From 36d4266b5a296ac644b6c035ae2f667fb3fdd729 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 10:39:30 -0700 Subject: [PATCH 01/17] Set up tilt CI for testing gitops-stack --- .github/worklows/checks.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/worklows/checks.yml diff --git a/.github/worklows/checks.yml b/.github/worklows/checks.yml new file mode 100644 index 00000000..c7766c9b --- /dev/null +++ b/.github/worklows/checks.yml @@ -0,0 +1,24 @@ +name: Checks + +on: + push: + pull_request: + branches: [ develop ] + +jobs: + checks: + + runs-on: ubuntu-latest + container: + image: docker/tilt:latest + + steps: + - uses: actions/checkout@v4 + + - name: Create k8s Kind Cluster + run: ctlptl create cluster kind --registry=ctlptl-registry + + - name: Test Using Local Config + run: tilt ci + + From 54cf5865fedc0b1ed3b4f18048862608b531e5cf Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 10:44:40 -0700 Subject: [PATCH 02/17] Use array syntax --- .github/worklows/checks.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/worklows/checks.yml b/.github/worklows/checks.yml index c7766c9b..6b1f36cd 100644 --- a/.github/worklows/checks.yml +++ b/.github/worklows/checks.yml @@ -3,7 +3,8 @@ name: Checks on: push: pull_request: - branches: [ develop ] + branches: + - develop jobs: checks: From e19cdf7596e743431b8aaf493d98b7e8608a39d4 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 10:51:28 -0700 Subject: [PATCH 03/17] Correct folder name --- .github/{worklows => workflows}/checks.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/{worklows => workflows}/checks.yml (100%) diff --git a/.github/worklows/checks.yml b/.github/workflows/checks.yml similarity index 100% rename from .github/worklows/checks.yml rename to .github/workflows/checks.yml From 36279936f621228093141cc4f049215f77385d4b Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 10:53:55 -0700 Subject: [PATCH 04/17] Make helm-with-cache.sh executable --- tilt/scripts/helm-with-cache.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 tilt/scripts/helm-with-cache.sh diff --git a/tilt/scripts/helm-with-cache.sh b/tilt/scripts/helm-with-cache.sh old mode 100644 new mode 100755 From be9779c00c0362e4a0761c9e712a3e80bd28d1ae Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 10:58:55 -0700 Subject: [PATCH 05/17] Add helm install --- .github/workflows/checks.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 6b1f36cd..ece603c6 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -19,6 +19,9 @@ jobs: - name: Create k8s Kind Cluster run: ctlptl create cluster kind --registry=ctlptl-registry + - name: Install Helm + run: snap install helm --classic + - name: Test Using Local Config run: tilt ci From ca899254604682a826c1c24140b90d6cb6ce1943 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 11:02:07 -0700 Subject: [PATCH 06/17] Use helm script for installing --- .github/workflows/checks.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index ece603c6..fe032ead 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -20,8 +20,8 @@ jobs: run: ctlptl create cluster kind --registry=ctlptl-registry - name: Install Helm - run: snap install helm --classic - + run: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-4 | bash + - name: Test Using Local Config run: tilt ci From f652ee134f405613ceaf6ac7e204e6f957a71273 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 11:11:30 -0700 Subject: [PATCH 07/17] Add traefik namespace to namespaces.yaml --- cluster/namespaces.yaml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/cluster/namespaces.yaml b/cluster/namespaces.yaml index ac703faa..5b72ac64 100644 --- a/cluster/namespaces.yaml +++ b/cluster/namespaces.yaml @@ -13,4 +13,10 @@ metadata: apiVersion: v1 kind: Namespace metadata: - name: faf-ops \ No newline at end of file + name: faf-ops + +--- +apiVersion: v1 +kind: Namespace +metadata: + name: traefik \ No newline at end of file From 466ca7be5ebdb41d6f17c7ce329f81fbc4223d8a Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 11:12:44 -0700 Subject: [PATCH 08/17] add dependency of traefik on namespaces --- Tiltfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Tiltfile b/Tiltfile index a4ab8816..b1028880 100644 --- a/Tiltfile +++ b/Tiltfile @@ -156,7 +156,7 @@ def no_policy_server(yaml): k8s_yaml("cluster/namespaces.yaml") k8s_yaml(helm_with_build_cache("infra/clusterroles", namespace="faf-infra", values=["config/local.yaml"])) -k8s_resource(new_name="namespaces", objects=["faf-infra:namespace", "faf-apps:namespace", "faf-ops:namespace"], labels=["core"]) +k8s_resource(new_name="namespaces", objects=["faf-infra:namespace", "faf-apps:namespace", "faf-ops:namespace", "traefik:namespace"], labels=["core"]) k8s_resource(new_name="clusterroles", objects=["read-cm-secrets:clusterrole"], labels=["core"]) k8s_resource(new_name="init-apps", objects=["init-apps:serviceaccount:faf-infra", "init-apps:serviceaccount:faf-apps", "allow-init-apps-read-app-config-infra:rolebinding", "allow-init-apps-read-app-config-apps:rolebinding"], resource_deps=["clusterroles"], labels=["core"]) @@ -182,7 +182,7 @@ for object in decode_yaml_stream(traefik_yaml): if kind != "deployment" and kind != "service": traefik_identifiers.append(name + ":" + kind) -k8s_resource(new_name="traefik-setup", objects=traefik_identifiers, labels=["traefik"]) +k8s_resource(new_name="traefik-setup", objects=traefik_identifiers, resource_deps=["namespaces"], labels=["traefik"]) k8s_resource(workload="release-name-traefik", new_name="traefik", port_forwards=["443:8443"], resource_deps=["traefik-setup"], labels=["traefik"]) postgres_yaml = helm_with_build_cache("infra/postgres", namespace="faf-infra", values=["config/local.yaml"]) From 001c9fa723473960011a17f935090544f1061b3c Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 11:24:47 -0700 Subject: [PATCH 09/17] Add proper escape to hydra client init job --- apps/ory-hydra/templates/init-clients.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/ory-hydra/templates/init-clients.yaml b/apps/ory-hydra/templates/init-clients.yaml index 6e99a8b2..089ea9ef 100644 --- a/apps/ory-hydra/templates/init-clients.yaml +++ b/apps/ory-hydra/templates/init-clients.yaml @@ -66,7 +66,7 @@ spec: --policy-uri "{{ .policyUri }}" \ {{- end }} {{- if .tokenEndpointAuthMethod }} - --token-endpoint-auth-method "{{ .tokenEndpointAuthMethod }}" + --token-endpoint-auth-method "{{ .tokenEndpointAuthMethod }}" \ {{- end }} {{- if .owner }} --owner "{{ .owner }}" From 94983283df93b54a5933f94ad9c1fa59e87a2f76 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 11:47:39 -0700 Subject: [PATCH 10/17] Add icebreaker mariadb user creation --- apps/faf-icebreaker/templates/config.yaml | 1 + infra/mariadb/values.yaml | 7 +++++++ 2 files changed, 8 insertions(+) diff --git a/apps/faf-icebreaker/templates/config.yaml b/apps/faf-icebreaker/templates/config.yaml index 3186f54c..5890ab6e 100644 --- a/apps/faf-icebreaker/templates/config.yaml +++ b/apps/faf-icebreaker/templates/config.yaml @@ -9,6 +9,7 @@ data: HYDRA_URL: "https://hydra.{{.Values.baseDomain}}" SELF_URL: "https://ice.