changed app to use json config for pipeline steps

readme command line usage - to specify pipeline file name
readme updated to include reasoning behind the project

use native golang sqlite

RunScriptCommand named in functionMap
removed unused functions
removed unused functions
run script and pipeline example
renamed functions to drop the word script and add pipeline verb

scripts/check_crunchy_operator.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+output=$(kubectl -n postgres-operator get pods --selector=postgres-operator.crunchydata.com/control-plane=postgres-operator --field-selector=status.phase=Running 2>&1)
+if echo "$output" | grep -iq 'running'; then
+    echo "At least one pod is running."
+else
+    echo "No running pods found."
+    exit 1
+fi

scripts/create_app_secret_ctl.sh

@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+
+
+if kubectl get secret app-key-secret -n infctl >/dev/null 2>&1; then
+  echo "Secret app-key-secret already exists in namespace infctl. Exiting."
+  exit 0
+fi
+
+generate_app_key() {
+  APP_KEY=$(docker run --rm \
+    --entrypoint /bin/sh \
+    $APP_CONTAINER \
+    -c "cd /var/www && \
+        cp .env.example .env && \
+        php artisan key:generate --force > /dev/null 2>&1 && \
+        grep 'APP_KEY' .env | sed 's/APP_KEY=//'")
+
+  APP_KEY=$(echo "$APP_KEY" | tr -d '\r\n')
+
+}
+
+generate_app_key
+
+echo "Extracted APP_KEY: $APP_KEY"
+
+kubectl create secret generic app-key-secret \
+  --from-literal=app_key="$APP_KEY" \
+  -n infctl --dry-run=client -o yaml | kubectl apply -f -

scripts/create_aws_secrets.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+echo ""
+echo ""
+
+temp_file=$(mktemp)  
+
+kubectl -n infctl create secret generic aws-credentials -o yaml --dry-run=client \
+    --from-literal access-key=$AWS_ACCESS_KEY_ID \
+    --from-literal secret-key=$AWS_SECRET_ACCESS_KEY > "$temp_file"
+
+
+kubectl apply -f $temp_file
+rm $temp_file
+
+

scripts/create_cloudflare_secret.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+if kubectl -n cert-manager get secret cloudflare-api-token-secret &>/dev/null; then
+    echo "Secret 'cloudflare-api-token-secret' already exists in 'cert-manager' namespace. Skipping."
+    exit 0
+fi
+
+kubectl create secret generic cloudflare-api-token-secret --from-literal=api-token=$API_TOKEN --namespace='cert-manager'
+

scripts/create_crunchy_ctl_secrets.sh

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+NS="postgres-operator"
+
+USER=$(kubectl -n $NS get secrets ctl-pguser-ctl-controller -o jsonpath='{.data.user}' | base64 -d)
+PASSWORD=$(kubectl -n $NS get secrets ctl-pguser-ctl-controller -o jsonpath='{.data.password}' | base64 -d)
+HOST=$(kubectl -n $NS get secrets ctl-pguser-ctl-controller -o jsonpath='{.data.host}' | base64 -d)
+PORT=$(kubectl -n $NS get secrets ctl-pguser-ctl-controller -o jsonpath='{.data.port}' | base64 -d)
+DBNAME=$(kubectl -n $NS get secrets ctl-pguser-ctl-controller -o jsonpath='{.data.dbname}' | base64 -d)
+PG_URI=$(kubectl -n $NS get secrets ctl-pguser-ctl-controller -o jsonpath='{.data.uri}' | base64 -d)
+
+SECRET_YAML=$(kubectl -n infctl create secret generic pg-credentials -o yaml --dry-run=client --from-literal=username="$USER" --from-literal=password="$PASSWORD" --from-literal=host="$HOST" --from-literal=dbname="$DBNAME")
+
+echo "$SECRET_YAML" | kubectl apply -f -
+

