metatron 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 5e862a2cda63cf2dba7bf6016c6d03bd2f1e21bae464da3425285c0741b6ddbb
+  data.tar.gz: e77e818e65755a7db7d4c72e096fe849bd3a099f7534c531a89f1f106d6c89a1
+SHA512:
+  metadata.gz: 9d89f4c380b31d8b957ee25ab6859704dfaf113c158fcfe69d794dcd4b2d300be498494befed03cd4fce8c23459ad2fcebb9d31ab826519c86969d2e9a4e16ba
+  data.tar.gz: 3958c107c80854470f790741242caa846c9109a138347f6793a037bcabd16a6e7dfac8bf52f91b957d16b74828a629e30f402ca5e9ffadb616aa904c012f6463

data/.gitignore

@@ -0,0 +1,11 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+# rspec failure tracking
+.rspec_status

data/.roxanne.yml

@@ -0,0 +1,14 @@
+version: 1.0
+stages:
+  build:
+    image: docker:latest
+    scripts:
+    - ./scripts/build.sh
+  test:
+    image: ruby:3.1
+    scripts:
+    - ./scripts/test.sh
+  release:
+    image: ruby:3.1
+    only:
+    - main

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,55 @@
+require:
+- rubocop-rake
+- rubocop-rspec
+
+Layout/LineLength:
+  Max: 100
+
+AllCops:
+  Exclude:
+  - 'db/schema.rb'
+  - 'vendor/**/*'
+  TargetRubyVersion: 3.1
+  NewCops: enable
+
+Metrics/AbcSize:
+  Max: 21
+
+Metrics/BlockLength:
+  Max: 35
+  Exclude:
+  - 'spec/**/*_spec.rb'
+  - 'Rakefile'
+  - '*.gemspec'
+
+Metrics/MethodLength:
+  Max: 25
+
+Metrics/ModuleLength:
+  Max: 160
+  Exclude:
+  - 'spec/**/*_spec.rb'
+
+Metrics/ClassLength:
+  Max: 300
+  Exclude:
+  - 'spec/**/*_spec.rb'
+
+Gemspec/RequireMFA:
+  Enabled: false
+
+Style/MixinUsage:
+  Exclude:
+  - "bin/console"
+
+Style/StringLiterals:
+  Enabled: true
+  EnforcedStyle: double_quotes
+
+Style/StringLiteralsInInterpolation:
+  Enabled: true
+  EnforcedStyle: double_quotes
+
+Style/StringConcatenation:
+  Exclude:
+  - 'Rakefile'

