fix(app): use CBR and correct sa

README.md

@@ -62,8 +62,8 @@ docker push <your-ecr-repo>:latest
 Apply RBAC and deployment configurations:
 
 ```bash
-kubectl apply -f app/example/k8s/rbac.yaml
-kubectl apply -f app/example/k8s/deployment.yaml
+kubectl apply -f examples/k8s/rbac.yaml
+kubectl apply -f examples/k8s/deployment.yaml
 ```
 
 ### Access the Service
@@ -80,6 +80,13 @@ Test the API:
 curl http://<EXTERNAL-IP>/k8s/data
 ```
 
+## Kubernetes Integration
+
+The `/k8s/data` endpoint retrieves information about:
+
+- Nodes: CPU, memory, and allocatable pods.
+- Namespaces: List of all namespaces in the cluster.
+
 ## Endpoints
 
 | Method | Endpoint | Description |

app/extras/pseudographic.py

@@ -45,26 +45,32 @@ def display_virtual_machines():
 
 def display_kubernetes_nodes():
     console = Console()
+    config.load_incluster_config()
+    v1 = client.CoreV1Api()
+
+    # Nodes table
     table = Table(title="Kubernetes Nodes")
-    table.add_column("ID", justify="right")
-    table.add_column("Cluster Name")
     table.add_column("Node Name")
     table.add_column("CPU", justify="right")
-    table.add_column("Memory")
-    table.add_column("Storage")
-    table.add_column("Type")
-    table.add_column("Namespaces")
+    table.add_column("Memory", justify="right")
+    table.add_column("Pods Allocatable", justify="right")
 
-    nodes = fetch_all("kubernetes_nodes")
-    for node in nodes:
+    nodes = v1.list_node()
+    for node in nodes.items:
         table.add_row(
-            str(node[0]), node[1], node[2],
-            str(node[3]), node[4], node[5],
-            node[6], node[7]
+            node.metadata.name,
+            node.status.capacity.get("cpu"),
+            node.status.capacity.get("memory"),
+            node.status.allocatable.get("pods")
         )
-
     console.print(table)
 
+    # Namespaces
+    console.print("\n[bold]Namespaces:[/bold]")
+    namespaces = [ns.metadata.name for ns in v1.list_namespace().items]
+    console.print(", ".join(namespaces))
+
 if __name__ == "__main__":
     display_metal_nodes()
     display_virtual_machines()
+    display_kubernetes_nodes()

app/routes/export.py

@@ -1,19 +1,38 @@
-# Export data in YAML or JSON format
 from fastapi import APIRouter
 from database import fetch_all
 import yaml
 import json
+from kubernetes import client, config
 
 router = APIRouter()
 
+def fetch_k8s_data():
+    config.load_incluster_config()
+    v1 = client.CoreV1Api()
+    # Nodes
+    nodes = v1.list_node()
+    node_data = [{
+        "node_name": node.metadata.name,
+        "cpu": node.status.capacity.get("cpu"),
+        "memory": node.status.capacity.get("memory"),
+        "pods_allocatable": node.status.allocatable.get("pods")
+    } for node in nodes.items]
+
+    # Namespaces
+    namespaces = [ns.metadata.name for ns in v1.list_namespace().items]
+
+    return {"nodes": node_data, "namespaces": namespaces}
+
 @router.get("/export")
 def export_data(format: str = "yaml"):
+    # Fetch database and Kubernetes data
     data = {
         "metal_nodes": fetch_all("metal_nodes"),
         "virtual_machines": fetch_all("virtual_machines"),
-        "kubernetes_nodes": fetch_all("kubernetes_nodes"),
+        "kubernetes": fetch_k8s_data(),
     }
-    # Return data in the requested format
+
+    # Return in the requested format
     if format.lower() == "yaml":
         return yaml.safe_dump(data)
     return json.dumps(data, indent=2)

examples/k8s/deployment.yaml

@@ -14,6 +14,7 @@ spec:
       labels:
         app: metalcheck
     spec:
+      serviceAccountName: metalcheck-sa
       containers:
       - name: backend
         image: <your-ecr-repo>:latest
@@ -29,6 +30,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: metalcheck-backend
+  namespace: metalcheck
 spec:
   selector:
     app: metalcheck

examples/k8s/rbac.yaml

@@ -5,25 +5,23 @@ metadata:
   namespace: metalcheck
 ---
 apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
+kind: ClusterRole
 metadata:
-  namespace: metalcheck
-  name: metalcheck-role
+  name: metalcheck-clusterrole
 rules:
 - apiGroups: [""]
   resources: ["pods", "nodes", "namespaces"]
   verbs: ["get", "list", "watch"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
+kind: ClusterRoleBinding
 metadata:
-  name: metalcheck-rolebinding
-  namespace: metalcheck
+  name: metalcheck-clusterrolebinding
 subjects:
 - kind: ServiceAccount
   name: metalcheck-sa
   namespace: metalcheck
 roleRef:
-  kind: Role
-  name: metalcheck-role
+  kind: ClusterRole
+  name: metalcheck-clusterrole
   apiGroup: rbac.authorization.k8s.io