cpflow 3.0.0

data/lib/cpflow.rb

@@ -0,0 +1,288 @@
+# frozen_string_literal: true
+
+require "date"
+require "dotenv/load"
+require "cgi"
+require "json"
+require "jwt"
+require "net/http"
+require "open3"
+require "pathname"
+require "tempfile"
+require "thor"
+require "yaml"
+
+require_relative "constants/exit_code"
+
+# We need to require base before all commands, since the commands inherit from it
+require_relative "command/base"
+
+modules = Dir["#{__dir__}/**/*.rb"].reject do |file|
+  file == __FILE__ || file.end_with?("base.rb")
+end
+modules.sort.each { require(_1) }
+
+# NOTE: this snippet combines all subprocesses into a group and kills all on exit to avoid hanging orphans
+$child_pids = [] # rubocop:disable Style/GlobalVars
+at_exit do
+  $child_pids.each do |pid| # rubocop:disable Style/GlobalVars
+    Process.kill("TERM", pid)
+  end
+end
+
+# Fix for https://github.com/erikhuda/thor/issues/398
+# Copied from https://github.com/rails/thor/issues/398#issuecomment-622988390
+class Thor
+  module Shell
+    class Basic
+      def print_wrapped(message, options = {})
+        indent = (options[:indent] || 0).to_i
+        if indent.zero?
+          stdout.puts(message)
+        else
+          message.each_line do |message_line|
+            stdout.print(" " * indent)
+            stdout.puts(message_line.chomp)
+          end
+        end
+      end
+    end
+  end
+end
+
+module Cpflow
+  class Error < StandardError; end
+
+  class Cli < Thor # rubocop:disable Metrics/ClassLength
+    package_name "cpflow"
+    default_task :no_command
+
+    def self.start(*args)
+      ENV["CPLN_SKIP_UPDATE_CHECK"] = "true"
+
+      check_cpln_version
+      check_cpflow_version
+      fix_help_option
+
+      super(*args)
+    end
+
+    def self.check_cpln_version # rubocop:disable Metrics/MethodLength
+      return if @checked_cpln_version
+
+      @checked_cpln_version = true
+
+      result = ::Shell.cmd("cpln", "--version", capture_stderr: true)
+      if result[:success]
+        data = JSON.parse(result[:output])
+
+        version = data["npm"]
+        min_version = Cpflow::MIN_CPLN_VERSION
+        if Gem::Version.new(version) < Gem::Version.new(min_version)
+          ::Shell.abort("Current 'cpln' version: #{version}. Minimum supported version: #{min_version}. " \
+                        "Please update it with 'npm update -g @controlplane/cli'.")
+        end
+      else
+        ::Shell.abort("Can't find 'cpln' executable. Please install it with 'npm install -g @controlplane/cli'.")
+      end
+    end
+
+    def self.check_cpflow_version # rubocop:disable Metrics/MethodLength
+      return if @checked_cpflow_version
+
+      @checked_cpflow_version = true
+
+      result = ::Shell.cmd("gem", "search", "^cpflow$", "--remote", capture_stderr: true)
+      return unless result[:success]
+
+      matches = result[:output].match(/cpflow \((.+)\)/)
+      return unless matches
+
+      version = Cpflow::VERSION
+      latest_version = matches[1]
+      return unless Gem::Version.new(version) < Gem::Version.new(latest_version)
+
+      ::Shell.warn("You are not using the latest 'cpflow' version. Please update it with 'gem update cpflow'.")
+      $stderr.puts
+    end
+
+    # This is so that we're able to run `cpflow COMMAND --help` to print the help
+    # (it basically changes it to `cpflow --help COMMAND`, which Thor recognizes)
+    # Based on https://stackoverflow.com/questions/49042591/how-to-add-help-h-flag-to-thor-command
+    def self.fix_help_option
+      help_mappings = Thor::HELP_MAPPINGS + ["help"]
+      matches = help_mappings & ARGV
+      matches.each do |match|
+        ARGV.delete(match)
+        ARGV.unshift(match)
+      end
+    end
+
+    # Needed to silence deprecation warning
+    def self.exit_on_failure?
+      true
+    end
+
+    # Needed to be able to use "run" as a command
+    def self.is_thor_reserved_word?(word, type) # rubocop:disable Naming/PredicateName
+      return false if word == "run"
+
+      super(word, type)
+    end
+
+    def self.deprecated_commands
+      @deprecated_commands ||= begin
+        deprecated_commands_file_path = "#{__dir__}/deprecated_commands.json"
+        deprecated_commands_data = File.binread(deprecated_commands_file_path)
+        deprecated_commands = JSON.parse(deprecated_commands_data)
+        deprecated_commands.to_h do |old_command_name, new_command_name|
+          file_name = new_command_name.gsub(/[^A-Za-z]/, "_")
+          class_name = file_name.split("_").map(&:capitalize).join
+
+          [old_command_name, Object.const_get("::Command::#{class_name}")]
+        end
+      end
+    end
+
+    def self.all_base_commands
+      ::Command::Base.all_commands.merge(deprecated_commands)
+    end
+
+    def self.process_option_params(params)
+      # Ensures that if no value is provided for a non-boolean option (e.g., `cpflow command --option`),
+      # it defaults to an empty string instead of the option name (which is the default Thor behavior)
+      params[:lazy_default] ||= "" if params[:type] != :boolean
+
+      params
+    end
+
+    @commands_with_required_options = []
