don't install apt-get recommendations

set PORT and PIDFILE via environment variables
2025-04-29 13:52:08 -05:00 · 2025-04-28 15:31:09 -05:00
24 changed files with 256 additions and 259 deletions
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -1,2 +1,2 @@
-ARG VARIANT="3.4.4"
+ARG VARIANT="3.4.2"
 FROM ghcr.io/rails/devcontainer/images/ruby:${VARIANT}
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -6,7 +6,7 @@
        "vscode": {
            "extensions": [
                "Shopify.ruby-lsp",
-                "docker.docker"
+                "ms-azuretools.vscode-docker"
            ]
        }
    },
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,7 +0,0 @@
 **/.git
 **/.gitignore
 /.devcontainer
 /.gitea
 /.github
 /.vscode
 /charts
--- a/.gitea/workflows/release.yaml
+++ b/.gitea/workflows/release.yaml
@@ -1,16 +1,65 @@
 ---
-name: Release
+name: Gitea Actions Demo
 run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀
 on:
  schedule: 
-    - cron: "0 0 * * *"
+    - cron: "0 10 * * *"
  push:
    branches:
-      - main
+      - "**"
    tags:
      - "v*.*.*"
  pull_request:
 jobs:
-  docker:
+  lint:
    runs-on: ubuntu-latest
    permissions:
      checks: write
      contents: write
    steps:
      - name: Login to Docker
        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
        with:
          username: ${{ vars.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Ruby Setup
        uses: ruby/setup-ruby@dffc446db9ba5a0c4446edb5bca1c5c473a806c5 # v1.235.0
        with:
          ruby-version: '3.4'
          bundler-cache: true
      - run: bundle install
      - name: Standard Ruby
        run: bundle exec standardrb
  test:
    needs: lint
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Test
        uses: ruby/setup-ruby@dffc446db9ba5a0c4446edb5bca1c5c473a806c5 # v1.235.0
        with:
          ruby-version: '3.4'
          bundler-cache: true
      - run: bundle exec rake
  docker:
    needs: test
    runs-on: ubuntu-latest
    container:
      image: catthehacker/ubuntu:act-latest
    env:
      DOCKER_ORG: ryanc
      DOCKER_LATEST: latest
@@ -36,9 +85,6 @@ jobs:
          printf "GITHUB_SHA=%s\n" "$GITHUB_SHA"
          printf "VERSION=%s\n" "$VERSION" | tee -a "$GITHUB_OUTPUT"
      - name: Set up QEMU
        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
@@ -59,8 +105,7 @@ jobs:
            latest=auto
          bake-target: docker-metadata-action
          tags: |
-            type=schedule,pattern=nightly
+            type=schedule
            type=edge
            type=ref,event=branch
            type=ref,event=pr
            type=semver,pattern={{version}}
@@ -79,8 +124,7 @@ jobs:
            latest=auto
            suffix=-alpine,onlatest=true
          tags: |
-            type=schedule,pattern=nightly
+            type=schedule
            type=edge
            type=ref,event=branch
            type=ref,event=pr
            type=semver,pattern={{version}}
--- a/.gitea/workflows/lint.yaml
+++ b/.gitea/workflows/lint.yaml
@@ -1,23 +0,0 @@
 ---
 name: Ruby Lint
 on:
  push:
    branches:
      - "**"
  pull_request:
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Ruby Setup
        uses: ruby/setup-ruby@dffc446db9ba5a0c4446edb5bca1c5c473a806c5 # v1.235.0
        with:
          ruby-version: '3.4'
          bundler-cache: true
      - name: Standard Ruby
        run: bundle exec standardrb
--- a/.gitea/workflows/test.yaml
+++ b/.gitea/workflows/test.yaml
@@ -1,22 +0,0 @@
 ---
 name: Ruby Test
 on:
  push:
    branches:
      - "**"
  pull_request:
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Test
        uses: ruby/setup-ruby@dffc446db9ba5a0c4446edb5bca1c5c473a806c5 # v1.235.0
        with:
          ruby-version: '3.4'
          bundler-cache: true
      - run: bundle exec rake
--- a/42
+++ b/42
@@ -0,0 +1,42 @@
 ARG RUBY_VERSION="3.4.3"
 FROM ruby:${RUBY_VERSION} AS base
 WORKDIR /app
 RUN <<EOT
  apt-get update
  gem update --system --no-document
  gem install -N bundler
 EOT
 FROM base AS build
 RUN <<EOT
  apt-get install --yes gcc make
 EOT
 COPY Gemfile* .
