Sort the keys in the CI values files assembly

charts/matrix-stack/ci/element-web-checkov-values.yaml

@@ -5,15 +5,15 @@
 # source_fragments: element-web-minimal.yaml element-web-checkov.yaml
 # DO NOT EDIT DIRECTLY. Edit the fragment files to add / modify / remove values
 
-initSecrets:
-  enabled: false
 elementWeb:
-  ingress:
-    host: element.ess.localhost
   annotations:
     checkov.io/skip1: CKV_K8S_11=We deliberately don't set CPU limits. Pod is BestEffort not Guaranteed
     checkov.io/skip2: CKV_K8S_43=No digests
     checkov.io/skip3: CKV2_K8S_6=No network policy yet
+  ingress:
+    host: element.ess.localhost
+initSecrets:
+  enabled: false
 matrixAuthenticationService:
   enabled: false
 postgres:

charts/matrix-stack/ci/element-web-minimal-values.yaml

@@ -5,11 +5,11 @@
 # source_fragments: element-web-minimal.yaml
 # DO NOT EDIT DIRECTLY. Edit the fragment files to add / modify / remove values
 
-initSecrets:
-  enabled: false
 elementWeb:
   ingress:
     host: element.ess.localhost
+initSecrets:
+  enabled: false
 matrixAuthenticationService:
   enabled: false
 postgres:

charts/matrix-stack/ci/example-default-enabled-components-values.yaml

@@ -5,19 +5,19 @@
 # source_fragments: element-web-minimal.yaml synapse-minimal.yaml matrix-authentication-service-minimal.yaml init-secrets-minimal.yaml postgres-minimal.yaml well-known-minimal.yaml
 # DO NOT EDIT DIRECTLY. Edit the fragment files to add / modify / remove values
 
-initSecrets:
-  enabled: true
 elementWeb:
   ingress:
     host: element.ess.localhost
+initSecrets:
+  enabled: true
 matrixAuthenticationService:
   ingress:
     host: mas.ess.localhost
 postgres:
   enabled: true
+serverName: ess.localhost
 synapse:
   ingress:
     host: synapse.ess.localhost
 wellKnownDelegation:
   enabled: true
-serverName: ess.localhost

charts/matrix-stack/ci/matrix-authentication-service-checkov-values.yaml

@@ -5,28 +5,28 @@
 # source_fragments: matrix-authentication-service-minimal.yaml matrix-authentication-service-checkov.yaml init-secrets-minimal.yaml init-secrets-checkov.yaml postgres-minimal.yaml postgres-checkov.yaml
 # DO NOT EDIT DIRECTLY. Edit the fragment files to add / modify / remove values
 
+elementWeb:
+  enabled: false
 initSecrets:
-  enabled: true
   annotations:
     checkov.io/skip1: CKV_K8S_11=We deliberately don't set CPU limits. Pod is BestEffort not Guaranteed
     checkov.io/skip2: CKV_K8S_43=No digests
     checkov.io/skip3: CKV2_K8S_6=No network policy yet
     checkov.io/skip4: CKV_K8S_38=The job needs a service account
-elementWeb:
-  enabled: false
+  enabled: true
 matrixAuthenticationService:
-  ingress:
-    host: mas.ess.localhost
   annotations:
     checkov.io/skip1: CKV_K8S_11=We deliberately don't set CPU limits. Pod is BestEffort not Guaranteed
     checkov.io/skip2: CKV_K8S_43=No digests
     checkov.io/skip3: CKV2_K8S_6=No network policy yet
+  ingress:
+    host: mas.ess.localhost
 postgres:
-  enabled: true
   annotations:
     checkov.io/skip1: CKV_K8S_11=We deliberately don't set CPU limits. Pod is BestEffort not Guaranteed
     checkov.io/skip2: CKV_K8S_43=No digests
     checkov.io/skip3: CKV2_K8S_6=No network policy yet
+  enabled: true
 synapse:
   enabled: false
 wellKnownDelegation:

charts/matrix-stack/ci/matrix-authentication-service-external-synapse-values.yaml

@@ -5,13 +5,11 @@
 # source_fragments: matrix-authentication-service-minimal.yaml matrix-authentication-service-external-synapse.yaml init-secrets-minimal.yaml postgres-minimal.yaml
 # DO NOT EDIT DIRECTLY. Edit the fragment files to add / modify / remove values
 
