├── .gitignore
├── LICENSE.md
├── README.md
├── docs
    ├── 404.html
    ├── advanced-resources
    │   └── index.html
    ├── assets
    │   ├── images
    │   │   └── favicon.png
    │   ├── javascripts
    │   │   ├── bundle.078830c0.min.js
    │   │   ├── bundle.078830c0.min.js.map
    │   │   ├── lunr
    │   │   │   ├── min
    │   │   │   │   ├── lunr.ar.min.js
    │   │   │   │   ├── lunr.da.min.js
    │   │   │   │   ├── lunr.de.min.js
    │   │   │   │   ├── lunr.du.min.js
    │   │   │   │   ├── lunr.es.min.js
    │   │   │   │   ├── lunr.fi.min.js
    │   │   │   │   ├── lunr.fr.min.js
    │   │   │   │   ├── lunr.hi.min.js
    │   │   │   │   ├── lunr.hu.min.js
    │   │   │   │   ├── lunr.it.min.js
    │   │   │   │   ├── lunr.ja.min.js
    │   │   │   │   ├── lunr.jp.min.js
    │   │   │   │   ├── lunr.multi.min.js
    │   │   │   │   ├── lunr.nl.min.js
    │   │   │   │   ├── lunr.no.min.js
    │   │   │   │   ├── lunr.pt.min.js
    │   │   │   │   ├── lunr.ro.min.js
    │   │   │   │   ├── lunr.ru.min.js
    │   │   │   │   ├── lunr.stemmer.support.min.js
    │   │   │   │   ├── lunr.sv.min.js
    │   │   │   │   ├── lunr.th.min.js
    │   │   │   │   ├── lunr.tr.min.js
    │   │   │   │   ├── lunr.vi.min.js
    │   │   │   │   └── lunr.zh.min.js
    │   │   │   ├── tinyseg.js
    │   │   │   └── wordcut.js
    │   │   └── workers
    │   │   │   ├── search.5bf1dace.min.js
    │   │   │   └── search.5bf1dace.min.js.map
    │   └── stylesheets
    │   │   ├── main.20d9efc8.min.css
    │   │   ├── main.20d9efc8.min.css.map
    │   │   ├── palette.cbb835fc.min.css
    │   │   └── palette.cbb835fc.min.css.map
    ├── getting-started
    │   └── index.html
    ├── img
    │   ├── anatomy.png
    │   ├── cli.png
    │   ├── example_yaml.png
    │   ├── gateway.png
    │   ├── getting-started
    │   │   └── hello-world.png
    │   ├── installation
    │   │   ├── account.png
    │   │   ├── certmanager.png
    │   │   ├── dependencies.png
    │   │   ├── ftp.png
    │   │   ├── ip.png
    │   │   ├── registry.png
    │   │   ├── selfsigned.png
    │   │   └── storage.png
    │   ├── keycloak
    │   │   ├── auth_deploy.png
    │   │   ├── auth_kubectl.png
    │   │   ├── client_roles.png
    │   │   └── flow_overview.png
    │   ├── mdos.png
    │   ├── mdosyaml.png
    │   ├── networkPolicies
    │   │   └── custom.png
    │   ├── oidc.png
    │   ├── overview.png
    │   ├── setup
    │   │   ├── cli.png
    │   │   ├── cloudflare.png
    │   │   └── cloudflare_api.png
    │   └── volume-sync.png
    ├── index.html
    ├── installation
    │   └── index.html
    ├── reference-documentation
    │   └── index.html
    ├── search
    │   └── search_index.json
    ├── sitemap.xml
    ├── sitemap.xml.gz
    └── stylesheets
    │   └── extra.css
├── mdos-api
    ├── .dockerignore
    ├── .editorconfig
    ├── .env.tmpl
    ├── .gitignore
    ├── .prettierrc.json
    ├── Dockerfile
    ├── config
    │   ├── default.json
    │   ├── production.json
    │   └── test.json
    ├── infra
    │   ├── build.sh
    │   ├── dep
    │   │   ├── helm
    │   │   │   └── helm
    │   │   └── kubectl
    │   │   │   └── kubectl
    │   └── values.yaml
    ├── package-lock.json
    ├── package.json
    ├── public
    │   ├── favicon.ico
    │   └── index.html
    ├── src
    │   ├── app.hooks.js
    │   ├── app.js
    │   ├── assets
    │   │   └── jwt.html
    │   ├── authentication.js
    │   ├── channels.js
    │   ├── index.js
    │   ├── libs
    │   │   ├── constants.js
    │   │   ├── errorUtils.js
    │   │   └── terminal.js
    │   ├── logger.js
    │   ├── middleware
    │   │   ├── _rbacTemplates.json
    │   │   ├── brokerChannels.js
    │   │   ├── brokerClient.js
    │   │   ├── certificates.js
    │   │   ├── ftpServer.js
    │   │   ├── gateways.js
    │   │   ├── index.js
    │   │   ├── keycloak.js
    │   │   ├── kube.js
    │   │   ├── kubeBase.js
    │   │   ├── kubeBaseConstants.js
    │   │   ├── schemaValidator
    │   │   │   ├── index.js
    │   │   │   └── v1.js
    │   │   ├── socket.js
    │   │   └── subscriptionManager.js
    │   ├── routes
    │   │   └── oidcCookie.js
    │   ├── services
    │   │   ├── _hooks
    │   │   │   ├── aclAfterfindFilters.js
    │   │   │   ├── aclCreate.js
    │   │   │   ├── aclDelete.js
    │   │   │   ├── aclMdos.js
    │   │   │   ├── isAuthenticated.js
    │   │   │   └── versionCheck.js
    │   │   ├── common.class.core.js
    │   │   ├── index.js
    │   │   ├── keycloak
    │   │   │   ├── keycloak.class.core.js
    │   │   │   ├── keycloak.class.js
    │   │   │   ├── keycloak.hooks.js
    │   │   │   └── keycloak.service.js
    │   │   ├── kube
    │   │   │   ├── kube.class.core.js
    │   │   │   ├── kube.class.js
    │   │   │   ├── kube.hooks.js
    │   │   │   └── kube.service.js
    │   │   ├── logout
    │   │   │   ├── logout.class.js
    │   │   │   ├── logout.hooks.js
    │   │   │   └── logout.service.js
    │   │   ├── mdos
    │   │   │   ├── mdos.class.core.js
    │   │   │   ├── mdos.class.js
    │   │   │   ├── mdos.hooks.js
    │   │   │   └── mdos.service.js
    │   │   ├── oidc-provider
    │   │   │   ├── oidc-provider.class.core.js
    │   │   │   ├── oidc-provider.class.js
    │   │   │   ├── oidc-provider.hooks.js
    │   │   │   └── oidc-provider.service.js
    │   │   ├── reg-authentication
    │   │   │   ├── reg-authentication.class.js
    │   │   │   ├── reg-authentication.hooks.js
    │   │   │   └── reg-authentication.service.js
    │   │   ├── reg-authorization
    │   │   │   ├── reg-authorization.class.js
    │   │   │   ├── reg-authorization.hooks.js
    │   │   │   └── reg-authorization.service.js
    │   │   ├── schema-validator
    │   │   │   ├── schema-validator.class.js
    │   │   │   ├── schema-validator.hooks.js
    │   │   │   └── schema-validator.service.js
    │   │   └── token-introspect
    │   │   │   ├── token-introspect.class.js
    │   │   │   ├── token-introspect.hooks.js
    │   │   │   └── token-introspect.service.js
    │   ├── tools
    │   │   └── roleParser
    │   │   │   └── index.js
    │   └── workers
    │   │   ├── ftpdJobWorker.js
    │   │   ├── k3sJobWorker.js
    │   │   ├── kcJobWorker.js
    │   │   └── workerBase.js
    └── test
    │   ├── app.test.js
    │   └── services
    │       ├── direct-login.test.js
    │       ├── events.test.js
    │       ├── keycloak.test.js
    │       ├── kube.test.js
    │       ├── logout.test.js
    │       ├── mdos.test.js
    │       ├── oidc-provider.test.js
    │       ├── reg-authentication.test.js
    │       ├── reg-authorization.test.js
    │       ├── schema-validator.test.js
    │       └── token-introspect.test.js
├── mdos-broker
    ├── .editorconfig
    ├── .env.tmpl
    ├── .eslintrc.json
    ├── .gitignore
    ├── Dockerfile
    ├── README.md
    ├── config
    │   ├── default.json
    │   ├── production.json
    │   └── test.json
    ├── infra
    │   └── build.sh
    ├── package-lock.json
    ├── package.json
    ├── public
    │   ├── favicon.ico
    │   └── index.html
    ├── src
    │   ├── app.hooks.js
    │   ├── app.js
    │   ├── channels.js
    │   ├── index.js
    │   ├── logger.js
    │   ├── middleware
    │   │   ├── brokerServer.js
    │   │   ├── brokerServerBase.js
    │   │   └── index.js
    │   ├── models
    │   │   └── events.model.js
    │   ├── sequelize.js
    │   └── services
    │   │   ├── events
    │   │       ├── events.class.js
    │   │       ├── events.hooks.js
    │   │       └── events.service.js
    │   │   └── index.js
    └── test
    │   ├── app.test.js
    │   └── services
    │       └── events.test.js
├── mdos-cli
    ├── .circleci
    │   └── config.yml
    ├── .eslintignore
    ├── .eslintrc_old
    ├── .github
    │   └── dependabot.yml
    ├── .gitignore
    ├── .mocharc.json
    ├── .prettierrc.json
    ├── LICENSE
    ├── README.md
    ├── bin
    │   ├── dev
    │   ├── dev.cmd
    │   ├── run
    │   └── run.cmd
    ├── infra
    │   └── install-linux-mac.sh
    ├── package.json
    ├── src
    │   ├── base.ts
    │   ├── commands
    │   │   ├── application
    │   │   │   ├── delete.ts
    │   │   │   ├── deploy.ts
    │   │   │   ├── list.ts
    │   │   │   └── protect.ts
    │   │   ├── auth
    │   │   │   ├── tenant
    │   │   │   │   ├── create-role.ts
    │   │   │   │   ├── delete-role.ts
    │   │   │   │   └── list-roles.ts
    │   │   │   └── user
    │   │   │   │   ├── add-role.ts
    │   │   │   │   ├── create.ts
    │   │   │   │   ├── delete.ts
    │   │   │   │   ├── list-roles.ts
    │   │   │   │   ├── list.ts
    │   │   │   │   └── remove-role.ts
    │   │   ├── cm
    │   │   │   ├── cert
    │   │   │   │   ├── create.ts
    │   │   │   │   ├── delete.ts
    │   │   │   │   └── list.ts
    │   │   │   └── issuer
    │   │   │   │   ├── create.ts
    │   │   │   │   ├── delete.ts
    │   │   │   │   └── list.ts
    │   │   ├── configure
    │   │   │   └── api-endpoint.ts
    │   │   ├── generate
    │   │   │   ├── application.ts
    │   │   │   ├── component.ts
    │   │   │   ├── config.ts
    │   │   │   ├── ingress.ts
    │   │   │   ├── secret.ts
    │   │   │   ├── service.ts
    │   │   │   └── volume.ts
    │   │   ├── ingress-gateway
    │   │   │   ├── add.ts
    │   │   │   ├── list.ts
    │   │   │   └── remove.ts
    │   │   ├── install-framework.ts
    │   │   ├── login.ts
    │   │   ├── logout.ts
    │   │   ├── namespace
    │   │   │   ├── create.ts
    │   │   │   ├── delete.ts
    │   │   │   └── list.ts
    │   │   ├── oidc
    │   │   │   └── provider
    │   │   │   │   ├── add.ts
    │   │   │   │   ├── list.ts
    │   │   │   │   └── remove.ts
    │   │   ├── secret
    │   │   │   └── create.ts
    │   │   ├── set-kubeconfig.ts
    │   │   ├── shared-volume
    │   │   │   ├── create.ts
    │   │   │   ├── delete.ts
    │   │   │   └── list.ts
    │   │   ├── status.ts
    │   │   └── user
    │   │   │   └── change-password.ts
    │   ├── hooks
    │   │   └── command_incomplete.ts
    │   ├── index.ts
    │   └── lib
    │   │   ├── socket.js
    │   │   ├── terminal.js
    │   │   └── tools.js
    ├── test
    │   ├── commands
    │   │   ├── add-ingress.test.ts
    │   │   ├── add-role.test.ts
    │   │   ├── add-volume.test.ts
    │   │   ├── add.test.ts
    │   │   ├── application.test.ts
    │   │   ├── build.test.ts
    │   │   ├── component.test.ts
    │   │   ├── create-role.test.ts
    │   │   ├── create.test.ts
    │   │   ├── declare-port.test.ts
    │   │   ├── delete-role.test.ts
    │   │   ├── delete.test.ts
    │   │   ├── deploy.test.ts
    │   │   ├── expose-port.test.ts
    │   │   ├── hello
    │   │   │   ├── index.test.ts
    │   │   │   └── world.test.ts
    │   │   ├── install.test.ts
    │   │   ├── list-role.test.ts
    │   │   ├── list-roles.test.ts
    │   │   ├── list.test.ts
    │   │   ├── protect-app.test.ts
    │   │   ├── push.test.ts
    │   │   ├── remove-role.test.ts
    │   │   ├── remove-roll.test.ts
    │   │   ├── remove.test.ts
    │   │   ├── use-config.test.ts
    │   │   ├── use-secret.test.ts
    │   │   └── user.test.ts
    │   ├── helpers
    │   │   └── init.js
    │   └── tsconfig.json
    └── tsconfig.json
├── mdos-docs
    ├── draw.io
    │   └── architecture.drawio
    └── infra
    │   ├── build-deploy.sh
    │   ├── mdos.yaml
    │   ├── mkdocs
    │       ├── Dockerfile
    │       ├── cinder
    │       │   ├── 404.html
    │       │   ├── __init__.py
    │       │   ├── base.html
    │       │   ├── content.html
    │       │   ├── css
    │       │   │   ├── base.css
    │       │   │   ├── base.min.css
    │       │   │   ├── bootstrap-custom.css
    │       │   │   ├── bootstrap-custom.min.css
    │       │   │   ├── cinder.css
    │       │   │   ├── cinder.min.css
    │       │   │   ├── highlight.css
    │       │   │   └── highlight.min.css
    │       │   ├── fonts
    │       │   │   ├── fontawesome-webfont.eot
    │       │   │   ├── fontawesome-webfont.svg
    │       │   │   ├── fontawesome-webfont.ttf
    │       │   │   └── fontawesome-webfont.woff
    │       │   ├── img
    │       │   │   ├── favicon.ico
    │       │   │   ├── grid1.png
    │       │   │   ├── grid10.png
    │       │   │   ├── grid11.png
    │       │   │   ├── grid12.png
    │       │   │   ├── grid13.png
    │       │   │   ├── grid14.png
    │       │   │   ├── grid15.png
    │       │   │   ├── grid16.png
    │       │   │   ├── grid17.png
    │       │   │   ├── grid18.png
    │       │   │   ├── grid19.png
    │       │   │   ├── grid2.png
    │       │   │   ├── grid20.png
    │       │   │   ├── grid3.png
    │       │   │   ├── grid4.png
    │       │   │   ├── grid5.png
    │       │   │   ├── grid6.png
    │       │   │   ├── grid7.png
    │       │   │   ├── grid8.png
    │       │   │   └── grid9.png
    │       │   ├── js
    │       │   │   ├── base.js
    │       │   │   └── bootstrap-3.0.3.min.js
    │       │   ├── keyboard-modal.html
    │       │   ├── main.html
    │       │   ├── mkdocs_theme.yml
    │       │   ├── nav-sub.html
    │       │   ├── nav.html
    │       │   ├── search-modal.html
    │       │   └── toc.html
    │       ├── docs
    │       │   ├── advanced-resources.md
    │       │   ├── getting-started.md
    │       │   ├── img
    │       │   │   ├── anatomy.png
    │       │   │   ├── cli.png
    │       │   │   ├── example_yaml.png
    │       │   │   ├── gateway.png
    │       │   │   ├── getting-started
    │       │   │   │   └── hello-world.png
    │       │   │   ├── installation
    │       │   │   │   ├── account.png
    │       │   │   │   ├── certmanager.png
    │       │   │   │   ├── dependencies.png
    │       │   │   │   ├── ftp.png
    │       │   │   │   ├── ip.png
    │       │   │   │   ├── registry.png
    │       │   │   │   ├── selfsigned.png
    │       │   │   │   └── storage.png
    │       │   │   ├── keycloak
    │       │   │   │   ├── auth_deploy.png
    │       │   │   │   ├── auth_kubectl.png
    │       │   │   │   ├── client_roles.png
    │       │   │   │   └── flow_overview.png
    │       │   │   ├── mdos.png
    │       │   │   ├── mdosyaml.png
    │       │   │   ├── networkPolicies
    │       │   │   │   └── custom.png
    │       │   │   ├── oidc.png
    │       │   │   ├── overview.png
    │       │   │   ├── setup
    │       │   │   │   ├── cli.png
    │       │   │   │   ├── cloudflare.png
    │       │   │   │   └── cloudflare_api.png
    │       │   │   └── volume-sync.png
    │       │   ├── index.md
    │       │   ├── installation.md
    │       │   ├── reference-documentation.md
    │       │   └── stylesheets
    │       │   │   └── extra.css
    │       └── mkdocs.yml
    │   └── volumes
    │       └── README.md
├── mdos-ftp
    ├── .editorconfig
    ├── .env.tmpl
    ├── .eslintrc.json
    ├── Dockerfile
    ├── README.md
    ├── config
    │   ├── default.json
    │   ├── production.json
    │   └── test.json
    ├── infra
    │   └── build.sh
    ├── mdos_ftp.sqlite
    ├── package-lock.json
    ├── package.json
    ├── public
    │   ├── favicon.ico
    │   └── index.html
    ├── src
    │   ├── app.hooks.js
    │   ├── app.js
    │   ├── authentication.js
    │   ├── channels.js
    │   ├── index.js
    │   ├── libs
    │   │   └── terminal.js
    │   ├── logger.js
    │   ├── middleware
    │   │   ├── index.js
    │   │   ├── pureftpDaemon.js
    │   │   └── sequelizeInit.js
    │   ├── models
    │   │   └── users.model.js
    │   ├── sequelize.js
    │   └── services
    │   │   ├── credentials
    │   │       ├── credentials.class.js
    │   │       ├── credentials.hooks.js
    │   │       └── credentials.service.js
    │   │   ├── index.js
    │   │   └── users
    │   │       ├── users.class.js
    │   │       ├── users.hooks.js
    │   │       └── users.service.js
    └── test
    │   ├── app.test.js
    │   ├── authentication.test.js
    │   └── services
    │       ├── credentials.test.js
    │       └── users.test.js
└── mdos-setup
    ├── README.md
    ├── dep
        ├── cert-manager
        │   ├── cloudflare-issuer.yaml
        │   └── freenom-cluster-issuer.yaml
        ├── code-server
        │   ├── Dockerfile
        │   ├── code-server-nginx.tar
        │   └── nginx.conf
        ├── helm
        │   └── helm.tar.gz
        ├── images
        │   ├── cert-job-manager
        │   │   ├── Dockerfile
        │   │   └── build.sh
        │   └── docker-mirror-lftp
        │   │   ├── Dockerfile
        │   │   ├── build.sh
        │   │   ├── mirror.sh
        │   │   ├── r-mirror.sh
        │   │   └── waitForDeployment.sh
        ├── istio_helm
        │   ├── README.md
        │   ├── UPDATING-CHARTS.md
        │   ├── base
        │   │   ├── Chart.yaml
        │   │   ├── README.md
        │   │   ├── crds
        │   │   │   ├── crd-all.gen.yaml
        │   │   │   └── crd-operator.yaml
        │   │   ├── files
        │   │   │   └── gen-istio-cluster.yaml
        │   │   ├── kustomization.yaml
        │   │   ├── templates
        │   │   │   ├── NOTES.txt
        │   │   │   ├── clusterrole.yaml
        │   │   │   ├── clusterrolebinding.yaml
        │   │   │   ├── crds.yaml
        │   │   │   ├── default.yaml
        │   │   │   ├── endpoints.yaml
        │   │   │   ├── reader-serviceaccount.yaml
        │   │   │   ├── role.yaml
        │   │   │   ├── rolebinding.yaml
        │   │   │   ├── serviceaccount.yaml
        │   │   │   └── services.yaml
        │   │   └── values.yaml
        │   ├── default
        │   │   ├── Chart.yaml
        │   │   ├── templates
        │   │   │   ├── mutatingwebhook.yaml
        │   │   │   └── validatingwebhook.yaml
        │   │   └── values.yaml
        │   ├── gateway
        │   │   ├── Chart.yaml
        │   │   ├── README.md
        │   │   ├── templates
        │   │   │   ├── NOTES.txt
        │   │   │   ├── _helpers.tpl
        │   │   │   ├── deployment.yaml
        │   │   │   ├── hpa.yaml
        │   │   │   ├── role.yaml
        │   │   │   ├── service.yaml
        │   │   │   └── serviceaccount.yaml
        │   │   ├── values.schema.json
        │   │   └── values.yaml
        │   ├── gateways
        │   │   ├── istio-egress
        │   │   │   ├── Chart.yaml
        │   │   │   ├── NOTES.txt
        │   │   │   ├── templates
        │   │   │   │   ├── _affinity.tpl
        │   │   │   │   ├── autoscale.yaml
        │   │   │   │   ├── deployment.yaml
        │   │   │   │   ├── injected-deployment.yaml
        │   │   │   │   ├── poddisruptionbudget.yaml
        │   │   │   │   ├── role.yaml
        │   │   │   │   ├── rolebindings.yaml
        │   │   │   │   ├── service.yaml
        │   │   │   │   └── serviceaccount.yaml
        │   │   │   └── values.yaml
        │   │   └── istio-ingress
        │   │   │   ├── Chart.yaml
        │   │   │   ├── NOTES.txt
        │   │   │   ├── templates
        │   │   │       ├── _affinity.tpl
        │   │   │       ├── autoscale.yaml
        │   │   │       ├── deployment.yaml
        │   │   │       ├── injected-deployment.yaml
        │   │   │       ├── poddisruptionbudget.yaml
        │   │   │       ├── role.yaml
        │   │   │       ├── rolebindings.yaml
        │   │   │       ├── service.yaml
        │   │   │       └── serviceaccount.yaml
        │   │   │   └── values.yaml
        │   ├── istio-cni
        │   │   ├── Chart.yaml
        │   │   ├── README.md
        │   │   ├── templates
        │   │   │   ├── NOTES.txt
        │   │   │   ├── clusterrole.yaml
        │   │   │   ├── clusterrolebinding.yaml
        │   │   │   ├── configmap-cni.yaml
        │   │   │   ├── daemonset.yaml
        │   │   │   ├── resourcequota.yaml
        │   │   │   └── serviceaccount.yaml
        │   │   └── values.yaml
        │   ├── istio-control
        │   │   └── istio-discovery
        │   │   │   ├── Chart.yaml
        │   │   │   ├── README.md
        │   │   │   ├── files
        │   │   │       ├── gateway-injection-template.yaml
        │   │   │       ├── gen-istio.yaml
        │   │   │       ├── grpc-agent.yaml
        │   │   │       ├── grpc-simple.yaml
        │   │   │       └── injection-template.yaml
        │   │   │   ├── kustomization.yaml
        │   │   │   ├── templates
        │   │   │       ├── NOTES.txt
        │   │   │       ├── autoscale.yaml
        │   │   │       ├── clusterrole.yaml
        │   │   │       ├── clusterrolebinding.yaml
        │   │   │       ├── configmap-jwks.yaml
        │   │   │       ├── configmap.yaml
        │   │   │       ├── deployment.yaml
        │   │   │       ├── istiod-injector-configmap.yaml
        │   │   │       ├── mutatingwebhook.yaml
        │   │   │       ├── poddisruptionbudget.yaml
        │   │   │       ├── reader-clusterrole.yaml
        │   │   │       ├── reader-clusterrolebinding.yaml
        │   │   │       ├── revision-tags.yaml
        │   │   │       ├── role.yaml
        │   │   │       ├── rolebinding.yaml
        │   │   │       ├── service.yaml
        │   │   │       ├── serviceaccount.yaml
        │   │   │       ├── telemetryv2_1.11.yaml
        │   │   │       ├── telemetryv2_1.12.yaml
        │   │   │       ├── telemetryv2_1.13.yaml
        │   │   │       ├── telemetryv2_1.14.yaml
        │   │   │       └── validatingwebhookconfiguration.yaml
        │   │   │   └── values.yaml
        │   ├── istio-operator
        │   │   ├── Chart.yaml
        │   │   ├── crds
        │   │   │   └── crd-operator.yaml
        │   │   ├── files
        │   │   │   └── gen-operator.yaml
        │   │   ├── templates
        │   │   │   ├── clusterrole.yaml
        │   │   │   ├── clusterrole_binding.yaml
        │   │   │   ├── crds.yaml
        │   │   │   ├── deployment.yaml
        │   │   │   ├── service.yaml
        │   │   │   └── service_account.yaml
        │   │   └── values.yaml
        │   └── istiod-remote
        │   │   ├── Chart.yaml
        │   │   ├── NOTES.txt
        │   │   ├── files
        │   │       ├── gateway-injection-template.yaml
        │   │       └── injection-template.yaml
        │   │   ├── templates
        │   │       ├── clusterrole.yaml
        │   │       ├── clusterrolebinding.yaml
        │   │       ├── configmap.yaml
        │   │       ├── crd-all.gen.yaml
        │   │       ├── crd-operator.yaml
        │   │       ├── endpoints.yaml
        │   │       ├── istiod-injector-configmap.yaml
        │   │       ├── mutatingwebhook.yaml
        │   │       ├── reader-clusterrole.yaml
        │   │       ├── reader-clusterrolebinding.yaml
        │   │       ├── reader-serviceaccount.yaml
        │   │       ├── role.yaml
        │   │       ├── rolebinding.yaml
        │   │       ├── serviceaccount.yaml
        │   │       ├── services.yaml
        │   │       ├── telemetryv2_1.11.yaml
        │   │       ├── telemetryv2_1.12.yaml
        │   │       ├── telemetryv2_1.13.yaml
        │   │       ├── telemetryv2_1.14.yaml
        │   │       └── validatingwebhookconfiguration.yaml
        │   │   └── values.yaml
        ├── keycloak
        │   └── values.yaml
        ├── longhorn
        │   └── chart
        │   │   ├── .helmignore
        │   │   ├── Chart.yaml
        │   │   ├── README.md
        │   │   ├── app-readme.md
        │   │   ├── questions.yaml
        │   │   ├── templates
        │   │       ├── NOTES.txt
        │   │       ├── _helpers.tpl
        │   │       ├── clusterrole.yaml
        │   │       ├── clusterrolebinding.yaml
        │   │       ├── crds.yaml
        │   │       ├── daemonset-sa.yaml
        │   │       ├── default-setting.yaml
        │   │       ├── deployment-driver.yaml
        │   │       ├── deployment-ui.yaml
        │   │       ├── deployment-webhook.yaml
        │   │       ├── ingress.yaml
        │   │       ├── postupgrade-job.yaml
        │   │       ├── psp.yaml
        │   │       ├── registry-secret.yaml
        │   │       ├── serviceaccount.yaml
        │   │       ├── services.yaml
        │   │       ├── storageclass.yaml
        │   │       ├── tls-secrets.yaml
        │   │       └── uninstall-job.yaml
        │   │   └── values.yaml
        ├── mdos-api
        │   └── values.yaml
        ├── mhc-generic
        │   └── chart
        │   │   ├── .helmignore
        │   │   ├── Chart.yaml
        │   │   ├── templates
        │   │       ├── NOTES.txt
        │   │       ├── _helpers.tpl
        │   │       ├── authorizationpolicy.yaml
        │   │       ├── configmap.yaml
        │   │       ├── deployment.yaml
        │   │       ├── ingress.yaml
        │   │       ├── networkPolicy.yaml
        │   │       ├── pvc.yaml
        │   │       ├── roleBinding.yaml
        │   │       ├── sa.yaml
        │   │       ├── secret.yaml
        │   │       ├── service.yaml
        │   │       └── virtualservice.yaml
        │   │   └── values.yaml
        ├── pure-ftpd
        │   └── docker-compose.yaml
        ├── rabbitmq
        │   ├── Chart.yaml
        │   ├── charts
        │   │   └── common
        │   │   │   ├── .helmignore
        │   │   │   ├── Chart.yaml
        │   │   │   ├── templates
        │   │   │       ├── _affinities.tpl
        │   │   │       ├── _capabilities.tpl
        │   │   │       ├── _errors.tpl
        │   │   │       ├── _images.tpl
        │   │   │       ├── _ingress.tpl
        │   │   │       ├── _labels.tpl
        │   │   │       ├── _names.tpl
        │   │   │       ├── _secrets.tpl
        │   │   │       ├── _storage.tpl
        │   │   │       ├── _tplvalues.tpl
        │   │   │       ├── _utils.tpl
        │   │   │       └── _warnings.tpl
        │   │   │   └── values.yaml
        │   ├── templates
        │   │   ├── _helpers.tpl
        │   │   ├── configuration.yaml
        │   │   ├── extra-list.yaml
        │   │   ├── ingress.yaml
        │   │   ├── networkpolicy.yaml
        │   │   ├── pdb.yaml
        │   │   ├── prometheusrule.yaml
        │   │   ├── role.yaml
        │   │   ├── rolebinding.yaml
        │   │   ├── secrets.yaml
        │   │   ├── serviceaccount.yaml
        │   │   ├── servicemonitor.yaml
        │   │   ├── servicemonitoring.yaml
        │   │   ├── statefulset.yaml
        │   │   ├── svc-headless.yaml
        │   │   ├── svc.yaml
        │   │   └── tls-secrets.yaml
        │   ├── values.schema.json
        │   └── values.yaml
        └── registry
        │   └── values.yaml
    ├── infra
        ├── create-release.sh
        └── version-bump.sh
    ├── install-codeserver.sh
    ├── install-worker.sh
    ├── install.sh
    ├── lib
        ├── column2.sh
        ├── components.sh
        ├── gittools.sh
        ├── helpers.sh
        └── mdos_lib.sh
    └── remove-worker.sh


/.gitignore:
--------------------------------------------------------------------------------
 1 | **/.env
 2 | **/*.log
 3 | .DS_Store
 4 | **/.DS_Store
 5 | **/node_modules
 6 | .DS_Store
 7 | mdos-api/creds/*
 8 | mdos-docs/infra/mkdocs/mkdocs/site
 9 | mdos-setup/cloudflare.ini
10 | mdos-setup/deprecated/*
11 | mdos-setup/dep/mdos-api
12 | mdos-setup/dep/certs
13 | mdos-setup/dep/cert-manager/cloudflare-issuer-test.yaml
14 | mdos-setup/dep/cert-manager/freenom-cluster-issuer-test.yaml
15 | mdos-setup/vagrant
16 | mdos-docs/.$architecture.drawio.bkp
17 | mdos-docs/.$architecture.drawio.dtmp
18 | mdos-docs/draw.io/.$architecture.drawio.bkp
19 | mdos-docs/draw.io/.$architecture.drawio.dtmp
20 | mdos-docs/infra/mkdocs/site
21 | mdos-docs/infra/volumes/docs
22 | ftp_target


--------------------------------------------------------------------------------
/docs/assets/images/favicon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/assets/images/favicon.png


--------------------------------------------------------------------------------
/docs/assets/javascripts/lunr/min/lunr.jp.min.js:
--------------------------------------------------------------------------------
1 | module.exports=require("./lunr.ja");


--------------------------------------------------------------------------------
/docs/assets/javascripts/lunr/min/lunr.multi.min.js:
--------------------------------------------------------------------------------
1 | !function(e,t){"function"==typeof define&&define.amd?define(t):"object"==typeof exports?module.exports=t():t()(e.lunr)}(this,function(){return function(e){e.multiLanguage=function(){for(var t=Array.prototype.slice.call(arguments),i=t.join("-"),r="",n=[],s=[],p=0;p<t.length;++p)"en"==t[p]?(r+="\\w",n.unshift(e.stopWordFilter),n.push(e.stemmer),s.push(e.stemmer)):(r+=e[t[p]].wordCharacters,e[t[p]].stopWordFilter&&n.unshift(e[t[p]].stopWordFilter),e[t[p]].stemmer&&(n.push(e[t[p]].stemmer),s.push(e[t[p]].stemmer)));var o=e.trimmerSupport.generateTrimmer(r);return e.Pipeline.registerFunction(o,"lunr-multi-trimmer-"+i),n.unshift(o),function(){this.pipeline.reset(),this.pipeline.add.apply(this.pipeline,n),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add.apply(this.searchPipeline,s))}}}});


--------------------------------------------------------------------------------
/docs/assets/javascripts/lunr/min/lunr.th.min.js:
--------------------------------------------------------------------------------
1 | !function(e,r){"function"==typeof define&&define.amd?define(r):"object"==typeof exports?module.exports=r():r()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var r="2"==e.version[0];e.th=function(){this.pipeline.reset(),this.pipeline.add(e.th.trimmer),r?this.tokenizer=e.th.tokenizer:(e.tokenizer&&(e.tokenizer=e.th.tokenizer),this.tokenizerFn&&(this.tokenizerFn=e.th.tokenizer))},e.th.wordCharacters="[฀-๿]",e.th.trimmer=e.trimmerSupport.generateTrimmer(e.th.wordCharacters),e.Pipeline.registerFunction(e.th.trimmer,"trimmer-th");var t=e.wordcut;t.init(),e.th.tokenizer=function(i){if(!arguments.length||null==i||void 0==i)return[];if(Array.isArray(i))return i.map(function(t){return r?new e.Token(t):t});var n=i.toString().replace(/^\s+/,"");return t.cut(n).split("|")}}});


--------------------------------------------------------------------------------
/docs/assets/javascripts/lunr/min/lunr.vi.min.js:
--------------------------------------------------------------------------------
1 | !function(e,r){"function"==typeof define&&define.amd?define(r):"object"==typeof exports?module.exports=r():r()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");e.vi=function(){this.pipeline.reset(),this.pipeline.add(e.vi.stopWordFilter,e.vi.trimmer)},e.vi.wordCharacters="[A-Za-ẓ̀͐́͑̉̃̓ÂâÊêÔôĂ-ăĐ-đƠ-ơƯ-ư]",e.vi.trimmer=e.trimmerSupport.generateTrimmer(e.vi.wordCharacters),e.Pipeline.registerFunction(e.vi.trimmer,"trimmer-vi"),e.vi.stopWordFilter=e.generateStopWordFilter("là cái nhưng mà".split(" "))}});


--------------------------------------------------------------------------------
/docs/img/anatomy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/anatomy.png


--------------------------------------------------------------------------------
/docs/img/cli.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/cli.png


--------------------------------------------------------------------------------
/docs/img/example_yaml.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/example_yaml.png


--------------------------------------------------------------------------------
/docs/img/gateway.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/gateway.png


--------------------------------------------------------------------------------
/docs/img/getting-started/hello-world.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/getting-started/hello-world.png


--------------------------------------------------------------------------------
/docs/img/installation/account.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/installation/account.png


--------------------------------------------------------------------------------
/docs/img/installation/certmanager.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/installation/certmanager.png


--------------------------------------------------------------------------------
/docs/img/installation/dependencies.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/installation/dependencies.png


--------------------------------------------------------------------------------
/docs/img/installation/ftp.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/installation/ftp.png


--------------------------------------------------------------------------------
/docs/img/installation/ip.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/installation/ip.png


--------------------------------------------------------------------------------
/docs/img/installation/registry.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/installation/registry.png


--------------------------------------------------------------------------------
/docs/img/installation/selfsigned.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/installation/selfsigned.png


--------------------------------------------------------------------------------
/docs/img/installation/storage.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/installation/storage.png


--------------------------------------------------------------------------------
/docs/img/keycloak/auth_deploy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/keycloak/auth_deploy.png


--------------------------------------------------------------------------------
/docs/img/keycloak/auth_kubectl.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/keycloak/auth_kubectl.png


--------------------------------------------------------------------------------
/docs/img/keycloak/client_roles.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/keycloak/client_roles.png


--------------------------------------------------------------------------------
/docs/img/keycloak/flow_overview.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/keycloak/flow_overview.png


--------------------------------------------------------------------------------
/docs/img/mdos.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/mdos.png


--------------------------------------------------------------------------------
/docs/img/mdosyaml.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/mdosyaml.png


--------------------------------------------------------------------------------
/docs/img/networkPolicies/custom.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/networkPolicies/custom.png


--------------------------------------------------------------------------------
/docs/img/oidc.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/oidc.png


--------------------------------------------------------------------------------
/docs/img/overview.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/overview.png


--------------------------------------------------------------------------------
/docs/img/setup/cli.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/setup/cli.png


--------------------------------------------------------------------------------
/docs/img/setup/cloudflare.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/setup/cloudflare.png


--------------------------------------------------------------------------------
/docs/img/setup/cloudflare_api.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/setup/cloudflare_api.png


--------------------------------------------------------------------------------
/docs/img/volume-sync.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/img/volume-sync.png


--------------------------------------------------------------------------------
/docs/sitemap.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
 3 |     <url>
 4 |          <loc>https://mdundek.github.io/mdos/</loc>
 5 |          <lastmod>2023-01-11</lastmod>
 6 |          <changefreq>daily</changefreq>
 7 |     </url>
 8 |     <url>
 9 |          <loc>https://mdundek.github.io/mdos/advanced-resources/</loc>
10 |          <lastmod>2023-01-11</lastmod>
11 |          <changefreq>daily</changefreq>
12 |     </url>
13 |     <url>
14 |          <loc>https://mdundek.github.io/mdos/getting-started/</loc>
15 |          <lastmod>2023-01-11</lastmod>
16 |          <changefreq>daily</changefreq>
17 |     </url>
18 |     <url>
19 |          <loc>https://mdundek.github.io/mdos/installation/</loc>
20 |          <lastmod>2023-01-11</lastmod>
21 |          <changefreq>daily</changefreq>
22 |     </url>
23 |     <url>
24 |          <loc>https://mdundek.github.io/mdos/reference-documentation/</loc>
25 |          <lastmod>2023-01-11</lastmod>
26 |          <changefreq>daily</changefreq>
27 |     </url>
28 | </urlset>


--------------------------------------------------------------------------------
/docs/sitemap.xml.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/docs/sitemap.xml.gz


--------------------------------------------------------------------------------
/docs/stylesheets/extra.css:
--------------------------------------------------------------------------------
 1 | [data-md-color-scheme="default"] {
 2 | 	--md-code-hl-color: #fffeea;
 3 | }
 4 | 
 5 | [data-md-color-scheme="slate"] {
 6 | 	--md-code-fg-color: #adbac8;
 7 | }
 8 | 
 9 | .md-content__button {
10 |     display: none;
11 | }
12 | 
13 | .section-icon {
14 | 	color: #1DA1F2;
15 | }
16 | 
17 | .md-nav--secondary:nth-child(1) > .md-nav__list > .md-nav__item > a  {
18 | 	font-weight: bold;
19 | 	/* display: list-item;
20 |     list-style-type: square;
21 |     list-style-position: inside;  */
22 | }
23 | 
24 | .md-nav__title {
25 | 	text-decoration: underline;
26 | }
27 | 
28 | @media all and (min-width: 900px) {
29 | 	.wrapper {
30 | 		display: grid;
31 | 		grid-template-columns: repeat(3, 1fr);
32 | 		gap: 10px;
33 | 		grid-auto-rows: minmax(100px, auto);
34 | 	}
35 | 	.wrapper .left {
36 | 		grid-column: 1 / 3;
37 | 		grid-row: 1;
38 | 	}
39 | 	.wrapper .right {
40 | 		grid-column: 3 / 4;
41 | 		grid-row: 1;
42 | 	}
43 | }
44 | 
45 | 
46 |   


--------------------------------------------------------------------------------
/mdos-api/.dockerignore:
--------------------------------------------------------------------------------
1 | infra/


--------------------------------------------------------------------------------
/mdos-api/.editorconfig:
--------------------------------------------------------------------------------
 1 | # http://editorconfig.org
 2 | root = true
 3 | 
 4 | [*]
 5 | indent_style = space
 6 | indent_size = 2
 7 | end_of_line = lf
 8 | charset = utf-8
 9 | trim_trailing_whitespace = true
10 | insert_final_newline = true
11 | 
12 | [*.md]
13 | trim_trailing_whitespace = false
14 | 


--------------------------------------------------------------------------------
/mdos-api/.env.tmpl:
--------------------------------------------------------------------------------
 1 | NO_ADMIN_AUTH=true
 2 | ROOT_DOMAIN=<ROOT_DOMAIN_NAME>
 3 | REG_USER=<REGISTRY_USERNAME>
 4 | REG_PASS=<REGISTRY_PASSWORD>
 5 | GEN_HELM_PATH_PATH=<PATH_TO_REPO>/mdos/mdos-setup/dep/generic-helm-chart
 6 | ISTIO_CHART_PATH=<PATH_TO_REPO>/mdos/mdos-setup/dep/istio_helm/istio-control/istio-discovery
 7 | RUN_TARGET=local
 8 | KC_PORT=30999
 9 | 
10 | FTP_SERVER_MAIN_PORT=3915
11 | 
12 | # Next values only needed when run outside of kubernetes (developement)
13 | K3S_TOKEN=<KUBE_SA_TOKEN> # KUBE_SA_TOKEN=$(kubectl get secret default -n mdos -ojsonpath='{.data.token}' | base64 --decode)
14 | K3S_API_SERVER=127.0.0.1:6443
15 | K3S_ROOT_CA_PATH=/var/lib/rancher/k3s/server/tls/server-ca.crt # Needs to be readable by nodejs process, make a copy if necessary
16 | 
17 | RABBIT_PASSWORD=kjksdfklsf
18 | RABBIT_HOST=XXX.XXX.XXX.XXX
19 | RABBIT_PORT=<NodePort Port>
20 | RABBIT_USERNAME=default_user_lksdjflkgj


--------------------------------------------------------------------------------
/mdos-api/.prettierrc.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "trailingComma": "es5",
 3 |   "tabWidth": 4,
 4 |   "semi": false,
 5 |   "singleQuote": true,
 6 |   "printWidth": 200,
 7 |   "bracketSpacing": true,
 8 |   "bracketSameLine": true,
 9 |   "arrowParens": "always"
10 | }


--------------------------------------------------------------------------------
/mdos-api/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM node:16-alpine
 2 | 
 3 | COPY helm /usr/bin
 4 | RUN chmod a+x /usr/bin/helm
 5 | 
 6 | COPY kubectl /usr/bin
 7 | RUN chmod a+x /usr/bin/kubectl
 8 | 
 9 | RUN helm repo add oauth2-proxy https://oauth2-proxy.github.io/manifests
10 | RUN helm repo update
11 | 
12 | RUN apk add curl wget openssl
13 | RUN wget https://dl.min.io/client/mc/release/linux-amd64/mc
14 | RUN chmod +x mc
15 | RUN mv mc /usr/bin
16 | 
17 | RUN mkdir -p /home/node/app/tmp
18 | 
19 | COPY mhc-generic /usr/src/dep/mhc-generic
20 | COPY istio-discovery /usr/src/dep/istio-discovery
21 | 
22 | # Create app directory
23 | WORKDIR /usr/src/app
24 | 
25 | # Install app dependencies
26 | # A wildcard is used to ensure both package.json AND package-lock.json are copied
27 | # where available (npm@5+)
28 | COPY package*.json ./
29 | 
30 | RUN npm install
31 | # If you are building your code for production
32 | # RUN npm ci --only=production
33 | 
34 | # Bundle app source
35 | COPY . .
36 | 
37 | RUN rm -rf helm
38 | RUN rm -rf .env
39 | 
40 | EXPOSE 3030
41 | CMD [ "node", "." ]


--------------------------------------------------------------------------------
/mdos-api/config/default.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "host": "localhost",
 3 |   "port": 3030,
 4 |   "public": "../public/",
 5 |   "paginate": {
 6 |     "default": 10,
 7 |     "max": 50
 8 |   },
 9 |   "authentication": {
10 |     "entity": null,
11 |     "secret": "WREpVqRef/+pWwfg5Du9CPwDgAk=",
12 |     "authStrategies": [
13 |       "keycloak"
14 |     ]
15 |   },
16 |   "sqlite": "sqlite://api.sqlite"
17 | }
18 | 


--------------------------------------------------------------------------------
/mdos-api/config/production.json:
--------------------------------------------------------------------------------
1 | {
2 |   "host": "api-app.feathersjs.com",
3 |   "port": "PORT"
4 | }
5 | 


--------------------------------------------------------------------------------
/mdos-api/config/test.json:
--------------------------------------------------------------------------------
1 | {}
2 | 


--------------------------------------------------------------------------------
/mdos-api/infra/dep/helm/helm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-api/infra/dep/helm/helm


--------------------------------------------------------------------------------
/mdos-api/infra/dep/kubectl/kubectl:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-api/infra/dep/kubectl/kubectl


--------------------------------------------------------------------------------
/mdos-api/public/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-api/public/favicon.ico


--------------------------------------------------------------------------------
/mdos-api/src/app.hooks.js:
--------------------------------------------------------------------------------
 1 | const cliVersionCheck = require('./services/_hooks/versionCheck')
 2 | 
 3 | // Application hooks that run for every service
 4 | 
 5 | module.exports = {
 6 |     before: {
 7 |         all: [cliVersionCheck()],
 8 |         find: [],
 9 |         get: [],
10 |         create: [],
11 |         update: [],
12 |         patch: [],
13 |         remove: [],
14 |     },
15 | 
16 |     after: {
17 |         all: [],
18 |         find: [],
19 |         get: [],
20 |         create: [],
21 |         update: [],
22 |         patch: [],
23 |         remove: [],
24 |     },
25 | 
26 |     error: {
27 |         all: [],
28 |         find: [],
29 |         get: [],
30 |         create: [],
31 |         update: [],
32 |         patch: [],
33 |         remove: [],
34 |     },
35 | }
36 | 


--------------------------------------------------------------------------------
/mdos-api/src/authentication.js:
--------------------------------------------------------------------------------
 1 | const { AuthenticationService, AuthenticationBaseStrategy } = require('@feathersjs/authentication')
 2 | const { expressOauth } = require('@feathersjs/authentication-oauth')
 3 | const { NotFound, GeneralError, BadRequest, NotAuthenticated } = require('@feathersjs/errors')
 4 | const jwt_decode = require('jwt-decode')
 5 | 
 6 | class KeycloakStrategy extends AuthenticationBaseStrategy {
 7 |     /**
 8 |      * authenticate
 9 |      * @param {*} data
10 |      */
11 |     async authenticate(data) {
12 |         const { username, password } = data
13 |         const userAuthToken = await this.app.get("keycloak").getUserAccessToken("mdos", username, password)
14 |         if(userAuthToken.error) {
15 |             let error = new Error('ERROR: Invalide user credentials');
16 |             error.statusCode = 401;
17 |             error.code = 401;
18 |             throw new NotAuthenticated(error);
19 |         }
20 |         return userAuthToken
21 |     }
22 | }
23 | 
24 | class KcAuthService extends AuthenticationService {
25 |     async getPayload(authResult, params) {
26 |         return authResult
27 |     }
28 | }
29 | 
30 | module.exports = (app) => {
31 |     const authentication = new KcAuthService(app)
32 |     const keycloakStrategy = new KeycloakStrategy()
33 |     authentication.register('keycloak', keycloakStrategy)
34 |     app.use('/authentication', authentication)
35 |     app.configure(expressOauth())
36 | }
37 | 


--------------------------------------------------------------------------------
/mdos-api/src/index.js:
--------------------------------------------------------------------------------
 1 | require('dotenv').config()
 2 | 
 3 | /* eslint-disable no-console */
 4 | const logger = require('./logger')
 5 | const app = require('./app')
 6 | const port = app.get('port')
 7 | const server = app.listen(port)
 8 | var path = require('path')
 9 | 
10 | // Set a timeout of 10 minutes for requests
11 | server.setTimeout(1000 * 60 * 10)
12 | 
13 | global.APP_ROOT = path.resolve(__dirname)
14 | 
15 | process.on('unhandledRejection', (reason, p) => logger.error('Unhandled Rejection at: Promise ', p, reason))
16 | 
17 | server.on('listening', () => logger.info('Feathers application started on http://%s:%d', app.get('host'), port))
18 | 


--------------------------------------------------------------------------------
/mdos-api/src/libs/constants.js:
--------------------------------------------------------------------------------
 1 | module.exports = Object.freeze({
 2 |     RESERVED_NAMESPACES: [
 3 |         'local-path-storage',
 4 |         'mdos',
 5 |         'oauth2-proxy',
 6 |         'keycloak',
 7 |         'code-server',
 8 |         'mdos-registry',
 9 |         'calico-apiserver',
10 |         'calico-system',
11 |         'tigera-operator',
12 |         'kube-node-lease',
13 |         'kube-public',
14 |         'kube-system',
15 |         'default',
16 |         'istio-system',
17 |         'longhorn-system',
18 |         'rabbitmq',
19 |         'cert-manager',
20 |         'loki-stack'
21 |     ]
22 | });


--------------------------------------------------------------------------------
/mdos-api/src/logger.js:
--------------------------------------------------------------------------------
 1 | const { createLogger, format, transports } = require('winston')
 2 | 
 3 | // Configure the Winston logger. For the complete documentation see https://github.com/winstonjs/winston
 4 | const logger = createLogger({
 5 |     // To see more detailed errors, change this to 'debug'
 6 |     level: 'info',
 7 |     format: format.combine(format.splat(), format.simple()),
 8 |     transports: [new transports.Console()],
 9 | })
10 | 
11 | module.exports = logger
12 | 


--------------------------------------------------------------------------------
/mdos-api/src/middleware/brokerChannels.js:
--------------------------------------------------------------------------------
 1 | module.exports.CHANNEL = {
 2 | 	JOB_K3S_CREATE_NAMESPACE: "k3s-create-namespace",
 3 | 	JOB_K3S_DELETE_NAMESPACE: "k3s-delete-namespace",
 4 | 	JOB_K3S_CREATE_SECRET: "k3s-create-secret",
 5 | 	JOB_K3S_REPLACE_SECRET: "k3s-replace-secret",
 6 | 	JOB_K3S_DELETE_SECRET: "k3s-delete-secret",
 7 | 	JOB_K3S_CREATE_REG_SECRET: "k3s-create-reg-secret",
 8 | 	JOB_K3S_APPLY_USR_ROLE_BINDINGS: "k3s-apply-usr-role-bindings",
 9 | 	JOB_K3S_INSTALL_OAUTH_PROXY: "k3s-install-oauth-proxy",
10 | 	JOB_K3S_UNINSTALL_OAUTH_PROXY: "k3s-uninstall-oauth-proxy",
11 | 	JOB_K3S_ADD_ISTIO_OIDC_PROVIDER: "k3s-add-istio-oidc-provider",
12 | 	JOB_K3S_REMOVE_ISTIO_OIDC_PROVIDER: "k3s-remove-istio-oidc-provider",
13 | 	JOB_KC_CREATE_CLIENT: "kc-create-client",
14 | 	JOB_KC_DELETE_CLIENT: "kc-delete-client",
15 | 	JOB_KC_CREATE_CLIENT_SA: "kc-create-client-sa",
16 | 	JOB_KC_DELETE_CLIENT_SA: "kc-delete-client-sa",
17 | 	JOB_KC_CREATE_CLIENT_ROLES: "kc-create-client-roles",
18 | 	JOB_FTPD_CREATE_CREDENTIALS: "ftpd-create-credentials",
19 | 	JOB_FTPD_DELETE_CREDENTIALS: "ftpd-delete-credentials",
20 | 	JOB_DONE: "job-done"
21 | }


