From 114fe16c602b2af564dc36f96a12eb38bd9cb91f Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 10:39:30 -0700 Subject: [PATCH 01/17] Set up tilt CI for testing gitops-stack --- .github/worklows/checks.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/worklows/checks.yml diff --git a/.github/worklows/checks.yml b/.github/worklows/checks.yml new file mode 100644 index 00000000..c7766c9b --- /dev/null +++ b/.github/worklows/checks.yml @@ -0,0 +1,24 @@ +name: Checks + +on: + push: + pull_request: + branches: [ develop ] + +jobs: + checks: + + runs-on: ubuntu-latest + container: + image: docker/tilt:latest + + steps: + - uses: actions/checkout@v4 + + - name: Create k8s Kind Cluster + run: ctlptl create cluster kind --registry=ctlptl-registry + + - name: Test Using Local Config + run: tilt ci + + From 4bcaf8f29adc36c8dba3bd9108b4242097ecff74 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 10:44:40 -0700 Subject: [PATCH 02/17] Use array syntax --- .github/worklows/checks.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/worklows/checks.yml b/.github/worklows/checks.yml index c7766c9b..6b1f36cd 100644 --- a/.github/worklows/checks.yml +++ b/.github/worklows/checks.yml @@ -3,7 +3,8 @@ name: Checks on: push: pull_request: - branches: [ develop ] + branches: + - develop jobs: checks: From f1eccfc635556fd90703e1616f0dc9f8d499634d Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 10:51:28 -0700 Subject: [PATCH 03/17] Correct folder name --- .github/{worklows => workflows}/checks.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/{worklows => workflows}/checks.yml (100%) diff --git a/.github/worklows/checks.yml b/.github/workflows/checks.yml similarity index 100% rename from .github/worklows/checks.yml rename to .github/workflows/checks.yml From dfb2c033d3a1e0d0bd4ed7723d5782712cc57e75 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 10:53:55 -0700 Subject: [PATCH 04/17] Make helm-with-cache.sh executable --- tilt/scripts/helm-with-cache.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 tilt/scripts/helm-with-cache.sh diff --git a/tilt/scripts/helm-with-cache.sh b/tilt/scripts/helm-with-cache.sh old mode 100644 new mode 100755 From 52559f2b2cd2bfd1642bfd2536b4c6f3061e92db Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 10:58:55 -0700 Subject: [PATCH 05/17] Add helm install --- .github/workflows/checks.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 6b1f36cd..ece603c6 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -19,6 +19,9 @@ jobs: - name: Create k8s Kind Cluster run: ctlptl create cluster kind --registry=ctlptl-registry + - name: Install Helm + run: snap install helm --classic + - name: Test Using Local Config run: tilt ci From af8a980b6fc6ac326a7dda93e0b3706220714eb1 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 11:02:07 -0700 Subject: [PATCH 06/17] Use helm script for installing --- .github/workflows/checks.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index ece603c6..fe032ead 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -20,8 +20,8 @@ jobs: run: ctlptl create cluster kind --registry=ctlptl-registry - name: Install Helm - run: snap install helm --classic - + run: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-4 | bash + - name: Test Using Local Config run: tilt ci From 23659fc4404069a60700215392d68c6cfece4923 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 11:11:30 -0700 Subject: [PATCH 07/17] Add traefik namespace to namespaces.yaml --- cluster/namespaces.yaml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/cluster/namespaces.yaml b/cluster/namespaces.yaml index ac703faa..5b72ac64 100644 --- a/cluster/namespaces.yaml +++ b/cluster/namespaces.yaml @@ -13,4 +13,10 @@ metadata: apiVersion: v1 kind: Namespace metadata: - name: faf-ops \ No newline at end of file + name: faf-ops + +--- +apiVersion: v1 +kind: Namespace +metadata: + name: traefik \ No newline at end of file From 195707fc0c2825f430d1bc2feb21431bc87c7ba1 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 11:12:44 -0700 Subject: [PATCH 08/17] add dependency of traefik on namespaces --- Tiltfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Tiltfile b/Tiltfile index a4ab8816..b1028880 100644 --- a/Tiltfile +++ b/Tiltfile @@ -156,7 +156,7 @@ def no_policy_server(yaml): k8s_yaml("cluster/namespaces.yaml") k8s_yaml(helm_with_build_cache("infra/clusterroles", namespace="faf-infra", values=["config/local.yaml"])) -k8s_resource(new_name="namespaces", objects=["faf-infra:namespace", "faf-apps:namespace", "faf-ops:namespace"], labels=["core"]) +k8s_resource(new_name="namespaces", objects=["faf-infra:namespace", "faf-apps:namespace", "faf-ops:namespace", "traefik:namespace"], labels=["core"]) k8s_resource(new_name="clusterroles", objects=["read-cm-secrets:clusterrole"], labels=["core"]) k8s_resource(new_name="init-apps", objects=["init-apps:serviceaccount:faf-infra", "init-apps:serviceaccount:faf-apps", "allow-init-apps-read-app-config-infra:rolebinding", "allow-init-apps-read-app-config-apps:rolebinding"], resource_deps=["clusterroles"], labels=["core"]) @@ -182,7 +182,7 @@ for object in decode_yaml_stream(traefik_yaml): if kind != "deployment" and kind != "service": traefik_identifiers.append(name + ":" + kind) -k8s_resource(new_name="traefik-setup", objects=traefik_identifiers, labels=["traefik"]) +k8s_resource(new_name="traefik-setup", objects=traefik_identifiers, resource_deps=["namespaces"], labels=["traefik"]) k8s_resource(workload="release-name-traefik", new_name="traefik", port_forwards=["443:8443"], resource_deps=["traefik-setup"], labels=["traefik"]) postgres_yaml = helm_with_build_cache("infra/postgres", namespace="faf-infra", values=["config/local.yaml"]) From 3d5b94467ce56db3e868516046f3e62247ac64e2 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 11:24:47 -0700 Subject: [PATCH 09/17] Add proper escape to hydra client init job --- apps/ory-hydra/templates/init-clients.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/ory-hydra/templates/init-clients.yaml b/apps/ory-hydra/templates/init-clients.yaml index 6e99a8b2..089ea9ef 100644 --- a/apps/ory-hydra/templates/init-clients.yaml +++ b/apps/ory-hydra/templates/init-clients.yaml @@ -66,7 +66,7 @@ spec: --policy-uri "{{ .policyUri }}" \ {{- end }} {{- if .tokenEndpointAuthMethod }} - --token-endpoint-auth-method "{{ .tokenEndpointAuthMethod }}" + --token-endpoint-auth-method "{{ .tokenEndpointAuthMethod }}" \ {{- end }} {{- if .owner }} --owner "{{ .owner }}" From 4ac532b5044edfffceeb31c84f16bde99e04d450 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 11:47:39 -0700 Subject: [PATCH 10/17] Add icebreaker mariadb user creation --- apps/faf-icebreaker/templates/config.yaml | 1 + infra/mariadb/values.yaml | 7 +++++++ 2 files changed, 8 insertions(+) diff --git a/apps/faf-icebreaker/templates/config.yaml b/apps/faf-icebreaker/templates/config.yaml index 3186f54c..5890ab6e 100644 --- a/apps/faf-icebreaker/templates/config.yaml +++ b/apps/faf-icebreaker/templates/config.yaml @@ -9,6 +9,7 @@ data: HYDRA_URL: "https://hydra.{{.Values.baseDomain}}" SELF_URL: "https://ice.