{{.Values.baseDomain}}" DB_USERNAME: "faf-icebreaker" + DB_NAME: "faf-icebreaker" DB_URL: "jdbc:mariadb://mariadb:3306/faf-icebreaker?ssl=false" RABBITMQ_HOST: "rabbitmq" RABBITMQ_USER: "faf-icebreaker" diff --git a/infra/mariadb/values.yaml b/infra/mariadb/values.yaml index 0845f456..cff135f2 100644 --- a/infra/mariadb/values.yaml +++ b/infra/mariadb/values.yaml @@ -50,6 +50,13 @@ databasesAndUsers: usernameKey: DB_LOGIN passwordKey: DB_PASSWORD + # Icebreaker database + - configMapRef: faf-icebreaker + secretRef: faf-icebreaker + databaseKey: DB_NAME + usernameKey: DB_USERNAME + passwordKey: DB_PASSWORD + # Others - configMapRef: wordpress secretRef: wordpress From 67efdb24dba2123f22eba87a60f1d4c36a7e9633 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 12:05:12 -0700 Subject: [PATCH 11/17] Update icebreak version to support default --- apps/faf-icebreaker/templates/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/faf-icebreaker/templates/deployment.yaml b/apps/faf-icebreaker/templates/deployment.yaml index b9accae9..442101ee 100644 --- a/apps/faf-icebreaker/templates/deployment.yaml +++ b/apps/faf-icebreaker/templates/deployment.yaml @@ -32,7 +32,7 @@ spec: - name: geolite-db mountPath: /usr/share/GeoIP containers: - - image: faforever/faf-icebreaker:1.2.0-RC2 + - image: faforever/faf-icebreaker:1.2.0-RC3 imagePullPolicy: Always name: faf-icebreaker envFrom: From 6f44cf379a7c84da56e0348b2b198c73364dd4c2 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 13:07:09 -0700 Subject: [PATCH 12/17] Set 5m timeout --- .github/workflows/checks.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index fe032ead..2825e145 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -21,8 +21,8 @@ jobs: - name: Install Helm run: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-4 | bash - + - name: Test Using Local Config - run: tilt ci + run: tilt ci --timeout "5m" From 790a9f23feacb9b7b6507ad0607e672b19a58348 Mon Sep 17 00:00:00 2001 From: Sheikah45 <66929319+Sheikah45@users.noreply.github.com> Date: Tue, 23 Dec 2025 16:22:48 -0500 Subject: [PATCH 13/17] Add CPU and memory request to user service --- apps/faf-user-service/templates/deployment.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/apps/faf-user-service/templates/deployment.yaml b/apps/faf-user-service/templates/deployment.yaml index 616bb16e..debb1588 100644 --- a/apps/faf-user-service/templates/deployment.yaml +++ b/apps/faf-user-service/templates/deployment.yaml @@ -40,6 +40,9 @@ spec: limits: memory: 10Gi cpu: 3000m + requests: + memory: 2Gi + cpu: 1000m startupProbe: httpGet: port: 8080 From ed6de34d4c7c3b39df64a887afe53bfd27f74866 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 15:07:57 -0700 Subject: [PATCH 14/17] Use azure setup-helm action --- .github/workflows/checks.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 2825e145..8e820801 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -16,12 +16,11 @@ jobs: steps: - uses: actions/checkout@v4 + - uses: azure/setup-helm@v4.3.0 + - name: Create k8s Kind Cluster run: ctlptl create cluster kind --registry=ctlptl-registry - - name: Install Helm - run: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-4 | bash - - name: Test Using Local Config run: tilt ci --timeout "5m" From 0499e483e1acdbe60000e84594bcc0c84c5129b3 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 16:18:59 -0700 Subject: [PATCH 15/17] Fix hydra init errors and website urls --- Tiltfile | 6 ++++-- apps/ory-hydra/templates/init-clients.yaml | 3 ++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/Tiltfile b/Tiltfile index b1028880..f7db4af4 100644 --- a/Tiltfile +++ b/Tiltfile @@ -237,9 +237,11 @@ k8s_resource(workload="populate-db", resource_deps=["faf-db-migrations"], labels