Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 8 additions & 14 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ SERVER_PORT ?= 8080
# Default database backend for dev environment (postgres|oracle)
DB ?= postgres

# Default kube cluster target for dev environment (kind|k3s)
CLUSTER ?= kind
# Default kube cluster target for dev environment (docker-desktop|k3s|kind)
CLUSTER ?= docker-desktop

# ============================================================================
# ATOMIC COMPONENTS - Infrastructure Management
Expand Down Expand Up @@ -224,7 +224,7 @@ clean-everything:
# COMPOSITE TARGETS - Main User-Facing Commands
# ============================================================================

.PHONY: test-unit test-integration test-integration-pg test-integration-oci test-api test-api-collection test-api-list start-dev start-dev-oci restart-dev stop-dev tilt-up tilt-down test-coverage test-manual-google-workspace test-corpus-ooxml test-dev-scripts dev-up dev-down dev-restart dev-reset dev-nuke dev-status dev-logs dev-deploy dev-cluster-up dev-cluster-down dev-db-up dev-db-down
.PHONY: test-unit test-integration test-integration-pg test-integration-oci test-api test-api-collection test-api-list start-dev start-dev-oci restart-dev stop-dev tilt-up tilt-down test-coverage test-manual-google-workspace test-corpus-ooxml test-dev-scripts dev-up dev-down dev-restart dev-reset dev-nuke dev-status dev-logs dev-deploy dev-cluster-up dev-cluster-down

# Dev-environment Python helpers unit tests
test-dev-scripts: ## Run unit tests for the dev-environment Python helpers
Expand Down Expand Up @@ -320,10 +320,10 @@ tilt-down: ## Stop Tilt and restore the prod-shaped server
@echo "prod-shaped server restored"

# ============================================================================
# DEV ENVIRONMENT — single orchestrator (scripts/devenv.py). DB=postgres|oracle CLUSTER=kind|k3s
# DEV ENVIRONMENT — single orchestrator (scripts/devenv.py). DB=postgres|oracle CLUSTER=docker-desktop|k3s
# ============================================================================

dev-up: ## Bring up the full dev environment (cluster + db + deploy). DB=postgres|oracle CLUSTER=kind|k3s
dev-up: ## Bring up the full dev environment (cluster + deploy). DB=postgres|oracle CLUSTER=docker-desktop|k3s
@uv run scripts/devenv.py --db $(DB) --cluster $(CLUSTER) up

dev-down: ## Tear down the dev environment; KEEP db data
Expand All @@ -347,18 +347,12 @@ dev-logs: ## Stream the tmi-server pod logs
dev-deploy: ## (Re)apply manifests + rollout without recreating cluster/db
@uv run scripts/devenv.py --db $(DB) --cluster $(CLUSTER) deploy

dev-cluster-up: ## Create the local cluster + registry only (kind); switch context (k3s)
dev-cluster-up: ## Switch to the cluster kube context (docker-desktop or k3s)
@uv run scripts/devenv.py --cluster $(CLUSTER) cluster up

dev-cluster-down: ## Delete the local kind cluster only (no-op for k3s)
dev-cluster-down: ## No-op for docker-desktop and k3s (clusters are not owned)
@uv run scripts/devenv.py --cluster $(CLUSTER) cluster down

dev-db-up: ## Start the postgres dev container only
@uv run scripts/devenv.py db up

dev-db-down: ## Stop the postgres dev container only (keep data)
@uv run scripts/devenv.py db down

# --- deprecated aliases (removable next release) ---
start-dev: ## DEPRECATED alias for dev-up
@echo "note: 'make start-dev' is renamed to 'make dev-up'"; $(MAKE) dev-up DB=$(DB)
Expand Down Expand Up @@ -425,7 +419,7 @@ kill-oauth-stub:
check-oauth-stub:
@uv run scripts/manage-oauth-stub.py status

stop-all: stop-oauth-stub dev-down ## Stop the OAuth stub and tear down the kind dev environment
stop-all: stop-oauth-stub dev-down ## Stop the OAuth stub and tear down the dev environment


