kustomizer 0.1.0 → 0.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5b88c7e828be9c93ec00ef81cd1fa0b583f2772c6b621cfab5ce0e422418d49c
-  data.tar.gz: a08c5c25f4c234ea9b698d64e6f327a5e3a17147d1cf17c613471fcf0f32a7cf
+  metadata.gz: 50dca06404547fd4209e5d04a235e286e1b3d120852e28ccc6290fa8fe186cdd
+  data.tar.gz: 6fc755d3355cfc7726f23242d4d1f0234c38ca0e1ee09d11144e3d4b5d1480a3
 SHA512:
-  metadata.gz: 42ecbbe674b0b4f49c434457f99cc43084e4c6d432789d15ac4a3081e345a5dda6b459ca1db1f15057f2279f3b00454dd46e5d350a4c60fe0e391495c26d5952
-  data.tar.gz: dbb5dbbca1c1b1ae4e95584fb9601284b5f8c3f73a2b4ba15f02d4f1bf382634d87e86632ec7319e90761beb6de8ef8cc946909531718df4bfeff3a9793351fd
+  metadata.gz: 8799db97dd06ad3bd6aa1156e1ea9484cfd48268003f499e4a55f8e12a38d552ae0ae612a10e0c000f5c9da674c0886035ce5b452d8e07053e7e7cdb3e1bff6f
+  data.tar.gz: 7e75ded7af9c2b8c4f34e58dcd14e18fc5c2df62a3fdf0e5ec0fe5eaaa67bc7cfdf4f955f700adaeaff15f59024f4d20b6d667eac412659acec71912c52fb99c

data/Gemfile.lock

@@ -1,13 +1,15 @@
 PATH
   remote: .
   specs:
-    kustomizer (0.1.0)
+    kustomizer (0.1.5)
       accessory (~> 0.1.9)
+      base32-multi
 
 GEM
   remote: https://rubygems.org/
   specs:
-    accessory (0.1.9)
+    accessory (0.1.10)
+    base32-multi (0.1.1)
     diff-lcs (1.4.4)
     rake (13.0.3)
     rspec (3.10.0)
@@ -33,4 +35,4 @@ DEPENDENCIES
   rspec (~> 3.0)
 
 BUNDLED WITH
-   2.2.5
+   2.2.7

data/README.md

@@ -9,9 +9,14 @@ the user to have the native Go version of Kustomize installed.
 ## Roadmap
 
 KustomizeR is **not yet feature-complete**, i.e. it does not yet do everything
-that Kustomize does.
+that Kustomize does. KustomizeR probably won't work for arbitrary
+`kustomization.yaml` files.
 
-Status of `kustomization.yaml` support:
+(KustomizeR *is*, however, in production use; it is being used with
+`kustomization.yaml` files matching its current feature set. We wrote Just
+Enough Library to solve our own problems :wink:)
+
+Status of `kustomization.yaml` feature support:
 
 * [x] `bases`
 * [ ] `commonAnnotations`
@@ -31,7 +36,7 @@ Status of `kustomization.yaml` support:
 * [ ] `transformers` (see [Extending Kustomize](https://kubectl.docs.kubernetes.io/guides/extending_kustomize/))
 * [ ] `vars`
 
-Status of support for other features:
+Status of support for other Kustomize features:
 
 * [ ] Resource loading
   * [x] resource-config files on disk
@@ -44,6 +49,15 @@ Status of support for other features:
   * [x] Secrets
   * [ ] ConfigMaps
 
+Status of support for "extra" features not supported by Kustomize:
+
+* [ ] `filters` (a plugin-type for dropping resource-configs from output)
+* [ ] `rewriters` (a plugin-type for entirely replacing output; takes all
+      intermediate resource-config docs as a single input)
+* [ ] Built-in plugins:
+  * [ ] `SealedSecretGenerator`
+  * [ ] `DerivedSecretGenerator`
+
 #### Differences from Kustomize
 
 * KustomizeR is **not yet feature-complete**. (KustomizeR will be bumped to
@@ -55,12 +69,16 @@ Status of support for other features:
 * KustomizeR is modular, and is intended to be loaded and used as a library,
   rather than being spawned as a subprocess. Crucially, the load path for
   plugins is under the caller's control, and so higher-level frameworks can
-  manage project-level KustomizeR plugins.
+  inject plugins into a KustomizeR session to suit their needs.
 
