[ci skip] Add tier labels to all namespace resources for Kyverno resource governance

Added `tier = var.tier` to kubernetes_namespace labels in ~73 service modules. This enables Kyverno to generate LimitRange defaults, ResourceQuotas, and PriorityClass injection for all namespaces. Previously only 11 namespaces had tier labels; now all 80 active namespaces are labeled. All pods restarted in rolling waves to pick up the new policies.
2026-02-21 23:38:05 +00:00 · 2026-02-21 23:38:05 +00:00 · d345841ef2
commit d345841ef2
parent 517f5d6a6c
66 changed files with 135 additions and 12 deletions
--- a/modules/kubernetes/real-estate-crawler/main.tf
+++ b/modules/kubernetes/real-estate-crawler/main.tf
@ -12,6 +12,7 @@ resource "kubernetes_namespace" "realestate-crawler" {
    name = "realestate-crawler"
    labels = {
      "istio-injection" : "disabled"
+      tier = var.tier
    }
  }
 }
@ -57,7 +58,7 @@ resource "kubernetes_deployment" "realestate-crawler-ui" {
          image = "viktorbarzin/immoweb:latest"
          port {
            name           = "http"
-            container_port = 80
+            container_port = 8080
            protocol       = "TCP"
          }
          env {
@ -89,7 +90,8 @@ resource "kubernetes_service" "realestate-crawler-ui" {
      app = "realestate-crawler-ui"
    }
    port {
-      port = 80
+      port        = 80
+      target_port = 8080
    }
  }
 }