feat: add Timoni module and Kind quickstart for Kubernetes deployment
Additional changelog entries
feat: add Kafka TLS support via Quarkus TLS Registry
fix: add Kafka Streams application-id to prevent consumer group conflict with Reactive Messaging
fix: change default Keycloak realm from quarkus to kvasir
Problem
Previous deployment used Helm + Helmfile (marked deprecated). Recent overhaul of configuration management in Kvasir called for changes to the Helm chart, making it apparent that maintaining the Helm setup is both counterproductive and time-consuming.
Evaluation Process
After reviewing alternatives including KubeVela, Kustomize, YokeCD, raw CUE, and Timoni, we created a proof-of-concept with raw CUE files. We're now implementing Timoni, as it handles multi-environment patterns and service composition that would otherwise require custom integration work.
Solution: Migrate to Timoni
Use Timoni (CUE-based) for type-safe, declarative Kubernetes deployments:
- Reusable service module - Single generic module for all Kvasir services (monorepo-friendly)
- Environment bundles - Clean override files (dev, staging, prod)
- OCI registry support - Proper versioning and GitOps-ready
- Simpler than raw CUE - Built-in patterns for multi-environment deployments
Progress
-
Evaluate raw CUE approach (complex for multi-repo composition) -
Create base Timoni module structure -
Define comprehensive Kvasir configuration schema -
Wire configuration into ConfigMap generation -
Test module with monolith deployment -
Add MVP Kind setup -
Add Kind test to CI -
Document deployment workflows -
Publish module to OCI registry -
Remove Helm/Helmfile setup
Benefits vs Helm
- Type safety - CUE validation catches errors early
- No templating - Clean configuration merging with built-in logic instead of Go templates
- Better composition - Share configs across services without copy-paste
- Synchronized versioning - Single version for all microservices (monorepo pattern)
References
- CUE - https://cuelang.org/
- Timoni - https://timoni.sh/