underpost 2.89.35 → 2.89.44

package/scripts/device-scan.sh

@@ -1,26 +1,42 @@
 #!/usr/bin/env bash
+set -u -o pipefail
 
 for iface_path in /sys/class/net/*; do
+  [ -e "$iface_path" ] || continue
   name=$(basename "$iface_path")
-  mac=$(< "$iface_path/address")
-  ip=$(ip -4 addr show dev "$name" \
-       | grep -oP '(?<=inet\s)\d+(\.\d+){3}' || echo "—")
-  operstate=$(< "$iface_path/operstate")
-  mtu=$(< "$iface_path/mtu")
-
-  # Driver
-  if [ -L "$iface_path/device/driver" ]; then
+
+  # MAC address
+  if [ -r "$iface_path/address" ]; then
+    mac=$(< "$iface_path/address")
+  else
+    mac="—"
+  fi
+
+  # IPv4: collect all IPv4 CIDRs, strip masks, join with commas (or show —)
+  ip_info=$(ip -4 -o addr show dev "$name" 2>/dev/null | awk '{print $4}')
+  if [ -n "$ip_info" ]; then
+    # Use word-splitting intentionally to iterate lines from ip_info
+    ip=$(printf "%s\n" $ip_info | awk -F/ '{print $1}' | paste -sd, -)
+  else
+    ip="—"
+  fi
+
+  # operstate and mtu
+  operstate=$(< "$iface_path/operstate" 2>/dev/null || echo "—")
+  mtu=$(< "$iface_path/mtu" 2>/dev/null || echo "—")
+
+  # Driver (if available)
+  if [ -e "$iface_path/device/driver" ]; then
     driver=$(basename "$(readlink -f "$iface_path/device/driver")")
   else
     driver="—"
   fi
 
-  # Vendor device ID PCI
+  # PCI vendor:device (if available)
   pci_dev="$iface_path/device"
-  if [ -f "$pci_dev/vendor" ] && [ -f "$pci_dev/device" ]; then
+  if [ -r "$pci_dev/vendor" ] && [ -r "$pci_dev/device" ]; then
     vendor_id=$(< "$pci_dev/vendor")
     device_id=$(< "$pci_dev/device")
-    # parse 0x8086 to 8086, etc.
     vendor_id=${vendor_id#0x}
     device_id=${device_id#0x}
     pci="${vendor_id}:${device_id}"
@@ -28,16 +44,22 @@ for iface_path in /sys/class/net/*; do
     pci="—"
   fi
 
-  # Link Speed
+  # Link speed: only append unit if numeric
   speed=$(cat "$iface_path/speed" 2>/dev/null || echo "—")
+  if [[ "$speed" =~ ^[0-9]+$ ]]; then
+    speed_label="${speed} Mb/s"
+  else
+    speed_label="$speed"
+  fi
+
+  # Print formatted output
+  printf 'Interface: %s\n' "$name"
+  printf '  MAC:          %s\n' "$mac"
+  printf '  IPv4:         %s\n' "$ip"
+  printf '  State:        %s\n' "$operstate"
+  printf '  MTU:          %s\n' "$mtu"
+  printf '  Driver:       %s\n' "$driver"
+  printf '  PCI Vendor:Device: %s\n' "$pci"
+  printf '  Link Speed:   %s\n\n' "$speed_label"
 
-  echo "Interface: $name"
-  echo "  MAC:          $mac"
-  echo "  IPv4:         $ip"
-  echo "  State:       $operstate"
-  echo "  MTU:          $mtu"
-  echo "  Driver:       $driver"
-  echo "  PCI Vendor:Device ID: $pci"
-  echo "  Link Speed:   ${speed}Mb/s"
-  echo
 done

