Auto-update README with current k8s applications

Generated by CI/CD workflow on 2026-03-19 13:52:06

This PR updates the README.md file with the current list of applications found in the k8s/ directory structure.

k8s/apps/furumi-server/metadata-agent.yaml

@@ -33,7 +33,7 @@ spec:
             - name: FURUMI_AGENT_OLLAMA_URL
               value: "http://ollama.ollama.svc:11434"
             - name: FURUMI_AGENT_OLLAMA_MODEL
-              value: "qwen3.5:9b"
+              value: "qwen3:14b"
             - name: FURUMI_AGENT_POLL_INTERVAL_SECS
               value: "10"
             - name: RUST_LOG

k8s/core/authentik/kustomization.yaml

@@ -5,7 +5,6 @@ resources:
   - app.yaml
   - external-secrets.yaml
   - https-middleware.yaml
-  - outpost-selector-fix.yaml
 # - worker-restart.yaml
 
 helmCharts:

k8s/core/authentik/outpost-selector-fix.yaml

@@ -1,81 +0,0 @@
-## Workaround for authentik bug: embedded outpost controller creates
-## a Service with selectors that don't match the pod labels it sets.
-## Remove this after upgrading to a version with the fix.
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: outpost-selector-fix
-  namespace: authentik
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: outpost-selector-fix
-  namespace: authentik
-rules:
-  - apiGroups: [""]
-    resources: ["services"]
-    verbs: ["get", "patch"]
-  - apiGroups: [""]
-    resources: ["endpoints"]
-    verbs: ["get"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: outpost-selector-fix
-  namespace: authentik
-subjects:
-  - kind: ServiceAccount
-    name: outpost-selector-fix
-    namespace: authentik
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: outpost-selector-fix
----
-apiVersion: batch/v1
-kind: CronJob
-metadata:
-  name: outpost-selector-fix
-  namespace: authentik
-spec:
-  schedule: "*/5 * * * *"
-  successfulJobsHistoryLimit: 1
-  failedJobsHistoryLimit: 3
-  concurrencyPolicy: Replace
-  jobTemplate:
-    spec:
-      ttlSecondsAfterFinished: 300
-      template:
-        spec:
-          serviceAccountName: outpost-selector-fix
-          restartPolicy: OnFailure
-          containers:
-            - name: fix
-              image: bitnami/kubectl:latest
-              command:
-                - /bin/sh
-                - -c
-                - |
-                  SVC="ak-outpost-authentik-embedded-outpost"
-                  # check if endpoints are populated
-                  ADDRS=$(kubectl get endpoints "$SVC" -n authentik -o jsonpath='{.subsets[*].addresses[*].ip}' 2>/dev/null)
-                  if [ -n "$ADDRS" ]; then
-                    echo "Endpoints OK ($ADDRS), nothing to fix"
-                    exit 0
-                  fi
-                  echo "No endpoints for $SVC, patching selector..."
-                  kubectl patch svc "$SVC" -n authentik --type=json -p '[
-                    {"op":"remove","path":"/spec/selector/app.kubernetes.io~1component"},
-                    {"op":"replace","path":"/spec/selector/app.kubernetes.io~1name","value":"authentik-outpost-proxy"}
-                  ]'
-                  echo "Patched. Verifying..."
-                  sleep 2
-                  ADDRS=$(kubectl get endpoints "$SVC" -n authentik -o jsonpath='{.subsets[*].addresses[*].ip}' 2>/dev/null)
-                  if [ -n "$ADDRS" ]; then
-                    echo "Fix confirmed, endpoints: $ADDRS"
-                  else
-                    echo "WARNING: still no endpoints after patch"
-                    exit 1
-                  fi