data/.ruby-version

@@ -0,0 +1 @@
+3.1.2

data/Gemfile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in metatron.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,144 @@
+PATH
+  remote: .
+  specs:
+    metatron (0.1.0)
+      json (~> 2.6)
+      puma (~> 5.6)
+      sinatra (~> 2.2)
+      sinatra-contrib (~> 2.2)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    ast (2.4.2)
+    backport (1.2.0)
+    benchmark (0.2.0)
+    byebug (11.1.3)
+    diff-lcs (1.5.0)
+    docile (1.4.0)
+    e2mmap (0.1.0)
+    jaro_winkler (1.5.4)
+    json (2.6.2)
+    kramdown (2.4.0)
+      rexml
+    kramdown-parser-gfm (1.1.0)
+      kramdown (~> 2.0)
+    multi_json (1.15.0)
+    mustermann (1.1.2)
+      ruby2_keywords (~> 0.0.1)
+    nio4r (2.5.8)
+    nokogiri (1.13.8-arm64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.13.8-x86_64-linux)
+      racc (~> 1.4)
+    parallel (1.22.1)
+    parser (3.1.2.1)
+      ast (~> 2.4.1)
+    puma (5.6.5)
+      nio4r (~> 2.0)
+    racc (1.6.0)
+    rack (2.2.4)
+    rack-protection (2.2.1)
+      rack
+    rack-test (2.0.2)
+      rack (>= 1.3)
+    rainbow (3.1.1)
+    rake (12.3.3)
+    regexp_parser (2.5.0)
+    reverse_markdown (2.1.1)
+      nokogiri
+    rexml (3.2.5)
+    rspec (3.11.0)
+      rspec-core (~> 3.11.0)
+      rspec-expectations (~> 3.11.0)
+      rspec-mocks (~> 3.11.0)
+    rspec-core (3.11.0)
+      rspec-support (~> 3.11.0)
+    rspec-expectations (3.11.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.11.0)
+    rspec-mocks (3.11.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.11.0)
+    rspec-support (3.11.0)
+    rubocop (1.36.0)
+      json (~> 2.3)
+      parallel (~> 1.10)
+      parser (>= 3.1.2.1)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml (>= 3.2.5, < 4.0)
+      rubocop-ast (>= 1.20.1, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.21.0)
+      parser (>= 3.1.1.0)
+    rubocop-rake (0.6.0)
+      rubocop (~> 1.0)
+    rubocop-rspec (2.12.1)
+      rubocop (~> 1.31)
+    ruby-progressbar (1.11.0)
+    ruby2_keywords (0.0.5)
+    simplecov (0.21.2)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-cobertura (2.1.0)
+      rexml
+      simplecov (~> 0.19)
+    simplecov-html (0.12.3)
+    simplecov_json_formatter (0.1.4)
+    sinatra (2.2.1)
+      mustermann (~> 1.0)
+      rack (~> 2.2)
+      rack-protection (= 2.2.1)
+      tilt (~> 2.0)
+    sinatra-contrib (2.2.1)
+      multi_json
+      mustermann (~> 1.0)
+      rack-protection (= 2.2.1)
+      sinatra (= 2.2.1)
+      tilt (~> 2.0)
+    solargraph (0.46.0)
+      backport (~> 1.2)
+      benchmark
+      bundler (>= 1.17.2)
+      diff-lcs (~> 1.4)
+      e2mmap
+      jaro_winkler (~> 1.5)
+      kramdown (~> 2.3)
+      kramdown-parser-gfm (~> 1.1)
+      parser (~> 3.0)
+      reverse_markdown (>= 1.0.5, < 3)
+      rubocop (>= 0.52)
+      thor (~> 1.0)
+      tilt (~> 2.0)
+      yard (~> 0.9, >= 0.9.24)
+    thor (1.2.1)
+    tilt (2.0.11)
+    unicode-display_width (2.2.0)
+    webrick (1.7.0)
+    yard (0.9.28)
+      webrick (~> 1.7.0)
+
+PLATFORMS
+  arm64-darwin-21
+  x86_64-linux
+
+DEPENDENCIES
+  bundler (~> 2.3)
+  byebug (~> 11)
+  metatron!
+  rack-test (~> 2.0)
+  rake (~> 12.3)
+  rspec (~> 3.10)
+  rubocop (~> 1.31)
+  rubocop-rake (~> 0.6)
+  rubocop-rspec (~> 2.11)
+  simplecov (~> 0.21)
+  simplecov-cobertura (~> 2.1)
+  solargraph (~> 0.45)
+  yard (~> 0.9)
+
+BUNDLED WITH
+   2.3.18

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2022 Jonathan Gnagy
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,11 @@
+# Metatron
+
+Metatron in a Ruby library for creating [Metacontroller](https://metacontroller.github.io/metacontroller/)-based custom Kubernetes controllers.
+
+The intention is to make it as easy as possible to use Ruby to manage [custom resources](https://kubernetes.io/docs/concepts/api-extension/custom-resources/) within your Kubernetes infrastructure. No Golang required to listen for and respond to resources based on your own [CustomResourceDefinition](https://kubernetes.io/docs/tasks/access-kubernetes-api/extend-api-custom-resource-definitions/) or to modify existing kubernetes resources via a [DecoratorController](https://metacontroller.github.io/metacontroller/api/decoratorcontroller.html).
+
+Your Ruby code doesn't have to have any _real_ knowledge of the Kubernetes environment in which it operates; Metacontroller takes care of all the Kubernetes interactions and Metatron handles providing the JSON interface. Just write a `sync` method can receive and respond with the appropriate Hashes and you're on your way!
+
+## Usage
+
+TODO (still a very early draft)

