1
0
Fork 0
mirror of https://git.sr.ht/~goorzhel/turboprop synced 2024-12-14 11:37:37 +00:00
Commit graph

258 commits

Author SHA1 Message Date
Antonio Gurgel
8a6a781575 Turn off Kyverno's irritating webhook clean-upper
If I want to uninstall it, I'll do it my own damn self.
2023-11-25 22:20:15 -08:00
Antonio Gurgel
62f155bd6b Fix meshConfig.enableTracing (bool, not string) 2023-11-25 22:02:51 -08:00
Antonio Gurgel
0bf2a01bad Move internal registries to system/
They're among the first things that must come up.
2023-11-25 21:29:48 -08:00
Antonio Gurgel
0529bdf6a2 Update my charts; yoke others to nixhelm
By overlaying nixhelm's charts with those I use for myself, be they
behind nixhelm's or simply absent, I get the best of both worlds.
2023-11-25 00:33:44 -08:00
Antonio Gurgel
9c18a98f0f Use fullnameOverride on sys/argo/workflows
Otherwise the resources have ridiculous names like
"workflows-argo-workflows-server".
2023-11-24 20:12:10 -08:00
Antonio Gurgel
1444cb9b18 s/release/service/g
"Helm releases" is what I'd been terming individual services, but
it makes no sense outside of the internal context of the Helm builder.

I also didn't want to call them "apps", however shorter that term is.
These are not apps.
2023-11-24 17:35:15 -08:00
Antonio Gurgel
22055d6fd2 Update get_values post-refactor 2023-11-24 17:35:02 -08:00
Antonio Gurgel
a27d902cd3 Upgrade Kyverno to v3 2023-11-24 17:35:00 -08:00
Antonio Gurgel
f1332fc3ca Fix bug: include dirs in Kustomizations again
I meant to exclude `*.yaml.drv` but ended up excluding whole dirs too.
2023-11-24 17:35:00 -08:00
Antonio Gurgel
e48d34df84 Add Kiali 2023-11-24 17:35:00 -08:00
Antonio Gurgel
dbb65668ee Add Longhorn 2023-11-24 12:27:52 -08:00
Antonio Gurgel
5d7691e427 Add MetalLB 2023-11-24 12:11:21 -08:00
Antonio Gurgel
29cd39af8d Clean up silly workaround in Istio revisioning 2023-11-24 12:06:06 -08:00
Antonio Gurgel
7e4d9f719c Add CloudNativePG 2023-11-24 11:58:42 -08:00
Antonio Gurgel
54aafbb426 Add Prometheus stack (and upgrade chart) 2023-11-24 11:41:50 -08:00
Antonio Gurgel
95318e84c1 Add script to get hashes of upgraded charts 2023-11-24 10:57:28 -08:00
Antonio Gurgel
4c842b1883 Give Intel GPU exporter clearer name 2023-11-24 10:57:28 -08:00
Antonio Gurgel
15591a24f9 Add last kube-system services 2023-11-23 18:27:54 -08:00
Antonio Gurgel
f2a8cc929d Unbungle statefulsets' persistence 2023-11-23 17:57:53 -08:00
Antonio Gurgel
8607d8d1b1 Add Docker registries 2023-11-23 17:57:51 -08:00
Antonio Gurgel
1b45553af6 Name Make recipe after output file 2023-11-23 17:12:33 -08:00
Antonio Gurgel
a2f95cb53c Add cert-manager; use intermediate cert instead of CA 2023-11-23 17:04:15 -08:00
Antonio Gurgel
94615ae400 Add Argo Workflows 2023-11-23 15:37:18 -08:00
Antonio Gurgel
a4d0c01066 Add more services 2023-11-23 12:15:18 -08:00
Antonio Gurgel
006be8401f Add httpbin 2023-11-23 11:17:07 -08:00
Antonio Gurgel
e9a0357fb9 Add common PV(C)s 2023-11-23 11:14:36 -08:00
Antonio Gurgel
c53071ef67 Tidy up 2023-11-23 10:34:53 -08:00
Antonio Gurgel
61c040df2c Revert silly name for import flake-builders
Also, clean out unused variables.
2023-11-23 10:22:34 -08:00
Antonio Gurgel
733868edee Document flake-builders.namespaces better 2023-11-23 10:08:38 -08:00
Antonio Gurgel
ef94817a55 Stop relying on ns/name in derivation path
I've changed release modules' signatures from:
`{lib} -> ... -> <drv>`
to:
`{lib} -> ... -> {out=<drv>; extra=<drv>;}`
Which makes individual derivations more easily findable.

Now, instead of picking them out from a soup of paths in `output.sh`
with a specially-crafted needle (`${ns}-${name}`), I map derivations
directly to paths and use the result as a sort of index. In other words,
I spent some ingenuity in `flake-builders.sh` to save a _lot_ of
ingenuity in `output.sh`.

This affords me the extra convenience, previously spurned because of
the very limitation I've overcome, of symlinking derivations in the
output flake.
2023-11-23 10:07:19 -08:00
Antonio Gurgel
e8016e5bc5 Reflow comments
I try to insert line breaks where a thought fragment ends (a habit
learnt from writing subtitles), but in comments and Git commit
messages it doesn't make as much sense.
2023-11-22 17:54:27 -08:00
Antonio Gurgel
5fb1556904 Make make more verbose 2023-11-21 23:19:46 -08:00
Antonio Gurgel
05a3f2bef0 Build extras from system releases too 2023-11-21 23:19:46 -08:00
Antonio Gurgel
ae070c60dc Add Istio base 2023-11-21 23:13:26 -08:00
Antonio Gurgel
b523baa63b Add Istio 1.18.1
The lengths to which I'll go to avoid hardcoding anything that needn't
be hardcoded are immense indeed. That's why I started this project.
2023-11-21 22:34:44 -08:00
Antonio Gurgel
be077878e7 Set default metadata for namespaces 2023-11-21 22:01:01 -08:00
Antonio Gurgel
6aff849da7 Add kyverno
I have my answer to 2638113, and it's what I was suspecting: the
flake-builder was never using clusterData until I added a release
that needs it, at which point I got the dreaded "error: attribute
'apiVersions' missing".

Remediation was simple: realize the wrongheadedness of passing
an empty attrset when the values are already well-known.
2023-11-21 20:58:13 -08:00
Antonio Gurgel
dc3060aa30 Pass charts into releases, and restore variadity
It doesn't pay to be strict about release module arity.
2023-11-21 20:46:32 -08:00
Antonio Gurgel
26381130e7 I don't understand this
Line 62 of this commit's flake.nix should bail with an attribute-missing
error while evaluating `buildDerivations.releases`, at the point where
Nix tries to inherit two variables from an empty `clusterData`.

...Or is it that I will have problems when I add something using
lib.builders.helmChart to `./system`? I'll only find out tomorrow.
2023-11-21 00:28:56 -08:00
Antonio Gurgel
a9490a3686 Add polish
- Clarify nature of release paths.
- Explain why I haven't bothered to wedge values.yaml files into the
  default derivation.
- Move drv_matcher to copy_drv_output, where it conceptually belongs.
2023-11-21 00:21:23 -08:00
Antonio Gurgel
1a44fbafd5 Refactor output script to deal with both trees 2023-11-20 23:49:01 -08:00
Antonio Gurgel
b4deb0b258 Implement clusterData
kubelib.buildHelmChart can take the target Kubernetes version and
a list of custom APIs, so I'll bind them both up in an attrset
and pass them to `flake-builder.releases`.

Accordingly, the other release-builders will have to become variadic.
2023-11-20 23:31:11 -08:00
Antonio Gurgel
aa1ec7d842 Don't do readFile twice
Also, I had a brief temptation to move `gatherApis` to `flake-builders`,
but apart from being used in the flake's let-in, it has little in common
with the other builders. I need to lose a direct dependency on kubelib
to try the concept out, though (`flake-builders` doesn't take `kubelib`),
and I ended up keeping the result.
2023-11-20 23:02:54 -08:00
Antonio Gurgel
3e7a376329 Start messy refactor
Release trees are now split into API-producing and API-using ones.
Namespace rake must now take a list of roots of release trees.
2023-11-20 22:46:06 -08:00
Antonio Gurgel
e9a77bb9a8 Add all the other charts in my cluster
Some are old versions of ones already in nixhelm.
I really should upgrade soon.
2023-11-20 22:26:46 -08:00
Antonio Gurgel
d3a8e32e25 Use yq-go instead 2023-11-20 22:06:32 -08:00
Antonio Gurgel
5ec509e3b6 Add packages.*.lib as output (useful for debugging) 2023-11-20 21:52:23 -08:00
Antonio Gurgel
3b5168fdc0 Identify another messy refactor on the horizon
Packages can either output new APIs or expect them in the cluster.

Examples of packages which
- output APIs: Gateway API, which installs various versions of
  gateway.networking.k8s.io resources.
- take APIs as input: app-template, which queries the cluster to
  choose v1a2, v1b1, or v1 for its HTTPRoute (etc.) objects.

("Packages" here collectively refers to Helm charts and YAML bundles.)

I will have to impose strict ordering on them, i.e., build the former
before the latter.
2023-11-20 21:46:44 -08:00
Antonio Gurgel
0fff85f680 Refuse to strain self on specifying kubeVersion 2023-11-20 21:42:39 -08:00
Antonio Gurgel
16365ee3e5 Refine API-gatherer 2023-11-20 21:42:16 -08:00