suitenumerique · rouja · Sep 2, 2025 · coderabbitai · Sep 2, 2025 · coderabbitai
diff --git a/bin/Tiltfile b/bin/Tiltfile
@@ -85,12 +85,13 @@ clean_old_images('localhost:5001/meet-livekit')
 
 k8s_yaml(local('cd ../src/helm && helmfile -n meet -e ${DEV_ENV:-dev} template .'))
 
-k8s_resource('minio-bucket', resource_deps=['minio'])
-k8s_resource('meet-backend', resource_deps=['postgresql', 'minio', 'redis', 'livekit-livekit-server'])
-k8s_resource('meet-backend-migrate', resource_deps=['meet-backend'])
+k8s_resource('meet-backend', resource_deps=['dev-backend-redis', 'dev-backend-keycloak', 'dev-backend-postgres', 'livekit-livekit-server', 'dev-backend-minio:statefulset'])
+k8s_resource('meet-backend-migrate', resource_deps=['dev-backend-postgres'])
+k8s_resource('livekit-livekit-server', resource_deps=['dev-backend-redis'])
 k8s_resource('livekit-livekit-server-test-connection', resource_deps=['livekit-livekit-server'])
-k8s_resource('keycloak', resource_deps=['kc-postgresql'])
 k8s_resource('meet-backend-createsuperuser', resource_deps=['meet-backend-migrate'])
+k8s_resource('dev-backend-keycloak', resource_deps=['dev-backend-keycloak-pg'])
+k8s_resource('livekit-egress', resource_deps=['livekit-livekit-server'])
 
 migration = '''
 set -eu

diff --git a/src/helm/env.d/dev-dinum/values.egress.yaml.gotmpl b/src/helm/env.d/dev-dinum/values.egress.yaml.gotmpl
@@ -13,8 +13,9 @@ egress:
   {{- end }}
   {{- end }}
   redis:
-    address: redis-master:6379
+    address: dev-backend-redis:6379
     password: pass
+    username: user
   s3:
-    address: dev-backend-redis:6379
-    password: pass
-    username: user
-  s3:
+    address: dev-backend-redis:6379
+    password: pass
+    username: default
+  s3:
-    address: dev-backend-redis:6379
-    password: pass
-    username: user
-  s3:
+    address: dev-backend-redis:6379
+    password: pass
+    username: default
+  s3:
     access_key: meet
     secret: password

diff --git a/src/helm/env.d/dev-dinum/values.livekit.yaml.gotmpl b/src/helm/env.d/dev-dinum/values.livekit.yaml.gotmpl
@@ -14,8 +14,9 @@ livekit:
     port_range_end: 60000
     tcp_port: 7881
   redis:
-    address: redis-master:6379
+    address: dev-backend-redis:6379
     password: pass
+    username: user
-    address: dev-backend-redis:6379
-    password: pass
-    username: user
+    address: dev-backend-redis:6379
+    password: pass
+    username: default
-    address: dev-backend-redis:6379
-    password: pass
-    username: user
+    address: dev-backend-redis:6379
+    password: pass
+    username: default
   keys:
   turn:
     enabled: true

