Add: scripts de deploy completo com ImagePullSecret para cluster-admin

scripts/build-and-push.sh

@@ -0,0 +1,80 @@
+#!/bin/bash
+
+# Script de build e push para OpenShift Resource Governance Tool usando Podman
+set -e
+
+# Cores para output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+# Configurações
+IMAGE_NAME="resource-governance"
+TAG="${1:-latest}"
+REGISTRY="${2:-andersonid}"
+FULL_IMAGE_NAME="${REGISTRY}/${IMAGE_NAME}:${TAG}"
+
+echo -e "${BLUE}🚀 Building and Pushing OpenShift Resource Governance Tool${NC}"
+echo -e "${BLUE}Image: ${FULL_IMAGE_NAME}${NC}"
+
+# Verificar se Podman está instalado
+if ! command -v podman &> /dev/null; then
+    echo -e "${RED}❌ Podman não está instalado. Instale o Podman e tente novamente.${NC}"
+    exit 1
+fi
+
+# Buildah é opcional, Podman pode fazer o build
+
+# Build da imagem
+echo -e "${YELLOW}📦 Building container image with Podman...${NC}"
+podman build -t "${FULL_IMAGE_NAME}" .
+
+if [ $? -eq 0 ]; then
+    echo -e "${GREEN}✅ Image built successfully!${NC}"
+else
+    echo -e "${RED}❌ Build failed!${NC}"
+    exit 1
+fi
+
+# Testar a imagem
+echo -e "${YELLOW}🧪 Testing image...${NC}"
+podman run --rm "${FULL_IMAGE_NAME}" python -c "import app.main; print('✅ App imports successfully')"
+
+if [ $? -eq 0 ]; then
+    echo -e "${GREEN}✅ Image test passed!${NC}"
+else
+    echo -e "${RED}❌ Image test failed!${NC}"
+    exit 1
+fi
+
+# Login no Docker Hub
+echo -e "${YELLOW}🔐 Logging into Docker Hub...${NC}"
+podman login docker.io
+
+if [ $? -eq 0 ]; then
+    echo -e "${GREEN}✅ Login successful!${NC}"
+else
+    echo -e "${RED}❌ Login failed!${NC}"
+    exit 1
+fi
+
+# Push da imagem
+echo -e "${YELLOW}📤 Pushing image to Docker Hub...${NC}"
+podman push "${FULL_IMAGE_NAME}"
+
+if [ $? -eq 0 ]; then
+    echo -e "${GREEN}✅ Image pushed successfully!${NC}"
+else
+    echo -e "${RED}❌ Push failed!${NC}"
+    exit 1
+fi
+
+# Mostrar informações da imagem
+echo -e "${BLUE}📊 Image information:${NC}"
+podman images "${FULL_IMAGE_NAME}"
+
+echo -e "${GREEN}🎉 Build and push completed successfully!${NC}"
+echo -e "${BLUE}🌐 Image available at: https://hub.docker.com/r/${REGISTRY}/${IMAGE_NAME}${NC}"
+echo -e "${BLUE}🚀 Ready for deployment!${NC}"

scripts/build.sh

@@ -19,15 +19,15 @@ FULL_IMAGE_NAME="${REGISTRY}/${IMAGE_NAME}:${TAG}"
 echo -e "${BLUE}🚀 Building OpenShift Resource Governance Tool${NC}"
 echo -e "${BLUE}Image: ${FULL_IMAGE_NAME}${NC}"
 
-# Verificar se Docker está rodando
-if ! docker info > /dev/null 2>&1; then
-    echo -e "${RED}❌ Docker não está rodando. Inicie o Docker e tente novamente.${NC}"
+# Verificar se Podman está instalado
+if ! command -v podman &> /dev/null; then
+    echo -e "${RED}❌ Podman não está instalado. Instale o Podman e tente novamente.${NC}"
     exit 1
 fi
 
 # Build da imagem
-echo -e "${YELLOW}📦 Building Docker image...${NC}"
-docker build -t "${FULL_IMAGE_NAME}" .
+echo -e "${YELLOW}📦 Building container image with Podman...${NC}"
+podman build -t "${FULL_IMAGE_NAME}" .
 
