feat: wip blocked until we have envs

Signed-off-by: Alex Jones <alexsimonjones@gmail.com>
2025-04-27 11:11:31 +00:00 · 2023-04-15 12:08:43 +01:00 · 2023-04-15 12:08:43 +01:00 · fe2c08cf72
commit fe2c08cf72
parent 51b1b352ac
8 changed files with 155 additions and 0 deletions
--- a/.DS_Store
+++ b/.DS_Store
--- a/container/manifests/deployment.yaml
+++ b/container/manifests/deployment.yaml
@ -0,0 +1,35 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: k8sgpt-deployment
+  labels:
+    app: k8sgpt
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: k8sgpt
+  template:
+    metadata:
+      labels:
+        app: k8sgpt
+    spec:
+      containers:
+      - name: k8sgpt-container
+        image: ghcr.io/k8sgpt-ai/k8sgpt:v0.2.2
+        ports:
+        - containerPort: 8080
+        args: ["serve"]
+        resources:
+          limits:
+            cpu: "1"
+            memory: "512Mi"
+          requests:
+            cpu: "0.5"
+            memory: "256Mi"
+        env:
+        - name: AI_BACKEND_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: ai-backend-secret
+              key: secret-key
--- a/container/manifests/role.yaml
+++ b/container/manifests/role.yaml
@ -0,0 +1,78 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: k8sgpt-cluster-role
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  - nodes
+  - persistentvolumeclaims
+  - namespaces
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - extensions
+  - apps
+  resources:
+  - deployments
+  - replicasets
+  - statefulsets
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - autoscaling
+  resources:
+  - horizontalpodautoscalers
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - networking.k8s.io
+  resources:
+  - networkpolicies
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - services
+  - endpoints
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - batch
+  resources:
+  - jobs
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - batch
+  - extensions
+  - batch.openshift.io
+  resources:
+  - cronjobs
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - get
+  - list
+  - watch
--- a/container/manifests/secret.yaml
+++ b/container/manifests/secret.yaml
@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: ai-backend-secret
+type: Opaque
+data:
+  secret-key: <base64-encoded value of the secret>
--- a/container/manifests/service.yaml
+++ b/container/manifests/service.yaml
@ -0,0 +1,24 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: k8sgpt-service
+spec:
+  selector:
+    app: k8sgpt
+  ports:
+    - name: http
+      port: 8080
+      targetPort: 8080
+  type: ClusterIP
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: k8sgpt-rolebinding
+subjects:
+- kind: ServiceAccount
+  name: k8sgpt
+roleRef:
+  kind: ClusterRole
+  name: k8sgpt-cluster-role
+  apiGroup: rbac.authorization.k8s.io
--- a/11
+++ b/11
@ -0,0 +1,11 @@
+. demo-magic.sh
+clear
+
+pe "k8sgpt filter list"
+pe "k8sgpt analyze --filter=Pod --explain -o json | jq ."
+pe "k8sgpt integration list"
+pe "k8sgpt integration activate trivy"
+pe "k8sgpt filter list"
+pe "k8sgpt analyze --filter=VulnerabilityReport"
+pe "./k8sgpt analyze --filter=Node --explain"
+
--- a/images/demo5.gif
+++ b/images/demo5.gif
--- a/images/nodes.gif
+++ b/images/nodes.gif