data/Rakefile

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+ENV["RACK_ENV"] ||= "development"
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+require "rubocop/rake_task"
+require "yard"
+
+RSpec::Core::RakeTask.new(:spec)
+RuboCop::RakeTask.new(:rubocop)
+YARD::Rake::YardocTask.new
+
+desc "allows running a demo controller"
+task :demo do
+  system("rackup --host 0.0.0.0 -P #{File.expand_path(".")}/tmp/daemon.pid")
+end
+
+task default: %i[spec rubocop yard]

data/lib/metatron/controller.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Metatron
+  # Base class for API services
+  class Controller < Sinatra::Base
+    helpers Sinatra::CustomLogger
+
+    configure do
+      set :protection, except: :http_origin
+      set :logging, true
+      set :logger, Metatron::LOGGER
+      set :show_exceptions, false
+    end
+
+    before do
+      # Sets up a useful variable (@json_body) for accessing a parsed request body
+      if request.content_type&.include?("json") && !request.body.read.empty?
+        request.body.rewind
+        @json_body = JSON.parse(request.body.read)
+      end
+    rescue StandardError => e
+      halt(400, { error: "Request must be JSON: #{e.message}}" }.to_json)
+    end
+
+    error do
+      content_type :json
+
+      e = env["sinatra.error"]
+      resp = { result: "error", message: e.message }
+      resp[:trace] = e.full_message if settings.environment.to_s != "production"
+      resp.to_json
+    end
+
+    def request_body
+      @json_body
+    end
+  end
+end

data/lib/metatron/controllers/ping.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module Metatron
+  module Controllers
+    # Healthcheck service
+    class Ping < Sinatra::Application
+      configure do
+        set :logging, true
+        set :logger, Metatron::LOGGER
+      end
+
+      before do
+        content_type "application/json"
+
+        halt 403 unless request.get? || request.options?
+
+        if request.get?
+          headers "X-Frame-Options" => "SAMEORIGIN"
+          headers "X-XSS-Protection" => "1; mode=block"
+        end
+      end
+
+      after do
+        headers "Access-Control-Allow-Methods" => %w[GET] if request.options?
+      end
+
+      get "/" do
+        '{ "status": "up" }'
+      end
+
+      options "/" do
+        halt 200
+      end
+    end
+  end
+end

data/lib/metatron/sync_controller.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Metatron
+  # Used for "normal" sync requests
+  class SyncController < Controller
+    options "/" do
+      headers "Access-Control-Allow-Methods" => ["POST"]
+      halt 200
+    end
+
+    post "/" do
+      halt(sync.to_json)
+    end
+  end
+end

data/lib/metatron/template.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Metatron
+  # Base class for templating Kubernetes resources
+  class Template
+    attr_accessor :api_version, :label_namespace, :name
+    attr_reader :kind
+
+    def initialize(name)
+      @name = name
+      @label_namespace = "metatron.therubyist.org"
+      @api_version = "v1"
+      run_initializers
+    end
+
+    alias apiVersion api_version
+
+    def self.initializer(*args)
+      @initializers ||= []
+      @initializers += args
+    end
+
+    def self.initializers
+      @initializers ||= []
+    end
+
+    private
+
+    def run_initializers
+      self.class.initializers.each { |initializer| send(initializer.to_sym) }
+    end
+  end
+end

data/lib/metatron/templates/concerns/annotated.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Metatron
+  module Templates
+    module Concerns
+      # Makes supporting annotated resources easier
+      module Annotated
+        def self.included(base)
+          # base.extend ClassMethods
+          base.class_eval do
+            attr_accessor :annotations
+
+            initializer :annotated_initialize
+          end
+        end
+
+        def annotated_initialize
+          @annotations = {}
+        end
+
+        def formatted_annotations
+          annotations && !annotations.empty? ? { annotations: } : {}
+        end
+      end
+    end
+  end
+end

data/lib/metatron/templates/concerns/pod_producer.rb

@@ -0,0 +1,85 @@
+# frozen_string_literal: true
+
+module Metatron
+  module Templates
+    module Concerns
+      # A mixin to assist with templating Kubernetes resources that create Pods
+      module PodProducer
+        def self.included(base)
+          # base.extend ClassMethods
+          base.class_eval do
+            attr_accessor :image, :image_pull_policy, :additional_labels, :env, :envfrom,
+                          :resource_limits, :resource_requests, :probes, :ports, :security_context,
+                          :volume_mounts, :volumes, :additional_containers,
+                          :container_security_context, :affinity
+
+            initializer :pod_producer_initialize
+
+            alias_method :imagePullPolicy, :image_pull_policy
+            alias_method :volumeMounts, :volume_mounts
+            alias_method :securityContext, :security_context
+            alias_method :environment, :env
+          end
+        end
+
+        def pod_producer_initialize
+          @image = "gcr.io/google_containers/pause"
+          @image_pull_policy = "IfNotPresent"
+          @resource_limits = { memory: "512Mi", cpu: "500m" }
+          @resource_requests = { memory: "64Mi", cpu: "10m" }
+          @affinity = {}
+          @env = {}
+          @envfrom = []
+          @probes = {}
+          @ports = []
+          @volume_mounts = []
+          @volumes = []
+          @security_context = {}
+          @container_security_context = {}
+          @additional_containers = []
+          @additional_labels = {}
+        end
+
+        def formatted_affinity
+          affinity && !affinity.empty? ? { affinity: } : {}
+        end
+
+        def formatted_environment
+          env && !env.empty? ? { env: env.map { |k, v| { name: k, value: v } } } : {}
+        end
+
+        def formatted_envfrom
+          if envfrom && !envfrom.empty?
+            { envFrom: envfrom.map { |secret| { secretRef: { name: secret } } } }
+          else
+            {}
+          end
+        end
+
+        def formatted_ports
+          ports&.any? ? { ports: } : {}
+        end
+
+        def formatted_security_context
+          security_context && !security_context.empty? ? { securityContext: } : {}
+        end
+
+        def formatted_container_security_context
+          if container_security_context && !container_security_context.empty?
+            { securityContext: container_security_context }
+          else
+            {}
+          end
+        end
+
+        def formatted_volume_mounts
+          volume_mounts&.any? ? { volumeMounts: } : {}
+        end
+
+        def formatted_volumes
+          volumes&.any? ? { volumes: } : {}
+        end
+      end
+    end
+  end
+end

data/lib/metatron/templates/deployment.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+module Metatron
+  module Templates
+    # The Deployment Kubernetes resource
+    class Deployment < Template
+      include Concerns::Annotated
+      include Concerns::PodProducer
+
+      attr_accessor :replicas, :pod_annotations,
+                    :additional_labels, :additional_pod_labels
+
+      def initialize(name, replicas: 2)
+        super(name)
+        @api_version = "apps/v1"
+        @kind = "Deployment"
+        @replicas = replicas
+        @pod_annotations = {}
+        @additional_pod_labels = {}
+      end
+
+      def formatted_pod_annotations
+        pod_annotations && !pod_annotations.empty? ? { annotations: pod_annotations } : {}
+      end
+
+      # rubocop:disable Metrics/MethodLength
+      # rubocop:disable Metrics/AbcSize
+      def render
+        {
+          apiVersion:,
+          kind:,
+          metadata: {
+            name:,
+            labels: { "#{label_namespace}/name": name }.merge(additional_labels)
+          }.merge(formatted_annotations),
+          spec: {
+            replicas:,
+            strategy: { type: "RollingUpdate", rollingUpdate: { maxSurge: 2, maxUnavailable: 0 } },
+            selector: {
+              matchLabels: { "#{label_namespace}/name": name }.merge(additional_pod_labels)
+            },
+            template: {
+              metadata: {
+                labels: { "#{label_namespace}/name": name }.merge(additional_pod_labels)
+              }.merge(formatted_pod_annotations),
+              spec: {
+                containers: [
+                  {
+                    name: "app",
+                    image:,
+                    imagePullPolicy:,
+                    stdin: true,
+                    tty: true,
+                    resources: { limits: resource_limits, requests: resource_requests }
+                  }.merge(probes)
+                    .merge(formatted_environment)
+                    .merge(formatted_envfrom)
+                    .merge(formatted_ports)
+                    .merge(formatted_volume_mounts)
+                    .merge(formatted_container_security_context)
+                ] + additional_containers
+              }.merge(formatted_volumes).merge(formatted_security_context)
+            }
+          }
+        }
+      end
+      # rubocop:enable Metrics/AbcSize
+      # rubocop:enable Metrics/MethodLength
+    end
+  end
+end