User Request
Add OpenFGA deployment in bootstrap_v2 IaC. It should be on the same level as MinIO (after argo, before platform). Rename the minio stack to something more universal (e.g., data) and deploy OpenFGA there alongside MinIO.
Specification
Stack Rename
- Rename
stacks/minio/ → stacks/data/
- Update
apply.sh to reference data instead of minio
- All existing MinIO resources remain unchanged
OpenFGA Deployment
Deploy OpenFGA via ArgoCD Helm application, same pattern as MinIO:
| Item |
Value |
| Helm repo URL |
https://openfga.github.io/helm-charts |
| Chart name |
openfga |
| Chart version |
0.2.56 |
| Namespace |
openfga |
| gRPC port |
8081 |
| HTTP port |
8080 |
| Playground port |
3000 |
OpenFGA Configuration
- Datastore: PostgreSQL backend. Deploy a dedicated PostgreSQL instance for OpenFGA using the same
agynio/charts/postgres-helm chart pattern used by other services in the platform stack (e.g., secrets-db, threads-db).
- Migrations: Enable automatic migrations (
datastore.applyMigrations: true)
- Bundled subchart: Disable (
postgresql.enabled: false)
- Auth: None for local dev
- Playground: Enabled for local dev
- Replicas: 1
Variables to Add
Follow the same variable patterns as existing stacks:
openfga_namespace (default: "openfga")openfga_chart_version (default: "0.2.56")openfga_db_password (default: "openfga", sensitive)openfga_db_pvc_size (default: "5Gi")postgres_chart_version — reuse if already exists, or add for the data stack
Istio VirtualService
Add VirtualServices for OpenFGA access:
openfga.${base_domain} → HTTP API (port 8080)openfga-playground.${base_domain} → Playground (port 3000)
Outputs
openfga_app_name — ArgoCD application name- Keep existing
minio_app_name output
apply.sh Order
k8s → system → routing → data → platform
User Request
Add OpenFGA deployment in bootstrap_v2 IaC. It should be on the same level as MinIO (after argo, before platform). Rename the
miniostack to something more universal (e.g.,data) and deploy OpenFGA there alongside MinIO.Specification
Stack Rename
stacks/minio/→stacks/data/apply.shto referencedatainstead ofminioOpenFGA Deployment
Deploy OpenFGA via ArgoCD Helm application, same pattern as MinIO:
https://openfga.github.io/helm-chartsopenfga0.2.56openfgaOpenFGA Configuration
agynio/charts/postgres-helmchart pattern used by other services in the platform stack (e.g.,secrets-db,threads-db).datastore.applyMigrations: true)postgresql.enabled: false)Variables to Add
Follow the same variable patterns as existing stacks:
openfga_namespace(default:"openfga")openfga_chart_version(default:"0.2.56")openfga_db_password(default:"openfga", sensitive)openfga_db_pvc_size(default:"5Gi")postgres_chart_version— reuse if already exists, or add for the data stackIstio VirtualService
Add VirtualServices for OpenFGA access:
openfga.${base_domain}→ HTTP API (port 8080)openfga-playground.${base_domain}→ Playground (port 3000)Outputs
openfga_app_name— ArgoCD application nameminio_app_nameoutputapply.sh Order