underpost 2.89.1 → 2.89.21

package/.env.development

@@ -22,6 +22,8 @@ ROUTER=changethis
 CLOUDINARY_CLOUD_NAME=changethis
 CLOUDINARY_API_KEY=changethis
 CLOUDINARY_API_SECRET=changethis
+CLOUDINARY_PASSWORD=changethis
+CLOUDINARY_EMAIL=admin@default.net
 DB_PG_MAAS_NAME=changethis
 DB_PG_MAAS_PASS=changethis
 DB_PG_MAAS_USER=changethis

package/.env.production

@@ -23,6 +23,8 @@ ROUTER=changethis
 CLOUDINARY_CLOUD_NAME=changethis
 CLOUDINARY_API_KEY=changethis
 CLOUDINARY_API_SECRET=changethis
+CLOUDINARY_PASSWORD=changethis
+CLOUDINARY_EMAIL=admin@default.net
 DB_PG_MAAS_NAME=changethis
 DB_PG_MAAS_PASS=changethis
 DB_PG_MAAS_USER=changethis

package/.env.test

@@ -22,6 +22,8 @@ ROUTER=changethis
 CLOUDINARY_CLOUD_NAME=changethis
 CLOUDINARY_API_KEY=changethis
 CLOUDINARY_API_SECRET=changethis
+CLOUDINARY_PASSWORD=changethis
+CLOUDINARY_EMAIL=admin@default.net
 DB_PG_MAAS_NAME=changethis
 DB_PG_MAAS_PASS=changethis
 DB_PG_MAAS_USER=changethis

package/.github/workflows/release.cd.yml

@@ -22,6 +22,8 @@ jobs:
           key: ${{ secrets.SSH_PRIV_KEY }}
           # Remote port (optional)
           port: ${{ secrets.SSH_PORT }}
+          # Optional: increase timeout for long-running commands
+          command_timeout: 60m
           # Optional: if your private key has a passphrase, add:
           # passphrase: ${{ secrets.SSH_KEY_PASSPHRASE }}
           # Commands to run on the remote VM

package/README.md

@@ -18,7 +18,7 @@
 
 <!-- badges -->
 
-[![Node.js CI](https://github.com/underpostnet/engine/actions/workflows/docker-image.ci.yml/badge.svg?branch=master)](https://github.com/underpostnet/engine/actions/workflows/docker-image.yml) [![Test](https://github.com/underpostnet/engine/actions/workflows/coverall.ci.yml/badge.svg?branch=master)](https://github.com/underpostnet/engine/actions/workflows/coverall.ci.yml) [![Downloads](https://img.shields.io/npm/dm/underpost.svg)](https://www.npmjs.com/package/underpost) [![Socket Badge](https://socket.dev/api/badge/npm/package/underpost/2.89.1)](https://socket.dev/npm/package/underpost/overview/2.89.1) [![Coverage Status](https://coveralls.io/repos/github/underpostnet/engine/badge.svg?branch=master)](https://coveralls.io/github/underpostnet/engine?branch=master) [![Version](https://img.shields.io/npm/v/underpost.svg)](https://www.npmjs.org/package/underpost) [![License](https://img.shields.io/npm/l/underpost.svg)](https://www.npmjs.com/package/underpost)
+[![Node.js CI](https://github.com/underpostnet/engine/actions/workflows/docker-image.ci.yml/badge.svg?branch=master)](https://github.com/underpostnet/engine/actions/workflows/docker-image.yml) [![Test](https://github.com/underpostnet/engine/actions/workflows/coverall.ci.yml/badge.svg?branch=master)](https://github.com/underpostnet/engine/actions/workflows/coverall.ci.yml) [![Downloads](https://img.shields.io/npm/dm/underpost.svg)](https://www.npmjs.com/package/underpost) [![Socket Badge](https://socket.dev/api/badge/npm/package/underpost/2.89.21)](https://socket.dev/npm/package/underpost/overview/2.89.21) [![Coverage Status](https://coveralls.io/repos/github/underpostnet/engine/badge.svg?branch=master)](https://coveralls.io/github/underpostnet/engine?branch=master) [![Version](https://img.shields.io/npm/v/underpost.svg)](https://www.npmjs.org/package/underpost) [![License](https://img.shields.io/npm/l/underpost.svg)](https://www.npmjs.com/package/underpost)
 
