starred/holos
1
0
Fork 0
mirror of https://github.com/holos-run/holos.git synced 2026-03-19 16:54:58 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

Compare commits

base: starred:v0.101.4
Branches Tags
starred:main starred:dependabot/go_modules/go_modules-a258281abc starred:dependabot/npm_and_yarn/doc/website/npm_and_yarn-495cad6dbb starred:dependabot/npm_and_yarn/doc/website/npm_and_yarn-31e1e7acf6 starred:jeff/v1alpha6-executor starred:jeff/435-examples starred:jeff/gemini-compare starred:jeff/compile-backup starred:jeff/xcue starred:jeff/command starred:kubeslice starred:jeff/406-unify-values starred:gl/embed-timoni-for-tests starred:jeff/378-kargo-topic starred:gl/helm-values-test-fixes starred:test starred:jeff/370-private-helm-repositories starred:jeff/371-helm-sdk starred:jeff/readme starred:jeff/327-brew-install starred:release starred:gl/311-setup-and-hello-holos starred:301-docs-structure-refactor starred:jeff/225-ko-release starred:jeff/try-holos
starred:v0.106.0 starred:v0.105.1 starred:v0.105.0 starred:v0.104.3 starred:v0.104.2 starred:v0.104.1 starred:v0.104.0 starred:v0.103.0 starred:v0.102.5 starred:v0.102.4 starred:v0.102.3 starred:v0.102.2 starred:v0.102.1 starred:v0.102.0 starred:v0.1.1 starred:v0.1.0 starred:v0.101.8 starred:v0.101.7 starred:v0.101.6 starred:v0.101.5 starred:v0.101.4 starred:v0.101.3 starred:v0.101.2 starred:v0.101.1 starred:v0.101.0 starred:v0.100.1 starred:v0.100.0 starred:v0.99.3 starred:v0.99.2 starred:v0.99.1 starred:v0.99.0 starred:v0.98.2 starred:v0.98.1 starred:v0.98.0 starred:v0.97.3 starred:v0.97.2 starred:v0.97.1 starred:v0.97.0 starred:v0.96.0 starred:v0.95.3 starred:v0.95.2 starred:v0.95.1 starred:v0.95.0 starred:v0.94.0 starred:v0.93.4 starred:v0.93.3 starred:v0.93.2 starred:v0.93.1 starred:v0.93.0 starred:v0.92.0 starred:v0.91.1 starred:v0.91.0 starred:v0.90.0 starred:v0.89.1 starred:v0.89.0 starred:v0.87.2 starred:v0.87.1 starred:v0.87.0 starred:v0.86.0 starred:v0.85.1 starred:v0.85.0 starred:v0.84.1 starred:v0.84.0 starred:v0.83.1 starred:v0.83.0 starred:v0.82.2 starred:v0.82.1 starred:v0.81.2 starred:v0.81.0 starred:v0.80.2 starred:v0.80.1 starred:v0.80.0 starred:v0.79.0 starred:v0.78.0 starred:v0.77.0 starred:v0.76.1 starred:v0.76.0 starred:v0.75.1 starred:v0.75.0 starred:v0.74.0 starred:v0.73.3 starred:v0.73.1 starred:v0.73.0 starred:v0.72.1 starred:v0.70.4 starred:v0.70.1 starred:v0.70.0 starred:v0.69.0 starred:v0.68.1 starred:v0.68.0 starred:v0.67.0 starred:v0.66.0 starred:v0.65.2 starred:v0.65.1 starred:v0.65.0 starred:v0.64.5 starred:v0.64.4 starred:v0.64.3 starred:v0.64.2 starred:v0.64.1 starred:v0.64.0 starred:v0.63.5 starred:v0.63.4 starred:v0.63.3 starred:v0.63.2 starred:v0.63.1 starred:v0.63.0 starred:v0.62.1 starred:v0.62.0 starred:v0.61.7 starred:v0.61.6 starred:v0.61.5 starred:v0.61.4 starred:v0.61.3 starred:v0.61.1 starred:v0.61.0 starred:v0.60.4 starred:v0.60.3 starred:v0.60.2 starred:v0.60.1 starred:v0.60.0 starred:v0.59.0 starred:v0.58.3 starred:v0.58.2 starred:v0.58.1 starred:v0.58.0 starred:v0.57.0 starred:v0.56.0 starred:v0.55.4 starred:v0.55.3 starred:v0.55.2 starred:v0.55.1 starred:v0.55.0 starred:v0.54.1 starred:v0.53.4 starred:v0.53.3 starred:v0.53.2 starred:v0.53.1 starred:v0.52.0 starred:v0.51.2 starred:v0.51.1 starred:v0.51.0 starred:v0.50.2 starred:v0.50.1 starred:v0.50.0 starred:v0.49.7 starred:v0.49.6 starred:v0.49.5 starred:v0.49.4 starred:v0.49.3 starred:v0.49.2 starred:v0.49.1 starred:v0.49.0 starred:v0.48.3 starred:v0.48.2 starred:v0.48.1 starred:v0.48.0 starred:v0.47.2 starred:v0.47.1 starred:v0.47.0 starred:v0.46.3 starred:v0.46.2 starred:v0.46.1 starred:v0.46.0 starred:v0.45.3 starred:v0.45.2 starred:v0.45.1 starred:v0.45.0 starred:v0.44.0 starred:v0.43.2 starred:v0.43.1 starred:v0.43.0 starred:v0.42.1 starred:v0.42.0 starred:v0.41.0 starred:v0.40.4 starred:v0.40.3 starred:v0.40.2 starred:v0.40.1 starred:v0.40.0
...
compare: starred:gl/helm-values-test-fixes
Branches Tags
starred:dependabot/go_modules/go_modules-a258281abc starred:dependabot/npm_and_yarn/doc/website/npm_and_yarn-495cad6dbb starred:main starred:dependabot/npm_and_yarn/doc/website/npm_and_yarn-31e1e7acf6 starred:jeff/v1alpha6-executor starred:jeff/435-examples starred:jeff/gemini-compare starred:jeff/compile-backup starred:jeff/xcue starred:jeff/command starred:kubeslice starred:jeff/406-unify-values starred:gl/embed-timoni-for-tests starred:jeff/378-kargo-topic starred:gl/helm-values-test-fixes starred:test starred:jeff/370-private-helm-repositories starred:jeff/371-helm-sdk starred:jeff/readme starred:jeff/327-brew-install starred:release starred:gl/311-setup-and-hello-holos starred:301-docs-structure-refactor starred:jeff/225-ko-release starred:jeff/try-holos
starred:v0.106.0 starred:v0.105.1 starred:v0.105.0 starred:v0.104.3 starred:v0.104.2 starred:v0.104.1 starred:v0.104.0 starred:v0.103.0 starred:v0.102.5 starred:v0.102.4 starred:v0.102.3 starred:v0.102.2 starred:v0.102.1 starred:v0.102.0 starred:v0.1.1 starred:v0.1.0 starred:v0.101.8 starred:v0.101.7 starred:v0.101.6 starred:v0.101.5 starred:v0.101.4 starred:v0.101.3 starred:v0.101.2 starred:v0.101.1 starred:v0.101.0 starred:v0.100.1 starred:v0.100.0 starred:v0.99.3 starred:v0.99.2 starred:v0.99.1 starred:v0.99.0 starred:v0.98.2 starred:v0.98.1 starred:v0.98.0 starred:v0.97.3 starred:v0.97.2 starred:v0.97.1 starred:v0.97.0 starred:v0.96.0 starred:v0.95.3 starred:v0.95.2 starred:v0.95.1 starred:v0.95.0 starred:v0.94.0 starred:v0.93.4 starred:v0.93.3 starred:v0.93.2 starred:v0.93.1 starred:v0.93.0 starred:v0.92.0 starred:v0.91.1 starred:v0.91.0 starred:v0.90.0 starred:v0.89.1 starred:v0.89.0 starred:v0.87.2 starred:v0.87.1 starred:v0.87.0 starred:v0.86.0 starred:v0.85.1 starred:v0.85.0 starred:v0.84.1 starred:v0.84.0 starred:v0.83.1 starred:v0.83.0 starred:v0.82.2 starred:v0.82.1 starred:v0.81.2 starred:v0.81.0 starred:v0.80.2 starred:v0.80.1 starred:v0.80.0 starred:v0.79.0 starred:v0.78.0 starred:v0.77.0 starred:v0.76.1 starred:v0.76.0 starred:v0.75.1 starred:v0.75.0 starred:v0.74.0 starred:v0.73.3 starred:v0.73.1 starred:v0.73.0 starred:v0.72.1 starred:v0.70.4 starred:v0.70.1 starred:v0.70.0 starred:v0.69.0 starred:v0.68.1 starred:v0.68.0 starred:v0.67.0 starred:v0.66.0 starred:v0.65.2 starred:v0.65.1 starred:v0.65.0 starred:v0.64.5 starred:v0.64.4 starred:v0.64.3 starred:v0.64.2 starred:v0.64.1 starred:v0.64.0 starred:v0.63.5 starred:v0.63.4 starred:v0.63.3 starred:v0.63.2 starred:v0.63.1 starred:v0.63.0 starred:v0.62.1 starred:v0.62.0 starred:v0.61.7 starred:v0.61.6 starred:v0.61.5 starred:v0.61.4 starred:v0.61.3 starred:v0.61.1 starred:v0.61.0 starred:v0.60.4 starred:v0.60.3 starred:v0.60.2 starred:v0.60.1 starred:v0.60.0 starred:v0.59.0 starred:v0.58.3 starred:v0.58.2 starred:v0.58.1 starred:v0.58.0 starred:v0.57.0 starred:v0.56.0 starred:v0.55.4 starred:v0.55.3 starred:v0.55.2 starred:v0.55.1 starred:v0.55.0 starred:v0.54.1 starred:v0.53.4 starred:v0.53.3 starred:v0.53.2 starred:v0.53.1 starred:v0.52.0 starred:v0.51.2 starred:v0.51.1 starred:v0.51.0 starred:v0.50.2 starred:v0.50.1 starred:v0.50.0 starred:v0.49.7 starred:v0.49.6 starred:v0.49.5 starred:v0.49.4 starred:v0.49.3 starred:v0.49.2 starred:v0.49.1 starred:v0.49.0 starred:v0.48.3 starred:v0.48.2 starred:v0.48.1 starred:v0.48.0 starred:v0.47.2 starred:v0.47.1 starred:v0.47.0 starred:v0.46.3 starred:v0.46.2 starred:v0.46.1 starred:v0.46.0 starred:v0.45.3 starred:v0.45.2 starred:v0.45.1 starred:v0.45.0 starred:v0.44.0 starred:v0.43.2 starred:v0.43.1 starred:v0.43.0 starred:v0.42.1 starred:v0.42.0 starred:v0.41.0 starred:v0.40.4 starred:v0.40.3 starred:v0.40.2 starred:v0.40.1 starred:v0.40.0

47 Commits
v0.101.4 ... gl/helm-va

Author SHA1 Message Date
Gary Larizza
924600cb83 doc: Helm Values test updates 
* Convert all files with.period.separators to hyphen-separators.
* Rename and markdown_test.go to be specific to Helm Values.
* Move helm-values_test.go to be in the same directory as the Helm Values doc.
* Move Blackbox common configuration CUE file to `config/prometheus` so it can be imported as necessary.
* Use explicit import statements for Blackbox common config in `blackbox` and `prometheus` components.
 2025-01-10 16:26:42 -08:00
Jeff McCune
0cfce3a823 docs: redirect rendered manifests pattern for now 
Need a URL we can redirect when we publish our own variation on the
pattern with a link back to Akuity.
 2025-01-10 10:55:06 -08:00
Jeff McCune
61d7539e1c docs: fix /docs/guides/ redirect 2025-01-09 16:03:50 -08:00
Jeff McCune
bf84724137 docs: add redirects for github.com/holos-run readme 2025-01-09 15:11:04 -08:00
Jeff McCune
9f0de7555c init: change to holos.example default cue module 
Match the cue mod init behavior of a module named `cue.example`.
 2025-01-09 13:57:26 -08:00
Gary Larizza
650636f944 Merge pull request #393 from holos-run/gl/update-helm-docs 
Update Helm Values Tutorial to use testscript
 2025-01-09 12:01:09 -08:00
Gary Larizza
b28c110694 Update Helm Values tutorial to use testscript 
PROBLEM:

The Helm Values tutorial contains a fair bit of code/scripts, and we
need a way to test the steps we recommend to make sure nothing breaks
or slips out of date.

SOLUTION:

* Use `testscript` as a way to automate the execution of the steps in the doc and verify that none of the steps produce errors.
* Update the MDX file to directly reference the files embedded into the testscript.

OUTCOME:

* We have an automated way to perform the steps in the Helm Values document.
* We have unit tests that will fail should any of the commands being executed in the doc fail.
* The doc's MDX file directly references the files within the testscript, so we only need to modify the MDX file to update wording.
 2025-01-09 11:53:53 -08:00
Gary Larizza
5bb3e90b38 Install raw-loader module 
We use this module within our markdown tutorials (like the Helm Values
tutorial) to load in files generated by testscript.
 2025-01-09 11:53:13 -08:00
Jeff McCune
6a60b613ff render: fix selectors (#394) 
Without this patch selectors don't work as expected.  This patch
fixes selectors such that each --selector flag value configures one
selector containing multiple positive or negative label matchers.

Result:

Render build plans for cluster dev or cluster test.  Note the use of two
flags indicating logical OR.

    holos render platform --selector cluster=test --selector cluster=dev
    rendered external-secrets for cluster test in 299.897542ms
    rendered external-secrets for cluster dev in 299.9225ms
    rendered external-secrets-crds for cluster test in 667.6075ms
    rendered external-secrets-crds for cluster dev in 708.126541ms
    rendered platform in 708.795625ms

Render build plans for prod clusters that are not customer facing.  Note
the use of one selector with comma separated labels.

    holos render platform --selector "tier=prod,scope!=customer"
 2025-01-08 21:09:00 -08:00
Jeff McCune
5862725bab builder: deprecate ExtractYAML, use cue embed instead 
Easier to place the data, better supported in the ecosystem.
 2025-01-02 18:53:10 -08:00
Jeff McCune
8660826b05 builder: protect LoadInstance with a mutex 
CUE is not safe for concurrent access so we protect the main
LoadInstance function with a mutex lock.
 2025-01-02 17:32:53 -08:00
Jeff McCune
449df91e33 docs: app.holos.run/description not cli 
The core component documentation on the annotation used to configure the
display line for each rendered component was incorrect.
 2025-01-02 08:36:37 -08:00
Jeff McCune
ac59173b30 ci: update holos-run/holos-action version (try 3) 
Fix the use of digests when pulling and pushing images.  Pull the image
from ghcr.io before pushing it to quay.io
 2024-12-23 10:33:45 -08:00
Jeff McCune
fb75e560fc ci: update holos-run/holos-action version (try 2) 
When new container image versions are built, automatically update the
holos-run/holos-action to use the new version.

Users of the action automatically update by default as a result.
 2024-12-23 09:52:09 -08:00
Jeff McCune
69a064e3ea ci: update holos-run/holos-action version 
When new container image versions are built, automatically update the
holos-run/holos-action to use the new version.

Users of the action automatically update by default as a result.
 2024-12-23 07:23:36 -08:00
Jeff McCune
71b72807bb ci: tag v0.102.1 for container images 
We need a released tag to reference in workflows that use the container
image to render the platform configuration.

This is the first image, subsequent git tags will also build and publish
container images.
 2024-12-21 08:08:51 -08:00
Jeff McCune
0e4ecf9d13 ci: fix error in containers.yaml 2024-12-21 07:33:31 -08:00
Jeff McCune
ec2fdadd44 ci: build container from any ref 
Too hard to try and build back in time, so let's just get it working
then build containers going forward for tags.
 2024-12-21 07:31:09 -08:00
Jeff McCune
38b082095f ci: drop linux/arm/v7 support 
There aren't kubectl images to build against.
 2024-12-21 07:14:21 -08:00
Jeff McCune
f9346ea7c0 ci: use Dockerfile from main when building tags 
Problem: We can't build old tags because the wrong Dockerfile is used
from the old tag.

Solution: Save the Dockerfile from main and use it to build the tag.
This create a dirty working directory but that's OK.
 2024-12-21 07:11:29 -08:00
Jeff McCune
0f7010288a ci: build distroless container image for holos 
Push it to ghcr and quay.

 * sign images with cosign and oidc id token
 * add kustomize v5.5.0 to tools for distroless image

Usage:

    docker run -v $(pwd):/app -w /app --rm -it ghcr.io/holos-run/holos:v0.101.8 holos render platform
 2024-12-21 06:58:57 -08:00
Jeff McCune
386fb89cc6 ci: replace lint workflow with cspell 
The lint workflow was slow and we don't often change buf or angular
these days so they're not necessary.

The remaining valuable task is cspell, which we can speed up with a
dedicated step.
 2024-12-20 13:52:54 -08:00
Jeff McCune
c5401d6b02 ci: speed up tests by killing steps 2024-12-20 11:57:05 -08:00
Jeff McCune
f215405643 docs: fix links in readme 2024-12-20 07:28:04 -08:00
Jeff McCune
2c79982bd3 cue: enable @embed for loading yaml (#385) 
mpvl suggests @embed is a more ideal solution than our implementation of
core.Component.Instances for the use case of unifying YAML data updated
by Kargo Stage resources.

See the issue for a link to the discussion.
 2024-12-20 07:14:01 -08:00
Jeff McCune
e5e4de3073 cue: update to 0.11.1 
go get cuelang.org/go/cmd/cue@latest

    go: downloading cuelang.org/go v0.11.1
    go: upgraded cuelang.org/go v0.11.0 => v0.11.1
 2024-12-20 07:09:39 -08:00
Jeff McCune
ec462f5f0b docs: redirect /docs/support 2024-12-19 22:13:04 -08:00
Jeff McCune
0e95a2812e cmd: expose MakeMain() for testing 
I'd like to add the kargo-demo repository to Unity to test evalv3, but
can't get a handle on the main function to wire up to testscript.

This patch fixes the problem by moving the MakeMain function to a public
package so the kargo-demo go module can import and call it using the go
mod tools technique.
 2024-12-19 15:19:46 -08:00
Jeff McCune
54efe3e24a core: pass --extract-yaml flag from platform to component (#376) 
Previously holos render platform was not setting the --extract-yaml file
when calling holos render component, causing data file instances defined
in the Platform spec to be discarded.

This patch passes the value along using the flag.
 2024-12-19 08:39:55 -08:00
Jeff McCune
f693f049f4 core: refactor --instance to --extract-yaml (#376) 
Extract YAML is more clear and aligns with the schema docs for the
Component Instance field which has an extractYAML kind.  This also
leaves the door open for additional kinds of data extractors which are
almost certainly going to be needed.
 2024-12-19 08:34:05 -08:00
Jeff McCune
85238710ac core: unify data files into config (#376) 
Previously there isn't a good way to unify json and yaml files with the
cue configuration.  This is a problem for use cases where data can be
generated idempotentialy prior to rendering the platform configuration.

The first use case is to explore unifying configuration with decrypted
sops values, which isn't typical since Holos is designed to handle
secrets with ExternalSecret resources, but does fit into the use case of
executing a command to produce data idempotently, then make the data
available to the platform configuration.

Other use cases this feature is intended to support are the prior
experiment where we fetch top level platform configuration from an rpc
service, and the future goal of integrating with data provided by
Terraform.
 2024-12-19 08:34:05 -08:00
Jeff McCune
3ec62d272e v1alpha5: update kargo crds to 1.1.1 2024-12-19 08:34:04 -08:00
Jeff McCune
49afb44fd4 docs: redirect /docs/comparison/ 2024-12-18 14:37:36 -08:00
Gary Larizza
a023f135ab Add a Comparisons page 
PROBLEM:

We've noticed that Holos almost immediately gets compared to Timoni, and
we frequently get asked for specifics in how they're similar/different.

SOLUTION:

* Add a `Comparison` page.
* Include a section that compares Holos to Timoni

OUTCOME:

Fewer questions about how Holos compares to Timoni because people are
able to find that answer themselves on our docs page.
 2024-12-18 14:33:52 -08:00
Jeff McCune
c6a3a5d689 docs: redirect /docs/kargo/ 2024-12-17 06:30:20 -08:00
Jeff McCune
3f1eed3f06 platform: add kargo.akuity.io custom resource definitions 
Needed for Kargo integration.  Imported with timoni from v1.0.3 Kargo
CRD's.
 2024-12-16 13:19:39 -08:00
Jeff McCune
7fb7df1441 docs: make the linter happy 2024-12-16 11:04:35 -05:00
Jeff McCune
a798111d4d docs: add oci helm charts example 
Question came up in chat, there isn't a good example and it's a pain to
piece together from the reference docs.
 2024-12-16 10:56:50 -05:00
Jeff McCune
3ddb823341 docs: add note about compinit 
Andy ran into issues enabling completion without first figuring out how
to initialize the completion system.
 2024-12-16 08:15:45 -05:00
Jeff McCune
70d48592c4 docs: fix environments topic 
It didn't work, failed with:

  ❯ holos show buildplans --selector app.holos.run/city=ams
  could not run: Component.Name: 2 errors in empty disjunction: (and 2 more errors) at internal/builder/instance.go:66
  Component.Name: 2 errors in empty disjunction:
  Component.Name: conflicting values "no-name" and "podinfo-ams":
      /Users/jeff/Holos/foo/holos-environments-tutorial/components/podinfo/podinfo.cue:6:12
      /Users/jeff/Holos/foo/holos-environments-tutorial/schema.cue:6:13
      /Users/jeff/Holos/foo/holos-environments-tutorial/schema.cue:35:2
      /Users/jeff/Holos/foo/holos-environments-tutorial/tags.cue:13:19
  Component.Name: conflicting values "podinfo" and "podinfo-ams":
      /Users/jeff/Holos/foo/holos-environments-tutorial/components/podinfo/podinfo.cue:6:12
      /Users/jeff/Holos/foo/holos-environments-tutorial/components/podinfo/podinfo.cue:7:8
      /Users/jeff/Holos/foo/holos-environments-tutorial/schema.cue:6:13
      /Users/jeff/Holos/foo/holos-environments-tutorial/schema.cue:35:2

This was likely because the podinfo component was used in different ways
in different topics.  Don't use the shared component to fix the problem.
 2024-12-13 09:20:52 -05:00
Jeff McCune
006f08df93 docs: add kargo place holder (#378) 2024-12-11 09:58:54 -08:00
Jeff McCune
39e2db5d37 docs: remove related content from youtube embed 
Except stuff in our own channel.
 2024-12-08 19:43:12 -08:00
Jeff McCune
ceb293fd8a docs: fix typescript className not class check error 2024-12-08 19:36:36 -08:00
Jeff McCune
188ff95015 docs: enable youtube fullscreen 
Without this patch the fullscreen button is disabled.
 2024-12-08 19:33:06 -08:00
Jeff McCune
5f658e0ba0 docs: add flux kustomization example (#374) 
Almost identical to the ArgoCD Application example.
 2024-12-08 19:20:12 -08:00
Jeff McCune
18b2850d3c platform: import flux custom resources 
kustomize build https://github.com/fluxcd/flux2/manifests/crds\?ref=v2.4.0 \
      timoni mod vendor crds -f-
 2024-12-08 19:03:18 -08:00
Jeff McCune
366a7fe93d docs: private helm repos need updated schemas (#370) 
Document the need to run holos init platform v1alpha5 --force to use the
private helm repository feature.
 2024-12-08 17:13:56 -08:00
121 changed files with 9972 additions and 538 deletions
Expand all files Collapse all files

9
.cspell.json
View File

@@ -29,6 +29,7 @@
"authpolicy",
"authproxy",
"authroutes",
"autoload",
"automount",
"automounting",
"autoscaler",
@@ -36,6 +37,7 @@
"blackbox",
"buildplan",
"buildplans",
"Buildx",
"builtinpluginloadingoptions",
"cachedir",
"cadvisor",
@@ -59,6 +61,7 @@
"Cmds",
"CNCF",
"CODEOWNERS",
"compinit",
"componentconfig",
"configdir",
"configmap",
@@ -72,6 +75,7 @@
"creds",
"crossplane",
"crunchydata",
"ctxt",
"cuecontext",
"cuelang",
"customresourcedefinition",
@@ -81,6 +85,7 @@
"destinationrules",
"devel",
"devicecode",
"distroless",
"dnsmasq",
"dscacheutil",
"ecrauthorizationtoken",
@@ -99,6 +104,7 @@
"fieldmaskpb",
"fieldspec",
"flushcache",
"fluxcd",
"fullname",
"gatewayclass",
"gatewayclasses",
@@ -152,6 +158,7 @@
"jetstack",
"jiralert",
"Jsonnet",
"Kargo",
"kfbh",
"killall",
"kubeadm",
@@ -276,6 +283,7 @@
"serviceentries",
"serviceentry",
"servicemonitor",
"sigstore",
"somevalue",
"SOMEVAR",
"sortoptions",
@@ -316,6 +324,7 @@
"udev",
"uibutton",
"Unmarshal",
"unshallow",
"unstage",
"untar",
"upbound",

143
.github/workflows/container.yaml vendored Normal file
View File

@@ -0,0 +1,143 @@
name: Container
# Only allow actors with write permission to the repository to trigger this
# workflow.
permissions:
contents: write
on:
push:
tags:
- 'v*'
workflow_dispatch:
inputs:
git_ref:
description: 'Git ref to build (e.g., refs/tags/v1.2.3, refs/heads/main)'
required: true
type: string
jobs:
buildx:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
attestations: write
id-token: write
steps:
- name: Set tag from trigger event
id: opts
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
echo "ref=${{ inputs.git_ref }}" >> $GITHUB_OUTPUT
else
echo "ref=${GITHUB_REF}" >> $GITHUB_OUTPUT
fi
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ steps.opts.outputs.ref }}
- name: SHA
id: sha
run: echo "sha=$(/usr/bin/git log -1 --format='%H')" >> $GITHUB_OUTPUT
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Fetch tags
run: git fetch --prune --unshallow --tags
- name: Set Tags
id: tags
run: |
echo "detail=$(/usr/bin/git describe --tags HEAD)" >> $GITHUB_OUTPUT
echo "suffix=$(test -n "$(git status --porcelain)" && echo '-dirty' || echo '')" >> $GITHUB_OUTPUT
echo "tag=$(/usr/bin/git describe --tags HEAD)$(test -n "$(git status --porcelain)" && echo '-dirty' || echo '')" >> $GITHUB_OUTPUT
- name: Login to ghcr.io
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push container images
id: build-and-push
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: |
ghcr.io/holos-run/holos:${{ steps.tags.outputs.tag }}
ghcr.io/holos-run/holos:${{ steps.sha.outputs.sha }}${{ steps.tags.outputs.suffix }}
- name: Setup Cosign to sign container images
uses: sigstore/cosign-installer@v3.7.0
- name: Sign with GitHub OIDC Token
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: |
cosign sign --yes ghcr.io/holos-run/holos:${{ steps.tags.outputs.tag }}@${DIGEST}
cosign sign --yes ghcr.io/holos-run/holos:${{ steps.sha.outputs.sha }}${{ steps.tags.outputs.suffix }}@${DIGEST}
- uses: actions/create-github-app-token@v1
id: app-token
with:
owner: ${{ github.repository_owner }}
app-id: ${{ vars.GORELEASER_APP_ID }}
private-key: ${{ secrets.GORELEASER_APP_PRIVATE_KEY }}
- name: Get GitHub App User ID
id: get-user-id
run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
env:
GH_TOKEN: ${{ steps.app-token.outputs.token }}
- run: |
git config --global user.name '${{ steps.app-token.outputs.app-slug }}[bot]'
git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com'
- name: Update holos-run/holos-action
env:
IMAGE: ghcr.io/holos-run/holos:v0.102.1
VERSION: ${{ steps.tags.outputs.tag }}
USER_ID: ${{ steps.get-user-id.outputs.user-id }}
TOKEN: ${{ steps.app-token.outputs.token }}
run: |
set -euo pipefail
git clone "https://github.com/holos-run/holos-action"
cd holos-action
git remote set-url origin https://${USER_ID}:${TOKEN}@github.com/holos-run/holos-action
docker pull --quiet "${IMAGE}"
docker run -v $(pwd):/app --workdir /app --rm "${IMAGE}" \
holos cue export --out yaml action.cue -t "version=${VERSION}" > action.yml
git add action.yml
git commit -m "ci: update holos to ${VERSION} - https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" || (echo "No changes to commit"; exit 0)
git push origin HEAD:main HEAD:v0 HEAD:v1
- name: Login to quay.io
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Push to quay.io
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: |
# docker push quay.io/holos-run/holos:${{ steps.tags.outputs.tag }}
docker pull --quiet ghcr.io/holos-run/holos:${{ steps.tags.outputs.tag }}@${DIGEST}
docker tag ghcr.io/holos-run/holos:${{ steps.tags.outputs.tag }}@${DIGEST} \
quay.io/holos-run/holos:${{ steps.tags.outputs.tag }}
docker push quay.io/holos-run/holos:${{ steps.tags.outputs.tag }}
docker pull --quiet ghcr.io/holos-run/holos:${{ steps.sha.outputs.sha }}${{ steps.tags.outputs.suffix }}@${DIGEST}
docker tag ghcr.io/holos-run/holos:${{ steps.sha.outputs.sha }}${{ steps.tags.outputs.suffix }}@${DIGEST} \
quay.io/holos-run/holos:${{ steps.sha.outputs.sha }}${{ steps.tags.outputs.suffix }}
docker push quay.io/holos-run/holos:${{ steps.sha.outputs.sha }}${{ steps.tags.outputs.suffix }}
- name: Sign quay.io image
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: |
cosign sign --yes quay.io/holos-run/holos:${{ steps.tags.outputs.tag }}@${DIGEST}
cosign sign --yes quay.io/holos-run/holos:${{ steps.sha.outputs.sha }}${{ steps.tags.outputs.suffix }}@${DIGEST}
outputs:
tag: ${{ steps.tags.outputs.tag }}
detail: ${{ steps.tags.outputs.detail }}

33
.github/workflows/lint.yaml vendored
View File

@@ -1,6 +1,5 @@
---
# https://github.com/golangci/golangci-lint-action?tab=readme-ov-file#how-to-use
name: Lint
name: Spelling
"on":
push:
branches:
@@ -8,35 +7,11 @@ name: Lint
- test
pull_request:
types: [opened, synchronize]
permissions:
contents: read
jobs:
lint:
name: lint
cspell:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: 20
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: stable
## Not needed on ubuntu-latest
# - name: Install Packages
# run: sudo apt update && sudo apt -qq -y install git curl zip unzip tar bzip2 make
- name: Install Tools
run: make tools
- name: Lint
# golangci-lint runs in a separate workflow.
run: make lint -o golangci-lint
- uses: actions/checkout@v4
- run: ./hack/cspell

8
.github/workflows/test.yaml vendored
View File

@@ -28,19 +28,11 @@ jobs:
with:
go-version: stable
- name: Install Packages
run: sudo apt update && sudo apt -qq -y install git curl zip unzip tar bzip2 make
- name: Set up Helm
uses: azure/setup-helm@v4
- name: Set up Kubectl
uses: azure/setup-kubectl@v4
- name: Install Tools
run: |
set -x
make tools
- name: Test
run: ./scripts/test

39
Dockerfile
View File

@@ -1,8 +1,31 @@
FROM quay.io/holos-run/debian:bullseye AS final
USER root
WORKDIR /app
ADD bin bin
RUN chown -R app: /app
# Kubernetes requires the user to be numeric
USER 8192
ENTRYPOINT bin/holos server
FROM registry.k8s.io/kubectl:v1.31.0 AS kubectl
# https://github.com/GoogleContainerTools/distroless
FROM golang:1.23 AS build
WORKDIR /go/src/app
COPY . .
RUN CGO_ENABLED=0 make install
RUN CGO_ENABLED=0 go install sigs.k8s.io/kustomize/kustomize/v5
# Install helm to /usr/local/bin/helm
# https://helm.sh/docs/intro/install/#from-script
# https://holos.run/docs/v1alpha5/tutorial/setup/#dependencies
RUN curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 \
&& chmod 700 get_helm.sh \
&& DESIRED_VERSION=v3.16.2 ./get_helm.sh \
&& rm -f get_helm.sh
COPY --from=kubectl /bin/kubectl /usr/local/bin/
# distroless
FROM gcr.io/distroless/static-debian12 AS final
COPY --from=build \
/go/bin/holos \
/go/bin/kustomize \
/usr/local/bin/kubectl \
/usr/local/bin/helm \
/bin/
# Usage: docker run -v $(pwd):/app --workdir /app --rm -it quay.io/holos-run/holos holos render platform
CMD ["/bin/holos"]

