kube_cluster 0.2.1 → 0.3.1

data/lib/kube/cluster.rb

@@ -7,6 +7,7 @@ require_relative "cluster/connection"
 require_relative "cluster/instance"
 require_relative "cluster/resource"
 require_relative "cluster/manifest"
+require_relative "cluster/middleware"
 require 'kube/ctl'
 
 module Kube
@@ -18,5 +19,25 @@ module Kube
     def self.connect(kubeconfig:)
       Instance.new(kubeconfig: kubeconfig)
     end
+
+    # Returns an anonymous subclass of Kube::Cluster::Resource for the
+    # given Kubernetes kind, mirroring Kube::Schema[kind] but with
+    # dirty tracking, persistence, and resource helper methods.
+    #
+    #   Kube::Cluster["Deployment"].new { metadata.name = "web" }
+    #
+    def self.[](kind)
+      @resource_classes ||= {}
+      @resource_classes[kind] ||= begin
+        schema_class = Kube::Schema[kind]
+        Class.new(Resource) do
+          @schema   = schema_class.schema
+          @defaults = schema_class.defaults
+
+          def self.schema   = @schema   || superclass.schema
+          def self.defaults = @defaults || superclass.defaults
+        end
+      end
+    end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: kube_cluster
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.3.1
 platform: ruby
 authors:
 - Nathan K
@@ -57,14 +57,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.2.0
+        version: 1.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.2.0
+        version: 1.3.0
 - !ruby/object:Gem::Dependency
   name: kube_kit
   requirement: !ruby/object:Gem::Requirement
@@ -121,13 +121,19 @@ files:
 - bin/test
 - docker-compose.yml
 - examples/01-basic-redis-pod/manifest.rb
-- examples/database/manifest.rb
-- examples/version2/demo.rb
-- examples/version2/helpers.rb
-- examples/version2/my_app.rb
-- examples/version2/postgresql.rb
-- examples/version2/ruby_on_rails.rb
-- examples/web-app/manifest.rb
+- examples/02-manifest-with-middleware/manifest.rb
+- examples/02-manifest-with-middleware/middleware/labels.rb
+- examples/02-manifest-with-middleware/middleware/namespace.rb
+- examples/02-manifest-with-middleware/templates/config_map.rb
+- examples/02-manifest-with-middleware/templates/deployment.rb
+- examples/02-manifest-with-middleware/templates/horizontal_pod_autoscaler.rb
+- examples/02-manifest-with-middleware/templates/ingress.rb
+- examples/02-manifest-with-middleware/templates/service.rb
+- examples/03-app-with-database/demo.rb
+- examples/03-app-with-database/helpers.rb
+- examples/03-app-with-database/my_app.rb
+- examples/03-app-with-database/postgresql.rb
+- examples/03-app-with-database/ruby_on_rails.rb
 - flake.lock
 - flake.nix
 - kube_cluster.gemspec
@@ -136,17 +142,17 @@ files:
 - lib/kube/cluster/connection.rb
 - lib/kube/cluster/instance.rb
 - lib/kube/cluster/manifest.rb
-- lib/kube/cluster/manifest/middleware.rb
-- lib/kube/cluster/manifest/middleware/annotations.rb
-- lib/kube/cluster/manifest/middleware/hpa_for_deployment.rb
-- lib/kube/cluster/manifest/middleware/ingress_for_service.rb
-- lib/kube/cluster/manifest/middleware/labels.rb
-- lib/kube/cluster/manifest/middleware/namespace.rb
-- lib/kube/cluster/manifest/middleware/pod_anti_affinity.rb
-- lib/kube/cluster/manifest/middleware/resource_preset.rb
-- lib/kube/cluster/manifest/middleware/security_context.rb
-- lib/kube/cluster/manifest/middleware/service_for_deployment.rb
-- lib/kube/cluster/manifest/stack.rb
+- lib/kube/cluster/middleware.rb
+- lib/kube/cluster/middleware/annotations.rb
+- lib/kube/cluster/middleware/hpa_for_deployment.rb
+- lib/kube/cluster/middleware/ingress_for_service.rb
+- lib/kube/cluster/middleware/labels.rb
+- lib/kube/cluster/middleware/namespace.rb
+- lib/kube/cluster/middleware/pod_anti_affinity.rb
+- lib/kube/cluster/middleware/resource_preset.rb
+- lib/kube/cluster/middleware/security_context.rb
+- lib/kube/cluster/middleware/service_for_deployment.rb
+- lib/kube/cluster/middleware/stack.rb
 - lib/kube/cluster/resource.rb
 - lib/kube/cluster/resource/dirty_tracking.rb
 - lib/kube/cluster/resource/persistence.rb

