kube_cluster 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 44abda9fe549953b96a2cb47130457c4c48632f7b15de95b908e5f0f086cd50d
-  data.tar.gz: b8684b9dc96998ae588ae180709fb2921e9123744dd307c0115566b4a0e3ce0d
+  metadata.gz: f35a6fb5b6ece5ffc32651a5ad104c896bc8cb80810c80ecb560a22fe0a59eca
+  data.tar.gz: df13e8af081ff1bba21254570f12eef80f82fe2ab47804877e76c0f360c9212c
 SHA512:
-  metadata.gz: 8a864cbc779ac254833255e5b747c4e892d38c99328726f6e5f2f10829329918e6952d8370c440fd8821bf3875a4c2d4b3fc43174d387549375bbbfc4bb99794
-  data.tar.gz: a5435a7443624ba54d4fec5ae93d29cf426a7e5e9c14b160b0d1c925f960d8cb832f50c07962c05039ffcfcdc4a2e581f3bb8b49c4b393307f3dfba286cac989
+  metadata.gz: cbfd8728fd22e79cc2429dc503cbba4f931da5d2f36e99d210b189863bdaa9fcf21965b13b1af231029d973dfafc03f1d44dba48f0f51eb07ba3d6597d8dfea1
+  data.tar.gz: 4dd4cec8ee94d15cce4430e6ee1b6a80a5db1e5aa97995b4aa58c3d5180dc9ac7829dbb4d36e9ba2b55c17ec025de097d0622d808dc24ba9e87ee5fadf4a2478

data/.github/workflows/release.yml

@@ -0,0 +1,43 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+
+
+
+  build-and-push-gem:
+    uses: ./.github/workflows/build-and-push-gem.yml
+    permissions:
+      contents: read
+      id-token: write
+    secrets: inherit
+
+
+
+  github-release:
+
+    needs: [build-and-push-gem]
+
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: write
+    steps:
+      - uses: actions/download-artifact@v4
+        with:
+          path: release/
+          merge-multiple: true
+
+      - name: Consolidate checksums
+        run: |
+          cd release
+          cat SHA256SUMS-linux-*.txt > SHA256SUMS.txt
+          rm SHA256SUMS-linux-*.txt
+
+      - uses: softprops/action-gh-release@v2
+        with:
+          files: release/*
+          generate_release_notes: true

data/.github/workflows/tag-gem-version-bump.yml

@@ -0,0 +1,47 @@
+name: Auto-tag on version bump
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  tag:
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: '3.4'
+
+      - name: Read version from gemspec
+        id: read
+        run: |
+          version=$(ruby -e '
+            spec = Gem::Specification.load(Dir["*.gemspec"].first)
+            puts spec.version
+          ')
+          echo "version=$version" >> "$GITHUB_OUTPUT"
+
+      - name: Check if tag exists
+        id: check
+        run: |
+          tag="v${{ steps.read.outputs.version }}"
+          if git rev-parse "$tag" >/dev/null 2>&1; then
+            echo "exists=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "exists=false" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Create and push tag
+        if: steps.check.outputs.exists == 'false'
+        run: |
+          tag="v${{ steps.read.outputs.version }}"
+          git config user.name  "Nathan K"
+          git config user.email "nathankidd@hey.com"
+          git tag -a "$tag" -m "Release $tag"
+          git push origin "$tag"

data/.gitignore

@@ -1,6 +1,8 @@
 *.gem
+.direnv
 /.bundle/
 /coverage/
 /pkg/
 /tmp/
 /vendor/bundle
+/kubeconfig.yaml

