From c4a8810e4f7012fe71410258d6cc7d0d211a5f86 Mon Sep 17 00:00:00 2001 From: Alessandro De Maria Date: Tue, 2 Apr 2024 12:00:46 +0000 Subject: [PATCH 1/4] Refactor --- .../all-glob/manifests/00_namespace.yml | 9 - .../all-glob/manifests/01_yaml_load.yml | 3 - .../all-glob/manifests/10_serviceaccount.yml | 8 - .../all-glob/manifests/app-deployment.yml | 36 --- .../all-glob/manifests/app-service.yml | 17 - .../compiled/all-glob/manifests/es-client.yml | 67 ---- .../compiled/all-glob/manifests/es-data.yml | 64 ---- .../all-glob/manifests/es-discovery-svc.yml | 17 - .../manifests/es-elasticsearch-svc.yml | 21 -- .../compiled/all-glob/manifests/es-master.yml | 64 ---- .../compiled/all-glob/manifests/mysql_app.yml | 81 ----- .../all-glob/manifests/mysql_secret.yml | 12 - .../manifests/mysql_secret_subvar.yml | 12 - .../manifests/mysql_service_jsonnet.yml | 18 -- .../manifests/mysql_service_simple.yml | 16 - .../all-glob/manifests/mysql_statefulset.yml | 51 --- .../all-glob/pre-deploy/00_namespace.yml | 9 - .../all-glob/pre-deploy/10_serviceaccount.yml | 8 - .../compiled/busybox/copy/copy_target | 1 - .../kubernetes/compiled/busybox/copy/pod.yml | 14 - .../kubernetes/compiled/busybox/copy_target | 1 - .../busybox/pre-deploy/00_namespace.yml | 9 - .../busybox/pre-deploy/10_serviceaccount.yml | 8 - .../compiled/jsonnet-env/jsonnet-env/env.yml | 44 --- .../compiled/labels/labels/service.yml | 14 - .../labels/pre-deploy/00_namespace.yml | 9 - .../labels/pre-deploy/10_serviceaccount.yml | 8 - .../kubernetes/compiled/minikube-es/README.md | 64 ---- .../compiled/minikube-es/copy/copy_target | 1 - .../compiled/minikube-es/copy/pod.yml | 14 - .../compiled/minikube-es/copy_target | 1 - .../minikube-es/manifests/es-client.yml | 67 ---- .../minikube-es/manifests/es-data.yml | 64 ---- .../manifests/es-discovery-svc.yml | 17 - .../manifests/es-elasticsearch-svc.yml | 21 -- .../minikube-es/manifests/es-master.yml | 64 ---- .../minikube-es/pre-deploy/00_namespace.yml | 9 - .../pre-deploy/10_serviceaccount.yml | 8 - .../compiled/minikube-es/scripts/apply.sh | 14 - .../compiled/minikube-es/scripts/delete.sh | 10 - .../compiled/minikube-es/scripts/kubectl.sh | 10 - .../scripts/minikube/install_minikube.sh | 21 -- .../scripts/minikube/start_minikube.sh | 10 - .../minikube-es/scripts/setup_cluster.sh | 9 - .../minikube-es/scripts/setup_context.sh | 9 - .../compiled/minikube-mysql/README.md | 64 ---- .../minikube-mysql/manifests/mysql_app.yml | 73 ----- .../minikube-mysql/manifests/mysql_secret.yml | 11 - .../manifests/mysql_secret_subvar.yml | 11 - .../manifests/mysql_service_jsonnet.yml | 16 - .../manifests/mysql_service_simple.yml | 16 - .../manifests/mysql_statefulset.yml | 44 --- .../pre-deploy/00_namespace.yml | 9 - .../pre-deploy/10_serviceaccount.yml | 8 - .../compiled/minikube-mysql/scripts/apply.sh | 14 - .../compiled/minikube-mysql/scripts/delete.sh | 10 - .../minikube-mysql/scripts/kubectl.sh | 10 - .../scripts/minikube/install_minikube.sh | 21 -- .../scripts/minikube/start_minikube.sh | 10 - .../minikube-mysql/scripts/setup_cluster.sh | 9 - .../minikube-mysql/scripts/setup_context.sh | 9 - .../compiled/minikube-nginx-helm/README.md | 7 - .../job-patch/clusterrole.yaml | 23 -- .../job-patch/clusterrolebinding.yaml | 23 -- .../job-patch/job-createSecret.yaml | 53 ---- .../job-patch/job-patchWebhook.yaml | 55 ---- .../admission-webhooks/job-patch/role.yaml | 24 -- .../job-patch/rolebinding.yaml | 24 -- .../job-patch/serviceaccount.yaml | 16 - .../validating-webhook.yaml | 34 -- .../ingress-nginx/templates/clusterrole.yaml | 82 ----- .../templates/clusterrolebinding.yaml | 19 -- .../templates/controller-configmap.yaml | 15 - .../templates/controller-deployment.yaml | 114 ------- .../templates/controller-ingressclass.yaml | 14 - .../templates/controller-role.yaml | 106 ------- .../templates/controller-rolebinding.yaml | 21 -- .../templates/controller-service-webhook.yaml | 24 -- .../templates/controller-service.yaml | 34 -- .../templates/controller-serviceaccount.yaml | 14 - .../minikube-nginx-helm/nginx-deploy.sh | 14 - .../compiled/minikube-nginx-jsonnet/README.md | 7 - .../manifests/app-deployment.yml | 36 --- .../manifests/app-service.yml | 17 - .../minikube-nginx-jsonnet/nginx-deploy.sh | 14 - .../pre-deploy/00_namespace.yml | 9 - .../pre-deploy/10_serviceaccount.yml | 8 - .../compiled/minikube-nginx-kadet/README.md | 7 - .../manifests/nginx_deployment.yml | 17 - .../manifests/nginx_service.yml | 15 - .../minikube-nginx-kadet/nginx-deploy.sh | 14 - .../pre-deploy/00_namespace.yml | 9 - .../pre-deploy/10_serviceaccount.yml | 8 - kapitan/cli.py | 42 +-- kapitan/targets.py | 249 +-------------- kapitan/triggers/compile.py | 300 ++++++++++++++++++ 96 files changed, 305 insertions(+), 2532 deletions(-) delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/00_namespace.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/01_yaml_load.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/10_serviceaccount.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/app-deployment.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/app-service.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/es-client.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/es-data.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/es-discovery-svc.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/es-elasticsearch-svc.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/es-master.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/mysql_app.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/mysql_secret.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/mysql_secret_subvar.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/mysql_service_jsonnet.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/mysql_service_simple.yml delete mode 100644 examples/kubernetes/compiled/all-glob/manifests/mysql_statefulset.yml delete mode 100644 examples/kubernetes/compiled/all-glob/pre-deploy/00_namespace.yml delete mode 100644 examples/kubernetes/compiled/all-glob/pre-deploy/10_serviceaccount.yml delete mode 100644 examples/kubernetes/compiled/busybox/copy/copy_target delete mode 100644 examples/kubernetes/compiled/busybox/copy/pod.yml delete mode 100644 examples/kubernetes/compiled/busybox/copy_target delete mode 100644 examples/kubernetes/compiled/busybox/pre-deploy/00_namespace.yml delete mode 100644 examples/kubernetes/compiled/busybox/pre-deploy/10_serviceaccount.yml delete mode 100644 examples/kubernetes/compiled/jsonnet-env/jsonnet-env/env.yml delete mode 100644 examples/kubernetes/compiled/labels/labels/service.yml delete mode 100644 examples/kubernetes/compiled/labels/pre-deploy/00_namespace.yml delete mode 100644 examples/kubernetes/compiled/labels/pre-deploy/10_serviceaccount.yml delete mode 100644 examples/kubernetes/compiled/minikube-es/README.md delete mode 100644 examples/kubernetes/compiled/minikube-es/copy/copy_target delete mode 100644 examples/kubernetes/compiled/minikube-es/copy/pod.yml delete mode 100644 examples/kubernetes/compiled/minikube-es/copy_target delete mode 100644 examples/kubernetes/compiled/minikube-es/manifests/es-client.yml delete mode 100644 examples/kubernetes/compiled/minikube-es/manifests/es-data.yml delete mode 100644 examples/kubernetes/compiled/minikube-es/manifests/es-discovery-svc.yml delete mode 100644 examples/kubernetes/compiled/minikube-es/manifests/es-elasticsearch-svc.yml delete mode 100644 examples/kubernetes/compiled/minikube-es/manifests/es-master.yml delete mode 100644 examples/kubernetes/compiled/minikube-es/pre-deploy/00_namespace.yml delete mode 100644 examples/kubernetes/compiled/minikube-es/pre-deploy/10_serviceaccount.yml delete mode 100755 examples/kubernetes/compiled/minikube-es/scripts/apply.sh delete mode 100755 examples/kubernetes/compiled/minikube-es/scripts/delete.sh delete mode 100755 examples/kubernetes/compiled/minikube-es/scripts/kubectl.sh delete mode 100755 examples/kubernetes/compiled/minikube-es/scripts/minikube/install_minikube.sh delete mode 100755 examples/kubernetes/compiled/minikube-es/scripts/minikube/start_minikube.sh delete mode 100755 examples/kubernetes/compiled/minikube-es/scripts/setup_cluster.sh delete mode 100755 examples/kubernetes/compiled/minikube-es/scripts/setup_context.sh delete mode 100644 examples/kubernetes/compiled/minikube-mysql/README.md delete mode 100644 examples/kubernetes/compiled/minikube-mysql/manifests/mysql_app.yml delete mode 100644 examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret.yml delete mode 100644 examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret_subvar.yml delete mode 100644 examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_jsonnet.yml delete mode 100644 examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_simple.yml delete mode 100644 examples/kubernetes/compiled/minikube-mysql/manifests/mysql_statefulset.yml delete mode 100644 examples/kubernetes/compiled/minikube-mysql/pre-deploy/00_namespace.yml delete mode 100644 examples/kubernetes/compiled/minikube-mysql/pre-deploy/10_serviceaccount.yml delete mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/apply.sh delete mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/delete.sh delete mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/kubectl.sh delete mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/minikube/install_minikube.sh delete mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/minikube/start_minikube.sh delete mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/setup_cluster.sh delete mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/setup_context.sh delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/README.md delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrole.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrolebinding.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-configmap.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-deployment.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-ingressclass.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-role.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-rolebinding.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service-webhook.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-serviceaccount.yaml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/nginx-deploy.sh delete mode 100644 examples/kubernetes/compiled/minikube-nginx-jsonnet/README.md delete mode 100644 examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-deployment.yml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-service.yml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-jsonnet/nginx-deploy.sh delete mode 100644 examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/00_namespace.yml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/10_serviceaccount.yml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-kadet/README.md delete mode 100644 examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_deployment.yml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_service.yml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-kadet/nginx-deploy.sh delete mode 100644 examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/00_namespace.yml delete mode 100644 examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/10_serviceaccount.yml create mode 100644 kapitan/triggers/compile.py diff --git a/examples/kubernetes/compiled/all-glob/manifests/00_namespace.yml b/examples/kubernetes/compiled/all-glob/manifests/00_namespace.yml deleted file mode 100644 index 5431e92ed..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/00_namespace.yml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: {} - labels: - name: all-glob - name: all-glob - namespace: all-glob -spec: {} diff --git a/examples/kubernetes/compiled/all-glob/manifests/01_yaml_load.yml b/examples/kubernetes/compiled/all-glob/manifests/01_yaml_load.yml deleted file mode 100644 index 32b74faef..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/01_yaml_load.yml +++ /dev/null @@ -1,3 +0,0 @@ -json_str: '{"apiVersion": "v1", "kind": "Pod", "metadata": {"name": "busybox", "namespace": - "default"}, "spec": {"containers": [{"image": "busybox", "command": ["sleep", "3600"], - "imagePullPolicy": "IfNotPresent", "name": "busybox"}], "restartPolicy": "Always"}}' diff --git a/examples/kubernetes/compiled/all-glob/manifests/10_serviceaccount.yml b/examples/kubernetes/compiled/all-glob/manifests/10_serviceaccount.yml deleted file mode 100644 index 89d533a7e..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/10_serviceaccount.yml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: {} - labels: - name: default - name: default - namespace: all-glob diff --git a/examples/kubernetes/compiled/all-glob/manifests/app-deployment.yml b/examples/kubernetes/compiled/all-glob/manifests/app-deployment.yml deleted file mode 100644 index 7511e4bf5..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/app-deployment.yml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - annotations: {} - labels: - name: nginx - name: nginx - namespace: all-glob -spec: - minReadySeconds: 30 - replicas: 2 - revisionHistoryLimit: 10 - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - annotations: {} - labels: - name: nginx - spec: - containers: - - args: [] - env: [] - image: nginx:1:15.8 - imagePullPolicy: Always - name: nginx - ports: - - containerPort: 80 - name: http - volumeMounts: [] - imagePullSecrets: [] - initContainers: [] - volumes: [] diff --git a/examples/kubernetes/compiled/all-glob/manifests/app-service.yml b/examples/kubernetes/compiled/all-glob/manifests/app-service.yml deleted file mode 100644 index 2466fed7a..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/app-service.yml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - annotations: {} - labels: - name: nginx - name: nginx - namespace: all-glob -spec: - loadBalancerSourceRanges: [] - ports: - - name: http - port: 80 - targetPort: http - selector: - name: nginx - type: NodePort diff --git a/examples/kubernetes/compiled/all-glob/manifests/es-client.yml b/examples/kubernetes/compiled/all-glob/manifests/es-client.yml deleted file mode 100644 index ce6977287..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/es-client.yml +++ /dev/null @@ -1,67 +0,0 @@ -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - labels: - name: cluster-client - role: client - name: cluster-client - namespace: all-glob -spec: - replicas: 1 - serviceName: cluster-client - template: - metadata: - labels: - name: cluster-client - role: client - spec: - containers: - - env: - - name: CLUSTER_NAME - value: cluster - - name: ES_JAVA_OPTS - value: -Xms512m -Xmx512m - - name: HTTP_ENABLE - value: 'true' - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NODE_DATA - value: 'false' - - name: NODE_INGEST - value: 'false' - - name: NODE_MASTER - value: 'false' - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NUMBER_OF_MASTERS - value: '1' - image: quay.io/pires/docker-elasticsearch-kubernetes:5.5.0 - imagePullPolicy: Always - name: client - ports: - - containerPort: 9200 - name: client - protocol: TCP - - containerPort: 9300 - name: transport - protocol: TCP - securityContext: - capabilities: - add: - - IPC_LOCK - - SYS_RESOURCE - privileged: false - initContainers: - - command: - - sysctl - - -w - - vm.max_map_count=262144 - image: busybox - imagePullPolicy: IfNotPresent - name: sysctl - securityContext: - privileged: true diff --git a/examples/kubernetes/compiled/all-glob/manifests/es-data.yml b/examples/kubernetes/compiled/all-glob/manifests/es-data.yml deleted file mode 100644 index 5b70b3cfb..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/es-data.yml +++ /dev/null @@ -1,64 +0,0 @@ -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - labels: - name: cluster-data - role: data - name: cluster-data - namespace: all-glob -spec: - replicas: 1 - serviceName: cluster-data - template: - metadata: - labels: - name: cluster-data - role: data - spec: - containers: - - env: - - name: CLUSTER_NAME - value: cluster - - name: ES_JAVA_OPTS - value: -Xms512m -Xmx512m - - name: HTTP_ENABLE - value: 'false' - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NODE_DATA - value: 'true' - - name: NODE_INGEST - value: 'false' - - name: NODE_MASTER - value: 'false' - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NUMBER_OF_MASTERS - value: '1' - image: quay.io/pires/docker-elasticsearch-kubernetes:5.5.0 - imagePullPolicy: Always - name: data - ports: - - containerPort: 9300 - name: transport - protocol: TCP - securityContext: - capabilities: - add: - - IPC_LOCK - - SYS_RESOURCE - privileged: false - initContainers: - - command: - - sysctl - - -w - - vm.max_map_count=262144 - image: busybox - imagePullPolicy: IfNotPresent - name: sysctl - securityContext: - privileged: true diff --git a/examples/kubernetes/compiled/all-glob/manifests/es-discovery-svc.yml b/examples/kubernetes/compiled/all-glob/manifests/es-discovery-svc.yml deleted file mode 100644 index 8dc508360..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/es-discovery-svc.yml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - name: elasticsearch-discovery - name: elasticsearch-discovery - namespace: all-glob -spec: - ports: - - name: transport - port: 9300 - protocol: TCP - targetPort: transport - selector: - name: cluster-master - role: master - type: ClusterIP diff --git a/examples/kubernetes/compiled/all-glob/manifests/es-elasticsearch-svc.yml b/examples/kubernetes/compiled/all-glob/manifests/es-elasticsearch-svc.yml deleted file mode 100644 index b590f5bd5..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/es-elasticsearch-svc.yml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - name: elasticsearch - name: elasticsearch - namespace: all-glob -spec: - ports: - - name: client - port: 9200 - protocol: TCP - targetPort: client - - name: transport - port: 9300 - protocol: TCP - targetPort: transport - selector: - name: cluster-client - role: client - type: NodePort diff --git a/examples/kubernetes/compiled/all-glob/manifests/es-master.yml b/examples/kubernetes/compiled/all-glob/manifests/es-master.yml deleted file mode 100644 index 25aadc0d8..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/es-master.yml +++ /dev/null @@ -1,64 +0,0 @@ -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - labels: - name: cluster-master - role: master - name: cluster-master - namespace: all-glob -spec: - replicas: 1 - serviceName: cluster-master - template: - metadata: - labels: - name: cluster-master - role: master - spec: - containers: - - env: - - name: CLUSTER_NAME - value: cluster - - name: ES_JAVA_OPTS - value: -Xms512m -Xmx512m - - name: HTTP_ENABLE - value: 'false' - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NODE_DATA - value: 'false' - - name: NODE_INGEST - value: 'false' - - name: NODE_MASTER - value: 'true' - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NUMBER_OF_MASTERS - value: '1' - image: quay.io/pires/docker-elasticsearch-kubernetes:5.5.0 - imagePullPolicy: Always - name: master - ports: - - containerPort: 9300 - name: transport - protocol: TCP - securityContext: - capabilities: - add: - - IPC_LOCK - - SYS_RESOURCE - privileged: false - initContainers: - - command: - - sysctl - - -w - - vm.max_map_count=262144 - image: busybox - imagePullPolicy: IfNotPresent - name: sysctl - securityContext: - privileged: true diff --git a/examples/kubernetes/compiled/all-glob/manifests/mysql_app.yml b/examples/kubernetes/compiled/all-glob/manifests/mysql_app.yml deleted file mode 100644 index 9cebcf8e7..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/mysql_app.yml +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - annotations: {} - labels: - name: glob_instance - name: glob_instance - namespace: all-glob -spec: - replicas: 1 - serviceName: glob_instance - template: - metadata: - annotations: {} - labels: - name: glob_instance - spec: - containers: - - args: [] - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - key: MYSQL_ROOT_PASSWORD - name: glob_instance - image: mysql:latest - imagePullPolicy: Always - name: mysql - ports: - - containerPort: 3306 - name: mysql - volumeMounts: [] - imagePullSecrets: [] - initContainers: [] - volumes: [] - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - annotations: - volume.beta.kubernetes.io/storage-class: standard - labels: - name: data - name: data - namespace: all-glob - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10G ---- -apiVersion: v1 -data: - MYSQL_ROOT_PASSWORD: ?{base64:targets/all-glob/mysql/password:3192c15c} - MYSQL_ROOT_PASSWORD_SHA256: ?{base64:targets/all-glob/mysql/password_sha256:a18bc263} -kind: Secret -metadata: - annotations: {} - labels: - name: glob_instance - name: glob_instance - namespace: all-glob -type: Opaque ---- -apiVersion: v1 -kind: Service -metadata: - labels: - name: glob_instance - name: glob_instance - namespace: all-glob -spec: - clusterIP: None - ports: - - name: mysql - port: 3306 - targetPort: mysql - selector: - name: glob_instance - type: ClusterIP diff --git a/examples/kubernetes/compiled/all-glob/manifests/mysql_secret.yml b/examples/kubernetes/compiled/all-glob/manifests/mysql_secret.yml deleted file mode 100644 index 614bc0b30..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/mysql_secret.yml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -data: - MYSQL_ROOT_PASSWORD: ?{base64:targets/all-glob/mysql/password:3192c15c} - MYSQL_ROOT_PASSWORD_SHA256: ?{base64:targets/all-glob/mysql/password_sha256:a18bc263} -kind: Secret -metadata: - annotations: {} - labels: - name: glob_instance - name: glob_instance - namespace: all-glob -type: Opaque diff --git a/examples/kubernetes/compiled/all-glob/manifests/mysql_secret_subvar.yml b/examples/kubernetes/compiled/all-glob/manifests/mysql_secret_subvar.yml deleted file mode 100644 index c4e26e498..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/mysql_secret_subvar.yml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -data: - MYSQL_ROOT_PASSWORD: ?{base64:targets/all-glob/mysql/subvars@var1.password:fa652988} - MYSQL_ROOT_PASSWORD_SHA256: ?{base64:targets/all-glob/mysql/subvars@var2.password_sha256:fa652988} -kind: Secret -metadata: - annotations: {} - labels: - name: glob_instance - name: glob_instance - namespace: all-glob -type: Opaque diff --git a/examples/kubernetes/compiled/all-glob/manifests/mysql_service_jsonnet.yml b/examples/kubernetes/compiled/all-glob/manifests/mysql_service_jsonnet.yml deleted file mode 100644 index 8f98d841f..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/mysql_service_jsonnet.yml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - annotations: {} - labels: - name: glob_instance-jsonnet - name: glob_instance-jsonnet - namespace: all-glob -spec: - clusterIP: None - loadBalancerSourceRanges: [] - ports: - - name: mysql - port: 3306 - targetPort: mysql - selector: - name: glob_instance - type: ClusterIP diff --git a/examples/kubernetes/compiled/all-glob/manifests/mysql_service_simple.yml b/examples/kubernetes/compiled/all-glob/manifests/mysql_service_simple.yml deleted file mode 100644 index 4ef48d27a..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/mysql_service_simple.yml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - name: glob_instance - name: glob_instance - namespace: all-glob -spec: - clusterIP: None - ports: - - name: mysql - port: 3306 - targetPort: mysql - selector: - name: glob_instance - type: ClusterIP diff --git a/examples/kubernetes/compiled/all-glob/manifests/mysql_statefulset.yml b/examples/kubernetes/compiled/all-glob/manifests/mysql_statefulset.yml deleted file mode 100644 index 12a3755a3..000000000 --- a/examples/kubernetes/compiled/all-glob/manifests/mysql_statefulset.yml +++ /dev/null @@ -1,51 +0,0 @@ -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - annotations: {} - labels: - name: glob_instance - name: glob_instance - namespace: all-glob -spec: - replicas: 1 - serviceName: glob_instance - template: - metadata: - annotations: {} - labels: - name: glob_instance - spec: - containers: - - args: [] - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - key: MYSQL_ROOT_PASSWORD - name: glob_instance - image: mysql:latest - imagePullPolicy: Always - name: mysql - ports: - - containerPort: 3306 - name: mysql - volumeMounts: [] - imagePullSecrets: [] - initContainers: [] - volumes: [] - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - annotations: - volume.beta.kubernetes.io/storage-class: standard - labels: - name: data - name: data - namespace: all-glob - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10G diff --git a/examples/kubernetes/compiled/all-glob/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/all-glob/pre-deploy/00_namespace.yml deleted file mode 100644 index 5431e92ed..000000000 --- a/examples/kubernetes/compiled/all-glob/pre-deploy/00_namespace.yml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: {} - labels: - name: all-glob - name: all-glob - namespace: all-glob -spec: {} diff --git a/examples/kubernetes/compiled/all-glob/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/all-glob/pre-deploy/10_serviceaccount.yml deleted file mode 100644 index 89d533a7e..000000000 --- a/examples/kubernetes/compiled/all-glob/pre-deploy/10_serviceaccount.yml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: {} - labels: - name: default - name: default - namespace: all-glob diff --git a/examples/kubernetes/compiled/busybox/copy/copy_target b/examples/kubernetes/compiled/busybox/copy/copy_target deleted file mode 100644 index 9301ae519..000000000 --- a/examples/kubernetes/compiled/busybox/copy/copy_target +++ /dev/null @@ -1 +0,0 @@ -for_testing \ No newline at end of file diff --git a/examples/kubernetes/compiled/busybox/copy/pod.yml b/examples/kubernetes/compiled/busybox/copy/pod.yml deleted file mode 100644 index 73007db14..000000000 --- a/examples/kubernetes/compiled/busybox/copy/pod.yml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: busybox - namespace: default -spec: - containers: - - image: busybox - command: - - sleep - - "3600" - imagePullPolicy: IfNotPresent - name: busybox - restartPolicy: Always diff --git a/examples/kubernetes/compiled/busybox/copy_target b/examples/kubernetes/compiled/busybox/copy_target deleted file mode 100644 index 9301ae519..000000000 --- a/examples/kubernetes/compiled/busybox/copy_target +++ /dev/null @@ -1 +0,0 @@ -for_testing \ No newline at end of file diff --git a/examples/kubernetes/compiled/busybox/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/busybox/pre-deploy/00_namespace.yml deleted file mode 100644 index 9ffa3d5f0..000000000 --- a/examples/kubernetes/compiled/busybox/pre-deploy/00_namespace.yml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: {} - labels: - name: busybox - name: busybox - namespace: busybox -spec: {} diff --git a/examples/kubernetes/compiled/busybox/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/busybox/pre-deploy/10_serviceaccount.yml deleted file mode 100644 index 4f9f2537b..000000000 --- a/examples/kubernetes/compiled/busybox/pre-deploy/10_serviceaccount.yml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: {} - labels: - name: default - name: default - namespace: busybox diff --git a/examples/kubernetes/compiled/jsonnet-env/jsonnet-env/env.yml b/examples/kubernetes/compiled/jsonnet-env/jsonnet-env/env.yml deleted file mode 100644 index 9c1a58a61..000000000 --- a/examples/kubernetes/compiled/jsonnet-env/jsonnet-env/env.yml +++ /dev/null @@ -1,44 +0,0 @@ -applications: - - a - - b - - c -classes: - - common - - jsonnet-env -exports: {} -parameters: - _reclass_: - environment: base - name: - full: jsonnet-env - parts: - - jsonnet-env - path: jsonnet-env - short: jsonnet-env - a: aaaaa - b: bbbbb - c: ccccc - kapitan: - compile: - - input_params: {} - input_paths: - - components/jsonnet-env/env.jsonnet - input_type: jsonnet - output_path: jsonnet-env - output_type: yml - secrets: - awskms: - key: alias/nameOfKey - gkms: - key: projects//locations//keyRings//cryptoKeys/ - gpg: - recipients: - - fingerprint: D9234C61F58BEB3ED8552A57E28DC07A3CBFAE7C - name: example@kapitan.dev - target_full_path: jsonnet-env - vars: - managed_by: kapitan - namespace: jsonnet-env - target: jsonnet-env - namespace: jsonnet-env - target_name: jsonnet-env diff --git a/examples/kubernetes/compiled/labels/labels/service.yml b/examples/kubernetes/compiled/labels/labels/service.yml deleted file mode 100644 index 758c8df30..000000000 --- a/examples/kubernetes/compiled/labels/labels/service.yml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: db - namespace: labels - labels: - app.kubernetes.io/name: db - app.kubernetes.io/version: 11.0 - app.kubernetes.io/managed-by: kapitan -spec: - ports: - - port: 5432 - targetPort: 5432 - name: postgres \ No newline at end of file diff --git a/examples/kubernetes/compiled/labels/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/labels/pre-deploy/00_namespace.yml deleted file mode 100644 index 429e13cbf..000000000 --- a/examples/kubernetes/compiled/labels/pre-deploy/00_namespace.yml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: {} - labels: - name: labels - name: labels - namespace: labels -spec: {} diff --git a/examples/kubernetes/compiled/labels/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/labels/pre-deploy/10_serviceaccount.yml deleted file mode 100644 index e10fc75ac..000000000 --- a/examples/kubernetes/compiled/labels/pre-deploy/10_serviceaccount.yml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: {} - labels: - name: default - name: default - namespace: labels diff --git a/examples/kubernetes/compiled/minikube-es/README.md b/examples/kubernetes/compiled/minikube-es/README.md deleted file mode 100644 index f74aa827c..000000000 --- a/examples/kubernetes/compiled/minikube-es/README.md +++ /dev/null @@ -1,64 +0,0 @@ -# Elasticsearch Minikube - -This is a specific version of Elasticsearch to run on a minikube instalation. - -## Prerequisites - -Elasticsearch is a resource hungry application, for this setup we require -that minikube is running with the above options: - -``` -$ minikube start --insecure-registry https://quay.io --memory=4096 --cpus=2 -``` - -_If_ you have created the minikube VM previously, you will most likely need to -delete the vm and recreate it with more memory/cpu. (i.e. -`$ minikube delete`) - -## Setting up - -Assuming you're already running Minikube, setup for this target: - -``` -$ scripts/setup.sh -``` - -This will create a context in your minikube cluster called minikube-es. - - -Apply the compiled manifests: - -``` -$ scripts/kubectl.sh apply -f manifests/ -``` - -If the commands above did not error, you should be good to go. - -Let's confirm everything is up: - -``` -$ scripts/kubectl.sh get pods -w -``` - -## Connecting to Elasticsearch - -List the elasticsearch service endpoints running in the cluster: - -``` -$ minikube service -n minikube-es elasticsearch --url -``` - -and curl the health endpoint, i.e.: - -``` -$ curl http://192.168.99.100:32130/_cluster/health?pretty -``` - - -## Deleting Elasticsearch - -Deleting is easy (warning, this will remove _everything_): - -``` -$ scripts/kubectl.sh delete -f manifests/ -``` \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/copy/copy_target b/examples/kubernetes/compiled/minikube-es/copy/copy_target deleted file mode 100644 index 9301ae519..000000000 --- a/examples/kubernetes/compiled/minikube-es/copy/copy_target +++ /dev/null @@ -1 +0,0 @@ -for_testing \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/copy/pod.yml b/examples/kubernetes/compiled/minikube-es/copy/pod.yml deleted file mode 100644 index 73007db14..000000000 --- a/examples/kubernetes/compiled/minikube-es/copy/pod.yml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: busybox - namespace: default -spec: - containers: - - image: busybox - command: - - sleep - - "3600" - imagePullPolicy: IfNotPresent - name: busybox - restartPolicy: Always diff --git a/examples/kubernetes/compiled/minikube-es/copy_target b/examples/kubernetes/compiled/minikube-es/copy_target deleted file mode 100644 index 9301ae519..000000000 --- a/examples/kubernetes/compiled/minikube-es/copy_target +++ /dev/null @@ -1 +0,0 @@ -for_testing \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/manifests/es-client.yml b/examples/kubernetes/compiled/minikube-es/manifests/es-client.yml deleted file mode 100644 index 1e9562872..000000000 --- a/examples/kubernetes/compiled/minikube-es/manifests/es-client.yml +++ /dev/null @@ -1,67 +0,0 @@ -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - labels: - name: cluster-client - role: client - name: cluster-client - namespace: minikube-es -spec: - replicas: 2 - serviceName: cluster-client - template: - metadata: - labels: - name: cluster-client - role: client - spec: - containers: - - env: - - name: CLUSTER_NAME - value: cluster - - name: ES_JAVA_OPTS - value: -Xms512m -Xmx512m - - name: HTTP_ENABLE - value: 'true' - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NODE_DATA - value: 'false' - - name: NODE_INGEST - value: 'false' - - name: NODE_MASTER - value: 'false' - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NUMBER_OF_MASTERS - value: '1' - image: quay.io/pires/docker-elasticsearch-kubernetes:5.5.0 - imagePullPolicy: Always - name: client - ports: - - containerPort: 9200 - name: client - protocol: TCP - - containerPort: 9300 - name: transport - protocol: TCP - securityContext: - capabilities: - add: - - IPC_LOCK - - SYS_RESOURCE - privileged: false - initContainers: - - command: - - sysctl - - -w - - vm.max_map_count=262144 - image: busybox - imagePullPolicy: IfNotPresent - name: sysctl - securityContext: - privileged: true diff --git a/examples/kubernetes/compiled/minikube-es/manifests/es-data.yml b/examples/kubernetes/compiled/minikube-es/manifests/es-data.yml deleted file mode 100644 index 4d973b756..000000000 --- a/examples/kubernetes/compiled/minikube-es/manifests/es-data.yml +++ /dev/null @@ -1,64 +0,0 @@ -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - labels: - name: cluster-data - role: data - name: cluster-data - namespace: minikube-es -spec: - replicas: 2 - serviceName: cluster-data - template: - metadata: - labels: - name: cluster-data - role: data - spec: - containers: - - env: - - name: CLUSTER_NAME - value: cluster - - name: ES_JAVA_OPTS - value: -Xms512m -Xmx512m - - name: HTTP_ENABLE - value: 'false' - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NODE_DATA - value: 'true' - - name: NODE_INGEST - value: 'false' - - name: NODE_MASTER - value: 'false' - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NUMBER_OF_MASTERS - value: '1' - image: quay.io/pires/docker-elasticsearch-kubernetes:5.5.0 - imagePullPolicy: Always - name: data - ports: - - containerPort: 9300 - name: transport - protocol: TCP - securityContext: - capabilities: - add: - - IPC_LOCK - - SYS_RESOURCE - privileged: false - initContainers: - - command: - - sysctl - - -w - - vm.max_map_count=262144 - image: busybox - imagePullPolicy: IfNotPresent - name: sysctl - securityContext: - privileged: true diff --git a/examples/kubernetes/compiled/minikube-es/manifests/es-discovery-svc.yml b/examples/kubernetes/compiled/minikube-es/manifests/es-discovery-svc.yml deleted file mode 100644 index aa542b56e..000000000 --- a/examples/kubernetes/compiled/minikube-es/manifests/es-discovery-svc.yml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - name: elasticsearch-discovery - name: elasticsearch-discovery - namespace: minikube-es -spec: - ports: - - name: transport - port: 9300 - protocol: TCP - targetPort: transport - selector: - name: cluster-master - role: master - type: ClusterIP diff --git a/examples/kubernetes/compiled/minikube-es/manifests/es-elasticsearch-svc.yml b/examples/kubernetes/compiled/minikube-es/manifests/es-elasticsearch-svc.yml deleted file mode 100644 index 9b0b0b8c8..000000000 --- a/examples/kubernetes/compiled/minikube-es/manifests/es-elasticsearch-svc.yml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - name: elasticsearch - name: elasticsearch - namespace: minikube-es -spec: - ports: - - name: client - port: 9200 - protocol: TCP - targetPort: client - - name: transport - port: 9300 - protocol: TCP - targetPort: transport - selector: - name: cluster-client - role: client - type: NodePort diff --git a/examples/kubernetes/compiled/minikube-es/manifests/es-master.yml b/examples/kubernetes/compiled/minikube-es/manifests/es-master.yml deleted file mode 100644 index 98dab044e..000000000 --- a/examples/kubernetes/compiled/minikube-es/manifests/es-master.yml +++ /dev/null @@ -1,64 +0,0 @@ -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - labels: - name: cluster-master - role: master - name: cluster-master - namespace: minikube-es -spec: - replicas: 2 - serviceName: cluster-master - template: - metadata: - labels: - name: cluster-master - role: master - spec: - containers: - - env: - - name: CLUSTER_NAME - value: cluster - - name: ES_JAVA_OPTS - value: -Xms512m -Xmx512m - - name: HTTP_ENABLE - value: 'false' - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NODE_DATA - value: 'false' - - name: NODE_INGEST - value: 'false' - - name: NODE_MASTER - value: 'true' - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NUMBER_OF_MASTERS - value: '1' - image: quay.io/pires/docker-elasticsearch-kubernetes:5.5.0 - imagePullPolicy: Always - name: master - ports: - - containerPort: 9300 - name: transport - protocol: TCP - securityContext: - capabilities: - add: - - IPC_LOCK - - SYS_RESOURCE - privileged: false - initContainers: - - command: - - sysctl - - -w - - vm.max_map_count=262144 - image: busybox - imagePullPolicy: IfNotPresent - name: sysctl - securityContext: - privileged: true diff --git a/examples/kubernetes/compiled/minikube-es/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/minikube-es/pre-deploy/00_namespace.yml deleted file mode 100644 index 9f5ae3b9b..000000000 --- a/examples/kubernetes/compiled/minikube-es/pre-deploy/00_namespace.yml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: {} - labels: - name: minikube-es - name: minikube-es - namespace: minikube-es -spec: {} diff --git a/examples/kubernetes/compiled/minikube-es/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/minikube-es/pre-deploy/10_serviceaccount.yml deleted file mode 100644 index a67815fdb..000000000 --- a/examples/kubernetes/compiled/minikube-es/pre-deploy/10_serviceaccount.yml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: {} - labels: - name: default - name: default - namespace: minikube-es diff --git a/examples/kubernetes/compiled/minikube-es/scripts/apply.sh b/examples/kubernetes/compiled/minikube-es/scripts/apply.sh deleted file mode 100755 index 3cf5eedc4..000000000 --- a/examples/kubernetes/compiled/minikube-es/scripts/apply.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - -DIR=$(dirname ${BASH_SOURCE[0]}) - -for SECTION in pre-deploy manifests -do - echo "## run kubectl apply for ${SECTION}" - kapitan refs --reveal -f ${DIR}/../${SECTION}/ | ${DIR}/kubectl.sh apply -f - | column -t -done \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/scripts/delete.sh b/examples/kubernetes/compiled/minikube-es/scripts/delete.sh deleted file mode 100755 index b6e7e808d..000000000 --- a/examples/kubernetes/compiled/minikube-es/scripts/delete.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - -DIR=$(dirname ${BASH_SOURCE[0]}) - -${DIR}/kubectl.sh delete -f ${DIR}/../manifests \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/scripts/kubectl.sh b/examples/kubernetes/compiled/minikube-es/scripts/kubectl.sh deleted file mode 100755 index 26acd1c4e..000000000 --- a/examples/kubernetes/compiled/minikube-es/scripts/kubectl.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - -KUBECTL="kubectl --context minikube-es --insecure-skip-tls-verify=False " - -${KUBECTL} $@ \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/scripts/minikube/install_minikube.sh b/examples/kubernetes/compiled/minikube-es/scripts/minikube/install_minikube.sh deleted file mode 100755 index dcf035f3b..000000000 --- a/examples/kubernetes/compiled/minikube-es/scripts/minikube/install_minikube.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - -case "$(uname -s)" in - Linux*) MINIKUBE_BINARY=minikube-linux-amd64;; - Darwin*) MINIKUBE_BINARY=minikube-darwin-amd64;; - *) exit 1 -esac - -MINIKUBE_VERSION=${MINIKUBE_VERSION:-v0.31.0} -URL=https://storage.googleapis.com/minikube/releases/${MINIKUBE_VERSION}/${MINIKUBE_BINARY} - - -echo Downloading minikube release ${MINIKUBE_VERSION} to /usr/local/bin/minikube -pause -sudo curl --progress-bar -o /usr/local/bin/minikube ${URL} -sudo chmod +x /usr/local/bin/minikube \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/scripts/minikube/start_minikube.sh b/examples/kubernetes/compiled/minikube-es/scripts/minikube/start_minikube.sh deleted file mode 100755 index 1ed875d6c..000000000 --- a/examples/kubernetes/compiled/minikube-es/scripts/minikube/start_minikube.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - -eval $(minikube docker-env) -minikube start --insecure-registry https://quay.io --memory=4096 --cpus=4 -minikube ssh "sudo ip link set docker0 promisc on" \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/scripts/setup_cluster.sh b/examples/kubernetes/compiled/minikube-es/scripts/setup_cluster.sh deleted file mode 100755 index 7c7a34d55..000000000 --- a/examples/kubernetes/compiled/minikube-es/scripts/setup_cluster.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - - - diff --git a/examples/kubernetes/compiled/minikube-es/scripts/setup_context.sh b/examples/kubernetes/compiled/minikube-es/scripts/setup_context.sh deleted file mode 100755 index 19307a214..000000000 --- a/examples/kubernetes/compiled/minikube-es/scripts/setup_context.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - -kubectl config set-context minikube-es --cluster minikube --user minikube --namespace minikube-es -kubectl config use-context minikube-es \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/README.md b/examples/kubernetes/compiled/minikube-mysql/README.md deleted file mode 100644 index 18212b6b3..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/README.md +++ /dev/null @@ -1,64 +0,0 @@ -# Elasticsearch Minikube - -This is a specific version of Elasticsearch to run on a minikube instalation. - -## Prerequisites - -Elasticsearch is a resource hungry application, for this setup we require -that minikube is running with the above options: - -``` -$ minikube start --insecure-registry https://quay.io --memory=4096 --cpus=2 -``` - -_If_ you have created the minikube VM previously, you will most likely need to -delete the vm and recreate it with more memory/cpu. (i.e. -`$ minikube delete`) - -## Setting up - -Assuming you're already running Minikube, setup for this target: - -``` -$ scripts/setup.sh -``` - -This will create a context in your minikube cluster called minikube-mysql. - - -Apply the compiled manifests: - -``` -$ scripts/kubectl.sh apply -f manifests/ -``` - -If the commands above did not error, you should be good to go. - -Let's confirm everything is up: - -``` -$ scripts/kubectl.sh get pods -w -``` - -## Connecting to Elasticsearch - -List the elasticsearch service endpoints running in the cluster: - -``` -$ minikube service -n minikube-mysql elasticsearch --url -``` - -and curl the health endpoint, i.e.: - -``` -$ curl http://192.168.99.100:32130/_cluster/health?pretty -``` - - -## Deleting Elasticsearch - -Deleting is easy (warning, this will remove _everything_): - -``` -$ scripts/kubectl.sh delete -f manifests/ -``` \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_app.yml b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_app.yml deleted file mode 100644 index cebe146d0..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_app.yml +++ /dev/null @@ -1,73 +0,0 @@ -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - labels: - name: example-mysql - name: example-mysql - namespace: minikube-mysql -spec: - replicas: 1 - serviceName: example-mysql - template: - metadata: - labels: - name: example-mysql - spec: - containers: - - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - key: MYSQL_ROOT_PASSWORD - name: example-mysql - image: mysql:latest - imagePullPolicy: Always - name: mysql - ports: - - containerPort: 3306 - name: mysql - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - annotations: - volume.beta.kubernetes.io/storage-class: standard - labels: - name: data - name: data - namespace: minikube-mysql - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10G ---- -apiVersion: v1 -data: - MYSQL_ROOT_PASSWORD: ?{gpg:targets/minikube-mysql/mysql/password:ec3d54de} - MYSQL_ROOT_PASSWORD_SHA256: ?{gpg:targets/minikube-mysql/mysql/password_sha256:122d2732} -kind: Secret -metadata: - labels: - name: example-mysql - name: example-mysql - namespace: minikube-mysql -type: Opaque ---- -apiVersion: v1 -kind: Service -metadata: - labels: - name: example-mysql - name: example-mysql - namespace: minikube-mysql -spec: - clusterIP: None - ports: - - name: mysql - port: 3306 - targetPort: mysql - selector: - name: example-mysql - type: ClusterIP diff --git a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret.yml b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret.yml deleted file mode 100644 index 0c842a325..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret.yml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -data: - MYSQL_ROOT_PASSWORD: ?{gpg:targets/minikube-mysql/mysql/password:ec3d54de} - MYSQL_ROOT_PASSWORD_SHA256: ?{gpg:targets/minikube-mysql/mysql/password_sha256:122d2732} -kind: Secret -metadata: - labels: - name: example-mysql - name: example-mysql - namespace: minikube-mysql -type: Opaque diff --git a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret_subvar.yml b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret_subvar.yml deleted file mode 100644 index 2b061a004..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret_subvar.yml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -data: - MYSQL_ROOT_PASSWORD: ?{gpg:targets/minikube-mysql/mysql/subvars@var1.password:52dd139b} - MYSQL_ROOT_PASSWORD_SHA256: ?{gpg:targets/minikube-mysql/mysql/subvars@var2.password_sha256:52dd139b} -kind: Secret -metadata: - labels: - name: example-mysql - name: example-mysql - namespace: minikube-mysql -type: Opaque diff --git a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_jsonnet.yml b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_jsonnet.yml deleted file mode 100644 index f6ab65e52..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_jsonnet.yml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - name: example-mysql-jsonnet - name: example-mysql-jsonnet - namespace: minikube-mysql -spec: - clusterIP: None - ports: - - name: mysql - port: 3306 - targetPort: mysql - selector: - name: example-mysql - type: ClusterIP diff --git a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_simple.yml b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_simple.yml deleted file mode 100644 index eb6bc2e53..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_simple.yml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - name: example-mysql - name: example-mysql - namespace: minikube-mysql -spec: - clusterIP: None - ports: - - name: mysql - port: 3306 - targetPort: mysql - selector: - name: example-mysql - type: ClusterIP diff --git a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_statefulset.yml b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_statefulset.yml deleted file mode 100644 index 839a4a3b9..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_statefulset.yml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: apps/v1beta1 -kind: StatefulSet -metadata: - labels: - name: example-mysql - name: example-mysql - namespace: minikube-mysql -spec: - replicas: 1 - serviceName: example-mysql - template: - metadata: - labels: - name: example-mysql - spec: - containers: - - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - key: MYSQL_ROOT_PASSWORD - name: example-mysql - image: mysql:latest - imagePullPolicy: Always - name: mysql - ports: - - containerPort: 3306 - name: mysql - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - annotations: - volume.beta.kubernetes.io/storage-class: standard - labels: - name: data - name: data - namespace: minikube-mysql - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10G diff --git a/examples/kubernetes/compiled/minikube-mysql/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/minikube-mysql/pre-deploy/00_namespace.yml deleted file mode 100644 index 7a7661686..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/pre-deploy/00_namespace.yml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: {} - labels: - name: minikube-mysql - name: minikube-mysql - namespace: minikube-mysql -spec: {} diff --git a/examples/kubernetes/compiled/minikube-mysql/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/minikube-mysql/pre-deploy/10_serviceaccount.yml deleted file mode 100644 index 46e7bb49b..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/pre-deploy/10_serviceaccount.yml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: {} - labels: - name: default - name: default - namespace: minikube-mysql diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/apply.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/apply.sh deleted file mode 100755 index 3cf5eedc4..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/scripts/apply.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - -DIR=$(dirname ${BASH_SOURCE[0]}) - -for SECTION in pre-deploy manifests -do - echo "## run kubectl apply for ${SECTION}" - kapitan refs --reveal -f ${DIR}/../${SECTION}/ | ${DIR}/kubectl.sh apply -f - | column -t -done \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/delete.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/delete.sh deleted file mode 100755 index b6e7e808d..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/scripts/delete.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - -DIR=$(dirname ${BASH_SOURCE[0]}) - -${DIR}/kubectl.sh delete -f ${DIR}/../manifests \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/kubectl.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/kubectl.sh deleted file mode 100755 index 04d2b6db6..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/scripts/kubectl.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - -KUBECTL="kubectl --context minikube-mysql --insecure-skip-tls-verify=False " - -${KUBECTL} $@ \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/install_minikube.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/install_minikube.sh deleted file mode 100755 index dcf035f3b..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/install_minikube.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - -case "$(uname -s)" in - Linux*) MINIKUBE_BINARY=minikube-linux-amd64;; - Darwin*) MINIKUBE_BINARY=minikube-darwin-amd64;; - *) exit 1 -esac - -MINIKUBE_VERSION=${MINIKUBE_VERSION:-v0.31.0} -URL=https://storage.googleapis.com/minikube/releases/${MINIKUBE_VERSION}/${MINIKUBE_BINARY} - - -echo Downloading minikube release ${MINIKUBE_VERSION} to /usr/local/bin/minikube -pause -sudo curl --progress-bar -o /usr/local/bin/minikube ${URL} -sudo chmod +x /usr/local/bin/minikube \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/start_minikube.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/start_minikube.sh deleted file mode 100755 index 1ed875d6c..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/start_minikube.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - -eval $(minikube docker-env) -minikube start --insecure-registry https://quay.io --memory=4096 --cpus=4 -minikube ssh "sudo ip link set docker0 promisc on" \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/setup_cluster.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/setup_cluster.sh deleted file mode 100755 index 7c7a34d55..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/scripts/setup_cluster.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - - - diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/setup_context.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/setup_context.sh deleted file mode 100755 index ed53eadd7..000000000 --- a/examples/kubernetes/compiled/minikube-mysql/scripts/setup_context.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -eu - -# Copyright 2019 The Kapitan Authors -# SPDX-FileCopyrightText: 2020 The Kapitan Authors -# -# SPDX-License-Identifier: Apache-2.0 - -kubectl config set-context minikube-mysql --cluster minikube --user minikube --namespace minikube-mysql -kubectl config use-context minikube-mysql \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/README.md b/examples/kubernetes/compiled/minikube-nginx-helm/README.md deleted file mode 100644 index 8eae91228..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/README.md +++ /dev/null @@ -1,7 +0,0 @@ - -# Welcome to the README! - -Target *minikube-nginx-helm* is running: - -* 2 replicas of *nginx* running nginx image nginx:1:15.8 -* on cluster minikube \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml deleted file mode 100644 index cbb957f25..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: - helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade - helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-admission -rules: - - apiGroups: - - admissionregistration.k8s.io - resources: - - validatingwebhookconfigurations - verbs: - - get - - update diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml deleted file mode 100644 index 5c3bbba61..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - annotations: - helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade - helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-admission -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: minikube-nginx-helm-ingress-nginx-admission -subjects: - - kind: ServiceAccount - name: minikube-nginx-helm-ingress-nginx-admission - namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml deleted file mode 100644 index 28173c2ac..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml +++ /dev/null @@ -1,53 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - annotations: - helm.sh/hook: pre-install,pre-upgrade - helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-admission-create - namespace: minikube-nginx-helm -spec: - template: - metadata: - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-admission-create - spec: - containers: - - args: - - create - - --host=minikube-nginx-helm-ingress-nginx-minikube-nginx-helm-admission,minikube-nginx-helm-ingress-nginx-minikube-nginx-helm-admission.$(POD_NAMESPACE).svc - - --namespace=$(POD_NAMESPACE) - - --secret-name=minikube-nginx-helm-ingress-nginx-admission - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20220916-gd32f8c343@sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f - imagePullPolicy: IfNotPresent - name: create - securityContext: - allowPrivilegeEscalation: false - nodeSelector: - kubernetes.io/os: linux - restartPolicy: OnFailure - securityContext: - fsGroup: 2000 - runAsNonRoot: true - runAsUser: 2000 - serviceAccountName: minikube-nginx-helm-ingress-nginx-admission diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml deleted file mode 100644 index 343e596af..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - annotations: - helm.sh/hook: post-install,post-upgrade - helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-admission-patch - namespace: minikube-nginx-helm -spec: - template: - metadata: - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-admission-patch - spec: - containers: - - args: - - patch - - --webhook-name=minikube-nginx-helm-ingress-nginx-admission - - --namespace=$(POD_NAMESPACE) - - --patch-mutating=false - - --secret-name=minikube-nginx-helm-ingress-nginx-admission - - --patch-failure-policy=Fail - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20220916-gd32f8c343@sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f - imagePullPolicy: IfNotPresent - name: patch - securityContext: - allowPrivilegeEscalation: false - nodeSelector: - kubernetes.io/os: linux - restartPolicy: OnFailure - securityContext: - fsGroup: 2000 - runAsNonRoot: true - runAsUser: 2000 - serviceAccountName: minikube-nginx-helm-ingress-nginx-admission diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml deleted file mode 100644 index 5ca3c9a2d..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - annotations: - helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade - helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-admission - namespace: minikube-nginx-helm -rules: - - apiGroups: - - '' - resources: - - secrets - verbs: - - get - - create diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml deleted file mode 100644 index f94f31629..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - annotations: - helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade - helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-admission - namespace: minikube-nginx-helm -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: minikube-nginx-helm-ingress-nginx-admission -subjects: - - kind: ServiceAccount - name: minikube-nginx-helm-ingress-nginx-admission - namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml deleted file mode 100644 index a22c16b53..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: - helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade - helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-admission - namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml deleted file mode 100644 index 427e2c741..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - labels: - app.kubernetes.io/component: admission-webhook - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-admission -webhooks: - - admissionReviewVersions: - - v1 - clientConfig: - service: - name: minikube-nginx-helm-ingress-nginx-minikube-nginx-helm-admission - namespace: minikube-nginx-helm - path: /networking/v1/ingresses - failurePolicy: Fail - matchPolicy: Equivalent - name: validate.nginx.ingress.kubernetes.io - rules: - - apiGroups: - - networking.k8s.io - apiVersions: - - v1 - operations: - - CREATE - - UPDATE - resources: - - ingresses - sideEffects: None diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrole.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrole.yaml deleted file mode 100644 index fb806855c..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrole.yaml +++ /dev/null @@ -1,82 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx -rules: - - apiGroups: - - '' - resources: - - configmaps - - endpoints - - nodes - - pods - - secrets - - namespaces - verbs: - - list - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - list - - watch - - apiGroups: - - '' - resources: - - nodes - verbs: - - get - - apiGroups: - - '' - resources: - - services - verbs: - - get - - list - - watch - - apiGroups: - - networking.k8s.io - resources: - - ingresses - verbs: - - get - - list - - watch - - apiGroups: - - '' - resources: - - events - verbs: - - create - - patch - - apiGroups: - - networking.k8s.io - resources: - - ingresses/status - verbs: - - update - - apiGroups: - - networking.k8s.io - resources: - - ingressclasses - verbs: - - get - - list - - watch - - apiGroups: - - discovery.k8s.io - resources: - - endpointslices - verbs: - - list - - watch - - get diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrolebinding.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrolebinding.yaml deleted file mode 100644 index c483d48d6..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: minikube-nginx-helm-ingress-nginx -subjects: - - kind: ServiceAccount - name: minikube-nginx-helm-ingress-nginx - namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-configmap.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-configmap.yaml deleted file mode 100644 index 64bdd3d5d..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-configmap.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -data: - allow-snippet-annotations: 'true' -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-minikube-nginx-helm - namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-deployment.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-deployment.yaml deleted file mode 100644 index 51fac0fbc..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-deployment.yaml +++ /dev/null @@ -1,114 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-minikube-nginx-helm - namespace: minikube-nginx-helm -spec: - minReadySeconds: 0 - replicas: 1 - revisionHistoryLimit: 10 - selector: - matchLabels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/name: ingress-nginx - template: - metadata: - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/name: ingress-nginx - spec: - containers: - - args: - - /nginx-ingress-controller - - --publish-service=$(POD_NAMESPACE)/minikube-nginx-helm-ingress-nginx-minikube-nginx-helm - - --election-id=minikube-nginx-helm-ingress-nginx-leader - - --controller-class=k8s.io/ingress-nginx - - --ingress-class=nginx - - --configmap=$(POD_NAMESPACE)/minikube-nginx-helm-ingress-nginx-minikube-nginx-helm - - --validating-webhook=:8443 - - --validating-webhook-certificate=/usr/local/certificates/cert - - --validating-webhook-key=/usr/local/certificates/key - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: LD_PRELOAD - value: /usr/local/lib/libmimalloc.so - image: registry.k8s.io/ingress-nginx/controller:v1.5.1@sha256:4ba73c697770664c1e00e9f968de14e08f606ff961c76e5d7033a4a9c593c629 - imagePullPolicy: IfNotPresent - lifecycle: - preStop: - exec: - command: - - /wait-shutdown - livenessProbe: - failureThreshold: 5 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: controller - ports: - - containerPort: 80 - name: http - protocol: TCP - - containerPort: 443 - name: https - protocol: TCP - - containerPort: 8443 - name: webhook - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: 100m - memory: 90Mi - securityContext: - allowPrivilegeEscalation: true - capabilities: - add: - - NET_BIND_SERVICE - drop: - - ALL - runAsUser: 101 - volumeMounts: - - mountPath: /usr/local/certificates/ - name: webhook-cert - readOnly: true - dnsPolicy: ClusterFirst - nodeSelector: - kubernetes.io/os: linux - serviceAccountName: minikube-nginx-helm-ingress-nginx - terminationGracePeriodSeconds: 300 - volumes: - - name: webhook-cert - secret: - secretName: minikube-nginx-helm-ingress-nginx-admission diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-ingressclass.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-ingressclass.yaml deleted file mode 100644 index 8593a4b0d..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-ingressclass.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: IngressClass -metadata: - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: nginx -spec: - controller: k8s.io/ingress-nginx diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-role.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-role.yaml deleted file mode 100644 index 2e2bed83c..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-role.yaml +++ /dev/null @@ -1,106 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx - namespace: minikube-nginx-helm -rules: - - apiGroups: - - '' - resources: - - namespaces - verbs: - - get - - apiGroups: - - '' - resources: - - configmaps - - pods - - secrets - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - '' - resources: - - services - verbs: - - get - - list - - watch - - apiGroups: - - networking.k8s.io - resources: - - ingresses - verbs: - - get - - list - - watch - - apiGroups: - - networking.k8s.io - resources: - - ingresses/status - verbs: - - update - - apiGroups: - - networking.k8s.io - resources: - - ingressclasses - verbs: - - get - - list - - watch - - apiGroups: - - '' - resourceNames: - - minikube-nginx-helm-ingress-nginx-leader - resources: - - configmaps - verbs: - - get - - update - - apiGroups: - - '' - resources: - - configmaps - verbs: - - create - - apiGroups: - - coordination.k8s.io - resourceNames: - - minikube-nginx-helm-ingress-nginx-leader - resources: - - leases - verbs: - - get - - update - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - apiGroups: - - '' - resources: - - events - verbs: - - create - - patch - - apiGroups: - - discovery.k8s.io - resources: - - endpointslices - verbs: - - list - - watch - - get diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-rolebinding.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-rolebinding.yaml deleted file mode 100644 index 2d7cdc5dd..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-rolebinding.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx - namespace: minikube-nginx-helm -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: minikube-nginx-helm-ingress-nginx -subjects: - - kind: ServiceAccount - name: minikube-nginx-helm-ingress-nginx - namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service-webhook.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service-webhook.yaml deleted file mode 100644 index c3eb0f5cd..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service-webhook.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-minikube-nginx-helm-admission - namespace: minikube-nginx-helm -spec: - ports: - - appProtocol: https - name: https-webhook - port: 443 - targetPort: webhook - selector: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/name: ingress-nginx - type: ClusterIP diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service.yaml deleted file mode 100644 index 1c440e447..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - annotations: null - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx-minikube-nginx-helm - namespace: minikube-nginx-helm -spec: - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack - ports: - - appProtocol: http - name: http - port: 80 - protocol: TCP - targetPort: http - - appProtocol: https - name: https - port: 443 - protocol: TCP - targetPort: https - selector: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/name: ingress-nginx - type: LoadBalancer diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-serviceaccount.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-serviceaccount.yaml deleted file mode 100644 index 7f9eee38a..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-serviceaccount.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -automountServiceAccountToken: true -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: controller - app.kubernetes.io/instance: minikube-nginx-helm - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx - app.kubernetes.io/version: 1.5.1 - helm.sh/chart: ingress-nginx-4.4.0 - name: minikube-nginx-helm-ingress-nginx - namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/nginx-deploy.sh b/examples/kubernetes/compiled/minikube-nginx-helm/nginx-deploy.sh deleted file mode 100644 index 4d2d8fa90..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-helm/nginx-deploy.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -e -DIR=$(dirname ${BASH_SOURCE[0]}) - #(1)! - -KUBECTL="kubectl -n None" #(2)! - -# Create namespace before anything else -${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml - -for SECTION in manifests -do - echo "## run kubectl apply for ${SECTION}" - ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t -done \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-jsonnet/README.md b/examples/kubernetes/compiled/minikube-nginx-jsonnet/README.md deleted file mode 100644 index 5e6afb2c3..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-jsonnet/README.md +++ /dev/null @@ -1,7 +0,0 @@ - -# Welcome to the README! - -Target *minikube-nginx-jsonnet* is running: - -* 1 replicas of *nginx* running nginx image nginx:1:15.8 -* on cluster minikube \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-deployment.yml b/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-deployment.yml deleted file mode 100644 index f0aa0a0a5..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-deployment.yml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - annotations: {} - labels: - name: nginx - name: nginx - namespace: minikube-nginx-jsonnet -spec: - minReadySeconds: 30 - replicas: 1 - revisionHistoryLimit: 10 - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate - template: - metadata: - annotations: {} - labels: - name: nginx - spec: - containers: - - args: [] - env: [] - image: nginx:1:15.8 - imagePullPolicy: Always - name: nginx - ports: - - containerPort: 80 - name: http - volumeMounts: [] - imagePullSecrets: [] - initContainers: [] - volumes: [] diff --git a/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-service.yml b/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-service.yml deleted file mode 100644 index 2a0f11cf4..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-service.yml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - annotations: {} - labels: - name: nginx - name: nginx - namespace: minikube-nginx-jsonnet -spec: - loadBalancerSourceRanges: [] - ports: - - name: http - port: 80 - targetPort: http - selector: - name: nginx - type: NodePort diff --git a/examples/kubernetes/compiled/minikube-nginx-jsonnet/nginx-deploy.sh b/examples/kubernetes/compiled/minikube-nginx-jsonnet/nginx-deploy.sh deleted file mode 100644 index 13ae55643..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-jsonnet/nginx-deploy.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -e -DIR=$(dirname ${BASH_SOURCE[0]}) - #(1)! - -KUBECTL="kubectl -n minikube-nginx-jsonnet" #(2)! - -# Create namespace before anything else -${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml - -for SECTION in manifests -do - echo "## run kubectl apply for ${SECTION}" - ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t -done \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/00_namespace.yml deleted file mode 100644 index 553f3f3bb..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/00_namespace.yml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: {} - labels: - name: minikube-nginx-jsonnet - name: minikube-nginx-jsonnet - namespace: minikube-nginx-jsonnet -spec: {} diff --git a/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/10_serviceaccount.yml deleted file mode 100644 index 63c4fae7f..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/10_serviceaccount.yml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: {} - labels: - name: default - name: default - namespace: minikube-nginx-jsonnet diff --git a/examples/kubernetes/compiled/minikube-nginx-kadet/README.md b/examples/kubernetes/compiled/minikube-nginx-kadet/README.md deleted file mode 100644 index 6dcd055e7..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-kadet/README.md +++ /dev/null @@ -1,7 +0,0 @@ - -# Welcome to the README! - -Target *minikube-nginx-kadet* is running: - -* 2 replicas of *nginx* running nginx image nginx:1:15.8 -* on cluster minikube \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_deployment.yml b/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_deployment.yml deleted file mode 100644 index 3a34e0ad2..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_deployment.yml +++ /dev/null @@ -1,17 +0,0 @@ -kind: Deployment -metadata: - name: nginx - namespace: minikube-nginx-kadet -spec: - replicas: 1 - revisionHistoryLimit: 10 - template: - metadata: - labels: - app: nginx - spec: - containers: - - image: nginx:1:15.8 - name: nginx - ports: - - containerPort: 80 diff --git a/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_service.yml b/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_service.yml deleted file mode 100644 index 4bfc6ebf5..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_service.yml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app: nginx - name: nginx - namespace: minikube-nginx-kadet -spec: - ports: - - name: http - port: 80 - targetPort: 80 - selector: - app: nginx - type: NodePort diff --git a/examples/kubernetes/compiled/minikube-nginx-kadet/nginx-deploy.sh b/examples/kubernetes/compiled/minikube-nginx-kadet/nginx-deploy.sh deleted file mode 100644 index 509063a82..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-kadet/nginx-deploy.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -e -DIR=$(dirname ${BASH_SOURCE[0]}) - #(1)! - -KUBECTL="kubectl -n minikube-nginx-kadet" #(2)! - -# Create namespace before anything else -${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml - -for SECTION in manifests -do - echo "## run kubectl apply for ${SECTION}" - ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t -done \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/00_namespace.yml deleted file mode 100644 index 2f00d3447..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/00_namespace.yml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: {} - labels: - name: minikube-nginx-kadet - name: minikube-nginx-kadet - namespace: minikube-nginx-kadet -spec: {} diff --git a/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/10_serviceaccount.yml deleted file mode 100644 index 634277e2a..000000000 --- a/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/10_serviceaccount.yml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: {} - labels: - name: default - name: default - namespace: minikube-nginx-kadet diff --git a/kapitan/cli.py b/kapitan/cli.py index 0aaecf936..b4230456c 100644 --- a/kapitan/cli.py +++ b/kapitan/cli.py @@ -23,11 +23,10 @@ from kapitan.inputs.jsonnet import jsonnet_file from kapitan.inventory import AVAILABLE_BACKENDS from kapitan.lint import start_lint -from kapitan.refs.base import RefController, Revealer from kapitan.refs.cmd_parser import handle_refs_command from kapitan.resources import generate_inventory, resource_callbacks, search_imports -from kapitan.targets import compile_targets, schema_validate_compiled -from kapitan.utils import check_version, from_dot_kapitan, searchvar +from kapitan.targets import schema_validate_compiled +from kapitan.utils import from_dot_kapitan, searchvar from kapitan.version import DESCRIPTION, PROJECT_NAME, VERSION logger = logging.getLogger(__name__) @@ -61,43 +60,6 @@ def _search_imports(cwd, imp): elif json_output: print(json_output) - -def trigger_compile(args): - search_paths = [os.path.abspath(path) for path in args.search_paths] - - if not args.ignore_version_check: - check_version() - - ref_controller = RefController(args.refs_path, embed_refs=args.embed_refs) - # cache controller for use in reveal_maybe jinja2 filter - cached.ref_controller_obj = ref_controller - cached.revealer_obj = Revealer(ref_controller) - - compile_targets( - args.inventory_path, - search_paths, - args.output_path, - args.parallelism, - args.targets, - args.labels, - ref_controller, - prune=args.prune, - indent=args.indent, - reveal=args.reveal, - cache=args.cache, - cache_paths=args.cache_paths, - fetch=args.fetch, - force_fetch=args.force_fetch, - force=args.force, # deprecated - validate=args.validate, - schemas_path=args.schemas_path, - jinja2_filters=args.jinja2_filters, - verbose=hasattr(args, "verbose") and args.verbose, - use_go_jsonnet=args.use_go_jsonnet, - compose_target_name=args.compose_target_name, - ) - - def build_parser(): parser = argparse.ArgumentParser(prog=PROJECT_NAME, description=DESCRIPTION) parser.add_argument("--version", action="version", version=VERSION) diff --git a/kapitan/targets.py b/kapitan/targets.py index 8e1388029..5b6c75cbc 100644 --- a/kapitan/targets.py +++ b/kapitan/targets.py @@ -10,10 +10,7 @@ import logging import multiprocessing import os -import shutil import sys -import tempfile -import time from collections import defaultdict from functools import partial @@ -22,209 +19,16 @@ from reclass.errors import NotFoundError, ReclassException from kapitan import cached, defaults -from kapitan.dependency_manager.base import fetch_dependencies + from kapitan.errors import CompileError, InventoryError, KapitanError -from kapitan.inputs.copy import Copy -from kapitan.inputs.external import External -from kapitan.inputs.helm import Helm -from kapitan.inputs.jinja2 import Jinja2 -from kapitan.inputs.jsonnet import Jsonnet -from kapitan.inputs.kadet import Kadet -from kapitan.inputs.remove import Remove -from kapitan.remoteinventory.fetch import fetch_inventories, list_sources + + from kapitan.resources import get_inventory from kapitan.utils import dictionary_hash, directory_hash, hashable_lru_cache from kapitan.validator.kubernetes_validator import KubernetesManifestValidator logger = logging.getLogger(__name__) - -def compile_targets( - inventory_path, search_paths, output_path, parallel, targets, labels, ref_controller, **kwargs -): - """ - Searches and loads target files, and runs compile_target() on a - multiprocessing pool with parallel number of processes. - kwargs are passed to compile_target() - """ - # temp_path will hold compiled items - temp_path = tempfile.mkdtemp(suffix=".kapitan") - # enable previously compiled items to be reference in other compile inputs - search_paths.append(temp_path) - temp_compile_path = os.path.join(temp_path, "compiled") - dep_cache_dir = temp_path - - updated_targets = targets - try: - updated_targets = search_targets(inventory_path, targets, labels) - except CompileError as e: - logger.error(e) - sys.exit(1) - - # If --cache is set - if kwargs.get("cache"): - additional_cache_paths = kwargs.get("cache_paths") - generate_inv_cache_hashes(inventory_path, targets, additional_cache_paths) - # to cache fetched dependencies and inventories - dep_cache_dir = os.path.join(output_path, ".dependency_cache") - os.makedirs(dep_cache_dir, exist_ok=True) - - if not targets: - updated_targets = changed_targets(inventory_path, output_path) - logger.debug("Changed targets since last compilation: %s", updated_targets) - if len(updated_targets) == 0: - logger.info("No changes since last compilation.") - return - - pool = multiprocessing.Pool(parallel) - - try: - rendering_start = time.time() - - # check if --fetch or --force-fetch is enabled - force_fetch = kwargs.get("force_fetch", False) - fetch = kwargs.get("fetch", False) or force_fetch - - # deprecated --force flag - if kwargs.get("force", False): - logger.info( - "DeprecationWarning: --force is deprecated. Use --force-fetch instead of --force --fetch" - ) - force_fetch = True - - if fetch: - # skip classes that are not yet available - target_objs = load_target_inventory(inventory_path, updated_targets, ignore_class_notfound=True) - else: - # ignore_class_notfound = False by default - target_objs = load_target_inventory(inventory_path, updated_targets) - - # append "compiled" to output_path so we can safely overwrite it - compile_path = os.path.join(output_path, "compiled") - - if not target_objs: - raise CompileError("Error: no targets found") - - # fetch inventory - if fetch: - # new_source checks for new sources in fetched inventory items - new_sources = list(set(list_sources(target_objs)) - cached.inv_sources) - while new_sources: - fetch_inventories( - inventory_path, - target_objs, - dep_cache_dir, - force_fetch, - pool, - ) - cached.reset_inv() - target_objs = load_target_inventory( - inventory_path, updated_targets, ignore_class_notfound=True - ) - cached.inv_sources.update(new_sources) - new_sources = list(set(list_sources(target_objs)) - cached.inv_sources) - # reset inventory cache and load target objs to check for missing classes - cached.reset_inv() - target_objs = load_target_inventory(inventory_path, updated_targets, ignore_class_notfound=False) - # fetch dependencies - if fetch: - fetch_dependencies(output_path, target_objs, dep_cache_dir, force_fetch, pool) - # fetch targets which have force_fetch: true - elif not kwargs.get("force_fetch", False): - fetch_objs = [] - # iterate through targets - for target in target_objs: - try: - # get value of "force_fetch" property - dependencies = target["dependencies"] - # dependencies is still a list - for entry in dependencies: - force_fetch = entry["force_fetch"] - if force_fetch: - fetch_objs.append(target) - except KeyError: - # targets may have no "dependencies" or "force_fetch" key - continue - # fetch dependencies from targets with force_fetch set to true - if fetch_objs: - fetch_dependencies(output_path, fetch_objs, dep_cache_dir, True, pool) - - logger.info("Rendered inventory (%.2fs)", time.time() - rendering_start) - - worker = partial( - compile_target, - search_paths=search_paths, - compile_path=temp_compile_path, - ref_controller=ref_controller, - inventory_path=inventory_path, - globals_cached=cached.as_dict(), - **kwargs, - ) - - # compile_target() returns None on success - # so p is only not None when raising an exception - [p.get() for p in pool.imap_unordered(worker, target_objs) if p] - - os.makedirs(compile_path, exist_ok=True) - - # if '-t' is set on compile or only a few changed, only override selected targets - if updated_targets: - for target in target_objs: - path = target["target_full_path"] - compile_path_target = os.path.join(compile_path, path) - temp_path_target = os.path.join(temp_compile_path, path) - - os.makedirs(compile_path_target, exist_ok=True) - - shutil.rmtree(compile_path_target) - shutil.copytree(temp_path_target, compile_path_target) - logger.debug("Copied %s into %s", temp_path_target, compile_path_target) - # otherwise override all targets - else: - shutil.rmtree(compile_path) - shutil.copytree(temp_compile_path, compile_path) - logger.debug("Copied %s into %s", temp_compile_path, compile_path) - - # validate the compiled outputs - if kwargs.get("validate", False): - validate_map = create_validate_mapping(target_objs, compile_path) - worker = partial( - schema_validate_kubernetes_output, - cache_dir=kwargs.get("schemas_path", "./schemas"), - ) - [p.get() for p in pool.imap_unordered(worker, validate_map.items()) if p] - - # Save inventory and folders cache - save_inv_cache(compile_path, targets) - pool.close() - - except ReclassException as e: - if isinstance(e, NotFoundError): - logger.error("Inventory reclass error: inventory not found") - else: - logger.error("Inventory reclass error: %s", e.message) - raise InventoryError(e.message) - except Exception as e: - # if compile worker fails, terminate immediately - pool.terminate() - logger.debug("Compile pool terminated") - # only print traceback for errors we don't know about - if not isinstance(e, KapitanError): - logger.exception("\nUnknown (Non-Kapitan) error occurred:\n") - - logger.error("\n") - if kwargs.get("verbose"): - logger.exception(e) - else: - logger.error(e) - sys.exit(1) - finally: - # always wait for other worker processes to terminate - pool.join() - shutil.rmtree(temp_path) - logger.debug("Removed %s", temp_path) - - def generate_inv_cache_hashes(inventory_path, targets, cache_paths): """ generates the hashes for the inventory per target and jsonnet/jinja2 folders for caching purposes @@ -427,53 +231,6 @@ def search_targets(inventory_path, targets, labels): return targets_found -def compile_target(target_obj, search_paths, compile_path, ref_controller, globals_cached=None, **kwargs): - """Compiles target_obj and writes to compile_path""" - start = time.time() - compile_objs = target_obj["compile"] - ext_vars = target_obj["vars"] - target_name = ext_vars["target"] - - if globals_cached: - cached.from_dict(globals_cached) - - use_go_jsonnet = kwargs.get("use_go_jsonnet", False) - if use_go_jsonnet: - logger.debug("Using go-jsonnet over jsonnet") - - for comp_obj in compile_objs: - input_type = comp_obj["input_type"] - output_path = comp_obj["output_path"] - input_params = comp_obj.setdefault("input_params", {}) - - if input_type == "jinja2": - input_compiler = Jinja2(compile_path, search_paths, ref_controller, comp_obj) - elif input_type == "jsonnet": - input_compiler = Jsonnet(compile_path, search_paths, ref_controller, use_go=use_go_jsonnet) - elif input_type == "kadet": - input_compiler = Kadet(compile_path, search_paths, ref_controller, input_params=input_params) - elif input_type == "helm": - input_compiler = Helm(compile_path, search_paths, ref_controller, comp_obj) - elif input_type == "copy": - ignore_missing = comp_obj.get("ignore_missing", False) - input_compiler = Copy(compile_path, search_paths, ref_controller, ignore_missing) - elif input_type == "remove": - input_compiler = Remove(compile_path, search_paths, ref_controller) - elif input_type == "external": - input_compiler = External(compile_path, search_paths, ref_controller) - if "args" in comp_obj: - input_compiler.set_args(comp_obj["args"]) - if "env_vars" in comp_obj: - input_compiler.set_env_vars(comp_obj["env_vars"]) - else: - err_msg = 'Invalid input_type: "{}". Supported input_types: jsonnet, jinja2, kadet, helm, copy, remove, external' - raise CompileError(err_msg.format(input_type)) - - input_compiler.make_compile_dirs(target_name, output_path, **kwargs) - input_compiler.compile_obj(comp_obj, ext_vars, **kwargs) - - logger.info("Compiled %s (%.2fs)", target_obj["target_full_path"], time.time() - start) - @hashable_lru_cache def valid_target_obj(target_obj, require_compile=True): diff --git a/kapitan/triggers/compile.py b/kapitan/triggers/compile.py new file mode 100644 index 000000000..7980a54d8 --- /dev/null +++ b/kapitan/triggers/compile.py @@ -0,0 +1,300 @@ +import os +import logging +import tempfile +import sys +import time +import shutil +import multiprocessing + +from functools import partial +from reclass.errors import NotFoundError, ReclassException + +from kapitan import cached +from kapitan.utils import check_version +from kapitan.refs.base import RefController, Revealer +from kapitan.targets import search_targets, generate_inv_cache_hashes, changed_targets, load_target_inventory, schema_validate_kubernetes_output, save_inv_cache, create_validate_mapping +from kapitan.errors import CompileError, InventoryError, KapitanError +from kapitan.remoteinventory.fetch import fetch_inventories, list_sources +from kapitan.dependency_manager.base import fetch_dependencies +from kapitan.inputs.copy import Copy +from kapitan.inputs.external import External +from kapitan.inputs.helm import Helm +from kapitan.inputs.jinja2 import Jinja2 +from kapitan.inputs.jsonnet import Jsonnet +from kapitan.inputs.kadet import Kadet +from kapitan.inputs.remove import Remove +from kapitan.validator.kubernetes_validator import KubernetesManifestValidator + +logger = logging.getLogger(__name__) + + +def compile_target(target_obj, search_paths, compile_path, ref_controller, globals_cached=None, **kwargs): + """Compiles target_obj and writes to compile_path""" + start = time.time() + compile_objs = target_obj["compile"] + ext_vars = target_obj["vars"] + target_name = ext_vars["target"] + + if globals_cached: + cached.from_dict(globals_cached) + + use_go_jsonnet = kwargs.get("use_go_jsonnet", False) + if use_go_jsonnet: + logger.debug("Using go-jsonnet over jsonnet") + + for comp_obj in compile_objs: + input_type = comp_obj["input_type"] + output_path = comp_obj["output_path"] + input_params = comp_obj.setdefault("input_params", {}) + + if input_type == "jinja2": + input_compiler = Jinja2(compile_path, search_paths, ref_controller, comp_obj) + elif input_type == "jsonnet": + input_compiler = Jsonnet(compile_path, search_paths, ref_controller, use_go=use_go_jsonnet) + elif input_type == "kadet": + input_compiler = Kadet(compile_path, search_paths, ref_controller, input_params=input_params) + elif input_type == "helm": + input_compiler = Helm(compile_path, search_paths, ref_controller, comp_obj) + elif input_type == "copy": + ignore_missing = comp_obj.get("ignore_missing", False) + input_compiler = Copy(compile_path, search_paths, ref_controller, ignore_missing) + elif input_type == "remove": + input_compiler = Remove(compile_path, search_paths, ref_controller) + elif input_type == "external": + input_compiler = External(compile_path, search_paths, ref_controller) + if "args" in comp_obj: + input_compiler.set_args(comp_obj["args"]) + if "env_vars" in comp_obj: + input_compiler.set_env_vars(comp_obj["env_vars"]) + else: + err_msg = 'Invalid input_type: "{}". Supported input_types: jsonnet, jinja2, kadet, helm, copy, remove, external' + raise CompileError(err_msg.format(input_type)) + + input_compiler.make_compile_dirs(target_name, output_path, **kwargs) + input_compiler.compile_obj(comp_obj, ext_vars, **kwargs) + + logger.info("Compiled %s (%.2fs)", target_obj["target_full_path"], time.time() - start) + + +def compile_targets( + inventory_path, search_paths, output_path, parallel, targets, labels, ref_controller, **kwargs +): + """ + Searches and loads target files, and runs compile_target() on a + multiprocessing pool with parallel number of processes. + kwargs are passed to compile_target() + """ + # temp_path will hold compiled items + temp_path = tempfile.mkdtemp(suffix=".kapitan") + # enable previously compiled items to be reference in other compile inputs + search_paths.append(temp_path) + temp_compile_path = os.path.join(temp_path, "compiled") + dep_cache_dir = temp_path + + updated_targets = targets + try: + updated_targets = search_targets(inventory_path, targets, labels) + except CompileError as e: + logger.error(e) + sys.exit(1) + + # If --cache is set + if kwargs.get("cache"): + additional_cache_paths = kwargs.get("cache_paths") + generate_inv_cache_hashes(inventory_path, targets, additional_cache_paths) + # to cache fetched dependencies and inventories + dep_cache_dir = os.path.join(output_path, ".dependency_cache") + os.makedirs(dep_cache_dir, exist_ok=True) + + if not targets: + updated_targets = changed_targets(inventory_path, output_path) + logger.debug("Changed targets since last compilation: %s", updated_targets) + if len(updated_targets) == 0: + logger.info("No changes since last compilation.") + return + + pool = multiprocessing.Pool(parallel) + + try: + rendering_start = time.time() + + # check if --fetch or --force-fetch is enabled + force_fetch = kwargs.get("force_fetch", False) + fetch = kwargs.get("fetch", False) or force_fetch + + # deprecated --force flag + if kwargs.get("force", False): + logger.info( + "DeprecationWarning: --force is deprecated. Use --force-fetch instead of --force --fetch" + ) + force_fetch = True + + if fetch: + # skip classes that are not yet available + target_objs = load_target_inventory(inventory_path, updated_targets, ignore_class_notfound=True) + else: + # ignore_class_notfound = False by default + target_objs = load_target_inventory(inventory_path, updated_targets) + + # append "compiled" to output_path so we can safely overwrite it + compile_path = os.path.join(output_path, "compiled") + + if not target_objs: + raise CompileError("Error: no targets found") + + # fetch inventory + if fetch: + # new_source checks for new sources in fetched inventory items + new_sources = list(set(list_sources(target_objs)) - cached.inv_sources) + while new_sources: + fetch_inventories( + inventory_path, + target_objs, + dep_cache_dir, + force_fetch, + pool, + ) + cached.reset_inv() + target_objs = load_target_inventory( + inventory_path, updated_targets, ignore_class_notfound=True + ) + cached.inv_sources.update(new_sources) + new_sources = list(set(list_sources(target_objs)) - cached.inv_sources) + # reset inventory cache and load target objs to check for missing classes + cached.reset_inv() + target_objs = load_target_inventory(inventory_path, updated_targets, ignore_class_notfound=False) + # fetch dependencies + if fetch: + fetch_dependencies(output_path, target_objs, dep_cache_dir, force_fetch, pool) + # fetch targets which have force_fetch: true + elif not kwargs.get("force_fetch", False): + fetch_objs = [] + # iterate through targets + for target in target_objs: + try: + # get value of "force_fetch" property + dependencies = target["dependencies"] + # dependencies is still a list + for entry in dependencies: + force_fetch = entry["force_fetch"] + if force_fetch: + fetch_objs.append(target) + except KeyError: + # targets may have no "dependencies" or "force_fetch" key + continue + # fetch dependencies from targets with force_fetch set to true + if fetch_objs: + fetch_dependencies(output_path, fetch_objs, dep_cache_dir, True, pool) + + logger.info("Rendered inventory (%.2fs)", time.time() - rendering_start) + + worker = partial( + compile_target, + search_paths=search_paths, + compile_path=temp_compile_path, + ref_controller=ref_controller, + inventory_path=inventory_path, + globals_cached=cached.as_dict(), + **kwargs, + ) + + # compile_target() returns None on success + # so p is only not None when raising an exception + [p.get() for p in pool.imap_unordered(worker, target_objs) if p] + + os.makedirs(compile_path, exist_ok=True) + + # if '-t' is set on compile or only a few changed, only override selected targets + if updated_targets: + for target in target_objs: + path = target["target_full_path"] + compile_path_target = os.path.join(compile_path, path) + temp_path_target = os.path.join(temp_compile_path, path) + + os.makedirs(compile_path_target, exist_ok=True) + + shutil.rmtree(compile_path_target) + shutil.copytree(temp_path_target, compile_path_target) + logger.debug("Copied %s into %s", temp_path_target, compile_path_target) + # otherwise override all targets + else: + shutil.rmtree(compile_path) + shutil.copytree(temp_compile_path, compile_path) + logger.debug("Copied %s into %s", temp_compile_path, compile_path) + + # validate the compiled outputs + if kwargs.get("validate", False): + validate_map = create_validate_mapping(target_objs, compile_path) + worker = partial( + schema_validate_kubernetes_output, + cache_dir=kwargs.get("schemas_path", "./schemas"), + ) + [p.get() for p in pool.imap_unordered(worker, validate_map.items()) if p] + + # Save inventory and folders cache + save_inv_cache(compile_path, targets) + pool.close() + + except ReclassException as e: + if isinstance(e, NotFoundError): + logger.error("Inventory reclass error: inventory not found") + else: + logger.error("Inventory reclass error: %s", e.message) + raise InventoryError(e.message) + except Exception as e: + # if compile worker fails, terminate immediately + pool.terminate() + logger.debug("Compile pool terminated") + # only print traceback for errors we don't know about + if not isinstance(e, KapitanError): + logger.exception("\nUnknown (Non-Kapitan) error occurred:\n") + + logger.error("\n") + if kwargs.get("verbose"): + logger.exception(e) + else: + logger.error(e) + sys.exit(1) + finally: + # always wait for other worker processes to terminate + pool.join() + shutil.rmtree(temp_path) + logger.debug("Removed %s", temp_path) + + + +def trigger_compile(args): + search_paths = [os.path.abspath(path) for path in args.search_paths] + + if not args.ignore_version_check: + check_version() + + ref_controller = RefController(args.refs_path, embed_refs=args.embed_refs) + # cache controller for use in reveal_maybe jinja2 filter + cached.ref_controller_obj = ref_controller + cached.revealer_obj = Revealer(ref_controller) + + compile_targets( + args.inventory_path, + search_paths, + args.output_path, + args.parallelism, + args.targets, + args.labels, + ref_controller, + prune=(args.prune), + indent=args.indent, + reveal=args.reveal, + cache=args.cache, + cache_paths=args.cache_paths, + fetch=args.fetch, + force_fetch=args.force_fetch, + force=args.force, # deprecated + validate=args.validate, + schemas_path=args.schemas_path, + jinja2_filters=args.jinja2_filters, + verbose=hasattr(args, "verbose") and args.verbose, + use_go_jsonnet=args.use_go_jsonnet, + compose_node_name=args.compose_node_name, + ) + From c42dbcd34d0afe449c75618515a267f67d9693d8 Mon Sep 17 00:00:00 2001 From: Alessandro De Maria Date: Tue, 2 Apr 2024 12:08:51 +0000 Subject: [PATCH 2/4] Refactor --- .../all-glob/manifests/00_namespace.yml | 9 ++ .../all-glob/manifests/01_yaml_load.yml | 3 + .../all-glob/manifests/10_serviceaccount.yml | 8 ++ .../all-glob/manifests/app-deployment.yml | 36 ++++++ .../all-glob/manifests/app-service.yml | 17 +++ .../compiled/all-glob/manifests/es-client.yml | 67 ++++++++++ .../compiled/all-glob/manifests/es-data.yml | 64 ++++++++++ .../all-glob/manifests/es-discovery-svc.yml | 17 +++ .../manifests/es-elasticsearch-svc.yml | 21 ++++ .../compiled/all-glob/manifests/es-master.yml | 64 ++++++++++ .../compiled/all-glob/manifests/mysql_app.yml | 81 +++++++++++++ .../all-glob/manifests/mysql_secret.yml | 12 ++ .../manifests/mysql_secret_subvar.yml | 12 ++ .../manifests/mysql_service_jsonnet.yml | 18 +++ .../manifests/mysql_service_simple.yml | 16 +++ .../all-glob/manifests/mysql_statefulset.yml | 51 ++++++++ .../all-glob/pre-deploy/00_namespace.yml | 9 ++ .../all-glob/pre-deploy/10_serviceaccount.yml | 8 ++ .../compiled/busybox/copy/copy_target | 1 + .../kubernetes/compiled/busybox/copy/pod.yml | 14 +++ .../kubernetes/compiled/busybox/copy_target | 1 + .../busybox/pre-deploy/00_namespace.yml | 9 ++ .../busybox/pre-deploy/10_serviceaccount.yml | 8 ++ .../compiled/jsonnet-env/jsonnet-env/env.yml | 44 +++++++ .../compiled/labels/labels/service.yml | 14 +++ .../labels/pre-deploy/00_namespace.yml | 9 ++ .../labels/pre-deploy/10_serviceaccount.yml | 8 ++ .../kubernetes/compiled/minikube-es/README.md | 64 ++++++++++ .../compiled/minikube-es/copy/copy_target | 1 + .../compiled/minikube-es/copy/pod.yml | 14 +++ .../compiled/minikube-es/copy_target | 1 + .../minikube-es/manifests/es-client.yml | 67 ++++++++++ .../minikube-es/manifests/es-data.yml | 64 ++++++++++ .../manifests/es-discovery-svc.yml | 17 +++ .../manifests/es-elasticsearch-svc.yml | 21 ++++ .../minikube-es/manifests/es-master.yml | 64 ++++++++++ .../minikube-es/pre-deploy/00_namespace.yml | 9 ++ .../pre-deploy/10_serviceaccount.yml | 8 ++ .../compiled/minikube-es/scripts/apply.sh | 14 +++ .../compiled/minikube-es/scripts/delete.sh | 10 ++ .../compiled/minikube-es/scripts/kubectl.sh | 10 ++ .../scripts/minikube/install_minikube.sh | 21 ++++ .../scripts/minikube/start_minikube.sh | 10 ++ .../minikube-es/scripts/setup_cluster.sh | 9 ++ .../minikube-es/scripts/setup_context.sh | 9 ++ .../compiled/minikube-mysql/README.md | 64 ++++++++++ .../minikube-mysql/manifests/mysql_app.yml | 73 +++++++++++ .../minikube-mysql/manifests/mysql_secret.yml | 11 ++ .../manifests/mysql_secret_subvar.yml | 11 ++ .../manifests/mysql_service_jsonnet.yml | 16 +++ .../manifests/mysql_service_simple.yml | 16 +++ .../manifests/mysql_statefulset.yml | 44 +++++++ .../pre-deploy/00_namespace.yml | 9 ++ .../pre-deploy/10_serviceaccount.yml | 8 ++ .../compiled/minikube-mysql/scripts/apply.sh | 14 +++ .../compiled/minikube-mysql/scripts/delete.sh | 10 ++ .../minikube-mysql/scripts/kubectl.sh | 10 ++ .../scripts/minikube/install_minikube.sh | 21 ++++ .../scripts/minikube/start_minikube.sh | 10 ++ .../minikube-mysql/scripts/setup_cluster.sh | 9 ++ .../minikube-mysql/scripts/setup_context.sh | 9 ++ .../compiled/minikube-nginx-helm/README.md | 7 ++ .../job-patch/clusterrole.yaml | 23 ++++ .../job-patch/clusterrolebinding.yaml | 23 ++++ .../job-patch/job-createSecret.yaml | 53 ++++++++ .../job-patch/job-patchWebhook.yaml | 55 +++++++++ .../admission-webhooks/job-patch/role.yaml | 24 ++++ .../job-patch/rolebinding.yaml | 24 ++++ .../job-patch/serviceaccount.yaml | 16 +++ .../validating-webhook.yaml | 34 ++++++ .../ingress-nginx/templates/clusterrole.yaml | 82 +++++++++++++ .../templates/clusterrolebinding.yaml | 19 +++ .../templates/controller-configmap.yaml | 15 +++ .../templates/controller-deployment.yaml | 114 ++++++++++++++++++ .../templates/controller-ingressclass.yaml | 14 +++ .../templates/controller-role.yaml | 106 ++++++++++++++++ .../templates/controller-rolebinding.yaml | 21 ++++ .../templates/controller-service-webhook.yaml | 24 ++++ .../templates/controller-service.yaml | 34 ++++++ .../templates/controller-serviceaccount.yaml | 14 +++ .../minikube-nginx-helm/nginx-deploy.sh | 14 +++ .../compiled/minikube-nginx-jsonnet/README.md | 7 ++ .../manifests/app-deployment.yml | 36 ++++++ .../manifests/app-service.yml | 17 +++ .../minikube-nginx-jsonnet/nginx-deploy.sh | 14 +++ .../pre-deploy/00_namespace.yml | 9 ++ .../pre-deploy/10_serviceaccount.yml | 8 ++ .../compiled/minikube-nginx-kadet/README.md | 7 ++ .../manifests/nginx_deployment.yml | 17 +++ .../manifests/nginx_service.yml | 15 +++ .../minikube-nginx-kadet/nginx-deploy.sh | 14 +++ .../pre-deploy/00_namespace.yml | 9 ++ .../pre-deploy/10_serviceaccount.yml | 8 ++ 93 files changed, 2246 insertions(+) create mode 100644 examples/kubernetes/compiled/all-glob/manifests/00_namespace.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/01_yaml_load.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/10_serviceaccount.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/app-deployment.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/app-service.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/es-client.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/es-data.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/es-discovery-svc.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/es-elasticsearch-svc.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/es-master.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/mysql_app.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/mysql_secret.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/mysql_secret_subvar.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/mysql_service_jsonnet.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/mysql_service_simple.yml create mode 100644 examples/kubernetes/compiled/all-glob/manifests/mysql_statefulset.yml create mode 100644 examples/kubernetes/compiled/all-glob/pre-deploy/00_namespace.yml create mode 100644 examples/kubernetes/compiled/all-glob/pre-deploy/10_serviceaccount.yml create mode 100644 examples/kubernetes/compiled/busybox/copy/copy_target create mode 100644 examples/kubernetes/compiled/busybox/copy/pod.yml create mode 100644 examples/kubernetes/compiled/busybox/copy_target create mode 100644 examples/kubernetes/compiled/busybox/pre-deploy/00_namespace.yml create mode 100644 examples/kubernetes/compiled/busybox/pre-deploy/10_serviceaccount.yml create mode 100644 examples/kubernetes/compiled/jsonnet-env/jsonnet-env/env.yml create mode 100644 examples/kubernetes/compiled/labels/labels/service.yml create mode 100644 examples/kubernetes/compiled/labels/pre-deploy/00_namespace.yml create mode 100644 examples/kubernetes/compiled/labels/pre-deploy/10_serviceaccount.yml create mode 100644 examples/kubernetes/compiled/minikube-es/README.md create mode 100644 examples/kubernetes/compiled/minikube-es/copy/copy_target create mode 100644 examples/kubernetes/compiled/minikube-es/copy/pod.yml create mode 100644 examples/kubernetes/compiled/minikube-es/copy_target create mode 100644 examples/kubernetes/compiled/minikube-es/manifests/es-client.yml create mode 100644 examples/kubernetes/compiled/minikube-es/manifests/es-data.yml create mode 100644 examples/kubernetes/compiled/minikube-es/manifests/es-discovery-svc.yml create mode 100644 examples/kubernetes/compiled/minikube-es/manifests/es-elasticsearch-svc.yml create mode 100644 examples/kubernetes/compiled/minikube-es/manifests/es-master.yml create mode 100644 examples/kubernetes/compiled/minikube-es/pre-deploy/00_namespace.yml create mode 100644 examples/kubernetes/compiled/minikube-es/pre-deploy/10_serviceaccount.yml create mode 100755 examples/kubernetes/compiled/minikube-es/scripts/apply.sh create mode 100755 examples/kubernetes/compiled/minikube-es/scripts/delete.sh create mode 100755 examples/kubernetes/compiled/minikube-es/scripts/kubectl.sh create mode 100755 examples/kubernetes/compiled/minikube-es/scripts/minikube/install_minikube.sh create mode 100755 examples/kubernetes/compiled/minikube-es/scripts/minikube/start_minikube.sh create mode 100755 examples/kubernetes/compiled/minikube-es/scripts/setup_cluster.sh create mode 100755 examples/kubernetes/compiled/minikube-es/scripts/setup_context.sh create mode 100644 examples/kubernetes/compiled/minikube-mysql/README.md create mode 100644 examples/kubernetes/compiled/minikube-mysql/manifests/mysql_app.yml create mode 100644 examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret.yml create mode 100644 examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret_subvar.yml create mode 100644 examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_jsonnet.yml create mode 100644 examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_simple.yml create mode 100644 examples/kubernetes/compiled/minikube-mysql/manifests/mysql_statefulset.yml create mode 100644 examples/kubernetes/compiled/minikube-mysql/pre-deploy/00_namespace.yml create mode 100644 examples/kubernetes/compiled/minikube-mysql/pre-deploy/10_serviceaccount.yml create mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/apply.sh create mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/delete.sh create mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/kubectl.sh create mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/minikube/install_minikube.sh create mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/minikube/start_minikube.sh create mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/setup_cluster.sh create mode 100755 examples/kubernetes/compiled/minikube-mysql/scripts/setup_context.sh create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/README.md create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrole.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrolebinding.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-configmap.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-deployment.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-ingressclass.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-role.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-rolebinding.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service-webhook.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-serviceaccount.yaml create mode 100644 examples/kubernetes/compiled/minikube-nginx-helm/nginx-deploy.sh create mode 100644 examples/kubernetes/compiled/minikube-nginx-jsonnet/README.md create mode 100644 examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-deployment.yml create mode 100644 examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-service.yml create mode 100644 examples/kubernetes/compiled/minikube-nginx-jsonnet/nginx-deploy.sh create mode 100644 examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/00_namespace.yml create mode 100644 examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/10_serviceaccount.yml create mode 100644 examples/kubernetes/compiled/minikube-nginx-kadet/README.md create mode 100644 examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_deployment.yml create mode 100644 examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_service.yml create mode 100644 examples/kubernetes/compiled/minikube-nginx-kadet/nginx-deploy.sh create mode 100644 examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/00_namespace.yml create mode 100644 examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/10_serviceaccount.yml diff --git a/examples/kubernetes/compiled/all-glob/manifests/00_namespace.yml b/examples/kubernetes/compiled/all-glob/manifests/00_namespace.yml new file mode 100644 index 000000000..5431e92ed --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/00_namespace.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: {} + labels: + name: all-glob + name: all-glob + namespace: all-glob +spec: {} diff --git a/examples/kubernetes/compiled/all-glob/manifests/01_yaml_load.yml b/examples/kubernetes/compiled/all-glob/manifests/01_yaml_load.yml new file mode 100644 index 000000000..32b74faef --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/01_yaml_load.yml @@ -0,0 +1,3 @@ +json_str: '{"apiVersion": "v1", "kind": "Pod", "metadata": {"name": "busybox", "namespace": + "default"}, "spec": {"containers": [{"image": "busybox", "command": ["sleep", "3600"], + "imagePullPolicy": "IfNotPresent", "name": "busybox"}], "restartPolicy": "Always"}}' diff --git a/examples/kubernetes/compiled/all-glob/manifests/10_serviceaccount.yml b/examples/kubernetes/compiled/all-glob/manifests/10_serviceaccount.yml new file mode 100644 index 000000000..89d533a7e --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/10_serviceaccount.yml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + labels: + name: default + name: default + namespace: all-glob diff --git a/examples/kubernetes/compiled/all-glob/manifests/app-deployment.yml b/examples/kubernetes/compiled/all-glob/manifests/app-deployment.yml new file mode 100644 index 000000000..7511e4bf5 --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/app-deployment.yml @@ -0,0 +1,36 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + annotations: {} + labels: + name: nginx + name: nginx + namespace: all-glob +spec: + minReadySeconds: 30 + replicas: 2 + revisionHistoryLimit: 10 + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + annotations: {} + labels: + name: nginx + spec: + containers: + - args: [] + env: [] + image: nginx:1:15.8 + imagePullPolicy: Always + name: nginx + ports: + - containerPort: 80 + name: http + volumeMounts: [] + imagePullSecrets: [] + initContainers: [] + volumes: [] diff --git a/examples/kubernetes/compiled/all-glob/manifests/app-service.yml b/examples/kubernetes/compiled/all-glob/manifests/app-service.yml new file mode 100644 index 000000000..2466fed7a --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/app-service.yml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: {} + labels: + name: nginx + name: nginx + namespace: all-glob +spec: + loadBalancerSourceRanges: [] + ports: + - name: http + port: 80 + targetPort: http + selector: + name: nginx + type: NodePort diff --git a/examples/kubernetes/compiled/all-glob/manifests/es-client.yml b/examples/kubernetes/compiled/all-glob/manifests/es-client.yml new file mode 100644 index 000000000..ce6977287 --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/es-client.yml @@ -0,0 +1,67 @@ +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + labels: + name: cluster-client + role: client + name: cluster-client + namespace: all-glob +spec: + replicas: 1 + serviceName: cluster-client + template: + metadata: + labels: + name: cluster-client + role: client + spec: + containers: + - env: + - name: CLUSTER_NAME + value: cluster + - name: ES_JAVA_OPTS + value: -Xms512m -Xmx512m + - name: HTTP_ENABLE + value: 'true' + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_DATA + value: 'false' + - name: NODE_INGEST + value: 'false' + - name: NODE_MASTER + value: 'false' + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NUMBER_OF_MASTERS + value: '1' + image: quay.io/pires/docker-elasticsearch-kubernetes:5.5.0 + imagePullPolicy: Always + name: client + ports: + - containerPort: 9200 + name: client + protocol: TCP + - containerPort: 9300 + name: transport + protocol: TCP + securityContext: + capabilities: + add: + - IPC_LOCK + - SYS_RESOURCE + privileged: false + initContainers: + - command: + - sysctl + - -w + - vm.max_map_count=262144 + image: busybox + imagePullPolicy: IfNotPresent + name: sysctl + securityContext: + privileged: true diff --git a/examples/kubernetes/compiled/all-glob/manifests/es-data.yml b/examples/kubernetes/compiled/all-glob/manifests/es-data.yml new file mode 100644 index 000000000..5b70b3cfb --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/es-data.yml @@ -0,0 +1,64 @@ +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + labels: + name: cluster-data + role: data + name: cluster-data + namespace: all-glob +spec: + replicas: 1 + serviceName: cluster-data + template: + metadata: + labels: + name: cluster-data + role: data + spec: + containers: + - env: + - name: CLUSTER_NAME + value: cluster + - name: ES_JAVA_OPTS + value: -Xms512m -Xmx512m + - name: HTTP_ENABLE + value: 'false' + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_DATA + value: 'true' + - name: NODE_INGEST + value: 'false' + - name: NODE_MASTER + value: 'false' + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NUMBER_OF_MASTERS + value: '1' + image: quay.io/pires/docker-elasticsearch-kubernetes:5.5.0 + imagePullPolicy: Always + name: data + ports: + - containerPort: 9300 + name: transport + protocol: TCP + securityContext: + capabilities: + add: + - IPC_LOCK + - SYS_RESOURCE + privileged: false + initContainers: + - command: + - sysctl + - -w + - vm.max_map_count=262144 + image: busybox + imagePullPolicy: IfNotPresent + name: sysctl + securityContext: + privileged: true diff --git a/examples/kubernetes/compiled/all-glob/manifests/es-discovery-svc.yml b/examples/kubernetes/compiled/all-glob/manifests/es-discovery-svc.yml new file mode 100644 index 000000000..8dc508360 --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/es-discovery-svc.yml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + name: elasticsearch-discovery + name: elasticsearch-discovery + namespace: all-glob +spec: + ports: + - name: transport + port: 9300 + protocol: TCP + targetPort: transport + selector: + name: cluster-master + role: master + type: ClusterIP diff --git a/examples/kubernetes/compiled/all-glob/manifests/es-elasticsearch-svc.yml b/examples/kubernetes/compiled/all-glob/manifests/es-elasticsearch-svc.yml new file mode 100644 index 000000000..b590f5bd5 --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/es-elasticsearch-svc.yml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + name: elasticsearch + name: elasticsearch + namespace: all-glob +spec: + ports: + - name: client + port: 9200 + protocol: TCP + targetPort: client + - name: transport + port: 9300 + protocol: TCP + targetPort: transport + selector: + name: cluster-client + role: client + type: NodePort diff --git a/examples/kubernetes/compiled/all-glob/manifests/es-master.yml b/examples/kubernetes/compiled/all-glob/manifests/es-master.yml new file mode 100644 index 000000000..25aadc0d8 --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/es-master.yml @@ -0,0 +1,64 @@ +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + labels: + name: cluster-master + role: master + name: cluster-master + namespace: all-glob +spec: + replicas: 1 + serviceName: cluster-master + template: + metadata: + labels: + name: cluster-master + role: master + spec: + containers: + - env: + - name: CLUSTER_NAME + value: cluster + - name: ES_JAVA_OPTS + value: -Xms512m -Xmx512m + - name: HTTP_ENABLE + value: 'false' + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_DATA + value: 'false' + - name: NODE_INGEST + value: 'false' + - name: NODE_MASTER + value: 'true' + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NUMBER_OF_MASTERS + value: '1' + image: quay.io/pires/docker-elasticsearch-kubernetes:5.5.0 + imagePullPolicy: Always + name: master + ports: + - containerPort: 9300 + name: transport + protocol: TCP + securityContext: + capabilities: + add: + - IPC_LOCK + - SYS_RESOURCE + privileged: false + initContainers: + - command: + - sysctl + - -w + - vm.max_map_count=262144 + image: busybox + imagePullPolicy: IfNotPresent + name: sysctl + securityContext: + privileged: true diff --git a/examples/kubernetes/compiled/all-glob/manifests/mysql_app.yml b/examples/kubernetes/compiled/all-glob/manifests/mysql_app.yml new file mode 100644 index 000000000..9cebcf8e7 --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/mysql_app.yml @@ -0,0 +1,81 @@ +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + annotations: {} + labels: + name: glob_instance + name: glob_instance + namespace: all-glob +spec: + replicas: 1 + serviceName: glob_instance + template: + metadata: + annotations: {} + labels: + name: glob_instance + spec: + containers: + - args: [] + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + key: MYSQL_ROOT_PASSWORD + name: glob_instance + image: mysql:latest + imagePullPolicy: Always + name: mysql + ports: + - containerPort: 3306 + name: mysql + volumeMounts: [] + imagePullSecrets: [] + initContainers: [] + volumes: [] + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + annotations: + volume.beta.kubernetes.io/storage-class: standard + labels: + name: data + name: data + namespace: all-glob + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10G +--- +apiVersion: v1 +data: + MYSQL_ROOT_PASSWORD: ?{base64:targets/all-glob/mysql/password:3192c15c} + MYSQL_ROOT_PASSWORD_SHA256: ?{base64:targets/all-glob/mysql/password_sha256:a18bc263} +kind: Secret +metadata: + annotations: {} + labels: + name: glob_instance + name: glob_instance + namespace: all-glob +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + labels: + name: glob_instance + name: glob_instance + namespace: all-glob +spec: + clusterIP: None + ports: + - name: mysql + port: 3306 + targetPort: mysql + selector: + name: glob_instance + type: ClusterIP diff --git a/examples/kubernetes/compiled/all-glob/manifests/mysql_secret.yml b/examples/kubernetes/compiled/all-glob/manifests/mysql_secret.yml new file mode 100644 index 000000000..614bc0b30 --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/mysql_secret.yml @@ -0,0 +1,12 @@ +apiVersion: v1 +data: + MYSQL_ROOT_PASSWORD: ?{base64:targets/all-glob/mysql/password:3192c15c} + MYSQL_ROOT_PASSWORD_SHA256: ?{base64:targets/all-glob/mysql/password_sha256:a18bc263} +kind: Secret +metadata: + annotations: {} + labels: + name: glob_instance + name: glob_instance + namespace: all-glob +type: Opaque diff --git a/examples/kubernetes/compiled/all-glob/manifests/mysql_secret_subvar.yml b/examples/kubernetes/compiled/all-glob/manifests/mysql_secret_subvar.yml new file mode 100644 index 000000000..c4e26e498 --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/mysql_secret_subvar.yml @@ -0,0 +1,12 @@ +apiVersion: v1 +data: + MYSQL_ROOT_PASSWORD: ?{base64:targets/all-glob/mysql/subvars@var1.password:fa652988} + MYSQL_ROOT_PASSWORD_SHA256: ?{base64:targets/all-glob/mysql/subvars@var2.password_sha256:fa652988} +kind: Secret +metadata: + annotations: {} + labels: + name: glob_instance + name: glob_instance + namespace: all-glob +type: Opaque diff --git a/examples/kubernetes/compiled/all-glob/manifests/mysql_service_jsonnet.yml b/examples/kubernetes/compiled/all-glob/manifests/mysql_service_jsonnet.yml new file mode 100644 index 000000000..8f98d841f --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/mysql_service_jsonnet.yml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: {} + labels: + name: glob_instance-jsonnet + name: glob_instance-jsonnet + namespace: all-glob +spec: + clusterIP: None + loadBalancerSourceRanges: [] + ports: + - name: mysql + port: 3306 + targetPort: mysql + selector: + name: glob_instance + type: ClusterIP diff --git a/examples/kubernetes/compiled/all-glob/manifests/mysql_service_simple.yml b/examples/kubernetes/compiled/all-glob/manifests/mysql_service_simple.yml new file mode 100644 index 000000000..4ef48d27a --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/mysql_service_simple.yml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + name: glob_instance + name: glob_instance + namespace: all-glob +spec: + clusterIP: None + ports: + - name: mysql + port: 3306 + targetPort: mysql + selector: + name: glob_instance + type: ClusterIP diff --git a/examples/kubernetes/compiled/all-glob/manifests/mysql_statefulset.yml b/examples/kubernetes/compiled/all-glob/manifests/mysql_statefulset.yml new file mode 100644 index 000000000..12a3755a3 --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/manifests/mysql_statefulset.yml @@ -0,0 +1,51 @@ +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + annotations: {} + labels: + name: glob_instance + name: glob_instance + namespace: all-glob +spec: + replicas: 1 + serviceName: glob_instance + template: + metadata: + annotations: {} + labels: + name: glob_instance + spec: + containers: + - args: [] + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + key: MYSQL_ROOT_PASSWORD + name: glob_instance + image: mysql:latest + imagePullPolicy: Always + name: mysql + ports: + - containerPort: 3306 + name: mysql + volumeMounts: [] + imagePullSecrets: [] + initContainers: [] + volumes: [] + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + annotations: + volume.beta.kubernetes.io/storage-class: standard + labels: + name: data + name: data + namespace: all-glob + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10G diff --git a/examples/kubernetes/compiled/all-glob/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/all-glob/pre-deploy/00_namespace.yml new file mode 100644 index 000000000..5431e92ed --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/pre-deploy/00_namespace.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: {} + labels: + name: all-glob + name: all-glob + namespace: all-glob +spec: {} diff --git a/examples/kubernetes/compiled/all-glob/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/all-glob/pre-deploy/10_serviceaccount.yml new file mode 100644 index 000000000..89d533a7e --- /dev/null +++ b/examples/kubernetes/compiled/all-glob/pre-deploy/10_serviceaccount.yml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + labels: + name: default + name: default + namespace: all-glob diff --git a/examples/kubernetes/compiled/busybox/copy/copy_target b/examples/kubernetes/compiled/busybox/copy/copy_target new file mode 100644 index 000000000..9301ae519 --- /dev/null +++ b/examples/kubernetes/compiled/busybox/copy/copy_target @@ -0,0 +1 @@ +for_testing \ No newline at end of file diff --git a/examples/kubernetes/compiled/busybox/copy/pod.yml b/examples/kubernetes/compiled/busybox/copy/pod.yml new file mode 100644 index 000000000..73007db14 --- /dev/null +++ b/examples/kubernetes/compiled/busybox/copy/pod.yml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Pod +metadata: + name: busybox + namespace: default +spec: + containers: + - image: busybox + command: + - sleep + - "3600" + imagePullPolicy: IfNotPresent + name: busybox + restartPolicy: Always diff --git a/examples/kubernetes/compiled/busybox/copy_target b/examples/kubernetes/compiled/busybox/copy_target new file mode 100644 index 000000000..9301ae519 --- /dev/null +++ b/examples/kubernetes/compiled/busybox/copy_target @@ -0,0 +1 @@ +for_testing \ No newline at end of file diff --git a/examples/kubernetes/compiled/busybox/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/busybox/pre-deploy/00_namespace.yml new file mode 100644 index 000000000..9ffa3d5f0 --- /dev/null +++ b/examples/kubernetes/compiled/busybox/pre-deploy/00_namespace.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: {} + labels: + name: busybox + name: busybox + namespace: busybox +spec: {} diff --git a/examples/kubernetes/compiled/busybox/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/busybox/pre-deploy/10_serviceaccount.yml new file mode 100644 index 000000000..4f9f2537b --- /dev/null +++ b/examples/kubernetes/compiled/busybox/pre-deploy/10_serviceaccount.yml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + labels: + name: default + name: default + namespace: busybox diff --git a/examples/kubernetes/compiled/jsonnet-env/jsonnet-env/env.yml b/examples/kubernetes/compiled/jsonnet-env/jsonnet-env/env.yml new file mode 100644 index 000000000..9c1a58a61 --- /dev/null +++ b/examples/kubernetes/compiled/jsonnet-env/jsonnet-env/env.yml @@ -0,0 +1,44 @@ +applications: + - a + - b + - c +classes: + - common + - jsonnet-env +exports: {} +parameters: + _reclass_: + environment: base + name: + full: jsonnet-env + parts: + - jsonnet-env + path: jsonnet-env + short: jsonnet-env + a: aaaaa + b: bbbbb + c: ccccc + kapitan: + compile: + - input_params: {} + input_paths: + - components/jsonnet-env/env.jsonnet + input_type: jsonnet + output_path: jsonnet-env + output_type: yml + secrets: + awskms: + key: alias/nameOfKey + gkms: + key: projects//locations//keyRings//cryptoKeys/ + gpg: + recipients: + - fingerprint: D9234C61F58BEB3ED8552A57E28DC07A3CBFAE7C + name: example@kapitan.dev + target_full_path: jsonnet-env + vars: + managed_by: kapitan + namespace: jsonnet-env + target: jsonnet-env + namespace: jsonnet-env + target_name: jsonnet-env diff --git a/examples/kubernetes/compiled/labels/labels/service.yml b/examples/kubernetes/compiled/labels/labels/service.yml new file mode 100644 index 000000000..758c8df30 --- /dev/null +++ b/examples/kubernetes/compiled/labels/labels/service.yml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: db + namespace: labels + labels: + app.kubernetes.io/name: db + app.kubernetes.io/version: 11.0 + app.kubernetes.io/managed-by: kapitan +spec: + ports: + - port: 5432 + targetPort: 5432 + name: postgres \ No newline at end of file diff --git a/examples/kubernetes/compiled/labels/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/labels/pre-deploy/00_namespace.yml new file mode 100644 index 000000000..429e13cbf --- /dev/null +++ b/examples/kubernetes/compiled/labels/pre-deploy/00_namespace.