data/examples/database/manifest.rb

@@ -1,238 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-# Database (PostgreSQL) Example
-#
-# Demonstrates the Ruby equivalents of Bitnami common chart patterns:
-#   - Secret lifecycle management (_secrets.tpl)
-#   - StorageClass resolution (_storage.tpl)
-#   - StatefulSet with persistent volumes
-#   - Headless service for stable DNS
-#   - NetworkPolicy for database isolation
-#   - Standard labels and naming (_labels.tpl, _names.tpl)
-#   - Resource presets (_resources.tpl)
-#
-# Usage:
-#   ruby examples/database/manifest.rb
-#   ruby examples/database/manifest.rb > database.yaml
-
-require "kube/schema"
-require "securerandom"
-
-# ── Naming ────────────────────────────────────────────────────────────────────
-
-APP_NAME      = "postgresql"
-RELEASE_NAME  = "my-release"
-NAMESPACE     = "database"
-FULLNAME      = "#{RELEASE_NAME}-#{APP_NAME}"[0, 63].chomp("-")
-
-# ── Labels ────────────────────────────────────────────────────────────────────
-
-STANDARD_LABELS = {
-  "app.kubernetes.io/name": APP_NAME,
-  "app.kubernetes.io/instance": RELEASE_NAME,
-  "app.kubernetes.io/version": "16.4.0",
-  "app.kubernetes.io/component": "primary",
-  "app.kubernetes.io/managed-by": "kube_cluster",
-}
-
-MATCH_LABELS = STANDARD_LABELS.slice(
-  :"app.kubernetes.io/name",
-  :"app.kubernetes.io/instance",
-  :"app.kubernetes.io/component",
-)
-
-# ── Secrets (from _secrets.tpl) ───────────────────────────────────────────────
-# Bitnami's secrets.passwords.manage generates random passwords, reuses existing
-# ones on upgrade, and base64 encodes them. In Ruby we do this directly.
-
-POSTGRES_PASSWORD = SecureRandom.alphanumeric(24)
-REPLICATION_PASSWORD = SecureRandom.alphanumeric(24)
-
-def base64(str)
-  [str].pack("m0")
-end
-
-# ── Storage (from _storage.tpl) ───────────────────────────────────────────────
-# Bitnami resolves storage class from global > persistence > default.
-# The "-" convention means explicitly use the default storage class (empty string).
-
-STORAGE_CLASS = "standard" # set to "-" for default, or nil to omit
-STORAGE_SIZE  = "10Gi"
-
-# ── Resource presets ──────────────────────────────────────────────────────────
-
-RESOURCES = {
-  requests: { cpu: "500m",  memory: "512Mi"  },
-  limits:   { cpu: "750m",  memory: "768Mi"  },
-}
-
-# ── Build manifests ───────────────────────────────────────────────────────────
-
-manifest = Kube::Schema::Manifest.new
-
-# -- Namespace --
-
-manifest << Kube::Schema["Namespace"].new {
-  metadata.name   = NAMESPACE
-  metadata.labels = STANDARD_LABELS.reject { |k, _| k == :"app.kubernetes.io/component" }
-}
-
-# -- Secret --
-# Pattern from _secrets.tpl: base64-encoded credentials, separate keys for
-# each password, supports existing secret reuse on upgrade.
-
-manifest << Kube::Schema["Secret"].new {
-  metadata.name      = FULLNAME
-  metadata.namespace  = NAMESPACE
-  metadata.labels     = STANDARD_LABELS
-  self.type = "Opaque"
-  self.data = {
-    "postgres-password":    base64(POSTGRES_PASSWORD),
-    "replication-password": base64(REPLICATION_PASSWORD),
-  }
-}
-
-# -- Headless Service (for StatefulSet stable DNS) --
-
-manifest << Kube::Schema["Service"].new {
-  metadata.name      = "#{FULLNAME}-headless"
-  metadata.namespace  = NAMESPACE
-  metadata.labels     = STANDARD_LABELS
-
-  spec.clusterIP = "None"
-  spec.selector  = MATCH_LABELS
-  spec.ports = [
-    { name: "tcp-postgresql", port: 5432, targetPort: "tcp-postgresql" },
-  ]
-}
-
-# -- Primary Service (for client connections) --
-
