Merge pull request #60 from glaciation-heu/feature/optimizing-securit…

…y-upgrade [security] optimize security
glaciation-heu · Nov 14, 2024 · 4c8fec2 · 4c8fec2
2 parents 7577d87 + 49d844e
commit 4c8fec2
Show file tree

Hide file tree

Showing 11 changed files with 15 additions and 15 deletions.
diff --git a/base/apps/security/cert-manager.yaml b/base/apps/security/cert-manager.yaml
@@ -5,7 +5,7 @@ metadata:
   namespace: argocd
   annotations:
     argocd.argoproj.io/hook: Sync
-    argocd.argoproj.io/sync-wave: "-20"
+    argocd.argoproj.io/sync-wave: "-30"
   finalizers:
    - resources-finalizer.argocd.argoproj.io
 spec:

diff --git a/base/apps/security/gatekeeper-policy-manager.yaml b/base/apps/security/gatekeeper-policy-manager.yaml
@@ -7,7 +7,7 @@ metadata:
    - resources-finalizer.argocd.argoproj.io
   annotations:
     argocd.argoproj.io/hook: Sync
-    argocd.argoproj.io/sync-wave: "-8"
+    argocd.argoproj.io/sync-wave: "-30"
 spec:
   project: default
   source:

diff --git a/base/apps/security/manual/gatekeeper-resource-constraint-templates.yaml b/base/apps/security/manual/gatekeeper-resource-constraint-templates.yaml
@@ -6,7 +6,7 @@ metadata:
   annotations:
     argocd.argoproj.io/hook: Sync
     argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
-    argocd.argoproj.io/sync-wave: "-30"
+    argocd.argoproj.io/sync-wave: "-20"
     metadata.gatekeeper.sh/title: "Container Requests"
     metadata.gatekeeper.sh/version: 1.0.1
     description: >-
@@ -273,7 +273,7 @@ metadata:
   name: k8scontainerlimits
   annotations:
     argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
-    argocd.argoproj.io/sync-wave: "-30"
+    argocd.argoproj.io/sync-wave: "-20"
     metadata.gatekeeper.sh/title: "Container Limits"
     metadata.gatekeeper.sh/version: 1.0.1
     description: >-

diff --git a/base/apps/security/manual/setup-ca-and-bundle.yaml b/base/apps/security/manual/setup-ca-and-bundle.yaml
@@ -5,7 +5,7 @@ metadata:
   name: selfsigned-issuer
   annotations:
     argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
-    argocd.argoproj.io/sync-wave: "-8"
+    argocd.argoproj.io/sync-wave: "-25"
 spec:
   selfSigned: {}
 ---
@@ -16,7 +16,7 @@ metadata:
   namespace: cert-manager
   annotations:
     argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
-    argocd.argoproj.io/sync-wave: "-8"
+    argocd.argoproj.io/sync-wave: "-25"
 spec:
   isCA: true
   commonName: my-selfsigned-ca
@@ -35,7 +35,7 @@ metadata:
   name: private-ca-issuer
   annotations:
     argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
-    argocd.argoproj.io/sync-wave: "-8"
+    argocd.argoproj.io/sync-wave: "-25"
 spec:
   ca:
     secretName: root-secret
@@ -49,7 +49,7 @@ metadata:
   annotations:
     argocd.argoproj.io/hook: Sync
     argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
-    argocd.argoproj.io/sync-wave: "-8"
+    argocd.argoproj.io/sync-wave: "-19"
 spec:
   sources:
   # Include a bundle of publicly trusted certificates which can be

diff --git a/base/apps/security/manual/vault-extras.yaml b/base/apps/security/manual/vault-extras.yaml
@@ -7,7 +7,7 @@ metadata:
   annotations:    
     argocd.argoproj.io/hook: Sync
     argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
-    argocd.argoproj.io/sync-wave: "-19"
+    argocd.argoproj.io/sync-wave: "-25"
 spec:
   secretName: vault-tls
   issuerRef:

diff --git a/base/apps/security/manual/vault-init.yaml b/base/apps/security/manual/vault-init.yaml
@@ -5,7 +5,7 @@ metadata:
   namespace: vault
   annotations:
     argocd.argoproj.io/hook: Sync
-    argocd.argoproj.io/sync-wave: "-8"
+    argocd.argoproj.io/sync-wave: "-20"
 spec:
   template:
     spec:

diff --git a/base/apps/security/minio-tenant.yaml b/base/apps/security/minio-tenant.yaml
@@ -6,7 +6,7 @@ metadata:
   annotations:
     argocd.argoproj.io/hook: Sync
     argocd.argoproj.io/compare-options: ServerSideDiff=true
-    argocd.argoproj.io/sync-wave: "-8"
+    argocd.argoproj.io/sync-wave: "-4"
   finalizers:
   - resources-finalizer.argocd.argoproj.io
 spec:

diff --git a/base/apps/security/minio.yaml b/base/apps/security/minio.yaml
@@ -6,7 +6,7 @@ metadata:
   annotations:
     argocd.argoproj.io/hook: Sync
     argocd.argoproj.io/compare-options: ServerSideDiff=true
-    argocd.argoproj.io/sync-wave: "-8"
+    argocd.argoproj.io/sync-wave: "-30"
   finalizers:
   - resources-finalizer.argocd.argoproj.io
 spec:

diff --git a/base/apps/security/replicator.yaml b/base/apps/security/replicator.yaml
@@ -5,7 +5,7 @@ metadata:
   namespace: argocd
   annotations:
     argocd.argoproj.io/hook: Sync
-    argocd.argoproj.io/sync-wave: "-20"
+    argocd.argoproj.io/sync-wave: "-30"
   finalizers:
    - resources-finalizer.argocd.argoproj.io
 spec:

diff --git a/base/apps/security/trust-manager.yaml b/base/apps/security/trust-manager.yaml
@@ -5,7 +5,7 @@ metadata:
   namespace: argocd
   annotations:
     argocd.argoproj.io/hook: Sync
-    argocd.argoproj.io/sync-wave: "-20"
+    argocd.argoproj.io/sync-wave: "-30"
   finalizers:
    - resources-finalizer.argocd.argoproj.io
 spec:

diff --git a/base/apps/security/vault.yaml b/base/apps/security/vault.yaml
@@ -7,7 +7,7 @@ metadata:
   annotations:
     argocd.argoproj.io/hook: Sync
     argocd.argoproj.io/compare-options: ServerSideDiff=true
-    argocd.argoproj.io/sync-wave: "-8"
+    argocd.argoproj.io/sync-wave: "-20"
   finalizers:
    - resources-finalizer.argocd.argoproj.io
 spec: