underpost 2.89.37 → 2.89.44

package/scripts/device-scan.sh

@@ -1,26 +1,42 @@
 #!/usr/bin/env bash
+set -u -o pipefail
 
 for iface_path in /sys/class/net/*; do
+  [ -e "$iface_path" ] || continue
   name=$(basename "$iface_path")
-  mac=$(< "$iface_path/address")
-  ip=$(ip -4 addr show dev "$name" \
-       | grep -oP '(?<=inet\s)\d+(\.\d+){3}' || echo "—")
-  operstate=$(< "$iface_path/operstate")
-  mtu=$(< "$iface_path/mtu")
-
-  # Driver
-  if [ -L "$iface_path/device/driver" ]; then
+
+  # MAC address
+  if [ -r "$iface_path/address" ]; then
+    mac=$(< "$iface_path/address")
+  else
+    mac="—"
+  fi
+
+  # IPv4: collect all IPv4 CIDRs, strip masks, join with commas (or show —)
+  ip_info=$(ip -4 -o addr show dev "$name" 2>/dev/null | awk '{print $4}')
+  if [ -n "$ip_info" ]; then
+    # Use word-splitting intentionally to iterate lines from ip_info
+    ip=$(printf "%s\n" $ip_info | awk -F/ '{print $1}' | paste -sd, -)
+  else
+    ip="—"
+  fi
+
+  # operstate and mtu
+  operstate=$(< "$iface_path/operstate" 2>/dev/null || echo "—")
+  mtu=$(< "$iface_path/mtu" 2>/dev/null || echo "—")
+
+  # Driver (if available)
+  if [ -e "$iface_path/device/driver" ]; then
     driver=$(basename "$(readlink -f "$iface_path/device/driver")")
   else
     driver="—"
   fi
 
-  # Vendor device ID PCI
+  # PCI vendor:device (if available)
   pci_dev="$iface_path/device"
-  if [ -f "$pci_dev/vendor" ] && [ -f "$pci_dev/device" ]; then
+  if [ -r "$pci_dev/vendor" ] && [ -r "$pci_dev/device" ]; then
     vendor_id=$(< "$pci_dev/vendor")
     device_id=$(< "$pci_dev/device")
-    # parse 0x8086 to 8086, etc.
     vendor_id=${vendor_id#0x}
     device_id=${device_id#0x}
     pci="${vendor_id}:${device_id}"
@@ -28,16 +44,22 @@ for iface_path in /sys/class/net/*; do
     pci="—"
   fi
 
-  # Link Speed
+  # Link speed: only append unit if numeric
   speed=$(cat "$iface_path/speed" 2>/dev/null || echo "—")
+  if [[ "$speed" =~ ^[0-9]+$ ]]; then
+    speed_label="${speed} Mb/s"
+  else
+    speed_label="$speed"
+  fi
+
+  # Print formatted output
+  printf 'Interface: %s\n' "$name"
+  printf '  MAC:          %s\n' "$mac"
+  printf '  IPv4:         %s\n' "$ip"
+  printf '  State:        %s\n' "$operstate"
+  printf '  MTU:          %s\n' "$mtu"
+  printf '  Driver:       %s\n' "$driver"
+  printf '  PCI Vendor:Device: %s\n' "$pci"
+  printf '  Link Speed:   %s\n\n' "$speed_label"
 
-  echo "Interface: $name"
-  echo "  MAC:          $mac"
-  echo "  IPv4:         $ip"
-  echo "  State:       $operstate"
-  echo "  MTU:          $mtu"
-  echo "  Driver:       $driver"
-  echo "  PCI Vendor:Device ID: $pci"
-  echo "  Link Speed:   ${speed}Mb/s"
-  echo
 done

package/scripts/rpmfusion-ffmpeg-setup.sh

@@ -32,6 +32,7 @@ echo "6) Try to install audio helper packages that sometimes block ffmpeg (ladsp
 # These may be provided by CRB/EPEL or other compatible repos
 dnf -y install ladspa || echo "ladspa not available from enabled repos (will try later)"
 dnf -y install rubberband || echo "rubberband not available from enabled repos (will try later)"
+dnf -y install libwebp-tools || echo "libwebp-tools not available from enabled repos (will try later)"
 
 echo "7) Try installing ffmpeg (several fallbacks tried)"
 if dnf -y install ffmpeg ffmpeg-devel --allowerasing; then

package/src/cli/cluster.js

@@ -44,7 +44,8 @@ class UnderpostCluster {
      * @param {boolean} [options.listPods=false] - List Kubernetes pods.
      * @param {boolean} [options.reset=false] - Perform a comprehensive reset of Kubernetes and container environments.
      * @param {boolean} [options.dev=false] - Run in development mode (adjusts paths).
-     * @param {string} [options.nsUse=''] - Set the current kubectl namespace.
+     * @param {string} [options.nsUse=''] - Set the current kubectl namespace (creates namespace if it doesn't exist).
+     * @param {string} [options.namespace='default'] - Kubernetes namespace for cluster operations.
      * @param {boolean} [options.infoCapacity=false] - Display resource capacity information for the cluster.
      * @param {boolean} [options.infoCapacityPod=false] - Display resource capacity information for pods.
      * @param {boolean} [options.pullImage=false] - Pull necessary Docker images before deployment.
@@ -79,6 +80,7 @@ class UnderpostCluster {
         reset: false,
         dev: false,
         nsUse: '',
+        namespace: 'default',
         infoCapacity: false,
         infoCapacityPod: false,
         pullImage: false,
@@ -116,8 +118,26 @@ class UnderpostCluster {
       if (options.infoCapacity === true)
         return logger.info('', UnderpostCluster.API.getResourcesCapacity(options.kubeadm || options.k3s)); // Adjust for k3s
       if (options.listPods === true) return console.table(UnderpostDeploy.API.get(podName ?? undefined));
+      // Set default namespace if not specified
+      if (!options.namespace) options.namespace = 'default';
+
       if (options.nsUse && typeof options.nsUse === 'string') {
+        // Verify if namespace exists, create if not
+        const namespaceExists = shellExec(`kubectl get namespace ${options.nsUse} --ignore-not-found -o name`, {
+          stdout: true,
+          silent: true,
+        }).trim();
+
+        if (!namespaceExists) {
+          logger.info(`Namespace '${options.nsUse}' does not exist. Creating it...`);
+          shellExec(`kubectl create namespace ${options.nsUse}`);
+          logger.info(`Namespace '${options.nsUse}' created successfully.`);
+        } else {
+          logger.info(`Namespace '${options.nsUse}' already exists.`);
+        }
+
         shellExec(`kubectl config set-context --current --namespace=${options.nsUse}`);
+        logger.info(`Context switched to namespace: ${options.nsUse}`);
         return;
       }
       if (options.info === true) {
@@ -242,14 +262,17 @@ class UnderpostCluster {
           shellExec(
             `sudo kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.29.3/manifests/tigera-operator.yaml`,
           );
-          shellExec(`sudo kubectl apply -f ${underpostRoot}/manifests/kubeadm-calico-config.yaml`);
+          shellExec(
+            `sudo kubectl apply -f ${underpostRoot}/manifests/kubeadm-calico-config.yaml -n ${options.namespace}`,
+          );
+
           // Untaint control plane node to allow scheduling pods
           const nodeName = os.hostname();
           shellExec(`kubectl taint nodes ${nodeName} node-role.kubernetes.io/control-plane:NoSchedule-`);
           // Install local-path-provisioner for dynamic PVCs (optional but recommended)
           logger.info('Installing local-path-provisioner...');
           shellExec(
-            `kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml`,
+            `kubectl apply -f https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml -n ${options.namespace}`,
           );
         } else {
           // Kind cluster initialization (if not using kubeadm or k3s)
@@ -286,13 +309,13 @@ class UnderpostCluster {
       }
 
