kubernetes-deploy 0.28.0 → 0.29.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 825f058c113d4ae975ee5937866b639ac4d705f5cf9493ab414b56a183bd862e
-  data.tar.gz: 2a6e43245a95f182e63d9f81d085f62aede3d16c74f4184d2f07bb6f0db55563
+  metadata.gz: a0641a291f2f01c007051cf5001bc97ecb9216b55e7204d954c920083e0d303a
+  data.tar.gz: 2c2415cfd94a63f046b94e90c943a7f9e01a46207833c1d5d2a498ceeb1ff333
 SHA512:
-  metadata.gz: dbd772b8de088a986c62075c1443069be9fed802cf04958144ff377c26f3f594e9e2a6b5e64e1570452e936016e03fdc079b7dad986019cc27473e22ebf3bec1
-  data.tar.gz: ff2824c32e6421056842a190fe8658f0fc903b3c866919b0a83f4bb4446b76d5d5cffad739fcba0c1564bb5079c02c21eb2022df30f379f9876e190157fe1ece
+  metadata.gz: 18a4e86f4f144dfa23ebc191b7d06382605ada3b050e8e1c9e717cbc9db981f16b419fb27a342f4e1267663f8f82fb12bcebfe0697c9ac4ac40c15108ab73072
+  data.tar.gz: 314bdadd3d8f864895c13e81193845f4632fa46dc23550f12955a5ffe7a7b15ed3df1e12d769d5aefdb8ee4b7e5c3e3e13d5f8378f5c828a2e4bf3c04db8c56c

data/.rubocop.yml

@@ -2,7 +2,7 @@ inherit_from:
   - http://shopify.github.io/ruby-style-guide/rubocop.yml
 
 AllCops:
-  TargetRubyVersion: 2.3
+  TargetRubyVersion: 2.4
 
 Naming/FileName:
   Enabled: true

data/.shopify-build/kubernetes-deploy.yml

@@ -1,6 +1,6 @@
 containers:
   default:
-    docker: circleci/ruby:2.5.1-node-browsers
+    docker: circleci/ruby:2.4.6-node-browsers
 
 steps:
   - label: Lint

data/CHANGELOG.md

@@ -3,13 +3,19 @@
 *Important!*
 - The next release will be 1.0.0, which means that master will contain breaking changes.
 
+*Bug Fixes*
+- Handle improper duration values more elegantly with better messaging
+
+*Other*
+- We now require Ruby 2.4.x since Ruby 2.3 is past EoL.
+
 ## 0.28.0
 
 *Enhancements*
 - Officially support Kubernetes 1.15 ([#546](https://github.com/Shopify/kubernetes-deploy/pull/546))
 - Make sure that we only declare a Service of type LoadBalancer as deployed after its IP address is published. [#547](https://github.com/Shopify/kubernetes-deploy/pull/547)
 - Add more validations to `RunnerTask`. [#554](https://github.com/Shopify/kubernetes-deploy/pull/554)
-- Validate secrets with `--server-dry-run` on supported clusters. [#553](https://github.com/Shopify/kubernetes-deploy/pull/553) 
+- Validate secrets with `--server-dry-run` on supported clusters. [#553](https://github.com/Shopify/kubernetes-deploy/pull/553)
 *Bug Fixes*
 - Fix a bug in rendering where we failed to add a yaml doc separator (`---`) to
   an implicit document if there are multiple documents in the file.

data/README.md

@@ -71,7 +71,7 @@ This repo also includes related tools for [running tasks](#kubernetes-run) and [
 
 ## Prerequisites
 
-* Ruby 2.3+
+* Ruby 2.4+
 * Your cluster must be running Kubernetes v1.11.0 or higher<sup>1</sup>
 * Each app must have a deploy directory containing its Kubernetes templates (see [Templates](#using-templates-and-variables))
 

data/bin/ci

@@ -17,5 +17,5 @@ docker run --rm \
     -e VERBOSE=1 \
     -e PARALLELISM=$PARALLELISM \
     -w /usr/src/app \
-    ruby:2.3 \
+    ruby:2.4 \
     bin/test

data/dev.yml

@@ -1,7 +1,7 @@
 ---
 name: kubernetes-deploy
 up:
-  - ruby: 2.3.3 # Matches gemspec
+  - ruby: 2.4.6 # Matches gemspec
   - bundler
   - homebrew:
     - Caskroom/cask/minikube

data/kubernetes-deploy.gemspec

@@ -22,13 +22,13 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = %w(lib)
 