diff --git a/src/helm/env.d/dev-dinum/values.meet.yaml.gotmpl b/src/helm/env.d/dev-dinum/values.meet.yaml.gotmpl
@@ -35,12 +35,21 @@ backend:
     LOGIN_REDIRECT_URL: https://meet.127.0.0.1.nip.io
     LOGIN_REDIRECT_URL_FAILURE: https://meet.127.0.0.1.nip.io
     LOGOUT_REDIRECT_URL: https://meet.127.0.0.1.nip.io
-    DB_HOST: postgres
-    DB_NAME: meet
-    DB_USER: dinum
-    DB_PASSWORD: pass
+    DB_HOST: dev-backend-postgres
+    DB_NAME:
+      secretKeyRef:
+        name: dev-backend-postgres
+        key: database
+    DB_USER:
+      secretKeyRef:
+        name: dev-backend-postgres
+        key: username
+    DB_PASSWORD:
+      secretKeyRef:
+        name: dev-backend-postgres
+        key: password
     DB_PORT: 5432
-    REDIS_URL: redis://default:pass@redis-master:6379/1
+    REDIS_URL: redis://user:pass@dev-backend-redis:6379/1
     STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage
     {{- with .Values.livekit.keys }}
     {{- range $key, $value := . }}
@@ -58,8 +67,8 @@ backend:
     FRONTEND_USE_FRENCH_GOV_FOOTER: True
     FRONTEND_USE_PROCONNECT_BUTTON: True
     FRONTEND_MANIFEST_LINK: "https://docs.numerique.gouv.fr/docs/1ef86abf-f7e0-46ce-b6c7-8be8b8af4c3d/"
-    AWS_S3_ENDPOINT_URL: http://minio.meet.svc.cluster.local:9000
-    AWS_S3_ACCESS_KEY_ID: meet
+    AWS_S3_ENDPOINT_URL: http://dev-backend-minio.meet.svc.cluster.local:9000
+    AWS_S3_ACCESS_KEY_ID: dinum
     AWS_S3_SECRET_ACCESS_KEY: password
     AWS_STORAGE_BUCKET_NAME: meet-media-storage
     AWS_S3_REGION_NAME: local

diff --git a/src/helm/env.d/dev-keycloak/values.egress.yaml.gotmpl b/src/helm/env.d/dev-keycloak/values.egress.yaml.gotmpl
@@ -13,8 +13,9 @@ egress:
   {{- end }}
   {{- end }}
   redis:
-    address: redis-master:6379
+    address: dev-backend-redis:6379
     password: pass
+    username: user
   s3:
     access_key: meet
     secret: password

diff --git a/src/helm/env.d/dev-keycloak/values.livekit.yaml.gotmpl b/src/helm/env.d/dev-keycloak/values.livekit.yaml.gotmpl
@@ -14,8 +14,9 @@ livekit:
     port_range_end: 60000
     tcp_port: 7881
   redis:
-    address: redis-master:6379
+    address: dev-backend-redis:6379
     password: pass
+    username: user
-    address: dev-backend-redis:6379
-    password: pass
-    username: user
+    address: dev-backend-redis:6379
+    password: pass
+    username: default
-    address: dev-backend-redis:6379
-    password: pass
-    username: user
+    address: dev-backend-redis:6379
+    password: pass
+    username: default
   keys:
   turn:
     enabled: true

diff --git a/src/helm/env.d/dev-keycloak/values.meet.yaml.gotmpl b/src/helm/env.d/dev-keycloak/values.meet.yaml.gotmpl
@@ -35,12 +35,21 @@ backend:
     LOGIN_REDIRECT_URL: https://meet.127.0.0.1.nip.io
     LOGIN_REDIRECT_URL_FAILURE: https://meet.127.0.0.1.nip.io
     LOGOUT_REDIRECT_URL: https://meet.127.0.0.1.nip.io
-    DB_HOST: postgres
-    DB_NAME: meet
-    DB_USER: dinum
-    DB_PASSWORD: pass
+    DB_HOST: dev-backend-postgres
+    DB_NAME:
+      secretKeyRef:
+        name: dev-backend-postgres
+        key: database
+    DB_USER:
+      secretKeyRef:
+        name: dev-backend-postgres
+        key: username
+    DB_PASSWORD:
+      secretKeyRef:
+        name: dev-backend-postgres
+        key: password
     DB_PORT: 5432
-    REDIS_URL: redis://default:pass@redis-master:6379/1
+    REDIS_URL: redis://user:pass@dev-backend-redis:6379/1
     STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage
     {{- with .Values.livekit.keys }}
     {{- range $key, $value := . }}
@@ -57,8 +66,8 @@ backend:
     FRONTEND_TRANSCRIPT: "{'form_beta_users': 'https://grist.numerique.gouv.fr/o/docs/forms/3fFfvJoTBEQ6ZiMi8zsQwX/17'}"
     FRONTEND_FEEDBACK: "{'url': 'https://grist.numerique.gouv.fr/o/docs/cbMv4G7pLY3Z/USER-RESEARCH-or-LA-SUITE/f/26'}"
     FRONTEND_MANIFEST_LINK: "https://docs.numerique.gouv.fr/docs/1ef86abf-f7e0-46ce-b6c7-8be8b8af4c3d/"
-    AWS_S3_ENDPOINT_URL: http://minio.meet.svc.cluster.local:9000
-    AWS_S3_ACCESS_KEY_ID: meet
+    AWS_S3_ENDPOINT_URL: http://dev-backend-minio.meet.svc.cluster.local:9000
+    AWS_S3_ACCESS_KEY_ID: dinum
     AWS_S3_SECRET_ACCESS_KEY: password
     AWS_STORAGE_BUCKET_NAME: meet-media-storage
     AWS_S3_REGION_NAME: local