-manifest << Kube::Schema["Service"].new {
-  metadata.name      = FULLNAME
-  metadata.namespace  = NAMESPACE
-  metadata.labels     = STANDARD_LABELS
-
-  spec.selector = MATCH_LABELS
-  spec.ports = [
-    { name: "tcp-postgresql", port: 5432, targetPort: "tcp-postgresql" },
-  ]
-}
-
-# -- StatefulSet --
-# Uses storage class resolution pattern, secret references, resource presets,
-# pod anti-affinity for spreading replicas.
-
-manifest << Kube::Schema["StatefulSet"].new {
-  metadata.name      = FULLNAME
-  metadata.namespace  = NAMESPACE
-  metadata.labels     = STANDARD_LABELS
-
-  spec.serviceName = "#{FULLNAME}-headless"
-  spec.replicas    = 1
-  spec.selector.matchLabels = MATCH_LABELS
-
-  spec.template.metadata.labels = STANDARD_LABELS
-  spec.template.spec.containers = [
-    {
-      name:  APP_NAME,
-      image: "docker.io/postgres:16.4-alpine",
-      ports: [
-        { name: "tcp-postgresql", containerPort: 5432 },
-      ],
-      resources: RESOURCES,
-      env: [
-        { name: "POSTGRES_PASSWORD", valueFrom: { secretKeyRef: { name: FULLNAME, key: "postgres-password" } } },
-        { name: "PGDATA", value: "/var/lib/postgresql/data/pgdata" },
-      ],
-      volumeMounts: [
-        { name: "data", mountPath: "/var/lib/postgresql/data" },
-      ],
-      livenessProbe: {
-        exec: { command: ["pg_isready", "-U", "postgres"] },
-        initialDelaySeconds: 30,
-        periodSeconds: 10,
-        timeoutSeconds: 5,
-        failureThreshold: 6,
-      },
-      readinessProbe: {
-        exec: { command: ["pg_isready", "-U", "postgres"] },
-        initialDelaySeconds: 5,
-        periodSeconds: 10,
-        timeoutSeconds: 5,
-        failureThreshold: 6,
-      },
-    },
-  ]
-
-  # Pod anti-affinity: hard anti-affinity to guarantee one pod per node
-  # (from _affinities.tpl: common.affinities.pods.hard)
-  spec.template.spec.affinity = {
-    podAntiAffinity: {
-      requiredDuringSchedulingIgnoredDuringExecution: [
-        {
-          labelSelector: { matchLabels: MATCH_LABELS },
-          topologyKey: "kubernetes.io/hostname",
-        },
-      ],
-    },
-  }
-
-  # Storage class resolution (from _storage.tpl)
-  storage_class = STORAGE_CLASS == "-" ? "" : STORAGE_CLASS
-
-  spec.volumeClaimTemplates = [
-    {
-      metadata: { name: "data" },
-      spec: {
-        accessModes: ["ReadWriteOnce"],
-        storageClassName: storage_class,
-        resources: { requests: { storage: STORAGE_SIZE } },
-      },
-    },
-  ]
-}
-
-# -- NetworkPolicy --
-# Isolate the database: only allow ingress from pods with the app label,
-# deny everything else. This is a common production hardening pattern.
-
-manifest << Kube::Schema["NetworkPolicy"].new {
-  metadata.name      = FULLNAME
-  metadata.namespace  = NAMESPACE
-  metadata.labels     = STANDARD_LABELS
-
-  spec.podSelector = { matchLabels: MATCH_LABELS }
-  spec.policyTypes = ["Ingress", "Egress"]
-  spec.ingress = [
-    {
-      from: [
-        {
-          podSelector: {
-            matchLabels: { "app.kubernetes.io/name": "web-app" },
-          },
-        },
-      ],
-      ports: [
-        { protocol: "TCP", port: "5432" },
-      ],
-    },
-  ]
-  # Allow DNS egress + nothing else
-  spec.egress = [
-    {
-      to: [
-        { namespaceSelector: {} },
-      ],
-      ports: [
-        { protocol: "UDP", port: "53" },
-        { protocol: "TCP", port: "53" },
-      ],
-    },
-  ]
-}
-
-# ── Render ────────────────────────────────────────────────────────────────────
-
-puts manifest.to_yaml