package/scripts/rpmfusion-ffmpeg-setup.sh

@@ -32,6 +32,7 @@ echo "6) Try to install audio helper packages that sometimes block ffmpeg (ladsp
 # These may be provided by CRB/EPEL or other compatible repos
 dnf -y install ladspa || echo "ladspa not available from enabled repos (will try later)"
 dnf -y install rubberband || echo "rubberband not available from enabled repos (will try later)"
+dnf -y install libwebp-tools || echo "libwebp-tools not available from enabled repos (will try later)"
 
 echo "7) Try installing ffmpeg (several fallbacks tried)"
 if dnf -y install ffmpeg ffmpeg-devel --allowerasing; then

package/src/api/user/user.model.js

@@ -73,7 +73,16 @@ const ProviderSchema = UserSchema;
 const UserDto = {
   select: {
     get: () => {
-      return { _id: 1, username: 1, email: 1, role: 1, emailConfirmed: 1, profileImageId: 1 };
+      return {
+        _id: 1,
+        username: 1,
+        email: 1,
+        role: 1,
+        emailConfirmed: 1,
+        profileImageId: 1,
+        createdAt: 1,
+        updatedAt: 1,
+      };
     },
     getAll: () => {
       return { _id: 1 };

package/src/cli/cluster.js

@@ -44,7 +44,8 @@ class UnderpostCluster {
      * @param {boolean} [options.listPods=false] - List Kubernetes pods.
      * @param {boolean} [options.reset=false] - Perform a comprehensive reset of Kubernetes and container environments.
      * @param {boolean} [options.dev=false] - Run in development mode (adjusts paths).
-     * @param {string} [options.nsUse=''] - Set the current kubectl namespace.
+     * @param {string} [options.nsUse=''] - Set the current kubectl namespace (creates namespace if it doesn't exist).
+     * @param {string} [options.namespace='default'] - Kubernetes namespace for cluster operations.
      * @param {boolean} [options.infoCapacity=false] - Display resource capacity information for the cluster.
      * @param {boolean} [options.infoCapacityPod=false] - Display resource capacity information for pods.
      * @param {boolean} [options.pullImage=false] - Pull necessary Docker images before deployment.
@@ -79,6 +80,7 @@ class UnderpostCluster {
         reset: false,
         dev: false,
         nsUse: '',
+        namespace: 'default',
         infoCapacity: false,
         infoCapacityPod: false,
         pullImage: false,
@@ -116,8 +118,26 @@ class UnderpostCluster {
       if (options.infoCapacity === true)
         return logger.info('', UnderpostCluster.API.getResourcesCapacity(options.kubeadm || options.k3s)); // Adjust for k3s
       if (options.listPods === true) return console.table(UnderpostDeploy.API.get(podName ?? undefined));
+      // Set default namespace if not specified
+      if (!options.namespace) options.namespace = 'default';
+
       if (options.nsUse && typeof options.nsUse === 'string') {
+        // Verify if namespace exists, create if not
+        const namespaceExists = shellExec(`kubectl get namespace ${options.nsUse} --ignore-not-found -o name`, {
+          stdout: true,
+          silent: true,
+        }).trim();
+
+        if (!namespaceExists) {
+          logger.info(`Namespace '${options.nsUse}' does not exist. Creating it...`);
+          shellExec(`kubectl create namespace ${options.nsUse}`);
+          logger.info(`Namespace '${options.nsUse}' created successfully.`);
+        } else {
+          logger.info(`Namespace '${options.nsUse}' already exists.`);
+        }
+
         shellExec(`kubectl config set-context --current --namespace=${options.nsUse}`);
+        logger.info(`Context switched to namespace: ${options.nsUse}`);
         return;
       }
       if (options.info === true) {
@@ -242,14 +262,17 @@ class UnderpostCluster {
           shellExec(
             `sudo kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.29.3/manifests/tigera-operator.yaml`,
           );
-          shellExec(`sudo kubectl apply -f ${underpostRoot}/manifests/kubeadm-calico-config.yaml`);
+          shellExec(
+            `sudo kubectl apply -f ${underpostRoot}/manifests/kubeadm-calico-config.yaml -n ${options.namespace}`,
+          );
+
           // Untaint control plane node to allow scheduling pods
           const nodeName = os.hostname();
           shellExec(`kubectl taint nodes ${nodeName} node-role.kubernetes.io/control-plane:NoSchedule-`);
           // Install local-path-provisioner for dynamic PVCs (optional but recommended)
           logger.info('Installing local-path-provisioner...');
           shellExec(
-            `kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml`,
+            `kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml -n ${options.namespace}`,
           );
         } else {
           // Kind cluster initialization (if not using kubeadm or k3s)
@@ -286,13 +309,13 @@ class UnderpostCluster {
       }
 
