{"id":50825426,"url":"https://github.com/openshift-hyperfleet/hyperfleet-infra","last_synced_at":"2026-06-13T18:05:34.994Z","repository":{"id":333853666,"uuid":"1112210760","full_name":"openshift-hyperfleet/hyperfleet-infra","owner":"openshift-hyperfleet","description":null,"archived":false,"fork":false,"pushed_at":"2026-06-10T07:16:37.000Z","size":302,"stargazers_count":1,"open_issues_count":1,"forks_count":15,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-10T08:22:33.213Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/openshift-hyperfleet.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2025-12-08T10:00:48.000Z","updated_at":"2026-06-09T10:25:32.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/openshift-hyperfleet/hyperfleet-infra","commit_stats":null,"previous_names":["openshift-hyperfleet/hyperfleet-infra"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/openshift-hyperfleet/hyperfleet-infra","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openshift-hyperfleet%2Fhyperfleet-infra","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openshift-hyperfleet%2Fhyperfleet-infra/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openshift-hyperfleet%2Fhyperfleet-infra/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openshift-hyperfleet%2Fhyperfleet-infra/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/openshift-hyperfleet","download_url":"https://codeload.github.com/openshift-hyperfleet/hyperfleet-infra/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openshift-hyperfleet%2Fhyperfleet-infra/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34294416,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-13T02:00:06.617Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-06-13T18:05:32.240Z","updated_at":"2026-06-13T18:05:34.989Z","avatar_url":"https://github.com/openshift-hyperfleet.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# HyperFleet Infrastructure\n\nInfrastructure as Code for HyperFleet development environments using **Makefile + Helmfile + Terraform**.\n\n`make help` is the canonical entry point.\n\n## Overview\n\nTwo message broker backends are supported:\n\n- **Google Pub/Sub** (default) — managed by GCP, provisioned via Terraform\n- **RabbitMQ** — self-hosted via `helm/rabbitmq/`, used for kind/local deployments\n\n**Terraform manages (GCP only):**\n- Shared VPC, subnets, firewall rules (one-time per project)\n- Per-developer GKE clusters\n- Google Pub/Sub topics, subscriptions, Workload Identity\n- Helm values files written to `generated-values-from-terraform/`\n\n**Helmfile manages:**\n- All HyperFleet components (API, Sentinels, Adapters, *RabbitMQ)\n- Environment-specific configurations across four environments\n\n## Prerequisites\n\n### All environments\n\n- `helm` + [`helm-git` plugin](https://github.com/aslafy-z/helm-git) + [`helm-diff` plugin](https://github.com/databus23/helm-diff)\n- `helmfile`\n- `kubectl` with a configured context\n\n```bash\nhelm plugin install https://github.com/aslafy-z/helm-git\nhelm plugin install https://github.com/databus23/helm-diff --verify=false\n```\n\n### GCP only\n\n- `terraform 1.13.1` (pinned via `.tool-versions`; use [asdf](https://asdf-vm.com/))\n- [Google Cloud SDK](https://cloud.google.com/sdk/docs/install) (`gcloud`) + `gke-gcloud-auth-plugin`\n- Access to the `hcm-hyperfleet` GCP project\n\n### kind only\n\n- `kind`\n- `podman` or `docker` (for image builds)\n\n## Deployment Environments\n\n| `HELMFILE_ENV` | Cluster | Broker | Notes |\n|----------------|---------|--------|-------|\n| `gcp` | GKE (Terraform) | Google Pub/Sub | Requires Terraform-generated values |\n| `kind` | kind (local) | RabbitMQ | Requires script-generated values |\n| `e2e-gcp` | GKE (Terraform) | Google Pub/Sub | Broker config hardcoded in helmfile |\n| `e2e-kind` | kind (local) | RabbitMQ | Broker config hardcoded in helmfile |\n\n`HELMFILE_ENV` defaults to `gcp` if not set.