From e6bfb5ecda10c395a0d6309b33440e98b0bb675f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Paul=20Gro=C3=9Fmann?= Date: Thu, 17 Jul 2025 23:40:17 +0200 Subject: [PATCH 1/6] Add Kubernetes deployment workflow and configuration files --- .github/workflows/README.md | 57 +++++++++++++++++++++++++++++++ .github/workflows/deploy.yml | 65 ++++++++++++++++++++++++++++++++++++ k8s/deployment.yml | 19 +++++++++++ k8s/ingress.yml | 18 ++++++++++ k8s/service.yml | 11 ++++++ 5 files changed, 170 insertions(+) create mode 100644 .github/workflows/README.md create mode 100644 .github/workflows/deploy.yml create mode 100644 k8s/deployment.yml create mode 100644 k8s/ingress.yml create mode 100644 k8s/service.yml diff --git a/.github/workflows/README.md b/.github/workflows/README.md new file mode 100644 index 0000000..a5d1ae0 --- /dev/null +++ b/.github/workflows/README.md @@ -0,0 +1,57 @@ +# Kubernetes Deployment Workflow + +This workflow automates the process of building a Docker image for the public-wiki application, pushing it to the GitHub Container Registry (ghcr.io), and deploying it to a Kubernetes cluster. + +## How it Works + +The workflow is defined in `deploy.yml` and consists of two main jobs: + +1. **`build-and-push`**: This job is responsible for: + * Checking out the repository's code. + * Logging into the GitHub Container Registry. + * Building the Docker image using the `Dockerfile` in the root of the project. + * Pushing the built image to the GitHub Container Registry, tagged with the Git SHA of the commit. + +2. **`deploy`**: This job depends on the successful completion of `build-and-push` and is responsible for: + * Checking out the repository's code. + * Setting up `kubectl` with the credentials to access your Kubernetes cluster. + * Updating the `k8s/deployment.yml` to use the newly built Docker image. + * Applying the Kubernetes manifests (`deployment.yml`, `service.yml`, and `ingress.yml`) located in the `k8s/` directory to the cluster. + +## Triggers + +The workflow is automatically triggered on any `push` event to the following branches: + +* `main` +* `dev` + +## Prerequisites + +Before this workflow can run successfully, you must configure a secret in your GitHub repository. + +### `KUBE_CONFIG_DATA` + +This secret is required for the `deploy` job to authenticate with your Kubernetes cluster. It should contain the base64-encoded content of your `kubeconfig` file. + +To create this secret: + +1. Go to your GitHub repository's **Settings**. +2. Navigate to **Secrets and variables** > **Actions**. +3. Click on **New repository secret**. +4. Name the secret `KUBE_CONFIG_DATA`. +5. For the value, you need to provide the base64-encoded version of your `kubeconfig` file. You can get this by running the following command in your terminal: + + ```bash + cat ~/.kube/config | base64 + ``` + + If you are on Windows using PowerShell, you can use: + + ```powershell + [Convert]::ToBase64String([System.IO.File]::ReadAllBytes("$env:USERPROFILE\.kube\config")) + ``` + +6. Copy the output of the command and paste it into the "Value" field of the secret. +7. Click **Add secret**. + +Once the secret is configured, the workflow will be able to deploy your application to your Kubernetes cluster whenever you push changes to the `main` or `dev` branches. diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..7bb5808 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,65 @@ +name: Deploy to Kubernetes + +on: + push: + branches: + - main + - dev + +env: + IMAGE_NAME: ghcr.io/${{ github.repository }}:${{ github.sha }} + +jobs: + build-and-push: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Log in to the Container registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push Docker image + uses: docker/build-push-action@v4 + with: + context: . + push: true + tags: ${{ env.IMAGE_NAME }} + + deploy: + runs-on: ubuntu-latest + needs: build-and-push + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set