feat: remove the need for raw jinja blocks (#1158)

Signed-off-by: Devin Buhl <devin@buhl.casa>
onedr0p · Jan 15, 2024 · e6fbc6e · e6fbc6e
1 parent f9481d6
commit e6fbc6e
Show file tree

Hide file tree

Showing 92 changed files with 430 additions and 441 deletions.
diff --git a/.github/renovate.json5 b/.github/renovate.json5
@@ -22,14 +22,12 @@
   },
   "helm-values": {
     "fileMatch": [
-      "(^|/)addons/.+\\.ya?ml(\\.j2)?(\\.j2)?$",
       "(^|/)ansible/.+\\.ya?ml(\\.j2)?(\\.j2)?$",
       "(^|/)kubernetes/.+\\.ya?ml(\\.j2)?(\\.j2)?$"
     ]
   },
   "kubernetes": {
     "fileMatch": [
-      "(^|/)addons/.+\\.ya?ml(\\.j2)?(\\.j2)?$",
       "(^|/)ansible/.+\\.ya?ml(\\.j2)?(\\.j2)?$",
       "(^|/)kubernetes/.+\\.ya?ml(\\.j2)?(\\.j2)?$"
     ]
@@ -225,7 +223,6 @@
       "description": "Process various other dependencies",
       "fileMatch": [
         "(^|/).taskfiles/.+\\.ya?ml$",
-        "(^|/)addons/.+\\.ya?ml(\\.j2)?(\\.j2)?$",
         "(^|/)ansible/.+\\.ya?ml(\\.j2)?(\\.j2)?$",
         "(^|/)kubernetes/.+\\.ya?ml(\\.j2)?(\\.j2)?$",
         "(^|/)k0s-config.ya?ml(\\.j2)?(\\.j2)?$"

diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml
@@ -11,8 +11,8 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  e2e-yay:
-    name: e2e-yay
+  yay:
+    name: yay
     runs-on: ubuntu-latest
     container:
       image: greyltc/archlinux-aur:yay
@@ -30,8 +30,8 @@ jobs:
           go-task workstation:yay
           '
 
-  e2e-configure:
-    name: e2e-configure
+  configure:
+    name: configure
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false

diff --git a/.taskfiles/Repo/Taskfile.yaml b/.taskfiles/Repo/Taskfile.yaml
@@ -13,9 +13,9 @@ tasks:
       # Move bootstrap directory to gitignored directory
       - mkdir -p {{.ROOT_DIR}}/.private
       - mv {{.BOOTSTRAP_DIR}} {{.ROOT_DIR}}/.private/bootstrap-{{now | date "150405"}}
+      - mv {{.ROOT_DIR}}/makejinja.toml {{.ROOT_DIR}}/.private/makejinja-{{now | date "150405"}}.toml
       # Update renovate.json5
       - sed -i {{if eq OS "darwin"}}''{{end}} 's/(..\.j2)\?(..\.j2)\?//g' {{.ROOT_DIR}}/.github/renovate.json5
-      - sed -i {{if eq OS "darwin"}}''{{end}} '/addons/d' {{.ROOT_DIR}}/.github/renovate.json5
     preconditions:
       - { msg: "bootstrap dir not found",  sh: "test -d {{.BOOTSTRAP_DIR}}" }
       - { msg: "renovate.json5 not found", sh: "test -f {{.ROOT_DIR}}/.github/renovate.json5" }

