├── CNAME
├── docs
    ├── tags.md
    ├── CNAME
    ├── pages
    │   ├── blog
    │   │   ├── index.md
    │   │   └── posts
    │   │   │   └── 2024-02-12.md
    │   └── contribute
    │   │   └── sponsor.md
    ├── images
    │   ├── demo.gif
    │   ├── kapitan-demo.gif
    │   ├── kapitan_logo.png
    │   └── kapitan_overview.png
    ├── adopters_logos
    │   ├── mw.png
    │   ├── noon.png
    │   ├── vhsn.png
    │   ├── flower.png
    │   ├── airfund.png
    │   ├── nexenio.png
    │   ├── phaidra.png
    │   ├── synthace.png
    │   ├── ubisoft.png
    │   ├── ringcentral.png
    │   ├── skyscanner.png
    │   ├── softwareag.png
    │   ├── isomorphiclabs.png
    │   └── morganstanley.png
    ├── FAQ.md
    └── related.md
├── _config.yml
├── examples
    ├── kubernetes
    │   ├── copy_target
    │   ├── compiled
    │   │   ├── busybox
    │   │   │   ├── copy_target
    │   │   │   ├── copy
    │   │   │   │   ├── copy_target
    │   │   │   │   └── pod.yml
    │   │   │   └── pre-deploy
    │   │   │   │   ├── 10_serviceaccount.yml
    │   │   │   │   └── 00_namespace.yml
    │   │   ├── minikube-es
    │   │   │   ├── copy_target
    │   │   │   ├── copy
    │   │   │   │   ├── copy_target
    │   │   │   │   └── pod.yml
    │   │   │   ├── pre-deploy
    │   │   │   │   ├── 10_serviceaccount.yml
    │   │   │   │   └── 00_namespace.yml
    │   │   │   ├── scripts
    │   │   │   │   ├── setup_cluster.sh
    │   │   │   │   ├── delete.sh
    │   │   │   │   ├── kubectl.sh
    │   │   │   │   ├── setup_context.sh
    │   │   │   │   ├── minikube
    │   │   │   │   │   └── start_minikube.sh
    │   │   │   │   └── apply.sh
    │   │   │   └── manifests
    │   │   │   │   ├── es-discovery-svc.yml
    │   │   │   │   └── es-elasticsearch-svc.yml
    │   │   ├── labels
    │   │   │   ├── pre-deploy
    │   │   │   │   ├── 10_serviceaccount.yml
    │   │   │   │   └── 00_namespace.yml
    │   │   │   └── labels
    │   │   │   │   └── service.yml
    │   │   ├── all-glob
    │   │   │   ├── manifests
    │   │   │   │   ├── 10_serviceaccount.yml
    │   │   │   │   ├── 00_namespace.yml
    │   │   │   │   ├── 01_yaml_load.yml
    │   │   │   │   ├── app-service.yml
    │   │   │   │   ├── mysql_service_simple.yml
    │   │   │   │   ├── mysql_secret.yml
    │   │   │   │   ├── es-discovery-svc.yml
    │   │   │   │   ├── mysql_secret_subvar.yml
    │   │   │   │   ├── mysql_service_jsonnet.yml
    │   │   │   │   └── es-elasticsearch-svc.yml
    │   │   │   └── pre-deploy
    │   │   │   │   ├── 10_serviceaccount.yml
    │   │   │   │   └── 00_namespace.yml
    │   │   ├── minikube-nginx-helm
    │   │   │   ├── README.md
    │   │   │   ├── nginx-deploy.sh
    │   │   │   └── ingress-nginx
    │   │   │   │   └── templates
    │   │   │   │       ├── controller-ingressclass.yaml
    │   │   │   │       ├── controller-serviceaccount.yaml
    │   │   │   │       └── controller-configmap.yaml
    │   │   ├── minikube-nginx-kadet
    │   │   │   ├── README.md
    │   │   │   ├── pre-deploy
    │   │   │   │   ├── 10_serviceaccount.yml
    │   │   │   │   └── 00_namespace.yml
    │   │   │   ├── manifests
    │   │   │   │   ├── nginx_service.yml
    │   │   │   │   └── nginx_deployment.yml
    │   │   │   └── nginx-deploy.sh
    │   │   ├── minikube-nginx-jsonnet
    │   │   │   ├── README.md
    │   │   │   ├── pre-deploy
    │   │   │   │   ├── 10_serviceaccount.yml
    │   │   │   │   └── 00_namespace.yml
    │   │   │   ├── manifests
    │   │   │   │   └── app-service.yml
    │   │   │   └── nginx-deploy.sh
    │   │   └── minikube-mysql
    │   │   │   ├── pre-deploy
    │   │   │       ├── 10_serviceaccount.yml
    │   │   │       └── 00_namespace.yml
    │   │   │   ├── scripts
    │   │   │       ├── setup_cluster.sh
    │   │   │       ├── delete.sh
    │   │   │       ├── kubectl.sh
    │   │   │       ├── setup_context.sh
    │   │   │       ├── minikube
    │   │   │       │   └── start_minikube.sh
    │   │   │       └── apply.sh
    │   │   │   └── manifests
    │   │   │       ├── mysql_service_simple.yml
    │   │   │       ├── mysql_secret.yml
    │   │   │       ├── mysql_service_jsonnet.yml
    │   │   │       └── mysql_secret_subvar.yml
    │   ├── templates
    │   │   ├── got.j2
    │   │   └── labels.j2
    │   ├── inventory
    │   │   ├── classes
    │   │   │   ├── cluster
    │   │   │   │   ├── common.yml
    │   │   │   │   └── minikube.yml
    │   │   │   ├── jsonnet-env.yml
    │   │   │   ├── component
    │   │   │   │   ├── namespace.yml
    │   │   │   │   ├── nginx-kadet.yml
    │   │   │   │   ├── nginx-common.yml
    │   │   │   │   ├── nginx-jsonnet.yml
    │   │   │   │   ├── labels.yml
    │   │   │   │   └── busybox.yml
    │   │   │   └── common.yml
    │   │   └── targets
    │   │   │   ├── labels.yml
    │   │   │   ├── busybox.yml
    │   │   │   ├── minikube-mysql.yml
    │   │   │   ├── minikube-es.yml
    │   │   │   ├── minikube-nginx-helm.yml
    │   │   │   ├── jsonnet-env.yml
    │   │   │   ├── minikube-nginx-jsonnet.yml
    │   │   │   ├── minikube-nginx-kadet.yml
    │   │   │   └── removal.yml
    │   ├── refs
    │   │   ├── targets
    │   │   │   └── all-glob
    │   │   │   │   └── mysql
    │   │   │   │       ├── password
    │   │   │   │       ├── password_sha256
    │   │   │   │       └── subvars
    │   │   └── subvars.yml
    │   ├── Makefile
    │   ├── lib
    │   │   ├── custom_jinja2_filter.py
    │   │   └── kubelib
    │   │   │   ├── service.yml
    │   │   │   └── deployment.yml
    │   ├── components
    │   │   ├── nginx-jsonnet
    │   │   │   ├── main.jsonnet
    │   │   │   └── service.jsonnet
    │   │   ├── jsonnet_callbacks_test
    │   │   │   └── main.jsonnet
    │   │   ├── busybox
    │   │   │   └── pod.yml
    │   │   ├── namespace
    │   │   │   └── main.jsonnet
    │   │   ├── labels
    │   │   │   └── service.yml
    │   │   ├── nginx-deploy.sh
    │   │   ├── elasticsearch
    │   │   │   └── elasticsearch.container.jsonnet
    │   │   └── jsonnet-env
    │   │   │   └── env.jsonnet
    │   ├── charts
    │   │   └── nginx-ingress
    │   │   │   ├── ci
    │   │   │       ├── deployment-default-values.yaml
    │   │   │       ├── controller-custom-ingressclass-flags.yaml
    │   │   │       ├── deployment-psp-values.yaml
    │   │   │       ├── deployment-webhook-values.yaml
    │   │   │       ├── deployment-nodeport-values.yaml
    │   │   │       ├── daemonset-nodeport-values.yaml
    │   │   │       ├── deamonset-default-values.yaml
    │   │   │       ├── deamonset-webhook-values.yaml
    │   │   │       ├── daemonset-extra-modules.yaml
    │   │   │       ├── deployment-extra-modules.yaml
    │   │   │       ├── deployment-tcp-values.yaml
    │   │   │       ├── deployment-metrics-values.yaml
    │   │   │       ├── deployment-autoscaling-values.yaml
    │   │   │       ├── deployment-webhook-and-psp-values.yaml
    │   │   │       ├── deployment-webhook-extraEnvs-values.yaml
    │   │   │       ├── deamonset-metrics-values.yaml
    │   │   │       ├── deamonset-psp-values.yaml
    │   │   │       ├── deamonset-webhook-and-psp-values.yaml
    │   │   │       ├── deployment-customconfig-values.yaml
    │   │   │       ├── deployment-tcp-udp-values.yaml
    │   │   │       ├── daemonset-tcp-values.yaml
    │   │   │       ├── deployment-headers-values.yaml
    │   │   │       ├── daemonset-customconfig-values.yaml
    │   │   │       ├── daemonset-tcp-udp-values.yaml
    │   │   │       ├── daemonset-headers-values.yaml
    │   │   │       ├── deployment-autoscaling-behavior-values.yaml
    │   │   │       ├── deployment-internal-lb-values.yaml
    │   │   │       ├── deployment-tcp-udp-portNamePrefix-values.yaml
    │   │   │       ├── daemonset-internal-lb-values.yaml
    │   │   │       ├── daemonset-tcp-udp-portNamePrefix-values.yaml
    │   │   │       ├── deployment-customnodeport-values.yaml
    │   │   │       ├── deployment-podannotations-values.yaml
    │   │   │       ├── deployment-tcp-udp-configMapNamespace-values.yaml
    │   │   │       ├── daemonset-customnodeport-values.yaml
    │   │   │       ├── daemonset-tcp-udp-configMapNamespace-values.yaml
    │   │   │       ├── daemonset-podannotations-values.yaml
    │   │   │       └── deployment-webhook-resources-values.yaml
    │   │   │   ├── OWNERS
    │   │   │   └── templates
    │   │   │       ├── dh-param-secret.yaml
    │   │   │       ├── controller-configmap-addheaders.yaml
    │   │   │       └── controller-webhooks-networkpolicy.yaml
    │   ├── docs
    │   │   └── nginx
    │   │   │   └── README.md
    │   └── scripts
    │   │   ├── delete.sh
    │   │   ├── kubectl.sh
    │   │   ├── setup_context.sh
    │   │   ├── minikube
    │   │       └── start_minikube.sh
    │   │   └── apply.sh
    ├── docker
    │   ├── compiled
    │   │   └── docker
    │   │   │   ├── jsonnet
    │   │   │       ├── Dockerfile.worker
    │   │   │       └── Dockerfile.web
    │   │   │   └── kadet
    │   │   │       ├── Dockerfile.worker
    │   │   │       └── Dockerfile.web
    │   ├── templates
    │   │   └── Dockerfile
    │   ├── components
    │   │   ├── jsonnet
    │   │   │   └── jsonnet.jsonnet
    │   │   └── kadet
    │   │   │   └── __init__.py
    │   └── inventory
    │   │   ├── targets
    │   │       └── docker.yml
    │   │   └── classes
    │   │       └── dockerfiles.yml
    └── terraform
    │   ├── inventory
    │       ├── classes
    │       │   ├── env
    │       │   │   ├── develop.yml
    │       │   │   └── sandbox.yml
    │       │   └── type
    │       │   │   └── terraform.yml
    │       └── reclass-config.yml
    │   ├── templates
    │       ├── terraform
    │       │   ├── modules.jsonnet
    │       │   └── output.jsonnet
    │       └── scripts
    │       │   ├── terraform.sh
    │       │   ├── init.sh
    │       │   ├── plan.sh
    │       │   ├── apply.sh
    │       │   └── update_output.sh
    │   └── compiled
    │       ├── project2
    │           ├── terraform
    │           │   ├── logging.tf.json
    │           │   └── provider.tf.json
    │           └── scripts
    │           │   ├── terraform.sh
    │           │   ├── init.sh
    │           │   ├── plan.sh
    │           │   ├── apply.sh
    │           │   └── update_output.sh
    │       ├── project3
    │           ├── terraform
    │           │   ├── iam.tf.json
    │           │   └── provider.tf.json
    │           └── scripts
    │           │   ├── terraform.sh
    │           │   ├── init.sh
    │           │   ├── plan.sh
    │           │   ├── apply.sh
    │           │   └── update_output.sh
    │       └── project1
    │           ├── scripts
    │               ├── terraform.sh
    │               ├── init.sh
    │               ├── plan.sh
    │               ├── apply.sh
    │               └── update_output.sh
    │           └── terraform
    │               ├── provider.tf.json
    │               └── output.tf.json
├── tests
    ├── test_jsonnet
    │   ├── subfolder1
    │   │   └── file1.txt
    │   ├── file2.txt
    │   ├── subfolder2
    │   │   └── file1.txt
    │   └── file1.txt
    ├── test_resources
    │   ├── templates
    │   │   ├── single_object.jsonnet
    │   │   ├── list.jsonnet
    │   │   ├── stub.txt.j2
    │   │   ├── string_component_plainref.jsonnet
    │   │   ├── onekey_component_plainref.jsonnet
    │   │   ├── simple_component_plainref.jsonnet
    │   │   ├── pod.yml
    │   │   └── test_deployment.yaml
    │   ├── compiled
    │   │   ├── single-object
    │   │   │   ├── single_object.json
    │   │   │   └── list.json
    │   │   ├── test-objects
    │   │   │   ├── single_object.json
    │   │   │   ├── list.json
    │   │   │   ├── onekey.json
    │   │   │   ├── string_component_plainref.json
    │   │   │   └── inner.json
    │   │   ├── reveal-output
    │   │   │   └── main.json
    │   │   ├── jinja2-postfix-strip
    │   │   │   ├── stripped
    │   │   │   │   └── stub.txt
    │   │   │   ├── stripped-overridden
    │   │   │   │   └── stub
    │   │   │   └── unstripped
    │   │   │   │   └── stub.txt.j2
    │   │   ├── toml-output
    │   │   │   ├── kadet-output
    │   │   │   │   └── nested.toml
    │   │   │   └── jsonnet-output
    │   │   │   │   └── nested.toml
    │   │   ├── minikube-mysql
    │   │   │   └── manifests
    │   │   │   │   └── mysql_secret.yml
    │   │   ├── jinja2-input-params
    │   │   │   ├── test-1
    │   │   │   │   └── pod.yml
    │   │   │   └── test-2
    │   │   │   │   └── pod.yml
    │   │   ├── monitoring-dev
    │   │   │   └── prometheus
    │   │   │   │   └── templates
    │   │   │   │       ├── server-pvc.yaml
    │   │   │   │       └── server-service.yaml
    │   │   ├── monitoring-prd
    │   │   │   └── prometheus
    │   │   │   │   └── templates
    │   │   │   │       ├── server-pvc.yaml
    │   │   │   │       └── server-service.yaml
    │   │   ├── kadet-test
    │   │   │   ├── test-2
    │   │   │   │   └── test_deployment.yaml
    │   │   │   └── test-1
    │   │   │   │   └── test_deployment.yaml
    │   │   └── nginx
    │   │   │   └── manifests
    │   │   │       └── nginx.conf
    │   ├── helm_values_files
    │   │   └── prometheus
    │   │   │   ├── dev.yml
    │   │   │   └── prd.yml
    │   ├── charts
    │   │   ├── nginx-ingress
    │   │   │   ├── ci
    │   │   │   │   └── psp-values.yaml
    │   │   │   ├── OWNERS
    │   │   │   ├── templates
    │   │   │   │   ├── serviceaccount.yaml
    │   │   │   │   ├── tcp-configmap.yaml
    │   │   │   │   ├── udp-configmap.yaml
    │   │   │   │   └── headers-configmap.yaml
    │   │   │   └── .helmignore
    │   │   ├── istio
    │   │   │   ├── templates
    │   │   │   │   ├── _podDisruptionBudget.tpl
    │   │   │   │   ├── serviceaccount.yaml
    │   │   │   │   ├── clusterrole.yaml
    │   │   │   │   └── clusterrolebinding.yaml
    │   │   │   ├── charts
    │   │   │   │   ├── grafana
    │   │   │   │   │   ├── Chart.yaml
    │   │   │   │   │   └── templates
    │   │   │   │   │   │   ├── grafana-ports-mtls.yaml
    │   │   │   │   │   │   ├── pvc.yaml
    │   │   │   │   │   │   └── configmap-custom-resources.yaml
    │   │   │   │   ├── tracing
    │   │   │   │   │   └── Chart.yaml
    │   │   │   │   ├── prometheus
    │   │   │   │   │   ├── Chart.yaml
    │   │   │   │   │   └── templates
    │   │   │   │   │   │   ├── serviceaccount.yaml
    │   │   │   │   │   │   └── clusterrolebindings.yaml
    │   │   │   │   ├── certmanager
    │   │   │   │   │   ├── Chart.yaml
    │   │   │   │   │   └── templates
    │   │   │   │   │   │   ├── NOTES.txt
    │   │   │   │   │   │   └── serviceaccount.yaml
    │   │   │   │   ├── istiocoredns
    │   │   │   │   │   ├── Chart.yaml
    │   │   │   │   │   └── templates
    │   │   │   │   │   │   ├── clusterrole.yaml
    │   │   │   │   │   │   ├── service.yaml
    │   │   │   │   │   │   ├── serviceaccount.yaml
    │   │   │   │   │   │   └── clusterrolebinding.yaml
    │   │   │   │   ├── kiali
    │   │   │   │   │   ├── Chart.yaml
    │   │   │   │   │   └── templates
    │   │   │   │   │   │   ├── service.yaml
    │   │   │   │   │   │   ├── demosecret.yaml
    │   │   │   │   │   │   └── serviceaccount.yaml
    │   │   │   │   ├── mixer
    │   │   │   │   │   ├── Chart.yaml
    │   │   │   │   │   └── templates
    │   │   │   │   │   │   └── serviceaccount.yaml
    │   │   │   │   ├── pilot
    │   │   │   │   │   ├── Chart.yaml
    │   │   │   │   │   └── templates
    │   │   │   │   │   │   ├── serviceaccount.yaml
    │   │   │   │   │   │   └── clusterrolebinding.yaml
    │   │   │   │   ├── galley
    │   │   │   │   │   ├── Chart.yaml
    │   │   │   │   │   └── templates
    │   │   │   │   │   │   ├── configmap.yaml
    │   │   │   │   │   │   ├── serviceaccount.yaml
    │   │   │   │   │   │   └── service.yaml
    │   │   │   │   ├── nodeagent
    │   │   │   │   │   ├── Chart.yaml
    │   │   │   │   │   └── templates
    │   │   │   │   │   │   ├── clusterrole.yaml
    │   │   │   │   │   │   ├── serviceaccount.yaml
    │   │   │   │   │   │   └── clusterrolebinding.yaml
    │   │   │   │   ├── security
    │   │   │   │   │   ├── Chart.yaml
    │   │   │   │   │   └── templates
    │   │   │   │   │   │   ├── serviceaccount.yaml
    │   │   │   │   │   │   ├── enable-mesh-permissive.yaml
    │   │   │   │   │   │   └── clusterrolebinding.yaml
    │   │   │   │   ├── gateways
    │   │   │   │   │   ├── Chart.yaml
    │   │   │   │   │   └── templates
    │   │   │   │   │   │   ├── role.yaml
    │   │   │   │   │   │   └── rolebindings.yaml
    │   │   │   │   └── sidecarInjectorWebhook
    │   │   │   │   │   ├── Chart.yaml
    │   │   │   │   │   └── templates
    │   │   │   │   │       ├── service.yaml
    │   │   │   │   │       └── serviceaccount.yaml
    │   │   │   ├── example-values
    │   │   │   │   ├── README.md
    │   │   │   │   └── values-istio-googleca.yaml
    │   │   │   ├── Chart.yaml
    │   │   │   └── values-istio-sds-auth.yaml
    │   │   ├── prometheus
    │   │   │   ├── charts
    │   │   │   │   └── kube-state-metrics
    │   │   │   │   │   ├── OWNERS
    │   │   │   │   │   ├── .helmignore
    │   │   │   │   │   └── Chart.yaml
    │   │   │   ├── requirements.yaml
    │   │   │   ├── requirements.lock
    │   │   │   ├── .helmignore
    │   │   │   └── templates
    │   │   │   │   ├── server-serviceaccount.yaml
    │   │   │   │   ├── pushgateway-serviceaccount.yaml
    │   │   │   │   ├── alertmanager-serviceaccount.yaml
    │   │   │   │   ├── node-exporter-serviceaccount.yaml
    │   │   │   │   ├── server-pdb.yaml
    │   │   │   │   ├── pushgateway-pdb.yaml
    │   │   │   │   ├── alertmanager-pdb.yaml
    │   │   │   │   └── server-networkpolicy.yaml
    │   │   └── acs-engine-autoscaler
    │   │   │   ├── Chart.yaml
    │   │   │   └── .helmignore
    │   ├── refs
    │   │   └── my_plainref
    │   ├── test_yaml_load.yaml
    │   ├── script.sh
    │   ├── components
    │   │   └── input-to-output
    │   │   │   └── main.jsonnet
    │   ├── inventory
    │   │   ├── targets
    │   │   │   ├── monitoring-dev.yml
    │   │   │   ├── monitoring-prd.yml
    │   │   │   ├── minikube-mysql.yml
    │   │   │   ├── istio.yml
    │   │   │   ├── test-objects.yml
    │   │   │   ├── acs-engine-autoscaler.yml
    │   │   │   ├── nginx-istio.yml
    │   │   │   ├── fail-compile.yml
    │   │   │   ├── reveal-output.yml
    │   │   │   ├── external-test.yml
    │   │   │   └── nginx-ingress-helm-params.yml
    │   │   └── classes
    │   │   │   ├── test-objects.yml
    │   │   │   └── common.yml
    │   ├── kadet_functions
    │   │   ├── fail_compile
    │   │   │   └── __init__.py
    │   │   └── input_to_output
    │   │   │   └── __init__.py
    │   └── test_yaml_load_stream.yaml
    ├── test_kubernetes_compiled
    │   ├── busybox
    │   │   ├── copy_target
    │   │   ├── copy
    │   │   │   ├── copy_target
    │   │   │   └── pod.yml
    │   │   └── pre-deploy
    │   │   │   ├── 10_serviceaccount.yml
    │   │   │   └── 00_namespace.yml
    │   ├── minikube-es
    │   │   ├── copy_target
    │   │   ├── copy
    │   │   │   ├── copy_target
    │   │   │   └── pod.yml
    │   │   ├── pre-deploy
    │   │   │   ├── 10_serviceaccount.yml
    │   │   │   └── 00_namespace.yml
    │   │   ├── scripts
    │   │   │   ├── setup_cluster.sh
    │   │   │   ├── delete.sh
    │   │   │   ├── kubectl.sh
    │   │   │   ├── setup_context.sh
    │   │   │   ├── minikube
    │   │   │   │   └── start_minikube.sh
    │   │   │   └── apply.sh
    │   │   └── manifests
    │   │   │   ├── es-discovery-svc.yml
    │   │   │   └── es-elasticsearch-svc.yml
    │   ├── all-glob
    │   │   ├── manifests
    │   │   │   ├── 10_serviceaccount.yml
    │   │   │   ├── 00_namespace.yml
    │   │   │   ├── 01_yaml_load.yml
    │   │   │   ├── app-service.yml
    │   │   │   ├── mysql_service_simple.yml
    │   │   │   ├── mysql_secret.yml
    │   │   │   ├── es-discovery-svc.yml
    │   │   │   ├── mysql_secret_subvar.yml
    │   │   │   ├── mysql_service_jsonnet.yml
    │   │   │   └── es-elasticsearch-svc.yml
    │   │   └── pre-deploy
    │   │   │   ├── 10_serviceaccount.yml
    │   │   │   └── 00_namespace.yml
    │   ├── labels
    │   │   ├── pre-deploy
    │   │   │   ├── 10_serviceaccount.yml
    │   │   │   └── 00_namespace.yml
    │   │   └── labels
    │   │   │   └── service.yml
    │   ├── minikube-nginx-helm
    │   │   ├── README.md
    │   │   ├── nginx-deploy.sh
    │   │   └── ingress-nginx
    │   │   │   └── templates
    │   │   │       ├── controller-ingressclass.yaml
    │   │   │       ├── controller-serviceaccount.yaml
    │   │   │       └── controller-configmap.yaml
    │   ├── minikube-nginx-kadet
    │   │   ├── README.md
    │   │   ├── pre-deploy
    │   │   │   ├── 10_serviceaccount.yml
    │   │   │   └── 00_namespace.yml
    │   │   ├── manifests
    │   │   │   ├── nginx_service.yml
    │   │   │   └── nginx_deployment.yml
    │   │   └── nginx-deploy.sh
    │   ├── minikube-nginx-jsonnet
    │   │   ├── README.md
    │   │   ├── pre-deploy
    │   │   │   ├── 10_serviceaccount.yml
    │   │   │   └── 00_namespace.yml
    │   │   ├── manifests
    │   │   │   └── app-service.yml
    │   │   └── nginx-deploy.sh
    │   └── minikube-mysql
    │   │   ├── pre-deploy
    │   │       ├── 10_serviceaccount.yml
    │   │       └── 00_namespace.yml
    │   │   ├── scripts
    │   │       ├── setup_cluster.sh
    │   │       ├── delete.sh
    │   │       ├── kubectl.sh
    │   │       ├── setup_context.sh
    │   │       ├── minikube
    │   │       │   └── start_minikube.sh
    │   │       └── apply.sh
    │   │   └── manifests
    │   │       ├── mysql_service_simple.yml
    │   │       ├── mysql_secret.yml
    │   │       ├── mysql_service_jsonnet.yml
    │   │       └── mysql_secret_subvar.yml
    ├── test_cue
    │   └── module1
    │   │   ├── cue.mod
    │   │       └── module.cue
    │   │   └── main.cue
    ├── test_docker_compiled
    │   └── docker
    │   │   ├── jsonnet
    │   │       ├── Dockerfile.worker
    │   │       └── Dockerfile.web
    │   │   └── kadet
    │   │       ├── Dockerfile.worker
    │   │       └── Dockerfile.web
    ├── __init__.py
    └── test_terraform_compiled
    │   ├── project2
    │       ├── terraform
    │       │   ├── logging.tf.json
    │       │   └── provider.tf.json
    │       └── scripts
    │       │   ├── terraform.sh
    │       │   ├── init.sh
    │       │   ├── plan.sh
    │       │   ├── apply.sh
    │       │   └── update_output.sh
    │   ├── project3
    │       ├── terraform
    │       │   ├── iam.tf.json
    │       │   └── provider.tf.json
    │       └── scripts
    │       │   ├── terraform.sh
    │       │   ├── init.sh
    │       │   ├── plan.sh
    │       │   ├── apply.sh
    │       │   └── update_output.sh
    │   └── project1
    │       ├── scripts
    │           ├── terraform.sh
    │           ├── init.sh
    │           ├── plan.sh
    │           ├── apply.sh
    │           └── update_output.sh
    │       └── terraform
    │           ├── provider.tf.json
    │           └── output.tf.json
├── .markdownlintignore
├── MANIFEST.in
├── bin
    └── kapitan
├── compiled
    └── minikube-es
    │   └── script.sh
├── kapitan
    ├── refs
    │   ├── secrets
    │   │   └── __init__.py
    │   └── __init__.py
    ├── dependency_manager
    │   └── __init__.py
    ├── __main__.py
    └── version.py
├── .github
    ├── pull_request_template.md
    ├── ISSUE_TEMPLATE
    │   └── config.yml
    └── workflows
    │   └── housekeeping.yml
├── .markdownlint.yml
├── AUTHORS
├── .reuse
    └── dep5
├── overrides
    └── partials
    │   └── integrations
    │       └── analytics
    │           └── custom.html
└── .gitignore