scripts/create_crunchy_db.sh

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+
+EXAMOPLES_DIR=/home/user/projects/crunchy/postgres-operator-examples
+
+cd $EXAMOPLES_DIR # || echo "Directory $EXAMOPLES_DIR does not exist" && exit 1
+
+kubectl apply -k kustomize/postgres
+

scripts/create_crunchy_operator.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+EXAMOPLES_DIR=/home/user/projects/crunchy/postgres-operator-examples
+
+cd $EXAMOPLES_DIR # || echo "Directory $EXAMOPLES_DIR does not exist" && exit 1
+
+pwd
+
+# exit 1
+
+kubectl apply -k kustomize/install/namespace
+kubectl apply --server-side -k kustomize/install/default

scripts/create_init_configmap_ctl.sh

@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+
+SCRIPT=scripts/init-data-ctl.sh
+
+CONFIGMAP=$(kubectl -n infctl create configmap init-data-script --from-file=init-data.sh=$SCRIPT --dry-run=client -o yaml)
+
+echo "$CONFIGMAP" | kubectl apply -f -

scripts/create_merge_data_configmap_ctl.sh

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+CREATE_CONFIGMAP=$(kubectl -n infctl create configmap merge-data-script --from-file=scripts/merge_data_ctl.sh --dry-run=client -o yaml)
+
+echo $CREATE_CONFIGMAP
+
+echo "$CREATE_CONFIGMAP" | kubectl -n infctl apply -f -
+
+if [ $? -ne 0 ]; then
+  echo "Failed to create or update the configmap."
+  exit 1
+fi
+

scripts/create_nginx_configmap_ctl.sh

@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+NGINX_CONFIGMAP=$(kubectl -n infctl create configmap nginx-config --from-file files/ctl/nginx/default.conf --dry-run=client -oyaml)
+
+if [ -z "$NGINX_CONFIGMAP" ]; then
+  echo "Failed to create NGINX configmap."
+  exit 1
+fi
+
+echo "$NGINX_CONFIGMAP" | kubectl apply -f -
+if [ $? -ne 0 ]; then
+  echo "Failed to apply NGINX configmap."
+  exit 1
+fi
+echo "NGINX configmap created successfully."

scripts/create_pg_ctl.sh

@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+cat <<EOF | kubectl apply -f -
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: pg-cluster
+  namespace: pg-cluster
+  
+spec:
+  instances: 2
+  storage:
+    size: 2Gi
+EOF

scripts/create_pg_secrets.sh

@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+
+NS="pg-cluster"
+
+USERNAME=$(kubectl -n $NS get secrets pg-cluster-app -o jsonpath='{.data.username}' | base64 -d)
+PASSWORD=$(kubectl -n $NS get secrets pg-cluster-app -o jsonpath='{.data.password}' | base64 -d)
+HOST=$(kubectl -n $NS get secrets pg-cluster-app -o jsonpath='{.data.host}' | base64 -d)
+PORT=$(kubectl -n $NS get secrets pg-cluster-app -o jsonpath='{.data.port}' | base64 -d)
+DBNAME=$(kubectl -n $NS get secrets pg-cluster-app -o jsonpath='{.data.dbname}' | base64 -d)
+PG_URI=$(kubectl -n $NS get secrets pg-cluster-app -o jsonpath='{.data.uri}' | base64 -d)
+postgres_fqdn="${HOST}.${NS}.svc.cluster.local"
+
+echo ""
+
+echo "this script needs to be sourced" 
+
+echo "then run a command to use it like "
+
+echo "" 
+
+echo 'kubectl -n infctl create secret generic pg-credentials -o yaml --dry-run=client --from-literal username=$USERNAME --from-literal password=$PASSWORD --from-literal host=$postgres_fqdn --from-literal dbname=$DBNAME'

scripts/create_php_configmap_ctl.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+
+
+NGINX_CONFIGMAP=$(kubectl -n infctl create configmap php-config --from-file files/ctl/php/local.ini --dry-run=client -oyaml)
+
+if [ -z "$NGINX_CONFIGMAP" ]; then
+  echo "Failed to create NGINX configmap."
+  exit 1
+fi
+echo "$NGINX_CONFIGMAP" | kubectl apply -f -
+if [ $? -ne 0 ]; then
+  echo "Failed to apply NGINX configmap."
+  exit 1
+fi
+echo "NGINX configmap created successfully."

scripts/create_redis_secret.sh

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+kubectl -n infctl delete secrets redis-auth
+
+kubectl get secret redis-auth -n redis -o yaml | sed "s/namespace: redis/namespace: infctl/" | kubectl apply -n infctl -f -

scripts/create_registry_secret.sh

@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+
+if kubectl get secret registry-credentials -n infctl >/dev/null 2>&1; then
+  echo "Secret 'registry-credentials' already exists in namespace 'infctl'. Skipping."
+  exit 0
+fi
+
+
+echo "Container Registry Server: $SERVER"
+
+kubectl create secret docker-registry registry-credentials \
+  --docker-server=$SERVER \
+  --docker-username=$USER \
+  --docker-password=$PASSWORD \
+  --docker-email=$EMAIL \
+  -n infctl
+
+if [ $? -ne 0 ]; then
+  echo "Error: Failed to create the docker-registry secret."
+  exit 1
+fi
+
+echo "Docker registry secret created successfully."
+

scripts/create_smtp_ctl_secrets.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+
+CREATE_SMTP_CREDS=$(kubectl -n infctl create secret generic smtp-credentials -o yaml --dry-run=client --from-literal user=$SMTP_USER --from-literal password=$SMTP_PASS)
+
+echo "$CREATE_SMTP_CREDS" | kubectl apply -f -
+

scripts/init-data-ctl.sh

@@ -0,0 +1,42 @@
+LOG_FILE="/var/log/init-data.log"
+mkdir -p /var/log
+
+
+echo "env variables" | tee -a "$LOG_FILE"
+env | tee -a "$LOG_FILE"
+ls -lirt /var/www/public | tee -a "$LOG_FILE"
+
+mkdir -p /var/www/{public,storage,database}
+
+# Function to log errors and continue
+log_error() {
+    echo "[ERROR] $1" | tee -a "$LOG_FILE"
+}
+
+# Check if public directory is empty
+if [ -z "$(find /var/www/public -type f -o -type d -not -name "lost+found" -not -path "/var/www/public" 2>/dev/null)" ]; then
+    echo "Public directory is empty, copying data from S3..." | tee -a "$LOG_FILE"
+    aws s3 cp $S3_BUCKET/assets/public.tar /var/www/public/ 2>>"$LOG_FILE" || log_error "Failed to copy public data from S3"
+else
+    echo "Public directory already has data, skipping S3 copy..." | tee -a "$LOG_FILE"
+fi
+
+# Check if storage directory is empty
+if [ -z "$(find /var/www/storage -type f -o -type d -not -name "lost+found" -not -path "/var/www/storage" 2>/dev/null)" ]; then
+    echo "Storage directory is empty, copying data from S3..." | tee -a "$LOG_FILE"
+    aws s3 cp $S3_BUCKET/assets/storage.tar /var/www/storage/ 2>>"$LOG_FILE" || log_error "Failed to copy storage data from S3"
+else
+    echo "Storage directory already has data, skipping S3 copy..." | tee -a "$LOG_FILE"
+fi
+
+# Check if database directory is empty
+if [ -z "$(ls -A /var/www/database 2>/dev/null)" ]; then
+    echo "Database directory is empty, copying data from S3..." | tee -a "$LOG_FILE"
+    aws s3 cp $S3_BUCKET/assets/database.tar /var/www/database/ 2>>"$LOG_FILE" || log_error "Failed to copy database data from S3"
+else
+    echo "Database directory already has data, skipping S3 copy..." | tee -a "$LOG_FILE"
+fi
+
+
+
+echo "Script completed. Check $LOG_FILE for details."

