diff --git a/CHANGELOG.md b/CHANGELOG.md index 2630be37..9d5448bc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,10 @@ and this project adheres to - ✨(backend) search endpoint for ItemViewSet #312 - 🔧(cron) pgdump: fix restic repository #282 +### Changed + +- ♻️(tilt) use helm dev-backend chart + ## [v0.4.0] - 2025-09-02 ### Added diff --git a/bin/Tiltfile b/bin/Tiltfile index e94db414..4797e2fe 100644 --- a/bin/Tiltfile +++ b/bin/Tiltfile @@ -28,9 +28,10 @@ docker_build( ] ) -k8s_resource('drive-backend-migrate', resource_deps=['postgres-postgresql']) +k8s_resource('drive-backend-migrate', resource_deps=['dev-backend-postgres']) k8s_resource('drive-backend-createsuperuser', resource_deps=['drive-backend-migrate']) -k8s_resource('drive-backend', resource_deps=['drive-backend-migrate']) +k8s_resource('drive-backend', resource_deps=['drive-backend-migrate', 'dev-backend-redis', 'dev-backend-keycloak', 'dev-backend-postgres', 'dev-backend-minio:statefulset']) +k8s_resource('dev-backend-keycloak', resource_deps=['dev-backend-keycloak-pg']) k8s_yaml(local('cd ../src/helm && helmfile -n drive -e dev template .')) migration = ''' diff --git a/src/helm/env.d/dev/values.drive.yaml.gotmpl b/src/helm/env.d/dev/values.drive.yaml.gotmpl index 23ea0a0e..51067527 100644 --- a/src/helm/env.d/dev/values.drive.yaml.gotmpl +++ b/src/helm/env.d/dev/values.drive.yaml.gotmpl @@ -41,18 +41,24 @@ backend: LOGIN_REDIRECT_URL: https://drive.127.0.0.1.nip.io LOGIN_REDIRECT_URL_FAILURE: https://drive.127.0.0.1.nip.io LOGOUT_REDIRECT_URL: https://drive.127.0.0.1.nip.io - DB_HOST: postgres-postgresql - DB_NAME: drive - DB_USER: dinum - DB_PASSWORD: pass + DB_HOST: dev-backend-postgres + DB_NAME: + secretKeyRef: + name: dev-backend-postgres + key: database + DB_USER: + secretKeyRef: + name: dev-backend-postgres + key: username + DB_PASSWORD: + secretKeyRef: + name: dev-backend-postgres + key: password DB_PORT: 5432 - POSTGRES_DB: drive - POSTGRES_USER: dinum - POSTGRES_PASSWORD: pass - REDIS_URL: redis://default:pass@redis-master:6379/1 - DJANGO_CELERY_BROKER_URL: redis://default:pass@redis-master:6379/1 - AWS_S3_ENDPOINT_URL: http://minio.drive.svc.cluster.local:9000 - AWS_S3_ACCESS_KEY_ID: root + REDIS_URL: redis://user:pass@dev-backend-redis:6379/1 + DJANGO_CELERY_BROKER_URL: redis://user:pass@dev-backend-redis:6379/1 + AWS_S3_ENDPOINT_URL: http://dev-backend-minio.drive.svc.cluster.local:9000 + AWS_S3_ACCESS_KEY_ID: dinum AWS_S3_SECRET_ACCESS_KEY: password AWS_STORAGE_BUCKET_NAME: drive-media-storage STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage @@ -115,6 +121,8 @@ frontend: ingress: enabled: true host: drive.127.0.0.1.nip.io + annotations: + nginx.ingress.kubernetes.io/proxy-body-size: 150m ingressAdmin: enabled: true @@ -134,9 +142,9 @@ ingressMedia: annotations: nginx.ingress.kubernetes.io/auth-url: https://drive.127.0.0.1.nip.io/api/v1.0/items/media-auth/ nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256" - nginx.ingress.kubernetes.io/upstream-vhost: minio.drive.svc.cluster.local:9000 + nginx.ingress.kubernetes.io/upstream-vhost: dev-backend-minio.drive.svc.cluster.local:9000 nginx.ingress.kubernetes.io/rewrite-target: /drive-media-storage/$1 serviceMedia: - host: minio.drive.svc.cluster.local + host: dev-backend-minio.drive.svc.cluster.local port: 9000 diff --git a/src/helm/helmfile.yaml b/src/helm/helmfile.yaml index 6bba4824..521d10cc 100644 --- a/src/helm/helmfile.yaml +++ b/src/helm/helmfile.yaml @@ -4,95 +4,76 @@ environments: - version: 0.3.0 --- repositories: -- name: bitnami - url: registry-1.docker.io/bitnamicharts - oci: true +- name: dev-backends + url: https://suitenumerique.github.io/helm-dev-backend --- releases: - - name: keycloak - installed: {{ eq .Environment.Name "dev" | toYaml }} - missingFileHandler: Warn + - name: dev-backend namespace: {{ .Namespace }} - chart: bitnami/keycloak - version: 17.3.6 + chart: dev-backends/dev-backend + version: 0.0.2 values: - - postgresql: - auth: - username: keycloak - password: keycloak - database: keycloak - - extraEnvVars: - - name: KEYCLOAK_EXTRA_ARGS - value: "--import-realm" - - name: KC_HOSTNAME_URL - value: https://drive-keycloak.127.0.0.1.nip.io - - extraVolumes: - - name: import - configMap: - name: drive-keycloak - - extraVolumeMounts: - - name: import - mountPath: /opt/bitnami/keycloak/data/import/ - - auth: - adminUser: su - adminPassword: su - - proxy: edge - - ingress: + - postgres: enabled: true - hostname: drive-keycloak.127.0.0.1.nip.io - - extraDeploy: - - apiVersion: v1 - kind: ConfigMap - metadata: - name: drive-keycloak - namespace: {{ .Namespace }} - data: - drive.json: | -{{ readFile "../../docker/auth/realm.json" | replace "http://localhost:3200" "https://drive.127.0.0.1.nip.io" | indent 14 }} - - - name: postgres - installed: {{ eq .Environment.Name "dev" | toYaml }} - namespace: {{ .Namespace }} - chart: bitnami/postgresql - version: 13.1.5 - values: - - auth: + name: postgres + #serviceNameOverride: postgres + image: postgres:16-alpine username: dinum password: pass - database: drive - - tls: + database: dinum + size: 1Gi + - redis: enabled: true - autoGenerated: true - - - name: minio - installed: {{ eq .Environment.Name "dev" | toYaml }} - namespace: {{ .Namespace }} - chart: bitnami/minio - version: 16.0.0 - values: - - auth: - rootUser: root - rootPassword: password - - provisioning: - enabled: true - buckets: - - name: drive-media-storage - versioning: true - - apiIngress: - enabled: true - hostname: drive-minio.127.0.0.1.nip.io - tls: true - - - name: redis - installed: {{ eq .Environment.Name "dev" | toYaml }} - namespace: {{ .Namespace }} - chart: bitnami/redis - version: 20.6.2 - values: - - auth: + name: redis + #serviceNameOverride: redis + image: redis:8.2-alpine + username: user password: pass - architecture: standalone + - minio: + enabled: true + image: minio/minio + name: minio + # serviceNameOverride: drive-minio + ingress: + enabled: true + hostname: drive-minio.127.0.0.1.nip.io + tls: + enabled: true + secretName: drive-tls + consoleIngress: + enabled: true + hostname: drive-minio-console.127.0.0.1.nip.io + tls: + enabled: true + secretName: drive-tls + username: dinum + password: password + bucket: drive-media-storage + versioning: true + size: 1Gi + - keycloak: + enabled: true + image: quay.io/keycloak/keycloak:20.0.1 + name: keycloak + #serviceNameOverride: keycloak + hostname: drive-keycloak.127.0.0.1.nip.io + username: admin + password: pass + tls: + enabled: true + secretName: drive-tls + db: + username: dinum + password: pass + database: keycloak + size: 1Gi + image: postgres:16-alpine + realm: + name: drive + username: drive + password: drive + email: drive@example.com - name: drive version: {{ .Values.version }}