devops folders consolidate

2026-01-25 23:27:41 +02:00
parent 6e687b523a
commit a743bb9a1d
613 changed files with 8611 additions and 41846 deletions
--- a/devops/helm/stellaops/values-prod.yaml
+++ b/devops/helm/stellaops/values-prod.yaml
@@ -75,9 +75,8 @@ configMaps:
    data:
      notify.yaml: |
        storage:
-          driver: mongo
-          connectionString: "mongodb://stellaops-mongo:27017"
-          database: "stellaops_notify_prod"
+          driver: postgres
+          connectionString: "Host=stellaops-postgres;Port=5432;Database=notify;Username=stellaops;Password=stellaops"
          commandTimeoutSeconds: 45

        authority:
@@ -124,6 +123,9 @@ services:
      port: 8440
    env:
      STELLAOPS_AUTHORITY__ISSUER: "https://authority.prod.stella-ops.org"
+      STELLAOPS_AUTHORITY__STORAGE__DRIVER: "postgres"
+      STELLAOPS_AUTHORITY__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=authority;Username=stellaops;Password=stellaops"
+      STELLAOPS_AUTHORITY__CACHE__REDIS__CONNECTIONSTRING: "stellaops-valkey:6379"
      STELLAOPS_AUTHORITY__PLUGINDIRECTORIES__0: "/app/plugins"
      STELLAOPS_AUTHORITY__PLUGINS__CONFIGURATIONDIRECTORY: "/app/etc/authority.plugins"
    envFrom:
@@ -136,6 +138,9 @@ services:
    env:
      SIGNER__AUTHORITY__BASEURL: "https://stellaops-authority:8440"
      SIGNER__POE__INTROSPECTURL: "https://licensing.prod.stella-ops.org/introspect"
+      SIGNER__STORAGE__DRIVER: "postgres"
+      SIGNER__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=signer;Username=stellaops;Password=stellaops"
+      SIGNER__CACHE__REDIS__CONNECTIONSTRING: "stellaops-valkey:6379"
    envFrom:
      - secretRef:
          name: stellaops-prod-core
@@ -145,6 +150,9 @@ services:
      port: 8442
    env:
      ATTESTOR__SIGNER__BASEURL: "https://stellaops-signer:8441"
+      ATTESTOR__STORAGE__DRIVER: "postgres"
+      ATTESTOR__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=attestor;Username=stellaops;Password=stellaops"
+      ATTESTOR__CACHE__REDIS__CONNECTIONSTRING: "stellaops-valkey:6379"
    envFrom:
      - secretRef:
          name: stellaops-prod-core
@@ -153,7 +161,10 @@ services:
    service:
      port: 8445
    env:
-      CONCELIER__STORAGE__S3__ENDPOINT: "http://stellaops-minio:9000"
+      CONCELIER__STORAGE__DRIVER: "postgres"
+      CONCELIER__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=concelier;Username=stellaops;Password=stellaops"
+      CONCELIER__STORAGE__S3__ENDPOINT: "http://stellaops-rustfs:8080"
+      CONCELIER__CACHE__REDIS__CONNECTIONSTRING: "stellaops-valkey:6379"
      CONCELIER__AUTHORITY__BASEURL: "https://stellaops-authority:8440"
    envFrom:
      - secretRef:
@@ -169,15 +180,17 @@ services:
    service:
      port: 8444
    env:
+      SCANNER__STORAGE__DRIVER: "postgres"
+      SCANNER__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=scanner;Username=stellaops;Password=stellaops"
+      SCANNER__CACHE__REDIS__CONNECTIONSTRING: "stellaops-valkey:6379"
      SCANNER__ARTIFACTSTORE__DRIVER: "rustfs"
      SCANNER__ARTIFACTSTORE__ENDPOINT: "http://stellaops-rustfs:8080/api/v1"
      SCANNER__ARTIFACTSTORE__BUCKET: "scanner-artifacts"
      SCANNER__ARTIFACTSTORE__TIMEOUTSECONDS: "30"
-      SCANNER__QUEUE__BROKER: "nats://stellaops-nats:4222"
+      SCANNER__QUEUE__BROKER: "valkey://stellaops-valkey:6379"
      SCANNER__EVENTS__ENABLED: "true"
-      # Valkey (Redis-compatible) cache driver; keep "redis" for protocol compatibility.
