From 9950b793b5c638649fdf6f49f64ea093cb2638da Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 08:39:41 +0100 Subject: [PATCH 01/16] update docs link in help text --- smol_k8s_lab/utils/rich_cli/help_text.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/smol_k8s_lab/utils/rich_cli/help_text.py b/smol_k8s_lab/utils/rich_cli/help_text.py index 7bcc9c115..5cfba0764 100755 --- a/smol_k8s_lab/utils/rich_cli/help_text.py +++ b/smol_k8s_lab/utils/rich_cli/help_text.py @@ -124,8 +124,8 @@ class OptionHighlighter(RegexHighlighter): options_table.add_row(opt1, opt2, highlighter(help)) - url = ("♥ docs: [link=https://github.com/smal-hack/smol-k8s-lab]" - "github.com/small-hack/smol-k8s-lab[/link]") + url = ("♥ docs: [link=https://smal-hack.github.io/smol-k8s-lab]" + "https://smal-hack.github.io/smol-k8s-lab[/link]") console.print(Panel(options_table, border_style="light_steel_blue", title="ʕ ᵔᴥᵔʔ Options", From e02665e636abe38f79c83a05bd2bb27a059576a1 Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 08:40:16 +0100 Subject: [PATCH 02/16] update docs link in help text - fix typo --- smol_k8s_lab/utils/rich_cli/help_text.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/smol_k8s_lab/utils/rich_cli/help_text.py b/smol_k8s_lab/utils/rich_cli/help_text.py index 5cfba0764..0236fd71b 100755 --- a/smol_k8s_lab/utils/rich_cli/help_text.py +++ b/smol_k8s_lab/utils/rich_cli/help_text.py @@ -124,8 +124,8 @@ class OptionHighlighter(RegexHighlighter): options_table.add_row(opt1, opt2, highlighter(help)) - url = ("♥ docs: [link=https://smal-hack.github.io/smol-k8s-lab]" - "https://smal-hack.github.io/smol-k8s-lab[/link]") + url = ("♥ docs: [link=https://small-hack.github.io/smol-k8s-lab]" + "https://small-hack.github.io/smol-k8s-lab[/link]") console.print(Panel(options_table, border_style="light_steel_blue", title="ʕ ᵔᴥᵔʔ Options", From 4d8e9f02d0f68a385bc4e9b75a220518fbb4bc00 Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 09:09:22 +0100 Subject: [PATCH 03/16] update all the docs to reflect new argo.project.name field, and clean some minor notes --- docs/k8s_apps/argocd.md | 4 +++ docs/k8s_apps/bitwarden_eso_provider.md | 1 + docs/k8s_apps/cert_manager.md | 2 ++ docs/k8s_apps/cnpg_operator.md | 1 + docs/k8s_apps/experimental/cilium.md | 4 +-- docs/k8s_apps/experimental/infisical.md | 3 +- docs/k8s_apps/experimental/kepler.md | 35 ++++++++++++++++++- docs/k8s_apps/experimental/minio.md | 13 +++---- .../experimental/postgres_operator.md | 3 +- docs/k8s_apps/external-secrets-operator.md | 1 + docs/k8s_apps/generic_device_plugin.md | 1 + docs/k8s_apps/home_assistant.md | 2 ++ docs/k8s_apps/k8tz.md | 3 +- docs/k8s_apps/k8up.md | 1 + docs/k8s_apps/keycloak.md | 3 +- docs/k8s_apps/mastodon.md | 1 + docs/k8s_apps/matrix.md | 1 + docs/k8s_apps/metallb.md | 1 + docs/k8s_apps/nextcloud.md | 1 + docs/k8s_apps/seaweedfs.md | 1 + docs/k8s_apps/vouch.md | 1 + docs/k8s_apps/zitadel.md | 1 + 22 files changed, 71 insertions(+), 13 deletions(-) diff --git a/docs/k8s_apps/argocd.md b/docs/k8s_apps/argocd.md index da72bf87e..917ee8ed2 100644 --- a/docs/k8s_apps/argocd.md +++ b/docs/k8s_apps/argocd.md @@ -38,6 +38,8 @@ apps: To disable Appset Secret Plugin, please set directory recursion to false. Learn more: [link=https://github.com/small-hack/appset-secret-plugin]https://github.com/small-hack/appset-secret-plugin[/link] + init: + enabled: true argo: # secrets keys to make available to Argo CD ApplicationSets secret_keys: @@ -58,6 +60,8 @@ apps: directory_recursion: true # source repos for Argo CD argo-cd Project (in addition to argo_cd.argo.repo) project: + # you can change this project name :) + name: argo-cd source_repos: - https://argoproj.github.io/argo-helm - https://small-hack.github.io/appset-secret-plugin diff --git a/docs/k8s_apps/bitwarden_eso_provider.md b/docs/k8s_apps/bitwarden_eso_provider.md index c02f4a663..58396de76 100644 --- a/docs/k8s_apps/bitwarden_eso_provider.md +++ b/docs/k8s_apps/bitwarden_eso_provider.md @@ -59,6 +59,7 @@ apps: secret_keys: {} # source repos for Argo CD App Project (in addition to app.argo.repo) project: + name: external-secrets-operator source_repos: - https://charts.external-secrets.io # you can remove this one if you're not using bitwarden to store your k8s secrets diff --git a/docs/k8s_apps/cert_manager.md b/docs/k8s_apps/cert_manager.md index b7cc2040e..8120e96e9 100644 --- a/docs/k8s_apps/cert_manager.md +++ b/docs/k8s_apps/cert_manager.md @@ -66,6 +66,7 @@ apps: directory_recursion: false # source repos for cert-manager CD App Project (in addition to argo.repo) project: + name: cert-manager source_repos: - https://charts.jetstack.io destination: @@ -130,6 +131,7 @@ apps: directory_recursion: false # source repos for cert-manager CD App Project (in addition to argo.repo) project: + name: cert-manager source_repos: - https://charts.jetstack.io destination: diff --git a/docs/k8s_apps/cnpg_operator.md b/docs/k8s_apps/cnpg_operator.md index 361616ec5..32c858bea 100644 --- a/docs/k8s_apps/cnpg_operator.md +++ b/docs/k8s_apps/cnpg_operator.md @@ -30,6 +30,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: cnpg-operator source_repos: - https://github.com/small-hack/argocd-apps - https://cloudnative-pg.github.io/charts diff --git a/docs/k8s_apps/experimental/cilium.md b/docs/k8s_apps/experimental/cilium.md index 6c23397c9..e9aa061f9 100644 --- a/docs/k8s_apps/experimental/cilium.md +++ b/docs/k8s_apps/experimental/cilium.md @@ -23,17 +23,17 @@ apps: # git repo to install the Argo CD app from repo: "https://github.com/small-hack/argocd-apps" # path in the argo repo to point to. Trailing slash very important! - path: "alpha/cilium/" + path: "demo/cilium/" # either the branch or tag to point at in the argo repo above ref: "main" # namespace to install the k8s app in namespace: "cilium" # source repos for Argo CD cilium Project project: + name: cilium source_repos: - "https://helm.cilium.io/" destination: namespaces: - - argocd - cilium ``` diff --git a/docs/k8s_apps/experimental/infisical.md b/docs/k8s_apps/experimental/infisical.md index f25ac5c2c..3c2109b6a 100644 --- a/docs/k8s_apps/experimental/infisical.md +++ b/docs/k8s_apps/experimental/infisical.md @@ -27,13 +27,14 @@ apps: # git repo to install the Argo CD app from repo: "https://github.com/small-hack/argocd-apps" # path in the argo repo to point to. Trailing slash very important! - path: "infisical/" + path: "demo/infisical/" # either the branch or tag to point at in the argo repo above ref: "main" # namespace to install the k8s app in namespace: "infisical" # source repos for Argo CD App Project (in addition to app.argo.repo) project: + name: infisical source_repos: - "registry-1.docker.io" - "https://dl.cloudsmith.io/public/infisical/helm-charts/helm/charts/" diff --git a/docs/k8s_apps/experimental/kepler.md b/docs/k8s_apps/experimental/kepler.md index e8ed592b6..4fa44ad2e 100644 --- a/docs/k8s_apps/experimental/kepler.md +++ b/docs/k8s_apps/experimental/kepler.md @@ -2,4 +2,37 @@ This app is still in alpha state as we learn more about how best to configure it. In the meantime, to our knowledge you can start playing with it after installing it alongside [cilium](/k8s_apps/cilium.md). -You can also check out our [Kepler Argo CD Application](https://github.com/small-hack/argocd-apps/tree/main/alpha/kepler). +You can also check out our [Kepler Argo CD Application](https://github.com/small-hack/argocd-apps/tree/main/demo/kepler). + +## Example Configuration + +```yaml +apps: + kepler: + description: | + [link=https://github.com/sustainable-computing-io/kepler]Kepler[/link] (Kubernetes Efficient Power Level Exporter) uses eBPF to probe energy-related system stats and exports them as Prometheus metrics. + enabled: false + # Initialization of the app through smol-k8s-lab + init: + enabled: false + argo: + # secret keys to provide for the argocd secret plugin app, none by default + secret_keys: {} + # git repo to install the Argo CD app from + repo: https://github.com/small-hack/argocd-apps + # path in the argo repo to point to. Trailing slash very important! + path: demo/kepler/ + # either the branch or tag to point at in the argo repo above + revision: main + # namespace to install the k8s app in + namespace: kepler + # recurse directories in the provided git repo + directory_recursion: false + # source repos for Argo CD App Project (in addition to argo.repo) + project: + source_repos: + - https://sustainable-computing-io.github.io/kepler-helm-chart + destination: + # automatically includes the app's namespace and argocd's namespace + namespaces: [] +``` diff --git a/docs/k8s_apps/experimental/minio.md b/docs/k8s_apps/experimental/minio.md index e116fd9df..af2d35a43 100644 --- a/docs/k8s_apps/experimental/minio.md +++ b/docs/k8s_apps/experimental/minio.md @@ -1,15 +1,15 @@ [MinIO](https://min.io/) is a high-performance, S3 compatible object store. It is built for large scale AI/ML, data lake and database workloads. It is software-defined and runs on any cloud or on-premises infrastructure. MinIO is dual-licensed under open source GNU AGPL v3 and a commercial enterprise license. We at `smol-k8s-lab` use only the AGPLv3 stuff :) -We currently consider MinIO to be in an alpha state, but to launch it, you just need to provide a `hostname`. +We currently consider MinIO to be in a demo state, but to launch it, you'll need to decide between the operator/tenant helm charts, or the vanilla helm chart. -Check out our [MinIO Argo CD Application](https://github.com/small-hack/argocd-apps/tree/main/alpha/minio). +Check out our [MinIO Argo CD Applications](https://github.com/small-hack/argocd-apps/tree/main/minio). -## Example config +## Example config for vanilla helm chart ```yaml apps: minio: - enabled: false + enabled: true description: | MinIO®️ is a high-performance, S3 compatible object store. @@ -19,17 +19,18 @@ apps: argo: # secrets keys to make available to ArgoCD ApplicationSets secret_keys: - hostname: "objectstore.dogpics.biz" + admin_console_hostname: "objectstore.dogpics.biz" # git repo to install the Argo CD app from repo: "https://github.com/small-hack/argocd-apps" # path in the argo repo to point to. Trailing slash very important! - path: "alpha/minio/" + path: "minio/vanilla/" # either the branch or tag to point at in the argo repo above ref: "main" # namespace to install the k8s app in namespace: "minio" # source repos for Argo CD App Project (in addition to argo.repo) project: + name: minio source_repos: - https://github.com/small-hack/argocd-apps destination: diff --git a/docs/k8s_apps/experimental/postgres_operator.md b/docs/k8s_apps/experimental/postgres_operator.md index 6913bd080..f07641b04 100644 --- a/docs/k8s_apps/experimental/postgres_operator.md +++ b/docs/k8s_apps/experimental/postgres_operator.md @@ -1,6 +1,6 @@ We are experimenting with the Zalando PostgeSQL Operator to create postgresql clusters and manage backups to S3. Our main interest here is that they support major version backups. Our main concern is the mutual TLS support. -In the PostgeSQL Operator Backups for S3 are done to local s3 endpoints consistently and to a configurable remote endpoint. +In the PostgeSQL Operator, backups for S3 are done to local s3 endpoints consistently and to a configurable remote endpoint. You can see more in our [Zalando Postgres Operator Argo CD Application](https://github.com/small-hack/argocd-apps/tree/main/postgres/operators/zalando). ## Example yaml config @@ -47,6 +47,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: postgres-operator source_repos: - https://opensource.zalando.com/postgres-operator/charts/postgres-operator - https://opensource.zalando.com/postgres-operator/charts/postgres-operator-ui diff --git a/docs/k8s_apps/external-secrets-operator.md b/docs/k8s_apps/external-secrets-operator.md index 65c100000..3c650661a 100644 --- a/docs/k8s_apps/external-secrets-operator.md +++ b/docs/k8s_apps/external-secrets-operator.md @@ -52,6 +52,7 @@ apps: secret_keys: {} # source repos for Argo CD App Project (in addition to app.argo.repo) project: + name: external-secrets-operator source_repos: - https://charts.external-secrets.io # you can remove this one if you're not using bitwarden to store your k8s secrets diff --git a/docs/k8s_apps/generic_device_plugin.md b/docs/k8s_apps/generic_device_plugin.md index ffd8ebddb..4ce1e64fe 100644 --- a/docs/k8s_apps/generic_device_plugin.md +++ b/docs/k8s_apps/generic_device_plugin.md @@ -16,6 +16,7 @@ apps: namespace: kube-system directory_recursion: false project: + name: generic-device-plugin source_repos: - https://github.com/squat/generic-device-plugin destination: diff --git a/docs/k8s_apps/home_assistant.md b/docs/k8s_apps/home_assistant.md index d3dbbadc4..a4b8a1e19 100644 --- a/docs/k8s_apps/home_assistant.md +++ b/docs/k8s_apps/home_assistant.md @@ -44,6 +44,7 @@ apps: namespace: home-assistant directory_recursion: false project: + name: home-assistant source_repos: - https://small-hack.github.io/home-assistant-chart destination: @@ -70,6 +71,7 @@ apps: namespace: home-assistant directory_recursion: false project: + name: source_repos: - http://small-hack.github.io/home-assistant-chart destination: diff --git a/docs/k8s_apps/k8tz.md b/docs/k8s_apps/k8tz.md index 00a6d0cc5..8f4b2c7c0 100644 --- a/docs/k8s_apps/k8tz.md +++ b/docs/k8s_apps/k8tz.md @@ -30,13 +30,14 @@ apps: # git repo to install the Argo CD app from repo: "https://github.com/small-hack/argocd-apps" # path in the argo repo to point to. Trailing slash very important! - path: "alpha/k8tz/" + path: "k8tz/" # either the branch or tag to point at in the argo repo above ref: "main" # namespace to install the k8s app in namespace: "k8tz" # source repos for Argo CD App Project (in addition to app.argo.repo) project: + name: k8tz source_repos: - "https://k8tz.github.io/k8tz/" destination: diff --git a/docs/k8s_apps/k8up.md b/docs/k8s_apps/k8up.md