 <!-- end-badges -->
 
@@ -66,7 +66,7 @@ Run dev client server
 npm run dev
 ```
 <!-- -->
-## underpost ci/cd cli v2.89.1
+## underpost ci/cd cli v2.89.21
 
 ### Usage: `underpost [options] [command]`
   ```
@@ -106,4 +106,3 @@ Commands:
 ```
 
 <a target="_top" href="https://github.com/underpostnet/pwa-microservices-template/blob/master/cli.md">See complete CLI Docs here.</a>
-

package/cli.md

@@ -1,4 +1,4 @@
-## underpost ci/cd cli v2.89.1
+## underpost ci/cd cli v2.89.21
 
 ### Usage: `underpost [options] [command]`
   ```
@@ -146,6 +146,9 @@ Options:
   --deploy-id <deploy-id>  Sets the deployment configuration ID for the commit
                            context.
   --cached                 Commit staged changes only or context.
+  --hashes <hashes>        Comma-separated list of specific file hashes of
+                           commits.
+  --extension <extension>  specific file extensions of commits.
   -h, --help               display help for command
  
 ```
@@ -228,56 +231,66 @@ Options:
 Manages Kubernetes clusters, defaulting to Kind cluster initialization.
 
 Arguments:
-  pod-name                Optional: Filters information by a specific pod name.
+  pod-name                    Optional: Filters information by a specific pod
+                              name.
 
 Options:
-  --reset                 Deletes all clusters and prunes all related data and
-                          caches.
-  --mariadb               Initializes the cluster with a MariaDB statefulset.
-  --mysql                 Initializes the cluster with a MySQL statefulset.
-  --mongodb               Initializes the cluster with a MongoDB statefulset.
-  --mongo-db-host <host>  Set custom mongo db host
-  --postgresql            Initializes the cluster with a PostgreSQL
-                          statefulset.
-  --mongodb4              Initializes the cluster with a MongoDB 4.4 service.
-  --valkey                Initializes the cluster with a Valkey service.
-  --contour               Initializes the cluster with Project Contour base
-                          HTTPProxy and Envoy.
-  --cert-manager          Initializes the cluster with a Let's Encrypt
-                          production ClusterIssuer.
-  --dedicated-gpu         Initializes the cluster with dedicated GPU base
-                          resources and environment settings.
-  --info                  Retrieves information about all deployed Kubernetes
-                          objects.
-  --full                  Initializes the cluster with all available
-                          statefulsets and services.
-  --ns-use <ns-name>      Switches the current Kubernetes context to the
-                          specified namespace.
-  --kubeadm               Initializes the cluster using kubeadm for control
-                          plane management.
-  --grafana               Initializes the cluster with a Grafana deployment.
-  --prom [hosts]          Initializes the cluster with a Prometheus Operator
-                          deployment and monitor scrap for specified hosts.
-  --dev                   Initializes a development-specific cluster
-                          configuration.
-  --list-pods             Displays detailed information about all pods.
-  --info-capacity         Displays the current total machine capacity
-                          information.
-  --info-capacity-pod     Displays the current machine capacity information per
-                          pod.
-  --pull-image            Sets an optional associated image to pull during
-                          initialization.
-  --init-host             Installs necessary Kubernetes node CLI tools (e.g.,
-                          kind, kubeadm, docker, podman, helm).
-  --uninstall-host        Uninstalls all host components installed by
-                          init-host.
-  --config                Sets the base Kubernetes node configuration.
-  --worker                Sets the context for a worker node.
-  --chown                 Sets the appropriate ownership for Kubernetes
-                          kubeconfig files.
-  --k3s                   Initializes the cluster using K3s (Lightweight
-                          Kubernetes).
-  -h, --help              display help for command
+  --reset                     Deletes all clusters and prunes all related data
+                              and caches.
+  --mariadb                   Initializes the cluster with a MariaDB
+                              statefulset.
+  --mysql                     Initializes the cluster with a MySQL statefulset.
+  --mongodb                   Initializes the cluster with a MongoDB
+                              statefulset.
+  --mongo-db-host <host>      Set custom mongo db host
+  --postgresql                Initializes the cluster with a PostgreSQL
+                              statefulset.
+  --mongodb4                  Initializes the cluster with a MongoDB 4.4
+                              service.
+  --valkey                    Initializes the cluster with a Valkey service.
+  --contour                   Initializes the cluster with Project Contour base
+                              HTTPProxy and Envoy.
+  --cert-manager              Initializes the cluster with a Let's Encrypt
+                              production ClusterIssuer.
+  --dedicated-gpu             Initializes the cluster with dedicated GPU base
+                              resources and environment settings.
+  --info                      Retrieves information about all deployed
+                              Kubernetes objects.
+  --full                      Initializes the cluster with all available
+                              statefulsets and services.
+  --ns-use <ns-name>          Switches the current Kubernetes context to the
+                              specified namespace.
+  --kubeadm                   Initializes the cluster using kubeadm for control
+                              plane management.
+  --grafana                   Initializes the cluster with a Grafana
+                              deployment.
+  --prom [hosts]              Initializes the cluster with a Prometheus
+                              Operator deployment and monitor scrap for
+                              specified hosts.
+  --dev                       Initializes a development-specific cluster
+                              configuration.
+  --list-pods                 Displays detailed information about all pods.
+  --info-capacity             Displays the current total machine capacity
+                              information.
+  --info-capacity-pod         Displays the current machine capacity information
+                              per pod.
+  --pull-image                Sets an optional associated image to pull during
+                              initialization.
+  --init-host                 Installs necessary Kubernetes node CLI tools
+                              (e.g., kind, kubeadm, docker, podman, helm).
+  --uninstall-host            Uninstalls all host components installed by
+                              init-host.
+  --config                    Sets the base Kubernetes node configuration.
+  --worker                    Sets the context for a worker node.
+  --chown                     Sets the appropriate ownership for Kubernetes
+                              kubeconfig files.
+  --k3s                       Initializes the cluster using K3s (Lightweight
+                              Kubernetes).
+  --hosts <hosts>             A comma-separated list of cluster hostnames or IP
+                              addresses.
+  --remove-volume-host-paths  Removes specified volume host paths after
+                              execution.
+  -h, --help                  display help for command
  
 ```
   