       if (options.grafana === true) {
-        shellExec(`kubectl delete deployment grafana --ignore-not-found`);
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/grafana`);
+        shellExec(`kubectl delete deployment grafana -n ${options.namespace} --ignore-not-found`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/grafana -n ${options.namespace}`);
         const yaml = `${fs
           .readFileSync(`${underpostRoot}/manifests/grafana/deployment.yaml`, 'utf8')
           .replace('{{GF_SERVER_ROOT_URL}}', options.hosts.split(',')[0])}`;
         console.log(yaml);
-        shellExec(`kubectl apply -f - <<EOF
+        shellExec(`kubectl apply -f - -n ${options.namespace} <<EOF
 ${yaml}
 EOF
 `);
@@ -311,7 +334,7 @@ EOF
             .join(',')}]`,
         )}`;
         console.log(yaml);
-        shellExec(`kubectl apply -f - <<EOF
+        shellExec(`kubectl apply -f - -n ${options.namespace} <<EOF
 ${yaml}
 EOF
 `);
@@ -340,15 +363,15 @@ EOF
             // For kubeadm/k3s, ensure it's available for containerd
             shellExec(`sudo crictl pull valkey/valkey:latest`);
         }
-        shellExec(`kubectl delete statefulset valkey-service --ignore-not-found`);
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/valkey`);
+        shellExec(`kubectl delete statefulset valkey-service -n ${options.namespace} --ignore-not-found`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/valkey -n ${options.namespace}`);
         await UnderpostTest.API.statusMonitor('valkey-service', 'Running', 'pods', 1000, 60);
       }
       if (options.full === true || options.mariadb === true) {
         shellExec(
-          `sudo kubectl create secret generic mariadb-secret --from-file=username=/home/dd/engine/engine-private/mariadb-username --from-file=password=/home/dd/engine/engine-private/mariadb-password --dry-run=client -o yaml | kubectl apply -f -`,
+          `sudo kubectl create secret generic mariadb-secret --from-file=username=/home/dd/engine/engine-private/mariadb-username --from-file=password=/home/dd/engine/engine-private/mariadb-password --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
-        shellExec(`kubectl delete statefulset mariadb-statefulset --ignore-not-found`);
+        shellExec(`kubectl delete statefulset mariadb-statefulset -n ${options.namespace} --ignore-not-found`);
 