-initSecrets:
-  enabled: true
 elementWeb:
   enabled: false
+initSecrets:
+  enabled: true
 matrixAuthenticationService:
-  ingress:
-    host: mas.ess.localhost
   additional:
     0000-matrix-server:
       config: |
@@ -23,6 +21,8 @@ matrixAuthenticationService:
           homeserver: "external.localhost
           secret: jaix6Am9Shut7zeiduu7ua5maengag3o
           endpoint: https://syn.external.localhost
+  ingress:
+    host: mas.ess.localhost
 postgres:
   enabled: true
 synapse:

charts/matrix-stack/ci/matrix-authentication-service-minimal-values.yaml

@@ -5,10 +5,10 @@
 # source_fragments: matrix-authentication-service-minimal.yaml init-secrets-minimal.yaml postgres-minimal.yaml
 # DO NOT EDIT DIRECTLY. Edit the fragment files to add / modify / remove values
 
-initSecrets:
-  enabled: true
 elementWeb:
   enabled: false
+initSecrets:
+  enabled: true
 matrixAuthenticationService:
   ingress:
     host: mas.ess.localhost

charts/matrix-stack/ci/matrix-authentication-service-postgres-secrets-externally-values.yaml

@@ -5,26 +5,17 @@
 # source_fragments: matrix-authentication-service-minimal.yaml matrix-authentication-service-secrets-externally.yaml postgres-secrets-externally.yaml postgres-matrix-authentication-service-secrets-externally.yaml
 # DO NOT EDIT DIRECTLY. Edit the fragment files to add / modify / remove values
 
-initSecrets:
-  enabled: false
 elementWeb:
   enabled: false
+initSecrets:
+  enabled: false
 matrixAuthenticationService:
-  ingress:
-    host: mas.ess.localhost
-  synapseSharedSecret:
-    secret: "{{ $.Release.Name }}-mas-external"
-    secretKey: synapseShared
-  synapseOIDCClientSecret:
-    secret: "{{ $.Release.Name }}-mas-external"
-    secretKey: synapseOIDC
   encryptionSecret:
     secret: "{{ $.Release.Name }}-mas-external"
     secretKey: encryption
+  ingress:
+    host: mas.ess.localhost
   privateKeys:
-    rsa:
-      secret: "{{ $.Release.Name }}-mas-external"
-      secretKey: keysRSA
     ecdsaPrime256v1:
       secret: "{{ $.Release.Name }}-mas-external"
       secretKey: keysEcdsaPrime256v1
@@ -34,11 +25,20 @@ matrixAuthenticationService:
     ecdsaSecp384r1:
       secret: "{{ $.Release.Name }}-mas-external"
       secretKey: keysEcdsaSecp384r1
+    rsa:
+      secret: "{{ $.Release.Name }}-mas-external"
+      secretKey: keysRSA
+  synapseOIDCClientSecret:
+    secret: "{{ $.Release.Name }}-mas-external"
+    secretKey: synapseOIDC
+  synapseSharedSecret:
+    secret: "{{ $.Release.Name }}-mas-external"
+    secretKey: synapseShared
 postgres:
-  enabled: true
   adminPassword:
     secret: "{{ $.Release.Name }}-pg-external"
     secretKey: adminPasswordShared
+  enabled: true
   essPasswords:
     matrixAuthenticationService:
       secret: "{{ $.Release.Name }}-pg-external"

charts/matrix-stack/ci/matrix-authentication-service-postgres-secrets-in-helm-values.yaml

@@ -5,26 +5,17 @@
 # source_fragments: matrix-authentication-service-minimal.yaml matrix-authentication-service-secrets-externally.yaml postgres-secrets-in-helm.yaml postgres-matrix-authentication-service-secrets-in-helm.yaml
 # DO NOT EDIT DIRECTLY. Edit the fragment files to add / modify / remove values
 