+    @commands_with_extra_options = []
+
+    ::Command::Base.common_options.each do |option|
+      params = process_option_params(option[:params])
+      class_option(option[:name], **params)
+    end
+
+    all_base_commands.each do |command_key, command_class| # rubocop:disable Metrics/BlockLength
+      deprecated = deprecated_commands[command_key]
+
+      name = command_class::NAME
+      name_for_method = deprecated ? command_key : name.tr("-", "_")
+      usage = command_class::USAGE.empty? ? name : command_class::USAGE
+      requires_args = command_class::REQUIRES_ARGS
+      default_args = command_class::DEFAULT_ARGS
+      command_options = command_class::OPTIONS
+      accepts_extra_options = command_class::ACCEPTS_EXTRA_OPTIONS
+      description = command_class::DESCRIPTION
+      long_description = command_class::LONG_DESCRIPTION
+      examples = command_class::EXAMPLES
+      hide = command_class::HIDE || deprecated
+      with_info_header = command_class::WITH_INFO_HEADER
+      validations = command_class::VALIDATIONS
+
+      long_description += "\n#{examples}" if examples.length.positive?
+
+      # `handle_argument_error` does not exist in the context below,
+      # so we store it here to be able to use it
+      raise_args_error = ->(*args) { handle_argument_error(commands[name_for_method], ArgumentError, *args) }
+
+      desc(usage, description, hide: hide)
+      long_desc(long_description)
+
+      command_options.each do |option|
+        params = process_option_params(option[:params])
+        method_option(option[:name], **params)
+      end
+
+      # We'll handle required options manually in `Config`
+      required_options = command_options.select { |option| option[:params][:required] }.map { |option| option[:name] }
+      @commands_with_required_options.push(name_for_method.to_sym) if required_options.any?
+
+      @commands_with_extra_options.push(name_for_method.to_sym) if accepts_extra_options
+
+      define_method(name_for_method) do |*provided_args| # rubocop:disable Metrics/BlockLength, Metrics/MethodLength
+        if deprecated
+          normalized_old_name = ::Helpers.normalize_command_name(command_key)
+          ::Shell.warn_deprecated("Command '#{normalized_old_name}' is deprecated, " \
+                                  "please use '#{name}' instead.")
+          $stderr.puts
+        end
+
+        args = if provided_args.length.positive?
+                 provided_args
+               else
+                 default_args
+               end
+
+        if (args.empty? && requires_args) || (!args.empty? && !requires_args && !accepts_extra_options)
+          raise_args_error.call(args, nil)
+        end
+
+        begin
+          Cpflow::Cli.validate_options!(options)
+
+          config = Config.new(args, options, required_options)
+
+          Cpflow::Cli.show_info_header(config) if with_info_header
+
+          if validations.any? && ENV.fetch("DISABLE_VALIDATIONS", nil) != "true"
+            doctor = DoctorService.new(config)
+            doctor.run_validations(validations, silent_if_passing: true)
+          end
+
+          command_class.new(config).call
+        rescue RuntimeError => e
+          ::Shell.abort(e.message)
+        end
+      end
+    rescue StandardError => e
+      ::Shell.abort("Unable to load command: #{e.message}")
+    end
+
+    disable_required_check!(*@commands_with_required_options)
+    check_unknown_options!(except: @commands_with_extra_options)
+    stop_on_unknown_option!
+
+    def self.validate_options!(options) # rubocop:disable Metrics/MethodLength
+      options.each do |name, value|
+        normalized_name = ::Helpers.normalize_option_name(name)
+        raise "No value provided for option #{normalized_name}." if value.to_s.strip.empty?
+
+        option = ::Command::Base.all_options.find { |current_option| current_option[:name].to_s == name }
+        if option[:new_name]
+          normalized_new_name = ::Helpers.normalize_option_name(option[:new_name])
+          ::Shell.warn_deprecated("Option #{normalized_name} is deprecated, " \
+                                  "please use #{normalized_new_name} instead.")
+          $stderr.puts
+        end
+
+        params = option[:params]
+        next unless params[:valid_regex]
+
+        raise "Invalid value provided for option #{normalized_name}." unless value.match?(params[:valid_regex])
+      end
+    end
+
+    def self.show_info_header(config) # rubocop:disable Metrics/MethodLength
+      return if @showed_info_header
+
+      rows = {}
+      rows["ORG"] = config.org || "NOT PROVIDED!"
+      rows["ORG"] += " (comes from CPLN_ORG env var)" if config.org_comes_from_env
+      rows["APP"] = config.app || "NOT PROVIDED!"
+      rows["APP"] += " (comes from CPLN_APP env var)" if config.app_comes_from_env
+
+      rows.each do |key, value|
+        puts "#{key}: #{value}"
+      end
+
+      @showed_info_header = true
+
+      # Add a newline after the info header
+      puts
+    end
+  end
+end
+
+Shell.trap_interrupt unless ENV.fetch("DISABLE_INTERRUPT_TRAP", nil) == "true"

data/lib/deprecated_commands.json

@@ -0,0 +1,9 @@
+{
+  "build": "build-image",
+  "cleanup_old_images": "cleanup-images",
+  "promote": "deploy-image",
+  "promote_image": "deploy-image",
+  "run:detached": "run",
+  "runner": "run",
+  "setup": "apply-template"
+}

data/lib/generator_templates/Dockerfile

@@ -0,0 +1,27 @@
+FROM ruby:3.1.2
+
+RUN apt-get update
+
+WORKDIR /app
+
+# install ruby gems
+COPY Gemfile* ./
+
+RUN bundle config set without 'development test' && \
+    bundle config set with 'staging production' && \
+    bundle install --jobs=3 --retry=3
+
+COPY . ./
+
+ENV RAILS_ENV=production
+
+# compiling assets requires any value for ENV of SECRET_KEY_BASE
+ENV SECRET_KEY_BASE=NOT_USED_NON_BLANK
+
+RUN rails assets:precompile
+
+# add entrypoint
+COPY .controlplane/entrypoint.sh ./
+ENTRYPOINT ["/app/entrypoint.sh"]
+
+CMD ["rails", "s"]

data/lib/generator_templates/controlplane.yml

@@ -0,0 +1,62 @@
+# Keys beginning with "cpln_" correspond to your settings in Control Plane.
+
+# You can opt out of allowing the use of CPLN_ORG and CPLN_APP env vars
+# to avoid any accidents with the wrong org / app.
+allow_org_override_by_env: true
+allow_app_override_by_env: true
+
+aliases:
+  common: &common
+    # Organization name for staging (customize to your needs).
+    # Production apps will use a different organization, specified below, for security.
+    cpln_org: my-org-staging
+
+    # Example apps use only one location. Control Plane offers the ability to use multiple locations.
+    # TODO: Allow specification of multiple locations.
+    default_location: aws-us-east-2
+
+    # Configure the workload name used as a template for one-off scripts, like a Heroku one-off dyno.
+    one_off_workload: rails
+
+    # Workloads that are for the application itself and are using application Docker images.
+    # These are updated with the new image when running the `deploy-image` command,
+    # and are also used by the `info` and `ps:` commands in order to get all of the defined workloads.
+    # On the other hand, if you have a workload for Redis, that would NOT use the application Docker image
+    # and not be listed here.
+    app_workloads:
+      - rails
+
+    # Additional "service type" workloads, using non-application Docker images.
+    # These are only used by the `info` and `ps:` commands in order to get all of the defined workloads.
+    additional_workloads:
+      - postgres
+
+    # Configure the workload name used when maintenance mode is on (defaults to "maintenance")
+    maintenance_workload: maintenance
+
+apps:
+  my-app-staging:
+    # Use the values from the common section above.
+    <<: *common
+  my-app-review:
+    <<: *common
+    # If `match_if_app_name_starts_with` is `true`, then use this config for app names starting with this name,
+    # e.g., "my-app-review-pr123", "my-app-review-anything-goes", etc.
+    match_if_app_name_starts_with: true
+  my-app-production:
+    <<: *common
+
+    # You can also opt out of allowing the use of CPLN_ORG and CPLN_APP env vars per app.
+    # It's recommended to leave this off for production, to avoid any accidents.
+    allow_org_override_by_env: false
+    allow_app_override_by_env: false
+
+    # Use a different organization for production.
+    cpln_org: my-org-production
+    # Allows running the command `cpflow promote-app-from-upstream -a my-app-production`
+    # to promote the staging app to production.
+    upstream: my-app-staging
+  my-app-other:
+    <<: *common
+    # You can specify a different `Dockerfile` relative to the `.controlplane/` directory (defaults to "Dockerfile").
+    dockerfile: ../some_other/Dockerfile