@@ -289,50 +302,55 @@ Options:
 Manages application deployments, defaulting to deploying development pods.
 
 Arguments:
-  deploy-list                       A comma-separated list of deployment IDs
-                                    (e.g., "default-a,default-b").
-  env                               Optional: The environment for deployment
-                                    (e.g., "development", "production").
-                                    Defaults to "development".
+  deploy-list                        A comma-separated list of deployment IDs
+                                     (e.g., "default-a,default-b").
+  env                                Optional: The environment for deployment
+                                     (e.g., "development", "production").
+                                     Defaults to "development".
 
 Options:
-  --remove                          Deletes specified deployments and their
-                                    associated services.
-  --sync                            Synchronizes deployment environment
-                                    variables, ports, and replica counts.
-  --info-router                     Displays the current router structure and
-                                    configuration.
-  --expose                          Exposes services matching the provided
-                                    deployment ID list.
-  --info-util                       Displays useful `kubectl` utility
-                                    management commands.
-  --cert                            Resets TLS/SSL certificate secrets for
-                                    deployments.
-  --cert-hosts <hosts>              Resets TLS/SSL certificate secrets for
-                                    specified hosts.
-  --node <node>                     Sets optional node for deployment
-                                    operations.
-  --build-manifest                  Builds Kubernetes YAML manifests, including
-                                    deployments, services, proxies, and
-                                    secrets.
-  --replicas <replicas>             Sets a custom number of replicas for
-                                    deployments.
-  --image <image>                   Sets a custom image for deployments.
-  --versions <deployment-versions>  A comma-separated list of custom deployment
-                                    versions.
-  --traffic <traffic-versions>      A comma-separated list of custom deployment
-                                    traffic weights.
-  --disable-update-deployment       Disables updates to deployments.
-  --disable-update-proxy            Disables updates to proxies.
-  --status                          Retrieves current network traffic data from
-                                    resource deployments and the host machine
-                                    network configuration.
-  --kubeadm                         Enables the kubeadm context for deployment
-                                    operations.
-  --etc-hosts                       Enables the etc-hosts context for
-                                    deployment operations.
-  --restore-hosts                   Restores default `/etc/hosts` entries.
-  -h, --help                        display help for command
+  --remove                           Deletes specified deployments and their
+                                     associated services.
+  --sync                             Synchronizes deployment environment
+                                     variables, ports, and replica counts.
+  --info-router                      Displays the current router structure and
+                                     configuration.
+  --expose                           Exposes services matching the provided
+                                     deployment ID list.
+  --info-util                        Displays useful `kubectl` utility
+                                     management commands.
+  --cert                             Resets TLS/SSL certificate secrets for
+                                     deployments.
+  --cert-hosts <hosts>               Resets TLS/SSL certificate secrets for
+                                     specified hosts.
+  --node <node>                      Sets optional node for deployment
+                                     operations.
+  --build-manifest                   Builds Kubernetes YAML manifests,
+                                     including deployments, services, proxies,
+                                     and secrets.
+  --replicas <replicas>              Sets a custom number of replicas for
+                                     deployments.
+  --image <image>                    Sets a custom image for deployments.
+  --versions <deployment-versions>   A comma-separated list of custom
+                                     deployment versions.
+  --traffic <traffic-versions>       A comma-separated list of custom
+                                     deployment traffic weights.
+  --disable-update-deployment        Disables updates to deployments.
+  --disable-update-proxy             Disables updates to proxies.
+  --disable-deployment-proxy         Disables proxies of deployments.
