RubyGems - kite - Versions diffs - 0.2.0 → 1.0.0 - Mend

kite 0.2.0 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (116) hide show

checksums.yaml +5 -5
data/CHANGELOG.md +130 -66
data/LICENSE.md +202 -0
data/README.md +35 -11
data/bin/concourse/out +16 -20
data/docs/kite-concourse-resource.md +45 -0
data/kite.gemspec +1 -0
data/lib/kite.rb +3 -1
data/lib/kite/cloud.rb +1 -0
data/lib/kite/core.rb +8 -2
data/lib/kite/generate.rb +12 -46
data/lib/kite/helpers.rb +0 -72
data/lib/kite/helpers/concourse.rb +3 -2
data/lib/kite/module.rb +76 -0
data/lib/kite/terraform.rb +45 -0
data/lib/kite/version.rb +1 -1
data/tpl/aws/environment/main.tf.tt +5 -0
data/tpl/aws/environment/s3.tf.tt +13 -0
data/tpl/gcp/environment/gcs.tf.tt +18 -0
data/tpl/gcp/environment/main.tf.tt +5 -0
data/tpl/gcp/environment/outputs.tf.tt +5 -0
data/tpl/service/%output_path%/pipelines/review.yml.tt +55 -37
data/tpl/service/%output_path%/pipelines/tasks/create-pull-requests-tag.yml.tt +1 -1
data/tpl/service/%output_path%/pipelines/tasks/create-repository-tag.yml.tt +1 -1
data/tpl/service/%output_path%/pipelines/tasks/run-unit.yml.tt +7 -0
data/tpl/service/Makefile.tt +11 -7
data/tpl/service/docs/getting-started.md +73 -0
data/tpl/service/docs/service.md +101 -0
data/tpl/skel/Gemfile.tt +0 -9
data/tpl/skel/config/cloud.yml +11 -66
metadata +29 -88
data/lib/kite/render.rb +0 -116
data/tpl/aws/README.md +0 -52
data/tpl/aws/bin/base/bootstrap.sh +0 -35
data/tpl/aws/bin/base/cleanup.sh.tt +0 -19
data/tpl/aws/bin/base/set-env.sh.tt +0 -7
data/tpl/aws/bin/base/setup-tunnel.sh.tt +0 -4
data/tpl/aws/bin/bosh-install.sh.tt +0 -23
data/tpl/aws/bin/concourse-deploy.sh.tt +0 -14
data/tpl/aws/bin/ingress-deploy.sh.tt +0 -7
data/tpl/aws/bin/ingress-update.sh.tt +0 -7
data/tpl/aws/bin/kops-delete.sh.erb +0 -5
data/tpl/aws/bin/kops-deploy.sh.erb +0 -11
data/tpl/aws/bin/oauth-deploy.sh.tt +0 -17
data/tpl/aws/bin/prometheus-deploy.sh.tt +0 -23
data/tpl/aws/bin/vault-deploy.sh.tt +0 -10
data/tpl/aws/bosh-vars.yml.erb +0 -12
data/tpl/aws/config/oauth.yml +0 -59
data/tpl/aws/deployments/bosh/bosh.yml +0 -144
data/tpl/aws/deployments/bosh/cloud-config.yml.tt +0 -86
data/tpl/aws/deployments/bosh/cpi.yml +0 -98
data/tpl/aws/deployments/bosh/jumpbox-user.yml +0 -27
data/tpl/aws/deployments/concourse/concourse.yml.tt +0 -98
data/tpl/aws/deployments/ingress/ingress.yml.erb +0 -78
data/tpl/aws/deployments/oauth/oauth.yml.tt +0 -95
data/tpl/aws/deployments/prometheus/monitor-bosh.yml +0 -518
data/tpl/aws/deployments/prometheus/monitor-kubernetes.yml +0 -30
data/tpl/aws/deployments/prometheus/prometheus.yml.tt +0 -184
data/tpl/aws/deployments/vault/vault.yml.erb +0 -38
data/tpl/aws/docs/bosh.md +0 -31
data/tpl/aws/docs/concourse.md +0 -41
data/tpl/aws/docs/ingress.md +0 -14
data/tpl/aws/docs/kops.md +0 -35
data/tpl/aws/docs/oauth.md +0 -24
data/tpl/aws/docs/prometheus.md +0 -31
data/tpl/aws/docs/vault.md +0 -35
data/tpl/aws/terraform/kite_bucket.tf +0 -8
data/tpl/aws/terraform/main.tf.tt +0 -36
data/tpl/aws/terraform/network.tf.tt +0 -252
data/tpl/aws/terraform/outputs.tf +0 -19
data/tpl/aws/terraform/terraform.tfvars.tt +0 -21
data/tpl/aws/terraform/variables.tf +0 -73
data/tpl/gcp/README.md +0 -54
data/tpl/gcp/bin/base/bootstrap.sh +0 -35
data/tpl/gcp/bin/base/cleanup.sh.tt +0 -20
data/tpl/gcp/bin/base/set-env.sh.tt +0 -10
data/tpl/gcp/bin/base/setup-tunnel.sh.tt +0 -13
data/tpl/gcp/bin/bosh-install.sh.tt +0 -22
data/tpl/gcp/bin/concourse-deploy.sh.tt +0 -14
data/tpl/gcp/bin/ingress-deploy.sh.tt +0 -7
data/tpl/gcp/bin/ingress-update.sh.tt +0 -7
data/tpl/gcp/bin/oauth-deploy.sh.tt +0 -19
data/tpl/gcp/bin/prometheus-deploy.sh.tt +0 -23
data/tpl/gcp/bin/vault-deploy.sh.tt +0 -10
data/tpl/gcp/bosh-vars.yml.erb +0 -9
data/tpl/gcp/config/oauth.yml +0 -59
data/tpl/gcp/deployments/bosh/bosh.yml +0 -144
data/tpl/gcp/deployments/bosh/cloud-config.yml.tt +0 -73
data/tpl/gcp/deployments/bosh/cpi.yml +0 -69
data/tpl/gcp/deployments/bosh/jumpbox-user.yml +0 -27
data/tpl/gcp/deployments/concourse/concourse.yml.tt +0 -104
data/tpl/gcp/deployments/concourse/test/test-credentials.yml +0 -3
data/tpl/gcp/deployments/concourse/test/test-pipeline.yml +0 -24
data/tpl/gcp/deployments/ingress/ingress.yml.erb +0 -111
data/tpl/gcp/deployments/oauth/oauth.yml.tt +0 -95
data/tpl/gcp/deployments/prometheus/monitor-bosh.yml +0 -518
data/tpl/gcp/deployments/prometheus/monitor-kubernetes.yml +0 -30
data/tpl/gcp/deployments/prometheus/prometheus.yml +0 -183
data/tpl/gcp/deployments/vault/vault.yml.erb +0 -37
data/tpl/gcp/docs/bosh.md +0 -36
data/tpl/gcp/docs/concourse.md +0 -41
data/tpl/gcp/docs/ingress.md +0 -12
data/tpl/gcp/docs/oauth.md +0 -24
data/tpl/gcp/docs/prometheus.md +0 -27
data/tpl/gcp/docs/vault.md +0 -36
data/tpl/gcp/terraform/gcs.tf.tt +0 -18
data/tpl/gcp/terraform/main.tf +0 -70
data/tpl/gcp/terraform/network.tf +0 -52
data/tpl/gcp/terraform/outputs.tf +0 -7
data/tpl/gcp/terraform/terraform.tfvars.tt +0 -15
data/tpl/gcp/terraform/variables.tf +0 -37
data/tpl/service/%output_path%/pipelines/tasks/helm-deploy.yml.tt +0 -22
data/tpl/service/%output_path%/pipelines/tasks/run-master-tests.yml.tt +0 -12
data/tpl/service/%output_path%/pipelines/tasks/run-pr-tests.yml.tt +0 -12
data/tpl/skel/docs/index.md.tt +0 -0
data/tpl/skel/docs/quickstart.md.tt +0 -0