         if (options.pullImage === true) {
           // shellExec(`sudo podman pull mariadb:latest`);
@@ -360,17 +383,17 @@ EOF
             // For kubeadm/k3s, ensure it's available for containerd
             shellExec(`sudo crictl pull mariadb:latest`);
         }
-        shellExec(`kubectl apply -f ${underpostRoot}/manifests/mariadb/storage-class.yaml`);
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mariadb`);
+        shellExec(`kubectl apply -f ${underpostRoot}/manifests/mariadb/storage-class.yaml -n ${options.namespace}`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mariadb -n ${options.namespace}`);
       }
       if (options.full === true || options.mysql === true) {
         shellExec(
-          `sudo kubectl create secret generic mysql-secret --from-file=username=/home/dd/engine/engine-private/mysql-username --from-file=password=/home/dd/engine/engine-private/mysql-password --dry-run=client -o yaml | kubectl apply -f -`,
+          `sudo kubectl create secret generic mysql-secret --from-file=username=/home/dd/engine/engine-private/mysql-username --from-file=password=/home/dd/engine/engine-private/mysql-password --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
         shellExec(`sudo mkdir -p /mnt/data`);
         shellExec(`sudo chmod 777 /mnt/data`);
         shellExec(`sudo chown -R root:root /mnt/data`);
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mysql`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mysql -n ${options.namespace}`);
       }
       if (options.full === true || options.postgresql === true) {
         if (options.pullImage === true) {
@@ -383,9 +406,9 @@ EOF
             shellExec(`sudo crictl pull postgres:latest`);
         }
         shellExec(
-          `sudo kubectl create secret generic postgres-secret --from-file=password=/home/dd/engine/engine-private/postgresql-password --dry-run=client -o yaml | kubectl apply -f -`,
+          `sudo kubectl create secret generic postgres-secret --from-file=password=/home/dd/engine/engine-private/postgresql-password --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/postgresql`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/postgresql -n ${options.namespace}`);
       }
       if (options.mongodb4 === true) {
         if (options.pullImage === true) {
@@ -397,7 +420,7 @@ EOF
             // For kubeadm/k3s, ensure it's available for containerd
             shellExec(`sudo crictl pull mongo:4.4`);
         }
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mongodb-4.4`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mongodb-4.4 -n ${options.namespace}`);
 
         const deploymentName = 'mongodb-deployment';
 
@@ -428,14 +451,14 @@ EOF
             shellExec(`sudo crictl pull mongo:latest`);
         }
         shellExec(
-          `sudo kubectl create secret generic mongodb-keyfile --from-file=/home/dd/engine/engine-private/mongodb-keyfile --dry-run=client -o yaml | kubectl apply -f -`,
+          `sudo kubectl create secret generic mongodb-keyfile --from-file=/home/dd/engine/engine-private/mongodb-keyfile --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
         shellExec(
-          `sudo kubectl create secret generic mongodb-secret --from-file=username=/home/dd/engine/engine-private/mongodb-username --from-file=password=/home/dd/engine/engine-private/mongodb-password --dry-run=client -o yaml | kubectl apply -f -`,
+          `sudo kubectl create secret generic mongodb-secret --from-file=username=/home/dd/engine/engine-private/mongodb-username --from-file=password=/home/dd/engine/engine-private/mongodb-password --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
-        shellExec(`kubectl delete statefulset mongodb --ignore-not-found`);
-        shellExec(`kubectl apply -f ${underpostRoot}/manifests/mongodb/storage-class.yaml`);
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mongodb`);
+        shellExec(`kubectl delete statefulset mongodb -n ${options.namespace} --ignore-not-found`);
+        shellExec(`kubectl apply -f ${underpostRoot}/manifests/mongodb/storage-class.yaml -n ${options.namespace}`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mongodb -n ${options.namespace}`);
 
         const successInstance = await UnderpostTest.API.statusMonitor('mongodb-0', 'Running', 'pods', 1000, 60 * 10);
 
@@ -456,10 +479,12 @@ EOF
       }
 
       if (options.full === true || options.contour === true) {
-        shellExec(`kubectl apply -f https://projectcontour.io/quickstart/contour.yaml`);
+        shellExec(`kubectl apply -f https://projectcontour.io/quickstart/contour.yaml -n ${options.namespace}`);
         if (options.kubeadm === true) {
           // Envoy service might need NodePort for kubeadm
-          shellExec(`sudo kubectl apply -f ${underpostRoot}/manifests/envoy-service-nodeport.yaml`);
+          shellExec(
+            `sudo kubectl apply -f ${underpostRoot}/manifests/envoy-service-nodeport.yaml -n ${options.namespace}`,
+          );
         }
         // K3s has a built-in LoadBalancer (Klipper-lb) that can expose services,
         // so a specific NodePort service might not be needed or can be configured differently.
@@ -479,7 +504,7 @@ EOF
 