       if (options.grafana === true) {
-        shellExec(`kubectl delete deployment grafana --ignore-not-found`);
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/grafana`);
+        shellExec(`kubectl delete deployment grafana -n ${options.namespace} --ignore-not-found`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/grafana -n ${options.namespace}`);
         const yaml = `${fs
           .readFileSync(`${underpostRoot}/manifests/grafana/deployment.yaml`, 'utf8')
           .replace('{{GF_SERVER_ROOT_URL}}', options.hosts.split(',')[0])}`;
         console.log(yaml);
-        shellExec(`kubectl apply -f - <<EOF
+        shellExec(`kubectl apply -f - -n ${options.namespace} <<EOF
 ${yaml}
 EOF
 `);
@@ -311,7 +334,7 @@ EOF
             .join(',')}]`,
         )}`;
         console.log(yaml);
-        shellExec(`kubectl apply -f - <<EOF
+        shellExec(`kubectl apply -f - -n ${options.namespace} <<EOF
 ${yaml}
 EOF
 `);
@@ -340,15 +363,15 @@ EOF
             // For kubeadm/k3s, ensure it's available for containerd
             shellExec(`sudo crictl pull valkey/valkey:latest`);
         }
-        shellExec(`kubectl delete statefulset valkey-service --ignore-not-found`);
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/valkey`);
+        shellExec(`kubectl delete statefulset valkey-service -n ${options.namespace} --ignore-not-found`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/valkey -n ${options.namespace}`);
         await UnderpostTest.API.statusMonitor('valkey-service', 'Running', 'pods', 1000, 60);
       }
       if (options.full === true || options.mariadb === true) {
         shellExec(
-          `sudo kubectl create secret generic mariadb-secret --from-file=username=/home/dd/engine/engine-private/mariadb-username --from-file=password=/home/dd/engine/engine-private/mariadb-password --dry-run=client -o yaml | kubectl apply -f -`,
+          `sudo kubectl create secret generic mariadb-secret --from-file=username=/home/dd/engine/engine-private/mariadb-username --from-file=password=/home/dd/engine/engine-private/mariadb-password --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
-        shellExec(`kubectl delete statefulset mariadb-statefulset --ignore-not-found`);
+        shellExec(`kubectl delete statefulset mariadb-statefulset -n ${options.namespace} --ignore-not-found`);
 
         if (options.pullImage === true) {
           // shellExec(`sudo podman pull mariadb:latest`);
@@ -360,17 +383,17 @@ EOF
             // For kubeadm/k3s, ensure it's available for containerd
             shellExec(`sudo crictl pull mariadb:latest`);
         }
-        shellExec(`kubectl apply -f ${underpostRoot}/manifests/mariadb/storage-class.yaml`);
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mariadb`);
+        shellExec(`kubectl apply -f ${underpostRoot}/manifests/mariadb/storage-class.yaml -n ${options.namespace}`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mariadb -n ${options.namespace}`);
       }
       if (options.full === true || options.mysql === true) {
         shellExec(
-          `sudo kubectl create secret generic mysql-secret --from-file=username=/home/dd/engine/engine-private/mysql-username --from-file=password=/home/dd/engine/engine-private/mysql-password --dry-run=client -o yaml | kubectl apply -f -`,
+          `sudo kubectl create secret generic mysql-secret --from-file=username=/home/dd/engine/engine-private/mysql-username --from-file=password=/home/dd/engine/engine-private/mysql-password --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
         shellExec(`sudo mkdir -p /mnt/data`);
         shellExec(`sudo chmod 777 /mnt/data`);
         shellExec(`sudo chown -R root:root /mnt/data`);
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mysql`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mysql -n ${options.namespace}`);
       }
       if (options.full === true || options.postgresql === true) {
         if (options.pullImage === true) {
@@ -383,9 +406,9 @@ EOF
             shellExec(`sudo crictl pull postgres:latest`);
         }
         shellExec(
-          `sudo kubectl create secret generic postgres-secret --from-file=password=/home/dd/engine/engine-private/postgresql-password --dry-run=client -o yaml | kubectl apply -f -`,
+          `sudo kubectl create secret generic postgres-secret --from-file=password=/home/dd/engine/engine-private/postgresql-password --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/postgresql`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/postgresql -n ${options.namespace}`);
       }
       if (options.mongodb4 === true) {
         if (options.pullImage === true) {
@@ -397,7 +420,7 @@ EOF
             // For kubeadm/k3s, ensure it's available for containerd
             shellExec(`sudo crictl pull mongo:4.4`);
         }
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mongodb-4.4`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mongodb-4.4 -n ${options.namespace}`);
 
         const deploymentName = 'mongodb-deployment';
 
