kube_cluster 0.2.1 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f6b2fcc6e1de8c59841b080e8150aa249d84fc064f4eab2e981be9ded9dc2290
-  data.tar.gz: 1a55810edfb5809b44699e2a17984b9f0311257aba52796da6b74e293ce3a9d0
+  metadata.gz: f35a6fb5b6ece5ffc32651a5ad104c896bc8cb80810c80ecb560a22fe0a59eca
+  data.tar.gz: df13e8af081ff1bba21254570f12eef80f82fe2ab47804877e76c0f360c9212c
 SHA512:
-  metadata.gz: b64081cec15ce53b3a80effecba8f2ae3ec43ee58d1dc483196a821f37a4d6aa0aabbdd3d21e5df7eb5208cbd8bdbcf1aefbf82a9911733795b5ad4689c2c62e
-  data.tar.gz: ef610d9b33d6907a92f69c077080a8f26ffd6a1e2f2e391b9f54564187b6799af2e275b2f9f6cb3b056f3f9b3952b964921692a2d4456ee5ee7af229b209ac0c
+  metadata.gz: cbfd8728fd22e79cc2429dc503cbba4f931da5d2f36e99d210b189863bdaa9fcf21965b13b1af231029d973dfafc03f1d44dba48f0f51eb07ba3d6597d8dfea1
+  data.tar.gz: 4dd4cec8ee94d15cce4430e6ee1b6a80a5db1e5aa97995b4aa58c3d5180dc9ac7829dbb4d36e9ba2b55c17ec025de097d0622d808dc24ba9e87ee5fadf4a2478

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    kube_cluster (0.2.0)
+    kube_cluster (0.2.1)
       kube_kit (> 0)
       kube_kubectl (~> 2.0.0)
       kube_schema (~> 1.2.0)
@@ -24,20 +24,20 @@ GEM
       prism (>= 1.3.0)
       rdoc (>= 4.0.0)
       reline (>= 0.4.2)
-    json (2.19.3)
+    json (2.19.4)
     json_schemer (2.5.0)
       bigdecimal
       hana (~> 1.3)
       regexp_parser (~> 2.0)
       simpleidn (~> 0.2)
     kube_kit (0.2.0)
-    kube_kubectl (2.0.1)
+    kube_kubectl (2.0.2)
       debug (~> 1.11)
       json_schemer (~> 2.5)
       rubyshell (~> 1.5)
       shellwords (~> 0.2.2)
       string_builder (~> 1.2.0)
-    kube_schema (1.2.1)
+    kube_schema (1.2.3)
       black_hole_struct (~> 0.1)
       json_schemer (~> 2.5)
       rubyshell (~> 1.5)

data/examples/01-basic-redis-pod/manifest.rb

@@ -1,7 +1,7 @@
 require "bundler/setup"
 require "kube/schema"
 
-class RedisPod < Kube::Schema['Pod']
+class RedisPod < Kube::Cluster['Pod']
   def initialize(container_name: 'my-redis-container', **options, &block)
     super {
       spec.containers = [

data/examples/02-manifest-with-middleware/manifest.rb

@@ -0,0 +1,37 @@
+require_relative 'templates/config_map'
+require_relative 'templates/deployment'
+require_relative 'templates/ingress'
+require_relative 'templates/service'
+require_relative 'templates/horizontal_pod_autoscaler'
+
+require_relative 'middlware/labels'
+require_relative 'middlware/namespace'
+
+class MyApp < Kube::Schema::Manifest
+  stack do
+    use Middleware::Namespace
+    use Middleware::Labels
+  end
+end
+
+puts MyApp.new(
+  Templates::ConfigMap.new {
+    # no overrides today
+  },
+
+  Templates::Deployment.new {
+    # no overrides today
+  },
+
+  Templates::Ingress.new {
+    # no overrides today
+  },
+
+  Templates::Service.new {
+    # no overrides today
+  },
+
+  Templates::HorizontalPodScaler.new {
+    # no overrides today
+  },
+).to_yaml

data/examples/02-manifest-with-middleware/middleware/labels.rb

@@ -0,0 +1,4 @@
+module Middleware
+  class Labels < Kube::Cluster::Manifest::Middleware
+  end
+end

data/examples/02-manifest-with-middleware/middleware/namespace.rb

@@ -0,0 +1,4 @@
+module Middleware
+  class Namespace < Kube::Cluster::Manifest::Middleware
+  end
+end