 * Some `kustomization.yaml` features have been temporarily extended in
-  non-compatible ways.
-  * `patchesJson6902` accepts an inline an `ops` array
-  * `patchesJson6902` accepts a `gsub` op
+  non-compatible ways:
+  * `patchesJson6902`
+    * accepts an inline `ops` array
+    * accepts lens accessor names in `path` (e.g. `/spec/rules/:all/host`)
+    * accepts a `paths` array rather than a single `path`
+    * accepts a `gsub` op (works like `replace` but with a regular expression;
+      has `pattern` and `replacement` fields)
 
 (Before v1.0, these extensions will be moved to become built-in plugins, to
 allow for inter-compatibility with Kustomize, which could support them as
@@ -86,12 +104,114 @@ Or install it yourself as:
 
 ```ruby
 require 'kustomize'
+```
+
+### Loading Kustomization documents
+
+You can either load a `kustomization.yaml` file by specifying its path:
+
+```ruby
 k = Kustomize.load("./path/to/kustomization.yaml")
 
-k.emit # Array of Hashes (the final resource-configs)
-k.to_yaml_stream # String (merged YAML multi-document stream)
+# equivalent; discovers the kustomization.yaml within the directory
+k = Kustomize.load("./path/to")
 ```
 
+Or you can load a `Kustomization` document spec directly:
+
+```ruby
+k_doc = {
+  'apiVersion' => 'kustomize.config.k8s.io/v1beta1',
+  'kind' => 'Kustomization',
+  # ...
+}
+
+k = Kustomization.load(k_doc, source_path: "./path/to/kustomization.yaml")
+```
+
+Note the `source_path` keyword parameter. Specifying a `source_path` for an
+in-memory Kustomization document is optional, but will usually be necessary, as
+the Kustomization document will need an effective path for itself, to use as a
+relative navigation prefix for any referenced on-disk resource files/directories.
+
+The `source_path` can be left out if all the resources a Kustomization document
+references are either remote or generated.
+
+### Rendering resource-configuration documents
+
+To get the final resource-configurations directly, as an Array of Hashes, call
+`KustomizationDocument#emit`:
+
+```ruby
+k.emit # => [{'kind' => 'Deployment', ...}, ...]
+```
+
+Or, to get a merged YAML multi-document stream suitable for feeding to
+`kubectl apply -f`, call `KustomizationDocument#to_yaml_stream`:
+
+```ruby
+k.to_yaml_stream # => "---\nkind: Deployment\n..."
+```
+
+### Accessing intermediate resources
+
+KustomizeR represents your Kustomization document as a digraph of `Emitter`
+instances, a combination of `FileEmitter`s, `DirectoryEmitter`s,
+`DocumentEmitter`s, and `PluginEmitter`s. You can think of these as being
+arranged akin to an audio VST digraph, where emitters are "plugged into" other
+downstream emitters, with the outputs (resource configs) of one emitter becoming
+inputs to another.
+
+All `Emitter` types support the following methods:
+
+```ruby
+e.input_emitters  # gets the emitters that feed their output into this emitter
+
+e.input_resources # runs the input emitters, gathering their outputs and
+                  # caching it as this emitter's input
+
+e.emit            # runs this emitter, producing the output that would be fed
+                  # into any downstream emitters
+```
+
+A `KustomizationDocument` constructed by `Kustomize.load` is just a regular
+`Emitter`; you can use it as the starting point to explore or manipulate the
+rest of the `Emitter` graph.
+
+### Sessions
+
+All emitters belong to a `Kustomize::Session`. When you call `Kustomize.load`,
+you pass in (or implicitly create) a new `Kustomize::Session`:
+
+```ruby
+Kustomize.load("./foo", session: Kustomize::Session.new)
+Kustomize.load("./foo") # equivalent to above
+```
+
+#### Plugin Load-Paths
+
+The `Kustomize::Session` manages plugin load-paths. By default, it defines a
+load-path referencing only the built-in plugins embedded within this gem.
+
+You can create your own subclass of `Kustomize::Session` to define a new
+load-path, and pass in an instance of it as the `session` keyword-parameter
+to `Kustomize.load`. This custom Session will be inherited by all `Emitter`s
+created under the loaded `KustomizeDocument` emitter.
+
+You can also add other features to your `Kustomize::Session` subclass. The
+passed-in `Session` is accessible within `Kustomize::Plugin`s as
+`this.session`, so it can be useful to pass e.g. a framework context object as
+a member of your `Kustomize::Session` subclass, for use by framework-specific
+plugins.
+
+#### Plugin Discovery and Loading
+
+The `Kustomize::Session` also holds an instance of `Kustomize::PluginManager`,
+which discovers, loads, and caches plugins.
+
+As such, if you're calling `Kustomize.load` a lot, it is recommended to reuse
+your `Kustomize::Session`, so that plugins need only be discovered+loaded once.
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/kustomizer.gemspec