@@ -428,14 +451,14 @@ EOF
             shellExec(`sudo crictl pull mongo:latest`);
         }
         shellExec(
-          `sudo kubectl create secret generic mongodb-keyfile --from-file=/home/dd/engine/engine-private/mongodb-keyfile --dry-run=client -o yaml | kubectl apply -f -`,
+          `sudo kubectl create secret generic mongodb-keyfile --from-file=/home/dd/engine/engine-private/mongodb-keyfile --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
         shellExec(
-          `sudo kubectl create secret generic mongodb-secret --from-file=username=/home/dd/engine/engine-private/mongodb-username --from-file=password=/home/dd/engine/engine-private/mongodb-password --dry-run=client -o yaml | kubectl apply -f -`,
+          `sudo kubectl create secret generic mongodb-secret --from-file=username=/home/dd/engine/engine-private/mongodb-username --from-file=password=/home/dd/engine/engine-private/mongodb-password --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
-        shellExec(`kubectl delete statefulset mongodb --ignore-not-found`);
-        shellExec(`kubectl apply -f ${underpostRoot}/manifests/mongodb/storage-class.yaml`);
-        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mongodb`);
+        shellExec(`kubectl delete statefulset mongodb -n ${options.namespace} --ignore-not-found`);
+        shellExec(`kubectl apply -f ${underpostRoot}/manifests/mongodb/storage-class.yaml -n ${options.namespace}`);
+        shellExec(`kubectl apply -k ${underpostRoot}/manifests/mongodb -n ${options.namespace}`);
 
         const successInstance = await UnderpostTest.API.statusMonitor('mongodb-0', 'Running', 'pods', 1000, 60 * 10);
 
@@ -456,10 +479,12 @@ EOF
       }
 
       if (options.full === true || options.contour === true) {
-        shellExec(`kubectl apply -f https://projectcontour.io/quickstart/contour.yaml`);
+        shellExec(`kubectl apply -f https://projectcontour.io/quickstart/contour.yaml -n ${options.namespace}`);
         if (options.kubeadm === true) {
           // Envoy service might need NodePort for kubeadm
-          shellExec(`sudo kubectl apply -f ${underpostRoot}/manifests/envoy-service-nodeport.yaml`);
+          shellExec(
+            `sudo kubectl apply -f ${underpostRoot}/manifests/envoy-service-nodeport.yaml -n ${options.namespace}`,
+          );
         }
         // K3s has a built-in LoadBalancer (Klipper-lb) that can expose services,
         // so a specific NodePort service might not be needed or can be configured differently.
@@ -479,7 +504,7 @@ EOF
 
         const letsEncName = 'letsencrypt-prod';
         shellExec(`sudo kubectl delete ClusterIssuer ${letsEncName} --ignore-not-found`);
-        shellExec(`sudo kubectl apply -f ${underpostRoot}/manifests/${letsEncName}.yaml`);
+        shellExec(`sudo kubectl apply -f ${underpostRoot}/manifests/${letsEncName}.yaml -n ${options.namespace}`);
       }
     },
 

package/src/cli/deploy.js

@@ -129,10 +129,11 @@ class UnderpostDeploy {
      * @param {object} resources - Resource configuration for the deployment.
      * @param {number} replicas - Number of replicas for the deployment.
      * @param {string} image - Docker image for the deployment.
+     * @param {string} namespace - Kubernetes namespace for the deployment.
      * @returns {string} - YAML deployment configuration for the specified deployment.
      * @memberof UnderpostDeploy
      */
-    deploymentYamlPartsFactory({ deployId, env, suffix, resources, replicas, image }) {
+    deploymentYamlPartsFactory({ deployId, env, suffix, resources, replicas, image, namespace }) {
       const packageJson = JSON.parse(fs.readFileSync('./package.json', 'utf8'));
       let volumes = [
         {
@@ -149,6 +150,7 @@ class UnderpostDeploy {
 kind: Deployment
 metadata:
   name: ${deployId}-${env}-${suffix}
+  namespace: ${namespace ? namespace : 'default'}
   labels:
     app: ${deployId}-${env}-${suffix}
 spec:
@@ -188,6 +190,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: ${deployId}-${env}-${suffix}-service
+  namespace: ${namespace}
 spec:
   selector:
     app: ${deployId}-${env}-${suffix}
@@ -201,6 +204,7 @@ spec:
      * @param {object} options - Options for the manifest build process.
      * @param {string} options.replicas - Number of replicas for each deployment.
      * @param {string} options.image - Docker image for the deployment.
+     * @param {string} options.namespace - Kubernetes namespace for the deployment.
      * @returns {Promise<void>} - Promise that resolves when the manifest is built.
      * @memberof UnderpostDeploy
      */
@@ -208,6 +212,7 @@ spec:
       const resources = UnderpostDeploy.API.resourcesFactory();
       const replicas = options.replicas;
       const image = options.image;
+      if (!options.namespace) options.namespace = 'default';
 