data/lib/generator_templates/entrypoint.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+# Runs before the main command
+
+echo " -- Preparing database"
+rails db:prepare
+
+echo " -- Finishing entrypoint.sh, executing '$@'"
+exec "$@"

data/lib/generator_templates/templates/app.yml

@@ -0,0 +1,21 @@
+# Template setup of the GVC, roughly corresponding to a Heroku app
+kind: gvc
+name: {{APP_NAME}}
+spec:
+  # For using templates for test apps, put ENV values here, stored in git repo.
+  # Production apps will have values configured manually after app creation.
+  env:
+    - name: DATABASE_URL
+      # Password does not matter because host postgres.{{APP_NAME}}.cpln.local can only be accessed
+      # locally within CPLN GVC, and postgres running on a CPLN workload is something only for a
+      # test app that lacks persistence.
+      value: 'postgres://the_user:the_password@postgres.{{APP_NAME}}.cpln.local:5432/{{APP_NAME}}'
+    - name: RAILS_ENV
+      value: production
+    - name: RAILS_SERVE_STATIC_FILES
+      value: 'true'
+
+  # Part of standard configuration
+  staticPlacement:
+    locationLinks:
+      - {{APP_LOCATION_LINK}}

data/lib/generator_templates/templates/postgres.yml

@@ -0,0 +1,176 @@
+# Comes from example at
+# https://github.com/controlplane-com/examples/blob/main/examples/postgres/manifest.yaml
+
+kind: volumeset
+name: postgres-poc-vs
+description: postgres-poc-vs
+spec:
+  autoscaling:
+    maxCapacity: 1000
+    minFreePercentage: 1
+    scalingFactor: 1.1
+  fileSystemType: ext4
+  initialCapacity: 10
+  performanceClass: general-purpose-ssd
+  snapshots:
+    createFinalSnapshot: true
+    retentionDuration: 7d
+
+---
+kind: secret
+name: postgres-poc-credentials
+description: ''
+type: dictionary
+data:
+  password: the_password #Replace this with a real password
+  username: the_user     #Replace this with a real username
+
+---
+kind: secret
+name: postgres-poc-entrypoint-script
+type: opaque
+data:
+  encoding: base64
+  payload: >-
+    IyEvdXNyL2Jpbi9lbnYgYmFzaAoKc291cmNlIC91c3IvbG9jYWwvYmluL2RvY2tlci1lbnRyeXBvaW50LnNoCgppbnN0YWxsX2RlcHMoKSB7CiAgYXB0LWdldCB1cGRhdGUgLXkgPiAvZGV2L251bGwKICBhcHQtZ2V0IGluc3RhbGwgY3VybCAteSA+IC9kZXYvbnVsbAogIGFwdC1nZXQgaW5zdGFsbCB1bnppcCAteSA+IC9kZXYvbnVsbAogIGN1cmwgImh0dHBzOi8vYXdzY2xpLmFtYXpvbmF3cy5jb20vYXdzY2xpLWV4ZS1saW51eC14ODZfNjQuemlwIiAtbyAiYXdzY2xpdjIuemlwIiA+IC9kZXYvbnVsbAogIHVuemlwIGF3c2NsaXYyLnppcCA+IC9kZXYvbnVsbAogIC4vYXdzL2luc3RhbGwgPiAvZGV2L251bGwKfQoKZGJfaGFzX2JlZW5fcmVzdG9yZWQoKSB7CiAgaWYgWyAhIC1mICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiIF07IHRoZW4KICAgIHJldHVybiAxCiAgZmkKCiAgaWYgISBncmVwIC1xICJcLT4gJDEkIiAiJFBHREFUQS9DUExOX1JFU1RPUkVEIjsgdGhlbgogICAgcmV0dXJuIDEKICBlbHNlCiAgICByZXR1cm4gMAogIGZpCn0KCnJlc3RvcmVfZGIoKSB7Cgl3aGlsZSBbICEgLVMgL3Zhci9ydW4vcG9zdGdyZXNxbC8ucy5QR1NRTC41NDMyIF0KCWRvCiAgICBlY2hvICJXYWl0aW5nIDVzIGZvciBkYiBzb2NrZXQgdG8gYmUgYXZhaWxhYmxlIgogICAgc2xlZXAgNXMKICBkb25lCgoKCWlmICEgZGJfaGFzX2JlZW5fcmVzdG9yZWQgIiQxIjsgdGhlbgoJICBlY2hvICJJdCBhcHBlYXJzIGRiICckMScgaGFzIG5vdCB5ZXQgYmVlbiByZXN0b3JlZCBmcm9tIFMzLiBBdHRlbXB0aW5nIHRvIHJlc3RvcmUgJDEgZnJvbSAkMiIKCSAgaW5zdGFsbF9kZXBzCgkgIGRvY2tlcl9zZXR1cF9kYiAjRW5zdXJlcyAkUE9TVEdSRVNfREIgZXhpc3RzIChkZWZpbmVkIGluIHRoZSBlbnRyeXBvaW50IHNjcmlwdCBmcm9tIHRoZSBwb3N0Z3JlcyBkb2NrZXIgaW1hZ2UpCgkgIGF3cyBzMyBjcCAiJDIiIC0gfCBwZ19yZXN0b3JlIC0tY2xlYW4gLS1uby1hY2wgLS1uby1vd25lciAtZCAiJDEiIC1VICIkUE9TVEdSRVNfVVNFUiIKCSAgZWNobyAiJChkYXRlKTogJDIgLT4gJDEiIHwgY2F0ID4+ICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiCgllbHNlCgkgIGVjaG8gIkRiICckMScgYWxyZWFkeSBleGlzdHMuIFJlYWR5ISIKICBmaQp9CgpfbWFpbiAiJEAiICYKYmFja2dyb3VuZFByb2Nlc3M9JCEKCmlmIFsgLW4gIiRQT1NUR1JFU19BUkNISVZFX1VSSSIgXTsgdGhlbgogIHJlc3RvcmVfZGIgIiRQT1NUR1JFU19EQiIgIiRQT1NUR1JFU19BUkNISVZFX1VSSSIKZWxzZQogIGVjaG8gIkRlY2xpbmluZyB0byByZXN0b3JlIHRoZSBkYiBiZWNhdXNlIG5vIGFyY2hpdmUgdXJpIHdhcyBwcm92aWRlZCIKZmkKCndhaXQgJGJhY2tncm91bmRQcm9jZXNzCgoK
+
+#Here is the ASCII-encoded version of the script in the secret above
+#!/usr/bin/env bash
+#
+#source /usr/local/bin/docker-entrypoint.sh
+#
+#install_deps() {
+#  apt-get update -y > /dev/null
+#  apt-get install curl -y > /dev/null
+#  apt-get install unzip -y > /dev/null
+#  curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" > /dev/null
+#  unzip awscliv2.zip > /dev/null
+#  ./aws/install > /dev/null
+#}
+#
+#db_has_been_restored() {
+#  if [ ! -f "$PGDATA/CPLN_RESTORED" ]; then
+#    return 1
+#  fi
+#
+#  if ! grep -q "\-> $1$" "$PGDATA/CPLN_RESTORED"; then
+#    return 1
+#  else
+#    return 0
+#  fi
+#}
+#
+#restore_db() {
+#  while [ ! -S /var/run/postgresql/.s.PGSQL.5432 ]
+#  do
+#    echo "Waiting 5s for db socket to be available"
+#    sleep 5s
+#  done
+#
+#
+#  if ! db_has_been_restored "$1"; then
+#    echo "It appears db '$1' has not yet been restored from S3. Attempting to restore $1 from $2"
+#    install_deps
+#    docker_setup_db #Ensures $POSTGRES_DB exists (defined in the entrypoint script from the postgres docker image)
+#    aws s3 cp "$2" - | pg_restore --clean --no-acl --no-owner -d "$1" -U "$POSTGRES_USER"
+#    echo "$(date): $2 -> $1" | cat >> "$PGDATA/CPLN_RESTORED"
+#  else
+#    echo "Db '$1' already exists. Ready!"
+#  fi
+#}
+#
+#_main "$@" &
+#backgroundProcess=$!
+#
+#if [ -n "$POSTGRES_ARCHIVE_URI" ]; then
+#  restore_db "$POSTGRES_DB" "$POSTGRES_ARCHIVE_URI"
+#else
+#  echo "Declining to restore the db because no archive uri was provided"
+#fi
+#
+#wait $backgroundProcess
+
+---
+kind: identity
+name: postgres-poc-identity
+description: postgres-poc-identity
+
+---
+kind: policy
+name: postgres-poc-access
+description: postgres-poc-access
+bindings:
+  - permissions:
+      - reveal
+# Uncomment these two
+#      - use
+#      - view
+    principalLinks:
+      - //gvc/{{APP_NAME}}/identity/postgres-poc-identity
+targetKind: secret
+targetLinks:
+  - //secret/postgres-poc-credentials
+  - //secret/postgres-poc-entrypoint-script
+
+---
+kind: workload
+name: postgres
+description: postgres
+spec:
+  type: stateful
+  containers:
+    - cpu: 1000m
+      memory: 512Mi
+      env:
+        # Uncomment next two envs will cause the db to be restored from the archive uri
