From 6d1c0a5e5890e4b79236011a85b8cc3c321fe83f Mon Sep 17 00:00:00 2001
From: Lenin Mehedy <lenin.mehedy@swirldslabs.com>
Date: Tue, 19 Sep 2023 09:27:25 +1000
Subject: [PATCH] feat: parameterize the helm chart namespace value (#351)

Signed-off-by: Lenin Mehedy <lenin.mehedy@swirldslabs.com>
---
 charts/hedera-network/Chart.lock              | 12 +++-
 .../templates/configmaps/envoy-cm.yaml        |  1 +
 .../templates/configmaps/haproxy-cm.yaml      |  1 +
 .../configmaps/otel-collector-cm.yaml         |  1 +
 .../templates/configmaps/test-cm.yaml         |  1 +
 .../gateway-api/envoy-grpc-web-routes.yaml    |  2 +-
 .../templates/gateway-api/gateway.yaml        |  4 +-
 .../gateway-api/haproxy-grpc-routes.yaml      |  2 +-
 .../gateway-api/network-node-grpc-routes.yaml |  2 +-
 .../templates/network-node-statefulset.yaml   |  1 +
 .../templates/proxy/envoy-deployment.yaml     |  1 +
 .../templates/proxy/haproxy-deployment.yaml   |  1 +
 .../templates/rbac/pod-monitor-role.yaml      |  6 +-
 .../templates/rbac/service-accounts.yaml      |  2 +-
 .../secrets/backup-uploder-secrets.yaml       |  1 +
 .../secrets/otel-collector-secrets.yaml       |  1 +
 .../secrets/uploder-mirror-secrets.yaml       |  1 +
 .../templates/services/envoy-svc.yaml         |  1 +
 .../templates/services/haproxy-svc.yaml       |  1 +
 .../templates/services/network-node-svc.yaml  |  1 +
 .../telemetry/prometheus-svc-monitor.yaml     |  1 +
 charts/hedera-network/values.yaml             | 10 ++-
 dev/Makefile                                  | 15 ++---
 dev/scripts/docker.sh                         | 15 ++---
 dev/scripts/env.sh                            | 67 +++++++++++++++++++
 dev/scripts/gateway.sh                        |  7 +-
 dev/scripts/main.sh                           | 58 +++++++++++-----
 dev/scripts/telemetry.sh                      | 57 ++++++++++------
 dev/scripts/template.env                      |  4 ++
 dev/telemetry/prometheus/prometheus-rbac.yaml | 13 ----
 30 files changed, 200 insertions(+), 90 deletions(-)
 create mode 100644 dev/scripts/env.sh

