From ed26ad8af2a54c53d7d9fa2a2dbd1e13bfea7075 Mon Sep 17 00:00:00 2001 From: Jonas Juselius Date: Mon, 14 Oct 2024 15:47:14 +0200 Subject: [PATCH] wip: getting there, slowly --- apps/openfga.nix | 28 ++++++++------------------ flake.lock | 49 +++++++++++++++++++++++++++++---------------- flake.nix | 13 +++++++++--- modules/default.nix | 4 ++-- modules/lib.nix | 30 ++++++++++++++++++--------- 5 files changed, 72 insertions(+), 52 deletions(-) diff --git a/apps/openfga.nix b/apps/openfga.nix index 99a986b0..24e32246 100644 --- a/apps/openfga.nix +++ b/apps/openfga.nix @@ -1,21 +1,14 @@ -{ lib, applib, config, ... }: +{ lib, config, ... }: let cfg = config.apps.openfga; - env = config.apps.env; - namespace = "${env}-openfga"; - project = "aux"; - cluster = "https://kubernetes.default.svc"; - vs = ../values/openfga; - # values = applib.appValues ../values/openfga {}; + values = lib.apps.appValues { + inherit env; + base = ../values/openfga; + extraValues = {}; + }; - values = with lib; - attrsets.mergeAttrsList (lists.flatten [ - (kube.fromYAML (builtins.readFile "${vs}/values.yaml")) - (kube.fromYAML (builtins.readFile "${vs}/values-${env}.yaml")) - [ cfg.values ] - ]); kustomize = r: if r.kind == "Job" then lib.attrsets.recursiveUpdate r { spec.backoffLimit = 2; } @@ -23,14 +16,9 @@ let in { - options.apps.openfga = applib.appOptions {}; - - config = applib.appConfig cfg "${env}-openfga" { - inherit namespace; - inherit project; - - destination.server = cluster; + options.apps.openfga = lib.apps.appOptions {}; + config = lib.apps.appConfig cfg "openfga" { helm.releases."${env}-openfga" = { inherit values; chart = lib.helm.downloadHelmChart { diff --git a/flake.lock b/flake.lock index ba151910..ac536a83 100644 --- a/flake.lock +++ b/flake.lock @@ -278,22 +278,37 @@ "type": "github" } }, + "nix-kube-generators_3": { + "locked": { + "lastModified": 1708155396, + "narHash": "sha256-A/BIeJjiRS7sBYP6tFJa/WHDPHe7DGTCkSEKXttYeAQ=", + "owner": "farcaller", + "repo": "nix-kube-generators", + "rev": "14dbd5e5b40615937900f71d9a9851b59b4d9a88", + "type": "github" + }, + "original": { + "owner": "farcaller", + "repo": "nix-kube-generators", + "type": "github" + } + }, "nixhelm": { "inputs": { "flake-utils": "flake-utils_2", "haumea": "haumea", - "nix-kube-generators": "nix-kube-generators", + "nix-kube-generators": "nix-kube-generators_2", "nixpkgs": [ "nixpkgs" ], "poetry2nix": "poetry2nix" }, "locked": { - "lastModified": 1728522957, - "narHash": "sha256-5/2Q/aVVCgd/pL94KFnnH5h36se3UqT+oxXPTYnVjtY=", + "lastModified": 1728868745, + "narHash": "sha256-ZuaxkAtUL1visOmVMxgHk3j+H8/bMmm82tJfE1s35VY=", "owner": "farcaller", "repo": "nixhelm", - "rev": "6fc421b792250c65aa39d121f3c67a26cc7dd2ea", + "rev": "f901d2ba3ce1bd0086d50efdcce3cc76bce04d80", "type": "github" }, "original": { @@ -306,23 +321,22 @@ "inputs": { "flake-utils": "flake-utils_4", "kubenix": "kubenix", - "nix-kube-generators": "nix-kube-generators_2", + "nix-kube-generators": "nix-kube-generators_3", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1726669031, - "narHash": "sha256-iNh3jgB/vrltSUquE9Q3lbGIRqiyayglnSHtB5KbW+M=", - "owner": "arnarg", - "repo": "nixidy", - "rev": "b8abf95f1d4b1a7f5e70ffba926be571a778c540", - "type": "github" + "dirtyRev": "6e20193c95a0aaca444289d7c69f4eb329d25234-dirty", + "dirtyShortRev": "6e20193-dirty", + "lastModified": 1728815994, + "narHash": "sha256-0fNVuZdg7vNn47NBcStHzVzWfpSM2cdh7k2kiTcUal8=", + "type": "git", + "url": "file:///home/jonas/src/OceanBox/nixidy" }, "original": { - "owner": "arnarg", - "repo": "nixidy", - "type": "github" + "type": "git", + "url": "file:///home/jonas/src/OceanBox/nixidy" } }, "nixpkgs": { @@ -408,11 +422,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1728092656, - "narHash": "sha256-eMeCTJZ5xBeQ0f9Os7K8DThNVSo9gy4umZLDfF5q6OM=", + "lastModified": 1728778939, + "narHash": "sha256-WybK5E3hpGxtCYtBwpRj1E9JoiVxe+8kX83snTNaFHE=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "1211305a5b237771e13fcca0c51e60ad47326a9a", + "rev": "ff68f91754be6f3427e4986d7949e6273659be1d", "type": "github" }, "original": { @@ -424,6 +438,7 @@ "root": { "inputs": { "flake-utils": "flake-utils", + "nix-kube-generators": "nix-kube-generators", "nixhelm": "nixhelm", "nixidy": "nixidy", "nixpkgs": "nixpkgs", diff --git a/flake.nix b/flake.nix index 81513491..0b233a4e 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,8 @@ flake-utils.url = "github:numtide/flake-utils"; nixidy = { - url = "github:arnarg/nixidy"; + # url = "github:juselius/nixidy"; + url = "/home/jonas/src/OceanBox/nixidy"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -20,6 +21,8 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + nix-kube-generators.url = "github:farcaller/nix-kube-generators"; + yaml2nix = { url = "github:euank/yaml2nix"; inputs.nixpkgs.follows = "nixpkgs"; @@ -36,17 +39,21 @@ nixhelm, yaml2nix, pre-commit-hooks, + nix-kube-generators, }: (flake-utils.lib.eachDefaultSystem ( system: let pkgs = import nixpkgs { inherit system; }; - applib = import ./modules/lib.nix { inherit pkgs; }; + kube = nix-kube-generators.lib { inherit pkgs; }; + lib = { + apps = import ./modules/lib.nix { inherit pkgs kube;}; + }; in { nixidyEnvs = nixidy.lib.mkEnvs { inherit pkgs; - extraSpecialArgs = { inherit applib; }; + extraSpecialArgs = { inherit lib; }; charts = nixhelm.chartsDerivations.${system}; modules = [ ./modules diff --git a/modules/default.nix b/modules/default.nix index 90f6a1c9..b3d7b611 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -7,7 +7,7 @@ in options.apps = with lib; { env = mkOption { - type = types.string; + type = types.str; default = "prod"; description = "Enable"; }; @@ -42,7 +42,7 @@ in target = { repository = "https://gitlab.com/oveanbox/manifests.git"; branch = "main"; - rootPath = "_manifests"; + rootPath = "_manifests/${config.apps.env}"; }; resourceImports = [ diff --git a/modules/lib.nix b/modules/lib.nix index 065766a9..e7eec16c 100644 --- a/modules/lib.nix +++ b/modules/lib.nix @@ -1,4 +1,4 @@ -{ pkgs }: +{ pkgs, kube }: { appOptions = opts: with pkgs.lib; { enable = mkOption { @@ -25,20 +25,26 @@ description = "Enable server-side diffing"; }; + name = mkOption { + type = types.nullOr types.str; + default = null; + description = "Application name"; + }; + namespace = mkOption { - type = types.string; + type = types.nullOr types.str; default = null; description = "Namespace"; }; project = mkOption { - type = types.string; + type = types.str; default = "default"; description = "Project"; }; cluster = mkOption { - type = types.string; + type = types.str; default = "https://kubernetes.default.svc"; description = "Cluster"; }; @@ -54,6 +60,11 @@ with pkgs.lib; let app = conf // { + name = if builtins.isNull cfg.name then "${cfg.env}-${name}" else cfg.name; + project = cfg.project; + + destination.server = cfg.cluster; + createNamespace = true; compareOptions = { @@ -70,14 +81,13 @@ selfHeal = false; }; }; - }; - + } // (if builtins.isNull cfg.namespace then {} else { namespace = cfg.namespace; }); in mkIf cfg.enable { applications.${name} = app; }; - appValues = with pkgs.lib; vs: values: + appValues = with pkgs.lib; { env, base, extraValues}: attrsets.mergeAttrsList (lists.flatten [ - (lib.kube.fromYAML (builtins.readFile "${vs}/values.yaml")) - (lib.kube.fromYAML (builtins.readFile "${vs}/values-${env}.yaml")) - [ values ] + (kube.fromYAML (builtins.readFile "${base}/values.yaml")) + (kube.fromYAML (builtins.readFile "${base}/values-${env}.yaml")) + [ extraValues ] ]); }