data/examples/web-app/manifest.rb

@@ -1,215 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-require "kube/schema"
-
-MATCH_LABELS = STANDARD_LABELS.slice(
-  :"app.kubernetes.io/name",
-  :"app.kubernetes.io/instance",
-)
-
-REGISTRY   = "docker.io"
-REPOSITORY = "nginx"
-TAG        = "1.27.3-alpine"
-IMAGE      = "#{REGISTRY}/#{REPOSITORY}:#{TAG}"
-
-RESOURCE_PRESETS = {
-  "nano":    { requests: { cpu: "100m",  memory: "128Mi"  }, limits: { cpu: "150m",  memory: "192Mi"  } },
-  "micro":   { requests: { cpu: "250m",  memory: "256Mi"  }, limits: { cpu: "375m",  memory: "384Mi"  } },
-  "small":   { requests: { cpu: "500m",  memory: "512Mi"  }, limits: { cpu: "750m",  memory: "768Mi"  } },
-  "medium":  { requests: { cpu: "500m",  memory: "1024Mi" }, limits: { cpu: "750m",  memory: "1536Mi" } },
-  "large":   { requests: { cpu: "1.0",   memory: "2048Mi" }, limits: { cpu: "1.5",   memory: "3072Mi" } },
-  "xlarge":  { requests: { cpu: "1.0",   memory: "3072Mi" }, limits: { cpu: "3.0",   memory: "6144Mi" } },
-  "2xlarge": { requests: { cpu: "1.0",   memory: "3072Mi" }, limits: { cpu: "6.0",   memory: "12288Mi" } },
-}
-
-module AutoConfig
-end
-
-class MyApp < Kube::Schema::Manifest
-  include Helpers
-  include AutoConfig
-
-  def initialize(namespace: DEFAULT_NAMESPACE, labels: STANDARD_LABELS)
-    @app_name  = "web-app"
-    @fullname  = "#{RELEASE_NAME}-#{APP_NAME}"[0, 63].chomp("-")
-    @namespace = namespace 
-
-    @labels = {
-      "app.kubernetes.io/name": @app_name
-      "app.kubernetes.io/managed-by": "kube_cluster",
-    }
-  end
-
-  stack do
-    use Middleware::Namespace
-    use Middleware::Labels
-  end
-
-  class Namespace < Kube::Schema["Namespace"]
-    def initialize(namespace:)
-      build {
-        metadata.name = namespace
-      }
-    end
-  end
-
-  class ConfigMap < Kube::Schema["ConfigMap"]
-    def initialize(namespace:)
-      build {
-        metadata.name = "#{namespace}-config"
-        spec.data = {
-          RAILS_ENV:     "production",
-          LOG_LEVEL:     "info",
-          WORKERS:       "4",
-          PORT:          "3000",
-        }
-      }
-    end
-  end
-
-  class Deployment < Kube::Schema["Deployment"]
-    def initialize(namespace:)
-      build {
-        metadata.name = namespace
-
-        spec.replicas = 3
-        spec.selector.matchLabels = MATCH_LABELS
-
-        spec.template.metadata.labels = STANDARD_LABELS
-        spec.template.metadata.annotations = {
-          # Checksum pattern from _utils.tpl -- triggers rolling restart on config change
-          "checksum/config": "{{ sha256sum of configmap data }}",
-        }
-
-        spec.template.spec.containers = [
-          {
-            name:  APP_NAME,
-            image: IMAGE,
-            ports: [{ name: "http", containerPort: 3000, protocol: "TCP" }],
-            resources: RESOURCES,
-            env: [
-              { name: "PORT", value: "3000" },
-            ],
-            envFrom: [
-              { configMapRef: { name: "#{FULLNAME}-config" } },
-            ],
-            livenessProbe: {
-              httpGet: { path: "/healthz", port: "http" },
-              initialDelaySeconds: 15,
-              periodSeconds: 10,
-            },
-            readinessProbe: {
-              httpGet: { path: "/readyz", port: "http" },
-              initialDelaySeconds: 5,
-              periodSeconds: 5,
-            },
-          },
-        ]
-
-        # Pod anti-affinity (from _affinities.tpl)
-        # Soft anti-affinity: prefer spreading pods across nodes but don't enforce it
-        spec.template.spec.affinity = {
-          podAntiAffinity: {
