(#121) Fix Multiple Charts cause holos render to fail

When rendering a holos component which contains more than one helm chart, rendering fails.  It should succeed.

```
holos render --cluster-name=k2 /home/jeff/workspace/holos-run/holos/docs/examples/platforms/reference/clusters/holos/... --log-level debug
```

```
9:03PM ERR could not execute version=0.64.2 err="could not rename: rename /home/jeff/workspace/holos-run/holos/docs/examples/platforms/reference/clusters/holos/nats/envs/vendor553679311 /home/jeff/workspace/holos-run/holos/docs/examples/platforms/reference/clusters/holos/nats/envs/vendor: file exists" loc=helm.go:145
```

This patch fixes the problem by moving each child item of the temporary
directory charts are installed into.  This avoids the problem of moving
the parent when the parent target already exists.

api/v1alpha1/helm.go

@@ -141,9 +141,25 @@ func cacheChart(ctx context.Context, path holos.InstancePath, chartDir string, c
 	log.Debug("helm pull", "stdout", helmOut.Stdout, "stderr", helmOut.Stderr)
 
 	cachePath := filepath.Join(string(path), chartDir)
-	if err := os.Rename(cacheTemp, cachePath); err != nil {
-		return errors.Wrap(fmt.Errorf("could not rename: %w", err))
+
+	if err := os.MkdirAll(cachePath, 0777); err != nil {
+		return errors.Wrap(fmt.Errorf("could not mkdir: %w", err))
 	}
+
+	items, err := os.ReadDir(cacheTemp)
+	if err != nil {
+		return errors.Wrap(fmt.Errorf("could not read directory: %w", err))
+	}
+
+	for _, item := range items {
+		src := filepath.Join(cacheTemp, item.Name())
+		dst := filepath.Join(cachePath, item.Name())
+		log.DebugContext(ctx, "rename", "src", src, "dst", dst)
+		if err := os.Rename(src, dst); err != nil {
+			return errors.Wrap(fmt.Errorf("could not rename: %w", err))
+		}
+	}
+
 	log.InfoContext(ctx, "cached", "chart", chart.Name, "version", chart.Version, "path", cachePath)
 
 	return nil

docs/examples/managednamespaces.cue

@@ -0,0 +1,26 @@
+package holos
+
+// NOTE: Beyond the base reference platform, services should typically be added to #OptionalServices instead of directly to a managed namespace.
+
+// ManagedNamespace is a namespace to manage across all clusters in the holos platform.
+#ManagedNamespace: {
+	namespace: {
+		metadata: {
+			name: string
+			labels: [string]: string
+		}
+	}
+	// clusterNames represents the set of clusters the namespace is managed on.  Usually all clusters.
+	clusterNames: [...string]
+	for cluster in clusterNames {
+		clusters: (cluster): name: cluster
+	}
+}
+
+// #ManagedNamepsaces is the union of all namespaces across all cluster types and optional services.
+// Holos adopts the namespace sameness position of SIG Multicluster, refer to https://github.com/kubernetes/community/blob/dd4c8b704ef1c9c3bfd928c6fa9234276d61ad18/sig-multicluster/namespace-sameness-position-statement.md
+#ManagedNamespaces: {
+	[Name=_]: #ManagedNamespace & {
+		namespace: metadata: name: Name
+	}
+}

docs/examples/optionalservices.cue

@@ -1,6 +1,8 @@
 // Controls optional feature flags for services distributed across multiple holos components.
 // For example, enable issuing certificates in the provisioner cluster when an optional service is
-// enabled for a workload cluster.
+// enabled for a workload cluster.  Another example is NATS, which isn't necessary on all clusters,
+// but is necessary on clusters with a project like holos which depends on NATS.
+
 package holos
 
 import "list"

docs/examples/platforms/reference/clusters/holos/nats/crds/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+# curl -LO https://github.com/nats-io/nack/releases/latest/download/crds.yml
+resources:
+- crds.yml

docs/examples/platforms/reference/clusters/holos/nats/crds/nats-crds.cue

@@ -0,0 +1,8 @@
+package holos
+
+// NATS NetStream Controller (NACK)
+spec: components: KustomizeBuildList: [
+	#KustomizeBuild & {
+		metadata: name: "prod-nack-crds"
+	},
+]

