Merge branch 'nixidy' of gitlab.com:oceanbox/manifests into nixidy

2024-10-15 08:02:36 +02:00
parent 474d04862c ea929b7dc4
commit 7ca0a2d397
10 changed files with 100 additions and 151 deletions
@@ -1,106 +1,51 @@
 { lib, config, ... }:
 let
  cfg = config.apps.atlantis;
-in
-{
-  options.apps.atlantis = {
-    enable = lib.mkOption {
-      type = lib.types.bool;
-      default = true;
-      description = "Enable";
-    };
-    autoSync = lib.mkOption {
-      type = lib.types.bool;
-      default = true;
-      description = "Auto sync";
-    };
-    prune = lib.mkOption {
-      type = lib.types.bool;
-      default = false;
-      description = "Prune";
-    };
+  env = config.apps.env;
+
+  values = lib.apps.appValues {
+    inherit env;
+    base = ../values/atlantis;
+    extraValues = {};
  };

-  config = lib.mkIf cfg.enable {
-    applications.atlantis.resources = {
-      applicationSets = {
-        atlantis.spec = {
-          goTemplate = true;
-          generators = [
-            {
-              list = {
-                elements = [
-                  {
-                    env = "prod";
-                    namespace = "atlantis";
-                    project = "atlantis";
-                    cluster = "https://kubernetes.default.svc";
-                    hostname = "atlantis.srv.oceanbox.io";
-                    revision = "main";
-                    autoSync = cfg.autoSync;
-                    prune = cfg.prune;
-                  }
-                  {
-                    env = "staging";
-                    namespace = "atlantis";
-                    project = "atlantis";
-                    cluster = "https://staging-vcluster.staging-vcluster";
-                    hostname = "atlantis.beta.oceanbox.io";
-                    revision = "main";
-                    autoSync = cfg.autoSync;
-                    prune = cfg.prune;
-                  }
-                ];
-              };
-            }
-          ];
-          template = {
-            metadata = {
-              name = "{{ .env }}-atlantis";
-              annotations = {
-                "argocd.argoproj.io/compare-options" = "ServerSideDiff=true";
-              };
-            };
-            spec = {
-              destination = {
-                namespace = "{{`{{.namespace}}`}}";
-                server = "{{ .cluster }}";
-              };
-              project = "{{`{{.project}}`}}";
-              sources = [
-                {
-                  repoURL = "https://gitlab.com/oceanbox/manifests.git";
-                  targetRevision = "{{`{{.revision}}`}}";
-                  path = "values/atlantis";
-                  plugin = {
-                    name = "kustomize-helm-with-rewrite";
-                    parameters = [
-                      {
-                        name = "env";
-                        string = "{{ .env }}";
-                      }
-                      {
-                        name = "hostname";
-                        string = "{{ .hostname }}";
-                      }
-                    ];
-                  };
-                }
-              ];
-              syncPolicy = {
-                syncOptions = [
-                  "CreateNamespace=true"
-                  "ApplyOutOfSyncOnly=true"
-                ];
-                automated = lib.mkIf cfg.autoSync {
-                  prune = cfg.prune;
-                  selfHeal = false;
-                };
-              };
-            };
-          };
-        };
+  kustomize = r:
+    if r.kind == "Deployment" then
+      lib.attrsets.recursiveUpdate r {
+        spec.template.spec.containers =
+        builtins.map (x:
+        x // {
+            livenessProbe.httpGet.path = "/healthz";
+            readinessProble.httpGet.path = "/healthz";
+            env = x.env ++ [ { name = "INERNAL_PORT"; value = 8000; } ];
+        }) r.spec.template.spec.containers;
+      }
+      else if r.kind == "Service" then
+      {}
+    else r;
+in
+{
+  options.apps.atlantis = lib.apps.appOptions {
+      revision = lib.mkOption {
+        type = lib.types.str;
+        default = "main";
+        description = "Revision";
      };
+
+      hostname = lib.mkOption {
+        type = lib.types.str;
+        default = if env == "prod"
+          then "maps.oceanbox.io"
+          else "atlantis.beta.oceanbox.io";
+        description = "Revision";
+      };
+  };
+
+  config = lib.apps.appConfig cfg "${env}-atlantis" {
+    helm.releases."${env}-atlantis" = {
+      inherit values;
+      chart = ../charts/atlantis;
+      transformer = rs: builtins.map (x: kustomize x) rs;
    };
  };
 }
@@ -18,7 +18,7 @@ in
  {
    options.apps.openfga = lib.apps.appOptions {};

-    config = lib.apps.appConfig cfg "openfga" {
+    config = lib.apps.appConfig cfg "${env}-openfga" {
        helm.releases."${env}-openfga" = {
          inherit values;
          chart = lib.helm.downloadHelmChart {
@@ -112,7 +112,6 @@ redis:
  master:
    resources:
      limits:
-        cpu: null
        ephemeral-storage: 1024Mi
        memory: 192Mi
      requests:
@@ -4,7 +4,7 @@
      "inputs": {
        "flake-compat": "flake-compat_3",
        "flake-utils": "flake-utils_5",
-        "nixpkgs": "nixpkgs_2",
+        "nixpkgs": "nixpkgs_3",
        "rust-overlay": "rust-overlay"
      },
      "locked": {
@@ -322,30 +322,30 @@
        "flake-utils": "flake-utils_4",
        "kubenix": "kubenix",
        "nix-kube-generators": "nix-kube-generators_3",
-        "nixpkgs": [
-          "nixpkgs"
-        ]
+        "nixpkgs": "nixpkgs"
      },
      "locked": {
-        "dirtyRev": "6e20193c95a0aaca444289d7c69f4eb329d25234-dirty",
-        "dirtyShortRev": "6e20193-dirty",
-        "lastModified": 1728815994,
+        "lastModified": 1728908720,
        "narHash": "sha256-0fNVuZdg7vNn47NBcStHzVzWfpSM2cdh7k2kiTcUal8=",
-        "type": "git",
-        "url": "file:///home/jonas/src/OceanBox/nixidy"
+        "owner": "juselius",
+        "repo": "nixidy",
+        "rev": "21cee93f73c29eff44c37dbc90ba68d217258b9d",
+        "type": "github"
      },
      "original": {
-        "type": "git",
-        "url": "file:///home/jonas/src/OceanBox/nixidy"
+        "owner": "juselius",
+        "ref": "special-args",
+        "repo": "nixidy",
+        "type": "github"
      }
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1728492678,
-        "narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=",
+        "lastModified": 1702151865,
+        "narHash": "sha256-9VAt19t6yQa7pHZLDbil/QctAgVsA66DLnzdRGqDisg=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7",
+        "rev": "666fc80e7b2afb570462423cb0e1cf1a3a34fedd",
        "type": "github"
      },
      "original": {
@@ -372,6 +372,22 @@
      }
    },
    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1728492678,
+        "narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_3": {
      "locked": {
        "lastModified": 1697382362,
        "narHash": "sha256-PvFjWFmSYOF6TjNZ/WjOeqa+sgaWm+83Fz37vEuATHA=",
@@ -441,7 +457,7 @@
        "nix-kube-generators": "nix-kube-generators",
        "nixhelm": "nixhelm",
        "nixidy": "nixidy",
-        "nixpkgs": "nixpkgs",
+        "nixpkgs": "nixpkgs_2",
        "pre-commit-hooks": "pre-commit-hooks",
        "yaml2nix": "yaml2nix"
      }
@@ -6,9 +6,9 @@
    flake-utils.url = "github:numtide/flake-utils";

