kubes 0.5.1 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 19bc1aa1219b83ad85fb8ac5e2b5e8ed463e97e546927658127b75afc212fd77
-  data.tar.gz: 9cc42229b38fbc1d3eaa3c289133b2bb17fe4677fb6c8603dfd793c6c377ed33
+  metadata.gz: d2390d8076195f47ba56caa233149ab431fbae94f941be09442c8f8dee672c97
+  data.tar.gz: aaaee4c61ca2be7a88d53fbbb3bdaa39e7c0fdf398f26a55891433f1c93da0c5
 SHA512:
-  metadata.gz: 566c1e5d878bebdd41d8eba2639e2b176896a33d103388b6380ad9524d52613dfbe55ee8e9b328cdab43cc732d9194d7908a1de4543e1e24f6daf3b83d50274b
-  data.tar.gz: 1ee99b1c620161b5b02b3443327c0757a8bce94de80e5f6c8c3d8bced6bfdb116035f71188eb7fec6b535bb228577a3705e9a52866af8134cf642ea9ba7937f4
+  metadata.gz: 7bd6263f72c46e3f5123436562096b6bde64c1cfcb9cd1a92f494eda992d6610ea173a58e48ba51e5f62b983e3fec87a948e7519df7af2b6371de47b2ac90782
+  data.tar.gz: 4f92ed3fa62f80498df8d72ad80481d62fc8e3537cd334344a2f4dee746ec3891c173d69c15c1a3f3845e1a0519811559d1cb30b63036861173bff51b7d0f524

data/CHANGELOG.md

@@ -3,6 +3,16 @@
 All notable changes to this project will be documented in this file.
 This project *loosely tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
 
+## [0.6.0]
+- mix layering support: evaluate DSL so layering can be mixed between YAML and DSL
+- custom variables support
+- custom helpers support
+- plugins helpers support
+- generators: new resource, new helper, new variable
+- setup autoloader earlier. removes need for shims
+- auth login for gcr also
+- fix cli -h when not within Kubes project
+
 ## [0.5.1]
 - fix deployment generator
 

data/README.md

@@ -55,10 +55,62 @@ The deploy command, does all 3 steps: builds the docker image, compiles the `.ku
 
     kubes deploy
 
+## Multiple Enviroments
+
+You can easily create multiple environments with the same YAML configs. Example:
+
+    KUBES_ENV=dev  kubes deploy
+    KUBES_ENV=prod kubes deploy
+
+See: [Multiple Enviroments Pattern](https://kubes.guru/docs/patterns/multiple-envs/)
+
+## Generators: Stop Writing Boilerplate
+
+Your time is precious. Why are we copying and pasting boilerplate structure in this day and age?
+
+Kubes provides generators to help you get going right away.
+
+Resources examples:
+
+    $ kubes new resource secret
+          create  .kubes/resources/shared/secret.yaml
+    $ kubes new resource service_account
+          create  .kubes/resources/shared/service_account.yaml
+
+Kubes components examples:
+
+    $ kubes new helper
+          create  .kubes/helpers/custom_helper.rb
+    $ kubes new variable
+          create  .kubes/variables/dev.rb
+    $
+
+## Features
+
+* Automation: [Builds the Docker image](https://kubes.guru/docs/config/docker/) and updates the compiled YAML files
+* Syntactic Sugar: Use an [ERB/YAML](https://kubes.guru/docs/yaml/) or a [DSL](https://kubes.guru/docs/dsl/) to write your Kubernetes YAML files. You can use a mix of DSL and YAML definitions in the `.kubes/resources` folder.
+* Layering: Use the same Kubernetes YAML to build multiple environments like dev and prod with [layering](https://kubes.guru/docs/layering/).
+* Generators: Kubes ships with a few generators to help you get building with Kubernetes quickly. See: [Generator Docs](https://kubes.guru/docs/generators/).
+* CLI Customizations: You can customize the [cli args](https://kubes.guru/docs/config/args/kubectl/).
+* Hooks: You can also run [hooks](https://kubes.guru/docs/config/hooks/) before and after [kubes](https://kubes.guru/docs/config/hooks/kubes/) and [kubectl](https://kubes.guru/docs/config/hooks/kubectl/) commands.
+* Automated Suffix Hashes: Automatically appends a suffix hash to ConfigMap and Secret resources. More details in [ConfigMap](https://kubes.guru/docs/dsl/resources/config_map/) and [Secret](https://kubes.guru/docs/dsl/resources/secret/) docs.
+* Kustomize Support: If you're a kustomization user, you can use it with Kubes. More details in [Kustomize Support Docs](https://kubes.guru/docs/misc/kustomize/).
+* Auto Context Switching: Map dev to a specific kubectl context and prod to another kubectl context and Kubes can switch them automatically so you won't have to remember. More details in [Auto Context Docs](https://kubes.guru/docs/misc/auto-context/).
+* Ordering: Kubes run kubectl apply to create resources in the [correct order](https://kubes.guru/docs/intro/ordering/). For deleting, it kubes will run `kubectl delete` in the correct reverse order. The order is also [customizable](https://kubes.guru/docs/intro/ordering/custom/).
+
 ## Installation
 
 Install with:
 
     gem install kubes
 
+## Comparison
+
+Here are some useful comparisons to help you compare Kubes vs other tools in the ecosystem:
+
+* Blog Post: [Kustomize vs Helm vs Kubes: Kubernetes Deploy Tools](https://blog.boltops.com/2020/11/05/kustomize-vs-helm-vs-kubes-kubernetes-deploy-tools)
+* [Kubes vs Custom Solution](https://kubes.guru/docs/vs/custom/)
+* [Kubes vs Helm](https://kubes.guru/docs/vs/helm/)
+* [Kubes vs Kustomize](https://kubes.guru/docs/vs/kustomize/)
+
 For more info: [kubes.guru](https://kubes.guru)

data/docs/_docs/dsl/resources/secret.md

@@ -19,7 +19,7 @@ data(
 
 Produces:
 
-.kubes/output/shared/service.yaml
+.kubes/output/shared/secret.yaml
 
 ```yaml
 apiVersion: v1
@@ -38,6 +38,23 @@ data:
 
 {% include dsl/rolling_deployment.md kind="Secret" %}
 
+.kubes/resources/web/deployment.yaml:
+
+```yaml
+# ..
+spec:
+  template:
+    spec:
+      containers:
+      - name: demo
+        image: nginx
+        envFrom:
+        - secretRef:
+            name: demo-secret
+```
+
+Produces:
+
 .kubes/output/web/deployment.yaml:
 
 ```yaml
@@ -46,7 +63,7 @@ spec:
   template:
     spec:
       containers:
-      - name: demo-shared
+      - name: demo
         image: nginx
         envFrom:
         - secretRef:

data/docs/_docs/generators.md

@@ -8,15 +8,15 @@ Kubes ships with a few generators to help you get building with Kubernetes quick
 
 Here are a few examples:
 
-    $ kubes new ingress
+    $ kubes new resource ingress
           create  .kubes/resources/web/ingress.yaml
-    $ kubes new service_account
+    $ kubes new resource service_account
           create  .kubes/resources/shared/service_account.yaml
     $
 
 Use `-h` to see the cli options:
 
-    kubes new -h
+    kubes new resource -h
 
 ## Supported Resources
 
@@ -38,4 +38,4 @@ Here's a list of some of the supported resources.
     service_account
     service
 
-Refer to the [source code](https://github.com/boltops-tools/kubes/blob/master/lib/templates/new/yaml) to all the resources that the generator supports.
+Refer to the [source code](https://github.com/boltops-tools/kubes/blob/master/lib/templates/new/resource/yaml) to all the resources that the generator supports.

