From 928435dcd3474cc6c1423789041db95e3e300a03 Mon Sep 17 00:00:00 2001 From: Martyn Ranyard Date: Tue, 5 May 2026 21:42:24 +0200 Subject: [PATCH] Adding some example files to test with from https://github.com/wmde/wbaas-deploy --- testdata/complex.yaml | 264 +++++++++++++++++++++++++++ testdata/complex.yaml.gotmpl | 264 +++++++++++++++++++++++++++ testdata/easy.yaml | 12 ++ testdata/env/production/base.yaml | 7 + testdata/env/production/private.yaml | 43 +++++ 5 files changed, 590 insertions(+) create mode 100644 testdata/complex.yaml create mode 100644 testdata/complex.yaml.gotmpl create mode 100644 testdata/easy.yaml create mode 100644 testdata/env/production/base.yaml create mode 100644 testdata/env/production/private.yaml diff --git a/testdata/complex.yaml b/testdata/complex.yaml new file mode 100644 index 0000000..2bf0240 --- /dev/null +++ b/testdata/complex.yaml @@ -0,0 +1,264 @@ +repositories: + - name: wbstack + url: https://wbstack.github.io/charts + - name: cetic + url: https://cetic.github.io/helm-charts + - name: codecentric + url: https://codecentric.github.io/helm-charts + - name: ingress-nginx + url: https://kubernetes.github.io/ingress-nginx + - name: prometheus-community + url: https://prometheus-community.github.io/helm-charts + - name: istio + url: https://istio-release.storage.googleapis.com/charts + - name: minio + url: https://charts.min.io + +environments: + default: + kubeContext: INVALID-ENVIRONMENT + production: + kubeContext: gke_wikibase-cloud_europe-west3-a_wbaas-3 + values: + - ./env/production/base.yaml + - ./env/production/private.yaml + staging: + kubeContext: gke_wikibase-cloud_europe-west3-a_wbaas-2 + values: + - ./env/staging/base.yaml + - ./env/staging/private.yaml + local: + kubeContext: minikube-wbaas + values: + - ./env/local/base.yaml + - ./env/local/private.yaml + +# TODO: does this need increasing? +helmDefaults: + timeout: 1200 + diffArgs: + - "--api-versions=discovery.k8s.io/v1/EndpointSlice" # See T358468 + +# Path to helmfiles to process BEFORE releases +# All the nested state files under `helmfiles:` is processed in the order of definition. +helmfiles: + - path: cert-manager.yaml + values: + - foo: bar + - path: prometheus-operator.yaml + values: + - foo: null + - path: istio-control-plane.yaml + values: + - foo: null + - path: argo-cd.yaml.gotmpl + values: + - foo: null + - path: tailscale-operator.yaml.gotmpl + values: + - foo: null +--- + +templates: + default: &default_release + missingFileHandler: Error + values: + - env/production/UNDEFINED.values.yaml.gotmpl + - env/UNDEFINED/UNDEFINED.values.yaml.gotmpl + +releases: + ################################ + # ALL ENVIRONMENTS + ################################ + + - name: clusterissuers + namespace: cert-manager + chart: wbstack/wikibase-cloud-clusterissuers + version: 0.3.1 + values: + - environment: UNDEFINED + - email: UNDEFINED + - gceProject: UNDEFINED + # TODO this chart needs certificates for some reason, it probably shouldn't + - certificates: + - dnsNames: + - '*.wikibase.cloud' + - 'wikibase.cloud' + - dnsNames: + - '*.wikibase.dev' + - 'wikibase.dev' + + - name: certificates + namespace: default + chart: wbstack/certificates + version: 0.1.1 + <<: *default_release + + - name: argocd-config + namespace: argocd + chart: wbstack/argocd-config + version: 2.1.2 + <<: *default_release + + - name: redirects + namespace: default + chart: wbstack/redirects + version: 2.0.0 + <<: *default_release + + - name: ingress-nginx + namespace: kube-system + chart: ingress-nginx/ingress-nginx + version: 4.12.1 + # TODO: future releases of `helmfile` will bring an `inherit` feature + # that can be used instead of YAML anchors. When upgrading helmfile, check + # if we can use this feature here instead. + <<: *default_release + + - name: sql + namespace: default + chart: https://github.com/wbstack/bitnami-legacy/releases/download/mariadb%2F10.5.0/mariadb-10.5.0.tgz + <<: *default_release + + - name: elasticsearch-3 + namespace: default + chart: https://github.com/wbstack/bitnami-legacy/releases/download/elasticsearch%2F19.10.2/elasticsearch-19.10.2.tgz + <<: *default_release + + - name: platform-nginx + namespace: default + chart: https://github.com/wbstack/bitnami-legacy/releases/download/nginx%2F5.2.4/nginx-5.2.4.tgz + <<: *default_release + + - name: anubis + namespace: default + chart: wbstack/anubis + <<: *default_release + + - name: platform-apps-ingress + namespace: default + chart: wbstack/wikibase-ingress + installed: false + values: + - ingressNameSuffix: UNDEFINED + - ingressHost: UNDEFINED + - forceSSL: UNDEFINED + - tls: UNDEFINED + + - name: mediawiki-143 + namespace: default + chart: wbstack/mediawiki + version: 0.14.0 + <<: *default_release + + - name: queryservice-ui + namespace: default + chart: wbstack/queryservice-ui + version: '0.2.0' + <<: *default_release + + - name: queryservice + namespace: default + chart: wbstack/queryservice + version: 0.2.1 + <<: *default_release + + - name: queryservice-gateway + namespace: default + chart: wbstack/queryservice-gateway + version: 0.2.0 + <<: *default_release + + - name: queryservice-updater + namespace: default + chart: wbstack/queryservice-updater + version: "0.3.0" + <<: *default_release + + - name: tool-cradle + namespace: default + chart: wbstack/tool-cradle + version: 0.2.0 + <<: *default_release + + - name: tool-widar + namespace: default + chart: wbstack/tool-widar + version: 0.4.0 + <<: *default_release + + - name: tool-quickstatements + namespace: default + chart: wbstack/tool-quickstatements + version: 0.4.0 + <<: *default_release + + - name: wbaas-backup + namespace: default + chart: wbstack/wbaas-backup + version: 0.1.0 + <<: *default_release + + - name: kube-prometheus-stack + namespace: monitoring + version: '56.6.2' + chart: prometheus-community/kube-prometheus-stack + # https://github.com/roboll/helmfile/issues/1124 + disableValidation: true + <<: *default_release + + - name: prometheus-elasticsearch-exporter-3 + namespace: monitoring + chart: prometheus-community/prometheus-elasticsearch-exporter + version: 7.2.1 + <<: *default_release + + - name: istio-service-mesh + namespace: istio-system + chart: wbstack/istio-service-mesh + version: 0.0.1 + <<: *default_release + + - name: superset + namespace: default + chart: wbstack/superset + version: 0.1.0 + <<: *default_release + + - name: redis + namespace: default + chart: https://github.com/wbstack/bitnami-legacy/releases/download/redis/17.3.8/redis-17.3.8.tgz + <<: *default_release + + - name: redis-2 + namespace: default + chart: https://github.com/wbstack/bitnami-legacy/releases/download/redis/19.6.4/redis-19.6.4.tgz + <<: *default_release + + ################################ + # LOCAL ONLY + ################################ + + - name: adminer-cetic + namespace: default + installed: UNDEFINED + chart: cetic/adminer + version: v0.2.1 + values: + - env/local/adminer-cetic.values.yaml.gotmpl + + - name: mailhog + installed: UNDEFINED + namespace: default + chart: codecentric/mailhog + version: 5.0.1 + values: + - env/local/mailhog.values.yaml.gotmpl + + - name: minio + installed: UNDEFINED + namespace: default + chart: minio/minio + version: 5.0.13 + values: + - env/local/minio.values.yaml.gotmpl \ No newline at end of file diff --git a/testdata/complex.yaml.gotmpl b/testdata/complex.yaml.gotmpl new file mode 100644 index 0000000..0ec32df --- /dev/null +++ b/testdata/complex.yaml.gotmpl @@ -0,0 +1,264 @@ +repositories: + - name: wbstack + url: https://wbstack.github.io/charts + - name: cetic + url: https://cetic.github.io/helm-charts + - name: codecentric + url: https://codecentric.github.io/helm-charts + - name: ingress-nginx + url: https://kubernetes.github.io/ingress-nginx + - name: prometheus-community + url: https://prometheus-community.github.io/helm-charts + - name: istio + url: https://istio-release.storage.googleapis.com/charts + - name: minio + url: https://charts.min.io + +environments: + default: + kubeContext: INVALID-ENVIRONMENT + production: + kubeContext: gke_wikibase-cloud_europe-west3-a_wbaas-3 + values: + - ./env/production/base.yaml + - ./env/production/private.yaml + staging: + kubeContext: gke_wikibase-cloud_europe-west3-a_wbaas-2 + values: + - ./env/staging/base.yaml + - ./env/staging/private.yaml + local: + kubeContext: minikube-wbaas + values: + - ./env/local/base.yaml + - ./env/local/private.yaml + +# TODO: does this need increasing? +helmDefaults: + timeout: 1200 + diffArgs: + - "--api-versions=discovery.k8s.io/v1/EndpointSlice" # See T358468 + +# Path to helmfiles to process BEFORE releases +# All the nested state files under `helmfiles:` is processed in the order of definition. +helmfiles: + - path: cert-manager.yaml + values: + - foo: null + - path: prometheus-operator.yaml + values: + - foo: null + - path: istio-control-plane.yaml + values: + - foo: null + - path: argo-cd.yaml.gotmpl + values: + - foo: null + - path: tailscale-operator.yaml.gotmpl + values: + - foo: null +--- + +templates: + default: &default_release + missingFileHandler: Error + values: + - env/production/{{`{{ .Release.Name }}`}}.values.yaml.gotmpl + - env/{{`{{ .Environment.Name }}`}}/{{`{{ .Release.Name }}`}}.values.yaml.gotmpl + +releases: + ################################ + # ALL ENVIRONMENTS + ################################ + + - name: clusterissuers + namespace: cert-manager + chart: wbstack/wikibase-cloud-clusterissuers + version: 0.3.1 + values: + - environment: {{ .Environment.Name }} + - email: {{ .Values.external.letsencrypt.email }} + - gceProject: {{ .Values.gceProject }} + # TODO this chart needs certificates for some reason, it probably shouldn't + - certificates: + - dnsNames: + - '*.wikibase.cloud' + - 'wikibase.cloud' + - dnsNames: + - '*.wikibase.dev' + - 'wikibase.dev' + + - name: certificates + namespace: default + chart: wbstack/certificates + version: 0.1.1 + <<: *default_release + + - name: argocd-config + namespace: argocd + chart: wbstack/argocd-config + version: 2.1.2 + <<: *default_release + + - name: redirects + namespace: default + chart: wbstack/redirects + version: 2.0.0 + <<: *default_release + + - name: ingress-nginx + namespace: kube-system + chart: ingress-nginx/ingress-nginx + version: 4.12.1 + # TODO: future releases of `helmfile` will bring an `inherit` feature + # that can be used instead of YAML anchors. When upgrading helmfile, check + # if we can use this feature here instead. + <<: *default_release + + - name: sql + namespace: default + chart: https://github.com/wbstack/bitnami-legacy/releases/download/mariadb%2F10.5.0/mariadb-10.5.0.tgz + <<: *default_release + + - name: elasticsearch-3 + namespace: default + chart: https://github.com/wbstack/bitnami-legacy/releases/download/elasticsearch%2F19.10.2/elasticsearch-19.10.2.tgz + <<: *default_release + + - name: platform-nginx + namespace: default + chart: https://github.com/wbstack/bitnami-legacy/releases/download/nginx%2F5.2.4/nginx-5.2.4.tgz + <<: *default_release + + - name: anubis + namespace: default + chart: wbstack/anubis + <<: *default_release + + - name: platform-apps-ingress + namespace: default + chart: wbstack/wikibase-ingress + installed: false + values: + - ingressNameSuffix: {{ .Values.ingressNameSuffix | toYaml }} + - ingressHost: {{ .Values.ingressHost | toYaml }} + - forceSSL: {{ .Values.forceSSL | toYaml }} + - tls: {{ .Values.tls | toYaml }} + + - name: mediawiki-143 + namespace: default + chart: wbstack/mediawiki + version: 0.14.0 + <<: *default_release + + - name: queryservice-ui + namespace: default + chart: wbstack/queryservice-ui + version: '0.2.0' + <<: *default_release + + - name: queryservice + namespace: default + chart: wbstack/queryservice + version: 0.2.1 + <<: *default_release + + - name: queryservice-gateway + namespace: default + chart: wbstack/queryservice-gateway + version: 0.2.0 + <<: *default_release + + - name: queryservice-updater + namespace: default + chart: wbstack/queryservice-updater + version: "0.3.0" + <<: *default_release + + - name: tool-cradle + namespace: default + chart: wbstack/tool-cradle + version: 0.2.0 + <<: *default_release + + - name: tool-widar + namespace: default + chart: wbstack/tool-widar + version: 0.4.0 + <<: *default_release + + - name: tool-quickstatements + namespace: default + chart: wbstack/tool-quickstatements + version: 0.4.0 + <<: *default_release + + - name: wbaas-backup + namespace: default + chart: wbstack/wbaas-backup + version: 0.1.0 + <<: *default_release + + - name: kube-prometheus-stack + namespace: monitoring + version: '56.6.2' + chart: prometheus-community/kube-prometheus-stack + # https://github.com/roboll/helmfile/issues/1124 + disableValidation: true + <<: *default_release + + - name: prometheus-elasticsearch-exporter-3 + namespace: monitoring + chart: prometheus-community/prometheus-elasticsearch-exporter + version: 7.2.1 + <<: *default_release + + - name: istio-service-mesh + namespace: istio-system + chart: wbstack/istio-service-mesh + version: 0.0.1 + <<: *default_release + + - name: superset + namespace: default + chart: wbstack/superset + version: 0.1.0 + <<: *default_release + + - name: redis + namespace: default + chart: https://github.com/wbstack/bitnami-legacy/releases/download/redis/17.3.8/redis-17.3.8.tgz + <<: *default_release + + - name: redis-2 + namespace: default + chart: https://github.com/wbstack/bitnami-legacy/releases/download/redis/19.6.4/redis-19.6.4.tgz + <<: *default_release + + ################################ + # LOCAL ONLY + ################################ + + - name: adminer-cetic + namespace: default + installed: {{ eq .Environment.Name "local" | toYaml }} + chart: cetic/adminer + version: v0.2.1 + values: + - env/local/adminer-cetic.values.yaml.gotmpl + + - name: mailhog + installed: {{ eq .Environment.Name "local" | toYaml }} + namespace: default + chart: codecentric/mailhog + version: 5.0.1 + values: + - env/local/mailhog.values.yaml.gotmpl + + - name: minio + installed: {{ eq .Environment.Name "local" | toYaml }} + namespace: default + chart: minio/minio + version: 5.0.13 + values: + - env/local/minio.values.yaml.gotmpl diff --git a/testdata/easy.yaml b/testdata/easy.yaml new file mode 100644 index 0000000..658e7b9 --- /dev/null +++ b/testdata/easy.yaml @@ -0,0 +1,12 @@ +repositories: + - name: wbstack + url: https://wbstack.github.io/charts +releases: + - name: clusterissuers + namespace: cert-manager + chart: wbstack/wikibase-cloud-clusterissuers + version: 0.3.1 + values: + - environment: Something + - email: somewhere@example.com + - gceProject: someProject \ No newline at end of file diff --git a/testdata/env/production/base.yaml b/testdata/env/production/base.yaml new file mode 100644 index 0000000..c874136 --- /dev/null +++ b/testdata/env/production/base.yaml @@ -0,0 +1,7 @@ +ip: 34.141.76.221 +ingressHost: "*.wikibase.cloud" +tls: true +forceSSL: true +wbstack: + subdomainSuffix: '.wikibase.cloud' + uiurl: https://wikibase.cloud diff --git a/testdata/env/production/private.yaml b/testdata/env/production/private.yaml new file mode 100644 index 0000000..6b46cb0 --- /dev/null +++ b/testdata/env/production/private.yaml @@ -0,0 +1,43 @@ +gceProject: wikibase-cloud +gceServiceAccountSecret: secret-wikibase-production-api + +uiHostName: www.wikibase.cloud +tlsSecret: wikibase-production-tls +ingressNameSuffix: wikibase-production + +services: + app: + url: https://www.wikibase.cloud + apiUrl: https://api.wikibase.cloud + mailer: smtp + ingressHosts: + - host: api.wikibase.cloud + paths: + - /()(.*) + - host: www.wikibase.cloud + paths: + - /api(/|$)(.*) + sql: + storageClass: premium-rwo + storageSize: 480Gi + api: + db: apidb + user: apiuser + redis: + readHost: redis-headless.default.svc.cluster.local + writeHost: redis-master.default.svc.cluster.local + port: 6379 + # TODO move these databases out of private + databases: + apiDb: 2 + apiCacheDb: 3 + toolQuickstatements: 10 + toolWidar: 11 + +external: + letsencrypt: + email: thomas.arrow@wikimedia.de + recaptcha2: + secretName: recaptcha-v2-secrets + recaptcha3: + secretName: recaptcha-v3-secrets