-      SCANNER__EVENTS__DRIVER: "redis"
-      SCANNER__EVENTS__DSN: ""
+      SCANNER__EVENTS__DRIVER: "valkey"
+      SCANNER__EVENTS__DSN: "stellaops-valkey:6379"
      SCANNER__EVENTS__STREAM: "stella.events"
      SCANNER__EVENTS__PUBLISHTIMEOUTSECONDS: "5"
      SCANNER__EVENTS__MAXSTREAMLENGTH: "10000"
@@ -197,15 +210,17 @@ services:
    image: registry.stella-ops.org/stellaops/scanner-worker@sha256:32e25e76386eb9ea8bee0a1ad546775db9a2df989fab61ac877e351881960dab
    replicas: 3
    env:
+      SCANNER__STORAGE__DRIVER: "postgres"
+      SCANNER__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=scanner;Username=stellaops;Password=stellaops"
+      SCANNER__CACHE__REDIS__CONNECTIONSTRING: "stellaops-valkey:6379"
      SCANNER__ARTIFACTSTORE__DRIVER: "rustfs"
      SCANNER__ARTIFACTSTORE__ENDPOINT: "http://stellaops-rustfs:8080/api/v1"
      SCANNER__ARTIFACTSTORE__BUCKET: "scanner-artifacts"
      SCANNER__ARTIFACTSTORE__TIMEOUTSECONDS: "30"
-      SCANNER__QUEUE__BROKER: "nats://stellaops-nats:4222"
+      SCANNER__QUEUE__BROKER: "valkey://stellaops-valkey:6379"
      SCANNER__EVENTS__ENABLED: "true"
-      # Valkey (Redis-compatible) cache driver; keep "redis" for protocol compatibility.
-      SCANNER__EVENTS__DRIVER: "redis"
-      SCANNER__EVENTS__DSN: ""
+      SCANNER__EVENTS__DRIVER: "valkey"
+      SCANNER__EVENTS__DSN: "stellaops-valkey:6379"
      SCANNER__EVENTS__STREAM: "stella.events"
      SCANNER__EVENTS__PUBLISHTIMEOUTSECONDS: "5"
      SCANNER__EVENTS__MAXSTREAMLENGTH: "10000"
@@ -222,6 +237,8 @@ services:
      port: 8446
    env:
      DOTNET_ENVIRONMENT: Production
+      NOTIFY__QUEUE__DRIVER: "valkey"
+      NOTIFY__QUEUE__VALKEY__URL: "stellaops-valkey:6379"
    envFrom:
      - secretRef:
          name: stellaops-prod-notify
@@ -234,6 +251,8 @@ services:
    image: registry.stella-ops.org/stellaops/excititor@sha256:59022e2016aebcef5c856d163ae705755d3f81949d41195256e935ef40a627fa
    env:
      EXCITITOR__CONCELIER__BASEURL: "https://stellaops-concelier:8445"
+      EXCITITOR__STORAGE__DRIVER: "postgres"
+      EXCITITOR__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=stellaops-postgres;Port=5432;Database=excititor;Username=stellaops;Password=stellaops"
    envFrom:
      - secretRef:
          name: stellaops-prod-core
@@ -283,42 +302,37 @@ services:
      port: 8443
    env:
      STELLAOPS_UI__BACKEND__BASEURL: "https://stellaops-scanner-web:8444"
-  mongo:
+  # Infrastructure services
+  postgres:
    class: infrastructure
-    image: docker.io/library/mongo@sha256:c258b26dbb7774f97f52aff52231ca5f228273a84329c5f5e451c3739457db49
+    image: docker.io/library/postgres@sha256:8e97b8526ed19304b144f7478bc9201646acf0723cdc6e4b19bc9eb34879a27e
    service:
-      port: 27017
-    command:
-      - mongod
-      - --bind_ip_all
-    envFrom:
-      - secretRef:
-          name: stellaops-prod-mongo
+      port: 5432
+    env:
+      POSTGRES_USER: stellaops
+      POSTGRES_PASSWORD: stellaops
+      POSTGRES_DB: stellaops
    volumeMounts:
-      - name: mongo-data
-        mountPath: /data/db
+      - name: postgres-data
+        mountPath: /var/lib/postgresql/data
    volumeClaims:
-      - name: mongo-data
-        claimName: stellaops-mongo-data
-  minio:
+      - name: postgres-data
+        claimName: stellaops-postgres-data
+  valkey:
    class: infrastructure
-    image: docker.io/minio/minio@sha256:14cea493d9a34af32f524e538b8346cf79f3321eff8e708c1e2960462bd8936e
+    image: docker.io/valkey/valkey:9.0.1-alpine
    service:
-      port: 9000
+      port: 6379
    command:
-      - server
-      - /data
-      - --console-address
-      - :9001
-    envFrom:
-      - secretRef:
-          name: stellaops-prod-minio
+      - valkey-server
+      - --appendonly
+      - "yes"
    volumeMounts:
-      - name: minio-data
+      - name: valkey-data
        mountPath: /data
    volumeClaims:
-      - name: minio-data
-        claimName: stellaops-minio-data
+      - name: valkey-data
+        claimName: stellaops-valkey-data
  rustfs:
    class: infrastructure
    image: registry.stella-ops.org/stellaops/rustfs:2025.09.2