up kubectl + uses: azure/k8s-set-context@v3 + with: + method: kubeconfig + kubeconfig: ${{ secrets.KUBE_CONFIG_DATA }} + + - name: Deploy to Kubernetes + run: | + if [ "${{ github.ref_name }}" = "main" ]; then + INGRESS_HOST="wiki.coregame.de" + elif [ "${{ github.ref_name }}" = "dev" ]; then + INGRESS_HOST="dev.wiki.coregame.de" + else + echo "Branch is not main or dev, skipping ingress update." + exit 1 + fi + sed -i "s|IMAGE_TAG|${{ env.IMAGE_NAME }}|g" k8s/deployment.yml + sed -i "s|INGRESS_HOST|$INGRESS_HOST|g" k8s/ingress.yml + kubectl apply -f k8s/deployment.yml + kubectl apply -f k8s/service.yml + kubectl apply -f k8s/ingress.yml diff --git a/k8s/deployment.yml b/k8s/deployment.yml new file mode 100644 index 0000000..ffc1d35 --- /dev/null +++ b/k8s/deployment.yml @@ -0,0 +1,19 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: public-wiki +spec: + replicas: 1 + selector: + matchLabels: + app: public-wiki + template: + metadata: + labels: + app: public-wiki + spec: + containers: + - name: public-wiki + image: IMAGE_TAG + ports: + - containerPort: 3000 diff --git a/k8s/ingress.yml b/k8s/ingress.yml new file mode 100644 index 0000000..f9aa089 --- /dev/null +++ b/k8s/ingress.yml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: public-wiki-ingress + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / +spec: + rules: + - host: INGRESS_HOST + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: public-wiki + port: + number: 80 diff --git a/k8s/service.yml b/k8s/service.yml new file mode 100644 index 0000000..e779618 --- /dev/null +++ b/k8s/service.yml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: public-wiki +spec: + selector: + app: public-wiki + ports: + - protocol: TCP + port: 80 + targetPort: 3000 From 50c7a419dec8097a9556a99e3160cac7b6493153 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Paul=20Gro=C3=9Fmann?= Date: Thu, 17 Jul 2025 23:51:04 +0200 Subject: [PATCH 2/6] Update deployment workflow to use self-hosted runners and enhance Kubeconfig setup --- .github/workflows/deploy.yml | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 7bb5808..2608fe5 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -11,7 +11,7 @@ env: jobs: build-and-push: - runs-on: ubuntu-latest + runs-on: self-hosted permissions: contents: read packages: write @@ -42,11 +42,28 @@ jobs: - name: Checkout repository uses: actions/checkout@v3 - - name: Set up kubectl - uses: azure/k8s-set-context@v3 - with: - method: kubeconfig - kubeconfig: ${{ secrets.KUBE_CONFIG_DATA }} + - name: Set up Kubeconfig + env: + KUBECONFIG_DATA: ${{ secrets.KUBE_CONFIG_DATA }} + run: | + mkdir -p ~/.kube + + # Decode and write kubeconfig + echo "${KUBECONFIG_DATA}" | base64 -d > ~/.kube/config + + # Verify kubeconfig was decoded properly + if [ ! -s ~/.kube/config ]; then + echo "❌ ERROR: Kubeconfig file is empty after decoding!" + echo "Please verify that KUBECONFIG_DATA secret contains valid base64 encoded kubeconfig" + exit 1 + fi + + # Set proper permissions + chmod 600 ~/.kube/config + + # Verify connection + echo "Testing connection to Kubernetes cluster..." + kubectl cluster-info - name: Deploy to Kubernetes run: | From 52730b4e20eedd1b0a30985dc0ae8089dab2283a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Paul=20Gro=C3=9Fmann?= Date: Thu, 17 Jul 2025 23:58:16 +0200 Subject: [PATCH 3/6] Refactor Kubernetes deployment configuration to use kustomize overlays and update ingress handling --- .github/workflows/deploy.yml | 13 +++++-------- k8s/deployment.yml | 5 +++-- k8s/ingress.yml | 3 ++- k8s/kustomization.yml | 11 +++++++++++ k8s/namespace.yml | 4 ++++ k8s/overlays/dev/kustomization.yml | 28 ++++++++++++++++++++++++++++ k8s/overlays/main/kustomization.yml | 28 ++++++++++++++++++++++++++++ k8s/service.yml | 1 + 8 files changed, 82 insertions(+), 11 deletions(-) create mode 100644 k8s/kustomization.yml create mode 100644 k8s/namespace.yml create mode 100644 k8s/overlays/dev/kustomization.yml create mode 100644 k8s/overlays/main/kustomization.