feat(reflector): add infra-data-reflector configuration and update dependencies

flux/clusters/base/apps.yaml

@@ -13,6 +13,6 @@ spec:
   path: ./flux/apps
   prune: true
   dependsOn:
-    - name: infra-data-post
+    - name: infra-data-reflector
     - name: infra-net
     - name: infra-gitops

flux/clusters/base/infra-data.yaml

@@ -36,3 +36,23 @@ spec:
   wait: true
   dependsOn:
     - name: infra-data
+
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: infra-data-reflector
+  namespace: infra-gitops
+spec:
+  interval: 30m
+  timeout: 15m
+  retryInterval: 1m
+  sourceRef:
+    kind: GitRepository
+    name: flux
+  path: ./flux/infrastructure/infra-data/reflector
+  prune: true
+  force: true
+  wait: true
+  dependsOn:
+    - name: infra-data-post

flux/clusters/base/infra-gitops.yaml

@@ -14,7 +14,7 @@ spec:
   prune: true
   wait: true
   dependsOn:
-    - name: infra-data-post
+    - name: infra-data-reflector
     - name: infra-monitor
 
 ---

flux/clusters/base/infra-monitor.yaml

@@ -15,7 +15,7 @@ spec:
   force: true
   wait: true
   dependsOn:
-    - name: infra-data-post
+    - name: infra-data-reflector
 
 ---
 apiVersion: kustomize.toolkit.fluxcd.io/v1

flux/clusters/dev-cm/infra-data-post/cnpg17-objectstore-hw.yaml

@@ -1,20 +0,0 @@
-apiVersion: barmancloud.cnpg.io/v1
-kind: ObjectStore
-metadata:
-  name: cnpg17-objectstore-hw
-  namespace: infra-data
-spec:
-  retentionPolicy: "7d"
-  configuration:
-    destinationPath: s3://devcm/cnpg/
-    endpointURL: https://obs.cn-east-3.myhuaweicloud.com
-    s3Credentials:
-      accessKeyId:
-        name: s3-devcm-hw
-        key: ACCESS_KEY_ID
-      secretAccessKey:
-        name: s3-devcm-hw
-        key: ACCESS_SECRET_KEY
-    wal:
-      compression: gzip
-      maxParallel: 8

flux/clusters/dev-cm/infra-data-post/kustomization.yaml

@@ -1,10 +1,9 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - cnpg17-objectstore-hw.yaml
+  - ../../../infrastructure/infra-data/post/cnpg17-objectstore-hw.yaml
   - cnpg17-cluster-hk.yaml
   - cnpg17-cluster-sh.yaml
   - databases.yaml
   - loadbalancer-hk.yaml
   - loadbalancer-sh.yaml
-  - reflector-secret-annotations.yaml

flux/clusters/dev-cm/infra-data-reflector/kustomization.yaml

@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - reflector-secret-annotations.yaml

flux/clusters/dev-cm/infra-data-reflector/reflector-secret-annotations.yaml

@@ -1,9 +1,3 @@
-# 给CNPG和Valkey自动生成的secrets添加Reflector注解
-# 通过SSA force合并注解到已有secrets 使其自动复制到消费方命名空间
-#
-# cnpg17-cluster-hk-app → apps (halo), infra-net (crowdsec)
-# cnpg17-cluster-sh-app → infra-gitops (gitea), infra-monitor (grafana)
-# valkey-cluster-sh → infra-gitops (gitea)
 apiVersion: v1
 kind: Secret
 metadata:

flux/clusters/dev-cm/kustomization.yaml

@@ -19,6 +19,10 @@ patches:
       kind: Kustomization
       name: infra-data-post
     path: patches/infra-data-post.yaml
+  - target:
+      kind: Kustomization
+      name: infra-data-reflector
+    path: patches/infra-data-reflector.yaml
   - target:
       kind: Kustomization
       name: infra-net

flux/clusters/dev-cm/patches/infra-data-reflector.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: infra-data-reflector
+spec:
+  path: ./flux/clusters/dev-cm/infra-data-reflector

flux/infrastructure/infra-data/post/kustomization.yaml

@@ -5,4 +5,3 @@ resources:
   - cnpg17-cluster.yaml
   - databases.yaml
   - loadbalancer.yaml
-  - reflector-secret-annotations.yaml

flux/infrastructure/infra-data/reflector/kustomization.yaml

@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - reflector-secret-annotations.yaml

flux/infrastructure/infra-data/reflector/reflector-secret-annotations.yaml

@@ -1,8 +1,3 @@
-# 给CNPG和Valkey自动生成的secrets添加Reflector注解
-# 通过SSA force合并注解到已有secrets 使其自动复制到消费方命名空间
-#
-# cnpg17-cluster-app → apps (halo), infra-net (crowdsec), infra-gitops (gitea), infra-monitor (grafana)
-# valkey-cluster → infra-gitops (gitea)
 apiVersion: v1
 kind: Secret
 metadata: