kuby-gke 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 37f0c24f6f6c990561c05d5c5478b305ccee9e7f46bf83451b6b3c555360495a
+  data.tar.gz: 3436d7ac77a8dce070102e215b5f6184e981ab7505da2b5036c1607fe59a04df
+SHA512:
+  metadata.gz: 70241d2d6c6d3676d7f7c301be95ed84695495d854139bd656cf3fe77033a695d1c90d679933dfdcb84d5ac0c92487b87ae0362e92aa47ce95e083207b770d01
+  data.tar.gz: fc0f7de8a141c5d7cb30c61202e798dff39129d9db6969efef7a6203dbbd5f2515fd613605bad66e1b325e8a29e0ec55c8ce751cf9f2733d4b2c227f60ccc0a4

data/CHANGELOG.md

@@ -0,0 +1,2 @@
+## 0.1.0
+* Birthday!

data/Gemfile

@@ -0,0 +1,14 @@
+source 'https://rubygems.org'
+
+gemspec
+
+gem 'kuby-core'
+
+group :development, :test do
+  gem 'debug'
+  gem 'rake'
+end
+
+group :test do
+  gem 'rspec', '~> 3.0'
+end

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2023 Cameron Dutro
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,52 @@
+## kuby-gke
+
+Google Kubernetes Engine (GKE) provider for [Kuby](https://github.com/getkuby/kuby-core).
+
+## Intro
+
+In Kuby parlance, a "provider" is an [adapter](https://en.wikipedia.org/wiki/Adapter_pattern) that enables Kuby to deploy apps to a specific cloud provider. In this case, we're talking about Google's [Cloud Platform](https://cloud.google.com/), specifically their managed Kubernetes offering, [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine) (GKE).
+
+All providers adhere to a specific interface, meaning you can swap out one provider for another without having to change your code.
+
+## Usage
+
+Before you get started configuring Kuby, you'll need to create a cluster and service account for accessing said cluster. The service account should have owner-level permissions to be able to create cluster-level resources. The JSON credentials file mentioned below can be obtained by creating a key for the service account.
+
+Enable the GKE provider like so:
+
+```ruby
+require 'kuby/gke'
+
+Kuby.define('MyApp') do
+  environment(:production) do
+    kubernetes do
+
+      provider :gke do
+        # The ID of the GCP project that houses your cluster.
+        project_id 'my-project-id'
+
+        # The name of your cluster.
+        cluster_name 'my-cluster-name'
+
+        # The availability zone your cluster is in, eg. us-central1-a
+        zone 'my-zone'
+
+        # The path to a JSON file containing credentials for an actor
+        # that has access to the cluster, most likely a service account.
+        keyfile '/path/to/keyfile.json'
+      end
+
+    end
+  end
+end
+```
+
+Once configured, you should be able to run all the Kuby rake tasks as you would with any provider.
+
+## License
+
+Licensed under the MIT license. See LICENSE for details.
+
+## Authors
+
+* Cameron C. Dutro: http://github.com/camertron

data/Rakefile

@@ -0,0 +1,14 @@
+require 'bundler'
+require 'rspec/core/rake_task'
+require 'rubygems/package_task'
+
+require 'kuby/gke'
+
+Bundler::GemHelper.install_tasks
+
+task default: :spec
+
+desc 'Run specs'
+RSpec::Core::RakeTask.new do |t|
+  t.pattern = './spec/**/*_spec.rb'
+end

data/kuby-gke.gemspec

@@ -0,0 +1,22 @@
+$:.unshift File.join(File.dirname(__FILE__), 'lib')
+require 'kuby/gke/version'
+
+Gem::Specification.new do |s|
+  s.name     = 'kuby-gke'
+  s.version  = ::Kuby::GKE::VERSION
+  s.authors  = ['Cameron Dutro']
+  s.email    = ['camertron@gmail.com']
+  s.homepage = 'http://github.com/getkuby/kuby-gke'
+
+  s.description = s.summary = 'Google Kubernetes Engine (GKE) provider for Kuby.'
+
+  s.platform = Gem::Platform::RUBY
+
+  s.add_dependency 'kube-dsl', '~> 0.7'
+  s.add_dependency 'google-cloud-container', '~> 1.3'
+  s.add_dependency 'gke-auth-plugin-rb', '~> 0.1'
+  s.add_dependency 'kubernetes-cli', '~> 0.5'
+
+  s.require_path = 'lib'
+  s.files = Dir['{lib,spec}/**/*', 'Gemfile', 'LICENSE', 'CHANGELOG.md', 'README.md', 'Rakefile', 'kuby-gke.gemspec']
+end