6
README.md
View File

@@ -119,12 +119,12 @@ here to help.
Holos is licensed under Apache 2.0 as found in the [LICENSE file](LICENSE).
[Holos]: https://holos.run
[Holos]: https://holos.run/docs/overview/
[rendered manifests pattern]: https://akuity.io/blog/the-rendered-manifests-pattern
[CUE]: https://cuelang.org/
[Discord]: https://discord.gg/JgDVbNpye7
[GitHub discussions]: https://github.com/holos-run/holos/discussions
[Why CUE for Configuration]: https://holos.run/blog/why-cue-for-configuration/
[topics]: https://holos.run/docs/topics/
[tutorial]: https://holos.run/docs/overview/
[setup]: https://holos.run/docs/setup/
[tutorial]: https://holos.run/docs/tutorial/
[topics]: https://holos.run/docs/topics/

32
api/core/v1alpha5/types.go
View File

@@ -263,7 +263,7 @@ type Metadata struct {
// Labels represents a resource selector.
Labels map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"`
// Annotations represents arbitrary non-identifying metadata. For example
// holos uses the `cli.holos.run/description` annotation to log resources in a
// holos uses the `app.holos.run/description` annotation to log resources in a
// user customized way.
Annotations map[string]string `json:"annotations,omitempty" yaml:"annotations,omitempty"`
}
@@ -303,6 +303,10 @@ type Component struct {
// Path represents the path of the component relative to the platform root.
// Injected as the tag variable "holos_component_path".
Path string `json:"path" yaml:"path"`
// Instances represents additional cue instance paths to unify with Path.
// Useful to unify data files into a component BuildPlan. Added in holos
// 0.101.7.
Instances []Instance `json:"instances,omitempty" yaml:"instances,omitempty"`
// WriteTo represents the holos render component --write-to flag. If empty,
// the default value for the --write-to flag is used.
WriteTo string `json:"writeTo,omitempty" yaml:"writeTo,omitempty"`
@@ -316,6 +320,30 @@ type Component struct {
// resulting BuildPlan.
Labels map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"`
// Annotations represents arbitrary non-identifying metadata. Use the
// `cli.holos.run/description` to customize the log message of each BuildPlan.
// `app.holos.run/description` to customize the log message of each BuildPlan.
Annotations map[string]string `json:"annotations,omitempty" yaml:"annotations,omitempty"`
}
// Instance represents a data instance to unify with the configuration.
//
// Useful to unify json and yaml files with cue configuration files for
// integration with other tools. For example, executing holos render platform
// from a pull request workflow after [Kargo] executes the [yaml update] and
// [git wait for pr] promotion steps.
//
// [Kargo]: https://docs.kargo.io/
// [yaml update]: https://docs.kargo.io/references/promotion-steps#yaml-update
// [git wait for pr]: https://docs.kargo.io/references/promotion-steps#git-wait-for-pr
type Instance struct {
// Kind is a discriminator.
Kind string `json:"kind" yaml:"kind" cue:"\"ExtractYAML\""`
// Ignored unless kind is ExtractYAML.
ExtractYAML ExtractYAML `json:"extractYAML,omitempty" yaml:"extractYAML,omitempty"`
}
// ExtractYAML represents a cue data instance encoded as yaml or json. If Path
// refers to a directory all files in the directory are extracted
// non-recursively. Otherwise, path must refer to a file.
type ExtractYAML struct {
Path string `json:"path" yaml:"path"`
}

63
cmd/cmd.go Normal file
View File

@@ -0,0 +1,63 @@
package cmd
import (
"context"
"fmt"
"log/slog"
"os"
"runtime/pprof"
"runtime/trace"
"github.com/holos-run/holos/internal/cli"
"github.com/holos-run/holos/internal/holos"
)
// MakeMain makes a main function for the cli or tests.
func MakeMain(options ...holos.Option) func() int {
return func() (exitCode int) {
cfg := holos.New(options...)
slog.SetDefault(cfg.Logger())
ctx := context.Background()
if format := os.Getenv("HOLOS_CPU_PROFILE"); format != "" {
f, _ := os.Create(fmt.Sprintf(format, os.Getppid(), os.Getpid()))
err := pprof.StartCPUProfile(f)
defer func() {
pprof.StopCPUProfile()
f.Close()
}()
if err != nil {
return cli.HandleError(ctx, err, cfg)
}
}
defer memProfile(ctx, cfg)
if format := os.Getenv("HOLOS_TRACE"); format != "" {
f, _ := os.Create(fmt.Sprintf(format, os.Getppid(), os.Getpid()))
err := trace.Start(f)
defer func() {
trace.Stop()
f.Close()
}()
if err != nil {
return cli.HandleError(ctx, err, cfg)
}
}
feature := &holos.EnvFlagger{}
if err := cli.New(cfg, feature).ExecuteContext(ctx); err != nil {
return cli.HandleError(ctx, err, cfg)
}
return 0
}
}
func memProfile(ctx context.Context, cfg *holos.Config) {
if format := os.Getenv("HOLOS_MEM_PROFILE"); format != "" {
f, _ := os.Create(fmt.Sprintf(format, os.Getppid(), os.Getpid()))
defer f.Close()
if err := pprof.WriteHeapProfile(f); err != nil {
_ = cli.HandleError(ctx, err, cfg)
}
}
}

4
cmd/holos/main.go
View File

@@ -3,9 +3,9 @@ package main
import (
"os"
"github.com/holos-run/holos/internal/cli"
"github.com/holos-run/holos/cmd"
)
func main() {
os.Exit(cli.MakeMain()())
os.Exit(cmd.MakeMain()())
}

4
cmd/holos/main_test.go
View File

@@ -6,13 +6,13 @@ import (
"testing"
cue "cuelang.org/go/cmd/cue/cmd"
"github.com/holos-run/holos/internal/cli"
"github.com/holos-run/holos/cmd"
"github.com/rogpeppe/go-internal/testscript"
)
func TestMain(m *testing.M) {
os.Exit(testscript.RunMain(m, map[string]func() int{
"holos": cli.MakeMain(),
"holos": cmd.MakeMain(),
"cue": cue.Main,
}))
}

37
doc/md/api/core.md
View File

@@ -22,12 +22,14 @@ Package core contains schemas for a [Platform](<#Platform>) and [BuildPlan](<#Bu
- [type Chart](<#Chart>)
- [type Command](<#Command>)
- [type Component](<#Component>)
- [type ExtractYAML](<#ExtractYAML>)
- [type File](<#File>)
- [type FileContent](<#FileContent>)
- [type FileContentMap](<#FileContentMap>)
- [type FilePath](<#FilePath>)
- [type Generator](<#Generator>)
- [type Helm](<#Helm>)
- [type Instance](<#Instance>)
- [type InternalLabel](<#InternalLabel>)
- [type Join](<#Join>)
- [type Kind](<#Kind>)
@@ -169,6 +171,10 @@ type Component struct {
// Path represents the path of the component relative to the platform root.
// Injected as the tag variable "holos_component_path".
Path string `json:"path" yaml:"path"`
// Instances represents additional cue instance paths to unify with Path.
// Useful to unify data files into a component BuildPlan. Added in holos
// 0.101.7.
Instances []Instance `json:"instances,omitempty" yaml:"instances,omitempty"`
// WriteTo represents the holos render component --write-to flag. If empty,
// the default value for the --write-to flag is used.
WriteTo string `json:"writeTo,omitempty" yaml:"writeTo,omitempty"`
@@ -182,11 +188,22 @@ type Component struct {
// resulting BuildPlan.
Labels map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"`
// Annotations represents arbitrary non-identifying metadata. Use the
// `cli.holos.run/description` to customize the log message of each BuildPlan.
// `app.holos.run/description` to customize the log message of each BuildPlan.
Annotations map[string]string `json:"annotations,omitempty" yaml:"annotations,omitempty"`
}
```
<a name="ExtractYAML"></a>
## type ExtractYAML {#ExtractYAML}
ExtractYAML represents a cue data instance encoded as yaml or json. If Path refers to a directory all files in the directory are extracted non\-recursively. Otherwise, path must refer to a file.
```go
type ExtractYAML struct {
Path string `json:"path" yaml:"path"`
}
```
<a name="File"></a>
## type File {#File}
@@ -279,6 +296,22 @@ type Helm struct {
}
```
<a name="Instance"></a>
## type Instance {#Instance}
Instance represents a data instance to unify with the configuration.
Useful to unify json and yaml files with cue configuration files for integration with other tools. For example, executing holos render platform from a pull request workflow after [Kargo](<https://docs.kargo.io/>) executes the [yaml update](<https://docs.kargo.io/references/promotion-steps#yaml-update>) and [git wait for pr](<https://docs.kargo.io/references/promotion-steps#git-wait-for-pr>) promotion steps.
```go
type Instance struct {
// Kind is a discriminator.
Kind string `json:"kind" yaml:"kind" cue:"\"ExtractYAML\""`
// Ignored unless kind is ExtractYAML.
ExtractYAML ExtractYAML `json:"extractYAML,omitempty" yaml:"extractYAML,omitempty"`
}
```
<a name="InternalLabel"></a>
## type InternalLabel {#InternalLabel}
@@ -343,7 +376,7 @@ type Metadata struct {
// Labels represents a resource selector.
Labels map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"`
// Annotations represents arbitrary non-identifying metadata. For example
// holos uses the `cli.holos.run/description` annotation to log resources in a
// holos uses the `app.holos.run/description` annotation to log resources in a
// user customized way.
Annotations map[string]string `json:"annotations,omitempty" yaml:"annotations,omitempty"`
}

57
doc/md/topics/comparison.mdx Normal file
View File

@@ -0,0 +1,57 @@
---
description: Holos compared to other tools
sidebar_label: Comparison
slug: comparison
sidebar_position: 40
---
{/* cspell:ignore Prodan, rollouts */}
# Holos compared to other tools
## Timoni
Holos and Timoni both aim to solve similar problems but approach them at
different levels of the stack.
Timoni focuses on managing applications by evaluating [CUE] stored in OCI
containers. Its creator, Stephan Prodan, envisions a controller that applies the
resulting manifests. In this process, Timoni defers to [Flux] for managing Helm
charts within the cluster.
In contrast, Holos implements the [Rendered Manifests Pattern] and takes a
different approach, particularly in how it handles [Helm] charts. Like
[ArgoCD], Holos renders Helm charts into manifests using the `helm template`
command in its rendering pipeline. Holos differs from Timoni in several important
ways:
1. **Separation of Responsibilities:** Holos stops short of applying
rendered manifests to a cluster, leaving that task to existing tools like
[ArgoCD], [Flux], or even basic `kubectl apply` commands.
2. **Ecosystem Integration:** By focusing solely on rendering Kubernetes
manifests, Holos creates space for other tools to handle deployment and
management. For instance, Holos integrates seamlessly with [Kargo] for
progressive rollouts, as [Kargo] operates between Holos and the Kubernetes API.
This approach ensures that you're not locked into any specific tool and can
choose the best solution for each task.
3. **Platform Integration:** Holos focuses on integrating multiple Components
into a larger Platform. In Holos terminology, a Component refers to a wrapper
for [Helm] charts, [Kustomize] bases, or raw YAML files, integrated into the
rendering pipeline through [CUE]. A Platform represents the full combination of
these components.
4. **Explicit Rendering Pipeline:** Holos emphasizes flexibility in its
rendering pipeline. The system allows any tool that generates Kubernetes
manifests to be wrapped in a Generator, which can then feed into existing
transformers like [Kustomize]. This explicit separation makes Holos highly
adaptable for different workflows.
[Kargo]: https://kargo.io/
[Flux]: https://fluxcd.io
[Helm]: https://helm.sh
[ArgoCD]: https://argoproj.github.io/cd/
[Kustomize]: https://kustomize.io/
[CUE]: https://cuelang.org/
[Rendered Manifests Pattern]: https://akuity.io/blog/the-rendered-manifests-pattern

218
doc/md/topics/gitops/flux-kustomization.mdx Normal file
View File

@@ -0,0 +1,218 @@
---
slug: flux-kustomization
title: Flux Kustomization
description: Configuring a Kustomization for each Component.
sidebar_position: 120
---
import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';
import CommonComponent from '../../common/example-component.mdx';
import CommonComponentIntegrate from '../../common/example-component-integrate.mdx';
# Flux Kustomization
## Overview
This topic covers how to mix in a Flux Kustomization to all components. We'll
use the `Artifacts` field of [ComponentConfig] defined by the author schema.
## The Code
### Generating the structure
Use `holos` to generate a minimal platform directory structure. Start by
creating a blank directory to hold the platform configuration.
```shell
mkdir holos-flux-kustomization && cd holos-flux-kustomization
```
```shell
holos init platform v1alpha5
```
### Creating an example Component
<CommonComponent />
<CommonComponentIntegrate />
## Adding Flux Kustomizations
Configure Holos to render a [Kustomization] by defining an [Artifact] for it in
every BuildPlan holos produces. We're unifying our custom configuration with
the existing `#ComponentConfig` defined in `schema.cue`.
```bash
cat <<EOF >flux-kustomization.cue
```
```cue showLineNumbers
package holos
import (
"path"
flux "kustomize.toolkit.fluxcd.io/kustomization/v1"
)
#ComponentConfig: {
Name: _
OutputBaseDir: _
let ArtifactPath = path.Join([OutputBaseDir, "gitops", "\(Name).kustomization.gen.yaml"], path.Unix)
let ResourcesPath = path.Join(["deploy", OutputBaseDir, "components", Name], path.Unix)
Artifacts: "\(Name)-kustomization": {
artifact: ArtifactPath
generators: [{
kind: "Resources"
output: artifact
resources: Kustomization: (Name): flux.#Kustomization & {
metadata: name: Name
metadata: namespace: "default"
spec: {
interval: "5m"
timeout: "1m"
prune: true
path: ResourcesPath
sourceRef: {
kind: "GitRepository"
name: "webapp"
}
}
}
}]
}
}
```
```bash
EOF
```
## Inspecting the BuildPlan
Our customized `#ComponentConfig` results in the following `BuildPlan`.
:::note
The second artifact around line 40 contains the configured `Kustomization`
resource.
:::
<Tabs groupId="55075C71-02E8-4222-88C0-2D52C82D18FC">
<TabItem value="command" label="Command">
```bash
holos cue export --expression holos --out=yaml ./components/podinfo
```
</TabItem>
<TabItem value="output" label="Output">
```yaml showLineNumbers
kind: BuildPlan
apiVersion: v1alpha5
metadata:
name: podinfo
spec:
artifacts:
- artifact: components/podinfo/podinfo.gen.yaml
generators:
- kind: Helm
output: helm.gen.yaml
helm:
chart:
name: podinfo
version: 6.6.2
release: podinfo
repository:
name: podinfo
url: https://stefanprodan.github.io/podinfo
values:
ui:
message: Hello World
enableHooks: false
- kind: Resources
output: resources.gen.yaml
resources: {}
validators: []
transformers:
- kind: Kustomize
inputs:
- helm.gen.yaml
- resources.gen.yaml
output: components/podinfo/podinfo.gen.yaml
kustomize:
kustomization:
resources:
- helm.gen.yaml
- resources.gen.yaml
kind: Kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
- artifact: gitops/podinfo.kustomization.gen.yaml
generators:
- kind: Resources
output: gitops/podinfo.kustomization.gen.yaml
resources:
Kustomization:
podinfo:
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: podinfo
namespace: default
spec:
interval: 5m
path: deploy/components/podinfo
prune: true
sourceRef:
kind: GitRepository
name: webapp
timeout: 1m
```
</TabItem>
</Tabs>
## Rendering manifests
<Tabs groupId="E150C802-7162-4FBF-82A7-77D9ADAEE847">
<TabItem value="command" label="Command">
```bash
holos render platform
```
</TabItem>
<TabItem value="output" label="Output">
```
rendered podinfo in 140.341417ms
rendered platform in 140.441333ms
```
</TabItem>
</Tabs>
## Reviewing the Kustomization
The Artifact we added to `#ComponentConfig` will produce a Flux Kustomization
resource for every component in the platform. The output in this example is
located at:
```txt
deploy/gitops/podinfo.kustomization.gen.yaml
```
```yaml showLineNumbers
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: podinfo
namespace: default
spec:
interval: 5m
path: deploy/components/podinfo
prune: true
sourceRef:
kind: GitRepository
name: webapp
timeout: 1m
```
[podinfo]: https://github.com/stefanprodan/podinfo
[CUE Module]: https://cuelang.org/docs/reference/modules/
[CUE Tags]: https://cuelang.org/docs/howto/inject-value-into-evaluation-using-tag-attribute/
[Kustomization]: https://fluxcd.io/flux/components/kustomize/kustomizations/
[Platform]: ../../api/author.md#Platform
[ComponentConfig]: ../../api/author.md#ComponentConfig
[Artifact]: ../../api/core.md#Artifact

20
doc/md/topics/kargo.mdx Normal file
View File

@@ -0,0 +1,20 @@
---
description: Kargo
slug: kargo
sidebar_position: 110
---
# Kargo
Holos pairs nicely with [Kargo], offering a holistic solution for code
promotion across stages.
Watch this space for a more detailed write up of the integration being
developed.
If you're interested in this topic, please thumbs up the [Kargo
Topic](https://github.com/holos-run/holos/issues/378) issue, or drop into
[Discord] and let us know about your use case.
[Kargo]: https://kargo.io/
[Discord]: https://discord.gg/JgDVbNpye7

65
doc/md/topics/oci-helm-charts.mdx Normal file
View File

@@ -0,0 +1,65 @@
---
description: OCI Helm Charts
slug: oci-helm-charts
sidebar_position: 710
---
# OCI Helm Charts
Holos supports OCI Helm charts. Use the following example to get started.
```bash
mkdir -p oci-helm && cd oci-helm
holos init platform v1alpha5
```
```bash
mkdir -p components/podinfo-oci
cat <<EOF > components/podinfo-oci/podinfo-oci.cue
```
```cue showLineNumbers
package holos
holos: Component.BuildPlan
Component: #Helm & {
Chart: {
name: "oci://ghcr.io/stefanprodan/charts/podinfo"
release: "podinfo"
version: "6.6.2"
}
}
```
```bash
EOF
```
Register the component with the platform.
```bash
cat <<EOF >platform/podinfo-oci.cue
```
```cue showLineNumbers
package holos
Platform: Components: podinfo: {
name: "podinfo-oci"
path: "components/podinfo-oci"
}
```
```bash
EOF
```
The OCI chart is cached in the vendor directory and rendered.
```bash
holos render platform
```
```txt
Pulled: ghcr.io/stefanprodan/charts/podinfo:6.6.2
Digest: sha256:83295d47de6d6ca634ed4b952a7572fc176bcc38854d0c11ca0fa197bc5f1154
rendered podinfo-oci in 7.21581325s
rendered platform in 7.216199167s
```

10
doc/md/topics/private-helm.mdx
View File

@@ -1,11 +1,19 @@
---
description: Private Helm Repositories
slug: private-helm
sidebar_position: 999
sidebar_position: 700
---
# Private Helm
Holos supports private Helm repositories accessed with http basic authentication
since `v0.101.4`. Use the following command to update your author and core
schemas to support this configuration.
```bash
holos init platform v1alpha5 --force
```
## Configuration
Holos uses the Helm SDK and defers to it for authentication to private