+  --disable-update-volume            Disables updates to volume mounts during
+                                     deployment.
+  --status                           Retrieves current network traffic data
+                                     from resource deployments and the host
+                                     machine network configuration.
+  --kubeadm                          Enables the kubeadm context for deployment
+                                     operations.
+  --etc-hosts                        Enables the etc-hosts context for
+                                     deployment operations.
+  --restore-hosts                    Restores default `/etc/hosts` entries.
+  --disable-update-underpost-config  Disables updates to Underpost
+                                     configuration during deployment.
+  -h, --help                         display help for command
  
 ```
   
@@ -623,7 +641,7 @@ Options:
 Runs a script from the specified path.
 
 Arguments:
-  runner-id                                The runner ID to run. Options: spark-template, rmi, kill, secret, underpost-config, gpu-env, tf-gpu-test, dev-cluster, ssh-cluster-info, dev-hosts-expose, dev-hosts-restore, cluster-build, template-deploy, template-deploy-image, clean, pull, release-deploy, ssh-deploy, ide, sync, tz, cron, ls-deployments, ls-images, host-update, dev-container, monitor, db-client, git-conf, promote, metrics, cluster, deploy, dev, service, sh, log, release-cmt, sync-replica, tf-vae-test, deploy-job.
+  runner-id                                The runner ID to run. Options: spark-template, rmi, kill, secret, underpost-config, gpu-env, tf-gpu-test, dev-cluster, metadata, svc-ls, svc-rm, ssh-cluster-info, dev-hosts-expose, dev-hosts-restore, cluster-build, template-deploy, template-deploy-image, clean, pull, release-deploy, ssh-deploy, ide, sync, tz, cron, ls-deployments, ls-images, host-update, dd-container, monitor, db-client, git-conf, promote, metrics, cluster, deploy, dev, service, sh, log, release-cmt, sync-replica, tf-vae-test, deploy-job.
   path                                     The absolute or relative directory path where the script is located.
 
 Options:
@@ -632,13 +650,24 @@ Options:
   --dev                                    Sets the development context environment for the script.
   --build                                  Set builder context runner
   --replicas <replicas>                    Sets a custom number of replicas for deployment.
-  --pod-name <pod-name>                    Optional: Specifies the pod name for test execution.
+  --pod-name <pod-name>                    Optional: Specifies the pod name for execution.
+  --node-name <node-name>                  Optional: Specifies the node name for execution.
+  --port <port>                            Optional: Specifies the port for execution.
+  --etc-hosts                              Enables etc-hosts context for the runner execution.
   --volume-host-path <volume-host-path>    Optional: Specifies the volume host path for test execution.
   --volume-mount-path <volume-mount-path>  Optional: Specifies the volume mount path for test execution.
   --volume-type <volume-type>              Optional: Specifies the volume type for test execution.
   --image-name <image-name>                Optional: Specifies the image name for test execution.
   --container-name <container-name>        Optional: Specifies the container name for test execution.
   --namespace <namespace>                  Optional: Specifies the namespace for test execution.
+  --tty                                    Enables TTY for the container in deploy-job.
+  --stdin                                  Keeps STDIN open for the container in deploy-job.
+  --restart-policy <policy>                Sets the restart policy for the job in deploy-job.
+  --runtime-class-name <name>              Sets the runtime class name for the job in deploy-job.
+  --image-pull-policy <policy>             Sets the image pull policy for the job in deploy-job.
+  --api-version <version>                  Sets the API version for the job manifest in deploy-job.
+  --claim-name <name>                      Optional: Specifies the claim name for volume mounting in deploy-job.
+  --kind <kind-type>                       Specifies the kind of Kubernetes resource (e.g., Job, Deployment) for deploy-job.
   --kubeadm                                Flag to indicate Kubeadm cluster type context
   --k3s                                    Flag to indicate K3s cluster type context
   --force                                  Forces operation, overriding any warnings or conflicts.
@@ -647,6 +676,7 @@ Options:
   --terminal                               Enables terminal mode for interactive script execution.
   --dev-proxy-port-offset <port-offset>    Sets a custom port offset for development proxy.
   --conf-server-path <conf-server-path>    Sets a custom configuration server path.
+  --underpost-root <underpost-root>        Sets a custom Underpost root path.
   -h, --help                               display help for command
  
 ```
@@ -733,4 +763,3 @@ Options:
   -h, --help                     display help for command
  
 ```
-  

package/manifests/deployment/dd-default-development/deployment.yaml

@@ -17,7 +17,7 @@ spec:
     spec:
       containers:
         - name: dd-default-development-blue
-          image: localhost/rockylinux9-underpost:v2.89.1
+          image: localhost/rockylinux9-underpost:v2.89.21
           #          resources:
           #            requests:
           #              memory: "124Ki"
@@ -100,7 +100,7 @@ spec:
     spec:
       containers:
         - name: dd-default-development-green
-          image: localhost/rockylinux9-underpost:v2.89.1
+          image: localhost/rockylinux9-underpost:v2.89.21
           #          resources:
           #            requests:
           #              memory: "124Ki"

package/manifests/deployment/dd-test-development/deployment.yaml

@@ -17,7 +17,7 @@ spec:
     spec:
       containers:
         - name: dd-test-development-blue
-          image: localhost/rockylinux9-underpost:v2.89.1
+          image: localhost/rockylinux9-underpost:v2.89.21
 #          resources:
 #            requests:
 #              memory: "96294Ki"
@@ -33,13 +33,17 @@ spec:
               npm install -g underpost &&
               underpost secret underpost --create-from-file /etc/config/.env.development &&
               underpost start --build --run dd-test development
+    
           volumeMounts:
             - name: config-volume
               mountPath: /etc/config
+    
       volumes:
         - name: config-volume
           configMap:
             name: underpost-config
+    
+      
 ---
 apiVersion: v1
 kind: Service
@@ -104,7 +108,7 @@ spec:
     spec:
       containers:
         - name: dd-test-development-green
-          image: localhost/rockylinux9-underpost:v2.89.1
+          image: localhost/rockylinux9-underpost:v2.89.21
 #          resources:
 #            requests:
 #              memory: "96294Ki"
@@ -120,13 +124,17 @@ spec:
               npm install -g underpost &&
               underpost secret underpost --create-from-file /etc/config/.env.development &&
               underpost start --build --run dd-test development
+    
           volumeMounts:
             - name: config-volume
               mountPath: /etc/config
+    
       volumes:
         - name: config-volume
           configMap:
             name: underpost-config
+    
+      
 ---
 apiVersion: v1
 kind: Service

package/manifests/deployment/dd-test-development/proxy.yaml

@@ -10,6 +10,7 @@ spec:
   routes:
     - conditions:
         - prefix: /
+      
       enableWebsockets: true
       services:
         - name: dd-test-development-blue-service
@@ -18,6 +19,7 @@ spec:
     
     - conditions:
         - prefix: /peer
+      
       enableWebsockets: true
       services:
         - name: dd-test-development-blue-service
@@ -35,6 +37,7 @@ spec:
   routes:
     - conditions:
         - prefix: /
+      
       enableWebsockets: true
       services:
         - name: dd-test-development-blue-service
@@ -43,6 +46,7 @@ spec:
     
     - conditions:
         - prefix: /peer
+      
       enableWebsockets: true
       services:
         - name: dd-test-development-blue-service

package/manifests/grafana/deployment.yaml

@@ -21,6 +21,13 @@ spec:
       containers:
         - name: grafana
           image: grafana/grafana:latest
+          env:
+            # - name: GF_SERVER_ROOT_URL
+            #   value: '{{GF_SERVER_ROOT_URL}}'
+            - name: GF_SERVER_ROOT_URL
+              value: '/grafana'
+            - name: GF_SERVER_SERVE_FROM_SUB_PATH
+              value: 'true'
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 3000