diff --git a/charts/hedera-network/Chart.lock b/charts/hedera-network/Chart.lock
index 9c3170e8b..21ec42f86 100644
--- a/charts/hedera-network/Chart.lock
+++ b/charts/hedera-network/Chart.lock
@@ -1,6 +1,12 @@
 dependencies:
+- name: hedera-explorer
+  repository: ""
+  version: 0.2.0
+- name: hedera-mirror
+  repository: https://hashgraph.github.io/hedera-mirror-node/charts
+  version: 0.86.0
 - name: tenant
   repository: https://operator.min.io/
-  version: 5.0.6
-digest: sha256:d1145f65bba0cb295b33e94b0fdc79d80bf06d22cf2606061d0c1462800d3ae7
-generated: "2023-08-09T09:52:59.515466+10:00"
+  version: 5.0.7
+digest: sha256:cf355b295abceb5814ef57d3e146ec9d4e8db7365a700079d683bd5f766ad374
+generated: "2023-09-16T13:47:19.087992+10:00"
diff --git a/charts/hedera-network/templates/configmaps/envoy-cm.yaml b/charts/hedera-network/templates/configmaps/envoy-cm.yaml
index e5609768e..e584f4579 100644
--- a/charts/hedera-network/templates/configmaps/envoy-cm.yaml
+++ b/charts/hedera-network/templates/configmaps/envoy-cm.yaml
@@ -5,6 +5,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: envoy-proxy-cm-{{ $node.name }}
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
 data:
   envoy.yaml: |
     {{- tpl ($.Files.Get "config-files/envoy.yaml") (dict "nodeConfig" $node "Template" $.Template) | nindent 4 }}
diff --git a/charts/hedera-network/templates/configmaps/haproxy-cm.yaml b/charts/hedera-network/templates/configmaps/haproxy-cm.yaml
index 220611295..3b63a756d 100644
--- a/charts/hedera-network/templates/configmaps/haproxy-cm.yaml
+++ b/charts/hedera-network/templates/configmaps/haproxy-cm.yaml
@@ -5,6 +5,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: haproxy-cm-{{ $node.name }}
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
 data:
   haproxy.cfg: |
     {{- tpl ($.Files.Get "config-files/haproxy.cfg") (dict "nodeConfig" $node "Template" $.Template) | nindent 4 }}
diff --git a/charts/hedera-network/templates/configmaps/otel-collector-cm.yaml b/charts/hedera-network/templates/configmaps/otel-collector-cm.yaml
index a56e7c42a..726c9bc81 100644
--- a/charts/hedera-network/templates/configmaps/otel-collector-cm.yaml
+++ b/charts/hedera-network/templates/configmaps/otel-collector-cm.yaml
@@ -2,6 +2,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: otel-collector-cm
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
 data:
   config.yaml: |
   {{- tpl (.Files.Get "config-files/otel-collector-config.yaml") ( dict "otelDefaults" $.Values.defaults.sidecars.otelCollector "Template" $.Template )  | nindent 4 }}
diff --git a/charts/hedera-network/templates/configmaps/test-cm.yaml b/charts/hedera-network/templates/configmaps/test-cm.yaml
index 8a8f26d31..3c004543b 100644
--- a/charts/hedera-network/templates/configmaps/test-cm.yaml
+++ b/charts/hedera-network/templates/configmaps/test-cm.yaml
@@ -2,6 +2,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: test-cm
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
 data:
   {{- $total_nodes := len $.Values.hedera.nodes -}}
   {{- range $path, $_ :=  .Files.Glob  "tests/*.*" }}
diff --git a/charts/hedera-network/templates/gateway-api/envoy-grpc-web-routes.yaml b/charts/hedera-network/templates/gateway-api/envoy-grpc-web-routes.yaml
index 844ba5c71..7485037f8 100644
--- a/charts/hedera-network/templates/gateway-api/envoy-grpc-web-routes.yaml
+++ b/charts/hedera-network/templates/gateway-api/envoy-grpc-web-routes.yaml
@@ -7,7 +7,7 @@ apiVersion: gateway.networking.k8s.io/v1beta1
 kind: HTTPRoute
 metadata:
   name: envoy-grpc-web-route-{{ $node.name }}
-  namespace: default
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
   labels:
     fullstack.hedera.com/type: http-route
 spec:
diff --git a/charts/hedera-network/templates/gateway-api/gateway.yaml b/charts/hedera-network/templates/gateway-api/gateway.yaml
index b8225d4ab..a041c1cac 100644
--- a/charts/hedera-network/templates/gateway-api/gateway.yaml
+++ b/charts/hedera-network/templates/gateway-api/gateway.yaml
@@ -3,7 +3,7 @@ apiVersion: gateway.networking.k8s.io/v1beta1
 kind: GatewayClass
 metadata:
   name: {{ $.Values.gatewayApi.gatewayClass.name }}
-  namespace: default
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
   labels:
     fullstack.hedera.com/type: gateway-class
 spec:
@@ -15,7 +15,7 @@ apiVersion: gateway.networking.k8s.io/v1beta1
 kind: Gateway
 metadata:
   name: {{ $.Values.gatewayApi.gateway.name }}
-  namespace: default
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
   labels:
     fullstack.hedera.com/type: gateway
 spec:
diff --git a/charts/hedera-network/templates/gateway-api/haproxy-grpc-routes.yaml b/charts/hedera-network/templates/gateway-api/haproxy-grpc-routes.yaml
index 59ec2fc56..ae775bbf5 100644
--- a/charts/hedera-network/templates/gateway-api/haproxy-grpc-routes.yaml
+++ b/charts/hedera-network/templates/gateway-api/haproxy-grpc-routes.yaml
@@ -7,7 +7,7 @@ apiVersion: gateway.networking.k8s.io/v1alpha2
 kind: TCPRoute
 metadata:
   name: haproxy-grpc-route-{{ $node.name }}
-  namespace: default
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
   labels:
     fullstack.hedera.com/type: tcp-route
     fullstack.hedera.com/nodeName: {{ $node.name }}
diff --git a/charts/hedera-network/templates/gateway-api/network-node-grpc-routes.yaml b/charts/hedera-network/templates/gateway-api/network-node-grpc-routes.yaml
index de55cdc2e..214997dc2 100644
--- a/charts/hedera-network/templates/gateway-api/network-node-grpc-routes.yaml
+++ b/charts/hedera-network/templates/gateway-api/network-node-grpc-routes.yaml
@@ -7,7 +7,7 @@ apiVersion: gateway.networking.k8s.io/v1alpha2
 kind: TCPRoute
 metadata:
   name: node-grpc-route-{{ $node.name }}
-  namespace: default
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
   labels:
     fullstack.hedera.com/type: tcp-route
     fullstack.hedera.com/nodeName: {{ $node.name }}
diff --git a/charts/hedera-network/templates/network-node-statefulset.yaml b/charts/hedera-network/templates/network-node-statefulset.yaml
index 2f9491197..50f00ef4d 100644
--- a/charts/hedera-network/templates/network-node-statefulset.yaml
+++ b/charts/hedera-network/templates/network-node-statefulset.yaml
@@ -14,6 +14,7 @@ apiVersion: apps/v1
 kind: StatefulSet
 metadata:
   name: network-{{ $node.name }}
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
   labels:
     app: network-{{ $node.name }}
 spec:
diff --git a/charts/hedera-network/templates/proxy/envoy-deployment.yaml b/charts/hedera-network/templates/proxy/envoy-deployment.yaml
