♻️(tilt) use helm dev-backend chart

Remove usage of bitnami charts and use our own dev-backend charts instead.
2026-04-25 17:15:19 +02:00 · 2025-09-05 08:06:48 +02:00
parent 64fce6cfc0
commit b58aa4a36e
4 changed files with 88 additions and 94 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,10 @@ and this project adheres to
 - ✨(backend) search endpoint for ItemViewSet #312
 - 🔧(cron) pgdump: fix restic repository #282

+### Changed
+
+- ♻️(tilt) use helm dev-backend chart
+
 ## [v0.4.0] - 2025-09-02

 ### Added
--- a/bin/Tiltfile
+++ b/bin/Tiltfile
@@ -28,9 +28,10 @@ docker_build(
    ]
 )

-k8s_resource('drive-backend-migrate', resource_deps=['postgres-postgresql'])
+k8s_resource('drive-backend-migrate', resource_deps=['dev-backend-postgres'])
 k8s_resource('drive-backend-createsuperuser', resource_deps=['drive-backend-migrate'])
-k8s_resource('drive-backend', resource_deps=['drive-backend-migrate'])
+k8s_resource('drive-backend', resource_deps=['drive-backend-migrate', 'dev-backend-redis', 'dev-backend-keycloak', 'dev-backend-postgres', 'dev-backend-minio:statefulset'])
+k8s_resource('dev-backend-keycloak', resource_deps=['dev-backend-keycloak-pg'])
 k8s_yaml(local('cd ../src/helm && helmfile -n drive -e dev template .'))

 migration = '''
--- a/src/helm/env.d/dev/values.drive.yaml.gotmpl
+++ b/src/helm/env.d/dev/values.drive.yaml.gotmpl
@@ -41,18 +41,24 @@ backend:
    LOGIN_REDIRECT_URL: https://drive.127.0.0.1.nip.io
    LOGIN_REDIRECT_URL_FAILURE: https://drive.127.0.0.1.nip.io
    LOGOUT_REDIRECT_URL: https://drive.127.0.0.1.nip.io
-    DB_HOST: postgres-postgresql
-    DB_NAME: drive
-    DB_USER: dinum
-    DB_PASSWORD: pass
+    DB_HOST: dev-backend-postgres
+    DB_NAME:
+      secretKeyRef:
+        name: dev-backend-postgres
+        key: database
+    DB_USER:
+      secretKeyRef:
+        name: dev-backend-postgres
+        key: username
+    DB_PASSWORD:
+      secretKeyRef:
+        name: dev-backend-postgres
+        key: password
    DB_PORT: 5432
-    POSTGRES_DB: drive
-    POSTGRES_USER: dinum
-    POSTGRES_PASSWORD: pass
-    REDIS_URL: redis://default:pass@redis-master:6379/1
-    DJANGO_CELERY_BROKER_URL: redis://default:pass@redis-master:6379/1
-    AWS_S3_ENDPOINT_URL: http://minio.drive.svc.cluster.local:9000
-    AWS_S3_ACCESS_KEY_ID: root
+    REDIS_URL: redis://user:pass@dev-backend-redis:6379/1
+    DJANGO_CELERY_BROKER_URL: redis://user:pass@dev-backend-redis:6379/1
+    AWS_S3_ENDPOINT_URL: http://dev-backend-minio.drive.svc.cluster.local:9000
+    AWS_S3_ACCESS_KEY_ID: dinum
    AWS_S3_SECRET_ACCESS_KEY: password
    AWS_STORAGE_BUCKET_NAME: drive-media-storage
    STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage
@@ -115,6 +121,8 @@ frontend:
 ingress:
  enabled: true
  host: drive.127.0.0.1.nip.io
+  annotations:
+    nginx.ingress.kubernetes.io/proxy-body-size: 150m

 ingressAdmin:
  enabled: true
@@ -134,9 +142,9 @@ ingressMedia:
  annotations:
    nginx.ingress.kubernetes.io/auth-url: https://drive.127.0.0.1.nip.io/api/v1.0/items/media-auth/
    nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256"
-    nginx.ingress.kubernetes.io/upstream-vhost: minio.drive.svc.cluster.local:9000
+    nginx.ingress.kubernetes.io/upstream-vhost: dev-backend-minio.drive.svc.cluster.local:9000
    nginx.ingress.kubernetes.io/rewrite-target: /drive-media-storage/$1

