fix(observability): Changed auth route target to new name

Moved vector from core stack to observability-client
Added victoriametrics-k8s-stack to observability-client for easy vmagent
and scraping config

template/stacks/core/argocd.yaml

@@ -30,6 +30,3 @@ spec:
     - repoURL: https://{{{ .Env.CLIENT_REPO_DOMAIN }}}/{{{ .Env.CLIENT_REPO_ORG_NAME }}}
       targetRevision: HEAD
       ref: values
-    - repoURL: https://{{{ .Env.CLIENT_REPO_DOMAIN }}}/{{{ .Env.CLIENT_REPO_ORG_NAME }}}
-      targetRevision: HEAD
-      path: "{{{ .Env.CLIENT_REPO_ID }}}/{{{ .Env.DOMAIN }}}/stacks/core/argocd/manifests"

template/stacks/core/forgejo-runner.yaml

@@ -21,4 +21,4 @@ spec:
   source:
     repoURL: https://{{{ .Env.CLIENT_REPO_DOMAIN }}}/{{{ .Env.CLIENT_REPO_ORG_NAME }}}
     targetRevision: HEAD
-    path: "{{{ .Env.CLIENT_REPO_ID }}}/{{{ .Env.DOMAIN }}}/stacks/forgejo/forgejo-runner"
+    path: "{{{ .Env.CLIENT_REPO_ID }}}/{{{ .Env.DOMAIN }}}/stacks/core/forgejo-runner"

template/stacks/core/forgejo.yaml

@@ -0,0 +1,29 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: forgejo
+  namespace: argocd
+  labels:
+    env: dev
+spec:
+  project: default
+  syncPolicy:
+    automated:
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+    retry:
+      limit: -1
+  destination:
+    name: in-cluster
+    namespace: gitea
+  sources:
+    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/forgejo-helm.git
+      path: .
+      targetRevision: v12.0.0-depends
+      helm:
+        valueFiles:
+          - $values/{{{ .Env.CLIENT_REPO_ID }}}/{{{ .Env.DOMAIN }}}/stacks/core/forgejo/values.yaml
+    - repoURL: https://{{{ .Env.CLIENT_REPO_DOMAIN }}}/{{{ .Env.CLIENT_REPO_ORG_NAME }}}
+      targetRevision: HEAD
+      ref: values

template/stacks/core/forgejo/values.yaml

@@ -17,22 +17,6 @@ persistence:
 test:
   enabled: false
 
-deployment:
-  env:
-    - name: SSL_CERT_FILE
-      value: /etc/elasticsearch/elasticsearch.cer
-
-extraVolumeMounts:
-  - mountPath: /etc/elasticsearch
-    name: elasticsearch-cert-volume
-    readOnly: true
-
-extraVolumes:
-  - name: elasticsearch-cert-volume
-    configMap:
-      defaultMode: 420
-      name: elasticsearch-cert
-
 gitea:
   additionalConfigFromEnvs:
     - name: FORGEJO__storage__MINIO_ACCESS_KEY_ID
@@ -69,39 +53,27 @@ gitea:
       valueFrom:
         secretKeyRef:
           name: postgres-forgejo-cloud-credentials
-          key: database
+          key: name
     - name: FORGEJO__database__USER
       valueFrom:
         secretKeyRef:
           name: postgres-forgejo-cloud-credentials
-          key: username
+          key: user
     - name: FORGEJO__database__PASSWD
       valueFrom:
         secretKeyRef:
           name: postgres-forgejo-cloud-credentials
           key: password
-    - name: FORGEJO__indexer__ISSUE_INDEXER_CONN_STR
-      valueFrom:
-        secretKeyRef:
-          name: elasticsearch-cloud-credentials
-          key: connection-string
 
   admin:
     existingSecret: gitea-credential
 
   config:
-    indexer:
-      ISSUE_INDEXER_ENABLED: true
-      ISSUE_INDEXER_TYPE: elasticsearch
-      # TODO next
-      REPO_INDEXER_ENABLED: false
-      # REPO_INDEXER_TYPE: meilisearch # not yet working
-
     storage:
       MINIO_ENDPOINT: obs.eu-de.otc.t-systems.com:443
       STORAGE_TYPE: minio
       MINIO_LOCATION: eu-de
-      MINIO_BUCKET: edp-forgejo-{{{ .Env.CLUSTER_ENVIRONMENT }}}
+      MINIO_BUCKET: edp-forgejo-central-forgejo
       MINIO_USE_SSL: true
 