package/manifests/grafana/kustomization.yaml

@@ -2,6 +2,6 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
+  - storage-class.yaml
   - pvc.yaml
-  - deployment.yaml
   - service.yaml

package/manifests/grafana/pvc.yaml

@@ -6,7 +6,7 @@ metadata:
 spec:
   accessModes:
     - ReadWriteOnce
-  storageClassName: local-path
+  storageClassName: grafana-storage-class
   resources:
     requests:
       storage: 5Gi

package/manifests/grafana/storage-class.yaml

@@ -0,0 +1,9 @@
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: grafana-storage-class
+  annotations:
+    storageclass.kubernetes.io/is-default-class: 'false'
+provisioner: rancher.io/local-path
+reclaimPolicy: Retain
+volumeBindingMode: WaitForFirstConsumer

package/manifests/pv-pvc-dd.yaml

@@ -0,0 +1,34 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: pv-dd
+spec:
+  capacity:
+    storage: 5Gi
+  accessModes:
+    - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain
+  storageClassName: manual
+  hostPath:
+    path: /home/dd
+    type: DirectoryOrCreate
+  nodeAffinity:
+    required:
+      nodeSelectorTerms:
+        - matchExpressions:
+            - key: kubernetes.io/hostname
+              operator: In
+              values:
+                - localhost
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: pvc-dd
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: manual
+  resources:
+    requests:
+      storage: 1Gi

package/package.json

@@ -2,7 +2,7 @@
     "type": "module",
     "main": "src/index.js",
     "name": "underpost",
-    "version": "2.89.1",
+    "version": "2.89.21",
     "description": "pwa api rest template",
     "scripts": {
         "start": "env-cmd -f .env.production node --max-old-space-size=8192 src/server",

package/src/cli/cluster.js

@@ -58,6 +58,8 @@ class UnderpostCluster {
      * @param {boolean} [options.config=false] - Apply general host configuration (SELinux, containerd, sysctl, firewalld).
      * @param {boolean} [options.worker=false] - Configure as a worker node (for Kubeadm or K3s join).
      * @param {boolean} [options.chown=false] - Set up kubectl configuration for the current user.
+     * @param {boolean} [options.removeVolumeHostPaths=false] - Remove data from host paths used by Persistent Volumes.
+     * @param {string} [options.hosts] - Set custom hosts entries.
      * @memberof UnderpostCluster
      */
     async init(
@@ -90,6 +92,8 @@ class UnderpostCluster {
         config: false,
         worker: false,
         chown: false,
+        removeVolumeHostPaths: false,
+        hosts: '',
       },
     ) {
       // Handles initial host setup (installing docker, podman, kind, kubeadm, helm)
@@ -151,7 +155,11 @@ class UnderpostCluster {
       }
 
       // Reset Kubernetes cluster components (Kind/Kubeadm/K3s) and container runtimes
-      if (options.reset === true) return await UnderpostCluster.API.safeReset({ underpostRoot });
+      if (options.reset === true)
+        return await UnderpostCluster.API.safeReset({
+          underpostRoot,
+          removeVolumeHostPaths: options.removeVolumeHostPaths,
+        });
 
       // Check if a cluster (Kind, Kubeadm, or K3s) is already initialized
       const alreadyKubeadmCluster = UnderpostDeploy.API.get('calico-kube-controllers')[0];
@@ -280,6 +288,14 @@ class UnderpostCluster {
       if (options.grafana === true) {
         shellExec(`kubectl delete deployment grafana --ignore-not-found`);
         shellExec(`kubectl apply -k ${underpostRoot}/manifests/grafana`);
+        const yaml = `${fs