index 707306262..022ef4272 100644
--- a/charts/hedera-network/templates/proxy/envoy-deployment.yaml
+++ b/charts/hedera-network/templates/proxy/envoy-deployment.yaml
@@ -7,6 +7,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: envoy-proxy-{{ $node.name }}
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
 spec:
   replicas: 1
   selector:
diff --git a/charts/hedera-network/templates/proxy/haproxy-deployment.yaml b/charts/hedera-network/templates/proxy/haproxy-deployment.yaml
index 5361b6cb0..a4edf92c4 100644
--- a/charts/hedera-network/templates/proxy/haproxy-deployment.yaml
+++ b/charts/hedera-network/templates/proxy/haproxy-deployment.yaml
@@ -7,6 +7,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: haproxy-{{ $node.name }}
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
 spec:
   replicas: 1
   selector:
diff --git a/charts/hedera-network/templates/rbac/pod-monitor-role.yaml b/charts/hedera-network/templates/rbac/pod-monitor-role.yaml
index 50a14d627..dd8ccbd8e 100644
--- a/charts/hedera-network/templates/rbac/pod-monitor-role.yaml
+++ b/charts/hedera-network/templates/rbac/pod-monitor-role.yaml
@@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: pod-monitoring-role
-  namespace: {{ .Values.namespace }}
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
 rules:
   - apiGroups: [ "" ]
     resources:
@@ -31,11 +31,11 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: pod-monitoring-role-binding
-  namespace: {{ .Values.namespace }}
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
 subjects:
   - kind: ServiceAccount
     name: pod-monitor
-    namespace: {{ .Values.namespace }}
+    namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
 roleRef:
   kind: ClusterRole
   name: pod-monitoring-role
diff --git a/charts/hedera-network/templates/rbac/service-accounts.yaml b/charts/hedera-network/templates/rbac/service-accounts.yaml
index 72c028175..0e4b26311 100644
--- a/charts/hedera-network/templates/rbac/service-accounts.yaml
+++ b/charts/hedera-network/templates/rbac/service-accounts.yaml
@@ -2,4 +2,4 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: pod-monitor
-  namespace: {{ .Values.namespace }}
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
diff --git a/charts/hedera-network/templates/secrets/backup-uploder-secrets.yaml b/charts/hedera-network/templates/secrets/backup-uploder-secrets.yaml
index ceaabd821..04f14dae7 100644
--- a/charts/hedera-network/templates/secrets/backup-uploder-secrets.yaml
+++ b/charts/hedera-network/templates/secrets/backup-uploder-secrets.yaml
@@ -2,6 +2,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: backup-uploader-secrets
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
 type: Opaque
 data:
   S3_ACCESS_KEY: ""
diff --git a/charts/hedera-network/templates/secrets/otel-collector-secrets.yaml b/charts/hedera-network/templates/secrets/otel-collector-secrets.yaml
index 23f9b4c21..13e65c2f2 100644
--- a/charts/hedera-network/templates/secrets/otel-collector-secrets.yaml
+++ b/charts/hedera-network/templates/secrets/otel-collector-secrets.yaml
@@ -2,6 +2,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: otel-collector-secrets
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
 type: Opaque
 data:
   S3_ACCESS_KEY: ""
diff --git a/charts/hedera-network/templates/secrets/uploder-mirror-secrets.yaml b/charts/hedera-network/templates/secrets/uploder-mirror-secrets.yaml
index 80c7b6266..cc6c11371 100644
--- a/charts/hedera-network/templates/secrets/uploder-mirror-secrets.yaml
+++ b/charts/hedera-network/templates/secrets/uploder-mirror-secrets.yaml
@@ -7,6 +7,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: minio-secrets
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
 type: Opaque
 data:
   config.env: {{ $minio_config_env | b64enc }}
diff --git a/charts/hedera-network/templates/services/envoy-svc.yaml b/charts/hedera-network/templates/services/envoy-svc.yaml
index 8533c1a7c..082103dda 100644
--- a/charts/hedera-network/templates/services/envoy-svc.yaml
+++ b/charts/hedera-network/templates/services/envoy-svc.yaml
@@ -7,6 +7,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: envoy-proxy-{{ $node.name }}-svc
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
   labels:
     fullstack.hedera.com/type: envoy-proxy-svc
     fullstack.hedera.com/node-name: {{ $node.name }}
diff --git a/charts/hedera-network/templates/services/haproxy-svc.yaml b/charts/hedera-network/templates/services/haproxy-svc.yaml
index 16e04abd5..248083a6b 100644
--- a/charts/hedera-network/templates/services/haproxy-svc.yaml
+++ b/charts/hedera-network/templates/services/haproxy-svc.yaml
@@ -7,6 +7,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: haproxy-{{ $node.name }}-svc
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
   labels:
     fullstack.hedera.com/type: haproxy-svc
     fullstack.hedera.com/node-name: {{ $node.name }}
diff --git a/charts/hedera-network/templates/services/network-node-svc.yaml b/charts/hedera-network/templates/services/network-node-svc.yaml
index 8b425ae0b..4fa908d2f 100644
--- a/charts/hedera-network/templates/services/network-node-svc.yaml
+++ b/charts/hedera-network/templates/services/network-node-svc.yaml
@@ -4,6 +4,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: network-{{ $nodeConfig.name }}-svc
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
   labels:
     fullstack.hedera.com/type: network-node-svc
     fullstack.hedera.com/node-name: {{ $nodeConfig.name }}
diff --git a/charts/hedera-network/templates/telemetry/prometheus-svc-monitor.yaml b/charts/hedera-network/templates/telemetry/prometheus-svc-monitor.yaml
index ff4ba05e0..f990545ea 100644
--- a/charts/hedera-network/templates/telemetry/prometheus-svc-monitor.yaml
+++ b/charts/hedera-network/templates/telemetry/prometheus-svc-monitor.yaml
@@ -3,6 +3,7 @@ apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
   name: network-node-monitor
+  namespace: {{ default $.Release.Namespace $.Values.global.namespaceOverride }}
   labels:
     fullstack.hedera.com/type: network-node-svc-monitor
 spec:
diff --git a/charts/hedera-network/values.yaml b/charts/hedera-network/values.yaml
index 489ed4913..a54169b2a 100644
--- a/charts/hedera-network/values.yaml
+++ b/charts/hedera-network/values.yaml
@@ -1,5 +1,8 @@
 # WARNING: Use double quotes for all values. This is because we need to be careful about booleans.
 