-initSecrets:
-  enabled: false
 elementWeb:
   enabled: false
+initSecrets:
+  enabled: false
 matrixAuthenticationService:
-  ingress:
-    host: mas.ess.localhost
-  synapseSharedSecret:
-    secret: "{{ $.Release.Name }}-mas-external"
-    secretKey: synapseShared
-  synapseOIDCClientSecret:
-    secret: "{{ $.Release.Name }}-mas-external"
-    secretKey: synapseOIDC
   encryptionSecret:
     secret: "{{ $.Release.Name }}-mas-external"
     secretKey: encryption
+  ingress:
+    host: mas.ess.localhost
   privateKeys:
-    rsa:
-      secret: "{{ $.Release.Name }}-mas-external"
-      secretKey: keysRSA
     ecdsaPrime256v1:
       secret: "{{ $.Release.Name }}-mas-external"
       secretKey: keysEcdsaPrime256v1
@@ -34,10 +25,19 @@ matrixAuthenticationService:
     ecdsaSecp384r1:
       secret: "{{ $.Release.Name }}-mas-external"
       secretKey: keysEcdsaSecp384r1
+    rsa:
+      secret: "{{ $.Release.Name }}-mas-external"
+      secretKey: keysRSA
+  synapseOIDCClientSecret:
+    secret: "{{ $.Release.Name }}-mas-external"
+    secretKey: synapseOIDC
+  synapseSharedSecret:
+    secret: "{{ $.Release.Name }}-mas-external"
+    secretKey: synapseShared
 postgres:
-  enabled: true
   adminPassword:
     value: CHANGEME-phiaPh8iu9tiivaiWahquaeg8ohcub4a
+  enabled: true
   essPasswords:
     matrixAuthenticationService:
       value: CHANGEME-aiT7eisheim3Ojo3rongikuo1eiV3Ooh

charts/matrix-stack/ci/matrix-authentication-service-secrets-externally-values.yaml

@@ -5,33 +5,24 @@
 # source_fragments: matrix-authentication-service-minimal.yaml matrix-authentication-service-test-postgres.yaml matrix-authentication-service-test-postgres-secrets-externally.yaml matrix-authentication-service-secrets-externally.yaml
 # DO NOT EDIT DIRECTLY. Edit the fragment files to add / modify / remove values
 
-initSecrets:
-  enabled: false
 elementWeb:
   enabled: false
+initSecrets:
+  enabled: false
 matrixAuthenticationService:
+  encryptionSecret:
+    secret: "{{ $.Release.Name }}-mas-external"
+    secretKey: encryption
   ingress:
     host: mas.ess.localhost
   postgres:
-    host: postgres
-    user: mas
     database: mas
+    host: postgres
     password:
       secret: "{{ $.Release.Name }}-mas-external"
       secretKey: postgresPassword
-  synapseSharedSecret:
-    secret: "{{ $.Release.Name }}-mas-external"
-    secretKey: synapseShared
-  synapseOIDCClientSecret:
-    secret: "{{ $.Release.Name }}-mas-external"
-    secretKey: synapseOIDC
-  encryptionSecret:
-    secret: "{{ $.Release.Name }}-mas-external"
-    secretKey: encryption
+    user: mas
   privateKeys:
-    rsa:
-      secret: "{{ $.Release.Name }}-mas-external"
-      secretKey: keysRSA
     ecdsaPrime256v1:
       secret: "{{ $.Release.Name }}-mas-external"
       secretKey: keysEcdsaPrime256v1
@@ -41,6 +32,15 @@ matrixAuthenticationService:
     ecdsaSecp384r1:
       secret: "{{ $.Release.Name }}-mas-external"
       secretKey: keysEcdsaSecp384r1
+    rsa:
+      secret: "{{ $.Release.Name }}-mas-external"
+      secretKey: keysRSA
+  synapseOIDCClientSecret:
+    secret: "{{ $.Release.Name }}-mas-external"
+    secretKey: synapseOIDC
+  synapseSharedSecret:
+    secret: "{{ $.Release.Name }}-mas-external"
+    secretKey: synapseShared
 postgres:
   enabled: false
 synapse:

charts/matrix-stack/ci/matrix-authentication-service-secrets-in-helm-values.yaml

@@ -5,31 +5,22 @@
 # source_fragments: matrix-authentication-service-minimal.yaml matrix-authentication-service-test-postgres.yaml matrix-authentication-service-test-postgres-secrets-in-helm.yaml  matrix-authentication-service-secrets-in-helm.yaml
 # DO NOT EDIT DIRECTLY. Edit the fragment files to add / modify / remove values
 
