refactor(manifests): extract shared patches into Kustomize Components#933
Merged
mergify[bot] merged 1 commit intomainfrom Mar 18, 2026
Merged
refactor(manifests): extract shared patches into Kustomize Components#933mergify[bot] merged 1 commit intomainfrom
mergify[bot] merged 1 commit intomainfrom
Conversation
WalkthroughRestructures Kustomize manifests into reusable components and a platform/core split: adds component kustomizations (oauth-proxy, postgresql-rhel, postgresql-init-scripts, ambient-api-server-db), introduces base/core and base/platform kustomizations, updates base and overlays to reference components, and removes many overlay-specific patches and inline resources. Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
📝 Coding Plan
Comment Tip You can customize the tone of the review comments and chat replies.Configure the |
mprpic
previously approved these changes
Mar 16, 2026
Contributor
Author
|
Not sure why CodeRabbit did not review this. Maybe something on my ktdreyer GH account? I'm approved for a license (DPP-19771). I'll use a command to trigger a review explicitly. |
Contributor
Author
|
@coderabbitai review |
✅ Actions performedReview triggered.
|
Contributor
Author
|
I see now. CodeRabbit won't actually leave a "comment" review if "No actionable comments were generated". I filed #940 to clean up the mergify gate on this. |
Contributor
Review Queue Status
Action needed: Rebase to resolve merge conflicts
|
Adding a new OpenShift overlay currently requires copying patch files from an existing overlay and hoping nothing was missed. Kustomize Components let overlays compose reusable mixins instead. Split base/ into core/, rbac/, and platform/ sub-kustomizations so future overlays can selectively include only what they need. Extract 10 duplicated patch files into 4 components: - oauth-proxy: OAuth sidecar + service port (production) - postgresql-rhel: RHEL postgres image + unleash init-db - ambient-api-server-db: API server DB connection + init - postgresql-init-scripts: ConfigMap-based DB init (kind/e2e) Each overlay now references shared components instead of maintaining its own copy of identical patches. All 5 overlays produce identical "oc kustomize" output before and after this change. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
ktdreyer
force-pushed
the
kdreyer/refactor-kustomize
branch
from
62dbc57 to
75b8991
Compare
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (2)
components/manifests/overlays/production/kustomization.yaml (1)
52-88: 🧹 Nitpick | 🔵 TrivialConsider normalizing image references in source manifests.
The images section contains duplicate entries for both tagged (
vteam_backend:latest) and untagged (vteam_backend) variants of the same images. While this works correctly, it suggests inconsistent image references in the source manifests. If all source manifests used a consistent format, this duplication could be eliminated.Low priority since the PR confirms identical output before/after.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@components/manifests/overlays/production/kustomization.yaml` around lines 52 - 88, The images list in kustomization.yaml contains duplicate entries for the same images with and without the ":latest" tag (e.g., entries for quay.io/ambient_code/vteam_backend and quay.io/ambient_code/vteam_backend:latest, same for vteam_frontend, vteam_claude_runner, vteam_operator, vteam_public_api, vteam_api_server, vteam_state_sync); normalize the source manifests so image references are consistent (choose either tagged form or untagged form) and remove the duplicated image entries from the images section so each image (by name) appears only once with its intended newName/newTag mapping.components/manifests/overlays/local-dev/kustomization.yaml (1)
68-68:⚠️ Potential issue | 🟡 MinorStale comment references removed patch file.
This comment references
postgresql-json-patch.yaml, which was removed as part of this refactor. The PostgreSQL RHEL image handling is now provided by the../../components/postgresql-rhelcomponent. Update or remove this comment to avoid confusion.Suggested fix
-# PostgreSQL: RHEL image handled via JSON patch (postgresql-json-patch.yaml) +# PostgreSQL: RHEL image handled via postgresql-rhel component🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@components/manifests/overlays/local-dev/kustomization.yaml` at line 68, The inline comment "# PostgreSQL: RHEL image handled via JSON patch (postgresql-json-patch.yaml)" is stale; update or remove it so it correctly references the current implementation at "../../components/postgresql-rhel" instead of the removed "postgresql-json-patch.yaml". Locate the comment in the kustomization.yaml and either replace the text to mention the "../../components/postgresql-rhel" component or delete the comment entirely to avoid confusion.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Outside diff comments:
In `@components/manifests/overlays/local-dev/kustomization.yaml`:
- Line 68: The inline comment "# PostgreSQL: RHEL image handled via JSON patch
(postgresql-json-patch.yaml)" is stale; update or remove it so it correctly
references the current implementation at "../../components/postgresql-rhel"
instead of the removed "postgresql-json-patch.yaml". Locate the comment in the
kustomization.yaml and either replace the text to mention the
"../../components/postgresql-rhel" component or delete the comment entirely to
avoid confusion.