+global:
+  namespaceOverride: ""
+
 # cloud configuration
 cloud:
   minio:
@@ -62,7 +65,6 @@ gatewayApi:
   route:
     hostname: "{{ .node.name }}.fst.local"
 
-namespace: default
 
 # default settings for a single node
 # This default configurations can be overridden for each node in the hedera.nodes section.
@@ -197,7 +199,7 @@ defaults:
             insecure: true
         prometheusRemoteWrite:
           enable: "false"
-          endpoint: "http://prometheus.default.svc:9090/api/v1/write"
+          endpoint: "" # e.g. http://prometheus.<NAMESPACE>.svc:9090/api/v1/write
           tls:
             insecure: true
 
@@ -223,6 +225,8 @@ minio-server:
       requestAutoCert: false
 
 hedera-mirror-node:
+  global:
+    namespaceOverride: "{{ tpl (.Values.global.namespaceOverride | toString) }}"
   # importer is a component of the hedera mirror node
   # config for subchart hedera-mirror/importer
   importer:
@@ -249,6 +253,8 @@ hedera-mirror-node:
               # for s3 configuration of mirror node look at uploader-mirror-secrets.yaml
 
 hedera-explorer:
+  global:
+    namespaceOverride: "{{ tpl (.Values.global.namespaceOverride | toString) }}"
   # The hedera explorer UI /api url will proxy  all request to mirror node
   #
   # Without this we would need to expose the mirror node rest API publicly and specify its public url in the network config below
diff --git a/dev/Makefile b/dev/Makefile
index 61c51ab24..e6f5a839a 100644
--- a/dev/Makefile
+++ b/dev/Makefile
@@ -23,7 +23,6 @@ SHELLOPTS:=$(if $(SHELLOPTS),$(SHELLOPTS):)pipefail:errexit
 	ci-test
 
 # Setup variables
-CLUSTER_NAME ?="fst"
 SCRIPTS_DIR=$(PWD)/scripts
 CHART_DIR=$(PWD)/../charts/hedera-network
 SCRIPT_NAME=direct-install.sh
@@ -38,17 +37,15 @@ DOCKER_SCRIPT="docker.sh"
 
 .PHONY: setup
 setup:
-	rm -f "${TMP_DIR}/"*.*
-	cp "${SCRIPTS_DIR}/template.env" "${TMP_DIR}/.env"
+	source "${SCRIPTS_DIR}/main.sh" && setup
 
 .PHONY: setup-cluster
 setup-cluster:
-	echo "Cluster name: ${CLUSTER_NAME}" && \
-	source "${SCRIPTS_DIR}/main.sh" && setup_cluster "${CLUSTER_NAME}"
+	source "${SCRIPTS_DIR}/main.sh" && setup_cluster
 
 .PHONY: destroy-cluster
 destroy-cluster:
-	kind delete cluster -n fst
+	source "${SCRIPTS_DIR}/main.sh" && destroy_cluster
 
 .PHONY: install-chart
 install-chart:
@@ -155,12 +152,8 @@ destroy-gateway-api:
 	source "${SCRIPTS_DIR}/${GATEWAY_API_SCRIPT}" && destroy_envoy_gateway_api
 
 ######################################### Telemetry #################################
-.PHONY: fetch-prometheus-operator-bundle
-fetch-prometheus-operator-bundle:
-	source "${SCRIPTS_DIR}/${TELEMETRY_SCRIPT}" && fetch-prometheus-operator-bundle
-
 .PHONY: deploy-prometheus-operator
-deploy-prometheus-operator: fetch-prometheus-operator-bundle
+deploy-prometheus-operator:
 	source "${SCRIPTS_DIR}/${TELEMETRY_SCRIPT}" && deploy-prometheus-operator
 