-  spec.required_ruby_version = '>= 2.3.0'
+  spec.required_ruby_version = '>= 2.4.0'
   spec.add_dependency("activesupport", ">= 5.0")
   spec.add_dependency("kubeclient", "~> 4.3")
   spec.add_dependency("googleauth", "~> 0.8.0")
   spec.add_dependency("ejson", "~> 1.0")
   spec.add_dependency("colorize", "~> 0.8")
-  spec.add_dependency("statsd-instrument", '~> 2.3', '>= 2.3.2')
+  spec.add_dependency("statsd-instrument", '~> 2.3.2')
   spec.add_dependency("oj", "~> 3.0")
   spec.add_dependency("concurrent-ruby", "~> 1.1")
   spec.add_dependency("jsonpath", "~> 0.9.6")

data/lib/krane/cli/deploy_command.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+module Krane
+  module CLI
+    class DeployCommand
+      DEFAULT_DEPLOY_TIMEOUT = '300s'
+      PROTECTED_NAMESPACES = %w(
+        default
+        kube-system
+        kube-public
+      )
+      OPTIONS = {
+        "bindings" => { type: :array, banner: "foo=bar abc=def",
+                        desc: "Expose additional variables to ERB templates (format: k1=v1 k2=v2, JSON string or file "\
+                          "(JSON or YAML) path prefixed by '@')" },
+        "filenames" => { type: :string, banner: '/tmp/my-resource.yml', aliases: :f, required: true,
+                         desc: "Path to file or directory that contains the configuration to apply" },
+        "global-timeout" => { type: :string, banner: "duration", default: DEFAULT_DEPLOY_TIMEOUT,
+                              desc: "Max duration to monitor workloads correctly deployed" },
+        "protected-namespaces" => { type: :array, banner: "namespace1 namespace2 namespaceN",
+                                    desc: "Enable deploys to a list of selected namespaces; set to an empty string "\
+                                      "to disable",
+                                    default: PROTECTED_NAMESPACES },
+        "prune" => { type: :boolean, desc: "Enable deletion of resources that do not appear in the template dir",
+                     default: true },
+        "render-erb" => { type: :boolean, desc: "Enable ERB rendering", default: false },
+        "selector" => { type: :string, banner: "'label=value'",
+                        desc: "Select workloads by selector(s)" },
+        "verbose-log-prefix" => { type: :boolean, desc: "Add [context][namespace] to the log prefix",
+                                  default: true },
+        "verify-result" => { type: :boolean, default: true,
+                             desc: "Verify workloads correctly deployed" },
+      }
+
+      def self.from_options(namespace, context, options)
+        require 'kubernetes-deploy/deploy_task'
+        require 'kubernetes-deploy/options_helper'
+        require 'kubernetes-deploy/bindings_parser'
+        require 'kubernetes-deploy/label_selector'
+
+        bindings_parser = KubernetesDeploy::BindingsParser.new
+        options[:bindings]&.each { |binding_pair| bindings_parser.add(binding_pair) }
+
+        selector = KubernetesDeploy::LabelSelector.parse(options[:selector]) if options[:selector]
+
+        logger = KubernetesDeploy::FormattedLogger.build(namespace, context,
+          verbose_prefix: options['verbose-log-prefix'])
+
+        protected_namespaces = options['protected-namespaces']
+        if options['protected-namespaces'].size == 1 && %w('' "").include?(options['protected-namespaces'][0])
+          protected_namespaces = []
+        end
+
+        KubernetesDeploy::OptionsHelper.with_processed_template_paths([options[:filenames]],
+          require_explicit_path: true) do |paths|
+          deploy = KubernetesDeploy::DeployTask.new(
+            namespace: namespace,
+            context: context,
+            current_sha: ENV["REVISION"],
+            template_paths: paths,
+            bindings: bindings_parser.parse,
+            logger: logger,
+            max_watch_seconds: KubernetesDeploy::DurationParser.new(options["global-timeout"]).parse!.to_i,
+            selector: selector,
+            protected_namespaces: protected_namespaces,
+          )
+
+          deploy.run!(
+            verify_result: options["verify-result"],
+            allow_protected_ns: !protected_namespaces.empty?,
+            prune: options[:prune]
+          )
+        end
+      end
+    end
+  end
+end

data/lib/krane/cli/krane.rb

@@ -4,6 +4,9 @@ require 'krane'
 require 'thor'
 require 'krane/cli/version_command'
 require 'krane/cli/restart_command'
+require 'krane/cli/run_command'
+require 'krane/cli/render_command'
+require 'krane/cli/deploy_command'
 
 module Krane
   module CLI
@@ -17,6 +20,14 @@ module Krane
         task_options.each { |option_name, config| method_option(option_name, config) }
       end
 
+      desc("render", "Render templates")
+      expand_options(RenderCommand::OPTIONS)
+      def render
+        rescue_and_exit do
+          RenderCommand.from_options(options)
+        end
+      end
+
       desc("version", "Prints the version")
       expand_options(VersionCommand::OPTIONS)
       def version
@@ -31,6 +42,22 @@ module Krane
         end
       end
 
+      desc("run NAMESPACE CONTEXT", "Run a pod that exits upon completing a task")
+      expand_options(RunCommand::OPTIONS)
+      def run_command(namespace, context)
+        rescue_and_exit do
+          RunCommand.from_options(namespace, context, options)
+        end
+      end
+
+      desc("deploy NAMESPACE CONTEXT", "Ship resources to a namespace")
+      expand_options(DeployCommand::OPTIONS)
+      def deploy(namespace, context)
+        rescue_and_exit do
+          DeployCommand.from_options(namespace, context, options)
+        end
+      end
+
       def self.exit_on_failure?
         true
       end
@@ -43,6 +70,12 @@ module Krane
         exit(TIMEOUT_EXIT_CODE)
       rescue KubernetesDeploy::FatalDeploymentError
         exit(FAILURE_EXIT_CODE)
+      rescue KubernetesDeploy::DurationParser::ParsingError => e
+        STDERR.puts(<<~ERROR_MESSAGE)
+          Error parsing duration
+          #{e.message}. Duration must be a full ISO8601 duration or time value (e.g. 300s, 10m, 1h)
+        ERROR_MESSAGE
+        exit(FAILURE_EXIT_CODE)
       end
     end
   end

data/lib/krane/cli/render_command.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Krane
+  module CLI
+    class RenderCommand
+      OPTIONS = {
+        bindings: { type: :array, desc: 'Bindings for erb' },
+        filenames: { type: :array, required: true, aliases: 'f', desc: 'Directories and files to render' },
+      }
+
+      def self.from_options(options)
+        require 'kubernetes-deploy/render_task'
+        require 'kubernetes-deploy/bindings_parser'
+        require 'kubernetes-deploy/options_helper'
+
+        bindings_parser = KubernetesDeploy::BindingsParser.new
+        options[:bindings]&.each { |b| bindings_parser.add(b) }
+
+        KubernetesDeploy::OptionsHelper.with_processed_template_paths(options[:filenames]) do |paths|
+          runner = KubernetesDeploy::RenderTask.new(
+            current_sha: ENV["REVISION"],
+            template_paths: paths,
+            bindings: bindings_parser.parse,
+          )
+          runner.run!(STDOUT)
+        end
+      end
+    end
+  end
+end