 RUN <<EOT
  bundle config set --local without development
  bundle install
 EOT
 FROM base
 ENV PORT=4567
 # RUN useradd ruby --home /app --shell /bin/sh
 RUN useradd --home /app --create-home app
 USER app:app
 COPY --from=build /usr/local/bundle /usr/local/bundle
 COPY --from=build --chown=app:app /app /app
 COPY --chown=app:app . .
 EXPOSE 4567
 CMD [ "puma", "--bind", "0.0.0.0", "--port", "$PORT" ]
--- a/4
+++ b/4
@@ -3,19 +3,17 @@ source "https://rubygems.org"
 gem "sinatra"
 gem "sinatra-contrib"
 gem "puma"
 gem "rackup"
 gem "anyflake"
 gem "ksuid"
 gem "nanoid"
 gem "ulid"
 gem "uuid7"
 gem "cuid2"
 gem "jwt"
 gem "httparty"
 gem "prometheus-client"
 group :development do
  gem "ruby-lsp"
  gem "rack-test"
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -3,26 +3,25 @@ GEM
  specs:
    anyflake (0.0.1)
    ast (2.4.3)
-    base64 (0.3.0)
+    base64 (0.2.0)
-    bigdecimal (3.2.2)
+    bigdecimal (3.1.9)
-    csv (3.3.5)
+    csv (3.3.4)
-    cuid2 (1.0.1)
+    diff-lcs (1.6.1)
    diff-lcs (1.6.2)
    httparty (0.23.1)
      csv
      mini_mime (>= 1.0.0)
      multi_xml (>= 0.5.2)
-    json (2.12.2)
+    json (2.11.3)
-    jwt (3.1.2)
+    jwt (2.10.1)
      base64
    ksuid (1.0.0)
-    language_server-protocol (3.17.0.5)
+    language_server-protocol (3.17.0.4)
    lint_roller (1.1.0)
    logger (1.7.0)
    mini_mime (1.1.5)
    minitest (5.25.5)
    multi_json (1.15.0)
-    multi_xml (0.7.2)
+    multi_xml (0.7.1)
      bigdecimal (~> 3.1)
    mustermann (3.0.3)
      ruby2_keywords (~> 0.0.1)
@@ -33,40 +32,40 @@ GEM
      ast (~> 2.4.1)
      racc
    prism (1.4.0)
    prometheus-client (4.2.5)
      base64
    puma (6.6.0)
      nio4r (~> 2.0)
    racc (1.8.1)
-    rack (3.1.16)
+    rack (3.1.13)
    rack-protection (4.1.1)
      base64 (>= 0.1.0)
      logger (>= 1.6.0)
      rack (>= 3.0.0, < 4)
-    rack-session (2.1.1)
+    rack-session (2.1.0)
      base64 (>= 0.1.0)
      rack (>= 3.0.0)
    rack-test (2.2.0)
      rack (>= 1.3)
    rackup (2.2.1)
      rack (>= 3)
    rainbow (3.1.1)
-    rake (13.3.0)
+    rake (13.2.1)
-    rbs (3.9.4)
+    rbs (3.9.2)
      logger
    regexp_parser (2.10.0)
-    rspec (3.13.1)
+    rspec (3.13.0)
      rspec-core (~> 3.13.0)
      rspec-expectations (~> 3.13.0)
      rspec-mocks (~> 3.13.0)
-    rspec-core (3.13.5)
+    rspec-core (3.13.3)
      rspec-support (~> 3.13.0)
-    rspec-expectations (3.13.5)
+    rspec-expectations (3.13.3)
      diff-lcs (>= 1.2.0, < 2.0)
      rspec-support (~> 3.13.0)
-    rspec-mocks (3.13.5)
+    rspec-mocks (3.13.2)
      diff-lcs (>= 1.2.0, < 2.0)
      rspec-support (~> 3.13.0)
-    rspec-support (3.13.4)
