infra

Viktor Barzin cf578516e9 feat: auto-cleanup failed/evicted pods via Kyverno ClusterCleanupPolicy Add cleanup-failed-pods policy that runs hourly (at :15) to delete all pods in Failed phase cluster-wide. Prevents stale evicted and failed CronJob pods from accumulating and creating healthcheck noise. Also adds ClusterRole + ClusterRoleBinding to grant Kyverno cleanup controller permission to delete Pods (not included by default). [ci skip] Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>		2026-04-15 17:37:49 +00:00
..
dependency-init-containers.tf	extract monitoring, nvidia, mailserver, cloudflared, kyverno from platform [ci skip]	2026-03-17 21:34:11 +00:00
main.tf	extract monitoring, nvidia, mailserver, cloudflared, kyverno from platform [ci skip]	2026-03-17 21:34:11 +00:00
registry-credentials.tf	fix registry auth: add Kyverno RBAC for Secrets + containerd TLS skip-verify	2026-03-22 23:47:29 +02:00
resource-governance.tf	feat: auto-cleanup failed/evicted pods via Kyverno ClusterCleanupPolicy	2026-04-15 17:37:49 +00:00
security-policies.tf	extract monitoring, nvidia, mailserver, cloudflared, kyverno from platform [ci skip]	2026-03-17 21:34:11 +00:00
tls-secret-sync.tf	add Kyverno TLS secret sync + enhance renewal pipeline	2026-03-23 22:19:34 +02:00