data/lib/krane/cli/run_command.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+module Krane
+  module CLI
+    class RunCommand
+      DEFAULT_RUN_TIMEOUT = '300s'
+
+      OPTIONS = {
+        "global-timeout" => {
+          type: :string,
+          banner: "duration",
+          desc: "Timeout error is raised if the pod runs for longer than the specified number of seconds",
+          default: DEFAULT_RUN_TIMEOUT,
+        },
+        "arguments" => {
+          type: :string,
+          banner: '"ARG1 ARG2 ARG3"',
+          desc: "Override the default arguments for the command with a space-separated list of arguments",
+        },
+        "verify-result" => { type: :boolean, desc: "Wait for completion and verify pod success", default: true },
+        "command" => { type: :array, desc: "Override the default command in the container image" },
+        "template" => {
+          type: :string,
+          desc: "The template file you'll be rendering",
+          default: 'task-runner-template',
+        },
+        "env-vars" => {
+          type: :string,
+          banner: "VAR=val,FOO=bar",
+          desc: "A Comma-separated list of env vars",
+          default: '',
+        },
+      }
+
+      def self.from_options(namespace, context, options)
+        require "kubernetes-deploy/runner_task"
+        runner = KubernetesDeploy::RunnerTask.new(
+          namespace: namespace,
+          context: context,
+          max_watch_seconds: KubernetesDeploy::DurationParser.new(options["global-timeout"]).parse!.to_i,
+        )
+
+        runner.run!(
+          verify_result: options['verify-result'],
+          task_template: options['template'],
+          entrypoint: options['command'],
+          args: options['arguments']&.split(" "),
+          env_vars: options['env-vars'].split(','),
+        )
+      end
+    end
+  end
+end

data/lib/kubernetes-deploy/delayed_exceptions.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module DelayedExceptions
+  def with_delayed_exceptions(enumerable, *catch, &block)
+    exceptions = []
+    enumerable.each do |i|
+      begin
+        block.call(i)
+      rescue *catch => e
+        exceptions << e
+      end
+    end.tap { raise exceptions.first if exceptions.first }
+  end
+end

data/lib/kubernetes-deploy/deploy_task.rb

@@ -105,7 +105,8 @@ module KubernetesDeploy
     end
 
     def initialize(namespace:, context:, current_sha:, logger: nil, kubectl_instance: nil, bindings: {},
-      max_watch_seconds: nil, selector: nil, template_paths: [], template_dir: nil)
+      max_watch_seconds: nil, selector: nil, template_paths: [], template_dir: nil, protected_namespaces: nil,
+      render_erb: true)
       template_dir = File.expand_path(template_dir) if template_dir
       template_paths = (template_paths.map { |path| File.expand_path(path) } << template_dir).compact
 
@@ -120,6 +121,8 @@ module KubernetesDeploy
       @kubectl = kubectl_instance
       @max_watch_seconds = max_watch_seconds
       @selector = selector
+      @protected_namespaces = protected_namespaces || PROTECTED_NAMESPACES
+      @render_erb = render_erb
     end
 
     def run(*args)
@@ -147,7 +150,7 @@ module KubernetesDeploy
       end
 
       @logger.phase_heading("Deploying all resources")
-      if PROTECTED_NAMESPACES.include?(@namespace) && prune
+      if @protected_namespaces.include?(@namespace) && prune
         raise FatalDeploymentError, "Refusing to deploy to protected namespace '#{@namespace}' with pruning enabled"
       end
 
@@ -283,7 +286,7 @@ module KubernetesDeploy
       @logger.info("Discovering resources:")
       resources = []
       crds_by_kind = cluster_resource_discoverer.crds.group_by(&:kind)
-      @template_sets.with_resource_definitions(render_erb: true,
+      @template_sets.with_resource_definitions(render_erb: @render_erb,
           current_sha: @current_sha, bindings: @bindings) do |r_def|
         crd = crds_by_kind[r_def["kind"]]&.first
         r = KubernetesResource.build(namespace: @namespace, context: @context, logger: @logger, definition: r_def,
@@ -334,7 +337,7 @@ module KubernetesDeploy
 
       if @namespace.blank?
         errors << "Namespace must be specified"
-      elsif PROTECTED_NAMESPACES.include?(@namespace)
+      elsif @protected_namespaces.include?(@namespace)
         if allow_protected_ns && prune
           errors << "Refusing to deploy to protected namespace '#{@namespace}' with pruning enabled"
         elsif allow_protected_ns
@@ -475,27 +478,36 @@ module KubernetesDeploy
         .select(&:sensitive_template_content?)
         .map { |r| File.basename(r.file_path) }
 