data/Gemfile.lock

@@ -1,52 +1,75 @@
 PATH
   remote: .
   specs:
-    kube_cluster (0.1.1)
-      kube_schema (~> 1.0)
+    kube_cluster (0.2.1)
+      kube_kit (> 0)
+      kube_kubectl (~> 2.0.0)
+      kube_schema (~> 1.2.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.8.9)
-      public_suffix (>= 2.0.2, < 8.0)
     ast (2.4.3)
-    bigdecimal (4.0.1)
+    bigdecimal (4.1.2)
     black_hole_struct (0.1.3)
+    date (3.5.1)
+    debug (1.11.1)
+      irb (~> 1.10)
+      reline (>= 0.3.8)
+    erb (6.0.3)
     hana (1.3.7)
-    json (2.19.2)
-    json-schema (6.2.0)
-      addressable (~> 2.8)
-      bigdecimal (>= 3.1, < 5)
+    io-console (0.8.2)
+    irb (1.17.0)
+      pp (>= 0.6.0)
+      prism (>= 1.3.0)
+      rdoc (>= 4.0.0)
+      reline (>= 0.4.2)
+    json (2.19.4)
     json_schemer (2.5.0)
       bigdecimal
       hana (~> 1.3)
       regexp_parser (~> 2.0)
       simpleidn (~> 0.2)
-    kube_schema (1.0.0)
+    kube_kit (0.2.0)
+    kube_kubectl (2.0.2)
+      debug (~> 1.11)
+      json_schemer (~> 2.5)
+      rubyshell (~> 1.5)
+      shellwords (~> 0.2.2)
+      string_builder (~> 1.2.0)
+    kube_schema (1.2.3)
       black_hole_struct (~> 0.1)
       json_schemer (~> 2.5)
       rubyshell (~> 1.5)
     language_server-protocol (3.17.0.5)
     lint_roller (1.1.0)
-    mcp (0.8.0)
-      json-schema (>= 4.1)
     minitest (5.27.0)
-    parallel (1.27.0)
-    parser (3.3.10.2)
+    parallel (2.0.1)
+    parser (3.3.11.1)
       ast (~> 2.4.1)
       racc
+    pp (0.6.3)
+      prettyprint
+    prettyprint (0.2.0)
     prism (1.9.0)
-    public_suffix (7.0.5)
+    psych (5.3.1)
+      date
+      stringio
     racc (1.8.1)
     rainbow (3.1.1)
-    rake (13.3.1)
-    regexp_parser (2.11.3)
-    rubocop (1.85.1)
+    rake (13.4.2)
+    rdoc (7.2.0)
+      erb
+      psych (>= 4.0.0)
+      tsort
+    regexp_parser (2.12.0)
+    reline (0.6.3)
+      io-console (~> 0.5)
+    rubocop (1.86.1)
       json (~> 2.3)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.1.0)
-      mcp (~> 0.6)
-      parallel (~> 1.10)
+      parallel (>= 1.10)
       parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 2.9.3, < 3.0)
@@ -58,7 +81,11 @@ GEM
       prism (~> 1.7)
     ruby-progressbar (1.13.0)
     rubyshell (1.5.0)
+    shellwords (0.2.2)
     simpleidn (0.2.3)
+    string_builder (1.2.0)
+    stringio (3.2.0)
+    tsort (0.2.0)
     unicode-display_width (3.2.0)
       unicode-emoji (~> 4.1)
     unicode-emoji (4.2.0)
@@ -73,36 +100,5 @@ DEPENDENCIES
   rake (~> 13.0)
   rubocop (~> 1.21)
 