38
doc/md/topics/structures/environments.mdx
View File

@@ -45,7 +45,40 @@ holos init platform v1alpha5
### Using an example Component
<CommonComponent />
Create a directory for the example `podinfo` component we'll use to render
platform manifests.
```bash
mkdir -p components/podinfo
```
Create the CUE configuration for the example `podinfo` component.
```bash
cat <<EOF >components/podinfo/podinfo.cue
```
```cue showLineNumbers
package holos
holos: Component.BuildPlan
Component: #Helm & {
Chart: {
name: "podinfo"
version: "6.6.2"
repository: {
name: "podinfo"
url: "https://stefanprodan.github.io/podinfo"
}
}
Values: ui: {
message: string | *"Hello World" @tag(message, type=string)
}
}
```
```bash
EOF
```
We'll integrate the component with the platform after we define the
configuration structures.
@@ -277,6 +310,9 @@ let ProdPodinfo = {
parameters: EnvironmentName: "prod-\(_city)"
}
```
```
EOF
```
### Using the environment

7
doc/md/tutorial/_helm-values/examples/01-holos-version.txt Normal file
View File

@@ -0,0 +1,7 @@
exec bash -c 'bash -euo pipefail $WORK/command.sh 2>&1'
cmp stdout $WORK/output.txt
-- command.sh --
holos --version
-- output.txt --
0.102.5

374
doc/md/tutorial/_helm-values/examples/02-helm-values.txt Normal file
View File

@@ -0,0 +1,374 @@
# Set $HOME because:
# - Helm uses it for temporary files
# - Git requires it for setting author name/email globally
env HOME=$WORK/.tmp
chmod 0755 $WORK/update.sh
# Configure git author for testscript execution
exec git config --global user.name 'Holos Docs'
exec git config --global user.email 'hello@holos.run'
exec git config --global init.defaultBranch main
# Remove the tutorial directory if it already exists
exec rm -rf holos-helm-values-tutorial
# Create and change to the tutorial directory, and then initialize the Holos platform
exec bash -c 'bash -euo pipefail mkdir-and-init.sh'
cd holos-helm-values-tutorial
# Git init and create the component directories
exec bash -c 'bash -euo pipefail $WORK/git-init.sh'
exec bash -c 'bash -euo pipefail $WORK/mkdir-components.sh'
# Combine and execute the multiline prometheus/blackbox component header/body/trailer files
exec cat $WORK/prometheus-component-header.sh ../prometheus-component-body.cue ../eof-trailer.sh
stdin stdout
exec bash -xeuo pipefail
exec cat $WORK/blackbox-component-header.sh ../blackbox-component-body.cue ../eof-trailer.sh
stdin stdout
exec bash -xeuo pipefail
# Combine and execute the multiline platform registration header/body/trailer files.
exec cat $WORK/register-components-header.sh ../register-components-body.cue ../eof-trailer.sh
stdin stdout
exec bash -xeuo pipefail
# Render the platform, capture stdout, and use update.sh to gate whether the
# output file should be updated.
#
# NOTE: The [net] condition will test whether external network access is available
[net] exec bash -c 'bash -euo pipefail $WORK/render.sh 2>&1'
[net] stdin stdout
exec $WORK/update.sh $WORK/register-components-output.txt
# Commit and conditionally update the output file
exec bash -c 'bash -euo pipefail $WORK/register-components-git-commit.sh'
stdin stdout
exec $WORK/update.sh $WORK/register-components-git-commit-output.txt
# Import values
exec bash -c 'bash -euo pipefail $WORK/import-prometheus-values.sh'
exec bash -c 'bash -euo pipefail $WORK/import-blackbox-values.sh'
# Render, update the output file, commit, and update the commit output file.
[net] exec bash -c 'bash -euo pipefail $WORK/render.sh 2>&1'
[net] stdin stdout
exec $WORK/update.sh $WORK/import-values-render-output.txt
exec bash -c 'bash -euo pipefail $WORK/import-values-git-commit.sh'
stdin stdout
exec $WORK/update.sh $WORK/import-values-git-output.txt
# Create the common configuration path
exec bash -c 'bash -euo pipefail $WORK/mkdir-common-config.sh'
# Combine and execute the common configuration header/body/trailer to write the cue file.
exec cat $WORK/blackbox-common-config-header.sh ../blackbox-common-config-body.cue ../eof-trailer.sh
stdin stdout
exec bash -xeuo pipefail
# Git commit blackbox common config
exec bash -c 'bash -euo pipefail $WORK/blackbox-common-config-git-commit.sh'
stdin stdout
exec $WORK/update.sh $WORK/blackbox-common-config-git-output.txt
# Patch the common config values file and write to output file.
#
# NOTE: Using a symlink here because the patch script references values.patch
# within the same directory, but it actually lives one directory up in the
# testscript $WORK dir.
exec ln -s $WORK/values.patch values.patch
exec bash -c 'bash -euo pipefail $WORK/common-config-patch.sh'
stdin stdout
exec $WORK/update.sh $WORK/common-config-patch.txt
# Remove patch and commit changes
exec bash -c 'bash -euo pipefail $WORK/common-config-rm.sh'
exec bash -c 'bash -euo pipefail $WORK/common-config-git.sh'
stdin stdout
exec $WORK/update.sh $WORK/common-config-git-output.txt
# Final render and update of output file.
[net] exec bash -c 'bash -euo pipefail $WORK/render.sh 2>&1'
[net] stdin stdout
exec $WORK/update.sh $WORK/reviewing-changes-git-output.txt
# Git diff and write to output file.
exec bash -c 'bash -euo pipefail $WORK/git-diff.sh'
stdin stdout
exec $WORK/update.sh $WORK/git.diff
# Final commit and write to output file
exec bash -c 'bash -euo pipefail $WORK/reviewing-changes-git-commit.sh'
stdin stdout
exec $WORK/update.sh $WORK/reviewing-changes-git-output.txt
# Clean up the tutorial directory and tmp $HOME directory
cd $WORK
exec rm -rf holos-helm-values-tutorial
exec rm -rf $HOME
-- update.sh --
#! /bin/bash
set -euo pipefail
[[ -s "$1" ]] && [[ -z "${HOLOS_UPDATE_SCRIPTS:-}" ]] && exit 0
cat > "$1"
-- mkdir-and-init.sh --
mkdir holos-helm-values-tutorial
cd holos-helm-values-tutorial
holos init platform v1alpha5
-- git-init.sh --
git init . && git add . && git commit -m "initial commit"
-- mkdir-components.sh --
mkdir -p components/prometheus components/blackbox
-- prometheus-component-header.sh --
cat <<EOF > components/prometheus/prometheus.cue
-- prometheus-component-body.cue --
package holos
// Produce a helm chart build plan.
holos: Helm.BuildPlan
Helm: #Helm & {
Chart: {
name: "prometheus"
version: "25.27.0"
repository: {
name: "prometheus-community"
url: "https://prometheus-community.github.io/helm-charts"
}
}
}
-- eof-trailer.sh --
EOF
-- blackbox-component-header.sh --
cat <<EOF > components/blackbox/blackbox.cue
-- blackbox-component-body.cue --
package holos
// Produce a helm chart build plan.
holos: Helm.BuildPlan
Helm: #Helm & {
Chart: {
name: "prometheus-blackbox-exporter"
version: "9.0.1"
repository: {
name: "prometheus-community"
url: "https://prometheus-community.github.io/helm-charts"
}
}
}
-- register-components-header.sh --
cat <<EOF > platform/prometheus.cue
-- register-components-body.cue --
package holos
Platform: Components: {
prometheus: {
name: "prometheus"
path: "components/prometheus"
}
blackbox: {
name: "blackbox"
path: "components/blackbox"
}
}
-- render.sh --
holos render platform
-- register-components-output.txt --
cached prometheus-blackbox-exporter 9.0.1
rendered blackbox in 3.825430417s
cached prometheus 25.27.0
rendered prometheus in 4.840089667s
rendered platform in 4.840137792s
-- register-components-git-commit.sh --
git add . && git commit -m 'add blackbox and prometheus'
-- register-components-git-commit-output.txt --
[main b5df111] add blackbox and prometheus
5 files changed, 1550 insertions(+)
create mode 100644 components/blackbox/blackbox.cue
create mode 100644 components/prometheus/prometheus.cue
create mode 100644 deploy/components/blackbox/blackbox.gen.yaml
create mode 100644 deploy/components/prometheus/prometheus.gen.yaml
create mode 100644 platform/prometheus.cue
-- import-prometheus-values.sh --
holos cue import \
--package holos \
--path 'Helm: Values:' \
--outfile components/prometheus/values.cue \
components/prometheus/vendor/25.27.0/prometheus/values.yaml
-- import-blackbox-values.sh --
holos cue import \
--package holos \
--path 'Helm: Values:' \
--outfile components/blackbox/values.cue \
components/blackbox/vendor/9.0.1/prometheus-blackbox-exporter/values.yaml
-- import-values-render-output.txt --
rendered blackbox in 365.936792ms
rendered prometheus in 371.855875ms
rendered platform in 372.109916ms
-- import-values-git-commit.sh --
git add . && git commit -m 'import values'
-- import-values-git-output.txt --
[main 52e90ea] import values
2 files changed, 1815 insertions(+)
create mode 100644 components/blackbox/values.cue
create mode 100644 components/prometheus/values.cue
-- mkdir-common-config.sh --
mkdir -p config/prometheus
-- blackbox-common-config-header.sh --
cat <<EOF > config/prometheus/blackbox.cue
-- blackbox-common-config-body.cue --
package prometheus
// Schema Definition
#Blackbox: {
// host constrained to a lower case dns label
host: string & =~"^[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?$"
// port constrained to a valid range
port: int & >0 & <=65535
}
// Concrete values must validate against the schema.
blackbox: #Blackbox & {
host: "blackbox"
port: 9115
}
-- blackbox-common-config-git-commit.sh --
git add . && git commit -m 'add blackbox configuration'
-- blackbox-common-config-git-output.txt --
[main 1adcd08] add blackbox configuration
1 file changed, 15 insertions(+)
create mode 100644 components/blackbox.cue
-- common-config-patch.sh --
patch -p1 < values.patch
-- values.patch --
--- a/components/blackbox/values.cue
+++ b/components/blackbox/values.cue
@@ -1,6 +1,11 @@
package holos
+// Import common blackbox configuration
+import "holos.example/config/prometheus"
+
Helm: Values: {
+ fullnameOverride: prometheus.blackbox.host
+
global: {
//# Global image registry to use if it needs to be overriden for some specific use cases (e.g local registries, custom images, ...)
//#
@@ -192,7 +197,7 @@ Helm: Values: {
annotations: {}
labels: {}
type: "ClusterIP"
- port: 9115
+ port: prometheus.blackbox.port
ipDualStack: {
enabled: false
ipFamilies: ["IPv6", "IPv4"]
--- a/components/prometheus/values.cue
+++ b/components/prometheus/values.cue
@@ -1,5 +1,8 @@
package holos
+// Import common blackbox configuration
+import "holos.example/config/prometheus"
+
Helm: Values: {
// yaml-language-server: $schema=values.schema.json
// Default values for prometheus.
@@ -1083,7 +1086,7 @@ Helm: Values: {
target_label: "__param_target"
}, {
target_label: "__address__"
- replacement: "blackbox"
+ replacement: "\(prometheus.blackbox.host):\(prometheus.blackbox.port)"
}, {
source_labels: ["__param_target"]
target_label: "instance"
-- common-config-patch.txt --
patching file 'components/blackbox/values.cue'
patching file 'components/prometheus/values.cue'
-- common-config-rm.sh --
rm values.patch
-- common-config-git.sh --
git add . && git commit -m 'integrate blackbox and prometheus together'
-- common-config-git-output.txt --
[main 4221803] integrate blackbox and prometheus together
2 files changed, 4 insertions(+), 2 deletions(-)
-- reviewing-changes-render-output.txt --
rendered blackbox in 374.810666ms
rendered prometheus in 382.899334ms
rendered platform in 383.270625ms
-- git-diff.sh --
git diff
-- git.diff --
diff --git a/deploy/components/blackbox/blackbox.gen.yaml b/deploy/components/blackbox/blackbox.gen.yaml
index 3db20cd..5336f44 100644
--- a/deploy/components/blackbox/blackbox.gen.yaml
+++ b/deploy/components/blackbox/blackbox.gen.yaml
@@ -7,7 +7,7 @@ metadata:
app.kubernetes.io/name: prometheus-blackbox-exporter
app.kubernetes.io/version: v0.25.0
helm.sh/chart: prometheus-blackbox-exporter-9.0.1
- name: prometheus-blackbox-exporter
+ name: blackbox
namespace: default
---
apiVersion: v1
@@ -31,7 +31,7 @@ metadata:
app.kubernetes.io/name: prometheus-blackbox-exporter
app.kubernetes.io/version: v0.25.0
helm.sh/chart: prometheus-blackbox-exporter-9.0.1
- name: prometheus-blackbox-exporter
+ name: blackbox
namespace: default
---
apiVersion: v1
@@ -43,7 +43,7 @@ metadata:
app.kubernetes.io/name: prometheus-blackbox-exporter
app.kubernetes.io/version: v0.25.0
helm.sh/chart: prometheus-blackbox-exporter-9.0.1
- name: prometheus-blackbox-exporter
+ name: blackbox
namespace: default
spec:
ports:
@@ -65,7 +65,7 @@ metadata:
app.kubernetes.io/name: prometheus-blackbox-exporter
app.kubernetes.io/version: v0.25.0
helm.sh/chart: prometheus-blackbox-exporter-9.0.1
- name: prometheus-blackbox-exporter
+ name: blackbox
namespace: default
spec:
replicas: 1
@@ -119,8 +119,8 @@ spec:
name: config
hostNetwork: false
restartPolicy: Always
- serviceAccountName: prometheus-blackbox-exporter
+ serviceAccountName: blackbox
volumes:
- configMap:
- name: prometheus-blackbox-exporter
+ name: blackbox
name: config
diff --git a/deploy/components/prometheus/prometheus.gen.yaml b/deploy/components/prometheus/prometheus.gen.yaml
index 9e02bce..ab638f0 100644
--- a/deploy/components/prometheus/prometheus.gen.yaml
+++ b/deploy/components/prometheus/prometheus.gen.yaml
@@ -589,7 +589,7 @@ data:
- source_labels:
- __address__
target_label: __param_target
- - replacement: blackbox
+ - replacement: blackbox:9115
target_label: __address__
- source_labels:
- __param_target
-- reviewing-changes-git-commit.sh --
git add . && git commit -m 'render integrated blackbox and prometheus manifests'
-- reviewing-changes-git-output.txt --
[main 67efe0d] render integrated blackbox and prometheus manifests
2 files changed, 7 insertions(+), 7 deletions(-)

1
doc/md/tutorial/_helm-values/script-01-holos-version/command.sh Normal file
View File

@@ -0,0 +1 @@
holos --version

1
doc/md/tutorial/_helm-values/script-01-holos-version/output.txt Normal file
View File

@@ -0,0 +1 @@
0.102.5

15
doc/md/tutorial/_helm-values/script-02-helm-values/blackbox-common-config-body.cue Normal file
View File

@@ -0,0 +1,15 @@
package prometheus
// Schema Definition
#Blackbox: {
// host constrained to a lower case dns label
host: string & =~"^[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?$"
// port constrained to a valid range
port: int & >0 & <=65535
}
// Concrete values must validate against the schema.
blackbox: #Blackbox & {
host: "blackbox"
port: 9115
}

1
doc/md/tutorial/_helm-values/script-02-helm-values/blackbox-common-config-git-commit.sh Normal file
View File

@@ -0,0 +1 @@
git add . && git commit -m 'add blackbox configuration'

3
doc/md/tutorial/_helm-values/script-02-helm-values/blackbox-common-config-git-output.txt Normal file
View File

@@ -0,0 +1,3 @@
[main 1adcd08] add blackbox configuration
1 file changed, 15 insertions(+)
create mode 100644 components/blackbox.cue

1
doc/md/tutorial/_helm-values/script-02-helm-values/blackbox-common-config-header.sh Normal file
View File

@@ -0,0 +1 @@
cat <<EOF > config/prometheus/blackbox.cue

15
doc/md/tutorial/_helm-values/script-02-helm-values/blackbox-component-body.cue Normal file
View File

@@ -0,0 +1,15 @@
package holos
// Produce a helm chart build plan.
holos: Helm.BuildPlan
Helm: #Helm & {
Chart: {
name: "prometheus-blackbox-exporter"
version: "9.0.1"
repository: {
name: "prometheus-community"
url: "https://prometheus-community.github.io/helm-charts"
}
}
}

1
doc/md/tutorial/_helm-values/script-02-helm-values/blackbox-component-header.sh Normal file
View File

@@ -0,0 +1 @@
cat <<EOF > components/blackbox/blackbox.cue

2
doc/md/tutorial/_helm-values/script-02-helm-values/common-config-git-output.txt Normal file
View File

@@ -0,0 +1,2 @@
[main 4221803] integrate blackbox and prometheus together
2 files changed, 4 insertions(+), 2 deletions(-)

1
doc/md/tutorial/_helm-values/script-02-helm-values/common-config-git.sh Normal file
View File

@@ -0,0 +1 @@
git add . && git commit -m 'integrate blackbox and prometheus together'

1
doc/md/tutorial/_helm-values/script-02-helm-values/common-config-patch.sh Normal file
View File

@@ -0,0 +1 @@
patch -p1 < values.patch

2
doc/md/tutorial/_helm-values/script-02-helm-values/common-config-patch.txt Normal file
View File

@@ -0,0 +1,2 @@
patching file 'components/blackbox/values.cue'
patching file 'components/prometheus/values.cue'

1
doc/md/tutorial/_helm-values/script-02-helm-values/common-config-rm.sh Normal file
View File

@@ -0,0 +1 @@
rm values.patch

1
doc/md/tutorial/_helm-values/script-02-helm-values/eof-trailer.sh Normal file
View File

@@ -0,0 +1 @@
EOF

1
doc/md/tutorial/_helm-values/script-02-helm-values/git-diff.sh Normal file
View File

@@ -0,0 +1 @@
git diff

1
doc/md/tutorial/_helm-values/script-02-helm-values/git-init.sh Normal file
View File

@@ -0,0 +1 @@
git init . && git add . && git commit -m "initial commit"

64
doc/md/tutorial/_helm-values/script-02-helm-values/git.diff Normal file
View File

@@ -0,0 +1,64 @@
diff --git a/deploy/components/blackbox/blackbox.gen.yaml b/deploy/components/blackbox/blackbox.gen.yaml
index 3db20cd..5336f44 100644
--- a/deploy/components/blackbox/blackbox.gen.yaml
+++ b/deploy/components/blackbox/blackbox.gen.yaml
@@ -7,7 +7,7 @@ metadata:
app.kubernetes.io/name: prometheus-blackbox-exporter
app.kubernetes.io/version: v0.25.0
helm.sh/chart: prometheus-blackbox-exporter-9.0.1
- name: prometheus-blackbox-exporter
+ name: blackbox
namespace: default
---
apiVersion: v1
@@ -31,7 +31,7 @@ metadata:
app.kubernetes.io/name: prometheus-blackbox-exporter
app.kubernetes.io/version: v0.25.0
helm.sh/chart: prometheus-blackbox-exporter-9.0.1
- name: prometheus-blackbox-exporter
+ name: blackbox
namespace: default
---
apiVersion: v1
@@ -43,7 +43,7 @@ metadata:
app.kubernetes.io/name: prometheus-blackbox-exporter
app.kubernetes.io/version: v0.25.0
helm.sh/chart: prometheus-blackbox-exporter-9.0.1
- name: prometheus-blackbox-exporter
+ name: blackbox
namespace: default
spec:
ports:
@@ -65,7 +65,7 @@ metadata:
app.kubernetes.io/name: prometheus-blackbox-exporter
app.kubernetes.io/version: v0.25.0
helm.sh/chart: prometheus-blackbox-exporter-9.0.1
- name: prometheus-blackbox-exporter
+ name: blackbox
namespace: default
spec:
replicas: 1
@@ -119,8 +119,8 @@ spec:
name: config
hostNetwork: false
restartPolicy: Always
- serviceAccountName: prometheus-blackbox-exporter
+ serviceAccountName: blackbox
volumes:
- configMap:
- name: prometheus-blackbox-exporter
+ name: blackbox
name: config
diff --git a/deploy/components/prometheus/prometheus.gen.yaml b/deploy/components/prometheus/prometheus.gen.yaml
index 9e02bce..ab638f0 100644
--- a/deploy/components/prometheus/prometheus.gen.yaml
+++ b/deploy/components/prometheus/prometheus.gen.yaml
@@ -589,7 +589,7 @@ data:
- source_labels:
- __address__
target_label: __param_target
- - replacement: blackbox
+ - replacement: blackbox:9115
target_label: __address__
- source_labels:
- __param_target

5
doc/md/tutorial/_helm-values/script-02-helm-values/import-blackbox-values.sh Normal file
View File

@@ -0,0 +1,5 @@
holos cue import \
--package holos \
--path 'Helm: Values:' \
--outfile components/blackbox/values.cue \
components/blackbox/vendor/9.0.1/prometheus-blackbox-exporter/values.yaml

5
doc/md/tutorial/_helm-values/script-02-helm-values/import-prometheus-values.sh Normal file
View File

@@ -0,0 +1,5 @@
holos cue import \
--package holos \
--path 'Helm: Values:' \
--outfile components/prometheus/values.cue \
components/prometheus/vendor/25.27.0/prometheus/values.yaml

1
doc/md/tutorial/_helm-values/script-02-helm-values/import-values-git-commit.sh Normal file
View File

@@ -0,0 +1 @@
git add . && git commit -m 'import values'

4
doc/md/tutorial/_helm-values/script-02-helm-values/import-values-git-output.txt Normal file
View File

@@ -0,0 +1,4 @@
[main 52e90ea] import values
2 files changed, 1815 insertions(+)
create mode 100644 components/blackbox/values.cue
create mode 100644 components/prometheus/values.cue

3
doc/md/tutorial/_helm-values/script-02-helm-values/import-values-render-output.txt Normal file
View File

@@ -0,0 +1,3 @@
rendered blackbox in 365.936792ms
rendered prometheus in 371.855875ms
rendered platform in 372.109916ms

3
doc/md/tutorial/_helm-values/script-02-helm-values/mkdir-and-init.sh Normal file
View File

@@ -0,0 +1,3 @@
mkdir holos-helm-values-tutorial
cd holos-helm-values-tutorial
holos init platform v1alpha5

1
doc/md/tutorial/_helm-values/script-02-helm-values/mkdir-common-config.sh Normal file
View File

@@ -0,0 +1 @@
mkdir -p config/prometheus

1
doc/md/tutorial/_helm-values/script-02-helm-values/mkdir-components.sh Normal file
View File

@@ -0,0 +1 @@
mkdir -p components/prometheus components/blackbox

15
doc/md/tutorial/_helm-values/script-02-helm-values/prometheus-component-body.cue Normal file
View File

@@ -0,0 +1,15 @@
package holos
// Produce a helm chart build plan.
holos: Helm.BuildPlan
Helm: #Helm & {
Chart: {
name: "prometheus"
version: "25.27.0"
repository: {
name: "prometheus-community"
url: "https://prometheus-community.github.io/helm-charts"
}
}
}

1
doc/md/tutorial/_helm-values/script-02-helm-values/prometheus-component-header.sh Normal file
View File

@@ -0,0 +1 @@
cat <<EOF > components/prometheus/prometheus.cue

12
doc/md/tutorial/_helm-values/script-02-helm-values/register-components-body.cue Normal file
View File

@@ -0,0 +1,12 @@
package holos
Platform: Components: {
prometheus: {
name: "prometheus"
path: "components/prometheus"
}
blackbox: {
name: "blackbox"
path: "components/blackbox"
}
}

7
doc/md/tutorial/_helm-values/script-02-helm-values/register-components-git-commit-output.txt Normal file
View File

@@ -0,0 +1,7 @@
[main b5df111] add blackbox and prometheus
5 files changed, 1550 insertions(+)
create mode 100644 components/blackbox/blackbox.cue
create mode 100644 components/prometheus/prometheus.cue
create mode 100644 deploy/components/blackbox/blackbox.gen.yaml
create mode 100644 deploy/components/prometheus/prometheus.gen.yaml
create mode 100644 platform/prometheus.cue

1
doc/md/tutorial/_helm-values/script-02-helm-values/register-components-git-commit.sh Normal file
View File

@@ -0,0 +1 @@
git add . && git commit -m 'add blackbox and prometheus'

1
doc/md/tutorial/_helm-values/script-02-helm-values/register-components-header.sh Normal file
View File

@@ -0,0 +1 @@
cat <<EOF > platform/prometheus.cue

5
doc/md/tutorial/_helm-values/script-02-helm-values/register-components-output.txt Normal file
View File

@@ -0,0 +1,5 @@
cached prometheus-blackbox-exporter 9.0.1
rendered blackbox in 3.825430417s
cached prometheus 25.27.0
rendered prometheus in 4.840089667s
rendered platform in 4.840137792s

1
doc/md/tutorial/_helm-values/script-02-helm-values/render.sh Normal file
View File

@@ -0,0 +1 @@
holos render platform

1
doc/md/tutorial/_helm-values/script-02-helm-values/reviewing-changes-git-commit.sh Normal file
View File

@@ -0,0 +1 @@
git add . && git commit -m 'render integrated blackbox and prometheus manifests'

2
doc/md/tutorial/_helm-values/script-02-helm-values/reviewing-changes-git-output.txt Normal file
View File

@@ -0,0 +1,2 @@
[main 67efe0d] render integrated blackbox and prometheus manifests
2 files changed, 7 insertions(+), 7 deletions(-)

3
doc/md/tutorial/_helm-values/script-02-helm-values/reviewing-changes-render-output.txt Normal file
View File

@@ -0,0 +1,3 @@
rendered blackbox in 374.810666ms
rendered prometheus in 382.899334ms
rendered platform in 383.270625ms

4
doc/md/tutorial/_helm-values/script-02-helm-values/update.sh Executable file
View File

@@ -0,0 +1,4 @@
#! /bin/bash
set -euo pipefail
[[ -s "$1" ]] && [[ -z "${HOLOS_UPDATE_SCRIPTS:-}" ]] && exit 0
cat > "$1"

43
doc/md/tutorial/_helm-values/script-02-helm-values/values.patch Normal file
View File

@@ -0,0 +1,43 @@
--- a/components/blackbox/values.cue
+++ b/components/blackbox/values.cue
@@ -1,6 +1,11 @@
package holos
+// Import common blackbox configuration
+import "holos.example/config/prometheus"
+
Helm: Values: {
+ fullnameOverride: prometheus.blackbox.host
+
global: {
//# Global image registry to use if it needs to be overriden for some specific use cases (e.g local registries, custom images, ...)
//#
@@ -192,7 +197,7 @@ Helm: Values: {
annotations: {}
labels: {}
type: "ClusterIP"
- port: 9115
+ port: prometheus.blackbox.port
ipDualStack: {
enabled: false
ipFamilies: ["IPv6", "IPv4"]
--- a/components/prometheus/values.cue
+++ b/components/prometheus/values.cue
@@ -1,5 +1,8 @@
package holos
+// Import common blackbox configuration
+import "holos.example/config/prometheus"
+
Helm: Values: {
// yaml-language-server: $schema=values.schema.json
// Default values for prometheus.
@@ -1083,7 +1086,7 @@ Helm: Values: {
target_label: "__param_target"
}, {
target_label: "__address__"
- replacement: "blackbox"
+ replacement: "\(prometheus.blackbox.host):\(prometheus.blackbox.port)"
}, {
source_labels: ["__param_target"]
target_label: "instance"

408
doc/md/tutorial/helm-values.mdx
View File

@@ -8,6 +8,7 @@ sidebar_position: 40
import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';
import YouTube from '@site/src/components/YouTube';
import CodeBlock from '@theme/CodeBlock';
<head>
<meta property="og:title" content="Helm Values | Holos" />
@@ -41,82 +42,57 @@ resource.
## The Code
### Holos Version
Ensure you have a current version of `holos` installed. This document was
tested with the following version.
import HolosVersionCommand from '!!raw-loader!./_helm-values/script-01-holos-version/command.sh';
import HolosVersionOutput from '!!raw-loader!./_helm-values/script-01-holos-version/output.txt';
<CodeBlock language="bash">{HolosVersionCommand}</CodeBlock>
<CodeBlock language="txt">{HolosVersionOutput}</CodeBlock>
### Generating the structure
Use `holos` to generate a minimal platform directory structure. First, create
and navigate into a blank directory, then use the `holos init platform` command:
```shell
mkdir holos-helm-values-tutorial
cd holos-helm-values-tutorial
holos init platform v1alpha5
```
import MkdirAndInit from '!!raw-loader!./_helm-values/script-02-helm-values/mkdir-and-init.sh';
<CodeBlock language="bash">{MkdirAndInit}</CodeBlock>
Make an initial commit to track changes:
```bash
git init . && git add . && git commit -m "initial commit"
```
import GitInit from '!!raw-loader!./_helm-values/script-02-helm-values/git-init.sh';
<CodeBlock language="bash">{GitInit}</CodeBlock>
### Managing the Components
Create the `prometheus` and `blackbox` component directories, then add each of
the following file contents.
```bash
mkdir -p components/prometheus components/blackbox
```
import MkdirComponents from '!!raw-loader!./_helm-values/script-02-helm-values/mkdir-components.sh';
import PrometheusComponentHeader from '!!raw-loader!./_helm-values/script-02-helm-values/prometheus-component-header.sh';
import PrometheusComponentBody from '!!raw-loader!./_helm-values/script-02-helm-values/prometheus-component-body.cue';
import BlackboxComponentHeader from '!!raw-loader!./_helm-values/script-02-helm-values/blackbox-component-header.sh';
import BlackboxComponentBody from '!!raw-loader!./_helm-values/script-02-helm-values/blackbox-component-body.cue';
import EofTrailer from '!!raw-loader!./_helm-values/script-02-helm-values/eof-trailer.sh';
<CodeBlock language="bash">{MkdirComponents}</CodeBlock>
<Tabs groupId="D15A3008-1EFC-4D34-BED1-15BC0C736CC3">
<TabItem value="prometheus.cue" label="prometheus.cue">
```bash
cat <<EOF > components/prometheus/prometheus.cue
```
```cue showLineNumbers
package holos
// Produce a helm chart build plan.
holos: Helm.BuildPlan
Helm: #Helm & {
Chart: {
name: "prometheus"
version: "25.27.0"
repository: {
name: "prometheus-community"
url: "https://prometheus-community.github.io/helm-charts"
}
}
}
```
```bash
EOF
```
<CodeBlock language="bash">{PrometheusComponentHeader}</CodeBlock>
<CodeBlock language="cue" showLineNumbers>{PrometheusComponentBody}</CodeBlock>
<CodeBlock language="bash">{EofTrailer}</CodeBlock>
</TabItem>
<TabItem value="blackbox.cue" label="blackbox.cue">
```bash
cat <<EOF > components/blackbox/blackbox.cue
```
```cue showLineNumbers
package holos
// Produce a helm chart build plan.
holos: Helm.BuildPlan
Helm: #Helm & {
Chart: {
name: "prometheus-blackbox-exporter"
version: "9.0.1"
repository: {
name: "prometheus-community"
url: "https://prometheus-community.github.io/helm-charts"
}
}
}
```
```bash
EOF
```
<CodeBlock language="bash">{BlackboxComponentHeader}</CodeBlock>
<CodeBlock language="cue" showLineNumbers>{BlackboxComponentBody}</CodeBlock>
<CodeBlock language="bash">{EofTrailer}</CodeBlock>
</TabItem>
</Tabs>
@@ -124,64 +100,38 @@ EOF
Register the components with the platform by adding the following file to the platform directory.
```bash
cat <<EOF > platform/prometheus.cue
```
```cue showLineNumbers
package holos
import RegisterComponentsHeader from '!!raw-loader!./_helm-values/script-02-helm-values/register-components-header.sh';
import RegisterComponentsBody from '!!raw-loader!./_helm-values/script-02-helm-values/register-components-body.cue';
Platform: Components: {
prometheus: {
name: "prometheus"
path: "components/prometheus"
}
blackbox: {
name: "blackbox"
path: "components/blackbox"
}
}
```
```bash
EOF
```
<CodeBlock language="bash">{RegisterComponentsHeader}</CodeBlock>
<CodeBlock language="cue" showLineNumbers>{RegisterComponentsBody}</CodeBlock>
<CodeBlock language="bash">{EofTrailer}</CodeBlock>
Render the platform.
import RenderCommand from '!!raw-loader!./_helm-values/script-02-helm-values/render.sh';
import RegisterComponentsRenderOutput from '!!raw-loader!./_helm-values/script-02-helm-values/register-components-output.txt';
<Tabs groupId="33D6BFED-62D8-4A42-A26A-F3121D57C4E5">
<TabItem value="command" label="Command">
```bash
holos render platform
```
<CodeBlock language="bash">{RenderCommand}</CodeBlock>
</TabItem>
<TabItem value="output" label="Output">
```txt
cached prometheus-blackbox-exporter 9.0.1
rendered blackbox in 3.825430417s
cached prometheus 25.27.0
rendered prometheus in 4.840089667s
rendered platform in 4.840137792s
```
<CodeBlock language="txt">{RegisterComponentsRenderOutput}</CodeBlock>
</TabItem>
</Tabs>
Commit the results.
import GitCommitRegisterComponents from '!!raw-loader!./_helm-values/script-02-helm-values/register-components-git-commit.sh';
import RegisterComponentsGitOutput from '!!raw-loader!./_helm-values/script-02-helm-values/register-components-git-commit-output.txt';
<Tabs groupId="446CC550-A634-45C0-BEC7-992E5C56D4FA">
<TabItem value="command" label="Command">
```bash
git add . && git commit -m 'add blackbox and prometheus'
```
<CodeBlock language="bash">{GitCommitRegisterComponents}</CodeBlock>
</TabItem>
<TabItem value="output" label="Output">
```txt
[main b5df111] add blackbox and prometheus
5 files changed, 1550 insertions(+)
create mode 100644 components/blackbox/blackbox.cue
create mode 100644 components/prometheus/prometheus.cue
create mode 100644 deploy/components/blackbox/blackbox.gen.yaml
create mode 100644 deploy/components/prometheus/prometheus.gen.yaml
create mode 100644 platform/prometheus.cue
```
<CodeBlock language="txt">{RegisterComponentsGitOutput}</CodeBlock>
</TabItem>
</Tabs>
@@ -190,21 +140,11 @@ git add . && git commit -m 'add blackbox and prometheus'
Holos renders Helm charts with their default values. We can import these default
values into CUE to work with them as structured data instead of text markup.
```bash
holos cue import \
--package holos \
--path 'Helm: Values:' \
--outfile components/prometheus/values.cue \
components/prometheus/vendor/25.27.0/prometheus/values.yaml
```
import ImportPrometheusValues from '!!raw-loader!./_helm-values/script-02-helm-values/import-prometheus-values.sh';
import ImportBlackboxValues from '!!raw-loader!./_helm-values/script-02-helm-values/import-blackbox-values.sh';
```bash
holos cue import \
--package holos \
--path 'Helm: Values:' \
--outfile components/blackbox/values.cue \
components/blackbox/vendor/9.0.1/prometheus-blackbox-exporter/values.yaml
```
<CodeBlock language="bash">{ImportPrometheusValues}</CodeBlock>
<CodeBlock language="bash">{ImportBlackboxValues}</CodeBlock>
These commands convert the YAML data into CUE code and nest the values under the
`Values` field of the `Helm` struct.
@@ -215,67 +155,43 @@ CUE unifies `values.cue` with the other `\*.cue` files in the same directory.
Render the platform using `holos render platform` and commit the results.
import ImportValuesRenderOutput from '!!raw-loader!./_helm-values/script-02-helm-values/import-values-render-output.txt';
import ImportValuesGitCommit from '!!raw-loader!./_helm-values/script-02-helm-values/import-values-git-commit.sh';
import ImportValuesGitOutput from '!!raw-loader!./_helm-values/script-02-helm-values/import-values-git-output.txt';
<Tabs groupId="BDDCD65A-2E9D-4BA6-AAE2-8099494D5E4B">
<TabItem value="command" label="Command">
```bash
holos render platform
```
<CodeBlock language="bash">{RenderCommand}</CodeBlock>
</TabItem>
<TabItem value="output" label="Output">
```txt
rendered blackbox in 365.936792ms
rendered prometheus in 371.855875ms
rendered platform in 372.109916ms
```
<CodeBlock language="txt">{ImportValuesRenderOutput}</CodeBlock>
</TabItem>
</Tabs>
<Tabs groupId="1636C619-258E-4D49-8052-F64B588C9177">
<TabItem value="command" label="Command">
```bash
git add . && git commit -m 'import values'
```
<CodeBlock language="bash">{ImportValuesGitCommit}</CodeBlock>
</TabItem>
<TabItem value="output" label="Output">
```txt
[main 52e90ea] import values
2 files changed, 1815 insertions(+)
create mode 100644 components/blackbox/values.cue
create mode 100644 components/prometheus/values.cue
```
<CodeBlock language="txt">{ImportValuesGitOutput}</CodeBlock>
</TabItem>
</Tabs>
### Managing Common Configuration
To manage shared configuration for both Helm charts, define a structure that
holds the common configuration values. Place this configuration in the
`components` directory to ensure it is accessible to all components.
holds the common configuration values. Create a `config` directory at the root
of the repository, and place the configuration file there to ensure it is
accessible to all components.
import BlackboxCommonConfigMkdir from '!!raw-loader!./_helm-values/script-02-helm-values/mkdir-common-config.sh';
import BlackboxCommonConfigHeader from '!!raw-loader!./_helm-values/script-02-helm-values/blackbox-common-config-header.sh';
import BlackboxCommonConfigBody from '!!raw-loader!./_helm-values/script-02-helm-values/blackbox-common-config-body.cue';
```bash
cat <<EOF > components/blackbox.cue
```
```cue showLineNumbers
package holos
// Schema Definition
#Blackbox: {
// host constrained to a lower case dns label
host: string & =~"^[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?$"
// port constrained to a valid range
port: int & >0 & <=65535
}
// Concrete values must validate against the schema.
Blackbox: #Blackbox & {
host: "blackbox"
port: 9115
}
```
```bash
EOF
```
<CodeBlock language="bash">{BlackboxCommonConfigMkdir}</CodeBlock>
<CodeBlock language="bash">{BlackboxCommonConfigHeader}</CodeBlock>
<CodeBlock language="cue" showLineNumbers>{BlackboxCommonConfigBody}</CodeBlock>
<CodeBlock language="bash" showLineNumbers>{EofTrailer}</CodeBlock>
:::important
1. CUE loads and unifies all `*.cue` files from the root directory containing
@@ -286,75 +202,41 @@ languages with only type checking.
Add and commit the configuration.
import BlackboxCommonConfigGit from '!!raw-loader!./_helm-values/script-02-helm-values/blackbox-common-config-git-commit.sh';
import BlackboxCommonConfigGitOutput from '!!raw-loader!./_helm-values/script-02-helm-values/blackbox-common-config-git-output.txt';
<Tabs groupId="A738CCE4-F0C6-4CC7-BE1F-2B92F0E86FDC">
<TabItem value="command" label="Command">
```bash
git add . && git commit -m 'add blackbox configuration'
```
<CodeBlock language="bash">{BlackboxCommonConfigGit}</CodeBlock>
</TabItem>
<TabItem value="output" label="Output">
```txt
[main 1adcd08] add blackbox configuration
1 file changed, 15 insertions(+)
create mode 100644 components/blackbox.cue
```
<CodeBlock language="bash">{BlackboxCommonConfigGitOutput}</CodeBlock>
</TabItem>
</Tabs>
### Using Common Configuration Across Components
Referencing common configuration across multiple components is straightforward
and reliable using Holos and CUE.
and reliable using Holos and CUE. Configuration can be imported where necessary
following [CUE module standards], which are similar to Golang.
To apply the common configuration, patch the two `values.cue` files, or manually
edit them to reference `Blackbox.host` and `Blackbox.port`.
edit them to import the configuration and reference `prometheus.blackbox.host`
and `prometheus.blackbox.port`.
import CommonConfigPatchCommand from '!!raw-loader!./_helm-values/script-02-helm-values/common-config-patch.sh';
import CommonConfigPatchDiff from '!!raw-loader!./_helm-values/script-02-helm-values/values.patch';