diff --git a/src/helm/env.d/dev/values.egress.yaml.gotmpl b/src/helm/env.d/dev/values.egress.yaml.gotmpl
@@ -13,8 +13,9 @@ egress:
   {{- end }}
   {{- end }}
   redis:
-    address: redis-master:6379
+    address: dev-backend-redis:6379
     password: pass
+    username: user
   s3:
     access_key: meet
     secret: password

diff --git a/src/helm/env.d/dev/values.livekit.yaml.gotmpl b/src/helm/env.d/dev/values.livekit.yaml.gotmpl
@@ -14,8 +14,9 @@ livekit:
     port_range_end: 60000
     tcp_port: 7881
   redis:
-    address: redis-master:6379
+    address: dev-backend-redis:6379
     password: pass
+    username: user
-    address: dev-backend-redis:6379
-    password: pass
-    username: user
+    address: dev-backend-redis:6379
+    password: pass
+    username: default
-    address: dev-backend-redis:6379
-    password: pass
-    username: user
+    address: dev-backend-redis:6379
+    password: pass
+    username: default
   keys:
   turn:
     enabled: true

diff --git a/src/helm/env.d/dev/values.meet.yaml.gotmpl b/src/helm/env.d/dev/values.meet.yaml.gotmpl
@@ -57,12 +57,21 @@ backend:
     LOGIN_REDIRECT_URL: https://meet.127.0.0.1.nip.io
     LOGIN_REDIRECT_URL_FAILURE: https://meet.127.0.0.1.nip.io
     LOGOUT_REDIRECT_URL: https://meet.127.0.0.1.nip.io
-    DB_HOST: postgres
-    DB_NAME: meet
-    DB_USER: dinum
-    DB_PASSWORD: pass
+    DB_HOST: dev-backend-postgres
+    DB_NAME:
+      secretKeyRef:
+        name: dev-backend-postgres
+        key: database
+    DB_USER:
+      secretKeyRef:
+        name: dev-backend-postgres
+        key: username
+    DB_PASSWORD:
+      secretKeyRef:
+        name: dev-backend-postgres
+        key: password
     DB_PORT: 5432
-    REDIS_URL: redis://default:pass@redis-master:6379/1
+    REDIS_URL: redis://user:pass@dev-backend-redis:6379/1
     STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage
     {{- with .Values.livekit.keys }}
     {{- range $key, $value := . }}
@@ -74,8 +83,8 @@ backend:
     ALLOW_UNREGISTERED_ROOMS: False
     FRONTEND_SILENCE_LIVEKIT_DEBUG: False
     FRONTEND_SUPPORT: "{'id': '58ea6697-8eba-4492-bc59-ad6562585041'}"
-    AWS_S3_ENDPOINT_URL: http://minio.meet.svc.cluster.local:9000
-    AWS_S3_ACCESS_KEY_ID: meet
+    AWS_S3_ENDPOINT_URL: http://dev-backend-minio.meet.svc.cluster.local:9000
+    AWS_S3_ACCESS_KEY_ID: dinum
     AWS_S3_SECRET_ACCESS_KEY: password
     AWS_STORAGE_BUCKET_NAME: meet-media-storage
     AWS_S3_REGION_NAME: local

diff --git a/src/helm/extra/templates/kc-postgresql-sts.yaml b/src/helm/extra/templates/kc-postgresql-sts.yaml
diff --git a/src/helm/extra/templates/keycloak-sts.yaml b/src/helm/extra/templates/keycloak-sts.yaml