Revert "feat: integrated HA-valkey configuration (#308)"

This reverts commit 2c7452c.

bundles/rke2/uds-bundle.yaml

@@ -400,11 +400,10 @@ packages:
   # Gitlab
   - name: gitlab-valkey
     repository: ghcr.io/defenseunicorns/packages/uds/valkey
-    ref: 8.0.1-uds.2-upstream
+    ref: 7.2.6-uds.0-upstream
     overrides:
       valkey:
         uds-valkey-config:
-          namespace: gitlab-valkey
           values:
             - path: custom
               value:
@@ -413,34 +412,13 @@ packages:
                     app.kubernetes.io/name: valkey
                   remoteNamespace: gitlab
                   port: 6379
-                  description: "Ingress from GitLab to Valkey read/write ports"
-                - direction: Ingress
-                  selector:
-                    app.kubernetes.io/name: valkey
-                  remoteNamespace: gitlab
-                  port: 26379
-                  description: "Ingress from GitLab to Valkey Sentinel"
+                  description: "Ingress from GitLab"
             - path: copyPassword
               value:
                 enabled: true
                 namespace: gitlab
                 secretName: gitlab-redis
                 secretKey: password
-          variables:
-            - name: GL_VALKEY_REPLICAS
-              default: 3
-              path: replicas
-        valkey:
-          namespace: gitlab-valkey
-          values:
-            - path: architecture
-              value: replication
-            - path: sentinel.enabled
-              value: true
-            - path: auth.enabled
-              value: true
-            - path: auth.sentinel
-              value: true
 
   - name: gitlab-pgbouncer-rw
     repository: ghcr.io/defenseunicorns/packages/uds/pgbouncer
@@ -543,30 +521,25 @@ packages:
 
   - name: gitlab
     repository: ghcr.io/defenseunicorns/packages/uds/gitlab
-    ref: 17.6.1-uds.0-upstream
+    ref: 17.5.2-uds.1-registry1
     imports:
       - name: GITLAB_DB_USERNAME
         package: gitlab-pgbouncer-rw
-
     overrides:
       gitlab:
         uds-gitlab-config:
           values:
             - path: storage.internal
               value: false
-            - path: storage.createSecret.enabled
-              value: false
             - path: postgres.internal
               value: false
             - path: redis
               value:
                 internal: true
                 selector:
                   app.kubernetes.io/name: valkey
-                namespace: gitlab-valkey
+                namespace: valkey
                 port: 6379
-            - path: redis.sentinel.enabled
-              value: true
             - path: ssh.enabled
               value: true
         uds-gitlab-settings:
@@ -591,13 +564,7 @@ packages:
             - path: gitlab.gitlab-exporter.init.containerSecurityContext
               value: *gitlab-init-security-context
             - path: global.redis.host
-              value: mymaster
-            - path: global.redis.port
-              value: 6379
-            - path: global.redis.auth.enabled
-              value: true
-            - path: global.redis.sentinelAuth.enabled
-              value: true
+              value: "valkey-master.valkey.svc.cluster.local"
             - path: gitlab.gitlab-shell.enabled
               value: true
             # See gitlab's additional manifests, this priority class prevents gitaly from being evicted due to node pressure.
@@ -606,7 +573,7 @@ packages:
             - path: gitlab.gitaly.securityContext.fsGroupChangePolicy  # https://docs.gitlab.com/ee/administration/gitaly/kubernetes.html#persistent-volume-permissions
               value: OnRootMismatch
             - path: gitlab.gitaly.cgroups.initContainer.image.tag
-              value: v17.6.1
+              value: v17.5.2
             - path: global.psql.host
               description: "GitLab DB host should point to kubernetes service for read/write pgbouncer cluster."
               value: "pgbouncer.gitlab-pgbouncer-rw.svc.cluster.local"
@@ -687,15 +654,6 @@ packages:
               path: global.gitaly.internal.names # Gitlab uses the global top-value to set subcharts: https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/values.yaml?ref_type=heads#L184
               default:
                 - "default"  # Gitlab requires that the first shard always be named `default`: https://docs.gitlab.com/ee/administration/gitaly/configure_gitaly.html?tab=Helm+chart+%28Kubernetes%29#gitlab-requires-a-default-repository-storage
-            - name: GITLAB_VALKEY_SENTINELS
-              path: global.redis.sentinels
-              default:
-                - host: valkey-node-0.valkey-headless.gitlab-valkey.svc.cluster.local
-                  port: 26379
-                - host: valkey-node-1.valkey-headless.gitlab-valkey.svc.cluster.local
-                  port: 26379
-                - host: valkey-node-2.valkey-headless.gitlab-valkey.svc.cluster.local
-                  port: 26379
             # https://docs.gitlab.com/charts/charts/globals.html#postgresql-load-balancing - configure read replica load balancing hosts list and fine tuning if needed.
             - name: GITLAB_DB_LOAD_BALANCING
               path: global.psql.load_balancing