data/docs/_docs/helpers/aws/advanced/secrets.md

@@ -0,0 +1,131 @@
+---
+title: AWS Secrets Advanced
+nav_text: Secrets
+categories: advanced-helpers-aws
+---
+
+This covers an advanced way so that Kubernetes Secrets are created from AWS Secrets Manager in a conventional way.
+
+## Simple Values
+
+For example if you have these secret values:
+
+    $ aws secretsmanager get-secret-value --secret-id demo/dev/db_user | jq '.SecretString'
+    user
+    $ aws secretsmanager get-secret-value --secret-id demo/dev/db_pass | jq '.SecretString'
+    pass
+
+Set up a [Kubes hook](https://kubes.guru/docs/config/hooks/kubes/).
+
+.kubes/config/hooks/kubes.rb
+
+```ruby
+secrets = KubesAws::Secrets.new(upcase: true, prefix: "demo/dev/")
+before("compile",
+  label: "Get secrets from AWS Secrets Manager",
+  execute: secrets,
+)
+```
+
+Then set the secrets in the YAML:
+
+.kubes/resources/shared/secret.yaml
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: demo
+  labels:
+    app: demo
+data:
+<% KubesAws::Secrets.data.each do |k,v| -%>
+  <%= k %>: <%= base64(v) %>
+<% end -%>
+```
+
+This results in AWS secrets with the prefix the `demo/dev/` being added to the Kubernetes secret data.  The values are automatically base64 encoded. Produces:
+
+.kubes/output/shared/secret.yaml
+
+```yaml
+metadata:
+  namespace: demo
+  name: demo-2a78a13682
+  labels:
+    app: demo
+apiVersion: v1
+kind: Secret
+data:
+  db_pass: dGVzdDEK
+  db_user: dGVzdDIK
+```
+
+## JSON Values
+
+For example if you have these secret values:
+
+    $ aws secretsmanager get-secret-value --secret-id demo/dev/k2 | jq '.SecretString'
+    {\"a\":1,\"b\":2}"
+
+Set up a [Kubes hook](https://kubes.guru/docs/config/hooks/kubes/).
+
+.kubes/config/hooks/kubes.rb
+
+```ruby
+secrets = KubesAws::Secrets.new(prefix: "rails/dev/")
+before("compile",
+  label: "Get secrets from AWS Secrets Manager",
+  execute: secrets,
+)
+```
+
+Then set the secrets in the YAML:
+
+.kubes/resources/shared/secret.yaml
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: demo
+  labels:
+    app: demo
+data:
+<% k2 = JSON.load(KubesAws::Secrets.data["k2"]) %>
+  a: <%= base64(k2["a"]) %>
+  b: <%= base64(k2["b"]) %>
+```
+
+Produces:
+
+```yaml
+metadata:
+  namespace: demo-dev
+  name: demo-a4cd604a95
+  labels:
+    app: demo
+apiVersion: v1
+kind: Secret
+data:
+  a: MQ==
+  b: Mg==
+```
+
+## Variables
+
+These environment variables can be set:
+
+Name | Description
+---|---
+AWS_SECRET_PREFIX | Prefixed used to list and filter AWS secrets. IE: `demo/dev/`.
+
+Secrets#initialize options:
+
+Variable | Description | Default
+---|---|---
+base64 | Automatically base64 encode the values. | false
+upcase | Automatically upcase the Kubernetes secret data keys. | false
+prefix | Prefixed used to list and filter AWS secrets. IE: `demo/dev/`. Can also be set with the `AWS_SECRET_PREFIX` env variable. The env variable takes the highest precedence. | nil
+
+{% include helpers/base64.md %}