         const letsEncName = 'letsencrypt-prod';
         shellExec(`sudo kubectl delete ClusterIssuer ${letsEncName} --ignore-not-found`);
-        shellExec(`sudo kubectl apply -f ${underpostRoot}/manifests/${letsEncName}.yaml`);
+        shellExec(`sudo kubectl apply -f ${underpostRoot}/manifests/${letsEncName}.yaml -n ${options.namespace}`);
       }
     },
 

package/src/cli/deploy.js

@@ -129,10 +129,11 @@ class UnderpostDeploy {
      * @param {object} resources - Resource configuration for the deployment.
      * @param {number} replicas - Number of replicas for the deployment.
      * @param {string} image - Docker image for the deployment.
+     * @param {string} namespace - Kubernetes namespace for the deployment.
      * @returns {string} - YAML deployment configuration for the specified deployment.
      * @memberof UnderpostDeploy
      */
-    deploymentYamlPartsFactory({ deployId, env, suffix, resources, replicas, image }) {
+    deploymentYamlPartsFactory({ deployId, env, suffix, resources, replicas, image, namespace }) {
       const packageJson = JSON.parse(fs.readFileSync('./package.json', 'utf8'));
       let volumes = [
         {
@@ -149,6 +150,7 @@ class UnderpostDeploy {
 kind: Deployment
 metadata:
   name: ${deployId}-${env}-${suffix}
+  namespace: ${namespace ? namespace : 'default'}
   labels:
     app: ${deployId}-${env}-${suffix}
 spec:
@@ -179,7 +181,7 @@ spec:
               npm install -g underpost &&
               underpost secret underpost --create-from-file /etc/config/.env.${env} &&
               underpost start --build --run ${deployId} ${env}
-${UnderpostDeploy.API.volumeFactory(volumes)
+${UnderpostDeploy.API.volumeFactory(volumes.map((v) => ((v.version = `${deployId}-${env}-${suffix}`), v)))
   .render.split(`\n`)
   .map((l) => '    ' + l)
   .join(`\n`)}
@@ -188,6 +190,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: ${deployId}-${env}-${suffix}-service
+  namespace: ${namespace}
 spec:
   selector:
     app: ${deployId}-${env}-${suffix}
@@ -201,6 +204,7 @@ spec:
      * @param {object} options - Options for the manifest build process.
      * @param {string} options.replicas - Number of replicas for each deployment.
      * @param {string} options.image - Docker image for the deployment.
+     * @param {string} options.namespace - Kubernetes namespace for the deployment.
      * @returns {Promise<void>} - Promise that resolves when the manifest is built.
      * @memberof UnderpostDeploy
      */
@@ -208,6 +212,7 @@ spec:
       const resources = UnderpostDeploy.API.resourcesFactory();
       const replicas = options.replicas;
       const image = options.image;
+      if (!options.namespace) options.namespace = 'default';
 