diff --git a/Taskfile.yaml b/Taskfile.yaml
@@ -65,15 +65,9 @@ tasks:
     internal: true
     cmds:
       - ./.venv/bin/makejinja
-          --input "{{.BOOTSTRAP_DIR}}/templates"
-          --output "{{.ROOT_DIR}}"
-          --data "{{.BOOTSTRAP_DIR}}/vars/config.yaml"
-          --data "{{.BOOTSTRAP_DIR}}/vars/addons.yaml"
-          --import-path "{{.BOOTSTRAP_DIR}}/scripts"
-          --loader "loader:Loader"
-          --jinja-suffix ".j2" --quiet --force
       - find {{.ANSIBLE_DIR}} {{.KUBERNETES_DIR}} -type d -empty -delete
     preconditions:
-      - { msg: "addons file not found", sh: "test -f {{.BOOTSTRAP_DIR}}/vars/addons.yaml" }
-      - { msg: "config file not found", sh: "test -f {{.BOOTSTRAP_DIR}}/vars/config.yaml" }
-      - { msg: "loader file not found", sh: "test -f {{.BOOTSTRAP_DIR}}/scripts/loader.py" }
+      - { msg: "bootstrap addons file not found", sh: "test -f {{.BOOTSTRAP_DIR}}/vars/addons.yaml" }
+      - { msg: "bootstrap config file not found", sh: "test -f {{.BOOTSTRAP_DIR}}/vars/config.yaml" }
+      - { msg: "makejinja loader file not found", sh: "test -f {{.BOOTSTRAP_DIR}}/scripts/loader.py" }
+      - { msg: "makejinja config file not found", sh: "test -f {{.ROOT_DIR}}/makejinja.toml" }
diff --git a/bootstrap/templates/.sops.yaml.j2 b/bootstrap/templates/.sops.yaml.j2
@@ -4,8 +4,8 @@ creation_rules:
     encrypted_regex: "^(data|stringData)$"
     key_groups:
       - age:
-          - "{{ bootstrap_age_public_key }}"
+          - "<< bootstrap_age_public_key >>"
   - path_regex: ansible/.*\.sops\.ya?ml
     key_groups:
       - age:
-          - "{{ bootstrap_age_public_key }}"
+          - "<< bootstrap_age_public_key >>"
diff --git a/bootstrap/templates/ansible/inventory/group_vars/kubernetes/main.yaml.j2 b/bootstrap/templates/ansible/inventory/group_vars/kubernetes/main.yaml.j2
@@ -1,4 +1,4 @@
-{% if bootstrap_distribution == 'k3s' %}
+<% if bootstrap_distribution == 'k3s' %>
 ---
 #
 # Below vars are for the xanmanning.k3s role
@@ -9,23 +9,23 @@
 k3s_release_version: "v1.29.0+k3s1"
 k3s_install_hard_links: true
 k3s_become: true
-{% if bootstrap_nodes.master | length > 1 %}
+<% if bootstrap_nodes.master | length > 1 %>
 k3s_etcd_datastore: true
-{% else %}
+<% else %>
 k3s_etcd_datastore: false
-{% endif %}
-k3s_registration_address: "{% raw %}{{ kube_api_addr }}{% endraw %}"
+<% endif %>
+k3s_registration_address: "{{ kube_api_addr }}"
 # /var/lib/rancher/k3s/server/manifests
 k3s_server_manifests_templates:
   - custom-cilium-helmchart.yaml.j2
   - custom-coredns-helmchart.yaml.j2
-{% if bootstrap_nodes.master | length > 1 and not bootstrap_kube_api_addr %}
+<% if bootstrap_nodes.master | length > 1 and not bootstrap_kube_api_addr %>
 # /var/lib/rancher/k3s/server/manifests
 k3s_server_manifests_urls:
   - url: https://raw.githubusercontent.com/kube-vip/website/main/content/manifests/rbac.yaml
     filename: kube-vip-rbac.yaml
 # /var/lib/rancher/k3s/agent/pod-manifests
 k3s_server_pod_manifests_templates:
   - kube-vip-static-pod.yaml.j2
-{% endif %}
-{% endif %}
+<% endif %>
+<% endif %>
diff --git a/bootstrap/templates/ansible/inventory/group_vars/kubernetes/supplemental.yaml.j2 b/bootstrap/templates/ansible/inventory/group_vars/kubernetes/supplemental.yaml.j2
@@ -1,16 +1,16 @@
 ---
-timezone: "{{ bootstrap_timezone }}"
-github_username: "{{ bootstrap_github_username }}"
-coredns_addr: "{{ bootstrap_service_cidr.split(',')[0] | nthhost(10) }}"
-{% if bootstrap_nodes.master | length == 1 and not bootstrap_kube_api_addr %}
-kube_api_addr: "{{ bootstrap_nodes.master[0].address }}"
-{% else %}
-kube_api_addr: "{{ bootstrap_kube_api_addr }}"
-{% endif %}
-cluster_cidr: "{{ bootstrap_cluster_cidr.split(',')[0] }}"
-service_cidr: "{{ bootstrap_service_cidr.split(',')[0] }}"
-node_cidr: "{{ bootstrap_node_cidr }}"
-{% if bootstrap_ipv6_enabled | default(false) %}
-cluster_cidr_v6: "{{ bootstrap_cluster_cidr.split(',')[1] }}"
-service_cidr_v6: "{{ bootstrap_service_cidr.split(',')[1] }}"
-{% endif %}
+timezone: "<< bootstrap_timezone >>"
+github_username: "<< bootstrap_github_username >>"
+coredns_addr: "<< bootstrap_service_cidr.split(',')[0] | nthhost(10) >>"
+<% if bootstrap_nodes.master | length == 1 and not bootstrap_kube_api_addr %>
+kube_api_addr: "<< bootstrap_nodes.master[0].address >>"
+<% else %>
+kube_api_addr: "<< bootstrap_kube_api_addr >>"
+<% endif %>
+cluster_cidr: "<< bootstrap_cluster_cidr.split(',')[0] >>"
+service_cidr: "<< bootstrap_service_cidr.split(',')[0] >>"
+node_cidr: "<< bootstrap_node_cidr >>"
+<% if bootstrap_ipv6_enabled | default(false) %>
+cluster_cidr_v6: "<< bootstrap_cluster_cidr.split(',')[1] >>"
+service_cidr_v6: "<< bootstrap_service_cidr.split(',')[1] >>"
+<% endif %>
diff --git a/bootstrap/templates/ansible/inventory/group_vars/master/main.yaml.j2 b/bootstrap/templates/ansible/inventory/group_vars/master/main.yaml.j2
@@ -1,17 +1,17 @@
-{% if bootstrap_distribution == 'k3s' %}
+<% if bootstrap_distribution == 'k3s' %>
 ---
 # https://rancher.com/docs/k3s/latest/en/installation/install-options/server-config/
 # https://github.com/PyratLabs/ansible-role-k3s
 