data/tpl/aws/deployments/prometheus/monitor-kubernetes.yml DELETED Viewed

@@ -1,30 +0,0 @@
-# This file assumes bosh_exporter based Service Discovery is being used: ./monitor-bosh.yml
-# Exporter jobs
-- type: replace
-  path: /instance_groups/name=prometheus/jobs/-
-  value:
-    name: kube_state_metrics_exporter
-    release: prometheus
-    properties:
-      kube_state_metrics_exporter:
-        apiserver: "((kubernetes_apiserver))"
-        kubeconfig: ((kubernetes_kubeconfig))
-# Prometheus Alerts
-- type: replace
-  path: /instance_groups/name=prometheus/jobs/name=kubernetes_alerts?/release
-  value: prometheus
-- type: replace
-  path: /instance_groups/name=prometheus/jobs/name=prometheus/properties/prometheus/rule_files/-
-  value: /var/vcap/jobs/kubernetes_alerts/*.alerts
-# Grafana Dashboards
-- type: replace
-  path: /instance_groups/name=grafana/jobs/name=kubernetes_dashboards?/release
-  value: prometheus
-- type: replace
-  path: /instance_groups/name=grafana/jobs/name=grafana/properties/grafana/prometheus/dashboard_files/-
-  value: /var/vcap/jobs/kubernetes_dashboards/*.json