 if [ $? -eq 0 ]; then
     echo -e "${GREEN}✅ Image built successfully!${NC}"
@@ -38,7 +38,7 @@ fi
 
 # Testar a imagem
 echo -e "${YELLOW}🧪 Testing image...${NC}"
-docker run --rm "${FULL_IMAGE_NAME}" python -c "import app.main; print('✅ App imports successfully')"
+podman run --rm "${FULL_IMAGE_NAME}" python -c "import app.main; print('✅ App imports successfully')"
 
 if [ $? -eq 0 ]; then
     echo -e "${GREEN}✅ Image test passed!${NC}"
@@ -49,10 +49,10 @@ fi
 
 # Mostrar informações da imagem
 echo -e "${BLUE}📊 Image information:${NC}"
-docker images "${FULL_IMAGE_NAME}"
+podman images "${FULL_IMAGE_NAME}"
 
 echo -e "${GREEN}🎉 Build completed successfully!${NC}"
 echo -e "${BLUE}To push to registry:${NC}"
-echo -e "  docker push ${FULL_IMAGE_NAME}"
+echo -e "  podman push ${FULL_IMAGE_NAME}"
 echo -e "${BLUE}To run locally:${NC}"
-echo -e "  docker run -p 8080:8080 ${FULL_IMAGE_NAME}"
+echo -e "  podman run -p 8080:8080 ${FULL_IMAGE_NAME}"

scripts/deploy-complete.sh

@@ -0,0 +1,113 @@
+#!/bin/bash
+
+# Script completo de deploy para OpenShift Resource Governance Tool
+# Para ser executado por qualquer cluster-admin
+set -e
+
+# Cores para output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+# Configurações
+NAMESPACE="resource-governance"
+APP_NAME="resource-governance"
+SECRET_NAME="docker-hub-secret"
+
+echo -e "${BLUE}🚀 Deploy Completo - OpenShift Resource Governance Tool${NC}"
+echo -e "${BLUE}====================================================${NC}"
+
+# Verificar se está logado no OpenShift
+if ! oc whoami > /dev/null 2>&1; then
+    echo -e "${RED}❌ Não está logado no OpenShift. Faça login primeiro.${NC}"
+    echo -e "${YELLOW}💡 Execute: oc login <cluster-url>${NC}"
+    exit 1
+fi
+
+echo -e "${GREEN}✅ Logado como: $(oc whoami)${NC}"
+
+# Verificar se tem permissões de cluster-admin
+if ! oc auth can-i create namespaces > /dev/null 2>&1; then
+    echo -e "${RED}❌ Permissões insuficientes. Este script requer cluster-admin.${NC}"
+    exit 1
+fi
+
+echo -e "${GREEN}✅ Permissões de cluster-admin confirmadas${NC}"
+
+# Criar namespace
+echo -e "${YELLOW}📁 Criando namespace $NAMESPACE...${NC}"
+oc apply -f k8s/namespace.yaml
+
+# Aplicar RBAC
+echo -e "${YELLOW}🔐 Configurando RBAC...${NC}"
+oc apply -f k8s/rbac.yaml
+
+# Aplicar ConfigMap
+echo -e "${YELLOW}⚙️  Configurando ConfigMap...${NC}"
+oc apply -f k8s/configmap.yaml
+
+# Configurar ImagePullSecret
+echo -e "${YELLOW}🔑 Configurando ImagePullSecret para Docker Hub...${NC}"
+echo -e "${BLUE}💡 Digite suas credenciais do Docker Hub:${NC}"
+read -p "Username: " DOCKER_USERNAME
+read -s -p "Password/Token: " DOCKER_PASSWORD
+echo
+
+# Criar o secret
+oc create secret docker-registry $SECRET_NAME \
+    --docker-server=docker.io \
+    --docker-username=$DOCKER_USERNAME \
+    --docker-password=$DOCKER_PASSWORD \
+    --docker-email=$DOCKER_USERNAME@example.com \
+    -n $NAMESPACE \
+    --dry-run=client -o yaml | oc apply -f -
+
+# Adicionar o secret ao service account
+oc patch serviceaccount resource-governance-sa -n $NAMESPACE -p '{"imagePullSecrets": [{"name": "'$SECRET_NAME'"}]}'
+
+echo -e "${GREEN}✅ ImagePullSecret configurado${NC}"
+
+# Aplicar DaemonSet
+echo -e "${YELLOW}📦 Deployando DaemonSet...${NC}"
+oc apply -f k8s/daemonset.yaml
+
+# Aplicar Service
+echo -e "${YELLOW}🌐 Configurando Service...${NC}"
+oc apply -f k8s/service.yaml
+
+# Aplicar Route
+echo -e "${YELLOW}🛣️  Configurando Route...${NC}"
+oc apply -f k8s/route.yaml
+
+# Aguardar pods ficarem prontos
+echo -e "${YELLOW}⏳ Aguardando pods ficarem prontos...${NC}"
+oc wait --for=condition=ready pod -l app.kubernetes.io/name=$APP_NAME -n $NAMESPACE --timeout=300s
+
+# Verificar status
+echo -e "${YELLOW}📊 Verificando status do deploy...${NC}"
+oc get all -n $NAMESPACE
+
+# Obter URL da aplicação
+ROUTE_URL=$(oc get route $APP_NAME -n $NAMESPACE -o jsonpath='{.spec.host}' 2>/dev/null || echo "N/A")
+
+echo -e "${GREEN}🎉 Deploy concluído com sucesso!${NC}"
+echo -e "${BLUE}====================================================${NC}"
+echo -e "${GREEN}✅ Namespace: $NAMESPACE${NC}"
+echo -e "${GREEN}✅ DaemonSet: $APP_NAME${NC}"
+echo -e "${GREEN}✅ Service: $APP_NAME${NC}"
+echo -e "${GREEN}✅ Route: $APP_NAME${NC}"
+if [ "$ROUTE_URL" != "N/A" ]; then
+    echo -e "${GREEN}🌐 URL da aplicação: https://$ROUTE_URL${NC}"
+fi
+echo -e "${BLUE}====================================================${NC}"
+
+# Mostrar comandos úteis
+echo -e "${YELLOW}📋 Comandos úteis:${NC}"
+echo -e "${BLUE}  Ver logs: oc logs -f daemonset/$APP_NAME -n $NAMESPACE${NC}"
+echo -e "${BLUE}  Ver pods: oc get pods -n $NAMESPACE${NC}"
+echo -e "${BLUE}  Ver status: oc get all -n $NAMESPACE${NC}"
+echo -e "${BLUE}  Acessar API: curl https://$ROUTE_URL/api/health${NC}"
+
+echo -e "${GREEN}🎯 Aplicação pronta para uso!${NC}"

