From 2ebeb7114fae9cedadb66bd2bef3abbf36ec91c3 Mon Sep 17 00:00:00 2001 From: Paul Nicholson Date: Mon, 9 Dec 2024 19:31:02 -0800 Subject: [PATCH] setup flux component --- README.md | 14 +-- components/flux/component.cue | 115 ++++++++++++++++++ .../kustomization/v1/types_gen.cue | 2 +- .../kustomization/v1beta1/types_gen.cue | 2 +- .../kustomization/v1beta2/types_gen.cue | 2 +- .../bucket/v1/types_gen.cue | 2 +- .../bucket/v1beta1/types_gen.cue | 2 +- .../bucket/v1beta2/types_gen.cue | 2 +- .../gitrepository/v1/types_gen.cue | 2 +- .../gitrepository/v1beta1/types_gen.cue | 2 +- .../gitrepository/v1beta2/types_gen.cue | 2 +- .../helmchart/v1/types_gen.cue | 2 +- .../helmchart/v1beta1/types_gen.cue | 2 +- .../helmchart/v1beta2/types_gen.cue | 2 +- .../helmrepository/v1/types_gen.cue | 2 +- .../helmrepository/v1beta1/types_gen.cue | 2 +- .../helmrepository/v1beta2/types_gen.cue | 2 +- .../ocirepository/v1beta2/types_gen.cue | 2 +- deploy/components/flux/flux.gen.yaml | 35 ++++++ deploy/gitops/flux.kustomization.gen.yaml | 13 ++ platform/flux.cue | 8 ++ resources.cue | 6 +- 22 files changed, 194 insertions(+), 29 deletions(-) create mode 100644 components/flux/component.cue create mode 100644 deploy/components/flux/flux.gen.yaml create mode 100644 deploy/gitops/flux.kustomization.gen.yaml create mode 100644 platform/flux.cue diff --git a/README.md b/README.md index 1d8ed709..91d2cb2b 100644 --- a/README.md +++ b/README.md @@ -9,21 +9,11 @@ Deployments for my self-hosted kubernetes cluster #### Install Flux ```sh -kubectl apply --server-side --kustomize ./cluster/bootstrap +kubectl apply --server-side --kustomize ./bootstrap ``` ### Apply Cluster Configuration -_These cannot be applied with `kubectl` in the regular fashion due to some files -being encrypted with sops_ - -```sh -sops --decrypt ./cluster/bootstrap/age-key.sops.yaml | kubectl apply -f - -kubectl apply -f ./cluster/flux/vars/cluster-settings.yaml -``` - -### Kick off Flux applying this repository - ```sh -kubectl apply --server-side --kustomize ./cluster/flux/config +kubectl apply -f ./deploy/components/flux/flux.gen.yaml ``` diff --git a/components/flux/component.cue b/components/flux/component.cue new file mode 100644 index 00000000..9555b779 --- /dev/null +++ b/components/flux/component.cue @@ -0,0 +1,115 @@ +package holos + +// import "encoding/yaml" + +holos: Component.BuildPlan + +Component: #Kustomize & { + Name: "flux" + Namespace: "flux-system" + KustomizeConfig: Kustomization: namespace: Namespace + Resources: OCIRepository: { + flux: { + metadata: name: "flux" + metadata: namespace: Namespace + spec: { + interval: "10m" + // renovate: datasource=github-releases depName=fluxcd/flux2 + ref: tag: "v2.4.0" + url: "oci://ghcr.io/fluxcd/flux-manifests" + } + } + default: { + metadata: name: "default" + metadata: namespace: Namespace + spec: { + interval: "10m" + ref: tag: "main" + url: "oci://ghcr.io/brenix/local-ops" + } + } + } + + // Resources: Kustomization: flux: { + // metadata: name: Name + // metadata: namespace: Namespace + // spec: { + // interval: "10m" + // path: "./" + // prune: false + // wait: true + // sourceRef: { + // kind: "OCIRepository" + // name: "flux" + // } + // patches: [ + // { + // target: kind: "Deployment" + // target: name: "'(kustomize-controller|helm-controller|source-controller)'" + // patch: yaml.Marshal([ + // { + // op: "add" + // path: "/spec/template/spec/containers/0/args/-" + // value: "--concurrent=12" + // }, + // { + // op: "add" + // path: "/spec/template/spec/containers/0/args/-" + // value: "--kube-api-qps=500" + // }, + // { + // op: "add" + // path: "/spec/template/spec/containers/0/args/-" + // value: "--kube-api-burst=1000" + // }, + // { + // op: "add" + // path: "/spec/template/spec/containers/0/args/-" + // value: "--requeue-dependency=5s" + // }, + // ]) + // }, + // { + // target: kind: "Deployment" + // target: name: "'(kustomize-controller|helm-controller|source-controller)'" + // patch: yaml.Marshal([{ + // apiVersion: "apps/v1" + // kind: "Deployment" + // metadata: name: "not-used" + // spec: template: spec: containers: [{ + // name: "manager" + // resources: limits: memory: "2Gi" + // }] + // }]) + // }, + // { + // target: kind: "Deployment" + // target: name: "kustomize-controller" + // patch: """ + // - op: replace + // path: /spec/template/spec/volumes/0 + // value: + // name: temp + // emptyDir: + // medium: Memory + // """ + // }, + // ] + // } + // } + + Resources: Kustomization: "cluster-apps": { + metadata: name: "cluster-apps" + metadata: namespace: Namespace + spec: { + interval: "10m" + path: "./gitops" + prune: false + wait: true + sourceRef: { + kind: "OCIRepository" + name: "default" + } + } + } +} diff --git a/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1/types_gen.cue b/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1/types_gen.cue index c59850e7..d0d92cdc 100644 --- a/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1/types_gen.cue +++ b/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/kustomize-controller/releases/download/v1.4.0/kustomize-controller.crds.yaml package v1 diff --git a/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta1/types_gen.cue b/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta1/types_gen.cue index ae4a078e..4689fe95 100644 --- a/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta1/types_gen.cue +++ b/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta1/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/kustomize-controller/releases/download/v1.4.0/kustomize-controller.crds.yaml package v1beta1 diff --git a/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta2/types_gen.cue b/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta2/types_gen.cue index b61f5a2f..78b0cb3a 100644 --- a/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta2/types_gen.cue +++ b/cue.mod/gen/kustomize.toolkit.fluxcd.io/kustomization/v1beta2/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/kustomize-controller/releases/download/v1.4.0/kustomize-controller.crds.yaml package v1beta2 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1/types_gen.cue