import CommonConfigPatchOutput from '!!raw-loader!./_helm-values/script-02-helm-values/common-config-patch.txt';
<Tabs groupId="5FFCE892-B8D4-4F5B-B2E2-39EC9E9F87A4">
<TabItem value="command" label="Command">
```bash
patch -p1 < values.patch
```
<CodeBlock language="bash">{CommonConfigPatchCommand}</CodeBlock>
</TabItem>
<TabItem value="patch" label="values.patch">
```diff
--- a/components/blackbox/values.cue
+++ b/components/blackbox/values.cue
@@ -1,6 +1,8 @@
package holos
Helm: Values: {
+ fullnameOverride: Blackbox.host
+
global: {
//# Global image registry to use if it needs to be overriden for some specific use cases (e.g local registries, custom images, ...)
//#
@@ -192,7 +194,7 @@ Helm: Values: {
annotations: {}
labels: {}
type: "ClusterIP"
- port: 9115
+ port: Blackbox.port
ipDualStack: {
enabled: false
ipFamilies: ["IPv6", "IPv4"]
--- a/components/prometheus/values.cue
+++ b/components/prometheus/values.cue
@@ -1083,7 +1083,7 @@ Helm: Values: {
target_label: "__param_target"
}, {
target_label: "__address__"
- replacement: "blackbox"
+ replacement: "\(Blackbox.host):\(Blackbox.port)"
}, {
source_labels: ["__param_target"]
target_label: "instance"
```
<CodeBlock language="diff">{CommonConfigPatchDiff}</CodeBlock>
</TabItem>
<TabItem value="output" label="Output">
```txt
patching file 'components/blackbox/values.cue'
patching file 'components/prometheus/values.cue'
```
<CodeBlock language="txt">{CommonConfigPatchOutput}</CodeBlock>
</TabItem>
</Tabs>
@@ -365,20 +247,17 @@ safely and easily.
Remove the patch file, then commit the changes.
import CommonConfigPatchRm from '!!raw-loader!./_helm-values/script-02-helm-values/common-config-rm.sh';
import CommonConfigPatchGitCommit from '!!raw-loader!./_helm-values/script-02-helm-values/common-config-git.sh';
import CommonConfigPatchGitCommitOutput from '!!raw-loader!./_helm-values/script-02-helm-values/common-config-git-output.txt';
<Tabs groupId="6498B00E-FADA-4EB2-885C-808F1D22E04D">
<TabItem value="command" label="Command">
```bash
rm values.patch
```
```bash
git add . && git commit -m 'integrate blackbox and prometheus together'
```
<CodeBlock language="bash">{CommonConfigPatchRm}</CodeBlock>
<CodeBlock language="bash">{CommonConfigPatchGitCommit}</CodeBlock>
</TabItem>
<TabItem value="output" label="Output">
```txt
[main 4221803] integrate blackbox and prometheus together
2 files changed, 4 insertions(+), 2 deletions(-)
```
<CodeBlock language="txt">{CommonConfigPatchGitCommitOutput}</CodeBlock>
</TabItem>
</Tabs>
@@ -387,97 +266,28 @@ git add . && git commit -m 'integrate blackbox and prometheus together'
Holos makes it easy to view and review platform-wide changes. Render the
platform to observe how both Prometheus and Blackbox update in sync.
import ReviewingChangesRenderOutput from '!!raw-loader!./_helm-values/script-02-helm-values/reviewing-changes-render-output.txt';
<Tabs groupId="E7F6D8B1-22FA-4075-9B44-D9F2815FE0D3">
<TabItem value="command" label="Command">
```bash
holos render platform
```
<CodeBlock language="bash">{RenderCommand}</CodeBlock>
</TabItem>
<TabItem value="output" label="Output">
```txt
rendered blackbox in 374.810666ms
rendered prometheus in 382.899334ms
rendered platform in 383.270625ms
```
<CodeBlock language="txt">{ReviewingChangesRenderOutput}</CodeBlock>
</TabItem>
</Tabs>
Changes are easily visible in version control.
import GitDiffCommand from '!!raw-loader!./_helm-values/script-02-helm-values/git-diff.sh';
import GitDiff from '!!raw-loader!./_helm-values/script-02-helm-values/git.diff';
<Tabs groupId="9789A0EF-24D4-4FB9-978A-3895C2778789">
<TabItem value="command" label="Command">
```bash
git diff
```
<CodeBlock language="bash">{GitDiffCommand}</CodeBlock>
</TabItem>
<TabItem value="output" label="Output">
```diff
diff --git a/deploy/components/blackbox/blackbox.gen.yaml b/deploy/components/blackbox/blackbox.gen.yaml
index 3db20cd..5336f44 100644
--- a/deploy/components/blackbox/blackbox.gen.yaml
+++ b/deploy/components/blackbox/blackbox.gen.yaml
@@ -7,7 +7,7 @@ metadata:
app.kubernetes.io/name: prometheus-blackbox-exporter
app.kubernetes.io/version: v0.25.0
helm.sh/chart: prometheus-blackbox-exporter-9.0.1
- name: prometheus-blackbox-exporter
+ name: blackbox
namespace: default
---
apiVersion: v1
@@ -31,7 +31,7 @@ metadata:
app.kubernetes.io/name: prometheus-blackbox-exporter
app.kubernetes.io/version: v0.25.0
helm.sh/chart: prometheus-blackbox-exporter-9.0.1
- name: prometheus-blackbox-exporter
+ name: blackbox
namespace: default
---
apiVersion: v1
@@ -43,7 +43,7 @@ metadata:
app.kubernetes.io/name: prometheus-blackbox-exporter
app.kubernetes.io/version: v0.25.0
helm.sh/chart: prometheus-blackbox-exporter-9.0.1
- name: prometheus-blackbox-exporter
+ name: blackbox
namespace: default
spec:
ports:
@@ -65,7 +65,7 @@ metadata:
app.kubernetes.io/name: prometheus-blackbox-exporter
app.kubernetes.io/version: v0.25.0
helm.sh/chart: prometheus-blackbox-exporter-9.0.1
- name: prometheus-blackbox-exporter
+ name: blackbox
namespace: default
spec:
replicas: 1
@@ -119,8 +119,8 @@ spec:
name: config
hostNetwork: false
restartPolicy: Always
- serviceAccountName: prometheus-blackbox-exporter
+ serviceAccountName: blackbox
volumes:
- configMap:
- name: prometheus-blackbox-exporter
+ name: blackbox
name: config
diff --git a/deploy/components/prometheus/prometheus.gen.yaml b/deploy/components/prometheus/prometheus.gen.yaml
index 9e02bce..ab638f0 100644
--- a/deploy/components/prometheus/prometheus.gen.yaml
+++ b/deploy/components/prometheus/prometheus.gen.yaml
@@ -589,7 +589,7 @@ data:
- source_labels:
- __address__
target_label: __param_target
- - replacement: blackbox
+ - replacement: blackbox:9115
target_label: __address__
- source_labels:
- __param_target
```
<CodeBlock language="diff">{GitDiff}</CodeBlock>
</TabItem>
</Tabs>
@@ -494,17 +304,15 @@ Blackbox host or port will reconfigure both charts correctly.
Commit the changes and proceed to deploy them.
import ReviewingChangesGitCommit from '!!raw-loader!./_helm-values/script-02-helm-values/reviewing-changes-git-commit.sh';
import ReviewingChangesGitOutput from '!!raw-loader!./_helm-values/script-02-helm-values/reviewing-changes-git-output.txt';
<Tabs groupId="F8C9A98D-DE1E-4EF6-92C1-017A9166F6C7">
<TabItem value="command" label="Command">
```bash
git add . && git commit -m 'render integrated blackbox and prometheus manifests'
```
<CodeBlock language="bash">{ReviewingChangesGitCommit}</CodeBlock>
</TabItem>
<TabItem value="output" label="Output">
```txt
[main 67efe0d] render integrated blackbox and prometheus manifests
2 files changed, 7 insertions(+), 7 deletions(-)
```
<CodeBlock language="txt">{ReviewingChangesGitOutput}</CodeBlock>
</TabItem>
</Tabs>
@@ -524,7 +332,7 @@ service endpoint.
[prometheus]: https://github.com/prometheus-community/helm-charts/tree/prometheus-25.27.0/charts/prometheus
[blackbox]: https://github.com/prometheus-community/helm-charts/tree/prometheus-blackbox-exporter-9.0.1/charts/prometheus-blackbox-exporter
[httpbin]: https://github.com/mccutchen/go-httpbin/tree/v2.15.0
[CUE module standards]: https://cuelang.org/docs/concept/modules-packages-instances/
[Config Schema]: #config-schema
[Technical Overview]: ./overview.mdx

87
doc/md/tutorial/helm-values_test.go Normal file
View File

@@ -0,0 +1,87 @@
package main
import (
"os"
"path/filepath"
"runtime"
"slices"
"strings"
"testing"
"github.com/holos-run/holos/cmd"
"github.com/rogpeppe/go-internal/testscript"
cue "cuelang.org/go/cmd/cue/cmd"
)
func TestMain(m *testing.M) {
os.Exit(testscript.RunMain(m, map[string]func() int{
"holos": cmd.MakeMain(),
"cue": cue.Main,
}))
}
// Run these with go test -v to see the verbose names
func TestHelmValues(t *testing.T) {
t.Run("TestHelmValues", func(t *testing.T) {
// Get an ordered list of test script files.
dir := "_helm-values"
for _, file := range sortedTestScripts(t, filepath.Join(dir, "examples")) {
t.Run("examples", func(t *testing.T) {
runOneScript(t, dir, file)
})
}
})
}
func runOneScript(t *testing.T, dir string, file string) {
params := testscript.Params{
Dir: "",
Files: []string{file},
RequireExplicitExec: true,
RequireUniqueNames: false,
WorkdirRoot: filepath.Join(testDir(t), dir),
UpdateScripts: os.Getenv("HOLOS_UPDATE_SCRIPTS") != "",
Setup: func(env *testscript.Env) error {
// Needed for update.sh to determine if we need to update output files.
env.Setenv("HOLOS_UPDATE_SCRIPTS", os.Getenv("HOLOS_UPDATE_SCRIPTS"))
// Just like cmd/cue/cmd.TestScript, set up separate cache and config dirs per test.
env.Setenv("CUE_CACHE_DIR", filepath.Join(env.WorkDir, "tmp/cachedir"))
configDir := filepath.Join(env.WorkDir, "tmp/configdir")
env.Setenv("CUE_CONFIG_DIR", configDir)
return nil
},
}
testscript.Run(t, params)
}
// testDir returns the path of the directory containing the go source file of
// the caller.
func testDir(t *testing.T) string {
_, file, _, ok := runtime.Caller(0)
if !ok {
t.Fatal("could not get runtime caller")
}
return filepath.Dir(file)
}
func sortedTestScripts(t *testing.T, dir string) (files []string) {
entries, err := os.ReadDir(dir)
if os.IsNotExist(err) {
// Continue to helpful error on len(files) == 0 below.
} else if err != nil {
t.Fatal(err)
}
for _, entry := range entries {
name := entry.Name()
if strings.HasSuffix(name, ".txtar") || strings.HasSuffix(name, ".txt") {
files = append(files, filepath.Join(dir, name))
}
}
if len(files) == 0 {
t.Fatalf("no txtar nor txt scripts found in dir %s", dir)
}
slices.Sort(files)
return files
}

15
doc/md/tutorial/setup.mdx
View File

@@ -38,8 +38,23 @@ go install github.com/holos-run/holos/cmd/holos@latest
### Completion
:::tip
Completion is automatically enabled if [brew shell
completion](https://docs.brew.sh/Shell-Completion) is also enabled.
:::
<Tabs groupId="65F79D28-2E57-4A90-8EBA-3D8758C80233">
<TabItem value="zsh" label="zsh">
Add the following to `~/.zshrc` if not already present to initialize zsh completion.
```bash
autoload -Uz compinit
compinit
```
Then load holos completion after zsh completion has been initialized.
```bash
source <(holos completion zsh)
```

39
doc/website/package-lock.json generated
View File

@@ -15,6 +15,7 @@
"@mdx-js/react": "^3.0.0",
"clsx": "^2.0.0",
"prism-react-renderer": "^2.3.0",
"raw-loader": "^4.0.2",
"react": "^18.0.0",
"react-dom": "^18.0.0"
},
@@ -14477,6 +14478,44 @@
"node": ">= 0.8"
}
},
"node_modules/raw-loader": {
"version": "4.0.2",
"resolved": "https://registry.npmjs.org/raw-loader/-/raw-loader-4.0.2.tgz",
"integrity": "sha512-ZnScIV3ag9A4wPX/ZayxL/jZH+euYb6FcUinPcgiQW0+UBtEv0O6Q3lGd3cqJ+GHH+rksEv3Pj99oxJ3u3VIKA==",
"license": "MIT",
"dependencies": {
"loader-utils": "^2.0.0",
"schema-utils": "^3.0.0"
},
"engines": {
"node": ">= 10.13.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/webpack"
},
"peerDependencies": {
"webpack": "^4.0.0 || ^5.0.0"
}
},
"node_modules/raw-loader/node_modules/schema-utils": {
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-3.3.0.tgz",
"integrity": "sha512-pN/yOAvcC+5rQ5nERGuwrjLlYvLTbCibnZ1I7B1LaiAz9BRBlE9GMgE/eqV30P7aJQUf7Ddimy/RsbYO/GrVGg==",
"license": "MIT",
"dependencies": {
"@types/json-schema": "^7.0.8",
"ajv": "^6.12.5",
"ajv-keywords": "^3.5.2"
},
"engines": {
"node": ">= 10.13.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/webpack"
}
},
"node_modules/rc": {
"version": "1.2.8",
"resolved": "https://registry.npmjs.org/rc/-/rc-1.2.8.tgz",

1
doc/website/package.json
View File

@@ -22,6 +22,7 @@
"@mdx-js/react": "^3.0.0",
"clsx": "^2.0.0",
"prism-react-renderer": "^2.3.0",
"raw-loader": "^4.0.2",
"react": "^18.0.0",
"react-dom": "^18.0.0"
},

24
doc/website/src/components/YouTube/index.tsx
View File

@@ -2,15 +2,15 @@ import styles from './styles.module.css';
//Pulled from: https://gaudion.dev/blog/mdx-youtube-embed
//components/mdx/YouTube.tsx
export default function YouTube ({ id } : { id : string }){
return (
<div class={styles.videoWrapper}>
<iframe
className="aspect-video w-full"
src={"https://www.youtube.com/embed/" + id}
title="YouTube Video Player"
allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
></iframe>
</div>
);
};
export default function YouTube({ id }: { id: string }) {
return (
<div className={styles.videoWrapper}>
<iframe
className="aspect-video w-full"
src={"https://www.youtube.com/embed/" + id + "?rel=0"}
title="YouTube Video Player"
allow="picture-in-picture; fullscreen; accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope;"
></iframe>
</div>
);
};

21
doc/website/static/_redirects
View File

@@ -1,16 +1,29 @@
/docs /docs/v1alpha5/ 301
/docs/ /docs/v1alpha5/ 301
/docs/tutorial /docs/v1alpha5/tutorial/ 301
/docs/tutorial/ /docs/v1alpha5/tutorial/ 301
/docs/tutorial /docs/v1alpha5/tutorial/overview/ 301
/docs/tutorial/ /docs/v1alpha5/tutorial/overview/ 301
/docs/quickstart /docs/v1alpha5/tutorial/overview/ 301
/docs/quickstart/ /docs/v1alpha5/tutorial/overview/ 301
/docs/overview /docs/v1alpha5/tutorial/overview/ 301
/docs/overview/ /docs/v1alpha5/tutorial/overview/ 301
/docs/topics /docs/v1alpha5/topics/structures/ 301
/docs/topics/ /docs/v1alpha5/topics/structures/ 301
/docs/guides /docs/v1alpha5/tutorial/overview/ 301
/docs/guides/ /docs/v1alpha5/tutorial/overview/ 301
/docs/topics /docs/v1alpha5/topics/ 301
/docs/topics/ /docs/v1alpha5/topics/ 301
/docs/setup /docs/v1alpha5/tutorial/setup/ 301
/docs/setup/ /docs/v1alpha5/tutorial/setup/ 301
/docs/local-cluster /docs/v1alpha5/topics/local-cluster/ 301
/docs/local-cluster/ /docs/v1alpha5/topics/local-cluster/ 301
/docs/guides/helm /docs/v1alpha5/tutorial/helm-values/ 301
/docs/guides/helm/ /docs/v1alpha5/tutorial/helm-values/ 301
/docs/kargo /docs/v1alpha5/topics/kargo/ 301
/docs/kargo/ /docs/v1alpha5/topics/kargo/ 301
/docs/comparison /docs/v1alpha5/topics/comparison/ 301
/docs/comparison/ /docs/v1alpha5/topics/comparison/ 301
/docs/support /docs/v1alpha5/tutorial/overview/#getting-help 301
/docs/support/ /docs/v1alpha5/tutorial/overview/#getting-help 301
/docs/api/author /docs/v1alpha5/api/author/ 301
/docs/api/author/ /docs/v1alpha5/api/author/ 301
# Redirect to our own take on the pattern once we figure out what to call it.
# See: https://discord.com/channels/1299051862418395216/1299055980738383882/1327347525354524805
/blog/the-rendered-manifests-pattern https://akuity.io/blog/the-rendered-manifests-pattern 301

9
go.mod
View File

@@ -10,7 +10,7 @@ require (
connectrpc.com/grpcreflect v1.2.0
connectrpc.com/otelconnect v0.7.0
connectrpc.com/validate v0.1.0
cuelang.org/go v0.11.0
cuelang.org/go v0.11.1
entgo.io/ent v0.13.1
github.com/bufbuild/buf v1.35.1
github.com/choria-io/machine-room v0.0.0-20240417064836-c604da2f005e
@@ -46,6 +46,7 @@ require (
k8s.io/client-go v0.31.1
k8s.io/kubectl v0.31.1
modernc.org/sqlite v1.29.6
sigs.k8s.io/kustomize/kustomize/v5 v5.5.0
sigs.k8s.io/yaml v1.4.0
)
@@ -354,7 +355,6 @@ require (
go.opentelemetry.io/otel/metric v1.28.0 // indirect
go.opentelemetry.io/otel/sdk v1.28.0 // indirect
go.opentelemetry.io/otel/trace v1.28.0 // indirect
go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
go.uber.org/atomic v1.11.0 // indirect
go.uber.org/automaxprocs v1.5.3 // indirect
go.uber.org/multierr v1.11.0 // indirect
@@ -394,7 +394,8 @@ require (
oras.land/oras-go v1.2.5 // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/kind v0.23.0 // indirect
sigs.k8s.io/kustomize/api v0.17.2 // indirect
sigs.k8s.io/kustomize/kyaml v0.17.1 // indirect
sigs.k8s.io/kustomize/api v0.18.0 // indirect
sigs.k8s.io/kustomize/cmd/config v0.15.0 // indirect
sigs.k8s.io/kustomize/kyaml v0.18.1 // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
)

19
go.sum
View File

@@ -52,8 +52,8 @@ connectrpc.com/validate v0.1.0 h1:r55jirxMK7HO/xZwVHj3w2XkVFarsUM77ZDy367NtH4=
connectrpc.com/validate v0.1.0/go.mod h1:GU47c9/x/gd+u9wRSPkrQOP46gx2rMN+Wo37EHgI3Ow=
cuelabs.dev/go/oci/ociregistry v0.0.0-20240906074133-82eb438dd565 h1:R5wwEcbEZSBmeyg91MJZTxfd7WpBo2jPof3AYjRbxwY=
cuelabs.dev/go/oci/ociregistry v0.0.0-20240906074133-82eb438dd565/go.mod h1:5A4xfTzHTXfeVJBU6RAUf+QrlfTCW+017q/QiW+sMLg=
cuelang.org/go v0.11.0 h1:2af2nhipqlUHtXk2dtOP5xnMm1ObGvKqIsJUJL1sRE4=
cuelang.org/go v0.11.0/go.mod h1:PBY6XvPUswPPJ2inpvUozP9mebDVTXaeehQikhZPBz0=
cuelang.org/go v0.11.1 h1:pV+49MX1mmvDm8Qh3Za3M786cty8VKPWzQ1Ho4gZRP0=
cuelang.org/go v0.11.1/go.mod h1:PBY6XvPUswPPJ2inpvUozP9mebDVTXaeehQikhZPBz0=
dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s=
dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
@@ -1077,8 +1077,6 @@ go.opentelemetry.io/otel/trace v1.28.0/go.mod h1:jPyXzNPg6da9+38HEwElrQiHlVMTnVf
go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0=
go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8=
go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY=
go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds=
go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
go.uber.org/automaxprocs v1.5.3 h1:kWazyxZUrS3Gs4qUpbwo5kEIMGe/DAvi5Z4tl2NW4j8=
@@ -1282,7 +1280,6 @@ golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
@@ -1557,10 +1554,14 @@ sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMm
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
sigs.k8s.io/kind v0.23.0 h1:8fyDGWbWTeCcCTwA04v4Nfr45KKxbSPH1WO9K+jVrBg=
sigs.k8s.io/kind v0.23.0/go.mod h1:ZQ1iZuJLh3T+O8fzhdi3VWcFTzsdXtNv2ppsHc8JQ7s=
sigs.k8s.io/kustomize/api v0.17.2 h1:E7/Fjk7V5fboiuijoZHgs4aHuexi5Y2loXlVOAVAG5g=
sigs.k8s.io/kustomize/api v0.17.2/go.mod h1:UWTz9Ct+MvoeQsHcJ5e+vziRRkwimm3HytpZgIYqye0=
sigs.k8s.io/kustomize/kyaml v0.17.1 h1:TnxYQxFXzbmNG6gOINgGWQt09GghzgTP6mIurOgrLCQ=
sigs.k8s.io/kustomize/kyaml v0.17.1/go.mod h1:9V0mCjIEYjlXuCdYsSXvyoy2BTsLESH7TlGV81S282U=
sigs.k8s.io/kustomize/api v0.18.0 h1:hTzp67k+3NEVInwz5BHyzc9rGxIauoXferXyjv5lWPo=
sigs.k8s.io/kustomize/api v0.18.0/go.mod h1:f8isXnX+8b+SGLHQ6yO4JG1rdkZlvhaCf/uZbLVMb0U=
sigs.k8s.io/kustomize/cmd/config v0.15.0 h1:WkdY8V2+8J+W00YbImXa2ke9oegfrHH79e+kywW7EdU=
sigs.k8s.io/kustomize/cmd/config v0.15.0/go.mod h1:Jq57b0nPaoYUlOqg//0JtAh6iibboqMcfbtCYoWPM00=
sigs.k8s.io/kustomize/kustomize/v5 v5.5.0 h1:o1mtt6vpxsxDYaZKrw3BnEtc+pAjLz7UffnIvHNbvW0=
sigs.k8s.io/kustomize/kustomize/v5 v5.5.0/go.mod h1:AeFCmgCrXzmvjWWaeZCyBp6XzG1Y0w1svYus8GhJEOE=
sigs.k8s.io/kustomize/kyaml v0.18.1 h1:WvBo56Wzw3fjS+7vBjN6TeivvpbW9GmRaWZ9CIVmt4E=
sigs.k8s.io/kustomize/kyaml v0.18.1/go.mod h1:C3L2BFVU1jgcddNBE1TxuVLgS46TjObMwW5FT9FcjYo=
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4=
sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08=
sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E=

77
internal/builder/instance.go
View File

@@ -5,17 +5,75 @@ import (
"encoding/json"
"fmt"
"log/slog"
"os"
"path/filepath"
"strings"
"sync"
"cuelang.org/go/cue"
"cuelang.org/go/cue/cuecontext"
"cuelang.org/go/cue/interpreter/embed"
"cuelang.org/go/cue/load"
"cuelang.org/go/encoding/yaml"
"github.com/holos-run/holos/internal/errors"
"github.com/holos-run/holos/internal/holos"
"github.com/holos-run/holos/internal/util"
)
func LoadInstance(path string, tags []string) (*Instance, error) {
// cue context and loading is not safe for concurrent use.
var cueMutex sync.Mutex
// ExtractYAML extracts yaml encoded data from file paths. The data is unified
// into one [cue.Value]. If a path element is a directory, all files in the
// directory are loaded non-recursively.
//
// Attribution: https://github.com/cue-lang/cue/issues/3504
// Deprecated: Use cue embed instead.
func ExtractYAML(ctxt *cue.Context, filepaths []string) (cue.Value, error) {
value := ctxt.CompileString("")
files := make([]string, 0, 10*len(filepaths))
for _, path := range filepaths {
info, err := os.Stat(path)
if err != nil {
return value, errors.Wrap(err)
}
if !info.IsDir() {
files = append(files, path)
continue
}
entries, err := os.ReadDir(path)
if err != nil {
return value, errors.Wrap(err)
}
for _, entry := range entries {
if entry.IsDir() {
continue
}
files = append(files, filepath.Join(path, entry.Name()))
}
}
for _, file := range files {
f, err := yaml.Extract(file, nil)
if err != nil {
return value, errors.Wrap(err)
}
value = value.Unify(ctxt.BuildFile(f))
}
return value, nil
}
// LoadInstance loads the cue configuration instance at path. External data
// file paths are loaded by calling [ExtractYAML] providing filepaths. The
// extracted data values are unified with the platform configuration [cue.Value]
// in the returned [Instance].
func LoadInstance(path string, filepaths []string, tags []string) (*Instance, error) {
cueMutex.Lock()
defer cueMutex.Unlock()
root, leaf, err := util.FindRootLeaf(path)
if err != nil {
return nil, errors.Wrap(err)
@@ -26,20 +84,25 @@ func LoadInstance(path string, tags []string) (*Instance, error) {
ModuleRoot: root,
Tags: tags,
}
ctxt := cuecontext.New(cuecontext.Interpreter(embed.New()))
ctx := cuecontext.New()
instances := load.Instances([]string{leaf}, cfg)
values, err := ctx.BuildInstances(instances)
bis := load.Instances([]string{path}, cfg)
values, err := ctxt.BuildInstances(bis)
if err != nil {
return nil, errors.Wrap(err)
}
value, err := ExtractYAML(ctxt, filepaths)
if err != nil {
return nil, errors.Wrap(err)
}
value = value.Unify(values[0])
inst := &Instance{
path: leaf,
ctx: ctx,
ctx: ctxt,
cfg: cfg,
value: values[0],
value: value,
}
return inst, nil

4
internal/builder/platform.go
View File

@@ -16,7 +16,7 @@ import (
// platform.
type PlatformOpts struct {
Fn func(context.Context, int, holos.Component) error
Selector holos.Selector
Selectors holos.Selectors
Concurrency int
InfoEnabled bool
}
@@ -31,7 +31,7 @@ type Platform struct {
func (p *Platform) Build(ctx context.Context, opts PlatformOpts) error {
limit := max(opts.Concurrency, 1)
parentStart := time.Now()
components := p.Select(opts.Selector)
components := p.Select(opts.Selectors...)
total := len(components)
g, ctx := errgroup.WithContext(ctx)

14
internal/builder/v1alpha5/builder.go
View File

@@ -107,6 +107,20 @@ func (c *Component) Path() string {
return util.DotSlash(c.Component.Path)
}
// ExtractYAML returns the path values for the --extract-yaml command line flag.
func (c *Component) ExtractYAML() ([]string, error) {
if c == nil {
return nil, nil
}
instances := make([]string, 0, len(c.Component.Instances))
for _, instance := range c.Component.Instances {
if instance.Kind == "ExtractYAML" {
instances = append(instances, instance.ExtractYAML.Path)
}
}
return instances, nil
}
var _ holos.BuildPlan = &BuildPlan{}
var _ task = generatorTask{}
var _ task = transformersTask{}

109
internal/cli/main.go
View File

@@ -1,110 +1 @@
package cli
import (
"context"
"fmt"
"log/slog"
"os"
"runtime/pprof"
"runtime/trace"
"connectrpc.com/connect"
cue "cuelang.org/go/cue/errors"
"github.com/holos-run/holos/internal/errors"
"github.com/holos-run/holos/internal/holos"
"google.golang.org/genproto/googleapis/rpc/errdetails"
)
func memProfile(ctx context.Context, cfg *holos.Config) {
if format := os.Getenv("HOLOS_MEM_PROFILE"); format != "" {
f, _ := os.Create(fmt.Sprintf(format, os.Getppid(), os.Getpid()))
defer f.Close()
if err := pprof.WriteHeapProfile(f); err != nil {
_ = HandleError(ctx, err, cfg)
}
}
}
// MakeMain makes a main function for the cli or tests.
func MakeMain(options ...holos.Option) func() int {
return func() (exitCode int) {
cfg := holos.New(options...)
slog.SetDefault(cfg.Logger())
ctx := context.Background()
if format := os.Getenv("HOLOS_CPU_PROFILE"); format != "" {
f, _ := os.Create(fmt.Sprintf(format, os.Getppid(), os.Getpid()))
err := pprof.StartCPUProfile(f)
defer func() {
pprof.StopCPUProfile()
f.Close()
}()
if err != nil {
return HandleError(ctx, err, cfg)
}
}
defer memProfile(ctx, cfg)
if format := os.Getenv("HOLOS_TRACE"); format != "" {
f, _ := os.Create(fmt.Sprintf(format, os.Getppid(), os.Getpid()))
err := trace.Start(f)
defer func() {
trace.Stop()
f.Close()
}()
if err != nil {
return HandleError(ctx, err, cfg)
}
}
feature := &holos.EnvFlagger{}
if err := New(cfg, feature).ExecuteContext(ctx); err != nil {
return HandleError(ctx, err, cfg)
}
return 0
}
}
// HandleError is the top level error handler that unwraps and logs errors.
func HandleError(ctx context.Context, err error, hc *holos.Config) (exitCode int) {
// Connect errors have codes, log them.
log := hc.NewTopLevelLogger().With("code", connect.CodeOf(err))
var cueErr cue.Error
var errAt *errors.ErrorAt
if errors.As(err, &errAt) {
loc := errAt.Source.Loc()
err2 := errAt.Unwrap()
log.ErrorContext(ctx, fmt.Sprintf("could not run: %s at %s", err2, loc), "err", err2, "loc", loc)
} else {
log.ErrorContext(ctx, fmt.Sprintf("could not run: %s", err), "err", err)
}
// cue errors are bundled up as a list and refer to multiple files / lines.
if errors.As(err, &cueErr) {
msg := cue.Details(cueErr, nil)
if _, err := fmt.Fprint(hc.Stderr(), msg); err != nil {
log.ErrorContext(ctx, "could not write CUE error details: "+err.Error(), "err", err)
}
}
// connect errors have details and codes.
// Refer to https://connectrpc.com/docs/go/errors
if connectErr := new(connect.Error); errors.As(err, &connectErr) {
for _, detail := range connectErr.Details() {
msg, valueErr := detail.Value()
if valueErr != nil {
log.WarnContext(ctx, "could not decode error detail", "err", err, "type", detail.Type(), "note", "this usually means we don't have the schema for the protobuf message type")
continue
}
if info, ok := msg.(*errdetails.ErrorInfo); ok {
logDetail := log.With("reason", info.GetReason(), "domain", info.GetDomain())
for k, v := range info.GetMetadata() {
logDetail = logDetail.With(k, v)
}
logDetail.ErrorContext(ctx, info.String())
}
}
}
return 1
}

23
internal/cli/render/render.go
View File

@@ -43,8 +43,10 @@ func newPlatform(cfg *holos.Config, feature holos.Flagger) *cobra.Command {
cmd.Flags().IntVar(&concurrency, "concurrency", runtime.NumCPU(), "number of components to render concurrently")
var platform string
cmd.Flags().StringVar(&platform, "platform", "./platform", "platform directory path")
var selector holos.Selector
cmd.Flags().VarP(&selector, "selector", "l", "label selector (e.g. label==string,label!=string)")
var extractYAMLs holos.StringSlice
cmd.Flags().Var(&extractYAMLs, "extract-yaml", "data file paths to extract and unify with the platform config")
var selectors holos.Selectors
cmd.Flags().VarP(&selectors, "selector", "l", "label selector (e.g. label==string,label!=string)")
tagMap := make(holos.TagMap)
cmd.Flags().VarP(&tagMap, "inject", "t", tagHelp)
@@ -57,7 +59,7 @@ func newPlatform(cfg *holos.Config, feature holos.Flagger) *cobra.Command {
log.WarnContext(ctx, fmt.Sprintf(msg, platform))
}
inst, err := builder.LoadInstance(platform, tagMap.Tags())
inst, err := builder.LoadInstance(platform, extractYAMLs, tagMap.Tags())
if err != nil {
return errors.Wrap(err)
}
@@ -73,7 +75,7 @@ func newPlatform(cfg *holos.Config, feature holos.Flagger) *cobra.Command {
}
opts := builder.PlatformOpts{
Fn: makeComponentRenderFunc(cmd.ErrOrStderr(), prefixArgs, tagMap.Tags()),
Selector: selector,
Selectors: selectors,
Concurrency: concurrency,
InfoEnabled: true,
}
@@ -107,12 +109,14 @@ func newComponent(cfg *holos.Config, feature holos.Flagger) *cobra.Command {
cmd.Flags().VarP(&tagMap, "inject", "t", tagHelp)
var concurrency int
cmd.Flags().IntVar(&concurrency, "concurrency", runtime.NumCPU(), "number of concurrent build steps")
var extractYAMLs holos.StringSlice
cmd.Flags().Var(&extractYAMLs, "extract-yaml", "data file paths to extract and unify with the platform config")
cmd.RunE = func(cmd *cobra.Command, args []string) error {
ctx := cmd.Root().Context()
path := args[0]
inst, err := builder.LoadInstance(path, tagMap.Tags())
inst, err := builder.LoadInstance(path, extractYAMLs, tagMap.Tags())
if err != nil {
return errors.Wrap(err)
}
@@ -146,7 +150,11 @@ func makeComponentRenderFunc(w io.Writer, prefixArgs, cliTags []string) func(con
if err != nil {
return errors.Wrap(err)
}
args := make([]string, 0, 10+len(prefixArgs)+(len(tags)*2))
filepaths, err := component.ExtractYAML()
if err != nil {
return errors.Wrap(err)
}
args := make([]string, 0, 10+len(prefixArgs)+(len(tags)*2+len(filepaths)*2))
args = append(args, prefixArgs...)
args = append(args, "render", "component")
for _, tag := range cliTags {
@@ -155,6 +163,9 @@ func makeComponentRenderFunc(w io.Writer, prefixArgs, cliTags []string) func(con
for _, tag := range tags {
args = append(args, "--inject", tag)
}
for _, path := range filepaths {
args = append(args, "--extract-yaml", path)
}
args = append(args, component.Path())
if _, err := util.RunCmdA(ctx, w, "holos", args...); err != nil {
return errors.Format("could not render component: %w", err)

55
internal/cli/root.go
View File

@@ -1,14 +1,18 @@
package cli
import (
"context"
_ "embed"
"fmt"
"log/slog"
"connectrpc.com/connect"
"github.com/spf13/cobra"
"google.golang.org/genproto/googleapis/rpc/errdetails"
"github.com/holos-run/holos/version"
"github.com/holos-run/holos/internal/errors"
"github.com/holos-run/holos/internal/holos"
"github.com/holos-run/holos/internal/logger"
"github.com/holos-run/holos/internal/server"
@@ -28,7 +32,8 @@ import (
"github.com/holos-run/holos/internal/cli/token"
"github.com/holos-run/holos/internal/cli/txtar"
cue "cuelang.org/go/cmd/cue/cmd"
cueCmd "cuelang.org/go/cmd/cue/cmd"
cue_errors "cuelang.org/go/cue/errors"
)
//go:embed help.txt
@@ -119,7 +124,7 @@ func newOrgCmd(feature holos.Flagger) (cmd *cobra.Command) {
func newCueCmd() (cmd *cobra.Command) {
// Get a handle on the cue root command fields.
root, _ := cue.New([]string{})
root, _ := cueCmd.New([]string{})
// Copy the fields to our embedded command.
cmd = command.New("cue")
cmd.Short = root.Short
@@ -130,8 +135,52 @@ func newCueCmd() (cmd *cobra.Command) {
// We do it this way so we handle errors correctly.
cmd.RunE = func(cmd *cobra.Command, args []string) error {
cueRootCommand, _ := cue.New(args)
cueRootCommand, _ := cueCmd.New(args)
return cueRootCommand.Run(cmd.Root().Context())
}
return cmd
}
// HandleError is the top level error handler that unwraps and logs errors.
func HandleError(ctx context.Context, err error, hc *holos.Config) (exitCode int) {
// Connect errors have codes, log them.
log := hc.NewTopLevelLogger().With("code", connect.CodeOf(err))
var cueErr cue_errors.Error
var errAt *errors.ErrorAt
if errors.As(err, &errAt) {
loc := errAt.Source.Loc()
err2 := errAt.Unwrap()
log.ErrorContext(ctx, fmt.Sprintf("could not run: %s at %s", err2, loc), "err", err2, "loc", loc)
} else {
log.ErrorContext(ctx, fmt.Sprintf("could not run: %s", err), "err", err)
}
// cue errors are bundled up as a list and refer to multiple files / lines.
if errors.As(err, &cueErr) {
msg := cue_errors.Details(cueErr, nil)
if _, err := fmt.Fprint(hc.Stderr(), msg); err != nil {
log.ErrorContext(ctx, "could not write CUE error details: "+err.Error(), "err", err)
}
}
// connect errors have details and codes.
// Refer to https://connectrpc.com/docs/go/errors
if connectErr := new(connect.Error); errors.As(err, &connectErr) {
for _, detail := range connectErr.Details() {
msg, valueErr := detail.Value()
if valueErr != nil {
log.WarnContext(ctx, "could not decode error detail", "err", err, "type", detail.Type(), "note", "this usually means we don't have the schema for the protobuf message type")
continue
}
if info, ok := msg.(*errdetails.ErrorInfo); ok {
logDetail := log.With("reason", info.GetReason(), "domain", info.GetDomain())
for k, v := range info.GetMetadata() {
logDetail = logDetail.With(k, v)
}
logDetail.ErrorContext(ctx, info.String())
}
}
}
return 1
}

20
internal/cli/show.go
View File

@@ -30,13 +30,15 @@ func newShowPlatformCmd() (cmd *cobra.Command) {
var platform string
cmd.Flags().StringVar(&platform, "platform", "./platform", "platform directory path")
var extractYAMLs holos.StringSlice
cmd.Flags().Var(&extractYAMLs, "extract-yaml", "data file paths to extract and unify with the platform config")
var format string
cmd.Flags().StringVar(&format, "format", "yaml", "yaml or json format")
tagMap := make(holos.TagMap)
cmd.Flags().VarP(&tagMap, "inject", "t", "set the value of a cue @tag field from a key=value pair")
cmd.RunE = func(c *cobra.Command, args []string) (err error) {
inst, err := builder.LoadInstance(platform, tagMap.Tags())
inst, err := builder.LoadInstance(platform, extractYAMLs, tagMap.Tags())
if err != nil {
return errors.Wrap(err)
}
@@ -64,10 +66,12 @@ func newShowBuildPlanCmd() (cmd *cobra.Command) {
var platform string
cmd.Flags().StringVar(&platform, "platform", "./platform", "platform directory path")
var extractYAMLs holos.StringSlice
cmd.Flags().Var(&extractYAMLs, "extract-yaml", "data file paths to extract and unify with the platform config")
var format string
cmd.Flags().StringVar(&format, "format", "yaml", "yaml or json format")
var selector holos.Selector
cmd.Flags().VarP(&selector, "selector", "l", "label selector (e.g. label==string,label!=string)")
var selectors holos.Selectors
cmd.Flags().VarP(&selectors, "selector", "l", "label selector (e.g. label==string,label!=string)")
tagMap := make(holos.TagMap)
cmd.Flags().VarP(&tagMap, "inject", "t", "set the value of a cue @tag field from a key=value pair")
var concurrency int
@@ -75,7 +79,7 @@ func newShowBuildPlanCmd() (cmd *cobra.Command) {
cmd.RunE = func(c *cobra.Command, args []string) (err error) {
path := platform
inst, err := builder.LoadInstance(path, tagMap.Tags())
inst, err := builder.LoadInstance(path, extractYAMLs, tagMap.Tags())
if err != nil {
return errors.Wrap(err)
}
@@ -98,7 +102,7 @@ func newShowBuildPlanCmd() (cmd *cobra.Command) {
platformOpts := builder.PlatformOpts{
Fn: makeBuildFunc(encoder, buildPlanOpts),
Selector: selector,
Selectors: selectors,
Concurrency: concurrency,
}
@@ -122,7 +126,11 @@ func makeBuildFunc(encoder holos.OrderedEncoder, opts holos.BuildOpts) func(cont
return errors.Wrap(err)
}
tags = append(tags, opts.Tags...)
inst, err := builder.LoadInstance(component.Path(), tags)
filepaths, err := component.ExtractYAML()
if err != nil {
return errors.Wrap(err)
}
inst, err := builder.LoadInstance(component.Path(), filepaths, tags)
if err != nil {
return errors.Wrap(err)
}

34
internal/generate/platforms/cue.mod/gen/github.com/holos-run/holos/api/core/v1alpha5/types_go_gen.cue
View File

@@ -290,7 +290,7 @@ package core
labels?: {[string]: string} @go(Labels,map[string]string)
// Annotations represents arbitrary non-identifying metadata. For example
// holos uses the `cli.holos.run/description` annotation to log resources in a
// holos uses the `app.holos.run/description` annotation to log resources in a
// user customized way.
annotations?: {[string]: string} @go(Annotations,map[string]string)
}
@@ -334,6 +334,11 @@ package core
// Injected as the tag variable "holos_component_path".
path: string @go(Path)
// Instances represents additional cue instance paths to unify with Path.
// Useful to unify data files into a component BuildPlan. Added in holos
// 0.101.7.
instances?: [...#Instance] @go(Instances,[]Instance)
// WriteTo represents the holos render component --write-to flag. If empty,
// the default value for the --write-to flag is used.
writeTo?: string @go(WriteTo)
@@ -350,6 +355,31 @@ package core
labels?: {[string]: string} @go(Labels,map[string]string)
// Annotations represents arbitrary non-identifying metadata. Use the
// `cli.holos.run/description` to customize the log message of each BuildPlan.
// `app.holos.run/description` to customize the log message of each BuildPlan.
annotations?: {[string]: string} @go(Annotations,map[string]string)
}
// Instance represents a data instance to unify with the configuration.
//
// Useful to unify json and yaml files with cue configuration files for
// integration with other tools. For example, executing holos render platform
// from a pull request workflow after [Kargo] executes the [yaml update] and
// [git wait for pr] promotion steps.
//
// [Kargo]: https://docs.kargo.io/
// [yaml update]: https://docs.kargo.io/references/promotion-steps#yaml-update
// [git wait for pr]: https://docs.kargo.io/references/promotion-steps#git-wait-for-pr
#Instance: {
// Kind is a discriminator.
kind: string & "ExtractYAML" @go(Kind)
// Ignored unless kind is ExtractYAML.
extractYAML?: #ExtractYAML @go(ExtractYAML)
}
// ExtractYAML represents a cue data instance encoded as yaml or json. If Path
// refers to a directory all files in the directory are extracted
// non-recursively. Otherwise, path must refer to a file.
#ExtractYAML: {
path: string @go(Path)
}

753
internal/generate/platforms/cue.mod/gen/helm.toolkit.fluxcd.io/helmrelease/v2/types_gen.cue Normal file
View File

@@ -0,0 +1,753 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v2
import "strings"
