From e9332f0ac91176cd57f16fcee007cbbf4fd38f6f Mon Sep 17 00:00:00 2001
From: Michael Thomson <mthomson@konradgroup.com>
Date: Tue, 21 Nov 2023 10:49:41 -0500
Subject: [PATCH] reflector

---
 .../helmrepository-emberstack.yaml            |   8 ++
 .../kustomization-reflector.yaml              |  18 +++
 bootstrap/namespaces/namespace-reflector.yaml |   4 +
 reflector/helmrelease-reflector.yaml          | 123 ++++++++++++++++++
 4 files changed, 153 insertions(+)
 create mode 100644 bootstrap/helmrepositories/helmrepository-emberstack.yaml
 create mode 100644 bootstrap/kustomizations/kustomization-reflector.yaml
 create mode 100644 bootstrap/namespaces/namespace-reflector.yaml
 create mode 100644 reflector/helmrelease-reflector.yaml

diff --git a/bootstrap/helmrepositories/helmrepository-emberstack.yaml b/bootstrap/helmrepositories/helmrepository-emberstack.yaml
new file mode 100644
index 0000000..5fa1085
--- /dev/null
+++ b/bootstrap/helmrepositories/helmrepository-emberstack.yaml
@@ -0,0 +1,8 @@
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: HelmRepository
+metadata:
+  name: emberstack
+  namespace: flux-system
+spec:
+  interval: 15m
+  url: https://emberstack.github.io/helm-charts
diff --git a/bootstrap/kustomizations/kustomization-reflector.yaml b/bootstrap/kustomizations/kustomization-reflector.yaml
new file mode 100644
index 0000000..670afc6
--- /dev/null
+++ b/bootstrap/kustomizations/kustomization-reflector.yaml
@@ -0,0 +1,18 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: reflector
+  namespace: flux-system
+spec:
+  interval: 15m
+  path: ./reflector
+  prune: true # remove any elements later removed from the above path
+  timeout: 2m # if not set, this defaults to interval duration, which is 1h
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  healthChecks:
+    - apiVersion: apps/v1
+      kind: Deployment
+      name: reflector
+      namespace: reflector
diff --git a/bootstrap/namespaces/namespace-reflector.yaml b/bootstrap/namespaces/namespace-reflector.yaml
new file mode 100644
index 0000000..59b735b
--- /dev/null
+++ b/bootstrap/namespaces/namespace-reflector.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: reflector
diff --git a/reflector/helmrelease-reflector.yaml b/reflector/helmrelease-reflector.yaml
new file mode 100644
index 0000000..d694821
--- /dev/null
+++ b/reflector/helmrelease-reflector.yaml
@@ -0,0 +1,123 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: reflector
+  namespace: reflector
+spec:
+  chart:
+    spec:
+      chart: reflector
+      version: v7.x
+      sourceRef:
+        kind: HelmRepository
+        name: emberstack
+        namespace: flux-system
+  interval: 15m
+  timeout: 5m
+  releaseName: reflector
+  values:
+    # Default values for reflector.
+    # This is a YAML-formatted file.
+    # Declare variables to be passed into your templates.
+
+    replicaCount: 1
+
+    image:
+      repository: emberstack/kubernetes-reflector
+      pullPolicy: IfNotPresent
+      # Overrides the image tag whose default is the chart appVersion.
+      tag: ""
+
+    imagePullSecrets: []
+    nameOverride: ""
+    fullnameOverride: ""
+
+    cron:
+      enabled: false
+      schedule: "*/15 * * * *"
+      activeDeadlineSeconds: 600
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+
+    configuration:
+      logging:
+        minimumLevel: Information
+      watcher:
+        timeout: ""
+      kubernetes:
+        skipTlsVerify: false
+
+    rbac:
+      enabled: true
+
+    serviceAccount:
+      # Specifies whether a service account should be created
+      create: true
+      # Annotations to add to the service account
+      annotations: {}
+      # The name of the service account to use.
+      # If not set and create is true, a name is generated using the fullname template
+      name: ""
+
+    # additional annotations to set on the pod
+    podAnnotations: {}
+    # additional labels to set on the pod
+    podLabels: {}
+    # additional env vars to add to the pod
+    extraEnv: []
+
+    podSecurityContext:
+      fsGroup: 2000
+
+    securityContext:
+      capabilities:
+        drop:
+          - ALL
+      readOnlyRootFilesystem: false
+      runAsNonRoot: true
+      runAsUser: 1000
+
+    healthcheck:
+      httpGet:
+        path: /healthz
+        port: http
+
+    livenessProbe:
+      initialDelaySeconds: 5
+      periodSeconds: 10
+    readinessProbe:
+      initialDelaySeconds: 5
+      periodSeconds: 10
+    startupProbe:
+      # The application will have a maximum of 50s (10 * 5 = 50s) to finish its startup.
+      failureThreshold: 10
+      periodSeconds: 5
+
+    resources:
+      {}
+      # We usually recommend not to specify default resources and to leave this as a conscious
+      # choice for the user. This also increases chances charts run on environments with little
+      # resources, such as Minikube. If you do want to specify resources, uncomment the following
+      # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+      # limits:
+      #   cpu: 100m
+      #   memory: 128Mi
+      # requests:
+      #   cpu: 100m
+      #   memory: 128Mi
+
+    autoscaling:
+      enabled: false
+      minReplicas: 1
+      maxReplicas: 100
+      targetCPUUtilizationPercentage: 80
+      # targetMemoryUtilizationPercentage: 80
+
+    nodeSelector: {}
+
+    tolerations: []
+
+    affinity: {}
+
+    priorityClassName: ""