index 125007e0..2b14538a 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1beta1/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1beta1/types_gen.cue index df9c341b..155d1545 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1beta1/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1beta1/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1beta1 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1beta2/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1beta2/types_gen.cue index 741c080d..4076849a 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1beta2/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/bucket/v1beta2/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1beta2 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1/types_gen.cue index 03c9ec69..4c9b4784 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1beta1/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1beta1/types_gen.cue index 3c3a6224..03f1b36f 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1beta1/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1beta1/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1beta1 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1beta2/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1beta2/types_gen.cue index 86cdd3af..ac385467 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1beta2/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/gitrepository/v1beta2/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1beta2 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1/types_gen.cue index 60aff6b7..21b431f9 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1beta1/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1beta1/types_gen.cue index 783a82ae..086f8218 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1beta1/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1beta1/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1beta1 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1beta2/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1beta2/types_gen.cue index 25584760..465f79d4 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1beta2/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/helmchart/v1beta2/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1beta2 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1/types_gen.cue index e0d68c8d..425862a9 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1beta1/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1beta1/types_gen.cue index 86baffd8..e559fc0f 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1beta1/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1beta1/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1beta1 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1beta2/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1beta2/types_gen.cue index 71c62c62..f80f03c3 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1beta2/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/helmrepository/v1beta2/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1beta2 diff --git a/cue.mod/gen/source.toolkit.fluxcd.io/ocirepository/v1beta2/types_gen.cue b/cue.mod/gen/source.toolkit.fluxcd.io/ocirepository/v1beta2/types_gen.cue index 0278489f..1ee2db8a 100644 --- a/cue.mod/gen/source.toolkit.fluxcd.io/ocirepository/v1beta2/types_gen.cue +++ b/cue.mod/gen/source.toolkit.fluxcd.io/ocirepository/v1beta2/types_gen.cue @@ -1,6 +1,6 @@ // Code generated by timoni. DO NOT EDIT. -//timoni:generate timoni vendor crd -f /Users/jeff/Holos/bank-of-holos/tmp/flux/crds.yaml +//timoni:generate timoni vendor crd -f https://github.com/fluxcd/source-controller/releases/download/v1.4.1/source-controller.crds.yaml package v1beta2 diff --git a/deploy/components/flux/flux.gen.yaml b/deploy/components/flux/flux.gen.yaml new file mode 100644 index 00000000..d13d25ed --- /dev/null +++ b/deploy/components/flux/flux.gen.yaml @@ -0,0 +1,35 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: cluster-apps + namespace: flux-system +spec: + interval: 10m + path: ./gitops + prune: false + sourceRef: + kind: OCIRepository + name: default + wait: true +--- +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: OCIRepository +metadata: + name: default + namespace: flux-system +spec: + interval: 10m + ref: + tag: main + url: oci://ghcr.io/brenix/local-ops +--- +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: OCIRepository +metadata: + name: flux + namespace: flux-system +spec: + interval: 10m + ref: + tag: v2.4.0 + url: oci://ghcr.io/fluxcd/flux-manifests diff --git a/deploy/gitops/flux.kustomization.gen.yaml b/deploy/gitops/flux.kustomization.gen.yaml new file mode 100644 index 00000000..ab523978 --- /dev/null +++ b/deploy/gitops/flux.kustomization.gen.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: flux + namespace: flux-system +spec: + interval: 10m + path: components/flux + prune: true + sourceRef: + kind: OCIRepository + name: default + targetNamespace: flux-system diff --git a/platform/flux.cue b/platform/flux.cue new file mode 100644 index 00000000..51cfe55e --- /dev/null +++ b/platform/flux.cue @@ -0,0 +1,8 @@ +package holos + +Platform: Components: { + flux: { + name: "flux" + path: "components/flux" + } +} diff --git a/resources.cue b/resources.cue index d98250cb..ef8e4f8a 100644 --- a/resources.cue +++ b/resources.cue @@ -15,11 +15,13 @@ import ( es "external-secrets.io/externalsecret/v1beta1" ss "external-secrets.io/secretstore/v1beta1" css "external-secrets.io/clustersecretstore/v1beta1" - ed "externaldns.k8s.io/dnsendpoint/v1alpha1" bgpadv "metallb.io/bgpadvertisement/v1beta1" bgppeer "metallb.io/bgppeer/v1beta2" ipaddresspool "metallb.io/ipaddresspool/v1beta1" + ocirepository "source.toolkit.fluxcd.io/ocirepository/v1beta2" + ks "kustomize.toolkit.fluxcd.io/kustomization/v1" + ) #Resources: { @@ -58,4 +60,6 @@ import ( BGPAdvertisement?: [_]: bgpadv.#BGPAdvertisement BGPPeer?: [_]: bgppeer.#BGPPeer IPAddressPool?: [_]: ipaddresspool.#IPAddressPool + OCIRepository?: [_]: ocirepository.#OCIRepository + Kustomization?: [_]: ks.#Kustomization }