+          .readFileSync(`${underpostRoot}/manifests/grafana/deployment.yaml`, 'utf8')
+          .replace('{{GF_SERVER_ROOT_URL}}', options.hosts.split(',')[0])}`;
+        console.log(yaml);
+        shellExec(`kubectl apply -f - <<EOF
+${yaml}
+EOF
+`);
       }
 
       if (options.prom && typeof options.prom === 'string') {
@@ -575,9 +591,10 @@ net.ipv4.ip_forward = 1' | sudo tee ${iptableConfPath}`,
      * in coredns) by restoring SELinux security contexts and safely cleaning up cluster artifacts.
      * @param {object} [options] - Configuration options for the reset.
      * @param {string} [options.underpostRoot] - The root path of the underpost project.
+     * @param {boolean} [options.removeVolumeHostPaths=false] - Whether to remove data from host paths used by Persistent Volumes.
      * @memberof UnderpostCluster
      */
-    async safeReset(options = { underpostRoot: '.' }) {
+    async safeReset(options = { underpostRoot: '.', removeVolumeHostPaths: false }) {
       logger.info('Starting a safe and comprehensive reset of Kubernetes and container environments...');
 
       try {
@@ -604,25 +621,30 @@ net.ipv4.ip_forward = 1' | sudo tee ${iptableConfPath}`,
         // Phase 1: Clean up Persistent Volumes with hostPath
         // This targets data created by Kubernetes Persistent Volumes that use hostPath.
         logger.info('Phase 1/7: Cleaning Kubernetes hostPath volumes...');
-        try {
-          const pvListJson = shellExec(`kubectl get pv -o json || echo '{"items":[]}'`, { stdout: true, silent: true });
-          const pvList = JSON.parse(pvListJson);
-
-          if (pvList.items && pvList.items.length > 0) {
-            for (const pv of pvList.items) {
-              // Check if the PV uses hostPath and delete its contents
-              if (pv.spec.hostPath && pv.spec.hostPath.path) {
-                const hostPath = pv.spec.hostPath.path;
-                logger.info(`Removing data from host path for PV '${pv.metadata.name}': ${hostPath}`);
-                shellExec(`sudo rm -rf ${hostPath}/* || true`);
+        if (options.removeVolumeHostPaths)
+          try {
+            const pvListJson = shellExec(`kubectl get pv -o json || echo '{"items":[]}'`, {
+              stdout: true,
+              silent: true,
+            });
+            const pvList = JSON.parse(pvListJson);
+
+            if (pvList.items && pvList.items.length > 0) {
+              for (const pv of pvList.items) {
+                // Check if the PV uses hostPath and delete its contents
+                if (pv.spec.hostPath && pv.spec.hostPath.path) {
+                  const hostPath = pv.spec.hostPath.path;
+                  logger.info(`Removing data from host path for PV '${pv.metadata.name}': ${hostPath}`);
+                  shellExec(`sudo rm -rf ${hostPath}/* || true`);
+                }
               }
+            } else {
+              logger.info('No Persistent Volumes found with hostPath to clean up.');
             }
-          } else {
-            logger.info('No Persistent Volumes found with hostPath to clean up.');
+          } catch (error) {
+            logger.error('Failed to clean up Persistent Volumes:', error);
           }
-        } catch (error) {
-          logger.error('Failed to clean up Persistent Volumes:', error);
-        }
+        else logger.info('  -> Skipping hostPath volume cleanup as per configuration.');
         // Phase 2: Restore SELinux and stop services
         // This is critical for fixing the 'permission denied' error you experienced.
         // Enable SELinux permissive mode and restore file contexts.