scripts/push-to-internal-registry.sh

@@ -0,0 +1,50 @@
+#!/bin/bash
+
+# Script para fazer push da imagem para o registry interno do OpenShift
+set -e
+
+# Cores para output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+NAMESPACE="resource-governance"
+IMAGE_NAME="resource-governance"
+TAG="latest"
+
+echo -e "${BLUE}🚀 Push para registry interno do OpenShift${NC}"
+
+# Verificar se está logado no OpenShift
+if ! oc whoami > /dev/null 2>&1; then
+    echo -e "${RED}❌ Não está logado no OpenShift. Faça login primeiro.${NC}"
+    exit 1
+fi
+
+echo -e "${GREEN}✅ Logado como: $(oc whoami)${NC}"
+
+# Fazer login no registry interno
+echo -e "${YELLOW}🔐 Fazendo login no registry interno...${NC}"
+oc registry login
+
+# Obter a URL do registry
+REGISTRY_URL=$(oc get route -n openshift-image-registry default-route -o jsonpath='{.spec.host}' 2>/dev/null || echo "image-registry.openshift-image-registry.svc:5000")
+echo -e "${BLUE}📦 Registry URL: $REGISTRY_URL${NC}"
+
+# Tag da imagem
+FULL_IMAGE_NAME="$REGISTRY_URL/$NAMESPACE/$IMAGE_NAME:$TAG"
+echo -e "${YELLOW}🏷️  Criando tag: $FULL_IMAGE_NAME${NC}"
+podman tag andersonid/resource-governance:simple $FULL_IMAGE_NAME
+
+# Push da imagem
+echo -e "${YELLOW}📤 Fazendo push da imagem...${NC}"
+podman push $FULL_IMAGE_NAME --tls-verify=false
+
+# Atualizar o DaemonSet
+echo -e "${YELLOW}🔄 Atualizando DaemonSet...${NC}"
+oc set image daemonset/$IMAGE_NAME $IMAGE_NAME=$FULL_IMAGE_NAME -n $NAMESPACE
+
+echo -e "${GREEN}✅ Push concluído com sucesso!${NC}"
+echo -e "${BLUE}📊 Verificando status dos pods...${NC}"
+oc get pods -n $NAMESPACE