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 2608fe5..854da84 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -68,15 +68,12 @@ jobs: - name: Deploy to Kubernetes run: | if [ "${{ github.ref_name }}" = "main" ]; then - INGRESS_HOST="wiki.coregame.de" + OVERLAY=main elif [ "${{ github.ref_name }}" = "dev" ]; then - INGRESS_HOST="dev.wiki.coregame.de" + OVERLAY=dev else - echo "Branch is not main or dev, skipping ingress update." + echo "Branch is not main or dev, skipping deployment." exit 1 fi - sed -i "s|IMAGE_TAG|${{ env.IMAGE_NAME }}|g" k8s/deployment.yml - sed -i "s|INGRESS_HOST|$INGRESS_HOST|g" k8s/ingress.yml - kubectl apply -f k8s/deployment.yml - kubectl apply -f k8s/service.yml - kubectl apply -f k8s/ingress.yml + cd k8s/overlays/$OVERLAY + kustomize build . | kubectl apply -f - diff --git a/k8s/deployment.yml b/k8s/deployment.yml index ffc1d35..bf21271 100644 --- a/k8s/deployment.yml +++ b/k8s/deployment.yml @@ -2,8 +2,9 @@ apiVersion: apps/v1 kind: Deployment metadata: name: public-wiki + namespace: wiki spec: - replicas: 1 + replicas: 3 # default, will be overridden by overlays selector: matchLabels: app: public-wiki @@ -14,6 +15,6 @@ spec: spec: containers: - name: public-wiki - image: IMAGE_TAG + image: IMAGE_TAG # will be replaced by kustomize ports: - containerPort: 3000 diff --git a/k8s/ingress.yml b/k8s/ingress.yml index f9aa089..8c9d41e 100644 --- a/k8s/ingress.yml +++ b/k8s/ingress.yml @@ -2,11 +2,12 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: public-wiki-ingress + namespace: wiki annotations: nginx.ingress.kubernetes.io/rewrite-target: / spec: rules: - - host: INGRESS_HOST + - host: PLACEHOLDER_HOST http: paths: - path: / diff --git a/k8s/kustomization.yml b/k8s/kustomization.yml new file mode 100644 index 0000000..133a1d5 --- /dev/null +++ b/k8s/kustomization.yml @@ -0,0 +1,11 @@ +resources: + - namespace.yml + - deployment.yml + - service.yml + - ingress.yml + +images: + - name: public-wiki + newName: IMAGE_TAG + +namespace: wiki diff --git a/k8s/namespace.yml b/k8s/namespace.yml new file mode 100644 index 0000000..5367c37 --- /dev/null +++ b/k8s/namespace.yml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: wiki diff --git a/k8s/overlays/dev/kustomization.yml b/k8s/overlays/dev/kustomization.yml new file mode 100644 index 0000000..a1c5ba9 --- /dev/null +++ b/k8s/overlays/dev/kustomization.yml @@ -0,0 +1,28 @@ +resources: + - ../../deployment.yml + - ../../service.yml + - ../../ingress.yml + - ../../namespace.yml + +namespace: wiki + +patches: + - target: + kind: Deployment + name: public-wiki + patch: |- + - op: replace + path: /spec/replicas + value: 1 + - target: + kind: Ingress + name: public-wiki-ingress + patch: |- + - op: replace + path: /spec/rules/0/host + value: dev.wiki.coregame.de + +images: + - name: IMAGE_TAG + newName: ghcr.io/42core-team/wiki + newTag: dev diff --git a/k8s/overlays/main/kustomization.yml b/k8s/overlays/main/kustomization.yml new file mode 100644 index 0000000..28e55e8 --- /dev/null +++ b/k8s/overlays/main/kustomization.yml @@ -0,0 +1,28 @@ +resources: + - ../../deployment.yml + - ../../service.yml + - ../../ingress.yml + - ../../namespace.yml + +namespace: wiki + +patches: + - target: + kind: Deployment + name: public-wiki + patch: |- + - op: replace + path: /spec/replicas + value: 3 + - target: + kind: Ingress + name: public-wiki-ingress + patch: |- + - op: replace + path: /spec/rules/0/host + value: wiki.coregame.de + +images: + - name: IMAGE_TAG + newName: ghcr.io/42core-team/wiki + newTag: main diff --git a/k8s/service.yml b/k8s/service.yml index e779618..7fde4d4 100644 --- a/k8s/service.yml +++ b/k8s/service.yml @@ -2,6 +2,7 @@ apiVersion: v1 kind: Service metadata: name: public-wiki + namespace: wiki spec: selector: app: public-wiki From 7261a21b27a63dcc5ee4f7f121bcca6603bcc471 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Paul=20Gro=C3=9Fmann?