diff --git a/kubernetes/kyak/apps/tailscale/tailscale/app/externalsecret.yaml b/kubernetes/kyak/apps/tailscale/tailscale/app/externalsecret.yaml index adadcb0b28..53a2c8de4c 100644 --- a/kubernetes/kyak/apps/tailscale/tailscale/app/externalsecret.yaml +++ b/kubernetes/kyak/apps/tailscale/tailscale/app/externalsecret.yaml @@ -9,7 +9,7 @@ spec: kind: ClusterSecretStore name: onepassword-connect target: - name: tailscale-operator-secret + name: operator-oauth creationPolicy: Owner template: engineVersion: v2 diff --git a/kubernetes/kyak/apps/tailscale/tailscale/app/helmrelease.yaml b/kubernetes/kyak/apps/tailscale/tailscale/app/helmrelease.yaml index 6224717f60..32d9669e98 100644 --- a/kubernetes/kyak/apps/tailscale/tailscale/app/helmrelease.yaml +++ b/kubernetes/kyak/apps/tailscale/tailscale/app/helmrelease.yaml @@ -20,30 +20,12 @@ spec: upgrade: cleanupOnFail: true remediation: + strategy: rollback retries: 3 - uninstall: - keepHistory: false values: + oauth: {} installCRDs: "true" - operatorConfig: - defaultTags: - - "tag:k8s-operator" proxyConfig: - # ACL tag that operator will tag proxies with. Operator must be made owner of - # these tags - # https://tailscale.com/kb/1236/kubernetes-operator/?q=operator#setting-up-the-kubernetes-operator - # Multiple tags can be passed as a comma-separated string i.e 'tag:k8s-proxies,tag:prod'. - # Note that if you pass multiple tags to this field via `--set` flag to helm upgrade/install commands you must escape the comma (for example, "tag:k8s-proxies\,tag:prod"). See https://github.com/helm/helm/issues/1556 - defaultTags: "tag:k8s" firewallMode: auto apiServerProxyConfig: mode: "noauth" # "true", "false", "noauth" - valuesFrom: - - targetPath: oauth.clientId - kind: Secret - name: tailscale-operator-secret - valuesKey: CLIENT_ID - - targetPath: oauth.clientSecret - kind: Secret - name: tailscale-operator-secret - valuesKey: CLIENT_SECRET