data/examples/02-manifest-with-middleware/templates/config_map.rb

@@ -0,0 +1,13 @@
+class ConfigMap < Kube::Cluster["ConfigMap"]
+  def initialize(namespace:)
+    build {
+      metadata.name = "#{namespace}-config"
+      spec.data = {
+        RAILS_ENV:     "production",
+        LOG_LEVEL:     "info",
+        WORKERS:       "4",
+        PORT:          "3000",
+      }
+    }
+  end
+end

data/examples/02-manifest-with-middleware/templates/deployment.rb

@@ -0,0 +1,59 @@
+class Deployment < Kube::Cluster["Deployment"]
+  def initialize(namespace:)
+    build {
+      metadata.name = namespace
+
+      spec.replicas = 3
+      spec.selector.matchLabels = MATCH_LABELS
+
+      spec.template.metadata.labels = STANDARD_LABELS
+      spec.template.metadata.annotations = {
+        # Checksum pattern from _utils.tpl -- triggers rolling restart on config change
+        "checksum/config": "{{ sha256sum of configmap data }}",
+      }
+
+      spec.template.spec.containers = [
+        {
+          name:  APP_NAME,
+          image: IMAGE,
+          ports: [{ name: "http", containerPort: 3000, protocol: "TCP" }],
+          resources: RESOURCES,
+          env: [
+            { name: "PORT", value: "3000" },
+          ],
+          envFrom: [
+            { configMapRef: { name: "#{FULLNAME}-config" } },
+          ],
+          livenessProbe: {
+            httpGet: { path: "/healthz", port: "http" },
+            initialDelaySeconds: 15,
+            periodSeconds: 10,
+          },
+          readinessProbe: {
+            httpGet: { path: "/readyz", port: "http" },
+            initialDelaySeconds: 5,
+            periodSeconds: 5,
+          },
+        },
+      ]
+
+      # Pod anti-affinity (from _affinities.tpl)
+      # Soft anti-affinity: prefer spreading pods across nodes but don't enforce it
+      spec.template.spec.affinity = {
+        podAntiAffinity: {
+          preferredDuringSchedulingIgnoredDuringExecution: [
+            {
+              weight: 1,
+              podAffinityTerm: {
+                labelSelector: {
+                  matchLabels: MATCH_LABELS,
+                },
+                topologyKey: "kubernetes.io/hostname",
+              },
+            },
+          ],
+        },
+      }
+    }
+  end
+end

data/examples/02-manifest-with-middleware/templates/horizontal_pod_autoscaler.rb

@@ -0,0 +1,30 @@
+class HorizontalPodAutoscaler < Kube::Cluster["HorizontalPodAutoscaler"]
+  def initialize(namespace:)
+    build {
+      metadata.name = namespace
+
+      spec.scaleTargetRef.apiVersion = "apps/v1"
+      spec.scaleTargetRef.kind = "Deployment"
+      spec.scaleTargetRef.name = namespace
+
+      spec.minReplicas = 3
+      spec.maxReplicas = 10
+      spec.metrics = [
+        {
+          type: "Resource",
+          resource: {
+            name: "cpu",
+            target: { type: "Utilization", averageUtilization: 75 },
+          },
+        },
+        {
+          type: "Resource",
+          resource: {
+            name: "memory",
+            target: { type: "Utilization", averageUtilization: 80 },
+          },
+        },
+      ]
+    }
+  end
+end

data/examples/02-manifest-with-middleware/templates/ingress.rb

@@ -0,0 +1,38 @@
+class Ingress < Kube::Cluster["Ingress"]
+  def initialize(namespace:)
+    build {
+      metadata.name = namespace
+      metadata.annotations = {
+        "cert-manager.io/cluster-issuer": "letsencrypt-prod",
+        "nginx.ingress.kubernetes.io/ssl-redirect": "true",
+      }
+
+      spec.ingressClassName = "nginx"
+      spec.tls = [
+        {
+          hosts: ["app.example.com"],
+          secretName: "#{namespace}-tls",
+        },
+      ]
+      spec.rules = [
+        {
+          host: "app.example.com",
+          http: {
+            paths: [
+              {
+                path: "/",
+                pathType: "Prefix",
+                backend: {
+                  service: {
+                    name: FULLNAME,
+                    port: { name: "http" },
+                  },
+                },
+              },
+            ],
+          },
+        },
+      ]
+    }
+  end
+end

data/examples/02-manifest-with-middleware/templates/service.rb

@@ -0,0 +1,12 @@
+class Service < Kube::Cluster["Service"]
+  def initialize(namespace:)
+    build {
+      metadata.name = namespace
+
+      spec.selector = MATCH_LABELS
+      spec.ports = [
+        { name: "http", port: 80, targetPort: "http", protocol: "TCP" },
+      ]
+    }
+  end
+end

data/examples/{version2 → 03-app-with-database}/demo.rb

@@ -44,12 +44,12 @@ app = MyApp.new("example.com", size: :small) do |m|
   # Middleware injects:   resource limits, security context, anti-affinity, labels
 