data/tpl/aws/deployments/prometheus/prometheus.yml.tt DELETED Viewed

@@ -1,184 +0,0 @@
-name: prometheus
-instance_groups:
-  - name: alertmanager
-    azs:
-      - z1
-    instances: 1
-    vm_type: default
-    persistent_disk_type: default
-    stemcell: default
-    networks:
-      - name: platform_net
-        static_ips: [<%= @private_subnet[15] %>]
-    jobs:
-      - name: alertmanager
-        release: prometheus
-        properties:
-          alertmanager:
-            mesh:
-              password: ((alertmanager_mesh_password))
-            route:
-              receiver: default
-            receivers:
-              - name: default
-            test_alert:
-              daily: true
-  - name: prometheus
-    azs:
-      - z1
-    instances: 1
-    vm_type: default
-    persistent_disk_type: default
-    stemcell: default
-    networks:
-      - name: platform_net
-        static_ips: [<%= @private_subnet[16] %>]
-    jobs:
-      - name: prometheus
-        release: prometheus
-        properties:
-          prometheus:
-            rule_files:
-              - /var/vcap/jobs/postgres_alerts/*.alerts
-              - /var/vcap/jobs/prometheus_alerts/*.alerts
-            scrape_configs:
-              - job_name: prometheus
-                static_configs:
-                - targets:
-                  - localhost:9090
-      - name: postgres_alerts
-        release: prometheus
-      - name: prometheus_alerts
-        release: prometheus
-  - name: database
-    azs:
-      - z1
-    instances: 1
-    vm_type: default
-    persistent_disk_type: default
-    stemcell: default
-    networks:
-      - name: platform_net
-    jobs:
-      - name: postgres
-        release: postgres
-        properties:
-          databases:
-            port: 5432
-            databases:
-              - name: grafana
-                citext: true
-            roles:
-              - name: grafana
-                password: ((postgres_grafana_password))
-      - name: postgres_exporter
-        release: prometheus
-        properties:
-          postgres_exporter:
-            datasource_name: postgresql://grafana:((postgres_grafana_password))@127.0.0.1:5432/?sslmode=disable
-  - name: grafana
-    azs:
-      - z1
-    instances: 1
-    vm_type: default
-    persistent_disk_type: default
-    stemcell: default
-    networks:
-      - name: platform_net
-        static_ips: [<%= @private_subnet[17] %>]
-    jobs:
-      - name: grafana
-        release: prometheus
-        properties:
-          grafana:
-            database:
-              type: postgres
-              port: 5432
-              name: grafana
-              user: grafana
-              password: ((postgres_grafana_password))
-            session:
-              provider: postgres
-              provider_port: 5432
-              provider_name: grafana
-              provider_user: grafana
-              provider_password: ((postgres_grafana_password))
-            security:
-              admin_user: admin
-              admin_password: ((grafana_password))
-              secret_key: ((grafana_secret_key))
-            dashboards:
-              json:
-                enabled: true
-            prometheus:
-              dashboard_files:
-                - /var/vcap/jobs/grafana_dashboards/*.json
-                - /var/vcap/jobs/postgres_dashboards/*.json
-                - /var/vcap/jobs/prometheus_dashboards/*.json
-      - name: grafana_dashboards
-        release: prometheus
-      - name: postgres_dashboards
-        release: prometheus
-      - name: prometheus_dashboards
-        release: prometheus
-  - name: nginx
-    azs:
-      - z1
-    instances: 1
-    vm_type: default
-    stemcell: default
-    networks:
-      - name: platform_net
-        static_ips: [<%= @private_subnet[18] %>]
-    jobs:
-      - name: nginx
-        release: prometheus
-        properties:
-          nginx:
-            alertmanager:
-              auth_username: admin
-              auth_password: ((alertmanager_password))
-            prometheus:
-              auth_username: admin
-              auth_password: ((prometheus_password))
-variables:
-  - name: alertmanager_password
-    type: password
-  - name: alertmanager_mesh_password
-    type: password
-  - name: prometheus_password
-    type: password
-  - name: postgres_grafana_password
-    type: password
-  - name: grafana_password
-    type: password
-  - name: grafana_secret_key
-    type: password
-update:
-  canaries: 1
-  max_in_flight: 32
-  canary_watch_time: 1000-100000
-  update_watch_time: 1000-100000
-  serial: false
-stemcells:
-  - alias: default
-    os: ubuntu-trusty
-    version: latest
-releases:
-- name: postgres
-  version: "20"
-  url: https://bosh.io/d/github.com/cloudfoundry/postgres-release?v=20
-  sha1: 3f378bcab294e20316171d4e656636df88763664
-- name: prometheus
-  version: 18.6.2
-  url: https://github.com/cloudfoundry-community/prometheus-boshrelease/releases/download/v18.6.2/prometheus-18.6.2.tgz
-  sha1: f6b7ed381a28ce8fef99017a89e1122b718d5556

data/tpl/aws/deployments/vault/vault.yml.erb DELETED Viewed

@@ -1,38 +0,0 @@
----
-name: vault
-releases:
-- name: vault
-  version: latest
-instance_groups:
-- name: vault
-  instances: 1
-  vm_type: default
-  azs: [z1]
-  stemcell: trusty
-  networks:
-  - name: platform_net
-    static_ips: [<%= @private_subnet[11] %>]
-  jobs:
-  - name: vault
-    release: vault
-    properties:
-      vault:
-        ha:
-          redirect: ~
-        storage:
-          use_file: true
-update:
-  canaries: 1
-  max_in_flight: 1
-  serial: false
-  canary_watch_time: 1000-60000
-  update_watch_time: 1000-60000
-stemcells:
-- alias: trusty
-  name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
-  version: latest

data/tpl/aws/docs/bosh.md DELETED Viewed

@@ -1,31 +0,0 @@
-#### [Back](../README.md)
-## BOSH
-### Prerequisites
-- Terraform IaC applied
-- [BOSH CLI v2](https://bosh.io/docs/cli-v2.html#install) installed
-### Setup
-Render bosh deployment
-```
-kite render manifest bosh --cloud=aws
-```
-Setup tunnel
-```
-. bin/setup-tunnel.sh
-```
-Install BOSH
-```
-./bin/bosh-install.sh
-```
-Connect to the Director
-```
-. bin/set-env.sh
-```

data/tpl/aws/docs/concourse.md DELETED Viewed

@@ -1,41 +0,0 @@
-#### [Back](../README.md)
-## Concourse
-### Prerequisites
-- Vault [deployed and initialized](vault.md)
-### Setup
-Fill out the "token" field in `deployments/concourse/concourse.yml` with root token received from `vault init`.
-Deploy Concourse by running the script with the Vault token as argument(strong passwords for Concourse auth and db will be generated automatically)
-```
-./bin/concourse-deploy.sh *vault_token*
-```
-### Connect GitHub oAuth
-To configure GitHub oAuth, you'll first need to [create](https://developer.github.com/apps/building-integrations/setting-up-and-registering-oauth-apps/registering-oauth-apps) a GitHub oAuth app.
-```
-fly set-team -n concourse \
-    --github-auth-client-id D \
-    --github-auth-client-secret $CLIENT_SECRET \
-    --github-auth-team concourse/Pivotal
-```
-### Test
-To run a test Concourse job:
-- Go to test folder: `cd deployments/concourse/test`
-- Fill out `test-credentials.yml`
-- Add necessary secrets to your Vault(see [docs/vault.md](docs/vault.md))
-- Download the `fly` client from Concourse web panel and add it to your PATH: `mv *path_to_fly* /usr/local/bin`
-- Login to Concourse using the `fly` client: `fly -t ci --concourse-url *concourse-url*`
-- Create a test pipeline with `fly set-pipeline -t ci -c test-pipeline.yml -p test --load-vars-from test-credentials.yml -n`
-- Unpause pipeline: `fly unpause-pipeline -t ci -p test`
-- Trigger and unpause the test job: `fly trigger-job -t ci -j test/test-publish`
-- See the results on Concourse web panel or use: `fly watch -p test -j test/test-publish`

data/tpl/aws/docs/ingress.md DELETED Viewed

@@ -1,14 +0,0 @@
-#### [Back](../README.md)
-## Ingress
-### Prerequisites
-- BOSH environment [ready](bosh.md)
-- All hostnames resolve to the VIP configured in cloud.yml (this is mandatory to issue SSL certificates)
-### Deployment
-To deploy Ingress, use `./bin/ingress-deploy.sh`
-After each new component deployed, run `./bin/ingress-update`