 .PHONY: destroy-prometheus-operator
diff --git a/dev/scripts/docker.sh b/dev/scripts/docker.sh
index d4db8d3d6..1f69ee151 100644
--- a/dev/scripts/docker.sh
+++ b/dev/scripts/docker.sh
@@ -1,20 +1,17 @@
 #!/usr/bin/env bash
 
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd)"
-readonly SCRIPT_DIR
-readonly DOCKERFILE_DIR="${SCRIPT_DIR}/../../docker"
-readonly LOCAL_DOCKER_REGISTRY="docker.fst.local" # same as in dev/ci/ci-values.yaml
-readonly LOCAL_DOCKER_IMAGE_TAG="local"
+CUR_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd)"
+source "${CUR_DIR}/env.sh"
+setup_kubectl_context
+
 readonly KUBECTL_BATS_IMAGE="${LOCAL_DOCKER_REGISTRY}/kubectl-bats:${LOCAL_DOCKER_IMAGE_TAG}"
 
 function build_kubectl_bats() {
-  local cluster_name=$1
-  local cluster_name=$1
-  [[ -z "${cluster_name}" ]] && echo "ERROR: Cluster name is required" && return 1
+  [[ -z "${CLUSTER_NAME}" ]] && echo "ERROR: [build_kubectl_bats] Cluster name is required" && return 1
 
   echo ""
 	echo "Building kubectl-bats image"
   echo "-----------------------------------------------------------------------------------------------------"
 	cd "${DOCKERFILE_DIR}/kubectl-bats" && docker build -t "${KUBECTL_BATS_IMAGE}" .
-  kind load docker-image ${KUBECTL_BATS_IMAGE} -n "${cluster_name}"
+  kind load docker-image "${KUBECTL_BATS_IMAGE}" -n "${CLUSTER_NAME}"
 }
\ No newline at end of file
diff --git a/dev/scripts/env.sh b/dev/scripts/env.sh
new file mode 100644
index 000000000..81838d7d4
--- /dev/null
+++ b/dev/scripts/env.sh
@@ -0,0 +1,67 @@
+#!/usr/bin/env bash
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd)"
+
+readonly SCRIPT_DIR
+readonly TMP_DIR="${SCRIPT_DIR}/../temp"
+readonly CHART_DIR="${SCRIPT_DIR}/../../charts/hedera-network"
+
+
+# telemetry related env variables
+readonly GATEWAY_API_DIR="${SCRIPT_DIR}/../gateway-api"
+readonly TELEMETRY_DIR="${SCRIPT_DIR}/../telemetry"
+readonly PROMETHEUS_DIR="${TELEMETRY_DIR}/prometheus"
+readonly PROMETHEUS_VERSION=v0.67.1
+readonly PROMETHEUS_OPERATOR_YAML="${PROMETHEUS_DIR}/prometheus-operator.yaml"
+readonly PROMETHEUS_YAML="${PROMETHEUS_DIR}/prometheus.yaml"
+readonly PROMETHEUS_RBAC_YAML="${PROMETHEUS_DIR}/prometheus-rbac.yaml"
+readonly PROMETHEUS_EXAMPLE_APP_YAML="${PROMETHEUS_DIR}/example-app.yaml"
+
+# docker build related env variables
+readonly DOCKERFILE_DIR="${SCRIPT_DIR}/../../docker"
+readonly LOCAL_DOCKER_REGISTRY="docker.fst.local" # same as in dev/ci/ci-values.yaml
+readonly LOCAL_DOCKER_IMAGE_TAG="local"
+
+function setup_temp_dir() {
+	if [ ! -f "${TMP_DIR}/.env" ]; then \
+	  echo "Creating .env file from template.env"
+		cp "${SCRIPT_DIR}/template.env" "${TMP_DIR}/.env"
+	  echo "File list in ${TMP_DIR}"
+	  ls -la "${TMP_DIR}"
+	fi
+}
+
+function load_env_file() {
+	if [ -f "${TMP_DIR}/.env" ]; then \
+    set -a
+    # shellcheck source=./../temp/.env
+    source "${TMP_DIR}/.env"
+    set +a
+  fi
+}
+
+function setup_kubectl_context() {
+  load_env_file
+  [[ -z "${CLUSTER_NAME}" ]] && echo "ERROR: Cluster name is required" && return 1
+  [[ -z "${NAMESPACE}" ]] && echo "ERROR: Namespace name is required" && return 1
+
+  kubectl get ns "${NAMESPACE}" &>/dev/null
+  if [[ $? -ne 0 ]]; then
+    kubectl create ns "${NAMESPACE}"
+  fi
+
+  echo "List of namespaces:"
+	kubectl get ns
+
+	echo "Setting kubectl context..."
+	kubectl config use-context "kind-${CLUSTER_NAME}"
+	kubectl config set-context --current --namespace="${NAMESPACE}"
+	kubectl config get-contexts
+}
+
+function setup() {
+  setup_temp_dir
+  load_env_file
+}
+
+setup
diff --git a/dev/scripts/gateway.sh b/dev/scripts/gateway.sh
index 60690cd33..7004dbfb6 100644
--- a/dev/scripts/gateway.sh
+++ b/dev/scripts/gateway.sh
@@ -1,10 +1,9 @@
 #!/usr/bin/env bash
 
