:
   # Pre Flux-Kustomizations
   - ./namespace.yaml
+  - ../../templates/flux
   # Flux-Kustomizations
   - ./flux-operator/ks.yaml
+transformers:
+  - |-
+    apiVersion: builtin
+    kind: NamespaceTransformer
+    metadata:
+      name: not-used
+      namespace: flux-system
+    unsetOnly: true

kubernetes/apps/flux-system/namespace.yaml

@@ -6,41 +6,3 @@ metadata:
   annotations:
     kustomize.toolkit.fluxcd.io/prune: disabled
     volsync.backube/privileged-movers: "true"
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/provider_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Provider
-metadata:
-  name: alert-manager
-  namespace: flux-system
-spec:
-  type: alertmanager
-  address: http://alertmanager-operated.observability.svc.cluster.local:9093/api/v2/alerts/
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/alert_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Alert
-metadata:
-  name: alert-manager
-  namespace: flux-system
-spec:
-  providerRef:
-    name: alert-manager
-  eventSeverity: error
-  eventSources:
-    - kind: GitRepository
-      name: "*"
-    - kind: HelmRelease
-      name: "*"
-    - kind: HelmRepository
-      name: "*"
-    - kind: Kustomization
-      name: "*"
-    - kind: OCIRepository
-      name: "*"
-  exclusionList:
-    - "error.*lookup github\\.com"
-    - "error.*lookup raw\\.githubusercontent\\.com"
-    - "dial.*tcp.*timeout"
-    - "waiting.*socket"
-  suspend: false

kubernetes/apps/kube-system/kustomization.yaml

@@ -5,6 +5,7 @@ kind: Kustomization
 resources:
   # Pre Flux-Kustomizations
   - ./namespace.yaml
+  - ../../templates/flux
   # Flux-Kustomizations
   - ./cilium/ks.yaml
   - ./coredns/ks.yaml
@@ -16,3 +17,11 @@ resources:
   - ./node-feature-discovery/ks.yaml
   - ./reloader/ks.yaml
   - ./spegel/ks.yaml
+transformers:
+  - |-
+    apiVersion: builtin
+    kind: NamespaceTransformer
+    metadata:
+      name: not-used
+      namespace: kube-system
+    unsetOnly: true

kubernetes/apps/kube-system/namespace.yaml

@@ -6,33 +6,3 @@ metadata:
   annotations:
     kustomize.toolkit.fluxcd.io/prune: disabled
     volsync.backube/privileged-movers: "true"
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/provider_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Provider
-metadata:
-  name: alert-manager
-  namespace: kube-system
-spec:
-  type: alertmanager
-  address: http://alertmanager-operated.observability.svc.cluster.local:9093/api/v2/alerts/
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/alert_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Alert
-metadata:
-  name: alert-manager
-  namespace: kube-system
-spec:
-  providerRef:
-    name: alert-manager
-  eventSeverity: error
-  eventSources:
-    - kind: HelmRelease
-      name: "*"
-  exclusionList:
-    - "error.*lookup github\\.com"
-    - "error.*lookup raw\\.githubusercontent\\.com"
-    - "dial.*tcp.*timeout"
-    - "waiting.*socket"
-  suspend: false

kubernetes/apps/kyverno/kustomization.yaml

@@ -5,5 +5,14 @@ kind: Kustomization
 resources:
   # Pre Flux-Kustomizations
   - ./namespace.yaml
+  - ../../templates/flux
   # Flux-Kustomizations
   - ./kyverno/ks.yaml
+transformers:
+  - |-
+    apiVersion: builtin
+    kind: NamespaceTransformer
+    metadata:
+      name: not-used
+      namespace: kyverno
+    unsetOnly: true

kubernetes/apps/kyverno/namespace.yaml

@@ -6,33 +6,3 @@ metadata:
   annotations:
     kustomize.toolkit.fluxcd.io/prune: disabled
     volsync.backube/privileged-movers: "true"
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/provider_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Provider
-metadata:
-  name: alert-manager
-  namespace: kyverno
-spec:
-  type: alertmanager
-  address: http://alertmanager-operated.observability.svc.cluster.local:9093/api/v2/alerts/
----
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/alert_v1beta3.json
-apiVersion: notification.toolkit.fluxcd.io/v1beta3
-kind: Alert
-metadata:
-  name: alert-manager
-  namespace: kyverno
-spec:
-  providerRef:
-    name: alert-manager
-  eventSeverity: error
-  eventSources:
-    - kind: HelmRelease
-      name: "*"
-  exclusionList:
-    - "error.*lookup github\\.com"
-    - "error.*lookup raw\\.githubusercontent\\.com"
-    - "dial.*tcp.*timeout"
-    - "waiting.*socket"
-  suspend: false

kubernetes/apps/network/kustomization.yaml

@@ -5,9 +5,18 @@ kind: Kustomization
 resources:
   # Pre Flux-Kustomizations
   - ./namespace.yaml
+  - ../../templates/flux
   # Flux-Kustomizations
   - ./cloudflare-ddns/ks.yaml
   - ./cloudflared/ks.yaml
   - ./echo-server/ks.yaml
   - ./external-dns/ks.yaml
   - ./nginx/ks.yaml
+transformers:
+  - |-
+    apiVersion: builtin
+    kind: NamespaceTransformer
+    metadata:
+      name: not-used
+      namespace: network
+    unsetOnly: true