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: {} + labels: + name: labels + name: labels + namespace: labels +spec: {} diff --git a/examples/kubernetes/compiled/labels/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/labels/pre-deploy/10_serviceaccount.yml new file mode 100644 index 000000000..e10fc75ac --- /dev/null +++ b/examples/kubernetes/compiled/labels/pre-deploy/10_serviceaccount.yml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + labels: + name: default + name: default + namespace: labels diff --git a/examples/kubernetes/compiled/minikube-es/README.md b/examples/kubernetes/compiled/minikube-es/README.md new file mode 100644 index 000000000..f74aa827c --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/README.md @@ -0,0 +1,64 @@ +# Elasticsearch Minikube + +This is a specific version of Elasticsearch to run on a minikube instalation. + +## Prerequisites + +Elasticsearch is a resource hungry application, for this setup we require +that minikube is running with the above options: + +``` +$ minikube start --insecure-registry https://quay.io --memory=4096 --cpus=2 +``` + +_If_ you have created the minikube VM previously, you will most likely need to +delete the vm and recreate it with more memory/cpu. (i.e. +`$ minikube delete`) + +## Setting up + +Assuming you're already running Minikube, setup for this target: + +``` +$ scripts/setup.sh +``` + +This will create a context in your minikube cluster called minikube-es. + + +Apply the compiled manifests: + +``` +$ scripts/kubectl.sh apply -f manifests/ +``` + +If the commands above did not error, you should be good to go. + +Let's confirm everything is up: + +``` +$ scripts/kubectl.sh get pods -w +``` + +## Connecting to Elasticsearch + +List the elasticsearch service endpoints running in the cluster: + +``` +$ minikube service -n minikube-es elasticsearch --url +``` + +and curl the health endpoint, i.e.: + +``` +$ curl http://192.168.99.100:32130/_cluster/health?pretty +``` + + +## Deleting Elasticsearch + +Deleting is easy (warning, this will remove _everything_): + +``` +$ scripts/kubectl.sh delete -f manifests/ +``` \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/copy/copy_target b/examples/kubernetes/compiled/minikube-es/copy/copy_target new file mode 100644 index 000000000..9301ae519 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/copy/copy_target @@ -0,0 +1 @@ +for_testing \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/copy/pod.yml b/examples/kubernetes/compiled/minikube-es/copy/pod.yml new file mode 100644 index 000000000..73007db14 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/copy/pod.yml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Pod +metadata: + name: busybox + namespace: default +spec: + containers: + - image: busybox + command: + - sleep + - "3600" + imagePullPolicy: IfNotPresent + name: busybox + restartPolicy: Always diff --git a/examples/kubernetes/compiled/minikube-es/copy_target b/examples/kubernetes/compiled/minikube-es/copy_target new file mode 100644 index 000000000..9301ae519 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/copy_target @@ -0,0 +1 @@ +for_testing \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/manifests/es-client.yml b/examples/kubernetes/compiled/minikube-es/manifests/es-client.yml new file mode 100644 index 000000000..1e9562872 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/manifests/es-client.yml @@ -0,0 +1,67 @@ +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + labels: + name: cluster-client + role: client + name: cluster-client + namespace: minikube-es +spec: + replicas: 2 + serviceName: cluster-client + template: + metadata: + labels: + name: cluster-client + role: client + spec: + containers: + - env: + - name: CLUSTER_NAME + value: cluster + - name: ES_JAVA_OPTS + value: -Xms512m -Xmx512m + - name: HTTP_ENABLE + value: 'true' + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_DATA + value: 'false' + - name: NODE_INGEST + value: 'false' + - name: NODE_MASTER + value: 'false' + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NUMBER_OF_MASTERS + value: '1' + image: quay.io/pires/docker-elasticsearch-kubernetes:5.5.0 + imagePullPolicy: Always + name: client + ports: + - containerPort: 9200 + name: client + protocol: TCP + - containerPort: 9300 + name: transport + protocol: TCP + securityContext: + capabilities: + add: + - IPC_LOCK + - SYS_RESOURCE + privileged: false + initContainers: + - command: + - sysctl + - -w + - vm.max_map_count=262144 + image: busybox + imagePullPolicy: IfNotPresent + name: sysctl + securityContext: + privileged: true diff --git a/examples/kubernetes/compiled/minikube-es/manifests/es-data.yml b/examples/kubernetes/compiled/minikube-es/manifests/es-data.yml new file mode 100644 index 000000000..4d973b756 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/manifests/es-data.yml @@ -0,0 +1,64 @@ +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + labels: + name: cluster-data + role: data + name: cluster-data + namespace: minikube-es +spec: + replicas: 2 + serviceName: cluster-data + template: + metadata: + labels: + name: cluster-data + role: data + spec: + containers: + - env: + - name: CLUSTER_NAME + value: cluster + - name: ES_JAVA_OPTS + value: -Xms512m -Xmx512m + - name: HTTP_ENABLE + value: 'false' + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_DATA + value: 'true' + - name: NODE_INGEST + value: 'false' + - name: NODE_MASTER + value: 'false' + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NUMBER_OF_MASTERS + value: '1' + image: quay.io/pires/docker-elasticsearch-kubernetes:5.5.0 + imagePullPolicy: Always + name: data + ports: + - containerPort: 9300 + name: transport + protocol: TCP + securityContext: + capabilities: + add: + - IPC_LOCK + - SYS_RESOURCE + privileged: false + initContainers: + - command: + - sysctl + - -w + - vm.max_map_count=262144 + image: busybox + imagePullPolicy: IfNotPresent + name: sysctl + securityContext: + privileged: true diff --git a/examples/kubernetes/compiled/minikube-es/manifests/es-discovery-svc.yml b/examples/kubernetes/compiled/minikube-es/manifests/es-discovery-svc.yml new file mode 100644 index 000000000..aa542b56e --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/manifests/es-discovery-svc.yml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + name: elasticsearch-discovery + name: elasticsearch-discovery + namespace: minikube-es +spec: + ports: + - name: transport + port: 9300 + protocol: TCP + targetPort: transport + selector: + name: cluster-master + role: master + type: ClusterIP diff --git a/examples/kubernetes/compiled/minikube-es/manifests/es-elasticsearch-svc.yml b/examples/kubernetes/compiled/minikube-es/manifests/es-elasticsearch-svc.yml new file mode 100644 index 000000000..9b0b0b8c8 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/manifests/es-elasticsearch-svc.yml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + name: elasticsearch + name: elasticsearch + namespace: minikube-es +spec: + ports: + - name: client + port: 9200 + protocol: TCP + targetPort: client + - name: transport + port: 9300 + protocol: TCP + targetPort: transport + selector: + name: cluster-client + role: client + type: NodePort diff --git a/examples/kubernetes/compiled/minikube-es/manifests/es-master.yml b/examples/kubernetes/compiled/minikube-es/manifests/es-master.yml new file mode 100644 index 000000000..98dab044e --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/manifests/es-master.yml @@ -0,0 +1,64 @@ +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + labels: + name: cluster-master + role: master + name: cluster-master + namespace: minikube-es +spec: + replicas: 2 + serviceName: cluster-master + template: + metadata: + labels: + name: cluster-master + role: master + spec: + containers: + - env: + - name: CLUSTER_NAME + value: cluster + - name: ES_JAVA_OPTS + value: -Xms512m -Xmx512m + - name: HTTP_ENABLE + value: 'false' + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_DATA + value: 'false' + - name: NODE_INGEST + value: 'false' + - name: NODE_MASTER + value: 'true' + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NUMBER_OF_MASTERS + value: '1' + image: quay.io/pires/docker-elasticsearch-kubernetes:5.5.0 + imagePullPolicy: Always + name: master + ports: + - containerPort: 9300 + name: transport + protocol: TCP + securityContext: + capabilities: + add: + - IPC_LOCK + - SYS_RESOURCE + privileged: false + initContainers: + - command: + - sysctl + - -w + - vm.max_map_count=262144 + image: busybox + imagePullPolicy: IfNotPresent + name: sysctl + securityContext: + privileged: true diff --git a/examples/kubernetes/compiled/minikube-es/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/minikube-es/pre-deploy/00_namespace.yml new file mode 100644 index 000000000..9f5ae3b9b --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/pre-deploy/00_namespace.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: {} + labels: + name: minikube-es + name: minikube-es + namespace: minikube-es +spec: {} diff --git a/examples/kubernetes/compiled/minikube-es/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/minikube-es/pre-deploy/10_serviceaccount.yml new file mode 100644 index 000000000..a67815fdb --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/pre-deploy/10_serviceaccount.yml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + labels: + name: default + name: default + namespace: minikube-es diff --git a/examples/kubernetes/compiled/minikube-es/scripts/apply.sh b/examples/kubernetes/compiled/minikube-es/scripts/apply.sh new file mode 100755 index 000000000..3cf5eedc4 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/scripts/apply.sh @@ -0,0 +1,14 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + +DIR=$(dirname ${BASH_SOURCE[0]}) + +for SECTION in pre-deploy manifests +do + echo "## run kubectl apply for ${SECTION}" + kapitan refs --reveal -f ${DIR}/../${SECTION}/ | ${DIR}/kubectl.sh apply -f - | column -t +done \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/scripts/delete.sh b/examples/kubernetes/compiled/minikube-es/scripts/delete.sh new file mode 100755 index 000000000..b6e7e808d --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/scripts/delete.sh @@ -0,0 +1,10 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + +DIR=$(dirname ${BASH_SOURCE[0]}) + +${DIR}/kubectl.sh delete -f ${DIR}/../manifests \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/scripts/kubectl.sh b/examples/kubernetes/compiled/minikube-es/scripts/kubectl.sh new file mode 100755 index 000000000..26acd1c4e --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/scripts/kubectl.sh @@ -0,0 +1,10 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + +KUBECTL="kubectl --context minikube-es --insecure-skip-tls-verify=False " + +${KUBECTL} $@ \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/scripts/minikube/install_minikube.sh b/examples/kubernetes/compiled/minikube-es/scripts/minikube/install_minikube.sh new file mode 100755 index 000000000..dcf035f3b --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/scripts/minikube/install_minikube.sh @@ -0,0 +1,21 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + +case "$(uname -s)" in + Linux*) MINIKUBE_BINARY=minikube-linux-amd64;; + Darwin*) MINIKUBE_BINARY=minikube-darwin-amd64;; + *) exit 1 +esac + +MINIKUBE_VERSION=${MINIKUBE_VERSION:-v0.31.0} +URL=https://storage.googleapis.com/minikube/releases/${MINIKUBE_VERSION}/${MINIKUBE_BINARY} + + +echo Downloading minikube release ${MINIKUBE_VERSION} to /usr/local/bin/minikube +pause +sudo curl --progress-bar -o /usr/local/bin/minikube ${URL} +sudo chmod +x /usr/local/bin/minikube \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/scripts/minikube/start_minikube.sh b/examples/kubernetes/compiled/minikube-es/scripts/minikube/start_minikube.sh new file mode 100755 index 000000000..1ed875d6c --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/scripts/minikube/start_minikube.sh @@ -0,0 +1,10 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + +eval $(minikube docker-env) +minikube start --insecure-registry https://quay.io --memory=4096 --cpus=4 +minikube ssh "sudo ip link set docker0 promisc on" \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-es/scripts/setup_cluster.sh b/examples/kubernetes/compiled/minikube-es/scripts/setup_cluster.sh new file mode 100755 index 000000000..7c7a34d55 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/scripts/setup_cluster.sh @@ -0,0 +1,9 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + + + diff --git a/examples/kubernetes/compiled/minikube-es/scripts/setup_context.sh b/examples/kubernetes/compiled/minikube-es/scripts/setup_context.sh new file mode 100755 index 000000000..19307a214 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-es/scripts/setup_context.sh @@ -0,0 +1,9 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + +kubectl config set-context minikube-es --cluster minikube --user minikube --namespace minikube-es +kubectl config use-context minikube-es \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/README.md b/examples/kubernetes/compiled/minikube-mysql/README.md new file mode 100644 index 000000000..18212b6b3 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/README.md @@ -0,0 +1,64 @@ +# Elasticsearch Minikube + +This is a specific version of Elasticsearch to run on a minikube instalation. + +## Prerequisites + +Elasticsearch is a resource hungry application, for this setup we require +that minikube is running with the above options: + +``` +$ minikube start --insecure-registry https://quay.io --memory=4096 --cpus=2 +``` + +_If_ you have created the minikube VM previously, you will most likely need to +delete the vm and recreate it with more memory/cpu. (i.e. +`$ minikube delete`) + +## Setting up + +Assuming you're already running Minikube, setup for this target: + +``` +$ scripts/setup.sh +``` + +This will create a context in your minikube cluster called minikube-mysql. + + +Apply the compiled manifests: + +``` +$ scripts/kubectl.sh apply -f manifests/ +``` + +If the commands above did not error, you should be good to go. + +Let's confirm everything is up: + +``` +$ scripts/kubectl.sh get pods -w +``` + +## Connecting to Elasticsearch + +List the elasticsearch service endpoints running in the cluster: + +``` +$ minikube service -n minikube-mysql elasticsearch --url +``` + +and curl the health endpoint, i.e.: + +``` +$ curl http://192.168.99.100:32130/_cluster/health?pretty +``` + + +## Deleting Elasticsearch + +Deleting is easy (warning, this will remove _everything_): + +``` +$ scripts/kubectl.sh delete -f manifests/ +``` \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_app.yml b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_app.yml new file mode 100644 index 000000000..cebe146d0 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_app.yml @@ -0,0 +1,73 @@ +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + labels: + name: example-mysql + name: example-mysql + namespace: minikube-mysql +spec: + replicas: 1 + serviceName: example-mysql + template: + metadata: + labels: + name: example-mysql + spec: + containers: + - env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + key: MYSQL_ROOT_PASSWORD + name: example-mysql + image: mysql:latest + imagePullPolicy: Always + name: mysql + ports: + - containerPort: 3306 + name: mysql + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + annotations: + volume.beta.kubernetes.io/storage-class: standard + labels: + name: data + name: data + namespace: minikube-mysql + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10G +--- +apiVersion: v1 +data: + MYSQL_ROOT_PASSWORD: ?{gpg:targets/minikube-mysql/mysql/password:ec3d54de} + MYSQL_ROOT_PASSWORD_SHA256: ?{gpg:targets/minikube-mysql/mysql/password_sha256:122d2732} +kind: Secret +metadata: + labels: + name: example-mysql + name: example-mysql + namespace: minikube-mysql +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + labels: + name: example-mysql + name: example-mysql + namespace: minikube-mysql +spec: + clusterIP: None + ports: + - name: mysql + port: 3306 + targetPort: mysql + selector: + name: example-mysql + type: ClusterIP diff --git a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret.yml b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret.yml new file mode 100644 index 000000000..0c842a325 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret.yml @@ -0,0 +1,11 @@ +apiVersion: v1 +data: + MYSQL_ROOT_PASSWORD: ?{gpg:targets/minikube-mysql/mysql/password:ec3d54de} + MYSQL_ROOT_PASSWORD_SHA256: ?{gpg:targets/minikube-mysql/mysql/password_sha256:122d2732} +kind: Secret +metadata: + labels: + name: example-mysql + name: example-mysql + namespace: minikube-mysql +type: Opaque diff --git a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret_subvar.yml b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret_subvar.yml new file mode 100644 index 000000000..2b061a004 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret_subvar.yml @@ -0,0 +1,11 @@ +apiVersion: v1 +data: + MYSQL_ROOT_PASSWORD: ?{gpg:targets/minikube-mysql/mysql/subvars@var1.password:52dd139b} + MYSQL_ROOT_PASSWORD_SHA256: ?{gpg:targets/minikube-mysql/mysql/subvars@var2.password_sha256:52dd139b} +kind: Secret +metadata: + labels: + name: example-mysql + name: example-mysql + namespace: minikube-mysql +type: Opaque diff --git a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_jsonnet.yml b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_jsonnet.yml new file mode 100644 index 000000000..f6ab65e52 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_jsonnet.yml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + name: example-mysql-jsonnet + name: example-mysql-jsonnet + namespace: minikube-mysql +spec: + clusterIP: None + ports: + - name: mysql + port: 3306 + targetPort: mysql + selector: + name: example-mysql + type: ClusterIP diff --git a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_simple.yml b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_simple.yml new file mode 100644 index 000000000..eb6bc2e53 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_simple.yml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + name: example-mysql + name: example-mysql + namespace: minikube-mysql +spec: + clusterIP: None + ports: + - name: mysql + port: 3306 + targetPort: mysql + selector: + name: example-mysql + type: ClusterIP diff --git a/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_statefulset.yml b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_statefulset.yml new file mode 100644 index 000000000..839a4a3b9 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_statefulset.yml @@ -0,0 +1,44 @@ +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + labels: + name: example-mysql + name: example-mysql + namespace: minikube-mysql +spec: + replicas: 1 + serviceName: example-mysql + template: + metadata: + labels: + name: example-mysql + spec: + containers: + - env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + key: MYSQL_ROOT_PASSWORD + name: example-mysql + image: mysql:latest + imagePullPolicy: Always + name: mysql + ports: + - containerPort: 3306 + name: mysql + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + annotations: + volume.beta.kubernetes.io/storage-class: standard + labels: + name: data + name: data + namespace: minikube-mysql + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10G diff --git a/examples/kubernetes/compiled/minikube-mysql/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/minikube-mysql/pre-deploy/00_namespace.yml new file mode 100644 index 000000000..7a7661686 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/pre-deploy/00_namespace.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: {} + labels: + name: minikube-mysql + name: minikube-mysql + namespace: minikube-mysql +spec: {} diff --git a/examples/kubernetes/compiled/minikube-mysql/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/minikube-mysql/pre-deploy/10_serviceaccount.yml new file mode 100644 index 000000000..46e7bb49b --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/pre-deploy/10_serviceaccount.yml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + labels: + name: default + name: default + namespace: minikube-mysql diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/apply.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/apply.sh new file mode 100755 index 000000000..3cf5eedc4 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/scripts/apply.sh @@ -0,0 +1,14 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + +DIR=$(dirname ${BASH_SOURCE[0]}) + +for SECTION in pre-deploy manifests +do + echo "## run kubectl apply for ${SECTION}" + kapitan refs --reveal -f ${DIR}/../${SECTION}/ | ${DIR}/kubectl.sh apply -f - | column -t +done \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/delete.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/delete.sh new file mode 100755 index 000000000..b6e7e808d --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/scripts/delete.sh @@ -0,0 +1,10 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + +DIR=$(dirname ${BASH_SOURCE[0]}) + +${DIR}/kubectl.sh delete -f ${DIR}/../manifests \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/kubectl.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/kubectl.sh new file mode 100755 index 000000000..04d2b6db6 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/scripts/kubectl.sh @@ -0,0 +1,10 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + +KUBECTL="kubectl --context minikube-mysql --insecure-skip-tls-verify=False " + +${KUBECTL} $@ \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/install_minikube.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/install_minikube.sh new file mode 100755 index 000000000..dcf035f3b --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/install_minikube.sh @@ -0,0 +1,21 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + +case "$(uname -s)" in + Linux*) MINIKUBE_BINARY=minikube-linux-amd64;; + Darwin*) MINIKUBE_BINARY=minikube-darwin-amd64;; + *) exit 1 +esac + +MINIKUBE_VERSION=${MINIKUBE_VERSION:-v0.31.0} +URL=https://storage.googleapis.com/minikube/releases/${MINIKUBE_VERSION}/${MINIKUBE_BINARY} + + +echo Downloading minikube release ${MINIKUBE_VERSION} to /usr/local/bin/minikube +pause +sudo curl --progress-bar -o /usr/local/bin/minikube ${URL} +sudo chmod +x /usr/local/bin/minikube \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/start_minikube.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/start_minikube.sh new file mode 100755 index 000000000..1ed875d6c --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/start_minikube.sh @@ -0,0 +1,10 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + +eval $(minikube docker-env) +minikube start --insecure-registry https://quay.io --memory=4096 --cpus=4 +minikube ssh "sudo ip link set docker0 promisc on" \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/setup_cluster.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/setup_cluster.sh new file mode 100755 index 000000000..7c7a34d55 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/scripts/setup_cluster.sh @@ -0,0 +1,9 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + + + diff --git a/examples/kubernetes/compiled/minikube-mysql/scripts/setup_context.sh b/examples/kubernetes/compiled/minikube-mysql/scripts/setup_context.sh new file mode 100755 index 000000000..ed53eadd7 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-mysql/scripts/setup_context.sh @@ -0,0 +1,9 @@ +#!