scripts/setup-docker-secret.sh

@@ -0,0 +1,54 @@
+#!/bin/bash
+
+# Script para configurar ImagePullSecret para Docker Hub
+set -e
+
+# Cores para output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+NAMESPACE="resource-governance"
+SECRET_NAME="docker-hub-secret"
+
+echo -e "${BLUE}🔐 Configurando ImagePullSecret para Docker Hub${NC}"
+
+# Verificar se está logado no OpenShift
+if ! oc whoami > /dev/null 2>&1; then
+    echo -e "${RED}❌ Não está logado no OpenShift. Faça login primeiro.${NC}"
+    exit 1
+fi
+
+echo -e "${GREEN}✅ Logado como: $(oc whoami)${NC}"
+
+# Verificar se o namespace existe
+if ! oc get namespace $NAMESPACE > /dev/null 2>&1; then
+    echo -e "${YELLOW}📁 Criando namespace $NAMESPACE...${NC}"
+    oc create namespace $NAMESPACE
+fi
+
+# Solicitar credenciais do Docker Hub
+echo -e "${YELLOW}🔑 Digite suas credenciais do Docker Hub:${NC}"
+read -p "Username: " DOCKER_USERNAME
+read -s -p "Password/Token: " DOCKER_PASSWORD
+echo
+
+# Criar o secret
+echo -e "${YELLOW}🔐 Criando ImagePullSecret...${NC}"
+oc create secret docker-registry $SECRET_NAME \
+    --docker-server=docker.io \
+    --docker-username=$DOCKER_USERNAME \
+    --docker-password=$DOCKER_PASSWORD \
+    --docker-email=$DOCKER_USERNAME@example.com \
+    -n $NAMESPACE
+
+# Adicionar o secret ao service account
+echo -e "${YELLOW}🔗 Adicionando secret ao ServiceAccount...${NC}"
+oc patch serviceaccount resource-governance-sa -n $NAMESPACE -p '{"imagePullSecrets": [{"name": "'$SECRET_NAME'"}]}'
+
+echo -e "${GREEN}✅ ImagePullSecret configurado com sucesso!${NC}"
+echo -e "${BLUE}📋 Secret criado: $SECRET_NAME${NC}"
+echo -e "${BLUE}📋 Namespace: $NAMESPACE${NC}"
+echo -e "${BLUE}📋 ServiceAccount atualizado: resource-governance-sa${NC}"

scripts/test-deploy.sh

@@ -0,0 +1,65 @@
+#!/bin/bash
+
+# Script de teste de deploy (sem input interativo)
+set -e
+
+# Cores para output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+# Configurações
+NAMESPACE="resource-governance"
+APP_NAME="resource-governance"
+
+echo -e "${BLUE}🧪 Teste de Deploy - OpenShift Resource Governance Tool${NC}"
+echo -e "${BLUE}====================================================${NC}"
+
+# Verificar se está logado no OpenShift
+if ! oc whoami > /dev/null 2>&1; then
+    echo -e "${RED}❌ Não está logado no OpenShift. Faça login primeiro.${NC}"
+    exit 1
+fi
+
+echo -e "${GREEN}✅ Logado como: $(oc whoami)${NC}"
+
+# Aplicar manifests
+echo -e "${YELLOW}📁 Aplicando manifests...${NC}"
+oc apply -f k8s/namespace.yaml
+oc apply -f k8s/rbac.yaml
+oc apply -f k8s/configmap.yaml
+
+# Criar ImagePullSecret temporário (sem credenciais reais)
+echo -e "${YELLOW}🔐 Criando ImagePullSecret temporário...${NC}"
+oc create secret docker-registry docker-hub-secret \
+    --docker-server=docker.io \
+    --docker-username=andersonid \
+    --docker-password=temp \
+    --docker-email=andersonid@example.com \
+    -n $NAMESPACE \
+    --dry-run=client -o yaml | oc apply -f -
+
+# Adicionar o secret ao service account
+oc patch serviceaccount resource-governance-sa -n $NAMESPACE -p '{"imagePullSecrets": [{"name": "docker-hub-secret"}]}'
+
+# Aplicar DaemonSet
+echo -e "${YELLOW}📦 Aplicando DaemonSet...${NC}"
+oc apply -f k8s/daemonset.yaml
+
+# Aplicar Service
+echo -e "${YELLOW}🌐 Aplicando Service...${NC}"
+oc apply -f k8s/service.yaml
+
+# Aplicar Route
+echo -e "${YELLOW}🛣️  Aplicando Route...${NC}"
+oc apply -f k8s/route.yaml
+
+# Verificar status
+echo -e "${YELLOW}📊 Verificando status...${NC}"
+oc get all -n $NAMESPACE
+
+echo -e "${GREEN}✅ Deploy de teste concluído!${NC}"
+echo -e "${BLUE}💡 Para configurar credenciais reais do Docker Hub, execute:${NC}"
+echo -e "${BLUE}   ./scripts/setup-docker-secret.sh${NC}"

