Added storage provisioner

chart/templates/deployment.yaml

@@ -33,14 +33,6 @@ spec:
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
-          volumeMounts:
-            - name: data-volumes
-              mountPath: {{ .Values.storage.path }}
-      volumes:
-        - name: data-volumes
-          hostPath:
-            path: {{ .Values.storage.path }}
-            type: DirectoryOrCreate
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

chart/values.yaml

@@ -9,11 +9,8 @@ image:
   tag: main
 
 imagePullSecrets: []
-nameOverride: ''
+nameOverride: ""
-fullnameOverride: ''
+fullnameOverride: ""
-
-storage:
-  path: /data/volumes
 
 serviceAccount:
   # Specifies whether a service account should be created
@@ -22,7 +19,7 @@ serviceAccount:
   annotations: {}
   # The name of the service account to use.
   # If not set and create is true, a name is generated using the fullname template
-  name: ''
+  name: ""
 
 podAnnotations: {}
 
@@ -53,4 +50,4 @@ nodeSelector: {}
 
 tolerations: []
 
-affinity: {}
+affinity: {}

scripts/list-manifests.ts

@@ -1,15 +0,0 @@
-#!/usr/bin/env node
-
-import { K8sService } from '../src/services/k8s/k8s.ts';
-import { Services } from '../src/utils/service.ts';
-
-const services = new Services();
-const k8s = services.get(K8sService);
-
-const manifests = await k8s.extensionsApi.listCustomResourceDefinition();
-
-for (const manifest of manifests.items) {
-  for (const version of manifest.spec.versions) {
-    console.log(`group: ${manifest.spec.group}, plural: ${manifest.spec.names.plural}, version: ${version.name}`);
-  }
-}

src/custom-resouces/generate-secret/generate-secret.resource.ts

@@ -37,8 +37,8 @@ class GenerateSecretResource extends CustomResource<typeof generateSecretSpecSch
     const current = decodeSecret(this.#secretResource.data) || {};
 
     const expected = {
-      ...secrets,
       ...current,
+      ...secrets,
     };
 
     if (!isDeepSubset(current, expected)) {

src/custom-resouces/postgres-database/portgres-database.schemas.ts

@@ -9,7 +9,6 @@ const postgresDatabaseSecretSchema = z.object({
   port: z.string(),
   user: z.string(),
   password: z.string(),
-  database: z.string().optional(),
 });
 
 const postgresDatabaseConnectionSecretSchema = z.object({

src/custom-resouces/postgres-database/postgres-database.resource.ts

@@ -95,7 +95,6 @@ class PostgresDatabaseResource extends CustomResource<typeof postgresDatabaseSpe
       port: serverSecretData.data.port,
       user: this.#userName,
       database: this.#dbName,
-      ...databaseSecretData.data,
     };
 
     if (!isDeepSubset(databaseSecretData.data, expectedSecret)) {
@@ -133,7 +132,7 @@ class PostgresDatabaseResource extends CustomResource<typeof postgresDatabaseSpe
       };
     }
 
-    const secretData = postgresDatabaseConnectionSecretSchema.safeParse(decodeSecret(this.#databaseSecret.data));
+    const secretData = postgresDatabaseConnectionSecretSchema.safeParse(decodeSecret(this.#serverSecret.current?.data));
     if (!secretData.success || !secretData.data) {
       return {
         ready: false,
@@ -146,7 +145,6 @@ class PostgresDatabaseResource extends CustomResource<typeof postgresDatabaseSpe
     const database = postgresService.get({
       ...connectionSecretData.data,
       port: connectionSecretData.data.port ? Number(connectionSecretData.data.port) : 5432,
-      database: connectionSecretData.data.database,
     });
     await database.upsertRole({
       name: secretData.data.user,
@@ -168,8 +166,8 @@ class PostgresDatabaseResource extends CustomResource<typeof postgresDatabaseSpe
     }
     this.#updateSecret();
     await Promise.allSettled([
-      this.reconcileSubresource(DATABASE_READY_CONDITION, this.#reconcileDatabase),
+      await this.reconcileSubresource(DATABASE_READY_CONDITION, this.#reconcileDatabase),
-      this.reconcileSubresource(SECRET_READY_CONDITION, this.#reconcileSecret),
+      await this.reconcileSubresource(SECRET_READY_CONDITION, this.#reconcileSecret),
     ]);
 
     const secretReady = this.conditions.get(SECRET_READY_CONDITION)?.status === 'True';

src/services/postgres/postgres.instance.ts

@@ -10,7 +10,6 @@ type PostgresInstanceOptions = {
   port?: number;
   user: string;
   password: string;
-  database?: string;
 };
 
 class PostgresInstance {
@@ -24,7 +23,6 @@ class PostgresInstance {
         user: process.env.FORCE_PG_USER ?? options.user,
         password: process.env.FORCE_PG_PASSWORD ?? options.password,
         port: process.env.FORCE_PG_PORT ? parseInt(process.env.FORCE_PG_PORT) : options.port,
-        database: options.database,
       },
     });
   }

src/storage-provider/storage-provider.ts

@@ -7,6 +7,7 @@ import type { Services } from '../utils/service.ts';
 import { ResourceService, type Resource } from '../services/resources/resources.ts';
 
 const PROVISIONER = 'reuse-local-path-provisioner';
+const LABEL_SELECTOR = `provisioner=${PROVISIONER}`;
 
 class StorageProvider {
   #watcher: Watcher<V1PersistentVolumeClaim>;
@@ -16,36 +17,26 @@ class StorageProvider {
     this.#services = services;
     const watchService = this.#services.get(WatcherService);
     this.#watcher = watchService.create({
-      path: '/api/v1/persistentvolumeclaims',
+      path: '/api/v1/persistantvolumeclaims',
-      transform: (manifest) => ({
+      list: (k8s) =>
-        apiVersion: 'v1',
+        k8s.api.listPersistentVolumeClaimForAllNamespaces({
-        kind: 'PersistentVolumeClaim',
+          labelSelector: LABEL_SELECTOR,
-        ...manifest,
+        }),
-      }),
-      list: async (k8s) => {
-        const current = await k8s.api.listPersistentVolumeClaimForAllNamespaces();
-        return current;
-      },
       verbs: ['add', 'update', 'delete'],
+      selector: LABEL_SELECTOR,
     });
     this.#watcher.on('changed', this.#handleChange);
   }
 
   #handleChange = async (pvc: Resource<V1PersistentVolumeClaim>) => {
-    if (pvc.metadata?.annotations?.['volume.kubernetes.io/storage-provisioner'] !== PROVISIONER) {
-      return;
-    }
     const target = `/data/volumes/${pvc.namespace}/${pvc.name}`;
-    try {
+    await mkdir(target, { recursive: true });
-      await mkdir(target, { recursive: true });
-    } catch (err) {
-      console.error(err);
-    }
     const resourceService = this.#services.get(ResourceService);
     const pv = resourceService.get<V1PersistentVolume>({
       apiVersion: 'v1',
-      kind: 'PersistentVolume',
+      kind: 'PersistantVolume',
-      name: `${pvc.namespace}-${pvc.name}`,
+      name: pvc.name,
+      namespace: pvc.namespace,
     });
     await pv.load();
     await pv.patch({
@@ -59,7 +50,7 @@ class StorageProvider {
           path: target,
         },
         capacity: {
-          storage: pvc.spec?.resources?.requests?.storage ?? '1Gi',
+          storage: pvc.spec?.resources?.requests?.storage ?? '1GB',
         },
         persistentVolumeReclaimPolicy: 'Retain',
         accessModes: pvc.spec?.accessModes,