From 49b0e366de3ef284aa8ab4e1a30a8f0cc44eb978 Mon Sep 17 00:00:00 2001
From: Bruno Salzano <d4rkstar@gmail.com>
Date: Wed, 24 Sep 2025 22:46:34 +0200
Subject: [PATCH 1/3] internal registry

---
 deploy/openwhisk-standalone/standalone-conf.yaml |  1 +
 deploy/registry/03-registry-svc.yaml             |  5 +++--
 nuvolaris/kube.py                                | 11 ++++++++++-
 nuvolaris/registry_deploy.py                     |  8 +++++++-
 nuvolaris/secret_imagepull_data.py               |  2 +-
 5 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/deploy/openwhisk-standalone/standalone-conf.yaml b/deploy/openwhisk-standalone/standalone-conf.yaml
index 6b59561..c846a74 100644
--- a/deploy/openwhisk-standalone/standalone-conf.yaml
+++ b/deploy/openwhisk-standalone/standalone-conf.yaml
@@ -26,6 +26,7 @@ data:
     apiVersion: v1
     kind: Pod
     spec:
+      imagePullPolicy: Always 
       imagePullSecrets:
       - name: registry-pull-secret
 
diff --git a/deploy/registry/03-registry-svc.yaml b/deploy/registry/03-registry-svc.yaml
index d0485ed..eef99c7 100644
--- a/deploy/registry/03-registry-svc.yaml
+++ b/deploy/registry/03-registry-svc.yaml
@@ -25,7 +25,8 @@ spec:
   selector:
     app: registry
   ports:
-    - protocol: TCP
+    - nodePort: 32000
+      protocol: TCP
       port: 5000
       targetPort: 5000
-  type: ClusterIP
\ No newline at end of file
+  type: NodePort
\ No newline at end of file
diff --git a/nuvolaris/kube.py b/nuvolaris/kube.py
index 827f996..a921173 100644
--- a/nuvolaris/kube.py
+++ b/nuvolaris/kube.py
@@ -170,4 +170,13 @@ def rollout(name, namespace="nuvolaris"):
     try:
         return kubectl("rollout", "restart", name, namespace=namespace)
     except:
-        return None            
\ No newline at end of file
+        return None
+    
+def detect_kind():
+    try:
+        is_kind = kubectl("get","node/nuvolaris-control-plane",
+                          namespace=None,
+                          jsonpath='{.metadata.labels.nuvolaris\\.io/kube}')
+        return is_kind and "kind" in is_kind
+    except:
+        return False
\ No newline at end of file
diff --git a/nuvolaris/registry_deploy.py b/nuvolaris/registry_deploy.py
index c61bccb..db211a5 100644
--- a/nuvolaris/registry_deploy.py
+++ b/nuvolaris/registry_deploy.py
@@ -69,7 +69,13 @@ def create_internal_registry(data, owner=None):
     kust += registrySecret.generateHtPasswordPatch()
 
     #path the registry pull secret
-    registryPullSecret = ImagePullSecretData(data['registryUsername'],data['registryPassword'],data['repoHostname'])
+    repoInternalHost = data['repoHostname']
+    if kube.detect_kind():
+        # when repo is kind, the registry pull secret will point
+        # to the node port exposed on the node
+        repoInternalHost = "127.0.0.1:32000"
+    
+    registryPullSecret = ImagePullSecretData(data['registryUsername'],data['registryPassword'],repoInternalHost)
     registryPullSecret.with_secret_name("registry-pull-secret")    
     kust += registryPullSecret.generatePullSecretPatch()
 
diff --git a/nuvolaris/secret_imagepull_data.py b/nuvolaris/secret_imagepull_data.py
index 76fae80..f842d13 100644
--- a/nuvolaris/secret_imagepull_data.py
+++ b/nuvolaris/secret_imagepull_data.py
@@ -66,7 +66,7 @@ def render_template(self,namespace,tpl= "generic-secret-docker-tpl.yaml"):
         uses the given template to render a final ImagePull secret template and returns the path to the template
         """
         logging.info(f"*** Rendering ImagePull secret template with name {self._data['secret_name']} via template {tpl}")
-        out = f"/tmp/__{namespace}_{tpl}"
+        out = f"/tmp/__{namespace}_{self._data['secret_name']}_{tpl}"
         file = ntp.spool_template(tpl, out, self._data)
         return os.path.abspath(file)
     

From 3b7215b8c44f96bdf8f163c3c05c560784830bbb Mon Sep 17 00:00:00 2001
From: Bruno Salzano <d4rkstar@gmail.com>
Date: Wed, 24 Sep 2025 22:46:42 +0200
Subject: [PATCH 2/3] fix milvus

---
 nuvolaris/main.py              | 3 ++-
 nuvolaris/milvus_standalone.py | 6 +++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/nuvolaris/main.py b/nuvolaris/main.py
index f5b797d..2c72f6e 100644
--- a/nuvolaris/main.py
+++ b/nuvolaris/main.py
@@ -82,7 +82,8 @@ def whisk_create(spec, name, **kwargs):
         "static": "?", # Minio static endpoint provider
         "zookeeper": "?", #Zookeeper configuration
         "quota":"?", #Quota configuration
-        "etcd":"?" #Etcdd configuration
+        "etcd":"?", #Etcd configuration
+        "milvus":"?" #Milvus configuration
     }
 
     if cfg.get('components.minio') and cfg.get('components.seaweedfs'):
diff --git a/nuvolaris/milvus_standalone.py b/nuvolaris/milvus_standalone.py
index fe702d2..80090af 100644
--- a/nuvolaris/milvus_standalone.py
+++ b/nuvolaris/milvus_standalone.py
@@ -259,7 +259,11 @@ def delete_ow_milvus(ucfg):
 
 
 def delete_by_owner():
-    spec = kus.build("milvus")
+    data = util.get_milvus_config_data()
+    dir = "milvus"
+    if data['slim']:
+        dir += "-slim"
+    spec = kus.build(dir)
     res = kube.delete(spec)
     logging.info(f"delete milvus: {res}")
     return res