In `@components/manifests/overlays/production/kustomization.yaml`:
- Around line 52-88: The images list in kustomization.yaml contains duplicate
entries for the same images with and without the ":latest" tag (e.g., entries
for quay.io/ambient_code/vteam_backend and
quay.io/ambient_code/vteam_backend:latest, same for vteam_frontend,
vteam_claude_runner, vteam_operator, vteam_public_api, vteam_api_server,
vteam_state_sync); normalize the source manifests so image references are
consistent (choose either tagged form or untagged form) and remove the
duplicated image entries from the images section so each image (by name) appears
only once with its intended newName/newTag mapping.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: ab25cb4b-189a-421f-bc2f-4f18f38779f1
📒 Files selected for processing (41)
components/manifests/base/core/agent-registry-configmap.yamlcomponents/manifests/base/core/ambient-api-server-service.ymlcomponents/manifests/base/core/backend-deployment.yamlcomponents/manifests/base/core/flags.jsoncomponents/manifests/base/core/flags.json.examplecomponents/manifests/base/core/frontend-deployment.yamlcomponents/manifests/base/core/kustomization.yamlcomponents/manifests/base/core/minio-deployment.yamlcomponents/manifests/base/core/models.jsoncomponents/manifests/base/core/operator-deployment.yamlcomponents/manifests/base/core/postgresql-deployment.yamlcomponents/manifests/base/core/public-api-deployment.yamlcomponents/manifests/base/core/unleash-deployment.yamlcomponents/manifests/base/core/workspace-pvc.yamlcomponents/manifests/base/kustomization.yamlcomponents/manifests/base/platform/ambient-api-server-db.ymlcomponents/manifests/base/platform/ambient-api-server-secrets.ymlcomponents/manifests/base/platform/kustomization.yamlcomponents/manifests/base/platform/namespace.yamlcomponents/manifests/components/ambient-api-server-db/ambient-api-server-db-json-patch.yamlcomponents/manifests/components/ambient-api-server-db/ambient-api-server-init-db-patch.yamlcomponents/manifests/components/ambient-api-server-db/kustomization.yamlcomponents/manifests/components/oauth-proxy/frontend-oauth-deployment-patch.yamlcomponents/manifests/components/oauth-proxy/frontend-oauth-service-patch.yamlcomponents/manifests/components/oauth-proxy/kustomization.yamlcomponents/manifests/components/postgresql-init-scripts/kustomization.yamlcomponents/manifests/components/postgresql-init-scripts/postgresql-init-scripts-patch.yamlcomponents/manifests/components/postgresql-init-scripts/postgresql-init-scripts.yamlcomponents/manifests/components/postgresql-rhel/kustomization.yamlcomponents/manifests/components/postgresql-rhel/postgresql-json-patch.yamlcomponents/manifests/components/postgresql-rhel/unleash-init-db-patch.yamlcomponents/manifests/overlays/e2e/kustomization.yamlcomponents/manifests/overlays/kind/kustomization.yamlcomponents/manifests/overlays/kind/postgresql-init-scripts-patch.yamlcomponents/manifests/overlays/kind/postgresql-init-scripts.yamlcomponents/manifests/overlays/local-dev/kustomization.yamlcomponents/manifests/overlays/production/ambient-api-server-db-json-patch.yamlcomponents/manifests/overlays/production/ambient-api-server-init-db-patch.yamlcomponents/manifests/overlays/production/kustomization.yamlcomponents/manifests/overlays/production/postgresql-json-patch.yamlcomponents/manifests/overlays/production/unleash-init-db-patch.yaml
💤 Files with no reviewable changes (6)
- components/manifests/overlays/production/postgresql-json-patch.yaml
- components/manifests/overlays/production/ambient-api-server-init-db-patch.yaml
- components/manifests/overlays/kind/postgresql-init-scripts-patch.yaml
- components/manifests/overlays/kind/postgresql-init-scripts.yaml
- components/manifests/overlays/production/ambient-api-server-db-json-patch.yaml
- components/manifests/overlays/production/unleash-init-db-patch.yaml
Gkrumbach07
approved these changes
Mar 18, 2026
Contributor
|
@Mergifyio queue |
Merge Queue Status
This pull request spent 17 seconds in the queue, including 1 second running CI. Required conditions to merge
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
base/intocore/,rbac/, andplatform/sub-kustomizations so future overlays can selectively include only what they needoauth-proxy,postgresql-rhel,ambient-api-server-db,postgresql-init-scriptsAdding a new OpenShift overlay (like
mpp-preprod) currently requires copying patch files from an existing overlay and hoping nothing was missed. With components, a new overlay composes the mixins it needs — no copy-paste required.All 5 overlays produce identical
oc kustomizeoutput before and after this change.Fixes #836
Test plan
oc kustomizeoutput diffed against pre-refactoring baselines for all 5 overlays (production, e2e, kind, kind-local, local-dev) — all identical