diff --git a/apps/atlantis.nix b/apps/atlantis.nix index f33b4253..06c67f05 100644 --- a/apps/atlantis.nix +++ b/apps/atlantis.nix @@ -1,106 +1,34 @@ { lib, config, ... }: let cfg = config.apps.atlantis; + env = config.apps.env; + values = lib.apps.appValues { + inherit env; + base = ../values/atlantis; + extraValues = {}; + }; in { - options.apps.atlantis = { - enable = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Enable"; - }; - autoSync = lib.mkOption { - type = lib.types.bool; - default = true; - description = "Auto sync"; - }; - prune = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Prune"; - }; + options.apps.atlantis = lib.apps.appOptions { + revision = lib.mkOption { + type = lib.types.str; + default = "main"; + description = "Revision"; + }; + + hostname = lib.mkOption { + type = lib.types.str; + default = if env == "prod" + then "maps.oceanbox.io" + else "atlantis.beta.oceanbox.io"; + description = "Revision"; + }; }; - config = lib.mkIf cfg.enable { - applications.atlantis.resources = { - applicationSets = { - atlantis.spec = { - goTemplate = true; - generators = [ - { - list = { - elements = [ - { - env = "prod"; - namespace = "atlantis"; - project = "atlantis"; - cluster = "https://kubernetes.default.svc"; - hostname = "atlantis.srv.oceanbox.io"; - revision = "main"; - autoSync = cfg.autoSync; - prune = cfg.prune; - } - { - env = "staging"; - namespace = "atlantis"; - project = "atlantis"; - cluster = "https://staging-vcluster.staging-vcluster"; - hostname = "atlantis.beta.oceanbox.io"; - revision = "main"; - autoSync = cfg.autoSync; - prune = cfg.prune; - } - ]; - }; - } - ]; - template = { - metadata = { - name = "{{ .env }}-atlantis"; - annotations = { - "argocd.argoproj.io/compare-options" = "ServerSideDiff=true"; - }; - }; - spec = { - destination = { - namespace = "{{`{{.namespace}}`}}"; - server = "{{ .cluster }}"; - }; - project = "{{`{{.project}}`}}"; - sources = [ - { - repoURL = "https://gitlab.com/oceanbox/manifests.git"; - targetRevision = "{{`{{.revision}}`}}"; - path = "values/atlantis"; - plugin = { - name = "kustomize-helm-with-rewrite"; - parameters = [ - { - name = "env"; - string = "{{ .env }}"; - } - { - name = "hostname"; - string = "{{ .hostname }}"; - } - ]; - }; - } - ]; - syncPolicy = { - syncOptions = [ - "CreateNamespace=true" - "ApplyOutOfSyncOnly=true" - ]; - automated = lib.mkIf cfg.autoSync { - prune = cfg.prune; - selfHeal = false; - }; - }; - }; - }; - }; - }; + config = lib.apps.appConfig cfg "${env}-atlantis" { + helm.releases."${env}-atlantis" = { + inherit values; + chart = ../charts/atlantis; }; }; } diff --git a/apps/openfga.nix b/apps/openfga.nix index 24e32246..d6592ae9 100644 --- a/apps/openfga.nix +++ b/apps/openfga.nix @@ -18,7 +18,7 @@ in { options.apps.openfga = lib.apps.appOptions {}; - config = lib.apps.appConfig cfg "openfga" { + config = lib.apps.appConfig cfg "${env}-openfga" { helm.releases."${env}-openfga" = { inherit values; chart = lib.helm.downloadHelmChart { diff --git a/charts/atlantis/charts/redis-20.1.7.tgz b/charts/atlantis/charts/redis-20.1.7.tgz new file mode 100644 index 00000000..37567e25 Binary files /dev/null and b/charts/atlantis/charts/redis-20.1.7.tgz differ diff --git a/charts/atlantis/values.yaml b/charts/atlantis/values.yaml index bf31d691..b196f0e8 100644 --- a/charts/atlantis/values.yaml +++ b/charts/atlantis/values.yaml @@ -112,7 +112,6 @@ redis: master: resources: limits: - cpu: null ephemeral-storage: 1024Mi memory: 192Mi requests: diff --git a/flake.lock b/flake.lock index ac536a83..181d1c3d 100644 --- a/flake.lock +++ b/flake.lock @@ -4,7 +4,7 @@ "inputs": { "flake-compat": "flake-compat_3", "flake-utils": "flake-utils_5", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "rust-overlay": "rust-overlay" }, "locked": { @@ -322,30 +322,30 @@ "flake-utils": "flake-utils_4", "kubenix": "kubenix", "nix-kube-generators": "nix-kube-generators_3", - "nixpkgs": [ - "nixpkgs" - ] + "nixpkgs": "nixpkgs" }, "locked": { - "dirtyRev": "6e20193c95a0aaca444289d7c69f4eb329d25234-dirty", - "dirtyShortRev": "6e20193-dirty", - "lastModified": 1728815994, + "lastModified": 1728908720, "narHash": "sha256-0fNVuZdg7vNn47NBcStHzVzWfpSM2cdh7k2kiTcUal8=", - "type": "git", - "url": "file:///home/jonas/src/OceanBox/nixidy" + "owner": "juselius", + "repo": "nixidy", + "rev": "21cee93f73c29eff44c37dbc90ba68d217258b9d", + "type": "github" }, "original": { - "type": "git", - "url": "file:///home/jonas/src/OceanBox/nixidy" + "owner": "juselius", + "ref": "special-args", + "repo": "nixidy", + "type": "github" } }, "nixpkgs": { "locked": { - "lastModified": 