k8s_yaml(keep_objects_of_kind(helm_with_build_cache("apps/faf-voting", namespace="faf-apps", values=["config/local.yaml"]), kinds=["ConfigMap", "Secret"])) k8s_resource(new_name="faf-voting-config", objects=["faf-voting:configmap", "faf-voting:secret"], labels=["voting"]) -k8s_yaml(helm_with_build_cache("apps/faf-website", namespace="faf-apps", values=["config/local.yaml", "apps/faf-website/values-prod.yaml"])) +website_yaml = helm_with_build_cache("apps/faf-website", namespace="faf-apps", values=["config/local.yaml", "apps/faf-website/values-prod.yaml"]) +website_yaml = patch_config(website_yaml, "faf-website", {"OAUTH_URL": "http://ory-hydra:4444", "OAUTH_PUBLIC_URL": "http://localhost:4444", "API_URL": "http://faf-api:8010", "WP_URL": "http://wordpress:80"}) +k8s_yaml(website_yaml) k8s_resource(new_name="faf-website-config", objects=["faf-website:configmap", "faf-website:secret"], labels=["website"]) -k8s_resource(workload="faf-website", objects=["faf-website:ingressroute"], resource_deps=["traefik"], labels=["website"], links=[link("https://www.localhost", "FAForever Website")]) +k8s_resource(workload="faf-website", objects=["faf-website:ingressroute"], resource_deps=["traefik", "wordpress"], labels=["website"], links=[link("https://www.localhost", "FAForever Website")]) # k8s_yaml(helm_with_build_cache("apps/faf-content", namespace="faf-apps", values=["config/local.yaml"])) # k8s_resource(new_name="faf-content-config", objects=["faf-content:configmap"], labels=["content"]) diff --git a/apps/ory-hydra/templates/init-clients.yaml b/apps/ory-hydra/templates/init-clients.yaml index 089ea9ef..bfb76466 100644 --- a/apps/ory-hydra/templates/init-clients.yaml +++ b/apps/ory-hydra/templates/init-clients.yaml @@ -69,8 +69,9 @@ spec: --token-endpoint-auth-method "{{ .tokenEndpointAuthMethod }}" \ {{- end }} {{- if .owner }} - --owner "{{ .owner }}" + --owner "{{ .owner }}" \ {{- end }} + ; else echo "Client {{ .id }} already exists, skipping." fi From c99954930a91f6affa8add7d1e3250af3d4add2a Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 16:28:32 -0700 Subject: [PATCH 16/17] Update readme for test data --- README.MD | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.MD b/README.MD index 160d8014..210d979f 100644 --- a/README.MD +++ b/README.MD @@ -79,5 +79,5 @@ In the root directory of the repository run `tilt up`. This will start all the f To develop against the FAF infrastructure you should disable the service in tilt that you are actively developing. Once disabled you can start up your developed version. Some tweaks may need to be made to the default configuration parameters in the source code. The proper values can be found in the configMaps in each of the services kubernetes deploy yaml files. ## Test Data -The default test data that is loaded can be found in /sql/test-data.sql. This can be overridden by providing a new path with the tilt configuration key test-data-path when running tilt up or in the tilt_config.json file in the repository root directory. +The default test data that is loaded can be found in [faf-db](https://github.com/FAForever/db/blob/develop/test-data.sql) From 5f5a0cdc365f38554f6ccbd0800d41770c01d50a Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Fri, 26 Dec 2025 22:57:23 -0500 Subject: [PATCH 17/17] Update to RC4 --- apps/faf-icebreaker/templates/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/faf-icebreaker/templates/deployment.yaml b/apps/faf-icebreaker/templates/deployment.yaml index 442101ee..6c0e0c1d 100644 --- a/apps/faf-icebreaker/templates/deployment.yaml +++ b/apps/faf-icebreaker/templates/deployment.yaml @@ -32,7 +32,7 @@ spec: - name: geolite-db mountPath: /usr/share/GeoIP containers: - - image: faforever/faf-icebreaker:1.2.0-RC3 + - image: faforever/faf-icebreaker:1.2.0-RC4 imagePullPolicy: Always name: faf-icebreaker envFrom: