Merge branch 'zulh-civo-b' into main

.github/workflows/ping-bizaar-daemon-repo.yaml

@@ -0,0 +1,15 @@
+name: ping-kubemart-daemon-repo
+on: push
+
+jobs:
+  ping-kubemart-daemon-repo:
+    name: Dispatch to kubemart/kubemart-daemon
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Emit repository_dispatch
+        uses: mvasigh/dispatch-action@main
+        with:
+          token: ${{ secrets.GH_PAT }}
+          owner: kubemart
+          repo: kubemart-daemon
+          event_type: ping-from-kubernetes-marketplace-repo

.gitignore

@@ -0,0 +1,5 @@
+.DS_Store
+
+# Any kubeconfig within the repo - could potentially contain auth data
+kubeconfig*
+*kubeconfig

Gemfile.lock

@@ -10,4 +10,4 @@ DEPENDENCIES
   image_size
 
 BUNDLED WITH
-   1.17.3
+   2.2.3

README.md

@@ -85,29 +85,29 @@ Applications support customization through a simple mechanism. This is a user de
 The applications can't ask the user for these values, so they must be either a pre-configured value (to keep the `app.yaml` and Civo-specific configuration separate) or one of a range of special values that Civo will inject:
 
 <dl>
-  <dt>CIVO:ALPHANUMERIC(num)</dt>
+  <dt>KUBEMART:ALPHANUMERIC(num)</dt>
   <dd>A random string of alphanumeric characters <code>num</code> long</dd>
-  <dt>CIVO:WORDS(num)</dt>
+  <dt>KUBEMART:WORDS(num)</dt>
   <dd>A combination of <code>num</code> random words, separated by <code>-</code> for use as a readable name</dd>
-  <dt>CIVO:CLUSTER_NAME</dt>
+  <dt>KUBEMART:CLUSTER_NAME</dt>
   <dd>The name of your Kubernetes cluster</dd>
-  <dt>CIVO:CLUSTER_ID</dt>
+  <dt>KUBEMART:DOMAIN_NAME</dt>
   <dd>The ID of your Kubernetes cluster (for injecting something.ID.k8s.civo.com as a domain)</dd>
-  <dt>CIVO:EMAIL_ADDRESS</dt>
+  <dt>KUBEMART:EMAIL_ADDRESS</dt>
   <dd>The email address of your Civo account</dd>
-  <dt>CIVO:MASTER_IP</dt>
+  <dt>KUBEMART:MASTER_IP</dt>
   <dd>The public IP address of your Kubernetes cluster's master</dd>
 </dl>
 
-**Note:** For `CIVO:ALPHANUMERIC(num)` and `CIVO:WORDS(num)` you can also suffix `:BASE64` (e.g. `CIVO:ALPHANUMERIC(10):BASE64`) to have Civo automatically encode the random values to Base 64 before inserting them in the templates (but the non-Base 64 version is kept to present to the user as a readable/copyable value).
+**Note:** For `KUBEMART:ALPHANUMERIC(num)` and `KUBEMART:WORDS(num)` you can also suffix `:BASE64` (e.g. `KUBEMART:ALPHANUMERIC(10):BASE64`) to have Civo automatically encode the random values to Base 64 before inserting them in the templates (but the non-Base 64 version is kept to present to the user as a readable/copyable value).
 
 These are specified in the `manifest.yaml` like this:
 
 ```
 configuration:
   ACCESS_KEY:
     label: "Access key"
-    value: "CIVO:ALPHANUMERIC(10)"
+    value: "KUBEMART:ALPHANUMERIC(10)"
 ```
 
 Another way of customizing applications is to provide plans which will be injected in the same way as the values above, but the UI will provide a choice for which plan to install. These are specified in the `manifest.yaml` like this:

argocd/manifest.yaml

@@ -1,5 +1,6 @@
 ---
 name: argo-cd
+namespace: argocd
 title: "Argo CD"
 maintainer: "The Argo Project"
 description: Declarative continuous deployment for Kubernetes