+        #        - name: POSTGRES_ARCHIVE_URI  #Use this var to control the automatic restore behavior. If you leave it out, the db will start empty.
+        #          value: s3://YOUR_BUCKET/PATH_TO_ARCHIVE_FILE
+        # - name: POSTGRES_DB #The name of the initial db in case of doing a restore
+        #  value: test
+        - name: PGDATA #The location postgres stores the db. This can be anything other than /var/lib/postgresql/data, but it must be inside the mount point for the volume set
+          value: "/var/lib/postgresql/data/pg_data"
+        - name: POSTGRES_PASSWORD #The password for the default user
+          value: cpln://secret/postgres-poc-credentials.password
+        - name: POSTGRES_USER #The name of the default user
+          value: cpln://secret/postgres-poc-credentials.username
+      name: stateful
+      image: postgres:15
+      command: /bin/bash
+      args:
+        - "-c"
+        - "cat /usr/local/bin/cpln-entrypoint.sh >> ./cpln-entrypoint.sh && chmod u+x ./cpln-entrypoint.sh && ./cpln-entrypoint.sh postgres"
+      #command:  "cpln-entrypoint.sh"
+      #args:
+      #  - "postgres"
+      ports:
+        - number: 5432
+          protocol: tcp
+      volumes:
+        - uri: cpln://volumeset/postgres-poc-vs
+          path: "/var/lib/postgresql/data"
+        # Make the ENV value for the entry script a file
+        - uri: cpln://secret/postgres-poc-entrypoint-script
+          path: "/usr/local/bin/cpln-entrypoint.sh"
+      inheritEnv: false
+      livenessProbe:
+        tcpSocket:
+          port: 5432
+        failureThreshold: 1
+      readinessProbe:
+        tcpSocket:
+          port: 5432
+        failureThreshold: 1
+  identityLink: //identity/postgres-poc-identity
+  defaultOptions:
+    capacityAI: false
+    autoscaling:
+      metric: cpu
+      target: 95
+      maxScale: 1
+  firewallConfig:
+    external:
+      inboundAllowCIDR: []
+      outboundAllowCIDR:
+        - 0.0.0.0/0
+    internal:
+      inboundAllowType: same-gvc

data/lib/generator_templates/templates/rails.yml

@@ -0,0 +1,36 @@
+# Template setup of Rails server workload, roughly corresponding to Heroku dyno
+# type within Procfile.
+kind: workload
+name: rails
+spec:
+  type: standard
+  containers:
+    - name: rails
+      # 300m is a good starting place for a test app. You can experiment with CPU configuration
+      # once your app is running.
+      cpu: 300m
+      env:
+        - name: LOG_LEVEL
+          value: debug
+      # Inherit other ENV values from GVC
+      inheritEnv: true
+      image: {{APP_IMAGE_LINK}}
+      # 512 corresponds to a standard 1x dyno type
+      memory: 512Mi
+      ports:
+        - number: 3000
+          protocol: http
+  defaultOptions:
+    # Start out like this for "test apps"
+    autoscaling:
+      # Max of 1 effectively disables autoscaling, so a like a Heroku dyno count of 1
+      maxScale: 1
+    capacityAI: false
+  firewallConfig:
+    external:
+      # Default to allow public access to Rails server
+      inboundAllowCIDR:
+        - 0.0.0.0/0
+      # Could configure outbound for more security
+      outboundAllowCIDR:
+        - 0.0.0.0/0