= Date: Fri, 18 Jul 2025 00:02:15 +0200 Subject: [PATCH 4/6] Refactor Kubernetes manifests to include labels for better resource management and update deployment structure --- .github/workflows/deploy.yml | 2 +- k8s/base/deployment.yml | 22 ++++++++++++++++++++++ k8s/base/ingress.yml | 21 +++++++++++++++++++++ k8s/base/kustomization.yml | 11 +++++++++++ k8s/base/namespace.yml | 6 ++++++ k8s/base/service.yml | 14 ++++++++++++++ k8s/deployment.yml | 2 ++ k8s/ingress.yml | 2 ++ k8s/kustomization.yml | 1 - k8s/namespace.yml | 2 ++ k8s/overlays/dev/kustomization.yml | 5 +---- k8s/overlays/main/kustomization.yml | 5 +---- k8s/service.yml | 2 ++ 13 files changed, 85 insertions(+), 10 deletions(-) create mode 100644 k8s/base/deployment.yml create mode 100644 k8s/base/ingress.yml create mode 100644 k8s/base/kustomization.yml create mode 100644 k8s/base/namespace.yml create mode 100644 k8s/base/service.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 854da84..f370d62 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -76,4 +76,4 @@ jobs: exit 1 fi cd k8s/overlays/$OVERLAY - kustomize build . | kubectl apply -f - + kustomize build . | kubectl apply --prune -l app=public-wiki -f - diff --git a/k8s/base/deployment.yml b/k8s/base/deployment.yml new file mode 100644 index 0000000..fb3d231 --- /dev/null +++ b/k8s/base/deployment.yml @@ -0,0 +1,22 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: public-wiki + namespace: wiki + labels: + app: public-wiki +spec: + replicas: 3 # default, will be overridden by overlays + selector: + matchLabels: + app: public-wiki + template: + metadata: + labels: + app: public-wiki + spec: + containers: + - name: public-wiki + image: IMAGE_TAG # will be replaced by kustomize + ports: + - containerPort: 3000 diff --git a/k8s/base/ingress.yml b/k8s/base/ingress.yml new file mode 100644 index 0000000..99fec47 --- /dev/null +++ b/k8s/base/ingress.yml @@ -0,0 +1,21 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: public-wiki-ingress + namespace: wiki + labels: + app: public-wiki + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / +spec: + rules: + - host: PLACEHOLDER_HOST + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: public-wiki + port: + number: 80 diff --git a/k8s/base/kustomization.yml b/k8s/base/kustomization.yml new file mode 100644 index 0000000..133a1d5 --- /dev/null +++ b/k8s/base/kustomization.yml @@ -0,0 +1,11 @@ +resources: + - namespace.yml + - deployment.yml + - service.yml + - ingress.yml + +images: + - name: public-wiki + newName: IMAGE_TAG + +namespace: wiki diff --git a/k8s/base/namespace.yml b/k8s/base/namespace.yml new file mode 100644 index 0000000..adf0a9e --- /dev/null +++ b/k8s/base/namespace.yml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: wiki + labels: + app: public-wiki diff --git a/k8s/base/service.yml b/k8s/base/service.yml new file mode 100644 index 0000000..229de96 --- /dev/null +++ b/k8s/base/service.yml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: public-wiki + namespace: wiki + labels: + app: public-wiki +spec: + selector: + app: public-wiki + ports: + - protocol: TCP + port: 80 + targetPort: 3000 diff --git a/k8s/deployment.yml b/k8s/deployment.yml index bf21271..fb3d231 100644 --- a/k8s/deployment.yml +++ b/k8s/deployment.yml @@ -3,6 +3,8 @@ kind: Deployment metadata: name: public-wiki namespace: wiki + labels: + app: public-wiki spec: replicas: 3 # default, will be overridden by overlays selector: diff --git a/k8s/ingress.yml b/k8s/ingress.yml index 8c9d41e..99fec47 100644 --- a/k8s/ingress.yml +++ b/k8s/ingress.yml @@ -3,6 +3,8 @@ kind: Ingress metadata: name: public-wiki-ingress namespace: wiki + labels: + app: public-wiki annotations: nginx.ingress.kubernetes.io/rewrite-target: / spec: diff --git a/k8s/kustomization.yml b/k8s/kustomization.yml index 133a1d5..2e58f59 100644 --- a/k8s/kustomization.yml +++ b/k8s/kustomization.yml @@ -3,7 +3,6 @@ resources: - deployment.yml - service.yml - ingress.yml - images: - name: public-wiki newName: IMAGE_TAG diff --git a/k8s/namespace.yml b/k8s/namespace.yml index 5367c37..adf0a9e 100644 --- a/k8s/namespace.yml +++ b/k8s/namespace.yml @@ -2,3 +2,5 @@ apiVersion: v1 kind: Namespace metadata: name: wiki + labels: + app: public-wiki diff --git a/k8s/overlays/dev/kustomization.yml b/k8s/overlays/dev/kustomization.yml index a1c5ba9..f0b5288 100644 --- a/k8s/overlays/dev/kustomization.yml +++ b/k8s/overlays/dev/kustomization.yml @@ -1,8 +1,5 @@ resources: - - ../../deployment.yml - - ../../service.yml - - ../../ingress.yml - - ../../namespace.yml + - ../base namespace: wiki diff --git a/k8s/overlays/main/kustomization.yml b/k8s/overlays/main/kustomization.yml index 28e55e8..5abc38b 100644 --- a/k8s/overlays/main/kustomization.yml +++ b/k8s/overlays/main/kustomization.yml @@ -1,8 +1,5 @@ resources: - - ../../deployment.yml - - ../../service.yml - - ../../ingress.yml - - ../../namespace.yml + - ../base namespace: wiki diff --git a/k8s/service.yml b/k8s/service.yml index 7fde4d4..229de96 100644 --- a/k8s/service.yml +++ b/k8s/service.yml @@ -3,6 +3,8 @@ kind: Service metadata: name: public-wiki namespace: wiki + labels: + app: public-wiki spec: selector: app: public-wiki From 6e4def0d22810b75ebbcd4df039086c55f3d412e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Paul=20Gro=C3=9Fmann?= Date: Fri, 18 Jul 2025 00:04:25 +0200 Subject: [PATCH 5/6] Enhance Docker image tagging in deployment workflow and update resource paths in kustomization files --- .github/workflows/deploy.yml | 18 +++++++++++++++++- k8s/overlays/dev/kustomization.yml | 2 +- k8s/overlays/main/kustomization.yml | 2 +- 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index f370d62..d6b19ad 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -20,6 +20,22 @@ jobs: - name: Checkout repository uses: actions/checkout@v3 + - name: Set up Docker tags + id: docker_tags + run: | + BRANCH="${GITHUB_REF_NAME}" + SHORT_SHA=$(echo "${GITHUB_SHA}" | cut -c1-7) + IMAGE_BASE="ghcr.io/${{ github.repository }}" + TAGS="" + if [ "$BRANCH" = "main" ]; then + TAGS+="${IMAGE_BASE}:main,${IMAGE_BASE}:latest,${IMAGE_BASE}:main-${SHORT_SHA}" + elif [ "$BRANCH" = "dev" ]; then + TAGS+="${IMAGE_BASE}:dev,${IMAGE_BASE}:dev-${SHORT_SHA}" + else + TAGS+="${IMAGE_BASE}:${BRANCH},${IMAGE_BASE}:${BRANCH}-${SHORT_SHA}" + fi + echo "tags=$TAGS" >> $GITHUB_OUTPUT + - name: Log in to the Container registry uses: docker/login-action@v2 with: @@ -32,7 +48,7 @@ jobs: with: context: . push: true - tags: ${{ env.IMAGE_NAME }} + tags: ${{ steps.docker_tags.outputs.tags }} deploy: runs-on: ubuntu-latest diff --git a/k8s/overlays/dev/kustomization.yml b/k8s/overlays/dev/kustomization.yml index f0b5288..b593024 100644 --- a/k8s/overlays/dev/kustomization.yml +++ b/k8s/overlays/dev/kustomization.yml @@ -1,5 +1,5 @@ resources: - - ../base + - ../../base namespace: wiki diff --git a/k8s/overlays/main/kustomization.yml b/k8s/overlays/main/kustomization.yml index 5abc38b..63214dc 100644 --- a/k8s/overlays/main/kustomization.yml +++ b/k8s/overlays/main/kustomization.yml @@ -1,5 +1,5 @@ resources: - - ../base + - ../../base namespace: wiki From 6614f99807b646acb317fd8573bf51e3e5989bcd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Paul=20Gro=C3=9Fmann?= Date: Fri, 18 Jul 2025 00:07:25 +0200 Subject: [PATCH 6/6] Enhance Kubernetes deployment by adding prune allowlists for better resource management --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index d6b19ad..a9f8829 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -92,4 +92,4 @@ jobs: exit 1 fi cd k8s/overlays/$OVERLAY - kustomize build . | kubectl apply --prune -l app=public-wiki -f - + kustomize build . | kubectl apply --prune -l app=public-wiki --prune-allowlist=core/v1/Namespace --prune-allowlist=apps/v1/Deployment --prune-allowlist=core/v1/Service --prune-allowlist=networking.k8s.io/v1/Ingress -f -