   [
-    Kube::Schema["Namespace"].new {
+    Kube::Cluster["Namespace"].new {
       metadata.name   = ns
       metadata.labels = labels
     },
 
-    Kube::Schema["ConfigMap"].new {
+    Kube::Cluster["ConfigMap"].new {
       metadata.name      = "#{name}-config"
       metadata.namespace = ns
       metadata.labels    = labels

data/examples/{version2 → 03-app-with-database}/postgresql.rb

@@ -10,7 +10,7 @@ class Postgresql < Kube::Cluster::Manifest
     self << Secret.new
   end
 
-  class StatefulSet < Kube::Schema["StatefulSet"]
+  class StatefulSet < Kube::Cluster["StatefulSet"]
     metadata.name      = db_name
     metadata.namespace = db_ns
     metadata.labels    = db_labels
@@ -55,12 +55,12 @@ class Postgresql < Kube::Cluster::Manifest
     ]
   end
 
-  class Namespace < Kube::Schema["Namespace"]
+  class Namespace < Kube::Cluster["Namespace"]
     metadata.name   = db_ns
     metadata.labels = db_labels.reject { |k, _| k == :"app.kubernetes.io/component" }
   end
 
-  class Secret < Kube::Schema["Secret"]
+  class Secret < Kube::Cluster["Secret"]
     metadata.name      = db_name
     metadata.namespace = db_ns
     metadata.labels    = db_labels
@@ -70,7 +70,7 @@ class Postgresql < Kube::Cluster::Manifest
 
   # Headless service for StatefulSet DNS — explicit because the
   # middleware-generated Service is a regular ClusterIP service.
-  class Service < Kube::Schema["Service"]
+  class Service < Kube::Cluster["Service"]
     metadata.name      = "#{db_name}-headless"
     metadata.namespace = db_ns
     metadata.labels    = db_labels

data/examples/{version2 → 03-app-with-database}/ruby_on_rails.rb

@@ -1,4 +1,4 @@
-class RubyOnRails < Kube::Schema["Deployment"]
+class RubyOnRails < Kube::Cluster["Deployment"]
   default do
     metadata.name      = name
     metadata.namespace = ns

data/lib/kube/cluster/manifest.rb

@@ -1,76 +1,25 @@
 # frozen_string_literal: true
 
-require_relative "manifest/stack"
-require_relative "manifest/middleware"
-require_relative "manifest/middleware/namespace"
-require_relative "manifest/middleware/labels"
-require_relative "manifest/middleware/annotations"
-require_relative "manifest/middleware/resource_preset"
-require_relative "manifest/middleware/security_context"
-require_relative "manifest/middleware/pod_anti_affinity"
-require_relative "manifest/middleware/service_for_deployment"
-require_relative "manifest/middleware/ingress_for_service"
-require_relative "manifest/middleware/hpa_for_deployment"
-
 module Kube
   module Cluster
-    # A Manifest subclass that runs resources through a middleware stack
-    # on enumeration. Manifests represent files — resources pass through
-    # middleware before rendering or saving.
+    # A flat, ordered collection of Kubernetes resources.
+    #
+    # Manifest is a pure resource collection. Middleware is applied
+    # separately via Kube::Cluster::Middleware::Stack.
     #
-    #   class MyApp < Kube::Cluster::Manifest
-    #     stack do
-    #       use Middleware::Namespace, "production"
-    #       use Middleware::Labels, app: "web-app"
-    #       use Middleware::ResourcePreset
-    #     end
+    #   manifest = Kube::Cluster::Manifest.new
+    #   manifest << Kube::Cluster["Deployment"].new { ... }
+    #
+    #   stack = Kube::Cluster::Middleware::Stack.new do
+    #     use Middleware::Namespace, "production"
+    #     use Middleware::Labels, app: "web-app"
     #   end
     #
-    #   app = MyApp.new
-    #   app << Kube::Schema["Deployment"].new { ... }
-    #   app.to_yaml  # resources have been transformed by the stack
+    #   stack.call(manifest)
+    #   manifest.to_yaml
     #
     class Manifest < Kube::Schema::Manifest
-      # Declare a middleware stack at the class level.
-      #
-      #   stack do
-      #     use Middleware::ResourcePreset
-      #     use Middleware::SecurityContext
-      #   end
-      #
-      def self.stack(&block)
-        @stack = Stack.new(&block)
-      end
-
-      # Enumerate resources after passing them through the middleware
-      # stack. The entire manifest is passed to the stack so that
-      # generative middleware can introduce new resources that
-      # subsequent stages will see and process.
-      #
-      # Every method that reads the manifest (to_yaml, to_a, map,
-      # select, etc.) goes through here.
-      def each(&block)
-        return enum_for(:each) unless block
-
-        stack = self.class.instance_variable_get(:@stack)
-        if stack
-          stack.call(@resources).each(&block)
-        else
-          @resources.each(&block)
-        end
-      end
-
-      # Override to_yaml so it renders through the middleware stack.
-      # The parent class accesses @resources directly, bypassing each.
-      def to_yaml
-        map { |r| r.to_yaml }.join("")
-      end
-
-      # Override to_a so it returns middleware-processed resources.
-      # The parent class returns @resources.dup directly.
-      def to_a
-        map(&:itself)
-      end
+      attr_reader :resources
     end
   end
 end

