deepkoluguri
/
agentic-os
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

AppProject: explicit cluster-scoped kinds (webhooks, CRDs, RBAC, Cilium CWNP) 

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Deep Koluguri 2026-05-11 13:49:06 -04:00
parent 6b519f6b12
commit b4df833efb
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
platform/bootstrap/root-app-project.yaml
View File

@ -13,9 +13,7 @@ spec:
- namespace: "*" - namespace: "*"
server: https://kubernetes.default.svc server: https://kubernetes.default.svc
clusterResourceWhitelist: clusterResourceWhitelist:
# Broad allow; some Argo CD builds still reject certain cluster kinds unless named explicitly. # Avoid group/kind "*" alone on some Argo CD 3.x builds (can block webhooks); list common cluster-scoped kinds.
- group: "*"
kind: "*"
- group: admissionregistration.k8s.io - group: admissionregistration.k8s.io
kind: MutatingWebhookConfiguration kind: MutatingWebhookConfiguration
- group: admissionregistration.k8s.io - group: admissionregistration.k8s.io
@ -26,6 +24,18 @@ spec:
kind: ClusterRole kind: ClusterRole
- group: rbac.authorization.k8s.io - group: rbac.authorization.k8s.io
kind: ClusterRoleBinding kind: ClusterRoleBinding
- group: rbac.authorization.k8s.io
kind: Role
- group: rbac.authorization.k8s.io
kind: RoleBinding
- group: storage.k8s.io
kind: StorageClass
- group: scheduling.k8s.io
kind: PriorityClass
- group: networking.k8s.io
kind: IngressClass
- group: cilium.io
kind: CiliumClusterwideNetworkPolicy
namespaceResourceWhitelist: namespaceResourceWhitelist:
- group: "*" - group: "*"
kind: "*" kind: "*"