/CNAME:
--------------------------------------------------------------------------------
1 | kapitan.dev
2 | 


--------------------------------------------------------------------------------
/docs/tags.md:
--------------------------------------------------------------------------------
1 | [TAGS]
2 | 


--------------------------------------------------------------------------------
/docs/CNAME:
--------------------------------------------------------------------------------
1 | kapitan.dev
2 | 


--------------------------------------------------------------------------------
/_config.yml:
--------------------------------------------------------------------------------
1 | markdown: kramdown
2 | 


--------------------------------------------------------------------------------
/docs/pages/blog/index.md:
--------------------------------------------------------------------------------
1 | # Blog
2 | 


--------------------------------------------------------------------------------
/examples/kubernetes/copy_target:
--------------------------------------------------------------------------------
1 | for_testing


--------------------------------------------------------------------------------
/tests/test_jsonnet/subfolder1/file1.txt:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/tests/test_jsonnet/file2.txt:
--------------------------------------------------------------------------------
1 | Nothing will come of nothing.


--------------------------------------------------------------------------------
/tests/test_jsonnet/subfolder2/file1.txt:
--------------------------------------------------------------------------------
1 | should't be loaded


--------------------------------------------------------------------------------
/tests/test_resources/templates/single_object.jsonnet:
--------------------------------------------------------------------------------
1 | 'test'


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/busybox/copy_target:
--------------------------------------------------------------------------------
1 | for_testing


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/copy_target:
--------------------------------------------------------------------------------
1 | for_testing


--------------------------------------------------------------------------------
/examples/kubernetes/templates/got.j2:
--------------------------------------------------------------------------------
1 | is dead {{ is_dead }}
2 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/busybox/copy_target:
--------------------------------------------------------------------------------
1 | for_testing


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/busybox/copy/copy_target:
--------------------------------------------------------------------------------
1 | for_testing


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/copy/copy_target:
--------------------------------------------------------------------------------
1 | for_testing


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/busybox/copy/copy_target:
--------------------------------------------------------------------------------
1 | for_testing


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/copy_target:
--------------------------------------------------------------------------------
1 | for_testing


--------------------------------------------------------------------------------
/tests/test_resources/compiled/single-object/single_object.json:
--------------------------------------------------------------------------------
1 | "test"


--------------------------------------------------------------------------------
/tests/test_resources/compiled/test-objects/single_object.json:
--------------------------------------------------------------------------------
1 | "test"


--------------------------------------------------------------------------------
/tests/test_resources/templates/list.jsonnet:
--------------------------------------------------------------------------------
1 | ['test','test2']
2 | 


--------------------------------------------------------------------------------
/tests/test_jsonnet/file1.txt:
--------------------------------------------------------------------------------
1 | To be, or not to be: that is the question


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/copy/copy_target:
--------------------------------------------------------------------------------
1 | for_testing


--------------------------------------------------------------------------------
/.markdownlintignore:
--------------------------------------------------------------------------------
1 | examples/
2 | tests/
3 | kapitan/
4 | PULL_REQUEST_TEMPLATE.md
5 | 


--------------------------------------------------------------------------------
/tests/test_resources/compiled/single-object/list.json:
--------------------------------------------------------------------------------
1 | [
2 |   "test",
3 |   "test2"
4 | ]


--------------------------------------------------------------------------------
/tests/test_resources/compiled/test-objects/list.json:
--------------------------------------------------------------------------------
1 | [
2 |   "test",
3 |   "test2"
4 | ]


--------------------------------------------------------------------------------
/tests/test_resources/compiled/test-objects/onekey.json:
--------------------------------------------------------------------------------
1 | "my_plainref is: I am a plain ref"


--------------------------------------------------------------------------------
/tests/test_resources/helm_values_files/prometheus/dev.yml:
--------------------------------------------------------------------------------
1 | server:
2 |   name: dev-server


--------------------------------------------------------------------------------
/tests/test_resources/helm_values_files/prometheus/prd.yml:
--------------------------------------------------------------------------------
1 | server:
2 |   name: prd-server


--------------------------------------------------------------------------------
/docs/images/demo.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/images/demo.gif


--------------------------------------------------------------------------------
/tests/test_resources/charts/nginx-ingress/ci/psp-values.yaml:
--------------------------------------------------------------------------------
1 | podSecurityPolicy:
2 |   enabled: true
3 | 


--------------------------------------------------------------------------------
/tests/test_resources/refs/my_plainref:
--------------------------------------------------------------------------------
1 | data: I am a plain ref
2 | encoding: original
3 | type: plain
4 | 


--------------------------------------------------------------------------------
/docs/adopters_logos/mw.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/mw.png


--------------------------------------------------------------------------------
/docs/adopters_logos/noon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/noon.png


--------------------------------------------------------------------------------
/docs/adopters_logos/vhsn.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/vhsn.png


--------------------------------------------------------------------------------
/docs/images/kapitan-demo.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/images/kapitan-demo.gif


--------------------------------------------------------------------------------
/docs/images/kapitan_logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/images/kapitan_logo.png


--------------------------------------------------------------------------------
/tests/test_resources/compiled/reveal-output/main.json:
--------------------------------------------------------------------------------
1 | "$?{gpg:targets/nginx-ingress/electionID:44da4b47}"


--------------------------------------------------------------------------------
/tests/test_resources/compiled/test-objects/string_component_plainref.json:
--------------------------------------------------------------------------------
1 | "my plainref is: I am a plain ref"


--------------------------------------------------------------------------------
/tests/test_resources/test_yaml_load.yaml:
--------------------------------------------------------------------------------
1 | test:
2 |   key: value
3 |   array:
4 |     - ele1
5 |     - ele2


--------------------------------------------------------------------------------
/docs/adopters_logos/flower.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/flower.png


--------------------------------------------------------------------------------
/tests/test_resources/compiled/jinja2-postfix-strip/stripped/stub.txt:
--------------------------------------------------------------------------------
1 | Is this a Jinja2 template?
2 |   Yes!
3 | 


--------------------------------------------------------------------------------
/tests/test_resources/compiled/test-objects/inner.json:
--------------------------------------------------------------------------------
1 | {
2 |   "data": "my_plainref is: I am a plain ref"
3 | }


--------------------------------------------------------------------------------
/docs/adopters_logos/airfund.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/airfund.png


--------------------------------------------------------------------------------
/docs/adopters_logos/nexenio.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/nexenio.png


--------------------------------------------------------------------------------
/docs/adopters_logos/phaidra.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/phaidra.png


--------------------------------------------------------------------------------
/docs/adopters_logos/synthace.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/synthace.png


--------------------------------------------------------------------------------
/docs/adopters_logos/ubisoft.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/ubisoft.png


--------------------------------------------------------------------------------
/docs/images/kapitan_overview.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/images/kapitan_overview.png


--------------------------------------------------------------------------------
/tests/test_resources/compiled/jinja2-postfix-strip/stripped-overridden/stub:
--------------------------------------------------------------------------------
1 | Is this a Jinja2 template?
2 |   Yes!
3 | 


--------------------------------------------------------------------------------
/tests/test_resources/compiled/jinja2-postfix-strip/unstripped/stub.txt.j2:
--------------------------------------------------------------------------------
1 | Is this a Jinja2 template?
2 |   Yes!
3 | 


--------------------------------------------------------------------------------
/tests/test_resources/templates/stub.txt.j2:
--------------------------------------------------------------------------------
1 | Is this a Jinja2 template?
2 | {% if True %}
3 |   Yes!
4 | {% endif %}
5 | 


--------------------------------------------------------------------------------
/docs/adopters_logos/ringcentral.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/ringcentral.png


--------------------------------------------------------------------------------
/docs/adopters_logos/skyscanner.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/skyscanner.png


--------------------------------------------------------------------------------
/docs/adopters_logos/softwareag.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/softwareag.png


--------------------------------------------------------------------------------
/tests/test_cue/module1/cue.mod/module.cue:
--------------------------------------------------------------------------------
1 | module: "com.example.module"
2 | language: {
3 | 	version: "v0.13.0"
4 | }
5 | 


--------------------------------------------------------------------------------
/MANIFEST.in:
--------------------------------------------------------------------------------
1 | include kapitan/lib/*.libjsonnet
2 | include requirements.txt
3 | recursive-include kapitan/inputs/templates *
4 | 


--------------------------------------------------------------------------------
/docs/adopters_logos/isomorphiclabs.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/isomorphiclabs.png


--------------------------------------------------------------------------------
/docs/adopters_logos/morganstanley.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kapicorp/kapitan/HEAD/docs/adopters_logos/morganstanley.png


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/classes/cluster/common.yml:
--------------------------------------------------------------------------------
1 | parameters:
2 |   kubectl:
3 |     insecure_skip_tls_verify: false
4 | 


--------------------------------------------------------------------------------
/tests/test_resources/compiled/toml-output/kadet-output/nested.toml:
--------------------------------------------------------------------------------
1 | [dictionary]
2 | foo = "bar"
3 | with_list = [ 1, 2, 3,]
4 | 


--------------------------------------------------------------------------------
/bin/kapitan:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | 
3 | BINPATH=`dirname $0`
4 | PYTHONPATH="$BINPATH/../:$PYTHONPATH" python3 -m kapitan $@
5 | 


--------------------------------------------------------------------------------
/tests/test_resources/compiled/toml-output/jsonnet-output/nested.toml:
--------------------------------------------------------------------------------
1 | [dictionary]
2 | foo = "bar"
3 | with_list = [ 1, 2, 3,]
4 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/templates/_podDisruptionBudget.tpl:
--------------------------------------------------------------------------------
1 | {{- define "podDisruptionBudget.spec" }}
2 |   minAvailable: 1
3 | {{- end }}
4 | 


--------------------------------------------------------------------------------
/examples/docker/compiled/docker/jsonnet/Dockerfile.worker:
--------------------------------------------------------------------------------
1 | FROM amazoncorretto:8
2 | COPY target/blah.jar /app/blah.jar
3 | ENTRYPOINT ["java", "-jar", "/app/blah.jar"]


--------------------------------------------------------------------------------
/examples/docker/compiled/docker/kadet/Dockerfile.worker:
--------------------------------------------------------------------------------
1 | FROM amazoncorretto:8
2 | COPY target/blah.jar /app/blah.jar
3 | ENTRYPOINT ["java", "-jar", "/app/blah.jar"]


--------------------------------------------------------------------------------
/tests/test_docker_compiled/docker/jsonnet/Dockerfile.worker:
--------------------------------------------------------------------------------
1 | FROM amazoncorretto:8
2 | COPY target/blah.jar /app/blah.jar
3 | ENTRYPOINT ["java", "-jar", "/app/blah.jar"]


--------------------------------------------------------------------------------
/tests/test_docker_compiled/docker/kadet/Dockerfile.worker:
--------------------------------------------------------------------------------
1 | FROM amazoncorretto:8
2 | COPY target/blah.jar /app/blah.jar
3 | ENTRYPOINT ["java", "-jar", "/app/blah.jar"]


--------------------------------------------------------------------------------
/tests/test_resources/script.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | 
3 | set -ex
4 | 
5 | compile_dir=$1
6 | 
7 | echo "This is going into a file" > "${compile_dir}/${FILE_NAME}"


--------------------------------------------------------------------------------
/compiled/minikube-es/script.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | 
3 | set -ex
4 | 
5 | compile_dir=$1
6 | 
7 | echo "This is going into a file" > "${compile_dir}/${FILE_NAME}"
8 | 


--------------------------------------------------------------------------------
/kapitan/refs/secrets/__init__.py:
--------------------------------------------------------------------------------
1 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
2 | #
3 | # SPDX-License-Identifier: Apache-2.0
4 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/targets/labels.yml:
--------------------------------------------------------------------------------
1 | classes:
2 |   - common
3 |   - component.namespace
4 |   - component.labels
5 | 
6 | parameters:
7 |   target_name: labels
8 | 


--------------------------------------------------------------------------------
/kapitan/dependency_manager/__init__.py:
--------------------------------------------------------------------------------
1 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
2 | #
3 | # SPDX-License-Identifier: Apache-2.0
4 | 


--------------------------------------------------------------------------------
/.github/pull_request_template.md:
--------------------------------------------------------------------------------
 1 | Fixes #
 2 | 
 3 | ## Proposed Changes
 4 | 
 5 | *
 6 | 
 7 | ## Docs and Tests
 8 | 
 9 | * [ ] Tests added
10 | * [ ] Updated documentation
11 | 


--------------------------------------------------------------------------------
/examples/docker/compiled/docker/jsonnet/Dockerfile.web:
--------------------------------------------------------------------------------
1 | FROM amazoncorretto:11
2 | COPY target/blah.jar /app/blah.jar
3 | EXPOSE ${PORT}
4 | ENTRYPOINT ["java", "-jar", "/app/blah.jar"]


--------------------------------------------------------------------------------
/examples/docker/compiled/docker/kadet/Dockerfile.web:
--------------------------------------------------------------------------------
1 | FROM amazoncorretto:11
2 | COPY target/blah.jar /app/blah.jar
3 | EXPOSE ${PORT}
4 | ENTRYPOINT ["java", "-jar", "/app/blah.jar"]


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/targets/busybox.yml:
--------------------------------------------------------------------------------
1 | classes: 
2 |   - common
3 |   - component.namespace
4 |   - component.busybox
5 | 
6 | parameters:
7 |   target_name: busybox
8 | 


--------------------------------------------------------------------------------
/tests/test_docker_compiled/docker/kadet/Dockerfile.web:
--------------------------------------------------------------------------------
1 | FROM amazoncorretto:11
2 | COPY target/blah.jar /app/blah.jar
3 | EXPOSE ${PORT}
4 | ENTRYPOINT ["java", "-jar", "/app/blah.jar"]


--------------------------------------------------------------------------------
/examples/kubernetes/refs/targets/all-glob/mysql/password:
--------------------------------------------------------------------------------
1 | data: VVV0QlRWSjBia3hTTFdnMFZWaGFhMGN3VDFCMWNWQnJlak5IZFVWSFlUTjBSR1ZSVGxsc1pGRjBVUT09
2 | encoding: base64
3 | type: base64
4 | 


--------------------------------------------------------------------------------
/tests/test_docker_compiled/docker/jsonnet/Dockerfile.web:
--------------------------------------------------------------------------------
1 | FROM amazoncorretto:11
2 | COPY target/blah.jar /app/blah.jar
3 | EXPOSE ${PORT}
4 | ENTRYPOINT ["java", "-jar", "/app/blah.jar"]


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   name: istio-multi
5 |   namespace: {{ .Release.Namespace }}
6 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/nginx-ingress/OWNERS:
--------------------------------------------------------------------------------
1 | approvers:
2 | - jackzampolin
3 | - mgoodness
4 | - ChiefAlexander
5 | reviewers:
6 | - jackzampolin
7 | - mgoodness
8 | - ChiefAlexander
9 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/charts/kube-state-metrics/OWNERS:
--------------------------------------------------------------------------------
1 | approvers:
2 | - fiunchinho
3 | - tariq1890
4 | - mrueg
5 | reviewers:
6 | - fiunchinho
7 | - tariq1890
8 | - mrueg
9 | 


--------------------------------------------------------------------------------
/tests/test_resources/components/input-to-output/main.jsonnet:
--------------------------------------------------------------------------------
1 | local kap = import "lib/kapitan.libjsonnet";
2 | local inventory = kap.inventory();
3 | local p = inventory.parameters;
4 | 
5 | p.input
6 | 


--------------------------------------------------------------------------------
/tests/test_resources/inventory/targets/monitoring-dev.yml:
--------------------------------------------------------------------------------
1 | classes:
2 |   - component.monitoring
3 | 
4 | parameters:
5 |   kapitan:
6 |     vars:
7 |       target: monitoring-dev
8 |       env: dev
9 | 


--------------------------------------------------------------------------------
/tests/test_resources/inventory/targets/monitoring-prd.yml:
--------------------------------------------------------------------------------
1 | classes:
2 |   - component.monitoring
3 | 
4 | parameters:
5 |   kapitan:
6 |     vars:
7 |       target: monitoring-prd
8 |       env: prd
9 | 


--------------------------------------------------------------------------------
/tests/test_resources/kadet_functions/fail_compile/__init__.py:
--------------------------------------------------------------------------------
1 | from kapitan.inputs import kadet
2 | 
3 | 
4 | def main(input_params):
5 |     raise ValueError("This function will fail to compile")
6 | 


--------------------------------------------------------------------------------
/examples/docker/templates/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM {{image}}
2 | COPY target/blah.jar /app/blah.jar
3 | {% if 'web' == name %}
4 | EXPOSE ${PORT}
5 | {% endif %}
6 | ENTRYPOINT ["java", "-jar", "/app/blah.jar"]
7 | 


--------------------------------------------------------------------------------
/tests/test_cue/module1/main.cue:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | input: {
 4 | 	numerator:   int
 5 | 	denominator: int & !=0
 6 | }
 7 | 
 8 | output: {
 9 | 	result: input.numerator / input.denominator
10 | }
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/classes/jsonnet-env.yml:
--------------------------------------------------------------------------------
 1 | applications:
 2 |   - a
 3 |   - b
 4 |   - c
 5 | 
 6 | classes:
 7 |   - common
 8 | 
 9 | parameters:
10 |   a: aaaaa
11 |   b: bbbbb
12 |   c: ccccc
13 | 


--------------------------------------------------------------------------------
/examples/terraform/inventory/classes/env/develop.yml:
--------------------------------------------------------------------------------
1 | classes:
2 |   - provider.gcp
3 | 
4 | # Class automatically applied to all targets inside folder inventory/target/dev
5 | 
6 | parameters:
7 |   env: dev
8 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/grafana/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | description: A Helm chart for Kubernetes
3 | name: grafana
4 | version: 1.2.5
5 | appVersion: 1.2.5
6 | tillerVersion: ">=2.7.2"
7 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/tracing/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | description: A Helm chart for Kubernetes
3 | name: tracing
4 | version: 1.2.5
5 | appVersion: 1.5.1
6 | tillerVersion: ">=2.7.2"
7 | 


--------------------------------------------------------------------------------
/examples/kubernetes/Makefile:
--------------------------------------------------------------------------------
 1 | all: compile status
 2 | 
 3 | .PHONY: compile
 4 | compile:
 5 | 	@echo compiling kapitan templates...
 6 | 	kapitan compile
 7 | 
 8 | .PHONY: status
 9 | status:
10 | 	git status
11 | 


--------------------------------------------------------------------------------
/examples/terraform/inventory/classes/env/sandbox.yml:
--------------------------------------------------------------------------------
1 | classes:
2 |   - provider.gcp
3 | 
4 | # Class automatically applied to all targets inside folder inventory/target/sandbox
5 | 
6 | parameters:
7 |   env: sandbox


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/prometheus/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | description: A Helm chart for Kubernetes
3 | name: prometheus
4 | version: 1.2.5
5 | appVersion: 2.8.0
6 | tillerVersion: ">=2.7.2"
7 | 


--------------------------------------------------------------------------------
/tests/test_resources/test_yaml_load_stream.yaml:
--------------------------------------------------------------------------------
 1 | ---
 2 | test1:
 3 |   key: value
 4 |   array:
 5 |     - ele1
 6 |     - ele2
 7 | ---
 8 | test2:
 9 |   key: value
10 |   array:
11 |     - ele1
12 |     - ele2
13 | 


--------------------------------------------------------------------------------
/.markdownlint.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | default: true
 3 | MD013:
 4 |   line_length: 600
 5 | MD024:
 6 |   siblings_only: true
 7 | MD033:
 8 |   allowed_elements:
 9 |     - "img"
10 | no-hard-tabs: false
11 | whitespace: false
12 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/certmanager/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | description: A Helm chart for Kubernetes
3 | name: certmanager
4 | version: 1.2.5
5 | appVersion: 0.6.2
6 | tillerVersion: ">=2.7.2"
7 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/labels/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: labels
9 | 


--------------------------------------------------------------------------------
/tests/__init__.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python3
2 | 
3 | # Copyright 2019 The Kapitan Authors
4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
5 | #
6 | # SPDX-License-Identifier: Apache-2.0
7 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/all-glob/manifests/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: all-glob
9 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/all-glob/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: all-glob
9 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/busybox/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: busybox
9 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-helm/README.md:
--------------------------------------------------------------------------------
1 | 
2 | # Welcome to the README!
3 | 
4 | Target *minikube-nginx-helm* is running:
5 | 
6 | * 2 replicas of *nginx* running nginx image nginx:1:15.8
7 | * on cluster minikube


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-kadet/README.md:
--------------------------------------------------------------------------------
1 | 
2 | # Welcome to the README!
3 | 
4 | Target *minikube-nginx-kadet* is running:
5 | 
6 | * 2 replicas of *nginx* running nginx image nginx:1:15.8
7 | * on cluster minikube


--------------------------------------------------------------------------------
/examples/kubernetes/refs/targets/all-glob/mysql/password_sha256:
--------------------------------------------------------------------------------
1 | data: TURGbE5EQXpNR1V3TXpnNFltRTNaRGt6Tm1Oa1pXWmlNV0prWWpJeE5qZGhZV1ExTnpGak16VmlaR0V6WmprMFlUaGlOV1ZrTWpZMll6Z3hPVGc1WlE9PQ==
2 | encoding: base64
3 | type: base64
4 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/all-glob/manifests/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: all-glob
9 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/busybox/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: busybox
9 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/labels/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: labels
9 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-helm/README.md:
--------------------------------------------------------------------------------
1 | 
2 | # Welcome to the README!
3 | 
4 | Target *minikube-nginx-helm* is running:
5 | 
6 | * 2 replicas of *nginx* running nginx image nginx:1:15.8
7 | * on cluster minikube


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-kadet/README.md:
--------------------------------------------------------------------------------
1 | 
2 | # Welcome to the README!
3 | 
4 | Target *minikube-nginx-kadet* is running:
5 | 
6 | * 2 replicas of *nginx* running nginx image nginx:1:15.8
7 | * on cluster minikube


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: minikube-es
9 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-jsonnet/README.md:
--------------------------------------------------------------------------------
1 | 
2 | # Welcome to the README!
3 | 
4 | Target *minikube-nginx-jsonnet* is running:
5 | 
6 | * 1 replicas of *nginx* running nginx image nginx:1:15.8
7 | * on cluster minikube


--------------------------------------------------------------------------------
/examples/kubernetes/lib/custom_jinja2_filter.py:
--------------------------------------------------------------------------------
1 | import base64
2 | 
3 | 
4 | def custom_jinja2_filter(string):
5 |     """encodes a string using base64 schema"""
6 |     return base64.b64encode(string.encode("UTF-8")).decode("UTF-8")
7 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/all-glob/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: all-glob
9 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-jsonnet/README.md:
--------------------------------------------------------------------------------
1 | 
2 | # Welcome to the README!
3 | 
4 | Target *minikube-nginx-jsonnet* is running:
5 | 
6 | * 1 replicas of *nginx* running nginx image nginx:1:15.8
7 | * on cluster minikube


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/busybox/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: busybox
 7 |   name: busybox
 8 |   namespace: busybox
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/labels/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: labels
 7 |   name: labels
 8 |   namespace: labels
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/lib/kubelib/service.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: SERVICE_NAME
 5 |   namespace: NAMESPACE
 6 |   labels: {}
 7 | spec:
 8 |   ports: {}
 9 |   selector: {}
10 |   type: NodePort
11 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/labels/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: labels
 7 |   name: labels
 8 |   namespace: labels
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: minikube-es
9 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/all-glob/manifests/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: all-glob
 7 |   name: all-glob
 8 |   namespace: all-glob
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/all-glob/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: all-glob
 7 |   name: all-glob
 8 |   namespace: all-glob
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-mysql/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: minikube-mysql
9 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/all-glob/manifests/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: all-glob
 7 |   name: all-glob
 8 |   namespace: all-glob
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/busybox/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: busybox
 7 |   name: busybox
 8 |   namespace: busybox
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-mysql/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: minikube-mysql
9 | 


--------------------------------------------------------------------------------
/examples/kubernetes/templates/labels.j2:
--------------------------------------------------------------------------------
1 | {% macro common(component) -%}
2 | app.kubernetes.io/name: {{ component.name }}
3 | app.kubernetes.io/version: {{ component.version }}
4 | app.kubernetes.io/managed-by: {{ managed_by }}
5 | {%- endmacro %}
6 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/all-glob/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: all-glob
 7 |   name: all-glob
 8 |   namespace: all-glob
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/tests/test_resources/inventory/targets/minikube-mysql.yml:
--------------------------------------------------------------------------------
 1 | classes:
 2 |   - common
 3 |   - component.mysql
 4 | 
 5 | parameters:
 6 |   target_name: minikube-mysql
 7 | 
 8 |   mysql:
 9 |     instance_name: example-mysql
10 |     replicas: 1
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: minikube-nginx-kadet
9 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-kadet/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: minikube-nginx-kadet
9 | 


--------------------------------------------------------------------------------
/tests/test_resources/inventory/targets/istio.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   kapitan:
 3 |     vars:
 4 |       target: istio
 5 |     compile:
 6 |       - input_type: helm
 7 |         output_path: .
 8 |         input_paths:
 9 |           - charts/istio
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: minikube-es
 7 |   name: minikube-es
 8 |   namespace: minikube-es
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: minikube-nginx-jsonnet
9 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/targets/minikube-mysql.yml:
--------------------------------------------------------------------------------
 1 | classes:
 2 |   - common
 3 |   - cluster.minikube
 4 |   - component.namespace
 5 |   - component.mysql
 6 | 
 7 | parameters:
 8 |   mysql:
 9 |     instance_name: example-mysql
10 |     replicas: 1
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/refs/targets/all-glob/mysql/subvars:
--------------------------------------------------------------------------------
1 | data: dmFyMToKICBwYXNzd29yZDogb2xhb2xhCnZhcjI6CiAgcGFzc3dvcmRfc2hhMjU2OiA1YjA1OGU0ZDZlM2I0YThhZDM5ZjBkNWFhMTdhOTk0YjA5ZGI4ZjAzMmYwM2MzMjIyYjJmNTk3YWRjNGJkNTJhCgo=
2 | encoding: original
3 | type: base64
4 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: minikube-es
 7 |   name: minikube-es
 8 |   namespace: minikube-es
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-jsonnet/pre-deploy/10_serviceaccount.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   annotations: {}
5 |   labels:
6 |     name: default
7 |   name: default
8 |   namespace: minikube-nginx-jsonnet
9 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/istiocoredns/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | description: Istio CoreDNS provides DNS resolution for services in multicluster setups.
3 | name: istiocoredns
4 | version: 1.2.5
5 | appVersion: 0.1
6 | tillerVersion: ">=2.7.2"
7 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-mysql/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: minikube-mysql
 7 |   name: minikube-mysql
 8 |   namespace: minikube-mysql
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/components/nginx-jsonnet/main.jsonnet:
--------------------------------------------------------------------------------
1 | local svc = import "./service.jsonnet";
2 | local deployment = import "./deployment.jsonnet";
3 | 
4 | 
5 | {
6 |     "app-service": svc.nginx_svc,
7 |     "app-deployment": deployment.nginx_deployment,
8 | }
9 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-mysql/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: minikube-mysql
 7 |   name: minikube-mysql
 8 |   namespace: minikube-mysql
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/requirements.yaml:
--------------------------------------------------------------------------------
1 | dependencies:
2 | 
3 |   - name: kube-state-metrics
4 |     version: "2.7.*"
5 |     repository: https://github.com/BurdenBear/kube-charts-mirror/raw/master/docs/
6 |     condition: kubeStateMetrics.enabled
7 | 
8 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-default-values.yaml:
--------------------------------------------------------------------------------
1 | # Left blank to test default values
2 | controller:
3 |   image:
4 |     repository: ingress-controller/controller
5 |     tag: 1.0.0-dev
6 |     digest: null
7 |   service:
8 |     type: ClusterIP
9 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/controller-custom-ingressclass-flags.yaml:
--------------------------------------------------------------------------------
1 | controller:
2 |   watchIngressWithoutClass: true
3 |   ingressClassResource:
4 |     name: custom-nginx
5 |     enabled: true
6 |     default: true
7 |     controllerValue: "k8s.io/custom-nginx"
8 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/kiali/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | description: Kiali is an open source project for service mesh observability, refer to https://www.kiali.io for details.
3 | name: kiali
4 | version: 1.2.5
5 | appVersion: 0.20
6 | tillerVersion: ">=2.7.2"
7 | 


--------------------------------------------------------------------------------
/tests/test_resources/inventory/targets/test-objects.yml:
--------------------------------------------------------------------------------
 1 | classes:
 2 |   - test-objects
 3 | 
 4 | parameters:
 5 |   my_plainref: ?{plain:my_plainref}
 6 |   target_name: test-objects
 7 |   kapitan:
 8 |     vars:
 9 |       target: ${target_name}
10 |       namespace: ${target_name}


--------------------------------------------------------------------------------
/examples/docker/components/jsonnet/jsonnet.jsonnet:
--------------------------------------------------------------------------------
1 | local kap = import "lib/kapitan.libjsonnet";
2 | local inventory = kap.inventory();
3 | 
4 | {
5 |   ['Dockerfile.' + file.name]: kap.jinja2_template("templates/Dockerfile", file)
6 |   for file in inventory.parameters.dockerfiles
7 | }
8 | 


--------------------------------------------------------------------------------
/examples/docker/inventory/targets/docker.yml:
--------------------------------------------------------------------------------
 1 | classes:
 2 |   - dockerfiles
 3 | parameters:
 4 |   kapitan:
 5 |     vars:
 6 |       target: docker
 7 |   dockerfiles:
 8 |     - name: web
 9 |       image: amazoncorretto:11
10 |     - name: worker
11 |       image: amazoncorretto:8
12 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-psp-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   service:
 7 |     type: ClusterIP
 8 | 
 9 | podSecurityPolicy:
10 |   enabled: true
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-webhook-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   admissionWebhooks:
 7 |     enabled: true
 8 |   service:
 9 |     type: ClusterIP
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/scripts/setup_cluster.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | 
 9 | 
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-nodeport-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   admissionWebhooks:
 7 |     enabled: false
 8 |   service:
 9 |     type: NodePort
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-mysql/scripts/setup_cluster.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | 
 9 | 
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-kadet/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: minikube-nginx-kadet
 7 |   name: minikube-nginx-kadet
 8 |   namespace: minikube-nginx-kadet
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/docs/nginx/README.md:
--------------------------------------------------------------------------------
1 | {% set i = inventory.parameters %}
2 | 
3 | # Welcome to the README!
4 | 
5 | Target *{{ i.target_name }}* is running:
6 | 
7 | * {{ i.nginx.replicas }} replicas of *nginx* running nginx image {{ i.nginx.image }}
8 | * on cluster {{ i.cluster.name }}
9 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/scripts/setup_cluster.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | 
 9 | 
10 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-mysql/scripts/setup_cluster.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | 
 9 | 
10 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-kadet/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: minikube-nginx-kadet
 7 |   name: minikube-nginx-kadet
 8 |   namespace: minikube-nginx-kadet
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/example-values/README.md:
--------------------------------------------------------------------------------
1 | # Example Values
2 | 
3 | These files provide various example values for different Istio setups.
4 | 
5 | To use them, [read the docs](https://istio.io/docs/setup/kubernetes/helm-install/) and add the flag `--values example-file.yaml`.
6 | 


--------------------------------------------------------------------------------
/tests/test_resources/templates/string_component_plainref.jsonnet:
--------------------------------------------------------------------------------
1 | // cover https://github.com/kapicorp/kapitan/issues/434
2 | local kap = import "lib/kapitan.libjsonnet";
3 | local inventory = kap.inventory();
4 | local p = inventory.parameters;
5 | 
6 | 'my plainref is: ' + p.my_plainref
7 | 
8 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-jsonnet/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: minikube-nginx-jsonnet
 7 |   name: minikube-nginx-jsonnet
 8 |   namespace: minikube-nginx-jsonnet
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/targets/minikube-es.yml:
--------------------------------------------------------------------------------
 1 | classes:
 2 |   - common
 3 |   - cluster.minikube
 4 |   - component.namespace
 5 |   - component.elasticsearch
 6 |   - component.busybox
 7 | 
 8 | parameters:
 9 |   target_name: minikube-es
10 | 
11 |   elasticsearch:
12 |     replicas: 2
13 | 


--------------------------------------------------------------------------------
/examples/kubernetes/lib/kubelib/deployment.yml:
--------------------------------------------------------------------------------
 1 | kind: Deployment
 2 | metadata:
 3 |   name: DEPLOYMENT_NAME
 4 |   namespace: NAMESPACE
 5 | spec:
 6 |   replicas: 1
 7 |   revisionHistoryLimit: 10
 8 |   template:
 9 |     metadata:
10 |       labels: {}
11 |     spec:
12 |       containers: []
13 | 


--------------------------------------------------------------------------------
/kapitan/__main__.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python3
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | from kapitan import cli
 9 | 
10 | 
11 | cli.main()
12 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-jsonnet/pre-deploy/00_namespace.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Namespace
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: minikube-nginx-jsonnet
 7 |   name: minikube-nginx-jsonnet
 8 |   namespace: minikube-nginx-jsonnet
 9 | spec: {}
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/OWNERS:
--------------------------------------------------------------------------------
 1 | # See the OWNERS docs: https://github.com/kubernetes/community/blob/master/contributors/guide/owners.md
 2 | 
 3 | approvers:
 4 | - ingress-nginx-helm-maintainers
 5 | 
 6 | reviewers:
 7 | - ingress-nginx-helm-reviewers
 8 | 
 9 | labels:
10 | - area/helm
11 | 


--------------------------------------------------------------------------------
/docs/FAQ.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | comments: true
 3 | ---
 4 | # :kapitan-logo: FAQ
 5 | 
 6 | ## Why do I need **Kapitan**?
 7 | 
 8 | See [Why do I need **Kapitan**?](pages/blog/posts/2022-12-04.md#why-do-i-need-kapitan)
 9 | 
10 | ## Ask your question
11 | 
12 | Please use the comments facility below to ask your question
13 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/daemonset-nodeport-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: false
 9 |   service:
10 |     type: NodePort
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deamonset-default-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: false
 9 |   service:
10 |     type: ClusterIP
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deamonset-webhook-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: true
 9 |   service:
10 |     type: ClusterIP
11 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/certmanager/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | certmanager has been deployed successfully!
2 | 
3 | More information on the different types of issuers and how to configure them
4 | can be found in our documentation:
5 | 
6 | https://cert-manager.readthedocs.io/en/latest/reference/issuers.html


--------------------------------------------------------------------------------
/tests/test_resources/templates/onekey_component_plainref.jsonnet:
--------------------------------------------------------------------------------
1 | // cover https://github.com/kapicorp/kapitan/issues/434
2 | local kap = import "lib/kapitan.libjsonnet";
3 | local inventory = kap.inventory();
4 | local p = inventory.parameters;
5 | 
6 | {
7 |   onekey: 'my_plainref is: ' + p.my_plainref,
8 | }
9 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/daemonset-extra-modules.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |   service:
 7 |     type: ClusterIP
 8 |   extraModules:
 9 |     - name: opentelemetry
10 |       image: busybox
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-extra-modules.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   service:
 7 |     type: ClusterIP
 8 |   extraModules:
 9 |     - name: opentelemetry
10 |       image: busybox
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-tcp-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   service:
 7 |     type: ClusterIP
 8 | 
 9 | tcp:
10 |   9000: "default/test:8080"
11 |   9001: "default/test:8080"
12 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/classes/component/namespace.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   namespace: ${target_name}
 3 |   kapitan:
 4 |     compile:
 5 |     - output_path: pre-deploy
 6 |       input_type: jsonnet
 7 |       output_type: yml
 8 |       input_paths:
 9 |         - components/namespace/main.jsonnet
10 | 
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-metrics-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   admissionWebhooks:
 7 |     enabled: false
 8 |   metrics:
 9 |     enabled: true
10 |   service:
11 |     type: ClusterIP
12 | 


--------------------------------------------------------------------------------
/tests/test_resources/inventory/targets/acs-engine-autoscaler.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   kapitan:
 3 |     vars:
 4 |       target: acs-engine-autoscaler
 5 |       namespace: temp
 6 |     compile:
 7 |       - output_path: .
 8 |         input_type: helm
 9 |         input_paths:
10 |           - charts/acs-engine-autoscaler
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/components/jsonnet_callbacks_test/main.jsonnet:
--------------------------------------------------------------------------------
1 | local kube = import "lib/kube.libjsonnet";
2 | local kap = import "lib/kapitan.libjsonnet";
3 | local inventory = kap.inventory();
4 | local p = inventory.parameters;
5 | 
6 | {
7 |     "01_yaml_load": {json_str: kap.yaml_load("components/busybox/pod.yml")},
8 | }
9 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-autoscaling-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   autoscaling:
 7 |     enabled: true
 8 |   admissionWebhooks:
 9 |     enabled: false
10 |   service:
11 |     type: ClusterIP
12 | 


--------------------------------------------------------------------------------
/examples/kubernetes/refs/subvars.yml:
--------------------------------------------------------------------------------
1 | # This file is here as an example of how a multiline secret would look like in raw form.
2 | var1:
3 |   password: X0pNcTlTWXhXNXpmbHJITURtcElLaUtfLWJrc3FNeFZERTFudi1mTEVKNA==
4 | 
5 | var2:
6 |   password_sha256: NWIwNThlNGQ2ZTNiNGE4YWQzOWYwZDVhYTE3YTk5NGIwOWRiOGYwMzJmMDNjMzIyMmIyZjU5N2FkYzRiZDUyYQ==
7 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/requirements.lock:
--------------------------------------------------------------------------------
1 | dependencies:
2 | - name: kube-state-metrics
3 |   repository: https://github.com/BurdenBear/kube-charts-mirror/raw/master/docs/
4 |   version: 2.7.2
5 | digest: sha256:695d0dbc2db8bccf5672145697546891da60ff12fbdb4f1bfc02459f4b755e4c
6 | generated: 2020-06-04T01:58:21.145963539Z
7 | 


--------------------------------------------------------------------------------
/AUTHORS:
--------------------------------------------------------------------------------
1 | # This is the list of Kapitan authors for copyright purposes.
2 | #
3 | # This does not necessarily list everyone who has contributed code, since in
4 | # some cases, their employer may be the copyright holder.  To see the full list
5 | # of contributors, see the revision history in source control.
6 | 
7 | DeepMind Technologies Ltd.
8 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/all-glob/manifests/01_yaml_load.yml:
--------------------------------------------------------------------------------
1 | json_str: '{"apiVersion": "v1", "kind": "Pod", "metadata": {"name": "busybox", "namespace":
2 |   "default"}, "spec": {"containers": [{"image": "busybox", "command": ["sleep", "3600"],
3 |   "imagePullPolicy": "IfNotPresent", "name": "busybox"}], "restartPolicy": "Always"}}'
4 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/classes/component/nginx-kadet.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   nginx:
 3 |     replicas: 2
 4 |   kapitan:
 5 |     compile:
 6 |     - output_path: manifests
 7 |       input_type: kadet
 8 |       output_type: yml
 9 |       input_paths:
10 |         - components/nginx-kadet/
11 |     labels:
12 |       type: kadet
13 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/targets/minikube-nginx-helm.yml:
--------------------------------------------------------------------------------
 1 | classes:
 2 |   - common
 3 |   - cluster.minikube
 4 |   - component.nginx-helm
 5 |   - component.nginx-common
 6 | 
 7 | parameters:
 8 | # These parameters are redundand because automatically set by `common`
 9 | ## target_name: minikube-nginx-helm
10 | ## namespace: ${target_name}


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/all-glob/manifests/01_yaml_load.yml:
--------------------------------------------------------------------------------
1 | json_str: '{"apiVersion": "v1", "kind": "Pod", "metadata": {"name": "busybox", "namespace":
2 |   "default"}, "spec": {"containers": [{"image": "busybox", "command": ["sleep", "3600"],
3 |   "imagePullPolicy": "IfNotPresent", "name": "busybox"}], "restartPolicy": "Always"}}'
4 | 


--------------------------------------------------------------------------------
/tests/test_resources/compiled/minikube-mysql/manifests/mysql_secret.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | data:
 3 |   MYSQL_ROOT_PASSWORD: ?{gpg:mysql/root/password:7f90b2db}
 4 | kind: Secret
 5 | metadata:
 6 |   annotations: {}
 7 |   labels:
 8 |     name: example-mysql
 9 |   name: example-mysql
10 |   namespace: minikube-mysql
11 | type: Opaque
12 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-webhook-and-psp-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   admissionWebhooks:
 7 |     enabled: true
 8 |   service:
 9 |     type: ClusterIP
10 | 
11 | podSecurityPolicy:
12 |   enabled: true
13 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-webhook-extraEnvs-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   service:
 3 |     type: ClusterIP
 4 |   admissionWebhooks:
 5 |     enabled: true
 6 |     extraEnvs:
 7 |       - name: FOO
 8 |         value: foo
 9 |       - name: TEST
10 |         value: test
11 |     patch:
12 |       enabled: true
13 | 


--------------------------------------------------------------------------------
/tests/test_resources/templates/simple_component_plainref.jsonnet:
--------------------------------------------------------------------------------
 1 | // cover https://github.com/kapicorp/kapitan/issues/434
 2 | local kap = import "lib/kapitan.libjsonnet";
 3 | local inventory = kap.inventory();
 4 | local p = inventory.parameters;
 5 | 
 6 | {
 7 |   inner: {
 8 |      data: 'my_plainref is: ' + p.my_plainref,
 9 |   }
10 | }
11 | 