1728492678, - "narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=", + "lastModified": 1702151865, + "narHash": "sha256-9VAt19t6yQa7pHZLDbil/QctAgVsA66DLnzdRGqDisg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7", + "rev": "666fc80e7b2afb570462423cb0e1cf1a3a34fedd", "type": "github" }, "original": { @@ -372,6 +372,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1728492678, + "narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1697382362, "narHash": "sha256-PvFjWFmSYOF6TjNZ/WjOeqa+sgaWm+83Fz37vEuATHA=", @@ -441,7 +457,7 @@ "nix-kube-generators": "nix-kube-generators", "nixhelm": "nixhelm", "nixidy": "nixidy", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "pre-commit-hooks": "pre-commit-hooks", "yaml2nix": "yaml2nix" } diff --git a/flake.nix b/flake.nix index 0b233a4e..e205c345 100644 --- a/flake.nix +++ b/flake.nix @@ -6,9 +6,9 @@ flake-utils.url = "github:numtide/flake-utils"; nixidy = { - # url = "github:juselius/nixidy"; - url = "/home/jonas/src/OceanBox/nixidy"; - inputs.nixpkgs.follows = "nixpkgs"; + url = "github:juselius/nixidy?ref=special-args"; + # url = "/home/jonas/src/OceanBox/nixidy"; + # inputs.nixpkgs.follows = "nixpkgs"; }; nixhelm = { diff --git a/modules/lib.nix b/modules/lib.nix index e7eec16c..88851450 100644 --- a/modules/lib.nix +++ b/modules/lib.nix @@ -60,18 +60,18 @@ with pkgs.lib; let app = conf // { - name = if builtins.isNull cfg.name then "${cfg.env}-${name}" else cfg.name; + name = if builtins.isNull cfg.name then name else cfg.name; project = cfg.project; destination.server = cfg.cluster; - createNamespace = true; + createNamespace = true; - compareOptions = { + compareOptions = { serverSideDiff = cfg.serverSideDiff; - }; + }; - syncPolicy = { + syncPolicy = { syncOptions = { applyOutOfSyncOnly = true; }; @@ -80,7 +80,7 @@ prune = cfg.prune; selfHeal = false; }; - }; + }; } // (if builtins.isNull cfg.namespace then {} else { namespace = cfg.namespace; }); in mkIf cfg.enable { applications.${name} = app; }; diff --git a/values/atlantis/values-prod.yaml b/values/atlantis/values-prod.yaml index 85c9b9b0..b1f37d92 100644 --- a/values/atlantis/values-prod.yaml +++ b/values/atlantis/values-prod.yaml @@ -2,20 +2,6 @@ replicaCount: 2 podAnnotations: dapr.io/app-id: "prod-atlantis" - dapr.io/enabled: "true" - dapr.io/app-port: "8000" - dapr.io/config: "tracing" - dapr.io/app-protocol: "http" - dapr.io/enable-app-health-check: "true" - dapr.io/app-health-check-path: "/healthz" - dapr.io/app-health-probe-interval: "3" - dapr.io/app-health-probe-timeout: "200" - dapr.io/app-health-threshold: "2" - dapr.io/sidecar-cpu-request: "100m" - dapr.io/sidecar-memory-request: "250Mi" - dapr.io/sidecar-cpu-limit: "300m" - dapr.io/sidecar-memory-limit: "1000Mi" - dapr.io/log-as-json: "true" ingress: annotations: diff --git a/values/atlantis/values-staging.yaml b/values/atlantis/values-staging.yaml index ca73b3e7..26901728 100644 --- a/values/atlantis/values-staging.yaml +++ b/values/atlantis/values-staging.yaml @@ -1,20 +1,7 @@ replicaCount: 2 + podAnnotations: dapr.io/app-id: "staging-atlantis" - dapr.io/enabled: "true" - dapr.io/app-port: "8000" - dapr.io/config: "tracing" - dapr.io/app-protocol: "http" - dapr.io/enable-app-health-check: "true" - dapr.io/app-health-check-path: "/healthz" - dapr.io/app-health-probe-interval: "3" - dapr.io/app-health-probe-timeout: "200" - dapr.io/app-health-threshold: "2" - dapr.io/sidecar-cpu-request: "100m" - dapr.io/sidecar-memory-request: "250Mi" - dapr.io/sidecar-cpu-limit: "300m" - dapr.io/sidecar-memory-limit: "1000Mi" - dapr.io/log-as-json: "true" image: tag: 7f3512e0-debug ingress: diff --git a/values/atlantis/values.yaml b/values/atlantis/values.yaml new file mode 100644 index 00000000..b8178c12 --- /dev/null +++ b/values/atlantis/values.yaml @@ -0,0 +1,16 @@ + +podAnnotations: + dapr.io/enabled: "true" + dapr.io/app-port: "8000" + dapr.io/config: "tracing" + dapr.io/app-protocol: "http" + dapr.io/enable-app-health-check: "true" + dapr.io/app-health-check-path: "/healthz" + dapr.io/app-health-probe-interval: "3" + dapr.io/app-health-probe-timeout: "200" + dapr.io/app-health-threshold: "2" + dapr.io/sidecar-cpu-request: "100m" + dapr.io/sidecar-memory-request: "250Mi" + dapr.io/sidecar-cpu-limit: "300m" + dapr.io/sidecar-memory-limit: "1000Mi" + dapr.io/log-as-json: "true"