From ec6c121939e2d92da0b32fedf4205fefd9fc348d Mon Sep 17 00:00:00 2001 From: Adam Anthony Date: Sun, 12 Apr 2026 13:34:07 -0400 Subject: [PATCH 1/5] fix: add postgresql and redis statusInformers for Tier 2 instance health reporting KOTS instance reporting was only tracking the gameshelf deployment. Adding PostgreSQL and Redis StatefulSets so all major components appear healthy in Vendor Portal instance details (rubric 2.10). Co-Authored-By: Claude Sonnet 4.6 --- kots-app.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kots-app.yaml b/kots-app.yaml index d6c22e4..b7e694a 100644 --- a/kots-app.yaml +++ b/kots-app.yaml @@ -6,3 +6,5 @@ spec: title: GameShelf statusInformers: - deployment/gameshelf + - statefulset/gameshelf-postgresql + - statefulset/gameshelf-redis-master From 031380cbc50700a4823c44a9c2202bb94d2719d1 Mon Sep 17 00:00:00 2001 From: Adam Anthony Date: Sun, 12 Apr 2026 13:38:45 -0400 Subject: [PATCH 2/5] feat: restore gameshelf-sdk alias for Tier 2 demo (Helm/KOTS path) Re-adds the alias so the Replicated SDK deployment is named gameshelf-sdk as required by rubric 2.1. Also updates all references (SDK_SERVICE_URL, support-bundle selectors/analyzers, values key, helmchart.yaml key) to match. This intentionally reverts the alias removal from fix/sdk-alias for the Helm install demo path. The EC license injection issue is deferred to a separate track. Co-Authored-By: Claude Sonnet 4.6 --- chart/gameshelf/Chart.yaml | 3 ++- chart/gameshelf/templates/deployment.yaml | 2 +- chart/gameshelf/templates/support-bundle.yaml | 8 ++++---- chart/gameshelf/values.yaml | 2 +- helmchart.yaml | 2 +- 5 files changed, 9 insertions(+), 8 deletions(-) diff --git a/chart/gameshelf/Chart.yaml b/chart/gameshelf/Chart.yaml index 81eb42d..ccba752 100644 --- a/chart/gameshelf/Chart.yaml +++ b/chart/gameshelf/Chart.yaml @@ -7,9 +7,10 @@ appVersion: "0.1.0" dependencies: - name: replicated + alias: gameshelf-sdk version: ~1.19 repository: oci://registry.replicated.com/library - condition: replicated.enabled + condition: gameshelf-sdk.enabled - name: postgresql version: ~18.5 repository: https://charts.bitnami.com/bitnami diff --git a/chart/gameshelf/templates/deployment.yaml b/chart/gameshelf/templates/deployment.yaml index d641a35..ccbd2cc 100644 --- a/chart/gameshelf/templates/deployment.yaml +++ b/chart/gameshelf/templates/deployment.yaml @@ -62,7 +62,7 @@ spec: name: {{ include "gameshelf.fullname" . }} key: admin-secret - name: SDK_SERVICE_URL - value: "http://replicated:3000" + value: "http://gameshelf-sdk:3000" livenessProbe: httpGet: path: /healthz diff --git a/chart/gameshelf/templates/support-bundle.yaml b/chart/gameshelf/templates/support-bundle.yaml index 48c27f0..ecaceaa 100644 --- a/chart/gameshelf/templates/support-bundle.yaml +++ b/chart/gameshelf/templates/support-bundle.yaml @@ -42,9 +42,9 @@ stringData: maxLines: 5000 maxAge: 72h - logs: - collectorName: replicated-sdk + collectorName: gameshelf-sdk selector: - - app=replicated + - app=gameshelf-sdk namespace: {{ .Release.Namespace }} limits: maxLines: 5000 @@ -87,12 +87,12 @@ stringData: - pass: message: GameShelf deployment is running with at least one available replica. - deploymentStatus: - name: replicated + name: gameshelf-sdk namespace: {{ .Release.Namespace }} outcomes: - fail: when: "< 1" - message: "The Replicated SDK deployment has no available replicas. License validation and entitlement checks may not work. Check the replicated pod logs." + message: "The Replicated SDK deployment has no available replicas. License validation and entitlement checks may