apiVersion: policy.linkerd.io/v1beta1
kind: Server
metadata:
  name: flux-healthz
  namespace: flux-system
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    workload.edge.ncr.com: 'platform'
    cluster_hash: ${cluster_hash}
    cluster_uuid: ${cluster_uuid}
  annotations:
    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
    pallet.edge.ncr.com/name: fluxcd-operators
    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
spec:
  port: healthz
  podSelector:
    matchLabels: {} # every pod
  proxyProtocol: HTTP/1
---
apiVersion: policy.linkerd.io/v1beta1
kind: Server
metadata:
  name: flux-http-prom
  namespace: flux-system
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    workload.edge.ncr.com: 'platform'
    cluster_hash: ${cluster_hash}
    cluster_uuid: ${cluster_uuid}
  annotations:
    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
    pallet.edge.ncr.com/name: fluxcd-operators
    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
spec:
  port: http-prom
  podSelector:
    matchLabels: {} # every pod
  proxyProtocol: HTTP/1
---
apiVersion: policy.linkerd.io/v1beta1
kind: Server
metadata:
  name: flux-notification-controller-event-server
  namespace: flux-system
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    workload.edge.ncr.com: 'platform'
    cluster_hash: ${cluster_hash}
    cluster_uuid: ${cluster_uuid}
  annotations:
    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
    pallet.edge.ncr.com/name: fluxcd-operators
    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
spec:
  port: http
  podSelector:
    matchLabels:
      app: notification-controller
  proxyProtocol: HTTP/1
---
apiVersion: policy.linkerd.io/v1beta1
kind: Server
metadata:
  name: flux-source-controller-file-server
  namespace: flux-system
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    workload.edge.ncr.com: 'platform'
    cluster_hash: ${cluster_hash}
    cluster_uuid: ${cluster_uuid}
  annotations:
    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
    pallet.edge.ncr.com/name: fluxcd-operators
    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
spec:
  port: http
  podSelector:
    matchLabels:
      app: source-controller
  proxyProtocol: HTTP/1
---
apiVersion: policy.linkerd.io/v1beta1
kind: ServerAuthorization
metadata:
  name: flux-healthz
  namespace: flux-system
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    workload.edge.ncr.com: 'platform'
    cluster_hash: ${cluster_hash}
    cluster_uuid: ${cluster_uuid}
  annotations:
    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
    pallet.edge.ncr.com/name: fluxcd-operators
    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
spec:
  client:
    unauthenticated: true
  server:
    name: flux-healthz
---
apiVersion: policy.linkerd.io/v1beta1
kind: ServerAuthorization
metadata:
  name: flux-http-prom
  namespace: flux-system
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    workload.edge.ncr.com: 'platform'
    cluster_hash: ${cluster_hash}
    cluster_uuid: ${cluster_uuid}
  annotations:
    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
    pallet.edge.ncr.com/name: fluxcd-operators
    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
spec:
  client:
    meshTLS:
      serviceAccounts:
      - name: prometheus
        namespace: prometheus
  server:
    name: flux-http-prom
---
apiVersion: policy.linkerd.io/v1beta1
kind: ServerAuthorization
metadata:
  name: flux-notification-controller-event-server
  namespace: flux-system
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    workload.edge.ncr.com: 'platform'
    cluster_hash: ${cluster_hash}
    cluster_uuid: ${cluster_uuid}
  annotations:
    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
    pallet.edge.ncr.com/name: fluxcd-operators
    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
spec:
  # this doesnt allow for webhook receivers: 
  # https://github.com/fluxcd/notification-controller/blob/main/docs/spec/README.md#webhook-receivers-1
  client:
    meshTLS:
      identities:
      # all service accounts in the flux-system namespace
      - "*.flux-system.serviceaccount.identity.linkerd.cluster.local"
  server:
    name: flux-notification-controller-event-server
---
apiVersion: policy.linkerd.io/v1beta1
kind: ServerAuthorization
metadata:
  name: flux-source-controller-file-server
  namespace: flux-system
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    workload.edge.ncr.com: 'platform'
    cluster_hash: ${cluster_hash}
    cluster_uuid: ${cluster_uuid}
  annotations:
    pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
    pallet.edge.ncr.com/name: fluxcd-operators
    pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
    pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/edge-infra'
    pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
spec:
  client:
    # source controller uses http endpoint for readiness probe
    # this should be removed after the following issue is closed:
    # https://github.com/linkerd/linkerd2/issues/7050#issuecomment-1054808996
    unauthenticated: true
  server:
    name: flux-source-controller-file-server