--------------------------------------------------------------------------------
/mdos-api/src/middleware/schemaValidator/index.js:
--------------------------------------------------------------------------------
 1 | const SchemaV1 = require('./v1')
 2 | 
 3 | /**
 4 |  * Validate mdos application schemas
 5 |  *
 6 |  * @class SchemaValidator
 7 |  */
 8 | class SchemaValidator {
 9 |     
10 |     /**
11 |      * Creates an instance of SchemaValidator.
12 |      * @param {*} version
13 |      * @memberof SchemaValidator
14 |      */
15 |     constructor(version, frameworkOnlyMode) {
16 |         if (version.toLowerCase() == 'v1') {
17 |             this.instance = new SchemaV1(frameworkOnlyMode)
18 |         } else {
19 |             throw new Error(`ERROR: Schema version unknown: ${version}`)
20 |         }
21 |     }
22 | }
23 | 
24 | module.exports = SchemaValidator
25 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/_hooks/isAuthenticated.js:
--------------------------------------------------------------------------------
 1 | const errors = require('@feathersjs/errors')
 2 | 
 3 | /**
 4 |  * Export
 5 |  *
 6 |  * @return {*} 
 7 |  */
 8 | module.exports = function () {
 9 |     return async (context) => {
10 |         // If request is to get API mode, we allow it
11 |         if(context.method == 'get' && context.path == 'mdos' && context.id == 'api-mode') return context
12 |         // Is auth disabled?
13 |         if (process.env.NO_ADMIN_AUTH == 'true' || context.app.get("mdos_framework_only")) return context
14 |         if (context.params.provider != 'rest')
15 |             // Internal calls don't need authentication
16 |             return context
17 |         if (!context.params.headers['authorization']) throw new errors.Forbidden('ERROR: You are not authenticated')
18 | 
19 |         // Get JWT token
20 |         let access_token = context.params.headers['authorization'].split(" ")[1]
21 |         if (access_token.slice(-1) === ';') {
22 |             access_token = access_token.substring(0, access_token.length-1)
23 |         }
24 |         const jwtToken = await context.app.get('keycloak').userTokenInstrospect('mdos', access_token, true)
25 |         if(!jwtToken.active) {
26 |             throw new errors.Forbidden('ERROR: Authentication session timeout')
27 |         }
28 |         context.jwtToken = jwtToken
29 |         return context
30 |     }
31 | }
32 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/index.js:
--------------------------------------------------------------------------------
 1 | const oidcProvider = require('./oidc-provider/oidc-provider.service.js')
 2 | const kube = require('./kube/kube.service.js')
 3 | const keycloak = require('./keycloak/keycloak.service.js')
 4 | const mdos = require('./mdos/mdos.service.js')
 5 | const regAuthentication = require('./reg-authentication/reg-authentication.service.js')
 6 | const regAuthorization = require('./reg-authorization/reg-authorization.service.js')
 7 | const schemaValidator = require('./schema-validator/schema-validator.service.js')
 8 | const logout = require('./logout/logout.service.js')
 9 | const tokenIntrospect = require('./token-introspect/token-introspect.service.js');
10 | // eslint-disable-next-line no-unused-vars
11 | module.exports = function (app) {
12 |     app.configure(oidcProvider)
13 |     app.configure(kube)
14 |     app.configure(keycloak)
15 |     app.configure(mdos)
16 |     app.configure(regAuthentication)
17 |     app.configure(regAuthorization)
18 |     app.configure(schemaValidator)
19 |     app.configure(logout)
20 |     app.configure(tokenIntrospect);
21 | }
22 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/keycloak/keycloak.hooks.js:
--------------------------------------------------------------------------------
 1 | // const sysadmin_role_check = require('../_hooks/sysadminOnly');
 2 | const aclDataFindFilter = require('../_hooks/aclAfterfindFilters')
 3 | const aclDataCreate = require('../_hooks/aclCreate')
 4 | const aclDataDelete = require('../_hooks/aclDelete')
 5 | const isAuthenticated = require('../_hooks/isAuthenticated')
 6 | 
 7 | module.exports = {
 8 |     before: {
 9 |         all: [],
10 |         find: [isAuthenticated()],
11 |         get: [isAuthenticated()],
12 |         create: [aclDataCreate()],
13 |         update: [aclDataCreate()],
14 |         patch: [aclDataCreate()],
15 |         remove: [aclDataDelete()],
16 |     },
17 | 
18 |     after: {
19 |         all: [],
20 |         find: [aclDataFindFilter()],
21 |         get: [aclDataFindFilter()],
22 |         create: [],
23 |         update: [],
24 |         patch: [],
25 |         remove: [],
26 |     },
27 | 
28 |     error: {
29 |         all: [],
30 |         find: [],
31 |         get: [],
32 |         create: [],
33 |         update: [],
34 |         patch: [],
35 |         remove: [],
36 |     },
37 | }
38 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/keycloak/keycloak.service.js:
--------------------------------------------------------------------------------
 1 | // Initializes the `keycloak` service on path `/keycloak`
 2 | const { Keycloak } = require('./keycloak.class')
 3 | const hooks = require('./keycloak.hooks')
 4 | 
 5 | module.exports = function (app) {
 6 |     const options = {
 7 |         paginate: app.get('paginate'),
 8 |     }
 9 | 
10 |     // Initialize our service with any options it requires
11 |     app.use('/keycloak', new Keycloak(options, app))
12 | 
13 |     // Get our initialized service so that we can register hooks
14 |     const service = app.service('keycloak')
15 | 
16 |     service.hooks(hooks)
17 | }
18 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/kube/kube.hooks.js:
--------------------------------------------------------------------------------
 1 | // const sysadmin_role_check = require('../_hooks/sysadminOnly');
 2 | const aclDataFindFilter = require('../_hooks/aclAfterfindFilters')
 3 | const aclDataCreate = require('../_hooks/aclCreate')
 4 | const aclDataDelete = require('../_hooks/aclDelete')
 5 | const isAuthenticated = require('../_hooks/isAuthenticated')
 6 | 
 7 | module.exports = {
 8 |     before: {
 9 |         all: [],
10 |         find: [isAuthenticated()],
11 |         get: [isAuthenticated()],
12 |         create: [aclDataCreate()],
13 |         update: [aclDataCreate()],
14 |         patch: [aclDataCreate()],
15 |         remove: [aclDataDelete()],
16 |     },
17 | 
18 |     after: {
19 |         all: [],
20 |         find: [aclDataFindFilter()],
21 |         get: [aclDataFindFilter()],
22 |         create: [],
23 |         update: [],
24 |         patch: [],
25 |         remove: [],
26 |     },
27 | 
28 |     error: {
29 |         all: [],
30 |         find: [],
31 |         get: [],
32 |         create: [],
33 |         update: [],
34 |         patch: [],
35 |         remove: [],
36 |     },
37 | }
38 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/kube/kube.service.js:
--------------------------------------------------------------------------------
 1 | // Initializes the `kube` service on path `/kube`
 2 | const { Kube } = require('./kube.class')
 3 | const hooks = require('./kube.hooks')
 4 | 
 5 | module.exports = function (app) {
 6 |     const options = {
 7 |         paginate: app.get('paginate'),
 8 |     }
 9 | 
10 |     // Initialize our service with any options it requires
11 |     app.use('/kube', new Kube(options, app))
12 | 
13 |     // Get our initialized service so that we can register hooks
14 |     const service = app.service('kube')
15 | 
16 |     service.hooks(hooks)
17 | }
18 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/logout/logout.class.js:
--------------------------------------------------------------------------------
 1 | const jwt_decode = require('jwt-decode')
 2 | 
 3 | /* eslint-disable no-unused-vars */
 4 | exports.Logout = class Logout {
 5 | 
 6 |     /**
 7 |      * Creates an instance of Logout.
 8 |      * @param {*} options
 9 |      * @param {*} app
10 |      */
11 |     constructor(options, app) {
12 |         this.options = options || {}
13 |         this.app = app
14 |     }
15 | 
16 |     /**
17 |      * Find
18 |      *
19 |      * @param {*} params
20 |      * @return {*} 
21 |      */
22 |     async find(params) {
23 |         if (params.headers['x-auth-request-access-token']) {
24 |             let jwtToken = jwt_decode(params.headers['x-auth-request-access-token'])
25 | 
26 |             await this.app.get('keycloak').logout('mdos', jwtToken.preferred_username)
27 |         }
28 |         return 'ok'
29 |     }
30 | 
31 |     /**
32 |      * Create
33 |      *
34 |      * @param {*} data
35 |      * @param {*} params
36 |      * @return {*} 
37 |      */
38 |     async create(data, params) {
39 |         if (Array.isArray(data)) {
40 |             return Promise.all(data.map((current) => this.create(current, params)))
41 |         }
42 | 
43 |         return data
44 |     }
45 | }
46 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/logout/logout.hooks.js:
--------------------------------------------------------------------------------
 1 | module.exports = {
 2 |     before: {
 3 |         all: [],
 4 |         find: [],
 5 |         get: [],
 6 |         create: [],
 7 |         update: [],
 8 |         patch: [],
 9 |         remove: [],
10 |     },
11 | 
12 |     after: {
13 |         all: [],
14 |         find: [],
15 |         get: [],
16 |         create: [],
17 |         update: [],
18 |         patch: [],
19 |         remove: [],
20 |     },
21 | 
22 |     error: {
23 |         all: [],
24 |         find: [],
25 |         get: [],
26 |         create: [],
27 |         update: [],
28 |         patch: [],
29 |         remove: [],
30 |     },
31 | }
32 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/logout/logout.service.js:
--------------------------------------------------------------------------------
 1 | // Initializes the `logout` service on path `/logout`
 2 | const { Logout } = require('./logout.class')
 3 | const hooks = require('./logout.hooks')
 4 | 
 5 | module.exports = function (app) {
 6 |     const options = {
 7 |         paginate: app.get('paginate'),
 8 |     }
 9 | 
10 |     // Initialize our service with any options it requires
11 |     app.use('/logout', new Logout(options, app))
12 | 
13 |     // Get our initialized service so that we can register hooks
14 |     const service = app.service('logout')
15 | 
16 |     service.hooks(hooks)
17 | }
18 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/mdos/mdos.hooks.js:
--------------------------------------------------------------------------------
 1 | const aclMdos = require('../_hooks/aclMdos')
 2 | const isAuthenticated = require('../_hooks/isAuthenticated')
 3 | 
 4 | module.exports = {
 5 |     before: {
 6 |         all: [],
 7 |         find: [isAuthenticated()],
 8 |         get: [isAuthenticated()],
 9 |         create: [aclMdos()],
10 |         update: [aclMdos()],
11 |         patch: [aclMdos()],
12 |         remove: [isAuthenticated()],
13 |     },
14 | 
15 |     after: {
16 |         all: [],
17 |         find: [],
18 |         get: [],
19 |         create: [],
20 |         update: [],
21 |         patch: [],
22 |         remove: [],
23 |     },
24 | 
25 |     error: {
26 |         all: [],
27 |         find: [],
28 |         get: [],
29 |         create: [],
30 |         update: [],
31 |         patch: [],
32 |         remove: [],
33 |     },
34 | }
35 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/mdos/mdos.service.js:
--------------------------------------------------------------------------------
 1 | // Initializes the `mdos` service on path `/mdos`
 2 | const { Mdos } = require('./mdos.class')
 3 | const hooks = require('./mdos.hooks')
 4 | 
 5 | module.exports = function (app) {
 6 |     const options = {
 7 |         paginate: app.get('paginate'),
 8 |     }
 9 | 
10 |     // Initialize our service with any options it requires
11 |     app.use('/mdos', new Mdos(options, app))
12 | 
13 |     // Get our initialized service so that we can register hooks
14 |     const service = app.service('mdos')
15 | 
16 |     service.hooks(hooks)
17 | }
18 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/oidc-provider/oidc-provider.class.core.js:
--------------------------------------------------------------------------------
 1 | const { NotFound, Conflict, Unavailable, Forbidden } = require('@feathersjs/errors')
 2 | const jwt_decode = require('jwt-decode')
 3 | const axios = require('axios')
 4 | const CommonCore = require('../common.class.core')
 5 | 
 6 | /**
 7 |  * OIDC core functions class
 8 |  *
 9 |  * @class KubeCore
10 |  * @extends {CommonCore}
11 |  */
12 | class OidcProviderCore extends CommonCore {
13 |     /**
14 |      * constructor
15 |      * @param {*} app
16 |      */
17 |     constructor(app) {
18 |         super(app)
19 |         this.app = app
20 |     }
21 | 
22 |     /**
23 |      *
24 |      * @param {*} name
25 |      */
26 |     async oidcProviderCheck(name) {
27 |         let responses = await this.app.get('kube').getOidcProviders()
28 |         if (!responses.find((o) => o.name.toLowerCase() == name.toLowerCase())) {
29 |             throw new Unavailable(`ERROR: OIDC provider "${name}" not found`)
30 |         }
31 |     }
32 | 
33 |     /**
34 |      * ensureProviderNotDeclared
35 |      * @param {*} name
36 |      */
37 |     async ensureProviderNotDeclared(name) {
38 |         let responses = await this.app.get('kube').getOidcProviders()
39 |         if (responses.find((o) => o.name.toLowerCase() == name.toLowerCase())) {
40 |             throw new Conflict('ERROR: OIDC provider already declared')
41 |         }
42 |     }
43 | }
44 | 
45 | module.exports = OidcProviderCore
46 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/oidc-provider/oidc-provider.hooks.js:
--------------------------------------------------------------------------------
 1 | // const sysadmin_role_check = require('../_hooks/sysadminOnly');
 2 | const aclDataFindFilter = require('../_hooks/aclAfterfindFilters')
 3 | const aclDataCreate = require('../_hooks/aclCreate')
 4 | const aclDataDelete = require('../_hooks/aclDelete')
 5 | const isAuthenticated = require('../_hooks/isAuthenticated')
 6 | 
 7 | module.exports = {
 8 |     before: {
 9 |         all: [],
10 |         find: [isAuthenticated()],
11 |         get: [isAuthenticated()],
12 |         create: [aclDataCreate()],
13 |         update: [aclDataCreate()],
14 |         patch: [aclDataCreate()],
15 |         remove: [aclDataDelete()],
16 |     },
17 | 
18 |     after: {
19 |         all: [],
20 |         find: [aclDataFindFilter()],
21 |         get: [aclDataFindFilter()],
22 |         create: [],
23 |         update: [],
24 |         patch: [],
25 |         remove: [],
26 |     },
27 | 
28 |     error: {
29 |         all: [],
30 |         find: [],
31 |         get: [],
32 |         create: [],
33 |         update: [],
34 |         patch: [],
35 |         remove: [],
36 |     },
37 | }
38 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/oidc-provider/oidc-provider.service.js:
--------------------------------------------------------------------------------
 1 | // Initializes the `oidc-provider` service on path `/oidc-provider`
 2 | const { OidcProvider } = require('./oidc-provider.class')
 3 | const hooks = require('./oidc-provider.hooks')
 4 | 
 5 | module.exports = function (app) {
 6 |     const options = {
 7 |         paginate: app.get('paginate'),
 8 |     }
 9 | 
10 |     // Initialize our service with any options it requires
11 |     app.use('/oidc-provider', new OidcProvider(options, app))
12 | 
13 |     // Get our initialized service so that we can register hooks
14 |     const service = app.service('oidc-provider')
15 | 
16 |     service.hooks(hooks)
17 | }
18 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/reg-authentication/reg-authentication.class.js:
--------------------------------------------------------------------------------
 1 | const { Forbidden } = require('@feathersjs/errors')
 2 | 
 3 | /* eslint-disable no-unused-vars */
 4 | exports.RegAuthentication = class RegAuthentication {
 5 | 
 6 |     /**
 7 |      * Creates an instance of RegAuthentication.
 8 |      * @param {*} options
 9 |      * @param {*} app
10 |      */
11 |     constructor(options, app) {
12 |         this.options = options || {}
13 |         this.app = app
14 |     }
15 | 
16 |     /**
17 |      * Find
18 |      *
19 |      * @param {*} params
20 |      * @return {*} 
21 |      */
22 |     async find(params) {
23 |         const plainCreds = JSON.parse(Buffer.from(params.query.creds, 'base64').toString('utf8'))
24 |         // Login
25 |         const result = await this.app.get('keycloak').getUserAccessToken('mdos', plainCreds.username, plainCreds.password)
26 |         if(result.error)
27 |             throw new Forbidden("Invalid credentials")
28 |         return 'ok'
29 |     }
30 | }
31 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/reg-authentication/reg-authentication.hooks.js:
--------------------------------------------------------------------------------
 1 | module.exports = {
 2 |     before: {
 3 |         all: [],
 4 |         find: [],
 5 |         get: [],
 6 |         create: [],
 7 |         update: [],
 8 |         patch: [],
 9 |         remove: [],
10 |     },
11 | 
12 |     after: {
13 |         all: [],
14 |         find: [],
15 |         get: [],
16 |         create: [],
17 |         update: [],
18 |         patch: [],
19 |         remove: [],
20 |     },
21 | 
22 |     error: {
23 |         all: [],
24 |         find: [],
25 |         get: [],
26 |         create: [],
27 |         update: [],
28 |         patch: [],
29 |         remove: [],
30 |     },
31 | }
32 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/reg-authentication/reg-authentication.service.js:
--------------------------------------------------------------------------------
 1 | // Initializes the `reg-authentication` service on path `/reg-authentication`
 2 | const { RegAuthentication } = require('./reg-authentication.class')
 3 | const hooks = require('./reg-authentication.hooks')
 4 | 
 5 | module.exports = function (app) {
 6 |     const options = {
 7 |         paginate: app.get('paginate'),
 8 |     }
 9 | 
10 |     // Initialize our service with any options it requires
11 |     app.use('/reg-authentication', new RegAuthentication(options, app))
12 | 
13 |     // Get our initialized service so that we can register hooks
14 |     const service = app.service('reg-authentication')
15 | 
16 |     service.hooks(hooks)
17 | }
18 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/reg-authorization/reg-authorization.hooks.js:
--------------------------------------------------------------------------------
 1 | module.exports = {
 2 |     before: {
 3 |         all: [],
 4 |         find: [],
 5 |         get: [],
 6 |         create: [],
 7 |         update: [],
 8 |         patch: [],
 9 |         remove: [],
10 |     },
11 | 
12 |     after: {
13 |         all: [],
14 |         find: [],
15 |         get: [],
16 |         create: [],
17 |         update: [],
18 |         patch: [],
19 |         remove: [],
20 |     },
21 | 
22 |     error: {
23 |         all: [],
24 |         find: [],
25 |         get: [],
26 |         create: [],
27 |         update: [],
28 |         patch: [],
29 |         remove: [],
30 |     },
31 | }
32 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/reg-authorization/reg-authorization.service.js:
--------------------------------------------------------------------------------
 1 | // Initializes the `reg-authorization` service on path `/reg-authorization`
 2 | const { RegAuthorization } = require('./reg-authorization.class')
 3 | const hooks = require('./reg-authorization.hooks')
 4 | 
 5 | module.exports = function (app) {
 6 |     const options = {
 7 |         paginate: app.get('paginate'),
 8 |     }
 9 | 
10 |     // Initialize our service with any options it requires
11 |     app.use('/reg-authorization', new RegAuthorization(options, app))
12 | 
13 |     // Get our initialized service so that we can register hooks
14 |     const service = app.service('reg-authorization')
15 | 
16 |     service.hooks(hooks)
17 | }
18 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/schema-validator/schema-validator.class.js:
--------------------------------------------------------------------------------
 1 | /* eslint-disable no-unused-vars */
 2 | exports.SchemaValidator = class SchemaValidator {
 3 | 
 4 |     /**
 5 |      * Creates an instance of SchemaValidator.
 6 |      * @param {*} options
 7 |      * @param {*} app
 8 |      */
 9 |     constructor(options, app) {
10 |         this.options = options || {}
11 |         this.app = app
12 |     }
13 | 
14 |     /**
15 |      * Update
16 |      *
17 |      * @param {*} id
18 |      * @param {*} data
19 |      * @param {*} params
20 |      * @return {*} 
21 |      */
22 |     async update(id, data, params) {
23 |         return this.app.get('schemaValidator')[id].instance.validate(data)
24 |     }
25 | }
26 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/schema-validator/schema-validator.hooks.js:
--------------------------------------------------------------------------------
 1 | module.exports = {
 2 |     before: {
 3 |         all: [],
 4 |         find: [],
 5 |         get: [],
 6 |         create: [],
 7 |         update: [],
 8 |         patch: [],
 9 |         remove: [],
10 |     },
11 | 
12 |     after: {
13 |         all: [],
14 |         find: [],
15 |         get: [],
16 |         create: [],
17 |         update: [],
18 |         patch: [],
19 |         remove: [],
20 |     },
21 | 
22 |     error: {
23 |         all: [],
24 |         find: [],
25 |         get: [],
26 |         create: [],
27 |         update: [],
28 |         patch: [],
29 |         remove: [],
30 |     },
31 | }
32 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/schema-validator/schema-validator.service.js:
--------------------------------------------------------------------------------
 1 | // Initializes the `schema-validator` service on path `/schema-validator`
 2 | const { SchemaValidator } = require('./schema-validator.class')
 3 | const hooks = require('./schema-validator.hooks')
 4 | 
 5 | module.exports = function (app) {
 6 |     const options = {
 7 |         paginate: app.get('paginate'),
 8 |     }
 9 | 
10 |     // Initialize our service with any options it requires
11 |     app.use('/schema-validator', new SchemaValidator(options, app))
12 | 
13 |     // Get our initialized service so that we can register hooks
14 |     const service = app.service('schema-validator')
15 | 
16 |     service.hooks(hooks)
17 | }
18 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/token-introspect/token-introspect.class.js:
--------------------------------------------------------------------------------
 1 | /* eslint-disable no-unused-vars */
 2 | exports.TokenIntrospect = class TokenIntrospect {
 3 |   constructor(options, app) {
 4 |     this.options = options || {}
 5 |     this.app = app
 6 |   }
 7 | 
 8 |   async create(data, params) {
 9 |       const response = await this.app.get('keycloak').userTokenInstrospect('mdos', data.access_token, data.include_roles ? true : false)
10 |       return response
11 |   }
12 | };
13 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/token-introspect/token-introspect.hooks.js:
--------------------------------------------------------------------------------
 1 | 
 2 | 
 3 | module.exports = {
 4 |   before: {
 5 |     all: [],
 6 |     find: [],
 7 |     get: [],
 8 |     create: [],
 9 |     update: [],
10 |     patch: [],
11 |     remove: []
12 |   },
13 | 
14 |   after: {
15 |     all: [],
16 |     find: [],
17 |     get: [],
18 |     create: [],
19 |     update: [],
20 |     patch: [],
21 |     remove: []
22 |   },
23 | 
24 |   error: {
25 |     all: [],
26 |     find: [],
27 |     get: [],
28 |     create: [],
29 |     update: [],
30 |     patch: [],
31 |     remove: []
32 |   }
33 | };
34 | 


--------------------------------------------------------------------------------
/mdos-api/src/services/token-introspect/token-introspect.service.js:
--------------------------------------------------------------------------------
 1 | // Initializes the `token-introspect` service on path `/token-introspect`
 2 | const { TokenIntrospect } = require('./token-introspect.class');
 3 | const hooks = require('./token-introspect.hooks');
 4 | 
 5 | module.exports = function (app) {
 6 |   const options = {
 7 |     paginate: app.get('paginate')
 8 |   };
 9 | 
10 |   // Initialize our service with any options it requires
11 |   app.use('/token-introspect', new TokenIntrospect(options, app));
12 | 
13 |   // Get our initialized service so that we can register hooks
14 |   const service = app.service('token-introspect');
15 | 
16 |   service.hooks(hooks);
17 | };
18 | 


--------------------------------------------------------------------------------
/mdos-api/test/services/direct-login.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'direct-login\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('direct-login');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-api/test/services/events.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'events\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('events');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-api/test/services/keycloak.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'keycloak\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('keycloak');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-api/test/services/kube.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'kube\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('kube');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-api/test/services/logout.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'logout\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('logout');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-api/test/services/mdos.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'mdos\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('mdos');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-api/test/services/oidc-provider.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'oidc-provider\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('oidc-provider');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-api/test/services/reg-authentication.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'reg-authentication\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('reg-authentication');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-api/test/services/reg-authorization.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'reg-authorization\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('reg-authorization');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-api/test/services/schema-validator.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'schema-validator\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('schema-validator');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-api/test/services/token-introspect.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'token-introspect\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('token-introspect');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-broker/.editorconfig:
--------------------------------------------------------------------------------
 1 | # http://editorconfig.org
 2 | root = true
 3 | 
 4 | [*]
 5 | indent_style = space
 6 | indent_size = 2
 7 | end_of_line = lf
 8 | charset = utf-8
 9 | trim_trailing_whitespace = true
10 | insert_final_newline = true
11 | 
12 | [*.md]
13 | trim_trailing_whitespace = false
14 | 


--------------------------------------------------------------------------------
/mdos-broker/.env.tmpl:
--------------------------------------------------------------------------------
1 | SQLITE_FILE_PATH=/mdos_broker.sqlite


--------------------------------------------------------------------------------
/mdos-broker/.eslintrc.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "env": {
 3 |     "es6": true,
 4 |     "node": true,
 5 |     "jest": true
 6 |   },
 7 |   "parserOptions": {
 8 |     "ecmaVersion": 2018
 9 |   },
10 |   "extends": [
11 |     "eslint:recommended"
12 |   ],
13 |   "rules": {
14 |     "indent": [
15 |       "error",
16 |       2
17 |     ],
18 |     "linebreak-style": [
19 |       "error",
20 |       "unix"
21 |     ],
22 |     "quotes": [
23 |       "error",
24 |       "single"
25 |     ],
26 |     "semi": [
27 |       "error",
28 |       "always"
29 |     ]
30 |   }
31 | }
32 | 


--------------------------------------------------------------------------------
/mdos-broker/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM node:16-alpine
 2 | 
 3 | # Create app directory
 4 | WORKDIR /usr/src/app
 5 | 
 6 | # Install app dependencies
 7 | # A wildcard is used to ensure both package.json AND package-lock.json are copied
 8 | # where available (npm@5+)
 9 | COPY package*.json ./
10 | 
11 | RUN npm install
12 | # If you are building your code for production
13 | # RUN npm ci --only=production
14 | 
15 | # Bundle app source
16 | COPY . .
17 | 
18 | EXPOSE 3039
19 | CMD [ "node", "." ]


--------------------------------------------------------------------------------
/mdos-broker/README.md:
--------------------------------------------------------------------------------
 1 | # mdos-broker
 2 | 
 3 | > MDos event broker
 4 | 
 5 | ## About
 6 | 
 7 | This project uses [Feathers](http://feathersjs.com). An open source web framework for building modern real-time applications.
 8 | 
 9 | ## Getting Started
10 | 
11 | Getting up and running is as easy as 1, 2, 3.
12 | 
13 | 1. Make sure you have [NodeJS](https://nodejs.org/) and [npm](https://www.npmjs.com/) installed.
14 | 2. Install your dependencies
15 | 
16 |     ```
17 |     cd path/to/mdos-broker
18 |     npm install
19 |     ```
20 | 
21 | 3. Start your app
22 | 
23 |     ```
24 |     npm start
25 |     ```
26 | 
27 | ## Testing
28 | 
29 | Simply run `npm test` and all your tests in the `test/` directory will be run.
30 | 
31 | ## Scaffolding
32 | 
33 | Feathers has a powerful command line interface. Here are a few things it can do:
34 | 
35 | ```
36 | $ npm install -g @feathersjs/cli          # Install Feathers CLI
37 | 
38 | $ feathers generate service               # Generate a new Service
39 | $ feathers generate hook                  # Generate a new Hook
40 | $ feathers help                           # Show all commands
41 | ```
42 | 
43 | ## Help
44 | 
45 | For more information on all the things you can do with Feathers visit [docs.feathersjs.com](http://docs.feathersjs.com).
46 | 


