bitforge/orchard
3
0
Fork 0
Code Projects Wiki Activity

Clean up CI pipeline and remove unused values files

Browse Source 
- Use branch name (CI_COMMIT_REF_SLUG) instead of commit SHA for feature IDs
- Remove commented-out code and unused deploy template
- Fix deploy_stage to use kubectl config use-context
- Remove values-production.yaml and values-external.yaml
This commit is contained in:
Mondo Diaz
2026-01-13 21:51:50 +00:00
parent 66515f24d4
commit f1aae057ed
3 changed files with 30 additions and 201 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
.gitlab-ci.yml
View File

@@ -27,31 +27,16 @@ python_tests:
- cd backend - cd backend
- python -m pytest -v || echo "No tests yet" - python -m pytest -v || echo "No tests yet"
# deploy_helm_charts: # Deploy to stage (main branch)
# stage: deploy deploy_stage:
# image: stage: deploy
# name: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12
# parallel:
# matrix:
# # - ENV: "prod"
# # VALUES_FILE: "helm/values-prod.yaml"
# # CONTEXT: "esv/bsf/bsf-services/gitlab-kaas-agent-config:services-prod-agent"
# # NAMESPACE: "bsf-services-namespace"
# # ONLY: "main"
# - ENV: "dev"
# VALUES_FILE: "helm/orchard/values.yaml"
# CONTEXT: "esv/bsf/bsf-services/gitlab-kaas-agent-config:services-prod-agent"
# NAMESPACE: "bsf-services-dev-namespace"
# # ONLY: ["branches", "!main"]
# script:
# - kubectl config use-context $CONTEXT
# - echo "Deploy - buildah push ${IMAGE_NAME}:latest"
# - |
# helm upgrade --install orchard-dev ./helm/orchard --namespace $NAMESPACE -f $VALUES_FILE
.deploy_template: &deploy_template
image: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12 image: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12
variables:
ENV: stage
NAMESPACE: orch-stage-namespace
VALUES_FILE: helm/orchard/values-stage.yaml
before_script: before_script:
- kubectl config use-context esv/bsf/bsf-integration/orchard/orchard-mvp:orchard-stage
- helm version - helm version
- helm repo add stable https://charts.helm.sh/stable - helm repo add stable https://charts.helm.sh/stable
- helm repo add bitnami https://charts.bitnami.com/bitnami - helm repo add bitnami https://charts.bitnami.com/bitnami
@@ -59,41 +44,25 @@ python_tests:
- helm dependency update - helm dependency update
- helm repo update - helm repo update
script: script:
- echo "Deploying to $ENV environment in namespace $NAMESPACE using chart $VALUES_FILE with agent $AGENT" - echo "Deploying to stage environment"
- helm upgrade --install orchard-$ENV ./helm/orchard --namespace $NAMESPACE -f $VALUES_FILE --set image.tag=$IMAGE - cd $CI_PROJECT_DIR
- helm upgrade --install orchard-stage ./helm/orchard --namespace $NAMESPACE -f $VALUES_FILE --set image.tag=$CI_COMMIT_SHA
environment: environment:
name: $ENV name: stage
url: https://orchard-stage.common.global.bsf.tools
kubernetes: kubernetes:
agent: $AGENT agent: esv/bsf/bsf-integration/orchard/orchard-mvp:orchard-stage
# Deploy to stage (main branch)
deploy_stage:
image: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12
stage: deploy
variables:
ENV: stage
NAMESPACE: orch-stage-namespace
VALUES_FILE: "helm/orchard/values-stage.yaml"
AGENT: esv/bsf/bsf-integration/orchard/orchard-mvp:orchard-stage
IMAGE: $CI_COMMIT_SHA
rules: rules:
- if: '$CI_COMMIT_BRANCH == "main"' - if: '$CI_COMMIT_BRANCH == "main"'
when: always when: always
<<: *deploy_template
# Deploy feature branch to dev namespace # Deploy feature branch to dev namespace
deploy_feature: deploy_feature:
image: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12
stage: deploy stage: deploy
image: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12
variables: variables:
FEATURE_ID: feat-$CI_COMMIT_SHORT_SHA
ENV: feat-$CI_COMMIT_SHORT_SHA
NAMESPACE: orch-dev-namespace NAMESPACE: orch-dev-namespace
VALUES_FILE: "helm/orchard/values-dev.yaml" VALUES_FILE: helm/orchard/values-dev.yaml
AGENT: esv/bsf/bsf-integration/orchard/orchard-mvp:orchard
IMAGE: $CI_COMMIT_SHA
FEATURE_HOST: orchard-$CI_COMMIT_SHORT_SHA.common.global.bsf.tools
MINIO_HOST: minio-$CI_COMMIT_SHORT_SHA.common.global.bsf.tools
before_script: before_script:
- kubectl config use-context esv/bsf/bsf-integration/orchard/orchard-mvp:orchard - kubectl config use-context esv/bsf/bsf-integration/orchard/orchard-mvp:orchard
- helm version - helm version
@@ -103,21 +72,21 @@ deploy_feature:
- helm dependency update - helm dependency update
- helm repo update - helm repo update
script: script:
- echo "Deploying feature branch to $ENV environment" - echo "Deploying feature branch $CI_COMMIT_REF_SLUG"
- cd $CI_PROJECT_DIR - cd $CI_PROJECT_DIR
- | - |
helm upgrade --install orchard-$FEATURE_ID ./helm/orchard \ helm upgrade --install orchard-$CI_COMMIT_REF_SLUG ./helm/orchard \
--namespace $NAMESPACE \ --namespace $NAMESPACE \
-f $VALUES_FILE \ -f $VALUES_FILE \
--set image.tag=$IMAGE \ --set image.tag=$CI_COMMIT_SHA \
--set ingress.hosts[0].host=$FEATURE_HOST \ --set ingress.hosts[0].host=orchard-$CI_COMMIT_REF_SLUG.common.global.bsf.tools \
--set ingress.tls[0].hosts[0]=$FEATURE_HOST \ --set ingress.tls[0].hosts[0]=orchard-$CI_COMMIT_REF_SLUG.common.global.bsf.tools \
--set ingress.tls[0].secretName=orchard-$FEATURE_ID-tls \ --set ingress.tls[0].secretName=orchard-$CI_COMMIT_REF_SLUG-tls \
--set minioIngress.host=$MINIO_HOST \ --set minioIngress.host=minio-$CI_COMMIT_REF_SLUG.common.global.bsf.tools \
--set minioIngress.tls.secretName=minio-$FEATURE_ID-tls --set minioIngress.tls.secretName=minio-$CI_COMMIT_REF_SLUG-tls
environment: environment:
name: review/$CI_COMMIT_REF_SLUG name: review/$CI_COMMIT_REF_SLUG
url: https://orchard-$CI_COMMIT_SHORT_SHA.common.global.bsf.tools url: https://orchard-$CI_COMMIT_REF_SLUG.common.global.bsf.tools
on_stop: cleanup_feature on_stop: cleanup_feature
kubernetes: kubernetes:
agent: esv/bsf/bsf-integration/orchard/orchard-mvp:orchard agent: esv/bsf/bsf-integration/orchard/orchard-mvp:orchard
@@ -128,21 +97,19 @@ deploy_feature:
# Cleanup feature branch deployment # Cleanup feature branch deployment
cleanup_feature: cleanup_feature:
stage: deploy stage: deploy
variables:
FEATURE_ID: feat-$CI_COMMIT_SHORT_SHA
NAMESPACE: orch-dev-namespace
AGENT: esv/bsf/bsf-integration/orchard/orchard-mvp:orchard
image: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12 image: deps.global.bsf.tools/registry-1.docker.io/alpine/k8s:1.29.12
variables:
NAMESPACE: orch-dev-namespace
before_script: before_script:
- kubectl config use-context esv/bsf/bsf-integration/orchard/orchard-mvp:orchard - kubectl config use-context esv/bsf/bsf-integration/orchard/orchard-mvp:orchard
script: script:
- echo "Cleaning up feature deployment orchard-$FEATURE_ID" - echo "Cleaning up feature deployment orchard-$CI_COMMIT_REF_SLUG"
- helm uninstall orchard-$FEATURE_ID --namespace $NAMESPACE || true - helm uninstall orchard-$CI_COMMIT_REF_SLUG --namespace $NAMESPACE || true
environment: environment:
name: review/$CI_COMMIT_REF_SLUG name: review/$CI_COMMIT_REF_SLUG
action: stop action: stop
kubernetes: kubernetes:
agent: $AGENT agent: esv/bsf/bsf-integration/orchard/orchard-mvp:orchard
rules: rules:
- if: '$CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != "main"' - if: '$CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH != "main"'
when: manual when: manual

58
helm/orchard/values-external.yaml
View File

@@ -1,58 +0,0 @@
# Values for using external PostgreSQL and S3 storage
# Use this when you have existing infrastructure
replicaCount: 2
image:
pullPolicy: Always
# Disable subcharts - use external services
postgresql:
enabled: false
minio:
enabled: false
redis:
enabled: false
orchard:
database:
host: "your-postgres-host.example.com"
port: 5432
user: orchard
dbname: orchard
sslmode: require
# Option 1: Use existing secret
existingSecret: "my-postgres-secret"
existingSecretPasswordKey: "password"
# Option 2: Set password directly (not recommended)
# password: "your-password"
s3:
endpoint: "https://s3.amazonaws.com"
region: us-east-1
bucket: orchard-artifacts
usePathStyle: false
# Option 1: Use existing secret
existingSecret: "my-s3-secret"
existingSecretAccessKeyKey: "access-key-id"
existingSecretSecretKeyKey: "secret-access-key"
# Option 2: Set credentials directly (not recommended)
# accessKeyId: "your-access-key"
# secretAccessKey: "your-secret-key"
ingress:
enabled: true
className: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: orchard.example.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: orchard-tls
hosts:
- orchard.example.com

80
helm/orchard/values-production.yaml
View File

@@ -1,80 +0,0 @@
# Production values for orchard
replicaCount: 3
image:
pullPolicy: Always
resources:
limits:
cpu: 1000m
memory: 1Gi
requests:
cpu: 250m
memory: 256Mi
autoscaling:
enabled: true
minReplicas: 3
maxReplicas: 20
targetCPUUtilizationPercentage: 70
targetMemoryUtilizationPercentage: 80
ingress:
enabled: true
className: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/proxy-body-size: "500m"
hosts:
- host: orchard.example.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: orchard-tls
hosts:
- orchard.example.com
orchard:
database:
sslmode: require
postgresql:
enabled: true
auth:
password: "" # Set via --set or external secret
primary:
persistence:
enabled: true
size: 100Gi
resources:
limits:
cpu: 2000m
memory: 4Gi
requests:
cpu: 500m
memory: 1Gi
minio:
enabled: true
auth:
rootPassword: "" # Set via --set or external secret
persistence:
enabled: true
size: 500Gi
resources:
limits:
cpu: 2000m
memory: 4Gi
requests:
cpu: 500m
memory: 1Gi
redis:
enabled: true
auth:
password: "" # Set via --set or external secret
master:
persistence:
enabled: true
size: 10Gi