fix(k8s): persist Caddy TLS certificates with PVC #981
Closed
AFDudley
wants to merge 4 commits from
caddy-pvc-persistence into main
pull from: caddy-pvc-persistence
merge into: cerc-io:main
cerc-io:main
cerc-io:fix-etcd-drop-stale-acme
cerc-io:multi-http-proxy
cerc-io:fix-sidecar-localhost
cerc-io:feat-namespace-per-deployment
cerc-io:fix-down-cleanup-by-label
cerc-io:fix-kind-relative-volume-paths
cerc-io:fix-init-volumes-merge
cerc-io:roysc/deployment-create-sync
cerc-io:multi-port-service
cerc-io:helm-charts-with-caddy
cerc-io:afd
cerc-io:feat/trashscan-explorer-stack
cerc-io:helm-charts-support
cerc-io:vaasl-deploy
cerc-io:roysc/deploy-create-extra-args
cerc-io:zach/atom-payments
cerc-io:zramsay-patch-1
cerc-io:roysc/deploy-create-pass-cluster
cerc-io:zach/update-url
cerc-io:telackey/defaultplatform
cerc-io:telackey/924
cerc-io:telackey/laconicdv1
cerc-io:zach/pin-cli-version
cerc-io:telackey/wagit
cerc-io:add-vega-stack
cerc-io:blast-stack
cerc-io:lotus-stack
cerc-io:roysc/fix-eth-stacks
cerc-io:telackey/na
cerc-io:telackey/fqdn
cerc-io:zach/snowdocs
cerc-io:zach/fixturenet-2d
cerc-io:telackey/wild
cerc-io:dboreham/mobymask-v3-demo-test
cerc-io:zach/fix-for-mars
cerc-io:ci-test
cerc-io:optimism-fix
cerc-io:telackey/envsubst
cerc-io:dboreham/laconicd-k8s
cerc-io:zach/birbit
cerc-io:osmosis
cerc-io:iskay/update-optimism
cerc-io:iskay/plugeth-test-update
cerc-io:iskay/fixturenet-payments-test
cerc-io:iskay/fixturenet-laconicd-test
cerc-io:iskay/fixturenet-eth-test
cerc-io:new-gitea-test
cerc-io:erc20-fix
cerc-io:update-uniswap
cerc-io:tel/1.20
cerc-io:telackey/systest
cerc-io:ng-deny-multiaddr
cerc-io:publish-test
cerc-io:telackey/datanet
4 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
A. F. Dudley
|
1473c5ec4d |
Revert local k8s helpers changes
Some checks failed
Lint Checks / Run linter (pull_request) Successful in 16s
Lint Checks / Run linter (push) Successful in 16s
K8s Deployment Control Test / Run deployment control suite on kind/k8s (pull_request) Failing after 42s
K8s Deploy Test / Run deploy test suite on kind/k8s (pull_request) Failing after 1m43s
Deploy Test / Run deploy test suite (pull_request) Successful in 2m14s
External Stack Test / Run external stack test suite (push) Failing after 2m16s
Database Test / Run database hosting test on kind/k8s (push) Failing after 3m6s
Webapp Test / Run webapp test suite (pull_request) Successful in 3m45s
Smoke Test / Run basic test suite (pull_request) Successful in 3m45s
The hostPath support fix was merged via Roy's PR #984. Reverting local changes to sync with upstream main. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> |
||
|
A. F. Dudley
|
d31f76eb5a |
Add etcd + PKI extraMounts for offline data recovery
Mount /var/lib/etcd and /etc/kubernetes/pki to host filesystem
so cluster state is preserved for offline recovery. Each deployment
gets its own backup directory keyed by deployment ID.
Directory structure:
data/cluster-backups/{deployment_id}/etcd/
data/cluster-backups/{deployment_id}/pki/
This enables extracting secrets from etcd backups using etcdctl
with the preserved PKI certificates.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
||
|
A. F. Dudley
|
21d0975e71 |
feat(k8s): support acme-email config for Caddy ingress
Adds support for configuring ACME email for Let's Encrypt certificates in kind deployments. The email can be specified in the spec under network.acme-email and will be used to configure the Caddy ingress controller ConfigMap. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> |
||
|
A. F. Dudley
|
411e777980 |
fix(deploy): merge volumes from stack init() instead of overwriting
Previously, volumes defined in a stack's commands.py init() function were being overwritten by volumes discovered from compose files. This prevented stacks from adding infrastructure volumes like caddy-data that aren't defined in the compose files. Now volumes are merged, with init() volumes taking precedence over compose-discovered defaults. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> |