// HelmRelease is the Schema for the helmreleases API
#HelmRelease: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "helm.toolkit.fluxcd.io/v2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "HelmRelease"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// HelmReleaseSpec defines the desired state of a Helm release.
spec!: #HelmReleaseSpec
}
// HelmReleaseSpec defines the desired state of a Helm release.
#HelmReleaseSpec: {
// Chart defines the template of the v1.HelmChart that should be
// created
// for this HelmRelease.
chart?: {
// ObjectMeta holds the template for metadata like labels and
// annotations.
metadata?: {
// Annotations is an unstructured key value map stored with a
// resource that may be
// set by external tools to store and retrieve arbitrary metadata.
// They are not
// queryable and should be preserved when modifying objects.
// More info:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
annotations?: {
[string]: string
}
// Map of string keys and values that can be used to organize and
// categorize
// (scope and select) objects.
// More info:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
labels?: {
[string]: string
}
}
// Spec holds the template for the v1.HelmChartSpec for this
// HelmRelease.
spec: {
// The name or path the Helm chart is available at in the
// SourceRef.
chart: strings.MaxRunes(2048) & strings.MinRunes(1)
// IgnoreMissingValuesFiles controls whether to silently ignore
// missing values files rather than failing.
ignoreMissingValuesFiles?: bool
// Interval at which to check the v1.Source for updates. Defaults
// to
// 'HelmReleaseSpec.Interval'.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Determines what enables the creation of a new artifact. Valid
// values are
// ('ChartVersion', 'Revision').
// See the documentation of the values for an explanation on their
// behavior.
// Defaults to ChartVersion when omitted.
reconcileStrategy?: "ChartVersion" | "Revision" | *"ChartVersion"
// The name and namespace of the v1.Source the chart is available
// at.
sourceRef: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent.
kind: "HelmRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Namespace of the referent.
namespace?: strings.MaxRunes(63) & strings.MinRunes(1)
}
// Alternative list of values files to use as the chart values
// (values.yaml
// is not included by default), expected to be a relative path in
// the SourceRef.
// Values files are merged in the order of this list with the last
// file overriding
// the first. Ignored when omitted.
valuesFiles?: [...string]
// Verify contains the secret name containing the trusted public
// keys
// used to verify the signature and specifies which provider to
// use to check
// whether OCI image is authentic.
// This field is only supported for OCI sources.
// Chart dependencies, which are not bundled in the umbrella chart
// artifact,
// are not verified.
verify?: {
// Provider specifies the technology used to sign the OCI Helm
// chart.
provider: "cosign" | "notation" | *"cosign"
secretRef?: {
// Name of the referent.
name: string
}
}
// Version semver expression, ignored for charts from
// v1.GitRepository and
// v1beta2.Bucket sources. Defaults to latest when omitted.
version?: string | *"*"
}
}
// ChartRef holds a reference to a source controller resource
// containing the
// Helm chart artifact.
chartRef?: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent.
kind: "OCIRepository" | "HelmChart"
// Name of the referent.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Namespace of the referent, defaults to the namespace of the
// Kubernetes
// resource object that contains the reference.
namespace?: strings.MaxRunes(63) & strings.MinRunes(1)
}
// DependsOn may contain a meta.NamespacedObjectReference slice
// with
// references to HelmRelease resources that must be ready before
// this HelmRelease
// can be reconciled.
dependsOn?: [...{
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// DriftDetection holds the configuration for detecting and
// handling
// differences between the manifest in the Helm storage and the
// resources
// currently existing in the cluster.
driftDetection?: {
// Ignore contains a list of rules for specifying which changes to
// ignore
// during diffing.
ignore?: [...{
// Paths is a list of JSON Pointer (RFC 6901) paths to be excluded
// from
// consideration in a Kubernetes object.
paths: [...string]
// Target is a selector for specifying Kubernetes objects to which
// this
// rule applies.
// If Target is not set, the Paths will be ignored for all
// Kubernetes
// objects within the manifest of the Helm release.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Mode defines how differences should be handled between the Helm
// manifest
// and the manifest currently applied to the cluster.
// If not explicitly set, it defaults to DiffModeDisabled.
mode?: "enabled" | "warn" | "disabled"
}
// Install holds the configuration for Helm install actions for
// this HelmRelease.
install?: {
// CRDs upgrade CRDs from the Helm Chart's crds directory
// according
// to the CRD upgrade policy provided here. Valid values are
// `Skip`,
// `Create` or `CreateReplace`. Default is `Create` and if omitted
// CRDs are installed but not updated.
//
// Skip: do neither install nor replace (update) any CRDs.
//
// Create: new CRDs are created, existing CRDs are neither updated
// nor deleted.
//
// CreateReplace: new CRDs are created, existing CRDs are updated
// (replaced)
// but not deleted.
//
// By default, CRDs are applied (installed) during Helm install
// action.
// With this option users can opt in to CRD replace existing CRDs
// on Helm
// install actions, which is not (yet) natively supported by Helm.
// https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
crds?: "Skip" | "Create" | "CreateReplace"
// CreateNamespace tells the Helm install action to create the
// HelmReleaseSpec.TargetNamespace if it does not exist yet.
// On uninstall, the namespace will not be garbage collected.
createNamespace?: bool
// DisableHooks prevents hooks from running during the Helm
// install action.
disableHooks?: bool
// DisableOpenAPIValidation prevents the Helm install action from
// validating
// rendered templates against the Kubernetes OpenAPI Schema.
disableOpenAPIValidation?: bool
// DisableSchemaValidation prevents the Helm install action from
// validating
// the values against the JSON Schema.
disableSchemaValidation?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// install has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// install has been performed.
disableWaitForJobs?: bool
// Remediation holds the remediation configuration for when the
// Helm install
// action for the HelmRelease fails. The default is to not perform
// any action.
remediation?: {
// IgnoreTestFailures tells the controller to skip remediation
// when the Helm
// tests are run after an install action but fail. Defaults to
// 'Test.IgnoreFailures'.
ignoreTestFailures?: bool
// RemediateLastFailure tells the controller to remediate the last
// failure, when
// no retries remain. Defaults to 'false'.
remediateLastFailure?: bool
// Retries is the number of retries that should be attempted on
// failures before
// bailing. Remediation, using an uninstall, is performed between
// each attempt.
// Defaults to '0', a negative integer equals to unlimited
// retries.
retries?: int
}
// Replace tells the Helm install action to re-use the
// 'ReleaseName', but only
// if that name is a deleted release which remains in the history.
replace?: bool
// SkipCRDs tells the Helm install action to not install any CRDs.
// By default,
// CRDs are installed if not already present.
//
// Deprecated use CRD policy (`crds`) attribute with value `Skip`
// instead.
skipCRDs?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm install
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Interval at which to reconcile the Helm release.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
kubeConfig?: {
// SecretRef holds the name of a secret that contains a key with
// the kubeconfig file as the value. If no key is set, the key
// will default
// to 'value'.
// It is recommended that the kubeconfig is self-contained, and
// the secret
// is regularly updated if credentials such as a
// cloud-access-token expire.
// Cloud specific `cmd-path` auth helpers will not function
// without adding
// binaries and credentials to the Pod that is responsible for
// reconciling
// Kubernetes resources.
secretRef: {
// Key in the Secret, when not specified an
// implementation-specific default key is used.
key?: string
// Name of the Secret.
name: string
}
}
// MaxHistory is the number of revisions saved by Helm for this
// HelmRelease.
// Use '0' for an unlimited number of revisions; defaults to '5'.
maxHistory?: int
// PersistentClient tells the controller to use a persistent
// Kubernetes
// client for this release. When enabled, the client will be
// reused for the
// duration of the reconciliation, instead of being created and
// destroyed
// for each (step of a) Helm action.
//
// This can improve performance, but may cause issues with some
// Helm charts
// that for example do create Custom Resource Definitions during
// installation
// outside Helm's CRD lifecycle hooks, which are then not observed
// to be
// available by e.g. post-install hooks.
//
// If not set, it defaults to true.
persistentClient?: bool
// PostRenderers holds an array of Helm PostRenderers, which will
// be applied in order
// of their definition.
postRenderers?: [...{
// Kustomization to apply as PostRenderer.
kustomize?: {
// Images is a list of (image name, new name, new tag or digest)
// for changing image names, tags or digests. This can also be
// achieved with a
// patch, but this operator is simpler to specify.
images?: [...{
// Digest is the value used to replace the original image tag.
// If digest is present NewTag value is ignored.
digest?: string
// Name is a tag-less image name.
name: string
// NewName is the value used to replace the original name.
newName?: string
// NewTag is the value used to replace the original tag.
newTag?: string
}]
// Strategic merge and JSON patches, defined as inline YAML
// objects,
// capable of targeting objects based on kind, label and
// annotation selectors.
patches?: [...{
// Patch contains an inline StrategicMerge patch or an inline
// JSON6902 patch with
// an array of operation objects.
patch: string
// Target points to the resources that the patch document should
// be applied to.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
}
}]
// ReleaseName used for the Helm release. Defaults to a
// composition of
// '[TargetNamespace-]Name'.
releaseName?: strings.MaxRunes(53) & strings.MinRunes(1)
// Rollback holds the configuration for Helm rollback actions for
// this HelmRelease.
rollback?: {
// CleanupOnFail allows deletion of new resources created during
// the Helm
// rollback action when it fails.
cleanupOnFail?: bool
// DisableHooks prevents hooks from running during the Helm
// rollback action.
disableHooks?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// rollback has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// rollback has been performed.
disableWaitForJobs?: bool
// Force forces resource updates through a replacement strategy.
force?: bool
// Recreate performs pod restarts for the resource if applicable.
recreate?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm rollback
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// The name of the Kubernetes service account to impersonate
// when reconciling this HelmRelease.
serviceAccountName?: strings.MaxRunes(253) & strings.MinRunes(1)
// StorageNamespace used for the Helm storage.
// Defaults to the namespace of the HelmRelease.
storageNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Suspend tells the controller to suspend reconciliation for this
// HelmRelease,
// it does not apply to already started reconciliations. Defaults
// to false.
suspend?: bool
// TargetNamespace to target when performing operations for the
// HelmRelease.
// Defaults to the namespace of the HelmRelease.
targetNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Test holds the configuration for Helm test actions for this
// HelmRelease.
test?: {
// Enable enables Helm test actions for this HelmRelease after an
// Helm install
// or upgrade action has been performed.
enable?: bool
// Filters is a list of tests to run or exclude from running.
filters?: [...{
// Exclude specifies whether the named test should be excluded.
exclude?: bool
// Name is the name of the test.
name: strings.MaxRunes(253) & strings.MinRunes(1)
}]
// IgnoreFailures tells the controller to skip remediation when
// the Helm tests
// are run but fail. Can be overwritten for tests run after
// install or upgrade
// actions in 'Install.IgnoreTestFailures' and
// 'Upgrade.IgnoreTestFailures'.
ignoreFailures?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation during
// the performance of a Helm test action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Timeout is the time to wait for any individual Kubernetes
// operation (like Jobs
// for hooks) during the performance of a Helm action. Defaults to
// '5m0s'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Uninstall holds the configuration for Helm uninstall actions
// for this HelmRelease.
uninstall?: {
// DeletionPropagation specifies the deletion propagation policy
// when
// a Helm uninstall is performed.
deletionPropagation?: "background" | "foreground" | "orphan" | *"background"
// DisableHooks prevents hooks from running during the Helm
// rollback action.
disableHooks?: bool
// DisableWait disables waiting for all the resources to be
// deleted after
// a Helm uninstall is performed.
disableWait?: bool
// KeepHistory tells Helm to remove all associated resources and
// mark the
// release as deleted, but retain the release history.
keepHistory?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm uninstall
// action. Defaults
// to 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Upgrade holds the configuration for Helm upgrade actions for
// this HelmRelease.
upgrade?: {
// CleanupOnFail allows deletion of new resources created during
// the Helm
// upgrade action when it fails.
cleanupOnFail?: bool
// CRDs upgrade CRDs from the Helm Chart's crds directory
// according
// to the CRD upgrade policy provided here. Valid values are
// `Skip`,
// `Create` or `CreateReplace`. Default is `Skip` and if omitted
// CRDs are neither installed nor upgraded.
//
// Skip: do neither install nor replace (update) any CRDs.
//
// Create: new CRDs are created, existing CRDs are neither updated
// nor deleted.
//
// CreateReplace: new CRDs are created, existing CRDs are updated
// (replaced)
// but not deleted.
//
// By default, CRDs are not applied during Helm upgrade action.
// With this
// option users can opt-in to CRD upgrade, which is not (yet)
// natively supported by Helm.
// https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
crds?: "Skip" | "Create" | "CreateReplace"
// DisableHooks prevents hooks from running during the Helm
// upgrade action.
disableHooks?: bool
// DisableOpenAPIValidation prevents the Helm upgrade action from
// validating
// rendered templates against the Kubernetes OpenAPI Schema.
disableOpenAPIValidation?: bool
// DisableSchemaValidation prevents the Helm upgrade action from
// validating
// the values against the JSON Schema.
disableSchemaValidation?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// upgrade has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// upgrade has been performed.
disableWaitForJobs?: bool
// Force forces resource updates through a replacement strategy.
force?: bool
// PreserveValues will make Helm reuse the last release's values
// and merge in
// overrides from 'Values'. Setting this flag makes the
// HelmRelease
// non-declarative.
preserveValues?: bool
// Remediation holds the remediation configuration for when the
// Helm upgrade
// action for the HelmRelease fails. The default is to not perform
// any action.
remediation?: {
// IgnoreTestFailures tells the controller to skip remediation
// when the Helm
// tests are run after an upgrade action but fail.
// Defaults to 'Test.IgnoreFailures'.
ignoreTestFailures?: bool
// RemediateLastFailure tells the controller to remediate the last
// failure, when
// no retries remain. Defaults to 'false' unless 'Retries' is
// greater than 0.
remediateLastFailure?: bool
// Retries is the number of retries that should be attempted on
// failures before
// bailing. Remediation, using 'Strategy', is performed between
// each attempt.
// Defaults to '0', a negative integer equals to unlimited
// retries.
retries?: int
// Strategy to use for failure remediation. Defaults to
// 'rollback'.
strategy?: "rollback" | "uninstall"
}
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm upgrade
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Values holds the values for this Helm release.
values?: _
// ValuesFrom holds references to resources containing Helm values
// for this HelmRelease,
// and information about how they should be merged.
valuesFrom?: [...{
// Kind of the values referent, valid values are ('Secret',
// 'ConfigMap').
kind: "Secret" | "ConfigMap"
// Name of the values referent. Should reside in the same
// namespace as the
// referring resource.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Optional marks this ValuesReference as optional. When set, a
// not found error
// for the values reference is ignored, but any ValuesKey,
// TargetPath or
// transient error will still result in a reconciliation failure.
optional?: bool
// TargetPath is the YAML dot notation path the value should be
// merged at. When
// set, the ValuesKey is expected to be a single flat value.
// Defaults to 'None',
// which results in the values getting merged at the root.
targetPath?: strings.MaxRunes(250) & {
=~"^([a-zA-Z0-9_\\-.\\\\\\/]|\\[[0-9]{1,5}\\])+$"
}
// ValuesKey is the data key where the values.yaml or a specific
// value can be
// found at. Defaults to 'values.yaml'.
valuesKey?: strings.MaxRunes(253) & {
=~"^[\\-._a-zA-Z0-9]+$"
}
}]
}

825
internal/generate/platforms/cue.mod/gen/helm.toolkit.fluxcd.io/helmrelease/v2beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,825 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v2beta1
import "strings"
// HelmRelease is the Schema for the helmreleases API
#HelmRelease: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "helm.toolkit.fluxcd.io/v2beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "HelmRelease"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// HelmReleaseSpec defines the desired state of a Helm release.
spec!: #HelmReleaseSpec
}
// HelmReleaseSpec defines the desired state of a Helm release.
#HelmReleaseSpec: {
// Chart defines the template of the v1beta2.HelmChart that should
// be created
// for this HelmRelease.
chart: {
// ObjectMeta holds the template for metadata like labels and
// annotations.
metadata?: {
// Annotations is an unstructured key value map stored with a
// resource that may be
// set by external tools to store and retrieve arbitrary metadata.
// They are not
// queryable and should be preserved when modifying objects.
// More info:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
annotations?: {
[string]: string
}
// Map of string keys and values that can be used to organize and
// categorize
// (scope and select) objects.
// More info:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
labels?: {
[string]: string
}
}
// Spec holds the template for the v1beta2.HelmChartSpec for this
// HelmRelease.
spec: {
// The name or path the Helm chart is available at in the
// SourceRef.
chart: string
// Interval at which to check the v1beta2.Source for updates.
// Defaults to
// 'HelmReleaseSpec.Interval'.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Determines what enables the creation of a new artifact. Valid
// values are
// ('ChartVersion', 'Revision').
// See the documentation of the values for an explanation on their
// behavior.
// Defaults to ChartVersion when omitted.
reconcileStrategy?: "ChartVersion" | "Revision" | *"ChartVersion"
// The name and namespace of the v1beta2.Source the chart is
// available at.
sourceRef: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent.
kind: "HelmRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Namespace of the referent.
namespace?: strings.MaxRunes(63) & strings.MinRunes(1)
}
// Alternative values file to use as the default chart values,
// expected to
// be a relative path in the SourceRef. Deprecated in favor of
// ValuesFiles,
// for backwards compatibility the file defined here is merged
// before the
// ValuesFiles items. Ignored when omitted.
valuesFile?: string
// Alternative list of values files to use as the chart values
// (values.yaml
// is not included by default), expected to be a relative path in
// the SourceRef.
// Values files are merged in the order of this list with the last
// file overriding
// the first. Ignored when omitted.
valuesFiles?: [...string]
// Verify contains the secret name containing the trusted public
// keys
// used to verify the signature and specifies which provider to
// use to check
// whether OCI image is authentic.
// This field is only supported for OCI sources.
// Chart dependencies, which are not bundled in the umbrella chart
// artifact, are not verified.
verify?: {
// Provider specifies the technology used to sign the OCI Helm
// chart.
provider: "cosign" | *"cosign"
secretRef?: {
// Name of the referent.
name: string
}
}
// Version semver expression, ignored for charts from
// v1beta2.GitRepository and
// v1beta2.Bucket sources. Defaults to latest when omitted.
version?: string | *"*"
}
}
// ChartRef holds a reference to a source controller resource
// containing the
// Helm chart artifact.
//
// Note: this field is provisional to the v2 API, and not actively
// used
// by v2beta1 HelmReleases.
chartRef?: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent.
kind: "OCIRepository" | "HelmChart"
// Name of the referent.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Namespace of the referent, defaults to the namespace of the
// Kubernetes
// resource object that contains the reference.
namespace?: strings.MaxRunes(63) & strings.MinRunes(1)
}
// DependsOn may contain a meta.NamespacedObjectReference slice
// with
// references to HelmRelease resources that must be ready before
// this HelmRelease
// can be reconciled.
dependsOn?: [...{
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// DriftDetection holds the configuration for detecting and
// handling
// differences between the manifest in the Helm storage and the
// resources
// currently existing in the cluster.
//
// Note: this field is provisional to the v2beta2 API, and not
// actively used
// by v2beta1 HelmReleases.
driftDetection?: {
// Ignore contains a list of rules for specifying which changes to
// ignore
// during diffing.
ignore?: [...{
// Paths is a list of JSON Pointer (RFC 6901) paths to be excluded
// from
// consideration in a Kubernetes object.
paths: [...string]
// Target is a selector for specifying Kubernetes objects to which
// this
// rule applies.
// If Target is not set, the Paths will be ignored for all
// Kubernetes
// objects within the manifest of the Helm release.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Mode defines how differences should be handled between the Helm
// manifest
// and the manifest currently applied to the cluster.
// If not explicitly set, it defaults to DiffModeDisabled.
mode?: "enabled" | "warn" | "disabled"
}
// Install holds the configuration for Helm install actions for
// this HelmRelease.
install?: {
// CRDs upgrade CRDs from the Helm Chart's crds directory
// according
// to the CRD upgrade policy provided here. Valid values are
// `Skip`,
// `Create` or `CreateReplace`. Default is `Create` and if omitted
// CRDs are installed but not updated.
//
// Skip: do neither install nor replace (update) any CRDs.
//
// Create: new CRDs are created, existing CRDs are neither updated
// nor deleted.
//
// CreateReplace: new CRDs are created, existing CRDs are updated
// (replaced)
// but not deleted.
//
// By default, CRDs are applied (installed) during Helm install
// action.
// With this option users can opt-in to CRD replace existing CRDs
// on Helm
// install actions, which is not (yet) natively supported by Helm.
// https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
crds?: "Skip" | "Create" | "CreateReplace"
// CreateNamespace tells the Helm install action to create the
// HelmReleaseSpec.TargetNamespace if it does not exist yet.
// On uninstall, the namespace will not be garbage collected.
createNamespace?: bool
// DisableHooks prevents hooks from running during the Helm
// install action.
disableHooks?: bool
// DisableOpenAPIValidation prevents the Helm install action from
// validating
// rendered templates against the Kubernetes OpenAPI Schema.
disableOpenAPIValidation?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// install has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// install has been performed.
disableWaitForJobs?: bool
// Remediation holds the remediation configuration for when the
// Helm install
// action for the HelmRelease fails. The default is to not perform
// any action.
remediation?: {
// IgnoreTestFailures tells the controller to skip remediation
// when the Helm
// tests are run after an install action but fail. Defaults to
// 'Test.IgnoreFailures'.
ignoreTestFailures?: bool
// RemediateLastFailure tells the controller to remediate the last
// failure, when
// no retries remain. Defaults to 'false'.
remediateLastFailure?: bool
// Retries is the number of retries that should be attempted on
// failures before
// bailing. Remediation, using an uninstall, is performed between
// each attempt.
// Defaults to '0', a negative integer equals to unlimited
// retries.
retries?: int
}
// Replace tells the Helm install action to re-use the
// 'ReleaseName', but only
// if that name is a deleted release which remains in the history.
replace?: bool
// SkipCRDs tells the Helm install action to not install any CRDs.
// By default,
// CRDs are installed if not already present.
//
// Deprecated use CRD policy (`crds`) attribute with value `Skip`
// instead.
skipCRDs?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm install
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Interval at which to reconcile the Helm release.
// This interval is approximate and may be subject to jitter to
// ensure
// efficient use of resources.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
kubeConfig?: {
// SecretRef holds the name of a secret that contains a key with
// the kubeconfig file as the value. If no key is set, the key
// will default
// to 'value'.
// It is recommended that the kubeconfig is self-contained, and
// the secret
// is regularly updated if credentials such as a
// cloud-access-token expire.
// Cloud specific `cmd-path` auth helpers will not function
// without adding
// binaries and credentials to the Pod that is responsible for
// reconciling
// Kubernetes resources.
secretRef: {
// Key in the Secret, when not specified an
// implementation-specific default key is used.
key?: string
// Name of the Secret.
name: string
}
}
// MaxHistory is the number of revisions saved by Helm for this
// HelmRelease.
// Use '0' for an unlimited number of revisions; defaults to '10'.
maxHistory?: int
// PersistentClient tells the controller to use a persistent
// Kubernetes
// client for this release. When enabled, the client will be
// reused for the
// duration of the reconciliation, instead of being created and
// destroyed
// for each (step of a) Helm action.
//
// This can improve performance, but may cause issues with some
// Helm charts
// that for example do create Custom Resource Definitions during
// installation
// outside Helm's CRD lifecycle hooks, which are then not observed
// to be
// available by e.g. post-install hooks.
//
// If not set, it defaults to true.
persistentClient?: bool
// PostRenderers holds an array of Helm PostRenderers, which will
// be applied in order
// of their definition.
postRenderers?: [...{
// Kustomization to apply as PostRenderer.
kustomize?: {
// Images is a list of (image name, new name, new tag or digest)
// for changing image names, tags or digests. This can also be
// achieved with a
// patch, but this operator is simpler to specify.
images?: [...{
// Digest is the value used to replace the original image tag.
// If digest is present NewTag value is ignored.
digest?: string
// Name is a tag-less image name.
name: string
// NewName is the value used to replace the original name.
newName?: string
// NewTag is the value used to replace the original tag.
newTag?: string
}]
// Strategic merge and JSON patches, defined as inline YAML
// objects,
// capable of targeting objects based on kind, label and
// annotation selectors.
patches?: [...{
// Patch contains an inline StrategicMerge patch or an inline
// JSON6902 patch with
// an array of operation objects.
patch: string
// Target points to the resources that the patch document should
// be applied to.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// JSON 6902 patches, defined as inline YAML objects.
patchesJson6902?: [...{
// Patch contains the JSON6902 patch document with an array of
// operation objects.
patch: [...{
// From contains a JSON-pointer value that references a location
// within the target document where the operation is
// performed. The meaning of the value depends on the value of Op,
// and is NOT taken into account by all operations.
from?: string
// Op indicates the operation to perform. Its value MUST be one of
// "add", "remove", "replace", "move", "copy", or
// "test".
// https://datatracker.ietf.org/doc/html/rfc6902#section-4
op: "test" | "remove" | "add" | "replace" | "move" | "copy"
// Path contains the JSON-pointer value that references a location
// within the target document where the operation
// is performed. The meaning of the value depends on the value of
// Op.
path: string
// Value contains a valid JSON structure. The meaning of the value
// depends on the value of Op, and is NOT taken into
// account by all operations.
value?: _
}]
// Target points to the resources that the patch document should
// be applied to.
target: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Strategic merge patches, defined as inline YAML objects.
patchesStrategicMerge?: [...]
}
}]
// ReleaseName used for the Helm release. Defaults to a
// composition of
// '[TargetNamespace-]Name'.
releaseName?: strings.MaxRunes(53) & strings.MinRunes(1)
// Rollback holds the configuration for Helm rollback actions for
// this HelmRelease.
rollback?: {
// CleanupOnFail allows deletion of new resources created during
// the Helm
// rollback action when it fails.
cleanupOnFail?: bool
// DisableHooks prevents hooks from running during the Helm
// rollback action.
disableHooks?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// rollback has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// rollback has been performed.
disableWaitForJobs?: bool
// Force forces resource updates through a replacement strategy.
force?: bool
// Recreate performs pod restarts for the resource if applicable.
recreate?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm rollback
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// The name of the Kubernetes service account to impersonate
// when reconciling this HelmRelease.
serviceAccountName?: string
// StorageNamespace used for the Helm storage.
// Defaults to the namespace of the HelmRelease.
storageNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Suspend tells the controller to suspend reconciliation for this
// HelmRelease,
// it does not apply to already started reconciliations. Defaults
// to false.
suspend?: bool
// TargetNamespace to target when performing operations for the
// HelmRelease.
// Defaults to the namespace of the HelmRelease.
targetNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Test holds the configuration for Helm test actions for this
// HelmRelease.
test?: {
// Enable enables Helm test actions for this HelmRelease after an
// Helm install
// or upgrade action has been performed.
enable?: bool
// IgnoreFailures tells the controller to skip remediation when
// the Helm tests
// are run but fail. Can be overwritten for tests run after
// install or upgrade
// actions in 'Install.IgnoreTestFailures' and
// 'Upgrade.IgnoreTestFailures'.
ignoreFailures?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation during
// the performance of a Helm test action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Timeout is the time to wait for any individual Kubernetes
// operation (like Jobs
// for hooks) during the performance of a Helm action. Defaults to
// '5m0s'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Uninstall holds the configuration for Helm uninstall actions
// for this HelmRelease.
uninstall?: {
// DeletionPropagation specifies the deletion propagation policy
// when
// a Helm uninstall is performed.
deletionPropagation?: "background" | "foreground" | "orphan" | *"background"
// DisableHooks prevents hooks from running during the Helm
// rollback action.
disableHooks?: bool
// DisableWait disables waiting for all the resources to be
// deleted after
// a Helm uninstall is performed.
disableWait?: bool
// KeepHistory tells Helm to remove all associated resources and
// mark the
// release as deleted, but retain the release history.
keepHistory?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm uninstall
// action. Defaults
// to 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Upgrade holds the configuration for Helm upgrade actions for
// this HelmRelease.
upgrade?: {
// CleanupOnFail allows deletion of new resources created during
// the Helm
// upgrade action when it fails.
cleanupOnFail?: bool
// CRDs upgrade CRDs from the Helm Chart's crds directory
// according
// to the CRD upgrade policy provided here. Valid values are
// `Skip`,
// `Create` or `CreateReplace`. Default is `Skip` and if omitted
// CRDs are neither installed nor upgraded.
//
// Skip: do neither install nor replace (update) any CRDs.
//
// Create: new CRDs are created, existing CRDs are neither updated
// nor deleted.
//
// CreateReplace: new CRDs are created, existing CRDs are updated
// (replaced)
// but not deleted.
//
// By default, CRDs are not applied during Helm upgrade action.
// With this
// option users can opt-in to CRD upgrade, which is not (yet)
// natively supported by Helm.
// https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
crds?: "Skip" | "Create" | "CreateReplace"
// DisableHooks prevents hooks from running during the Helm
// upgrade action.
disableHooks?: bool
// DisableOpenAPIValidation prevents the Helm upgrade action from
// validating
// rendered templates against the Kubernetes OpenAPI Schema.
disableOpenAPIValidation?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// upgrade has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// upgrade has been performed.
disableWaitForJobs?: bool
// Force forces resource updates through a replacement strategy.
force?: bool
// PreserveValues will make Helm reuse the last release's values
// and merge in
// overrides from 'Values'. Setting this flag makes the
// HelmRelease
// non-declarative.
preserveValues?: bool
// Remediation holds the remediation configuration for when the
// Helm upgrade
// action for the HelmRelease fails. The default is to not perform
// any action.
remediation?: {
// IgnoreTestFailures tells the controller to skip remediation
// when the Helm
// tests are run after an upgrade action but fail.
// Defaults to 'Test.IgnoreFailures'.
ignoreTestFailures?: bool
// RemediateLastFailure tells the controller to remediate the last
// failure, when
// no retries remain. Defaults to 'false' unless 'Retries' is
// greater than 0.
remediateLastFailure?: bool
// Retries is the number of retries that should be attempted on
// failures before
// bailing. Remediation, using 'Strategy', is performed between
// each attempt.
// Defaults to '0', a negative integer equals to unlimited
// retries.
retries?: int
// Strategy to use for failure remediation. Defaults to