/bin/bash -eu + +# Copyright 2019 The Kapitan Authors +# SPDX-FileCopyrightText: 2020 The Kapitan Authors +# +# SPDX-License-Identifier: Apache-2.0 + +kubectl config set-context minikube-mysql --cluster minikube --user minikube --namespace minikube-mysql +kubectl config use-context minikube-mysql \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/README.md b/examples/kubernetes/compiled/minikube-nginx-helm/README.md new file mode 100644 index 000000000..8eae91228 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/README.md @@ -0,0 +1,7 @@ + +# Welcome to the README! + +Target *minikube-nginx-helm* is running: + +* 2 replicas of *nginx* running nginx image nginx:1:15.8 +* on cluster minikube \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml new file mode 100644 index 000000000..cbb957f25 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml @@ -0,0 +1,23 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: + helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-admission +rules: + - apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + verbs: + - get + - update diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml new file mode 100644 index 000000000..5c3bbba61 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml @@ -0,0 +1,23 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + annotations: + helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-admission +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: minikube-nginx-helm-ingress-nginx-admission +subjects: + - kind: ServiceAccount + name: minikube-nginx-helm-ingress-nginx-admission + namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml new file mode 100644 index 000000000..28173c2ac --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml @@ -0,0 +1,53 @@ +apiVersion: batch/v1 +kind: Job +metadata: + annotations: + helm.sh/hook: pre-install,pre-upgrade + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-admission-create + namespace: minikube-nginx-helm +spec: + template: + metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-admission-create + spec: + containers: + - args: + - create + - --host=minikube-nginx-helm-ingress-nginx-minikube-nginx-helm-admission,minikube-nginx-helm-ingress-nginx-minikube-nginx-helm-admission.$(POD_NAMESPACE).svc + - --namespace=$(POD_NAMESPACE) + - --secret-name=minikube-nginx-helm-ingress-nginx-admission + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20220916-gd32f8c343@sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f + imagePullPolicy: IfNotPresent + name: create + securityContext: + allowPrivilegeEscalation: false + nodeSelector: + kubernetes.io/os: linux + restartPolicy: OnFailure + securityContext: + fsGroup: 2000 + runAsNonRoot: true + runAsUser: 2000 + serviceAccountName: minikube-nginx-helm-ingress-nginx-admission diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml new file mode 100644 index 000000000..343e596af --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml @@ -0,0 +1,55 @@ +apiVersion: batch/v1 +kind: Job +metadata: + annotations: + helm.sh/hook: post-install,post-upgrade + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-admission-patch + namespace: minikube-nginx-helm +spec: + template: + metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-admission-patch + spec: + containers: + - args: + - patch + - --webhook-name=minikube-nginx-helm-ingress-nginx-admission + - --namespace=$(POD_NAMESPACE) + - --patch-mutating=false + - --secret-name=minikube-nginx-helm-ingress-nginx-admission + - --patch-failure-policy=Fail + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20220916-gd32f8c343@sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f + imagePullPolicy: IfNotPresent + name: patch + securityContext: + allowPrivilegeEscalation: false + nodeSelector: + kubernetes.io/os: linux + restartPolicy: OnFailure + securityContext: + fsGroup: 2000 + runAsNonRoot: true + runAsUser: 2000 + serviceAccountName: minikube-nginx-helm-ingress-nginx-admission diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml new file mode 100644 index 000000000..5ca3c9a2d --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml @@ -0,0 +1,24 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + annotations: + helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-admission + namespace: minikube-nginx-helm +rules: + - apiGroups: + - '' + resources: + - secrets + verbs: + - get + - create diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml new file mode 100644 index 000000000..f94f31629 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml @@ -0,0 +1,24 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + annotations: + helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-admission + namespace: minikube-nginx-helm +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: minikube-nginx-helm-ingress-nginx-admission +subjects: + - kind: ServiceAccount + name: minikube-nginx-helm-ingress-nginx-admission + namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml new file mode 100644 index 000000000..a22c16b53 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + helm.sh/hook: pre-install,pre-upgrade,post-install,post-upgrade + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-admission + namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml new file mode 100644 index 000000000..427e2c741 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml @@ -0,0 +1,34 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-admission +webhooks: + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: minikube-nginx-helm-ingress-nginx-minikube-nginx-helm-admission + namespace: minikube-nginx-helm + path: /networking/v1/ingresses + failurePolicy: Fail + matchPolicy: Equivalent + name: validate.nginx.ingress.kubernetes.io + rules: + - apiGroups: + - networking.k8s.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - ingresses + sideEffects: None diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrole.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrole.yaml new file mode 100644 index 000000000..fb806855c --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrole.yaml @@ -0,0 +1,82 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx +rules: + - apiGroups: + - '' + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets + - namespaces + verbs: + - list + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - list + - watch + - apiGroups: + - '' + resources: + - nodes + verbs: + - get + - apiGroups: + - '' + resources: + - services + verbs: + - get + - list + - watch + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - watch + - apiGroups: + - '' + resources: + - events + verbs: + - create + - patch + - apiGroups: + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update + - apiGroups: + - networking.k8s.io + resources: + - ingressclasses + verbs: + - get + - list + - watch + - apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - list + - watch + - get diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrolebinding.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrolebinding.yaml new file mode 100644 index 000000000..c483d48d6 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/clusterrolebinding.yaml @@ -0,0 +1,19 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: minikube-nginx-helm-ingress-nginx +subjects: + - kind: ServiceAccount + name: minikube-nginx-helm-ingress-nginx + namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-configmap.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-configmap.yaml new file mode 100644 index 000000000..64bdd3d5d --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-configmap.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +data: + allow-snippet-annotations: 'true' +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-minikube-nginx-helm + namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-deployment.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-deployment.yaml new file mode 100644 index 000000000..51fac0fbc --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-deployment.yaml @@ -0,0 +1,114 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-minikube-nginx-helm + namespace: minikube-nginx-helm +spec: + minReadySeconds: 0 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/name: ingress-nginx + template: + metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/name: ingress-nginx + spec: + containers: + - args: + - /nginx-ingress-controller + - --publish-service=$(POD_NAMESPACE)/minikube-nginx-helm-ingress-nginx-minikube-nginx-helm + - --election-id=minikube-nginx-helm-ingress-nginx-leader + - --controller-class=k8s.io/ingress-nginx + - --ingress-class=nginx + - --configmap=$(POD_NAMESPACE)/minikube-nginx-helm-ingress-nginx-minikube-nginx-helm + - --validating-webhook=:8443 + - --validating-webhook-certificate=/usr/local/certificates/cert + - --validating-webhook-key=/usr/local/certificates/key + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: LD_PRELOAD + value: /usr/local/lib/libmimalloc.so + image: registry.k8s.io/ingress-nginx/controller:v1.5.1@sha256:4ba73c697770664c1e00e9f968de14e08f606ff961c76e5d7033a4a9c593c629 + imagePullPolicy: IfNotPresent + lifecycle: + preStop: + exec: + command: + - /wait-shutdown + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: controller + ports: + - containerPort: 80 + name: http + protocol: TCP + - containerPort: 443 + name: https + protocol: TCP + - containerPort: 8443 + name: webhook + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 100m + memory: 90Mi + securityContext: + allowPrivilegeEscalation: true + capabilities: + add: + - NET_BIND_SERVICE + drop: + - ALL + runAsUser: 101 + volumeMounts: + - mountPath: /usr/local/certificates/ + name: webhook-cert + readOnly: true + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/os: linux + serviceAccountName: minikube-nginx-helm-ingress-nginx + terminationGracePeriodSeconds: 300 + volumes: + - name: webhook-cert + secret: + secretName: minikube-nginx-helm-ingress-nginx-admission diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-ingressclass.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-ingressclass.yaml new file mode 100644 index 000000000..8593a4b0d --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-ingressclass.yaml @@ -0,0 +1,14 @@ +apiVersion: networking.k8s.io/v1 +kind: IngressClass +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: nginx +spec: + controller: k8s.io/ingress-nginx diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-role.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-role.yaml new file mode 100644 index 000000000..2e2bed83c --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-role.yaml @@ -0,0 +1,106 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx + namespace: minikube-nginx-helm +rules: + - apiGroups: + - '' + resources: + - namespaces + verbs: + - get + - apiGroups: + - '' + resources: + - configmaps + - pods + - secrets + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - '' + resources: + - services + verbs: + - get + - list + - watch + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - watch + - apiGroups: + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update + - apiGroups: + - networking.k8s.io + resources: + - ingressclasses + verbs: + - get + - list + - watch + - apiGroups: + - '' + resourceNames: + - minikube-nginx-helm-ingress-nginx-leader + resources: + - configmaps + verbs: + - get + - update + - apiGroups: + - '' + resources: + - configmaps + verbs: + - create + - apiGroups: + - coordination.k8s.io + resourceNames: + - minikube-nginx-helm-ingress-nginx-leader + resources: + - leases + verbs: + - get + - update + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - apiGroups: + - '' + resources: + - events + verbs: + - create + - patch + - apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - list + - watch + - get diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-rolebinding.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-rolebinding.yaml new file mode 100644 index 000000000..2d7cdc5dd --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-rolebinding.yaml @@ -0,0 +1,21 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx + namespace: minikube-nginx-helm +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: minikube-nginx-helm-ingress-nginx +subjects: + - kind: ServiceAccount + name: minikube-nginx-helm-ingress-nginx + namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service-webhook.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service-webhook.yaml new file mode 100644 index 000000000..c3eb0f5cd --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service-webhook.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-minikube-nginx-helm-admission + namespace: minikube-nginx-helm +spec: + ports: + - appProtocol: https + name: https-webhook + port: 443 + targetPort: webhook + selector: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/name: ingress-nginx + type: ClusterIP diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service.yaml new file mode 100644 index 000000000..1c440e447 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-service.yaml @@ -0,0 +1,34 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx-minikube-nginx-helm + namespace: minikube-nginx-helm +spec: + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - appProtocol: http + name: http + port: 80 + protocol: TCP + targetPort: http + - appProtocol: https + name: https + port: 443 + protocol: TCP + targetPort: https + selector: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/name: ingress-nginx + type: LoadBalancer diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-serviceaccount.yaml b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-serviceaccount.yaml new file mode 100644 index 000000000..7f9eee38a --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-serviceaccount.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +automountServiceAccountToken: true +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: minikube-nginx-helm + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.5.1 + helm.sh/chart: ingress-nginx-4.4.0 + name: minikube-nginx-helm-ingress-nginx + namespace: minikube-nginx-helm diff --git a/examples/kubernetes/compiled/minikube-nginx-helm/nginx-deploy.sh b/examples/kubernetes/compiled/minikube-nginx-helm/nginx-deploy.sh new file mode 100644 index 000000000..4d2d8fa90 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-helm/nginx-deploy.sh @@ -0,0 +1,14 @@ +#!/bin/bash -e +DIR=$(dirname ${BASH_SOURCE[0]}) + #(1)! + +KUBECTL="kubectl -n None" #(2)! + +# Create namespace before anything else +${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml + +for SECTION in manifests +do + echo "## run kubectl apply for ${SECTION}" + ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t +done \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-jsonnet/README.md b/examples/kubernetes/compiled/minikube-nginx-jsonnet/README.md new file mode 100644 index 000000000..5e6afb2c3 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-jsonnet/README.md @@ -0,0 +1,7 @@ + +# Welcome to the README! + +Target *minikube-nginx-jsonnet* is running: + +* 1 replicas of *nginx* running nginx image nginx:1:15.8 +* on cluster minikube \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-deployment.yml b/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-deployment.yml new file mode 100644 index 000000000..f0aa0a0a5 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-deployment.yml @@ -0,0 +1,36 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + annotations: {} + labels: + name: nginx + name: nginx + namespace: minikube-nginx-jsonnet +spec: + minReadySeconds: 30 + replicas: 1 + revisionHistoryLimit: 10 + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + annotations: {} + labels: + name: nginx + spec: + containers: + - args: [] + env: [] + image: nginx:1:15.8 + imagePullPolicy: Always + name: nginx + ports: + - containerPort: 80 + name: http + volumeMounts: [] + imagePullSecrets: [] + initContainers: [] + volumes: [] diff --git a/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-service.yml b/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-service.yml new file mode 100644 index 000000000..2a0f11cf4 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-service.yml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: {} + labels: + name: nginx + name: nginx + namespace: minikube-nginx-jsonnet +spec: + loadBalancerSourceRanges: [] + ports: + - name: http + port: 80 + targetPort: http + selector: + name: nginx + type: NodePort diff --git a/examples/kubernetes/compiled/minikube-nginx-jsonnet/nginx-deploy.sh b/examples/kubernetes/compiled/minikube-nginx-jsonnet/nginx-deploy.sh new file mode 100644 index 000000000..13ae55643 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-jsonnet/nginx-deploy.sh @@ -0,0 +1,14 @@ +#!/bin/bash -e +DIR=$(dirname ${BASH_SOURCE[0]}) + #(1)! + +KUBECTL="kubectl -n minikube-nginx-jsonnet" #(2)! + +# Create namespace before anything else +${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml + +for SECTION in manifests +do + echo "## run kubectl apply for ${SECTION}" + ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t +done \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/00_namespace.yml new file mode 100644 index 000000000..553f3f3bb --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/00_namespace.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: {} + labels: + name: minikube-nginx-jsonnet + name: minikube-nginx-jsonnet + namespace: minikube-nginx-jsonnet +spec: {} diff --git a/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/10_serviceaccount.yml new file mode 100644 index 000000000..63c4fae7f --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/10_serviceaccount.yml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + labels: + name: default + name: default + namespace: minikube-nginx-jsonnet diff --git a/examples/kubernetes/compiled/minikube-nginx-kadet/README.md b/examples/kubernetes/compiled/minikube-nginx-kadet/README.md new file mode 100644 index 000000000..6dcd055e7 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-kadet/README.md @@ -0,0 +1,7 @@ + +# Welcome to the README! + +Target *minikube-nginx-kadet* is running: + +* 2 replicas of *nginx* running nginx image nginx:1:15.8 +* on cluster minikube \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_deployment.yml b/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_deployment.yml new file mode 100644 index 000000000..3a34e0ad2 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_deployment.yml @@ -0,0 +1,17 @@ +kind: Deployment +metadata: + name: nginx + namespace: minikube-nginx-kadet +spec: + replicas: 1 + revisionHistoryLimit: 10 + template: + metadata: + labels: + app: nginx + spec: + containers: + - image: nginx:1:15.8 + name: nginx + ports: + - containerPort: 80 diff --git a/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_service.yml b/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_service.yml new file mode 100644 index 000000000..4bfc6ebf5 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_service.yml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: nginx + name: nginx + namespace: minikube-nginx-kadet +spec: + ports: + - name: http + port: 80 + targetPort: 80 + selector: + app: nginx + type: NodePort diff --git a/examples/kubernetes/compiled/minikube-nginx-kadet/nginx-deploy.sh b/examples/kubernetes/compiled/minikube-nginx-kadet/nginx-deploy.sh new file mode 100644 index 000000000..509063a82 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-kadet/nginx-deploy.sh @@ -0,0 +1,14 @@ +#!/bin/bash -e +DIR=$(dirname ${BASH_SOURCE[0]}) + #(1)! + +KUBECTL="kubectl -n minikube-nginx-kadet" #(2)! + +# Create namespace before anything else +${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml + +for SECTION in manifests +do + echo "## run kubectl apply for ${SECTION}" + ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t +done \ No newline at end of file diff --git a/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/00_namespace.yml b/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/00_namespace.yml new file mode 100644 index 000000000..2f00d3447 --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/00_namespace.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: {} + labels: + name: minikube-nginx-kadet + name: minikube-nginx-kadet + namespace: minikube-nginx-kadet +spec: {} diff --git a/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/10_serviceaccount.yml b/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/10_serviceaccount.yml new file mode 100644 index 000000000..634277e2a --- /dev/null +++ b/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/10_serviceaccount.yml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + labels: + name: default + name: default + namespace: minikube-nginx-kadet From d008c2b412b20ea398822e6fc6fe9a78556cb402 Mon Sep 17 00:00:00 2001 From: Alessandro De Maria Date: Tue, 2 Apr 2024 12:09:47 +0000 Subject: [PATCH 3/4] Refactor --- kapitan/cli.py | 1 + 1 file changed, 1 insertion(+) diff --git a/kapitan/cli.py b/kapitan/cli.py index b4230456c..0d7e13208 100644 --- a/kapitan/cli.py +++ b/kapitan/cli.py @@ -28,6 +28,7 @@ from kapitan.targets import schema_validate_compiled from kapitan.utils import from_dot_kapitan, searchvar from kapitan.version import DESCRIPTION, PROJECT_NAME, VERSION +from kapitan.triggers.compile import trigger_compile logger = logging.getLogger(__name__) From ad714a71a71876e626a2341a57d2d0e104f1b66b Mon Sep 17 00:00:00 2001 From: Alessandro De Maria Date: Thu, 11 Apr 2024 07:10:54 +0000 Subject: [PATCH 4/4] refactor --- kapitan/triggers/compile.py | 1 - 1 file changed, 1 deletion(-) diff --git a/kapitan/triggers/compile.py b/kapitan/triggers/compile.py index 7980a54d8..6bafa83b5 100644 --- a/kapitan/triggers/compile.py +++ b/kapitan/triggers/compile.py @@ -23,7 +23,6 @@ from kapitan.inputs.jsonnet import Jsonnet from kapitan.inputs.kadet import Kadet from kapitan.inputs.remove import Remove -from kapitan.validator.kubernetes_validator import KubernetesManifestValidator logger = logging.getLogger(__name__)