\n\n### Environment variable loading\n\nThe Makefile selects the env file based on `HELMFILE_ENV`:\n- contains `gcp` → sources `env.gcp`\n- does not contain `gcp` → sources `env.kind` (so `kind`, `e2e-kind`, etc.)\n\nAll variables use `?=`. CLI overrides always win:\n\n```bash\nHELMFILE_ENV=kind NAMESPACE=my-namespace REGISTRY=quay.io make install-hyperfleet\n```\n\nConfiguration precedence (highest to lowest):\n1. CLI variables\n2. `env.gcp` or `env.kind`\n3. Makefile defaults\n\n## Makefile Targets\n\n### HyperFleet\n\n| Target | Description |\n|--------|-------------|\n| `make install-hyperfleet` | Install all HyperFleet components |\n| `make install-api` | Install HyperFleet API only |\n| `make install-sentinels` | Install Sentinels only |\n| `make install-adapters` | Install Adapters only |\n| `make uninstall-hyperfleet` | Uninstall all HyperFleet components |\n| `make uninstall-hyperfleet-api` | Uninstall API only |\n| `make uninstall-hyperfleet-sentinels` | Uninstall Sentinels only |\n| `make uninstall-hyperfleet-adapters` | Uninstall Adapters only |\n\n### Terraform\n\n| Target | Description |\n|--------|-------------|\n| `make install-terraform` | `terraform init` + `apply`; writes generated values |\n| `make plan-terraform` | `terraform plan` (no apply) |\n| `make validate-terraform` | `terraform init -backend=false` + fmt check + validate |\n| `make get-credentials` | Configure kubectl from terraform output |\n| `make destroy-terraform` | Destroy Terraform-managed infrastructure |\n\n### Maestro\n\n| Target | Description |\n|--------|-------------|\n| `make install-maestro` | Install Maestro server + agent (runs `helm dependency update` first) |\n| `make create-maestro-consumer` | Create a Maestro consumer (requires Maestro running) |\n| `make install-maestro-all` | `install-maestro` + `create-maestro-consumer` |\n| `make uninstall-maestro` | Uninstall Maestro |\n\n### kind\n\n| Target | Description |\n|--------|-------------|\n| `make create-kind-cluster` | Create kind cluster or export kubeconfig if it exists |\n| `make delete-kind-cluster` | Delete the kind cluster |\n| `make kind-build-images` | Build and load component images into kind |\n| `make local-up-kind` | Full local setup: cluster + images + maestro + values + deploy |\n| `make local-down-kind` | Tear down: uninstall hyperfleet + maestro + delete cluster |\n\n### Generated values\n\n| Target | Description |\n|--------|-------------|\n| `make generate-rabbitmq-values` | Generate RabbitMQ broker Helm values (`HELMFILE_ENV=kind` only) |\n| `make clean-generated` | Remove all generated value directories |\n\n### Validation / CI\n\n| Target | Description |\n|--------|-------------|\n| `make ci-dry-run` | `ci-validate` + `validate maestro` |\n| `make ci-test` | `install terraform` + `get-credentials` + `install-maestro` + `create-maestro-consumer` + `health-check-maestro` |\n| `make ci-cleanup` | `uninstall-maestro` + `destroy-terraform` |\n\n\n## Variables\n\n| Variable | GCP default | kind default | Notes |\n|----------|------------|--------------|-------|\n| `HELMFILE_ENV` | `gcp` | `kind` | Also `e2e-gcp`, `e2e-kind` |\n| `NAMESPACE` | `hyperfleet` | `hyperfleet-local` | e2e envs use `hyperfleet-e2e[-$USER]` |\n| `MAESTRO_NAMESPACE` | `maestro` | `maestro` | |\n| `REGISTRY` | `registry.ci.openshift.org` | `localhost` | |\n| `API_REPOSITORY` | `ci/hyperfleet-api` | `hyperfleet-api` | |\n| `SENTINEL_REPOSITORY` | `ci/hyperfleet-sentinel` | `hyperfleet-sentinel` | |\n| `ADAPTER_REPOSITORY` | `ci/hyperfleet-adapter` | `hyperfleet-adapter` | |\n| `API_IMAGE_TAG` | `latest` | `local` | |\n| `SENTINEL_IMAGE_TAG` | `latest` | `local` | |\n| `ADAPTER_IMAGE_TAG` | `latest` | `local` | |\n| `IMAGE_PULL_POLICY` | `Always` | `IfNotPresent` | |\n| `CHART_ORG` | `openshift-hyperfleet` | `openshift-hyperfleet` | GitHub org for helm-git chart repos |\n| `API_CHART_REF` | `main` | `main` | Git ref for API chart |\n| `SENTINEL_CHART_REF` | `main` | `main` | Git ref for Sentinel chart |\n| `ADAPTER_CHART_REF` | `main` | `main` | Git ref for Adapter chart |\n| `TF_ENV` | `dev` | N/A | Selects `envs/gke/\u003cTF_ENV\u003e.tfvars` |\n| `RABBITMQ_URL` | N/A | `amqp://guest:guest@rabbitmq:5672` | |\n| `MAESTRO_CONSUMER` | `cluster1` | `cluster1` | |\n| `KIND_CLUSTER_NAME` | N/A | `kind` | |\n| `PROJECTS_DIR` | N/A | `~/openshift-hyperfleet` | Parent dir for sibling repos (image builds) |\n| BUILD_IMAGES | N/A | true | Set to false to skip image builds |\n\n## Repository Structure\n\n```\nhyperfleet-infra/\n├── Makefile                         # Entry point — run 'make help'\n├── env.gcp                          # GCP defaults (Google Pub/Sub, LoadBalancer)\n├── env.kind                         # kind defaults (RabbitMQ, ClusterIP)\n├── helmfile/\n│   ├── helmfile.yaml.gotmpl         # Helmfile orchestration\n│   ├── environments/                # Per-env configs (gcp, kind, e2e-gcp, e2e-kind)\n│   ├── configs/\n│   │   ├── base/adapters/           # Adapter configs (adapter1, adapter2, adapter3)\n│   │   └── e2e/adapters/            # E2E adapter configs\n│   └── values/                      # Helm value templates (.gotmpl)\n├── helm/\n│   ├── maestro/                     # Maestro umbrella chart (deps via helm-git)\n│   └── rabbitmq/                    # Dev-only RabbitMQ (not production-ready)\n├── scripts/\n│   ├── generate-rabbitmq-values.sh  # Generates RabbitMQ broker config\n│   └── kind-build-images.sh         # Builds and loads images into kind\n├── terraform/\n│   ├── README.md                    # Detailed Terraform documentation\n│   ├── main.tf                      # Root module (GKE cluster, Pub/Sub, firewall)\n│   ├── helm-values-files.tf         # Writes generated Helm values via local_file\n│   ├── bootstrap/                   # One-time GCP setup scripts (admin only)\n│   ├── shared/                      # Shared VPC infrastructure (deploy once)\n│   ├── modules/\n│   │   ├── cluster/gke/             # GKE cluster module\n│   │   └── pubsub/                  # Google Pub/Sub module\n│   └── envs/gke/                    # Per-developer tfvars and tfbackend files\n├── generated-values-from-terraform/ # Auto-generated, gitignored\n└── generated-values-rabbitmq/       # Auto-generated, gitignored\n```\n\n## Generated Helm Values\n\nBoth generated directories are gitignored and must exist before `make install-hyperfleet`.\n\n| Env | How generated | Directory |\n|-----|---------------|-----------|\n| `gcp` | `make install-terraform` (Terraform `local_file`) | `generated-values-from-terraform/` |\n| `kind` | `make generate-rabbitmq-values` (shell script) | `generated-values-rabbitmq/` |\n| `e2e-gcp` / `e2e-kind` | Not needed — hardcoded in helmfile | — |\n\nFiles written per component:\n\n| File | Component |\n|------|-----------|\n| `sentinel-clusters.yaml` | Sentinel (cluster events) |\n| `sentinel-nodepools.yaml` | Sentinel (nodepool events) |\n| `adapter1.yaml` | Adapter 1 |\n| `adapter2.yaml` | Adapter 2 |\n| `adapter3.yaml` | Adapter 3 |\n\n## Shared Infrastructure (one-time admin setup)\n\nThe shared VPC must be deployed once before any developer clusters. This is an admin-only operation:\n\n```bash\ncd terraform/shared\nterraform init -backend-config=shared.tfbackend\nterraform apply\n```\n\nSee [terraform/shared/README.md](terraform/shared/README.md) for details.\n\n## Related Repositories\n\n- [hyperfleet-api](https://github.com/openshift-hyperfleet/hyperfleet-api) — API server\n- [hyperfleet-sentinel](https://github.com/openshift-hyperfleet/hyperfleet-sentinel) — Sentinel\n- [hyperfleet-adapter](https://github.com/openshift-hyperfleet/hyperfleet-adapter) — Adapter Framework\n- [architecture](https://github.com/openshift-hyperfleet/architecture) — System architecture and standards\n\n## License\n\nApache License 2.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenshift-hyperfleet%2Fhyperfleet-infra","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenshift-hyperfleet%2Fhyperfleet-infra","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenshift-hyperfleet%2Fhyperfleet-infra/lists"}