-CHECKSUMS
-  addressable (2.8.9) sha256=cc154fcbe689711808a43601dee7b980238ce54368d23e127421753e46895485
-  ast (2.4.3) sha256=954615157c1d6a382bc27d690d973195e79db7f55e9765ac7c481c60bdb4d383
-  bigdecimal (4.0.1) sha256=8b07d3d065a9f921c80ceaea7c9d4ae596697295b584c296fe599dd0ad01c4a7
-  black_hole_struct (0.1.3) sha256=b1cac7dbe7f36bb3ed8372de656dbe140ad20d786aaace552c5706f7aa46c4a3
-  hana (1.3.7) sha256=5425db42d651fea08859811c29d20446f16af196308162894db208cac5ce9b0d
-  json (2.19.2) sha256=e7e1bd318b2c37c4ceee2444841c86539bc462e81f40d134cf97826cb14e83cf
-  json-schema (6.2.0) sha256=e8bff46ed845a22c1ab2bd0d7eccf831c01fe23bb3920caa4c74db4306813666
-  json_schemer (2.5.0) sha256=2f01fb4cce721a4e08dd068fc2030cffd0702a7f333f1ea2be6e8991f00ae396
-  kube_cluster (0.1.1)
-  kube_schema (1.0.0) sha256=a83e584b316f21492fe551231f22cf3e7439fd6f1df6f3769c24d66ab040dc6e
-  language_server-protocol (3.17.0.5) sha256=fd1e39a51a28bf3eec959379985a72e296e9f9acfce46f6a79d31ca8760803cc
-  lint_roller (1.1.0) sha256=2c0c845b632a7d172cb849cc90c1bce937a28c5c8ccccb50dfd46a485003cc87
-  mcp (0.8.0) sha256=ae8bd146bb8e168852866fd26f805f52744f6326afb3211e073f78a95e0c34fb
-  minitest (5.27.0) sha256=2d3b17f8a36fe7801c1adcffdbc38233b938eb0b4966e97a6739055a45fa77d5
-  parallel (1.27.0) sha256=4ac151e1806b755fb4e2dc2332cbf0e54f2e24ba821ff2d3dcf86bf6dc4ae130
-  parser (3.3.10.2) sha256=6f60c84aa4bdcedb6d1a2434b738fe8a8136807b6adc8f7f53b97da9bc4e9357
-  prism (1.9.0) sha256=7b530c6a9f92c24300014919c9dcbc055bf4cdf51ec30aed099b06cd6674ef85
-  public_suffix (7.0.5) sha256=1a8bb08f1bbea19228d3bed6e5ed908d1cb4f7c2726d18bd9cadf60bc676f623
-  racc (1.8.1) sha256=4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f
-  rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a
-  rake (13.3.1) sha256=8c9e89d09f66a26a01264e7e3480ec0607f0c497a861ef16063604b1b08eb19c
-  regexp_parser (2.11.3) sha256=ca13f381a173b7a93450e53459075c9b76a10433caadcb2f1180f2c741fc55a4
-  rubocop (1.85.1) sha256=3dbcf9e961baa4c376eeeb2a03913dca5e3987033b04d38fa538aa1e7406cc77
-  rubocop-ast (1.49.1) sha256=4412f3ee70f6fe4546cc489548e0f6fcf76cafcfa80fa03af67098ffed755035
-  ruby-progressbar (1.13.0) sha256=80fc9c47a9b640d6834e0dc7b3c94c9df37f08cb072b7761e4a71e22cff29b33
-  rubyshell (1.5.0) sha256=ffd528415962e52b2f3ec155fc3bc2cac401981413c0db451ea2a20194916ab6
-  simpleidn (0.2.3) sha256=08ce96f03fa1605286be22651ba0fc9c0b2d6272c9b27a260bc88be05b0d2c29
-  unicode-display_width (3.2.0) sha256=0cdd96b5681a5949cdbc2c55e7b420facae74c4aaf9a9815eee1087cb1853c42
-  unicode-emoji (4.2.0) sha256=519e69150f75652e40bf736106cfbc8f0f73aa3fb6a65afe62fefa7f80b0f80f
-
 BUNDLED WITH
-  4.0.7
+   2.6.9

data/bin/console

@@ -5,4 +5,7 @@ require "bundler/setup"
 require "kube/cluster"
 require "irb"
 
+GEM_HOME = File.expand_path('..', __dir__)
+ENV["KUBECONFIG"] = File.join(GEM_HOME, "kubeconfig.yaml")
+
 IRB.start(__FILE__)

data/bin/dev

@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+
+docker compose up -d
+

data/docker-compose.yml

@@ -0,0 +1,26 @@
+# to run define K3S_TOKEN, K3S_VERSION is optional, eg:
+#   K3S_TOKEN=${RANDOM}${RANDOM}${RANDOM} docker-compose up
+services:
+  server:
+    image: "rancher/k3s:latest"
+    command: server
+    tmpfs:
+      - /run
+      - /var/run
+    ulimits:
+      nproc: 65535
+      nofile:
+        soft: 65535
+        hard: 65535
+    privileged: true
+    restart: always
+    environment:
+      - K3S_TOKEN=change-me-or-face-the-consequences
+      - K3S_KUBECONFIG_OUTPUT=/output/kubeconfig.yaml
+      - K3S_KUBECONFIG_MODE=666
+    volumes:
+      - .:/output
+    ports:
+      - 6443:6443  # Kubernetes API Server
+      - 80:80      # Ingress controller port 80
+      - 443:443    # Ingress controller port 443

data/examples/01-basic-redis-pod/manifest.rb

@@ -0,0 +1,60 @@
+require "bundler/setup"
+require "kube/schema"
+
+class RedisPod < Kube::Cluster['Pod']
+  def initialize(container_name: 'my-redis-container', **options, &block)
+    super {
+      spec.containers = [
+        {
+          name: container_name,
+          image: 'redis:8.0.2',
+
+          command: ["redis-server", "/redis-master/redis.conf"],
+          env:     [{name: 'MASTER', value: "true"}],
+          ports:   [{ containerPort: 6379 }],
+
+          resources: { limits: { cpu: "0.1" } },
+          volumeMounts: [
+            { mountPath: '/redis-master-data', name: 'data' },
+            { mountPath: '/redis-master', name: 'config' },
+          ]
+        }
+      ]
+
+      spec.volumes = [
+        {
+          name: 'data',
+          emptyDir: {}
+        },
+        {
+          name: 'config',
+          configMap: {
+            name: 'example-redis-config',
+            items: [ { key: 'redis-config', path: 'redis.conf' } ]
+          }
+        },
+      ]
+    }
+    instance_exec(&block) if block_given?
+  end
+end
+
+puts RedisPod.new(
+  container_name: 'my-redis-container-1',
+  metadata: {
+    namespace: 'my-namespace'
+  }
+).to_yaml
+
+puts RedisPod.new(container_name: 'my-redis-container-1') {
+  metadata.namespace = 'my-namespace'
+}.to_yaml
+
+puts RedisPod.new {
+  metadata.namespace = "my-namespace"
+}.to_yaml
+
+puts RedisPod.new {
+  metadata.name = "my-redis-1"
+  metadata.namespace = "my-namespace"
+}.to_yaml

data/examples/02-manifest-with-middleware/manifest.rb

@@ -0,0 +1,37 @@
+require_relative 'templates/config_map'
+require_relative 'templates/deployment'
+require_relative 'templates/ingress'
+require_relative 'templates/service'
+require_relative 'templates/horizontal_pod_autoscaler'
+
+require_relative 'middlware/labels'
+require_relative 'middlware/namespace'
+
+class MyApp < Kube::Schema::Manifest
+  stack do
+    use Middleware::Namespace
+    use Middleware::Labels
+  end
+end
+
+puts MyApp.new(
+  Templates::ConfigMap.new {
+    # no overrides today
+  },
+
+  Templates::Deployment.new {
+    # no overrides today
+  },
+
+  Templates::Ingress.new {
+    # no overrides today
+  },
+
+  Templates::Service.new {
+    # no overrides today
+  },
+
+  Templates::HorizontalPodScaler.new {
+    # no overrides today
+  },
+).to_yaml

data/examples/02-manifest-with-middleware/middleware/labels.rb

@@ -0,0 +1,4 @@
+module Middleware
+  class Labels < Kube::Cluster::Manifest::Middleware
+  end
+end

data/examples/02-manifest-with-middleware/middleware/namespace.rb

@@ -0,0 +1,4 @@
+module Middleware
+  class Namespace < Kube::Cluster::Manifest::Middleware
+  end
+end

data/examples/02-manifest-with-middleware/templates/config_map.rb

@@ -0,0 +1,13 @@
+class ConfigMap < Kube::Cluster["ConfigMap"]
+  def initialize(namespace:)
+    build {
+      metadata.name = "#{namespace}-config"
+      spec.data = {
+        RAILS_ENV:     "production",
+        LOG_LEVEL:     "info",
+        WORKERS:       "4",
+        PORT:          "3000",
+      }
+    }
+  end
+end

