diff --git a/DEPLOYMENT.md b/DEPLOYMENT.md new file mode 100644 index 0000000..fa567d4 --- /dev/null +++ b/DEPLOYMENT.md @@ -0,0 +1,63 @@ +# Deployment Guide + +## Crossplane Resource Management + +### ✅ Correct Approach - Declarative Updates + +Always use `kubectl apply` for Crossplane Objects: + +```bash +# Make changes to YAML files +kubectl apply -f filename.yaml + +# For directory updates +kubectl apply -f . +``` + +This will: +- Update existing Objects (shows "configured") +- Create new Objects (shows "created") +- Leave unchanged Objects (shows "unchanged") +- Maintain resource state and ownership + +### ❌ Avoid - Delete/Recreate Pattern + +Don't use delete/apply cycles unless absolutely necessary: + +```bash +# This is generally wrong for routine updates +kubectl delete -f filename.yaml +kubectl apply -f filename.yaml +``` + +Only use delete/recreate for: +- Schema changes that require recreation +- Fixing stuck resources +- Resource type changes + +### Verification Steps + +After applying changes: + +1. Check Crossplane Object status: + ```bash + kubectl get objects.kubernetes.crossplane.io -A + ``` + +2. Verify managed resources: + ```bash + kubectl get -n + ``` + +3. Check Object details if issues: + ```bash + kubectl describe object -n crossplane-system + ``` + +### GitOps Compatibility + +This declarative approach ensures: +- Flux/ArgoCD can manage resources properly +- No unexpected deletions +- Proper drift detection +- Safe rollbacks \ No newline at end of file diff --git a/kustomization.yaml b/kustomization.yaml index ee95223..96bd7d9 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -2,18 +2,9 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -# Core infrastructure - individual files to avoid conflicts +# Start with just core files for GitOps testing - forgejo-k8s.yaml - pomerium.yaml -- providers.yaml -- provider-configs.yaml -- external-dns.yaml - -# Directories with their own kustomizations -- auth/ -- cert-manager/ -- dns/ -- emissary/ # Exclude problematic directories: # - flux/ (managed by Flux itself)