config/uds-config.yaml

@@ -105,9 +105,7 @@ variables:
     ENDPOINT: "http://replace.with.object.store.url"
     ACCESS_KEY: "replace-me-object-store-access-key"
     SECRET_KEY: "replace-me-object-store-secret-key"
-    REGISTRY_BUCKET: uds-gitlab-registry
   gitlab:
-    GENERATE_STORAGE_SECRET: ""  # This is Zarf for "false" - everything is a string in Zarf.
     GITLAB_DB_NAME: "gitlabdb"
     MIGRATIONS_DB_ENDPOINT: "gitlab-pg.replace.with.db.url"
     TOOLBOX_DB_ENDPOINT: "gitlab-pg.replace.with.db.url"
@@ -116,7 +114,7 @@ variables:
     GITLAB_PAGES_ENABLED: "true"
     GITLAB_SIGNUP_ENABLED: "false"
     GITLAB_BACKUP_SCHEDULE: "0 3 * * *"
-    GITLAB_BACKUP_EXTRA_ARGS: "--skip artifacts,registry"
+    GITLAB_BACKUP_EXTRA_ARGS: "--skip artifiacts,registry"
     BUCKET_SUFFIX: ""
     WEBSERVICE_REPLICAS: 3
     WEBSERVICE_WORKERS: 4

docs/gitlab.md

@@ -20,4 +20,4 @@ You can confirm newly created repos are going to different shards by viewing the
 
 ## Prevent Gitaly Shard OOM
 
-The UDS Config variable `GITALY_CGROUPS` allows administrators to improve the resiliency of each gitaly node. The proper values are heavily context specific so it is disabled by default. However, the value given to that variable will be substituted directly into the `gitlab.gitaly.cgroups` path [documented here](https://docs.gitlab.com/ee/administration/gitaly/kubernetes.html#constrain-git-processes-resource-usage). Adding these values will reduce the risk a single git call will cause the gitaly node (shard) to be killed with an OOM error.
+The UDS Config variable `GITALY_CGROUPS` allows adminstrators to improve the resiliency of each gitaly node. The proper values are heavily context specific so it is disabled by default. However, the value given to that variable will be substituted directly into the `gitlab.gitaly.cgroups` path [documented here](https://docs.gitlab.com/ee/administration/gitaly/kubernetes.html#constrain-git-processes-resource-usage). Adding these values will reduce the risk a single git call will cause the gitaly node (shard) to be killed with an OOM error.

packages/additional-manifests/zarf.yaml

@@ -21,7 +21,7 @@ components:
           - gitlab/envoy-filter.yaml
           - gitlab/gitaly-priority-class.yaml
     images:
-      - registry.gitlab.com/gitlab-org/build/cng/gitaly-init-cgroups:v17.6.1  # Remember to redeploy this package if changing stuff around this image in the gitlab package
+      - registry.gitlab.com/gitlab-org/build/cng/gitaly-init-cgroups:v17.5.2  # Remember to redeploy this package if changing stuff around this image in the gitlab package
 
   - name: pepr-policy-exemptions
     required: true

packages/object-store/gitlab/secret.yaml

@@ -16,7 +16,7 @@ stringData:
     path_style: true
   registry: |-
     s3:
-      bucket: ###ZARF_VAR_REGISTRY_BUCKET###
+      bucket: uds-gitlab-registry
       accesskey: ###ZARF_VAR_ACCESS_KEY###
       secretkey: ###ZARF_VAR_SECRET_KEY###
       regionendpoint: ###ZARF_VAR_ENDPOINT###

packages/object-store/gitlab/zarf.yaml

@@ -12,8 +12,6 @@ variables:
     default: "replace-me"
   - name: SECRET_KEY
     default: "replace-me"
-  - name: REGISTRY_BUCKET
-    default: uds-gitlab-registry
 
 components:
   - name: gitlab-object-store-secret