not work. Check the gameshelf-sdk pod logs." - pass: message: Replicated SDK deployment is running. - statefulsetStatus: diff --git a/chart/gameshelf/values.yaml b/chart/gameshelf/values.yaml index 28ba7da..43063af 100644 --- a/chart/gameshelf/values.yaml +++ b/chart/gameshelf/values.yaml @@ -120,7 +120,7 @@ preflight: minMemory: 4Gi requiredEndpoint: "https://replicated.app" -replicated: +gameshelf-sdk: enabled: true # --- BYO Redis --- diff --git a/helmchart.yaml b/helmchart.yaml index 94e52b1..95aa549 100644 --- a/helmchart.yaml +++ b/helmchart.yaml @@ -7,7 +7,7 @@ spec: name: gameshelf chartVersion: "0.0.0" values: - replicated: + gameshelf-sdk: integrationLicenseID: repl{{ LicenseFieldValue `licenseID` }} adminSecret: repl{{ ConfigOption `admin_secret`}} siteName: repl{{ ConfigOption `site_name`}} From ea0480d8a6f502198729e1fb0c37a53795268ea9 Mon Sep 17 00:00:00 2001 From: Adam Anthony Date: Sun, 12 Apr 2026 13:40:11 -0400 Subject: [PATCH 3/5] fix: use custom proxy domain proxy.adamanthony.dev for all images Replaces proxy.replicated.com with the configured custom domain so all pod images satisfy rubric 2.2 (images must start with your custom proxy domain, not the generic proxy.replicated.com). Co-Authored-By: Claude Sonnet 4.6 --- chart/gameshelf/values.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/chart/gameshelf/values.yaml b/chart/gameshelf/values.yaml index 43063af..1a3cfea 100644 --- a/chart/gameshelf/values.yaml +++ b/chart/gameshelf/values.yaml @@ -10,7 +10,7 @@ global: imagePullSecrets: [] imageProxy: - host: proxy.replicated.com + host: proxy.adamanthony.dev appSlug: gameshelf image: @@ -68,10 +68,10 @@ adminSecret: "changeme" # REQUIRED — set a strong secret, e.g. --set adminSec postgresql: enabled: true image: - registry: proxy.replicated.com/proxy/gameshelf/index.docker.io + registry: proxy.adamanthony.dev/proxy/gameshelf/index.docker.io volumePermissions: image: - registry: proxy.replicated.com/proxy/gameshelf/index.docker.io + registry: proxy.adamanthony.dev/proxy/gameshelf/index.docker.io auth: database: gameshelf username: gameshelf @@ -99,7 +99,7 @@ externalDatabase: redis: enabled: true image: - registry: proxy.replicated.com/proxy/gameshelf/index.docker.io + registry: proxy.adamanthony.dev/proxy/gameshelf/index.docker.io architecture: standalone auth: enabled: false From 21abfff2e9773936f87fed1d83efb100181693c3 Mon Sep 17 00:00:00 2001 From: Adam Anthony Date: Sun, 12 Apr 2026 15:10:44 -0400 Subject: [PATCH 4/5] fix: correct SDK integration mode values and document helm install - helmchart.yaml: use integration.licenseID / integration.enabled (correct SDK subchart value path, not integrationLicenseID) - README: add Helm Install section with full install/upgrade commands, pull secret setup, and common value overrides Co-Authored-By: Claude Sonnet 4.6 --- README.md | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++ helmchart.yaml | 4 ++- 2 files changed, 75 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 11d4b65..6bb00e3 100644 --- a/README.md +++ b/README.md @@ -219,6 +219,78 @@ The `IDENTITY_SECRET` is displayed (masked) in the Admin panel under **Player Id GameShelf itself listens on plain HTTP. Terminate TLS at your reverse proxy, ingress controller, or load balancer and forward plain HTTP to GameShelf. If you're using the dedicated subdomain option, your proxy (nginx, Caddy, etc.) handles the certificate — Caddy does this automatically. +## Helm Install (Replicated) + +Installing directly via Helm from the Replicated registry (not via KOTS/Embedded Cluster). + +### Prerequisites + +- A Replicated customer license ID (Vendor Portal → Customers → click customer → License ID) +- A Replicated customer email address +- `helm` v3.8+, `kubectl` pointed at your target cluster + +### Install + +```bash +# 1. Create the namespace +kubectl create namespace gameshelf + +# 2. Create the image pull secret (required for proxied images) +kubectl create secret docker-registry enterprise-pull-secret \ + --docker-server=proxy.adamanthony.dev \ + --docker-username= \ + --docker-password= \ + -n gameshelf + +# 3. Log into the Replicated OCI registry +helm registry login registry.replicated.com \ + --username \ + --password + +# 4. Install +helm install gameshelf \ + oci://registry.replicated.com/gameshelf/unstable/gameshelf \ + --version \ + --namespace gameshelf \ + --set adminSecret= \ + --set "gameshelf-sdk.integration.licenseID=" \ + --set "gameshelf-sdk.integration.enabled=true" +``` + +> The chart version for each release is visible in the Vendor Portal under Releases, or in the GitHub Actions run log. + +### Upgrade + +```bash +helm upgrade gameshelf \ + oci://registry.replicated.com/gameshelf/unstable/gameshelf \ + --version \ + --reuse-values +``` + +### Access the app + +```bash +kubectl port-forward svc/gameshelf 8080:80 -n gameshelf +``` + +Then open http://localhost:8080. Admin panel: http://localhost:8080/admin?token= + +### Common overrides + +| Value | Default | Description | +|-------|---------|-------------| +| `adminSecret` | `changeme` | Admin panel password | +| `siteName` | `GameShelf` | Site name shown in the UI | +| `service.type` | `ClusterIP` | Set to `NodePort` or `LoadBalancer` to expose externally | +| `service.nodePort` | `""` | NodePort port number (e.g. `30080`) | +| `ingress.enabled` | `false` | Enable ingress | +| `ingress.host` | `""` | Hostname for ingress (required when enabled) | +| `postgresql.enabled` | `true` | Use embedded PostgreSQL; set to `false` for external DB | +| `redis.enabled` | `true` | Use embedded Redis; set to `false` for external Redis | +| `gameshelf-sdk.integration.licenseID` | `""` | License ID for SDK integration mode (direct Helm installs) | +| `gameshelf-sdk.integration.enabled` | `false` | Enable SDK integration mode (direct Helm installs) | + ## Architecture ``` diff --git a/helmchart.yaml b/helmchart.yaml index 95aa549..0ebdada 100644 --- a/helmchart.yaml +++ b/helmchart.yaml @@ -8,7 +8,9 @@ spec: chartVersion: "0.0.0" values: gameshelf-sdk: - integrationLicenseID: repl{{ LicenseFieldValue `licenseID` }} + integration: + licenseID: repl{{ LicenseFieldValue `licenseID` }} + enabled: true adminSecret: repl{{ ConfigOption `admin_secret`}} siteName: repl{{ ConfigOption `site_name`}} builder: From 464d59d26126d24eeb4e41c765bd7f8f55b9f0a0 Mon Sep 17 00:00:00 2001 From: Adam Anthony Date: Sun, 12 Apr 2026 15:22:46 -0400 Subject: [PATCH 5/5] fix: proxy SDK image through custom domain for rubric 2.2 Set gameshelf-sdk.image.registry to proxy.adamanthony.dev so the SDK pod image also starts with the custom proxy domain. Without this the SDK pulls directly from proxy.replicated.com, failing the 2.2 requirement that every app image uses the custom proxy. Co-Authored-By: Claude Sonnet 4.6 --- chart/gameshelf/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/chart/gameshelf/values.yaml b/chart/gameshelf/values.yaml index 1a3cfea..c300783 100644 --- a/chart/gameshelf/values.yaml +++ b/chart/gameshelf/values.yaml @@ -122,6 +122,8 @@ preflight: gameshelf-sdk: enabled: true + image: + registry: proxy.adamanthony.dev # --- BYO Redis --- externalRedis: