devops folders consolidate

2026-01-25 23:27:41 +02:00
parent 6e687b523a
commit a743bb9a1d
613 changed files with 8611 additions and 41846 deletions
--- a/devops/helm/stellaops/values-airgap.yaml
+++ b/devops/helm/stellaops/values-airgap.yaml
@@ -53,9 +53,8 @@ configMaps:
    data:
      notify.yaml: |
        storage:
-          driver: mongo
-          connectionString: "mongodb://notify-mongo.prod.svc.cluster.local:27017"
-          database: "stellaops_notify"
+          driver: postgres
+          connectionString: "Host=stellaops-postgres;Port=5432;Database=notify;Username=stellaops;Password=stellaops"
          commandTimeoutSeconds: 60

        authority:
@@ -104,7 +103,9 @@ services:
      port: 8440
    env:
      STELLAOPS_AUTHORITY__ISSUER: "https://stellaops-authority:8440"
-      STELLAOPS_AUTHORITY__MONGO__CONNECTIONSTRING: "mongodb://stellaops-airgap:stellaops-airgap@stellaops-mongo:27017"
+      STELLAOPS_AUTHORITY__STORAGE__DRIVER: "postgres"
+      STELLAOPS_AUTHORITY__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=authority;Username=stellaops;Password=stellaops"
+      STELLAOPS_AUTHORITY__CACHE__REDIS__CONNECTIONSTRING: "stellaops-valkey:6379"
      STELLAOPS_AUTHORITY__ALLOWANONYMOUSFALLBACK: "false"
  signer:
    image: registry.stella-ops.org/stellaops/signer@sha256:ddbbd664a42846cea6b40fca6465bc679b30f72851158f300d01a8571c5478fc
@@ -113,23 +114,27 @@ services:
    env:
      SIGNER__AUTHORITY__BASEURL: "https://stellaops-authority:8440"
      SIGNER__POE__INTROSPECTURL: "file:///offline/poe/introspect.json"
-      SIGNER__STORAGE__MONGO__CONNECTIONSTRING: "mongodb://stellaops-airgap:stellaops-airgap@stellaops-mongo:27017"
+      SIGNER__STORAGE__DRIVER: "postgres"
+      SIGNER__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=signer;Username=stellaops;Password=stellaops"
+      SIGNER__CACHE__REDIS__CONNECTIONSTRING: "stellaops-valkey:6379"
  attestor:
    image: registry.stella-ops.org/stellaops/attestor@sha256:1ff0a3124d66d3a2702d8e421df40fbd98cc75cb605d95510598ebbae1433c50
    service:
      port: 8442
    env:
      ATTESTOR__SIGNER__BASEURL: "https://stellaops-signer:8441"
-      ATTESTOR__MONGO__CONNECTIONSTRING: "mongodb://stellaops-airgap:stellaops-airgap@stellaops-mongo:27017"
+      ATTESTOR__STORAGE__DRIVER: "postgres"
+      ATTESTOR__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=attestor;Username=stellaops;Password=stellaops"
+      ATTESTOR__CACHE__REDIS__CONNECTIONSTRING: "stellaops-valkey:6379"
  concelier:
    image: registry.stella-ops.org/stellaops/concelier@sha256:29e2e1a0972707e092cbd3d370701341f9fec2aa9316fb5d8100480f2a1c76b5
    service:
      port: 8445
    env:
-      CONCELIER__STORAGE__MONGO__CONNECTIONSTRING: "mongodb://stellaops-airgap:stellaops-airgap@stellaops-mongo:27017"
-      CONCELIER__STORAGE__S3__ENDPOINT: "http://stellaops-minio:9000"