data/lib/kuby/gke/config.rb

@@ -0,0 +1,21 @@
+require 'kube-dsl'
+require 'digest'
+
+module Kuby
+  module GKE
+    class Config
+      extend ::KubeDSL::ValueFields
+
+      value_fields :project_id, :cluster_name, :zone, :keyfile
+
+      def hash_value
+        keyfile_hash = Digest::SHA256.hexdigest(
+          File.exist?(keyfile) ? File.read(keyfile) : ""
+        )
+
+        parts = [project_id, cluster_name, zone, keyfile, keyfile_hash]
+        Digest::SHA256.hexdigest(parts.join(':'))
+      end
+    end
+  end
+end

data/lib/kuby/gke/kubeconfig.rb

@@ -0,0 +1,79 @@
+require 'gke-auth-plugin-rb'
+
+module Kuby
+  module GKE
+    class Kubeconfig
+      attr_reader :project_id, :cluster_name, :zone, :endpoint, :ca_cert
+
+      def self.from(config:, cluster_def:)
+        new(
+          project_id: config.project_id,
+          cluster_name: config.cluster_name,
+          zone: config.zone,
+          endpoint: cluster_def['endpoint'],
+          ca_cert: cluster_def['master_auth']['cluster_ca_certificate']
+        )
+      end
+
+      def initialize(project_id:, cluster_name:, zone:, endpoint:, ca_cert:)
+        @project_id = project_id
+        @cluster_name = cluster_name
+        @zone = zone
+        @endpoint = endpoint
+        @ca_cert = ca_cert
+      end
+
+      def generate
+        {
+          "apiVersion" => "v1",
+          "kind" => "Config",
+          "clusters" => clusters,
+          "contexts" => contexts,
+          "current-context" => id_triple,
+          "preferences" => {},
+          "users" => users
+        }
+      end
+
+      private
+
+      def clusters
+        [{
+          "cluster" => {
+            "certificate-authority-data" => ca_cert,
+            "server" => "https://#{endpoint}"
+          },
+          "name" => id_triple
+        }]
+      end
+
+      def contexts
+        [{
+          "context" => {
+            "cluster" => id_triple,
+            "user" => id_triple
+          },
+          "name" => id_triple
+        }]
+      end
+
+      def users
+        [{
+          "name" => id_triple,
+          "user" => {
+            "exec" => {
+              "apiVersion" => "client.authentication.k8s.io/v1beta1",
+              "command" => GKEAuthPluginRb.executable,
+              "provideClusterInfo" => true,
+              "interactiveMode" => "Never"
+            }
+          }
+        }]
+      end
+
+      def id_triple
+        @id_triple ||= "#{project_id}_#{zone}_#{cluster_name}"
+      end
+    end
+  end
+end

data/lib/kuby/gke/provider.rb

@@ -0,0 +1,106 @@
+require 'fileutils'
+require 'google/cloud/container'
+require 'google/cloud/container/v1'
+require 'tmpdir'
+require 'yaml'
+
+module Kuby
+  module GKE
+    class Provider < Kuby::Kubernetes::Provider
+      STORAGE_CLASS_NAME = 'default'.freeze
+
+      attr_reader :config
+
+      def configure(&block)
+        config.instance_eval(&block)
+      end
+
+      def kubeconfig_path
+        File.join(
+          kubeconfig_dir,
+          "#{environment.app_name.downcase}-#{config.hash_value}-kubeconfig.yaml"
+        )
+      end
+
+      def storage_class_name
+        STORAGE_CLASS_NAME
+      end
+
+      def kubernetes_cli
+        @kubernetes_cli ||= begin
+          refresh_kubeconfig
+
+          super.tap do |cli|
+            cli.env['GOOGLE_APPLICATION_CREDENTIALS'] = config.keyfile
+          end
+        end
+      end
+
+      def deploy
+        with_env({ 'GOOGLE_APPLICATION_CREDENTIALS' => config.keyfile }) do
+          super
+        end
+      end
+
+      private
+
+      def after_initialize
+        @config = Config.new
+        @kubeconfig_refreshed = false
+      end
+
+      def client
+        @client ||= Google::Cloud::Container.cluster_manager do |client_config|
+          client_config.credentials = config.keyfile
+        end
+      end
+
+      def refresh_kubeconfig
+        return unless should_refresh_kubeconfig?
+
+        FileUtils.mkdir_p(kubeconfig_dir)
+
+        Kuby.logger.info('Refreshing kubeconfig...')
+
+        request = Google::Cloud::Container::V1::GetClusterRequest.new(
+          name: "projects/#{config.project_id}/locations/#{config.zone}/clusters/#{config.cluster_name}"
+        )
+
+        cluster = client.get_cluster(request)
+        kubeconfig = Kubeconfig.from(config: config, cluster_def: cluster)
+
+        File.write(kubeconfig_path, YAML.dump(kubeconfig.generate))
+
+        @kubeconfig_refreshed = true
+
+        Kuby.logger.info('Successfully refreshed kubeconfig!')
+      end
+
+      def should_refresh_kubeconfig?
+        return false if @kubeconfig_refreshed
+        !File.exist?(kubeconfig_path) || !can_communicate_with_cluster?
+      end
+
+      def can_communicate_with_cluster?
+        cli = ::KubernetesCLI.new(kubeconfig_path)
+        cli.env['GOOGLE_APPLICATION_CREDENTIALS'] = config.keyfile
+        cli.send(:backticks, [cli.executable, '--kubeconfig', kubeconfig_path, 'get', 'ns'])
+        cli.last_status.success?
+      end
+
+      def kubeconfig_dir
+        @kubeconfig_dir ||= File.join(
+          Dir.tmpdir, 'kuby-gke'
+        )
+      end
+
+      def with_env(new_env)
+        old_env = ENV.to_h
+        ENV.replace(old_env.merge(new_env))
+        yield
+      ensure
+        ENV.replace(old_env)
+      end
+    end
+  end
+end

data/lib/kuby/gke/version.rb

@@ -0,0 +1,5 @@
+module Kuby
+  module GKE
+    VERSION = '0.1.0'.freeze
+  end
+end

data/lib/kuby/gke.rb

@@ -0,0 +1,11 @@
+require 'kuby'
+require 'kuby/gke/provider'
+
+module Kuby
+  module GKE
+    autoload :Config,     'kuby/gke/config'
+    autoload :Kubeconfig, 'kuby/gke/kubeconfig'
+  end
+end
+
+Kuby.register_provider(:gke, Kuby::GKE::Provider)

metadata

@@ -0,0 +1,109 @@
+--- !ruby/object:Gem::Specification
+name: kuby-gke
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Cameron Dutro
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2023-06-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: kube-dsl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.7'
+- !ruby/object:Gem::Dependency
+  name: google-cloud-container
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: gke-auth-plugin-rb
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+- !ruby/object:Gem::Dependency
+  name: kubernetes-cli
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.5'
+description: Google Kubernetes Engine (GKE) provider for Kuby.
+email:
+- camertron@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- CHANGELOG.md
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- kuby-gke.gemspec
+- lib/kuby/gke.rb
+- lib/kuby/gke/config.rb
+- lib/kuby/gke/kubeconfig.rb
+- lib/kuby/gke/provider.rb
+- lib/kuby/gke/version.rb
+homepage: http://github.com/getkuby/kuby-gke
+licenses: []
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.5
+signing_key:
+specification_version: 4
+summary: Google Kubernetes Engine (GKE) provider for Kuby.
+test_files: []