index ac4b874a8..95ac4a9ce 100644 --- a/docs/k8s_apps/k8up.md +++ b/docs/k8s_apps/k8up.md @@ -45,6 +45,7 @@ apps: namespace: "k8up" # source repos for Argo CD App Project (in addition to app.argo.repo) project: + name: k8up source_repos: - "https://k8up-io.github.io/k8up" - "https://github.com/k8up-io/k8up.git" diff --git a/docs/k8s_apps/keycloak.md b/docs/k8s_apps/keycloak.md index 20eff5009..a900d23d5 100644 --- a/docs/k8s_apps/keycloak.md +++ b/docs/k8s_apps/keycloak.md @@ -23,13 +23,14 @@ apps: # git repo to install the Argo CD app from repo: "https://github.com/small-hack/argocd-apps" # path in the argo repo to point to. Trailing slash very important! - path: "alpha/keycloak/" + path: "demo/keycloak/" # either the branch or tag to point at in the argo repo above ref: "main" # namespace to install the k8s app in namespace: "keycloak" # source repos for Argo CD App Project (in addition to argo.repo) project: + name: keycloak source_repos: - "registry-1.docker.io" destination: diff --git a/docs/k8s_apps/mastodon.md b/docs/k8s_apps/mastodon.md index 648da4289..aae1eaf03 100644 --- a/docs/k8s_apps/mastodon.md +++ b/docs/k8s_apps/mastodon.md @@ -111,6 +111,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: mastodon # depending on if you use seaweedfs or minio, you can remove the other source repo source_repos: - registry-1.docker.io diff --git a/docs/k8s_apps/matrix.md b/docs/k8s_apps/matrix.md index 7efa50ba2..397249dd3 100644 --- a/docs/k8s_apps/matrix.md +++ b/docs/k8s_apps/matrix.md @@ -86,6 +86,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: matrix source_repos: - https://small-hack.github.io/cloudnative-pg-cluster-chart - https://small-hack.github.io/matrix-chart diff --git a/docs/k8s_apps/metallb.md b/docs/k8s_apps/metallb.md index 37474e725..e3c8801d3 100644 --- a/docs/k8s_apps/metallb.md +++ b/docs/k8s_apps/metallb.md @@ -41,6 +41,7 @@ apps: namespace: metallb-system # source repos for Argo CD metallb Project (in addition to metallb.argo.repo) project: + name: metallb source_repos: - https://github.com/metallb/metallb.git destination: diff --git a/docs/k8s_apps/nextcloud.md b/docs/k8s_apps/nextcloud.md index 177b016bb..54bf97911 100644 --- a/docs/k8s_apps/nextcloud.md +++ b/docs/k8s_apps/nextcloud.md @@ -106,6 +106,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: nextcloud source_repos: - registry-1.docker.io - https://nextcloud.github.io/helm diff --git a/docs/k8s_apps/seaweedfs.md b/docs/k8s_apps/seaweedfs.md index a3384b6b6..20345249c 100644 --- a/docs/k8s_apps/seaweedfs.md +++ b/docs/k8s_apps/seaweedfs.md @@ -53,6 +53,7 @@ apps: directory_recursion: true # source repos for Argo CD App Project (in addition to argo.repo) project: + name: seaweedfs source_repos: - https://seaweedfs.github.io/seaweedfs/helm - https://seaweedfs.github.io/seaweedfs-csi-driver/helm diff --git a/docs/k8s_apps/vouch.md b/docs/k8s_apps/vouch.md index 4f9ebbfec..cb5fb989c 100644 --- a/docs/k8s_apps/vouch.md +++ b/docs/k8s_apps/vouch.md @@ -60,6 +60,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: vouch source_repos: - https://jessebot.github.io/vouch-helm-chart destination: diff --git a/docs/k8s_apps/zitadel.md b/docs/k8s_apps/zitadel.md index a6cc9c14b..e2e45f8cf 100644 --- a/docs/k8s_apps/zitadel.md +++ b/docs/k8s_apps/zitadel.md @@ -100,6 +100,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: zitadel source_repos: - https://charts.zitadel.com - https://zitadel.github.io/zitadel-charts From 6b59c47747ba0a0562f1bad78659d763b4fcf1fd Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 09:09:49 +0100 Subject: [PATCH 04/16] update the default config to use project names --- smol_k8s_lab/config/default_config.yaml | 27 +++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/smol_k8s_lab/config/default_config.yaml b/smol_k8s_lab/config/default_config.yaml index 2a7679820..aca2f4a33 100644 --- a/smol_k8s_lab/config/default_config.yaml +++ b/smol_k8s_lab/config/default_config.yaml @@ -184,6 +184,7 @@ apps: directory_recursion: true # source repos for Argo CD argo-cd Project (in addition to argo_cd.argo.repo) project: + name: argo-cd source_repos: - https://argoproj.github.io/argo-helm - https://small-hack.github.io/appset-secret-plugin @@ -240,6 +241,7 @@ apps: directory_recursion: false # source repos for cert-manager CD App Project (in addition to argo.repo) project: + name: cert-manager source_repos: - https://charts.jetstack.io destination: @@ -271,6 +273,7 @@ apps: directory_recursion: false # source repos for Argo CD cilium Project project: + name: cilium source_repos: - "https://helm.cilium.io/" destination: @@ -298,6 +301,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: cnpg-operator source_repos: - https://github.com/small-hack/argocd-apps - https://cloudnative-pg.github.io/charts @@ -339,6 +343,7 @@ apps: secret_keys: {} # source repos for Argo CD App Project (in addition to app.argo.repo) project: + name: external-secrets-operator source_repos: - https://charts.external-secrets.io # you can remove this one if you're not using bitwarden to store your k8s secrets @@ -359,6 +364,7 @@ apps: namespace: kube-system directory_recursion: false project: + name: generic-device-plugin source_repos: - https://github.com/squat/generic-device-plugin destination: @@ -397,6 +403,7 @@ apps: namespace: home-assistant directory_recursion: false project: + name: home-assistant source_repos: - https://small-hack.github.io/home-assistant-chart destination: @@ -429,6 +436,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to app.argo.repo) project: + name: infisical source_repos: - "registry-1.docker.io" - "https://dl.cloudsmith.io/public/infisical/helm-charts/helm/charts/" @@ -459,6 +467,7 @@ apps: secret_keys: {} # source repos for Argo CD App Project (in addition to argo.repo) project: + name: ingress-nginx source_repos: - https://charts.jetstack.io - "https://kubernetes.github.io/ingress-nginx" @@ -490,6 +499,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to app.argo.repo) project: + name: k8tz source_repos: - "https://k8tz.github.io/k8tz/" destination: @@ -518,6 +528,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to app.argo.repo) project: + name: k8up source_repos: - "https://k8up-io.github.io/k8up" - "https://github.com/k8up-io/k8up.git" @@ -547,6 +558,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: kepler source_repos: - "https://sustainable-computing-io.github.io/kepler-helm-chart" destination: @@ -575,6 +587,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: kubevirt source_repos: - https://cloudymax.github.io/kubevirt-community-stack/ destination: @@ -608,6 +621,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: kyverno source_repos: [] destination: # automatically includes the app's namespace and argocd's namespace @@ -675,6 +689,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: mastodon # depending on if you use seaweedfs or minio, you can remove the other source repo source_repos: - registry-1.docker.io @@ -751,6 +766,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: matrix source_repos: - https://small-hack.github.io/cloudnative-pg-cluster-chart - https://small-hack.github.io/matrix-chart @@ -791,6 +807,7 @@ apps: directory_recursion: false # source repos for Argo CD metallb Project (in addition to metallb.argo.repo) project: + name: metallb source_repos: - "https://github.com/metallb/metallb.git" destination: @@ -821,6 +838,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: minio source_repos: - https://operator.min.io/ destination: @@ -860,6 +878,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: minio source_repos: - https://operator.min.io/ destination: @@ -922,6 +941,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: nextcloud source_repos: - registry-1.docker.io - https://nextcloud.github.io/helm @@ -973,6 +993,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: postgres-operator source_repos: - https://opensource.zalando.com/postgres-operator/charts/postgres-operator - https://opensource.zalando.com/postgres-operator/charts/postgres-operator-ui @@ -1014,6 +1035,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: prometheus source_repos: - "registry-1.docker.io" - "https://github.com/prometheus-community/helm-charts.git" @@ -1054,6 +1076,7 @@ apps: directory_recursion: true # source repos for Argo CD App Project (in addition to argo.repo) project: + name: seaweedfs source_repos: - https://seaweedfs.github.io/seaweedfs/helm - https://seaweedfs.github.io/seaweedfs-csi-driver/helm @@ -1085,6 +1108,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: seaweedfs source_repos: - https://seaweedfs.github.io/seaweedfs-csi-driver/helm destination: @@ -1116,6 +1140,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: vault source_repos: - https://helm.releases.hashicorp.com destination: @@ -1156,6 +1181,7 @@ apps: directory_recursion: false # source repos for Argo CD App Project (in addition to argo.repo) project: + name: vouch source_repos: - https://jessebot.github.io/vouch-helm-chart destination: @@ -1237,6 +1263,7 @@ apps: directory_recursion: true # source repos for Argo CD App Project (in addition to argo.repo) project: + name: zitadel source_repos: - https://charts.zitadel.com - https://zitadel.github.io/zitadel-charts From 1eef2f3a488e81b7a7bf6dcd70010689d9471b9c Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 09:10:35 +0100 Subject: [PATCH 05/16] bump version and update argocd_util to check for project name and default to name of app if not available --- pyproject.toml | 2 +- smol_k8s_lab/k8s_tools/argocd_util.py | 10 +++++++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 6c97508ee..30f6a5a81 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "smol_k8s_lab" -version = "3.2.2" +version = "3.3.0" description = "CLI and TUI to quickly install slimmer Kubernetes distros and then manage apps declaratively using Argo CD" authors = ["Jesse Hitch ", "Max Roby "] diff --git a/smol_k8s_lab/k8s_tools/argocd_util.py b/smol_k8s_lab/k8s_tools/argocd_util.py index ac78fa7c7..75ecdb28a 100644 --- a/smol_k8s_lab/k8s_tools/argocd_util.py +++ b/smol_k8s_lab/k8s_tools/argocd_util.py @@ -46,7 +46,11 @@ def install_with_argocd(k8s_obj: K8s, app: str, argo_dict: dict) -> None: extra_source_repos = argo_dict["project"].get('source_repos', []) if extra_source_repos: source_repos.extend(extra_source_repos) - create_argocd_project(k8s_obj, app, app, set(proj_namespaces), source_repos) + create_argocd_project(k8s_obj, + argo_dict['project'].get('name', app), + app, + set(proj_namespaces), + set(source_repos)) cmd = (f"argocd app create {app} --upsert " f"--repo {repo} " @@ -89,8 +93,8 @@ def wait_for_argocd_app(app: str, retry: bool = False) -> None: def create_argocd_project(k8s_obj: K8s, project_name: str, app: str, - namespaces: str, - source_repos: list) -> True: + namespaces: set, + source_repos: set) -> True: """ create an argocd project """ From 3927990841cc822934d599d4f814ceb75b5a2a90 Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 09:11:50 +0100 Subject: [PATCH 06/16] fix spacing --- smol_k8s_lab/k8s_tools/argocd_util.py | 1 + 1 file changed, 1 insertion(+) diff --git a/smol_k8s_lab/k8s_tools/argocd_util.py b/smol_k8s_lab/k8s_tools/argocd_util.py index 75ecdb28a..6d4f3fdac 100644 --- a/smol_k8s_lab/k8s_tools/argocd_util.py +++ b/smol_k8s_lab/k8s_tools/argocd_util.py @@ -46,6 +46,7 @@ def install_with_argocd(k8s_obj: K8s, app: str, argo_dict: dict) -> None: extra_source_repos = argo_dict["project"].get('source_repos', []) if extra_source_repos: source_repos.extend(extra_source_repos) + create_argocd_project(k8s_obj, argo_dict['project'].get('name', app), app, From a2f8cb3a7bb1d81382591b8d65f255cc7353b9a7 Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 09:15:59 +0100 Subject: [PATCH 07/16] add github URL to the docs --- mkdocs.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/mkdocs.yaml b/mkdocs.yaml index 64261157e..756ff9130 100644 --- a/mkdocs.yaml +++ b/mkdocs.yaml @@ -1,5 +1,6 @@ -site_name: smol-k8s-lab -site_url: https://smol-k8s.com +site_name: smol-k8s-lab docs +site_url: https://small-hack.github.io/smol-k8s-lab +repo_url: https://github.com/small-hack/smol-k8s-lab plugins: - mkdocs-video theme: From dddf0816d63e4a493bb4dd080e284643a44f6780 Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 09:19:00 +0100 Subject: [PATCH 08/16] fix some notes in docs --- docs/index.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/index.md b/docs/index.md index bd12e231a..d51641832 100644 --- a/docs/index.md +++ b/docs/index.md @@ -1,13 +1,13 @@

-🧸 Smol K8s Lab

+🧸 Smol K8s Lab -`smol-k8s-lab` leverages Argo CD and slim k8s distributions like K3s to create production-like environments via a declarative workflow. Batteries and 🦑 included. +`smol-k8s-lab` leverages Argo CD and slim k8s distributions like K3s to create production-like environments via a declarative workflow. Batteries and 🦑 included. ## About -`smol-k8s-lab`'s declarative workflow enables rapid iteration in production-like environments with minimal costs for failure. This makes it ideal for proof-of-concepts, prototyping, and benchmarking Kubernetes applications and distributions! 💙 +`smol-k8s-lab`'s declarative workflow, CLI, and TUI enable rapid iteration in production-like environments with minimal costs for failure. This makes it ideal for proof-of-concepts, prototyping, and benchmarking Kubernetes applications and distributions! 💙 -By default, `smol-k8s-lab` deploys [Argo CD] + [Argo CD Appset Secret Plugin] which enables Argo CD to securely manage your lab via files in open-source Git repos. Additionally, a customized dark-theme is provided for Argo CD's incredibly useful web-interface. +By default, `smol-k8s-lab` deploys [Argo CD] + [Argo CD Appset Secret Plugin] which enables Argo CD to securely manage your lab via files in open-source Git repos. We can optionally make heavy use of Bitwarden. Additionally, a customized dark-theme is provided for Argo CD's incredibly useful web-interface. Consider viewing my very long walk through if you like video walk-throughs: From f1ed45512ee672eb431fd86ae502dc04bcb01c2e Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 09:31:02 +0100 Subject: [PATCH 09/16] allow the option to not do a sync of bitwarden everytime we get an item --- smol_k8s_lab/bitwarden/bw_cli.py | 7 +- .../k8s_apps/identity_provider/vouch.py | 2 +- .../k8s_apps/identity_provider/zitadel.py | 10 +- smol_k8s_lab/k8s_apps/initial_special.py | 221 ++++++++++++++++++ .../k8s_apps/operators/postgres_operators.py | 4 +- smol_k8s_lab/k8s_apps/social/mastodon.py | 16 +- smol_k8s_lab/k8s_apps/social/matrix.py | 14 +- smol_k8s_lab/k8s_apps/social/nextcloud.py | 16 +- 8 files changed, 256 insertions(+), 34 deletions(-) create mode 100644 smol_k8s_lab/k8s_apps/initial_special.py diff --git a/smol_k8s_lab/bitwarden/bw_cli.py b/smol_k8s_lab/bitwarden/bw_cli.py index 32de885b9..23a6f93ad 100755 --- a/smol_k8s_lab/bitwarden/bw_cli.py +++ b/smol_k8s_lab/bitwarden/bw_cli.py @@ -158,15 +158,16 @@ def generate(self, special_characters: bool = False) -> str: log.debug('New password generated.') return password - def get_item(self, item_name: str) -> list: + def get_item(self, item_name: str, sync_first: bool = True) -> list: """ Get Item and return False if it does not exist else return the item ID Required Args: - item_name: str of name of item """ - # always sync the vault before checking anything - self.sync() + # always sync vault before checking anything, unless otherwise stated + if sync_first: + self.sync() # go get the actual item response = json.loads( diff --git a/smol_k8s_lab/k8s_apps/identity_provider/vouch.py b/smol_k8s_lab/k8s_apps/identity_provider/vouch.py index 815d20b06..41facc79f 100644 --- a/smol_k8s_lab/k8s_apps/identity_provider/vouch.py +++ b/smol_k8s_lab/k8s_apps/identity_provider/vouch.py @@ -164,7 +164,7 @@ def configure_vouch(k8s_obj: K8s, )[0]['id'] vouch_id = bitwarden.get_item( - f"vouch-config-{vouch_hostname}" + f"vouch-config-{vouch_hostname}", False )[0]['id'] # update the vouch values for the argocd appset diff --git a/smol_k8s_lab/k8s_apps/identity_provider/zitadel.py b/smol_k8s_lab/k8s_apps/identity_provider/zitadel.py index 157ea5a0f..a4de484f3 100644 --- a/smol_k8s_lab/k8s_apps/identity_provider/zitadel.py +++ b/smol_k8s_lab/k8s_apps/identity_provider/zitadel.py @@ -198,23 +198,23 @@ def configure_zitadel(k8s_obj: K8s, )[0]['id'] s3_backup_id = bitwarden.get_item( - f"zitadel-backups-s3-credentials-{zitadel_hostname}" + f"zitadel-backups-s3-credentials-{zitadel_hostname}", False )[0]['id'] s3_admin_id = bitwarden.get_item( - f"zitadel-admin-s3-credentials-{zitadel_hostname}" + f"zitadel-admin-s3-credentials-{zitadel_hostname}", False )[0]['id'] s3_id = bitwarden.get_item( - f"zitadel-postgres-s3-credentials-{zitadel_hostname}" + f"zitadel-postgres-s3-credentials-{zitadel_hostname}", False )[0]['id'] core_id = bitwarden.get_item( - f"zitadel-core-key-{zitadel_hostname}" + f"zitadel-core-key-{zitadel_hostname}", False )[0]['id'] argo_oidc_item = bitwarden.get_item( - f"argocd-oidc-credentials-{argocd_hostname}" + f"argocd-oidc-credentials-{argocd_hostname}", False )[0] argo_client_id = argo_oidc_item['login']['username'] diff --git a/smol_k8s_lab/k8s_apps/initial_special.py b/smol_k8s_lab/k8s_apps/initial_special.py new file mode 100644 index 000000000..219ad2dcc --- /dev/null +++ b/smol_k8s_lab/k8s_apps/initial_special.py @@ -0,0 +1,221 @@ +#!/usr/bin/env python3.11 +""" + Name: base_install +DESCRIPTION: installs helm repos, updates them, and installs charts for metallb, + cert-manager, and ingress-nginx + AUTHOR: @jessebot + LICENSE: GNU AFFERO GENERAL PUBLIC LICENSE Version 3 +""" +import logging as log +from rich.prompt import Prompt +from ..bitwarden.bw_cli import BwCLI +from ..k8s_tools.helm import prepare_helm +from ..k8s_tools.k8s_lib import K8s +from ..utils.rich_cli.console_logging import header +from .argocd import configure_argocd +from .ingress.ingress_nginx_controller import (configure_ingress_nginx, + install_ingress_nginx_argocd_app) +from .ingress.cert_manager import configure_cert_manager +# from .identity_provider.keycloak import configure_keycloak +from .identity_provider.zitadel import configure_zitadel +from .identity_provider.zitadel_api import Zitadel +from .identity_provider.vouch import configure_vouch +from .networking.metallb import configure_metallb +from .networking.cilium import configure_cilium +from .secrets_management.external_secrets_operator import configure_external_secrets +from .secrets_management.infisical import configure_infisical +from .secrets_management.vault import configure_vault +from .social.matrix import configure_matrix +from .social.mastodon import configure_mastodon +from .social.nextcloud import configure_nextcloud + + +def setup_k8s_secrets_management(k8s_obj: K8s, + k8s_distro: str, + eso_dict: dict = {}, + eso_provider: str = "", + infisical_dict: dict = {}, + vault_dict: dict = {}, + bitwarden: BwCLI = None) -> None: + """ + sets up k8s secrets management tooling + """ + # secrets management section + header_msg = "Setting up K8s secret management with [green]" + + # setup external secrets operator and bitwarden external secrets + if eso_dict['enabled']: + header_msg += f'External Secrets Operator[/] and [blue]{eso_provider}[/] as the Provider' + header(header_msg, '🤫') + configure_external_secrets(k8s_obj, + eso_dict, + eso_provider, + k8s_distro, + bitwarden) + + # setup infisical - an secrets manager and operator for k8s that replaces eso + elif infisical_dict['enabled']: + header_msg += 'Infisical Secrets Operator[/]' + header(header_msg, '🤫') + configure_infisical(k8s_obj, infisical_dict) + + # setup hashicorp's vault, a secret key management system that works with eso + if vault_dict['enabled']: + configure_vault(k8s_obj, vault_dict) + + +def setup_oidc_provider(k8s_obj: K8s, + api_tls_verify: bool = False, + zitadel_dict: dict = {}, + vouch_dict: dict = {}, + bw: BwCLI = None, + argocd_fqdn: str = "") -> Zitadel | None: + """ + sets up oidc provider. only zitadel is supported right now + if we choose to add keycloak back, we'll be adding the following arg + keycloak_dict: dict = {} + """ + header("Setting up [green]OIDC[/]/[green]Oauth[/] Applications") + + # keycloak_enabled = keycloak_dict['enabled'] + zitadel_enabled = zitadel_dict['enabled'] + + vouch_enabled = False + if vouch_dict: + vouch_enabled = vouch_dict['enabled'] + + # setup keycloak if we're using that for OIDC + # if keycloak_enabled: + # log.debug("Setting up keycloak") + # configure_keycloak(k8s_obj, keycloak_dict, bw) + # realm = keycloak_dict['argo']['secret_keys']['default_realm'] + # user = keycloak_dict['init']['values']['username'] + + # setup zitadel if we're using that for OIDC + if zitadel_enabled: + zitadel_init_enabled = zitadel_dict['init']['enabled'] + log.debug("Setting up zitadel") + if zitadel_init_enabled: + zitadel_obj = configure_zitadel( + k8s_obj=k8s_obj, + config_dict=zitadel_dict, + api_tls_verify=api_tls_verify, + argocd_hostname=argocd_fqdn, + bitwarden=bw + ) + else: + configure_zitadel(k8s_obj=k8s_obj, + config_dict=zitadel_dict, + bitwarden=bw) + + if vouch_enabled: + log.debug("Setting up vouch") + # if keycloak_enabled: + # keycloak_host = keycloak_dict['argo']['secret_keys']['hostname'] + # configure_vouch( + # k8s_obj=k8s_obj, + # vouch_config_dict=vouch_dict, + # oidc_provider_name='keycloak', + # oidc_provider_hostname=keycloak_host, + # bitwarden=bw, + # users=[{'user': user}], + # realm=realm) + if zitadel_enabled: + configure_vouch(k8s_obj=k8s_obj, + vouch_config_dict=vouch_dict, + oidc_provider_name='zitadel', + oidc_provider_hostname=zitadel_dict['argo']['secret_keys']['hostname'], + bitwarden=bw, + users=[], + realm="", + zitadel=zitadel_obj) + else: + configure_vouch(k8s_obj, vouch_dict, '', '', bw) + + if zitadel_enabled and zitadel_init_enabled: + return zitadel_obj + + +def setup_base_apps(k8s_obj: K8s, + k8s_distro: str, + cilium_dict: dict = {}, + metallb_dict: dict = {}, + ingress_dict: dict = {}, + cert_manager_dict: dict = {}, + argo_enabled: bool = False, + argo_secrets_plugin_enabled: bool = False, + plugin_secrets: dict = {}, + bw: BwCLI = None) -> None: + """ + Uses Helm to install all base apps that need to be running being argo cd: + cilium, metallb, ingess-nginx, cert-manager, argo cd, argocd secrets plugin + All Needed for getting Argo CD up and running. + """ + metallb_enabled = metallb_dict['enabled'] + cilium_enabled = cilium_dict['enabled'] + ingress_nginx_enabled = ingress_dict["enabled"] + # make sure helm is installed and the repos are up to date + prepare_helm(k8s_distro, argo_enabled, metallb_enabled, cilium_enabled, + argo_secrets_plugin_enabled) + + # needed for network policy editor and hubble UI + if cilium_enabled: + header("Installing [green]cilium[/green] so we have networking tools", + '🛜') + if cilium_dict['init']['enabled']: + configure_cilium(cilium_dict) + + # needed for metal (non-cloud provider) installs + if metallb_enabled: + header("Installing [green]metallb[/green] so we have an IP address pool", + '🛜') + if metallb_dict['init']['enabled']: + cidr = metallb_dict['init']['values']['address_pool'] + if not cidr: + m = "[green]Please enter a comma seperated list of IPs or CIDRs" + cidr = Prompt.ask(m).split(',') + + configure_metallb(k8s_obj, cidr) + + # ingress controller: so we can accept traffic from outside the cluster + if ingress_nginx_enabled: + # nginx just because that's most supported, treafik support may be added later + header("Installing [green]ingress-nginx-controller[/green] to access web" + " apps outside the cluster", "🌐") + configure_ingress_nginx(k8s_obj, k8s_distro) + + # manager SSL/TLS certificates via lets-encrypt + header("Installing [green]cert-manager[/green] for TLS certificates...", '📜') + if cert_manager_dict["enabled"]: + configure_cert_manager(k8s_obj, cert_manager_dict['init']) + + # then we install argo cd if it's enabled + if argo_enabled: + configure_argocd(k8s_obj, + bw, + argo_secrets_plugin_enabled, + plugin_secrets) + + if ingress_nginx_enabled and argo_enabled: + install_ingress_nginx_argocd_app(k8s_obj, ingress_dict) + + +def setup_federated_apps(k8s_obj: K8s, + api_tls_verify: bool = False, + nextcloud_dict: dict = {}, + mastodon_dict: dict = {}, + matrix_dict: dict = {}, + zitadel_hostname: str = "", + zitadel_obj: Zitadel = None, + bw: BwCLI = None) -> None: + """ + Setup any federated apps with initialization supported + """ + if nextcloud_dict['enabled']: + configure_nextcloud(k8s_obj, nextcloud_dict, bw, zitadel_obj) + + if mastodon_dict['enabled']: + configure_mastodon(k8s_obj, mastodon_dict, bw) + + if matrix_dict['enabled']: + configure_matrix(k8s_obj, matrix_dict, zitadel_obj, bw) diff --git a/smol_k8s_lab/k8s_apps/operators/postgres_operators.py b/smol_k8s_lab/k8s_apps/operators/postgres_operators.py index e4ba77ce4..76b881cd5 100644 --- a/smol_k8s_lab/k8s_apps/operators/postgres_operators.py +++ b/smol_k8s_lab/k8s_apps/operators/postgres_operators.py @@ -87,11 +87,11 @@ def configure_postgres_operator(k8s_obj: K8s, )[0]['id'] s3_id = bw.get_item( - f"postgres-operator-user-s3-credentials-{hostname}" + f"postgres-operator-user-s3-credentials-{hostname}", False )[0]['id'] s3_backups_id = bw.get_item( - f"postgres-operator-backups-s3-credentials-{hostname}" + f"postgres-operator-backups-s3-credentials-{hostname}", False )[0]['id'] update_argocd_appset_secret( diff --git a/smol_k8s_lab/k8s_apps/social/mastodon.py b/smol_k8s_lab/k8s_apps/social/mastodon.py index 8b504cdf3..0f59327c0 100644 --- a/smol_k8s_lab/k8s_apps/social/mastodon.py +++ b/smol_k8s_lab/k8s_apps/social/mastodon.py @@ -280,35 +280,35 @@ def configure_mastodon(k8s_obj: K8s, )[0]['id'] elastic_id = bitwarden.get_item( - f"mastodon-elasticsearch-credentials-{mastodon_hostname}" + f"mastodon-elasticsearch-credentials-{mastodon_hostname}", False )[0]['id'] redis_id = bitwarden.get_item( - f"mastodon-redis-credentials-{mastodon_hostname}" + f"mastodon-redis-credentials-{mastodon_hostname}", False )[0]['id'] smtp_id = bitwarden.get_item( - f"mastodon-smtp-credentials-{mastodon_hostname}" + f"mastodon-smtp-credentials-{mastodon_hostname}", False )[0]['id'] s3_admin_id = bitwarden.get_item( - f"mastodon-admin-s3-credentials-{mastodon_hostname}" + f"mastodon-admin-s3-credentials-{mastodon_hostname}", False )[0]['id'] s3_db_id = bitwarden.get_item( - f"mastodon-postgres-s3-credentials-{mastodon_hostname}" + f"mastodon-postgres-s3-credentials-{mastodon_hostname}", False )[0]['id'] s3_id = bitwarden.get_item( - f"mastodon-user-s3-credentials-{mastodon_hostname}" + f"mastodon-user-s3-credentials-{mastodon_hostname}", False )[0]['id'] s3_backups_id = bitwarden.get_item( - f"mastodon-backups-s3-credentials-{mastodon_hostname}" + f"mastodon-backups-s3-credentials-{mastodon_hostname}", False )[0]['id'] secrets_id = bitwarden.get_item( - f"mastodon-server-secrets-{mastodon_hostname}" + f"mastodon-server-secrets-{mastodon_hostname}", False )[0]['id'] # {'mastodon_admin_credentials_bitwarden_id': admin_id, diff --git a/smol_k8s_lab/k8s_apps/social/matrix.py b/smol_k8s_lab/k8s_apps/social/matrix.py index 6be035e09..dc32cf618 100644 --- a/smol_k8s_lab/k8s_apps/social/matrix.py +++ b/smol_k8s_lab/k8s_apps/social/matrix.py @@ -229,31 +229,31 @@ def configure_matrix(k8s_obj: K8s, )[0]['id'] smtp_id = bitwarden.get_item( - f"matrix-smtp-credentials-{matrix_hostname}" + f"matrix-smtp-credentials-{matrix_hostname}", False )[0]['id'] s3_admin_id = bitwarden.get_item( - f"matrix-admin-s3-credentials-{matrix_hostname}" + f"matrix-admin-s3-credentials-{matrix_hostname}", False )[0]['id'] s3_db_id = bitwarden.get_item( - f"matrix-postgres-s3-credentials-{matrix_hostname}" + f"matrix-postgres-s3-credentials-{matrix_hostname}", False )[0]['id'] s3_id = bitwarden.get_item( - f"matrix-user-s3-credentials-{matrix_hostname}" + f"matrix-user-s3-credentials-{matrix_hostname}", False )[0]['id'] s3_backups_id = bitwarden.get_item( - f"matrix-backups-s3-credentials-{matrix_hostname}" + f"matrix-backups-s3-credentials-{matrix_hostname}", False )[0]['id'] db_id = bitwarden.get_item( - f"matrix-pgsql-credentials-{matrix_hostname}" + f"matrix-pgsql-credentials-{matrix_hostname}", False )[0]['id'] oidc_id = bitwarden.get_item( - f"matrix-oidc-credentials-{matrix_hostname}" + f"matrix-oidc-credentials-{matrix_hostname}", False )[0] # identity provider name and id are nested in the oidc item fields diff --git a/smol_k8s_lab/k8s_apps/social/nextcloud.py b/smol_k8s_lab/k8s_apps/social/nextcloud.py index 224a5b27f..86a261e6a 100644 --- a/smol_k8s_lab/k8s_apps/social/nextcloud.py +++ b/smol_k8s_lab/k8s_apps/social/nextcloud.py @@ -248,35 +248,35 @@ def configure_nextcloud(k8s_obj: K8s, )[0]['id'] admin_id = bitwarden.get_item( - f"nextcloud-admin-credentials-{nextcloud_hostname}" + f"nextcloud-admin-credentials-{nextcloud_hostname}", False )[0]['id'] smtp_id = bitwarden.get_item( - f"nextcloud-smtp-credentials-{nextcloud_hostname}" + f"nextcloud-smtp-credentials-{nextcloud_hostname}", False )[0]['id'] db_id = bitwarden.get_item( - f"nextcloud-pgsql-credentials-{nextcloud_hostname}" + f"nextcloud-pgsql-credentials-{nextcloud_hostname}", False )[0]['id'] redis_id = bitwarden.get_item( - f"nextcloud-redis-credentials-{nextcloud_hostname}" + f"nextcloud-redis-credentials-{nextcloud_hostname}", False )[0]['id'] s3_admin_id = bitwarden.get_item( - f"nextcloud-admin-s3-credentials-{nextcloud_hostname}" + f"nextcloud-admin-s3-credentials-{nextcloud_hostname}", False )[0]['id'] s3_db_id = bitwarden.get_item( - f"nextcloud-postgres-s3-credentials-{nextcloud_hostname}" + f"nextcloud-postgres-s3-credentials-{nextcloud_hostname}", False )[0]['id'] s3_id = bitwarden.get_item( - f"nextcloud-user-s3-credentials-{nextcloud_hostname}" + f"nextcloud-user-s3-credentials-{nextcloud_hostname}", False )[0]['id'] s3_backups_id = bitwarden.get_item( - f"nextcloud-backups-s3-credentials-{nextcloud_hostname}" + f"nextcloud-backups-s3-credentials-{nextcloud_hostname}", False )[0]['id'] update_argocd_appset_secret( From 5213892d82c14911e61dc41435ee9ee2bd7deac9 Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 10:10:43 +0100 Subject: [PATCH 10/16] set additional zitadel and secret info to not log unless debug is enabled --- smol_k8s_lab/__init__.py | 3 +++ smol_k8s_lab/k8s_apps/identity_provider/zitadel_api.py | 6 +++--- smol_k8s_lab/k8s_tools/k8s_lib.py | 5 ++++- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/smol_k8s_lab/__init__.py b/smol_k8s_lab/__init__.py index 87b256c80..1acfee49c 100755 --- a/smol_k8s_lab/__init__.py +++ b/smol_k8s_lab/__init__.py @@ -77,6 +77,9 @@ def process_log_config(log_dict: dict = {"level": "warn", "file": ""}): for handler in logging.root.handlers[:]: logging.root.removeHandler(handler) + kubernetes = logging.getLogger("kubernetes") + kubernetes.level = "WARNING" + # this uses the opts dictionary as parameters to logging.basicConfig() logging.basicConfig(**opts) diff --git a/smol_k8s_lab/k8s_apps/identity_provider/zitadel_api.py b/smol_k8s_lab/k8s_apps/identity_provider/zitadel_api.py index a3107e142..c261c3b26 100644 --- a/smol_k8s_lab/k8s_apps/identity_provider/zitadel_api.py +++ b/smol_k8s_lab/k8s_apps/identity_provider/zitadel_api.py @@ -158,7 +158,7 @@ def create_project(self, project_name: str) -> None: data=payload, verify=self.verify ) - log.info(response.text) + log.debug(response.text) json_blob = response.json() self.project_id = json_blob['id'] @@ -524,8 +524,8 @@ def set_project_by_name(self, project_name: str) -> str: response = request("POST", url, headers=self.headers, data=payload, verify=self.verify) - log.info(f'response from set_project_by_name for "{project_name}" ' - f'_search: {response.text}') + log.debug(f'response from set_project_by_name for "{project_name}" ' + f'_search: {response.text}') self.project_id = response.json()['result'][0]['id'] log.debug(f"zitadel api: set project id to {self.project_id}") diff --git a/smol_k8s_lab/k8s_tools/k8s_lib.py b/smol_k8s_lab/k8s_tools/k8s_lib.py index 5f9123e0e..d6e6a5ae7 100644 --- a/smol_k8s_lab/k8s_tools/k8s_lib.py +++ b/smol_k8s_lab/k8s_tools/k8s_lib.py @@ -23,6 +23,7 @@ def __init__(self): This is mostly for storing the k8s config """ config.load_kube_config() + client.rest.logger.setLevel(log.WARNING) self.api_client = client.ApiClient() self.core_v1_api = client.CoreV1Api(self.api_client) @@ -65,6 +66,7 @@ def create_secret(self, except ApiException as e: log.error("Exception when calling " f"CoreV1Api->create_namespaced_secret: {e}") + # delete the secret if it already exists try: self.core_v1_api.delete_namespaced_secret(name, namespace) @@ -80,7 +82,8 @@ def get_secret(self, name: str, namespace: str) -> dict: """ log.debug(f"Getting secret: {name} in namespace: {namespace}") - res = subproc([f"kubectl get secret -n {namespace} {name} -o json"]) + res = subproc([f"kubectl get secret -n {namespace} {name} -o json"], + quiet=True) return loads(res) def delete_secret(self, name: str, namespace: str) -> None: From 106eb1b49fd1631307547868cf1b208c58a351c8 Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 10:18:07 +0100 Subject: [PATCH 11/16] change user response to be a debug option --- smol_k8s_lab/k8s_apps/identity_provider/zitadel_api.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/smol_k8s_lab/k8s_apps/identity_provider/zitadel_api.py b/smol_k8s_lab/k8s_apps/identity_provider/zitadel_api.py index c261c3b26..55f3abcfa 100644 --- a/smol_k8s_lab/k8s_apps/identity_provider/zitadel_api.py +++ b/smol_k8s_lab/k8s_apps/identity_provider/zitadel_api.py @@ -488,7 +488,7 @@ def set_user_by_login_name(self, user: str) -> None: response = request("GET", url, headers=self.headers, data={}, verify=self.verify).json() - log.info(response) + log.debug(response) self.user_id = response['user']['id'] self.resource_owner = response['user']['details']['resourceOwner'] From 7517014dc7f6467aa78f0ac90e4e627a64d7851a Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 10:19:43 +0100 Subject: [PATCH 12/16] fix project creation issue and ensure argocd always makes it in --- smol_k8s_lab/k8s_tools/argocd_util.py | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/smol_k8s_lab/k8s_tools/argocd_util.py b/smol_k8s_lab/k8s_tools/argocd_util.py index 6d4f3fdac..3b491e9ac 100644 --- a/smol_k8s_lab/k8s_tools/argocd_util.py +++ b/smol_k8s_lab/k8s_tools/argocd_util.py @@ -38,6 +38,8 @@ def install_with_argocd(k8s_obj: K8s, app: str, argo_dict: dict) -> None: app_namespace = argo_dict['namespace'] proj_namespaces = argo_dict['project']['destination']['namespaces'] proj_namespaces.append(app_namespace) + if 'argocd' not in proj_namespaces: + proj_namespaces.append('argocd') # make sure the namespace already exists k8s_obj.create_namespace(app_namespace) @@ -114,13 +116,7 @@ def create_argocd_project(k8s_obj: K8s, } ], "description": f"project for {app}", - "destinations": [ - { - "name": "in-cluster", - "namespace": 'argocd', - "server": "https://kubernetes.default.svc" - } - ], + "destinations": [], "namespaceResourceWhitelist": [ { "group": "*", @@ -128,7 +124,7 @@ def create_argocd_project(k8s_obj: K8s, } ], "orphanedResources": {}, - "sourceRepos": source_repos + "sourceRepos": list(source_repos) }, "status": {} } From 4a2462234dc96fe31b78d082ac3a65c5cca7b843 Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 10:20:32 +0100 Subject: [PATCH 13/16] fix matrix banner spacing and emoji --- smol_k8s_lab/k8s_apps/social/matrix.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/smol_k8s_lab/k8s_apps/social/matrix.py b/smol_k8s_lab/k8s_apps/social/matrix.py index dc32cf618..7abb9a3fa 100644 --- a/smol_k8s_lab/k8s_apps/social/matrix.py +++ b/smol_k8s_lab/k8s_apps/social/matrix.py @@ -18,8 +18,8 @@ def configure_matrix(k8s_obj: K8s, """ creates a matrix app and initializes it with secrets if you'd like :) """ - header("Setting up [green]Matrix[/green], so you can self host your own chat" - '🔢') + header("Setting up [green]Matrix[/green], so you can self host your own chat " + '💬') app_installed = check_if_argocd_app_exists('matrix') secrets = config_dict['argo']['secret_keys'] From 95eec319a7a89e85a8e1ad58535b776e3affe4f0 Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 10:23:59 +0100 Subject: [PATCH 14/16] add little blurb for home assistant if it's installed --- smol_k8s_lab/__init__.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/smol_k8s_lab/__init__.py b/smol_k8s_lab/__init__.py index 1acfee49c..b755a7905 100755 --- a/smol_k8s_lab/__init__.py +++ b/smol_k8s_lab/__init__.py @@ -337,9 +337,14 @@ def main(config: str = "", matrix_hostname = SECRETS.get('matrix_hostname', "") if matrix_hostname: - final_msg += ("\n🗣️ Matrix, for your chat:\n" + final_msg += ("\n💬 Matrix, for your chat:\n" f"[blue][link]https://{matrix_hostname}[/][/]\n") + home_assistant_hostname = SECRETS.get('home_assistant_hostname', "") + if home_assistant_hostname: + final_msg += ("\n🏠 Home Assistant, for managing your IoT needs:\n" + f"[blue][link]https://{home_assistant_hostname}[/][/]\n") + CONSOLE.print(Panel(final_msg, title='[green]◝(ᵔᵕᵔ)◜ Success!', subtitle='♥ [cyan]Have a nice day[/] ♥', From 14c5b85e19b614adcc0d01b8bafe1ffb9d6e2e55 Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 10:24:53 +0100 Subject: [PATCH 15/16] add new help screenshot --- docs/assets/images/screenshots/help_text.svg | 152 +++++++++---------- 1 file changed, 76 insertions(+), 76 deletions(-) diff --git a/docs/assets/images/screenshots/help_text.svg b/docs/assets/images/screenshots/help_text.svg index 6802d4522..1b4f42d2e 100644 --- a/docs/assets/images/screenshots/help_text.svg +++ b/docs/assets/images/screenshots/help_text.svg @@ -1,4 +1,4 @@ - + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - term + term - + - -                           🧸smol k8s lab - -Install slim Kubernetes distros + plus all your apps via Argo CD. - -Usage:smol-k8s-lab[OPTIONS] - -╭─ ʕ ᵔᴥᵔʔ Options ─────────────────────────────────────────────────────────────────────────────────────────────────╮ - --c--config CONFIG_FILEFull path and name of the YAML config file to parse.  -Defaults to $XDG_CONFIG_HOME/smol-k8s-lab/config.yaml - --D--delete CLUSTER_NAMEDelete an existing cluster by name.                   - --i--interactive⚙️ Interactively configures smol-k8s-lab - --v--versionPrint the version of smol-k8s-lab (v3.2.2)            - --h--helpShow this message and exit.                           -╰───────────────────────────────────────────────────────────────────── ♥ docs: github.com/small-hack/smol-k8s-lab─╯ + +                           🧸smol k8s lab + +Install slim Kubernetes distros + plus all your apps via Argo CD. + +Usage:smol-k8s-lab[OPTIONS] + +╭─ ʕ ᵔᴥᵔʔ Options ───────────────────────────────────────────────────────────────────────────────────────────────╮ + +-c--config CONFIG_FILEFull path and name of the YAML config file to parse.  +Defaults to $XDG_CONFIG_HOME/smol-k8s-lab/config.yaml + +-D--delete CLUSTER_NAMEDelete an existing cluster by name.                   + +-i--interactive⚙️ Interactively configures smol-k8s-lab + +-v--versionPrint the version of smol-k8s-lab (v3.3.0)            + +-h--helpShow this message and exit.                           +╰──────────────────────────────────────────────────────────── ♥ docs: https://small-hack.github.io/smol-k8s-lab─╯ From 970064a0d8e211444d9b4d99581079e64426fca0 Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 24 Mar 2024 10:50:26 +0100 Subject: [PATCH 16/16] add project name to the tui for each app in the apps screen --- .../tui/app_widgets/argocd_widgets.py | 33 +++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/smol_k8s_lab/tui/app_widgets/argocd_widgets.py b/smol_k8s_lab/tui/app_widgets/argocd_widgets.py index 043d5eb64..9d5b2b3ec 100644 --- a/smol_k8s_lab/tui/app_widgets/argocd_widgets.py +++ b/smol_k8s_lab/tui/app_widgets/argocd_widgets.py @@ -97,6 +97,28 @@ def __init__(self, app_name: str, argo_params: dict) -> None: def compose(self) -> ComposeResult: # row for project destination namespaces + with Horizontal(classes=f"{self.app_name} argo-config-row"): + label = Label("project name:", + classes=f"{self.app_name} argo-config-label") + label.tooltip = "The name of the Argo CD AppProject for the App to live" + yield label + + # set project name for the user if they don't have one + proj_name = self.argo_params.get("name", "") + if not proj_name: + value = self.app_name.replace("_","-") + if value == 'argo-cd': + value = 'argocd' + else: + value = proj_name + + classes = f"{self.app_name} argo-config-input argo-proj-name" + yield Input(placeholder="Enter the name of your project", + name="name", + validators=Length(minimum=2), + value=value, + classes=classes) + with Horizontal(classes=f"{self.app_name} argo-config-row"): label = Label("namespaces:", classes=f"{self.app_name} argo-config-label") @@ -144,11 +166,18 @@ def update_base_yaml(self, event: Input.Changed) -> None: # section of the yaml this widget updates project_yml = self.app.cfg['apps'][self.app_name]['argo']['project'] - # sorts out any spaces or commas as delimeters to create a list - yaml_value = create_sanitized_list(event.input.value) + # the name of the input triggering this + input_name = event.input.name + + if input_name in ['namespaces', 'source_repos']: + # sorts out any spaces or commas as delimeters to create a list + yaml_value = create_sanitized_list(event.input.value) + else: + yaml_value = event.input.value if event.input.name == 'namespaces': project_yml['destination'][event.input.name] = yaml_value else: project_yml[event.input.name] = yaml_value + self.app.write_yaml()