From 6aff849da71cc71cb9b18a9dce8214c89b9a5534 Mon Sep 17 00:00:00 2001
From: Antonio Gurgel <antonio@goorzhel.com>
Date: Tue, 21 Nov 2023 20:58:13 -0800
Subject: [PATCH] Add kyverno

I have my answer to 2638113, and it's what I was suspecting: the
flake-builder was never using clusterData until I added a release
that needs it, at which point I got the dreaded "error: attribute
'apiVersions' missing".

Remediation was simple: realize the wrongheadedness of passing
an empty attrset when the values are already well-known.
---
 flake.nix                          |  9 +++++++--
 lib/flake-builders.nix             |  7 -------
 system/kyverno/kyverno/default.nix | 11 +++++++++++
 3 files changed, 18 insertions(+), 9 deletions(-)
 create mode 100644 system/kyverno/kyverno/default.nix

diff --git a/flake.nix b/flake.nix
index 542ae61..9dc64ca 100644
--- a/flake.nix
+++ b/flake.nix
@@ -47,6 +47,7 @@
         inherit system;
         overlays = [devshell.overlays.default];
       };
+      kubeVersion = pkgs.k3s.version;
       kubelib = nix-kube-generators.lib {inherit pkgs;};
 
       # When I move lib/eureka to a separate flake
@@ -59,9 +60,13 @@
 
       charts = buildDerivations.charts self.repos;
 
-      systemReleases = buildDerivations.releases self.systemReleaseData {};
+      systemReleases = buildDerivations.releases self.systemReleaseData {
+        inherit kubeVersion;
+        apiVersions = [];
+      };
+
       clusterData = {
-        kubeVersion = pkgs.k3s.version;
+        inherit kubeVersion;
         apiVersions =
           pkgs.lib.lists.flatten
           (map
diff --git a/lib/flake-builders.nix b/lib/flake-builders.nix
index 90609c9..f601cc8 100644
--- a/lib/flake-builders.nix
+++ b/lib/flake-builders.nix
@@ -43,13 +43,6 @@ in {
 
               # Values understood by lib.builders.helmChart
               # and ignored by the rest.
-              # COMBAK: How in the world does this work when
-              # clusterData is empty, as it is when building
-              # the flake's `systemReleases`?
-              # When I do this in a REPL:
-              # > foo={a=1;}
-              # > {inherit(foo)b;}
-              # ... I get an attribute-missing error.
               inherit (clusterData) kubeVersion apiVersions;
             })
         # By injecting `name` and `namespace` here, I remove
diff --git a/system/kyverno/kyverno/default.nix b/system/kyverno/kyverno/default.nix
new file mode 100644
index 0000000..b9cd60d
--- /dev/null
+++ b/system/kyverno/kyverno/default.nix
@@ -0,0 +1,11 @@
+{
+  charts,
+  lib,
+  ...
+}: {
+  builder = lib.builders.helmChart;
+  args = {
+    chart = charts.kyverno.kyverno;
+    values = {replicaCount = 3;};
+  };
+}