-GATEWAY_API_VERSION="${GATEWAY_API_VERSION:-v0.7.1}"
+CUR_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd)"
+source "${CUR_DIR}/env.sh"
 
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd)"
-readonly GATEWAY_API_DIR="${SCRIPT_DIR}/../gateway-api"
-readonly SCRIPT_DIR
+GATEWAY_API_VERSION="${GATEWAY_API_VERSION:-v0.7.1}"
 
 function deploy_haproxy_ingress() {
   deploy_gateway_api_crd
diff --git a/dev/scripts/main.sh b/dev/scripts/main.sh
index 6763680c2..3baaa6a8d 100644
--- a/dev/scripts/main.sh
+++ b/dev/scripts/main.sh
@@ -1,28 +1,38 @@
 #!/usr/bin/env bash
 
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd)"
-readonly SCRIPT_DIR
-CHART_DIR="${SCRIPT_DIR}/../../charts/hedera-network"
+CUR_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd)"
+source "${CUR_DIR}/env.sh"
 
 function setup_cluster() {
-  local cluster_name=$1
-  [[ -z "${cluster_name}" ]] && echo "ERROR: Cluster name is required" && return 1
+  [[ -z "${CLUSTER_NAME}" ]] && echo "ERROR: [setup_cluster] Cluster name is required" && return 1
+  [[ -z "${NAMESPACE}" ]] && echo "ERROR: [setup_cluster] Namespace name is required" && return 1
 
-  local count=$(kind get clusters -q | grep -c -sw "${cluster_name}")
+	echo "Cluster name: ${CLUSTER_NAME}"
+  local count=$(kind get clusters -q | grep -c -sw "${CLUSTER_NAME}")
   if [[ $count -eq 0 ]]; then
-	    echo "Cluster '${cluster_name}' not found"
-		  kind create cluster -n "${cluster_name}"
+	    echo "Cluster '${CLUSTER_NAME}' not found"
+		  kind create cluster -n "${CLUSTER_NAME}"
+		  kubectl create ns "${NAMESPACE}"
 	else
-	    echo "Cluster '${cluster_name}' found"
+	    echo "Cluster '${CLUSTER_NAME}' found"
   fi
 
-	kubectl config use-context "kind-${cluster_name}"
-	kubectl config set-context --current --namespace=default
-	kubectl config get-contexts
+	setup_kubectl_context
+}
+
+function destroy_cluster() {
+  [[ -z "${CLUSTER_NAME}" ]] && echo "ERROR: [destroy_cluster] Cluster name is required" && return 1
+  [[ -z "${NAMESPACE}" ]] && echo "ERROR: [destroy_cluster] Namespace name is required" && return 1
+
+	kind delete cluster -n "${CLUSTER_NAME}" || true
+	kubectl delete ns "${NAMESPACE}" || true
 }
 
 function install_chart() {
   local node_setup_script=$1
+  [[ -z "${node_setup_script}" ]] && echo "ERROR: [install_chart] Node setup script name is required" && return 1
+
+  setup_kubectl_context
 
   echo ""
   echo "Installing helm chart... "
@@ -37,30 +47,42 @@ function install_chart() {
 }
 
 function uninstall_chart() {
+  [[ -z "${HELM_RELEASE_NAME}" ]] && echo "ERROR: [uninstall_chart] Helm release name is required" && return 1
+
   echo ""
   echo "Uninstalling helm chart... "
   echo "-----------------------------------------------------------------------------------------------------"
- 	helm uninstall fst
+ 	helm uninstall "${HELM_RELEASE_NAME}"
  	sleep 10
 }
 
 function nmt_install() {
+  [[ -z "${HELM_RELEASE_NAME}" ]] && echo "ERROR: [nmt_install] Helm release name is required" && return 1
+  [[ -z "${NAMESPACE}" ]] && echo "ERROR: [nmt_install] Namespace name is required" && return 1
+
   if [[ -z "${CHART_VALUES_FILES}" ]]; then
-    helm install fst "${CHART_DIR}" --set defaults.root.image.repository=hashgraph/full-stack-testing/ubi8-init-dind
+    helm install "${HELM_RELEASE_NAME}" -n "${NAMESPACE}" "${CHART_DIR}" --set defaults.root.image.repository=hashgraph/full-stack-testing/ubi8-init-dind
   else
-    helm install fst "${CHART_DIR}" -f "${CHART_DIR}/values.yaml" --values "${CHART_VALUES_FILES}" --set defaults.root.image.repository=hashgraph/full-stack-testing/ubi8-init-dind
+    helm install "${HELM_RELEASE_NAME}" -n "${NAMESPACE}"  "${CHART_DIR}" -f "${CHART_DIR}/values.yaml" --values "${CHART_VALUES_FILES}" --set defaults.root.image.repository=hashgraph/full-stack-testing/ubi8-init-dind
   fi
 }
 
