Merge branch 'hall:main' into main

2025-12-12 08:00:06 +01:00 · 2024-11-12 18:13:52 +01:00 · 2024-11-12 18:13:52 +01:00 · 3c7ebe910a
commit 3c7ebe910a
parent ddfdd8d090 d6ddf1b4e8
12 changed files with 57199 additions and 83 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -5,7 +5,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

-## [Unreleased]
+## [0.3.0] - 2024-05-05
+
+### Breaking
+
+- removed generated Kubernetes manifest file (`manifest.json`) from default flake package
+
+  See the [documentation](https://kubenix.org/#usage) how to access the generated Kubernetes manifest file

 ### Added

@ -14,6 +20,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Changed

 - removed local `kubectl` and `kubernetes` packages in lieu of those from nixpkgs
+- pin Bash version of Kubenix CLI script

 ## [0.2.0] - 2023-07-07

--- a/README.md
+++ b/README.md
@ -33,7 +33,7 @@ Or, if you're not using flakes, a `default.nix` file (build with `nix-build`):
 ```nix
 { kubenix ? import (builtins.fetchGit {
  url = "https://github.com/hall/kubenix.git";
-  rev = "main";
+  ref = "main";
 }) }:
 (kubenix.evalModules.x86_64-linux {
  module = { kubenix, ... }: {
--- a/flake.nix
+++ b/flake.nix
@ -59,7 +59,6 @@

      packages = eachSystem (pkgs: {
        default = pkgs.callPackage ./pkgs/kubenix.nix {
-          inherit (self.packages.${system});
          evalModules = self.evalModules.${pkgs.system};
        };
        docs = import ./docs {
--- a/modules/generated/v1.25.nix
+++ b/modules/generated/v1.25.nix
@ -4039,13 +4039,14 @@ let
        };
        "onPodConditions" = mkOption {
          description = "Represents the requirement on the pod conditions. The requirement is represented as a list of pod condition patterns. The requirement is satisfied if at least one pattern matches an actual pod condition. At most 20 elements are allowed.";
-          type = (types.listOf (submoduleOf "io.k8s.api.batch.v1.PodFailurePolicyOnPodConditionsPattern"));
+          type = (types.nullOr (types.listOf (submoduleOf "io.k8s.api.batch.v1.PodFailurePolicyOnPodConditionsPattern")));
        };
      };


      config = {
        "onExitCodes" = mkOverride 1002 null;
+        "onPodConditions" = mkOverride 1002 null;
      };

    };
--- a/modules/generated/v1.26.nix
+++ b/modules/generated/v1.26.nix
@ -3823,13 +3823,14 @@ let
        };
        "onPodConditions" = mkOption {
          description = "Represents the requirement on the pod conditions. The requirement is represented as a list of pod condition patterns. The requirement is satisfied if at least one pattern matches an actual pod condition. At most 20 elements are allowed.";
-          type = (types.listOf (submoduleOf "io.k8s.api.batch.v1.PodFailurePolicyOnPodConditionsPattern"));
+          type = (types.nullOr (types.listOf (submoduleOf "io.k8s.api.batch.v1.PodFailurePolicyOnPodConditionsPattern")));
        };
      };


      config = {
        "onExitCodes" = mkOverride 1002 null;
+        "onPodConditions" = mkOverride 1002 null;
      };

    };
--- a/modules/generated/v1.27.nix
+++ b/modules/generated/v1.27.nix
@ -4015,13 +4015,14 @@ let