data/docs/_docs/helpers/aws/advanced/ssm.md

@@ -0,0 +1,78 @@
+---
+title: AWS SSM Parameters Advanced
+nav_text: SSM
+categories: advanced-helpers-aws
+---
+
+This covers an advanced way so that Kubernetes Secrets are created from AWS SSM Parameter Store in a conventional way.
+
+For example if you have these secret values:
+
+    $ aws ssm get-parameter --name /demo/development/db_user --with-decryption | jq '.Parameter.Value'
+    user
+    $ aws ssm get-parameter --name /demo/development/db_pass --with-decryption | jq '.Parameter.Value'
+    pass
+
+Set up a [Kubes hook](https://kubes.guru/docs/config/hooks/kubes/).
+
+.kubes/config/hooks/kubes.rb
+
+```ruby
+ssm = KubesAws::SSM.new(upcase: true, prefix: "/demo/development/")
+before("compile",
+  label: "Get secrets from AWS SSM Manager",
+  execute: ssm,
+)
+```
+
+Then set the secrets in the YAML:
+
+.kubes/resources/shared/secret.yaml
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: demo
+  labels:
+    app: demo
+data:
+<% KubesAws::SSM.data.each do |k,v| -%>
+  <%= k %>: <%= base64(v) %>
+<% end -%>
+```
+
+This results in AWS secrets with the prefix the `demo/dev/` being added to the Kubernetes secret data.  The values are automatically base64 encoded. Produces:
+
+.kubes/output/shared/secret.yaml
+
+```yaml
+metadata:
+  namespace: demo
+  name: demo-2a78a13682
+  labels:
+    app: demo
+apiVersion: v1
+kind: Secret
+data:
+  db_pass: dGVzdDEK
+  db_user: dGVzdDIK
+```
+
+## Variables
+
+These environment variables can be set:
+
+Name | Description
+---|---
+AWS_SSM_PREFIX | Prefixed used to list and filter AWS SSM Parameters. IE: `demo/dev/`.
+
+Secrets#initialize options:
+
+Variable | Description | Default
+---|---|---
+base64 | Automatically base64 encode the values. | false
+upcase | Automatically upcase the Kubernetes secret data keys. | false
+prefix | Prefixed used to list and filter AWS secrets. IE: `demo/dev/`. Can also be set with the `AWS_SECRET_PREFIX` env variable. The env variable takes the highest precedence. | nil
+
+{% include helpers/base64.md %}

data/docs/_docs/helpers/aws/advanced.md

@@ -0,0 +1,10 @@
+---
+title: Advanced AWS Helpers
+nav_text: Advanced
+categories: helpers-aws
+---
+
+{% assign docs = site.docs | where: "categories","advanced-helpers-aws" %}
+{% for doc in docs -%}
+  * [{{ doc.nav_text }}]({{ doc.url }})
+{% endfor %}

data/docs/_docs/helpers/aws/secrets.md

@@ -4,28 +4,9 @@ nav_text: Secrets
 categories: helpers-aws
 ---
 
-## Simple Values
+The `aws_secret` helper fetches secret data from AWS Secrets Manager.
 
-For example if you have these secret values:
-
-    $ aws secretsmanager get-secret-value --secret-id demo/dev/db_user | jq '.SecretString'
-    user
-    $ aws secretsmanager get-secret-value --secret-id demo/dev/db_pass | jq '.SecretString'
-    pass
-
-Set up a [Kubes hook](https://kubes.guru/docs/config/hooks/kubes/).
-
-.kubes/config/hooks/kubes.rb
-
-```ruby
-secrets = KubesAws::Secrets.new(upcase: true, prefix: "demo/dev/")
-before("compile",
-  label: "Get secrets from AWS Secrets Manager",
-  execute: secrets,
-)
-```
-
-Then set the secrets in the YAML:
+## Example
 
 .kubes/resources/shared/secret.yaml
 
@@ -37,12 +18,17 @@ metadata:
   labels:
     app: demo
 data:
-<% KubesAws::Secrets.data.each do |k,v| -%>
-  <%= k %>: <%= base64(v) %>
-<% end -%>
+  PASS: <%= aws_secret("demo-#{Kubes.env}-PASS") %>
+  USER: <%= aws_secret("demo-#{Kubes.env}-USER") %>
 ```
 
-This results in AWS secrets with the prefix the `demo/dev/` being added to the Kubernetes secret data.  The values are automatically base64 encoded. Produces:
+For example if you have these secret values:
+
+    $ aws secretsmanager get-secret-value --secret-id demo-dev-PASS | jq '.SecretString'
+    test1
+    $ aws secretsmanager get-secret-value --secret-id demo-dev-USER | jq '.SecretString'
+    test2
+    $
 
 .kubes/output/shared/secret.yaml
 
@@ -55,75 +41,19 @@ metadata:
 apiVersion: v1
 kind: Secret
 data:
-  db_pass: dGVzdDEK
-  db_user: dGVzdDIK
+  PASS: dGVzdDEK
+  USER: dGVzdDIK
 ```
 
-## JSON Values
+The values are automatically base64 encoded.
 