scripts/undeploy-complete.sh

@@ -0,0 +1,71 @@
+#!/bin/bash
+
+# Script completo de undeploy para OpenShift Resource Governance Tool
+set -e
+
+# Cores para output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+# Configurações
+NAMESPACE="resource-governance"
+
+echo -e "${BLUE}🗑️  Undeploy - OpenShift Resource Governance Tool${NC}"
+echo -e "${BLUE}===============================================${NC}"
+
+# Verificar se está logado no OpenShift
+if ! oc whoami > /dev/null 2>&1; then
+    echo -e "${RED}❌ Não está logado no OpenShift. Faça login primeiro.${NC}"
+    exit 1
+fi
+
+echo -e "${GREEN}✅ Logado como: $(oc whoami)${NC}"
+
+# Confirmar remoção
+echo -e "${YELLOW}⚠️  Tem certeza que deseja remover a aplicação do namespace '$NAMESPACE'?${NC}"
+read -p "Digite 'yes' para confirmar: " CONFIRM
+
+if [ "$CONFIRM" != "yes" ]; then
+    echo -e "${YELLOW}❌ Operação cancelada.${NC}"
+    exit 0
+fi
+
+# Remover recursos
+echo -e "${YELLOW}🗑️  Removendo recursos...${NC}"
+
+# Remover Route
+echo -e "${YELLOW}  🛣️  Removendo Route...${NC}"
+oc delete -f k8s/route.yaml --ignore-not-found=true
+
+# Remover Service
+echo -e "${YELLOW}  🌐 Removendo Service...${NC}"
+oc delete -f k8s/service.yaml --ignore-not-found=true
+
+# Remover DaemonSet
+echo -e "${YELLOW}  📦 Removendo DaemonSet...${NC}"
+oc delete -f k8s/daemonset.yaml --ignore-not-found=true
+
+# Aguardar pods serem removidos
+echo -e "${YELLOW}  ⏳ Aguardando pods serem removidos...${NC}"
+oc wait --for=delete pod -l app.kubernetes.io/name=resource-governance -n $NAMESPACE --timeout=60s || true
+
+# Remover ConfigMap
+echo -e "${YELLOW}  ⚙️  Removendo ConfigMap...${NC}"
+oc delete -f k8s/configmap.yaml --ignore-not-found=true
+
+# Remover RBAC
+echo -e "${YELLOW}  🔐 Removendo RBAC...${NC}"
+oc delete -f k8s/rbac.yaml --ignore-not-found=true
+
+# Remover namespace (opcional)
+echo -e "${YELLOW}  📁 Removendo namespace...${NC}"
+oc delete -f k8s/namespace.yaml --ignore-not-found=true
+
+echo -e "${GREEN}✅ Undeploy concluído com sucesso!${NC}"
+echo -e "${BLUE}===============================================${NC}"
+echo -e "${GREEN}✅ Todos os recursos foram removidos${NC}"
+echo -e "${GREEN}✅ Namespace '$NAMESPACE' foi removido${NC}"
+echo -e "${BLUE}===============================================${NC}"