@@ -25,4 +25,5 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_runtime_dependency "accessory", "~> 0.1.9"
+  spec.add_runtime_dependency "base32-multi"
 end

data/lib/kustomize.rb

@@ -5,18 +5,22 @@ require 'kustomize/session'
 
 require 'kustomize/emitter/file_emitter'
 require 'kustomize/emitter/directory_emitter'
+require 'kustomize/emitter/finalizer_emitter'
 require 'kustomize/emitter/document_emitter/kustomization_document_emitter'
 
 module Kustomize
   def self.load(rel_path_or_rc, session: Kustomize::Session.new, source_path: nil)
-    case rel_path_or_rc
-    when String, Pathname
-      load_path(rel_path_or_rc, session: session)
-    when Hash
-      load_doc(rel_path_or_rc, session: session, source_path: source_path)
-    else
-      raise ArgumentError, "must be a kustomization document or a path to one, instead got: #{rel_path_or_rc.inspect}"
-    end
+    base_emitter =
+      case rel_path_or_rc
+      when String, Pathname
+        load_path(rel_path_or_rc, session: session)
+      when Hash
+        load_doc(rel_path_or_rc, session: session, source_path: source_path)
+      else
+        raise ArgumentError, "must be a kustomization document or a path to one, instead got: #{rel_path_or_rc.inspect}"
+      end
+
+    Kustomize::Emitter::FinalizerEmitter.new(base_emitter)
   end
 
   def self.load_doc(rc, session: Kustomize::Session.new, source_path:)

data/lib/kustomize/builtin_plugins/kustomizer.covalenthq.com/v1/test_generator.rb

@@ -0,0 +1,15 @@
+require 'kustomize/generator_plugin'
+
+module CovalentKustomizer; end
+
+class CovalentKustomizer::TestGenerator < Kustomize::GeneratorPlugin
+  match_on api_version: 'kustomizer.covalenthq.com/v1'
+
+  def initialize(rc)
+    @docs = rc['emit'] || []
+  end
+
+  def emit
+    @docs
+  end
+end

data/lib/kustomize/builtin_plugins/kustomizer.covalenthq.com/v1/test_transformer.rb

@@ -0,0 +1,15 @@
+require 'kustomize/transformer_plugin'
+
+module CovalentKustomizer; end
+
+class CovalentKustomizer::TestTransformer < Kustomize::TransformerPlugin
+  match_on api_version: 'kustomizer.covalenthq.com/v1'
+
+  def initialize(rc)
+    @insertions = rc['insert'] || {}
+  end
+
+  def rewrite(rc)
+    rc.merge(@insertions)
+  end
+end

data/lib/kustomize/emitter.rb

@@ -14,4 +14,8 @@ class Kustomize::Emitter
   def to_yaml_stream
     self.emit.map(&:to_yaml).join("")
   end
+
+  def inspect
+    "#<#{self.class}>"
+  end
 end

data/lib/kustomize/emitter/document_emitter/kustomization_document_emitter.rb

@@ -1,12 +1,15 @@
 require 'kustomize/emitter/document_emitter'
 require 'kustomize/emitter/file_emitter'
 require 'kustomize/emitter/directory_emitter'
-require 'kustomize/emitter/plugin_emitter'
+require 'kustomize/emitter/generator_plugins_emitter'
 
 require 'kustomize/transform/json_6902_patch_transform'
 require 'kustomize/transform/image_transform'
 require 'kustomize/transform/namespace_transform'
-require 'kustomize/transform/name_digest_autosuffix_transform'
+require 'kustomize/transform/fingerprint_suffix_transform'
+require 'kustomize/transform/ref_fixup_transform'
+require 'kustomize/transform/purge_internal_annotations_transform'
+require 'kustomize/transform/transformer_plugins_transform'
 
 class Kustomize::Emitter::DocumentEmitter::KustomizationDocumentEmitter < Kustomize::Emitter::DocumentEmitter
   def source_directory
@@ -20,18 +23,24 @@ class Kustomize::Emitter::DocumentEmitter::KustomizationDocumentEmitter < Kustom
       (@doc['bases'] || []) +
       (@doc['resources'] || [])
 
-    gen_pathspecs =
+    gen_plugin_pathspecs =
       (@doc['generators'] || [])
 
     input_emitters = rc_pathspecs.map do |rel_path|
       build_input_emitter(rel_path)
     end
 
-    input_emitters += gen_pathspecs.map do |rel_path|
-      Kustomize::Emitter::PluginEmitter.new(
-        build_input_emitter(rel_path),
+    gen_plugin_rc_emitters = gen_plugin_pathspecs.map do |rel_path|
+      build_input_emitter(rel_path)
+    end
+
+    unless gen_plugin_rc_emitters.empty?
+      gen_plugins_emitter = Kustomize::Emitter::GeneratorPluginsEmitter.new(
+        gen_plugin_rc_emitters,
         session: @session
       )
+
+      input_emitters.push(gen_plugins_emitter)
     end
 
     @input_emitters = input_emitters
@@ -66,6 +75,24 @@ class Kustomize::Emitter::DocumentEmitter::KustomizationDocumentEmitter < Kustom
     end
   end
 
