## [1.0.1] - 2025-03-16

### Added

- Kubernetes RBAC configuration
- Health check endpoints
- Startup probe
- Liveness probe
- Readiness probe

### Changed

- Minikube test environment setup
- Health check endpoints (!!!CURRENTLY NOT USED!!!)
- Minikube RBAC configuration

Author: hasirciogluhq

CHANGELOG.md

@@ -24,6 +24,22 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Security
 
+## [1.0.1] - 2025-03-16
+
+### Added
+
+- Kubernetes RBAC configuration
+- Health check endpoints
+- Startup probe
+- Liveness probe
+- Readiness probe
+
+### Changed
+
+- Minikube test environment setup
+- Health check endpoints (!!!CURRENTLY NOT USED!!!)
+- Minikube RBAC configuration
+
 ## [1.0.0] - 2025-03-15
 
 ### Added

kubernetes/base/001-rbac.yaml

@@ -0,0 +1,41 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: xdatabase-proxy-sa
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: xdatabase-proxy-role
+rules:
+  - apiGroups: [""]
+    resources: ["pods", "services", "endpoints", "secrets", "configmaps"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs: ["create", "patch"]
+  - apiGroups: [""]
+    resources: ["nodes"]
+    verbs: ["list", "watch"]
+  - apiGroups: ["apps"]
+    resources: ["deployments", "daemonsets", "statefulsets", "replicasets"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["networking.k8s.io"]
+    resources: ["ingresses"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["metrics.k8s.io"]
+    resources: ["pods", "nodes"]
+    verbs: ["get", "list", "watch"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: xdatabase-proxy-role-binding
+subjects:
+  - kind: ServiceAccount
+    name: xdatabase-proxy-sa
+roleRef:
+  kind: ClusterRole
+  name: xdatabase-proxy-role
+  apiGroup: rbac.authorization.k8s.io

kubernetes/base/deployment.yaml

@@ -11,6 +11,7 @@ spec:
       labels:
         app: xdatabase-proxy
     spec:
+      serviceAccountName: xdatabase-proxy-sa
       containers:
         - name: xdatabase-proxy
           image: ghcr.io/hasirciogli/xdatabase-proxy:latest
@@ -24,13 +25,28 @@ spec:
             limits:
               cpu: 500m
               memory: 512Mi
-          livenessProbe:
+          startupProbe:
             tcpSocket:
               port: proxy-port
-            initialDelaySeconds: 5
+            failureThreshold: 30
             periodSeconds: 10
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: proxy-port
+              scheme: HTTP
+            initialDelaySeconds: 15
+            periodSeconds: 20
+            timeoutSeconds: 5
+            failureThreshold: 3
+            successThreshold: 1
           readinessProbe:
-            tcpSocket:
+            httpGet:
+              path: /ready
               port: proxy-port
+              scheme: HTTP
             initialDelaySeconds: 5
             periodSeconds: 10
+            timeoutSeconds: 3
+            failureThreshold: 3
+            successThreshold: 1

kubernetes/base/kustomization.yaml

@@ -2,6 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 resources:
+  - 001-rbac.yaml
   - deployment.yaml
   - service.yaml
 # - configmap.yaml

kubernetes/overlays/test/kustomization.yaml

@@ -8,6 +8,8 @@ resources:
 
 patches:
   - path: replicas-patch.yaml
+  # - path: override-rbac.yaml
+  # - path: test-image-patch.yaml
 # configMapGenerator:
 #   - name: xdatabase-proxy-config
 #     behavior: merge

kubernetes/overlays/test/test-image-patch.yaml

@@ -0,0 +1,10 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: xdatabase-proxy
+spec:
+  template:
+    spec:
+      containers:
+        - name: xdatabase-proxy
+          image: xdatabase-proxy-local-test:latest

main.go

@@ -5,43 +5,61 @@ import (
 	"context"
 	"fmt"
 	"log"
+	"net/http"
 	"os"
 	"os/signal"
+	"sync/atomic"
 	"syscall"
 
 	"github.com/hasirciogli/xdatabase-proxy/pkg/kubernetes"
 )
 