--------------------------------------------------------------------------------
/.reuse/dep5:
--------------------------------------------------------------------------------
 1 | Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 2 | Upstream-Name: Kapitan
 3 | Upstream-Contact: The Kapitan Authors <kapitan-admins@googlegroups.com>
 4 | Source: kapitan.dev
 5 | 
 6 | # Sample paragraph, commented out:
 7 | #
 8 | # Files: src/*
 9 | # Copyright: $YEAR $NAME <$CONTACT>
10 | # License: ...
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deamonset-metrics-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: false
 9 |   metrics:
10 |     enabled: true
11 |   service:
12 |     type: ClusterIP
13 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/templates/dh-param-secret.yaml:
--------------------------------------------------------------------------------
 1 | {{- with .Values.dhParam -}}
 2 | apiVersion: v1
 3 | kind: Secret
 4 | metadata:
 5 |   name: {{ include "ingress-nginx.controller.fullname" $ }}
 6 |   labels:
 7 |     {{- include "ingress-nginx.labels" $ | nindent 4 }}
 8 | data:
 9 |   dhparam.pem: {{ . }}
10 | {{- end }}
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/components/busybox/pod.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Pod
 3 | metadata:
 4 |   name: busybox
 5 |   namespace: default
 6 | spec:
 7 |   containers:
 8 |     - image: busybox
 9 |       command:
10 |         - sleep
11 |         - "3600"
12 |       imagePullPolicy: IfNotPresent
13 |       name: busybox
14 |   restartPolicy: Always
15 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deamonset-psp-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: false
 9 |   service:
10 |     type: ClusterIP
11 | 
12 | podSecurityPolicy:
13 |   enabled: true
14 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/busybox/copy/pod.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Pod
 3 | metadata:
 4 |   name: busybox
 5 |   namespace: default
 6 | spec:
 7 |   containers:
 8 |     - image: busybox
 9 |       command:
10 |         - sleep
11 |         - "3600"
12 |       imagePullPolicy: IfNotPresent
13 |       name: busybox
14 |   restartPolicy: Always
15 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/busybox/copy/pod.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Pod
 3 | metadata:
 4 |   name: busybox
 5 |   namespace: default
 6 | spec:
 7 |   containers:
 8 |     - image: busybox
 9 |       command:
10 |         - sleep
11 |         - "3600"
12 |       imagePullPolicy: IfNotPresent
13 |       name: busybox
14 |   restartPolicy: Always
15 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/copy/pod.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Pod
 3 | metadata:
 4 |   name: busybox
 5 |   namespace: default
 6 | spec:
 7 |   containers:
 8 |     - image: busybox
 9 |       command:
10 |         - sleep
11 |         - "3600"
12 |       imagePullPolicy: IfNotPresent
13 |       name: busybox
14 |   restartPolicy: Always
15 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/scripts/delete.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | DIR=$(dirname ${BASH_SOURCE[0]})
 9 | 
10 | ${DIR}/kubectl.sh delete -f ${DIR}/../manifests


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-mysql/scripts/delete.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | DIR=$(dirname ${BASH_SOURCE[0]})
 9 | 
10 | ${DIR}/kubectl.sh delete -f ${DIR}/../manifests


--------------------------------------------------------------------------------
/examples/kubernetes/components/namespace/main.jsonnet:
--------------------------------------------------------------------------------
 1 | local kube = import "lib/kube.libjsonnet";
 2 | local kap = import "lib/kapitan.libjsonnet";
 3 | local inventory = kap.inventory();
 4 | local p = inventory.parameters;
 5 | 
 6 | {
 7 |     "00_namespace": kube.Namespace(p.namespace),
 8 |     "10_serviceaccount": kube.ServiceAccount("default")
 9 | }
10 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/copy/pod.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Pod
 3 | metadata:
 4 |   name: busybox
 5 |   namespace: default
 6 | spec:
 7 |   containers:
 8 |     - image: busybox
 9 |       command:
10 |         - sleep
11 |         - "3600"
12 |       imagePullPolicy: IfNotPresent
13 |       name: busybox
14 |   restartPolicy: Always
15 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/scripts/delete.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | DIR=$(dirname ${BASH_SOURCE[0]})
 9 | 
10 | ${DIR}/kubectl.sh delete -f ${DIR}/../manifests


--------------------------------------------------------------------------------
/tests/test_resources/compiled/jinja2-input-params/test-1/pod.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Pod
 3 | metadata:
 4 |   name: test1
 5 |   namespace: ns1
 6 | spec:
 7 |   containers:
 8 |     - image: busybox
 9 |       command:
10 |         - sleep
11 |         - "3600"
12 |       imagePullPolicy: IfNotPresent
13 |       name: busybox
14 |   restartPolicy: Always


--------------------------------------------------------------------------------
/tests/test_resources/compiled/jinja2-input-params/test-2/pod.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Pod
 3 | metadata:
 4 |   name: test2
 5 |   namespace: ns2
 6 | spec:
 7 |   containers:
 8 |     - image: busybox
 9 |       command:
10 |         - sleep
11 |         - "3600"
12 |       imagePullPolicy: IfNotPresent
13 |       name: busybox
14 |   restartPolicy: Always


--------------------------------------------------------------------------------
/tests/test_resources/kadet_functions/input_to_output/__init__.py:
--------------------------------------------------------------------------------
 1 | from kapitan.inputs import kadet
 2 | 
 3 | 
 4 | def main(input_params):
 5 |     inventory = kadet.inventory()
 6 |     output = kadet.BaseObj()
 7 |     for key, value in inventory.parameters.input.items():
 8 |         output.root[key] = kadet.BaseObj.from_dict(value)
 9 |     return output
10 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/scripts/kubectl.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | KUBECTL="kubectl --context minikube-es --insecure-skip-tls-verify=False "
 9 | 
10 | ${KUBECTL} $@


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/classes/component/nginx-common.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   nginx:
 3 |     image: nginx:1:15.8
 4 | 
 5 |   templates: #(1)!
 6 |     - docs/nginx/README.md
 7 |     - components/nginx-deploy.sh
 8 | 
 9 |   kapitan:
10 |     compile:
11 |       - output_path: . #(2)!
12 |         input_type: jinja2
13 |         input_paths: ${templates} #(3)!


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/classes/component/nginx-jsonnet.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   nginx:
 3 |     replicas: 1
 4 |   kapitan:
 5 |     compile:
 6 |       - output_path: manifests
 7 |         output_type: yml
 8 |         input_type: jsonnet
 9 |         input_paths:
10 |         - components/nginx-jsonnet/main.jsonnet
11 |     labels:
12 |       type: jsonnet
13 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-mysql/scripts/delete.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | DIR=$(dirname ${BASH_SOURCE[0]})
 9 | 
10 | ${DIR}/kubectl.sh delete -f ${DIR}/../manifests


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deamonset-webhook-and-psp-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: true
 9 |   service:
10 |     type: ClusterIP
11 | 
12 | podSecurityPolicy:
13 |   enabled: true
14 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/labels/labels/service.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: db
 5 |   namespace: labels
 6 |   labels:
 7 |     app.kubernetes.io/name: db
 8 |     app.kubernetes.io/version: 11.0
 9 |     app.kubernetes.io/managed-by: kapitan
10 | spec:
11 |   ports:
12 |   - port: 5432
13 |     targetPort: 5432
14 |     name: postgres


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_service.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     app: nginx
 6 |   name: nginx
 7 |   namespace: minikube-nginx-kadet
 8 | spec:
 9 |   ports:
10 |     - name: http
11 |       port: 80
12 |       targetPort: 80
13 |   selector:
14 |     app: nginx
15 |   type: NodePort
16 | 


--------------------------------------------------------------------------------
/examples/terraform/templates/terraform/modules.jsonnet:
--------------------------------------------------------------------------------
 1 | local kap = import "lib/kapitan.libjsonnet";
 2 | local inv = kap.inventory();
 3 | local p =  inv.parameters;
 4 | 
 5 | #This file can be modifed to enforce the necessary convention
 6 | {
 7 |     module: {
 8 |       [module]: p.modules[module],
 9 |       for module in std.objectFields(p.modules)
10 |     }
11 | }


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/scripts/kubectl.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | KUBECTL="kubectl --context minikube-es --insecure-skip-tls-verify=False "
 9 | 
10 | ${KUBECTL} $@


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-mysql/scripts/kubectl.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | KUBECTL="kubectl --context minikube-mysql --insecure-skip-tls-verify=False "
 9 | 
10 | ${KUBECTL} $@


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/labels/labels/service.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: db
 5 |   namespace: labels
 6 |   labels:
 7 |     app.kubernetes.io/name: db
 8 |     app.kubernetes.io/version: 11.0
 9 |     app.kubernetes.io/managed-by: kapitan
10 | spec:
11 |   ports:
12 |   - port: 5432
13 |     targetPort: 5432
14 |     name: postgres


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-mysql/scripts/kubectl.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | KUBECTL="kubectl --context minikube-mysql --insecure-skip-tls-verify=False "
 9 | 
10 | ${KUBECTL} $@


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-kadet/manifests/nginx_service.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     app: nginx
 6 |   name: nginx
 7 |   namespace: minikube-nginx-kadet
 8 | spec:
 9 |   ports:
10 |     - name: http
11 |       port: 80
12 |       targetPort: 80
13 |   selector:
14 |     app: nginx
15 |   type: NodePort
16 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-customconfig-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   config:
 7 |     use-proxy-protocol: "true"
 8 |   allowSnippetAnnotations: false
 9 |   admissionWebhooks:
10 |     enabled: false
11 |   service:
12 |     type: ClusterIP
13 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/targets/jsonnet-env.yml:
--------------------------------------------------------------------------------
 1 | classes:
 2 |   - jsonnet-env
 3 | 
 4 | parameters:
 5 |   target_name: jsonnet-env
 6 |   kapitan:
 7 |     compile:
 8 |       - output_path: jsonnet-env
 9 |         input_type: jsonnet
10 |         input_params: {}
11 |         input_paths:
12 |           - components/jsonnet-env/env.jsonnet
13 |         output_type: yml
14 | 


--------------------------------------------------------------------------------
/examples/kubernetes/scripts/delete.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | {% set i = inventory.parameters %}
 9 | DIR=$(dirname ${BASH_SOURCE[0]})
10 | 
11 | ${DIR}/kubectl.sh delete -f ${DIR}/../manifests


--------------------------------------------------------------------------------
/tests/test_resources/inventory/targets/nginx-istio.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   kapitan:
 3 |     vars:
 4 |       target: nginx-istio
 5 |     compile:
 6 |       - input_type: helm
 7 |         output_path: .
 8 |         input_paths:
 9 |           - charts/istio
10 |       - input_type: helm
11 |         output_path: .
12 |         input_paths:
13 |           - charts/nginx-ingress
14 | 


--------------------------------------------------------------------------------
/tests/test_resources/templates/pod.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Pod
 3 | metadata:
 4 |   name: {{ input_params.name }}
 5 |   namespace: {{ input_params.namespace }}
 6 | spec:
 7 |   containers:
 8 |     - image: busybox
 9 |       command:
10 |         - sleep
11 |         - "3600"
12 |       imagePullPolicy: IfNotPresent
13 |       name: busybox
14 |   restartPolicy: Always
15 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-tcp-udp-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   admissionWebhooks:
 7 |     enabled: false
 8 |   service:
 9 |     type: ClusterIP
10 | 
11 | tcp:
12 |   9000: "default/test:8080"
13 | 
14 | udp:
15 |   9001: "default/test:8080"
16 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/targets/minikube-nginx-jsonnet.yml:
--------------------------------------------------------------------------------
 1 | classes:
 2 |   - common
 3 |   - cluster.minikube
 4 |   - component.namespace
 5 |   - component.nginx-jsonnet
 6 |   - component.nginx-common
 7 | 
 8 | parameters:
 9 | # These parameters are redundand because automatically set by `common`
10 | ## target_name: minikube-nginx-jsonnet
11 | ## namespace: ${target_name}
12 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/targets/minikube-nginx-kadet.yml:
--------------------------------------------------------------------------------
 1 | classes:
 2 |   - common
 3 |   - cluster.minikube
 4 |   - component.namespace
 5 |   - component.nginx-kadet
 6 |   - component.nginx-common
 7 | 
 8 | parameters:
 9 | # These parameters are redundand because automatically set by `common`
10 | ## target_name: minikube-nginx-kadet
11 | ## namespace: ${target_name}
12 | 
13 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/mixer/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: mixer
 3 | version: 1.2.5
 4 | appVersion: 1.2.5
 5 | tillerVersion: ">=2.7.2"
 6 | description: Helm chart for mixer deployment
 7 | keywords:
 8 |   - istio
 9 |   - mixer
10 | sources:
11 |   - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/pilot/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: pilot
 3 | version: 1.2.5
 4 | appVersion: 1.2.5
 5 | tillerVersion: ">=2.7.2"
 6 | description: Helm chart for pilot deployment
 7 | keywords:
 8 |   - istio
 9 |   - pilot
10 | sources:
11 |   - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/daemonset-tcp-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: false
 9 |   service:
10 |     type: ClusterIP
11 | 
12 | tcp:
13 |   9000: "default/test:8080"
14 |   9001: "default/test:8080"
15 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/galley/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: galley
 3 | version: 1.2.5
 4 | appVersion: 1.2.5
 5 | tillerVersion: ">=2.7.2"
 6 | description: Helm chart for galley deployment
 7 | keywords:
 8 |   - istio
 9 |   - galley
10 | sources:
11 |   - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-headers-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   admissionWebhooks:
 7 |     enabled: false
 8 |   addHeaders:
 9 |     X-Frame-Options: deny
10 |   proxySetHeaders:
11 |     X-Forwarded-Proto: https
12 |   service:
13 |     type: ClusterIP
14 | 


--------------------------------------------------------------------------------
/examples/kubernetes/components/nginx-jsonnet/service.jsonnet:
--------------------------------------------------------------------------------
 1 | local kube = import "lib/kube.libjsonnet";
 2 | local deployment = import "./deployment.jsonnet";
 3 | 
 4 | local svc = kube.Service("nginx") {
 5 |       target_pod:: deployment.nginx_deployment.spec.template,
 6 |       target_container_name:: "nginx",
 7 |       type: "NodePort",
 8 | };
 9 | 
10 | 
11 | {
12 |     nginx_svc: svc
13 | }


--------------------------------------------------------------------------------
/tests/test_resources/inventory/targets/fail-compile.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   kapitan:
 3 |     vars:
 4 |       target: fail-compile
 5 |     compile:
 6 |       - name: fail_compile
 7 |         input_type: kadet
 8 |         output_path: file_compile
 9 |         continue_on_compile_error: True
10 |         input_paths:
11 |           - kadet_functions/fail_compile
12 | 
13 | 
14 |         
15 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/nodeagent/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: nodeagent
 3 | version: 1.2.5
 4 | appVersion: 1.2.5
 5 | tillerVersion: ">=2.7.2"
 6 | description: Helm chart for nodeagent deployment
 7 | keywords:
 8 |   - istio
 9 |   - nodeagent
10 | sources:
11 |   - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/security/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: security
 3 | version: 1.2.5
 4 | appVersion: 1.2.5
 5 | tillerVersion: ">=2.7.2"
 6 | description: Helm chart for istio authentication
 7 | keywords:
 8 |   - istio
 9 |   - security
10 | sources:
11 |   - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/scripts/setup_context.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash -eu
2 | 
3 | # Copyright 2019 The Kapitan Authors
4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
5 | #
6 | # SPDX-License-Identifier: Apache-2.0
7 | 
8 | kubectl config set-context minikube-es --cluster minikube --user minikube --namespace minikube-es
9 | kubectl config use-context minikube-es


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/daemonset-customconfig-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   kind: DaemonSet
 7 |   allowSnippetAnnotations: false
 8 |   admissionWebhooks:
 9 |     enabled: false
10 |   service:
11 |     type: ClusterIP
12 | 
13 |   config:
14 |     use-proxy-protocol: "true"
15 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/daemonset-tcp-udp-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: false
 9 |   service:
10 |     type: ClusterIP
11 | 
12 | tcp:
13 |   9000: "default/test:8080"
14 | 
15 | udp:
16 |   9001: "default/test:8080"
17 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/all-glob/manifests/app-service.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: nginx
 7 |   name: nginx
 8 |   namespace: all-glob
 9 | spec:
10 |   loadBalancerSourceRanges: []
11 |   ports:
12 |     - name: http
13 |       port: 80
14 |       targetPort: http
15 |   selector:
16 |     name: nginx
17 |   type: NodePort
18 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/all-glob/manifests/mysql_service_simple.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: glob_instance
 6 |   name: glob_instance
 7 |   namespace: all-glob
 8 | spec:
 9 |   clusterIP: None
10 |   ports:
11 |     - name: mysql
12 |       port: 3306
13 |       targetPort: mysql
14 |   selector:
15 |     name: glob_instance
16 |   type: ClusterIP
17 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/all-glob/manifests/app-service.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: nginx
 7 |   name: nginx
 8 |   namespace: all-glob
 9 | spec:
10 |   loadBalancerSourceRanges: []
11 |   ports:
12 |     - name: http
13 |       port: 80
14 |       targetPort: http
15 |   selector:
16 |     name: nginx
17 |   type: NodePort
18 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/all-glob/manifests/mysql_service_simple.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: glob_instance
 6 |   name: glob_instance
 7 |   namespace: all-glob
 8 | spec:
 9 |   clusterIP: None
10 |   ports:
11 |     - name: mysql
12 |       port: 3306
13 |       targetPort: mysql
14 |   selector:
15 |     name: glob_instance
16 |   type: ClusterIP
17 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/scripts/setup_context.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash -eu
2 | 
3 | # Copyright 2019 The Kapitan Authors
4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
5 | #
6 | # SPDX-License-Identifier: Apache-2.0
7 | 
8 | kubectl config set-context minikube-es --cluster minikube --user minikube --namespace minikube-es
9 | kubectl config use-context minikube-es


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/daemonset-headers-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: false
 9 |   addHeaders:
10 |     X-Frame-Options: deny
11 |   proxySetHeaders:
12 |     X-Forwarded-Proto: https
13 |   service:
14 |     type: ClusterIP
15 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_simple.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: example-mysql
 6 |   name: example-mysql
 7 |   namespace: minikube-mysql
 8 | spec:
 9 |   clusterIP: None
10 |   ports:
11 |     - name: mysql
12 |       port: 3306
13 |       targetPort: mysql
14 |   selector:
15 |     name: example-mysql
16 |   type: ClusterIP
17 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-mysql/scripts/setup_context.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash -eu
2 | 
3 | # Copyright 2019 The Kapitan Authors
4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
5 | #
6 | # SPDX-License-Identifier: Apache-2.0
7 | 
8 | kubectl config set-context minikube-mysql --cluster minikube --user minikube --namespace minikube-mysql
9 | kubectl config use-context minikube-mysql


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/targets/removal.yml:
--------------------------------------------------------------------------------
 1 | classes:
 2 | - common
 3 | 
 4 | parameters:
 5 |   kapitan:
 6 |     compile:
 7 |       - input_type: copy
 8 |         input_paths:
 9 |           - copy_target
10 |         output_path: .
11 |       # test removal of a file
12 |       - input_type: remove
13 |         input_paths:
14 |           - compiled/${kapitan:vars:target}/copy_target
15 |         output_path: .


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-mysql/scripts/setup_context.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash -eu
2 | 
3 | # Copyright 2019 The Kapitan Authors
4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
5 | #
6 | # SPDX-License-Identifier: Apache-2.0
7 | 
8 | kubectl config set-context minikube-mysql --cluster minikube --user minikube --namespace minikube-mysql
9 | kubectl config use-context minikube-mysql


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-autoscaling-behavior-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   autoscaling:
 3 |     enabled: true
 4 |     behavior:
 5 |       scaleDown:
 6 |         stabilizationWindowSeconds: 300
 7 |         policies:
 8 |         - type: Pods
 9 |           value: 1
10 |           periodSeconds: 180
11 |   admissionWebhooks:
12 |     enabled: false
13 |   service:
14 |     type: ClusterIP
15 | 


--------------------------------------------------------------------------------
/examples/kubernetes/scripts/kubectl.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | KUBECTL="kubectl --context {{inventory.parameters.target_name}} --insecure-skip-tls-verify={{inventory.parameters.kubectl.insecure_skip_tls_verify}} "
 9 | 
10 | ${KUBECTL} $@


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-mysql/manifests/mysql_service_simple.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: example-mysql
 6 |   name: example-mysql
 7 |   namespace: minikube-mysql
 8 | spec:
 9 |   clusterIP: None
10 |   ports:
11 |     - name: mysql
12 |       port: 3306
13 |       targetPort: mysql
14 |   selector:
15 |     name: example-mysql
16 |   type: ClusterIP
17 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/acs-engine-autoscaler/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | description: Scales worker nodes within agent pools
 3 | icon: https://github.com/kubernetes/kubernetes/blob/master/logo/logo.png
 4 | maintainers:
 5 | - email: ritazh@microsoft.com
 6 |   name: Rita Zhang
 7 | name: acs-engine-autoscaler
 8 | sources:
 9 | - https://github.com/wbuchwalter/Kubernetes-acs-engine-autoscaler
10 | version: 0.1.0
11 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | data:
 3 |   MYSQL_ROOT_PASSWORD: ?{gpg:targets/minikube-mysql/mysql/password:ec3d54de}
 4 |   MYSQL_ROOT_PASSWORD_SHA256: ?{gpg:targets/minikube-mysql/mysql/password_sha256:122d2732}
 5 | kind: Secret
 6 | metadata:
 7 |   labels:
 8 |     name: example-mysql
 9 |   name: example-mysql
10 |   namespace: minikube-mysql
11 | type: Opaque
12 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-mysql/manifests/mysql_secret.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | data:
 3 |   MYSQL_ROOT_PASSWORD: ?{gpg:targets/minikube-mysql/mysql/password:ec3d54de}
 4 |   MYSQL_ROOT_PASSWORD_SHA256: ?{gpg:targets/minikube-mysql/mysql/password_sha256:122d2732}
 5 | kind: Secret
 6 | metadata:
 7 |   labels:
 8 |     name: example-mysql
 9 |   name: example-mysql
10 |   namespace: minikube-mysql
11 | type: Opaque
12 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-internal-lb-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   admissionWebhooks:
 7 |     enabled: false
 8 |   service:
 9 |     type: ClusterIP
10 |     internal:
11 |       enabled: true
12 |       annotations:
13 |         service.beta.kubernetes.io/aws-load-balancer-internal: "true"
14 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-tcp-udp-portNamePrefix-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   admissionWebhooks:
 7 |     enabled: false
 8 |   service:
 9 |     type: ClusterIP
10 | 
11 | tcp:
12 |   9000: "default/test:8080"
13 | 
14 | udp:
15 |   9001: "default/test:8080"
16 | 
17 | portNamePrefix: "port"
18 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/all-glob/manifests/mysql_secret.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | data:
 3 |   MYSQL_ROOT_PASSWORD: ?{base64:targets/all-glob/mysql/password:3192c15c}
 4 |   MYSQL_ROOT_PASSWORD_SHA256: ?{base64:targets/all-glob/mysql/password_sha256:a18bc263}
 5 | kind: Secret
 6 | metadata:
 7 |   annotations: {}
 8 |   labels:
 9 |     name: glob_instance
10 |   name: glob_instance
11 |   namespace: all-glob
12 | type: Opaque
13 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-helm/nginx-deploy.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -e
 2 | DIR=$(dirname ${BASH_SOURCE[0]})
 3 |  #(1)!
 4 | 
 5 | KUBECTL="kubectl -n None" #(2)!
 6 | 
 7 | # Create namespace before anything else
 8 | ${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml
 9 | 
10 | for SECTION in manifests
11 | do
12 |   echo "## run kubectl apply for ${SECTION}"
13 |   ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t
14 | done