From 52bb5b62a12581c7ffe85625684b5420d05b6f80 Mon Sep 17 00:00:00 2001
From: Bruno Salzano <d4rkstar@gmail.com>
Date: Thu, 25 Sep 2025 23:45:32 +0200
Subject: [PATCH 3/3] fix: disable milvus should remove tech accounts

disabling milvus, minio/seaweedfs technical user were not removed. Furthermore, milvus was not removed when slim configuration in use.
---
 nuvolaris/milvus_standalone.py        | 52 ++++++++++++++++++++++++---
 tests/kind/milvus_standalone_test.ipy | 11 +++---
 2 files changed, 53 insertions(+), 10 deletions(-)

diff --git a/nuvolaris/milvus_standalone.py b/nuvolaris/milvus_standalone.py
index 80090af..cbe0e48 100644
--- a/nuvolaris/milvus_standalone.py
+++ b/nuvolaris/milvus_standalone.py
@@ -161,6 +161,47 @@ def create_milvus_accounts(data: dict):
     if cfg.get('components.seaweedfs'):
         return create_seaweedfs_milvus_account(data)
 
+def delete_minio_milvus_account(data: dict):
+    """
+    Deletes technical accounts for MINIO
+    """
+    try:
+        logging.info("removing milvus minio technical accounts.")
+        minioClient = mutil.MinioClient()
+        res = util.check(minioClient.remove_user(data["milvus_s3_username"]), "remove_user", True)
+        return util.check(minioClient.force_bucket_remove(data["milvus_bucket_name"]), "force_bucket_remove", res)
+        
+    except Exception as ex:
+        logging.error("Could not delete milvus MINIO accounts", ex)
+        return False 
+
+def delete_seaweedfs_milvus_account(data: dict):
+    """
+    Delete technical accounts for SEAWEEDFS
+    """
+    try:
+        logging.info("removing milvus seaweedfs technical accounts.")
+        seaweedfsClient = SeaweedfsClient()
+        res = util.check(seaweedfsClient.delete_user(data["milvus_s3_username"]), "delete_user", True)
+        return util.check(seaweedfsClient.force_bucket_remove(data["milvus_bucket_name"]), "force_bucket_remove", res)
+        
+    except Exception as ex:
+        logging.error("Could not delete milvus SEAWEEDFS accounts", ex)
+        return False
+
+def delete_milvus_accounts(data: dict):
+    """"
+    Deletes technical accounts for ETCD and MINIO
+    """
+    # currently we use the ETCD root password, so we skip the ETCD user deletion.
+    
+    logging.info("removing milvus technical accounts.")
+    if cfg.get('components.minio'):
+        return delete_minio_milvus_account(data)
+    
+    if cfg.get('components.seaweedfs'):
+        return delete_seaweedfs_milvus_account(data)
+
 
 def create_default_milvus_database(data):
     """
@@ -258,13 +299,13 @@ def delete_ow_milvus(ucfg):
     return res
 
 
-def delete_by_owner():
-    data = util.get_milvus_config_data()
+def delete_by_owner(data):
     dir = "milvus"
     if data['slim']:
         dir += "-slim"
     spec = kus.build(dir)
     res = kube.delete(spec)
+
     logging.info(f"delete milvus: {res}")
     return res
 
@@ -278,10 +319,13 @@ def delete_by_spec():
 
 
 def delete(owner=None):
+    data = util.get_milvus_config_data()
     if owner:
-        return delete_by_owner()
+        res = delete_by_owner(data)
     else:
-        return delete_by_spec()
+        res = delete_by_spec()
+    
+    return delete_milvus_accounts(data)
 
 
 def patch(status, action, owner=None):
diff --git a/tests/kind/milvus_standalone_test.ipy b/tests/kind/milvus_standalone_test.ipy
index 808b8bd..26faeae 100644
--- a/tests/kind/milvus_standalone_test.ipy
+++ b/tests/kind/milvus_standalone_test.ipy
@@ -31,8 +31,9 @@ from nuvolaris.user_metadata import UserMetadata
 
 #tu.enable_debug_logging()
 ### Initial cleanup
-!kubectl -n nuvolaris delete all --all
-!kubectl -n nuvolaris delete pvc --all
+tu.run_proc("kubectl -n nuvolaris delete all --all")
+tu.run_proc("kubectl -n nuvolaris delete pvc --all")
+
 
 # test
 assert(cfg.configure(tu.load_sample_config()))
@@ -94,7 +95,5 @@ assert(milvus.delete())
 assert(etcd.delete())
 assert(minio.delete())
 
-# final cleanup
-!kubectl -n nuvolaris delete all --all
-# etcd pvc in particular
-!kubectl -n nuvolaris delete pvc --all
\ No newline at end of file
+tu.run_proc("kubectl -n nuvolaris delete all --all")
+tu.run_proc("kubectl -n nuvolaris delete pvc --all")