2022-08-28 15:22:43 -04:00
|
|
|
{
|
|
|
|
|
jq,
|
|
|
|
|
kubectl,
|
|
|
|
|
kubernetes-helm,
|
|
|
|
|
nix,
|
2022-09-15 21:49:08 -04:00
|
|
|
vals,
|
2022-08-28 15:22:43 -04:00
|
|
|
writeShellScriptBin,
|
2022-08-16 00:58:23 -04:00
|
|
|
}:
|
|
|
|
|
writeShellScriptBin "kubenix" ''
|
|
|
|
|
set -Eeuo pipefail
|
|
|
|
|
|
|
|
|
|
function _help() {
|
|
|
|
|
echo "
|
2022-08-28 15:27:18 -04:00
|
|
|
kubenix - Kubernetes management with Nix
|
2022-08-16 00:58:23 -04:00
|
|
|
|
|
|
|
|
commands:
|
|
|
|
|
apply - create resources in target cluster
|
|
|
|
|
diff - show a diff between configured and live resources
|
|
|
|
|
render - print resource manifests to stdout
|
2022-08-16 10:26:51 -04:00
|
|
|
|
|
|
|
|
options:
|
|
|
|
|
-h --help - show this menu
|
|
|
|
|
-v --verbose - increase output details
|
2022-08-16 00:58:23 -04:00
|
|
|
"
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-18 00:26:03 -05:00
|
|
|
# path to nix binary (useful to inject flags, e.g.)
|
|
|
|
|
_nix="${nix}/bin/nix"
|
|
|
|
|
|
|
|
|
|
SYSTEM=$($_nix show-config --json | jq -r '.system.value')
|
2022-09-12 23:18:20 -04:00
|
|
|
|
2022-08-16 00:58:23 -04:00
|
|
|
function _helm() {
|
2023-01-18 00:26:03 -05:00
|
|
|
$_nix eval ".#kubenix.$SYSTEM.config.kubernetes.helm" --json | jq -c '.releases[] | del(.objects)' | while read -r release; do
|
2022-08-16 00:58:23 -04:00
|
|
|
values=$(mktemp)
|
2022-09-15 21:49:08 -04:00
|
|
|
echo "$release" | jq -r '.values' | ${vals}/bin/vals eval > $values
|
2022-08-16 00:58:23 -04:00
|
|
|
|
2022-12-01 20:41:18 -05:00
|
|
|
name=$(echo "$release" | jq -r '.name')
|
|
|
|
|
chart=$(echo "$release" | jq -r '.chart')
|
|
|
|
|
namespace=$(echo "$release" | jq -r '.namespace // "default"')
|
|
|
|
|
|
|
|
|
|
args="-n $namespace $name $chart -f $values"
|
|
|
|
|
|
|
|
|
|
# only apply when there are changes
|
|
|
|
|
if [[ "$1" == "upgrade" ]]; then
|
|
|
|
|
if ${kubernetes-helm}/bin/helm diff upgrade $args --allow-unreleased --detailed-exitcode 2> /dev/null; then
|
|
|
|
|
continue
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
${kubernetes-helm}/bin/helm $@ $args
|
2022-08-12 09:44:00 -04:00
|
|
|
done
|
2022-08-16 00:58:23 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function _kubectl() {
|
|
|
|
|
MANIFESTS=$(mktemp)
|
2022-08-16 01:56:08 -04:00
|
|
|
# TODO: find a better filter, not just not-helm, not-crd
|
2023-01-18 00:26:03 -05:00
|
|
|
resources=$($_nix build ".#kubenix.$SYSTEM.config.kubernetes.result" --json | jq -r '.[0].outputs.out')
|
2022-08-31 21:35:57 -04:00
|
|
|
cat $resources | jq '.items[]
|
2022-08-16 01:56:08 -04:00
|
|
|
| select(.metadata.labels."app.kubernetes.io/managed-by" != "Helm")
|
|
|
|
|
| select(.kind != "CustomResourceDefinition")' > $MANIFESTS
|
2022-08-16 00:58:23 -04:00
|
|
|
|
2022-08-16 10:26:51 -04:00
|
|
|
[ -s "$MANIFESTS" ] || return 0
|
2022-08-16 00:58:23 -04:00
|
|
|
|
|
|
|
|
case $1 in
|
|
|
|
|
render)
|
|
|
|
|
cat $MANIFESTS;;
|
|
|
|
|
*)
|
2022-09-15 21:49:08 -04:00
|
|
|
cat $MANIFESTS | ${vals}/bin/vals eval | ${kubectl}/bin/kubectl $@ -f - || true;;
|
2022-08-16 00:58:23 -04:00
|
|
|
esac
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# if no args given, add empty string
|
|
|
|
|
[ $# -eq 0 ] && set -- ""
|
2022-08-12 09:44:00 -04:00
|
|
|
|
2022-08-31 21:35:36 -04:00
|
|
|
# use kubeconfig, if given
|
2023-01-18 00:26:03 -05:00
|
|
|
kubeconfig=$($_nix eval ".#kubenix.$SYSTEM.config.kubernetes.kubeconfig" --raw)
|
2022-08-31 21:35:36 -04:00
|
|
|
[ -n "$kubeconfig" ] && export KUBECONFIG=$kubeconfig
|
|
|
|
|
|
2022-08-16 00:58:23 -04:00
|
|
|
# parse arguments
|
|
|
|
|
while test $# -gt 0; do
|
|
|
|
|
case "$1" in
|
|
|
|
|
|
|
|
|
|
apply)
|
|
|
|
|
_kubectl apply
|
2022-12-01 20:41:10 -05:00
|
|
|
_helm upgrade --atomic --install --create-namespace
|
2022-08-16 00:58:23 -04:00
|
|
|
shift;;
|
|
|
|
|
|
|
|
|
|
diff)
|
|
|
|
|
_kubectl diff
|
2022-08-16 01:56:27 -04:00
|
|
|
_helm diff upgrade --allow-unreleased
|
2022-08-16 00:58:23 -04:00
|
|
|
shift;;
|
|
|
|
|
|
|
|
|
|
render)
|
|
|
|
|
_kubectl render
|
|
|
|
|
_helm template
|
|
|
|
|
shift;;
|
|
|
|
|
|
|
|
|
|
-h|--help|"")
|
|
|
|
|
_help
|
|
|
|
|
exit 0;;
|
|
|
|
|
|
|
|
|
|
-v|--verbose)
|
2023-01-18 00:26:03 -05:00
|
|
|
_nix="$_nix --show-trace"
|
2022-08-16 00:58:23 -04:00
|
|
|
set -x
|
|
|
|
|
shift;;
|
|
|
|
|
|
|
|
|
|
*)
|
|
|
|
|
_help
|
|
|
|
|
exit 1;;
|
|
|
|
|
|
|
|
|
|
esac
|
|
|
|
|
done
|
|
|
|
|
''
|