{{.Values.baseDomain}}" DB_USERNAME: "faf-icebreaker" + DB_NAME: "faf-icebreaker" DB_URL: "jdbc:mariadb://mariadb:3306/faf-icebreaker?ssl=false" RABBITMQ_HOST: "rabbitmq" RABBITMQ_USER: "faf-icebreaker" diff --git a/infra/mariadb/values.yaml b/infra/mariadb/values.yaml index 0845f456..cff135f2 100644 --- a/infra/mariadb/values.yaml +++ b/infra/mariadb/values.yaml @@ -50,6 +50,13 @@ databasesAndUsers: usernameKey: DB_LOGIN passwordKey: DB_PASSWORD + # Icebreaker database + - configMapRef: faf-icebreaker + secretRef: faf-icebreaker + databaseKey: DB_NAME + usernameKey: DB_USERNAME + passwordKey: DB_PASSWORD + # Others - configMapRef: wordpress secretRef: wordpress From b9f010441ebbb3d589ca5ea22836ea97f4ef10b2 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 12:05:12 -0700 Subject: [PATCH 11/17] Update icebreak version to support default --- apps/faf-icebreaker/templates/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/faf-icebreaker/templates/deployment.yaml b/apps/faf-icebreaker/templates/deployment.yaml index b9accae9..442101ee 100644 --- a/apps/faf-icebreaker/templates/deployment.yaml +++ b/apps/faf-icebreaker/templates/deployment.yaml @@ -32,7 +32,7 @@ spec: - name: geolite-db mountPath: /usr/share/GeoIP containers: - - image: faforever/faf-icebreaker:1.2.0-RC2 + - image: faforever/faf-icebreaker:1.2.0-RC3 imagePullPolicy: Always name: faf-icebreaker envFrom: From 16f75c445d043a88b2fc1c0fae3f7f59865db970 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 13:07:09 -0700 Subject: [PATCH 12/17] Set 5m timeout --- .github/workflows/checks.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index fe032ead..2825e145 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -21,8 +21,8 @@ jobs: - name: Install Helm run: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-4 | bash - + - name: Test Using Local Config - run: tilt ci + run: tilt ci --timeout "5m" From 4c3f1f6ec62e3dc8a81fde201b941ed8c975ec71 Mon Sep 17 00:00:00 2001 From: Sheikah45 <66929319+Sheikah45@users.noreply.github.com> Date: Tue, 23 Dec 2025 16:22:48 -0500 Subject: [PATCH 13/17] Add CPU and memory request to user service --- apps/faf-user-service/templates/deployment.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/apps/faf-user-service/templates/deployment.yaml b/apps/faf-user-service/templates/deployment.yaml index 616bb16e..debb1588 100644 --- a/apps/faf-user-service/templates/deployment.yaml +++ b/apps/faf-user-service/templates/deployment.yaml @@ -40,6 +40,9 @@ spec: limits: memory: 10Gi cpu: 3000m + requests: + memory: 2Gi + cpu: 1000m startupProbe: httpGet: port: 8080 From edeeb0744e0b035adc0bf8f7db1ccab9da017624 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 15:07:57 -0700 Subject: [PATCH 14/17] Use azure setup-helm action --- .github/workflows/checks.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 2825e145..8e820801 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -16,12 +16,11 @@ jobs: steps: - uses: actions/checkout@v4 + - uses: azure/setup-helm@v4.3.0 + - name: Create k8s Kind Cluster run: ctlptl create cluster kind --registry=ctlptl-registry - - name: Install Helm - run: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-4 | bash - - name: Test Using Local Config run: tilt ci --timeout "5m" From 933a75f94f9ce44345c149bba8ecf6894ff6c11e Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 16:18:59 -0700 Subject: [PATCH 15/17] Fix hydra init errors and website urls --- Tiltfile | 6 ++++-- apps/ory-hydra/templates/init-clients.yaml | 3 ++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/Tiltfile b/Tiltfile index b1028880..f7db4af4 100644 --- a/Tiltfile +++ b/Tiltfile @@ -237,9 +237,11 @@ k8s_resource(workload="populate-db", resource_deps=["faf-db-migrations"], labels