Skip to content

Deploy releases/k8s-manifests 603b79b#147

Merged
themightychris merged 4 commits into
deploys/k8s-manifestsfrom
releases/k8s-manifests
May 13, 2026
Merged

Deploy releases/k8s-manifests 603b79b#147
themightychris merged 4 commits into
deploys/k8s-manifestsfrom
releases/k8s-manifests

Conversation

@github-actions
Copy link
Copy Markdown

@github-actions github-actions Bot commented May 13, 2026

kubectl diff reports that applying 603b79b will change:

diff too big; review locally

Errors/Warnings

=== Directory: ./envoy-gateway-system ===
Error from server (NotFound): namespaces "envoy-gateway-system" not found

themightychris and others added 4 commits May 12, 2026 23:49
@themightychris @claude
chore(deps): bump civic-cloud to v1.9.0 (Envoy Gateway foundation)
5db2639 
civic-cloud v1.9.0 → cluster-template v1.5.0, which adds:
- Gateway API v1.5.1 CRDs (standard channel — Gateway, HTTPRoute,
  ListenerSet, etc.)
- Envoy Gateway controller v1.7.3 (installs to envoy-gateway-system)
- Envoy Gateway proprietary CRDs (Backend, BackendTrafficPolicy, etc.)
- cert-manager Gateway API integration wired up via ControllerConfiguration
  ConfigMap (enableGatewayAPI: true + featureGates.ListenerSet: true)

Foundation for migrating off ingress-nginx onto Gateway API. Doesn't
configure any Gateway/HTTPRoute resources yet — those come next on a
per-project basis (PRs #131/132/133/143 become actionable on top of
this).

Also drops the workspace cert-manager/helm-values.yaml override that
was the temporary workaround for the upstream stale-values-file issue.
That's fixed properly upstream in cluster-template v1.4.1+ (carried
through v1.5.0), so the local override is no longer needed — the
projected tree is byte-identical with or without it.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@themightychris @claude
chore(deps): bump civic-cloud to v1.9.0 (continued)
573842f 
Forgot to include the source ref bump in the prior commit — only the
workspace override deletion landed. This is the actual bump that pulls
in Envoy Gateway + Gateway API + cert-manager Gateway API wiring.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@themightychris
Merge pull request #146 from CodeForPhilly/chore/civic-cloud-1.9.0
1fad7a1 
chore(deps): bump civic-cloud to v1.9.0 (Envoy Gateway foundation)
@themightychris
☀ projected k8s-manifests-github from 1fad7a1
603b79b 
Source-holobranch: k8s-manifests-github
Source-commit: 1fad7a1
Source: 1fad7a1
@themightychris themightychris merged commit abd6b88 into deploys/k8s-manifests May 13, 2026
1 check passed
@github-actions
Copy link
Copy Markdown
Author

github-actions Bot commented May 13, 2026

kubectl apply output (excluding unchanged) for abd6b88 was:

