task k:newapp v2

[JJGadgets]

Ideas

makejinja? Helm template but run locally to generate manifests? yq jank? Would Magefile be needed?

To-Do List

• fix letter casing, and hyphen vs underscore
• Prompt if app is single pod single container, if so, prompt image repo and tag
• Prompt if PVC, shared PG (copy secret only), and/or dedicated PG (ks.yaml to PG cluster template) is needed
• Prompt if ingress-nginx, which controller and which host, and store host into 1P/SOPS
• Prompt if service should be simple ClusterIP with 1 port, or LoadBalancer (and prompt if k8s-gw hostname), or both, and store LBIP into 1P/SOPS
• Prompt for UID and store into 1P/SOPS
• Prompt whether ES is needed
• Prompt for persistence of each template and mounts (config configMap, PVC (use config key if no config configMap, else use data key), NFS pod volume, tmpfs, TLS secrets, other secrets)
• Prompt for pod-security level, if NFS pod volume then default to baseline, else default to restricted (maybe I should change PSS policies on Talos level to allow NFS volumes?)
• Prompt for common netpols labels (fuzzy search for CCNP endpointSelectors? Add labels to "other apps" netpols and search for those? Maintain separate YAML of common netpols labels?)