+    rspec-support (3.13.2)
-    rubocop (1.75.8)
+    rubocop (1.75.4)
      json (~> 2.3)
      language_server-protocol (~> 3.17.0.2)
      lint_roller (~> 1.1.0)
@@ -77,17 +76,18 @@ GEM
      rubocop-ast (>= 1.44.0, < 2.0)
      ruby-progressbar (~> 1.7)
      unicode-display_width (>= 2.4.0, < 4.0)
-    rubocop-ast (1.45.1)
+    rubocop-ast (1.44.1)
      parser (>= 3.3.7.2)
      prism (~> 1.4)
    rubocop-performance (1.25.0)
      lint_roller (~> 1.1)
      rubocop (>= 1.75.0, < 2.0)
      rubocop-ast (>= 1.38.0, < 2.0)
-    ruby-lsp (0.25.0)
+    ruby-lsp (0.23.15)
      language_server-protocol (~> 3.17.0)
      prism (>= 1.2, < 2.0)
-      rbs (>= 3, < 5)
+      rbs (>= 3, < 4)
      sorbet-runtime (>= 0.5.10782)
    ruby-progressbar (1.13.0)
    ruby2_keywords (0.0.5)
    sinatra (4.1.1)
@@ -103,10 +103,11 @@ GEM
      rack-protection (= 4.1.1)
      sinatra (= 4.1.1)
      tilt (~> 2.0)
-    standard (1.50.0)
+    sorbet-runtime (0.5.12043)
    standard (1.49.0)
      language_server-protocol (~> 3.17.0.2)
      lint_roller (~> 1.0)
-      rubocop (~> 1.75.5)
+      rubocop (~> 1.75.2)
      standard-custom (~> 1.0.0)
      standard-performance (~> 1.8)
    standard-custom (1.0.2)
@@ -115,14 +116,14 @@ GEM
    standard-performance (1.8.0)
      lint_roller (~> 1.1)
      rubocop-performance (~> 1.25.0)
-    tilt (2.6.1)
+    tilt (2.6.0)
    ulid (1.4.0)
    unicode-display_width (3.1.4)
      unicode-emoji (~> 4.0, >= 4.0.4)
    unicode-emoji (4.0.4)
    uuid7 (0.2.0)
      zeitwerk (~> 2.4)
-    zeitwerk (2.7.3)
+    zeitwerk (2.7.2)
 PLATFORMS
  ruby
@@ -130,15 +131,14 @@ PLATFORMS
 DEPENDENCIES
  anyflake
  cuid2
  httparty
  jwt
  ksuid
  minitest
  nanoid
  prometheus-client
  puma
  rack-test
  rackup
  rake
  rspec
  ruby-lsp
@@ -149,4 +149,4 @@ DEPENDENCIES
  uuid7
 BUNDLED WITH
-   2.6.9
+   2.6.8
--- a/app.rb
+++ b/app.rb
@@ -12,8 +12,6 @@ require "securerandom"
 require "random/formatter"
 require "ulid"
 require "anyflake"
 require "cuid2"
 require "ksuid"
 require "jwt"
@@ -23,17 +21,11 @@ $LOAD_PATH.unshift File.dirname(__FILE__) + "/lib"
 require "config"
-require "rack"
+VERSION = "0.1.4"
 require "prometheus/middleware/collector"
 require "prometheus/middleware/exporter"
 use Rack::Deflater
 use Prometheus::Middleware::Collector
 use Prometheus::Middleware::Exporter
 VERSION = "0.2.4"
 CHUNK_SIZE = 1024**2
 SESSION_SECRET_HEX_LENGTH = 64
 JWT_SECRET_HEX_LENGTH = 64
 DEFAULT_FLAKEY = 50
 NAME = "kubernaut".freeze
@@ -372,24 +364,6 @@ get "/snowflake" do
  end
 end
 get "/cuid2" do
  n = params.fetch(:n, 1).to_i
  stream do |out|
    n.times do |_|
      out << format("%s\n", Cuid2.generate)