 k3s_control_node: true
 k3s_server:
-  {% if bootstrap_ipv6_enabled | default(false) %}
-  node-ip: "{% raw %}{{ ansible_host }},{{ ansible_default_ipv6.address }}{% endraw %}"
-  {% else %}
-  node-ip: "{% raw %}{{ ansible_host }}{% endraw %}"
-  {% endif %}
+  <% if bootstrap_ipv6_enabled | default(false) %>
+  node-ip: "{{ ansible_host }},{{ ansible_default_ipv6.address }}"
+  <% else %>
+  node-ip: "{{ ansible_host }}"
+  <% endif %>
   tls-san:
-    - "{% raw %}{{ kube_api_addr }}{% endraw %}"
+    - "{{ kube_api_addr }}"
   docker: false
   flannel-backend: "none"             # This needs to be in quotes
   disable:
@@ -27,13 +27,13 @@ k3s_server:
   write-kubeconfig-mode: "644"
   pause-image: registry.k8s.io/pause:3.9
   secrets-encryption: true
-  {% if bootstrap_ipv6_enabled | default(false) %}
-  cluster-cidr: "{% raw %}{{ cluster_cidr }},{{ cluster_cidr_v6 }}{% endraw %}"
-  service-cidr: "{% raw %}{{ service_cidr }},{{ service_cidr_v6 }}{% endraw %}"
-  {% else %}
-  cluster-cidr: "{% raw %}{{ cluster_cidr }}{% endraw %}"
-  service-cidr: "{% raw %}{{ service_cidr }}{% endraw %}"
-  {% endif %}
+  <% if bootstrap_ipv6_enabled | default(false) %>
+  cluster-cidr: "{{ cluster_cidr }},{{ cluster_cidr_v6 }}"
+  service-cidr: "{{ service_cidr }},{{ service_cidr_v6 }}"
+  <% else %>
+  cluster-cidr: "{{ cluster_cidr }}"
+  service-cidr: "{{ service_cidr }}"
+  <% endif %>
   etcd-expose-metrics: true           # Required to monitor etcd with kube-prometheus-stack
   kube-controller-manager-arg:
     - "bind-address=0.0.0.0"          # Required to monitor kube-controller-manager with kube-prometheus-stack
@@ -45,4 +45,4 @@ k3s_server:
   kubelet-arg:
     - "image-gc-high-threshold=55"
     - "image-gc-low-threshold=50"
-{% endif %}
+<% endif %>
diff --git a/bootstrap/templates/ansible/inventory/group_vars/worker/main.yaml.j2 b/bootstrap/templates/ansible/inventory/group_vars/worker/main.yaml.j2
@@ -1,18 +1,18 @@
-{% if bootstrap_distribution == 'k3s' %}
+<% if bootstrap_distribution == 'k3s' %>
 ---
 # https://rancher.com/docs/k3s/latest/en/installation/install-options/agent-config/
 # https://github.com/PyratLabs/ansible-role-k3s
 
 k3s_control_node: false
 k3s_agent:
-  {% if bootstrap_ipv6_enabled | default(false) %}
-  node-ip: "{% raw %}{{ ansible_host }},{{ ansible_default_ipv6.address }}{% endraw %}"
-  {% else %}
-  node-ip: "{% raw %}{{ ansible_host }}{% endraw %}"
-  {% endif %}
+  <% if bootstrap_ipv6_enabled | default(false) %>
+  node-ip: "{{ ansible_host }},{{ ansible_default_ipv6.address }}"
+  <% else %>
+  node-ip: "{{ ansible_host }}"
+  <% endif %>
   pause-image: registry.k8s.io/pause:3.9
   # TODO: Move these options to a kubelet config file
   kubelet-arg:
     - "image-gc-high-threshold=55"
     - "image-gc-low-threshold=50"
-{% endif %}
+<% endif %>
diff --git a/bootstrap/templates/ansible/inventory/hosts.yaml.j2 b/bootstrap/templates/ansible/inventory/hosts.yaml.j2
@@ -3,25 +3,25 @@ kubernetes:
   children:
     master:
       hosts:
-      {% for item in bootstrap_nodes.master %}
-        {{ item.name }}:
-          ansible_user: {{ item.username }}
-      {% if item.external_address is defined %}
-          ansible_host: {{ item.external_address }}
-      {% else %}
-          ansible_host: {{ item.address }}
-      {% endif %}
-      {% endfor %}
-    {% if bootstrap_nodes.worker | default([]) | length > 0 %}
+      <% for item in bootstrap_nodes.master %>
+        << item.name >>:
+          ansible_user: << item.username >>
+      <% if item.external_address is defined %>
+          ansible_host: << item.external_address >>
+      <% else %>
+          ansible_host: << item.address >>
+      <% endif %>
+      <% endfor %>
+    <% if bootstrap_nodes.worker | default([]) | length > 0 %>
     worker:
       hosts:
-      {% for item in bootstrap_nodes.worker %}
-        {{ item.name }}:
-          ansible_user: {{ item.username }}
-      {% if item.external_address is defined %}
-          ansible_host: {{ item.external_address }}
-      {% else %}
-          ansible_host: {{ item.address }}
-      {% endif %}
-      {% endfor %}
-    {% endif %}
+      <% for item in bootstrap_nodes.worker %>
+        << item.name >>:
+          ansible_user: << item.username >>
+      <% if item.external_address is defined %>
+          ansible_host: << item.external_address >>
+      <% else %>
+          ansible_host: << item.address >>
+      <% endif %>
+      <% endfor %>
+    <% endif %>
diff --git a/bootstrap/templates/ansible/playbooks/cluster-installation.yaml.j2 b/bootstrap/templates/ansible/playbooks/cluster-installation.yaml.j2
@@ -1,4 +1,4 @@
-{% if bootstrap_distribution == 'k3s' %}
+<% if bootstrap_distribution == 'k3s' %>
 ---
 - name: Cluster Installation
   hosts: kubernetes
@@ -39,9 +39,9 @@
             or k3s_server_manifests_urls | length > 0)
       kubernetes.core.k8s_info:
         kubeconfig: /etc/rancher/k3s/k3s.yaml
-        kind: "{% raw %}{{ item.kind }}{% endraw %}"
-        name: "{% raw %}{{ item.name }}{% endraw %}"
-        namespace: "{% raw %}{{ item.namespace | default('') }}{% endraw %}"
+        kind: "{{ item.kind }}"
+        name: "{{ item.name }}"
+        namespace: "{{ item.namespace | default('') }}"
         wait: true
         wait_sleep: 10
         wait_timeout: 360
@@ -60,4 +60,4 @@
     - name: Cruft
       when: k3s_primary_control_node
       ansible.builtin.include_tasks: tasks/cruft.yaml
-{% endif %}
+<% endif %>
diff --git a/bootstrap/templates/ansible/playbooks/cluster-kube-vip.yaml.j2 b/bootstrap/templates/ansible/playbooks/cluster-kube-vip.yaml.j2
@@ -1,4 +1,4 @@
-{% if bootstrap_distribution == 'k3s' %}
+<% if bootstrap_distribution == 'k3s' %>
 ---
 - name: Cluster kube-vip
   hosts: master
@@ -21,6 +21,6 @@
     - name: Upgrade kube-vip
       ansible.builtin.template:
         src: templates/kube-vip-static-pod.yaml.j2
-        dest: "{% raw %}{{ k3s_server_pod_manifests_dir }}{% endraw %}/kube-vip-static-pod.yaml"
+        dest: "{{ k3s_server_pod_manifests_dir }}/kube-vip-static-pod.yaml"
         mode: preserve
-{% endif %}
+<% endif %>
diff --git a/bootstrap/templates/ansible/playbooks/cluster-nuke.yaml.j2 b/bootstrap/templates/ansible/playbooks/cluster-nuke.yaml.j2
@@ -21,7 +21,7 @@
       ansible.builtin.pause:
         seconds: 5
   tasks:
-    {% if bootstrap_distribution == "k3s" %}
+    <% if bootstrap_distribution == "k3s" %>
     - name: Stop Kubernetes # noqa: ignore-errors
       ignore_errors: true
       block:
@@ -31,24 +31,24 @@
             public: true
           vars:
             k3s_state: stopped
-    {% endif %}
+    <% endif %>
 
     # https://github.com/k3s-io/docs/blob/main/docs/installation/network-options.md
     - name: Networking
       block:
         - name: Networking | Delete Cilium links
           ansible.builtin.command:
-            cmd: "ip link delete {% raw %}{{ item }}{% endraw %}"
-            removes: "/sys/class/net/{% raw %}{{ item }}{% endraw %}"
+            cmd: "ip link delete {{ item }}"
+            removes: "/sys/class/net/{{ item }}"
           loop: ["cilium_host", "cilium_net", "cilium_vxlan"]
         - name: Networking | Flush iptables
           ansible.builtin.iptables:
-            table: "{% raw %}{{ item }}{% endraw %}"
+            table: "{{ item }}"
             flush: true
           loop: ["filter", "nat", "mangle", "raw"]
         - name: Networking | Flush ip6tables
           ansible.builtin.iptables:
-            table: "{% raw %}{{ item }}{% endraw %}"
+            table: "{{ item }}"
             flush: true
             ip_version: ipv6
           loop: ["filter", "nat", "mangle", "raw"]
@@ -57,7 +57,7 @@
             path: /etc/cni/net.d
             state: absent
 
-    {% if bootstrap_distribution == "k3s" %}
+    <% if bootstrap_distribution == "k3s" %>
     - name: Check to see if k3s-killall.sh exits
       ansible.builtin.stat:
         path: /usr/local/bin/k3s-killall.sh
@@ -89,14 +89,14 @@
         - k3s_install_hard_links
         - not ansible_check_mode
       ansible.builtin.file:
-        path: "{% raw %}{{ k3s_install_dir }}/{{ item }}{% endraw %}"
+        path: "{{ k3s_install_dir }}/{{ item }}"
         state: absent
       loop: ["kubectl", "crictl", "ctr"]
-    {% endif %}
+    <% endif %>
 
     - name: Remove local storage path
       ansible.builtin.file:
-        path: "{{ bootstrap_local_storage_path }}"
+        path: "<< bootstrap_local_storage_path >>"
         state: absent
 
     - name: Reboot