+  def transformer_plugin_transforms
+    xformer_plugin_rc_emitters =
+      (@doc['transformers'] || []).map do |rel_path|
+        build_input_emitter(rel_path)
+      end
+
+    if xformer_plugin_rc_emitters.length > 0
+      xform = Kustomize::Transform::TransformerPluginsTransform.create(
+        xformer_plugin_rc_emitters,
+        session: @session
+      )
+
+      [xform]
+    else
+      []
+    end
+  end
+
   def namespace_transforms
     if new_ns = @doc['namespace']
       [Kustomize::Transform::NamespaceTransform.create(new_ns)]
@@ -74,24 +101,20 @@ class Kustomize::Emitter::DocumentEmitter::KustomizationDocumentEmitter < Kustom
     end
   end
 
-  def name_digest_autosuffix_transforms
-    [Kustomize::Transform::NameDigestAutosuffixTransform.create(self)]
-  end
-
   def transforms
     return @transforms if @transforms
 
     @transforms = [
       self.namespace_transforms,
       self.image_transforms,
-      self.name_digest_autosuffix_transforms,
-      self.json_6902_patch_transforms
+      self.json_6902_patch_transforms,
+      self.transformer_plugin_transforms
     ].flatten
   end
 
   def emit
-    self.input_resources.map do |rc|
-      self.transforms.inject(rc){ |doc, xform| xform.apply(doc) }
+    self.transforms.inject(self.input_resources) do |rcs, xform|
+      xform.rewrite_all(rcs)
     end
   end
 end

data/lib/kustomize/emitter/finalizer_emitter.rb

@@ -0,0 +1,31 @@
+require 'kustomize/emitter'
+
+require 'kustomize/transform/fingerprint_suffix_transform'
+require 'kustomize/transform/ref_fixup_transform'
+require 'kustomize/transform/purge_internal_annotations_transform'
+
+class Kustomize::Emitter::FinalizerEmitter < Kustomize::Emitter
+  def initialize(input_emitter)
+    @input_emitter = input_emitter
+  end
+
+  def input_emitters
+    [@input_emitter]
+  end
+
+  def transforms
+    return @transforms if @transforms
+
+    @transforms = [
+      Kustomize::Transform::FingerprintSuffixTransform.instance,
+      Kustomize::Transform::RefFixupTransform.instance,
+      Kustomize::Transform::PurgeInternalAnnotationsTransform.instance
+    ].flatten
+  end
+
+  def emit
+    self.transforms.inject(self.input_resources) do |rcs, xform|
+      xform.rewrite_all(rcs)
+    end
+  end
+end

data/lib/kustomize/emitter/generator_plugins_emitter.rb

@@ -0,0 +1,26 @@
+require 'kustomize/emitter'
+
+class Kustomize::Emitter::GeneratorPluginsEmitter < Kustomize::Emitter
+  def initialize(plugin_rc_emitters, session:)
+    @session = session
+    @plugin_rc_emitters = plugin_rc_emitters
+  end
+
+  def plugin_rcs
+    @plugin_rc_emitters.flat_map(&:emit)
+  end
+
+  def plugin_instances
+    return @plugin_instances if @plugin_instances
+
+    @plugin_instances =
+      self.plugin_rcs.map do |rc|
+        plugin_klass = @session.plugin_manager.get(api_version: rc['apiVersion'], kind: rc['kind'])
+        plugin_klass.create(rc, session: @session)
+      end
+  end
+
+  def emit
+    self.plugin_instances.flat_map(&:emit)
+  end
+end

data/lib/kustomize/generator_plugin.rb

@@ -0,0 +1,16 @@
+require 'kustomize/plugin'
+
+class Kustomize::GeneratorPlugin < Kustomize::Plugin
+  def self.inherited(subklass)
+    reg = Kustomize::PluginRegistry.instance
+    reg.probe_queue.push(subklass)
+  end
+
+  def emit
+    []
+  end
+
+  def to_yaml_stream
+    self.emit.map(&:to_yaml).join("")
+  end
+end

data/lib/kustomize/plugin.rb

@@ -1,11 +1,36 @@
-module Kustomize; end
+require 'pathname'
 
 class Kustomize::Plugin
-  def initialize(rc)
-    @rc = rc
+  def self.create(rc, session:)
+    inst = new(rc)
+    inst.session = session
+    inst
   end
 
-  def emit
-    raise NotImplementedError, "Kustomize plugins must implement #emit"
+  class << self
+    private :new
+  end
+
+  attr_accessor :session
+
+  def self.match_on(kind: nil, api_version: nil)
+    if kind
+      @kustomize_plugin_match_kind = kind
+    end
+
+    if api_version
+      @kustomize_plugin_match_api_version = api_version
+    end
+  end
+
+  def self.kustomize_plugin_match_kind
+    return @kustomize_plugin_match_kind if @kustomize_plugin_match_kind
+    self.name.split('::').last
+  end
+
+  def self.kustomize_plugin_match_api_version
+    return @kustomize_plugin_match_api_version if @kustomize_plugin_match_api_version
+    api_dir = Pathname.new(__FILE__).parent
+    api_dir.relative_path_from(api_dir.parent.parent).to_s
   end
 end

data/lib/kustomize/plugin_manager.rb

@@ -1,31 +1,46 @@
-require 'kustomize/plugin'
+require 'singleton'
+
+require 'kustomize/plugin_registry'
 
 class Kustomize::PluginManager
   def initialize(session:)
     @session = session
-    @instances = {}
+    @registry = Kustomize::PluginRegistry.instance
   end
 