bitwardenrs/app.yaml

@@ -1,3 +1,8 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: bitwardenrs
+---
 apiVersion: cert-manager.io/v1alpha2
 kind: ClusterIssuer
 metadata:
@@ -13,17 +18,18 @@ spec:
       name: letsencrypt-prod-bw
     # Enable the HTTP-01 challenge provider
     solvers:
-    - http01:
-        ingress:
-          class: traefik
+      - http01:
+          ingress:
+            class: traefik
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: bw-pv-claim
+  namespace: bitwardenrs
 spec:
   accessModes:
-  - ReadWriteOnce
+    - ReadWriteOnce
   resources:
     requests:
       storage: $VOLUME_SIZE
@@ -32,6 +38,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: bw-service
+  namespace: bitwardenrs
 spec:
   selector:
     app: bw
@@ -40,10 +47,19 @@ spec:
       port: 80
       targetPort: 80
 ---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: bitwardenrs-database-url
+  namespace: bitwardenrs
+data:
+  DATABASE_URL: dXBkYXRlLXRoaXMtYWZ0ZXItaW5zdGFsbGF0aW9uCg==
+---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: bw
+  namespace: bitwardenrs
   labels:
     app: bw
 spec:
@@ -60,40 +76,43 @@ spec:
     spec:
       containers:
         - name: bw
-          image: bitwardenrs/server-mysql:1.17.0
+          image: bitwardenrs/server-mysql:1.19.0
           imagePullPolicy: IfNotPresent
           ports:
-          - containerPort: 80
-            protocol: TCP
+            - containerPort: 80
+              protocol: TCP
+          env:
+            - name: DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: bitwardenrs-database-url
+                  key: DATABASE_URL
           volumeMounts:
-          - name: bw-persistent-storage
-            mountPath: /data   
-
+            - name: bw-persistent-storage
+              mountPath: /data
 
       volumes:
-      - name: bw-persistent-storage
-        persistentVolumeClaim:
-          claimName: bw-pv-claim            
+        - name: bw-persistent-storage
+          persistentVolumeClaim:
+            claimName: bw-pv-claim
 ---
 apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-prod-bw
-    ingress.kubernetes.io/ssl-redirect: "true"  
+    ingress.kubernetes.io/ssl-redirect: "true"
   name: bw
+  namespace: bitwardenrs
 spec:
   tls:
     - hosts:
-      - bw.$CLUSTER_ID.k8s.civo.com
-      secretName: letsencrypt-prod-bw  
+        - bw.$DOMAIN_NAME
+      secretName: letsencrypt-prod-bw
   rules:
-  - host: bw.$CLUSTER_ID.k8s.civo.com
-    http:
-      paths:
-      - backend:
-          serviceName: bw-service
-          servicePort: 80
-
-
-
+    - host: bw.$DOMAIN_NAME
+      http:
+        paths:
+          - backend:
+              serviceName: bw-service
+              servicePort: 80

bitwardenrs/manifest.yaml

@@ -1,8 +1,9 @@
 ---
 name: Bitwardenrs
-version: 1.17.0
+namespace: bitwardenrs
+version: 1.19.0
 maintainer: keith@hubner.co.uk
-description: Open Source Password Manager (Bitwarden server API implementation written in Rust) 
+description: Open Source Password Manager (Bitwarden server API implementation written in Rust)
 url: https://github.com/dani-garcia/bitwarden_rs
 category: management
 dependencies:
@@ -21,9 +22,9 @@ plans:
       VOLUME_SIZE:
         value: 5Gi
 configuration:
-  CLUSTER_ID:
+  DOMAIN_NAME:
     label: "Cluster ID"
-    value: "CIVO:CLUSTER_ID"
+    value: "KUBEMART:DOMAIN_NAME"
   EMAIL_ADDRESS:
     label: "Email Address"
-    value: "CIVO:EMAIL_ADDRESS"  
+    value: "KUBEMART:EMAIL_ADDRESS"

bitwardenrs/post_install.md

@@ -2,15 +2,12 @@
 
 ### This project is not associated with the Bitwarden project nor 8bit Solutions LLC.
 
-This is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
+This is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients\*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
 
 ### HTTPS
 
 An ingress is automatically created during the application install. A certificate using cert manager and lets-encrypt is also applied automatically and registered against your Civo email address and the generated domain name.
 