-// func main() {
-// 	// Create proxies
-// 	postgresProxy := postgresql.NewPostgresProxy(3001, "localhost", 5432)
-// 	mysqlProxy := mysql.NewMySQLProxy(3002, "localhost", 3306)
-// 	mongoProxy := mongodb.NewMongoDBProxy(3003, "localhost", 27017)
-
-// 	// Start PostgreSQL proxy
-// 	go func() {
-// 		if err := postgresProxy.Start(postgresProxy.ListenPort); err != nil {
-// 			log.Printf("PostgreSQL proxy error: %v", err)
-// 		}
-// 	}()
-
-// 	// Start MySQL proxy
-// 	go func() {
-// 		if err := mysqlProxy.Start(mysqlProxy.ListenPort); err != nil {
-// 			log.Printf("MySQL proxy error: %v", err)
-// 		}
-// 	}()
-
-// 	// Start MongoDB proxy
-// 	if err := mongoProxy.Start(mongoProxy.ListenPort); err != nil {
-// 		log.Printf("MongoDB proxy error: %v", err)
-// 	}
-// }
-
-// sadece postgres proxy
+var (
+	isReady   atomic.Bool
+	isHealthy atomic.Bool
+)
+
+func setupHealthChecks() {
+	// Set initial state
+	isHealthy.Store(true)
+	isReady.Store(true)
+
+	// Health check endpoint
+	http.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) {
+		if isHealthy.Load() {
+			w.WriteHeader(http.StatusOK)
+			w.Write([]byte("healthy"))
+			return
+		}
+		w.WriteHeader(http.StatusServiceUnavailable)
+		w.Write([]byte("unhealthy"))
+	})
+
+	// Readiness check endpoint
+	http.HandleFunc("/ready", func(w http.ResponseWriter, r *http.Request) {
+		if isReady.Load() {
+			w.WriteHeader(http.StatusOK)
+			w.Write([]byte("ready"))
+			return
+		}
+		w.WriteHeader(http.StatusServiceUnavailable)
+		w.Write([]byte("not ready"))
+	})
+
+	// Start HTTP server for health checks
+	go func() {
+		if err := http.ListenAndServe(":80", nil); err != nil {
+			log.Printf("Health check server error: %v", err)
+		}
+	}()
+}
+
 func main() {
+	// Setup health check endpoints (!!!CURRENTLY NOT USED!!!)
+	setupHealthChecks()
+
 	// Create a new Kubernetes client with specific context
-	contextName := os.Getenv("KUBE_CONTEXT") // Take context name from environment variable
+	contextName := os.Getenv("KUBE_CONTEXT")
 	if contextName == "" {
 		contextName = "local-test"
 	}
@@ -60,6 +78,8 @@ func main() {
 			log.Printf("Service Info: Name=%s, Namespace=%s, DB Type=%s, PooledConnection=%v, ClusterDNS=%s",
 				svc.Name, svc.Namespace, svc.DatabaseType, svc.PooledConnection, svc.ClusterDNS)
 		}
+		// Mark as ready once we've successfully started watching services
+		isReady.Store(true)
 	}); err != nil {
 		log.Fatalf("Failed to start watching: %v", err)
 	}
@@ -71,5 +91,9 @@ func main() {
 	signal.Notify(sigChan, syscall.SIGINT, syscall.SIGTERM)
 	<-sigChan
 
+	// Mark as not ready and unhealthy during shutdown
+	isReady.Store(false)
+	isHealthy.Store(false)
+
 	log.Println("Shutting down...")
 }

scripts/setup-minikube.sh

@@ -3,25 +3,30 @@
 # Exit on error
 set -e
 
-echo "Starting Minikube cluster..."
-minikube start --memory=4096 --cpus=2
-
-echo "Enabling ingress addon..."
-minikube addons enable ingress
-
-echo "Building Docker image..."
-eval $(minikube docker-env)
-docker build -t ghcr.io/hasirciogli/xdatabase-proxy:latest .
-
-echo "Creating namespaces..."
-kubectl create namespace test --dry-run=client -o yaml | kubectl apply -f -
-kubectl create namespace production --dry-run=client -o yaml | kubectl apply -f -
+echo "Starting Minikube cluster if not running..."
+if minikube status -p local-test | grep -q "Running"; then
+    echo "Minikube cluster already running"
+else
+    minikube start --memory=4096 --cpus=2 -p local-test
+fi
+
+# echo "Building Docker image..."
+# eval $(minikube docker-env -p local-test)
+# docker build -t xdatabase-proxy-local-test:latest .
+
+echo "Creating namespaces if not exists..."
+if minikube kubectl -p local-test -- get namespace test >/dev/null 2>&1; then
+    echo "Namespace test already exists"
+else
+    echo "Creating namespace test"
+    minikube kubectl -p local-test -- create namespace test --dry-run=client -o yaml | minikube kubectl -p local-test -- apply -f -
+fi
 
 echo "Deploying test environment..."
-kubectl kustomize kubernetes/overlays/test | kubectl apply -f -
+minikube kubectl -p local-test -- kustomize kubernetes/overlays/test | minikube kubectl -p local-test -- apply -f - -n test
 
 echo "Waiting for deployment to be ready..."
-kubectl -n test rollout status deployment/xdatabase-proxy
+minikube kubectl -p local-test -- rollout status deployment/xdatabase-proxy -n test
 
 echo "Running tests..."
 # Add your test commands here
@@ -32,4 +37,4 @@ echo "Running tests..."
 # pkill -f "port-forward"
 
 echo "Setup complete! Your test environment is ready."
-echo "To access the proxy service, run: kubectl -n test port-forward svc/xdatabase-proxy 3001:3001"
+echo "To access the proxy service, run: minikube kubectl -p local-test -- port-forward svc/xdatabase-proxy 3001:3001 -n test"