-  def get(api_version, kind)
-    cache_key = [api_version, kind]
-    cached_inst = @instances[cache_key]
-    return cached_inst if cached_inst
+  def get(api_version:, kind:)
+    plugin_klass = @registry.get(api_version: api_version, kind: kind)
+    return plugin_klass if plugin_klass
 
-    @instances[cache_key] = self.load(api_version, kind)
+    try_loading(api_version, kind)
   end
 
-  def load(api_version, kind)
-      @session.load_paths
-      .each{ |prefix| puts(prefix / api_version / "#{kind.downcase}.rb") }
+  private
+  def try_loading(api_version, kind)
+    rel_load_path = Pathname.new(api_version) / "#{underscore(kind)}.rb"
 
-    load_path =
-      @session.load_paths
-      .map{ |prefix| prefix / api_version / "#{kind.downcase}.rb" }
+    abs_load_path =
+      @session.effective_load_paths
+      .map{ |prefix| prefix / rel_load_path }
       .find{ |f| f.file? }
 
-    raise ArgumentError, "unknown kustomize plugin #{kind}" unless load_path
+    raise LoadError, "could not find kustomize plugin to load" unless abs_load_path
+
+    Kernel.require(abs_load_path)
+
+    plugin_klass = @registry.get(api_version: api_version, kind: kind)
+
+    raise LoadError, "#{abs_load_path} did not define expected plugin" unless plugin_klass
+
+    plugin_klass
+  end
 
-    Class.new(Kustomize::Plugin)
-    .tap{ |klass| klass.class_eval(load_path.read) }
+  private
+  def underscore(str)
+    str
+    .gsub(/([A-Z]+)([A-Z][a-z])/,'\1_\2')
+    .gsub(/([a-z\d])([A-Z])/,'\1_\2')
+    .tr("-", "_")
+    .downcase
   end
 end

data/lib/kustomize/plugin_registry.rb

@@ -0,0 +1,39 @@
+require 'singleton'
+
+module Kustomize; end
+
+class Kustomize::PluginRegistry
+  include Singleton
+
+  def initialize
+    @klasses = {}
+    @probe_queue = []
+  end
+
+  attr_reader :probe_queue
+
+  def get(api_version:, kind:)
+    drain_probe_queue!
+
+    rc_target_id = make_rc_target_id(api_version, kind)
+    @klasses[rc_target_id]
+  end
+
+  private
+  def drain_probe_queue!
+    return if @probe_queue.empty?
+
+    while plugin_klass = @probe_queue.shift
+      rc_target_id = make_rc_target_id(
+        plugin_klass.kustomize_plugin_match_api_version,
+        plugin_klass.kustomize_plugin_match_kind
+      )
+      @klasses[rc_target_id] = plugin_klass
+    end
+  end
+
+  private
+  def make_rc_target_id(api_version, kind)
+    [api_version, kind].join('/').to_s.intern
+  end
+end

data/lib/kustomize/session.rb

@@ -3,15 +3,18 @@ module Kustomize; end
 require 'kustomize/plugin_manager'
 
 class Kustomize::Session
-  def plugin_manager
-    return @plugin_manager if @plugin_manager
+  def initialize(load_paths: [])
+    @load_paths = load_paths
     @plugin_manager = Kustomize::PluginManager.new(session: self)
   end
 
-  def load_paths
-    return @load_paths if @load_paths
-    @load_paths = [
-      Pathname.new(__FILE__).expand_path.parent / 'plugin'
-    ]
+  attr_reader :plugin_manager
+
+  def builtin_load_paths
+    [Pathname.new(__FILE__).expand_path.parent / 'builtin_plugins']
+  end
+
+  def effective_load_paths
+    @load_paths + self.builtin_load_paths
   end
 end

data/lib/kustomize/target_spec.rb

@@ -37,8 +37,8 @@ class Kustomize::TargetSpec
     end
 
     return false if @match_kind and (rc['kind'] != @match_kind)
-    return false if @match_name and get_name(resource_doc) != @match_name
-    return false if @match_namespace and get_namespace(resource_doc) != @match_namespace
+    return false if @match_name and get_name(rc) != @match_name
+    return false if @match_namespace and get_namespace(rc) != @match_namespace
 
     true
   end

data/lib/kustomize/transform.rb

@@ -9,7 +9,15 @@ class Kustomize::Transform
     private :new
   end
 
-  def apply(rc)
+  def rewrite_all(rcs)
+    rcs.map{ |rc| rewrite(rc) }
+  end
+
+  def rewrite(rc)
     rc
   end
+
+  def inspect
+    "#<#{self.class}>"
+  end
 end