-For example if you have these secret values:
+## Base64 Option
 
-    $ aws secretsmanager get-secret-value --secret-id demo/dev/k2 | jq '.SecretString'
-    {\"a\":1,\"b\":2}"
-
-Set up a [Kubes hook](https://kubes.guru/docs/config/hooks/kubes/).
-
-.kubes/config/hooks/kubes.rb
+The value is automatically base64 encoded. You can set the `base64` option to turn on and off the automated base64 encoding.
 
 ```ruby
-secrets = KubesAws::Secrets.new(prefix: "rails/dev/")
-before("compile",
-  label: "Get secrets from AWS Secrets Manager",
-  execute: secrets,
-)
+aws_secret("demo-#{Kubes.env}-USER", base64: true)  # default is base64=true
+aws_secret("demo-#{Kubes.env}-PASS", base64: false)
 ```
 
-Then set the secrets in the YAML:
-
-.kubes/resources/shared/secret.yaml
-
-```yaml
-apiVersion: v1
-kind: Secret
-metadata:
-  name: demo
-  labels:
-    app: demo
-data:
-<% k2 = JSON.load(KubesAws::Secrets.data["k2"]) %>
-  a: <%= base64(k2["a"]) %>
-  b: <%= base64(k2["b"]) %>
-```
-
-Produces:
-
-```yaml
-metadata:
-  namespace: demo-dev
-  name: demo-a4cd604a95
-  labels:
-    app: demo
-apiVersion: v1
-kind: Secret
-data:
-  a: MQ==
-  b: Mg==
-```
-
-## Variables
-
-These environment variables can be set:
-
-Name | Description
----|---
-AWS_SECRET_PREFIX | Prefixed used to list and filter AWS secrets. IE: `demo/dev/`.
-
-Secrets#initialize options:
-
-Variable | Description | Default
----|---|---
-base64 | Automatically base64 encode the values. | false
-upcase | Automatically upcase the Kubernetes secret data keys. | false
-prefix | Prefixed used to list and filter AWS secrets. IE: `demo/dev/`. Can also be set with the `AWS_SECRET_PREFIX` env variable. The env variable takes the highest precedence. | nil
-
 {% include helpers/base64.md %}

data/docs/_docs/helpers/aws/ssm.md

@@ -4,26 +4,9 @@ nav_text: SSM
 categories: helpers-aws
 ---
 
-For example if you have these secret values:
+The `aws_ssm` helper fetches data from AWS SSM Parameter Store.
 
-    $ aws ssm get-parameter --name /demo/development/db_user --with-decryption | jq '.Parameter.Value'
-    user
-    $ aws ssm get-parameter --name /demo/development/db_pass --with-decryption | jq '.Parameter.Value'
-    pass
-
-Set up a [Kubes hook](https://kubes.guru/docs/config/hooks/kubes/).
-
-.kubes/config/hooks/kubes.rb
-
-```ruby
-ssm = KubesAws::SSM.new(upcase: true, prefix: "/demo/development/")
-before("compile",
-  label: "Get secrets from AWS SSM Manager",
-  execute: ssm,
-)
-```
-
-Then set the secrets in the YAML:
+## Example
 
 .kubes/resources/shared/secret.yaml
 
@@ -35,12 +18,16 @@ metadata:
   labels:
     app: demo
 data:
-<% KubesAws::SSM.data.each do |k,v| -%>
-  <%= k %>: <%= base64(v) %>
-<% end -%>
+  PASS: <%= aws_ssm("/demo/#{Kubes.env}/PASS") %>
+  USER: <%= aws_ssm("/demo/#{Kubes.env}/USER") %>
 ```
 
-This results in AWS secrets with the prefix the `demo/dev/` being added to the Kubernetes secret data.  The values are automatically base64 encoded. Produces:
+For example if you have these ssm parameter values:
+
+    $ aws ssm get-parameter --name /demo/dev/PASS --with-decryption | jq '.Parameter.Value'
+    test1
+    $ aws ssm get-parameter --name /demo/dev/USER --with-decryption | jq '.Parameter.Value'
+    test2
 
 .kubes/output/shared/secret.yaml
 
@@ -53,24 +40,19 @@ metadata:
 apiVersion: v1
 kind: Secret
 data:
-  db_pass: dGVzdDEK
-  db_user: dGVzdDIK
+  PASS: dGVzdDEK
+  USER: dGVzdDIK
 ```
 
-## Variables
-
-These environment variables can be set:
+The values are automatically base64 encoded.
 