data/examples/02-manifest-with-middleware/templates/deployment.rb

@@ -0,0 +1,59 @@
+class Deployment < Kube::Cluster["Deployment"]
+  def initialize(namespace:)
+    build {
+      metadata.name = namespace
+
+      spec.replicas = 3
+      spec.selector.matchLabels = MATCH_LABELS
+
+      spec.template.metadata.labels = STANDARD_LABELS
+      spec.template.metadata.annotations = {
+        # Checksum pattern from _utils.tpl -- triggers rolling restart on config change
+        "checksum/config": "{{ sha256sum of configmap data }}",
+      }
+
+      spec.template.spec.containers = [
+        {
+          name:  APP_NAME,
+          image: IMAGE,
+          ports: [{ name: "http", containerPort: 3000, protocol: "TCP" }],
+          resources: RESOURCES,
+          env: [
+            { name: "PORT", value: "3000" },
+          ],
+          envFrom: [
+            { configMapRef: { name: "#{FULLNAME}-config" } },
+          ],
+          livenessProbe: {
+            httpGet: { path: "/healthz", port: "http" },
+            initialDelaySeconds: 15,
+            periodSeconds: 10,
+          },
+          readinessProbe: {
+            httpGet: { path: "/readyz", port: "http" },
+            initialDelaySeconds: 5,
+            periodSeconds: 5,
+          },
+        },
+      ]
+
+      # Pod anti-affinity (from _affinities.tpl)
+      # Soft anti-affinity: prefer spreading pods across nodes but don't enforce it
+      spec.template.spec.affinity = {
+        podAntiAffinity: {
+          preferredDuringSchedulingIgnoredDuringExecution: [
+            {
+              weight: 1,
+              podAffinityTerm: {
+                labelSelector: {
+                  matchLabels: MATCH_LABELS,
+                },
+                topologyKey: "kubernetes.io/hostname",
+              },
+            },
+          ],
+        },
+      }
+    }
+  end
+end

data/examples/02-manifest-with-middleware/templates/horizontal_pod_autoscaler.rb

@@ -0,0 +1,30 @@
+class HorizontalPodAutoscaler < Kube::Cluster["HorizontalPodAutoscaler"]
+  def initialize(namespace:)
+    build {
+      metadata.name = namespace
+
+      spec.scaleTargetRef.apiVersion = "apps/v1"
+      spec.scaleTargetRef.kind = "Deployment"
+      spec.scaleTargetRef.name = namespace
+
+      spec.minReplicas = 3
+      spec.maxReplicas = 10
+      spec.metrics = [
+        {
+          type: "Resource",
+          resource: {
+            name: "cpu",
+            target: { type: "Utilization", averageUtilization: 75 },
+          },
+        },
+        {
+          type: "Resource",
+          resource: {
+            name: "memory",
+            target: { type: "Utilization", averageUtilization: 80 },
+          },
+        },
+      ]
+    }
+  end
+end

data/examples/02-manifest-with-middleware/templates/ingress.rb

@@ -0,0 +1,38 @@
+class Ingress < Kube::Cluster["Ingress"]
+  def initialize(namespace:)
+    build {
+      metadata.name = namespace
+      metadata.annotations = {
+        "cert-manager.io/cluster-issuer": "letsencrypt-prod",
+        "nginx.ingress.kubernetes.io/ssl-redirect": "true",
+      }
+
+      spec.ingressClassName = "nginx"
+      spec.tls = [
+        {
+          hosts: ["app.example.com"],
+          secretName: "#{namespace}-tls",
+        },
+      ]
+      spec.rules = [
+        {
+          host: "app.example.com",
+          http: {
+            paths: [
+              {
+                path: "/",
+                pathType: "Prefix",
+                backend: {
+                  service: {
+                    name: FULLNAME,
+                    port: { name: "http" },
+                  },
+                },
+              },
+            ],
+          },
+        },
+      ]
+    }
+  end
+end