     queue:
@@ -160,4 +132,4 @@ forgejo:
           - docker:docker://node:16-bullseye
           - self-hosted:docker://ghcr.io/catthehacker/ubuntu:act-22.04
           - ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04
-          - ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-22.04
+          - ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-22.04

template/stacks/core/ingress-apps.yaml

@@ -1,24 +1,24 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
-  name: forgejo
+  name: ingress-apps
   namespace: argocd
   labels:
-    env: dev
+    example: ref-implementation
   finalizers:
     - resources-finalizer.argocd.argoproj.io
 spec:
   destination:
-    name: in-cluster
-    namespace: argocd
+    server: "https://kubernetes.default.svc"
   source:
-    path: "{{{ .Env.CLIENT_REPO_ID }}}/{{{ .Env.DOMAIN }}}/stacks/forgejo"
-    repoURL: "https://{{{ .Env.CLIENT_REPO_DOMAIN }}}/{{{ .Env.CLIENT_REPO_ORG_NAME }}}"
+    repoURL: https://{{{ .Env.CLIENT_REPO_DOMAIN }}}/{{{ .Env.CLIENT_REPO_ORG_NAME }}}
     targetRevision: HEAD
+    path: "{{{ .Env.CLIENT_REPO_ID }}}/{{{ .Env.DOMAIN }}}/stacks/core/ingress-apps"
   project: default
   syncPolicy:
     automated:
-      prune: true
       selfHeal: true
     syncOptions:
       - CreateNamespace=true
+    retry:
+      limit: -1

template/stacks/core/ingress-apps/forgejo.yaml

@@ -10,7 +10,7 @@ metadata:
     dns.gardener.cloud/dnsnames: {{{ .Env.DOMAIN_GITEA }}}
     dns.gardener.cloud/ttl: "600"
 {{{ end }}}
-  name: forgejo-server
+  name: forgejo
   namespace: gitea
 spec:
   ingressClassName: nginx
@@ -20,7 +20,7 @@ spec:
       paths:
       - backend:
           service:
-            name: forgejo-server-http
+            name: forgejo-http
             port:
               number: 3000
         path: /

template/stacks/forgejo/forgejo-server.yaml

@@ -1,38 +0,0 @@
-apiVersion: argoproj.io/v1alpha1
-kind: Application
-metadata:
-  name: forgejo-server
-  namespace: argocd
-  labels:
-    env: dev
-spec:
-  project: default
-  syncPolicy:
-    automated:
-      selfHeal: true
-    syncOptions:
-      - CreateNamespace=true
-    retry:
-      limit: -1
-  destination:
-    name: in-cluster
-    namespace: gitea
-  sources:
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/forgejo-helm.git
-      path: .
-      # first check out the desired version (example v9.0.0): https://code.forgejo.org/forgejo-helm/forgejo-helm/src/tag/v9.0.0/Chart.yaml
-      # (note that the chart version is not the same as the forgejo application version, which is specified in the above Chart.yaml file)
-      # then use the devops pipeline and select development, forgejo and the desired version (example v9.0.0):
-      # https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/devops-pipelines/actions?workflow=update-helm-depends.yaml&actor=0&status=0
-      # finally update the desired version here and include "-depends", it is created by the devops pipeline. 
-      # why do we have an added "-depends" tag? it resolves rate limitings when downloading helm OCI dependencies
-      targetRevision: v9.0.0-depends
-      helm:
-        valueFiles:
-          - $values/{{{ .Env.CLIENT_REPO_ID }}}/{{{ .Env.DOMAIN }}}/stacks/forgejo/forgejo-server/values.yaml
-    - repoURL: https://{{{ .Env.CLIENT_REPO_DOMAIN }}}/{{{ .Env.CLIENT_REPO_ORG_NAME }}}
-      targetRevision: HEAD
-      ref: values
-    - repoURL: https://{{{ .Env.CLIENT_REPO_DOMAIN }}}/{{{ .Env.CLIENT_REPO_ORG_NAME }}}
-      targetRevision: HEAD
-      path: "{{{ .Env.CLIENT_REPO_ID }}}/{{{ .Env.DOMAIN }}}/stacks/forgejo/forgejo-server/manifests"