apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization metadata: name: bakery-ia-dev # NOTE: Do NOT set a global namespace here. # Each resource already has its namespace explicitly defined. # A global namespace would incorrectly transform cluster-scoped resources # like cert-manager namespaces. resources: - ../../../environments/common/configs # NOTE: nominatim is NOT included here - it's deployed manually via Tilt trigger 'nominatim-helm' # - ../../../platform/nominatim - ../../../platform/gateway - ../../../platform/cert-manager - ../../../platform/networking/ingress/overlays/dev - ../../../platform/storage - ../../../services/databases - ../../../services/microservices # NOTE: cicd is NOT included here - it's deployed manually via Tilt triggers # Run 'tilt trigger tekton-install' followed by 'tilt trigger tekton-pipelines-deploy' # - ../../../cicd - dev-certificate.yaml # Dev-specific patches patches: - target: kind: ConfigMap name: bakery-config patch: |- - op: replace path: /data/ENVIRONMENT value: "development" - op: replace path: /data/DEBUG value: "true" # NOTE: nominatim patches removed - nominatim is now deployed via Helm (tilt trigger nominatim-helm) # Add imagePullSecrets to all Deployments for Gitea registry authentication - target: kind: Deployment patch: |- - op: add path: /spec/template/spec/imagePullSecrets value: - name: gitea-registry-secret # Add imagePullSecrets to all StatefulSets for Gitea registry authentication - target: kind: StatefulSet patch: |- - op: add path: /spec/template/spec/imagePullSecrets value: - name: gitea-registry-secret # Add imagePullSecrets to all Jobs for Gitea registry authentication - target: kind: Job patch: |- - op: add path: /spec/template/spec/imagePullSecrets value: - name: gitea-registry-secret # Add imagePullSecrets to all CronJobs for Gitea registry authentication - target: kind: CronJob patch: |- - op: add path: /spec/jobTemplate/spec/template/spec/imagePullSecrets value: - name: gitea-registry-secret labels: - includeSelectors: true pairs: environment: development tier: local # Dev image overrides - use Gitea registry to avoid Docker Hub rate limits # IMPORTANT: All image names must be lowercase (Docker requirement) # The prepull-base-images.sh script pushes images to registry.bakery-ia.local/bakery-admin/ # Format: registry.bakery-ia.local/bakery-admin/: images: # Database images - name: postgres newName: registry.bakery-ia.local/bakery-admin/postgres newTag: "17-alpine" - name: redis newName: registry.bakery-ia.local/bakery-admin/redis newTag: "7.4-alpine" - name: rabbitmq newName: registry.bakery-ia.local/bakery-admin/rabbitmq newTag: "4.1-management-alpine" # Utility images - name: busybox newName: registry.bakery-ia.local/bakery-admin/busybox newTag: "1.36" - name: curlimages/curl newName: registry.bakery-ia.local/bakery-admin/curlimages-curl newTag: latest - name: bitnami/kubectl newName: registry.bakery-ia.local/bakery-admin/bitnami-kubectl newTag: latest # Alpine variants - name: alpine newName: registry.bakery-ia.local/bakery-admin/alpine newTag: "3.19" - name: alpine/git newName: registry.bakery-ia.local/bakery-admin/alpine-git newTag: "2.43.0" # CI/CD images (cached in Gitea registry for consistency) - name: gcr.io/kaniko-project/executor newName: registry.bakery-ia.local/bakery-admin/gcr.io-kaniko-project-executor newTag: v1.23.0 - name: gcr.io/go-containerregistry/crane newName: registry.bakery-ia.local/bakery-admin/gcr.io-go-containerregistry-crane newTag: latest - name: registry.k8s.io/kustomize/kustomize newName: registry.bakery-ia.local/bakery-admin/registry.k8s.io-kustomize-kustomize newTag: v5.3.0 # Storage images - name: minio/minio newName: registry.bakery-ia.local/bakery-admin/minio-minio newTag: RELEASE.2024-11-07T00-52-20Z - name: minio/mc newName: registry.bakery-ia.local/bakery-admin/minio-mc newTag: RELEASE.2024-11-17T19-35-25Z # NOTE: nominatim image override removed - nominatim is now deployed via Helm # Python base image - name: python newName: registry.bakery-ia.local/bakery-admin/python newTag: "3.11-slim"