-      CONCELIER__STORAGE__S3__ACCESSKEYID: "stellaops-airgap"
-      CONCELIER__STORAGE__S3__SECRETACCESSKEY: "airgap-minio-secret"
+      CONCELIER__STORAGE__DRIVER: "postgres"
+      CONCELIER__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=concelier;Username=stellaops;Password=stellaops"
+      CONCELIER__STORAGE__S3__ENDPOINT: "http://stellaops-rustfs:8080"
+      CONCELIER__CACHE__REDIS__CONNECTIONSTRING: "stellaops-valkey:6379"
      CONCELIER__AUTHORITY__BASEURL: "https://stellaops-authority:8440"
      CONCELIER__AUTHORITY__RESILIENCE__ALLOWOFFLINECACHEFALLBACK: "true"
      CONCELIER__AUTHORITY__RESILIENCE__OFFLINECACHETOLERANCE: "00:45:00"
@@ -144,16 +149,17 @@ services:
    service:
      port: 8444
    env:
-      SCANNER__STORAGE__MONGO__CONNECTIONSTRING: "mongodb://stellaops-airgap:stellaops-airgap@stellaops-mongo:27017"
+      SCANNER__STORAGE__DRIVER: "postgres"
+      SCANNER__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=scanner;Username=stellaops;Password=stellaops"
+      SCANNER__CACHE__REDIS__CONNECTIONSTRING: "stellaops-valkey:6379"
      SCANNER__ARTIFACTSTORE__DRIVER: "rustfs"
      SCANNER__ARTIFACTSTORE__ENDPOINT: "http://stellaops-rustfs:8080/api/v1"
      SCANNER__ARTIFACTSTORE__BUCKET: "scanner-artifacts"
      SCANNER__ARTIFACTSTORE__TIMEOUTSECONDS: "30"
-      SCANNER__QUEUE__BROKER: "nats://stellaops-nats:4222"
+      SCANNER__QUEUE__BROKER: "valkey://stellaops-valkey:6379"
      SCANNER__EVENTS__ENABLED: "false"
-      # Valkey (Redis-compatible) cache driver; keep "redis" for protocol compatibility.
-      SCANNER__EVENTS__DRIVER: "redis"
-      SCANNER__EVENTS__DSN: ""
+      SCANNER__EVENTS__DRIVER: "valkey"
+      SCANNER__EVENTS__DSN: "stellaops-valkey:6379"
      SCANNER__EVENTS__STREAM: "stella.events"
      SCANNER__EVENTS__PUBLISHTIMEOUTSECONDS: "5"
      SCANNER__EVENTS__MAXSTREAMLENGTH: "10000"
@@ -169,16 +175,17 @@ services:
  scanner-worker:
    image: registry.stella-ops.org/stellaops/scanner-worker@sha256:eea5d6cfe7835950c5ec7a735a651f2f0d727d3e470cf9027a4a402ea89c4fb5
    env:
-      SCANNER__STORAGE__MONGO__CONNECTIONSTRING: "mongodb://stellaops-airgap:stellaops-airgap@stellaops-mongo:27017"
+      SCANNER__STORAGE__DRIVER: "postgres"
+      SCANNER__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=scanner;Username=stellaops;Password=stellaops"
+      SCANNER__CACHE__REDIS__CONNECTIONSTRING: "stellaops-valkey:6379"
      SCANNER__ARTIFACTSTORE__DRIVER: "rustfs"
      SCANNER__ARTIFACTSTORE__ENDPOINT: "http://stellaops-rustfs:8080/api/v1"
      SCANNER__ARTIFACTSTORE__BUCKET: "scanner-artifacts"
      SCANNER__ARTIFACTSTORE__TIMEOUTSECONDS: "30"
-      SCANNER__QUEUE__BROKER: "nats://stellaops-nats:4222"
+      SCANNER__QUEUE__BROKER: "valkey://stellaops-valkey:6379"
      SCANNER__EVENTS__ENABLED: "false"
-      # Valkey (Redis-compatible) cache driver; keep "redis" for protocol compatibility.