--------------------------------------------------------------------------------
/mdos-broker/config/default.json:
--------------------------------------------------------------------------------
1 | {
2 |   "host": "localhost",
3 |   "port": 3039,
4 |   "public": "../public/",
5 |   "paginate": false
6 | }
7 | 


--------------------------------------------------------------------------------
/mdos-broker/config/production.json:
--------------------------------------------------------------------------------
1 | {
2 |   "host": "mdos-broker-app.feathersjs.com",
3 |   "port": "PORT"
4 | }
5 | 


--------------------------------------------------------------------------------
/mdos-broker/config/test.json:
--------------------------------------------------------------------------------
1 | {}
2 | 


--------------------------------------------------------------------------------
/mdos-broker/infra/build.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | _DIR="$(cd "$(dirname "$0")" && pwd)"
 4 | cd $_DIR
 5 | 
 6 | while [ "$1" != "" ]; do
 7 |     case $1 in
 8 |         --export|-e )
 9 |             DO_EXPORT=1
10 |         ;; 
11 |         --domain )
12 |             shift
13 |             DOMAIN=$1
14 |         ;; 
15 |         * ) echo "Invalid parameter detected => $1"
16 |             exit 1
17 |     esac
18 |     shift
19 | done
20 | 
21 | if [ -z $DOMAIN ]; then
22 |     echo "Missing parameter: --domain <your domain>"
23 |     exit 1
24 | fi
25 | 
26 | cd ..
27 | 
28 | echo "li14ebe14" | docker login registry.$DOMAIN --username mdundek --password-stdin
29 | 
30 | CURRENT_APP_VERSION=$(cat ./package.json | grep '"version":' | cut -d ":" -f2 | cut -d'"' -f 2)
31 | 
32 | docker build -t registry.$DOMAIN/mdos-broker:$CURRENT_APP_VERSION .
33 | docker push registry.$DOMAIN/mdos-broker:$CURRENT_APP_VERSION
34 | 
35 | if [ ! -z $DO_EXPORT ]; then
36 |     docker tag registry.$DOMAIN/mdos-broker:$CURRENT_APP_VERSION mdos-broker:$CURRENT_APP_VERSION
37 |     docker save mdos-broker:$CURRENT_APP_VERSION | gzip > ../mdos-setup/dep/mdos-broker/mdos-broker.tar.gz
38 | fi


--------------------------------------------------------------------------------
/mdos-broker/public/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-broker/public/favicon.ico


--------------------------------------------------------------------------------
/mdos-broker/src/app.hooks.js:
--------------------------------------------------------------------------------
 1 | // Application hooks that run for every service
 2 | 
 3 | module.exports = {
 4 |   before: {
 5 |     all: [],
 6 |     find: [],
 7 |     get: [],
 8 |     create: [],
 9 |     update: [],
10 |     patch: [],
11 |     remove: []
12 |   },
13 | 
14 |   after: {
15 |     all: [],
16 |     find: [],
17 |     get: [],
18 |     create: [],
19 |     update: [],
20 |     patch: [],
21 |     remove: []
22 |   },
23 | 
24 |   error: {
25 |     all: [],
26 |     find: [],
27 |     get: [],
28 |     create: [],
29 |     update: [],
30 |     patch: [],
31 |     remove: []
32 |   }
33 | };
34 | 


--------------------------------------------------------------------------------
/mdos-broker/src/index.js:
--------------------------------------------------------------------------------
 1 | require('dotenv').config()
 2 | 
 3 | /* eslint-disable no-console */
 4 | const logger = require('./logger');
 5 | const app = require('./app');
 6 | const port = app.get('port');
 7 | const server = app.listen(port);
 8 | 
 9 | process.on('unhandledRejection', (reason, p) =>
10 |   logger.error('Unhandled Rejection at: Promise ', p, reason)
11 | );
12 | 
13 | server.on('listening', () =>
14 |   logger.info('Feathers application started on http://%s:%d', app.get('host'), port)
15 | );
16 | 


--------------------------------------------------------------------------------
/mdos-broker/src/logger.js:
--------------------------------------------------------------------------------
 1 | const { createLogger, format, transports } = require('winston');
 2 | 
 3 | // Configure the Winston logger. For the complete documentation see https://github.com/winstonjs/winston
 4 | const logger = createLogger({
 5 |   // To see more detailed errors, change this to 'debug'
 6 |   level: 'info',
 7 |   format: format.combine(
 8 |     format.splat(),
 9 |     format.simple()
10 |   ),
11 |   transports: [
12 |     new transports.Console()
13 |   ],
14 | });
15 | 
16 | module.exports = logger;
17 | 


--------------------------------------------------------------------------------
/mdos-broker/src/middleware/index.js:
--------------------------------------------------------------------------------
1 | const BrokerServer = require('./brokerServer')
2 | 
3 | // eslint-disable-next-line no-unused-vars
4 | module.exports = function (app) {
5 |   // Add your custom middleware here. Remember that
6 |   // in Express, the order matters.
7 |   app.set("brokerServer", new BrokerServer(app))
8 | };
9 | 


--------------------------------------------------------------------------------
/mdos-broker/src/models/events.model.js:
--------------------------------------------------------------------------------
 1 | // See https://sequelize.org/master/manual/model-basics.html
 2 | // for more of what you can do here.
 3 | const Sequelize = require('sequelize');
 4 | const DataTypes = Sequelize.DataTypes;
 5 | 
 6 | module.exports = function (app) {
 7 |   const sequelizeClient = app.get('sequelizeClient');
 8 |   const events = sequelizeClient.define('events', {
 9 |     payload: {
10 |       type: DataTypes.STRING,
11 |       allowNull: false
12 |     },
13 |     topic: {
14 |       type: DataTypes.STRING,
15 |       allowNull: false
16 |     },
17 |     status: {
18 |       type: DataTypes.STRING,
19 |       allowNull: false,
20 |       defaultValue: "queued"
21 |     },
22 |     heartbeat: {
23 |       type: DataTypes.DATE,
24 |       allowNull: true
25 |     },
26 |     clientUuid: {
27 |       type: DataTypes.STRING,
28 |       allowNull: true
29 |     }
30 |   }, {
31 |     hooks: {
32 |       beforeCount(options) {
33 |         options.raw = true;
34 |       }
35 |     }
36 |   });
37 | 
38 |   // eslint-disable-next-line no-unused-vars
39 |   events.associate = function (models) {
40 |     // Define associations here
41 |     // See https://sequelize.org/master/manual/assocs.html
42 |   };
43 | 
44 |   return events;
45 | };
46 | 


--------------------------------------------------------------------------------
/mdos-broker/src/sequelize.js:
--------------------------------------------------------------------------------
 1 | const Sequelize = require('sequelize');
 2 | 
 3 | module.exports = function (app) {
 4 |   const sequelize = new Sequelize({
 5 |     dialect: 'sqlite',
 6 |     storage: process.env.SQLITE_FILE_PATH,
 7 |     logging: false,
 8 |     define: {
 9 |       freezeTableName: true
10 |     }
11 |   });
12 |   const oldSetup = app.setup;
13 | 
14 |   app.set('sequelizeClient', sequelize);
15 | 
16 |   app.setup = function (...args) {
17 |     const result = oldSetup.apply(this, args);
18 | 
19 |     // Set up data relationships
20 |     const models = sequelize.models;
21 |     Object.keys(models).forEach(name => {
22 |       if ('associate' in models[name]) {
23 |         models[name].associate(models);
24 |       }
25 |     });
26 | 
27 |     // Sync to the database
28 |     app.set('sequelizeSync', sequelize.sync());
29 | 
30 |     return result;
31 |   };
32 | };
33 | 


--------------------------------------------------------------------------------
/mdos-broker/src/services/events/events.class.js:
--------------------------------------------------------------------------------
1 | const { Service } = require('feathers-sequelize');
2 | 
3 | exports.Events = class Events extends Service {
4 |   
5 | };
6 | 


--------------------------------------------------------------------------------
/mdos-broker/src/services/events/events.hooks.js:
--------------------------------------------------------------------------------
 1 | 
 2 | 
 3 | module.exports = {
 4 |   before: {
 5 |     all: [],
 6 |     find: [],
 7 |     get: [],
 8 |     create: [],
 9 |     update: [],
10 |     patch: [],
11 |     remove: []
12 |   },
13 | 
14 |   after: {
15 |     all: [],
16 |     find: [],
17 |     get: [],
18 |     create: [],
19 |     update: [],
20 |     patch: [],
21 |     remove: []
22 |   },
23 | 
24 |   error: {
25 |     all: [],
26 |     find: [],
27 |     get: [],
28 |     create: [],
29 |     update: [],
30 |     patch: [],
31 |     remove: []
32 |   }
33 | };
34 | 


--------------------------------------------------------------------------------
/mdos-broker/src/services/events/events.service.js:
--------------------------------------------------------------------------------
 1 | // Initializes the `events` service on path `/events`
 2 | const { Events } = require('./events.class');
 3 | const createModel = require('../../models/events.model');
 4 | const hooks = require('./events.hooks');
 5 | 
 6 | module.exports = function (app) {
 7 |   const options = {
 8 |     Model: createModel(app),
 9 |     paginate: app.get('paginate'),
10 |     multi: true
11 |   };
12 | 
13 |   // Initialize our service with any options it requires
14 |   app.use('/events', new Events(options, app));
15 | 
16 |   // Get our initialized service so that we can register hooks
17 |   const service = app.service('events');
18 | 
19 |   service.hooks(hooks);
20 | };
21 | 


--------------------------------------------------------------------------------
/mdos-broker/src/services/index.js:
--------------------------------------------------------------------------------
1 | const events = require('./events/events.service.js');
2 | // eslint-disable-next-line no-unused-vars
3 | module.exports = function (app) {
4 |   app.configure(events);
5 | };
6 | 


--------------------------------------------------------------------------------
/mdos-broker/test/services/events.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'events\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('events');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-cli/.circleci/config.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | version: 2.1
 3 | 
 4 | orbs:
 5 |   release-management: salesforce/npm-release-management@4
 6 | 
 7 | workflows:
 8 |   version: 2
 9 |   test-and-release:
10 |     jobs:
11 |       - release-management/test-package:
12 |           matrix:
13 |             parameters:
14 |               os:
15 |                 - linux
16 |                 - windows
17 |               node_version:
18 |                 - latest
19 |                 - lts
20 |                 - maintenance
21 |   dependabot-automerge:
22 |     triggers:
23 |       - schedule:
24 |           cron: '0 2,5,8,11 * * *'
25 |           filters:
26 |             branches:
27 |               only:
28 |                 - main
29 |     jobs:
30 |       - release-management/dependabot-automerge
31 | 


--------------------------------------------------------------------------------
/mdos-cli/.eslintignore:
--------------------------------------------------------------------------------
1 | /dist
2 | 


--------------------------------------------------------------------------------
/mdos-cli/.eslintrc_old:
--------------------------------------------------------------------------------
1 | {
2 |   "extends": [
3 |     "oclif",
4 |     "oclif-typescript"
5 |   ]
6 | }
7 | 


--------------------------------------------------------------------------------
/mdos-cli/.github/dependabot.yml:
--------------------------------------------------------------------------------
 1 | version: 2
 2 | updates:
 3 |   - package-ecosystem: "npm"
 4 |     versioning-strategy: increase
 5 |     directory: "/"
 6 |     schedule:
 7 |       interval: "monthly"
 8 |     labels:
 9 |       - "dependencies"
10 |     open-pull-requests-limit: 100
11 |     pull-request-branch-name:
12 |       separator: "-"
13 |     ignore:
14 |       - dependency-name: "fs-extra"
15 |       - dependency-name: "*"
16 |         update-types: ["version-update:semver-major"]
17 | 


--------------------------------------------------------------------------------
/mdos-cli/.gitignore:
--------------------------------------------------------------------------------
 1 | *-debug.log
 2 | *-error.log
 3 | /.nyc_output
 4 | /dist
 5 | /dist-cli
 6 | /lib
 7 | /package-lock.json
 8 | /tmp
 9 | /yarn.lock
10 | node_modules
11 | oclif.manifest.json
12 | mdos-cli/infra/bin


--------------------------------------------------------------------------------
/mdos-cli/.mocharc.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "require": [
 3 |     "test/helpers/init.js",
 4 |     "ts-node/register"
 5 |   ],
 6 |   "watch-extensions": [
 7 |     "ts"
 8 |   ],
 9 |   "recursive": true,
10 |   "reporter": "spec",
11 |   "timeout": 60000
12 | }
13 | 


--------------------------------------------------------------------------------
/mdos-cli/.prettierrc.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "trailingComma": "es5",
 3 |   "tabWidth": 4,
 4 |   "semi": false,
 5 |   "singleQuote": true,
 6 |   "printWidth": 150,
 7 |   "bracketSpacing": true,
 8 |   "bracketSameLine": true,
 9 |   "arrowParens": "always"
10 | }


--------------------------------------------------------------------------------
/mdos-cli/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2019 Salesforce
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/mdos-cli/bin/dev:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env node
 2 | 
 3 | const oclif = require('@oclif/core')
 4 | 
 5 | const path = require('path')
 6 | const project = path.join(__dirname, '..', 'tsconfig.json')
 7 | 
 8 | // In dev mode -> use ts-node and dev plugins
 9 | process.env.NODE_ENV = 'development'
10 | 
11 | require('ts-node').register({project})
12 | 
13 | // In dev mode, always show stack traces
14 | oclif.settings.debug = true;
15 | 
16 | // Start the CLI
17 | oclif.run().then(oclif.flush).catch(oclif.Errors.handle)
18 | 


--------------------------------------------------------------------------------
/mdos-cli/bin/dev.cmd:
--------------------------------------------------------------------------------
1 | @echo off
2 | 
3 | node "%~dp0\dev" %*


--------------------------------------------------------------------------------
/mdos-cli/bin/run:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env node
2 | 
3 | const oclif = require('@oclif/core')
4 | 
5 | oclif.run().then(require('@oclif/core/flush')).catch(require('@oclif/core/handle'))
6 | 


--------------------------------------------------------------------------------
/mdos-cli/bin/run.cmd:
--------------------------------------------------------------------------------
1 | @echo off
2 | 
3 | node "%~dp0\run" %*
4 | 


--------------------------------------------------------------------------------
/mdos-cli/src/commands/configure/api-endpoint.ts:
--------------------------------------------------------------------------------
 1 | import { Flags } from '@oclif/core'
 2 | import Command from '../../base'
 3 | const { error, success } = require('../../lib/tools')
 4 | 
 5 | /**
 6 |  * Command
 7 |  *
 8 |  * @export
 9 |  * @class SetConfig
10 |  * @extends {Command}
11 |  */
12 | export default class ApiEndpoint extends Command {
13 |     static aliases = []
14 |     static description = 'Set the MDos API endpoint URL to use'
15 | 
16 |     // ******* FLAGS *******
17 |     static flags = {
18 |         dev: Flags.boolean({ description: 'Developement mode, append ports to URLs' }),
19 |     }
20 |     
21 |     // ******* ARGS *******
22 |     static args = [
23 |         {name: 'uri'}
24 |     ]
25 | 
26 |     // *********************
27 |     // ******* MAIN ********
28 |     // *********************
29 |     public async run(): Promise<void> {
30 |         const { flags } = await this.parse(ApiEndpoint)
31 |         const { args } = await this.parse(ApiEndpoint)
32 | 
33 |         if(!args.uri) {
34 |             error("No uri specified")
35 |             process.exit(1)
36 |         } else {
37 |             try {
38 |                 await this.setApiEndpoint(`${args.uri}${flags.dev ? ":3030":""}`)
39 |                 success("Done")
40 |             } catch (err) {
41 |                 this.showError(err)
42 |                 process.exit(1)
43 |             }
44 |         }
45 |     }
46 | }
47 | 


--------------------------------------------------------------------------------
/mdos-cli/src/commands/login.ts:
--------------------------------------------------------------------------------
 1 | import { Flags } from '@oclif/core'
 2 | import Command from '../base'
 3 | const { error, context } = require('../lib/tools')
 4 | /**
 5 |  * Command
 6 |  *
 7 |  * @export
 8 |  * @class Login
 9 |  * @extends {Command}
10 |  */
11 | export default class Login extends Command {
12 |     static description = 'Login to the platform'
13 | 
14 |     // ******* FLAGS *******
15 |     static flags = {}
16 |     // *********************
17 | 
18 |     // *********************
19 |     // ******* MAIN ********
20 |     // *********************
21 |     public async run(): Promise<void> {
22 |         const { flags } = await this.parse(Login)
23 | 
24 |         // Make sure the API domain has been configured
25 |         this.checkIfDomainSet()
26 | 
27 |         if (this.getConfig('FRAMEWORK_ONLY')) {
28 |             // Not supported in framework only mode
29 |             error('This command is only available for MDos managed cluster deployments')
30 |             process.exit(1)
31 |         }
32 | 
33 |         // Make sure we are logged out
34 |         const token = this.getConfig('ACCESS_TOKEN')
35 |         if (token && token.length > 0) {
36 |             this.setConfig('ACCESS_TOKEN', '')
37 |         }
38 | 
39 |         // Login
40 |         try {
41 |             await this.validateJwt()
42 |             context('Logged in', true, true)
43 |         } catch (err) {
44 |             this.showError(err)
45 |             process.exit(1)
46 |         }
47 |     }
48 | }
49 | 


--------------------------------------------------------------------------------
/mdos-cli/src/commands/logout.ts:
--------------------------------------------------------------------------------
 1 | import { Flags } from '@oclif/core'
 2 | import Command from '../base'
 3 | const { warn, info, dockerLogout } = require('../lib/tools')
 4 | 
 5 | /**
 6 |  * Command
 7 |  *
 8 |  * @export
 9 |  * @class Logout
10 |  * @extends {Command}
11 |  */
12 | export default class Logout extends Command {
13 |     static description = 'Logout from the platform'
14 | 
15 |     // ******* FLAGS *******
16 |     static flags = {}
17 |     // *********************
18 | 
19 |     // *********************
20 |     // ******* MAIN ********
21 |     // *********************
22 |     public async run(): Promise<void> {
23 |         const { flags } = await this.parse(Logout)
24 | 
25 |         const token = this.getConfig('ACCESS_TOKEN')
26 |         if (token && token.length > 0) {
27 |             // Login
28 |             try {
29 |                 let regDomain = await this.api('registry_domain', 'GET')
30 |                 await dockerLogout(regDomain.data)
31 | 
32 |                 await this.logout()
33 |                 info('Logged out')
34 |             } catch (err) {
35 |                 this.showError(err)
36 |                 process.exit(1)
37 |             }
38 |         } else {
39 |             warn('you are not logged in')
40 |         }
41 |     }
42 | }
43 | 


--------------------------------------------------------------------------------
/mdos-cli/src/hooks/command_incomplete.ts:
--------------------------------------------------------------------------------
 1 | import { Hook, toConfiguredId, toStandardizedId } from '@oclif/core'
 2 | const inquirer = require('inquirer')
 3 | 
 4 | /**
 5 |  * Command suggestion hook
 6 |  *
 7 |  * @param {*} { config, matches, argv }
 8 |  * @return {*} 
 9 |  */
10 | const hook: Hook.CommandIncomplete = async function ({ config, matches, argv }) {
11 |     const { command } = await inquirer.prompt([
12 |         {
13 |             name: 'command',
14 |             type: 'list',
15 |             message: 'Which of these commands would you like to run?',
16 |             choices: matches.map((p) => toConfiguredId(p.id, config)),
17 |         },
18 |     ])
19 | 
20 |     if (argv.includes('--help') || argv.includes('-h')) {
21 |         return config.runCommand('help', [toStandardizedId(command, config)])
22 |     }
23 | 
24 |     return config.runCommand(toStandardizedId(command, config), argv)
25 | }
26 | 
27 | export default hook


--------------------------------------------------------------------------------
/mdos-cli/src/index.ts:
--------------------------------------------------------------------------------
1 | export { run } from '@oclif/core'
2 | 


--------------------------------------------------------------------------------
/mdos-cli/src/lib/terminal.js:
--------------------------------------------------------------------------------
 1 | var shell = require('shelljs')
 2 | 
 3 | /**
 4 |  * Execute a shell command
 5 |  *
 6 |  * @param {*} command
 7 |  * @param {*} jsonResponse
 8 |  * @param {*} cwdPath
 9 |  * @return {*} 
10 |  */
11 | const terminalCommand = async (command, jsonResponse, cwdPath) => {
12 |     return new Promise((resolve, reject) => {
13 |         try {
14 |             shell.exec(command, { silent: true, cwd: cwdPath ? cwdPath : process.cwd() }, function (code, stdout, stderr) {
15 |                 if (code == 0) {
16 |                     if (jsonResponse) {
17 |                         resolve(JSON.parse(stdout.split('\n').filter((o) => o.length > 0)))
18 |                     } else {
19 |                         resolve(stdout.split('\n').filter((o) => o.length > 0))
20 |                     }
21 |                 } else {
22 |                     reject(new Error(stderr && stderr.trim().length > 0 ? stderr : 'An error occured'))
23 |                 }
24 |             })
25 |         } catch (err) {
26 |             reject(err)
27 |         }
28 |     })
29 | }
30 | 
31 | module.exports = {
32 |     terminalCommand
33 | }
34 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/add-ingress.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('add-ingress', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['add-ingress'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['add-ingress', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/add-role.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('add-role', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['add-role'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['add-role', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/add-volume.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('add-volume', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['add-volume'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['add-volume', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/add.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('add', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['add'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['add', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/application.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('application', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['application'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['application', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/build.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('build', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['build'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['build', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/component.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('component', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['component'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['component', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/create-role.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('create-role', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['create-role'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['create-role', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/create.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('create', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['create'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['create', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/declare-port.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('declare-port', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['declare-port'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['declare-port', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/delete-role.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('delete-role', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['delete-role'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['delete-role', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/delete.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('delete', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['delete'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['delete', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/deploy.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('deploy', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['deploy'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['deploy', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/expose-port.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('expose-port', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['expose-port'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['expose-port', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/hello/index.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('hello', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['hello', 'friend', '--from=oclif'])
 7 |   .it('runs hello cmd', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello friend from oclif!')
 9 |   })
10 | })
11 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/hello/world.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('hello world', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['hello:world'])
 7 |   .it('runs hello world cmd', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world!')
 9 |   })
10 | })
11 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/install.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('install', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['install'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['install', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/list-role.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('list-role', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['list-role'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['list-role', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/list-roles.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('list-roles', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['list-roles'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['list-roles', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/list.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('list', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['list'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['list', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/protect-app.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('protect-app', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['protect-app'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['protect-app', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/push.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('push', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['push'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['push', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/remove-role.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('remove-role', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['remove-role'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['remove-role', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/remove-roll.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('remove-roll', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['remove-roll'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['remove-roll', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/remove.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('remove', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['remove'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['remove', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/use-config.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('use-config', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['use-config'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['use-config', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/use-secret.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('use-secret', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['use-secret'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['use-secret', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/commands/user.test.ts:
--------------------------------------------------------------------------------
 1 | import {expect, test} from '@oclif/test'
 2 | 
 3 | describe('user', () => {
 4 |   test
 5 |   .stdout()
 6 |   .command(['user'])
 7 |   .it('runs hello', ctx => {
 8 |     expect(ctx.stdout).to.contain('hello world')
 9 |   })
10 | 
11 |   test
12 |   .stdout()
13 |   .command(['user', '--name', 'jeff'])
14 |   .it('runs hello --name jeff', ctx => {
15 |     expect(ctx.stdout).to.contain('hello jeff')
16 |   })
17 | })
18 | 


--------------------------------------------------------------------------------
/mdos-cli/test/helpers/init.js:
--------------------------------------------------------------------------------
1 | const path = require('path')
2 | process.env.TS_NODE_PROJECT = path.resolve('test/tsconfig.json')
3 | process.env.NODE_ENV = 'development'
4 | 
5 | global.oclif = global.oclif || {}
6 | global.oclif.columns = 80
7 | 


--------------------------------------------------------------------------------
/mdos-cli/test/tsconfig.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "extends": "../tsconfig",
 3 |   "compilerOptions": {
 4 |     "noEmit": true
 5 |   },
 6 |   "references": [
 7 |     {"path": ".."}
 8 |   ]
 9 | }
10 | 


--------------------------------------------------------------------------------
/mdos-cli/tsconfig.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "compilerOptions": {
 3 |     "declaration": true,
 4 |     "importHelpers": true,
 5 |     "module": "commonjs",
 6 |     "outDir": "dist",
 7 |     "rootDir": "src",
 8 |     "strict": true,
 9 |     "target": "es2019",
10 |     "useUnknownInCatchVariables": false
11 |   },
12 |   "include": [
13 |     "src/**/*"
14 |   ]
15 | }
16 | 


--------------------------------------------------------------------------------
/mdos-docs/infra/build-deploy.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | _DIR="$(cd "$(dirname "$0")" && pwd)"
 4 | cd $_DIR
 5 | 
 6 | cd mkdocs
 7 | mkdocs build
 8 | 
 9 | rm -rf ../../../docs && mkdir ../../../docs
10 | cp -r ./site/* ../../../docs
11 | 
12 | cd ../../..
13 | 
14 | git add .
15 | git commit -m "New documentation build"
16 | git push


--------------------------------------------------------------------------------
/mdos-docs/infra/mdos.yaml:
--------------------------------------------------------------------------------
 1 | schemaVersion: v1
 2 | tenantName: mdos-doc
 3 | appName: mdos-doc
 4 | uuid: XA74S-FXCDI
 5 | components:
 6 |   - name: mkdocs
 7 |     image: mdos-doc/mkdocs-mdos
 8 |     uuid: E5PLU-TQMBD
 9 |     tag: 1.1.0
10 |     preBuildCmd:
11 |       - mkdocs build
12 |       - rm -rf ../volumes/docs/*
13 |       - cp -r ./site/* ../volumes/docs
14 |     volumes:
15 |       - name: docs
16 |         mountPath: /usr/share/nginx/html
17 |         syncVolume: true
18 |         trigger: always
19 |         size: 1Gi
20 |     services:
21 |       - name: http
22 |         ports:
23 |           - port: 80
24 |     ingress:
25 |       - name: main
26 |         matchHost: foo.mydomain.com
27 |         targetPort: 80
28 |         trafficType: http
29 | 