    end
  end
 end
 get "/ksuid" do
  n = params.fetch(:n, 1).to_i
  stream do |out|
    n.times do |_|
      out << format("%s\n", KSUID.new)
    end
  end
 end
 post "/quit" do
  Process.kill("TERM", ppid)
  nil
@@ -406,21 +380,19 @@ get "/pid", provides: "json" do
  jsonify({ppid: ppid, pid: Process.pid}, pretty:)
 end
-get "/token", provides: "json" do
+get "/token" do
  pretty = params.key? :pretty
  exp = Time.now.to_i + SECONDS_PER_MINUTE * 2
  payload = {name: "anonymous", exp: exp, jti: Random.uuid}
  expires_at = Time.at(exp).to_datetime
-  token = JWT.encode payload, config.jwt_secret.unwrap, "HS256"
+  token = JWT.encode payload, JWT_SECRET, "HS256"
  x = {token: token, expires_at: expires_at}
-  jsonify x, pretty:
+  jsonify x
 end
 get "/token/validate" do
  token = req_headers["authorization"].split[1]
-  payload = JWT.decode token, config.jwt_secret.unwrap, true, algorithm: "HS256"
+  payload = JWT.decode token, JWT_SECRET, true, algorithm: "HS256"
  jsonify payload
 end
@@ -472,13 +444,7 @@ end
 get "/_cat/env" do
  stream do |out|
-    e = if params.key? :rack
+    ENV.sort.each do |k, v|
      env
    else
      ENV
    end
    e.sort.each do |k, v|
      out << "#{k}=#{v}\n"
    end
  end
--- a/charts/kubernaut/Chart.yaml
+++ b/charts/kubernaut/Chart.yaml
@@ -15,10 +15,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.4
+version: 0.1.4
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.2.4"
+appVersion: "0.1.4"
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -7,12 +7,8 @@ target "docker-metadata-action-alpine" {}
 target "_common" {
    args = {
-        RUBY_VERSION = "3.4.4"
+        RUBY_VERSION = "3.4.3"
    }
    platforms = [
        "linux/amd64",
        "linux/arm64",
    ]
 }
 target "bookworm" {
--- a/dockerfiles/alpine.Dockerfile
+++ b/dockerfiles/alpine.Dockerfile
@@ -1,48 +1,43 @@
-ARG RUBY_VERSION="3.4.4"
+ARG RUBY_VERSION="3.4.3"
-ARG BASE_REGISTRY="docker.io"
+FROM ruby:${RUBY_VERSION}-alpine AS base
-FROM ${BASE_REGISTRY}/ruby:${RUBY_VERSION}-alpine AS base
+WORKDIR /app
-ENV RACK_ENV="production" \
+RUN <<EOT
-  BUNDLE_DEPLOYMENT=true \
+  apk update
-  BUNDLE_PATH="/usr/local/bundle" \
+  gem update --system --no-document
-  BUNDLE_WITHOUT="development test" \
+  gem install -N bundler
-  RUBY_YJIT_ENABLE=true
+EOT
 WORKDIR /kubernaut
 RUN \
  apk update -q && \
  apk add bash jemalloc
 FROM base AS build
-RUN \
+ENV BUNDLE_DEPLOYMENT=true \
-  apk update -q && \
+  BUNDLE_WITHOUT="development test"
  apk add musl-dev gcc make && \
  apk add bash jemalloc
-COPY Gemfile Gemfile.lock ./
+RUN <<EOT
  apk add musl-dev gcc make
 EOT
-RUN \
+COPY Gemfile* .
