waggle-sensor · raffenet · Oct 20, 2025 · Oct 31, 2025 · Nov 7, 2025 · Nov 7, 2025
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,12 @@
+on: [push, pull_request]
+
+jobs:
+  create-beehive:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: nolar/setup-k3d-k3s@v1
+      - uses: actions/checkout@v5
+      - run: |
+          git clone https://github.com/waggle-sensor/waggle-pki-tools
+          pushd waggle-pki-tools && ./create-credentials-for-beehive.sh && popd
+          ./create-beehive.sh
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
 .*/
+!.github/
 *.pem
 .DS_Store
diff --git a/create-beehive.sh b/create-beehive.sh
@@ -6,17 +6,17 @@
 cd $(dirname $0)
 
 echo "deploying rabbitmq"
-kubectl apply -f kubernetes/beehive-rabbitmq.yaml
+kubectl apply -f kubernetes/beehive-rabbitmq/beehive-rabbitmq.yaml
 
 echo "deploying message logger"
 ./update-rabbitmq-auth.sh beehive-message-logger-auth beehive-message-logger '.*' '.*' '.*'
 kubectl apply -f kubernetes/beehive-message-logger.yaml
 
 echo "deploying upload server"
-kubectl apply -f kubernetes/beehive-upload-server.yaml
+kubectl apply -f kubernetes/beehive-upload-server/beehive-upload-server.yaml
 
 echo "deploying influxdb"
-kubectl apply -f kubernetes/beehive-influxdb.yaml
+kubectl apply -f kubernetes/beehive-influxdb/beehive-influxdb.yaml
 
 setup_influxdb() {
     kubectl exec svc/beehive-influxdb -- influx setup \
@@ -29,10 +29,10 @@ setup_influxdb() {
 
 echo "setting up influxdb"
 while true; do
-    if msg=$(setup_influxdb); then
+    if msg=$(setup_influxdb 2>&1) ; then
         break
     fi
-    if [[ "$msg" == *"already been setup"* ]]; then
+    if [[ "$msg" == *"already been set up"* ]]; then
         echo "influxdb already setup. skipping."
         break
     fi
@@ -53,7 +53,7 @@ token=$(generate_influxdb_token --write-buckets)
 kubectl create secret generic beehive-influxdb-loader-influxdb-token \
     --from-literal=token="$token"
 ./update-rabbitmq-auth.sh beehive-influxdb-loader-auth beehive-influxdb-loader '.*' '.*' '.*'
-kubectl apply -f kubernetes/beehive-influxdb-loader.yaml
+kubectl apply -f kubernetes/beehive-influxdb-loader/beehive-influxdb-loader.yaml
 
 echo "generating token for data api"
 token=$(generate_influxdb_token --read-buckets)

diff --git a/kubernetes/beehive-rabbitmq/beehive-rabbitmq.yaml b/kubernetes/beehive-rabbitmq/beehive-rabbitmq.yaml
@@ -156,7 +156,7 @@ spec:
             name: beehive-ca-certificate
         - name: tls
           secret:
-            secretName: beehive-rabbitmq-tls-secret
+            secretName: rabbitmq-tls-secret
         - name: data
           persistentVolumeClaim:
             claimName: rabbitmq-data

diff --git a/kubernetes/beehive-upload-server/beehive-upload-server.yaml b/kubernetes/beehive-upload-server/beehive-upload-server.yaml
@@ -72,7 +72,7 @@ spec:
           name: beehive-ssh-ca
       - name: ssh-host-key
         secret:
-          secretName: beehive-upload-server-ssh-host-key
+          secretName: upload-server-ssh-host-key
           defaultMode: 0600
       - name: home-dirs
         persistentVolumeClaim:

diff --git a/update-rabbitmq-auth.sh b/update-rabbitmq-auth.sh
@@ -1,18 +1,15 @@
 #!/bin/bash
-set -e
 
 rmqctl() {
-    kubectl exec svc/beehive-rabbitmq -c beehive-rabbitmq -n ${rmq_namespace} -- rabbitmqctl "$@"
+    kubectl exec svc/beehive-rabbitmq -c beehive-rabbitmq -- rabbitmqctl "$@"
 }
 
-secret_namespace="$1"
-secretname="$2"
-rmq_namespace="$3"
-username="$4"
-confperm="$5"
-writeperm="$6"
-readperm="$7"
-tags="$8"
+secretname="$1"
+username="$2"
+confperm="$3"
+writeperm="$4"
+readperm="$5"
+tags="$6"
 password="$(openssl rand -hex 20)"
 
 echo "updating kubernetes config ${secretname}..."
@@ -21,7 +18,6 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: ${secretname}
-  namespace: ${secret_namespace}
 type: kubernetes.io/basic-auth
 stringData:
   username: ${username}