-      SCANNER__EVENTS__DRIVER: "redis"
-      SCANNER__EVENTS__DSN: ""
+      SCANNER__EVENTS__DRIVER: "valkey"
+      SCANNER__EVENTS__DSN: "stellaops-valkey:6379"
      SCANNER__EVENTS__STREAM: "stella.events"
      SCANNER__EVENTS__PUBLISHTIMEOUTSECONDS: "5"
      SCANNER__EVENTS__MAXSTREAMLENGTH: "10000"
@@ -203,6 +210,8 @@ services:
      port: 8446
    env:
      DOTNET_ENVIRONMENT: Production
+      NOTIFY__QUEUE__DRIVER: "valkey"
+      NOTIFY__QUEUE__VALKEY__URL: "stellaops-valkey:6379"
    configMounts:
      - name: notify-config
        mountPath: /app/etc/notify.yaml
@@ -212,7 +221,8 @@ services:
    image: registry.stella-ops.org/stellaops/excititor@sha256:65c0ee13f773efe920d7181512349a09d363ab3f3e177d276136bd2742325a68
    env:
      EXCITITOR__CONCELIER__BASEURL: "https://stellaops-concelier:8445"
-      EXCITITOR__STORAGE__MONGO__CONNECTIONSTRING: "mongodb://stellaops-airgap:stellaops-airgap@stellaops-mongo:27017"
+      EXCITITOR__STORAGE__DRIVER: "postgres"
+      EXCITITOR__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=excititor;Username=stellaops;Password=stellaops"
  advisory-ai-web:
    image: registry.stella-ops.org/stellaops/advisory-ai-web:2025.09.2-airgap
    service:
@@ -254,42 +264,38 @@ services:
      targetPort: 8443
    env:
      STELLAOPS_UI__BACKEND__BASEURL: "https://stellaops-scanner-web:8444"
-  mongo:
+
+  # Infrastructure services
+  postgres:
    class: infrastructure
-    image: docker.io/library/mongo@sha256:c258b26dbb7774f97f52aff52231ca5f228273a84329c5f5e451c3739457db49
+    image: docker.io/library/postgres@sha256:8e97b8526ed19304b144f7478bc9201646acf0723cdc6e4b19bc9eb34879a27e
    service:
-      port: 27017
-    command:
-      - mongod
-      - --bind_ip_all
+      port: 5432
    env:
-      MONGO_INITDB_ROOT_USERNAME: stellaops-airgap
-      MONGO_INITDB_ROOT_PASSWORD: stellaops-airgap
+      POSTGRES_USER: stellaops
+      POSTGRES_PASSWORD: stellaops
+      POSTGRES_DB: stellaops
    volumeMounts:
-      - name: mongo-data
-        mountPath: /data/db
+      - name: postgres-data
+        mountPath: /var/lib/postgresql/data
    volumeClaims:
-      - name: mongo-data
-        claimName: stellaops-mongo-data
-  minio:
+      - name: postgres-data
+        claimName: stellaops-postgres-data
+  valkey:
    class: infrastructure
-    image: docker.io/minio/minio@sha256:14cea493d9a34af32f524e538b8346cf79f3321eff8e708c1e2960462bd8936e
+    image: docker.io/valkey/valkey:9.0.1-alpine
    service:
-      port: 9000
+      port: 6379
    command:
-      - server
-      - /data
-      - --console-address
-      - :9001
-    env:
-      MINIO_ROOT_USER: stellaops-airgap
-      MINIO_ROOT_PASSWORD: airgap-minio-secret
+      - valkey-server
+      - --appendonly
+      - "yes"
    volumeMounts:
-      - name: minio-data
+      - name: valkey-data
        mountPath: /data
    volumeClaims:
-      - name: minio-data
-        claimName: stellaops-minio-data
+      - name: valkey-data
+        claimName: stellaops-valkey-data
  rustfs:
    class: infrastructure
    image: registry.stella-ops.org/stellaops/rustfs:2025.09.2
@@ -310,19 +316,3 @@ services:
    volumeClaims:
      - name: rustfs-data
        claimName: stellaops-rustfs-data
-  nats:
-    class: infrastructure
-    image: docker.io/library/nats@sha256:c82559e4476289481a8a5196e675ebfe67eea81d95e5161e3e78eccfe766608e
-    service:
-      port: 4222
-    command:
-      - -js
-      - -sd
-      - /data
-    volumeMounts:
-      - name: nats-data
-        mountPath: /data
-    volumeClaims:
-      - name: nats-data
-        claimName: stellaops-nats-data
-