technofab/kubenix
1
0
Fork 0
mirror of https://github.com/TECHNOFAB11/kubenix.git synced 2025-12-12 16:10:05 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(lib): add mkValueOrSecretOption

Browse source
This commit is contained in:
Jaka Hudoklin 2017-11-11 13:42:15 +01:00
parent cbf84e25a5
commit 30c9de967f
3 changed files with 36 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
default.nix
View file

@ -11,7 +11,7 @@ let
args = { args = {
inherit pkgs; inherit pkgs;
name = "default"; name = "default";
k8s = { inherit loadJSON loadYAML toBase64; }; k8s = { inherit loadJSON loadYAML toBase64 mkValueOrSecretOption; };
}; };
}; };

25
lib.nix
View file

@ -29,4 +29,29 @@ rec {
toBase64 = value: toBase64 = value:
builtins.readFile builtins.readFile
(pkgs.runCommand "value-to-b64" {} "echo '${value}' | ${pkgs.coreutils}/bin/base64 -w0 > $out"); (pkgs.runCommand "value-to-b64" {} "echo '${value}' | ${pkgs.coreutils}/bin/base64 -w0 > $out");
mkValueOrSecretOption = {...}@options: mkOption ({
type = types.either types.str (types.submodule {
options.secret = mkOption {
description = "Name of the secret where password is stored";
type = types.str;
};
options.key = mkOption {
description = "Name of the key where password is stored";
type = types.str;
default = "password";
};
});
apply = value:
if isAttrs value
then {
valueFrom.secretKeyRef = {
name = value.secret;
key = value.key;
};
}
else {inherit value;};
} // options);
} }

17
test/modules.nix
View file

@ -1,5 +1,6 @@
{lib, k8s, ...}: {lib, k8s, ...}:
with k8s;
with lib; with lib;
{ {
@ -11,11 +12,16 @@ with lib;
type = types.int; type = types.int;
default = 80; default = 80;
}; };
password = mkValueOrSecretOption {
description = "Nginx simple auth credentials";
default.secret = "test";
};
}; };
config = { config = {
kubernetes.resources.deployments.nginx = mkMerge [ kubernetes.resources.deployments.nginx = mkMerge [
(k8s.loadJSON ./deployment.json) (loadJSON ./deployment.json)
{ {
metadata.name = "${name}-nginx"; metadata.name = "${name}-nginx";
@ -23,15 +29,12 @@ with lib;
containerPort = config.port; containerPort = config.port;
}; };
spec.template.spec.containers.nginx.env.name.valueFrom.secretKeyRef = { spec.template.spec.containers.nginx.env.name = config.password;
name = config.kubernetes.resources.configMaps.nginx.metadata.name;
key = "somekey";
};
} }
]; ];
kubernetes.resources.configMaps.nginx = mkMerge [ kubernetes.resources.configMaps.nginx = mkMerge [
(k8s.loadJSON ./configMap.json) (loadJSON ./configMap.json)
{ {
metadata.name = mkForce "${name}-nginx"; metadata.name = mkForce "${name}-nginx";
} }
@ -45,7 +48,7 @@ with lib;
configuration.port = 8080; configuration.port = 8080;
}; };
kubernetes.resources.services.nginx = k8s.loadJSON ./service.json; kubernetes.resources.services.nginx = loadJSON ./service.json;
kubernetes.defaultModuleConfiguration = [{ kubernetes.defaultModuleConfiguration = [{
kubernetes.defaults.deployments.spec.replicas = 3; kubernetes.defaults.deployments.spec.replicas = 3;