# ============================================================================
Expand Down
37 changes: 37 additions & 0 deletions deployments/k8s/dev/docker-desktop-oracle/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# docker-desktop oracle overlay (CLUSTER=docker-desktop DB=oracle). Same as the
# docker-desktop postgres overlay but deploys server-oracle.yml (external Oracle
# ADB via the tmi-oracle-db/tmi-oracle-wallet secrets) with NO in-cluster Postgres.
# Images are imported into the node containerd by bare name; reuses the
# docker-desktop patches (server Deployment is named tmi-server; worker patches
# are identical).
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: tmi-platform
resources:
- ../controller.yml
- ../redis.yml
- ../server-oracle.yml
- ../../platform/components/tmi-extractor.yml
- ../../platform/components/tmi-chunk-embed.yml
images:
- name: localhost:5000/tmi-server-oracle
newName: tmi-server-oracle
- name: localhost:5000/tmi-component-controller
newName: tmi-component-controller
patches:
- path: ../docker-desktop/patches/server-pullpolicy.yaml
target:
kind: Deployment
name: tmi-server
- path: ../docker-desktop/patches/extractor-image.yaml
target:
group: tmi.dev
version: v1alpha1
kind: TMIComponent
name: tmi-extractor
- path: ../docker-desktop/patches/chunkembed-image.yaml
target:
group: tmi.dev
version: v1alpha1
kind: TMIComponent
name: tmi-chunk-embed
91 changes: 91 additions & 0 deletions deployments/k8s/dev/docker-desktop/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
# Docker Desktop Kubernetes Dev Environment

This directory contains the kustomize overlay for running TMI's local dev
environment on **Docker Desktop's built-in Kubernetes cluster**. It is the
default cluster target — `make dev-up` (no `CLUSTER=` override) uses this
overlay.

---

## One-Time Setup

### 1. Enable Kubernetes in Docker Desktop

1. Open Docker Desktop → **Settings** (gear icon) → **Kubernetes**.
2. Check **Enable Kubernetes**.
3. Leave the provisioner set to **kind** (the default). Docker Desktop
provisions the cluster using kind internally; the resulting context is
named `docker-desktop`.
4. Click **Apply & Restart** and wait for the Kubernetes status indicator to
turn green (may take a minute or two).

### 2. Verify the cluster is ready

```bash
kubectl --context docker-desktop get nodes
```

Expected output shows a single node named `desktop-control-plane` in `Ready`
state:

```
NAME STATUS ROLES AGE VERSION
desktop-control-plane Ready control-plane … v1.X.Y
```

If you see a different node name or a non-`Ready` status, go back to Docker
Desktop and confirm Kubernetes is fully started.

---

## How Images Are Loaded

There is **no local registry and no image mirror** in this topology. Images
are imported directly into the cluster node's containerd image store via:

```bash
docker save <image> | docker exec -i <node-container> ctr -n k8s.io images import -
```

The `make dev-up` orchestration (`scripts/devenv.py` + `scripts/lib/cluster.py`)
runs this import automatically after building each image. You do not need to
push to any registry.

---

## Endpoints After `make dev-up`

| Service | Address | How |
|-------------|----------------------|--------------------------------|
| TMI server | `http://localhost:8080` | `kubectl port-forward` managed by devenv |
| Redis | `localhost:6379` | `kubectl port-forward` managed by devenv |

Run `make dev-status` to see live port-forward and pod status.

---

## Teardown

```bash
make dev-down # stop pods + port-forwards; keep DB data
make dev-nuke # destroy everything including DB data
```

---

## Why e2e-platform Tests Stay on Standalone kind

The automated end-to-end platform tests (`e2e-platform/`) are **not** run
against Docker Desktop Kubernetes. They require:

- A **swappable CNI** — specifically Calico — to test and enforce
`NetworkPolicy` rules. Docker Desktop ships with its own fixed CNI that
does not support runtime replacement.
- **Ephemeral clusters** — each test run spins up a fresh kind cluster,
applies Calico, runs the suite, then destroys the cluster. Docker Desktop
does not support programmatic cluster creation and deletion.