        };
        "onPodConditions" = mkOption {
          description = "Represents the requirement on the pod conditions. The requirement is represented as a list of pod condition patterns. The requirement is satisfied if at least one pattern matches an actual pod condition. At most 20 elements are allowed.";
-          type = (types.listOf (submoduleOf "io.k8s.api.batch.v1.PodFailurePolicyOnPodConditionsPattern"));
+          type = (types.nullOr (types.listOf (submoduleOf "io.k8s.api.batch.v1.PodFailurePolicyOnPodConditionsPattern")));
        };
      };


      config = {
        "onExitCodes" = mkOverride 1002 null;
+        "onPodConditions" = mkOverride 1002 null;
      };

    };
--- a/modules/generated/v1.28.nix
+++ b/modules/generated/v1.28.nix
--- a/modules/generated/v1.29.nix
+++ b/modules/generated/v1.29.nix
--- a/modules/generated/v1.30.nix
+++ b/modules/generated/v1.30.nix
--- a/pkgs/kubenix.nix
+++ b/pkgs/kubenix.nix
@ -2,8 +2,11 @@
 , vals
 , colordiff
 , evalModules
-, runCommand
 , writeShellScript
+, writeScriptBin
+, makeWrapper
+, symlinkJoin
+, lib
 , module ? { }
 , specialArgs ? { }
 }:
@ -11,9 +14,7 @@ let
  kubernetes = (evalModules {
    inherit module specialArgs;
  }).config.kubernetes or { };
-in
-runCommand "kubenix"
-{
+
  kubeconfig = kubernetes.kubeconfig or "";
  result = kubernetes.result or "";

@ -21,75 +22,24 @@ runCommand "kubenix"
  # as workaround, we write to a script and call that
  # https://github.com/kubernetes/kubernetes/pull/108199#issuecomment-1058405404
  diff = writeShellScript "kubenix-diff" ''
-    ${colordiff}/bin/colordiff --nobanner -N -u -I ' kubenix/hash: ' -I ' generation: ' $@
+    ${lib.getExe colordiff} --nobanner -N -u -I ' kubenix/hash: ' -I ' generation: ' $@
  '';
-} ''
-  set -euo pipefail
-  mkdir -p $out/bin

-  # write the manifests for use with `nix build`
-  ln -s $result $out/manifest.json
+  script = (writeScriptBin "kubenix" (builtins.readFile ./kubenix.sh)).overrideAttrs (old: {
+    buildCommand = "${old.buildCommand}\npatchShebangs $out";
+  });
+in
+symlinkJoin {
+  name = "kubenix";
+  paths = [ script vals kubectl ];
+  buildInputs = [ makeWrapper ];
+  passthru.manifest = result;

-  # create a script for `nix run`
-  cat <<EOF> $out/bin/kubenix
-    set -uo pipefail
-
-    export KUBECONFIG=$kubeconfig
-    export KUBECTL_EXTERNAL_DIFF=$diff
-
-    function _help() {
-      echo "
-      kubenix - Kubernetes management with Nix
-
-      commands:
-        ""          - run diff, prompt for confirmation, then apply
-        apply       - create resources in target cluster
-        diff        - show a diff between configured and live resources
-        render      - print resource manifests to stdout
-
-      options:
-        -h --help   - show this menu
-      "
-    }
-
-    function _kubectl() {
-      ${vals}/bin/vals eval -fail-on-missing-key-in-map < $result | ${kubectl}/bin/kubectl \$@
-    }
-
-    # if no args given, add empty string
-    [ \$# -eq 0 ] && set -- ""
-
-    # parse arguments
-    while test \$# -gt 0; do
-      case "\$1" in
-
-        -h|--help)
-          _help
-        exit 0;;