       for (const _deployId of deployList.split(',')) {
         const deployId = _deployId.trim();
@@ -235,6 +240,7 @@ ${UnderpostDeploy.API.deploymentYamlPartsFactory({
   resources,
   replicas,
   image,
+  namespace: options.namespace,
 }).replace('{{ports}}', buildKindPorts(fromPort, toPort))}
 `;
         }
@@ -257,6 +263,7 @@ apiVersion: projectcontour.io/v1
 kind: HTTPProxy
 metadata:
   name: ${host}
+  namespace: ${options.namespace}
 spec:
   virtualhost:
     fqdn: ${host}${
@@ -316,16 +323,18 @@ spec:
     /**
      * Builds a Certificate resource for a host using cert-manager.
      * @param {string} host - Hostname for which the certificate is being built.
+     * @param {string} namespace - Kubernetes namespace for the certificate.
      * @returns {string} - Certificate resource YAML for the specified host.
      * @memberof UnderpostDeploy
      */
-    buildCertManagerCertificate({ host }) {
+    buildCertManagerCertificate({ host, namespace }) {
       return `
 ---
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
   name: ${host}
+  namespace: ${namespace}
 spec:
   commonName: ${host}
   dnsNames:
@@ -376,6 +385,7 @@ spec:
      * @param {boolean} options.status - Whether to display deployment status.
      * @param {boolean} options.etcHosts - Whether to display the /etc/hosts file.
      * @param {boolean} options.disableUpdateUnderpostConfig - Whether to disable Underpost config updates.
+     * @param {string} [options.namespace] - Kubernetes namespace for the deployment.
      * @returns {Promise<void>} - Promise that resolves when the deployment process is complete.
      * @memberof UnderpostDeploy
      */
@@ -404,6 +414,7 @@ spec:
         status: false,
         etcHosts: false,
         disableUpdateUnderpostConfig: false,
+        namespace: '',
       },
     ) {
       if (options.infoUtil === true)
@@ -437,7 +448,6 @@ kubectl wait --for=jsonpath='{.status.phase}'=Running pod/busybox1
 kubectl wait --for='jsonpath={.status.conditions[?(@.type=="Ready")].status}=True' pod/busybox1
 kubectl wait --for=delete pod/busybox1 --timeout=60s
 
-fqdn: <service>.<namespace>.<kind(svc/pod)>.<cluster-domain(cluster.local)>
 node bin run cluster-build
 node bin run template-deploy
 node bin run ssh-deploy (sync-)engine-core
@@ -447,6 +457,7 @@ node bin run promote dd-default production
 node bin dockerfile-pull-base-images --dev --path 'image-path' --kind-load
 node bin/deploy update-default-conf <deploy-id>
 
+fqdn: <service>.<namespace>.<kind(svc/pod)>.<cluster-domain(cluster.local)>
 kubectl run --rm -it test-dns --image=busybox:latest --restart=Never -- /bin/sh -c "
   nslookup kubernetes.default.svc.cluster.local;
   nslookup mongodb-service.default.svc.cluster.local;
@@ -468,10 +479,11 @@ docker login nvcr.io
 Username: $oauthtoken
 Password: <Your Key>
 `);
+      const namespace = options.namespace ? options.namespace : 'default';
       if (!deployList && options.certHosts) {
         for (const host of options.certHosts.split(',')) {
-          shellExec(`sudo kubectl apply -f - <<EOF
-${UnderpostDeploy.API.buildCertManagerCertificate({ host })}
+          shellExec(`sudo kubectl apply -f - -n ${namespace} <<EOF
+${UnderpostDeploy.API.buildCertManagerCertificate({ host, namespace })}
 EOF`);
         }
         return;
@@ -540,8 +552,12 @@ EOF`);
 