 serviceMedia:
-  host: minio.drive.svc.cluster.local
+  host: dev-backend-minio.drive.svc.cluster.local
  port: 9000
--- a/src/helm/helmfile.yaml
+++ b/src/helm/helmfile.yaml
@@ -4,95 +4,76 @@ environments:
      - version: 0.3.0
 ---
 repositories:
- name: bitnami
-  url: registry-1.docker.io/bitnamicharts
-  oci: true
+- name: dev-backends
+  url: https://suitenumerique.github.io/helm-dev-backend
 ---

 releases:
-  - name: keycloak
-    installed: {{ eq .Environment.Name "dev" | toYaml }}
-    missingFileHandler: Warn
+  - name: dev-backend
    namespace: {{ .Namespace }}
-    chart: bitnami/keycloak
-    version: 17.3.6
+    chart: dev-backends/dev-backend
+    version: 0.0.2
    values:
-      - postgresql:
-          auth:
-            username: keycloak
-            password: keycloak
-            database: keycloak
-      - extraEnvVars:
-          - name: KEYCLOAK_EXTRA_ARGS
-            value: "--import-realm"
-          - name: KC_HOSTNAME_URL
-            value: https://drive-keycloak.127.0.0.1.nip.io
-      - extraVolumes:
-          - name: import
-            configMap:
-              name: drive-keycloak
-      - extraVolumeMounts:
-          - name: import
-            mountPath: /opt/bitnami/keycloak/data/import/
-      - auth:
-          adminUser: su
-          adminPassword: su
-      - proxy: edge
-      - ingress:
+      - postgres:
          enabled: true
-          hostname: drive-keycloak.127.0.0.1.nip.io
-      - extraDeploy:
-        - apiVersion: v1
-          kind: ConfigMap
-          metadata:
-            name: drive-keycloak
-            namespace: {{ .Namespace }}
-          data:
-            drive.json: |
-{{ readFile "../../docker/auth/realm.json" | replace "http://localhost:3200" "https://drive.127.0.0.1.nip.io" | indent 14 }}
-
-  - name: postgres
-    installed: {{ eq .Environment.Name "dev" | toYaml }}
-    namespace: {{ .Namespace }}
-    chart: bitnami/postgresql
-    version: 13.1.5
-    values:
-      - auth:
+          name: postgres
+          #serviceNameOverride: postgres
+          image: postgres:16-alpine
          username: dinum
          password: pass
-          database: drive
-      - tls:
+          database: dinum
+          size: 1Gi
+      - redis:
          enabled: true
-          autoGenerated: true
-
-  - name: minio
-    installed: {{ eq .Environment.Name "dev" | toYaml }}
-    namespace: {{ .Namespace }}
-    chart: bitnami/minio
-    version: 16.0.0
-    values: 
-      - auth:
-          rootUser: root
-          rootPassword: password
-      - provisioning:
-          enabled: true
-          buckets:
-            - name: drive-media-storage
-              versioning: true
-      - apiIngress:
-          enabled: true
-          hostname: drive-minio.127.0.0.1.nip.io
-          tls: true
-
-  - name: redis
-    installed: {{ eq .Environment.Name "dev" | toYaml }}
-    namespace: {{ .Namespace }}
-    chart: bitnami/redis
-    version: 20.6.2
-    values:
-      - auth:
+          name: redis
+          #serviceNameOverride: redis
+          image: redis:8.2-alpine
+          username: user
          password: pass
-        architecture: standalone
+      - minio:
+          enabled: true
+          image: minio/minio
+          name: minio
+          # serviceNameOverride: drive-minio
+          ingress:
+            enabled: true
+            hostname: drive-minio.127.0.0.1.nip.io
+            tls:
+              enabled: true
+              secretName: drive-tls
+          consoleIngress:
+            enabled: true
+            hostname: drive-minio-console.127.0.0.1.nip.io
+            tls:
+              enabled: true
+              secretName: drive-tls
+          username: dinum
+          password: password
+          bucket: drive-media-storage
+          versioning: true
+          size: 1Gi
+      - keycloak:
+          enabled: true
+          image: quay.io/keycloak/keycloak:20.0.1
+          name: keycloak
+          #serviceNameOverride: keycloak
+          hostname: drive-keycloak.127.0.0.1.nip.io
+          username: admin
+          password: pass
+          tls:
+            enabled: true
+            secretName: drive-tls
+          db:
+            username: dinum
+            password: pass
+            database: keycloak
+            size: 1Gi
+            image: postgres:16-alpine
+          realm:
+            name: drive
+            username: drive
+            password: drive
+            email: drive@example.com

  - name: drive
    version: {{ .Values.version }}