-
-        "")
-          _kubectl diff -f - --prune
-          if [[ "\$?" -eq 1 ]]; then
-            read -p 'apply? [y/N]: ' response
-            [[ \$response == "y" ]] && _kubectl apply -f - --prune --all
-          fi
-         shift;;
-
-        render)
-          ${vals}/bin/vals eval < $result
-        shift;;
-
-        apply|diff)
-          _kubectl \$@ -f - --prune
-        shift;;
-
-        *)
-          _kubectl \$@
-        shift;;
-
-      esac
-    done
-
-  EOF
-  chmod +x $out/bin/kubenix
-''
+  postBuild = ''
+    wrapProgram $out/bin/kubenix \
+      --suffix PATH : "$out/bin" \
+      --run 'export KUBECONFIG=''${KUBECONFIG:-${toString kubeconfig}}' \
+      --set KUBECTL_EXTERNAL_DIFF '${diff}' \
+      --set MANIFEST '${result}'
+  '';
+}
--- a/pkgs/kubenix.sh
+++ b/pkgs/kubenix.sh
@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+
+set -uo pipefail
+
+function _help() {
+  echo "
+  kubenix - Kubernetes management with Nix
+
+  commands:
+    ""          - run diff, prompt for confirmation, then apply
+    apply       - create resources in target cluster
+    diff        - show a diff between configured and live resources
+    render      - print resource manifests to stdout
+
+  options:
+    -h --help   - show this menu
+  "
+}
+
+function _kubectl() {
+  vals eval -fail-on-missing-key-in-map <$MANIFEST | kubectl $@
+}
+
+# if no args given, add empty string
+[ $# -eq 0 ] && set -- ""
+
+# parse arguments
+while test $# -gt 0; do
+  case "$1" in
+
+  -h | --help)
+    _help
+    exit 0
+    ;;
+
+  "")
+    _kubectl diff -f - --prune
+    if [[ $? -eq 1 ]]; then
+      read -p 'apply? [y/N]: ' response
+      [[ $response == "y" ]] && _kubectl apply -f - --prune --all
+    fi
+    shift
+    ;;
+
+  render)
+    vals eval <$MANIFEST
+    shift
+    ;;
+
+  apply | diff)
+    _kubectl $@ -f - --prune
+    shift
+    ;;
+
+  *)
+    _kubectl $@
+    shift
+    ;;
+
+  esac
+done
--- a/versions.nix
+++ b/versions.nix
@ -6,11 +6,14 @@ let
    "1.21.14" = "sha256:0g3n7q00z89d6li4wilp23z8dxcmdydc3r5g2spmdd82728rav2b";
    "1.22.17" = "sha256:089rnsdk7lc6n3isvnha26nbwjmm1y4glllqnxhj8g9fd3py5jfw";
    "1.23.17" = "sha256:1qcp4miw476rrynp10gkw63aibfrh85qypw40pxfvy0rlahyhcc2";
+    "1.24.17" = "sha256:1mm3ah08jvp8ghzglf1ljw6qf3ilbil3wzxzs8jzfhljpsxpk41q";
+    "1.25.16" = "sha256:0whvanzhf0sv73xarbdskzfc9glh61y17bivm8zi7pigkschlifl";
+    "1.26.15" = "sha256:0psn4hxla8m90gw8qk3dw6vvqas7sng6c010xn6bwajl6038bbch";
    # ^ EOL ^
-    "1.24.14" = "sha256:1mm3ah08jvp8ghzglf1ljw6qf3ilbil3wzxzs8jzfhljpsxpk41q";
-    "1.25.10" = "sha256:0hdv3677yr8a1qs3jb72m7r9ih7xsnd8nhs9fp506lzfl5b7lycc";
-    "1.26.5" = "sha256:1dyqvggyvqw3z9sml2x06v1l9kynqcs8bkfrkx8jy81gkvg7qxdi";
-    "1.27.2" = "sha256:1yqcds6lvpnvc5dsv9pnvp5qb3kc5y6cdgx827szljdlwf51wd15";
+    "1.27.14" = "sha256:148v1lxp4rmv0pgl41yyz5sjlsk6lr5185nk3qf9nh2gjn1pbw9g";
+    "1.28.10" = "sha256:14pvc7ys1x4p6gzmdgabmncl6iwaf2fj0a2j58rv00wndfh62vng";
+    "1.29.5" = "sha256:1shik1cbi415cq9ddn564xd1d73g2rzfrna85aqskxavncagkscb";
+    "1.30.1" = "sha256:1d7pqf6bkqpkr5jgh716wmzfcyanpm9ybdn3ix1ywvwxbq45dgzj";
  };
 in
 {