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/Dockerfile:
--------------------------------------------------------------------------------
1 | # nginx state for serving content
2 | FROM nginx:alpine
3 | # Set working directory to nginx asset directory
4 | WORKDIR /usr/share/nginx/html
5 | # Containers run nginx with global directives and daemon off
6 | ENTRYPOINT ["nginx", "-g", "daemon off;"]


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/404.html:
--------------------------------------------------------------------------------
 1 | {% extends "base.html" %}
 2 | 
 3 | {% block content %}
 4 | 
 5 |     <div class="row-fluid">
 6 |       <div id="main-content" class="span12">
 7 |         <h1 id="404-page-not-found" style="text-align: center">404</h1>
 8 |         <p style="text-align: center"><strong>Page not found</strong></p>
 9 |         <p style="text-align: center"><a href="{{ base_url }}">Home</a></p>
10 |       </div>
11 |     </div>
12 | 
13 | {% endblock %}
14 | 


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/__init__.py


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/content.html:
--------------------------------------------------------------------------------
 1 | {% if page.meta.source %}
 2 | <div class="source-links">
 3 |     {% for filename in page.meta.source %}
 4 |     <span class="label label-primary">{{ filename }}</span>
 5 |     {% endfor %}
 6 | </div>
 7 | {% endif %}
 8 | 
 9 | {{ page.content }}
10 | 


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/css/highlight.min.css:
--------------------------------------------------------------------------------
1 | .hljs{display:block;overflow-x:auto;padding:.5em;color:#333;background:#fcfdff}.hljs-comment,.hljs-quote{color:#998;font-style:italic}.hljs-keyword,.hljs-selector-tag,.hljs-subst{color:#333;font-weight:bold}.hljs-number,.hljs-literal,.hljs-variable,.hljs-template-variable,.hljs-tag .hljs-attr{color:teal}.hljs-string,.hljs-doctag{color:#d14}.hljs-title,.hljs-section,.hljs-selector-id{color:#900;font-weight:bold}.hljs-subst{font-weight:normal}.hljs-type,.hljs-class .hljs-title{color:#458;font-weight:bold}.hljs-tag,.hljs-name,.hljs-attribute{color:navy;font-weight:normal}.hljs-regexp,.hljs-link{color:#009926}.hljs-symbol,.hljs-bullet{color:#990073}.hljs-built_in,.hljs-builtin-name{color:#0086b3}.hljs-meta{color:#999;font-weight:bold}.hljs-deletion{background:#fdd}.hljs-addition{background:#dfd}.hljs-emphasis{font-style:italic}.hljs-strong{font-weight:bold}
2 | 


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/fonts/fontawesome-webfont.eot:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/fonts/fontawesome-webfont.eot


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/fonts/fontawesome-webfont.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/fonts/fontawesome-webfont.ttf


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/fonts/fontawesome-webfont.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/fonts/fontawesome-webfont.woff


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/favicon.ico


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid1.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid10.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid10.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid11.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid11.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid12.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid12.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid13.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid13.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid14.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid14.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid15.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid15.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid16.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid16.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid17.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid17.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid18.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid18.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid19.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid19.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid2.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid20.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid20.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid3.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid4.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid4.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid5.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid5.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid6.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid6.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid7.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid7.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid8.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid8.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/img/grid9.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/cinder/img/grid9.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/main.html:
--------------------------------------------------------------------------------
 1 | {% extends "base.html" %}
 2 | 
 3 | {#
 4 | The entry point for the MkDocs Theme.
 5 | 
 6 | Any theme customisations should override this file to redefine blocks defined in
 7 | the various templates. The custom theme should only need to define a main.html
 8 | which `{% extends "base.html" %}` and defines various blocks which will replace
 9 | the blocks defined in base.html and its included child templates.
10 | #}


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/mkdocs_theme.yml:
--------------------------------------------------------------------------------
 1 | cinder_theme: true
 2 | 
 3 | static_templates:
 4 |   - 404.html
 5 | 
 6 | include_search_page: false
 7 | search_index_only: false
 8 | 
 9 | shortcuts:
10 |     help: 191    # ?
11 |     next: 78     # n
12 |     previous: 80 # p
13 |     search: 83   # s
14 | 


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/nav-sub.html:
--------------------------------------------------------------------------------
 1 | {% if not nav_item.children %}
 2 | <li {% if nav_item.active %}class="active"{% endif %}>
 3 |     <a href="{{ nav_item.url|url }}">{{ nav_item.title }}</a>
 4 | </li>
 5 | {% else %}
 6 |   <li class="dropdown-submenu">
 7 |     <a tabindex="-1" href="">{{ nav_item.title }}</a>
 8 |     <ul class="dropdown-menu">
 9 |         {% for nav_item in nav_item.children %}
10 |             {% include "nav-sub.html" %}
11 |         {% endfor %}
12 |     </ul>
13 |   </li>
14 | {% endif %}
15 | 


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/search-modal.html:
--------------------------------------------------------------------------------
 1 | <div class="modal" id="mkdocs_search_modal" tabindex="-1" role="dialog" aria-labelledby="searchModalLabel" aria-hidden="true">
 2 |     <div class="modal-dialog modal-lg">
 3 |         <div class="modal-content">
 4 |             <div class="modal-header">
 5 |                 <button type="button" class="close" data-dismiss="modal">
 6 |                     <span aria-hidden="true">&times;</span>
 7 |                     <span class="sr-only">Close</span>
 8 |                 </button>
 9 |                 <h4 class="modal-title" id="searchModalLabel">Search</h4>
10 |             </div>
11 |             <div class="modal-body">
12 |                 <p>
13 |                     From here you can search these documents. Enter
14 |                     your search terms below.
15 |                 </p>
16 |                 <form>
17 |                     <div class="form-group">
18 |                         <input type="text" class="form-control" placeholder="Search..." id="mkdocs-search-query" title="Type search term here">
19 |                     </div>
20 |                 </form>
21 |                 <div id="mkdocs-search-results"></div>
22 |             </div>
23 |             <div class="modal-footer">
24 |             </div>
25 |         </div>
26 |     </div>
27 | </div>
28 | 


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/cinder/toc.html:
--------------------------------------------------------------------------------
 1 | <div class="bs-sidebar hidden-print affix well" role="complementary">
 2 |     <ul class="nav bs-sidenav">
 3 |         {%- for toc_item in page.toc %}
 4 |         <li class="first-level {% if toc_item.active %}active{% endif %}"><a href="{{ toc_item.url }}">{{ toc_item.title }}</a></li>
 5 |             {%- for toc_item in toc_item.children %}
 6 |             <li class="second-level"><a href="{{ toc_item.url }}">{{ toc_item.title }}</a></li>
 7 |                 {% for toc_item in toc_item.children %}
 8 |                 <li class="third-level"><a href="{{ toc_item.url }}">{{ toc_item.title }}</a></li>
 9 |                 {%- endfor %}
10 |             {%- endfor %}
11 |         {%- endfor %}
12 |     </ul>
13 | </div>


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/anatomy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/anatomy.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/cli.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/cli.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/example_yaml.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/example_yaml.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/gateway.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/gateway.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/getting-started/hello-world.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/getting-started/hello-world.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/installation/account.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/installation/account.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/installation/certmanager.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/installation/certmanager.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/installation/dependencies.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/installation/dependencies.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/installation/ftp.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/installation/ftp.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/installation/ip.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/installation/ip.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/installation/registry.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/installation/registry.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/installation/selfsigned.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/installation/selfsigned.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/installation/storage.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/installation/storage.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/keycloak/auth_deploy.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/keycloak/auth_deploy.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/keycloak/auth_kubectl.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/keycloak/auth_kubectl.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/keycloak/client_roles.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/keycloak/client_roles.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/keycloak/flow_overview.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/keycloak/flow_overview.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/mdos.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/mdos.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/mdosyaml.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/mdosyaml.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/networkPolicies/custom.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/networkPolicies/custom.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/oidc.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/oidc.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/overview.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/overview.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/setup/cli.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/setup/cli.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/setup/cloudflare.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/setup/cloudflare.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/setup/cloudflare_api.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/setup/cloudflare_api.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/img/volume-sync.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-docs/infra/mkdocs/docs/img/volume-sync.png


--------------------------------------------------------------------------------
/mdos-docs/infra/mkdocs/docs/stylesheets/extra.css:
--------------------------------------------------------------------------------
 1 | [data-md-color-scheme="default"] {
 2 | 	--md-code-hl-color: #fffeea;
 3 | }
 4 | 
 5 | [data-md-color-scheme="slate"] {
 6 | 	--md-code-fg-color: #adbac8;
 7 | }
 8 | 
 9 | .md-content__button {
10 |     display: none;
11 | }
12 | 
13 | .section-icon {
14 | 	color: #1DA1F2;
15 | }
16 | 
17 | .md-nav--secondary:nth-child(1) > .md-nav__list > .md-nav__item > a  {
18 | 	font-weight: bold;
19 | 	/* display: list-item;
20 |     list-style-type: square;
21 |     list-style-position: inside;  */
22 | }
23 | 
24 | .md-nav__title {
25 | 	text-decoration: underline;
26 | }
27 | 
28 | @media all and (min-width: 900px) {
29 | 	.wrapper {
30 | 		display: grid;
31 | 		grid-template-columns: repeat(3, 1fr);
32 | 		gap: 10px;
33 | 		grid-auto-rows: minmax(100px, auto);
34 | 	}
35 | 	.wrapper .left {
36 | 		grid-column: 1 / 3;
37 | 		grid-row: 1;
38 | 	}
39 | 	.wrapper .right {
40 | 		grid-column: 3 / 4;
41 | 		grid-row: 1;
42 | 	}
43 | }
44 | 
45 | 
46 |   


--------------------------------------------------------------------------------
/mdos-docs/infra/volumes/README.md:
--------------------------------------------------------------------------------
1 | # Important
2 | 
3 | Application volumes that are used to sync data to containers are stored in this folder, do not remove


--------------------------------------------------------------------------------
/mdos-ftp/.editorconfig:
--------------------------------------------------------------------------------
 1 | # http://editorconfig.org
 2 | root = true
 3 | 
 4 | [*]
 5 | indent_style = space
 6 | indent_size = 2
 7 | end_of_line = lf
 8 | charset = utf-8
 9 | trim_trailing_whitespace = true
10 | insert_final_newline = true
11 | 
12 | [*.md]
13 | trim_trailing_whitespace = false
14 | 


--------------------------------------------------------------------------------
/mdos-ftp/.env.tmpl:
--------------------------------------------------------------------------------
1 | RUNTIME=local
2 | FTP_SERVER_MAIN_PORT=3915
3 | FTP_HOME_ROOT=~/.mdos/ftp-data/userdata
4 | FTP_PASSIVE_PORTS=3916:3920
5 | PUBLICHOST=mdos-ftp.yourdomain.com"
6 | M2M_USER=mdos@yourdomain.com
7 | M2M_PASSWORD=123456


--------------------------------------------------------------------------------
/mdos-ftp/.eslintrc.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "env": {
 3 |     "es6": true,
 4 |     "node": true,
 5 |     "jest": true
 6 |   },
 7 |   "parserOptions": {
 8 |     "ecmaVersion": 2018
 9 |   },
10 |   "extends": [
11 |     "eslint:recommended"
12 |   ],
13 |   "rules": {
14 |     "indent": [
15 |       "error",
16 |       4
17 |     ],
18 |     "linebreak-style": [
19 |       "error",
20 |       "unix"
21 |     ],
22 |     "quotes": [
23 |       "error",
24 |       "single"
25 |     ],
26 |     "semi": [
27 |       "error",
28 |       "always"
29 |     ]
30 |   }
31 | }
32 | 


--------------------------------------------------------------------------------
/mdos-ftp/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM stilliard/pure-ftpd
 2 | 
 3 | RUN apt update -y && apt upgrade -y && apt -y install curl dirmngr apt-transport-https lsb-release ca-certificates apt-utils
 4 | RUN curl -sL https://deb.nodesource.com/setup_16.x | bash -
 5 | RUN apt-get install -y nodejs
 6 | RUN apt -y install gcc g++ make
 7 | 
 8 | # Create app directory
 9 | WORKDIR /usr/src/app
10 | 
11 | # Install app dependencies
12 | # A wildcard is used to ensure both package.json AND package-lock.json are copied
13 | # where available (npm@5+)
14 | COPY package*.json ./
15 | 
16 | RUN npm install
17 | # If you are building your code for production
18 | # RUN npm ci --only=production
19 | 
20 | # Bundle app source
21 | COPY . .
22 | 
23 | RUN rm -rf .env
24 | 
25 | EXPOSE 3030
26 | 
27 | CMD [ "node", "." ]


--------------------------------------------------------------------------------
/mdos-ftp/README.md:
--------------------------------------------------------------------------------
 1 | # mdos-ftp
 2 | 
 3 | > MDos FTP API to control FTP credentials
 4 | 
 5 | ## About
 6 | 
 7 | This project uses [Feathers](http://feathersjs.com). An open source web framework for building modern real-time applications.
 8 | 
 9 | ## Getting Started
10 | 
11 | Getting up and running is as easy as 1, 2, 3.
12 | 
13 | 1. Make sure you have [NodeJS](https://nodejs.org/) and [npm](https://www.npmjs.com/) installed.
14 | 2. Install your dependencies
15 | 
16 |     ```
17 |     cd path/to/mdos-ftp
18 |     npm install
19 |     ```
20 | 
21 | 3. Start your app
22 | 
23 |     ```
24 |     npm start
25 |     ```
26 | 
27 | ## Testing
28 | 
29 | Simply run `npm test` and all your tests in the `test/` directory will be run.
30 | 
31 | ## Scaffolding
32 | 
33 | Feathers has a powerful command line interface. Here are a few things it can do:
34 | 
35 | ```
36 | $ npm install -g @feathersjs/cli          # Install Feathers CLI
37 | 
38 | $ feathers generate service               # Generate a new Service
39 | $ feathers generate hook                  # Generate a new Hook
40 | $ feathers help                           # Show all commands
41 | ```
42 | 
43 | ## Help
44 | 
45 | For more information on all the things you can do with Feathers visit [docs.feathersjs.com](http://docs.feathersjs.com).
46 | 


--------------------------------------------------------------------------------
/mdos-ftp/config/default.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "host": "localhost",
 3 |   "port": 3039,
 4 |   "public": "../public/",
 5 |   "paginate": {
 6 |     "default": 10,
 7 |     "max": 50
 8 |   },
 9 |   "authentication": {
10 |     "entity": "user",
11 |     "service": "users",
12 |     "secret": "WREpVqRef/+pWwfg5Du9CPwDgAk=",
13 |     "authStrategies": [
14 |       "jwt",
15 |       "local"
16 |     ],
17 |     "jwtOptions": {
18 |       "header": {
19 |         "typ": "access"
20 |       },
21 |       "audience": "https://yourdomain.com",
22 |       "issuer": "feathers",
23 |       "algorithm": "HS256",
24 |       "expiresIn": "1d"
25 |     },
26 |     "local": {
27 |       "usernameField": "email",
28 |       "passwordField": "password"
29 |     }
30 |   },
31 |   "sqlite": "sqlite://mdos_ftp.sqlite"
32 | }
33 | 


--------------------------------------------------------------------------------
/mdos-ftp/config/production.json:
--------------------------------------------------------------------------------
1 | {
2 |   "host": "mdos-ftp-app.feathersjs.com",
3 |   "port": "PORT"
4 | }
5 | 


--------------------------------------------------------------------------------
/mdos-ftp/config/test.json:
--------------------------------------------------------------------------------
1 | {}
2 | 


--------------------------------------------------------------------------------
/mdos-ftp/infra/build.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | _DIR="$(cd "$(dirname "$0")" && pwd)"
 4 | cd $_DIR
 5 | 
 6 | while [ "$1" != "" ]; do
 7 |     case $1 in
 8 |         * ) echo "Invalid parameter detected => $1"
 9 |             exit 1
10 |     esac
11 |     shift
12 | done
13 | 
14 | DOMAIN=mydomain.com
15 | 
16 | cd ..
17 | 
18 | echo "li14ebe13" | docker login registry.$DOMAIN --username mdundek --password-stdin
19 | docker build -t registry.$DOMAIN/mdos-ftp-bot:latest .
20 | docker push registry.$DOMAIN/mdos-ftp-bot:latest


--------------------------------------------------------------------------------
/mdos-ftp/mdos_ftp.sqlite:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-ftp/mdos_ftp.sqlite


--------------------------------------------------------------------------------
/mdos-ftp/public/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-ftp/public/favicon.ico


--------------------------------------------------------------------------------
/mdos-ftp/src/app.hooks.js:
--------------------------------------------------------------------------------
 1 | // Application hooks that run for every service
 2 | 
 3 | module.exports = {
 4 |   before: {
 5 |     all: [],
 6 |     find: [],
 7 |     get: [],
 8 |     create: [],
 9 |     update: [],
10 |     patch: [],
11 |     remove: []
12 |   },
13 | 
14 |   after: {
15 |     all: [],
16 |     find: [],
17 |     get: [],
18 |     create: [],
19 |     update: [],
20 |     patch: [],
21 |     remove: []
22 |   },
23 | 
24 |   error: {
25 |     all: [],
26 |     find: [],
27 |     get: [],
28 |     create: [],
29 |     update: [],
30 |     patch: [],
31 |     remove: []
32 |   }
33 | };
34 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/authentication.js:
--------------------------------------------------------------------------------
 1 | const { AuthenticationService, JWTStrategy } = require('@feathersjs/authentication');
 2 | const { LocalStrategy } = require('@feathersjs/authentication-local');
 3 | const { expressOauth } = require('@feathersjs/authentication-oauth');
 4 | 
 5 | module.exports = app => {
 6 |   const authentication = new AuthenticationService(app);
 7 | 
 8 |   authentication.register('jwt', new JWTStrategy());
 9 |   authentication.register('local', new LocalStrategy());
10 | 
11 |   app.use('/authentication', authentication);
12 |   app.configure(expressOauth());
13 | };
14 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/index.js:
--------------------------------------------------------------------------------
 1 | require('dotenv').config()
 2 | 
 3 | /* eslint-disable no-console */
 4 | const logger = require('./logger');
 5 | const app = require('./app');
 6 | const port = app.get('port');
 7 | const server = app.listen(port);
 8 | 
 9 | process.on('unhandledRejection', (reason, p) =>
10 |   logger.error('Unhandled Rejection at: Promise ', p, reason)
11 | );
12 | 
13 | server.on('listening', () =>
14 |   logger.info('Feathers application started on http://%s:%d', app.get('host'), port)
15 | );
16 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/logger.js:
--------------------------------------------------------------------------------
 1 | const { createLogger, format, transports } = require('winston');
 2 | 
 3 | // Configure the Winston logger. For the complete documentation see https://github.com/winstonjs/winston
 4 | const logger = createLogger({
 5 |   // To see more detailed errors, change this to 'debug'
 6 |   level: 'info',
 7 |   format: format.combine(
 8 |     format.splat(),
 9 |     format.simple()
10 |   ),
11 |   transports: [
12 |     new transports.Console()
13 |   ],
14 | });
15 | 
16 | module.exports = logger;
17 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/middleware/index.js:
--------------------------------------------------------------------------------
 1 | const PureFtpDaemon = require("./pureftpDaemon");
 2 | const SequelizeInit = require("./sequelizeInit");
 3 | 
 4 | // eslint-disable-next-line no-unused-vars
 5 | module.exports = function (app) {
 6 |   new SequelizeInit(app).start().then(() => {
 7 |     app.set("pureFtp", new PureFtpDaemon(app));
 8 |   })
 9 | };
10 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/middleware/sequelizeInit.js:
--------------------------------------------------------------------------------
 1 | const { NotFound, GeneralError, BadRequest, Conflict, Unavailable } = require('@feathersjs/errors')
 2 | 
 3 | /**
 4 |  * SequelizeInit specific functions
 5 |  *
 6 |  * @class SequelizeInit
 7 |  */
 8 | class SequelizeInit {
 9 |     
10 |     /**
11 |      * Creates an instance of SequelizeInit.
12 |      * @param {*} app
13 |      * @memberof SequelizeInit
14 |      */
15 |     constructor(app) {
16 |         this.app = app
17 |         
18 |     }
19 | 
20 |     /**
21 |      * start
22 |      */
23 |     async start() {
24 |         return new Promise((resolve, reject) => {
25 |             setTimeout(async () => {
26 |                 try {
27 |                     const allUsers = await this.app.service('users').find({
28 |                         query: {
29 |                             email: process.env.M2M_USER
30 |                         }
31 |                     })
32 |                     if(allUsers.data.length == 0) {
33 |                         await this.app.service('users').create({
34 |                             email: process.env.M2M_USER,
35 |                             password: process.env.M2M_PASSWORD
36 |                         })
37 |                     }
38 |                     resolve()
39 |                 } catch (error) {
40 |                     console.log(error);
41 |                     reject()
42 |                 }
43 |             }, 500)
44 |         })
45 |     }
46 | }
47 | 
48 | module.exports = SequelizeInit
49 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/models/users.model.js:
--------------------------------------------------------------------------------
 1 | // See https://sequelize.org/master/manual/model-basics.html
 2 | // for more of what you can do here.
 3 | const Sequelize = require('sequelize');
 4 | const DataTypes = Sequelize.DataTypes;
 5 | 
 6 | module.exports = function (app) {
 7 |   const sequelizeClient = app.get('sequelizeClient');
 8 |   const users = sequelizeClient.define('users', {
 9 |   
10 |     email: {
11 |       type: DataTypes.STRING,
12 |       allowNull: false,
13 |       unique: true
14 |     },
15 |     password: {
16 |       type: DataTypes.STRING,
17 |       allowNull: false
18 |     },
19 |   
20 |   
21 |   }, {
22 |     hooks: {
23 |       beforeCount(options) {
24 |         options.raw = true;
25 |       }
26 |     }
27 |   });
28 | 
29 |   // eslint-disable-next-line no-unused-vars
30 |   users.associate = function (models) {
31 |     // Define associations here
32 |     // See https://sequelize.org/master/manual/assocs.html
33 |   };
34 | 
35 |   return users;
36 | };
37 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/sequelize.js:
--------------------------------------------------------------------------------
 1 | const Sequelize = require('sequelize');
 2 | 
 3 | module.exports = function (app) {
 4 |   const connectionString = app.get('sqlite');
 5 |   const sequelize = new Sequelize(connectionString, {
 6 |     dialect: 'sqlite',
 7 |     logging: false,
 8 |     define: {
 9 |       freezeTableName: true
10 |     }
11 |   });
12 |   const oldSetup = app.setup;
13 | 
14 |   app.set('sequelizeClient', sequelize);
15 | 
16 |   app.setup = function (...args) {
17 |     const result = oldSetup.apply(this, args);
18 | 
19 |     // Set up data relationships
20 |     const models = sequelize.models;
21 |     Object.keys(models).forEach(name => {
22 |       if ('associate' in models[name]) {
23 |         models[name].associate(models);
24 |       }
25 |     });
26 | 
27 |     // Sync to the database
28 |     app.set('sequelizeSync', sequelize.sync());
29 | 
30 |     return result;
31 |   };
32 | };
33 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/services/credentials/credentials.class.js:
--------------------------------------------------------------------------------
 1 | /* eslint-disable no-unused-vars */
 2 | exports.Credentials = class Credentials {
 3 |   constructor (options, app) {
 4 |     this.options = options || {};
 5 |     this.app = app;
 6 |   }
 7 | 
 8 |   /**
 9 |    * create
10 |    * @param {} data 
11 |    * @param {*} params 
12 |    * @returns 
13 |    */
14 |   async create (data, params) {
15 |     const credData = await this.app.get("pureFtp").createTenantCredentials(data.tenantName)
16 |     return credData;
17 |   }
18 | 
19 |   /**
20 |    * remove
21 |    * @param {*} id 
22 |    * @param {*} params 
23 |    */
24 |   async remove (id, params) {
25 |     await this.app.get("pureFtp").deleteTenantCredentials(id)
26 |     return {status: "ok"}
27 |   }
28 | };
29 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/services/credentials/credentials.hooks.js:
--------------------------------------------------------------------------------
 1 | const { authenticate } = require('@feathersjs/authentication').hooks;
 2 | 
 3 | module.exports = {
 4 |   before: {
 5 |     all: [ authenticate('jwt') ],
 6 |     find: [],
 7 |     get: [],
 8 |     create: [],
 9 |     update: [],
10 |     patch: [],
11 |     remove: []
12 |   },
13 | 
14 |   after: {
15 |     all: [],
16 |     find: [],
17 |     get: [],
18 |     create: [],
19 |     update: [],
20 |     patch: [],
21 |     remove: []
22 |   },
23 | 
24 |   error: {
25 |     all: [],
26 |     find: [],
27 |     get: [],
28 |     create: [],
29 |     update: [],
30 |     patch: [],
31 |     remove: []
32 |   }
33 | };
34 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/services/credentials/credentials.service.js:
--------------------------------------------------------------------------------
 1 | // Initializes the `credentials` service on path `/credentials`
 2 | const { Credentials } = require('./credentials.class');
 3 | const hooks = require('./credentials.hooks');
 4 | 
 5 | module.exports = function (app) {
 6 |   const options = {
 7 |     paginate: app.get('paginate')
 8 |   };
 9 | 
10 |   // Initialize our service with any options it requires
11 |   app.use('/credentials', new Credentials(options, app));
12 | 
13 |   // Get our initialized service so that we can register hooks
14 |   const service = app.service('credentials');
15 | 
16 |   service.hooks(hooks);
17 | };
18 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/services/index.js:
--------------------------------------------------------------------------------
1 | const users = require('./users/users.service.js');
2 | const credentials = require('./credentials/credentials.service.js');
3 | // eslint-disable-next-line no-unused-vars
4 | module.exports = function (app) {
5 |   app.configure(users);
6 |   app.configure(credentials);
7 | };
8 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/services/users/users.class.js:
--------------------------------------------------------------------------------
1 | const { Service } = require('feathers-sequelize');
2 | 
3 | exports.Users = class Users extends Service {
4 |   
5 | };
6 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/services/users/users.hooks.js:
--------------------------------------------------------------------------------
 1 | const { authenticate } = require('@feathersjs/authentication').hooks;
 2 | 
 3 | const {
 4 |   hashPassword, protect
 5 | } = require('@feathersjs/authentication-local').hooks;
 6 | 
 7 | module.exports = {
 8 |   before: {
 9 |     all: [ authenticate('jwt') ],
10 |     find: [],
11 |     get: [],
12 |     create: [ hashPassword('password') ],
13 |     update: [ hashPassword('password') ],
14 |     patch: [ hashPassword('password') ],
15 |     remove: []
16 |   },
17 | 
18 |   after: {
19 |     all: [ 
20 |       // Make sure the password field is never sent to the client
21 |       // Always must be the last hook
22 |       protect('password')
23 |     ],
24 |     find: [],
25 |     get: [],
26 |     create: [],
27 |     update: [],
28 |     patch: [],
29 |     remove: []
30 |   },
31 | 
32 |   error: {
33 |     all: [],
34 |     find: [],
35 |     get: [],
36 |     create: [],
37 |     update: [],
38 |     patch: [],
39 |     remove: []
40 |   }
41 | };
42 | 