data/lib/kube/cluster/middleware/annotations.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module Kube
+  module Cluster
+    class Middleware
+      # Merges annotations into +metadata.annotations+ on every resource.
+      # Existing annotations are preserved; the supplied annotations act
+      # as defaults that can be overridden per-resource.
+      #
+      #   stack do
+      #     use Middleware::Annotations,
+      #       "prometheus.io/scrape": "true",
+      #       "prometheus.io/port":   "9090"
+      #   end
+      #
+      class Annotations < Middleware
+        def initialize(**annotations)
+          @annotations = annotations.transform_keys(&:to_sym).transform_values(&:to_s)
+        end
+
+        def call(manifest)
+          manifest.resources.map! do |resource|
+            h = resource.to_h
+            h[:metadata] ||= {}
+            h[:metadata][:annotations] = @annotations.merge(h[:metadata][:annotations] || {})
+            resource.rebuild(h)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/kube/cluster/middleware/hpa_for_deployment.rb

@@ -0,0 +1,111 @@
+# frozen_string_literal: true
+
+module Kube
+  module Cluster
+    class Middleware
+      # Generates a HorizontalPodAutoscaler for every pod-bearing
+      # resource that carries the +app.kubernetes.io/autoscale+ label.
+      #
+      # The label value encodes the min and max replicas as "min-max":
+      #
+      #   metadata.labels = { "app.kubernetes.io/autoscale": "1-5" }
+      #
+      # Options:
+      #   cpu:    — target CPU utilization percentage (default: 75)
+      #   memory: — target memory utilization percentage (default: 80)
+      #
+      #   stack do
+      #     use Middleware::HPAForDeployment
+      #     use Middleware::HPAForDeployment, cpu: 60, memory: 70
+      #   end
+      #
+      class HPAForDeployment < Middleware
+        LABEL = :"app.kubernetes.io/autoscale"
+
+        def initialize(cpu: 75, memory: 80)
+          @cpu = cpu
+          @memory = memory
+        end
+
+        def call(manifest)
+          generated = []
+
+          manifest.resources.each do |resource|
+            next unless resource.pod_bearing?
+
+            value = resource.label(LABEL)
+            next unless value
+
+            min, max = parse_range(value)
+
+            h = resource.to_h
+            name      = h.dig(:metadata, :name)
+            namespace = h.dig(:metadata, :namespace)
+            labels    = h.dig(:metadata, :labels) || {}
+            api_version = h[:apiVersion] || "apps/v1"
+            resource_kind = resource.kind
+
+            # Capture ivars as locals — the block runs via instance_exec
+            # on a BlackHoleStruct, so @ivars would resolve on the BHS.
+            cpu_target    = @cpu
+            memory_target = @memory
+
+            generated << Kube::Cluster["HorizontalPodAutoscaler"].new {
+              metadata.name      = name
+              metadata.namespace = namespace if namespace
+              metadata.labels    = labels.reject { |k, _| k == LABEL }
+
+              spec.scaleTargetRef = {
+                apiVersion: api_version,
+                kind:       resource_kind,
+                name:       name,
+              }
+              spec.minReplicas = min
+              spec.maxReplicas = max
+              spec.metrics = [
+                {
+                  type: "Resource",
+                  resource: {
+                    name: "cpu",
+                    target: { type: "Utilization", averageUtilization: cpu_target },
+                  },
+                },
+                {
+                  type: "Resource",
+                  resource: {
+                    name: "memory",
+                    target: { type: "Utilization", averageUtilization: memory_target },
+                  },
+                },
+              ]
+            }
+          end
+
+          manifest.resources.concat(generated)
+        end
+
+        private
+
+          def parse_range(value)
+            parts = value.to_s.split("-", 2)
+
+            unless parts.length == 2
+              raise ArgumentError,
+                "Invalid autoscale label: #{value.inspect}. Expected format: \"min-max\" (e.g. \"1-5\")"
+            end
+
+            min = Integer(parts[0])
+            max = Integer(parts[1])
+
+            unless min > 0 && max >= min
+              raise ArgumentError,
+                "Invalid autoscale range: min=#{min}, max=#{max}. " \
+                "min must be > 0 and max must be >= min."
+            end
+
+            [min, max]
+          end
+      end
+    end
+  end
+end

