setup flux component

README.md

@@ -9,21 +9,11 @@ Deployments for my self-hosted kubernetes cluster
 #### Install Flux
 
 ```sh
-kubectl apply --server-side --kustomize ./cluster/bootstrap
+kubectl apply --server-side --kustomize ./bootstrap
 ```
 
 ### Apply Cluster Configuration
 
-_These cannot be applied with `kubectl` in the regular fashion due to some files
-being encrypted with sops_
-
-```sh
-sops --decrypt ./cluster/bootstrap/age-key.sops.yaml | kubectl apply -f -
-kubectl apply -f ./cluster/flux/vars/cluster-settings.yaml
-```
-
-### Kick off Flux applying this repository
-
 ```sh
-kubectl apply --server-side --kustomize ./cluster/flux/config
+kubectl apply -f ./deploy/components/flux/flux.gen.yaml
 ```

components/flux/component.cue

@@ -0,0 +1,115 @@
+package holos
+
+// import "encoding/yaml"
+
+holos: Component.BuildPlan
+
+Component: #Kustomize & {
+	Name:      "flux"
+	Namespace: "flux-system"
+	KustomizeConfig: Kustomization: namespace: Namespace
+	Resources: OCIRepository: {
+		flux: {
+			metadata: name:      "flux"
+			metadata: namespace: Namespace
+			spec: {
+				interval: "10m"
+				// renovate: datasource=github-releases depName=fluxcd/flux2
+				ref: tag: "v2.4.0"
+				url: "oci://ghcr.io/fluxcd/flux-manifests"
+			}
+		}
+		default: {
+			metadata: name:      "default"
+			metadata: namespace: Namespace
+			spec: {
+				interval: "10m"
+				ref: tag: "main"
+				url: "oci://ghcr.io/brenix/local-ops"
+			}
+		}
+	}
+
+	// Resources: Kustomization: flux: {
+	// 	metadata: name:      Name
+	// 	metadata: namespace: Namespace
+	// 	spec: {
+	// 		interval: "10m"
+	// 		path:     "./"
+	// 		prune:    false
+	// 		wait:     true
+	// 		sourceRef: {
+	// 			kind: "OCIRepository"
+	// 			name: "flux"
+	// 		}
+	// 		patches: [
+	// 			{
+	// 				target: kind: "Deployment"
+	// 				target: name: "'(kustomize-controller|helm-controller|source-controller)'"
+	// 				patch: yaml.Marshal([
+	// 					{
+	// 						op:    "add"
+	// 						path:  "/spec/template/spec/containers/0/args/-"
+	// 						value: "--concurrent=12"
+	// 					},
+	// 					{
+	// 						op:    "add"
+	// 						path:  "/spec/template/spec/containers/0/args/-"
+	// 						value: "--kube-api-qps=500"
+	// 					},
+	// 					{
+	// 						op:    "add"
+	// 						path:  "/spec/template/spec/containers/0/args/-"
+	// 						value: "--kube-api-burst=1000"
+	// 					},
+	// 					{
+	// 						op:    "add"
+	// 						path:  "/spec/template/spec/containers/0/args/-"
+	// 						value: "--requeue-dependency=5s"
+	// 					},
+	// 				])
+	// 			},
+	// 			{
+	// 				target: kind: "Deployment"
+	// 				target: name: "'(kustomize-controller|helm-controller|source-controller)'"
+	// 				patch: yaml.Marshal([{
+	// 					apiVersion: "apps/v1"
+	// 					kind:       "Deployment"
+	// 					metadata: name: "not-used"
+	// 					spec: template: spec: containers: [{
+	// 						name: "manager"
+	// 						resources: limits: memory: "2Gi"
+	// 					}]
+	// 				}])
+	// 			},
+	// 			{
+	// 				target: kind: "Deployment"
+	// 				target: name: "kustomize-controller"
+	// 				patch: """
+	// 					- op: replace
+	// 					  path: /spec/template/spec/volumes/0
+	// 					  value:
+	// 					    name: temp
+	// 					    emptyDir:
+	// 					      medium: Memory
+	// 					"""
+	// 			},
+	// 		]
+	// 	}
+	// }
+
+	Resources: Kustomization: "cluster-apps": {
+		metadata: name:      "cluster-apps"
+		metadata: namespace: Namespace
+		spec: {
+			interval: "10m"
+			path:     "./gitops"
+			prune:    false
+			wait:     true
+			sourceRef: {
+				kind: "OCIRepository"
+				name: "default"
+			}
+		}
+	}
+}

cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/kustomize-controller/releases/download/v1.4.0/kustomize-controller.crds.yaml
 
 package v1
 

cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta1/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/kustomize-controller/releases/download/v1.4.0/kustomize-controller.crds.yaml
 
 package v1beta1
 

cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta2/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/kustomize-controller/releases/download/v1.4.0/kustomize-controller.crds.yaml
 
 package v1beta2
 

cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1
 

cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1beta1/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1beta1
 

cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1beta2/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1beta2
 

cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1
 

cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1beta1/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1beta1
 

cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1beta2/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1beta2
 

cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1
 

cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1beta1/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1beta1
 

cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1beta2/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1beta2
 

cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1
 

cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1beta1/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1beta1
 

cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1beta2/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1beta2
 

cue.mod/gen/source.toolkit.fluxcd.io/ocirepository/v1beta2/types_gen.cue

@@ -1,6 +1,6 @@
 // Code generated by timoni. DO NOT EDIT.
 
-//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml
+//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml
 
 package v1beta2
 

deploy/components/flux/flux.gen.yaml

@@ -0,0 +1,35 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: cluster-apps
+  namespace: flux-system
+spec:
+  interval: 10m
+  path: ./gitops
+  prune: false
+  sourceRef:
+    kind: OCIRepository
+    name: default
+  wait: true
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+  name: default
+  namespace: flux-system
+spec:
+  interval: 10m
+  ref:
+    tag: main
+  url: oci://ghcr.io/brenix/local-ops
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+  name: flux
+  namespace: flux-system
+spec:
+  interval: 10m
+  ref:
+    tag: v2.4.0
+  url: oci://ghcr.io/fluxcd/flux-manifests

deploy/gitops/flux.kustomization.gen.yaml

@@ -0,0 +1,13 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+    name: flux
+    namespace: flux-system
+spec:
+    interval: 10m
+    path: components/flux
+    prune: true
+    sourceRef:
+        kind: OCIRepository
+        name: default
+    targetNamespace: flux-system

platform/flux.cue

@@ -0,0 +1,8 @@
+package holos
+
+Platform: Components: {
+	flux: {
+		name: "flux"
+		path: "components/flux"
+	}
+}

resources.cue

@@ -15,11 +15,13 @@ import (
 	es "external-secrets.io/externalsecret/v1beta1"
 	ss "external-secrets.io/secretstore/v1beta1"
 	css "external-secrets.io/clustersecretstore/v1beta1"
-
 	ed "externaldns.k8s.io/dnsendpoint/v1alpha1"
 	bgpadv "metallb.io/bgpadvertisement/v1beta1"
 	bgppeer "metallb.io/bgppeer/v1beta2"
 	ipaddresspool "metallb.io/ipaddresspool/v1beta1"
+	ocirepository "source.toolkit.fluxcd.io/ocirepository/v1beta2"
+	ks "kustomize.toolkit.fluxcd.io/kustomization/v1"
+
 )
 
 #Resources: {
@@ -58,4 +60,6 @@ import (
 	BGPAdvertisement?: [_]: bgpadv.#BGPAdvertisement
 	BGPPeer?: [_]:          bgppeer.#BGPPeer
 	IPAddressPool?: [_]:    ipaddresspool.#IPAddressPool
+	OCIRepository?: [_]:    ocirepository.#OCIRepository
+	Kustomization?: [_]:    ks.#Kustomization
 }