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-jsonnet/manifests/app-service.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: nginx
 7 |   name: nginx
 8 |   namespace: minikube-nginx-jsonnet
 9 | spec:
10 |   loadBalancerSourceRanges: []
11 |   ports:
12 |     - name: http
13 |       port: 80
14 |       targetPort: http
15 |   selector:
16 |     name: nginx
17 |   type: NodePort
18 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/all-glob/manifests/mysql_secret.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | data:
 3 |   MYSQL_ROOT_PASSWORD: ?{base64:targets/all-glob/mysql/password:3192c15c}
 4 |   MYSQL_ROOT_PASSWORD_SHA256: ?{base64:targets/all-glob/mysql/password_sha256:a18bc263}
 5 | kind: Secret
 6 | metadata:
 7 |   annotations: {}
 8 |   labels:
 9 |     name: glob_instance
10 |   name: glob_instance
11 |   namespace: all-glob
12 | type: Opaque
13 | 


--------------------------------------------------------------------------------
/tests/test_resources/inventory/targets/reveal-output.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   input: $?{gpg:targets/nginx-ingress/electionID||randomstr|base64}
 3 |   kapitan:
 4 |     vars:
 5 |       target: reveal-output
 6 |     compile:
 7 |       - name: generate-toml-jsonnet
 8 |         input_type: jsonnet
 9 |         output_path: .
10 |         output_type: json
11 |         input_paths:
12 |           - components/input-to-output/main.jsonnet


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_service_jsonnet.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: example-mysql-jsonnet
 6 |   name: example-mysql-jsonnet
 7 |   namespace: minikube-mysql
 8 | spec:
 9 |   clusterIP: None
10 |   ports:
11 |     - name: mysql
12 |       port: 3306
13 |       targetPort: mysql
14 |   selector:
15 |     name: example-mysql
16 |   type: ClusterIP
17 | 


--------------------------------------------------------------------------------
/examples/terraform/inventory/reclass-config.yml:
--------------------------------------------------------------------------------
 1 | storage_type: yaml_fs
 2 | pretty_print: true
 3 | output: yml
 4 | inventory_base_uri: .
 5 | nodes_uri: targets
 6 | classes_uri: classes
 7 | compose_node_name: false
 8 | class_mappings_match_path: true
 9 | class_mappings:
10 |   - develop/*                          env.develop
11 |   - prod/*                             env.prod
12 |   - sandbox/*                          env.sandbox
13 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-mysql/manifests/mysql_service_jsonnet.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: example-mysql-jsonnet
 6 |   name: example-mysql-jsonnet
 7 |   namespace: minikube-mysql
 8 | spec:
 9 |   clusterIP: None
10 |   ports:
11 |     - name: mysql
12 |       port: 3306
13 |       targetPort: mysql
14 |   selector:
15 |     name: example-mysql
16 |   type: ClusterIP
17 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-helm/nginx-deploy.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -e
 2 | DIR=$(dirname ${BASH_SOURCE[0]})
 3 |  #(1)!
 4 | 
 5 | KUBECTL="kubectl -n None" #(2)!
 6 | 
 7 | # Create namespace before anything else
 8 | ${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml
 9 | 
10 | for SECTION in manifests
11 | do
12 |   echo "## run kubectl apply for ${SECTION}"
13 |   ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t
14 | done


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-jsonnet/manifests/app-service.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: nginx
 7 |   name: nginx
 8 |   namespace: minikube-nginx-jsonnet
 9 | spec:
10 |   loadBalancerSourceRanges: []
11 |   ports:
12 |     - name: http
13 |       port: 80
14 |       targetPort: http
15 |   selector:
16 |     name: nginx
17 |   type: NodePort
18 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/scripts/minikube/start_minikube.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | eval $(minikube docker-env)
 9 | minikube start --insecure-registry https://quay.io --memory=4096 --cpus=4
10 | minikube ssh "sudo ip link set docker0 promisc on"


--------------------------------------------------------------------------------
/examples/kubernetes/components/labels/service.yml:
--------------------------------------------------------------------------------
 1 | {% set params = inventory.parameters %}{% import 'templates/labels.j2' as labels with context  -%}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: {{ params.postgres.name }}
 6 |   namespace: {{ namespace }}
 7 |   labels:
 8 |     {{ labels.common(params.postgres) | indent(4)  }}
 9 | spec:
10 |   ports:
11 |   - port: 5432
12 |     targetPort: 5432
13 |     name: postgres
14 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/classes/component/labels.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   postgres:
 3 |     name: db
 4 |     component: db
 5 |     instance: postgres
 6 |     version: "11.0"
 7 | 
 8 |   kapitan:
 9 |     vars:
10 |       target: ${target_name}
11 |       namespace: ${target_name}
12 |     compile:
13 |       - output_path: ./labels
14 |         input_type: jinja2
15 |         input_paths:
16 |           - components/labels/service.yml
17 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-mysql/scripts/minikube/start_minikube.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | eval $(minikube docker-env)
 9 | minikube start --insecure-registry https://quay.io --memory=4096 --cpus=4
10 | minikube ssh "sudo ip link set docker0 promisc on"


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/scripts/minikube/start_minikube.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | eval $(minikube docker-env)
 9 | minikube start --insecure-registry https://quay.io --memory=4096 --cpus=4
10 | minikube ssh "sudo ip link set docker0 promisc on"


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-mysql/scripts/minikube/start_minikube.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | eval $(minikube docker-env)
 9 | minikube start --insecure-registry https://quay.io --memory=4096 --cpus=4
10 | minikube ssh "sudo ip link set docker0 promisc on"


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/gateways/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: gateways
 3 | version: 1.2.5
 4 | appVersion: 1.2.5
 5 | tillerVersion: ">=2.7.2"
 6 | description: Helm chart for deploying Istio gateways
 7 | keywords:
 8 |   - istio
 9 |   - ingressgateway
10 |   - egressgateway
11 |   - gateways
12 | sources:
13 |   - http://github.com/istio/istio
14 | engine: gotpl
15 | icon: https://istio.io/favicons/android-192x192.png
16 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
 1 | kind: ClusterRole
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | metadata:
 4 |   name: istio-reader
 5 | rules:
 6 |   - apiGroups: ['']
 7 |     resources: ['nodes', 'pods', 'services', 'endpoints', "replicationcontrollers"]
 8 |     verbs: ['get', 'watch', 'list']
 9 |   - apiGroups: ["extensions", "apps"]
10 |     resources: ["replicasets"]
11 |     verbs: ["get", "list", "watch"]
12 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/daemonset-internal-lb-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: false
 9 |   service:
10 |     type: ClusterIP
11 |     internal:
12 |       enabled: true
13 |       annotations:
14 |         service.beta.kubernetes.io/aws-load-balancer-internal: "true"
15 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/daemonset-tcp-udp-portNamePrefix-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: false
 9 |   service:
10 |     type: ClusterIP
11 | 
12 | tcp:
13 |   9000: "default/test:8080"
14 | 
15 | udp:
16 |   9001: "default/test:8080"
17 | 
18 | portNamePrefix: "port"
19 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-jsonnet/nginx-deploy.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -e
 2 | DIR=$(dirname ${BASH_SOURCE[0]})
 3 |  #(1)!
 4 | 
 5 | KUBECTL="kubectl -n minikube-nginx-jsonnet" #(2)!
 6 | 
 7 | # Create namespace before anything else
 8 | ${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml
 9 | 
10 | for SECTION in manifests
11 | do
12 |   echo "## run kubectl apply for ${SECTION}"
13 |   ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t
14 | done


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-kadet/nginx-deploy.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -e
 2 | DIR=$(dirname ${BASH_SOURCE[0]})
 3 |  #(1)!
 4 | 
 5 | KUBECTL="kubectl -n minikube-nginx-kadet" #(2)!
 6 | 
 7 | # Create namespace before anything else
 8 | ${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml
 9 | 
10 | for SECTION in manifests
11 | do
12 |   echo "## run kubectl apply for ${SECTION}"
13 |   ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t
14 | done


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-kadet/nginx-deploy.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -e
 2 | DIR=$(dirname ${BASH_SOURCE[0]})
 3 |  #(1)!
 4 | 
 5 | KUBECTL="kubectl -n minikube-nginx-kadet" #(2)!
 6 | 
 7 | # Create namespace before anything else
 8 | ${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml
 9 | 
10 | for SECTION in manifests
11 | do
12 |   echo "## run kubectl apply for ${SECTION}"
13 |   ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t
14 | done


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/sidecarInjectorWebhook/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: sidecarInjectorWebhook
 3 | version: 1.2.5
 4 | appVersion: 1.2.5
 5 | tillerVersion: ">=2.7.2"
 6 | description: Helm chart for sidecar injector webhook deployment
 7 | keywords:
 8 |   - istio
 9 |   - sidecarInjectorWebhook
10 | sources:
11 |   - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 | 


--------------------------------------------------------------------------------
/tests/test_resources/inventory/targets/external-test.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   kapitan:
 3 |     vars:
 4 |       target: external-test
 5 |     compile:
 6 |       - input_type: external
 7 |         output_path: .
 8 |         input_paths:
 9 |           - script.sh
10 |         args:
11 |           - \${compiled_target_dir} # this will not be interpolated by reclass but by the External input
12 |         env_vars:
13 |           FILE_NAME: "test.md"
14 | 


--------------------------------------------------------------------------------
/tests/test_resources/templates/test_deployment.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apps/v1
 2 | kind: Deployment
 3 | metadata:
 4 |   name: app-name
 5 |   namespace: default
 6 | spec:
 7 |   selector:
 8 |     matchLabels:
 9 |       app: app-name
10 |   replicas: 1
11 |   template:
12 |     metadata:
13 |       labels:
14 |         app: app-name
15 |     spec:
16 |       containers:
17 |       - name: hello
18 |         image: hello-word
19 |         imagePullPolicy: Always


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/all-glob/manifests/es-discovery-svc.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: elasticsearch-discovery
 6 |   name: elasticsearch-discovery
 7 |   namespace: all-glob
 8 | spec:
 9 |   ports:
10 |     - name: transport
11 |       port: 9300
12 |       protocol: TCP
13 |       targetPort: transport
14 |   selector:
15 |     name: cluster-master
16 |     role: master
17 |   type: ClusterIP
18 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-mysql/manifests/mysql_secret_subvar.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | data:
 3 |   MYSQL_ROOT_PASSWORD: ?{gpg:targets/minikube-mysql/mysql/subvars@var1.password:52dd139b}
 4 |   MYSQL_ROOT_PASSWORD_SHA256: ?{gpg:targets/minikube-mysql/mysql/subvars@var2.password_sha256:52dd139b}
 5 | kind: Secret
 6 | metadata:
 7 |   labels:
 8 |     name: example-mysql
 9 |   name: example-mysql
10 |   namespace: minikube-mysql
11 | type: Opaque
12 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/all-glob/manifests/es-discovery-svc.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: elasticsearch-discovery
 6 |   name: elasticsearch-discovery
 7 |   namespace: all-glob
 8 | spec:
 9 |   ports:
10 |     - name: transport
11 |       port: 9300
12 |       protocol: TCP
13 |       targetPort: transport
14 |   selector:
15 |     name: cluster-master
16 |     role: master
17 |   type: ClusterIP
18 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-jsonnet/nginx-deploy.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -e
 2 | DIR=$(dirname ${BASH_SOURCE[0]})
 3 |  #(1)!
 4 | 
 5 | KUBECTL="kubectl -n minikube-nginx-jsonnet" #(2)!
 6 | 
 7 | # Create namespace before anything else
 8 | ${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml
 9 | 
10 | for SECTION in manifests
11 | do
12 |   echo "## run kubectl apply for ${SECTION}"
13 |   ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t
14 | done


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | name: istio
 3 | version: 1.2.5
 4 | appVersion: 1.2.5
 5 | tillerVersion: ">=2.7.2-0"
 6 | description: Helm chart for all istio components
 7 | keywords:
 8 |   - istio
 9 |   - security
10 |   - sidecarInjectorWebhook
11 |   - mixer
12 |   - pilot
13 |   - galley
14 | sources:
15 |   - http://github.com/istio/istio
16 | engine: gotpl
17 | icon: https://istio.io/favicons/android-192x192.png
18 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/nginx-ingress/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if or .Values.serviceAccount.create -}}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   labels:
 6 |     app: {{ template "nginx-ingress.name" . }}
 7 |     chart: {{ .Chart.Name }}-{{ .Chart.Version }}
 8 |     heritage: {{ .Release.Service }}
 9 |     release: {{ .Release.Name }}
10 |   name: {{ template "nginx-ingress.serviceAccountName" . }}
11 | {{- end -}}
12 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/all-glob/manifests/mysql_secret_subvar.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | data:
 3 |   MYSQL_ROOT_PASSWORD: ?{base64:targets/all-glob/mysql/subvars@var1.password:fa652988}
 4 |   MYSQL_ROOT_PASSWORD_SHA256: ?{base64:targets/all-glob/mysql/subvars@var2.password_sha256:fa652988}
 5 | kind: Secret
 6 | metadata:
 7 |   annotations: {}
 8 |   labels:
 9 |     name: glob_instance
10 |   name: glob_instance
11 |   namespace: all-glob
12 | type: Opaque
13 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/manifests/es-discovery-svc.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: elasticsearch-discovery
 6 |   name: elasticsearch-discovery
 7 |   namespace: minikube-es
 8 | spec:
 9 |   ports:
10 |     - name: transport
11 |       port: 9300
12 |       protocol: TCP
13 |       targetPort: transport
14 |   selector:
15 |     name: cluster-master
16 |     role: master
17 |   type: ClusterIP
18 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/manifests/es-discovery-svc.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: elasticsearch-discovery
 6 |   name: elasticsearch-discovery
 7 |   namespace: minikube-es
 8 | spec:
 9 |   ports:
10 |     - name: transport
11 |       port: 9300
12 |       protocol: TCP
13 |       targetPort: transport
14 |   selector:
15 |     name: cluster-master
16 |     role: master
17 |   type: ClusterIP
18 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-mysql/manifests/mysql_secret_subvar.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | data:
 3 |   MYSQL_ROOT_PASSWORD: ?{gpg:targets/minikube-mysql/mysql/subvars@var1.password:52dd139b}
 4 |   MYSQL_ROOT_PASSWORD_SHA256: ?{gpg:targets/minikube-mysql/mysql/subvars@var2.password_sha256:52dd139b}
 5 | kind: Secret
 6 | metadata:
 7 |   labels:
 8 |     name: example-mysql
 9 |   name: example-mysql
10 |   namespace: minikube-mysql
11 | type: Opaque
12 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: istio-multi
 5 |   labels:
 6 |     chart: {{ .Chart.Name }}-{{ .Chart.Version }}
 7 | roleRef:
 8 |   apiGroup: rbac.authorization.k8s.io
 9 |   kind: ClusterRole
10 |   name: istio-reader
11 | subjects:
12 | - kind: ServiceAccount
13 |   name: istio-multi
14 |   namespace: {{ .Release.Namespace }}
15 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-kadet/manifests/nginx_deployment.yml:
--------------------------------------------------------------------------------
 1 | kind: Deployment
 2 | metadata:
 3 |   name: nginx
 4 |   namespace: minikube-nginx-kadet
 5 | spec:
 6 |   replicas: 1
 7 |   revisionHistoryLimit: 10
 8 |   template:
 9 |     metadata:
10 |       labels:
11 |         app: nginx
12 |     spec:
13 |       containers:
14 |         - image: nginx:1:15.8
15 |           name: nginx
16 |           ports:
17 |             - containerPort: 80
18 | 


--------------------------------------------------------------------------------
/examples/kubernetes/components/nginx-deploy.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -e
 2 | DIR=$(dirname ${BASH_SOURCE[0]})
 3 | {% set i = inventory.parameters %} #(1)!
 4 | 
 5 | KUBECTL="kubectl -n {{i.namespace}}" #(2)!
 6 | 
 7 | # Create namespace before anything else
 8 | ${KUBECTL} apply -f ${DIR}/pre-deploy/namespace.yml
 9 | 
10 | for SECTION in manifests
11 | do
12 |   echo "## run kubectl apply for ${SECTION}"
13 |   ${KUBECTL} apply -f ${DIR}/${SECTION}/ | column -t
14 | done
15 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/classes/cluster/minikube.yml:
--------------------------------------------------------------------------------
 1 | # class for all targets deployed on minikube
 2 | #
 3 | classes:
 4 |   - cluster.common
 5 | 
 6 | parameters:
 7 |   minikube:
 8 |     memory: 4096
 9 |     cpus: 4
10 |     version: v0.31.0 
11 | 
12 |   cluster:
13 |     type: minikube
14 |     id: minikube
15 |     name: minikube
16 |     user: minikube
17 |   vault:
18 |     address: https://localhost:8200
19 |   mysql:
20 |     hostname: localhost
21 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/all-glob/manifests/mysql_secret_subvar.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | data:
 3 |   MYSQL_ROOT_PASSWORD: ?{base64:targets/all-glob/mysql/subvars@var1.password:fa652988}
 4 |   MYSQL_ROOT_PASSWORD_SHA256: ?{base64:targets/all-glob/mysql/subvars@var2.password_sha256:fa652988}
 5 | kind: Secret
 6 | metadata:
 7 |   annotations: {}
 8 |   labels:
 9 |     name: glob_instance
10 |   name: glob_instance
11 |   namespace: all-glob
12 | type: Opaque
13 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-kadet/manifests/nginx_deployment.yml:
--------------------------------------------------------------------------------
 1 | kind: Deployment
 2 | metadata:
 3 |   name: nginx
 4 |   namespace: minikube-nginx-kadet
 5 | spec:
 6 |   replicas: 1
 7 |   revisionHistoryLimit: 10
 8 |   template:
 9 |     metadata:
10 |       labels:
11 |         app: nginx
12 |     spec:
13 |       containers:
14 |         - image: nginx:1:15.8
15 |           name: nginx
16 |           ports:
17 |             - containerPort: 80
18 | 


--------------------------------------------------------------------------------
/examples/terraform/compiled/project2/terraform/logging.tf.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "resource": {
 3 |     "google_logging_organization_sink": {
 4 |       "catch-all-sink": {
 5 |         "depends_on": [
 6 |           "google_project.project2"
 7 |         ],
 8 |         "destination": "storage.googleapis.com/bucket-for-logs-archive",
 9 |         "include_children": true,
10 |         "name": "catch-all-sink",
11 |         "org_id": 123456789012
12 |       }
13 |     }
14 |   }
15 | }


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project2/terraform/logging.tf.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "resource": {
 3 |     "google_logging_organization_sink": {
 4 |       "catch-all-sink": {
 5 |         "depends_on": [
 6 |           "google_project.project2"
 7 |         ],
 8 |         "destination": "storage.googleapis.com/bucket-for-logs-archive",
 9 |         "include_children": true,
10 |         "name": "catch-all-sink",
11 |         "org_id": 123456789012
12 |       }
13 |     }
14 |   }
15 | }


--------------------------------------------------------------------------------
/examples/docker/inventory/classes/dockerfiles.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   your_component:
 3 |     some_parameter: true
 4 |   kapitan:
 5 |     compile:
 6 |       - output_path: jsonnet
 7 |         input_type: jsonnet
 8 |         output_type: plain
 9 |         input_paths:
10 |           - components/jsonnet/jsonnet.jsonnet
11 |       - output_path: kadet
12 |         input_type: kadet
13 |         output_type: plain
14 |         input_paths:
15 |           - components/kadet
16 | 


--------------------------------------------------------------------------------
/tests/test_resources/inventory/classes/test-objects.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   kapitan:
 3 |     compile:
 4 |     - output_path: .
 5 |       input_type: jsonnet
 6 |       output_type: json
 7 |       input_paths:
 8 |         - templates/single_object.jsonnet
 9 |         - templates/list.jsonnet
10 |         - templates/onekey_component_plainref.jsonnet
11 |         - templates/simple_component_plainref.jsonnet
12 |         - templates/string_component_plainref.jsonnet
13 | 
14 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/all-glob/manifests/mysql_service_jsonnet.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: glob_instance-jsonnet
 7 |   name: glob_instance-jsonnet
 8 |   namespace: all-glob
 9 | spec:
10 |   clusterIP: None
11 |   loadBalancerSourceRanges: []
12 |   ports:
13 |     - name: mysql
14 |       port: 3306
15 |       targetPort: mysql
16 |   selector:
17 |     name: glob_instance
18 |   type: ClusterIP
19 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/nginx-ingress/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/all-glob/manifests/mysql_service_jsonnet.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   annotations: {}
 5 |   labels:
 6 |     name: glob_instance-jsonnet
 7 |   name: glob_instance-jsonnet
 8 |   namespace: all-glob
 9 | spec:
10 |   clusterIP: None
11 |   loadBalancerSourceRanges: []
12 |   ports:
13 |     - name: mysql
14 |       port: 3306
15 |       targetPort: mysql
16 |   selector:
17 |     name: glob_instance
18 |   type: ClusterIP
19 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/nodeagent/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: istio-nodeagent-{{ .Release.Namespace }}
 5 |   labels:
 6 |     app: {{ template "nodeagent.name" . }}
 7 |     chart: {{ template "nodeagent.chart" . }}
 8 |     heritage: {{ .Release.Service }}
 9 |     release: {{ .Release.Name }}
10 | rules:
11 | - apiGroups: [""]
12 |   resources: ["configmaps"]
13 |   verbs: ["get"]


--------------------------------------------------------------------------------
/tests/test_resources/compiled/monitoring-dev/prometheus/templates/server-pvc.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: PersistentVolumeClaim
 3 | metadata:
 4 |   labels:
 5 |     app: prometheus
 6 |     chart: prometheus-11.3.0
 7 |     component: dev-server
 8 |     heritage: Tiller
 9 |     release: prometheus
10 |   name: prometheus-dev-server
11 |   namespace: infra-prometheus
12 | spec:
13 |   accessModes:
14 |     - ReadWriteOnce
15 |   resources:
16 |     requests:
17 |       storage: 8Gi
18 | 


--------------------------------------------------------------------------------
/tests/test_resources/compiled/monitoring-prd/prometheus/templates/server-pvc.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: PersistentVolumeClaim
 3 | metadata:
 4 |   labels:
 5 |     app: prometheus
 6 |     chart: prometheus-11.3.0
 7 |     component: prd-server
 8 |     heritage: Tiller
 9 |     release: prometheus
10 |   name: prometheus-prd-server
11 |   namespace: infra-prometheus
12 | spec:
13 |   accessModes:
14 |     - ReadWriteOnce
15 |   resources:
16 |     requests:
17 |       storage: 8Gi
18 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-customnodeport-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   admissionWebhooks:
 7 |     enabled: false
 8 |   service:
 9 |     type: NodePort
10 |     nodePorts:
11 |       tcp:
12 |         9000: 30090
13 |       udp:
14 |         9001: 30091
15 | 
16 | tcp:
17 |   9000: "default/test:8080"
18 | 
19 | udp:
20 |   9001: "default/test:8080"
21 | 


--------------------------------------------------------------------------------
/examples/terraform/compiled/project3/terraform/iam.tf.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "resource": {
 3 |     "google_project_iam_member": {
 4 |       "containerdeveloper_someemail_googlegroupcom": {
 5 |         "depends_on": [
 6 |           "google_project.project3"
 7 |         ],
 8 |         "lifecycle": {
 9 |           "create_before_destroy": true
10 |         },
11 |         "member": "group:someemail@googlegroup.com",
12 |         "role": "roles/container.developer"
13 |       }
14 |     }
15 |   }
16 | }