 ### Post installation
 
-Once you have installed this app you will be able to connect to the web interface via https://rs.YOUR_CLUSTER_ID.k8s.civo.com
-
-
-
+Once you have installed this app you will be able to connect to the web interface via https://rs.DOMAIN_NAME

cert-manager/manifest.yaml

@@ -1,5 +1,6 @@
 ---
 name: cert-manager
+namespace: cert-manager
 title: "Cert Manager"
 version: v1.3.1
 maintainer: alex@openfaas.com

cert-manager/uninstall.sh

@@ -1,4 +1,3 @@
 #!/bin/bash
 
-# Delete the app
-kubectl delete -f cert-manager.yaml
+kubectl delete -f https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.yaml

docker-registry/app.yaml

@@ -2,7 +2,6 @@ apiVersion: cert-manager.io/v1alpha2
 kind: ClusterIssuer
 metadata:
   name: letsencrypt-prod
-  namespace: default
 spec:
   acme:
     # The ACME server URL
@@ -16,4 +15,4 @@ spec:
     solvers:
     - http01:
         ingress:
-          class: traefik
+          class: traefik

docker-registry/install.sh

@@ -2,10 +2,15 @@
 
 htpasswd -Bbn $REGISTRY_USERNAME $REGISTRY_PASSWD > /tmp/auth
 
-kubectl create secret generic auth-ingress --from-file /tmp/auth
+kubectl create ns docker-registry
+
+kubectl -n docker-registry create secret generic auth-ingress --from-file /tmp/auth
+
+helm repo add stable https://charts.helm.sh/stable
 
-# Update the helm repo
 helm repo update
 
-helm install stable/docker-registry --name private-registry \
-  --namespace default --set persistence.enabled=false
+helm upgrade --install \
+  private-registry stable/docker-registry \
+  --namespace docker-registry \
+  --set persistence.enabled=false

docker-registry/manifest.yaml

@@ -1,19 +1,19 @@
 ---
 name: docker-registry
+namespace: docker-registry
 title: "Docker Registry"
 version: ALPHA
 maintainer: alejandro@civo.com
 description: A registry is a storage and content delivery system, holding named Docker images, available in different tagged versions.
 url:
 dependencies:
-  - Helm
   - cert-manager
   - Traefik
 category: architecture
 configuration:
   REGISTRY_USERNAME:
     label: "Registry username"
-    value: "CIVO:EMAIL_ADDRESS"
+    value: "KUBEMART:EMAIL_ADDRESS"
   REGISTRY_PASSWD:
     label: "Registry password"
-    value: "CIVO:ALPHANUMERIC(10)"
+    value: "KUBEMART:ALPHANUMERIC(10)"

docker-registry/post_install.md

@@ -4,6 +4,7 @@
 
 This will help you to create a valid certificate for your registry, you need apply this YAML file,
 you only need replace only `registry.example.com` by your valid domain
+
 ```yaml
 apiVersion: cert-manager.io/v1alpha2
 kind: Certificate
@@ -57,5 +58,5 @@ spec:
           serviceName: private-registry-docker-registry
           servicePort: 5000
 ```
-You only need replace only `registry.example.com` by your valid domain.
-This will open up http://registry.example.com (assuming you pointed that non-real domain record to your cluster's IPs) to the whole world.
+
+You only need replace only `registry.example.com` by your valid domain. This will open up http://registry.example.com (assuming you pointed that non-real domain record to your cluster's IPs) to the whole world.

docker-registry/uninstall.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+helm --namespace docker-registry delete private-registry

dynamic-pv-scaler/app.yaml

@@ -1,8 +1,13 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: dynamic-pv-scaler
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: dynamic-pv-scaler
+  namespace: dynamic-pv-scaler
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
@@ -30,6 +35,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: dynamic-pv-scaler
+  namespace: dynamic-pv-scaler
   labels:
     app: dynamic-pv-scaler
 spec:

dynamic-pv-scaler/manifest.yaml

@@ -1,5 +1,6 @@
 ---
 name: dynamic-pv-scaler
+namespace: dynamic-pv-scaler
 title: Dynamic PV Scaler
 version: 0.1.0
 dependencies:

dynamic-pv-scaler/post-install.md

@@ -11,6 +11,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: dynamic-pv-scaler-config
+  namespace: dynamic-pv-scaler
   labels:
     name: dynamic-pv-scaler-config
     app: dynamic-pv-scaler-config

ghost/app.yaml

@@ -43,7 +43,7 @@ spec:
               protocol: TCP
           env:
             - name: url
-              value: http://ghost.$CLUSTER_ID.k8s.civo.com
+              value: http://ghost.$DOMAIN_NAME
           livenessProbe:
             httpGet:
               port: ghost-blog
@@ -87,9 +87,9 @@ metadata:
   namespace: ghost
 spec:
   rules:
-  - host: ghost.$CLUSTER_ID.k8s.civo.com
-    http:
-      paths:
-      - backend:
-          serviceName: ghost-blog
-          servicePort: 80
+    - host: ghost.$DOMAIN_NAME
+      http:
+        paths:
+          - backend:
+              serviceName: ghost-blog
+              servicePort: 80