--------------------------------------------------------------------------------
/mdos-ftp/src/services/users/users.service.js:
--------------------------------------------------------------------------------
 1 | // Initializes the `users` service on path `/users`
 2 | const { Users } = require('./users.class');
 3 | const createModel = require('../../models/users.model');
 4 | const hooks = require('./users.hooks');
 5 | 
 6 | module.exports = function (app) {
 7 |   const options = {
 8 |     Model: createModel(app),
 9 |     paginate: app.get('paginate')
10 |   };
11 | 
12 |   // Initialize our service with any options it requires
13 |   app.use('/users', new Users(options, app));
14 | 
15 |   // Get our initialized service so that we can register hooks
16 |   const service = app.service('users');
17 | 
18 |   service.hooks(hooks);
19 | };
20 | 


--------------------------------------------------------------------------------
/mdos-ftp/test/authentication.test.js:
--------------------------------------------------------------------------------
 1 | const app = require('../src/app');
 2 | 
 3 | describe('authentication', () => {
 4 |   it('registered the authentication service', () => {
 5 |     expect(app.service('authentication')).toBeTruthy();
 6 |   });
 7 |   
 8 |   describe('local strategy', () => {
 9 |     const userInfo = {
10 |       email: 'someone@example.com',
11 |       password: 'supersecret'
12 |     };
13 | 
14 |     beforeAll(async () => {
15 |       try {
16 |         await app.service('users').create(userInfo);
17 |       } catch (error) {
18 |         // Do nothing, it just means the user already exists and can be tested
19 |       }
20 |     });
21 | 
22 |     it('authenticates user and creates accessToken', async () => {
23 |       const { user, accessToken } = await app.service('authentication').create({
24 |         strategy: 'local',
25 |         ...userInfo
26 |       });
27 |       
28 |       expect(accessToken).toBeTruthy();
29 |       expect(user).toBeTruthy();
30 |     });
31 |   });
32 | });
33 | 


--------------------------------------------------------------------------------
/mdos-ftp/test/services/credentials.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'credentials\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('credentials');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-ftp/test/services/users.test.js:
--------------------------------------------------------------------------------
1 | const app = require('../../src/app');
2 | 
3 | describe('\'users\' service', () => {
4 |   it('registered the service', () => {
5 |     const service = app.service('users');
6 |     expect(service).toBeTruthy();
7 |   });
8 | });
9 | 


--------------------------------------------------------------------------------
/mdos-setup/README.md:
--------------------------------------------------------------------------------
 1 | # MDos Setup
 2 | 
 3 | > **Note**
 4 | > The installation of the MDos platform and the CLI is described in the official repo documentation and is not part of this documentation file.
 5 | > Please refer to the official documentation for more details
 6 | 
 7 | ## Create new release of the platform
 8 | 
 9 | To create a new release, use the script:
10 | 
11 | ```
12 | infra/create-release.sh
13 | ```
14 | 
15 | The script takes one **optional** parameter: `--gen-cli-bin`.  
16 | This parameter will also generate the MDos CLI binary files for Linux, Mac and Windows, and publish them as release files as part of the release.
17 | 
18 | > This script will merge the current `main` branch with the `release` branch, bump up the project versions, tag the commit with the new version label and create the release along with the (optional) CLI binary files. 
19 | 
20 | ## Optional installation of code-server
21 | 
22 | For those who would like to also install a web based developement environement (code-server) deployed on the MDos platform, protected by OAuth2 OIDC authentication, simply execute the script:
23 | 
24 | ```
25 | infra/install-codeserver.sh --oidc-keycloak
26 | ```
27 | 
28 | > Script has not been tested for a while, prosceed with caution


--------------------------------------------------------------------------------
/mdos-setup/dep/cert-manager/cloudflare-issuer.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Secret
 3 | metadata:
 4 |   name: cloudflare-api-key-secret
 5 | type: Opaque
 6 | stringData:
 7 |   api-key: <CLOUDFLARE API KEY>
 8 | ---
 9 | apiVersion: cert-manager.io/v1
10 | kind: Issuer
11 | metadata:
12 |   name: mdos-issuer
13 | spec:
14 |   acme:
15 |     email: <ADMIN EMAIL>
16 |     server: https://acme-v02.api.letsencrypt.org/directory
17 |     privateKeySecretRef:
18 |       name: letsencrypt-prod
19 |     solvers:
20 |     - dns01:
21 |         cloudflare:
22 |           email: <CLOUDFLARE EMAIL>
23 |           apiKeySecretRef:
24 |             name: cloudflare-api-key-secret
25 |             key: api-key


--------------------------------------------------------------------------------
/mdos-setup/dep/code-server/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM nginx:alpine
2 | COPY nginx.conf /etc/nginx/nginx.conf


--------------------------------------------------------------------------------
/mdos-setup/dep/code-server/code-server-nginx.tar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-setup/dep/code-server/code-server-nginx.tar


--------------------------------------------------------------------------------
/mdos-setup/dep/helm/helm.tar.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mdundek/mdos/ae57a857ef504eedfd849648fa2a26c56f619eaa/mdos-setup/dep/helm/helm.tar.gz


--------------------------------------------------------------------------------
/mdos-setup/dep/images/cert-job-manager/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine:3.14
2 | RUN apk add --no-cache curl
3 | RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
4 | RUN install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
5 | RUN apk add bash


--------------------------------------------------------------------------------
/mdos-setup/dep/images/cert-job-manager/build.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | 
3 | docker build -t registry.mydomain.com/cert-job-manager:latest .
4 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/images/docker-mirror-lftp/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine:3.14
2 | RUN apk add --no-cache lftp bash
3 | 
4 | COPY r-mirror.sh /usr/local/bin/r-mirror.sh
5 | COPY mirror.sh /usr/local/bin/mirror.sh
6 | RUN chmod +x /usr/local/bin/r-mirror.sh
7 | RUN chmod +x /usr/local/bin/mirror.sh


--------------------------------------------------------------------------------
/mdos-setup/dep/images/docker-mirror-lftp/build.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | 
3 | docker build -t mdundek/mdos-mirror-lftp:latest .
4 | docker push mdundek/mdos-mirror-lftp:latest
5 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/images/docker-mirror-lftp/r-mirror.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | 
3 | lftp -u $USERNAME,$PASSWORD -p $PORT $PROTOCOL://$HOST <<-EOF
4 |     set ssl:verify-certificate no
5 |     set sftp:auto-confirm yes
6 |     mirror -v -R -e -s --parallel=$PARALLEL $LOCAL_DIR $REMOTE_DIR
7 |     quit
8 | EOF


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: base
 3 | # This version is never actually shipped. istio/release-builder will replace it at build-time
 4 | # with the appropriate version
 5 | version: 1.0.0
 6 | appVersion: 1.0.0
 7 | tillerVersion: ">=2.7.2"
 8 | description: Helm chart for deploying Istio cluster resources and CRDs
 9 | keywords:
10 |   - istio
11 | sources:
12 |   - http://github.com/istio/istio
13 | engine: gotpl
14 | icon: https://istio.io/latest/favicons/android-192x192.png
15 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/README.md:
--------------------------------------------------------------------------------
 1 | # Istio base Helm Chart
 2 | 
 3 | This chart installs resources shared by all Istio revisions. This includes Istio CRDs.
 4 | 
 5 | ## Setup Repo Info
 6 | 
 7 | ```console
 8 | helm repo add istio https://istio-release.storage.googleapis.com/charts
 9 | helm repo update
10 | ```
11 | 
12 | _See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
13 | 
14 | ## Installing the Chart
15 | 
16 | To install the chart with the release name `istio-base`:
17 | 
18 | ```console
19 | kubectl create namespace istio-system
20 | helm install istio-base istio/base -n istio-system
21 | ```
22 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 | 
4 | resources:
5 |   - files/gen-istio-cluster.yaml
6 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Istio base successfully installed!
2 | 
3 | To learn more about the release, try:
4 |   $ helm status {{ .Release.Name }}
5 |   $ helm get all {{ .Release.Name }}
6 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
 1 | # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 2 | # DO NOT EDIT!
 3 | # THIS IS A LEGACY CHART HERE FOR BACKCOMPAT
 4 | # UPDATED CHART AT manifests/charts/istio-control/istio-discovery
 5 | # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 6 | apiVersion: rbac.authorization.k8s.io/v1
 7 | kind: ClusterRoleBinding
 8 | metadata:
 9 |   name: istio-reader-{{ .Values.global.istioNamespace }}
10 |   labels:
11 |     app: istio-reader
12 |     release: {{ .Release.Name }}
13 | roleRef:
14 |   apiGroup: rbac.authorization.k8s.io
15 |   kind: ClusterRole
16 |   name: istio-reader-{{ .Values.global.istioNamespace }}
17 | subjects:
18 |   - kind: ServiceAccount
19 |     name: istio-reader-service-account
20 |     namespace: {{ .Values.global.istioNamespace }}
21 | ---
22 | apiVersion: rbac.authorization.k8s.io/v1
23 | kind: ClusterRoleBinding
24 | metadata:
25 |   name: istiod-{{ .Values.global.istioNamespace }}
26 |   labels:
27 |     app: istiod
28 |     release: {{ .Release.Name }}
29 | roleRef:
30 |   apiGroup: rbac.authorization.k8s.io
31 |   kind: ClusterRole
32 |   name: istiod-{{ .Values.global.istioNamespace }}
33 | subjects:
34 |   - kind: ServiceAccount
35 |     name: istiod-service-account
36 |     namespace: {{ .Values.global.istioNamespace }}
37 | ---
38 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/templates/crds.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.base.enableCRDTemplates }}
2 | {{ .Files.Get "crds/crd-all.gen.yaml" }}
3 | {{ .Files.Get "crds/crd-operator.yaml" }}
4 | {{- end }}
5 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/templates/default.yaml:
--------------------------------------------------------------------------------
 1 | {{- if not (eq .Values.defaultRevision "") }}
 2 | apiVersion: admissionregistration.k8s.io/v1
 3 | kind: ValidatingWebhookConfiguration
 4 | metadata:
 5 |   name: istiod-default-validator
 6 |   labels:
 7 |     app: istiod
 8 |     release: {{ .Release.Name }}
 9 |     istio: istiod
10 |     istio.io/rev: {{ .Values.defaultRevision }}
11 | webhooks:
12 |   - name: validation.istio.io
13 |     clientConfig:
14 |       {{- if .Values.base.validationURL }}
15 |       url: {{ .Values.base.validationURL }}
16 |       {{- else }}
17 |       service:
18 |         {{- if (eq .Values.defaultRevision "default") }}
19 |         name: istiod
20 |         {{- else }}
21 |         name: istiod-{{ .Values.defaultRevision }}
22 |         {{- end }}
23 |         namespace: {{ .Values.global.istioNamespace }}
24 |         path: "/validate"
25 |       {{- end }}
26 |     rules:
27 |       - operations:
28 |           - CREATE
29 |           - UPDATE
30 |         apiGroups:
31 |           - security.istio.io
32 |           - networking.istio.io
33 |         apiVersions:
34 |           - "*"
35 |         resources:
36 |           - "*"
37 |     # Fail open until the validation webhook is ready. The webhook controller
38 |     # will update this to `Fail` and patch in the `caBundle` when the webhook
39 |     # endpoint is ready.
40 |     failurePolicy: Ignore
41 |     sideEffects: None
42 |     admissionReviewVersions: ["v1beta1", "v1"]
43 | {{- end }}
44 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/templates/endpoints.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.global.remotePilotAddress }}
 2 |   {{- if .Values.pilot.enabled }}
 3 | apiVersion: v1
 4 | kind: Endpoints
 5 | metadata:
 6 |   name: istiod-remote
 7 |   namespace: {{ .Release.Namespace }}
 8 | subsets:
 9 | - addresses:
10 |   - ip: {{ .Values.global.remotePilotAddress }}
11 |   ports:
12 |   - port: 15012
13 |     name: tcp-istiod
14 |     protocol: TCP
15 |   {{- else if regexMatch "^([0-9]*\\.){3}[0-9]*$" .Values.global.remotePilotAddress }}
16 | apiVersion: v1
17 | kind: Endpoints
18 | metadata:
19 |   name: istiod
20 |   namespace: {{ .Release.Namespace }}
21 | subsets:
22 | - addresses:
23 |   - ip: {{ .Values.global.remotePilotAddress }}
24 |   ports:
25 |   - port: 15012
26 |     name: tcp-istiod
27 |     protocol: TCP
28 |   {{- end }}
29 | ---
30 | {{- end }}
31 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/templates/reader-serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | # This service account aggregates reader permissions for the revisions in a given cluster
 2 | # Should be used for remote secret creation.
 3 | apiVersion: v1
 4 | kind: ServiceAccount
 5 |   {{- if .Values.global.imagePullSecrets }}
 6 | imagePullSecrets:
 7 |   {{- range .Values.global.imagePullSecrets }}
 8 |   - name: {{ . }}
 9 |     {{- end }}
10 |     {{- end }}
11 | metadata:
12 |   name: istio-reader-service-account
13 |   namespace: {{ .Values.global.istioNamespace }}
14 |   labels:
15 |     app: istio-reader
16 |     release: {{ .Release.Name }}
17 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/templates/role.yaml:
--------------------------------------------------------------------------------
 1 | # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 2 | # DO NOT EDIT!
 3 | # THIS IS A LEGACY CHART HERE FOR BACKCOMPAT
 4 | # UPDATED CHART AT manifests/charts/istio-control/istio-discovery
 5 | # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 6 | apiVersion: rbac.authorization.k8s.io/v1
 7 | kind: Role
 8 | metadata:
 9 |   name: istiod-{{ .Values.global.istioNamespace }}
10 |   namespace: {{ .Values.global.istioNamespace }}
11 |   labels:
12 |     app: istiod
13 |     release: {{ .Release.Name }}
14 | rules:
15 | # permissions to verify the webhook is ready and rejecting
16 | # invalid config. We use --server-dry-run so no config is persisted.
17 | - apiGroups: ["networking.istio.io"]
18 |   verbs: ["create"]
19 |   resources: ["gateways"]
20 | 
21 | # For storing CA secret
22 | - apiGroups: [""]
23 |   resources: ["secrets"]
24 |   # TODO lock this down to istio-ca-cert if not using the DNS cert mesh config
25 |   verbs: ["create", "get", "watch", "list", "update", "delete"]
26 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/templates/rolebinding.yaml:
--------------------------------------------------------------------------------
 1 | # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 2 | # DO NOT EDIT!
 3 | # THIS IS A LEGACY CHART HERE FOR BACKCOMPAT
 4 | # UPDATED CHART AT manifests/charts/istio-control/istio-discovery
 5 | # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 6 | apiVersion: rbac.authorization.k8s.io/v1
 7 | kind: RoleBinding
 8 | metadata:
 9 |   name: istiod-{{ .Values.global.istioNamespace }}
10 |   namespace: {{ .Values.global.istioNamespace }}
11 |   labels:
12 |     app: istiod
13 |     release: {{ .Release.Name }}
14 | roleRef:
15 |   apiGroup: rbac.authorization.k8s.io
16 |   kind: Role
17 |   name: istiod-{{ .Values.global.istioNamespace }}
18 | subjects:
19 |   - kind: ServiceAccount
20 |     name: istiod-service-account
21 |     namespace: {{ .Values.global.istioNamespace }}
22 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 2 | # DO NOT EDIT!
 3 | # THIS IS A LEGACY CHART HERE FOR BACKCOMPAT
 4 | # UPDATED CHART AT manifests/charts/istio-control/istio-discovery
 5 | # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 6 | apiVersion: v1
 7 | kind: ServiceAccount
 8 |   {{- if .Values.global.imagePullSecrets }}
 9 | imagePullSecrets:
10 |   {{- range .Values.global.imagePullSecrets }}
11 |   - name: {{ . }}
12 |   {{- end }}
13 |   {{- end }}
14 | metadata:
15 |   name: istiod-service-account
16 |   namespace: {{ .Values.global.istioNamespace }}
17 |   labels:
18 |     app: istiod
19 |     release: {{ .Release.Name }}
20 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/templates/services.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.global.remotePilotAddress }}
 2 |   {{- if .Values.pilot.enabled }}
 3 | # when local istiod is enabled, we can't use istiod service name to reach the remote control plane
 4 | apiVersion: v1
 5 | kind: Service
 6 | metadata:
 7 |   name: istiod-remote
 8 |   namespace: {{ .Release.Namespace }}
 9 | spec:
10 |   ports:
11 |   - port: 15012
12 |     name: tcp-istiod
13 |     protocol: TCP
14 |   clusterIP: None
15 |   {{- else }}
16 | # when local istiod isn't enabled, we can use istiod service name to reach the remote control plane
17 | apiVersion: v1
18 | kind: Service
19 | metadata:
20 |   name: istiod
21 |   namespace: {{ .Release.Namespace }}
22 | spec:
23 |   ports:
24 |   - port: 15012
25 |     name: tcp-istiod
26 |     protocol: TCP
27 |   # if the remotePilotAddress is IP addr, we use clusterIP: None.
28 |   # else, we use externalName
29 |   {{- if regexMatch "^([0-9]*\\.){3}[0-9]*$" .Values.global.remotePilotAddress }}
30 |   clusterIP: None
31 |   {{- else }}
32 |   type: ExternalName
33 |   externalName: {{ .Values.global.remotePilotAddress }}
34 |   {{- end }}
35 |   {{- end }}
36 | ---
37 | {{- end }}
38 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/base/values.yaml:
--------------------------------------------------------------------------------
 1 | global:
 2 | 
 3 |   # ImagePullSecrets for control plane ServiceAccount, list of secrets in the same namespace
 4 |   # to use for pulling any images in pods that reference this ServiceAccount.
 5 |   # Must be set for any cluster configured with private docker registry.
 6 |   imagePullSecrets: []
 7 | 
 8 |   # Used to locate istiod.
 9 |   istioNamespace: istio-system
10 | 
11 |   istiod:
12 |     enableAnalysis: false
13 | 
14 |   configValidation: true
15 |   externalIstiod: false
16 |   remotePilotAddress: ""
17 | 
18 | base:
19 |   # Used for helm2 to add the CRDs to templates.
20 |   enableCRDTemplates: false
21 | 
22 |   # Validation webhook configuration url
23 |   # For example: https://$remotePilotAddress:15017/validate
24 |   validationURL: ""
25 | 
26 |   # For istioctl usage to disable istio config crds in base
27 |   enableIstioConfigCRDs: true
28 | 
29 | defaultRevision: "default"
30 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/default/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: istio-default
 3 | # This version is never actually shipped. istio/release-builder will replace it at build-time
 4 | # with the appropriate version
 5 | version: 1.0.0
 6 | appVersion: 1.0.0
 7 | description: Helm chart for istio default revision components.
 8 | keywords:
 9 |   - istio
10 | sources:
11 |   - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/latest/favicons/android-192x192.png
14 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/default/values.yaml:
--------------------------------------------------------------------------------
 1 | global:
 2 |   # Used to locate istiod.
 3 |   istioNamespace: "istio-system"
 4 | 
 5 | base:
 6 |   # Validation webhook configuration url
 7 |   # For example: https://$remotePilotAddress:15017/validate
 8 |   validationURL: ""
 9 | 
10 | istiodRemote:
11 |   # Sidecar injector mutating webhook configuration url
12 |   # For example: https://$remotePilotAddress:15017/inject
13 |   injectionURL: ""
14 | 
15 | # Revision is set as 'version' label and part of the resource names when installing multiple control planes.
16 | revision: ""
17 | 
18 | sidecarInjectorWebhook:
19 |   # This enables injection of sidecar in all namespaces,
20 |   enableNamespacesByDefault: false
21 | 
22 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateway/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v2
 2 | name: gateway
 3 | description: Helm chart for deploying Istio gateways
 4 | type: application
 5 | 
 6 | # This version is never actually shipped. istio/release-builder will replace it at build-time
 7 | # with the appropriate version
 8 | version: 1.0.0
 9 | appVersion: 1.0.0
10 | 
11 | sources:
12 | - http://github.com/istio/istio
13 | icon: https://istio.io/latest/favicons/android-192x192.png
14 | keywords:
15 | - istio
16 | - gateways