// 'rollback'.
strategy?: "rollback" | "uninstall"
}
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm upgrade
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Values holds the values for this Helm release.
values?: _
// ValuesFrom holds references to resources containing Helm values
// for this HelmRelease,
// and information about how they should be merged.
valuesFrom?: [...{
// Kind of the values referent, valid values are ('Secret',
// 'ConfigMap').
kind: "Secret" | "ConfigMap"
// Name of the values referent. Should reside in the same
// namespace as the
// referring resource.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Optional marks this ValuesReference as optional. When set, a
// not found error
// for the values reference is ignored, but any ValuesKey,
// TargetPath or
// transient error will still result in a reconciliation failure.
optional?: bool
// TargetPath is the YAML dot notation path the value should be
// merged at. When
// set, the ValuesKey is expected to be a single flat value.
// Defaults to 'None',
// which results in the values getting merged at the root.
targetPath?: strings.MaxRunes(250) & {
=~"^([a-zA-Z0-9_\\-.\\\\\\/]|\\[[0-9]{1,5}\\])+$"
}
// ValuesKey is the data key where the values.yaml or a specific
// value can be
// found at. Defaults to 'values.yaml'.
// When set, must be a valid Data Key, consisting of alphanumeric
// characters,
// '-', '_' or '.'.
valuesKey?: strings.MaxRunes(253) & {
=~"^[\\-._a-zA-Z0-9]+$"
}
}]
}

831
internal/generate/platforms/cue.mod/gen/helm.toolkit.fluxcd.io/helmrelease/v2beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,831 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v2beta2
import "strings"
// HelmRelease is the Schema for the helmreleases API
#HelmRelease: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "helm.toolkit.fluxcd.io/v2beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "HelmRelease"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// HelmReleaseSpec defines the desired state of a Helm release.
spec!: #HelmReleaseSpec
}
// HelmReleaseSpec defines the desired state of a Helm release.
#HelmReleaseSpec: {
// Chart defines the template of the v1beta2.HelmChart that should
// be created
// for this HelmRelease.
chart?: {
// ObjectMeta holds the template for metadata like labels and
// annotations.
metadata?: {
// Annotations is an unstructured key value map stored with a
// resource that may be
// set by external tools to store and retrieve arbitrary metadata.
// They are not
// queryable and should be preserved when modifying objects.
// More info:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
annotations?: {
[string]: string
}
// Map of string keys and values that can be used to organize and
// categorize
// (scope and select) objects.
// More info:
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
labels?: {
[string]: string
}
}
// Spec holds the template for the v1beta2.HelmChartSpec for this
// HelmRelease.
spec: {
// The name or path the Helm chart is available at in the
// SourceRef.
chart: strings.MaxRunes(2048) & strings.MinRunes(1)
// IgnoreMissingValuesFiles controls whether to silently ignore
// missing values files rather than failing.
ignoreMissingValuesFiles?: bool
// Interval at which to check the v1.Source for updates. Defaults
// to
// 'HelmReleaseSpec.Interval'.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Determines what enables the creation of a new artifact. Valid
// values are
// ('ChartVersion', 'Revision').
// See the documentation of the values for an explanation on their
// behavior.
// Defaults to ChartVersion when omitted.
reconcileStrategy?: "ChartVersion" | "Revision" | *"ChartVersion"
// The name and namespace of the v1.Source the chart is available
// at.
sourceRef: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent.
kind: "HelmRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Namespace of the referent.
namespace?: strings.MaxRunes(63) & strings.MinRunes(1)
}
// Alternative values file to use as the default chart values,
// expected to
// be a relative path in the SourceRef. Deprecated in favor of
// ValuesFiles,
// for backwards compatibility the file defined here is merged
// before the
// ValuesFiles items. Ignored when omitted.
valuesFile?: string
// Alternative list of values files to use as the chart values
// (values.yaml
// is not included by default), expected to be a relative path in
// the SourceRef.
// Values files are merged in the order of this list with the last
// file overriding
// the first. Ignored when omitted.
valuesFiles?: [...string]
// Verify contains the secret name containing the trusted public
// keys
// used to verify the signature and specifies which provider to
// use to check
// whether OCI image is authentic.
// This field is only supported for OCI sources.
// Chart dependencies, which are not bundled in the umbrella chart
// artifact,
// are not verified.
verify?: {
// Provider specifies the technology used to sign the OCI Helm
// chart.
provider: "cosign" | "notation" | *"cosign"
secretRef?: {
// Name of the referent.
name: string
}
}
// Version semver expression, ignored for charts from
// v1beta2.GitRepository and
// v1beta2.Bucket sources. Defaults to latest when omitted.
version?: string | *"*"
}
}
// ChartRef holds a reference to a source controller resource
// containing the
// Helm chart artifact.
//
// Note: this field is provisional to the v2 API, and not actively
// used
// by v2beta2 HelmReleases.
chartRef?: {
// APIVersion of the referent.
apiVersion?: string
// Kind of the referent.
kind: "OCIRepository" | "HelmChart"
// Name of the referent.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Namespace of the referent, defaults to the namespace of the
// Kubernetes
// resource object that contains the reference.
namespace?: strings.MaxRunes(63) & strings.MinRunes(1)
}
// DependsOn may contain a meta.NamespacedObjectReference slice
// with
// references to HelmRelease resources that must be ready before
// this HelmRelease
// can be reconciled.
dependsOn?: [...{
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// DriftDetection holds the configuration for detecting and
// handling
// differences between the manifest in the Helm storage and the
// resources
// currently existing in the cluster.
driftDetection?: {
// Ignore contains a list of rules for specifying which changes to
// ignore
// during diffing.
ignore?: [...{
// Paths is a list of JSON Pointer (RFC 6901) paths to be excluded
// from
// consideration in a Kubernetes object.
paths: [...string]
// Target is a selector for specifying Kubernetes objects to which
// this
// rule applies.
// If Target is not set, the Paths will be ignored for all
// Kubernetes
// objects within the manifest of the Helm release.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Mode defines how differences should be handled between the Helm
// manifest
// and the manifest currently applied to the cluster.
// If not explicitly set, it defaults to DiffModeDisabled.
mode?: "enabled" | "warn" | "disabled"
}
// Install holds the configuration for Helm install actions for
// this HelmRelease.
install?: {
// CRDs upgrade CRDs from the Helm Chart's crds directory
// according
// to the CRD upgrade policy provided here. Valid values are
// `Skip`,
// `Create` or `CreateReplace`. Default is `Create` and if omitted
// CRDs are installed but not updated.
//
// Skip: do neither install nor replace (update) any CRDs.
//
// Create: new CRDs are created, existing CRDs are neither updated
// nor deleted.
//
// CreateReplace: new CRDs are created, existing CRDs are updated
// (replaced)
// but not deleted.
//
// By default, CRDs are applied (installed) during Helm install
// action.
// With this option users can opt in to CRD replace existing CRDs
// on Helm
// install actions, which is not (yet) natively supported by Helm.
// https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
crds?: "Skip" | "Create" | "CreateReplace"
// CreateNamespace tells the Helm install action to create the
// HelmReleaseSpec.TargetNamespace if it does not exist yet.
// On uninstall, the namespace will not be garbage collected.
createNamespace?: bool
// DisableHooks prevents hooks from running during the Helm
// install action.
disableHooks?: bool
// DisableOpenAPIValidation prevents the Helm install action from
// validating
// rendered templates against the Kubernetes OpenAPI Schema.
disableOpenAPIValidation?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// install has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// install has been performed.
disableWaitForJobs?: bool
// Remediation holds the remediation configuration for when the
// Helm install
// action for the HelmRelease fails. The default is to not perform
// any action.
remediation?: {
// IgnoreTestFailures tells the controller to skip remediation
// when the Helm
// tests are run after an install action but fail. Defaults to
// 'Test.IgnoreFailures'.
ignoreTestFailures?: bool
// RemediateLastFailure tells the controller to remediate the last
// failure, when
// no retries remain. Defaults to 'false'.
remediateLastFailure?: bool
// Retries is the number of retries that should be attempted on
// failures before
// bailing. Remediation, using an uninstall, is performed between
// each attempt.
// Defaults to '0', a negative integer equals to unlimited
// retries.
retries?: int
}
// Replace tells the Helm install action to re-use the
// 'ReleaseName', but only
// if that name is a deleted release which remains in the history.
replace?: bool
// SkipCRDs tells the Helm install action to not install any CRDs.
// By default,
// CRDs are installed if not already present.
//
// Deprecated use CRD policy (`crds`) attribute with value `Skip`
// instead.
skipCRDs?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm install
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Interval at which to reconcile the Helm release.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
kubeConfig?: {
// SecretRef holds the name of a secret that contains a key with
// the kubeconfig file as the value. If no key is set, the key
// will default
// to 'value'.
// It is recommended that the kubeconfig is self-contained, and
// the secret
// is regularly updated if credentials such as a
// cloud-access-token expire.
// Cloud specific `cmd-path` auth helpers will not function
// without adding
// binaries and credentials to the Pod that is responsible for
// reconciling
// Kubernetes resources.
secretRef: {
// Key in the Secret, when not specified an
// implementation-specific default key is used.
key?: string
// Name of the Secret.
name: string
}
}
// MaxHistory is the number of revisions saved by Helm for this
// HelmRelease.
// Use '0' for an unlimited number of revisions; defaults to '5'.
maxHistory?: int
// PersistentClient tells the controller to use a persistent
// Kubernetes
// client for this release. When enabled, the client will be
// reused for the
// duration of the reconciliation, instead of being created and
// destroyed
// for each (step of a) Helm action.
//
// This can improve performance, but may cause issues with some
// Helm charts
// that for example do create Custom Resource Definitions during
// installation
// outside Helm's CRD lifecycle hooks, which are then not observed
// to be
// available by e.g. post-install hooks.
//
// If not set, it defaults to true.
persistentClient?: bool
// PostRenderers holds an array of Helm PostRenderers, which will
// be applied in order
// of their definition.
postRenderers?: [...{
// Kustomization to apply as PostRenderer.
kustomize?: {
// Images is a list of (image name, new name, new tag or digest)
// for changing image names, tags or digests. This can also be
// achieved with a
// patch, but this operator is simpler to specify.
images?: [...{
// Digest is the value used to replace the original image tag.
// If digest is present NewTag value is ignored.
digest?: string
// Name is a tag-less image name.
name: string
// NewName is the value used to replace the original name.
newName?: string
// NewTag is the value used to replace the original tag.
newTag?: string
}]
// Strategic merge and JSON patches, defined as inline YAML
// objects,
// capable of targeting objects based on kind, label and
// annotation selectors.
patches?: [...{
// Patch contains an inline StrategicMerge patch or an inline
// JSON6902 patch with
// an array of operation objects.
patch: string
// Target points to the resources that the patch document should
// be applied to.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// JSON 6902 patches, defined as inline YAML objects.
// Deprecated: use Patches instead.
patchesJson6902?: [...{
// Patch contains the JSON6902 patch document with an array of
// operation objects.
patch: [...{
// From contains a JSON-pointer value that references a location
// within the target document where the operation is
// performed. The meaning of the value depends on the value of Op,
// and is NOT taken into account by all operations.
from?: string
// Op indicates the operation to perform. Its value MUST be one of
// "add", "remove", "replace", "move", "copy", or
// "test".
// https://datatracker.ietf.org/doc/html/rfc6902#section-4
op: "test" | "remove" | "add" | "replace" | "move" | "copy"
// Path contains the JSON-pointer value that references a location
// within the target document where the operation
// is performed. The meaning of the value depends on the value of
// Op.
path: string
// Value contains a valid JSON structure. The meaning of the value
// depends on the value of Op, and is NOT taken into
// account by all operations.
value?: _
}]
// Target points to the resources that the patch document should
// be applied to.
target: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Strategic merge patches, defined as inline YAML objects.
// Deprecated: use Patches instead.
patchesStrategicMerge?: [...]
}
}]
// ReleaseName used for the Helm release. Defaults to a
// composition of
// '[TargetNamespace-]Name'.
releaseName?: strings.MaxRunes(53) & strings.MinRunes(1)
// Rollback holds the configuration for Helm rollback actions for
// this HelmRelease.
rollback?: {
// CleanupOnFail allows deletion of new resources created during
// the Helm
// rollback action when it fails.
cleanupOnFail?: bool
// DisableHooks prevents hooks from running during the Helm
// rollback action.
disableHooks?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// rollback has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// rollback has been performed.
disableWaitForJobs?: bool
// Force forces resource updates through a replacement strategy.
force?: bool
// Recreate performs pod restarts for the resource if applicable.
recreate?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm rollback
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// The name of the Kubernetes service account to impersonate
// when reconciling this HelmRelease.
serviceAccountName?: strings.MaxRunes(253) & strings.MinRunes(1)
// StorageNamespace used for the Helm storage.
// Defaults to the namespace of the HelmRelease.
storageNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Suspend tells the controller to suspend reconciliation for this
// HelmRelease,
// it does not apply to already started reconciliations. Defaults
// to false.
suspend?: bool
// TargetNamespace to target when performing operations for the
// HelmRelease.
// Defaults to the namespace of the HelmRelease.
targetNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Test holds the configuration for Helm test actions for this
// HelmRelease.
test?: {
// Enable enables Helm test actions for this HelmRelease after an
// Helm install
// or upgrade action has been performed.
enable?: bool
// Filters is a list of tests to run or exclude from running.
filters?: [...{
// Exclude specifies whether the named test should be excluded.
exclude?: bool
// Name is the name of the test.
name: strings.MaxRunes(253) & strings.MinRunes(1)
}]
// IgnoreFailures tells the controller to skip remediation when
// the Helm tests
// are run but fail. Can be overwritten for tests run after
// install or upgrade
// actions in 'Install.IgnoreTestFailures' and
// 'Upgrade.IgnoreTestFailures'.
ignoreFailures?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation during
// the performance of a Helm test action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Timeout is the time to wait for any individual Kubernetes
// operation (like Jobs
// for hooks) during the performance of a Helm action. Defaults to
// '5m0s'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Uninstall holds the configuration for Helm uninstall actions
// for this HelmRelease.
uninstall?: {
// DeletionPropagation specifies the deletion propagation policy
// when
// a Helm uninstall is performed.
deletionPropagation?: "background" | "foreground" | "orphan" | *"background"
// DisableHooks prevents hooks from running during the Helm
// rollback action.
disableHooks?: bool
// DisableWait disables waiting for all the resources to be
// deleted after
// a Helm uninstall is performed.
disableWait?: bool
// KeepHistory tells Helm to remove all associated resources and
// mark the
// release as deleted, but retain the release history.
keepHistory?: bool
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm uninstall
// action. Defaults
// to 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Upgrade holds the configuration for Helm upgrade actions for
// this HelmRelease.
upgrade?: {
// CleanupOnFail allows deletion of new resources created during
// the Helm
// upgrade action when it fails.
cleanupOnFail?: bool
// CRDs upgrade CRDs from the Helm Chart's crds directory
// according
// to the CRD upgrade policy provided here. Valid values are
// `Skip`,
// `Create` or `CreateReplace`. Default is `Skip` and if omitted
// CRDs are neither installed nor upgraded.
//
// Skip: do neither install nor replace (update) any CRDs.
//
// Create: new CRDs are created, existing CRDs are neither updated
// nor deleted.
//
// CreateReplace: new CRDs are created, existing CRDs are updated
// (replaced)
// but not deleted.
//
// By default, CRDs are not applied during Helm upgrade action.
// With this
// option users can opt-in to CRD upgrade, which is not (yet)
// natively supported by Helm.
// https://helm.sh/docs/chart_best_practices/custom_resource_definitions.
crds?: "Skip" | "Create" | "CreateReplace"
// DisableHooks prevents hooks from running during the Helm
// upgrade action.
disableHooks?: bool
// DisableOpenAPIValidation prevents the Helm upgrade action from
// validating
// rendered templates against the Kubernetes OpenAPI Schema.
disableOpenAPIValidation?: bool
// DisableWait disables the waiting for resources to be ready
// after a Helm
// upgrade has been performed.
disableWait?: bool
// DisableWaitForJobs disables waiting for jobs to complete after
// a Helm
// upgrade has been performed.
disableWaitForJobs?: bool
// Force forces resource updates through a replacement strategy.
force?: bool
// PreserveValues will make Helm reuse the last release's values
// and merge in
// overrides from 'Values'. Setting this flag makes the
// HelmRelease
// non-declarative.
preserveValues?: bool
// Remediation holds the remediation configuration for when the
// Helm upgrade
// action for the HelmRelease fails. The default is to not perform
// any action.
remediation?: {
// IgnoreTestFailures tells the controller to skip remediation
// when the Helm
// tests are run after an upgrade action but fail.
// Defaults to 'Test.IgnoreFailures'.
ignoreTestFailures?: bool
// RemediateLastFailure tells the controller to remediate the last
// failure, when
// no retries remain. Defaults to 'false' unless 'Retries' is
// greater than 0.
remediateLastFailure?: bool
// Retries is the number of retries that should be attempted on
// failures before
// bailing. Remediation, using 'Strategy', is performed between
// each attempt.
// Defaults to '0', a negative integer equals to unlimited
// retries.
retries?: int
// Strategy to use for failure remediation. Defaults to
// 'rollback'.
strategy?: "rollback" | "uninstall"
}
// Timeout is the time to wait for any individual Kubernetes
// operation (like
// Jobs for hooks) during the performance of a Helm upgrade
// action. Defaults to
// 'HelmReleaseSpec.Timeout'.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
}
// Values holds the values for this Helm release.
values?: _
// ValuesFrom holds references to resources containing Helm values
// for this HelmRelease,
// and information about how they should be merged.
valuesFrom?: [...{
// Kind of the values referent, valid values are ('Secret',
// 'ConfigMap').
kind: "Secret" | "ConfigMap"
// Name of the values referent. Should reside in the same
// namespace as the
// referring resource.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Optional marks this ValuesReference as optional. When set, a
// not found error
// for the values reference is ignored, but any ValuesKey,
// TargetPath or
// transient error will still result in a reconciliation failure.
optional?: bool
// TargetPath is the YAML dot notation path the value should be
// merged at. When
// set, the ValuesKey is expected to be a single flat value.
// Defaults to 'None',
// which results in the values getting merged at the root.
targetPath?: strings.MaxRunes(250) & {
=~"^([a-zA-Z0-9_\\-.\\\\\\/]|\\[[0-9]{1,5}\\])+$"
}
// ValuesKey is the data key where the values.yaml or a specific
// value can be
// found at. Defaults to 'values.yaml'.
valuesKey?: strings.MaxRunes(253) & {
=~"^[\\-._a-zA-Z0-9]+$"
}
}]
}

105
internal/generate/platforms/cue.mod/gen/image.toolkit.fluxcd.io/imagepolicy/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,105 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// ImagePolicy is the Schema for the imagepolicies API
#ImagePolicy: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "image.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "ImagePolicy"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ImagePolicySpec defines the parameters for calculating the
// ImagePolicy
spec!: #ImagePolicySpec
}
// ImagePolicySpec defines the parameters for calculating the
// ImagePolicy
#ImagePolicySpec: {
// FilterTags enables filtering for only a subset of tags based on
// a set of
// rules. If no rules are provided, all the tags from the
// repository will be
// ordered and compared.
filterTags?: {
// Extract allows a capture group to be extracted from the
// specified regular
// expression pattern, useful before tag evaluation.
extract?: string
// Pattern specifies a regular expression pattern used to filter
// for image
// tags.
pattern?: string
}
// ImageRepositoryRef points at the object specifying the image
// being scanned
imageRepositoryRef: {
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}
// Policy gives the particulars of the policy to be followed in
// selecting the most recent image
policy: {
alphabetical?: {
// Order specifies the sorting order of the tags. Given the
// letters of the
// alphabet as tags, ascending order would select Z, and
// descending order
// would select A.
order?: "asc" | "desc" | *"asc"
}
numerical?: {
// Order specifies the sorting order of the tags. Given the
// integer values
// from 0 to 9 as tags, ascending order would select 9, and
// descending order
// would select 0.
order?: "asc" | "desc" | *"asc"
}
semver?: {
// Range gives a semver range for the image tag; the highest
// version within the range that's a tag yields the latest image.
range: string
}
}
}

105
internal/generate/platforms/cue.mod/gen/image.toolkit.fluxcd.io/imagepolicy/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,105 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// ImagePolicy is the Schema for the imagepolicies API
#ImagePolicy: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "image.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "ImagePolicy"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ImagePolicySpec defines the parameters for calculating the
// ImagePolicy.
spec!: #ImagePolicySpec
}
// ImagePolicySpec defines the parameters for calculating the
// ImagePolicy.
#ImagePolicySpec: {
// FilterTags enables filtering for only a subset of tags based on
// a set of
// rules. If no rules are provided, all the tags from the
// repository will be
// ordered and compared.
filterTags?: {
// Extract allows a capture group to be extracted from the
// specified regular
// expression pattern, useful before tag evaluation.
extract?: string
// Pattern specifies a regular expression pattern used to filter
// for image
// tags.
pattern?: string
}
// ImageRepositoryRef points at the object specifying the image
// being scanned
imageRepositoryRef: {
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}
// Policy gives the particulars of the policy to be followed in
// selecting the most recent image
policy: {
alphabetical?: {
// Order specifies the sorting order of the tags. Given the
// letters of the
// alphabet as tags, ascending order would select Z, and
// descending order
// would select A.
order?: "asc" | "desc" | *"asc"
}
numerical?: {
// Order specifies the sorting order of the tags. Given the
// integer values
// from 0 to 9 as tags, ascending order would select 9, and
// descending order
// would select 0.
order?: "asc" | "desc" | *"asc"
}
semver?: {
// Range gives a semver range for the image tag; the highest
// version within the range that's a tag yields the latest image.
range: string
}
}
}

105
internal/generate/platforms/cue.mod/gen/image.toolkit.fluxcd.io/imagerepository/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,105 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// ImageRepository is the Schema for the imagerepositories API
#ImageRepository: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "image.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "ImageRepository"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ImageRepositorySpec defines the parameters for scanning an
// image
// repository, e.g., `fluxcd/flux`.
spec!: #ImageRepositorySpec
}
// ImageRepositorySpec defines the parameters for scanning an
// image
// repository, e.g., `fluxcd/flux`.
#ImageRepositorySpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
certSecretRef?: {
// Name of the referent.
name: string
}
// ExclusionList is a list of regex strings used to exclude
// certain tags
// from being stored in the database.
exclusionList?: [...string]
// Image is the name of the image repository
image: string
// Interval is the length of time to wait between
// scans of the image repository.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
secretRef?: {
// Name of the referent.
name: string
}
// ServiceAccountName is the name of the Kubernetes ServiceAccount
// used to authenticate
// the image pull if the service account has attached pull
// secrets.
serviceAccountName?: strings.MaxRunes(253)
// This flag tells the controller to suspend subsequent image
// scans.
// It does not apply to already started scans. Defaults to false.
suspend?: bool
// Timeout for image scanning.
// Defaults to 'Interval' duration.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
}

121
internal/generate/platforms/cue.mod/gen/image.toolkit.fluxcd.io/imagerepository/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,121 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import (
"strings"
"list"
)
// ImageRepository is the Schema for the imagerepositories API
#ImageRepository: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "image.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "ImageRepository"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ImageRepositorySpec defines the parameters for scanning an
// image
// repository, e.g., `fluxcd/flux`.
spec!: #ImageRepositorySpec
}
// ImageRepositorySpec defines the parameters for scanning an
// image
// repository, e.g., `fluxcd/flux`.
#ImageRepositorySpec: {
accessFrom?: {
// NamespaceSelectors is the list of namespace selectors to which
// this ACL applies.
// Items in this list are evaluated using a logical OR operation.
namespaceSelectors: [...{
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}]
}
certSecretRef?: {
// Name of the referent.
name: string
}
// ExclusionList is a list of regex strings used to exclude
// certain tags
// from being stored in the database.
exclusionList?: list.MaxItems(25) & [...string] | *["^.*\\.sig$"]
// Image is the name of the image repository
image: string
// Insecure allows connecting to a non-TLS HTTP container
// registry.
insecure?: bool
// Interval is the length of time to wait between
// scans of the image repository.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// The provider used for authentication, can be 'aws', 'azure',
// 'gcp' or 'generic'.
// When not specified, defaults to 'generic'.
provider?: "generic" | "aws" | "azure" | "gcp" | *"generic"
proxySecretRef?: {
// Name of the referent.
name: string
}
secretRef?: {
// Name of the referent.
name: string
}
// ServiceAccountName is the name of the Kubernetes ServiceAccount
// used to authenticate
// the image pull if the service account has attached pull
// secrets.
serviceAccountName?: strings.MaxRunes(253)
// This flag tells the controller to suspend subsequent image
// scans.
// It does not apply to already started scans. Defaults to false.
suspend?: bool
// Timeout for image scanning.
// Defaults to 'Interval' duration.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
}

179
internal/generate/platforms/cue.mod/gen/image.toolkit.fluxcd.io/imageupdateautomation/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,179 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// ImageUpdateAutomation is the Schema for the
// imageupdateautomations API
#ImageUpdateAutomation: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "image.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "ImageUpdateAutomation"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ImageUpdateAutomationSpec defines the desired state of
// ImageUpdateAutomation
spec!: #ImageUpdateAutomationSpec
}
// ImageUpdateAutomationSpec defines the desired state of
// ImageUpdateAutomation
#ImageUpdateAutomationSpec: {
// GitSpec contains all the git-specific definitions. This is
// technically optional, but in practice mandatory until there are
// other kinds of source allowed.
git?: {
checkout?: {
// Reference gives a branch, tag or commit to clone from the Git
// repository.
ref: {
// Branch to check out, defaults to 'master' if no other field is
// defined.
branch?: string
// Commit SHA to check out, takes precedence over all reference
// fields.
//
// This can be combined with Branch to shallow clone the branch,
// in which
// the commit is expected to exist.
commit?: string
// Name of the reference to check out; takes precedence over
// Branch, Tag and SemVer.
//
// It must be a valid Git reference:
// https://git-scm.com/docs/git-check-ref-format#_description
// Examples: "refs/heads/main", "refs/tags/v0.1.0",
// "refs/pull/420/head", "refs/merge-requests/1/head"
name?: string
// SemVer tag expression to check out, takes precedence over Tag.
semver?: string
// Tag to check out, takes precedence over Branch.
tag?: string
}
}
// Commit specifies how to commit to the git repository.
commit: {
// Author gives the email and optionally the name to use as the
// author of commits.
author: {
// Email gives the email to provide when making a commit.
email: string
// Name gives the name to provide when making a commit.
name?: string
}
// MessageTemplate provides a template for the commit message,
// into which will be interpolated the details of the change made.
messageTemplate?: string
signingKey?: {
secretRef: {
// Name of the referent.
name: string
}
}
}
// Push specifies how and where to push commits made by the
// automation. If missing, commits are pushed (back) to
// `.spec.checkout.branch` or its default.
push?: {
// Branch specifies that commits should be pushed to the branch
// named. The branch is created using `.spec.checkout.branch` as
// the
// starting point, if it doesn't already exist.
branch?: string
// Options specifies the push options that are sent to the Git
// server when performing a push operation. For details, see:
// https://git-scm.com/docs/git-push#Documentation/git-push.txt---push-optionltoptiongt
options?: {
[string]: string
}
// Refspec specifies the Git Refspec to use for a push operation.
// If both Branch and Refspec are provided, then the commit is
// pushed
// to the branch and also using the specified refspec.
// For more details about Git Refspecs, see:
// https://git-scm.com/book/en/v2/Git-Internals-The-Refspec
refspec?: string
}
}
// Interval gives an lower bound for how often the automation
// run should be attempted.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// SourceRef refers to the resource giving access details
// to a git repository.
sourceRef: {
// API version of the referent.
apiVersion?: string
// Kind of the referent.
kind: "GitRepository" | *"GitRepository"
// Name of the referent.
name: string
// Namespace of the referent, defaults to the namespace of the
// Kubernetes resource object that contains the reference.
namespace?: string
}
// Suspend tells the controller to not run this automation, until
// it is unset (or set to false). Defaults to false.
suspend?: bool
// Update gives the specification for how to update the files in
// the repository. This can be left empty, to use the default
// value.
update?: {
// Path to the directory containing the manifests to be updated.
// Defaults to 'None', which translates to the root path
// of the GitRepositoryRef.
path?: string
// Strategy names the strategy to be used.
strategy: "Setters" | *"Setters"
} | *{
strategy: "Setters"
}
}

214
internal/generate/platforms/cue.mod/gen/image.toolkit.fluxcd.io/imageupdateautomation/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,214 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// ImageUpdateAutomation is the Schema for the
// imageupdateautomations API
#ImageUpdateAutomation: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "image.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "ImageUpdateAutomation"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ImageUpdateAutomationSpec defines the desired state of
// ImageUpdateAutomation
spec!: #ImageUpdateAutomationSpec
}
// ImageUpdateAutomationSpec defines the desired state of
// ImageUpdateAutomation
#ImageUpdateAutomationSpec: {
// GitSpec contains all the git-specific definitions. This is
// technically optional, but in practice mandatory until there are
// other kinds of source allowed.
git?: {
checkout?: {
// Reference gives a branch, tag or commit to clone from the Git
// repository.
ref: {
// Branch to check out, defaults to 'master' if no other field is
// defined.
branch?: string
// Commit SHA to check out, takes precedence over all reference
// fields.
//
// This can be combined with Branch to shallow clone the branch,
// in which
// the commit is expected to exist.
commit?: string
// Name of the reference to check out; takes precedence over
// Branch, Tag and SemVer.
//
// It must be a valid Git reference:
// https://git-scm.com/docs/git-check-ref-format#_description
// Examples: "refs/heads/main", "refs/tags/v0.1.0",
// "refs/pull/420/head", "refs/merge-requests/1/head"
name?: string
// SemVer tag expression to check out, takes precedence over Tag.
semver?: string
// Tag to check out, takes precedence over Branch.
tag?: string
}
}
// Commit specifies how to commit to the git repository.
commit: {
// Author gives the email and optionally the name to use as the
// author of commits.
author: {
// Email gives the email to provide when making a commit.
email: string
// Name gives the name to provide when making a commit.
name?: string
}
// MessageTemplate provides a template for the commit message,
// into which will be interpolated the details of the change made.
messageTemplate?: string
signingKey?: {
secretRef: {
// Name of the referent.
name: string
}
}
}
// Push specifies how and where to push commits made by the
// automation. If missing, commits are pushed (back) to
// `.spec.checkout.branch` or its default.
push?: {
// Branch specifies that commits should be pushed to the branch