-  bundle install && \
+
-  rm -rf ~/.bundle/ "${BUNDLE_PATH}"/ruby/*/cache "${BUNDLE_PATH}"/ruby/*/bundler/gems/*/.git
+RUN <<EOT
  bundle install
 EOT
 COPY . .
 FROM base
 ENV PORT=4567
-RUN \
+RUN adduser --home /app --disabled-password app
  addgroup --system --gid 666 kubernaut && \
  adduser --system --uid 666 --ingroup kubernaut --shell /bin/bash --disabled-password kubernaut
-COPY --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}"
+USER app:app
 COPY --from=build /kubernaut /kubernaut
-USER kubernaut:kubernaut
+COPY --from=build /usr/local/bundle /usr/local/bundle
 COPY --from=build --chown=app:app /app /app
 COPY --chown=app:app . .
 EXPOSE $PORT
-ENTRYPOINT [ "/kubernaut/dockerfiles/entrypoint.sh" ]
+CMD [ "puma" ]
 CMD [ "bundle", "exec", "puma" ]
--- a/dockerfiles/bookworm.Dockerfile
+++ b/dockerfiles/bookworm.Dockerfile
@@ -1,50 +1,44 @@
-ARG RUBY_VERSION="3.4.4"
+ARG RUBY_VERSION="3.4.3"
-ARG BASE_REGISTRY="docker.io"
+FROM ruby:${RUBY_VERSION}-slim-bookworm AS base
 ARG DEBIAN_VERSION="bookworm"
-FROM ${BASE_REGISTRY}/ruby:${RUBY_VERSION}-slim-${DEBIAN_VERSION} AS base
+WORKDIR /app
-ENV RACK_ENV="production" \
+RUN <<EOT
-  BUNDLE_DEPLOYMENT=true \
+  apt-get update
-  BUNDLE_PATH="/usr/local/bundle" \
+  gem update --system --no-document
-  BUNDLE_WITHOUT="development test" \
+  gem install -N bundler
-  RUBY_YJIT_ENABLE=true
+EOT
 WORKDIR /kubernaut
 RUN \
  apt-get update -qq && \
  apt-get install --yes --no-install-recommends libjemalloc2 && \
  rm -rf /var/lib/apt/lists /var/cache/apt/archives
 FROM base AS build
-RUN \
+ENV BUNDLE_DEPLOYMENT=true \
-  apt-get update -qq && \
+  BUNDLE_WITHOUT="development test"
  apt-get install --yes --no-install-recommends build-essential && \
  rm -rf /var/lib/apt/lists /var/cache/apt/archives
-COPY Gemfile Gemfile.lock ./
+RUN <<EOT
  apt-get install --yes --no-install-recommends gcc make libc-dev
 EOT
-RUN \
+COPY Gemfile* .
-  bundle install && \
+
-  rm -rf ~/.bundle/ "${BUNDLE_PATH}"/ruby/*/cache "${BUNDLE_PATH}"/ruby/*/bundler/gems/*/.git
+RUN <<EOT
  bundle install
 EOT
 COPY . .
 FROM base
 ENV PORT=4567
-RUN \
+# RUN useradd ruby --home /app --shell /bin/sh
-  groupadd --system --gid 666 kubernaut && \
+RUN useradd --home /app --create-home app
  useradd --system --uid 666 --gid kubernaut --create-home --shell /bin/bash kubernaut
-COPY --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}"
+USER app:app
 COPY --from=build /kubernaut /kubernaut
-USER kubernaut:kubernaut
+COPY --from=build /usr/local/bundle /usr/local/bundle
 COPY --from=build --chown=app:app /app /app
 COPY --chown=app:app . .