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateway/templates/NOTES.txt:
--------------------------------------------------------------------------------
 1 | "{{ include "gateway.name" . }}" successfully installed!
 2 | 
 3 | To learn more about the release, try:
 4 |   $ helm status {{ .Release.Name }}
 5 |   $ helm get all {{ .Release.Name }}
 6 | 
 7 | Next steps:
 8 |   * Deploy an HTTP Gateway: https://istio.io/latest/docs/tasks/traffic-management/ingress/ingress-control/
 9 |   * Deploy an HTTPS Gateway: https://istio.io/latest/docs/tasks/traffic-management/ingress/secure-ingress/
10 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateway/templates/hpa.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.autoscaling.enabled }}
 2 | apiVersion: autoscaling/v2beta2
 3 | kind: HorizontalPodAutoscaler
 4 | metadata:
 5 |   name: {{ include "gateway.name" . }}
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     {{- include "gateway.labels" . | nindent 4 }}
 9 |   annotations:
10 |     {{- .Values.annotations | toYaml | nindent 4 }}
11 | spec:
12 |   scaleTargetRef:
13 |     apiVersion: apps/v1
14 |     kind: Deployment
15 |     name: {{ include "gateway.name" . }}
16 |   minReplicas: {{ .Values.autoscaling.minReplicas }}
17 |   maxReplicas: {{ .Values.autoscaling.maxReplicas }}
18 |   metrics:
19 |     {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
20 |     - type: Resource
21 |       resource:
22 |         name: cpu
23 |         target:
24 |           averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
25 |           type: Utilization
26 |     {{- end }}
27 | 
28 | {{- end }}
29 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateway/templates/role.yaml:
--------------------------------------------------------------------------------
 1 | {{/*Set up roles for Istio Gateway. Not required for gateway-api*/}}
 2 | {{- if .Values.rbac.enabled }}
 3 | apiVersion: rbac.authorization.k8s.io/v1
 4 | kind: Role
 5 | metadata:
 6 |   name: {{ include "gateway.serviceAccountName" . }}
 7 |   namespace: {{ .Release.Namespace }}
 8 | rules:
 9 | - apiGroups: [""]
10 |   resources: ["secrets"]
11 |   verbs: ["get", "watch", "list"]
12 | ---
13 | apiVersion: rbac.authorization.k8s.io/v1
14 | kind: RoleBinding
15 | metadata:
16 |   name: {{ include "gateway.serviceAccountName" . }}
17 |   namespace: {{ .Release.Namespace }}
18 | roleRef:
19 |   apiGroup: rbac.authorization.k8s.io
20 |   kind: Role
21 |   name: {{ include "gateway.serviceAccountName" . }}
22 | subjects:
23 | - kind: ServiceAccount
24 |   name: {{ include "gateway.serviceAccountName" . }}
25 | {{- end }}
26 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateway/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if not (eq .Values.service.type "None") }}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: {{ include "gateway.name" . }}
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     {{- include "gateway.labels" . | nindent 4 }}
 9 |     {{- with .Values.networkGateway }}
10 |     topology.istio.io/network: "{{.}}"
11 |     {{- end }}
12 |   annotations:
13 |     {{- merge (deepCopy .Values.service.annotations) .Values.annotations | toYaml | nindent 4 }}
14 | spec:
15 | {{- with .Values.service.loadBalancerIP }}
16 |   loadBalancerIP: "{{ . }}"
17 | {{- end }}
18 | {{- with .Values.service.loadBalancerSourceRanges }}
19 |   loadBalancerSourceRanges:
20 | {{ toYaml . | indent 4 }}
21 | {{- end }}
22 | {{- with .Values.service.externalTrafficPolicy }}
23 |   externalTrafficPolicy: "{{ . }}"
24 | {{- end }}
25 |   type: {{ .Values.service.type }}
26 |   ports:
27 | {{- if .Values.networkGateway }}
28 |   - name: status-port
29 |     port: 15021
30 |     targetPort: 15021
31 |   - name: tls
32 |     port: 15443
33 |     targetPort: 15443
34 |   - name: tls-istiod
35 |     port: 15012
36 |     targetPort: 15012
37 |   - name: tls-webhook
38 |     port: 15017
39 |     targetPort: 15017
40 | {{- else }}
41 | {{ .Values.service.ports | toYaml | indent 4 }}
42 | {{- end }}
43 |   selector:
44 |     {{- include "gateway.selectorLabels" . | nindent 4 }}
45 | {{- end }}
46 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateway/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.serviceAccount.create }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ include "gateway.serviceAccountName" . }}
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     {{- include "gateway.labels" . | nindent 4 }}
 9 |   {{- with .Values.serviceAccount.annotations }}
10 |   annotations:
11 |     {{- toYaml . | nindent 4 }}
12 |   {{- end }}
13 | {{- end }}
14 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateways/istio-egress/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: istio-egress
 3 | # This version is never actually shipped. istio/release-builder will replace it at build-time
 4 | # with the appropriate version
 5 | version: 1.0.0
 6 | appVersion: 1.0.0
 7 | tillerVersion: ">=2.7.2"
 8 | description: Helm chart for deploying Istio gateways
 9 | keywords:
10 |   - istio
11 |   - egressgateway
12 |   - gateways
13 | sources:
14 |   - http://github.com/istio/istio
15 | engine: gotpl
16 | icon: https://istio.io/latest/favicons/android-192x192.png
17 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateways/istio-egress/templates/autoscale.yaml:
--------------------------------------------------------------------------------
 1 | {{ $gateway := index .Values "gateways" "istio-egressgateway" }}
 2 | {{- if and $gateway.autoscaleEnabled $gateway.autoscaleMin $gateway.autoscaleMax }}
 3 | apiVersion: autoscaling/v2beta1
 4 | kind: HorizontalPodAutoscaler
 5 | metadata:
 6 |   name: {{ $gateway.name }}
 7 |   namespace: {{ .Release.Namespace }}
 8 |   labels:
 9 | {{ $gateway.labels | toYaml | indent 4 }}
10 |     release: {{ .Release.Name }}
11 |     istio.io/rev: {{ .Values.revision | default "default" }}
12 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
13 |     operator.istio.io/component: "EgressGateways"
14 | spec:
15 |   maxReplicas: {{ $gateway.autoscaleMax }}
16 |   minReplicas: {{ $gateway.autoscaleMin }}
17 |   scaleTargetRef:
18 |     apiVersion: apps/v1
19 |     kind: Deployment
20 |     name: {{ $gateway.name }}
21 |   metrics:
22 |     - type: Resource
23 |       resource:
24 |         name: cpu
25 |         targetAverageUtilization: {{ $gateway.cpu.targetAverageUtilization }}
26 | ---
27 | {{- end }}
28 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateways/istio-egress/templates/poddisruptionbudget.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.global.defaultPodDisruptionBudget.enabled }}
 2 | {{ $gateway := index .Values "gateways" "istio-egressgateway" }}
 3 | apiVersion: policy/v1beta1
 4 | kind: PodDisruptionBudget
 5 | metadata:
 6 |   name: {{ $gateway.name }}
 7 |   namespace: {{ .Release.Namespace }}
 8 |   labels:
 9 | {{ $gateway.labels | toYaml | trim | indent 4 }}
10 |     release: {{ .Release.Name }}
11 |     istio.io/rev: {{ .Values.revision | default "default" }}
12 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
13 |     operator.istio.io/component: "EgressGateways"
14 | spec:
15 |   minAvailable: 1
16 |   selector:
17 |     matchLabels:
18 | {{ $gateway.labels | toYaml | trim | indent 6 }}
19 | {{- end }}
20 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateways/istio-egress/templates/role.yaml:
--------------------------------------------------------------------------------
 1 | {{ $gateway := index .Values "gateways" "istio-egressgateway" }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   name: {{ $gateway.name }}-sds
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     release: {{ .Release.Name }}
 9 |     istio.io/rev: {{ .Values.revision | default "default" }}
10 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
11 |     operator.istio.io/component: "EgressGateways"
12 | rules:
13 | - apiGroups: [""]
14 |   resources: ["secrets"]
15 |   verbs: ["get", "watch", "list"]
16 | ---
17 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateways/istio-egress/templates/rolebindings.yaml:
--------------------------------------------------------------------------------
 1 | {{ $gateway := index .Values "gateways" "istio-egressgateway" }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: RoleBinding
 4 | metadata:
 5 |   name: {{ $gateway.name }}-sds
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     release: {{ .Release.Name }}
 9 |     istio.io/rev: {{ .Values.revision | default "default" }}
10 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
11 |     operator.istio.io/component: "EgressGateways"
12 | roleRef:
13 |   apiGroup: rbac.authorization.k8s.io
14 |   kind: Role
15 |   name: {{ $gateway.name }}-sds
16 | subjects:
17 | - kind: ServiceAccount
18 |   name: {{ $gateway.name }}-service-account
19 | ---
20 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateways/istio-egress/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{ $gateway := index .Values "gateways" "istio-egressgateway" }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | {{- if .Values.global.imagePullSecrets }}
 5 | imagePullSecrets:
 6 | {{- range .Values.global.imagePullSecrets }}
 7 |   - name: {{ . }}
 8 | {{- end }}
 9 | {{- end }}
10 | metadata:
11 |   name: {{ $gateway.name }}-service-account
12 |   namespace: {{ .Release.Namespace }}
13 |   labels:
14 | {{ $gateway.labels | toYaml | trim | indent 4 }}
15 |     release: {{ .Release.Name }}
16 |     istio.io/rev: {{ .Values.revision | default "default" }}
17 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
18 |     operator.istio.io/component: "EgressGateways"
19 |   {{- with $gateway.serviceAccount.annotations }}
20 |   annotations:
21 |     {{- toYaml . | nindent 4 }}
22 |   {{- end }}
23 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateways/istio-ingress/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: istio-ingress
 3 | # This version is never actually shipped. istio/release-builder will replace it at build-time
 4 | # with the appropriate version
 5 | version: 1.0.0
 6 | appVersion: 1.0.0
 7 | tillerVersion: ">=2.7.2"
 8 | description: Helm chart for deploying Istio gateways
 9 | keywords:
10 |   - istio
11 |   - ingressgateway
12 |   - gateways
13 | sources:
14 |   - http://github.com/istio/istio
15 | engine: gotpl
16 | icon: https://istio.io/latest/favicons/android-192x192.png
17 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateways/istio-ingress/templates/autoscale.yaml:
--------------------------------------------------------------------------------
 1 | {{ $gateway := index .Values "gateways" "istio-ingressgateway" }}
 2 | {{- if and $gateway.autoscaleEnabled $gateway.autoscaleMin $gateway.autoscaleMax }}
 3 | apiVersion: autoscaling/v2beta1
 4 | kind: HorizontalPodAutoscaler
 5 | metadata:
 6 |   name: {{ $gateway.name }}
 7 |   namespace: {{ .Release.Namespace }}
 8 |   labels:
 9 | {{ $gateway.labels | toYaml | indent 4 }}
10 |     release: {{ .Release.Name }}
11 |     istio.io/rev: {{ .Values.revision | default "default" }}
12 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
13 |     operator.istio.io/component: "IngressGateways"
14 | spec:
15 |   maxReplicas: {{ $gateway.autoscaleMax }}
16 |   minReplicas: {{ $gateway.autoscaleMin }}
17 |   scaleTargetRef:
18 |     apiVersion: apps/v1
19 |     kind: Deployment
20 |     name: {{ $gateway.name }}
21 |   metrics:
22 |     - type: Resource
23 |       resource:
24 |         name: cpu
25 |         targetAverageUtilization: {{ $gateway.cpu.targetAverageUtilization }}
26 | ---
27 | {{- end }}
28 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateways/istio-ingress/templates/poddisruptionbudget.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.global.defaultPodDisruptionBudget.enabled }}
 2 | {{ $gateway := index .Values "gateways" "istio-ingressgateway" }}
 3 | apiVersion: policy/v1beta1
 4 | kind: PodDisruptionBudget
 5 | metadata:
 6 |   name: {{ $gateway.name }}
 7 |   namespace: {{ .Release.Namespace }}
 8 |   labels:
 9 | {{ $gateway.labels | toYaml | trim | indent 4 }}
10 |     release: {{ .Release.Name }}
11 |     istio.io/rev: {{ .Values.revision | default "default" }}
12 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
13 |     operator.istio.io/component: "IngressGateways"
14 | spec:
15 |   minAvailable: 1
16 |   selector:
17 |     matchLabels:
18 | {{ $gateway.labels | toYaml | trim | indent 6 }}
19 | {{- end }}
20 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateways/istio-ingress/templates/role.yaml:
--------------------------------------------------------------------------------
 1 | {{ $gateway := index .Values "gateways" "istio-ingressgateway" }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   name: {{ $gateway.name }}-sds
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     release: {{ .Release.Name }}
 9 |     istio.io/rev: {{ .Values.revision | default "default" }}
10 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
11 |     operator.istio.io/component: "IngressGateways"
12 | rules:
13 | - apiGroups: [""]
14 |   resources: ["secrets"]
15 |   verbs: ["get", "watch", "list"]
16 | ---
17 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateways/istio-ingress/templates/rolebindings.yaml:
--------------------------------------------------------------------------------
 1 | {{ $gateway := index .Values "gateways" "istio-ingressgateway" }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: RoleBinding
 4 | metadata:
 5 |   name: {{ $gateway.name }}-sds
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     release: {{ .Release.Name }}
 9 |     istio.io/rev: {{ .Values.revision | default "default" }}
10 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
11 |     operator.istio.io/component: "IngressGateways"
12 | roleRef:
13 |   apiGroup: rbac.authorization.k8s.io
14 |   kind: Role
15 |   name: {{ $gateway.name }}-sds
16 | subjects:
17 | - kind: ServiceAccount
18 |   name: {{ $gateway.name }}-service-account
19 | ---
20 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/gateways/istio-ingress/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{ $gateway := index .Values "gateways" "istio-ingressgateway" }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | {{- if .Values.global.imagePullSecrets }}
 5 | imagePullSecrets:
 6 | {{- range .Values.global.imagePullSecrets }}
 7 |   - name: {{ . }}
 8 | {{- end }}
 9 | {{- end }}
10 | metadata:
11 |   name: {{ $gateway.name }}-service-account
12 |   namespace: {{ .Release.Namespace }}
13 |   labels:
14 | {{ $gateway.labels | toYaml | trim | indent 4 }}
15 |     release: {{ .Release.Name }}
16 |     istio.io/rev: {{ .Values.revision | default "default" }}
17 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
18 |     operator.istio.io/component: "IngressGateways"
19 |   {{- with $gateway.serviceAccount.annotations }}
20 |   annotations:
21 |     {{- toYaml . | nindent 4 }}
22 |   {{- end }}
23 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-cni/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: cni
 3 | # This version is never actually shipped. istio/release-builder will replace it at build-time
 4 | # with the appropriate version
 5 | version: 1.0.0
 6 | appVersion: 1.0.0
 7 | description: Helm chart for istio-cni components
 8 | keywords:
 9 |   - istio-cni
10 |   - istio
11 | sources:
12 |   - http://github.com/istio/cni
13 | engine: gotpl
14 | icon: https://istio.io/latest/favicons/android-192x192.png
15 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-cni/README.md:
--------------------------------------------------------------------------------
 1 | # Istio CNI Helm Chart
 2 | 
 3 | This chart installs the Istio CNI Plugin. See the [CNI installation guide](https://istio.io/latest/docs/setup/additional-setup/cni/)
 4 | for more information.
 5 | 
 6 | ## Setup Repo Info
 7 | 
 8 | ```console
 9 | helm repo add istio https://istio-release.storage.googleapis.com/charts
10 | helm repo update
11 | ```
12 | 
13 | _See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
14 | 
15 | ## Installing the Chart
16 | 
17 | To install the chart with the release name `istio-cni`:
18 | 
19 | ```console
20 | helm install istio-cni istio/cni -n kube-system
21 | ```
22 | 
23 | Installation in `kube-system` is recommended to ensure the [`system-node-critical`](https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/)
24 | `priorityClassName` can be used.
25 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-cni/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | "{{ .Release.Name }}" successfully installed!
2 | 
3 | To learn more about the release, try:
4 |   $ helm status {{ .Release.Name }}
5 |   $ helm get all {{ .Release.Name }}
6 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-cni/templates/resourcequota.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.cni.resourceQuotas.enabled }}
 2 | apiVersion: v1
 3 | kind: ResourceQuota
 4 | metadata:
 5 |   name: istio-cni-resource-quota
 6 |   namespace: {{ .Release.Namespace }}
 7 | spec:
 8 |   hard:
 9 |     pods: {{ .Values.cni.resourceQuotas.pods | quote }}
10 |   scopeSelector:
11 |     matchExpressions:
12 |     - operator: In
13 |       scopeName: PriorityClass
14 |       values:
15 |       - system-node-critical
16 | {{- end }}
17 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-cni/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | {{- if .Values.global.imagePullSecrets }}
 4 | imagePullSecrets:
 5 | {{- range .Values.global.imagePullSecrets }}
 6 |   - name: {{ . }}
 7 | {{- end }}
 8 | {{- end }}
 9 | metadata:
10 |   name: istio-cni
11 |   namespace: {{ .Release.Namespace }}
12 |   labels:
13 |     app: istio-cni
14 |     release: {{ .Release.Name }}
15 |     istio.io/rev: {{ .Values.revision | default "default" }}
16 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
17 |     operator.istio.io/component: "Cni"
18 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-control/istio-discovery/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: istiod
 3 | # This version is never actually shipped. istio/release-builder will replace it at build-time
 4 | # with the appropriate version
 5 | version: 1.0.0
 6 | appVersion: 1.0.0
 7 | tillerVersion: ">=2.7.2"
 8 | description: Helm chart for istio control plane
 9 | keywords:
10 |   - istio
11 |   - istiod
12 |   - istio-discovery
13 | sources:
14 |   - http://github.com/istio/istio
15 | engine: gotpl
16 | icon: https://istio.io/latest/favicons/android-192x192.png
17 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-control/istio-discovery/kustomization.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: kustomize.config.k8s.io/v1beta1
2 | kind: Kustomization
3 | 
4 | resources:
5 |   - files/gen-istio.yaml
6 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-control/istio-discovery/templates/NOTES.txt:
--------------------------------------------------------------------------------
 1 | "istiod{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}" successfully installed!
 2 | 
 3 | To learn more about the release, try:
 4 |   $ helm status {{ .Release.Name }}
 5 |   $ helm get all {{ .Release.Name }}
 6 | 
 7 | Next steps:
 8 |   * Deploy a Gateway: https://istio.io/latest/docs/setup/additional-setup/gateway/
 9 |   * Try out our tasks to get started on common configurations:
10 |     * https://istio.io/latest/docs/tasks/traffic-management
11 |     * https://istio.io/latest/docs/tasks/security/
12 |     * https://istio.io/latest/docs/tasks/policy-enforcement/
13 |     * https://istio.io/latest/docs/tasks/policy-enforcement/
14 |   * Review the list of actively supported releases, CVE publications and our hardening guide:
15 |     * https://istio.io/latest/docs/releases/supported-releases/
16 |     * https://istio.io/latest/news/security/
17 |     * https://istio.io/latest/docs/ops/best-practices/security/
18 | 
19 | For further documentation see https://istio.io website
20 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-control/istio-discovery/templates/autoscale.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.pilot.autoscaleEnabled .Values.pilot.autoscaleMin .Values.pilot.autoscaleMax }}
 2 | apiVersion: autoscaling/v2beta1
 3 | kind: HorizontalPodAutoscaler
 4 | metadata:
 5 |   name: istiod{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     app: istiod
 9 |     release: {{ .Release.Name }}
10 |     istio.io/rev: {{ .Values.revision | default "default" }}
11 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
12 |     operator.istio.io/component: "Pilot"
13 | spec:
14 |   maxReplicas: {{ .Values.pilot.autoscaleMax }}
15 |   minReplicas: {{ .Values.pilot.autoscaleMin }}
16 |   scaleTargetRef:
17 |     apiVersion: apps/v1
18 |     kind: Deployment
19 |     name: istiod{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
20 |   metrics:
21 |   - type: Resource
22 |     resource:
23 |       name: cpu
24 |       targetAverageUtilization: {{ .Values.pilot.cpu.targetAverageUtilization }}
25 | ---
26 | {{- end }}
27 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-control/istio-discovery/templates/configmap-jwks.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.pilot.jwksResolverExtraRootCA }}
 2 | apiVersion: v1
 3 | kind: ConfigMap
 4 | metadata:
 5 |   name: pilot-jwks-extra-cacerts{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     release: {{ .Release.Name }}
 9 |     istio.io/rev: {{ .Values.revision | default "default" }}
10 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
11 |     operator.istio.io/component: "Pilot"
12 | data:
13 |   extra.pem: {{ .Values.pilot.jwksResolverExtraRootCA | quote }}
14 | {{- end }}
15 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-control/istio-discovery/templates/poddisruptionbudget.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.global.defaultPodDisruptionBudget.enabled }}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: istiod{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     app: istiod
 9 |     istio.io/rev: {{ .Values.revision | default "default" }}
10 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
11 |     operator.istio.io/component: "Pilot"
12 |     release: {{ .Release.Name }}
13 |     istio: pilot
14 | spec:
15 |   minAvailable: 1
16 |   selector:
17 |     matchLabels:
18 |       app: istiod
19 |       {{- if ne .Values.revision "" }}
20 |       istio.io/rev: {{ .Values.revision }}
21 |       {{- else }}
22 |       istio: pilot
23 |       {{- end }}
24 | ---
25 | {{- end }}
26 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-control/istio-discovery/templates/reader-clusterrolebinding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: istio-reader-clusterrole{{- if not (eq .Values.revision "")}}-{{ .Values.revision }}{{- end }}-{{ .Release.Namespace }}
 5 |   labels:
 6 |     app: istio-reader
 7 |     release: {{ .Release.Name }}
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: istio-reader-clusterrole{{- if not (eq .Values.revision "")}}-{{ .Values.revision }}{{- end }}-{{ .Release.Namespace }}
12 | subjects:
13 |   - kind: ServiceAccount
14 |     name: istio-reader-service-account
15 |     namespace: {{ .Values.global.istioNamespace }}
16 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-control/istio-discovery/templates/role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: Role
 3 | metadata:
 4 |   name: istiod{{- if not (eq .Values.revision "")}}-{{ .Values.revision }}{{- end }}
 5 |   namespace: {{ .Values.global.istioNamespace }}
 6 |   labels:
 7 |     app: istiod
 8 |     release: {{ .Release.Name }}
 9 | rules:
10 | # permissions to verify the webhook is ready and rejecting
11 | # invalid config. We use --server-dry-run so no config is persisted.
12 | - apiGroups: ["networking.istio.io"]
13 |   verbs: ["create"]
14 |   resources: ["gateways"]
15 | 
16 | # For storing CA secret
17 | - apiGroups: [""]
18 |   resources: ["secrets"]
19 |   # TODO lock this down to istio-ca-cert if not using the DNS cert mesh config
20 |   verbs: ["create", "get", "watch", "list", "update", "delete"]
21 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-control/istio-discovery/templates/rolebinding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: RoleBinding
 3 | metadata:
 4 |   name: istiod{{- if not (eq .Values.revision "")}}-{{ .Values.revision }}{{- end }}
 5 |   namespace: {{ .Values.global.istioNamespace }}
 6 |   labels:
 7 |     app: istiod
 8 |     release: {{ .Release.Name }}
 9 | roleRef:
10 |   apiGroup: rbac.authorization.k8s.io
11 |   kind: Role
12 |   name: istiod{{- if not (eq .Values.revision "")}}-{{ .Values.revision }}{{- end }}
13 | subjects:
14 |   - kind: ServiceAccount
15 |     name: istiod{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
16 |     namespace: {{ .Values.global.istioNamespace }}
17 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-control/istio-discovery/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: istiod{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
 5 |   namespace: {{ .Release.Namespace }}
 6 |   {{- if .Values.pilot.serviceAnnotations }}
 7 |   annotations:
 8 | {{ toYaml .Values.pilot.serviceAnnotations | indent 4 }}
 9 |   {{- end }}
10 |   labels:
11 |     istio.io/rev: {{ .Values.revision | default "default" }}
12 |     install.operator.istio.io/owning-resource: {{ .Values.ownerName | default "unknown" }}
13 |     operator.istio.io/component: "Pilot"
14 |     app: istiod
15 |     istio: pilot
16 |     release: {{ .Release.Name }}
17 | spec:
18 |   ports:
19 |     - port: 15010
20 |       name: grpc-xds # plaintext
21 |       protocol: TCP
22 |     - port: 15012
23 |       name: https-dns # mTLS with k8s-signed cert
24 |       protocol: TCP
25 |     - port: 443
26 |       name: https-webhook # validation and injection
27 |       targetPort: 15017
28 |       protocol: TCP
29 |     - port: 15014
30 |       name: http-monitoring # prometheus stats
31 |       protocol: TCP
32 |   selector:
33 |     app: istiod
34 |     {{- if ne .Values.revision "" }}
35 |     istio.io/rev: {{ .Values.revision }}
36 |     {{- else }}
37 |     # Label used by the 'default' service. For versioned deployments we match with app and version.
38 |     # This avoids default deployment picking the canary
39 |     istio: pilot
40 |     {{- end }}
41 | ---
42 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-control/istio-discovery/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 |   {{- if .Values.global.imagePullSecrets }}
 4 | imagePullSecrets:
 5 |   {{- range .Values.global.imagePullSecrets }}
 6 |   - name: {{ . }}
 7 |   {{- end }}
 8 |   {{- end }}
 9 | metadata:
10 |   name: istiod{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
11 |   namespace: {{ .Values.global.istioNamespace }}
12 |   labels:
13 |     app: istiod
14 |     release: {{ .Release.Name }}
15 | ---
16 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-operator/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: istio-operator
 3 | # This version is never actually shipped. istio/release-builder will replace it at build-time
 4 | # with the appropriate version
 5 | version: 1.0.0
 6 | appVersion: 1.0.0
 7 | tillerVersion: ">=2.7.2"
 8 | description: Helm chart for deploying Istio operator
 9 | keywords:
10 |   - istio
11 |   - operator
12 | sources:
13 |   - https://github.com/istio/istio/tree/master/operator
14 | engine: gotpl
15 | icon: https://istio.io/latest/favicons/android-192x192.png
16 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-operator/templates/clusterrole_binding.yaml:
--------------------------------------------------------------------------------
 1 | kind: ClusterRoleBinding
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | metadata:
 4 |   name: istio-operator{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
 5 | subjects:
 6 | - kind: ServiceAccount
 7 |   name: istio-operator{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
 8 |   namespace: {{.Release.Namespace}}
 9 | roleRef:
10 |   kind: ClusterRole
11 |   name: istio-operator{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
12 |   apiGroup: rbac.authorization.k8s.io
13 | ---
14 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-operator/templates/crds.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.enableCRDTemplates -}}
2 | {{- range $path, $bytes := .Files.Glob "crds/*.yaml" -}}
3 | ---
4 | {{ $.Files.Get $path }}
5 | {{- end -}}
6 | {{- end -}}
7 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-operator/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   namespace: {{.Release.Namespace}}
 5 |   labels:
 6 |     name: istio-operator
 7 |   name: istio-operator{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
 8 | spec:
 9 |   ports:
10 |   - name: http-metrics
11 |     port: 8383
12 |     targetPort: 8383
13 |     protocol: TCP
14 |   selector:
15 |     name: istio-operator
16 | ---
17 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-operator/templates/service_account.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | metadata:
 4 |   namespace: {{.Release.Namespace}}
 5 |   name: istio-operator{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
 6 | {{- if .Values.imagePullSecrets }}
 7 | imagePullSecrets:
 8 | {{- range .Values.imagePullSecrets }}
 9 | - name: {{ . }}
10 | {{- end }}
11 | {{- end }}
12 | ---
13 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istio-operator/values.yaml:
--------------------------------------------------------------------------------
 1 | hub: gcr.io/istio-testing
 2 | tag: latest
 3 | 
 4 | # ImagePullSecrets for operator ServiceAccount, list of secrets in the same namespace
 5 | # used to pull operator image. Must be set for any cluster configured with private docker registry.
 6 | imagePullSecrets: []
 7 | 
 8 | # Used to replace istioNamespace to support operator watch multiple namespaces.
 9 | watchedNamespaces: istio-system
10 | waitForResourcesTimeout: 300s
11 | 
12 | # Used for helm2 to add the CRDs to templates.
13 | enableCRDTemplates: false
14 | 
15 | # revision for the operator resources
16 | revision: ""
17 | 
18 | # Operator resource defaults
19 | operator:
20 |   resources:
21 |     limits:
22 |       cpu: 200m
23 |       memory: 256Mi
24 |     requests:
25 |       cpu: 50m
26 |       memory: 128Mi
27 | 
28 | # Node labels for pod assignment
29 | nodeSelector: {}
30 | 
31 | # Tolerations for pod assignment
32 | tolerations: []
33 | 
34 | # Affinity for pod assignment
35 | affinity: {}
36 | 
37 | # Additional labels and annotations to apply on the pod level for monitoring and logging configuration.
38 | podLabels: {}
39 | podAnnotations: {}
40 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istiod-remote/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: istiod-remote
 3 | # This version is never actually shipped. istio/release-builder will replace it at build-time
 4 | # with the appropriate version
 5 | version: 1.0.0
 6 | appVersion: 1.0.0
 7 | tillerVersion: ">=2.7.2"
 8 | description: Helm chart for a remote cluster using an external istio control plane
 9 | keywords:
10 |   - istio
11 |   - external-istiod
12 | sources:
13 |   - http://github.com/istio/istio
14 | engine: gotpl
15 | icon: https://istio.io/latest/favicons/android-192x192.png
16 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istiod-remote/NOTES.txt:
--------------------------------------------------------------------------------
1 | Install for a remote cluster using an external control plane.
2 | 
3 | The templates in this directory are copies of base and istio-discovery templates.
4 | DO NOT EDIT! Make changes in the corresponding files in base or istio-discovery and they will be copied here by make gen.
5 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istiod-remote/templates/endpoints.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.global.remotePilotAddress }}
 2 |   {{- if .Values.pilot.enabled }}
 3 | apiVersion: v1
 4 | kind: Endpoints
 5 | metadata:
 6 |   name: istiod-remote
 7 |   namespace: {{ .Release.Namespace }}
 8 | subsets:
 9 | - addresses:
10 |   - ip: {{ .Values.global.remotePilotAddress }}
11 |   ports:
12 |   - port: 15012
13 |     name: tcp-istiod
14 |     protocol: TCP
15 |   {{- else if regexMatch "^([0-9]*\\.){3}[0-9]*$" .Values.global.remotePilotAddress }}
16 | apiVersion: v1
17 | kind: Endpoints
18 | metadata:
19 |   name: istiod
20 |   namespace: {{ .Release.Namespace }}
21 | subsets:
22 | - addresses:
23 |   - ip: {{ .Values.global.remotePilotAddress }}
24 |   ports:
25 |   - port: 15012
26 |     name: tcp-istiod
27 |     protocol: TCP
28 |   {{- end }}
29 | ---
30 | {{- end }}
31 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istiod-remote/templates/reader-clusterrolebinding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: istio-reader-clusterrole{{- if not (eq .Values.revision "")}}-{{ .Values.revision }}{{- end }}-{{ .Release.Namespace }}
 5 |   labels:
 6 |     app: istio-reader
 7 |     release: {{ .Release.Name }}
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: istio-reader-clusterrole{{- if not (eq .Values.revision "")}}-{{ .Values.revision }}{{- end }}-{{ .Release.Namespace }}
12 | subjects:
13 |   - kind: ServiceAccount
14 |     name: istio-reader-service-account
15 |     namespace: {{ .Values.global.istioNamespace }}
16 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istiod-remote/templates/reader-serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | # This service account aggregates reader permissions for the revisions in a given cluster
 2 | # Should be used for remote secret creation.
 3 | apiVersion: v1
 4 | kind: ServiceAccount
 5 |   {{- if .Values.global.imagePullSecrets }}
 6 | imagePullSecrets:
 7 |   {{- range .Values.global.imagePullSecrets }}
 8 |   - name: {{ . }}
 9 |     {{- end }}
10 |     {{- end }}
11 | metadata:
12 |   name: istio-reader-service-account
13 |   namespace: {{ .Values.global.istioNamespace }}
14 |   labels:
15 |     app: istio-reader
16 |     release: {{ .Release.Name }}
17 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istiod-remote/templates/role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.global.configCluster }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   name: istiod{{- if not (eq .Values.revision "")}}-{{ .Values.revision }}{{- end }}
 6 |   namespace: {{ .Values.global.istioNamespace }}
 7 |   labels:
 8 |     app: istiod
 9 |     release: {{ .Release.Name }}
10 | rules:
11 | # permissions to verify the webhook is ready and rejecting
12 | # invalid config. We use --server-dry-run so no config is persisted.
13 | - apiGroups: ["networking.istio.io"]
14 |   verbs: ["create"]
15 |   resources: ["gateways"]
16 | 
17 | # For storing CA secret
18 | - apiGroups: [""]
19 |   resources: ["secrets"]
20 |   # TODO lock this down to istio-ca-cert if not using the DNS cert mesh config
21 |   verbs: ["create", "get", "watch", "list", "update", "delete"]
22 | {{- end }}
23 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istiod-remote/templates/rolebinding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.global.configCluster }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: RoleBinding
 4 | metadata:
 5 |   name: istiod{{- if not (eq .Values.revision "")}}-{{ .Values.revision }}{{- end }}
 6 |   namespace: {{ .Values.global.istioNamespace }}
 7 |   labels:
 8 |     app: istiod
 9 |     release: {{ .Release.Name }}
10 | roleRef:
11 |   apiGroup: rbac.authorization.k8s.io
12 |   kind: Role
13 |   name: istiod{{- if not (eq .Values.revision "")}}-{{ .Values.revision }}{{- end }}
14 | subjects:
15 |   - kind: ServiceAccount
16 |     name: istiod{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
17 |     namespace: {{ .Values.global.istioNamespace }}
18 | {{- end }}
19 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istiod-remote/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.global.configCluster }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 |   {{- if .Values.global.imagePullSecrets }}
 5 | imagePullSecrets:
 6 |   {{- range .Values.global.imagePullSecrets }}
 7 |   - name: {{ . }}
 8 |   {{- end }}
 9 |   {{- end }}
10 | metadata:
11 |   name: istiod{{- if not (eq .Values.revision "") }}-{{ .Values.revision }}{{- end }}
12 |   namespace: {{ .Values.global.istioNamespace }}
13 |   labels:
14 |     app: istiod
15 |     release: {{ .Release.Name }}
16 | ---
17 | {{- end }}
18 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/istio_helm/istiod-remote/templates/services.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.global.remotePilotAddress }}
 2 |   {{- if .Values.pilot.enabled }}
 3 | # when local istiod is enabled, we can't use istiod service name to reach the remote control plane
 4 | apiVersion: v1
 5 | kind: Service
 6 | metadata:
 7 |   name: istiod-remote
 8 |   namespace: {{ .Release.Namespace }}
 9 | spec:
10 |   ports:
11 |   - port: 15012
12 |     name: tcp-istiod
13 |     protocol: TCP
14 |   clusterIP: None
15 |   {{- else }}
16 | # when local istiod isn't enabled, we can use istiod service name to reach the remote control plane
17 | apiVersion: v1
18 | kind: Service
19 | metadata:
20 |   name: istiod
21 |   namespace: {{ .Release.Namespace }}
22 | spec:
23 |   ports:
24 |   - port: 15012
25 |     name: tcp-istiod
26 |     protocol: TCP
27 |   # if the remotePilotAddress is IP addr, we use clusterIP: None.
28 |   # else, we use externalName
29 |   {{- if regexMatch "^([0-9]*\\.){3}[0-9]*$" .Values.global.remotePilotAddress }}
30 |   clusterIP: None
31 |   {{- else }}
32 |   type: ExternalName
33 |   externalName: {{ .Values.global.remotePilotAddress }}
34 |   {{- end }}
35 |   {{- end }}
36 | ---
37 | {{- end }}
38 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/longhorn/chart/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/longhorn/chart/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: v1.3.2
 3 | description: Longhorn is a distributed block storage system for Kubernetes.
 4 | home: https://github.com/longhorn/longhorn
 5 | icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/longhorn/icon/color/longhorn-icon-color.png
 6 | keywords:
 7 | - longhorn
 8 | - storage
 9 | - distributed
10 | - block
11 | - device
12 | - iscsi
13 | - nfs
14 | kubeVersion: '>=1.18.0-0 <1.25.0-0'
15 | maintainers:
16 | - email: maintainers@longhorn.io
17 |   name: Longhorn maintainers
18 | name: longhorn
19 | sources:
20 | - https://github.com/longhorn/longhorn
21 | - https://github.com/longhorn/longhorn-engine
22 | - https://github.com/longhorn/longhorn-instance-manager
23 | - https://github.com/longhorn/longhorn-share-manager
24 | - https://github.com/longhorn/longhorn-manager
25 | - https://github.com/longhorn/longhorn-ui
26 | - https://github.com/longhorn/longhorn-tests
27 | - https://github.com/longhorn/backing-image-manager
28 | version: 1.3.2
29 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/longhorn/chart/app-readme.md:
--------------------------------------------------------------------------------
 1 | # Longhorn
 2 | 
 3 | Longhorn is a lightweight, reliable and easy to use distributed block storage system for Kubernetes. Once deployed, users can leverage persistent volumes provided by Longhorn.
 4 | 
 5 | Longhorn creates a dedicated storage controller for each volume and synchronously replicates the volume across multiple replicas stored on multiple nodes. The storage controller and replicas are themselves orchestrated using Kubernetes. Longhorn supports snapshots, backups and even allows you to schedule recurring snapshots and backups!
 6 | 
 7 | **Important**: Please install Longhorn chart in `longhorn-system` namespace only.
 8 | 
 9 | **Warning**: Longhorn doesn't support downgrading from a higher version to a lower version.
10 | 
11 | [Chart Documentation](https://github.com/longhorn/longhorn/blob/master/chart/README.md)
12 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/longhorn/chart/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Longhorn is now installed on the cluster!
2 | 
3 | Please wait a few minutes for other Longhorn components such as CSI deployments, Engine Images, and Instance Managers to be initialized.
4 | 
5 | Visit our documentation at https://longhorn.io/docs/
6 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/longhorn/chart/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: longhorn-bind
 5 |   labels: {{- include "longhorn.labels" . | nindent 4 }}
 6 | roleRef:
 7 |   apiGroup: rbac.authorization.k8s.io
 8 |   kind: ClusterRole
 9 |   name: longhorn-role
10 | subjects:
11 | - kind: ServiceAccount
12 |   name: longhorn-service-account
13 |   namespace: {{ include "release_namespace" . }}
14 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/longhorn/chart/templates/registry-secret.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.privateRegistry.createSecret }}
 2 | {{- if .Values.privateRegistry.registrySecret }}
 3 | apiVersion: v1
 4 | kind: Secret
 5 | metadata:
 6 |   name: {{ .Values.privateRegistry.registrySecret }}
 7 |   namespace: {{ include "release_namespace" . }}
 8 |   labels: {{- include "longhorn.labels" . | nindent 4 }}
 9 | type: kubernetes.io/dockerconfigjson
10 | data:
11 |   .dockerconfigjson: {{ template "secret" . }}
12 | {{- end }}
13 | {{- end }}