// named. The branch is created using `.spec.checkout.branch` as
// the
// starting point, if it doesn't already exist.
branch?: string
// Options specifies the push options that are sent to the Git
// server when performing a push operation. For details, see:
// https://git-scm.com/docs/git-push#Documentation/git-push.txt---push-optionltoptiongt
options?: {
[string]: string
}
// Refspec specifies the Git Refspec to use for a push operation.
// If both Branch and Refspec are provided, then the commit is
// pushed
// to the branch and also using the specified refspec.
// For more details about Git Refspecs, see:
// https://git-scm.com/book/en/v2/Git-Internals-The-Refspec
refspec?: string
}
}
// Interval gives an lower bound for how often the automation
// run should be attempted.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// PolicySelector allows to filter applied policies based on
// labels.
// By default includes all policies in namespace.
policySelector?: {
// matchExpressions is a list of label selector requirements. The
// requirements are ANDed.
matchExpressions?: [...{
// key is the label key that the selector applies to.
key: string
// operator represents a key's relationship to a set of values.
// Valid operators are In, NotIn, Exists and DoesNotExist.
operator: string
// values is an array of string values. If the operator is In or
// NotIn,
// the values array must be non-empty. If the operator is Exists
// or DoesNotExist,
// the values array must be empty. This array is replaced during a
// strategic
// merge patch.
values?: [...string]
}]
// matchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
}
// SourceRef refers to the resource giving access details
// to a git repository.
sourceRef: {
// API version of the referent.
apiVersion?: string
// Kind of the referent.
kind: "GitRepository" | *"GitRepository"
// Name of the referent.
name: string
// Namespace of the referent, defaults to the namespace of the
// Kubernetes resource object that contains the reference.
namespace?: string
}
// Suspend tells the controller to not run this automation, until
// it is unset (or set to false). Defaults to false.
suspend?: bool
// Update gives the specification for how to update the files in
// the repository. This can be left empty, to use the default
// value.
update?: {
// Path to the directory containing the manifests to be updated.
// Defaults to 'None', which translates to the root path
// of the GitRepositoryRef.
path?: string
// Strategy names the strategy to be used.
strategy: "Setters" | *"Setters"
} | *{
strategy: "Setters"
}
}

154
internal/generate/platforms/cue.mod/gen/kargo.akuity.io/freight/v1alpha1/types_gen.cue Normal file
View File

@@ -0,0 +1,154 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/kargo-demo/deploy/components/kargo/kargo.gen.yaml
package v1alpha1
import "strings"
// Freight represents a collection of versioned artifacts.
#Freight: {
// Alias is a human-friendly alias for a piece of Freight. This is
// an optional
// field. A defaulting webhook will sync this field with the value
// of the
// kargo.akuity.io/alias label. When the alias label is not
// present or differs
// from the value of this field, the defaulting webhook will set
// the label to
// the value of this field. If the alias label is present and this
// field is
// empty, the defaulting webhook will set the value of this field
// to the value
// of the alias label. If this field is empty and the alias label
// is not
// present, the defaulting webhook will choose an available alias
// and assign
// it to both the field and label.
alias?: string
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "kargo.akuity.io/v1alpha1"
// Charts describes specific versions of specific Helm charts.
charts?: [...{
// Name specifies the name of the chart.
name?: string
// RepoURL specifies the URL of a Helm chart repository. Classic
// chart
// repositories (using HTTP/S) can contain differently named
// charts. When this
// field points to such a repository, the Name field will specify
// the name of
// the chart within the repository. In the case of a repository
// within an OCI
// registry, the URL implicitly points to a specific chart and the
// Name field
// will be empty.
repoURL?: string
// Version specifies a particular version of the chart.
version?: string
}]
// Commits describes specific Git repository commits.
commits?: [...{
// Author is the author of the commit.
author?: string
// Branch denotes the branch of the repository where this commit
// was found.
branch?: string
// Committer is the person who committed the commit.
committer?: string
// ID is the ID of a specific commit in the Git repository
// specified by
// RepoURL.
id?: string
// Message is the message associated with the commit. At present,
// this only
// contains the first line (subject) of the commit message.
message?: string
// RepoURL is the URL of a Git repository.
repoURL?: string
// Tag denotes a tag in the repository that matched selection
// criteria and
// resolved to this commit.
tag?: string
}]
// Images describes specific versions of specific container
// images.
images?: [...{
// Digest identifies a specific version of the image in the
// repository
// specified by RepoURL. This is a more precise identifier than
// Tag.
digest?: string
// GitRepoURL specifies the URL of a Git repository that contains
// the source
// code for the image repository referenced by the RepoURL field
// if Kargo was
// able to infer it.
gitRepoURL?: string
// RepoURL describes the repository in which the image can be
// found.
repoURL?: string
// Tag identifies a specific version of the image in the
// repository specified
// by RepoURL.
tag?: string
}]
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Freight"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// Origin describes a kind of Freight in terms of its origin.
origin: {
// Kind is the kind of resource from which Freight may have
// originated. At
// present, this can only be "Warehouse".
kind: "Warehouse"
// Name is the name of the resource of the kind indicated by the
// Kind field
// from which Freight may originated.
name: string
}
}

72
internal/generate/platforms/cue.mod/gen/kargo.akuity.io/project/v1alpha1/types_gen.cue Normal file
View File

@@ -0,0 +1,72 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/kargo-demo/deploy/components/kargo/kargo.gen.yaml
package v1alpha1
import "strings"
// Project is a resource type that reconciles to a specially
// labeled namespace
// and other TODO: TBD project-level resources.
#Project: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "kargo.akuity.io/v1alpha1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Project"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace?: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// Spec describes a Project.
spec!: #ProjectSpec
}
#ProjectSpec: {
// PromotionPolicies defines policies governing the promotion of
// Freight to
// specific Stages within this Project.
promotionPolicies?: [...{
// AutoPromotionEnabled indicates whether new Freight can
// automatically be
// promoted into the Stage referenced by the Stage field. Note:
// There are may
// be other conditions also required for an auto-promotion to
// occur. This
// field defaults to false, but is commonly set to true for Stages
// that
// subscribe to Warehouses instead of other, upstream Stages. This
// allows
// users to define Stages that are automatically updated as soon
// as new
// artifacts are detected.
autoPromotionEnabled?: bool
stage: strings.MinRunes(1) & {
=~"^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"
}
}]
}

163
internal/generate/platforms/cue.mod/gen/kargo.akuity.io/promotion/v1alpha1/types_gen.cue Normal file
View File

@@ -0,0 +1,163 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/kargo-demo/deploy/components/kargo/kargo.gen.yaml
package v1alpha1
import "strings"
// Promotion represents a request to transition a particular Stage
// into a
// particular Freight.
#Promotion: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "kargo.akuity.io/v1alpha1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Promotion"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// Spec describes the desired transition of a specific Stage into
// a specific
// Freight.
spec!: #PromotionSpec
}
// Spec describes the desired transition of a specific Stage into
// a specific
// Freight.
#PromotionSpec: {
// Freight specifies the piece of Freight to be promoted into the
// Stage
// referenced by the Stage field.
freight: strings.MinRunes(1)
// Stage specifies the name of the Stage to which this Promotion
// applies. The Stage referenced by this field MUST be in the same
// namespace as the Promotion.
stage: strings.MinRunes(1) & {
=~"^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"
}
// Steps specifies the directives to be executed as part of this
// Promotion.
// The order in which the directives are executed is the order in
// which they
// are listed in this field.
steps?: [...{
// As is the alias this step can be referred to as.
as?: string
// Config is opaque configuration for the PromotionStep that is
// understood
// only by each PromotionStep's implementation. It is legal to
// utilize
// expressions in defining values at any level of this block.
// See https://docs.kargo.io/references/expression-language for
// details.
config?: _
// Retry is the retry policy for this step.
retry?: {
// ErrorThreshold is the number of consecutive times the step must
// fail (for
// any reason) before retries are abandoned and the entire
// Promotion is marked
// as failed.
//
// If this field is set to 0, the effective default will be a
// step-specific
// one. If no step-specific default exists (i.e. is also 0), the
// effective
// default will be the system-wide default of 1.
//
// A value of 1 will cause the Promotion to be marked as failed
// after just
// a single failure; i.e. no retries will be attempted.
//
// There is no option to specify an infinite number of retries
// using a value
// such as -1.
//
// In a future release, Kargo is likely to become capable of
// distinguishing
// between recoverable and non-recoverable step failures. At that
// time, it is
// planned that unrecoverable failures will not be subject to this
// threshold
// and will immediately cause the Promotion to be marked as failed
// without
// further condition.
errorThreshold?: int
// Timeout is the soft maximum interval in which a step that
// returns a Running
// status (which typically indicates it's waiting for something to
// happen)
// may be retried.
//
// The maximum is a soft one because the check for whether the
// interval has
// elapsed occurs AFTER the step has run. This effectively means a
// step may
// run ONCE beyond the close of the interval.
//
// If this field is set to nil, the effective default will be a
// step-specific
// one. If no step-specific default exists (i.e. is also nil), the
// effective
// default will be the system-wide default of 0.
//
// A value of 0 will cause the step to be retried indefinitely
// unless the
// ErrorThreshold is reached.
timeout?: string
}
// Uses identifies a runner that can execute this step.
uses: strings.MinRunes(1)
}]
// Vars is a list of variables that can be referenced by
// expressions in
// promotion steps.
vars?: [...{
// Name is the name of the variable.
name: strings.MinRunes(1) & {
=~"^[a-zA-Z_]\\w*$"
}
// Value is the value of the variable. It is allowed to utilize
// expressions
// in the value.
// See https://docs.kargo.io/references/expression-language for
// details.
value: string
}]
}

264
internal/generate/platforms/cue.mod/gen/kargo.akuity.io/stage/v1alpha1/types_gen.cue Normal file
View File

@@ -0,0 +1,264 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/kargo-demo/deploy/components/kargo/kargo.gen.yaml
package v1alpha1
import "strings"
// Stage is the Kargo API's main type.
#Stage: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "kargo.akuity.io/v1alpha1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Stage"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// Spec describes sources of Freight used by the Stage and how to
// incorporate
// Freight into the Stage.
spec!: #StageSpec
}
// Spec describes sources of Freight used by the Stage and how to
// incorporate
// Freight into the Stage.
#StageSpec: {
promotionTemplate?: {
// PromotionTemplateSpec describes the (partial) specification of
// a Promotion
// for a Stage. This is a template that can be used to create a
// Promotion for a
// Stage.
spec: {
// Steps specifies the directives to be executed as part of a
// Promotion.
// The order in which the directives are executed is the order in
// which they
// are listed in this field.
steps?: [...{
// As is the alias this step can be referred to as.
as?: string
// Config is opaque configuration for the PromotionStep that is
// understood
// only by each PromotionStep's implementation. It is legal to
// utilize
// expressions in defining values at any level of this block.
// See https://docs.kargo.io/references/expression-language for
// details.
config?: _
// Retry is the retry policy for this step.
retry?: {
// ErrorThreshold is the number of consecutive times the step must
// fail (for
// any reason) before retries are abandoned and the entire
// Promotion is marked
// as failed.
//
// If this field is set to 0, the effective default will be a
// step-specific
// one. If no step-specific default exists (i.e. is also 0), the
// effective
// default will be the system-wide default of 1.
//
// A value of 1 will cause the Promotion to be marked as failed
// after just
// a single failure; i.e. no retries will be attempted.
//
// There is no option to specify an infinite number of retries
// using a value
// such as -1.
//
// In a future release, Kargo is likely to become capable of
// distinguishing
// between recoverable and non-recoverable step failures. At that
// time, it is
// planned that unrecoverable failures will not be subject to this
// threshold
// and will immediately cause the Promotion to be marked as failed
// without
// further condition.
errorThreshold?: int
// Timeout is the soft maximum interval in which a step that
// returns a Running
// status (which typically indicates it's waiting for something to
// happen)
// may be retried.
//
// The maximum is a soft one because the check for whether the
// interval has
// elapsed occurs AFTER the step has run. This effectively means a
// step may
// run ONCE beyond the close of the interval.
//
// If this field is set to nil, the effective default will be a
// step-specific
// one. If no step-specific default exists (i.e. is also nil), the
// effective
// default will be the system-wide default of 0.
//
// A value of 0 will cause the step to be retried indefinitely
// unless the
// ErrorThreshold is reached.
timeout?: string
}
// Uses identifies a runner that can execute this step.
uses: strings.MinRunes(1)
}] & [_, ...]
// Vars is a list of variables that can be referenced by
// expressions in
// promotion steps.
vars?: [...{
// Name is the name of the variable.
name: strings.MinRunes(1) & {
=~"^[a-zA-Z_]\\w*$"
}
// Value is the value of the variable. It is allowed to utilize
// expressions
// in the value.
// See https://docs.kargo.io/references/expression-language for
// details.
value: string
}]
}
}
// RequestedFreight expresses the Stage's need for certain pieces
// of Freight,
// each having originated from a particular Warehouse. This list
// must be
// non-empty. In the common case, a Stage will request Freight
// having
// originated from just one specific Warehouse. In advanced cases,
// requesting
// Freight from multiple Warehouses provides a method of advancing
// new
// artifacts of different types through parallel pipelines at
// different
// speeds. This can be useful, for instance, if a Stage is home to
// multiple
// microservices that are independently versioned.
requestedFreight: [...{
// Origin specifies from where the requested Freight must have
// originated.
// This is a required field.
origin: {
// Kind is the kind of resource from which Freight may have
// originated. At
// present, this can only be "Warehouse".
kind: "Warehouse"
// Name is the name of the resource of the kind indicated by the
// Kind field
// from which Freight may originated.
name: string
}
// Sources describes where the requested Freight may be obtained
// from. This is
// a required field.
sources: {
// Direct indicates the requested Freight may be obtained directly
// from the
// Warehouse from which it originated. If this field's value is
// false, then
// the value of the Stages field must be non-empty. i.e. Between
// the two
// fields, at least one source must be specified.
direct?: bool
// Stages identifies other "upstream" Stages as potential sources
// of the
// requested Freight. If this field's value is empty, then the
// value of the
// Direct field must be true. i.e. Between the two fields, at
// least on source
// must be specified.
stages?: [...string]
}
}] & [_, ...]
// Shard is the name of the shard that this Stage belongs to. This
// is an
// optional field. If not specified, the Stage will belong to the
// default
// shard. A defaulting webhook will sync the value of the
// kargo.akuity.io/shard label with the value of this field. When
// this field
// is empty, the webhook will ensure that label is absent.
shard?: string
// Verification describes how to verify a Stage's current Freight
// is fit for
// promotion downstream.
verification?: {
// AnalysisRunMetadata contains optional metadata that should be
// applied to
// all AnalysisRuns.
analysisRunMetadata?: {
// Additional annotations to apply to an AnalysisRun.
annotations?: {
[string]: string
}
// Additional labels to apply to an AnalysisRun.
labels?: {
[string]: string
}
}
// AnalysisTemplates is a list of AnalysisTemplates from which
// AnalysisRuns
// should be created to verify a Stage's current Freight is fit to
// be promoted
// downstream.
analysisTemplates?: [...{
// Name is the name of the AnalysisTemplate in the same
// project/namespace as
// the Stage.
name: string
}]
// Args lists arguments that should be added to all AnalysisRuns.
args?: [...{
// Name is the name of the argument.
name: string
// Value is the value of the argument.
value: string
}]
}
}

402
internal/generate/platforms/cue.mod/gen/kargo.akuity.io/warehouse/v1alpha1/types_gen.cue Normal file
View File

@@ -0,0 +1,402 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/kargo-demo/deploy/components/kargo/kargo.gen.yaml
package v1alpha1
import "strings"
// Warehouse is a source of Freight.
#Warehouse: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "kargo.akuity.io/v1alpha1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Warehouse"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// Spec describes sources of artifacts.
spec!: #WarehouseSpec
}
// Spec describes sources of artifacts.
#WarehouseSpec: {
// FreightCreationPolicy describes how Freight is created by this
// Warehouse.
// This field is optional. When left unspecified, the field is
// implicitly
// treated as if its value were "Automatic".
// Accepted values: Automatic, Manual
freightCreationPolicy?: "Automatic" | "Manual" | *"Automatic"
// Interval is the reconciliation interval for this Warehouse. On
// each
// reconciliation, the Warehouse will discover new artifacts and
// optionally
// produce new Freight. This field is optional. When left
// unspecified, the
// field is implicitly treated as if its value were "5m0s".
interval: =~"^([0-9]+(\\.[0-9]+)?(s|m|h))+$" | *"5m0s"
// Shard is the name of the shard that this Warehouse belongs to.
// This is an
// optional field. If not specified, the Warehouse will belong to
// the default
// shard. A defaulting webhook will sync this field with the value
// of the
// kargo.akuity.io/shard label. When the shard label is not
// present or differs
// from the value of this field, the defaulting webhook will set
// the label to
// the value of this field. If the shard label is present and this
// field is
// empty, the defaulting webhook will set the value of this field
// to the value
// of the shard label.
shard?: string
// Subscriptions describes sources of artifacts to be included in
// Freight
// produced by this Warehouse.
subscriptions: [...{
// Chart describes a subscription to a Helm chart repository.
chart?: {
// DiscoveryLimit is an optional limit on the number of chart
// versions that
// can be discovered for this subscription. The limit is applied
// after
// filtering charts based on the SemverConstraint field.
// When left unspecified, the field is implicitly treated as if
// its value
// were "20". The upper limit for this field is 100.
discoveryLimit?: int & <=100 & >=1 | *20
// Name specifies the name of a Helm chart to subscribe to within
// a classic
// chart repository specified by the RepoURL field. This field is
// required
// when the RepoURL field points to a classic chart repository and
// MUST
// otherwise be empty.
name?: string
// RepoURL specifies the URL of a Helm chart repository. It may be
// a classic
// chart repository (using HTTP/S) OR a repository within an OCI
// registry.
// Classic chart repositories can contain differently named
// charts. When this
// field points to such a repository, the Name field MUST also be
// used
// to specify the name of the desired chart within that
// repository. In the
// case of a repository within an OCI registry, the URL implicitly
// points to
// a specific chart and the Name field MUST NOT be used. The
// RepoURL field is
// required.
repoURL: strings.MinRunes(1) & {
=~"^(((https?)|(oci))://)([\\w\\d\\.\\-]+)(:[\\d]+)?(/.*)*$"
}
// SemverConstraint specifies constraints on what new chart
// versions are
// permissible. This field is optional. When left unspecified,
// there will be
// no constraints, which means the latest version of the chart
// will always be
// used. Care should be taken with leaving this field unspecified,
// as it can
// lead to the unanticipated rollout of breaking changes.
// More info:
// https://github.com/masterminds/semver#checking-version-constraints
semverConstraint?: string
}
// Git describes a subscriptions to a Git repository.
git?: {
// AllowTags is a regular expression that can optionally be used
// to limit the
// tags that are considered in determining the newest commit of
// interest. The
// value in this field only has any effect when the
// CommitSelectionStrategy is
// Lexical, NewestTag, or SemVer. This field is optional.
allowTags?: string
// Branch references a particular branch of the repository. The
// value in this
// field only has any effect when the CommitSelectionStrategy is
// NewestFromBranch or left unspecified (which is implicitly the
// same as
// NewestFromBranch). This field is optional. When left
// unspecified, (and the
// CommitSelectionStrategy is NewestFromBranch or unspecified),
// the
// subscription is implicitly to the repository's default branch.
branch?: strings.MinRunes(1) & {
=~"^\\w+([-/]\\w+)*$"
}
// CommitSelectionStrategy specifies the rules for how to identify
// the newest
// commit of interest in the repository specified by the RepoURL
// field. This
// field is optional. When left unspecified, the field is
// implicitly treated
// as if its value were "NewestFromBranch".
// Accepted values: Lexical, NewestFromBranch, NewestTag, SemVer
commitSelectionStrategy?: "Lexical" | "NewestFromBranch" | "NewestTag" | "SemVer" | *"NewestFromBranch"
// DiscoveryLimit is an optional limit on the number of commits
// that can be
// discovered for this subscription. The limit is applied after
// filtering
// commits based on the AllowTags and IgnoreTags fields.
// When left unspecified, the field is implicitly treated as if
// its value
// were "20". The upper limit for this field is 100.
discoveryLimit?: int & <=100 & >=1 | *20
// ExcludePaths is a list of selectors that designate paths in the
// repository
// that should NOT trigger the production of new Freight when
// changes are
// detected therein. When specified, changes in the identified
// paths will not
// trigger Freight production. When not specified, paths that
// should trigger
// Freight production will be defined solely by IncludePaths.
// Selectors may be
// defined using:
// 1. Exact paths to files or directories (ex. "charts/foo")
// 2. Glob patterns (prefix the pattern with "glob:"; ex.
// "glob:*.yaml")
// 3. Regular expressions (prefix the pattern with "regex:" or
// "regexp:";
// ex. "regexp:^.*\.yaml$")
// Paths selected by IncludePaths may be unselected by
// ExcludePaths. This
// is a useful method for including a broad set of paths and then
// excluding a
// subset of them.
excludePaths?: [...string]
// IgnoreTags is a list of tags that must be ignored when
// determining the
// newest commit of interest. No regular expressions or glob
// patterns are
// supported yet. The value in this field only has any effect when
// the
// CommitSelectionStrategy is Lexical, NewestTag, or SemVer. This
// field is
// optional.
ignoreTags?: [...string]
// IncludePaths is a list of selectors that designate paths in the
// repository
// that should trigger the production of new Freight when changes
// are detected
// therein. When specified, only changes in the identified paths
// will trigger
// Freight production. When not specified, changes in any path
// will trigger
// Freight production. Selectors may be defined using:
// 1. Exact paths to files or directories (ex. "charts/foo")
// 2. Glob patterns (prefix the pattern with "glob:"; ex.
// "glob:*.yaml")
// 3. Regular expressions (prefix the pattern with "regex:" or
// "regexp:";
// ex. "regexp:^.*\.yaml$")
// Paths selected by IncludePaths may be unselected by
// ExcludePaths. This
// is a useful method for including a broad set of paths and then
// excluding a
// subset of them.
includePaths?: [...string]
// InsecureSkipTLSVerify specifies whether certificate
// verification errors
// should be ignored when connecting to the repository. This
// should be enabled
// only with great caution.
insecureSkipTLSVerify?: bool
// URL is the repository's URL. This is a required field.
repoURL: strings.MinRunes(1) & {
=~"(?:^(https?)://(?:([\\w-]+):(.+)@)?([\\w-]+(?:\\.[\\w-]+)*)(?::(\\d{1,5}))?(/.*)$)|(?:^([\\w-]+)@([\\w+]+(?:\\.[\\w-]+)*):(/?.*))"
}
// SemverConstraint specifies constraints on what new tagged
// commits are
// considered in determining the newest commit of interest. The
// value in this
// field only has any effect when the CommitSelectionStrategy is
// SemVer. This
// field is optional. When left unspecified, there will be no
// constraints,
// which means the latest semantically tagged commit will always
// be used. Care
// should be taken with leaving this field unspecified, as it can
// lead to the
// unanticipated rollout of breaking changes.
semverConstraint?: string
// StrictSemvers specifies whether only "strict" semver tags
// should be
// considered. A "strict" semver tag is one containing ALL of
// major, minor,
// and patch version components. This is enabled by default, but
// only has any
// effect when the CommitSelectionStrategy is SemVer. This should
// be disabled
// cautiously, as it creates the potential for any tag containing
// numeric
// characters only to be mistaken for a semver string containing
// the major
// version number only.
strictSemvers: bool | *true
}
// Image describes a subscription to container image repository.
image?: {
// AllowTags is a regular expression that can optionally be used
// to limit the
// image tags that are considered in determining the newest
// version of an
// image. This field is optional.
allowTags?: string
// DiscoveryLimit is an optional limit on the number of image
// references
// that can be discovered for this subscription. The limit is
// applied after
// filtering images based on the AllowTags and IgnoreTags fields.
// When left unspecified, the field is implicitly treated as if
// its value
// were "20". The upper limit for this field is 100.
discoveryLimit?: int & <=100 & >=1 | *20
// GitRepoURL optionally specifies the URL of a Git repository
// that contains
// the source code for the image repository referenced by the
// RepoURL field.
// When this is specified, Kargo MAY be able to infer and link to
// the exact
// revision of that source code that was used to build the image.
gitRepoURL?: =~"^https?://(\\w+([\\.-]\\w+)*@)?\\w+([\\.-]\\w+)*(:[\\d]+)?(/.*)?$"
// IgnoreTags is a list of tags that must be ignored when
// determining the
// newest version of an image. No regular expressions or glob
// patterns are
// supported yet. This field is optional.
ignoreTags?: [...string]
// ImageSelectionStrategy specifies the rules for how to identify
// the newest version
// of the image specified by the RepoURL field. This field is
// optional. When
// left unspecified, the field is implicitly treated as if its
// value were
// "SemVer".
// Accepted values: Digest, Lexical, NewestBuild, SemVer
imageSelectionStrategy?: "Digest" | "Lexical" | "NewestBuild" | "SemVer" | *"SemVer"
// InsecureSkipTLSVerify specifies whether certificate
// verification errors
// should be ignored when connecting to the repository. This
// should be enabled
// only with great caution.
insecureSkipTLSVerify?: bool
// Platform is a string of the form <os>/<arch> that limits the
// tags that can
// be considered when searching for new versions of an image. This
// field is
// optional. When left unspecified, it is implicitly equivalent to
// the
// OS/architecture of the Kargo controller. Care should be taken
// to set this
// value correctly in cases where the image referenced by this
// ImageRepositorySubscription will run on a Kubernetes node with
// a different
// OS/architecture than the Kargo controller. At present this is
// uncommon, but
// not unheard of.
platform?: string
// RepoURL specifies the URL of the image repository to subscribe
// to. The
// value in this field MUST NOT include an image tag. This field
// is required.
repoURL: strings.MinRunes(1) & {
=~"^(\\w+([\\.-]\\w+)*(:[\\d]+)?/)?(\\w+([\\.-]\\w+)*)(/\\w+([\\.-]\\w+)*)*$"
}
// SemverConstraint specifies constraints on what new image
// versions are
// permissible. The value in this field only has any effect when
// the
// ImageSelectionStrategy is SemVer or left unspecified (which is
// implicitly
// the same as SemVer). This field is also optional. When left
// unspecified,
// (and the ImageSelectionStrategy is SemVer or unspecified),
// there will be no
// constraints, which means the latest semantically tagged version
// of an image
// will always be used. Care should be taken with leaving this
// field
// unspecified, as it can lead to the unanticipated rollout of
// breaking
// changes. Refer to Image Updater documentation for more details.
// More info:
// https://github.com/masterminds/semver#checking-version-constraints
semverConstraint?: string
// StrictSemvers specifies whether only "strict" semver tags
// should be
// considered. A "strict" semver tag is one containing ALL of
// major, minor,
// and patch version components. This is enabled by default, but
// only has any
// effect when the ImageSelectionStrategy is SemVer. This should
// be disabled
// cautiously, as it is not uncommon to tag container images with
// short Git
// commit hashes, which have the potential to contain numeric
// characters only
// and could be mistaken for a semver string containing the major
// version
// number only.
strictSemvers: bool | *true
}
}] & [_, ...]
}

326
internal/generate/platforms/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1/types_gen.cue Normal file
View File

@@ -0,0 +1,326 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1
import "strings"
// Kustomization is the Schema for the kustomizations API.
#Kustomization: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "kustomize.toolkit.fluxcd.io/v1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Kustomization"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// KustomizationSpec defines the configuration to calculate the
// desired state
// from a Source using Kustomize.
spec!: #KustomizationSpec
}
// KustomizationSpec defines the configuration to calculate the
// desired state
// from a Source using Kustomize.
#KustomizationSpec: {
// CommonMetadata specifies the common labels and annotations that
// are
// applied to all resources. Any existing label or annotation will
// be
// overridden if its key matches a common one.
commonMetadata?: {
// Annotations to be added to the object's metadata.
annotations?: {
[string]: string
}
// Labels to be added to the object's metadata.
labels?: {
[string]: string
}
}
// Components specifies relative paths to specifications of other
// Components.
components?: [...string]
// Decrypt Kubernetes secrets before applying them on the cluster.
decryption?: {
// Provider is the name of the decryption engine.
provider: "sops"
secretRef?: {
// Name of the referent.
name: string
}
}
// DependsOn may contain a meta.NamespacedObjectReference slice
// with references to Kustomization resources that must be ready
// before this
// Kustomization can be reconciled.
dependsOn?: [...{
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// Force instructs the controller to recreate resources
// when patching fails due to an immutable field change.
force?: bool | *false
// A list of resources to be included in the health assessment.
healthChecks?: [...{
// API version of the referent, if not specified the Kubernetes
// preferred version will be used.
apiVersion?: string
// Kind of the referent.
kind: string
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// Images is a list of (image name, new name, new tag or digest)
// for changing image names, tags or digests. This can also be
// achieved with a
// patch, but this operator is simpler to specify.
images?: [...{
// Digest is the value used to replace the original image tag.
// If digest is present NewTag value is ignored.
digest?: string
// Name is a tag-less image name.
name: string
// NewName is the value used to replace the original name.
newName?: string
// NewTag is the value used to replace the original tag.
newTag?: string
}]
// The interval at which to reconcile the Kustomization.
// This interval is approximate and may be subject to jitter to
// ensure
// efficient use of resources.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
kubeConfig?: {
// SecretRef holds the name of a secret that contains a key with
// the kubeconfig file as the value. If no key is set, the key
// will default
// to 'value'.
// It is recommended that the kubeconfig is self-contained, and
// the secret
// is regularly updated if credentials such as a
// cloud-access-token expire.
// Cloud specific `cmd-path` auth helpers will not function
// without adding
// binaries and credentials to the Pod that is responsible for
// reconciling
// Kubernetes resources.
secretRef: {
// Key in the Secret, when not specified an
// implementation-specific default key is used.
key?: string
// Name of the Secret.
name: string
}
}
// NamePrefix will prefix the names of all managed resources.
namePrefix?: strings.MaxRunes(200) & strings.MinRunes(1)
// NameSuffix will suffix the names of all managed resources.
nameSuffix?: strings.MaxRunes(200) & strings.MinRunes(1)
// Strategic merge and JSON patches, defined as inline YAML
// objects,
// capable of targeting objects based on kind, label and
// annotation selectors.
patches?: [...{
// Patch contains an inline StrategicMerge patch or an inline
// JSON6902 patch with
// an array of operation objects.
patch: string
// Target points to the resources that the patch document should
// be applied to.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Path to the directory containing the kustomization.yaml file,
// or the
// set of plain YAMLs a kustomization.yaml should be generated
// for.
// Defaults to 'None', which translates to the root path of the
// SourceRef.
path?: string
// PostBuild describes which actions to perform on the YAML
// manifest
// generated by building the kustomize overlay.
postBuild?: {
// Substitute holds a map of key/value pairs.
// The variables defined in your YAML manifests that match any of
// the keys
// defined in the map will be substituted with the set value.
// Includes support for bash string replacement functions
// e.g. ${var:=default}, ${var:position} and
// ${var/substring/replacement}.
substitute?: {
[string]: string
}
// SubstituteFrom holds references to ConfigMaps and Secrets
// containing
// the variables and their values to be substituted in the YAML
// manifests.
// The ConfigMap and the Secret data keys represent the var names,
// and they
// must match the vars declared in the manifests for the
// substitution to
// happen.
substituteFrom?: [...{
// Kind of the values referent, valid values are ('Secret',
// 'ConfigMap').
kind: "Secret" | "ConfigMap"
// Name of the values referent. Should reside in the same
// namespace as the
// referring resource.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Optional indicates whether the referenced resource must exist,
// or whether to
// tolerate its absence. If true and the referenced resource is
// absent, proceed
// as if the resource was present but empty, without any variables
// defined.
optional?: bool | *false
}]
}
// Prune enables garbage collection.
prune: bool
// The interval at which to retry a previously failed
// reconciliation.
// When not specified, the controller uses the
// KustomizationSpec.Interval
// value to retry failures.
retryInterval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// The name of the Kubernetes service account to impersonate
// when reconciling this Kustomization.
serviceAccountName?: string
// Reference of the source where the kustomization file is.
sourceRef: {
// API version of the referent.
apiVersion?: string
// Kind of the referent.
kind: "OCIRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: string
// Namespace of the referent, defaults to the namespace of the
// Kubernetes
// resource object that contains the reference.
namespace?: string
}
// This flag tells the controller to suspend subsequent kustomize
// executions,
// it does not apply to already started executions. Defaults to
// false.
suspend?: bool
// TargetNamespace sets or overrides the namespace in the
// kustomization.yaml file.
targetNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Timeout for validation, apply and health checking operations.
// Defaults to 'Interval' duration.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Wait instructs the controller to check the health of all the
// reconciled
// resources. When enabled, the HealthChecks are ignored. Defaults
// to false.
wait?: bool
}

343
internal/generate/platforms/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,343 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// Kustomization is the Schema for the kustomizations API.
#Kustomization: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "kustomize.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Kustomization"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// KustomizationSpec defines the desired state of a kustomization.
spec!: #KustomizationSpec
}
// KustomizationSpec defines the desired state of a kustomization.
#KustomizationSpec: {
// Decrypt Kubernetes secrets before applying them on the cluster.
decryption?: {
// Provider is the name of the decryption engine.
provider: "sops"
secretRef?: {
// Name of the referent.
name: string
}
}
// DependsOn may contain a meta.NamespacedObjectReference slice
// with references to Kustomization resources that must be ready
// before this
// Kustomization can be reconciled.
dependsOn?: [...{
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// Force instructs the controller to recreate resources
// when patching fails due to an immutable field change.
force?: bool | *false
// A list of resources to be included in the health assessment.
healthChecks?: [...{
// API version of the referent, if not specified the Kubernetes
// preferred version will be used.
apiVersion?: string
// Kind of the referent.
kind: string
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// Images is a list of (image name, new name, new tag or digest)
// for changing image names, tags or digests. This can also be
// achieved with a
// patch, but this operator is simpler to specify.
images?: [...{
// Digest is the value used to replace the original image tag.
// If digest is present NewTag value is ignored.
digest?: string
// Name is a tag-less image name.
name: string
// NewName is the value used to replace the original name.
newName?: string
// NewTag is the value used to replace the original tag.
newTag?: string
}]
// The interval at which to reconcile the Kustomization.
interval: string
kubeConfig?: {
secretRef: {
// Name of the referent.
name: string
}
}
// Strategic merge and JSON patches, defined as inline YAML
// objects,
// capable of targeting objects based on kind, label and
// annotation selectors.
patches?: [...{
// Patch contains an inline StrategicMerge patch or an inline
// JSON6902 patch with
// an array of operation objects.
patch: string
// Target points to the resources that the patch document should
// be applied to.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// JSON 6902 patches, defined as inline YAML objects.
patchesJson6902?: [...{
// Patch contains the JSON6902 patch document with an array of
// operation objects.
patch: [...{
// From contains a JSON-pointer value that references a location
// within the target document where the operation is
// performed. The meaning of the value depends on the value of Op,
// and is NOT taken into account by all operations.
from?: string
// Op indicates the operation to perform. Its value MUST be one of
// "add", "remove", "replace", "move", "copy", or
// "test".
// https://datatracker.ietf.org/doc/html/rfc6902#section-4
op: "test" | "remove" | "add" | "replace" | "move" | "copy"
// Path contains the JSON-pointer value that references a location
// within the target document where the operation
// is performed. The meaning of the value depends on the value of
// Op.
path: string
// Value contains a valid JSON structure. The meaning of the value
// depends on the value of Op, and is NOT taken into
// account by all operations.
value?: _
}]
// Target points to the resources that the patch document should
// be applied to.
target: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Strategic merge patches, defined as inline YAML objects.
patchesStrategicMerge?: [...]
// Path to the directory containing the kustomization.yaml file,
// or the
// set of plain YAMLs a kustomization.yaml should be generated
// for.
// Defaults to 'None', which translates to the root path of the
// SourceRef.
path?: string
// PostBuild describes which actions to perform on the YAML
// manifest
// generated by building the kustomize overlay.
postBuild?: {
// Substitute holds a map of key/value pairs.
// The variables defined in your YAML manifests
// that match any of the keys defined in the map
// will be substituted with the set value.
// Includes support for bash string replacement functions
// e.g. ${var:=default}, ${var:position} and
// ${var/substring/replacement}.
substitute?: {
[string]: string
}
// SubstituteFrom holds references to ConfigMaps and Secrets
// containing
// the variables and their values to be substituted in the YAML
// manifests.
// The ConfigMap and the Secret data keys represent the var names
// and they
// must match the vars declared in the manifests for the
// substitution to happen.
substituteFrom?: [...{
// Kind of the values referent, valid values are ('Secret',
// 'ConfigMap').
kind: "Secret" | "ConfigMap"
// Name of the values referent. Should reside in the same
// namespace as the
// referring resource.
name: strings.MaxRunes(253) & strings.MinRunes(1)
}]
}
// Prune enables garbage collection.
prune: bool
// The interval at which to retry a previously failed
// reconciliation.
// When not specified, the controller uses the
// KustomizationSpec.Interval
// value to retry failures.
retryInterval?: string
// The name of the Kubernetes service account to impersonate
// when reconciling this Kustomization.
serviceAccountName?: string
// Reference of the source where the kustomization file is.
sourceRef: {
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "GitRepository" | "Bucket"
// Name of the referent
name: string
// Namespace of the referent, defaults to the Kustomization
// namespace
namespace?: string
}
// This flag tells the controller to suspend subsequent kustomize
// executions,
// it does not apply to already started executions. Defaults to
// false.
suspend?: bool
// TargetNamespace sets or overrides the namespace in the
// kustomization.yaml file.
targetNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Timeout for validation, apply and health checking operations.
// Defaults to 'Interval' duration.
timeout?: string
// Validate the Kubernetes objects before applying them on the
// cluster.
// The validation strategy can be 'client' (local dry-run),
// 'server'
// (APIServer dry-run) or 'none'.
// When 'Force' is 'true', validation will fallback to 'client' if
// set to
// 'server' because server-side validation is not supported in
// this scenario.
validation?: "none" | "client" | "server"
}

389
internal/generate/platforms/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,389 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// Kustomization is the Schema for the kustomizations API.
#Kustomization: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "kustomize.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Kustomization"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// KustomizationSpec defines the configuration to calculate the
// desired state from a Source using Kustomize.
spec!: #KustomizationSpec
}
// KustomizationSpec defines the configuration to calculate the
// desired state from a Source using Kustomize.
#KustomizationSpec: {
// CommonMetadata specifies the common labels and annotations that
// are applied to all resources.
// Any existing label or annotation will be overridden if its key
// matches a common one.
commonMetadata?: {
// Annotations to be added to the object's metadata.
annotations?: {
[string]: string
}
// Labels to be added to the object's metadata.
labels?: {
[string]: string
}
}
// Components specifies relative paths to specifications of other
// Components.
components?: [...string]
// Decrypt Kubernetes secrets before applying them on the cluster.
decryption?: {
// Provider is the name of the decryption engine.
provider: "sops"
secretRef?: {
// Name of the referent.
name: string
}
}
// DependsOn may contain a meta.NamespacedObjectReference slice
// with references to Kustomization resources that must be ready
// before this
// Kustomization can be reconciled.
dependsOn?: [...{
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// Force instructs the controller to recreate resources
// when patching fails due to an immutable field change.
force?: bool | *false
// A list of resources to be included in the health assessment.
healthChecks?: [...{
// API version of the referent, if not specified the Kubernetes
// preferred version will be used.
apiVersion?: string
// Kind of the referent.
kind: string
// Name of the referent.
name: string
// Namespace of the referent, when not specified it acts as
// LocalObjectReference.
namespace?: string
}]
// Images is a list of (image name, new name, new tag or digest)
// for changing image names, tags or digests. This can also be
// achieved with a
// patch, but this operator is simpler to specify.
images?: [...{
// Digest is the value used to replace the original image tag.
// If digest is present NewTag value is ignored.
digest?: string
// Name is a tag-less image name.
name: string
// NewName is the value used to replace the original name.
newName?: string
// NewTag is the value used to replace the original tag.
newTag?: string
}]
// The interval at which to reconcile the Kustomization.
interval: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
kubeConfig?: {
// SecretRef holds the name of a secret that contains a key with
// the kubeconfig file as the value. If no key is set, the key
// will default
// to 'value'.
// It is recommended that the kubeconfig is self-contained, and
// the secret
// is regularly updated if credentials such as a
// cloud-access-token expire.
// Cloud specific `cmd-path` auth helpers will not function
// without adding
// binaries and credentials to the Pod that is responsible for
// reconciling
// Kubernetes resources.
secretRef: {
// Key in the Secret, when not specified an
// implementation-specific default key is used.
key?: string
// Name of the Secret.
name: string
}
}
// Strategic merge and JSON patches, defined as inline YAML
// objects,
// capable of targeting objects based on kind, label and
// annotation selectors.
patches?: [...{
// Patch contains an inline StrategicMerge patch or an inline
// JSON6902 patch with
// an array of operation objects.
patch: string
// Target points to the resources that the patch document should
// be applied to.
target?: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// JSON 6902 patches, defined as inline YAML objects.
// Deprecated: Use Patches instead.
patchesJson6902?: [...{
// Patch contains the JSON6902 patch document with an array of
// operation objects.
patch: [...{
// From contains a JSON-pointer value that references a location
// within the target document where the operation is
// performed. The meaning of the value depends on the value of Op,
// and is NOT taken into account by all operations.
from?: string
// Op indicates the operation to perform. Its value MUST be one of
// "add", "remove", "replace", "move", "copy", or
// "test".
// https://datatracker.ietf.org/doc/html/rfc6902#section-4
op: "test" | "remove" | "add" | "replace" | "move" | "copy"
// Path contains the JSON-pointer value that references a location
// within the target document where the operation
// is performed. The meaning of the value depends on the value of
// Op.
path: string
// Value contains a valid JSON structure. The meaning of the value
// depends on the value of Op, and is NOT taken into
// account by all operations.
value?: _
}]
// Target points to the resources that the patch document should
// be applied to.
target: {
// AnnotationSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource annotations.
annotationSelector?: string
// Group is the API group to select resources from.
// Together with Version and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
group?: string
// Kind of the API Group to select resources from.
// Together with Group and Version it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
kind?: string
// LabelSelector is a string that follows the label selection
// expression
// https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
// It matches with the resource labels.
labelSelector?: string
// Name to match resources with.
name?: string
// Namespace to select resources from.
namespace?: string
// Version of the API Group to select resources from.
// Together with Group and Kind it is capable of unambiguously
// identifying and/or selecting resources.
// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
version?: string
}
}]
// Strategic merge patches, defined as inline YAML objects.
// Deprecated: Use Patches instead.
patchesStrategicMerge?: [...]
// Path to the directory containing the kustomization.yaml file,
// or the
// set of plain YAMLs a kustomization.yaml should be generated
// for.
// Defaults to 'None', which translates to the root path of the
// SourceRef.
path?: string
// PostBuild describes which actions to perform on the YAML
// manifest
// generated by building the kustomize overlay.
postBuild?: {
// Substitute holds a map of key/value pairs.
// The variables defined in your YAML manifests
// that match any of the keys defined in the map
// will be substituted with the set value.
// Includes support for bash string replacement functions
// e.g. ${var:=default}, ${var:position} and
// ${var/substring/replacement}.
substitute?: {
[string]: string
}
// SubstituteFrom holds references to ConfigMaps and Secrets
// containing
// the variables and their values to be substituted in the YAML
// manifests.
// The ConfigMap and the Secret data keys represent the var names
// and they
// must match the vars declared in the manifests for the
// substitution to happen.
substituteFrom?: [...{
// Kind of the values referent, valid values are ('Secret',
// 'ConfigMap').
kind: "Secret" | "ConfigMap"
// Name of the values referent. Should reside in the same
// namespace as the
// referring resource.
name: strings.MaxRunes(253) & strings.MinRunes(1)
// Optional indicates whether the referenced resource must exist,
// or whether to
// tolerate its absence. If true and the referenced resource is
// absent, proceed
// as if the resource was present but empty, without any variables
// defined.
optional?: bool | *false
}]
}
// Prune enables garbage collection.
prune: bool
// The interval at which to retry a previously failed
// reconciliation.
// When not specified, the controller uses the
// KustomizationSpec.Interval
// value to retry failures.
retryInterval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// The name of the Kubernetes service account to impersonate
// when reconciling this Kustomization.
serviceAccountName?: string
// Reference of the source where the kustomization file is.
sourceRef: {
// API version of the referent.
apiVersion?: string
// Kind of the referent.
kind: "OCIRepository" | "GitRepository" | "Bucket"
// Name of the referent.
name: string
// Namespace of the referent, defaults to the namespace of the
// Kubernetes resource object that contains the reference.
namespace?: string
}
// This flag tells the controller to suspend subsequent kustomize
// executions,
// it does not apply to already started executions. Defaults to
// false.
suspend?: bool
// TargetNamespace sets or overrides the namespace in the
// kustomization.yaml file.
targetNamespace?: strings.MaxRunes(63) & strings.MinRunes(1)
// Timeout for validation, apply and health checking operations.
// Defaults to 'Interval' duration.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Deprecated: Not used in v1beta2.
validation?: "none" | "client" | "server"
// Wait instructs the controller to check the health of all the
// reconciled resources.
// When enabled, the HealthChecks are ignored. Defaults to false.
wait?: bool
}

96
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/alert/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,96 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// Alert is the Schema for the alerts API
#Alert: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Alert"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// AlertSpec defines an alerting rule for events involving a list
// of objects
spec!: #AlertSpec
}
// AlertSpec defines an alerting rule for events involving a list
// of objects
#AlertSpec: {
// Filter events based on severity, defaults to ('info').
// If set to 'info' no events will be filtered.
eventSeverity?: "info" | "error" | *"info"
// Filter events based on the involved objects.
eventSources: [...{
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "Bucket" | "GitRepository" | "Kustomization" | "HelmRelease" | "HelmChart" | "HelmRepository" | "ImageRepository" | "ImagePolicy" | "ImageUpdateAutomation" | "OCIRepository"
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
// Name of the referent
name: strings.MaxRunes(53) & strings.MinRunes(1)
// Namespace of the referent
namespace?: strings.MaxRunes(53) & strings.MinRunes(1)
}]
// A list of Golang regular expressions to be used for excluding
// messages.
exclusionList?: [...string]
providerRef: {
// Name of the referent.
name: string
}
// Short description of the impact and affected cluster.
summary?: string
// This flag tells the controller to suspend subsequent events
// dispatching.
// Defaults to false.
suspend?: bool
}

116
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/alert/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,116 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// Alert is the Schema for the alerts API
#Alert: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Alert"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// AlertSpec defines an alerting rule for events involving a list
// of objects.
spec!: #AlertSpec
}
// AlertSpec defines an alerting rule for events involving a list
// of objects.
#AlertSpec: {
// EventMetadata is an optional field for adding metadata to
// events dispatched by the
// controller. This can be used for enhancing the context of the
// event. If a field
// would override one already present on the original event as
// generated by the emitter,
// then the override doesn't happen, i.e. the original value is
// preserved, and an info
// log is printed.
eventMetadata?: {
[string]: string
}
// EventSeverity specifies how to filter events based on severity.
// If set to 'info' no events will be filtered.
eventSeverity?: "info" | "error" | *"info"
// EventSources specifies how to filter events based
// on the involved object kind, name and namespace.
eventSources: [...{
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "Bucket" | "GitRepository" | "Kustomization" | "HelmRelease" | "HelmChart" | "HelmRepository" | "ImageRepository" | "ImagePolicy" | "ImageUpdateAutomation" | "OCIRepository"
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
// MatchLabels requires the name to be set to `*`.
matchLabels?: {
[string]: string
}
// Name of the referent
// If multiple resources are targeted `*` may be set.
name: strings.MaxRunes(53) & strings.MinRunes(1)
// Namespace of the referent
namespace?: strings.MaxRunes(53) & strings.MinRunes(1)
}]
// ExclusionList specifies a list of Golang regular expressions
// to be used for excluding messages.
exclusionList?: [...string]
// InclusionList specifies a list of Golang regular expressions
// to be used for including messages.
inclusionList?: [...string]
providerRef: {
// Name of the referent.
name: string
}
// Summary holds a short description of the impact and affected
// cluster.
summary?: strings.MaxRunes(255)
// Suspend tells the controller to suspend subsequent
// events handling for this Alert.
suspend?: bool
}

116
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/alert/v1beta3/types_gen.cue Normal file
View File

@@ -0,0 +1,116 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta3
import "strings"
// Alert is the Schema for the alerts API
#Alert: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta3"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Alert"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// AlertSpec defines an alerting rule for events involving a list
// of objects.
spec!: #AlertSpec
}
// AlertSpec defines an alerting rule for events involving a list
// of objects.
#AlertSpec: {
// EventMetadata is an optional field for adding metadata to
// events dispatched by the
// controller. This can be used for enhancing the context of the
// event. If a field
// would override one already present on the original event as
// generated by the emitter,
// then the override doesn't happen, i.e. the original value is
// preserved, and an info
// log is printed.
eventMetadata?: {
[string]: string
}
// EventSeverity specifies how to filter events based on severity.
// If set to 'info' no events will be filtered.
eventSeverity?: "info" | "error" | *"info"
// EventSources specifies how to filter events based
// on the involved object kind, name and namespace.
eventSources: [...{
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "Bucket" | "GitRepository" | "Kustomization" | "HelmRelease" | "HelmChart" | "HelmRepository" | "ImageRepository" | "ImagePolicy" | "ImageUpdateAutomation" | "OCIRepository"
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
// MatchLabels requires the name to be set to `*`.
matchLabels?: {
[string]: string
}
// Name of the referent
// If multiple resources are targeted `*` may be set.
name: strings.MaxRunes(53) & strings.MinRunes(1)
// Namespace of the referent
namespace?: strings.MaxRunes(53) & strings.MinRunes(1)
}]
// ExclusionList specifies a list of Golang regular expressions
// to be used for excluding messages.
exclusionList?: [...string]
// InclusionList specifies a list of Golang regular expressions
// to be used for including messages.
inclusionList?: [...string]
providerRef: {
// Name of the referent.
name: string
}
// Summary holds a short description of the impact and affected
// cluster.
summary?: strings.MaxRunes(255)
// Suspend tells the controller to suspend subsequent
// events handling for this Alert.
suspend?: bool
}

80
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/provider/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,80 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// Provider is the Schema for the providers API
#Provider: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Provider"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ProviderSpec defines the desired state of Provider
spec!: #ProviderSpec
}
// ProviderSpec defines the desired state of Provider
#ProviderSpec: {
// HTTP/S webhook address of this provider
address?: =~"^(http|https)://"
certSecretRef?: {
// Name of the referent.
name: string
}
// Alert channel for this provider
channel?: string
// HTTP/S address of the proxy
proxy?: =~"^(http|https)://"
secretRef?: {
// Name of the referent.
name: string
}
// This flag tells the controller to suspend subsequent events
// handling.
// Defaults to false.
suspend?: bool
// Timeout for sending alerts to the provider.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
// Type of provider
type: "slack" | "discord" | "msteams" | "rocket" | "generic" | "generic-hmac" | "github" | "gitlab" | "bitbucket" | "azuredevops" | "googlechat" | "webex" | "sentry" | "azureeventhub" | "telegram" | "lark" | "matrix" | "opsgenie" | "alertmanager" | "grafana" | "githubdispatch"
// Bot username for this provider
username?: string
}

93
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/provider/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,93 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// Provider is the Schema for the providers API.
#Provider: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Provider"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ProviderSpec defines the desired state of the Provider.
spec!: #ProviderSpec
}
// ProviderSpec defines the desired state of the Provider.
#ProviderSpec: {
// Address specifies the endpoint, in a generic sense, to where
// alerts are sent.
// What kind of endpoint depends on the specific Provider type
// being used.
// For the generic Provider, for example, this is an HTTP/S
// address.
// For other Provider types this could be a project ID or a
// namespace.
address?: strings.MaxRunes(2048)
certSecretRef?: {
// Name of the referent.
name: string
}
// Channel specifies the destination channel where events should
// be posted.
channel?: strings.MaxRunes(2048)
// Interval at which to reconcile the Provider with its Secret
// references.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Proxy the HTTP/S address of the proxy server.
proxy?: strings.MaxRunes(2048) & {
=~"^(http|https)://.*$"
}
secretRef?: {
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend subsequent
// events handling for this Provider.
suspend?: bool
// Timeout for sending alerts to the Provider.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
// Type specifies which Provider implementation to use.
type: "slack" | "discord" | "msteams" | "rocket" | "generic" | "generic-hmac" | "github" | "gitlab" | "gitea" | "bitbucketserver" | "bitbucket" | "azuredevops" | "googlechat" | "googlepubsub" | "webex" | "sentry" | "azureeventhub" | "telegram" | "lark" | "matrix" | "opsgenie" | "alertmanager" | "grafana" | "githubdispatch" | "pagerduty" | "datadog"
// Username specifies the name under which events are posted.
username?: strings.MaxRunes(2048)
}

94
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/provider/v1beta3/types_gen.cue Normal file
View File

@@ -0,0 +1,94 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta3
import "strings"
// Provider is the Schema for the providers API
#Provider: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta3"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Provider"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ProviderSpec defines the desired state of the Provider.
spec!: #ProviderSpec
}
// ProviderSpec defines the desired state of the Provider.
#ProviderSpec: {
// Address specifies the endpoint, in a generic sense, to where
// alerts are sent.
// What kind of endpoint depends on the specific Provider type
// being used.
// For the generic Provider, for example, this is an HTTP/S
// address.
// For other Provider types this could be a project ID or a
// namespace.
address?: strings.MaxRunes(2048)
certSecretRef?: {
// Name of the referent.
name: string
}
// Channel specifies the destination channel where events should
// be posted.
channel?: strings.MaxRunes(2048)
// Interval at which to reconcile the Provider with its Secret
// references.
// Deprecated and not used in v1beta3.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// Proxy the HTTP/S address of the proxy server.
proxy?: strings.MaxRunes(2048) & {
=~"^(http|https)://.*$"
}
secretRef?: {
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend subsequent
// events handling for this Provider.
suspend?: bool
// Timeout for sending alerts to the Provider.
timeout?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"
// Type specifies which Provider implementation to use.
type: "slack" | "discord" | "msteams" | "rocket" | "generic" | "generic-hmac" | "github" | "gitlab" | "gitea" | "bitbucketserver" | "bitbucket" | "azuredevops" | "googlechat" | "googlepubsub" | "webex" | "sentry" | "azureeventhub" | "telegram" | "lark" | "matrix" | "opsgenie" | "alertmanager" | "grafana" | "githubdispatch" | "pagerduty" | "datadog" | "nats"
// Username specifies the name under which events are posted.
username?: strings.MaxRunes(2048)
}

96
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/receiver/v1/types_gen.cue Normal file
View File

@@ -0,0 +1,96 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1
import "strings"
// Receiver is the Schema for the receivers API.
#Receiver: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Receiver"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ReceiverSpec defines the desired state of the Receiver.
spec!: #ReceiverSpec
}
// ReceiverSpec defines the desired state of the Receiver.
#ReceiverSpec: {
// Events specifies the list of event types to handle,
// e.g. 'push' for GitHub or 'Push Hook' for GitLab.
events?: [...string]
// Interval at which to reconcile the Receiver with its Secret
// references.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$" | *"10m"
// A list of resources to be notified about changes.
resources: [...{
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "Bucket" | "GitRepository" | "Kustomization" | "HelmRelease" | "HelmChart" | "HelmRepository" | "ImageRepository" | "ImagePolicy" | "ImageUpdateAutomation" | "OCIRepository"
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
// MatchLabels requires the name to be set to `*`.
matchLabels?: {
[string]: string
}
// Name of the referent
// If multiple resources are targeted `*` may be set.
name: strings.MaxRunes(53) & strings.MinRunes(1)
// Namespace of the referent
namespace?: strings.MaxRunes(53) & strings.MinRunes(1)
}]
secretRef: {
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend subsequent
// events handling for this receiver.
suspend?: bool
// Type of webhook sender, used to determine
// the validation procedure and payload deserialization.
type: "generic" | "generic-hmac" | "github" | "gitlab" | "bitbucket" | "harbor" | "dockerhub" | "quay" | "gcr" | "nexus" | "acr" | "cdevents"
}

91
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/receiver/v1beta1/types_gen.cue Normal file
View File

@@ -0,0 +1,91 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta1
import "strings"
// Receiver is the Schema for the receivers API
#Receiver: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta1"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Receiver"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ReceiverSpec defines the desired state of Receiver
spec!: #ReceiverSpec
}
// ReceiverSpec defines the desired state of Receiver
#ReceiverSpec: {
// A list of events to handle,
// e.g. 'push' for GitHub or 'Push Hook' for GitLab.
events?: [...string]
// A list of resources to be notified about changes.
resources: [...{
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "Bucket" | "GitRepository" | "Kustomization" | "HelmRelease" | "HelmChart" | "HelmRepository" | "ImageRepository" | "ImagePolicy" | "ImageUpdateAutomation" | "OCIRepository"
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
matchLabels?: {
[string]: string
}
// Name of the referent
name: strings.MaxRunes(53) & strings.MinRunes(1)
// Namespace of the referent
namespace?: strings.MaxRunes(53) & strings.MinRunes(1)
}]
secretRef: {
// Name of the referent.
name: string
}
// This flag tells the controller to suspend subsequent events
// handling.
// Defaults to false.
suspend?: bool
// Type of webhook sender, used to determine
// the validation procedure and payload deserialization.
type: "generic" | "generic-hmac" | "github" | "gitlab" | "bitbucket" | "harbor" | "dockerhub" | "quay" | "gcr" | "nexus" | "acr"
}

96
internal/generate/platforms/cue.mod/gen/notification.toolkit.fluxcd.io/receiver/v1beta2/types_gen.cue Normal file
View File

@@ -0,0 +1,96 @@
// Code generated by timoni. DO NOT EDIT.
//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
package v1beta2
import "strings"
// Receiver is the Schema for the receivers API.
#Receiver: {
// APIVersion defines the versioned schema of this representation
// of an object.
// Servers should convert recognized schemas to the latest
// internal value, and
// may reject unrecognized values.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
apiVersion: "notification.toolkit.fluxcd.io/v1beta2"
// Kind is a string value representing the REST resource this
// object represents.
// Servers may infer this from the endpoint the client submits
// requests to.
// Cannot be updated.
// In CamelCase.
// More info:
// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
kind: "Receiver"
metadata!: {
name!: strings.MaxRunes(253) & strings.MinRunes(1) & {
string
}
namespace!: strings.MaxRunes(63) & strings.MinRunes(1) & {
string
}
labels?: {
[string]: string
}
annotations?: {
[string]: string
}
}
// ReceiverSpec defines the desired state of the Receiver.
spec!: #ReceiverSpec
}
// ReceiverSpec defines the desired state of the Receiver.
#ReceiverSpec: {
// Events specifies the list of event types to handle,
// e.g. 'push' for GitHub or 'Push Hook' for GitLab.
events?: [...string]
// Interval at which to reconcile the Receiver with its Secret
// references.
interval?: =~"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
// A list of resources to be notified about changes.
resources: [...{
// API version of the referent
apiVersion?: string
// Kind of the referent
kind: "Bucket" | "GitRepository" | "Kustomization" | "HelmRelease" | "HelmChart" | "HelmRepository" | "ImageRepository" | "ImagePolicy" | "ImageUpdateAutomation" | "OCIRepository"
// MatchLabels is a map of {key,value} pairs. A single {key,value}
// in the matchLabels
// map is equivalent to an element of matchExpressions, whose key
// field is "key", the
// operator is "In", and the values array contains only "value".
// The requirements are ANDed.
// MatchLabels requires the name to be set to `*`.
matchLabels?: {
[string]: string
}
// Name of the referent
// If multiple resources are targeted `*` may be set.
name: strings.MaxRunes(53) & strings.MinRunes(1)
// Namespace of the referent
namespace?: strings.MaxRunes(53) & strings.MinRunes(1)
}]
secretRef: {
// Name of the referent.
name: string
}
// Suspend tells the controller to suspend subsequent
// events handling for this receiver.
suspend?: bool
// Type of webhook sender, used to determine
// the validation procedure and payload deserialization.
type: "generic" | "generic-hmac" | "github" | "gitlab" | "bitbucket" | "harbor" | "dockerhub" | "quay" | "gcr" | "nexus" | "acr"
}

Some files were not shown because too many files have changed in this diff Show More