data/lib/kustomize/transform/fingerprint_suffix_transform.rb

@@ -0,0 +1,57 @@
+require 'json'
+require 'digest'
+require 'set'
+require 'singleton'
+
+require 'accessory'
+require 'digest/base32'
+
+require 'kustomize/transform'
+
+class Kustomize::Transform::FingerprintSuffixTransform < Kustomize::Transform
+  include Accessory
+  include Singleton
+
+  SUFFIX_JOINER = "-"
+
+  APPLICABLE_KINDS = Set[
+    'Secret',
+    'SealedSecret',
+    'ConfigMap'
+  ]
+
+  NAME_LENS = Lens["metadata", "name"]
+
+  CONTENT_LENS_BY_KIND = {
+    "Secret" => Lens["data"],
+    "ConfigMap" => Lens["data"],
+    "SealedSecret" => Lens["spec", "encryptedData"]
+  }
+
+  FINGERPRINT_LENS = Lens['metadata', 'annotations', 'kustomizer.covalenthq.com/effective-fingerprint']
+
+  def rewrite(rc)
+    rc_kind = rc['kind']
+    return rc unless APPLICABLE_KINDS.member?(rc_kind)
+
+    FINGERPRINT_LENS.update_in(rc) do |orig_value|
+      next(:keep) if orig_value
+
+      content_part = CONTENT_LENS_BY_KIND[rc_kind].get_in(rc)
+      content_ser = content_part.to_json
+      fingerprint = Digest::SHA256.base32digest(content_ser, :zbase32)[0, 6]
+
+      [:set, fingerprint]
+    end
+
+    base_name = NAME_LENS.get_in(rc)
+    fingerprint = FINGERPRINT_LENS.get_in(rc)
+
+    NAME_LENS.update_in(rc) do |base_name|
+      suffixed_name = [base_name, fingerprint].join(SUFFIX_JOINER)
+      [:set, suffixed_name]
+    end
+
+    rc
+  end
+end

data/lib/kustomize/transform/image_transform.rb

@@ -27,7 +27,7 @@ class Kustomize::Transform::ImageTransform < Kustomize::Transform
     "Deployment" => Lens["spec", "template", "spec", "containers", Access.all, "image"]
   }
 
-  def apply(rc_doc)
+  def rewrite(rc_doc)
     lens = LENS_BY_KIND[rc_doc['kind']]
     return rc_doc unless lens
 

data/lib/kustomize/transform/json_6902_patch_transform.rb

@@ -44,7 +44,7 @@ class Kustomize::Transform::Json6902PatchTransform < Kustomize::Transform
   attr_reader :target
   attr_reader :patches
 
-  def apply(resource_doc)
+  def rewrite(resource_doc)
     if @target.match?(resource_doc)
       @patches.inject(resource_doc){ |doc, patch| patch.apply(doc) }
     else

data/lib/kustomize/transform/namespace_transform.rb

@@ -29,7 +29,7 @@ class Kustomize::Transform::NamespaceTransform < Kustomize::Transform
     ]
   }
 
-  def apply(rc_doc)
+  def rewrite(rc_doc)
     rc_kind = rc_doc['kind']
     use_lenses = []
 

data/lib/kustomize/transform/purge_internal_annotations_transform.rb

@@ -0,0 +1,31 @@
+require 'singleton'
+
+require 'accessory'
+
+require 'kustomize/transform'
+
+class Kustomize::Transform::PurgeInternalAnnotationsTransform < Kustomize::Transform
+  include Accessory
+  include Singleton
+
+  ANNOTS_LENS = Lens['metadata', 'annotations']
+
+  INTERNAL_ANNOT_PATTERN = /^kustomizer\.covalenthq\.com\//
+
+  def rewrite(rc)
+    ANNOTS_LENS.update_in(rc) do |orig_annots|
+      next(:keep) unless orig_annots and orig_annots.length.nonzero?
+
+      new_annots =
+        orig_annots.reject{ |k, v| INTERNAL_ANNOT_PATTERN.match?(k) }
+
+      if new_annots.length == orig_annots.length
+        :keep
+      elsif new_annots.empty?
+        :pop
+      else
+        [:set, new_annots]
+      end
+    end
+  end
+end

data/lib/kustomize/transform/ref_fixup_transform.rb

@@ -0,0 +1,59 @@
+require 'singleton'
+
+require 'accessory'
+
+require 'kustomize/transform'
+
+class Kustomize::Transform::RefFixupTransform < Kustomize::Transform
+  include Accessory
+  include Singleton
+
+  SUFFIX_JOINER = "-"
+
+  NAME_LENS = Lens["metadata", "name"]
+
+  FINGERPRINT_LENS = Lens['metadata', 'annotations', 'kustomizer.covalenthq.com/effective-fingerprint']
+
+  POD_TEMPLATE_LENSES = [
+      Lens["spec", "template", "spec", "containers", Access.all, "envFrom", Access.all, "configMapRef", "name"],
+      Lens["spec", "template", "spec", "containers", Access.all, "env", Access.all, "valueFrom", "configMapKeyRef", "name"],
+      Lens["spec", "template", "spec", "volumes", Access.all, "configMap", "name"],
+
+      Lens["spec", "template", "spec", "containers", Access.all, "env", Access.all, "valueFrom", "secretKeyRef", "name"],
+      Lens["spec", "template", "spec", "volumes", Access.all, "secret", "name"],
+      Lens["spec", "template", "spec", "volumes", Access.all, "secret", "secretName"]
+  ]
+
+  KEY_REF_LENSES_BY_KIND = {
+    "Deployment" => POD_TEMPLATE_LENSES,
+    "StatefulSet" => POD_TEMPLATE_LENSES,
+    "DaemonSet" => POD_TEMPLATE_LENSES
+  }
+
+  def rewrite_all(rcs)
+    ref_fixups =
+      rcs.flat_map do |rc|
+        fingerprint = FINGERPRINT_LENS.get_in(rc)
+        next([]) unless fingerprint
+
+        suffixed_name = NAME_LENS.get_in(rc)
+        base_name = suffixed_name.gsub(/-#{fingerprint}$/, '')
+        [[base_name, suffixed_name]]
+      end.to_h
+
+    rcs.map do |rc|
+      key_ref_lenses = KEY_REF_LENSES_BY_KIND[rc['kind']]
+      next(rc) unless key_ref_lenses
+
+      key_ref_lenses.inject(rc) do |doc, lens|
+        lens.update_in(doc) do |base_name|
+          if suffixed_name = ref_fixups[base_name]
+            [:set, suffixed_name]
+          else
+            :keep
+          end
+        end
+      end
+    end
+  end
+end

data/lib/kustomize/transform/transformer_plugins_transform.rb

@@ -0,0 +1,28 @@
+require 'kustomize/transform'
+
+class Kustomize::Transform::TransformerPluginsTransform < Kustomize::Transform
+  def initialize(plugin_rc_emitters, session:)
+    @session = session
+    @plugin_rc_emitters = plugin_rc_emitters
+  end
+
+  def plugin_rcs
+    @plugin_rc_emitters.flat_map(&:emit)
+  end
+
+  def plugin_instances
+    return @plugin_instances if @plugin_instances
+
+    @plugin_instances =
+      self.plugin_rcs.map do |rc|
+        plugin_klass = @session.plugin_manager.get(api_version: rc['apiVersion'], kind: rc['kind'])
+        plugin_klass.create(rc, session: @session)
+      end
+  end
+
+  def rewrite_all(rcs)
+    self.plugin_instances.inject(rcs) do |docs, plugin_inst|
+      plugin_inst.rewrite_all(rcs)
+    end
+  end
+end

data/lib/kustomize/transformer_plugin.rb

@@ -0,0 +1,16 @@
+require 'kustomize/plugin'
+
+class Kustomize::TransformerPlugin < Kustomize::Plugin
+  def self.inherited(subklass)
+    reg = Kustomize::PluginRegistry.instance
+    reg.probe_queue.push(subklass)
+  end
+
+  def rewrite_all(rcs)
+    rcs.map{ |rc| rewrite(rc) }
+  end
+
+  def rewrite(rc)
+    rc
+  end
+end

data/lib/kustomize/version.rb

@@ -1,3 +1,3 @@
 module Kustomize
-  VERSION = "0.1.0"
+  VERSION = "0.1.5"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kustomizer
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.5
 platform: ruby
 authors:
 - Levi Aul
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-01-16 00:00:00.000000000 Z
+date: 2021-01-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: accessory
@@ -24,6 +24,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.1.9
+- !ruby/object:Gem::Dependency
+  name: base32-multi
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: A pure-ruby implementation of the Kubernetes 'kustomize' command.
 email:
 - levi@leviaul.com
@@ -42,12 +56,16 @@ files:
 - bin/setup
 - kustomizer.gemspec
 - lib/kustomize.rb
+- lib/kustomize/builtin_plugins/kustomizer.covalenthq.com/v1/test_generator.rb
+- lib/kustomize/builtin_plugins/kustomizer.covalenthq.com/v1/test_transformer.rb
 - lib/kustomize/emitter.rb
 - lib/kustomize/emitter/directory_emitter.rb
 - lib/kustomize/emitter/document_emitter.rb
 - lib/kustomize/emitter/document_emitter/kustomization_document_emitter.rb
 - lib/kustomize/emitter/file_emitter.rb
-- lib/kustomize/emitter/plugin_emitter.rb
+- lib/kustomize/emitter/finalizer_emitter.rb
+- lib/kustomize/emitter/generator_plugins_emitter.rb
+- lib/kustomize/generator_plugin.rb
 - lib/kustomize/json_6902_patch.rb
 - lib/kustomize/json_6902_patch/add_op.rb
 - lib/kustomize/json_6902_patch/gsub_op.rb
@@ -56,13 +74,18 @@ files:
 - lib/kustomize/pathname_refinements.rb
 - lib/kustomize/plugin.rb
 - lib/kustomize/plugin_manager.rb
+- lib/kustomize/plugin_registry.rb
 - lib/kustomize/session.rb
 - lib/kustomize/target_spec.rb
 - lib/kustomize/transform.rb
+- lib/kustomize/transform/fingerprint_suffix_transform.rb
 - lib/kustomize/transform/image_transform.rb
 - lib/kustomize/transform/json_6902_patch_transform.rb
-- lib/kustomize/transform/name_digest_autosuffix_transform.rb
 - lib/kustomize/transform/namespace_transform.rb
+- lib/kustomize/transform/purge_internal_annotations_transform.rb
+- lib/kustomize/transform/ref_fixup_transform.rb
+- lib/kustomize/transform/transformer_plugins_transform.rb
+- lib/kustomize/transformer_plugin.rb
 - lib/kustomize/version.rb
 homepage: https://github.com/tsutsu/kustomize
 licenses:

data/lib/kustomize/emitter/plugin_emitter.rb

@@ -1,30 +0,0 @@
-require 'kustomize/emitter'
-
-class Kustomize::Emitter::PluginEmitter < Kustomize::Emitter
-  def initialize(input_emitter, session:)
-    @session = session
-    @input_emitter = input_emitter
-  end
-
-  def source_directory
-    @source_path.parent
-  end
-
-  def input_emitters
-    [@input_emitter]
-  end
-
-  def plugin_instances
-    return @plugin_instances if @plugin_instances
-
-    @plugin_instances =
-      self.input_resources.map do |rc|
-        plugin_klass = @session.plugin_manager.get(rc['apiVersion'], rc['kind'])
-        plugin_klass.new(rc)
-      end
-  end
-
-  def emit
-    self.plugin_instances.flat_map(&:emit)
-  end
-end

data/lib/kustomize/transform/name_digest_autosuffix_transform.rb

@@ -1,83 +0,0 @@
-require 'json'
-require 'digest'
-require 'set'
-
-require 'accessory'
-require 'digest/base32'
-
-require 'kustomize/transform'
-require 'kustomize/emitter/document_emitter/kustomization_document_emitter'
-
-class Kustomize::Transform::NameDigestAutosuffixTransform < Kustomize::Transform
-  include Accessory
-
-  SUFFIX_JOINER = "-"
-
-  def self.create(kustomize_doc)
-    raise ArgumentError unless kustomize_doc.kind_of?(Kustomize::Emitter::DocumentEmitter::KustomizationDocumentEmitter)
-    self.new(kustomize_doc)
-  end
-
-  def initialize(kustomize_doc)
-    @kustomize_doc = kustomize_doc
-  end
-
-  SECRET_KINDS = Set[
-    'Secret',
-    'SealedSecret'
-  ]
-
-  def suffixes
-    return @suffixes if @suffixes
-
-    secret_docs =
-      @kustomize_doc.input_resources
-      .filter{ |rc| SECRET_KINDS.member?(rc['kind']) }
-
-    @suffixes =
-      secret_docs.map do |rc|
-        rc_kind = rc['kind']
-
-        secret_name = NAME_LENSES_BY_KIND[rc_kind].first.get_in(rc)
-        secret_content = CONTENT_LENSES_BY_KIND[rc_kind].get_in(rc)
-        content_hash_suffix = Digest::SHA256.base32digest(secret_content.to_json, :zbase32)[0, 8]
-
-        [secret_name, content_hash_suffix]
-      end.to_h
-  end
-
-  CONTENT_LENSES_BY_KIND = {
-    "Secret" => Lens["data"],
-    "SealedSecret" => Lens["spec", "encryptedData"]
-  }
-
-  NAME_LENSES_BY_KIND = {
-    "Deployment" => [
-      Lens["spec", "template", "spec", "containers", Access.all, "env", Access.all, "valueFrom", "secretKeyRef", "name"]
-    ],
-
-    "Secret" => [
-      Lens["metadata", "name"]
-    ],
-
-    "SealedSecret" => [
-      Lens["spec", "template", "metadata", "name"]
-    ]
-  }
-
-  def apply(rc_doc)
-    name_lenses = NAME_LENSES_BY_KIND[rc_doc['kind']]
-    return rc_doc unless name_lenses
-
-    name_lenses.inject(rc_doc) do |doc, lens|
-      lens.update_in(doc) do |orig_name|
-        if self.suffixes.has_key?(orig_name)
-          new_name = [orig_name, self.suffixes[orig_name]].join('-')
-          [:set, new_name]
-        else
-          :keep
-        end
-      end
-    end
-  end
-end