data/tpl/aws/docs/kops.md DELETED Viewed

@@ -1,35 +0,0 @@
-#### KOPS
-### Prerequisites
-- [kubectl](https://github.com/kubernetes/kops/blob/master/docs/install.md#kubectl) installed
-- [kops](https://github.com/kubernetes/kops/blob/master/docs/install.md) client installed
-- SSH key generated(needed for accessing cluster's master)
-- Amazon S3 bucket for storing cluster's state created
-- Route 53 domain for cluster access
-- IAM user with correct policies:
-     - AmazonEC2FullAccess
-     - AmazonRoute53FullAccess
-     - AmazonS3FullAccess
-     - IAMFullAccess
-     - AmazonVPCFullAccess
-### Setup
-Export AWS access keys and ID if you didn't before
-```
-export AWS_ACCESS_KEY_ID=<access key>
-export AWS_SECRET_ACCESS_KEY=<secret key>
-```
-Deploy the `kops` cluster
-```
-./bin/kops-deploy.sh
-```
-### Teardown
-To tear down the kops cluster you've created, just run
-```
-./bin/kops-delete.sh
-```

data/tpl/aws/docs/oauth.md DELETED Viewed

@@ -1,24 +0,0 @@
-#### [Back](../README.md)
-## OAuth (UAA)
-### Configuration
-If you want to add initial groups and users, change oauth look,
-configure mail, etc. - you should edit `config/oauth.yml`.
-Here are links to uaa config documentation:
-* __users:__ [uaa.scim.users](https://bosh.io/jobs/uaa?source=github.com/cloudfoundry/uaa-release&version=52#p=uaa.scim.users)
-* __groups:__ [uaa.scim.groups](https://bosh.io/jobs/uaa?source=github.com/cloudfoundry/uaa-release&version=52#p=uaa.scim.groups)
-* __oauth clients:__ [uaa.clients](https://bosh.io/jobs/uaa?source=github.com/cloudfoundry/uaa-release&version=52#p=uaa.clients)
-* __theming:__ [login.branding](https://bosh.io/jobs/uaa?source=github.com/cloudfoundry/uaa-release&version=52#p=login.branding)
-* __email notifications:__ [login.smtp](https://bosh.io/jobs/uaa?source=github.com/cloudfoundry/uaa-release&version=52#p=login.smtp)
-### Deployment
-After editing config, run `./bin/oauth-deploy.sh`
-### Usage
-To check if OAuth works, visit [<%= @values['oauth']['hostname'] %>](<%= @values['oauth']['url'] %>).

data/tpl/aws/docs/prometheus.md DELETED Viewed

@@ -1,31 +0,0 @@
-#### [Back](../README.md)
-## Prometheus
-### Prerequisites
-- BOSH environment [ready](bosh.md)
-- Kops cluster [deployed](kops.md)
-### Setup
-Enter path to your Kubernetes config in `config/cloud.yml` and add the Kubernetes API server address to `config/bosh_vars.yml`.
-Afterwards, deploy Prometheus
-```
-./bin/prometheus-deploy.sh
-```
-### Access
-After the deployment process is done, you can reach each Prometheus' component's web UI at:
-If you have [Ingress](ingress.md) deployed and DNS record created, each Prometheus stack component should be accessible by its respective address.
-Without Ingress:
-- AlertManager: http://10.0.0.18:9093
-- Grafana:      http://10.0.0.18:3000
-- Prometheus:   http://10.0.0.18:9090
-You can find related credentials in `config/creds.yml`

data/tpl/aws/docs/vault.md DELETED Viewed

@@ -1,35 +0,0 @@
-#### [Back](../README.md)
-## Vault
-### Prerequisites
-Before using Vault, you should have the client installed:
-- Download the binary for your OS
-- Unzip it and run `chmod +x vault && sudo mv vault /usr/local/bin/vault`
-- Check if the Vault is installed by running `vault -v`
-### Deployment
-To deploy Vault, use `./bin/vault-deploy.sh`
-### Connection
-- Export your Vault's IP using `export VAULT_ADDR=http://*vault_ip*:8200`
-- Run `vault init` to initialize the vault
-- Store the keys displayed after init
-- Unseal the vault by running `vault unseal` three times using three keys from the previous step
-- Authenticate to the vault with `vault auth` using the root token you got from `vault init`
-[Optional]
-- Try to store a dummy secret: `vault write secret/handshake knock=knock`
-- Read it: `vault read secret/handshake`
-### Usage with Concourse
-Before using Vault with Concourse you should mount a secrets backend with `vault mount -path=concourse kv`
-To add new secrets accessible for Concourse use `vault write concourse/main/*secret_name* value="*secret_value*"`
-#### It's recommended to create a separate token for Concourse by using `vault token-create`