--------------------------------------------------------------------------------
/examples/terraform/templates/terraform/output.jsonnet:
--------------------------------------------------------------------------------
 1 | local kap = import "lib/kapitan.libjsonnet";
 2 | local inv = kap.inventory();
 3 | 
 4 | {
 5 |   data: {
 6 |     template_file: {
 7 |       readme: {
 8 |         template: kap.jinja2_template("templates/terraform/README.md.j2", inv),
 9 |       },
10 |     },
11 |   },
12 | 
13 |   output: {
14 |     "README.md": {
15 |       value: "${data.template_file.readme.rendered}",
16 |       sensitive: true,
17 |     },
18 |   },
19 | 
20 | }
21 | 


--------------------------------------------------------------------------------
/kapitan/refs/__init__.py:
--------------------------------------------------------------------------------
 1 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 2 | #
 3 | # SPDX-License-Identifier: Apache-2.0
 4 | 
 5 | from kapitan.utils import StrEnum
 6 | 
 7 | 
 8 | class KapitanReferencesTypes(StrEnum):
 9 |     GPG = "gpg"
10 |     VAULTKV = "vaultkv"
11 |     VAULTTRANSIT = "vaulttransit"
12 |     AWSKMS = "awskms"
13 |     GKMS = "gkms"
14 |     AZKMS = "azkms"
15 |     BASE64 = "base64"
16 |     PLAIN = "plain"
17 |     ENV = "env"
18 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/acs-engine-autoscaler/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | 


--------------------------------------------------------------------------------
/examples/kubernetes/scripts/setup_context.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | {% set i = inventory.parameters %}
 9 | {% set cluster = i.cluster %}
10 | kubectl config set-context {{i.target_name}} --cluster {{cluster.id}} --user {{cluster.user}} --namespace {{i.namespace}}
11 | kubectl config use-context {{i.target_name}}


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/istiocoredns/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: istiocoredns
 5 |   labels:
 6 |     app: {{ template "istiocoredns.name" . }}
 7 |     chart: {{ template "istiocoredns.chart" . }}
 8 |     heritage: {{ .Release.Service }}
 9 |     release: {{ .Release.Name }}
10 | rules:
11 | - apiGroups: ["networking.istio.io"]
12 |   resources: ["*"]
13 |   verbs: ["get", "watch", "list"]
14 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/kiali/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: kiali
 5 |   namespace: {{ .Release.Namespace }}
 6 |   labels:
 7 |     app: {{ template "kiali.name" . }}
 8 |     chart: {{ template "kiali.chart" . }}
 9 |     heritage: {{ .Release.Service }}
10 |     release: {{ .Release.Name }}
11 | spec:
12 |   ports:
13 |   - name: http-kiali
14 |     protocol: TCP
15 |     port: 20001
16 |   selector:
17 |     app: kiali
18 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | 
23 | OWNERS
24 | 


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project3/terraform/iam.tf.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "resource": {
 3 |     "google_project_iam_member": {
 4 |       "containerdeveloper_someemail_googlegroupcom": {
 5 |         "depends_on": [
 6 |           "google_project.project3"
 7 |         ],
 8 |         "lifecycle": {
 9 |           "create_before_destroy": true
10 |         },
11 |         "member": "group:someemail@googlegroup.com",
12 |         "role": "roles/container.developer"
13 |       }
14 |     }
15 |   }
16 | }


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-podannotations-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   admissionWebhooks:
 7 |     enabled: false
 8 |   metrics:
 9 |     enabled: true
10 |   service:
11 |     type: ClusterIP
12 |   podAnnotations:
13 |     prometheus.io/path: /metrics
14 |     prometheus.io/port: "10254"
15 |     prometheus.io/scheme: http
16 |     prometheus.io/scrape: "true"
17 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-tcp-udp-configMapNamespace-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   image:
 3 |     repository: ingress-controller/controller
 4 |     tag: 1.0.0-dev
 5 |     digest: null
 6 |   admissionWebhooks:
 7 |     enabled: false
 8 |   service:
 9 |     type: ClusterIP
10 |   tcp:
11 |     configMapNamespace: default
12 |   udp:
13 |     configMapNamespace: default
14 | 
15 | tcp:
16 |   9000: "default/test:8080"
17 | 
18 | udp:
19 |   9001: "default/test:8080"
20 | 


--------------------------------------------------------------------------------
/overrides/partials/integrations/analytics/custom.html:
--------------------------------------------------------------------------------
1 | <!-- Google Tag Manager -->
2 | <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
3 |   new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
4 |   j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
5 |   'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
6 |   })(window,document,'script','dataLayer','GTM-WPN4JBMH');</script>
7 | <!-- End Google Tag Manager -->
8 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/scripts/apply.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | DIR=$(dirname ${BASH_SOURCE[0]})
 9 | 
10 | for SECTION in pre-deploy manifests
11 | do
12 |   echo "## run kubectl apply for ${SECTION}"
13 |   kapitan refs --reveal -f ${DIR}/../${SECTION}/ | ${DIR}/kubectl.sh apply -f - | column -t
14 | done


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/charts/kube-state-metrics/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building packages.
 2 | # This supports shell glob matching, relative path matching, and
 3 | # negation (prefixed with !). Only one pattern per line.
 4 | .DS_Store
 5 | # Common VCS dirs
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | 


--------------------------------------------------------------------------------
/tests/test_resources/inventory/classes/common.yml:
--------------------------------------------------------------------------------
 1 | 
 2 | parameters:
 3 |   kapitan:
 4 |     vars:
 5 |       target: ${target_name}
 6 |       namespace: ${target_name}
 7 |     secrets:
 8 |       gpg:
 9 |         recipients:
10 |           - name: example@kapitan.dev
11 |             fingerprint: D9234C61F58BEB3ED8552A57E28DC07A3CBFAE7C
12 |       gkms:
13 |         key: 'projects/<project>/locations/<location>/keyRings/<keyRing>/cryptoKeys/<key>'
14 |       awskms:
15 |         key: 'alias/nameOfKey'
16 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-mysql/scripts/apply.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | DIR=$(dirname ${BASH_SOURCE[0]})
 9 | 
10 | for SECTION in pre-deploy manifests
11 | do
12 |   echo "## run kubectl apply for ${SECTION}"
13 |   kapitan refs --reveal -f ${DIR}/../${SECTION}/ | ${DIR}/kubectl.sh apply -f - | column -t
14 | done


--------------------------------------------------------------------------------
/examples/kubernetes/scripts/minikube/start_minikube.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | {% set minikube = inventory.parameters.minikube %}
 9 | eval $(minikube docker-env)
10 | minikube start --insecure-registry https://quay.io --memory={{minikube.memory}} --cpus={{minikube.cpus}}
11 | minikube ssh "sudo ip link set docker0 promisc on"


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/scripts/apply.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | DIR=$(dirname ${BASH_SOURCE[0]})
 9 | 
10 | for SECTION in pre-deploy manifests
11 | do
12 |   echo "## run kubectl apply for ${SECTION}"
13 |   kapitan refs --reveal -f ${DIR}/../${SECTION}/ | ${DIR}/kubectl.sh apply -f - | column -t
14 | done


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-mysql/scripts/apply.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | DIR=$(dirname ${BASH_SOURCE[0]})
 9 | 
10 | for SECTION in pre-deploy manifests
11 | do
12 |   echo "## run kubectl apply for ${SECTION}"
13 |   kapitan refs --reveal -f ${DIR}/../${SECTION}/ | ${DIR}/kubectl.sh apply -f - | column -t
14 | done


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | # Byte-compiled / optimized / DLL files
 2 | __pycache__/
 3 | *.py[cod]
 4 | *$py.class
 5 | 
 6 | .gitpod.yml
 7 | 
 8 | # C extensions
 9 | *.so
10 | *.h
11 | 
12 | # Distribution / packaging
13 | build/
14 | dist/
15 | bindist/
16 | kapitan.egg-info/
17 | _site/
18 | site/
19 | 
20 | # IDEs
21 | .vscode/
22 | 
23 | # Other
24 | *.bak
25 | .DS_Store
26 | *.swp
27 | tags
28 | 
29 | # Versioning
30 | .python-version
31 | .kapitan
32 | .tool-versions
33 | 
34 | # Unit test / coverage reports
35 | .coverage
36 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/daemonset-customnodeport-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: false
 9 | 
10 |   service:
11 |     type: NodePort
12 |     nodePorts:
13 |       tcp:
14 |         9000: 30090
15 |       udp:
16 |         9001: 30091
17 | 
18 | tcp:
19 |   9000: "default/test:8080"
20 | 
21 | udp:
22 |   9001: "default/test:8080"
23 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/daemonset-tcp-udp-configMapNamespace-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: false
 9 |   service:
10 |     type: ClusterIP
11 |   tcp:
12 |     configMapNamespace: default
13 |   udp:
14 |     configMapNamespace: default
15 | 
16 | tcp:
17 |   9000: "default/test:8080"
18 | 
19 | udp:
20 |   9001: "default/test:8080"
21 | 


--------------------------------------------------------------------------------
/tests/test_resources/compiled/kadet-test/test-2/test_deployment.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apps/v1
 2 | kind: Deployment
 3 | metadata:
 4 |   labels:
 5 |     team_name: SRE
 6 |   name: app-name
 7 |   namespace: team-2
 8 | spec:
 9 |   replicas: 1
10 |   selector:
11 |     matchLabels:
12 |       app: app-name
13 |   template:
14 |     metadata:
15 |       labels:
16 |         app: app-name
17 |     spec:
18 |       containers:
19 |         - image: hello-word
20 |           imagePullPolicy: Always
21 |           name: hello
22 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/daemonset-podannotations-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   kind: DaemonSet
 3 |   image:
 4 |     repository: ingress-controller/controller
 5 |     tag: 1.0.0-dev
 6 |     digest: null
 7 |   admissionWebhooks:
 8 |     enabled: false
 9 |   metrics:
10 |     enabled: true
11 |   service:
12 |     type: ClusterIP
13 |   podAnnotations:
14 |     prometheus.io/path: /metrics
15 |     prometheus.io/port: "10254"
16 |     prometheus.io/scheme: http
17 |     prometheus.io/scrape: "true"
18 | 


--------------------------------------------------------------------------------
/examples/kubernetes/scripts/apply.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -eu
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | {% set i = inventory.parameters %}
 9 | DIR=$(dirname ${BASH_SOURCE[0]})
10 | 
11 | for SECTION in pre-deploy manifests
12 | do
13 |   echo "## run kubectl apply for ${SECTION}"
14 |   kapitan refs --reveal -f ${DIR}/../${SECTION}/ | ${DIR}/kubectl.sh apply -f - | column -t
15 | done


--------------------------------------------------------------------------------
/tests/test_resources/charts/nginx-ingress/templates/tcp-configmap.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.tcp }}
 2 | apiVersion: v1
 3 | kind: ConfigMap
 4 | metadata:
 5 |   labels:
 6 |     app: {{ template "nginx-ingress.name" . }}
 7 |     chart: {{ .Chart.Name }}-{{ .Chart.Version }}
 8 |     component: "{{ .Values.controller.name }}"
 9 |     heritage: {{ .Release.Service }}
10 |     release: {{ .Release.Name }}
11 |   name: {{ template "nginx-ingress.fullname" . }}-tcp
12 | data:
13 | {{ tpl (toYaml .Values.tcp) . | indent 2 }}
14 | {{- end }}
15 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/nginx-ingress/templates/udp-configmap.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.udp }}
 2 | apiVersion: v1
 3 | kind: ConfigMap
 4 | metadata:
 5 |   labels:
 6 |     app: {{ template "nginx-ingress.name" . }}
 7 |     chart: {{ .Chart.Name }}-{{ .Chart.Version }}
 8 |     component: "{{ .Values.controller.name }}"
 9 |     heritage: {{ .Release.Service }}
10 |     release: {{ .Release.Name }}
11 |   name: {{ template "nginx-ingress.fullname" . }}-udp
12 | data:
13 | {{ tpl (toYaml .Values.udp) . | indent 2 }}
14 | {{- end }}
15 | 


--------------------------------------------------------------------------------
/tests/test_resources/compiled/kadet-test/test-1/test_deployment.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apps/v1
 2 | kind: Deployment
 3 | metadata:
 4 |   labels:
 5 |     team_name: client-operations
 6 |   name: app-name
 7 |   namespace: ops
 8 | spec:
 9 |   replicas: 1
10 |   selector:
11 |     matchLabels:
12 |       app: app-name
13 |   template:
14 |     metadata:
15 |       labels:
16 |         app: app-name
17 |     spec:
18 |       containers:
19 |         - image: hello-word
20 |           imagePullPolicy: Always
21 |           name: hello
22 | 


--------------------------------------------------------------------------------
/examples/terraform/compiled/project1/scripts/terraform.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | "${TERRAFORM}" "$@"


--------------------------------------------------------------------------------
/examples/terraform/compiled/project2/scripts/terraform.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | "${TERRAFORM}" "$@"


--------------------------------------------------------------------------------
/examples/terraform/compiled/project3/scripts/terraform.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | "${TERRAFORM}" "$@"


--------------------------------------------------------------------------------
/examples/terraform/inventory/classes/type/terraform.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 | 
 3 |   type: terraform
 4 | 
 5 |   kapitan:
 6 |     vars:
 7 |       target: ${_reclass_:name:full}
 8 | 
 9 |     compile:
10 | 
11 |       - output_path: terraform
12 |         output_type: json
13 |         prune: false
14 |         input_paths:
15 |           - templates/terraform/main.jsonnet
16 |         input_type: jsonnet
17 | 
18 |       - output_path: scripts
19 |         input_type: jinja2
20 |         input_paths:
21 |           - templates/scripts/
22 | 


--------------------------------------------------------------------------------
/examples/terraform/templates/scripts/terraform.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | "${TERRAFORM}" "$@"
14 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/all-glob/manifests/es-elasticsearch-svc.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: elasticsearch
 6 |   name: elasticsearch
 7 |   namespace: all-glob
 8 | spec:
 9 |   ports:
10 |     - name: client
11 |       port: 9200
12 |       protocol: TCP
13 |       targetPort: client
14 |     - name: transport
15 |       port: 9300
16 |       protocol: TCP
17 |       targetPort: transport
18 |   selector:
19 |     name: cluster-client
20 |     role: client
21 |   type: NodePort
22 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/all-glob/manifests/es-elasticsearch-svc.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: elasticsearch
 6 |   name: elasticsearch
 7 |   namespace: all-glob
 8 | spec:
 9 |   ports:
10 |     - name: client
11 |       port: 9200
12 |       protocol: TCP
13 |       targetPort: client
14 |     - name: transport
15 |       port: 9300
16 |       protocol: TCP
17 |       targetPort: transport
18 |   selector:
19 |     name: cluster-client
20 |     role: client
21 |   type: NodePort
22 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/galley/templates/configmap.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ConfigMap
 3 | metadata:
 4 |   name: istio-galley-configuration
 5 |   namespace: {{ .Release.Namespace }}
 6 |   labels:
 7 |     app: {{ template "galley.name" . }}
 8 |     chart: {{ template "galley.chart" . }}
 9 |     heritage: {{ .Release.Service }}
10 |     release: {{ .Release.Name }}
11 |     istio: galley
12 | data:
13 |   validatingwebhookconfiguration.yaml: |-
14 |     {{- include "validatingwebhookconfiguration.yaml.tpl" . | indent 4}}


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project1/scripts/terraform.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | "${TERRAFORM}" "$@"


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project2/scripts/terraform.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | "${TERRAFORM}" "$@"


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project3/scripts/terraform.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | "${TERRAFORM}" "$@"


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-es/manifests/es-elasticsearch-svc.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: elasticsearch
 6 |   name: elasticsearch
 7 |   namespace: minikube-es
 8 | spec:
 9 |   ports:
10 |     - name: client
11 |       port: 9200
12 |       protocol: TCP
13 |       targetPort: client
14 |     - name: transport
15 |       port: 9300
16 |       protocol: TCP
17 |       targetPort: transport
18 |   selector:
19 |     name: cluster-client
20 |     role: client
21 |   type: NodePort
22 | 


--------------------------------------------------------------------------------
/examples/terraform/compiled/project1/terraform/provider.tf.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "provider": {
 3 |     "google": {
 4 |       "project": "project1",
 5 |       "region": "europe-west2",
 6 |       "version": "1.16.2",
 7 |       "zone": "europe-west2-a"
 8 |     }
 9 |   },
10 |   "terraform": {
11 |     "backend": {
12 |       "gcs": {
13 |         "bucket": "my_centralized_tf_bucket",
14 |         "prefix": "/project1/",
15 |         "project": "centralized_gcloud_project"
16 |       }
17 |     },
18 |     "required_version": ">= 0.11.7"
19 |   }
20 | }


--------------------------------------------------------------------------------
/examples/terraform/compiled/project2/terraform/provider.tf.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "provider": {
 3 |     "google": {
 4 |       "project": "project2",
 5 |       "region": "europe-west2",
 6 |       "version": "1.16.2",
 7 |       "zone": "europe-west2-a"
 8 |     }
 9 |   },
10 |   "terraform": {
11 |     "backend": {
12 |       "gcs": {
13 |         "bucket": "my_centralized_tf_bucket",
14 |         "prefix": "/project2/",
15 |         "project": "centralized_gcloud_project"
16 |       }
17 |     },
18 |     "required_version": ">= 0.11.7"
19 |   }
20 | }


--------------------------------------------------------------------------------
/examples/terraform/compiled/project3/terraform/provider.tf.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "provider": {
 3 |     "google": {
 4 |       "project": "project3",
 5 |       "region": "europe-west2",
 6 |       "version": "1.16.2",
 7 |       "zone": "europe-west2-a"
 8 |     }
 9 |   },
10 |   "terraform": {
11 |     "backend": {
12 |       "gcs": {
13 |         "bucket": "my_centralized_tf_bucket",
14 |         "prefix": "/project3/",
15 |         "project": "centralized_gcloud_project"
16 |       }
17 |     },
18 |     "required_version": ">= 0.11.7"
19 |   }
20 | }


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-es/manifests/es-elasticsearch-svc.yml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     name: elasticsearch
 6 |   name: elasticsearch
 7 |   namespace: minikube-es
 8 | spec:
 9 |   ports:
10 |     - name: client
11 |       port: 9200
12 |       protocol: TCP
13 |       targetPort: client
14 |     - name: transport
15 |       port: 9300
16 |       protocol: TCP
17 |       targetPort: transport
18 |   selector:
19 |     name: cluster-client
20 |     role: client
21 |   type: NodePort
22 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/gateways/templates/role.yaml:
--------------------------------------------------------------------------------
 1 | {{- range $key, $spec := .Values }}
 2 | {{- if ne $key "enabled" }}
 3 | {{- if $spec.enabled }}
 4 | {{- if and ($spec.sds) (eq $spec.sds.enabled true) }}
 5 | apiVersion: rbac.authorization.k8s.io/v1
 6 | kind: Role
 7 | metadata:
 8 |   name: {{ $key }}-sds
 9 |   namespace: {{ $.Release.Namespace }}
10 | rules:
11 | - apiGroups: [""]
12 |   resources: ["secrets"]
13 |   verbs: ["get", "watch", "list"]
14 | ---
15 | {{- end }}
16 | {{- end }}
17 | {{- end }}
18 | {{- end }}
19 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/prometheus/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | {{- if .Values.global.imagePullSecrets }}
 4 | imagePullSecrets:
 5 | {{- range .Values.global.imagePullSecrets }}
 6 |   - name: {{ . }}
 7 | {{- end }}
 8 | {{- end }}
 9 | metadata:
10 |   name: prometheus
11 |   namespace: {{ .Release.Namespace }}
12 |   labels:
13 |     app: prometheus
14 |     chart: {{ template "prometheus.chart" . }}
15 |     heritage: {{ .Release.Service }}
16 |     release: {{ .Release.Name }}
17 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/sidecarInjectorWebhook/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: istio-sidecar-injector
 5 |   namespace: {{ .Release.Namespace }}
 6 |   labels:
 7 |     app: {{ template "sidecar-injector.name" . }}
 8 |     chart: {{ template "sidecar-injector.chart" . }}
 9 |     heritage: {{ .Release.Service }}
10 |     release: {{ .Release.Name }}
11 |     istio: sidecar-injector
12 | spec:
13 |   ports:
14 |   - port: 443
15 |   selector:
16 |     istio: sidecar-injector
17 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/templates/server-serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.server.enabled -}}
 2 | {{- if .Values.serviceAccounts.server.create }}
 3 | apiVersion: v1
 4 | kind: ServiceAccount
 5 | metadata:
 6 |   labels:
 7 |     {{- include "prometheus.server.labels" . | nindent 4 }}
 8 |   name: {{ template "prometheus.serviceAccountName.server" . }}
 9 | {{ include "prometheus.namespace" . | indent 2 }}
10 |   annotations:
11 | {{ toYaml .Values.serviceAccounts.server.annotations | indent 4 }}
12 | {{- end }}
13 | {{- end }}
14 | 


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project1/terraform/provider.tf.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "provider": {
 3 |     "google": {
 4 |       "project": "project1",
 5 |       "region": "europe-west2",
 6 |       "version": "1.16.2",
 7 |       "zone": "europe-west2-a"
 8 |     }
 9 |   },
10 |   "terraform": {
11 |     "backend": {
12 |       "gcs": {
13 |         "bucket": "my_centralized_tf_bucket",
14 |         "prefix": "/project1/",
15 |         "project": "centralized_gcloud_project"
16 |       }
17 |     },
18 |     "required_version": ">= 0.11.7"
19 |   }
20 | }


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project2/terraform/provider.tf.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "provider": {
 3 |     "google": {
 4 |       "project": "project2",
 5 |       "region": "europe-west2",
 6 |       "version": "1.16.2",
 7 |       "zone": "europe-west2-a"
 8 |     }
 9 |   },
10 |   "terraform": {
11 |     "backend": {
12 |       "gcs": {
13 |         "bucket": "my_centralized_tf_bucket",
14 |         "prefix": "/project2/",
15 |         "project": "centralized_gcloud_project"
16 |       }
17 |     },
18 |     "required_version": ">= 0.11.7"
19 |   }
20 | }


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project3/terraform/provider.tf.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "provider": {
 3 |     "google": {
 4 |       "project": "project3",
 5 |       "region": "europe-west2",
 6 |       "version": "1.16.2",
 7 |       "zone": "europe-west2-a"
 8 |     }
 9 |   },
10 |   "terraform": {
11 |     "backend": {
12 |       "gcs": {
13 |         "bucket": "my_centralized_tf_bucket",
14 |         "prefix": "/project3/",
15 |         "project": "centralized_gcloud_project"
16 |       }
17 |     },
18 |     "required_version": ">= 0.11.7"
19 |   }
20 | }