       for (const _deployId of deployList.split(',')) {
         const deployId = _deployId.trim();
@@ -235,6 +240,7 @@ ${UnderpostDeploy.API.deploymentYamlPartsFactory({
   resources,
   replicas,
   image,
+  namespace: options.namespace,
 }).replace('{{ports}}', buildKindPorts(fromPort, toPort))}
 `;
         }
@@ -257,6 +263,7 @@ apiVersion: projectcontour.io/v1
 kind: HTTPProxy
 metadata:
   name: ${host}
+  namespace: ${options.namespace}
 spec:
   virtualhost:
     fqdn: ${host}${
@@ -316,16 +323,18 @@ spec:
     /**
      * Builds a Certificate resource for a host using cert-manager.
      * @param {string} host - Hostname for which the certificate is being built.
+     * @param {string} namespace - Kubernetes namespace for the certificate.
      * @returns {string} - Certificate resource YAML for the specified host.
      * @memberof UnderpostDeploy
      */
-    buildCertManagerCertificate({ host }) {
+    buildCertManagerCertificate({ host, namespace }) {
       return `
 ---
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
   name: ${host}
+  namespace: ${namespace}
 spec:
   commonName: ${host}
   dnsNames:
@@ -376,6 +385,7 @@ spec:
      * @param {boolean} options.status - Whether to display deployment status.
      * @param {boolean} options.etcHosts - Whether to display the /etc/hosts file.
      * @param {boolean} options.disableUpdateUnderpostConfig - Whether to disable Underpost config updates.
+     * @param {string} [options.namespace] - Kubernetes namespace for the deployment.
      * @returns {Promise<void>} - Promise that resolves when the deployment process is complete.
      * @memberof UnderpostDeploy
      */
@@ -404,6 +414,7 @@ spec:
         status: false,
         etcHosts: false,
         disableUpdateUnderpostConfig: false,
+        namespace: '',
       },
     ) {
       if (options.infoUtil === true)
@@ -437,15 +448,16 @@ kubectl wait --for=jsonpath='{.status.phase}'=Running pod/busybox1
 kubectl wait --for='jsonpath={.status.conditions[?(@.type=="Ready")].status}=True' pod/busybox1
 kubectl wait --for=delete pod/busybox1 --timeout=60s
 
-fqdn: <service>.<namespace>.<kind(svc/pod)>.<cluster-domain(cluster.local)>
 node bin run cluster-build
 node bin run template-deploy
 node bin run ssh-deploy (sync-)engine-core
 node bin run cluster --dev 'express,dd-test+dd-core'
 node bin run dd-container --dev
+node bin run promote dd-default production
 node bin dockerfile-pull-base-images --dev --path 'image-path' --kind-load
 node bin/deploy update-default-conf <deploy-id>
 
+fqdn: <service>.<namespace>.<kind(svc/pod)>.<cluster-domain(cluster.local)>
 kubectl run --rm -it test-dns --image=busybox:latest --restart=Never -- /bin/sh -c "
   nslookup kubernetes.default.svc.cluster.local;
   nslookup mongodb-service.default.svc.cluster.local;
@@ -467,10 +479,11 @@ docker login nvcr.io
 Username: $oauthtoken
 Password: <Your Key>
 `);
+      const namespace = options.namespace ? options.namespace : 'default';
       if (!deployList && options.certHosts) {
         for (const host of options.certHosts.split(',')) {
-          shellExec(`sudo kubectl apply -f - <<EOF
-${UnderpostDeploy.API.buildCertManagerCertificate({ host })}
+          shellExec(`sudo kubectl apply -f - -n ${namespace} <<EOF
+${UnderpostDeploy.API.buildCertManagerCertificate({ host, namespace })}
 EOF`);
         }
         return;
@@ -532,36 +545,44 @@ EOF`);
           continue;
         }
 
-        if (!options.disableUpdateDeployment)
-          for (const version of options.versions.split(',')) {
-            shellExec(`sudo kubectl delete svc ${deployId}-${env}-${version}-service`);
-            shellExec(`sudo kubectl delete deployment ${deployId}-${env}-${version}`);
-          }
-
         const confServer = JSON.parse(fs.readFileSync(`./engine-private/conf/${deployId}/conf.server.json`, 'utf8'));
         const confVolume = fs.existsSync(`./engine-private/conf/${deployId}/conf.volume.json`)
           ? JSON.parse(fs.readFileSync(`./engine-private/conf/${deployId}/conf.volume.json`, 'utf8'))
           : [];
 