         if (!options.disableUpdateDeployment)
           for (const version of options.versions.split(',')) {
-            shellExec(`sudo kubectl delete svc ${deployId}-${env}-${version}-service`);
-            shellExec(`sudo kubectl delete deployment ${deployId}-${env}-${version}`);
+            shellExec(
+              `sudo kubectl delete svc ${deployId}-${env}-${version}-service -n ${namespace} --ignore-not-found`,
+            );
+            shellExec(
+              `sudo kubectl delete deployment ${deployId}-${env}-${version} -n ${namespace} --ignore-not-found`,
+            );
             if (!options.disableUpdateVolume) {
               for (const volume of confVolume) {
                 const pvcId = `${volume.claimName}-${deployId}-${env}-${version}`;
@@ -549,9 +565,9 @@ EOF`);
                 const rootVolumeHostPath = `/home/dd/engine/volume/${pvId}`;
                 if (!fs.existsSync(rootVolumeHostPath)) fs.mkdirSync(rootVolumeHostPath, { recursive: true });
                 fs.copySync(volume.volumeMountPath, rootVolumeHostPath);
-                shellExec(`kubectl delete pvc ${pvcId}`);
-                shellExec(`kubectl delete pv ${pvId}`);
-                shellExec(`kubectl apply -f - <<EOF
+                shellExec(`kubectl delete pvc ${pvcId} -n ${namespace} --ignore-not-found`);
+                shellExec(`kubectl delete pv ${pvId} --ignore-not-found`);
+                shellExec(`kubectl apply -f - -n ${namespace} <<EOF
 ${UnderpostDeploy.API.persistentVolumeFactory({
   hostPath: rootVolumeHostPath,
   pvcId,
@@ -564,9 +580,9 @@ EOF
 
         for (const host of Object.keys(confServer)) {
           if (!options.disableUpdateProxy) {
-            shellExec(`sudo kubectl delete HTTPProxy ${host}`);
+            shellExec(`sudo kubectl delete HTTPProxy ${host} -n ${namespace} --ignore-not-found`);
             if (UnderpostDeploy.API.isValidTLSContext({ host, env, options }))
-              shellExec(`sudo kubectl delete Certificate ${host}`);
+              shellExec(`sudo kubectl delete Certificate ${host} -n ${namespace} --ignore-not-found`);
           }
           if (!options.remove) etcHosts.push(host);
         }
@@ -577,11 +593,13 @@ EOF
             : `manifests/deployment/${deployId}-${env}`;
 
         if (!options.remove) {
-          if (!options.disableUpdateDeployment) shellExec(`sudo kubectl apply -f ./${manifestsPath}/deployment.yaml`);
-          if (!options.disableUpdateProxy) shellExec(`sudo kubectl apply -f ./${manifestsPath}/proxy.yaml`);
+          if (!options.disableUpdateDeployment)
+            shellExec(`sudo kubectl apply -f ./${manifestsPath}/deployment.yaml -n ${namespace}`);
+          if (!options.disableUpdateProxy)
+            shellExec(`sudo kubectl apply -f ./${manifestsPath}/proxy.yaml -n ${namespace}`);
 
           if (UnderpostDeploy.API.isValidTLSContext({ host: Object.keys(confServer)[0], env, options }))
-            shellExec(`sudo kubectl apply -f ./${manifestsPath}/secret.yaml`);
+            shellExec(`sudo kubectl apply -f ./${manifestsPath}/secret.yaml -n ${namespace}`);
         }
       }
       if (options.etcHosts === true) {
@@ -598,15 +616,19 @@ EOF
      * Retrieves information about a deployment.
      * @param {string} deployId - Deployment ID for which information is being retrieved.
      * @param {string} kindType - Type of Kubernetes resource to retrieve information for (e.g. 'pods').
+     * @param {string} namespace - Kubernetes namespace to retrieve information from.
      * @returns {Array<object>} - Array of objects containing information about the deployment.
      * @memberof UnderpostDeploy
      */
-    get(deployId, kindType = 'pods') {
-      const raw = shellExec(`sudo kubectl get ${kindType} --all-namespaces -o wide`, {
-        stdout: true,
-        disableLog: true,
-        silent: true,
-      });
+    get(deployId, kindType = 'pods', namespace = '') {
+      const raw = shellExec(
+        `sudo kubectl get ${kindType}${namespace ? ` -n ${namespace}` : ` --all-namespaces`} -o wide`,
+        {
+          stdout: true,
+          disableLog: true,
+          silent: true,
+        },
+      );
 