+      server_dry_run_validated_resource = resources
+        .select(&:server_dry_run_validated?)
+        .map { |r| File.basename(r.file_path) }
+
       err.each_line do |line|
         bad_files = find_bad_files_from_kubectl_output(line)
-        if bad_files.present?
-          bad_files.each do |f|
-            if filenames_with_sensitive_content.include?(f[:filename])
-              # Hide the error and template contents in case it has senitive information
-              record_invalid_template(err: "SUPPRESSED FOR SECURITY", filename: f[:filename], content: nil)
-            else
-              record_invalid_template(err: f[:err], filename: f[:filename], content: f[:content])
-            end
-          end
-        else
+        unless bad_files.present?
           unidentified_errors << line
+          next
+        end
+
+        bad_files.each do |f|
+          err_msg = f[:err]
+          if filenames_with_sensitive_content.include?(f[:filename])
+            # Hide the error and template contents in case it has sensitive information
+            # we display full error messages as we assume there's no sensitive info leak after server-dry-run
+            err_msg = "SUPPRESSED FOR SECURITY" unless server_dry_run_validated_resource.include?(f[:filename])
+            record_invalid_template(err: err_msg, filename: f[:filename], content: nil)
+          else
+            record_invalid_template(err: err_msg, filename: f[:filename], content: f[:content])
+          end
         end
       end
+      return unless unidentified_errors.any?
 
-      if unidentified_errors.present? && filenames_with_sensitive_content.any?
+      if (filenames_with_sensitive_content - server_dry_run_validated_resource).present?
         warn_msg = "WARNING: There was an error applying some or all resources. The raw output may be sensitive and " \
           "so cannot be displayed."
         @logger.summary.add_paragraph(ColorizedString.new(warn_msg).yellow)
-      elsif unidentified_errors.present?
+      else
         heading = ColorizedString.new('Unidentified error(s):').red
         msg = FormattedLogger.indent_four(unidentified_errors.join)
         @logger.summary.add_paragraph("#{heading}\n#{msg}")

data/lib/kubernetes-deploy/kubectl.rb

@@ -9,6 +9,7 @@ module KubernetesDeploy
     }
     DEFAULT_TIMEOUT = 15
     MAX_RETRY_DELAY = 16
+    SERVER_DRY_RUN_MIN_VERSION = "1.13"
 
     class ResourceNotFoundError < StandardError; end
 
@@ -84,6 +85,10 @@ module KubernetesDeploy
       version_info[:server]
     end
 
+    def server_dry_run_enabled?
+      server_version >= Gem::Version.new(SERVER_DRY_RUN_MIN_VERSION)
+    end
+
     private
 
     def build_command_from_options(args, use_namespace, use_context, output)

data/lib/kubernetes-deploy/kubernetes_resource.rb

@@ -121,6 +121,7 @@ module KubernetesDeploy
       @validation_errors = []
       @validation_warnings = []
       @instance_data = {}
+      @server_dry_run_validated = false
     end
 
     def to_kubeclient_resource
@@ -346,10 +347,14 @@ module KubernetesDeploy
       self.class::SENSITIVE_TEMPLATE_CONTENT
     end
 
-    def server_dry_runnable?
+    def server_dry_runnable_resource?
       self.class::SERVER_DRY_RUNNABLE
     end
 
+    def server_dry_run_validated?
+      @server_dry_run_validated
+    end
+
     class Event
       EVENT_SEPARATOR = "ENDEVENT--BEGINEVENT"
       FIELD_SEPARATOR = "ENDFIELD--BEGINFIELD"
@@ -471,12 +476,15 @@ module KubernetesDeploy
     end
 
     def validate_spec_with_kubectl(kubectl)
-      _, err, st = validate_with_dry_run_option(kubectl, "--dry-run")
-      if st.success? && server_dry_runnable?
+      err = ""
+      if kubectl.server_dry_run_enabled? && server_dry_runnable_resource?
         _, err, st = validate_with_dry_run_option(kubectl, "--server-dry-run")
-        if st.success? || err.match(SERVER_DRY_RUN_DISABLED_ERROR)
-          return true
-        end
+        @server_dry_run_validated = st.success?
+        return true if st.success?
+      end
+
+      if err.empty? || err.match(SERVER_DRY_RUN_DISABLED_ERROR)
+        _, err, st = validate_with_dry_run_option(kubectl, "--dry-run")
       end
 
       return true if st.success?