-Name | Description
----|---
-AWS_SSM_PREFIX | Prefixed used to list and filter AWS SSM Parameters. IE: `demo/dev/`.
+## Base64 Option
 
-Secrets#initialize options:
+The value is automatically base64 encoded. You can set the `base64` option to turn on and off the automated base64 encoding.
 
-Variable | Description | Default
----|---|---
-base64 | Automatically base64 encode the values. | false
-upcase | Automatically upcase the Kubernetes secret data keys. | false
-prefix | Prefixed used to list and filter AWS secrets. IE: `demo/dev/`. Can also be set with the `AWS_SECRET_PREFIX` env variable. The env variable takes the highest precedence. | nil
+```ruby
+aws_ssm("/demo/#{Kubes.env}/USER", base64: true)  # default is base64=true
+aws_ssm("/demo/#{Kubes.env}/PASS", base64: false)
+```
 
-{% include helpers/base64.md %}
+{% include helpers/base64.md %}

data/docs/_docs/helpers/google/advanced/secrets.md

@@ -0,0 +1,78 @@
+---
+title:  Advanced Google Secrets
+nav_text: Secrets
+categories: advanced-helpers-google
+---
+
+This covers an advanced way so that Kubernetes Secrets are created from Google Secrets in a conventional way.
+
+Set up a [Kubes hook](https://kubes.guru/docs/config/hooks/kubes/).
+
+.kubes/config/hooks/kubes.rb
+
+```ruby
+before("compile",
+  execute: KubesGoogle::Secrets.new(upcase: true, prefix: 'projects/686010496118/secrets/demo-dev-')
+)
+```
+
+Then set the secrets in the YAML:
+
+.kubes/resources/shared/secret.yaml
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: demo
+  labels:
+    app: demo
+data:
+<% KubesGoogle::Secrets.data.each do |k,v| -%>
+  <%= k %>: <%= base64(v) %>
+<% end -%>
+```
+
+This results in Google secrets with the prefix the `demo-dev-` being added to the Kubernetes secret data.  The values are automatically base64 encoded.
+
+For example if you have these secret values:
+
+    $ gcloud secrets versions access latest --secret demo-dev-db_user
+    test1
+    $ gcloud secrets versions access latest --secret demo-dev-db_pass
+    test2
+    $
+
+.kubes/output/shared/secret.yaml
+
+```yaml
+metadata:
+  namespace: demo
+  name: demo-2a78a13682
+  labels:
+    app: demo
+apiVersion: v1
+kind: Secret
+data:
+  db_pass: dGVzdDEK
+  db_user: dGVzdDIK
+```
+
+## Variables
+
+These environment variables can be set:
+
+Name | Description
+---|---
+GCP_SECRET_PREFIX | Prefixed used to list and filter Google secrets. IE: `projects/686010496118/secrets/demo-dev-`.
+GOOGLE_PROJECT | Google project id.
+
+Secrets#initialize options:
+
+Variable | Description | Default
+---|---|---
+base64 | Automatically base64 encode the values. | false
+upcase | Automatically upcase the Kubernetes secret data keys. | false
+prefix | Prefixed used to list and filter Google secrets. IE: `projects/686010496118/secrets/demo-dev-`. Can also be set with the `GCP_SECRET_PREFIX` env variable. The env variable takes the highest precedence. | nil
+
+{% include helpers/base64.md %}

data/docs/_docs/helpers/google/advanced.md

@@ -0,0 +1,10 @@
+---
+title: Advanced Google Helpers
+nav_text: Advanced
+categories: helpers-google
+---
+
+{% assign docs = site.docs | where: "categories","advanced-helpers-google" %}
+{% for doc in docs -%}
+  * [{{ doc.nav_text }}]({{ doc.url }})
+{% endfor %}