       const heads = raw
         .split(`\n`)[0]
@@ -720,12 +742,13 @@ EOF
     /**
      * Creates a configmap for a deployment.
      * @param {string} env - Environment for which the configmap is being created.
+     * @param {string} [namespace='default'] - Kubernetes namespace for the configmap.
      * @memberof UnderpostDeploy
      */
-    configMap(env) {
-      shellExec(`kubectl delete configmap underpost-config`);
+    configMap(env, namespace = 'default') {
+      shellExec(`kubectl delete configmap underpost-config -n ${namespace} --ignore-not-found`);
       shellExec(
-        `kubectl create configmap underpost-config --from-file=/home/dd/engine/engine-private/conf/dd-cron/.env.${env}`,
+        `kubectl create configmap underpost-config --from-file=/home/dd/engine/engine-private/conf/dd-cron/.env.${env} --dry-run=client -o yaml | kubectl apply -f - -n ${namespace}`,
       );
     },
     /**
@@ -734,14 +757,15 @@ EOF
      * @param {string} env - Environment for which the traffic is being switched.
      * @param {string} targetTraffic - Target traffic status for the deployment.
      * @param {number} replicas - Number of replicas for the deployment.
+     * @param {string} [namespace='default'] - Kubernetes namespace for the deployment.
      * @memberof UnderpostDeploy
      */
-    switchTraffic(deployId, env, targetTraffic, replicas = 1) {
+    switchTraffic(deployId, env, targetTraffic, replicas = 1, namespace = 'default') {
       UnderpostRootEnv.API.set(`${deployId}-${env}-traffic`, targetTraffic);
       shellExec(
-        `node bin deploy --info-router --build-manifest --traffic ${targetTraffic} --replicas ${replicas} ${deployId} ${env}`,
+        `node bin deploy --info-router --build-manifest --traffic ${targetTraffic} --replicas ${replicas} --namespace ${namespace} ${deployId} ${env}`,
       );
-      shellExec(`sudo kubectl apply -f ./engine-private/conf/${deployId}/build/${env}/proxy.yaml`);
+      shellExec(`sudo kubectl apply -f ./engine-private/conf/${deployId}/build/${env}/proxy.yaml -n ${namespace}`);
     },
 
     /**
@@ -909,7 +933,7 @@ ${renderHosts}`,
     getCurrentLoadedImages(node = 'kind-worker', specContainers = false) {
       if (specContainers) {
         const raw = shellExec(
-          `kubectl get pods --all-namespaces -o=jsonpath='{range .items[*]}{"\\n"}{.metadata.name}{":\\t"}{range .spec.containers[*]}{.image}{", "}{end}{end}'`,
+          `kubectl get pods --all-namespaces -o=jsonpath='{range .items[*]}{"\\n"}{.metadata.namespace}{"/"}{.metadata.name}{":\\t"}{range .spec.containers[*]}{.image}{", "}{end}{end}'`,
           {
             stdout: true,
             silent: true,

package/src/cli/index.js

@@ -7,6 +7,8 @@ import { commitData } from '../client/components/core/CommonJs.js';
 import UnderpostLxd from './lxd.js';
 import UnderpostBaremetal from './baremetal.js';
 import UnderpostRun from './run.js';
+import Dns from '../server/dns.js';
+import { pbcopy } from '../server/process.js';
 
 // Load environment variables from .env file
 const underpostRootPath = getUnderpostRootPath();
@@ -129,6 +131,16 @@ program
   .description('Displays the root path of the npm installation.')
   .action(() => console.log(getNpmRootPath()));
 
+program
+  .command('ip')
+  .option('--copy', 'Copies the IP addresses to the clipboard.')
+  .description('Displays the current public machine IP addresses.')
+  .action(async (options) => {
+    const ip = await Dns.getPublicIp();
+    if (options.copy) return pbcopy(ip);
+    return console.log(ip);
+  });
+
 // 'cluster' command: Manage Kubernetes clusters
 program
   .command('cluster')
@@ -146,7 +158,10 @@ program
   .option('--dedicated-gpu', 'Initializes the cluster with dedicated GPU base resources and environment settings.')
   .option('--info', 'Retrieves information about all deployed Kubernetes objects.')
   .option('--full', 'Initializes the cluster with all available statefulsets and services.')
-  .option('--ns-use <ns-name>', 'Switches the current Kubernetes context to the specified namespace.')
+  .option(
+    '--ns-use <ns-name>',
+    "Switches the current Kubernetes context to the specified namespace (creates if it doesn't exist).",
+  )
   .option('--kubeadm', 'Initializes the cluster using kubeadm for control plane management.')
   .option('--grafana', 'Initializes the cluster with a Grafana deployment.')
   .option(
@@ -166,6 +181,7 @@ program
   .option('--k3s', 'Initializes the cluster using K3s (Lightweight Kubernetes).')
   .option('--hosts <hosts>', 'A comma-separated list of cluster hostnames or IP addresses.')
   .option('--remove-volume-host-paths', 'Removes specified volume host paths after execution.')
+  .option('--namespace <namespace>', 'Kubernetes namespace for cluster operations (defaults to "default").')
   .action(Underpost.cluster.init)
   .description('Manages Kubernetes clusters, defaulting to Kind cluster initialization.');
 