data/lib/kube/cluster/{manifest/middleware → middleware}/ingress_for_service.rb

@@ -2,40 +2,42 @@
 
 module Kube
   module Cluster
-    class Manifest < Kube::Schema::Manifest
-      class Middleware
-        # Generates an Ingress for every Service whose source resource
-        # carries the +app.kubernetes.io/expose+ label.
-        #
-        # The label value is the hostname:
-        #
-        #   metadata.labels = { "app.kubernetes.io/expose": "app.example.com" }
-        #
-        # Set to +"true"+ to use the resource name as a hostname placeholder
-        # (useful when a later middleware or the manifest class resolves it).
-        #
-        # Options:
-        #   issuer:          — cert-manager ClusterIssuer name (default: "letsencrypt-prod")
-        #   ingress_class:   — IngressClassName (default: "nginx")
-        #
-        #   stack do
-        #     use Middleware::IngressForService
-        #     use Middleware::IngressForService, issuer: "letsencrypt-staging"
-        #   end
-        #
-        class IngressForService < Middleware
-          LABEL = :"app.kubernetes.io/expose"
+    class Middleware
+      # Generates an Ingress for every Service whose source resource
+      # carries the +app.kubernetes.io/expose+ label.
+      #
+      # The label value is the hostname:
+      #
+      #   metadata.labels = { "app.kubernetes.io/expose": "app.example.com" }
+      #
+      # Set to +"true"+ to use the resource name as a hostname placeholder
+      # (useful when a later middleware or the manifest class resolves it).
+      #
+      # Options:
+      #   issuer:          — cert-manager ClusterIssuer name (default: "letsencrypt-prod")
+      #   ingress_class:   — IngressClassName (default: "nginx")
+      #
+      #   stack do
+      #     use Middleware::IngressForService
+      #     use Middleware::IngressForService, issuer: "letsencrypt-staging"
+      #   end
+      #
+      class IngressForService < Middleware
+        LABEL = :"app.kubernetes.io/expose"
 
-          def initialize(issuer: "letsencrypt-prod", ingress_class: "nginx")
-            @issuer = issuer
-            @ingress_class = ingress_class
-          end
+        def initialize(issuer: "letsencrypt-prod", ingress_class: "nginx")
+          @issuer = issuer
+          @ingress_class = ingress_class
+        end
+
+        def call(manifest)
+          generated = []
 
-          def call(resource)
-            return resource unless kind(resource) == "Service"
+          manifest.resources.each do |resource|
+            next unless resource.kind == "Service"
 
-            host = label(resource, LABEL)
-            return resource unless host
+            host = resource.label(LABEL)
+            next unless host
 
             h = resource.to_h
             name      = h.dig(:metadata, :name)
@@ -53,7 +55,7 @@ module Kube
             issuer        = @issuer
             ingress_class = @ingress_class
 
-            ingress = Kube::Schema["Ingress"].new {
+            generated << Kube::Cluster["Ingress"].new {
               metadata.name      = name
               metadata.namespace = namespace if namespace
               metadata.labels    = labels.reject { |k, _| k == LABEL }
@@ -79,9 +81,9 @@ module Kube
                 },
               ]
             }
-
-            [resource, ingress]
           end
+
+          manifest.resources.concat(generated)
         end
       end
     end