    nixidy = {
-      # url = "github:juselius/nixidy";
-      url = "/home/jonas/src/OceanBox/nixidy";
-      inputs.nixpkgs.follows = "nixpkgs";
+      url = "github:juselius/nixidy?ref=special-args";
+      # url = "/home/jonas/src/OceanBox/nixidy";
+      # inputs.nixpkgs.follows = "nixpkgs";
    };

    nixhelm = {
@@ -60,18 +60,18 @@
    with pkgs.lib;
    let
       app = conf // {
-        name = if builtins.isNull cfg.name then "${cfg.env}-${name}" else cfg.name;
+        name = if builtins.isNull cfg.name then name else cfg.name;
        project = cfg.project;

        destination.server = cfg.cluster;

-         createNamespace = true;
+        createNamespace = true;

-         compareOptions = {
+        compareOptions = {
           serverSideDiff = cfg.serverSideDiff;
-          };
+        };

-         syncPolicy = {
+        syncPolicy = {
           syncOptions = {
             applyOutOfSyncOnly = true;
           };
@@ -80,7 +80,7 @@
             prune = cfg.prune;
             selfHeal = false;
           };
-         };
+        };
       } // (if builtins.isNull cfg.namespace then {} else  { namespace = cfg.namespace; });
    in mkIf cfg.enable { applications.${name} = app; };

@@ -2,20 +2,6 @@ replicaCount: 2

 podAnnotations:
  dapr.io/app-id: "prod-atlantis"
-  dapr.io/enabled: "true"
-  dapr.io/app-port: "8000"
-  dapr.io/config: "tracing"
-  dapr.io/app-protocol: "http"
-  dapr.io/enable-app-health-check: "true"
-  dapr.io/app-health-check-path: "/healthz"
-  dapr.io/app-health-probe-interval: "3"
-  dapr.io/app-health-probe-timeout: "200"
-  dapr.io/app-health-threshold: "2"
-  dapr.io/sidecar-cpu-request: "100m"
-  dapr.io/sidecar-memory-request: "250Mi"
-  dapr.io/sidecar-cpu-limit: "300m"
-  dapr.io/sidecar-memory-limit: "1000Mi"
-  dapr.io/log-as-json: "true"

 ingress:
  annotations:
@@ -1,20 +1,7 @@
 replicaCount: 2
+
 podAnnotations:
  dapr.io/app-id: "staging-atlantis"
-  dapr.io/enabled: "true"
-  dapr.io/app-port: "8000"
-  dapr.io/config: "tracing"
-  dapr.io/app-protocol: "http"
-  dapr.io/enable-app-health-check: "true"
-  dapr.io/app-health-check-path: "/healthz"
-  dapr.io/app-health-probe-interval: "3"
-  dapr.io/app-health-probe-timeout: "200"
-  dapr.io/app-health-threshold: "2"
-  dapr.io/sidecar-cpu-request: "100m"
-  dapr.io/sidecar-memory-request: "250Mi"
-  dapr.io/sidecar-cpu-limit: "300m"
-  dapr.io/sidecar-memory-limit: "1000Mi"
-  dapr.io/log-as-json: "true"
 image:
  tag: 7f3512e0-debug
 ingress:
@@ -0,0 +1,16 @@
+
+podAnnotations:
+  dapr.io/enabled: "true"
+  dapr.io/app-port: "8000"
+  dapr.io/config: "tracing"
+  dapr.io/app-protocol: "http"
+  dapr.io/enable-app-health-check: "true"
+  dapr.io/app-health-check-path: "/healthz"
+  dapr.io/app-health-probe-interval: "3"
+  dapr.io/app-health-probe-timeout: "200"
+  dapr.io/app-health-threshold: "2"
+  dapr.io/sidecar-cpu-request: "100m"
+  dapr.io/sidecar-memory-request: "250Mi"
+  dapr.io/sidecar-cpu-limit: "300m"
+  dapr.io/sidecar-memory-limit: "1000Mi"
+  dapr.io/log-as-json: "true"