@@ -205,6 +221,7 @@ program
   .option('--etc-hosts', 'Enables the etc-hosts context for deployment operations.')
   .option('--restore-hosts', 'Restores default `/etc/hosts` entries.')
   .option('--disable-update-underpost-config', 'Disables updates to Underpost configuration during deployment.')
+  .option('--namespace <namespace>', 'Kubernetes namespace for deployment operations (defaults to "default").')
   .description('Manages application deployments, defaulting to deploying development pods.')
   .action(Underpost.deploy.callback);
 
@@ -402,6 +419,10 @@ program
   .option('--runtime-class-name <name>', 'Sets the runtime class name for the job in deploy-job.')
   .option('--image-pull-policy <policy>', 'Sets the image pull policy for the job in deploy-job.')
   .option('--api-version <version>', 'Sets the API version for the job manifest in deploy-job.')
+  .option(
+    '--labels <labels>',
+    'Optional: Specifies a comma-separated list of key-value pairs for labels (e.g., "app=my-app,env=prod").',
+  )
   .option('--claim-name <name>', 'Optional: Specifies the claim name for volume mounting in deploy-job.')
   .option('--kind <kind-type>', 'Specifies the kind of Kubernetes resource (e.g., Job, Deployment) for deploy-job.')
   .option('--kubeadm', 'Flag to indicate Kubeadm cluster type context')

package/src/cli/monitor.js

@@ -95,12 +95,13 @@ class UnderpostMonitor {
         if (traffic === 'blue') traffic = 'green';
         else traffic = 'blue';
         UnderpostRootEnv.API.set(`${deployId}-${env}-traffic`, traffic);
+        const namespace = options.namespace || 'default';
         shellExec(
           `node bin deploy --info-router --build-manifest --traffic ${traffic} --replicas ${
             options.replicas ? options.replicas : 1
-          } ${deployId} ${env}`,
+          } --namespace ${namespace} ${deployId} ${env}`,
         );
-        shellExec(`sudo kubectl apply -f ./engine-private/conf/${deployId}/build/${env}/proxy.yaml`);
+        shellExec(`sudo kubectl apply -f ./engine-private/conf/${deployId}/build/${env}/proxy.yaml -n ${namespace}`);
       };
 
       const monitor = async (reject) => {
@@ -152,12 +153,15 @@ class UnderpostMonitor {
                           fs.readFileSync(`./engine-private/conf/${deployId}/conf.server.json`, 'utf8'),
                         );
 
-                        UnderpostDeploy.API.configMap(env);
+                        const namespace = options.namespace || 'default';
+                        UnderpostDeploy.API.configMap(env, namespace);
 
                         for (const host of Object.keys(confServer)) {
-                          shellExec(`sudo kubectl delete HTTPProxy ${host}`);
+                          shellExec(`sudo kubectl delete HTTPProxy ${host} -n ${namespace} --ignore-not-found`);
                         }
-                        shellExec(`sudo kubectl rollout restart deployment/${deployId}-${env}-${traffic}`);
+                        shellExec(
+                          `sudo kubectl rollout restart deployment/${deployId}-${env}-${traffic} -n ${namespace}`,
+                        );
 
                         switchTraffic();
                       }

package/src/cli/repository.js

@@ -179,7 +179,7 @@ class UnderpostRepository {
         return;
       }
       if (options.info) return logger.info('', commitData);
-      const _message = `${commitType}${subModule ? `(${subModule})` : ''}${process.argv.includes('!') ? '!' : ''}: ${
+      const _message = `${commitType}${subModule ? `(${subModule})` : ''}: ${
         commitData[commitType].emoji
       } ${message ? message : commitData[commitType].description}`;
       if (options.copy) return pbcopy(_message);