odoo-tower/admin-platform-v3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
971fd12fae10bffc66d1ec714e99256fa3e3e10c
admin-platform-v3/values.yaml
Claude 971fd12fae tower 0.61.16 / tower-ui 0.61.16 — review fixes 
Two bugs the calm re-review surfaced:

1. substrateGateRejection used ListApplications (instance-only
   selector) — same bug we fixed in handleListServers but missed in
   the gate function. Result: the BACKEND gate was a pass-through
   for every preparing server. Frontend disable held the line in
   normal use, but the non-bypassable layer wasn't actually
   non-bypassable. Now uses ListClusterPlatformApps.

2. PlatformAppBadge had its own Argo→state mapping that classified
   Health=Degraded as 'Failed' immediately. Backend's
   deriveSubstrateStatus is forgiving within the budget (Degraded
   inside 10-min window reads as preparing). The two parallel
   logics meant the badge could show red 'Failed' while the gate
   considered it 'preparing'. Refactored badge to consume the
   backend's substrateStatus enum directly — single source of
   truth, no more disagreement.
2026-04-30 15:06:50 +03:00

72 lines
2.0 KiB
YAML
Raw Blame History

# admin-platform-v3 — Tower platform default values.
backend:
enabled: true
image:
# Tower images live alongside the Docker Hub mirror on
# gitlab.odoosky.cloud — separate path, same registry. Pulled with
# the docker-mirror-pull deploy token (read-only registry scope),
# so every cluster that runs Tower needs the same imagePullSecret
# provisioned out-of-band (until cluster-platform-v3 owns it).
repository: registry.odoosky.cloud/odoosky/docker-mirror/tower
tag: "0.61.16"
pullPolicy: IfNotPresent
imagePullSecrets:
- name: docker-mirror-pull
replicas: 1
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: "1"
memory: 256Mi
persistence:
enabled: true
size: 1Gi
frontend:
enabled: true
image:
repository: registry.odoosky.cloud/odoosky/docker-mirror/tower-ui
tag: "0.61.16"
pullPolicy: IfNotPresent
imagePullSecrets:
- name: docker-mirror-pull
replicas: 1
resources:
requests:
cpu: 10m
memory: 16Mi
limits:
cpu: 250m
memory: 64Mi
# Tower needs to talk to:
# - Gitea (create tenant repos, commit values.yaml)
# - ArgoCD (apply Application manifests)
#
# The credentials live in a K8s Secret in the same namespace, populated
# from the ExistingSecret pattern (so they aren't checked into Git).
# In Step 5+ we replace this with External Secrets sourcing from
# OpenBao at vault.odoosky.org.
config:
giteaURL: https://git.odoosky.org
giteaOrg: odoo-tower
chartRepo: instance-template-v3
argoCDURL: https://argocd.odoosky.org
argoCDUsername: admin
argoCDDestination: https://kubernetes.default.svc
argoCDProject: default
argoCDNamespace: argocd
tenantNamespace: tenants
# The Secret name (in the same namespace as Tower) that holds
# GITEA_TOKEN and ARGOCD_PASSWORD keys. Created out-of-band before
# this chart is applied.
existingSecret: tower-credentials
ingress:
domain: tower.odoosky.org
certIssuer: letsencrypt-prod
entryPoint: websecure
Reference in New Issue View Git Blame Copy Permalink