For day-to-day feature development the Docker Desktop topology is faster and
requires no extra tooling. For changes that touch networking, policy
enforcement, or multi-cluster behavior, use `CLUSTER=kind` and a standalone
kind installation.
36 changes: 36 additions & 0 deletions deployments/k8s/dev/docker-desktop/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
# docker-desktop (CLUSTER=docker-desktop, the default) dev overlay. Images are
# imported into the node's containerd by bare name (no registry), so the images
# transformer strips the localhost:5000/ prefix and the server's imagePullPolicy
# is forced to IfNotPresent. Postgres (postgres.yml) is applied as a prerequisite
# by deploy.py, not here. Redis stays chainguard (DD kernel is 4KB pages).
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: tmi-platform
resources:
- ../controller.yml
- ../redis.yml
- ../server.yml
- ../../platform/components/tmi-extractor.yml
- ../../platform/components/tmi-chunk-embed.yml
images:
- name: localhost:5000/tmi-server
newName: tmi-server
- name: localhost:5000/tmi-component-controller
newName: tmi-component-controller
patches:
- path: patches/server-pullpolicy.yaml
target:
kind: Deployment
name: tmi-server
- path: patches/extractor-image.yaml
target:
group: tmi.dev
version: v1alpha1
kind: TMIComponent
name: tmi-extractor
- path: patches/chunkembed-image.yaml
target:
group: tmi.dev
version: v1alpha1
kind: TMIComponent
name: tmi-chunk-embed
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
- op: replace
path: /spec/image
value: tmi-chunk-embed:dev
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
- op: replace
path: /spec/image
value: tmi-extractor:dev
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
- op: replace
path: /spec/template/spec/containers/0/imagePullPolicy
value: IfNotPresent
84 changes: 84 additions & 0 deletions deployments/k8s/dev/docker-desktop/postgres.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
# In-cluster single-node Postgres for the Docker Desktop dev target; uses the
# cluster default storageclass (hostpath).
#
# Uses the same vanilla Chainguard image as the kind dev DB (Dockerfile.postgres
# is just `FROM cgr.dev/chainguard/postgres:latest` + PGDATA/locale env, with no
# extensions), so the node pulls it straight from cgr.dev — no build/push to the
# in-cluster registry is needed. Schema is created by the server's GORM
# AutoMigrate at startup (same as kind).
#
# Credentials MUST match database.url in config-development.yml
# (postgres://tmi_dev:dev123@.../tmi_dev). The server reaches this DB via the
# `postgres` Service DNS name; deploy.py rewrites the config URL host to `postgres`
# for CLUSTER=docker-desktop.
apiVersion: v1
kind: Secret
metadata:
name: tmi-postgres
namespace: tmi-platform
type: Opaque
stringData:
POSTGRES_USER: "tmi_dev"
POSTGRES_PASSWORD: "dev123"
POSTGRES_DB: "tmi_dev"
---
apiVersion: v1
kind: Service
metadata:
name: postgres
namespace: tmi-platform
spec:
selector: { app: postgres }
ports:
- port: 5432
targetPort: 5432
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: postgres
namespace: tmi-platform
spec:
serviceName: postgres
replicas: 1
selector:
matchLabels: { app: postgres }
template:
metadata:
labels: { app: postgres }
spec:
containers:
- name: postgres
image: cgr.dev/chainguard/postgres:latest
envFrom:
- secretRef: { name: tmi-postgres }
env:
# Match Dockerfile.postgres so behavior mirrors the kind dev DB.
- { name: PGDATA, value: /var/lib/postgresql/data/pgdata }
- { name: LANG, value: en_US.UTF-8 }
- { name: LC_ALL, value: en_US.UTF-8 }
ports:
- containerPort: 5432
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
readinessProbe:
exec: { command: ["pg_isready", "-U", "tmi_dev", "-d", "tmi_dev"] }
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
livenessProbe:
exec: { command: ["pg_isready", "-U", "tmi_dev"] }
initialDelaySeconds: 20
periodSeconds: 10
resources:
requests: { cpu: 100m, memory: 256Mi }
limits: { cpu: "1", memory: 1Gi }
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 8Gi
24 changes: 0 additions & 24 deletions deployments/k8s/dev/kind-cluster.yml

This file was deleted.

22 changes: 0 additions & 22 deletions deployments/k8s/dev/kustomization.yaml

This file was deleted.

Loading
Loading