 function direct_install() {
+  [[ -z "${HELM_RELEASE_NAME}" ]] && echo "ERROR: [direct_install] Helm release name is required" && return 1
+  [[ -z "${NAMESPACE}" ]] && echo "ERROR: [direct_install] Namespace name is required" && return 1
+
   if [[ -z "${CHART_VALUES_FILES}" ]]; then
-    helm install fst "${CHART_DIR}"
+    helm install "${HELM_RELEASE_NAME}" -n "${NAMESPACE}" "${CHART_DIR}"
   else
-    helm install fst "${CHART_DIR}" -f "${CHART_DIR}/values.yaml" --values "${CHART_VALUES_FILES}"
+    helm install "${HELM_RELEASE_NAME}" -n "${NAMESPACE}" "${CHART_DIR}" -f "${CHART_DIR}/values.yaml" --values "${CHART_VALUES_FILES}"
   fi
 }
 
 function run_helm_chart_tests() {
+  [[ -z "${HELM_RELEASE_NAME}" ]] && echo "ERROR: [run_helm_chart_tests] Helm release name is required" && return 1
+
+  setup_kubectl_context
+
   local test_name=$1 # pod name in the tests/test-deployment.yaml file
   [[ -z "${test_name}" ]] && echo "ERROR: test name is required" && return 1
 
@@ -68,7 +90,7 @@ function run_helm_chart_tests() {
   echo "Running helm chart tests (first run takes ~2m)... "
   echo "-----------------------------------------------------------------------------------------------------"
 
-	helm test fst --filter name="${test_name}"
+	helm test "${HELM_RELEASE_NAME}" --filter name="${test_name}"
 
   local test_status=$(kubectl get pod "${test_name}" -o jsonpath='{.status.phase}' | xargs)
   echo "Helm test status: ${test_status}"
diff --git a/dev/scripts/telemetry.sh b/dev/scripts/telemetry.sh
index 5e41e1d7c..15a258300 100644
--- a/dev/scripts/telemetry.sh
+++ b/dev/scripts/telemetry.sh
@@ -1,17 +1,10 @@
 #!/usr/bin/env bash
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd)"
-readonly SCRIPT_DIR
-readonly TELEMETRY_DIR="${SCRIPT_DIR}/../telemetry"
-readonly PROMETHEUS_DIR="${TELEMETRY_DIR}/prometheus"
+CUR_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd)"
+source "${CUR_DIR}/env.sh"
+setup_kubectl_context
 
 # Run the below command to retrieve the latest version
 # curl -s "https://api.github.com/repos/prometheus-operator/prometheus-operator/releases/latest" | jq -cr .tag_name
-readonly PROMETHEUS_VERSION=v0.67.1
-readonly PROMETHEUS_OPERATOR_YAML="${PROMETHEUS_DIR}/prometheus-operator.yaml"
-readonly PROMETHEUS_YAML="${PROMETHEUS_DIR}/prometheus.yaml"
-readonly PROMETHEUS_RBAC_YAML="${PROMETHEUS_DIR}/prometheus-rbac.yaml"
-readonly PROMETHEUS_EXAMPLE_APP_YAML="${PROMETHEUS_DIR}/example-app.yaml"
 
 function fetch-prometheus-operator-bundle() {
 	if [[ ! -f "${PROMETHEUS_OPERATOR_YAML}" ]]; then \
@@ -28,6 +21,8 @@ function fetch-prometheus-operator-bundle() {
 }
 
 function deploy-prometheus-operator() {
+  fetch-prometheus-operator-bundle
+
   echo ""
 	echo "Deploying prometheus operator"
 	echo "PROMETHEUS_OPERATOR_YAML: ${PROMETHEUS_OPERATOR_YAML}"
@@ -59,10 +54,29 @@ function deploy-prometheus() {
 	echo "PROMETHEUS_YAML: ${PROMETHEUS_YAML}"
   echo "-----------------------------------------------------------------------------------------------------"
 	kubectl create -f "${PROMETHEUS_RBAC_YAML}"
+
+	# create ClusterRole binding with the correct namespace
+	# NOTE: take care of indentation in the yaml if it needs to be updated
+	echo "
+  apiVersion: rbac.authorization.k8s.io/v1
+  kind: ClusterRoleBinding
+  metadata:
+    name: prometheus
+  roleRef:
+    apiGroup: rbac.authorization.k8s.io
+    kind: ClusterRole
+    name: prometheus
+  subjects:
+    - kind: ServiceAccount
+      name: prometheus
+      namespace: ${NAMESPACE}" | kubectl create -f -
+
 	sleep 10
+
 	kubectl create -f "${PROMETHEUS_YAML}"
+
 	echo "Waiting for prometheus to be active (timeout 300s)..."
-	kubectl wait --for=condition=Ready pods -l  app.kubernetes.io/name=prometheus -n default  --timeout 300s
+	kubectl wait --for=condition=Ready pods -l  app.kubernetes.io/name=prometheus --timeout 300s -n "${NAMESPACE}"
 }
 
 function destroy-prometheus() {
@@ -71,8 +85,9 @@ function destroy-prometheus() {
 	echo "PROMETHEUS_RBAC_YAML: ${PROMETHEUS_RBAC_YAML}"
 	echo "PROMETHEUS_YAML: ${PROMETHEUS_YAML}"
   echo "-----------------------------------------------------------------------------------------------------"
-	kubectl delete -f "${PROMETHEUS_YAML}"
-	kubectl delete -f "${PROMETHEUS_RBAC_YAML}"
+	kubectl delete -f "${PROMETHEUS_YAML}" || true
+	kubectl delete -f "${PROMETHEUS_RBAC_YAML}" || true
+	kubectl delete clusterrolebindings prometheus || true
 	sleep 5
 }
 