 EXPOSE $PORT
-ENTRYPOINT [ "/kubernaut/dockerfiles/entrypoint.sh" ]
+CMD [ "puma" ]
 CMD [ "bundle", "exec", "puma" ]
--- a/dockerfiles/entrypoint.sh
+++ b/dockerfiles/entrypoint.sh
@@ -1,15 +0,0 @@
 #!/usr/bin/env bash
 set -euo pipefail
 # output debugging info
 ruby --version
 printf "rubygems %s\n" "$(gem --version)"
 bundle version
 if [ -z "${LD_PRELOAD+x}" ]; then
    LD_PRELOAD="$(find /usr/lib -name libjemalloc.so.2 -print -quit)"
    export LD_PRELOAD
 fi
 exec "${@}"
--- a/kustomize/app/cronjob.yaml
+++ b/kustomize/app/cronjob.yaml
@@ -1,19 +0,0 @@
 apiVersion: batch/v1
 kind: CronJob
 metadata:
  name: kubernaut
 spec:
  schedule: "* * * * *"
  jobTemplate:
    spec:
      template:
        spec:
          containers:
          - name: hello
            image: busybox:1.37
            imagePullPolicy: IfNotPresent
            command:
            - /bin/sh
            - -c
            - echo "=^.^= <(meow)"
          restartPolicy: OnFailure
--- a/kustomize/app/deployment.yaml
+++ b/kustomize/app/deployment.yaml
@@ -16,24 +16,18 @@ spec:
    spec:
      containers:
        - name: kubernaut
-          image: git.kill0.net/ryanc/kubernaut:0.2.4
+          image: git.kill0.net/ryanc/kubernaut:0.1.4
-          imagePullPolicy: IfNotPresent
+          imagePullPolicy: Always
          ports:
            - name: sinatra-web
              containerPort: 4567
          env:
-            - name: KUBERNAUT_SESSION_SECRET
+            - name: SESSION_SECRET
              valueFrom:
                secretKeyRef:
-                  name: kubernaut
+                  name: kubernaut-session-secret
                  key: session_secret
                  optional: true
            - name: KUBERNAUT_JWT_SECRET
              valueFrom:
                secretKeyRef:
                  name: kubernaut
                  key: jwt_secret
                  optional: true
          envFrom:
            - configMapRef:
                name: kubernaut-configmap
--- a/kustomize/app/kustomization.yaml
+++ b/kustomize/app/kustomization.yaml
@@ -3,8 +3,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: kubernaut
 resources:
  - secret.yaml
  - configmap.yaml
  - deployment.yaml
  - hpa.yaml
  - services.yaml
  - cronjob.yaml
--- a/kustomize/app/secret.yaml
+++ b/kustomize/app/secret.yaml
@@ -0,0 +1,15 @@
 ---
 apiVersion: bitnami.com/v1alpha1
 kind: SealedSecret
 metadata:
  creationTimestamp: null
  name: kubernaut-session-secret
  namespace: kubernaut
 spec:
  encryptedData:
    session_secret: AgCY08t0AU418znEZt5d252J+lH+fwYki2g6jdJpfdRfVQjnA+b52P0KWrs/x5pB0PKab6Z3JY/Tz0SQCaoIsCR4IzUO3a095aulRqb6Qr1Lz8udBVta4JJMZLmo26tuUfVHlpD1d6J8rkBSm8vzckFLkOA1Wfl/9rS3K4qwiDogA5pI0ULghFkeEx1yKdRwPq0k8PuvOvLUJ6oNq3e5n+B/BrVWdQ+7XQxUq/AMANJrDbe+RD33f99LArHYA7bFMbY8YRazXSTAkeunpTlxTjuGZKYvJKupo29LHz2OVbZVX/hI0nZkdVpcgqvbxF6Vw9CuCeAmtKYl7A3qsAWqDLUdP3hRLsk2P9RDNhEzYWh4ml8APzziWzihdJbGEjwLy7HsHgKslM0XbBnRQDlxp/JtvcWdjQp33A+QOON32zOKHi+qJjDYyGebS1+xkPbnyb1MPSJVAtFpj7dlLbFekLFDZEbXuJYUl1wKdFOIjJHmNK/MTEV2kOhtiVj/aeKgSXwor9hR7Uxzs5ZSawp9uWw+hpr58EX6I+RtfO4yjFC6FjnagiU6SlI1Q2F7/nv82g1UWTYMpNN5bduS1YFWmsnXvK+W7YQHpSForr5ndtCSHmclbXb5Fc33sywC5u6Bi2Gu5/MW6d73BOog5BC3QtOuEQ044Q+cuU3RIlKADBqKLzZmHlmukyyGuZfXJnGjlWGKp3J1KecucTo6XC9QHpUkjXEKdlE63mOI1VuOGyBIHl60v4bnWiBg+aDZVHipz4JLKsVB0HOgBBK7+tOX6tr1GDG/F7Nz/i9ebzUV6i8Ec1jHf+2ZcTtBkNXBIkHc84+4Qd33/gOuP+lizLfIhfQ3DFWbwyfYumpVbeapyYhB0CE=
  template:
    metadata:
      creationTimestamp: null
      name: kubernaut-session-secret
      namespace: kubernaut
--- a/kustomize/kustomization.yaml
+++ b/kustomize/kustomization.yaml
@@ -6,3 +6,4 @@ metadata:
 resources:
  - namespace.yaml
  - ./app
  - ./memcached
--- a/kustomize/memcached/deployment.yaml
+++ b/kustomize/memcached/deployment.yaml
@@ -0,0 +1,21 @@
 ---
 kind: Deployment
 apiVersion: apps/v1
 metadata:
  name: kubernaut-memcached
 spec:
  selector:
    matchLabels:
      app: kubernaut-memcached
  template:
    metadata:
      labels:
        app: kubernaut-memcached
    spec:
      containers:
        - name: kubernaut-memcached
          image: memcached:latest
          ports:
            - name: memcached
              containerPort: 11211
--- a/kustomize/memcached/kustomization.yaml
+++ b/kustomize/memcached/kustomization.yaml
@@ -0,0 +1,7 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: kubernaut
 resources:
  - deployment.yaml
  - services.yaml
--- a/kustomize/memcached/services.yaml
+++ b/kustomize/memcached/services.yaml
@@ -0,0 +1,13 @@
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: kubernaut-memcached
 spec:
  ports:
    - name: memcached
      port: 11211
      targetPort: memcached
  selector:
    app: kubernaut-memcached
--- a/lib/config.rb
+++ b/lib/config.rb
@@ -1,8 +1,5 @@
 require "sensitive"
 SESSION_SECRET_HEX_LENGTH = 64
 JWT_SECRET_HEX_LENGTH = 64
 class Config
  attr_accessor :cat
@@ -12,7 +9,7 @@ class Config
    @prefix = prefix
    @cat = cat
-    session_secret ||= fetch_env "SESSION_SECRET" do
+    session_secret ||= ENV.fetch "SESSION_SECRET" do
      SecureRandom.hex SESSION_SECRET_HEX_LENGTH
    end
Author	SHA1	Message	Date
Ryan Cavicchioni	3398dc786b	don't install apt-get recommendations All checks were successful Gitea Actions Demo / lint (push) Successful in 21s Details Gitea Actions Demo / test (push) Successful in 14s Details Gitea Actions Demo / docker (push) Successful in 2m29s Details	2025-04-29 13:52:08 -05:00
Ryan Cavicchioni	9f873ffaea	set PORT and PIDFILE via environment variables Some checks failed Gitea Actions Demo / lint (push) Successful in 22s Details Gitea Actions Demo / test (push) Successful in 14s Details Gitea Actions Demo / docker (push) Has been cancelled Details	2025-04-28 15:31:09 -05:00
`@@ -1,2 +1,2 @@`
	`ARG VARIANT="3.4.4"`	`ARG VARIANT="3.4.2"`
	`FROM ghcr.io/rails/devcontainer/images/ruby:${VARIANT}`	`FROM ghcr.io/rails/devcontainer/images/ruby:${VARIANT}`