mirror of
https://github.com/TECHNOFAB11/kubenix.git
synced 2025-12-12 08:00:06 +01:00
56d783f547
allow to pass `writeJSON = false;` and get the raw data instead. This is useful if one wants to avoid writing secrets in the /nix/store. Instead, use `nix-instantiate --strict --eval --json`.
123 lines
3.3 KiB
Nix
123 lines
3.3 KiB
Nix
{
|
|
pkgs ? import <nixpkgs> {}
|
|
}:
|
|
|
|
with pkgs.lib;
|
|
with import ./lib.nix { inherit pkgs; inherit (pkgs) lib; };
|
|
|
|
let
|
|
evalKubernetesModules = configuration: evalModules rec {
|
|
modules = [
|
|
./kubernetes.nix
|
|
./modules.nix configuration
|
|
];
|
|
args = {
|
|
inherit pkgs;
|
|
name = "default";
|
|
k8s = import ./k8s.nix {
|
|
inherit pkgs;
|
|
inherit (pkgs) lib;
|
|
};
|
|
module = null;
|
|
};
|
|
};
|
|
|
|
flattenResources = resources: flatten (
|
|
mapAttrsToList (name: resourceGroup:
|
|
mapAttrsToList (name: resource: resource) resourceGroup
|
|
) resources
|
|
);
|
|
|
|
filterResources = resourceFilter: resources:
|
|
mapAttrs (groupName: resources:
|
|
(filterAttrs (name: resource:
|
|
resourceFilter groupName name resource
|
|
) resources)
|
|
) resources;
|
|
|
|
toKubernetesList = resources: {
|
|
kind = "List";
|
|
apiVersion = "v1";
|
|
items = resources;
|
|
};
|
|
|
|
removeNixOptions = resources:
|
|
map (filterAttrs (name: attr: name != "nix")) resources;
|
|
|
|
buildResources = {
|
|
configuration ? {},
|
|
resourceFilter ? groupName: name: resource: true,
|
|
withDependencies ? true,
|
|
writeJSON ? true
|
|
}: let
|
|
evaldConfiguration = evalKubernetesModules configuration;
|
|
|
|
allResources = moduleToAttrs (
|
|
evaldConfiguration.config.kubernetes.resources //
|
|
evaldConfiguration.config.kubernetes.customResources
|
|
);
|
|
|
|
filteredResources = filterResources resourceFilter allResources;
|
|
|
|
allDependencies = flatten (
|
|
mapAttrsToList (groupName: resources:
|
|
mapAttrsToList (name: resource: resource.nix.dependencies) resources
|
|
) filteredResources
|
|
);
|
|
|
|
resourceDependencies =
|
|
filterResources (groupName: name: resource:
|
|
elem "${groupName}/${name}" allDependencies
|
|
) allResources;
|
|
|
|
finalResources =
|
|
if withDependencies
|
|
then recursiveUpdate resourceDependencies filteredResources
|
|
else filteredResources;
|
|
|
|
resources = unique (removeNixOptions (
|
|
# custom resource definitions have to be allways created first
|
|
(flattenResources (filterResources (groupName: name: resource:
|
|
groupName == "customResourceDefinitions"
|
|
) finalResources)) ++
|
|
|
|
# everything but custom resource definitions
|
|
(flattenResources (filterResources (groupName: name: resource:
|
|
groupName != "customResourceDefinitions"
|
|
) finalResources))
|
|
));
|
|
|
|
kubernetesList = toKubernetesList resources;
|
|
|
|
listHash = builtins.hashString "sha1" (builtins.toJSON kubernetesList);
|
|
|
|
hashedList = kubernetesList // {
|
|
labels."kubenix/build" = listHash;
|
|
items = map (resource: recursiveUpdate resource {
|
|
metadata.labels."kubenix/build" = listHash;
|
|
}) kubernetesList.items;
|
|
};
|
|
|
|
result = if writeJSON then
|
|
pkgs.writeText "resources.json" (builtins.toJSON hashedList)
|
|
else hashedList;
|
|
in
|
|
result;
|
|
|
|
buildTest = test: version: buildResources {
|
|
configuration = {
|
|
require = [test {
|
|
config.kubernetes.version = version;
|
|
}];
|
|
};
|
|
};
|
|
|
|
in {
|
|
inherit buildResources;
|
|
|
|
tests."k8s-1_7" = buildTest ./test/default.nix "1.7";
|
|
tests."k8s-1_8" = buildTest ./test/default.nix "1.8";
|
|
tests."k8s-1_9" = buildTest ./test/default.nix "1.9";
|
|
tests."k8s-1_10" = buildTest ./test/default.nix "1.10";
|
|
tests."k8s-1_11" = buildTest ./test/default.nix "1.11";
|
|
}
|