-        if (!options.disableUpdateVolume) {
-          for (const volume of confVolume) {
-            shellExec(`kubectl delete pvc ${volume.claimName}`);
-            shellExec(`kubectl delete pv ${volume.claimName.replace('pvc-', 'pv-')}`);
-            shellExec(`kubectl apply -f - <<EOF
+        if (!options.disableUpdateDeployment)
+          for (const version of options.versions.split(',')) {
+            shellExec(
+              `sudo kubectl delete svc ${deployId}-${env}-${version}-service -n ${namespace} --ignore-not-found`,
+            );
+            shellExec(
+              `sudo kubectl delete deployment ${deployId}-${env}-${version} -n ${namespace} --ignore-not-found`,
+            );
+            if (!options.disableUpdateVolume) {
+              for (const volume of confVolume) {
+                const pvcId = `${volume.claimName}-${deployId}-${env}-${version}`;
+                const pvId = `${volume.claimName.replace('pvc-', 'pv-')}-${deployId}-${env}-${version}`;
+                const rootVolumeHostPath = `/home/dd/engine/volume/${pvId}`;
+                if (!fs.existsSync(rootVolumeHostPath)) fs.mkdirSync(rootVolumeHostPath, { recursive: true });
+                fs.copySync(volume.volumeMountPath, rootVolumeHostPath);
+                shellExec(`kubectl delete pvc ${pvcId} -n ${namespace} --ignore-not-found`);
+                shellExec(`kubectl delete pv ${pvId} --ignore-not-found`);
+                shellExec(`kubectl apply -f - -n ${namespace} <<EOF
 ${UnderpostDeploy.API.persistentVolumeFactory({
-  hostPath: volume.volumeMountPath,
-  pvcId: volume.claimName,
+  hostPath: rootVolumeHostPath,
+  pvcId,
 })}
 EOF
 `);
+              }
+            }
           }
-        }
 
         for (const host of Object.keys(confServer)) {
           if (!options.disableUpdateProxy) {
-            shellExec(`sudo kubectl delete HTTPProxy ${host}`);
+            shellExec(`sudo kubectl delete HTTPProxy ${host} -n ${namespace} --ignore-not-found`);
             if (UnderpostDeploy.API.isValidTLSContext({ host, env, options }))
-              shellExec(`sudo kubectl delete Certificate ${host}`);
+              shellExec(`sudo kubectl delete Certificate ${host} -n ${namespace} --ignore-not-found`);
           }
           if (!options.remove) etcHosts.push(host);
         }
@@ -572,11 +593,13 @@ EOF
             : `manifests/deployment/${deployId}-${env}`;
 
         if (!options.remove) {
-          if (!options.disableUpdateDeployment) shellExec(`sudo kubectl apply -f ./${manifestsPath}/deployment.yaml`);
-          if (!options.disableUpdateProxy) shellExec(`sudo kubectl apply -f ./${manifestsPath}/proxy.yaml`);
+          if (!options.disableUpdateDeployment)
+            shellExec(`sudo kubectl apply -f ./${manifestsPath}/deployment.yaml -n ${namespace}`);
+          if (!options.disableUpdateProxy)
+            shellExec(`sudo kubectl apply -f ./${manifestsPath}/proxy.yaml -n ${namespace}`);
 
           if (UnderpostDeploy.API.isValidTLSContext({ host: Object.keys(confServer)[0], env, options }))
-            shellExec(`sudo kubectl apply -f ./${manifestsPath}/secret.yaml`);
+            shellExec(`sudo kubectl apply -f ./${manifestsPath}/secret.yaml -n ${namespace}`);
         }
       }
       if (options.etcHosts === true) {
@@ -593,15 +616,19 @@ EOF
      * Retrieves information about a deployment.
      * @param {string} deployId - Deployment ID for which information is being retrieved.
      * @param {string} kindType - Type of Kubernetes resource to retrieve information for (e.g. 'pods').
+     * @param {string} namespace - Kubernetes namespace to retrieve information from.
      * @returns {Array<object>} - Array of objects containing information about the deployment.
      * @memberof UnderpostDeploy
      */
-    get(deployId, kindType = 'pods') {
-      const raw = shellExec(`sudo kubectl get ${kindType} --all-namespaces -o wide`, {
-        stdout: true,
-        disableLog: true,
-        silent: true,
-      });
+    get(deployId, kindType = 'pods', namespace = '') {
+      const raw = shellExec(
+        `sudo kubectl get ${kindType}${namespace ? ` -n ${namespace}` : ` --all-namespaces`} -o wide`,
+        {
+          stdout: true,
+          disableLog: true,
+          silent: true,
+        },
+      );
 