--------------------------------------------------------------------------------
/examples/docker/components/kadet/__init__.py:
--------------------------------------------------------------------------------
 1 | import os
 2 | import json
 3 | from kapitan.resources import jinja2_render_file
 4 | from kapitan.inputs import kadet
 5 | 
 6 | inventory = kadet.inventory()
 7 | 
 8 | 
 9 | def main():
10 |     path = os.path.dirname(__file__) + "/../../templates"
11 |     output = kadet.BaseObj()
12 |     for file in inventory.parameters.dockerfiles:
13 |         contents = jinja2_render_file([path], "Dockerfile", json.dumps(file))
14 |         output.root["Dockerfile." + file.name] = contents
15 |     return output
16 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/certmanager/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | {{- if .Values.global.imagePullSecrets }}
 4 | imagePullSecrets:
 5 | {{- range .Values.global.imagePullSecrets }}
 6 |   - name: {{ . }}
 7 | {{- end }}
 8 | {{- end }}
 9 | metadata:
10 |   name: certmanager
11 |   namespace: {{ .Release.Namespace }}
12 |   labels:
13 |     app: certmanager
14 |     chart: {{ template "certmanager.chart" . }}
15 |     heritage: {{ .Release.Service }}
16 |     release: {{ .Release.Name }}
17 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/kiali/templates/demosecret.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.createDemoSecret }}
 2 | apiVersion: v1
 3 | kind: Secret
 4 | metadata:
 5 |   name: {{ .Values.dashboard.secretName }}
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     app: {{ template "kiali.name" . }}
 9 |     chart: {{ template "kiali.chart" . }}
10 |     heritage: {{ .Release.Service }}
11 |     release: {{ .Release.Name }}
12 | type: Opaque
13 | data:
14 |   username: YWRtaW4=   # admin
15 |   passphrase: YWRtaW4= # admin
16 | {{- end }}
17 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/templates/pushgateway-serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.pushgateway.enabled .Values.serviceAccounts.pushgateway.create -}}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   labels:
 6 |     {{- include "prometheus.pushgateway.labels" . | nindent 4 }}
 7 |   name: {{ template "prometheus.serviceAccountName.pushgateway" . }}
 8 | {{ include "prometheus.namespace" . | indent 2 }}
 9 |   annotations:
10 | {{ toYaml .Values.serviceAccounts.pushgateway.annotations | indent 4 }}
11 | {{- end -}}
12 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/templates/alertmanager-serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.alertmanager.enabled .Values.serviceAccounts.alertmanager.create -}}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   labels:
 6 |     {{- include "prometheus.alertmanager.labels" . | nindent 4 }}
 7 |   name: {{ template "prometheus.serviceAccountName.alertmanager" . }}
 8 | {{ include "prometheus.namespace" . | indent 2 }}
 9 |   annotations:
10 | {{ toYaml .Values.serviceAccounts.alertmanager.annotations | indent 4 }}
11 | {{- end -}}
12 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/templates/node-exporter-serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.nodeExporter.enabled .Values.serviceAccounts.nodeExporter.create -}}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   labels:
 6 |     {{- include "prometheus.nodeExporter.labels" . | nindent 4 }}
 7 |   name: {{ template "prometheus.serviceAccountName.nodeExporter" . }}
 8 | {{ include "prometheus.namespace" . | indent 2 }}
 9 |   annotations:
10 | {{ toYaml .Values.serviceAccounts.nodeExporter.annotations | indent 4 }}
11 | {{- end -}}
12 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/config.yml:
--------------------------------------------------------------------------------
 1 | blank_issues_enabled: false
 2 | contact_links:
 3 | - name: '💬 Open a Discussion'
 4 |   url: https://github.com/kapicorp/kapitan/discussions/new/choose
 5 |   about: |
 6 |     Share your thoughts, ideas, or concerns, and engage in discussions with the community to collaborate and improve the project.
 7 | - name: '💬 Join us on Slack'
 8 |   url: https://kubernetes.slack.com/archives/C981W2HD3
 9 |   about: |
10 |     Join our Slack channel to connect with our community, ask questions, and stay updated on project developments.
11 | 


--------------------------------------------------------------------------------
/examples/terraform/compiled/project1/scripts/init.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | mkdir -p "$TF_DATA_DIR"
14 | "${TERRAFORM}" init "$@"


--------------------------------------------------------------------------------
/examples/terraform/compiled/project2/scripts/init.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | mkdir -p "$TF_DATA_DIR"
14 | "${TERRAFORM}" init "$@"


--------------------------------------------------------------------------------
/examples/terraform/compiled/project3/scripts/init.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | mkdir -p "$TF_DATA_DIR"
14 | "${TERRAFORM}" init "$@"


--------------------------------------------------------------------------------
/examples/terraform/templates/scripts/init.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | mkdir -p "$TF_DATA_DIR"
14 | "${TERRAFORM}" init "$@"
15 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/kiali/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | {{- if .Values.global.imagePullSecrets }}
 4 | imagePullSecrets:
 5 | {{- range .Values.global.imagePullSecrets }}
 6 |   - name: {{ . }}
 7 | {{- end }}
 8 | {{- end }}
 9 | metadata:
10 |   name: kiali-service-account
11 |   namespace: {{ .Release.Namespace }}
12 |   labels:
13 |     app: {{ template "kiali.name" . }}
14 |     chart: {{ template "kiali.chart" . }}
15 |     heritage: {{ .Release.Service }}
16 |     release: {{ .Release.Name }}
17 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/pilot/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | {{- if .Values.global.imagePullSecrets }}
 4 | imagePullSecrets:
 5 | {{- range .Values.global.imagePullSecrets }}
 6 |   - name: {{ . }}
 7 | {{- end }}
 8 | {{- end }}
 9 | metadata:
10 |   name: istio-pilot-service-account
11 |   namespace: {{ .Release.Namespace }}
12 |   labels:
13 |     app: {{ template "pilot.name" . }}
14 |     chart: {{ template "pilot.chart" . }}
15 |     heritage: {{ .Release.Service }}
16 |     release: {{ .Release.Name }}
17 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/nginx-ingress/templates/headers-configmap.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.controller.headers }}
 2 | apiVersion: v1
 3 | kind: ConfigMap
 4 | metadata:
 5 |   labels:
 6 |     app: {{ template "nginx-ingress.name" . }}
 7 |     chart: {{ .Chart.Name }}-{{ .Chart.Version }}
 8 |     component: "{{ .Values.controller.name }}"
 9 |     heritage: {{ .Release.Service }}
10 |     release: {{ .Release.Name }}
11 |   name: {{ template "nginx-ingress.fullname" . }}-custom-headers
12 | data:
13 | {{ toYaml .Values.controller.headers | indent 2 }}
14 | {{- end }}
15 | 


--------------------------------------------------------------------------------
/tests/test_resources/compiled/nginx/manifests/nginx.conf:
--------------------------------------------------------------------------------
 1 | 
 2 | server {
 3 |     listen       80;
 4 |     server_name  localhost;
 5 | 
 6 |     charset koi8-r;
 7 |     #access_log  /var/log/nginx/host.access.log  main;
 8 | 
 9 |     location / {
10 |         root   /usr/share/nginx/html;
11 |         index  index.html index.htm;
12 |     }
13 | 
14 | 
15 |     # redirect server error pages to the static page /50x.html
16 |     #
17 |     error_page   500 502 503 504  /50x.html;
18 |     location = /50x.html {
19 |         root   /usr/share/nginx/html;
20 |     }
21 | }


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project1/scripts/init.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | mkdir -p "$TF_DATA_DIR"
14 | "${TERRAFORM}" init "$@"


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project2/scripts/init.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | mkdir -p "$TF_DATA_DIR"
14 | "${TERRAFORM}" init "$@"


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project3/scripts/init.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | mkdir -p "$TF_DATA_DIR"
14 | "${TERRAFORM}" init "$@"


--------------------------------------------------------------------------------
/examples/terraform/compiled/project1/scripts/plan.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" plan -lock=false "$@"


--------------------------------------------------------------------------------
/examples/terraform/compiled/project2/scripts/plan.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" plan -lock=false "$@"


--------------------------------------------------------------------------------
/examples/terraform/compiled/project3/scripts/plan.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" plan -lock=false "$@"


--------------------------------------------------------------------------------
/examples/terraform/templates/scripts/plan.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" plan -lock=false "$@"
15 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/galley/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | {{- if .Values.global.imagePullSecrets }}
 4 | imagePullSecrets:
 5 | {{- range .Values.global.imagePullSecrets }}
 6 |   - name: {{ . }}
 7 | {{- end }}
 8 | {{- end }}
 9 | metadata:
10 |   name: istio-galley-service-account
11 |   namespace: {{ .Release.Namespace }}
12 |   labels:
13 |     app: {{ template "galley.name" . }}
14 |     chart: {{ template "galley.chart" . }}
15 |     heritage: {{ .Release.Service }}
16 |     release: {{ .Release.Name }}
17 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/values-istio-sds-auth.yaml:
--------------------------------------------------------------------------------
 1 | global:
 2 |   controlPlaneSecurityEnabled: false
 3 | 
 4 |   mtls:
 5 |     # Default setting for service-to-service mtls. Can be set explicitly using
 6 |     # destination rules or service annotations.
 7 |     enabled: true
 8 | 
 9 |   sds:
10 |     enabled: true
11 |     udsPath: "unix:/var/run/sds/uds_path"
12 |     useNormalJwt: true
13 | 
14 | nodeagent:
15 |   enabled: true
16 |   image: node-agent-k8s
17 |   env:
18 |     CA_PROVIDER: "Citadel"
19 |     CA_ADDR: "istio-citadel:8060"
20 |     VALID_TOKEN: true


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project1/scripts/plan.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" plan -lock=false "$@"


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project2/scripts/plan.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" plan -lock=false "$@"


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project3/scripts/plan.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" plan -lock=false "$@"


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/istiocoredns/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: istiocoredns
 5 |   namespace: {{ .Release.Namespace }}
 6 |   labels:
 7 |     app: {{ template "istiocoredns.name" . }}
 8 |     chart: {{ template "istiocoredns.chart" . }}
 9 |     heritage: {{ .Release.Service }}
10 |     release: {{ .Release.Name }}
11 | spec:
12 |   selector:
13 |     app: istiocoredns
14 |   ports:
15 |   - name: dns
16 |     port: 53
17 |     protocol: UDP
18 |   - name: dns-tcp
19 |     port: 53
20 |     protocol: TCP
21 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/nodeagent/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | {{- if .Values.global.imagePullSecrets }}
 4 | imagePullSecrets:
 5 | {{- range .Values.global.imagePullSecrets }}
 6 |   - name: {{ . }}
 7 | {{- end }}
 8 | {{- end }}
 9 | metadata:
10 |   name: istio-nodeagent-service-account
11 |   namespace: {{ .Release.Namespace }}
12 |   labels:
13 |     app: {{ template "nodeagent.name" . }}
14 |     chart: {{ template "nodeagent.chart" . }}
15 |     heritage: {{ .Release.Service }}
16 |     release: {{ .Release.Name }}


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-ingressclass.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: networking.k8s.io/v1
 2 | kind: IngressClass
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/component: controller
 6 |     app.kubernetes.io/instance: minikube-nginx-helm
 7 |     app.kubernetes.io/managed-by: Helm
 8 |     app.kubernetes.io/name: ingress-nginx
 9 |     app.kubernetes.io/part-of: ingress-nginx
10 |     app.kubernetes.io/version: 1.5.1
11 |     helm.sh/chart: ingress-nginx-4.4.0
12 |   name: nginx
13 | spec:
14 |   controller: k8s.io/ingress-nginx
15 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/security/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | {{- if .Values.global.imagePullSecrets }}
 4 | imagePullSecrets:
 5 | {{- range .Values.global.imagePullSecrets }}
 6 |   - name: {{ . }}
 7 | {{- end }}
 8 | {{- end }}
 9 | metadata:
10 |   name: istio-citadel-service-account
11 |   namespace: {{ .Release.Namespace }}
12 |   labels:
13 |     app: {{ template "security.name" . }}
14 |     chart: {{ template "security.chart" . }}
15 |     heritage: {{ .Release.Service }}
16 |     release: {{ .Release.Name }}
17 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-helm/ingress-nginx/templates/controller-ingressclass.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: networking.k8s.io/v1
 2 | kind: IngressClass
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/component: controller
 6 |     app.kubernetes.io/instance: minikube-nginx-helm
 7 |     app.kubernetes.io/managed-by: Helm
 8 |     app.kubernetes.io/name: ingress-nginx
 9 |     app.kubernetes.io/part-of: ingress-nginx
10 |     app.kubernetes.io/version: 1.5.1
11 |     helm.sh/chart: ingress-nginx-4.4.0
12 |   name: nginx
13 | spec:
14 |   controller: k8s.io/ingress-nginx
15 | 


--------------------------------------------------------------------------------
/tests/test_resources/inventory/targets/nginx-ingress-helm-params.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   kapitan:
 3 |     vars:
 4 |       target: nginx-ingress-helm-params
 5 |       namespace: temp
 6 |     compile:
 7 |       - output_path: .
 8 |         input_type: helm
 9 |         input_paths:
10 |           - charts/nginx-ingress
11 |         helm_values:
12 |           controller:
13 |             name: my-controller
14 |             image:
15 |               repository: custom_repo
16 |         helm_params:
17 |           name: my-first-release-name
18 |           namespace: my-first-namespace
19 | 


--------------------------------------------------------------------------------
/examples/kubernetes/components/elasticsearch/elasticsearch.container.jsonnet:
--------------------------------------------------------------------------------
 1 | local kube = import "lib/kube.libjsonnet";
 2 | 
 3 | {
 4 |   Container(role, image):: kube.Container(role) {
 5 |     local transportPort = {
 6 |       name: "transport",
 7 |       protocol: "TCP",
 8 |       containerPort: 9300,
 9 |     },
10 | 
11 |     local clientPort = {
12 |       name: "client",
13 |       protocol: "TCP",
14 |       containerPort: 9200,
15 |     },
16 | 
17 |     image: image,
18 | 
19 |     ports: (if role == "client" then [clientPort, transportPort] else [transportPort]),
20 |   },
21 | }
22 | 


--------------------------------------------------------------------------------
/kapitan/version.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python3
 2 | 
 3 | # Copyright 2019 The Kapitan Authors
 4 | # SPDX-FileCopyrightText: 2020 The Kapitan Authors <kapitan-admins@googlegroups.com>
 5 | #
 6 | # SPDX-License-Identifier: Apache-2.0
 7 | 
 8 | """Project description variables."""
 9 | 
10 | PROJECT_NAME = "kapitan"
11 | VERSION = "0.34.7"
12 | DESCRIPTION = "Generic templated configuration management for Kubernetes, Terraform and other things"
13 | AUTHOR = "Ricardo Amaro"
14 | AUTHOR_EMAIL = "ramaro@kapicorp.com"
15 | LICENCE = "Apache License 2.0"
16 | URL = "https://github.com/kapicorp/kapitan"
17 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/istiocoredns/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | {{- if .Values.global.imagePullSecrets }}
 4 | imagePullSecrets:
 5 | {{- range .Values.global.imagePullSecrets }}
 6 |   - name: {{ . }}
 7 | {{- end }}
 8 | {{- end }}
 9 | metadata:
10 |   name: istiocoredns-service-account
11 |   namespace: {{ .Release.Namespace }}
12 |   labels:
13 |     app: {{ template "istiocoredns.name" . }}
14 |     chart: {{ template "istiocoredns.chart" . }}
15 |     heritage: {{ .Release.Service }}
16 |     release: {{ .Release.Name }}
17 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/templates/server-pdb.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.server.podDisruptionBudget.enabled }}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: {{ template "prometheus.server.fullname" . }}
 6 | {{ include "prometheus.namespace" . | indent 2 }}
 7 |   labels:
 8 |     {{- include "prometheus.server.labels" . | nindent 4 }}
 9 | spec:
10 |   maxUnavailable: {{ .Values.server.podDisruptionBudget.maxUnavailable }}
11 |   selector:
12 |     matchLabels:
13 |       {{- include "prometheus.server.labels" . | nindent 6 }}
14 | {{- end }}
15 | 


--------------------------------------------------------------------------------
/examples/terraform/compiled/project1/scripts/apply.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" apply "$@"
15 | 
16 | "${DIR}"/update_output.sh


--------------------------------------------------------------------------------
/examples/terraform/compiled/project2/scripts/apply.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" apply "$@"
15 | 
16 | "${DIR}"/update_output.sh


--------------------------------------------------------------------------------
/examples/terraform/compiled/project3/scripts/apply.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" apply "$@"
15 | 
16 | "${DIR}"/update_output.sh


--------------------------------------------------------------------------------
/examples/terraform/templates/scripts/apply.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" apply "$@"
15 | 
16 | "${DIR}"/update_output.sh
17 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/templates/controller-configmap-addheaders.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.controller.addHeaders -}}
 2 | apiVersion: v1
 3 | kind: ConfigMap
 4 | metadata:
 5 |   labels:
 6 |     {{- include "ingress-nginx.labels" . | nindent 4 }}
 7 |     app.kubernetes.io/component: controller
 8 |     {{- with .Values.controller.labels }}
 9 |     {{- toYaml . | nindent 4 }}
10 |     {{- end }}
11 |   name: {{ include "ingress-nginx.fullname" . }}-custom-add-headers
12 |   namespace: {{ .Release.Namespace }}
13 | data: {{ toYaml .Values.controller.addHeaders | nindent 2 }}
14 | {{- end }}
15 | 


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project1/scripts/apply.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" apply "$@"
15 | 
16 | "${DIR}"/update_output.sh


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project2/scripts/apply.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" apply "$@"
15 | 
16 | "${DIR}"/update_output.sh


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project3/scripts/apply.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e           # If a command fails, the whole script exit
 4 | set -u           # Treat unset variables as an error, and immediately exit.
 5 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 6 | 
 7 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 8 | source "${DIR}"/common.sh
 9 | 
10 | ########################################################################################
11 | # MAIN
12 | 
13 | check_tf_initialized
14 | "${TERRAFORM}" apply "$@"
15 | 
16 | "${DIR}"/update_output.sh


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/classes/common.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   namespace: ${target_name}
 3 |   target_name: ${_reclass_:name:short}
 4 | 
 5 |   kapitan:
 6 |     vars:
 7 |       target: ${target_name}
 8 |       namespace: ${target_name}
 9 |       managed_by: kapitan
10 |     secrets:
11 |       gpg:
12 |         recipients:
13 |           - name: example@kapitan.dev
14 |             fingerprint: D9234C61F58BEB3ED8552A57E28DC07A3CBFAE7C
15 |       gkms:
16 |         key: 'projects/<project>/locations/<location>/keyRings/<keyRing>/cryptoKeys/<key>'
17 |       awskms:
18 |         key: 'alias/nameOfKey'
19 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/grafana/templates/grafana-ports-mtls.yaml:
--------------------------------------------------------------------------------
 1 | {{ define "grafana-default.yaml.tpl" }}
 2 | apiVersion: authentication.istio.io/v1alpha1
 3 | kind: Policy
 4 | metadata:
 5 |   name: grafana-ports-mtls-disabled
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     app: {{ template "grafana.name" . }}
 9 |     chart: {{ template "grafana.chart" . }}
10 |     heritage: {{ .Release.Service }}
11 |     release: {{ .Release.Name }}
12 | spec:
13 |   targets:
14 |   - name: grafana
15 |     ports:
16 |     - number: {{ .Values.service.externalPort }}
17 | {{- end }}
18 | 


--------------------------------------------------------------------------------
/docs/related.md:
--------------------------------------------------------------------------------
1 | # :kapitan-logo: Related projects
2 | 
3 | * [Tesoro](https://github.com/kapicorp/tesoro) - Kubernetes Admission Controller for Kapitan Secrets
4 | * [Kapitan Reference](https://github.com/kapicorp/kapitan-reference) - Reference repository to get started
5 | * [sublime-jsonnet-syntax](https://github.com/gburiola/sublime-jsonnet-syntax) - Jsonnet syntax highlighting for Sublime Text
6 | * [language-jsonnet](https://github.com/google/language-jsonnet) - Jsonnet syntax highlighting for Atom
7 | * [vim-jsonnet](https://github.com/google/vim-jsonnet) - Jsonnet plugin for Vim (requires a vim plugin manager)
8 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/ci/deployment-webhook-resources-values.yaml:
--------------------------------------------------------------------------------
 1 | controller:
 2 |   service:
 3 |     type: ClusterIP
 4 |   admissionWebhooks:
 5 |     enabled: true
 6 |     createSecretJob:
 7 |       resources:
 8 |         limits:
 9 |           cpu: 10m
10 |           memory: 20Mi
11 |         requests:
12 |           cpu: 10m
13 |           memory: 20Mi
14 |     patchWebhookJob:
15 |       resources:
16 |         limits:
17 |           cpu: 10m
18 |           memory: 20Mi
19 |         requests:
20 |           cpu: 10m
21 |           memory: 20Mi
22 |     patch:
23 |       enabled: true
24 | 


--------------------------------------------------------------------------------
/examples/terraform/compiled/project1/scripts/update_output.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | 
 4 | set -e           # If a command fails, the whole script exit
 5 | set -u           # Treat unset variables as an error, and immediately exit.
 6 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 7 | 
 8 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 9 | source "${DIR}"/common.sh
10 | 
11 | ########################################################################################
12 | # MAIN
13 | 
14 | mkdir -p "$OUTPUT_DIR"
15 | "${TERRAFORM}" output README > "${OUTPUT_DIR}"/README.md


--------------------------------------------------------------------------------
/examples/terraform/compiled/project2/scripts/update_output.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | 
 4 | set -e           # If a command fails, the whole script exit
 5 | set -u           # Treat unset variables as an error, and immediately exit.
 6 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 7 | 
 8 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 9 | source "${DIR}"/common.sh
10 | 
11 | ########################################################################################
12 | # MAIN
13 | 
14 | mkdir -p "$OUTPUT_DIR"
15 | "${TERRAFORM}" output README > "${OUTPUT_DIR}"/README.md


--------------------------------------------------------------------------------
/examples/terraform/compiled/project3/scripts/update_output.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | 
 4 | set -e           # If a command fails, the whole script exit
 5 | set -u           # Treat unset variables as an error, and immediately exit.
 6 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 7 | 
 8 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 9 | source "${DIR}"/common.sh
10 | 
11 | ########################################################################################
12 | # MAIN
13 | 
14 | mkdir -p "$OUTPUT_DIR"
15 | "${TERRAFORM}" output README > "${OUTPUT_DIR}"/README.md


--------------------------------------------------------------------------------
/examples/terraform/templates/scripts/update_output.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | 
 4 | set -e           # If a command fails, the whole script exit
 5 | set -u           # Treat unset variables as an error, and immediately exit.
 6 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 7 | 
 8 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 9 | source "${DIR}"/common.sh
10 | 
11 | ########################################################################################
12 | # MAIN
13 | 
14 | mkdir -p "$OUTPUT_DIR"
15 | "${TERRAFORM}" output README > "${OUTPUT_DIR}"/README.md
16 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/grafana/templates/pvc.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.persist }}
 2 | kind: PersistentVolumeClaim
 3 | apiVersion: v1
 4 | metadata:
 5 |   name: istio-grafana-pvc
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     app: {{ template "grafana.name" . }}
 9 |     chart: {{ template "grafana.chart" . }}
10 |     heritage: {{ .Release.Service }}
11 |     release: {{ .Release.Name }}
12 | spec:
13 |   storageClassName: {{ .Values.storageClassName }}
14 |   accessModes:
15 |     - {{ .Values.accessMode }}
16 |   resources:
17 |     requests:
18 |       storage: 5Gi
19 | {{- end }}
20 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/security/templates/enable-mesh-permissive.yaml:
--------------------------------------------------------------------------------
 1 | {{- define "security-permissive.yaml.tpl" }}
 2 | # Authentication policy to enable permissive mode for all services (that have sidecar) in the mesh.
 3 | apiVersion: "authentication.istio.io/v1alpha1"
 4 | kind: "MeshPolicy"
 5 | metadata:
 6 |   name: "default"
 7 |   labels:
 8 |     app: {{ template "security.name" . }}
 9 |     chart: {{ template "security.chart" . }}
10 |     heritage: {{ .Release.Service }}
11 |     release: {{ .Release.Name }}
12 | spec:
13 |   peers:
14 |   - mtls:
15 |       mode: PERMISSIVE
16 | {{- end }}
17 | 


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project1/scripts/update_output.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | 
 4 | set -e           # If a command fails, the whole script exit
 5 | set -u           # Treat unset variables as an error, and immediately exit.
 6 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 7 | 
 8 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 9 | source "${DIR}"/common.sh
10 | 
11 | ########################################################################################
12 | # MAIN
13 | 
14 | mkdir -p "$OUTPUT_DIR"
15 | "${TERRAFORM}" output README > "${OUTPUT_DIR}"/README.md


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project2/scripts/update_output.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | 
 4 | set -e           # If a command fails, the whole script exit
 5 | set -u           # Treat unset variables as an error, and immediately exit.
 6 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 7 | 
 8 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 9 | source "${DIR}"/common.sh
10 | 
11 | ########################################################################################
12 | # MAIN
13 | 
14 | mkdir -p "$OUTPUT_DIR"
15 | "${TERRAFORM}" output README > "${OUTPUT_DIR}"/README.md


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project3/scripts/update_output.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | 
 4 | set -e           # If a command fails, the whole script exit
 5 | set -u           # Treat unset variables as an error, and immediately exit.
 6 | set -o pipefail  # this will make your script exit if any command in a pipeline errors
 7 | 
 8 | DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
 9 | source "${DIR}"/common.sh
10 | 
11 | ########################################################################################
12 | # MAIN
13 | 
14 | mkdir -p "$OUTPUT_DIR"
15 | "${TERRAFORM}" output README > "${OUTPUT_DIR}"/README.md


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | automountServiceAccountToken: true
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   labels:
 6 |     app.kubernetes.io/component: controller
 7 |     app.kubernetes.io/instance: minikube-nginx-helm
 8 |     app.kubernetes.io/managed-by: Helm
 9 |     app.kubernetes.io/name: ingress-nginx
10 |     app.kubernetes.io/part-of: ingress-nginx
11 |     app.kubernetes.io/version: 1.5.1
12 |     helm.sh/chart: ingress-nginx-4.4.0
13 |   name: minikube-nginx-helm-ingress-nginx
14 |   namespace: minikube-nginx-helm
15 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/templates/pushgateway-pdb.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.pushgateway.podDisruptionBudget.enabled }}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: {{ template "prometheus.pushgateway.fullname" . }}
 6 | {{ include "prometheus.namespace" . | indent 2 }}
 7 |   labels:
 8 |     {{- include "prometheus.pushgateway.labels" . | nindent 4 }}
 9 | spec:
10 |   maxUnavailable: {{ .Values.pushgateway.podDisruptionBudget.maxUnavailable }}
11 |   selector:
12 |     matchLabels:
13 |       {{- include "prometheus.pushgateway.labels" . | nindent 6 }}
14 | {{- end }}
15 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-helm/ingress-nginx/templates/controller-serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | automountServiceAccountToken: true
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   labels:
 6 |     app.kubernetes.io/component: controller
 7 |     app.kubernetes.io/instance: minikube-nginx-helm
 8 |     app.kubernetes.io/managed-by: Helm
 9 |     app.kubernetes.io/name: ingress-nginx
10 |     app.kubernetes.io/part-of: ingress-nginx
11 |     app.kubernetes.io/version: 1.5.1
12 |     helm.sh/chart: ingress-nginx-4.4.0
13 |   name: minikube-nginx-helm-ingress-nginx
14 |   namespace: minikube-nginx-helm
15 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/grafana/templates/configmap-custom-resources.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ConfigMap
 3 | metadata:
 4 |   name: istio-grafana-custom-resources
 5 |   namespace: {{ .Release.Namespace }}
 6 |   labels:
 7 |     app: {{ template "grafana.name" . }}
 8 |     chart: {{ template "grafana.chart" . }}
 9 |     heritage: {{ .Release.Service }}
10 |     release: {{ .Release.Name }}
11 |     istio: grafana
12 | data:
13 |   custom-resources.yaml: |-
14 |     {{- include "grafana-default.yaml.tpl" . | indent 4}}
15 |   run.sh: |-
16 |     {{- include "install-custom-resources.sh.tpl" . | indent 4}}
17 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/prometheus/templates/clusterrolebindings.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: prometheus-{{ .Release.Namespace }}
 5 |   labels:
 6 |     app: prometheus
 7 |     chart: {{ template "prometheus.chart" . }}
 8 |     heritage: {{ .Release.Service }}
 9 |     release: {{ .Release.Name }}
10 | roleRef:
11 |   apiGroup: rbac.authorization.k8s.io
12 |   kind: ClusterRole
13 |   name: prometheus-{{ .Release.Namespace }}
14 | subjects:
15 | - kind: ServiceAccount
16 |   name: prometheus
17 |   namespace: {{ .Release.Namespace }}
18 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/templates/alertmanager-pdb.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.alertmanager.podDisruptionBudget.enabled }}
 2 | apiVersion: policy/v1beta1
 3 | kind: PodDisruptionBudget
 4 | metadata:
 5 |   name: {{ template "prometheus.alertmanager.fullname" . }}
 6 | {{ include "prometheus.namespace" . | indent 2 }}
 7 |   labels:
 8 |     {{- include "prometheus.alertmanager.labels" . | nindent 4 }}
 9 | spec:
10 |   maxUnavailable: {{ .Values.alertmanager.podDisruptionBudget.maxUnavailable }}
11 |   selector:
12 |     matchLabels:
13 |       {{- include "prometheus.alertmanager.labels" . | nindent 6 }}
14 | {{- end }}
15 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/galley/templates/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: istio-galley
 5 |   namespace: {{ .Release.Namespace }}
 6 |   labels:
 7 |     app: {{ template "galley.name" . }}
 8 |     chart: {{ template "galley.chart" . }}
 9 |     heritage: {{ .Release.Service }}
10 |     release: {{ .Release.Name }}
11 |     istio: galley
12 | spec:
13 |   ports:
14 |   - port: 443
15 |     name: https-validation
16 |   - port: {{ .Values.global.monitoringPort }}
17 |     name: http-monitoring
18 |   - port: 9901
19 |     name: grpc-mcp
20 |   selector:
21 |     istio: galley
22 | 


--------------------------------------------------------------------------------
/tests/test_resources/compiled/monitoring-dev/prometheus/templates/server-service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     app: prometheus
 6 |     chart: prometheus-11.3.0
 7 |     component: dev-server
 8 |     heritage: Tiller
 9 |     release: prometheus
10 |   name: prometheus-dev-server
11 |   namespace: infra-prometheus
12 | spec:
13 |   ports:
14 |     - name: http
15 |       port: 80
16 |       protocol: TCP
17 |       targetPort: 9090
18 |   selector:
19 |     app: prometheus
20 |     component: dev-server
21 |     release: prometheus
22 |   sessionAffinity: None
23 |   type: ClusterIP
24 | 


--------------------------------------------------------------------------------
/tests/test_resources/compiled/monitoring-prd/prometheus/templates/server-service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     app: prometheus
 6 |     chart: prometheus-11.3.0
 7 |     component: prd-server
 8 |     heritage: Tiller
 9 |     release: prometheus
10 |   name: prometheus-prd-server
11 |   namespace: infra-prometheus
12 | spec:
13 |   ports:
14 |     - name: http
15 |       port: 80
16 |       protocol: TCP
17 |       targetPort: 9090
18 |   selector:
19 |     app: prometheus
20 |     component: prd-server
21 |     release: prometheus
22 |   sessionAffinity: None
23 |   type: ClusterIP
24 | 


--------------------------------------------------------------------------------
/examples/kubernetes/charts/nginx-ingress/templates/controller-webhooks-networkpolicy.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.controller.admissionWebhooks.enabled }}
 2 | {{- if .Values.controller.admissionWebhooks.networkPolicyEnabled }}
 3 | 
 4 | apiVersion: networking.k8s.io/v1
 5 | kind: NetworkPolicy
 6 | metadata:
 7 |   name: {{ include "ingress-nginx.fullname" . }}-webhooks-allow
 8 |   namespace: {{ .Release.Namespace }}
 9 | spec:
10 |   ingress:
11 |   - {}
12 |   podSelector:
13 |     matchLabels:
14 |       app.kubernetes.io/name: {{ include "ingress-nginx.name" . }}
15 |   policyTypes:
16 |     - Ingress
17 | 
18 | {{- end }}
19 | {{- end }}
20 | 


--------------------------------------------------------------------------------
/examples/terraform/compiled/project1/terraform/output.tf.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "data": {
 3 |     "template_file": {
 4 |       "readme": {
 5 |         "template": "# project1\n|   |   |\n| - | - |\n| **region** | europe-west2 |\n| **zone**   | europe-west2-a |\n| **url**         | https://console.cloud.google.com/home/dashboard?project=project1 |\n\nResources managed by terraform in this project:\n\n  * dns\n\n\n\n## DNS\n  * google.co.uk\n  * google.com\n"
 6 |       }
 7 |     }
 8 |   },
 9 |   "output": {
10 |     "README.md": {
11 |       "sensitive": true,
12 |       "value": "${data.template_file.readme.rendered}"
13 |     }
14 |   }
15 | }


--------------------------------------------------------------------------------
/tests/test_terraform_compiled/project1/terraform/output.tf.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "data": {
 3 |     "template_file": {
 4 |       "readme": {
 5 |         "template": "# project1\n|   |   |\n| - | - |\n| **region** | europe-west2 |\n| **zone**   | europe-west2-a |\n| **url**         | https://console.cloud.google.com/home/dashboard?project=project1 |\n\nResources managed by terraform in this project:\n\n  * dns\n\n\n\n## DNS\n  * google.co.uk\n  * google.com\n"
 6 |       }
 7 |     }
 8 |   },
 9 |   "output": {
10 |     "README.md": {
11 |       "sensitive": true,
12 |       "value": "${data.template_file.readme.rendered}"
13 |     }
14 |   }
15 | }


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/gateways/templates/rolebindings.yaml:
--------------------------------------------------------------------------------
 1 | {{- range $key, $spec := .Values }}
 2 | {{- if ne $key "enabled" }}
 3 | {{- if $spec.enabled }}
 4 | {{- if and ($spec.sds) (eq $spec.sds.enabled true) }}
 5 | apiVersion: rbac.authorization.k8s.io/v1
 6 | kind: RoleBinding
 7 | metadata:
 8 |   name: {{ $key }}-sds
 9 |   namespace: {{ $.Release.Namespace }}
10 | roleRef:
11 |   apiGroup: rbac.authorization.k8s.io
12 |   kind: Role
13 |   name: {{ $key }}-sds
14 | subjects:
15 | - kind: ServiceAccount
16 |   name: {{ $key }}-service-account
17 | ---
18 | {{- end }}
19 | {{- end }}
20 | {{- end }}
21 | {{- end }}
22 | 


--------------------------------------------------------------------------------
/examples/kubernetes/compiled/minikube-nginx-helm/ingress-nginx/templates/controller-configmap.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | data:
 3 |   allow-snippet-annotations: 'true'
 4 | kind: ConfigMap
 5 | metadata:
 6 |   labels:
 7 |     app.kubernetes.io/component: controller
 8 |     app.kubernetes.io/instance: minikube-nginx-helm
 9 |     app.kubernetes.io/managed-by: Helm
10 |     app.kubernetes.io/name: ingress-nginx
11 |     app.kubernetes.io/part-of: ingress-nginx
12 |     app.kubernetes.io/version: 1.5.1
13 |     helm.sh/chart: ingress-nginx-4.4.0
14 |   name: minikube-nginx-helm-ingress-nginx-minikube-nginx-helm
15 |   namespace: minikube-nginx-helm
16 | 


--------------------------------------------------------------------------------
/tests/test_kubernetes_compiled/minikube-nginx-helm/ingress-nginx/templates/controller-configmap.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | data:
 3 |   allow-snippet-annotations: 'true'
 4 | kind: ConfigMap
 5 | metadata:
 6 |   labels:
 7 |     app.kubernetes.io/component: controller
 8 |     app.kubernetes.io/instance: minikube-nginx-helm
 9 |     app.kubernetes.io/managed-by: Helm
10 |     app.kubernetes.io/name: ingress-nginx
11 |     app.kubernetes.io/part-of: ingress-nginx
12 |     app.kubernetes.io/version: 1.5.1
13 |     helm.sh/chart: ingress-nginx-4.4.0
14 |   name: minikube-nginx-helm-ingress-nginx-minikube-nginx-helm
15 |   namespace: minikube-nginx-helm
16 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/charts/kube-state-metrics/Chart.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | appVersion: 1.9.5
 3 | description: Install kube-state-metrics to generate and expose cluster-level metrics
 4 | home: https://github.com/kubernetes/kube-state-metrics/
 5 | keywords:
 6 | - metric
 7 | - monitoring
 8 | - prometheus
 9 | - kubernetes
10 | maintainers:
11 | - email: jose@armesto.net
12 |   name: fiunchinho
13 | - email: tariq.ibrahim@mulesoft.com
14 |   name: tariq1890
15 | - email: manuel@rueg.eu
16 |   name: mrueg
17 | name: kube-state-metrics
18 | sources:
19 | - https://github.com/kubernetes/kube-state-metrics/
20 | version: 2.7.2
21 | 


--------------------------------------------------------------------------------
/examples/kubernetes/components/jsonnet-env/env.jsonnet:
--------------------------------------------------------------------------------
 1 | local kap = import 'lib/kapitan.libjsonnet';
 2 | local inventory = kap.inventory();
 3 | 
 4 | 
 5 | 
 6 | {
 7 |   env: {
 8 |     applications: inventory.applications,
 9 |     classes: inventory.classes,
10 |     parameters: inventory.parameters {
11 |       ["_kapitan_"]:: std.get(inventory.parameters, "_kapitan_"),  // Ignore this in compile tests because reclass doesn't support it
12 |       ["_reclass_"]: std.get(inventory.parameters, "_reclass_") {
13 |         ["environment"]:: "base" // ignore because unused
14 |       }
15 |     },
16 |     exports: inventory.exports,
17 |   },
18 | }
19 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/sidecarInjectorWebhook/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: ServiceAccount
 3 | {{- if .Values.global.imagePullSecrets }}
 4 | imagePullSecrets:
 5 | {{- range .Values.global.imagePullSecrets }}
 6 |   - name: {{ . }}
 7 | {{- end }}
 8 | {{- end }}
 9 | metadata:
10 |   name: istio-sidecar-injector-service-account
11 |   namespace: {{ .Release.Namespace }}
12 |   labels:
13 |     app: {{ template "sidecar-injector.name" . }}
14 |     chart: {{ template "sidecar-injector.chart" . }}
15 |     heritage: {{ .Release.Service }}
16 |     release: {{ .Release.Name }}
17 |     istio: sidecar-injector
18 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/example-values/values-istio-googleca.yaml:
--------------------------------------------------------------------------------
 1 | global:
 2 |   controlPlaneSecurityEnabled: false
 3 | 
 4 |   mtls:
 5 |     # Default setting for service-to-service mtls. Can be set explicitly using
 6 |     # destination rules or service annotations.
 7 |     enabled: true
 8 | 
 9 |   sds:
10 |     enabled: true
11 |     udsPath: "unix:/var/run/sds/uds_path"
12 |     useTrustworthyJwt: true 
13 | 
14 |   trustDomain: ""
15 | 
16 | nodeagent:
17 |   enabled: true
18 |   image: node-agent-k8s
19 |   env:
20 |     CA_PROVIDER: "GoogleCA"
21 |     CA_ADDR: "istioca.googleapis.com:443"
22 |     Plugins: "GoogleTokenExchange"
23 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/mixer/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
 1 | {{- if or (.Values.policy.enabled) (.Values.telemetry.enabled) }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | {{- if .Values.global.imagePullSecrets }}
 5 | imagePullSecrets:
 6 | {{- range .Values.global.imagePullSecrets }}
 7 |   - name: {{ . }}
 8 | {{- end }}
 9 | {{- end }}
10 | metadata:
11 |   name: istio-mixer-service-account
12 |   namespace: {{ .Release.Namespace }}
13 |   labels:
14 |     app: {{ template "mixer.name" . }}
15 |     chart: {{ template "mixer.chart" . }}
16 |     heritage: {{ .Release.Service }}
17 |     release: {{ .Release.Name }}
18 | {{- end }}
19 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/pilot/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: istio-pilot-{{ .Release.Namespace }}
 5 |   labels:
 6 |     app: {{ template "pilot.name" . }}
 7 |     chart: {{ template "pilot.chart" . }}
 8 |     heritage: {{ .Release.Service }}
 9 |     release: {{ .Release.Name }}
10 | roleRef:
11 |   apiGroup: rbac.authorization.k8s.io
12 |   kind: ClusterRole
13 |   name: istio-pilot-{{ .Release.Namespace }}
14 | subjects:
15 |   - kind: ServiceAccount
16 |     name: istio-pilot-service-account
17 |     namespace: {{ .Release.Namespace }}
18 | 


--------------------------------------------------------------------------------
/.github/workflows/housekeeping.yml:
--------------------------------------------------------------------------------
 1 | name: 'Housekeeping'
 2 | on:
 3 |   schedule:
 4 |     - cron: '0 0 * * *'
 5 | 
 6 | jobs:
 7 |   stale:
 8 |     runs-on: ubuntu-latest
 9 |     steps:
10 |       - uses: actions/stale@v9
11 |         with:
12 |           stale-issue-message: |
13 |             This issue is stale because it has been open for 1 year with no activity.
14 |             Remove the stale label or comment if this issue is still relevant for you.
15 |             If not, please close it yourself.
16 |           days-before-issue-stale: 365
17 |           days-before-pr-stale: -1
18 |           days-before-close: -1
19 |           days-before-pr-close: -1
20 | 


--------------------------------------------------------------------------------
/examples/kubernetes/inventory/classes/component/busybox.yml:
--------------------------------------------------------------------------------
 1 | parameters:
 2 |   kapitan:
 3 |     vars:
 4 |       target: ${target_name}
 5 |       namespace: ${target_name}
 6 |     compile:
 7 |       - output_path: ./copy
 8 |         input_type: copy
 9 |         input_paths:
10 |           - components/busybox/pod.yml
11 |       # test copying over existing output_path to check for clobbering
12 |       - input_type: copy
13 |         input_paths:
14 |           - copy_target
15 |         output_path: ./copy
16 |       # test copying over root output_path
17 |       - input_type: copy
18 |         input_paths:
19 |           - copy_target
20 |         output_path: .


--------------------------------------------------------------------------------
/tests/test_resources/charts/prometheus/templates/server-networkpolicy.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.server.enabled -}}
 2 | {{- if .Values.networkPolicy.enabled }}
 3 | apiVersion: {{ template "prometheus.networkPolicy.apiVersion" . }}
 4 | kind: NetworkPolicy
 5 | metadata:
 6 |   name: {{ template "prometheus.server.fullname" . }}
 7 | {{ include "prometheus.namespace" . | indent 2 }}
 8 |   labels:
 9 |     {{- include "prometheus.server.labels" . | nindent 4 }}
10 | spec:
11 |   podSelector:
12 |     matchLabels:
13 |       {{- include "prometheus.server.matchLabels" . | nindent 6 }}
14 |   ingress:
15 |     - ports:
16 |       - port: 9090
17 | {{- end }}
18 | {{- end }}
19 | 


--------------------------------------------------------------------------------
/docs/pages/contribute/sponsor.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | comments: true
 3 | tags:
 4 |   - community
 5 | ---
 6 | # :kapitan-logo: **Sponsor Kapitan**
 7 | 
 8 | Do you want to help the project? Great! There are many ways to do it
 9 | 
10 | ![GitHub Sponsors](https://img.shields.io/github/sponsors/kapicorp?style=for-the-badge)
11 | ![GitHub Stars](https://img.shields.io/github/stars/kapicorp/kapitan?style=for-the-badge)
12 | 
13 | We accept donations throught [GitHubs Sponsors](https://github.com/sponsors/kapicorp). Alternatively reach out for other ways to support us.
14 | 
15 | Companies and individuals sponsoring us on a regular base will be recognised and called out on our website
16 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/istiocoredns/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: istio-istiocoredns-role-binding-{{ .Release.Namespace }}
 5 |   labels:
 6 |     app: {{ template "istiocoredns.name" . }}
 7 |     chart: {{ template "istiocoredns.chart" . }}
 8 |     heritage: {{ .Release.Service }}
 9 |     release: {{ .Release.Name }}
10 | roleRef:
11 |   apiGroup: rbac.authorization.k8s.io
12 |   kind: ClusterRole
13 |   name: istiocoredns
14 | subjects:
15 | - kind: ServiceAccount
16 |   name: istiocoredns-service-account
17 |   namespace: {{ .Release.Namespace }}
18 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/security/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: istio-citadel-{{ .Release.Namespace }}
 5 |   labels:
 6 |     app: {{ template "security.name" . }}
 7 |     chart: {{ template "security.chart" . }}
 8 |     heritage: {{ .Release.Service }}
 9 |     release: {{ .Release.Name }}
10 | roleRef:
11 |   apiGroup: rbac.authorization.k8s.io
12 |   kind: ClusterRole
13 |   name: istio-citadel-{{ .Release.Namespace }}
14 | subjects:
15 |   - kind: ServiceAccount
16 |     name: istio-citadel-service-account
17 |     namespace: {{ .Release.Namespace }}
18 | 


--------------------------------------------------------------------------------
/docs/pages/blog/posts/2024-02-12.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | author: Luis Buriola
 3 | author_gh_user: gburiola
 4 | read_time: 2m
 5 | date: 2024-02-12
 6 | ---
 7 | 
 8 | # :kapitan-logo: New **Kapitan** release  v0.33.1
 9 | 
10 | The **Kapicorp** team is happy to to announce a new release of **Kapitan**.
11 | 
12 | This release contains loads of improvements for the past 8 months, the majority of which have been contributions from our community!
13 | 
14 | Head over our [release page](https://github.com/kapicorp/kapitan/releases/tag/v0.33.1) on GitHub for a full list of features and contributors.
15 | 
16 | Please help us by visiting our [Sponsor Kapitan](../../contribute/sponsor.md) page.
17 | 


--------------------------------------------------------------------------------
/tests/test_resources/charts/istio/charts/nodeagent/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: istio-nodeagent-{{ .Release.Namespace }}
 5 |   labels:
 6 |     app: {{ template "nodeagent.name" . }}
 7 |     chart: {{ template "nodeagent.chart" . }}
 8 |     heritage: {{ .Release.Service }}
 9 |     release: {{ .Release.Name }}
10 | roleRef:
11 |   apiGroup: rbac.authorization.k8s.io
12 |   kind: ClusterRole
13 |   name: istio-nodeagent-{{ .Release.Namespace }}
14 | subjects:
15 |   - kind: ServiceAccount
16 |     name: istio-nodeagent-service-account
17 |     namespace: {{ .Release.Namespace }}


--------------------------------------------------------------------------------