customresourcedefinition.apiextensions.k8s.io/backends.gateway.envoyproxy.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/backendtlspolicies.gateway.networking.k8s.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/backendtrafficpolicies.gateway.envoyproxy.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/backups.postgresql.cnpg.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/certificaterequests.cert-manager.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/certificates.cert-manager.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/challenges.acme.cert-manager.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/clienttrafficpolicies.gateway.envoyproxy.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/clusterimagecatalogs.postgresql.cnpg.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/clusterissuers.cert-manager.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/clusters.postgresql.cnpg.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/databases.postgresql.cnpg.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/envoyextensionpolicies.gateway.envoyproxy.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/envoypatchpolicies.gateway.envoyproxy.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/envoyproxies.gateway.envoyproxy.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/failoverquorums.postgresql.cnpg.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/gatewayclasses.gateway.networking.k8s.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/gateways.gateway.networking.k8s.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/grpcroutes.gateway.networking.k8s.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/httproutefilters.gateway.envoyproxy.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/httproutes.gateway.networking.k8s.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/imagecatalogs.postgresql.cnpg.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/issuers.cert-manager.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/listenersets.gateway.networking.k8s.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/orders.acme.cert-manager.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/poolers.postgresql.cnpg.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/publications.postgresql.cnpg.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/referencegrants.gateway.networking.k8s.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/scheduledbackups.postgresql.cnpg.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/sealedsecrets.bitnami.com serverside-applied
customresourcedefinition.apiextensions.k8s.io/securitypolicies.gateway.envoyproxy.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/subscriptions.postgresql.cnpg.io serverside-applied
customresourcedefinition.apiextensions.k8s.io/tlsroutes.gateway.networking.k8s.io serverside-applied
clusterrole.rbac.authorization.k8s.io/envoy-gateway-gateway-helm-certgen:envoy-gateway-system created
clusterrole.rbac.authorization.k8s.io/envoy-gateway-gateway-helm-envoy-gateway-role created
clusterrole.rbac.authorization.k8s.io/grafana-clusterrole configured
clusterrole.rbac.authorization.k8s.io/prometheus-alertmanager configured
clusterrole.rbac.authorization.k8s.io/prometheus-pushgateway configured
clusterrolebinding.rbac.authorization.k8s.io/envoy-gateway-gateway-helm-certgen:envoy-gateway-system created
clusterrolebinding.rbac.authorization.k8s.io/envoy-gateway-gateway-helm-envoy-gateway-rolebinding created
clusterrolebinding.rbac.authorization.k8s.io/sealed-secrets configured
mutatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook configured
mutatingwebhookconfiguration.admissionregistration.k8s.io/cnpg-mutating-webhook-configuration configured
mutatingwebhookconfiguration.admissionregistration.k8s.io/envoy-gateway-topology-injector.envoy-gateway-system created
namespace/envoy-gateway-system created
validatingadmissionpolicy.admissionregistration.k8s.io/safe-upgrades.gateway.networking.k8s.io created
validatingadmissionpolicybinding.admissionregistration.k8s.io/safe-upgrades.gateway.networking.k8s.io created
validatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook configured
validatingwebhookconfiguration.admissionregistration.k8s.io/cnpg-validating-webhook-configuration configured
validatingwebhookconfiguration.admissionregistration.k8s.io/ingress-nginx-admission configured
secret/regcred created
configmap/cert-manager created
deployment.apps/cert-manager configured
deployment.apps/choose-native-plants configured
cluster.postgresql.cnpg.io/shared-cluster configured
configmap/cnpg-controller-manager-config configured
statefulset.apps/data-warehouse-postgresql configured
configmap/envoy-gateway-config created
deployment.apps/envoy-gateway created
job.batch/envoy-gateway-gateway-helm-certgen created
role.rbac.authorization.k8s.io/envoy-gateway-gateway-helm-certgen created
role.rbac.authorization.k8s.io/envoy-gateway-gateway-helm-infra-manager created
role.rbac.authorization.k8s.io/envoy-gateway-gateway-helm-leader-election-role created
rolebinding.rbac.authorization.k8s.io/envoy-gateway-gateway-helm-certgen created
rolebinding.rbac.authorization.k8s.io/envoy-gateway-gateway-helm-infra-manager created
rolebinding.rbac.authorization.k8s.io/envoy-gateway-gateway-helm-leader-election-rolebinding created
service/envoy-gateway created
serviceaccount/envoy-gateway-gateway-helm-certgen created
serviceaccount/envoy-gateway created
configmap/grafana-dashboards-default configured
deployment.apps/grafana configured
deployment.apps/ingress-nginx-controller configured
deployment.apps/metrics-server configured
secret/promtail configured
statefulset.apps/loki configured
statefulset.apps/database configured
deployment.apps/prometheus-alertmanager configured
deployment.apps/prometheus-kube-state-metrics configured
deployment.apps/prometheus-pushgateway configured
deployment.apps/prometheus-server configured
serviceaccount/prometheus-kube-state-metrics configured
deployment.apps/sealed-secrets configured
rolebinding.rbac.authorization.k8s.io/sealed-secrets-key-admin configured
service/sealed-secrets configured

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@themightychris