@@ -83,7 +98,7 @@ function deploy-prometheus-example-app() {
   echo "-----------------------------------------------------------------------------------------------------"
 	kubectl create -f "${PROMETHEUS_EXAMPLE_APP_YAML}"
   echo "Waiting for prometheus example app to be active (timeout 300s)..."
-	kubectl wait --for=condition=Ready pods -l  app=prometheus-example-app -n default --timeout 300s
+	kubectl wait --for=condition=Ready pods -l  app=prometheus-example-app --timeout 300s
 }
 
 function destroy-prometheus-example-app() {
@@ -97,13 +112,13 @@ function destroy-prometheus-example-app() {
 }
 
 function expose_prometheus() {
-  export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=prometheus,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
-  kubectl --namespace default port-forward $POD_NAME 9090 &
+  export POD_NAME=$(kubectl get pods -l "app.kubernetes.io/name=prometheus,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
+  kubectl port-forward "${POD_NAME}" 9090 &
   echo "Prometheus is exposed from ${POD_NAME} to port 9090"
 }
 
 function unexpose_prometheus() {
-  export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=prometheus,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
+  export POD_NAME=$(kubectl get pods -l "app.kubernetes.io/name=prometheus,app.kubernetes.io/instance=prometheus" -o jsonpath="{.items[0].metadata.name}")
   export PID=$(ps aux | grep "port-forward ${POD_NAME}" | sed -n 2p | awk '{ print $2 }')
   [[ -z "${PID}" ]] && echo "No Prometheus port-forward PID is found" && return 0
 
@@ -139,13 +154,13 @@ function destroy_grafana_tempo() {
 }
 
 function expose_grafana() {
-  export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=grafana,app.kubernetes.io/instance=grafana" -o jsonpath="{.items[0].metadata.name}")
-  kubectl --namespace default port-forward $POD_NAME 3000 &
+  export POD_NAME=$(kubectl get pods -l "app.kubernetes.io/name=grafana,app.kubernetes.io/instance=grafana" -o jsonpath="{.items[0].metadata.name}")
+  kubectl port-forward $POD_NAME 3000 &
   echo "Grafana is exposed from ${POD_NAME} to port 3000"
 }
 
 function unexpose_grafana() {
-  export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=grafana,app.kubernetes.io/instance=grafana" -o jsonpath="{.items[0].metadata.name}")
+  export POD_NAME=$(kubectl get pods -l "app.kubernetes.io/name=grafana,app.kubernetes.io/instance=grafana" -o jsonpath="{.items[0].metadata.name}")
   export PID=$(ps aux | grep "port-forward ${POD_NAME}" | sed -n 2p | awk '{ print $2 }')
   [[ -z "${PID}" ]] && echo "No Grafana port-forward PID is found" && return 0
 
@@ -163,7 +178,7 @@ function deploy_tracing_example_app() {
   echo "-----------------------------------------------------------------------------------------------------"
   kubectl create -f "${TELEMETRY_DIR}/grafana/example-tracing-app.yaml"
   echo "Waiting for tracing example app to be active (timeout 300s)..."
-	kubectl wait --for=condition=Ready pods -l  app=xk6-tracing -n default --timeout 300s
+	kubectl wait --for=condition=Ready pods -l  app=xk6-tracing --timeout 300s
 }
 
 function destroy_tracing_example_app() {
diff --git a/dev/scripts/template.env b/dev/scripts/template.env
index ef8be8b0e..b25b0b7f0 100644
--- a/dev/scripts/template.env
+++ b/dev/scripts/template.env
@@ -1,3 +1,7 @@
+USER="${USER:-changeme}"
+CLUSTER_NAME="fst"
+NAMESPACE="fst-${USER}"
+HELM_RELEASE_NAME="fst"
 NMT_VERSION=v2.0.0-alpha.0
 PLATFORM_VERSION=v0.39.1
 
diff --git a/dev/telemetry/prometheus/prometheus-rbac.yaml b/dev/telemetry/prometheus/prometheus-rbac.yaml
index 235ee390c..532dd0051 100644
--- a/dev/telemetry/prometheus/prometheus-rbac.yaml
+++ b/dev/telemetry/prometheus/prometheus-rbac.yaml
@@ -27,16 +27,3 @@ rules:
     verbs: ["get", "list", "watch"]
   - nonResourceURLs: ["/metrics"]
     verbs: ["get"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: prometheus
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: prometheus
-subjects:
-  - kind: ServiceAccount
-    name: prometheus
-    namespace: default