--------------------------------------------------------------------------------
/mdos-setup/dep/longhorn/chart/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | metadata:
 4 |   name: longhorn-service-account
 5 |   namespace: {{ include "release_namespace" . }}
 6 |   labels: {{- include "longhorn.labels" . | nindent 4 }}
 7 |   {{- with .Values.serviceAccount.annotations }}
 8 |   annotations:
 9 |     {{- toYaml . | nindent 4 }}
10 |   {{- end }}


--------------------------------------------------------------------------------
/mdos-setup/dep/longhorn/chart/templates/tls-secrets.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.ingress.enabled }}
 2 | {{- range .Values.ingress.secrets }}
 3 | apiVersion: v1
 4 | kind: Secret
 5 | metadata:
 6 |   name: {{ .name }}
 7 |   namespace: {{ include "release_namespace" $ }}
 8 |   labels: {{- include "longhorn.labels" $ | nindent 4 }}
 9 |     app: longhorn
10 | type: kubernetes.io/tls
11 | data:
12 |   tls.crt: {{ .certificate | b64enc }}
13 |   tls.key: {{ .key | b64enc }}
14 | ---
15 | {{- end }}
16 | {{- end }}
17 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/mhc-generic/chart/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *.orig
18 | *~
19 | # Various IDEs
20 | .project
21 | .idea/
22 | *.tmproj
23 | .vscode/
24 | Jenkinsfile
25 | pacman_values.yaml
26 | validationapp_values.yaml
27 | README.md


--------------------------------------------------------------------------------
/mdos-setup/dep/mhc-generic/chart/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v2
 2 | name: mhc-generic
 3 | description: A Helm chart for MDOS applications deployed on Kubernetes
 4 | 
 5 | # A chart can be either an 'application' or a 'library' chart.
 6 | #
 7 | # Application charts are a collection of templates that can be packaged into versioned archives
 8 | # to be deployed.
 9 | #
10 | # Library charts provide useful utilities or functions for the chart developer. They're included as
11 | # a dependency of application charts to inject those utilities and functions into the rendering
12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed.
13 | type: application
14 | 
15 | # This is the chart version. This version number should be incremented each time you make changes
16 | # to the chart and its templates, including the app version.
17 | # Versions are expected to follow Semantic Versioning (https://semver.org/)
18 | version: 1.0.0
19 | 
20 | # This is the version number of the application being deployed. This version number should be
21 | # incremented each time you make changes to the application. Versions are not expected to
22 | # follow Semantic Versioning. They should reflect the version the application is using.
23 | # It is recommended to use it with quotes.
24 | appVersion: "1.0.0"
25 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/mhc-generic/chart/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | {{/*
2 | Done
3 | */}}


--------------------------------------------------------------------------------
/mdos-setup/dep/mhc-generic/chart/templates/pvc.yaml:
--------------------------------------------------------------------------------
 1 | {{- $appName := .Values.appName -}}
 2 | 
 3 | {{- range .Values.components }}
 4 |   {{- $appComponentName := lower .name -}}
 5 |   {{- $uuid := .uuid -}}
 6 | 
 7 |   {{- if .volumes }}
 8 |     {{- range .volumes }}
 9 |       {{- if not .hostPath }}
10 |         {{- if not .sharedVolumeName }} 
11 | ---
12 | apiVersion: v1
13 | kind: PersistentVolumeClaim
14 | metadata:
15 |   name: {{ $appName }}-{{ $appComponentName }}-{{ .name }}
16 |   labels:
17 |     app: {{ $appComponentName }}
18 |     appUuid: {{ $.Values.uuid }}
19 |     compUuid: {{ $uuid }}
20 |     tenantName: {{ $.Values.tenantName }}
21 | spec:
22 |   accessModes:
23 |     - ReadWriteOnce
24 |           {{- if .storageClass }}
25 |   storageClassName: {{ .storageClass | quote }}
26 |           {{- else }}
27 |   storageClassName: "longhorn"
28 |           {{- end }}
29 |   resources:
30 |     requests:
31 |           {{- if .size }}
32 |       storage: {{ .size }}
33 |           {{- else }}
34 |       storage: 1Gi
35 |           {{- end }}
36 |         {{- end }}
37 |       {{- end }}
38 |     {{- end }}
39 |   {{- end }}
40 | {{- end }}


--------------------------------------------------------------------------------
/mdos-setup/dep/mhc-generic/chart/templates/roleBinding.yaml:
--------------------------------------------------------------------------------
 1 | {{- range .Values.components }}
 2 |   {{- if .roleBindings }}
 3 |     {{- range .roleBindings }}
 4 | ---
 5 |       {{- if .serviceAccount }}
 6 | kind: RoleBinding
 7 | apiVersion: rbac.authorization.k8s.io/v1
 8 | metadata:
 9 |   name: {{ .name }}
10 |   namespace: {{ $.Values.tenantName }}
11 | subjects:
12 | - kind: ServiceAccount
13 |   name: {{ .serviceAccount }}
14 |   namespace: {{ $.Values.tenantName }}
15 | roleRef:
16 |         {{- if .clusterRole }}
17 |   kind: ClusterRole
18 |   name: {{ .clusterRole }}
19 |   apiGroup: rbac.authorization.k8s.io
20 |         {{- end }}
21 |       {{- else }}
22 | kind: RoleBinding
23 | apiVersion: rbac.authorization.k8s.io/v1
24 | metadata:
25 |   name: {{ .name }}
26 |   namespace: {{ $.Values.tenantName }}
27 | subjects:
28 | - kind: User
29 |   name: system:serviceaccount:{{ $.Values.tenantName }}:default
30 |   apiGroup: rbac.authorization.k8s.io
31 | roleRef:
32 |         {{- if .clusterRole }}
33 |   kind: ClusterRole
34 |   name: {{ .clusterRole }}
35 |   apiGroup: rbac.authorization.k8s.io
36 |         {{- else }}
37 |   kind: Role
38 |   name: {{ .role }}
39 |   apiGroup: rbac.authorization.k8s.io
40 |         {{- end }}
41 |       {{- end }}
42 | 
43 |     {{- end }}
44 |   {{- end }}
45 | {{- end }}


--------------------------------------------------------------------------------
/mdos-setup/dep/mhc-generic/chart/templates/sa.yaml:
--------------------------------------------------------------------------------
 1 | {{- range .Values.components }}
 2 |   {{- if .serviceAccount }}
 3 | ---
 4 | apiVersion: v1
 5 | kind: ServiceAccount
 6 | metadata:
 7 |   name: {{ .serviceAccount }}
 8 |   {{- end }}
 9 | {{- end }}
10 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/mhc-generic/chart/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- $appName := .Values.appName -}}
 2 | 
 3 | {{- range .Values.components }}
 4 |   {{- $appComponentName := lower .name -}}
 5 |   {{- $uuid := .uuid -}}
 6 |   {{- if .services }}
 7 |     {{- range .services }}
 8 | ---
 9 | apiVersion: v1
10 | kind: Service
11 | metadata:
12 |   name: {{ $appName }}-{{ $appComponentName }}-{{ lower .name }}
13 |   labels:
14 |     app: {{ $appComponentName }}
15 |     appUuid: {{ $.Values.uuid }}
16 |     compUuid: {{ $uuid }}
17 |     tenantName: {{ $.Values.tenantName }}
18 | spec:
19 |       {{- if .type }}
20 |   type: {{ .type }}
21 |       {{- else }}
22 |   type: ClusterIP
23 |       {{- end }}
24 |   ports:
25 |       {{- range .ports }}
26 |     - targetPort: {{ .port }}
27 |         {{- if .svcPort }}
28 |       port: {{ .svcPort }}
29 |         {{- else }}
30 |       port: {{ .port }}
31 |         {{- end }}
32 |         {{- if .nodePort }}
33 |       nodePort: {{ .nodePort }}
34 |         {{- end }}
35 |       # protocol: TCP
36 |       name: {{ .name }}
37 |       {{- end }}
38 |   selector:
39 |     appUuid: {{ $.Values.uuid }}
40 |     compUuid: {{ $uuid }}
41 |     app: {{ $appComponentName }}
42 |     tenantName: {{ $.Values.tenantName }}
43 |     {{- end }}
44 |   {{- end }}
45 | {{- end }}


--------------------------------------------------------------------------------
/mdos-setup/dep/mhc-generic/chart/values.yaml:
--------------------------------------------------------------------------------
1 | global:
2 |   config: []
3 |   secrets: []


--------------------------------------------------------------------------------
/mdos-setup/dep/pure-ftpd/docker-compose.yaml:
--------------------------------------------------------------------------------
 1 | version: '3'
 2 | 
 3 | services:
 4 |   mdos_ftpd_server:
 5 |     image: registry.mydomain.com/mdos-ftp-bot:latest
 6 |     container_name: mdos-ftpd-bot
 7 |     ports:
 8 |       - "3039:3039"
 9 |       - "3915:21"
10 |       - "3916-3920:3916-3920"
11 |     volumes:
12 |       - "~/.mdos/ftp-data/userdata:/home/ftp_data/"
13 |       - "~/.mdos/ftp-data/passwd:/etc/pure-ftpd/passwd"
14 |       - "/etc/letsencrypt/live/<your_server>/fullchain.pem:/etc/ssl/private/pure-ftpd-cert.pem"
15 |       - "/etc/letsencrypt/live/<your_server>/privkey.pem:/etc/ssl/private/pure-ftpd-key.pem"
16 |     environment:
17 |       FTP_HOME_ROOT: /home/ftp_data
18 |       M2M_USER: mdundek
19 |       M2M_PASSWORD: supersecret
20 |       FTP_SERVER_MAIN_PORT: "3915"
21 |       FTP_PASSIVE_PORTS: 3916:3920
22 |       PUBLICHOST: "mdos-ftp.mydomain.com"
23 |       # ADDED_FLAGS: "--tls=2"
24 |     restart: always


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/Chart.yaml:
--------------------------------------------------------------------------------
 1 | annotations:
 2 |   category: Infrastructure
 3 | apiVersion: v2
 4 | appVersion: 3.9.7
 5 | dependencies:
 6 |   - name: common
 7 |     tags:
 8 |       - scds-common
 9 |     version: 1.10.0
10 | description: Open source message broker software that implements the Advanced Message Queuing Protocol (AMQP)
11 | engine: gotpl
12 | keywords:
13 |   - rabbitmq
14 |   - message queue
15 |   - AMQP
16 | maintainers:
17 |   - email: nicolas.ydder.external@airbus.com
18 |     name: SCDS / AirSpace Link
19 | name: rabbitmq
20 | sources:
21 |   - https://github.airbus.corp/Airbus/scds-2u32-vnsu-broker
22 |   - https://www.rabbitmq.com
23 | version: 8.23.1


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/charts/common/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/charts/common/Chart.yaml:
--------------------------------------------------------------------------------
 1 | annotations:
 2 |   category: Infrastructure
 3 | apiVersion: v2
 4 | # Please make sure that version and appVersion are always the same.
 5 | appVersion: 1.10.0
 6 | description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself.
 7 | home: https://github.com/bitnami/charts/tree/master/bitnami/common
 8 | icon: https://bitnami.com/downloads/logos/bitnami-mark.png
 9 | keywords:
10 |   - common
11 |   - helper
12 |   - template
13 |   - function
14 |   - bitnami
15 | maintainers:
16 |   - email: containers@bitnami.com
17 |     name: Bitnami
18 | name: common
19 | sources:
20 |   - https://github.com/bitnami/charts
21 |   - http://www.bitnami.com/
22 | type: library
23 | version: 1.10.0
24 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/charts/common/templates/_labels.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Kubernetes standard labels
 4 | */}}
 5 | {{- define "common.labels.standard" -}}
 6 | app.kubernetes.io/name: {{ include "common.names.name" . }}
 7 | helm.sh/chart: {{ include "common.names.chart" . }}
 8 | app.kubernetes.io/instance: {{ .Release.Name }}
 9 | app.kubernetes.io/managed-by: {{ .Release.Service }}
10 | {{- end -}}
11 | 
12 | {{/*
13 | Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector
14 | */}}
15 | {{- define "common.labels.matchLabels" -}}
16 | app.kubernetes.io/name: {{ include "common.names.name" . }}
17 | app.kubernetes.io/instance: {{ .Release.Name }}
18 | {{- end -}}
19 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/charts/common/templates/_storage.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Return  the proper Storage Class
 4 | {{ include "common.storage.class" ( dict "persistence" .Values.path.to.the.persistence "global" $) }}
 5 | */}}
 6 | {{- define "common.storage.class" -}}
 7 | 
 8 | {{- $storageClass := .persistence.storageClass -}}
 9 | {{- if .global -}}
10 |     {{- if .global.storageClass -}}
11 |         {{- $storageClass = .global.storageClass -}}
12 |     {{- end -}}
13 | {{- end -}}
14 | 
15 | {{- if $storageClass -}}
16 |   {{- if (eq "-" $storageClass) -}}
17 |       {{- printf "storageClassName: \"\"" -}}
18 |   {{- else }}
19 |       {{- printf "storageClassName: %s" $storageClass -}}
20 |   {{- end -}}
21 | {{- end -}}
22 | 
23 | {{- end -}}
24 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/charts/common/templates/_tplvalues.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Renders a value that contains template.
 4 | Usage:
 5 | {{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $) }}
 6 | */}}
 7 | {{- define "common.tplvalues.render" -}}
 8 |     {{- if typeIs "string" .value }}
 9 |         {{- tpl .value .context }}
10 |     {{- else }}
11 |         {{- tpl (.value | toYaml) .context }}
12 |     {{- end }}
13 | {{- end -}}
14 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/charts/common/templates/_warnings.tpl:
--------------------------------------------------------------------------------
 1 | {{/* vim: set filetype=mustache: */}}
 2 | {{/*
 3 | Warning about using rolling tag.
 4 | Usage:
 5 | {{ include "common.warnings.rollingTag" .Values.path.to.the.imageRoot }}
 6 | */}}
 7 | {{- define "common.warnings.rollingTag" -}}
 8 | 
 9 | {{- if and (contains "bitnami/" .repository) (not (.tag | toString | regexFind "-r\\d+$|sha256:")) }}
10 | WARNING: Rolling tag detected ({{ .repository }}:{{ .tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
11 | +info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
12 | {{- end }}
13 | 
14 | {{- end -}}
15 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/charts/common/values.yaml:
--------------------------------------------------------------------------------
1 | ## bitnami/common
2 | ## It is required by CI/CD tools and processes.
3 | ## @skip exampleValue
4 | ##
5 | exampleValue: common-chart
6 | 


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/templates/configuration.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ConfigMap
 3 | metadata:
 4 |   name: {{ template "rabbitmq.fullname" . }}-config
 5 |   namespace: {{ .Release.Namespace | quote }}
 6 |   labels: {{- include "common.labels.standard" . | nindent 4 }}
 7 |   {{- if .Values.commonAnnotations }}
 8 |   annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
 9 |   {{- end }}
10 | data:
11 |   rabbitmq.conf: |-
12 |     {{- include "common.tplvalues.render" (dict "value" .Values.configuration "context" $) | nindent 4 }}
13 |   {{- if .Values.advancedConfiguration}}
14 |   advanced.config: |-
15 |     {{- include "common.tplvalues.render" (dict "value" .Values.advancedConfiguration "context" $) | nindent 4 }}
16 |   {{- end }}


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/templates/extra-list.yaml:
--------------------------------------------------------------------------------
1 | {{- range .Values.extraDeploy }}
2 | ---
3 | {{ include "common.tplvalues.render" (dict "value" . "context" $) }}
4 | {{- end }}


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/templates/pdb.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.pdb.create }}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: {{ include "rabbitmq.fullname" . }}
 6 |   namespace: {{ .Release.Namespace | quote }}
 7 |   labels: {{- include "common.labels.standard" . | nindent 4 }}
 8 |   {{- if .Values.commonAnnotations }}
 9 |   annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
10 |   {{- end }}
11 | spec:
12 |   {{- if .Values.pdb.minAvailable }}
13 |   minAvailable: {{ .Values.pdb.minAvailable }}
14 |   {{- end }}
15 |   {{- if .Values.pdb.maxUnavailable }}
16 |   maxUnavailable: {{ .Values.pdb.maxUnavailable }}
17 |   {{- end }}
18 |   selector:
19 |     matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }}
20 | {{- end }}


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/templates/prometheusrule.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }}
 2 | apiVersion: monitoring.coreos.com/v1
 3 | kind: PrometheusRule
 4 | metadata:
 5 |   name: {{ include "rabbitmq.fullname" . }}
 6 |   {{- if .Values.metrics.prometheusRule.namespace }}
 7 |   namespace: {{ .Values.metrics.prometheusRule.namespace }}
 8 |   {{- else }}
 9 |   namespace: {{ .Release.Namespace | quote }}
10 |   {{- end }}
11 |   labels: {{- include "common.labels.standard" . | nindent 4 }}
12 |     {{- if .Values.metrics.prometheusRule.additionalLabels }}
13 |     {{- include "common.tplvalues.render" (dict "value" .Values.metrics.prometheusRule.additionalLabels "context" $) | nindent 4 }}
14 |     {{- end }}
15 |   {{- if .Values.commonAnnotations }}
16 |   annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
17 |   {{- end }}
18 | spec:
19 |   groups:
20 |   {{- with .Values.metrics.prometheusRule.rules }}
21 |     - name: {{ template "rabbitmq.name" $ }}
22 |       rules: {{- include "common.tplvalues.render" (dict "value" . "context" $) | nindent 8 }}
23 |   {{- end }}
24 | {{- end }}


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/templates/role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.create }}
 2 | kind: Role
 3 | apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
 4 | metadata:
 5 |   name: {{ template "rabbitmq.fullname" . }}-endpoint-reader
 6 |   namespace: {{ .Release.Namespace | quote }}
 7 |   labels: {{- include "common.labels.standard" . | nindent 4 }}
 8 |   {{- if .Values.commonAnnotations }}
 9 |   annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
10 |   {{- end }}
11 | rules:
12 |   - apiGroups: [""]
13 |     resources: ["endpoints"]
14 |     verbs: ["get"]
15 |   - apiGroups: [""]
16 |     resources: ["events"]
17 |     verbs: ["create"]
18 | {{- end }}


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/templates/rolebinding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.serviceAccount.create .Values.rbac.create }}
 2 | kind: RoleBinding
 3 | apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
 4 | metadata:
 5 |   name: {{ template "rabbitmq.fullname" . }}-endpoint-reader
 6 |   namespace: {{ .Release.Namespace | quote }}
 7 |   labels: {{- include "common.labels.standard" . | nindent 4 }}
 8 |   {{- if .Values.commonAnnotations }}
 9 |   annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
10 |   {{- end }}
11 | subjects:
12 |   - kind: ServiceAccount
13 |     name: {{ template "rabbitmq.serviceAccountName" . }}
14 | roleRef:
15 |   apiGroup: rbac.authorization.k8s.io
16 |   kind: Role
17 |   name: {{ template "rabbitmq.fullname" . }}-endpoint-reader
18 | {{- end }}


--------------------------------------------------------------------------------
/mdos-setup/dep/rabbitmq/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.serviceAccount.create }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   name: {{ include "rabbitmq.serviceAccountName" . }}
 6 |   namespace: {{ .Release.Namespace | quote }}
 7 |   labels: {{- include "common.labels.standard" . | nindent 4 }}
 8 |   {{- if .Values.commonAnnotations }}
 9 |   annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
10 |   {{- end }}
11 | automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
12 | secrets:
13 |   - name: {{ include "rabbitmq.fullname" . }}
14 | {{- end }}
15 | 


--------------------------------------------------------------------------------