data/examples/02-manifest-with-middleware/templates/service.rb

@@ -0,0 +1,12 @@
+class Service < Kube::Cluster["Service"]
+  def initialize(namespace:)
+    build {
+      metadata.name = namespace
+
+      spec.selector = MATCH_LABELS
+      spec.ports = [
+        { name: "http", port: 80, targetPort: "http", protocol: "TCP" },
+      ]
+    }
+  end
+end

data/examples/03-app-with-database/demo.rb

@@ -0,0 +1,87 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+# Middleware-driven Manifest Example
+#
+# Demonstrates how middleware eliminates boilerplate. The middleware stack
+# declared in MyApp automatically generates Services, Ingresses, HPAs,
+# and injects resource limits, security contexts, and pod anti-affinity.
+#
+# The block below only declares the unique intent — the things only a
+# human knows. Everything else is derived by middleware from labels.
+#
+# What middleware generates from each Deployment:
+#   - Service           (from container ports + matchLabels)
+#   - Ingress           (from app.kubernetes.io/expose label)
+#   - HPA               (from app.kubernetes.io/autoscale label)
+#   - Resource limits   (from app.kubernetes.io/size label)
+#   - Security contexts (restricted profile, all pod-bearing resources)
+#   - Pod anti-affinity (spread across nodes, all pod-bearing resources)
+#   - Standard labels   (managed-by, merged into everything)
+#
+# Usage:
+#   ruby examples/version2/demo.rb
+#   ruby examples/version2/demo.rb > app.yaml
+
+require "kube/cluster"
+require "securerandom"
+require_relative "my_app"
+
+app = MyApp.new("example.com", size: :small) do |m|
+  name    = "rails-app"
+  ns      = "production"
+  db_name = "postgresql"
+  db_ns   = "database"
+
+  labels    = m.app_labels(name: name, instance: name)
+  db_labels = m.app_labels(name: db_name, instance: db_name, component: "primary")
+  db_match  = m.match_labels(name: db_name, instance: db_name, component: "primary")
+
+  # ── Rails tier ──────────────────────────────────────────────────
+  #
+  # One Namespace, one ConfigMap, one Deployment.
+  # Middleware generates: Service, Ingress, HPA
+  # Middleware injects:   resource limits, security context, anti-affinity, labels
+
+  [
+    Kube::Cluster["Namespace"].new {
+      metadata.name   = ns
+      metadata.labels = labels
+    },
+
+    Kube::Cluster["ConfigMap"].new {
+      metadata.name      = "#{name}-config"
+      metadata.namespace = ns
+      metadata.labels    = labels
+      self.data = {
+        RAILS_ENV:    "production",
+        DATABASE_URL: "postgres://#{db_name}-headless.#{db_ns}.svc.cluster.local:5432/app",
+        LOG_LEVEL:    "info",
+        WORKERS:      "4",
+      }
+    },
+
+    RubyOnRails.new {
+      metadata.name      = name
+      metadata.namespace = ns
+      metadata.labels    = labels.merge(
+        "app.kubernetes.io/expose":    "app.example.com",
+        "app.kubernetes.io/autoscale": "1-5",
+      )
+    },
+  ]
+
+  # ── Database tier ───────────────────────────────────────────────
+  #
+  # StatefulSet + headless Service + Secret + NetworkPolicy.
+  # Middleware generates: Service (from container ports)
+  # Middleware injects:   resource limits, security context, anti-affinity, labels
+
+  pg_password = SecureRandom.alphanumeric(24)
+
+  Postgresql.new {
+  }
+
+end
+
+puts app.to_yaml

data/examples/03-app-with-database/helpers.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module App
+  module Helpers
+    def match_labels(name:, instance:, component: nil)
+      labels = {
+        "app.kubernetes.io/name":     name,
+        "app.kubernetes.io/instance": instance,
+      }
+      labels[:"app.kubernetes.io/component"] = component if component
+      labels
+    end
+
+    def base64(str)
+      [str].pack("m0")
+    end
+  end
+end