scripts/install_cert-manager.sh

@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+
+if kubectl -n cert-manager get pods 2>/dev/null | grep -q 'Running'; then
+    echo "cert-manager pods already running. Skipping installation."
+    exit 0
+fi
+
+
+
+
+kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.17.2/cert-manager.yaml

scripts/install_cloudnative_pg.sh

@@ -0,0 +1,37 @@
+#!/usr/bin/env bash
+
+if kubectl -n cnpg-system get pods | grep cnpg &>/dev/null; then
+    echo "CloudNativePG pods already running. Skipping installation."
+    exit 0
+fi
+
+
+
+
+
+
+echo "Installing CloudNativePG..."
+
+helm repo add cnpg https://cloudnative-pg.github.io/charts
+helm upgrade --install cnpg \
+  --namespace cnpg-system \
+  --set config.clusterWide=true \
+  --skip-crds \
+  --force \
+  cnpg/cloudnative-pg
+
+
+# had to do this
+
+# kubectl get mutatingwebhookconfiguration,validatingwebhookconfiguration,crd -A | grep cnpg
+# Delete Conflicting Resources (if safe to do so):
+
+# kubtctl delete <anyting in the above list> 
+
+
+
+
+
+# kubectl apply -f https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/release-1.17/releases/cnpg-1.17.5.yaml
+
+# kubectl patch configmap cnpg-config -n cnpg-system --type merge -p '{"data":{"config":"clusterWide: true"}}'

scripts/install_longhorn.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+# Check if there are any pods in the longhorn-system namespace
+if kubectl -n longhorn-system get pods --no-headers 2>/dev/null | grep -q '^[^ ]'; then
+  echo "Pods already exist in the longhorn-system namespace. Skipping installation."
+  exit 0
+fi
+
+kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/v1.8.1/deploy/longhorn.yaml

