infra

Viktor Barzin 79af6fff47 [ci skip] fix MySQL cluster RBAC, Kyverno policy bugs, Nextcloud memory - dbaas: add mysql-sidecar-extra ClusterRole for namespaces/CRD list/watch needed by kopf framework in sidecar containers - kyverno: restrict inject-priority-class-from-tier to CREATE operations only (was blocking pod patches with immutable spec error) - kyverno: add resource-governance/custom-limitrange label opt-out to LimitRange generation policy (mirrors existing custom-quota) - nextcloud: bump memory limit 4Gi -> 6Gi, add custom LimitRange with 8Gi max, opt out of Kyverno-managed LimitRange		2026-03-01 17:16:03 +00:00
..
main.tf	[ci skip] kyverno: scale to 2 replicas, eliminate API calls from policies	2026-02-24 23:09:56 +00:00
resource-governance.tf	[ci skip] fix MySQL cluster RBAC, Kyverno policy bugs, Nextcloud memory	2026-03-01 17:16:03 +00:00
security-policies.tf	[ci skip] Infrastructure hardening: security, monitoring, reliability, maintainability	2026-02-23 22:05:28 +00:00