data/lib/kubernetes-deploy/options_helper.rb

@@ -6,9 +6,9 @@ module KubernetesDeploy
 
     STDIN_TEMP_FILE = "from_stdin.yml.erb"
     class << self
-      def with_processed_template_paths(template_paths)
+      def with_processed_template_paths(template_paths, require_explicit_path: false)
         validated_paths = []
-        if template_paths.empty?
+        if template_paths.empty? && !require_explicit_path
           validated_paths << default_template_dir
         else
           template_paths.uniq!

data/lib/kubernetes-deploy/render_task.rb

@@ -3,18 +3,16 @@ require 'tempfile'
 
 require 'kubernetes-deploy/common'
 require 'kubernetes-deploy/renderer'
+require 'kubernetes-deploy/template_sets'
 
 module KubernetesDeploy
   class RenderTask
-    def initialize(logger: nil, current_sha:, template_dir:, bindings:)
+    def initialize(logger: nil, current_sha:, template_dir: nil, template_paths: [], bindings:)
       @logger = logger || KubernetesDeploy::FormattedLogger.build
       @template_dir = template_dir
-      @renderer = KubernetesDeploy::Renderer.new(
-        current_sha: current_sha,
-        bindings: bindings,
-        template_dir: @template_dir,
-        logger: @logger,
-      )
+      @template_paths = template_paths.map { |path| File.expand_path(path) }
+      @bindings = bindings
+      @current_sha = current_sha
     end
 
     def run(*args)
@@ -28,16 +26,12 @@ module KubernetesDeploy
       @logger.reset
       @logger.phase_heading("Initializing render task")
 
-      filenames = if only_filenames.empty?
-        Dir.foreach(@template_dir).select { |filename| filename.end_with?(".yml.erb", ".yml", ".yaml", ".yaml.erb") }
-      else
-        only_filenames
-      end
+      ts = TemplateSets.from_dirs_and_files(paths: template_sets_paths(only_filenames), logger: @logger)
 
-      validate_configuration(filenames)
-      render_filenames(stream, filenames)
+      validate_configuration(ts, only_filenames)
+      count = render_templates(stream, ts)
 
-      @logger.summary.add_action("Successfully rendered #{filenames.size} template(s)")
+      @logger.summary.add_action("Successfully rendered #{count} template(s)")
       @logger.print_summary(:success)
     rescue KubernetesDeploy::FatalDeploymentError
       @logger.print_summary(:failure)
@@ -46,29 +40,38 @@ module KubernetesDeploy
 
     private
 
-    def render_filenames(stream, filenames)
-      exceptions = []
-      @logger.phase_heading("Rendering template(s)")
-
-      filenames.each do |filename|
-        begin
-          render_filename(filename, stream)
-        rescue KubernetesDeploy::InvalidTemplateError => exception
-          exceptions << exception
-          log_invalid_template(exception)
+    def template_sets_paths(only_filenames)
+      if @template_paths.present?
+        # Validation will catch @template_paths & @template_dir being present
+        @template_paths
+      elsif only_filenames.blank?
+        [File.expand_path(@template_dir || '')]
+      else
+        absolute_template_dir = File.expand_path(@template_dir || '')
+        only_filenames.map do |name|
+          File.join(absolute_template_dir, name)
         end
       end
+    end
 
-      unless exceptions.empty?
-        raise exceptions[0]
+    def render_templates(stream, template_sets)
+      @logger.phase_heading("Rendering template(s)")
+      count = 0
+      template_sets.with_resource_definitions_and_filename(render_erb: true,
+          current_sha: @current_sha, bindings: @bindings, raw: true) do |rendered_content, filename|
+        write_to_stream(rendered_content, filename, stream)
+        count += 1
       end
+
+      count
+    rescue KubernetesDeploy::InvalidTemplateError => exception
+      log_invalid_template(exception)
+      raise
     end
 
-    def render_filename(filename, stream)
+    def write_to_stream(rendered_content, filename, stream)
       file_basename = File.basename(filename)
       @logger.info("Rendering #{file_basename}...")
-      file_content = File.read(File.join(@template_dir, filename))
-      rendered_content = @renderer.render_template(filename, file_content)
       implicit = []
       YAML.parse_stream(rendered_content, "<rendered> #{filename}") { |d| implicit << d.implicit }
       if rendered_content.present?
@@ -82,28 +85,32 @@ module KubernetesDeploy
       raise InvalidTemplateError.new("Template is not valid YAML. #{exception.message}", filename: filename)
     end
 
-    def validate_configuration(filenames)
+    def validate_configuration(template_sets, filenames)
       @logger.info("Validating configuration")
       errors = []
-
-      if filenames.empty?
-        errors << "no templates found in template dir #{@template_dir}"
+      if @template_dir.present? && @template_paths.present?
+        errors << "template_dir and template_paths can not be combined"
+      elsif @template_dir.blank? && @template_paths.blank?
+        errors << "template_dir or template_paths must be set"
       end
 
-      absolute_template_dir = File.expand_path(@template_dir)
-
-      filenames.each do |filename|
-        absolute_file = File.expand_path(File.join(@template_dir, filename))
-        if !File.exist?(absolute_file)
-          errors << "Filename \"#{absolute_file}\" could not be found"
-        elsif !File.file?(absolute_file)
-          errors << "Filename \"#{absolute_file}\" is not a file"
-        elsif !absolute_file.start_with?(absolute_template_dir)
-          errors << "Filename \"#{absolute_file}\" is outside the template directory," \
-          " which was resolved as #{absolute_template_dir}"
+      if filenames.present?
+        if @template_dir.nil?
+          errors << "template_dir must be set to use filenames"
+        else
+          absolute_template_dir = File.expand_path(@template_dir)
+          filenames.each do |filename|
+            absolute_file = File.expand_path(File.join(@template_dir, filename))
+            unless absolute_file.start_with?(absolute_template_dir)
+              errors << "Filename \"#{absolute_file}\" is outside the template directory," \
+              " which was resolved as #{absolute_template_dir}"
+            end
+          end
         end
       end
 
+      errors += template_sets.validate
+
       unless errors.empty?
         @logger.summary.add_action("Configuration invalid")
         @logger.summary.add_paragraph(errors.map { |err| "- #{err}" }.join("\n"))

data/lib/kubernetes-deploy/runner_task.rb

@@ -154,8 +154,8 @@ module KubernetesDeploy
         raise TaskConfigurationError, message
       end
 
-      container.command = entrypoint
-      container.args = args
+      container.command = entrypoint if entrypoint
+      container.args = args if args
 
       env_args = env_vars.map do |env|
         key, value = env.split('=', 2)

data/lib/kubernetes-deploy/runner_task_config_validator.rb

@@ -5,17 +5,11 @@ module KubernetesDeploy
       super(*arguments)
       @template = template
       @args = args
-      @validations += %i(validate_template validate_args)
+      @validations += %i(validate_template)
     end
 
     private
 
-    def validate_args
-      if @args.blank?
-        @errors << "Args can't be nil"
-      end
-    end
-
     def validate_template
       if @template.blank?
         @errors << "Task template name can't be nil"

data/lib/kubernetes-deploy/template_sets.rb

@@ -1,17 +1,21 @@
 # frozen_string_literal: true
+require 'kubernetes-deploy/delayed_exceptions'
+require 'kubernetes-deploy/ejson_secret_provisioner'
 
 module KubernetesDeploy
   class TemplateSets
+    include DelayedExceptions
     VALID_TEMPLATES = %w(.yml.erb .yml .yaml .yaml.erb)
     # private inner class
     class TemplateSet
+      include DelayedExceptions
       def initialize(template_dir:, file_whitelist: [], logger:)
         @template_dir = template_dir
         @files = file_whitelist
         @logger = logger
       end
 
-      def with_resource_definitions(render_erb: false, current_sha: nil, bindings: nil)
+      def with_resource_definitions_and_filename(render_erb: false, current_sha: nil, bindings: nil, raw: false)
         if render_erb
           @renderer = Renderer.new(
             template_dir: @template_dir,
@@ -20,11 +24,9 @@ module KubernetesDeploy
             bindings: bindings,
           )
         end
-        @files.each do |filename|
+        with_delayed_exceptions(@files, KubernetesDeploy::InvalidTemplateError) do |filename|
           next if filename.end_with?(EjsonSecretProvisioner::EJSON_SECRETS_FILE)
-          templates(filename: filename) do |r_def|
-            yield r_def
-          end
+          templates(filename: filename, raw: raw) { |r_def| yield r_def, filename }
         end
       end
 