scripts/install_traefik.sh

@@ -0,0 +1,168 @@
+#!/usr/bin/env bash
+
+if kubectl -n traefik get pods --no-headers 2>/dev/null | grep -q 'Running'; then
+  echo "Traefik is already running in the 'traefik' namespace. Upgrading instead."
+  
+  # Create a temporary values file for more complex configuration
+  cat > /tmp/traefik-values.yaml <<EOF
+ports:
+  web:
+    port: 80
+  websecure:
+    port: 443
+  traefik:
+    port: 9000
+  turn-tcp:
+    port: 1194
+    exposedPort: 1194
+    protocol: TCP
+  turn-udp:
+    port: 1194
+    exposedPort: 1194
+    protocol: UDP
+entryPoints:
+  turn-tcp:
+    address: ":1194/tcp"
+  turn-udp:
+    address: ":1194/udp"
+api:
+  dashboard: true
+  insecure: true
+ingressRoute:
+  dashboard:
+    enabled: true
+ping: true
+log:
+  level: INFO
+# Add this service section to expose the ports properly
+service:
+  enabled: true
+  type: LoadBalancer
+  annotations: {}
+  ports:
+    web:
+      port: 80
+      protocol: TCP
+      targetPort: web
+    websecure:
+      port: 443
+      protocol: TCP
+      targetPort: websecure
+    turn-tcp:
+      port: 1194
+      protocol: TCP
+      targetPort: turn-tcp
+    turn-udp:
+      port: 1194
+      protocol: UDP
+      targetPort: turn-udp
+EOF
+
+  helm upgrade traefik traefik/traefik --namespace traefik -f /tmp/traefik-values.yaml
+  
+else
+  echo "Installing Traefik..."
+  
+  helm repo add traefik https://traefik.github.io/charts
+  helm repo update
+  
+  # Create a temporary values file for more complex configuration
+  cat > /tmp/traefik-values.yaml <<EOF
+ports:
+  web:
+    port: 80
+  websecure:
+    port: 443
+  traefik:
+    port: 9000
+  turn-tcp:
+    port: 1194
+    exposedPort: 1194
+    protocol: TCP
+  turn-udp:
+    port: 1194
+    exposedPort: 1194
+    protocol: UDP
+entryPoints:
+  turn-tcp:
+    address: ":1194/tcp"
+  turn-udp:
+    address: ":1194/udp"
+api:
+  dashboard: true
+  insecure: true
+ingressRoute:
+  dashboard:
+    enabled: true
+ping: true
+log:
+  level: INFO
+# Add the service section here too for new installations
+service:
+  enabled: true
+  type: LoadBalancer
+  annotations: {}
+  ports:
+    web:
+      port: 80
+      protocol: TCP
+      targetPort: web
+    websecure:
+      port: 443
+      protocol: TCP
+      targetPort: websecure
+    turn-tcp:
+      port: 1194
+      protocol: TCP
+      targetPort: turn-tcp
+    turn-udp:
+      port: 1194
+      protocol: UDP
+      targetPort: turn-udp
+EOF
+
+  helm install traefik traefik/traefik --namespace traefik --create-namespace -f /tmp/traefik-values.yaml
+fi
+
+
+
+cat > traefik-turn-service.yaml << EOF
+apiVersion: v1
+kind: Service
+metadata:
+  name: traefik-turn
+  namespace: traefik
+  labels:
+    app.kubernetes.io/instance: traefik-traefik
+    app.kubernetes.io/name: traefik
+spec:
+  type: LoadBalancer
+  ports:
+  - name: turn-tcp
+    port: 1194
+    protocol: TCP
+    targetPort: turn-tcp
+  - name: turn-udp
+    port: 1194
+    protocol: UDP
+    targetPort: turn-udp
+  selector:
+    app.kubernetes.io/instance: traefik-traefik
+    app.kubernetes.io/name: traefik
+EOF
+
+kubectl apply -f traefik-turn-service.yaml
+
+rm -f traefik-turn-service.yaml
+
+
+
+
+
+echo "Don't forget to create TCP and UDP ingress routes for the TURN server with:"
+echo "kubectl apply -f k8s-manifests/galene/ingressroute-tcp.yaml"
+echo "kubectl apply -f k8s-manifests/galene/ingressroute-udp.yaml"
+echo ""
+echo "To access the dashboard:"
+echo "kubectl port-forward -n traefik \$(kubectl get pods -n traefik -l \"app.kubernetes.io/name=traefik\" -o name) 9000:9000"
+echo "Then visit http://localhost:9000/dashboard/ in your browser"

scripts/redis_secret.sh

@@ -0,0 +1,30 @@
+#!/usr/bin/env bash
+
+NAMESPACE=redis
+REDIS_SECRET=redis-auth
+
+generate_password() {
+  pwgen 32 1
+}
+
+REDIS_PASSWORD=$(generate_password)
+
+NAMESPACE_EXISTS=$(kubectl get namespace $NAMESPACE --ignore-not-found)
+if [ -z "$NAMESPACE_EXISTS" ]; then
+  echo "Creating namespace $NAMESPACE"
+  kubectl create namespace $NAMESPACE
+else
+  echo "Namespace $NAMESPACE already exists"
+fi
+
+REDIS_SECRET_EXISTS=$(kubectl get secret $REDIS_SECRET -n $NAMESPACE --ignore-not-found)
+if [ -z "$REDIS_SECRET_EXISTS" ]; then
+  echo "Creating secret $REDIS_SECRET in namespace $NAMESPACE"
+  kubectl create secret generic $REDIS_SECRET -n $NAMESPACE \
+    --from-literal=password=$REDIS_PASSWORD \
+  --dry-run=client -o yaml | kubectl apply -f -
+else
+  echo "Secret $REDIS_SECRET already exists in namespace $NAMESPACE"
+fi
+
+