From 3c30b868263d1bc240bbe12113470642dac6e15e Mon Sep 17 00:00:00 2001
From: sova-ci <ci@sova.local>
Date: Tue, 9 Jun 2026 16:13:32 +0300
Subject: [PATCH] chore: remove redmine-test from ArgoCD (SKIP_REDMINE=1)

---
 .../redmine-test.yaml}                        |  1 +
 .../postgres/schema/01-create-databases.sql   |  2 --
 .../cert-manager/cluster-issuer-prod.yaml     | 14 +++++++++++
 .../cert-manager/cluster-issuer-staging.yaml  | 14 +++++++++++
 platform/gitea/values-lite-remote.yaml        | 20 +++++++++++++++
 platform/monitoring/values-lite-12gb.yaml     | 25 +++++++++++++++++++
 platform/priority-classes.yaml                | 24 ++++++++++++++++++
 7 files changed, 98 insertions(+), 2 deletions(-)
 rename argocd/{apps/platform-tools.yaml => apps-local/redmine-test.yaml} (81%)
 create mode 100644 platform/cert-manager/cluster-issuer-prod.yaml
 create mode 100644 platform/cert-manager/cluster-issuer-staging.yaml
 create mode 100644 platform/gitea/values-lite-remote.yaml
 create mode 100644 platform/monitoring/values-lite-12gb.yaml
 create mode 100644 platform/priority-classes.yaml

diff --git a/argocd/apps/platform-tools.yaml b/argocd/apps-local/redmine-test.yaml
similarity index 81%
rename from argocd/apps/platform-tools.yaml
rename to argocd/apps-local/redmine-test.yaml
index 79247b0..81afe88 100644
--- a/argocd/apps/platform-tools.yaml
+++ b/argocd/apps-local/redmine-test.yaml
@@ -1,3 +1,4 @@
+# Только для локальной фермы (Multipass). На удалённом test — не применять.
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
diff --git a/data/test/sql/postgres/schema/01-create-databases.sql b/data/test/sql/postgres/schema/01-create-databases.sql
index 9899012..8208d88 100644
--- a/data/test/sql/postgres/schema/01-create-databases.sql
+++ b/data/test/sql/postgres/schema/01-create-databases.sql
@@ -1,4 +1,2 @@
 SELECT 'CREATE DATABASE sova_cabinet_test OWNER sova_test'
 WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = 'sova_cabinet_test')\gexec
-SELECT 'CREATE DATABASE redmine_test OWNER sova_test'
-WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = 'redmine_test')\gexec
diff --git a/platform/cert-manager/cluster-issuer-prod.yaml b/platform/cert-manager/cluster-issuer-prod.yaml
new file mode 100644
index 0000000..9d1430a
--- /dev/null
+++ b/platform/cert-manager/cluster-issuer-prod.yaml
@@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-prod
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: devops@sovamed.ru
+    privateKeySecretRef:
+      name: letsencrypt-prod
+    solvers:
+      - http01:
+          ingress:
+            class: nginx
diff --git a/platform/cert-manager/cluster-issuer-staging.yaml b/platform/cert-manager/cluster-issuer-staging.yaml
new file mode 100644
index 0000000..164d35e
--- /dev/null
+++ b/platform/cert-manager/cluster-issuer-staging.yaml
@@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-staging
+spec:
+  acme:
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
+    email: devops@sovamed.ru
+    privateKeySecretRef:
+      name: letsencrypt-staging
+    solvers:
+      - http01:
+          ingress:
+            class: nginx
diff --git a/platform/gitea/values-lite-remote.yaml b/platform/gitea/values-lite-remote.yaml
new file mode 100644
index 0000000..b685af3
--- /dev/null
+++ b/platform/gitea/values-lite-remote.yaml
@@ -0,0 +1,20 @@
+# Single-node test (8–12 GB): SQLite, без PostgreSQL HA
+postgresql:
+  enabled: false
+postgresql-ha:
+  enabled: false
+
+gitea:
+  config:
+    database:
+      DB_TYPE: sqlite3
+    actions:
+      ENABLED: true
+    packages:
+      ENABLED: true
+
+resources:
+  requests:
+    memory: 128Mi
+  limits:
+    memory: 512Mi
diff --git a/platform/monitoring/values-lite-12gb.yaml b/platform/monitoring/values-lite-12gb.yaml
new file mode 100644
index 0000000..816b368
--- /dev/null
+++ b/platform/monitoring/values-lite-12gb.yaml
@@ -0,0 +1,25 @@
+# Remote test server — 12 GB RAM (kube-prometheus-stack)
+grafana:
+  enabled: true
+  resources:
+    requests:
+      memory: 128Mi
+    limits:
+      memory: 256Mi
+
+prometheus:
+  prometheusSpec:
+    retention: 3d
+    scrapeInterval: 60s
+    evaluationInterval: 60s
+    resources:
+      requests:
+        memory: 512Mi
+      limits:
+        memory: 1Gi
+
+# Раскомментировать при нехватке RAM:
+# kubeStateMetrics:
+#   enabled: false
+# nodeExporter:
+#   enabled: false
diff --git a/platform/priority-classes.yaml b/platform/priority-classes.yaml
new file mode 100644
index 0000000..4dfa0cd
--- /dev/null
+++ b/platform/priority-classes.yaml
@@ -0,0 +1,24 @@
+---
+apiVersion: scheduling.k8s.io/v1
+kind: PriorityClass
+metadata:
+  name: sova-critical
+value: 1000000
+globalDefault: false
+description: "API, PostgreSQL, MySQL — не убивать при OOM"
+---
+apiVersion: scheduling.k8s.io/v1
+kind: PriorityClass
+metadata:
+  name: sova-normal
+value: 100000
+globalDefault: true
+description: "Gitea, ArgoCD, ingress"
+---
+apiVersion: scheduling.k8s.io/v1
+kind: PriorityClass
+metadata:
+  name: sova-low
+value: 10000
+globalDefault: false
+description: "Runner, Grafana, Loki — жертвы OOM"