k8s_yaml(keep_objects_of_kind(helm_with_build_cache("apps/faf-voting", namespace="faf-apps", values=["config/local.yaml"]), kinds=["ConfigMap", "Secret"])) k8s_resource(new_name="faf-voting-config", objects=["faf-voting:configmap", "faf-voting:secret"], labels=["voting"]) -k8s_yaml(helm_with_build_cache("apps/faf-website", namespace="faf-apps", values=["config/local.yaml", "apps/faf-website/values-prod.yaml"])) +website_yaml = helm_with_build_cache("apps/faf-website", namespace="faf-apps", values=["config/local.yaml", "apps/faf-website/values-prod.yaml"]) +website_yaml = patch_config(website_yaml, "faf-website", {"OAUTH_URL": "http://ory-hydra:4444", "OAUTH_PUBLIC_URL": "http://localhost:4444", "API_URL": "http://faf-api:8010", "WP_URL": "http://wordpress:80"}) +k8s_yaml(website_yaml) k8s_resource(new_name="faf-website-config", objects=["faf-website:configmap", "faf-website:secret"], labels=["website"]) -k8s_resource(workload="faf-website", objects=["faf-website:ingressroute"], resource_deps=["traefik"], labels=["website"], links=[link("https://www.localhost", "FAForever Website")]) +k8s_resource(workload="faf-website", objects=["faf-website:ingressroute"], resource_deps=["traefik", "wordpress"], labels=["website"], links=[link("https://www.localhost", "FAForever Website")]) # k8s_yaml(helm_with_build_cache("apps/faf-content", namespace="faf-apps", values=["config/local.yaml"])) # k8s_resource(new_name="faf-content-config", objects=["faf-content:configmap"], labels=["content"]) diff --git a/apps/ory-hydra/templates/init-clients.yaml b/apps/ory-hydra/templates/init-clients.yaml index 089ea9ef..bfb76466 100644 --- a/apps/ory-hydra/templates/init-clients.yaml +++ b/apps/ory-hydra/templates/init-clients.yaml @@ -69,8 +69,9 @@ spec: --token-endpoint-auth-method "{{ .tokenEndpointAuthMethod }}" \ {{- end }} {{- if .owner }} - --owner "{{ .owner }}" + --owner "{{ .owner }}" \ {{- end }} + ; else echo "Client {{ .id }} already exists, skipping." fi From 94e18aaff7b21e7b3177df87d68254f96db91944 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Tue, 23 Dec 2025 16:28:32 -0700 Subject: [PATCH 16/17] Update readme for test data --- README.MD | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.MD b/README.MD index 160d8014..210d979f 100644 --- a/README.MD +++ b/README.MD @@ -79,5 +79,5 @@ In the root directory of the repository run `tilt up`. This will start all the f To develop against the FAF infrastructure you should disable the service in tilt that you are actively developing. Once disabled you can start up your developed version. Some tweaks may need to be made to the default configuration parameters in the source code. The proper values can be found in the configMaps in each of the services kubernetes deploy yaml files. ## Test Data -The default test data that is loaded can be found in /sql/test-data.sql. This can be overridden by providing a new path with the tilt configuration key test-data-path when running tilt up or in the tilt_config.json file in the repository root directory. +The default test data that is loaded can be found in [faf-db](https://github.com/FAForever/db/blob/develop/test-data.sql) From ab8c6374291ee562be5a6ef140c5902607dc6701 Mon Sep 17 00:00:00 2001 From: Sheikah45 Date: Fri, 26 Dec 2025 22:57:23 -0500 Subject: [PATCH 17/17] Update to RC4 --- apps/faf-icebreaker/templates/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/faf-icebreaker/templates/deployment.yaml b/apps/faf-icebreaker/templates/deployment.yaml index 442101ee..6c0e0c1d 100644 --- a/apps/faf-icebreaker/templates/deployment.yaml +++ b/apps/faf-icebreaker/templates/deployment.yaml @@ -32,7 +32,7 @@ spec: - name: geolite-db mountPath: /usr/share/GeoIP containers: - - image: faforever/faf-icebreaker:1.2.0-RC3 + - image: faforever/faf-icebreaker:1.2.0-RC4 imagePullPolicy: Always name: faf-icebreaker envFrom: