starred/holos
1
0
Fork 0
mirror of https://github.com/holos-run/holos.git synced 2026-03-20 17:25:01 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity
142 Commits 25 Branches 180 Tags
b86fee04fc5e6abeb4e3fa040b274069c19ca425
Commit Graph

8 Commits

Author SHA1 Message Date
Jeff McCune
a6dab235f5 Add SecretStore and ExternalSecret validation component 
This patch adds a holos component to deploy a SecretStore and
ExternalSecret in the default namespace to validate authentication with
Vault is configured correctly.

The default ksa is used to authenticate to vault.
 2024-02-13 17:21:14 -08:00
Jeff McCune
f4c85736a2 Move instances to leaf nodes for cue 
This patch makes it possible to build all components for a platform with
a single command:

  ❯ holos render ~/workspace/holos-run/holos/docs/examples/platforms/reference/...
  2:51PM INF render.go:39 rendered prod-secrets-eso version=0.42.0 status=ok action=rendered name=prod-secrets-eso
  2:51PM INF render.go:39 rendered prod-secrets-namespaces version=0.42.0 status=ok action=rendered name=prod-secrets-namespaces

Note the `reference/...` path base name.  Without this patch cue tried
to build an intermediate directory instance.
 2024-02-13 14:51:01 -08:00
Jeff McCune
cde4380049 Add holos component HelmChart type 
This patch implements rendering a holos component from an upstream helm
chart using a values.yaml file generated by CUE.  The resulting
kubernetes api objects are saved to the deploy directory in the same way
the KubernetesObject holos component type.

```
❯ holos render --cluster-name=core2 ./docs/examples/platforms/reference/projects/secrets/components/...
3:55PM INF render.go:39 rendered prod-secrets-eso version=0.41.0 status=ok action=rendered name=prod-secrets-eso
3:55PM INF render.go:39 rendered prod-secrets-namespaces version=0.41.0 status=ok action=rendered name=prod-secrets-namespaces
```

```
❯ tree deploy
deploy
└── clusters
    └── core2
        ├── components
        │   ├── prod-secrets-eso
        │   │   └── prod-secrets-eso.gen.yaml
        │   └── prod-secrets-namespaces
        │       └── prod-secrets-namespaces.gen.yaml
        └── holos
            └── components
                ├── prod-secrets-eso-kustomization.gen.yaml
                └── prod-secrets-namespaces-kustomization.gen.yaml

7 directories, 4 files
```
 2024-02-12 15:56:06 -08:00
Jeff McCune
9739fc6471 Initial structure for helm support 
Stopping here to look into generating go types from the cue output type
definitions.
 2024-02-10 17:14:42 -08:00
Jeff McCune
bb06fa742a Render flux Kustomization along with api objects 
This patch writes a Flux Kustomization to apply the api objects rendered
by a component instance.

    ❯ holos render --log-format=json --log-level=debug --cluster-name core2 ./docs/examples/platforms/reference/projects/secrets/components/namespaces/ 2> >(./scripts/msgs)
    config.go:91    finalized config from flags
    builder.go:129  cue export --out yaml -t cluster=core2 ./platforms/reference/projects/secrets/components/namespaces
    builder.go:134  configured cue tags: [cluster=core2]
    builder.go:94   wrote deploy/clusters/core2/components/prod-secrets-namespaces/prod-secrets-namespaces.gen.yaml
    builder.go:94   wrote deploy/clusters/core2/holos/components/prod-secrets-namespaces-kustomization.gen.yaml
    render.go:39    rendered prod-secrets-namespaces

```yaml
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: prod-secrets-namespaces
  namespace: flux-system
spec:
  interval: 30m0s
  path: deploy/clusters/core2/components/prod-secrets-namespaces
  prune: true
  retryInterval: 2m0s
  sourceRef:
    kind: GitRepository
    name: flux-system
  timeout: 3m0s
  wait: true
```
 2024-02-09 15:42:50 -08:00
Jeff McCune
e2b1fa0d47 Rename cue out field to content and add content-type 
Content seems more appropriate of a field name, and it makes sense since
we are likely to output other formats than yaml, probably json too.  We
need to discriminate on content type, so also add a contentType field.

Semantics are meant to be the same has the http content type header, but
simple.
 2024-02-08 22:26:07 -08:00
Jeff McCune
e018deef5a Add name field to cue output schema 
The intent is for all of the output formats to share a common `name`
field, useful to construct a file name to write rendered output to for
git ops.

This is equivalent to the OrderedComponent name specified in the
platform.yaml in the prototype.
 2024-02-08 22:09:00 -08:00
Jeff McCune
9603e6b551 Manage the external-secrets namespace 
This patch adds the first platform component built with CUE.  The intent
is to give a concrete use case for migrating the platform.yaml spec over
to the new approach with CUE.

This component is a simple namespace for the external secrets operator.
The majority of this patch is in setting up the structure of the CUE
module.  The component is _not_ wired up to the holos cli yet, instead
it's built directly with cue using:

    cd ./docs/examples/
    cue export --out text -t cluster=core1 -e out ./platforms/reference/projects/secrets/components/namespaces/...

The command produces the same output as the was previously produced
using helm templates [here][1].

[1]: https://github.com/holos-run/holos-infra/blob/v0.4.0/deploy/clusters/core1/components/prod-secrets-namespaces/prod-secrets-namespaces.nofmt.yaml
 2024-02-05 14:07:56 -08:00