-initSecrets:
-  enabled: false
 elementWeb:
   enabled: false
+initSecrets:
+  enabled: false
 matrixAuthenticationService:
+  encryptionSecret:
+    value: CHANGEME-ahohhohgiavee5Koh8ahwo
   ingress:
     host: mas.ess.localhost
   postgres:
-    host: postgres
-    user: mas
     database: mas
+    host: postgres
     password:
       value: CHANGEME-ooWo6jeidahhei3Hae0eer9U
-  synapseSharedSecret:
-    value: CHANGEME-iaw8eeSef4zeefie8ii3akien9tiaYah
-  synapseOIDCClientSecret:
-    value: CHANGEME-eiv6wae8shooPhie4ief8ru2egahbah0
-  encryptionSecret:
-    value: CHANGEME-ahohhohgiavee5Koh8ahwo
+    user: mas
   privateKeys:
-    rsa:
-      value: |
-        -----BEGIN RSA PRIVATE KEY-----
-        MIIEowIBAAKCAQEA6521bYjZ789034nLz+oXJyVWqgUdDmRlKxvTfHsBhFtGpOaAoGCCqGSM49AwEHoUQDQgAE6521bYjZ789034nLz+oXJyVWqgUdDmRlKxvTfHsBhFtGpOaAoGCCqGSM49
-        ------END RSA PRIVATE KEY-----
     ecdsaPrime256v1:
       value: |
         -----BEGIN EC PRIVATE KEY-----
@@ -47,6 +38,15 @@ matrixAuthenticationService:
         -----BEGIN EC PRIVATE KEY-----
          MHcCAQEEZFQZ789034nLz+oXJyVWqgUdDmRlKxvTfHsBhFtGpOaAoGCCqGSM49AwEHoUQDQgAE6521bYjZ789034nLz+oXJyVWqgUdDmRlKxvTfHsBhFtGpOaAoGCCqGSM49
          ------END EC PRIVATE KEY-----
+    rsa:
+      value: |
+        -----BEGIN RSA PRIVATE KEY-----
+        MIIEowIBAAKCAQEA6521bYjZ789034nLz+oXJyVWqgUdDmRlKxvTfHsBhFtGpOaAoGCCqGSM49AwEHoUQDQgAE6521bYjZ789034nLz+oXJyVWqgUdDmRlKxvTfHsBhFtGpOaAoGCCqGSM49
+        ------END RSA PRIVATE KEY-----
+  synapseOIDCClientSecret:
+    value: CHANGEME-eiv6wae8shooPhie4ief8ru2egahbah0
+  synapseSharedSecret:
+    value: CHANGEME-iaw8eeSef4zeefie8ii3akien9tiaYah
 postgres:
   enabled: false
 synapse:

charts/matrix-stack/ci/pytest-element-web-values.yaml

@@ -5,15 +5,7 @@
 # source_fragments: element-web-minimal.yaml element-web-pytest-extras.yaml
 # DO NOT EDIT DIRECTLY. Edit the fragment files to add / modify / remove values
 
-initSecrets:
-  enabled: false
 elementWeb:
-  ingress:
-    host: element.{{ $.Values.serverName }}
-    tlsSecret: "{{ $.Release.Name }}-element-web-tls"
-  replicas: 1
-  annotations:
-    has-no-service-monitor: "true"
   additional:
     "default_server_config":
       "m.homeserver":
@@ -22,16 +14,24 @@ elementWeb:
       "url": "https://call.{{ $.Values.serverName }}"
       "use_exclusively": true
     "features":
-      "feature_video_rooms": true
+      "feature_element_call_video_rooms": true
       "feature_group_calls": true
       "feature_new_room_decoration_ui": true
-      "feature_element_call_video_rooms": true
+      "feature_video_rooms": true
+  annotations:
+    has-no-service-monitor: "true"
+  ingress:
+    host: element.{{ $.Values.serverName }}
+    tlsSecret: "{{ $.Release.Name }}-element-web-tls"
+  replicas: 1
+initSecrets:
+  enabled: false
 matrixAuthenticationService:
   enabled: false
 postgres:
   enabled: false
+serverName: ess.localhost
 synapse:
   enabled: false
 wellKnownDelegation:
   enabled: false
-serverName: ess.localhost