@@ -59,7 +61,7 @@ module KubernetesDeploy
 
       private
 
-      def templates(filename:)
+      def templates(filename:, raw:)
         file_content = File.read(File.join(@template_dir, filename))
         rendered_content = @renderer ? @renderer.render_template(filename, file_content) : file_content
         YAML.load_stream(rendered_content, "<rendered> #{filename}") do |doc|
@@ -68,8 +70,9 @@ module KubernetesDeploy
             raise InvalidTemplateError.new("Template is not a valid Kubernetes manifest",
               filename: filename, content: doc)
           end
-          yield doc
+          yield doc unless raw
         end
+        yield rendered_content if raw
       rescue InvalidTemplateError => err
         err.filename ||= filename
         raise err
@@ -106,18 +109,26 @@ module KubernetesDeploy
       end
     end
 
-    def with_resource_definitions(render_erb: false, current_sha: nil, bindings: nil)
-      @template_sets.each do |template_set|
-        template_set.with_resource_definitions(
+    def with_resource_definitions_and_filename(render_erb: false, current_sha: nil, bindings: nil, raw: false)
+      with_delayed_exceptions(@template_sets, KubernetesDeploy::InvalidTemplateError) do |template_set|
+        template_set.with_resource_definitions_and_filename(
           render_erb: render_erb,
           current_sha: current_sha,
-          bindings: bindings
-        ) do |r_def|
-          yield r_def
+          bindings: bindings,
+          raw: raw
+        ) do |r_def, filename|
+          yield r_def, filename
         end
       end
     end
 
+    def with_resource_definitions(render_erb: false, current_sha: nil, bindings: nil, raw: false)
+      with_resource_definitions_and_filename(render_erb: render_erb,
+        current_sha: current_sha, bindings: bindings, raw: raw) do |r_def, _|
+        yield r_def
+      end
+    end
+
     def ejson_secrets_files
       @template_sets.map(&:ejson_secrets_file).compact
     end

data/lib/kubernetes-deploy/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module KubernetesDeploy
-  VERSION = "0.28.0"
+  VERSION = "0.29.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: kubernetes-deploy
 version: !ruby/object:Gem::Version
-  version: 0.28.0
+  version: 0.29.0
 platform: ruby
 authors:
 - Katrina Verey
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-09-20 00:00:00.000000000 Z
+date: 2019-09-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -86,9 +86,6 @@ dependencies:
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.3'
-    - - ">="
       - !ruby/object:Gem::Version
         version: 2.3.2
   type: :runtime
@@ -96,9 +93,6 @@ dependencies:
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.3'
-    - - ">="
       - !ruby/object:Gem::Version
         version: 2.3.2
 - !ruby/object:Gem::Dependency
@@ -279,8 +273,11 @@ files:
 - exe/kubernetes-run
 - kubernetes-deploy.gemspec
 - lib/krane.rb
+- lib/krane/cli/deploy_command.rb
 - lib/krane/cli/krane.rb
+- lib/krane/cli/render_command.rb
 - lib/krane/cli/restart_command.rb
+- lib/krane/cli/run_command.rb
 - lib/krane/cli/version_command.rb
 - lib/kubernetes-deploy.rb
 - lib/kubernetes-deploy/bindings_parser.rb
@@ -289,6 +286,7 @@ files:
 - lib/kubernetes-deploy/concurrency.rb
 - lib/kubernetes-deploy/container_logs.rb
 - lib/kubernetes-deploy/deferred_summary_logging.rb
+- lib/kubernetes-deploy/delayed_exceptions.rb
 - lib/kubernetes-deploy/deploy_task.rb
 - lib/kubernetes-deploy/duration_parser.rb
 - lib/kubernetes-deploy/ejson_secret_provisioner.rb
@@ -357,7 +355,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.3.0
+      version: 2.4.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="