From d6ae84c7c7d580235b170a3c5cfdde7da5dca1b7 Mon Sep 17 00:00:00 2001 From: Bryton Hall Date: Tue, 16 Aug 2022 00:58:23 -0400 Subject: [PATCH] add helm cli functionality --- README.md | 13 ++--- pkgs/kubenix.nix | 143 +++++++++++++++++++++++++++-------------------- 2 files changed, 88 insertions(+), 68 deletions(-) diff --git a/README.md b/README.md index 966b947..7dbb12e 100644 --- a/README.md +++ b/README.md @@ -59,14 +59,13 @@ Render all resources with ### Support -The following table gives a general overview of currently supported functionality. +The following table gives a general overview of currently supported/planned functionality. -| | kubectl | kustomize | helm | helmfile | -| ------ | :-----: | :-------: | :---: | :------: | -| render | x | | x[^2] | | -| diff | | | | | -| apply | x[^1] | | | | -| hooks | - | - | | | +| | kubectl | kustomize | helm | helmfile | +| --------- | :-----: | :-------: | :---: | :------: | +| render | x | | x[^2] | | +| diff | x | | x | | +| apply[^1] | x | | x | | [^1]: currently create-only [^2]: piping rendered helm charts to kubectl is a lossy process (e.g., [hooks](https://helm.sh/docs/topics/charts_hooks/) will not work) diff --git a/pkgs/kubenix.nix b/pkgs/kubenix.nix index c291fa6..099ad53 100644 --- a/pkgs/kubenix.nix +++ b/pkgs/kubenix.nix @@ -1,71 +1,92 @@ -{ - lib, - writeShellScriptBin, - coreutils, - nix, - jq, - kubectl, -}: let - name = "kubenix"; -in - lib.recursiveUpdate (writeShellScriptBin name '' - set -Eeuo pipefail +{ lib +, writeShellScriptBin +, nix +, jq +, kubectl +, kubernetes-helm +, +}: +writeShellScriptBin "kubenix" '' + set -Eeuo pipefail - NAME=${name} - function help() { - echo " - kubenix - Kubernetes resource management with Nix + function _help() { + echo " + kubenix - Kubernetes resource management with Nix - commands: - apply - create resources in target cluster - diff - show a diff between rendered and live resources - render - print resource manifests to stdout - " - } + commands: + apply - create resources in target cluster + diff - show a diff between configured and live resources + render - print resource manifests to stdout + " + } - MANIFEST="$(${nix}/bin/nix eval '.#k8s.config.kubernetes.result' --raw)" + function _helm() { + RELEASES="$(${nix}/bin/nix eval '.#k8s.config.kubernetes.helm' --json | jq -c '.releases[] | del(.objects)')" + [ -n "$RELEASES" ] || return 0 - function apply() { - ${kubectl}/bin/kubectl apply -f $MANIFEST - } + for release in $RELEASES; do + values=$(mktemp) + echo $release | jq -r '.values' > $values - function render() { - cat $MANIFEST | ${jq}/bin/jq - } + ${kubernetes-helm}/bin/helm $@ \ + -n $(echo $release | jq -r '.namespace // "default"') \ + $(echo $release | jq -r '.name') \ + $(echo $release | jq -r '.chart') \ + -f $values + done + } - function diff() { - ${kubectl}/bin/kubectl diff -f $MANIFEST - } + function _kubectl() { + MANIFESTS=$(mktemp) + # TODO: find a better filter, not just not-helm + cat $(${nix}/bin/nix build '.#k8s.config.kubernetes.result' --json | jq -r '.[0].outputs.out') \ + | jq '.items[] | select(.metadata.labels."app.kubernetes.io/managed-by" != "Helm")' > $MANIFESTS + + [ -n "$MANIFESTS" ] || return 0 + + case $1 in + render) + cat $MANIFESTS;; + *) + ${kubectl}/bin/kubectl $@ -f $MANIFESTS;; + esac + } + + # if no args given, add empty string + [ $# -eq 0 ] && set -- "" + + # parse arguments + while test $# -gt 0; do + case "$1" in + + apply) + _kubectl apply + _helm upgrade --install + shift;; + + diff) + _kubectl diff + _helm diff upgrade --allow-unreleased + shift;; + + render) + _kubectl render + _helm template + shift;; + + -h|--help|"") + _help + exit 0;; + + -v|--verbose) + set -x + shift;; + + *) + _help + exit 1;; - while test $# -gt 0; do - case "$1" in - apply|"") - shift - apply - ;; - diff) - shift - diff - ;; - render) - shift - render - ;; - -h|--help) - help - exit 0 - ;; - -v|--verbose) - shift - set -x - ;; - *) - help - exit 1 - ;; esac done +'' - - '') - {meta.description = "";}