       const heads = raw
         .split(`\n`)[0]
@@ -715,12 +742,13 @@ EOF
     /**
      * Creates a configmap for a deployment.
      * @param {string} env - Environment for which the configmap is being created.
+     * @param {string} [namespace='default'] - Kubernetes namespace for the configmap.
      * @memberof UnderpostDeploy
      */
-    configMap(env) {
-      shellExec(`kubectl delete configmap underpost-config`);
+    configMap(env, namespace = 'default') {
+      shellExec(`kubectl delete configmap underpost-config -n ${namespace} --ignore-not-found`);
       shellExec(
-        `kubectl create configmap underpost-config --from-file=/home/dd/engine/engine-private/conf/dd-cron/.env.${env}`,
+        `kubectl create configmap underpost-config --from-file=/home/dd/engine/engine-private/conf/dd-cron/.env.${env} --dry-run=client -o yaml | kubectl apply -f - -n ${namespace}`,
       );
     },
     /**
@@ -729,14 +757,15 @@ EOF
      * @param {string} env - Environment for which the traffic is being switched.
      * @param {string} targetTraffic - Target traffic status for the deployment.
      * @param {number} replicas - Number of replicas for the deployment.
+     * @param {string} [namespace='default'] - Kubernetes namespace for the deployment.
      * @memberof UnderpostDeploy
      */
-    switchTraffic(deployId, env, targetTraffic, replicas = 1) {
+    switchTraffic(deployId, env, targetTraffic, replicas = 1, namespace = 'default') {
       UnderpostRootEnv.API.set(`${deployId}-${env}-traffic`, targetTraffic);
       shellExec(
-        `node bin deploy --info-router --build-manifest --traffic ${targetTraffic} --replicas ${replicas} ${deployId} ${env}`,
+        `node bin deploy --info-router --build-manifest --traffic ${targetTraffic} --replicas ${replicas} --namespace ${namespace} ${deployId} ${env}`,
       );
-      shellExec(`sudo kubectl apply -f ./engine-private/conf/${deployId}/build/${env}/proxy.yaml`);
+      shellExec(`sudo kubectl apply -f ./engine-private/conf/${deployId}/build/${env}/proxy.yaml -n ${namespace}`);
     },
 
     /**
@@ -760,6 +789,7 @@ EOF
           volumeType: 'Directory',
           claimName: null,
           configMap: null,
+          version: null,
         },
       ],
     ) {
@@ -768,7 +798,11 @@ EOF
       let _volumes = `
   volumes:`;
       volumes.map((volumeData) => {
-        const { volumeName, volumeMountPath, volumeHostPath, volumeType, claimName, configMap } = volumeData;
+        let { volumeName, volumeMountPath, volumeHostPath, volumeType, claimName, configMap, version } = volumeData;
+        if (version) {
+          volumeName = `${volumeName}-${version}`;
+          claimName = claimName ? `${claimName}-${version}` : null;
+        }
         _volumeMounts += `
         - name: ${volumeName}
           mountPath: ${volumeMountPath}
@@ -899,7 +933,7 @@ ${renderHosts}`,
     getCurrentLoadedImages(node = 'kind-worker', specContainers = false) {
       if (specContainers) {
         const raw = shellExec(
-          `kubectl get pods --all-namespaces -o=jsonpath='{range .items[*]}{"\\n"}{.metadata.name}{":\\t"}{range .spec.containers[*]}{.image}{", "}{end}{end}'`,
+          `kubectl get pods --all-namespaces -o=jsonpath='{range .items[*]}{"\\n"}{.metadata.namespace}{"/"}{.metadata.name}{":\\t"}{range .spec.containers[*]}{.image}{", "}{end}{end}'`,
           {
             stdout: true,
             silent: true,