-            preferredDuringSchedulingIgnoredDuringExecution: [
-              {
-                weight: 1,
-                podAffinityTerm: {
-                  labelSelector: {
-                    matchLabels: MATCH_LABELS,
-                  },
-                  topologyKey: "kubernetes.io/hostname",
-                },
-              },
-            ],
-          },
-        }
-      }
-    end
-  end
-
-  class Service < Kube::Schema["Service"]
-    def initialize(namespace:)
-      build {
-        metadata.name = namespace
-
-        spec.selector = MATCH_LABELS
-        spec.ports = [
-          { name: "http", port: 80, targetPort: "http", protocol: "TCP" },
-        ]
-      }
-    end
-  end
-
-  class Ingress < Kube::Schema["Ingress"]
-    def initialize(namespace:)
-      build {
-        metadata.name = namespace
-        metadata.annotations = {
-          "cert-manager.io/cluster-issuer": "letsencrypt-prod",
-          "nginx.ingress.kubernetes.io/ssl-redirect": "true",
-        }
-
-        spec.ingressClassName = "nginx"
-        spec.tls = [
-          {
-            hosts: ["app.example.com"],
-            secretName: "#{namespace}-tls",
-          },
-        ]
-        spec.rules = [
-          {
-            host: "app.example.com",
-            http: {
-              paths: [
-                {
-                  path: "/",
-                  pathType: "Prefix",
-                  backend: {
-                    service: {
-                      name: FULLNAME,
-                      port: { name: "http" },
-                    },
-                  },
-                },
-              ],
-            },
-          },
-        ]
-      }
-    end
-  end
-
-  class HorizontalPodAutoscaler < Kube::Schema["HorizontalPodAutoscaler"]
-    def initialize(namespace:)
-      build {
-        metadata.name = namespace
-
-        spec.scaleTargetRef.apiVersion = "apps/v1"
-        spec.scaleTargetRef.kind = "Deployment"
-        spec.scaleTargetRef.name = namespace
-
-        spec.minReplicas = 3
-        spec.maxReplicas = 10
-        spec.metrics = [
-          {
-            type: "Resource",
-            resource: {
-              name: "cpu",
-              target: { type: "Utilization", averageUtilization: 75 },
-            },
-          },
-          {
-            type: "Resource",
-            resource: {
-              name: "memory",
-              target: { type: "Utilization", averageUtilization: 80 },
-            },
-          },
-        ]
-      }
-    end
-  end
-end
-
-puts MyApp.new.to_yaml

data/lib/kube/cluster/manifest/middleware/annotations.rb

@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-module Kube
-  module Cluster
-    class Manifest < Kube::Schema::Manifest
-      class Middleware
-        # Merges annotations into +metadata.annotations+ on every resource.
-        # Existing annotations are preserved; the supplied annotations act
-        # as defaults that can be overridden per-resource.
-        #
-        #   stack do
-        #     use Middleware::Annotations,
-        #       "prometheus.io/scrape": "true",
-        #       "prometheus.io/port":   "9090"
-        #   end
-        #
-        class Annotations < Middleware
-          def initialize(**annotations)
-            @annotations = annotations.transform_keys(&:to_sym).transform_values(&:to_s)
-          end
-
-          def call(resource)
-            h = resource.to_h
-            h[:metadata] ||= {}
-            h[:metadata][:annotations] = @annotations.merge(h[:metadata][:annotations] || {})
-            rebuild(resource, h)
-          end
-        end
-      end
-    end
-  end
-end