docs/examples/platforms/reference/clusters/holos/nats/envs/nats.cue

@@ -0,0 +1,33 @@
+package holos
+
+// for Project in _Projects {
+// 	spec: components: resources: (#ProjectTemplate & {project: Project}).workload.resources
+// }
+
+spec: components: HelmChartList: [
+	#HelmChart & {
+		metadata: name: "jeff-holos-nats"
+		namespace: "jeff-holos"
+		_dependsOn: "prod-secrets-stores": _
+		chart: {
+			name:       "nats"
+			version:    "1.1.10"
+			repository: NatsRepository
+		}
+	},
+	#HelmChart & {
+		metadata: name: "jeff-holos-nack"
+		namespace: "jeff-holos"
+		_dependsOn: "jeff-holos-nats": _
+		chart: {
+			name:       "nack"
+			version:    "0.25.2"
+			repository: NatsRepository
+		}
+	},
+]
+
+let NatsRepository = {
+	name: "nats"
+	url:  "https://nats-io.github.io/k8s/helm/charts/"
+}

docs/examples/platforms/reference/clusters/holos/readme.md

@@ -0,0 +1,5 @@
+# Holos
+
+This subtree contains holos components for holos itself.  We strive for minimal dependencies, so this is likely going to contain NATS and/or Postgres resources.
+
+Components depend on the holos project and may iterate over the defined environments in the project stages.

docs/examples/schema.cue

@@ -182,7 +182,7 @@ _apiVersion: "holos.run/v1alpha1"
 	pool?: string
 	// region is the geographic region of the cluster.
 	region?: string
-	// primary is true if name matches the primaryCluster name
+	// primary is true if the cluster is the primary cluster among a group of related clusters.
 	primary: bool
 }
 
@@ -219,6 +219,7 @@ _apiVersion: "holos.run/v1alpha1"
 			primary: false
 		}
 	}
+	// TODO: Remove stages, they're in the subdomain of projects.
 	stages: [ID=_]: {
 		name: string & ID
 		environments: [...{name: string}]
@@ -226,9 +227,11 @@ _apiVersion: "holos.run/v1alpha1"
 	projects: [ID=_]: {
 		name: string & ID
 	}
+	// TODO: Remove services, they're in the subdomain of projects.
 	services: [ID=_]: {
 		name: string & ID
 	}
+
 	// authproxy configures the auth proxy attached to the default ingress gateway in the istio-ingress namespace.
 	authproxy: #AuthProxySpec & {
 		namespace: "istio-ingress"
@@ -277,29 +280,6 @@ _apiVersion: "holos.run/v1alpha1"
 	idTokenHeader: string | *"x-oidc-id-token"
 }
 
-// ManagedNamespace is a namespace to manage across all clusters in the holos platform.
-#ManagedNamespace: {
-	namespace: {
-		metadata: {
-			name: string
-			labels: [string]: string
-		}
-	}
-	// clusterNames represents the set of clusters the namespace is managed on.  Usually all clusters.
-	clusterNames: [...string]
-	for cluster in clusterNames {
-		clusters: (cluster): name: cluster
-	}
-}
-
-// #ManagedNamepsaces is the union of all namespaces across all cluster types and optional services.
-// Holos adopts the namespace sameness position of SIG Multicluster, refer to https://github.com/kubernetes/community/blob/dd4c8b704ef1c9c3bfd928c6fa9234276d61ad18/sig-multicluster/namespace-sameness-position-statement.md
-#ManagedNamespaces: {
-	[Name=_]: #ManagedNamespace & {
-		namespace: metadata: name: Name
-	}
-}
-
 // #Backups defines backup configuration.
 // TODO: Consider the best place for this, possibly as part of the site platform config.  This represents the primary location for backups.
 #Backups: {

go.mod

@@ -15,6 +15,8 @@ require (
 	github.com/jackc/pgx/v5 v5.5.5
 	github.com/lmittmann/tint v1.0.4
 	github.com/mattn/go-isatty v0.0.20
+	github.com/mattn/go-runewidth v0.0.9
+	github.com/olekukonko/tablewriter v0.0.5
 	github.com/prometheus/client_golang v1.19.0
 	github.com/rogpeppe/go-internal v1.12.0
 	github.com/sethvargo/go-retry v0.2.4

pkg/version/embedded/patch

@@ -1 +1 @@
-1
+3

tidy.go

@@ -0,0 +1,7 @@
+package holos
+
+// These imports are here to keep go mod tidy from constantly creating a dirty git state which makes goreleaser fail.
+import (
+  _ "github.com/olekukonko/tablewriter"
+  _ "github.com/mattn/go-runewidth"
+)