├── testdata ├── write │ ├── .keepme │ └── config │ │ ├── test.yaml │ │ └── test.json ├── definition │ ├── config │ │ └── common.json │ ├── services │ │ └── component.json │ ├── component.json │ ├── infra-single │ │ ├── component.json │ │ └── components │ │ │ └── infra-single │ │ │ └── fabrikate-elasticsearch-fluentd-kibana │ │ │ └── component.json │ └── infra │ │ └── component.json ├── badjsonconfig │ └── config │ │ └── common.json ├── generate-remote-static │ ├── manifests │ │ └── keyvault-flexvolume.yaml │ ├── component.yaml │ └── components │ │ └── keyvault-sub │ │ └── keyvault-sub.yaml ├── badyamlcomponent │ └── component.yaml ├── generate-yaml │ ├── helm_repos │ │ ├── grafana │ │ │ ├── stable │ │ │ │ └── grafana │ │ │ │ │ ├── dashboards │ │ │ │ │ └── custom-dashboard.json │ │ │ │ │ ├── OWNERS │ │ │ │ │ ├── templates │ │ │ │ │ ├── serviceaccount.yaml │ │ │ │ │ ├── rolebinding.yaml │ │ │ │ │ ├── role.yaml │ │ │ │ │ ├── clusterrole.yaml │ │ │ │ │ ├── dashboards-json-configmap.yaml │ │ │ │ │ ├── secret.yaml │ │ │ │ │ ├── configmap-dashboard-provider.yaml │ │ │ │ │ ├── clusterrolebinding.yaml │ │ │ │ │ ├── pvc.yaml │ │ │ │ │ ├── ingress.yaml │ │ │ │ │ ├── _helpers.tpl │ │ │ │ │ └── podsecuritypolicy.yaml │ │ │ │ │ ├── .helmignore │ │ │ │ │ └── Chart.yaml │ │ │ ├── code-of-conduct.md │ │ │ ├── OWNERS │ │ │ ├── .gitignore │ │ │ ├── .github │ │ │ │ ├── stale.yml │ │ │ │ └── ISSUE_TEMPLATE.md │ │ │ └── .circleci │ │ │ │ └── config.yml │ │ └── prometheus │ │ │ ├── stable │ │ │ └── prometheus │ │ │ │ ├── OWNERS │ │ │ │ ├── templates │ │ │ │ ├── server-serviceaccount.yaml │ │ │ │ ├── pushgateway-serviceaccount.yaml │ │ │ │ ├── alertmanager-serviceaccount.yaml │ │ │ │ ├── node-exporter-serviceaccount.yaml │ │ │ │ ├── kube-state-metrics-serviceaccount.yaml │ │ │ │ ├── server-networkpolicy.yaml │ │ │ │ ├── alertmanager-configmap.yaml │ │ │ │ ├── server-clusterrolebinding.yaml │ │ │ │ ├── node-exporter-role.yaml │ │ │ │ ├── kube-state-metrics-clusterrolebinding.yaml │ │ │ │ ├── alertmanager-networkpolicy.yaml │ │ │ │ ├── kube-state-metrics-networkpolicy.yaml │ │ │ │ ├── node-exporter-rolebinding.yaml │ │ │ │ ├── server-service-headless.yaml │ │ │ │ ├── server-clusterrole.yaml │ │ │ │ ├── server-pvc.yaml │ │ │ │ ├── alertmanager-service-headless.yaml │ │ │ │ ├── pushgateway-ingress.yaml │ │ │ │ ├── alertmanager-pvc.yaml │ │ │ │ ├── server-ingress.yaml │ │ │ │ ├── alertmanager-ingress.yaml │ │ │ │ ├── server-service.yaml │ │ │ │ ├── pushgateway-service.yaml │ │ │ │ ├── node-exporter-service.yaml │ │ │ │ ├── kube-state-metrics-clusterrole.yaml │ │ │ │ ├── kube-state-metrics-svc.yaml │ │ │ │ └── node-exporter-podsecuritypolicy.yaml │ │ │ │ ├── .helmignore │ │ │ │ └── Chart.yaml │ │ │ ├── code-of-conduct.md │ │ │ ├── OWNERS │ │ │ ├── .gitignore │ │ │ ├── .github │ │ │ ├── stale.yml │ │ │ └── ISSUE_TEMPLATE.md │ │ │ └── .circleci │ │ │ └── config.yml │ ├── manifests │ │ ├── grafana-namespace.yaml │ │ └── prometheus-namespace.yaml │ ├── component.yaml │ └── config │ │ └── common.yaml ├── set │ ├── inject.yaml │ └── config │ │ ├── test.yaml │ │ └── new.yaml ├── iterator │ ├── infra │ │ ├── components │ │ │ └── efk │ │ │ │ └── component.json │ │ └── component.json │ └── component.json ├── install-private │ ├── access.yaml │ └── component.yaml ├── install-yaml │ ├── manifests │ │ ├── grafana-namespace.yaml │ │ └── prometheus-namespace.yaml │ ├── component.yaml │ └── config │ │ └── common.yaml ├── generate │ ├── infra │ │ ├── fabrikate-jaeger │ │ │ ├── helm_repos │ │ │ │ └── jaeger │ │ │ │ │ ├── charts │ │ │ │ │ ├── elasticsearch │ │ │ │ │ │ ├── .helmignore │ │ │ │ │ │ ├── ci │ │ │ │ │ │ │ ├── expose-transport-port-on-service-values.yaml │ │ │ │ │ │ │ ├── updatestrategy-values.yaml │ │ │ │ │ │ │ ├── plugin-initcontainer-values.yaml │ │ │ │ │ │ │ ├── nonroot-deployment-values.yaml │ │ │ │ │ │ │ ├── extrainitcontainers-values.yaml │ │ │ │ │ │ │ └── hooks-values.yaml │ │ │ │ │ │ ├── templates │ │ │ │ │ │ │ ├── client-auth.yaml │ │ │ │ │ │ │ ├── data-serviceaccount.yaml │ │ │ │ │ │ │ ├── client-serviceaccount.yaml │ │ │ │ │ │ │ ├── master-serviceaccount.yaml │ │ │ │ │ │ │ ├── role.yaml │ │ │ │ │ │ │ ├── tests │ │ │ │ │ │ │ │ ├── test-configmap.yaml │ │ │ │ │ │ │ │ └── test.yaml │ │ │ │ │ │ │ ├── master-svc.yaml │ │ │ │ │ │ │ ├── data-pdb.yaml │ │ │ │ │ │ │ ├── client-pdb.yaml │ │ │ │ │ │ │ ├── master-pdb.yaml │ │ │ │ │ │ │ ├── rolebinding.yaml │ │ │ │ │ │ │ ├── podsecuritypolicy.yaml │ │ │ │ │ │ │ ├── job.yaml │ │ │ │ │ │ │ ├── client-svc.yaml │ │ │ │ │ │ │ └── client-ingress.yaml │ │ │ │ │ │ └── Chart.yaml │ │ │ │ │ ├── cassandra-0.13.4.tgz │ │ │ │ │ ├── elasticsearch-1.32.5.tgz │ │ │ │ │ └── cassandra │ │ │ │ │ │ ├── sample │ │ │ │ │ │ └── create-storage-gce.yaml │ │ │ │ │ │ ├── .helmignore │ │ │ │ │ │ ├── templates │ │ │ │ │ │ ├── configmap.yaml │ │ │ │ │ │ ├── pdb.yaml │ │ │ │ │ │ ├── servicemonitor.yaml │ │ │ │ │ │ ├── service.yaml │ │ │ │ │ │ ├── _helpers.tpl │ │ │ │ │ │ └── backup │ │ │ │ │ │ │ └── rbac.yaml │ │ │ │ │ │ └── Chart.yaml │ │ │ │ │ ├── OWNERS │ │ │ │ │ ├── requirements.yaml │ │ │ │ │ ├── requirements.lock │ │ │ │ │ ├── .helmignore │ │ │ │ │ ├── templates │ │ │ │ │ ├── agent-sa.yaml │ │ │ │ │ ├── query-sa.yaml │ │ │ │ │ ├── spark-sa.yaml │ │ │ │ │ ├── hotrod-sa.yaml │ │ │ │ │ ├── collector-sa.yaml │ │ │ │ │ ├── cassandra-schema-sa.yaml │ │ │ │ │ ├── collector-configmap.yaml │ │ │ │ │ ├── cassandra-secret.yaml │ │ │ │ │ ├── elasticsearch-secret.yaml │ │ │ │ │ ├── query-svc.yaml │ │ │ │ │ ├── hotrod-svc.yaml │ │ │ │ │ ├── query-ing.yaml │ │ │ │ │ ├── hotrod-ing.yaml │ │ │ │ │ ├── collector-hpa.yaml │ │ │ │ │ ├── NOTES.txt │ │ │ │ │ ├── collector-svc.yaml │ │ │ │ │ └── agent-svc.yaml │ │ │ │ │ └── Chart.yaml │ │ │ ├── manifests │ │ │ │ ├── jaeger-namespace.yaml │ │ │ │ └── zipkin-svc.yaml │ │ │ ├── config │ │ │ │ ├── common.yaml │ │ │ │ └── prod.json │ │ │ ├── component.json │ │ │ ├── LICENSE │ │ │ └── README.md │ │ └── component.json │ └── component.json ├── disabled │ ├── config │ │ ├── default.yaml │ │ └── disabled.yaml │ └── component.yaml ├── load │ └── config │ │ ├── test.yaml │ │ └── test.json ├── generate-hooks │ ├── manifests │ │ └── namespace.yaml │ └── component.json ├── add │ ├── config │ │ └── test.yaml │ └── component.yaml ├── local-charts │ └── prometheus │ │ ├── charts │ │ └── kube-state-metrics │ │ │ ├── OWNERS │ │ │ ├── .helmignore │ │ │ ├── Chart.yaml │ │ │ └── templates │ │ │ ├── pdb.yaml │ │ │ ├── NOTES.txt │ │ │ ├── serviceaccount.yaml │ │ │ ├── clusterrolebinding.yaml │ │ │ ├── psp-clusterrolebinding.yaml │ │ │ ├── stsdiscovery-role.yaml │ │ │ ├── stsdiscovery-rolebinding.yaml │ │ │ ├── psp-clusterrole.yaml │ │ │ ├── servicemonitor.yaml │ │ │ ├── podsecuritypolicy.yaml │ │ │ └── service.yaml │ │ ├── requirements.yaml │ │ ├── requirements.lock │ │ ├── .helmignore │ │ ├── templates │ │ ├── server │ │ │ ├── serviceaccount.yaml │ │ │ ├── pdb.yaml │ │ │ ├── netpol.yaml │ │ │ ├── clusterrolebinding.yaml │ │ │ ├── rolebinding.yaml │ │ │ ├── vpa.yaml │ │ │ ├── clusterrole.yaml │ │ │ ├── pvc.yaml │ │ │ ├── headless-svc.yaml │ │ │ ├── psp.yaml │ │ │ └── ingress.yaml │ │ ├── pushgateway │ │ │ ├── serviceaccount.yaml │ │ │ ├── pdb.yaml │ │ │ ├── clusterrole.yaml │ │ │ ├── clusterrolebinding.yaml │ │ │ ├── netpol.yaml │ │ │ ├── pvc.yaml │ │ │ ├── psp.yaml │ │ │ ├── ingress.yaml │ │ │ └── service.yaml │ │ ├── alertmanager │ │ │ ├── serviceaccount.yaml │ │ │ ├── pdb.yaml │ │ │ ├── clusterrole.yaml │ │ │ ├── cm.yaml │ │ │ ├── netpol.yaml │ │ │ ├── role.yaml │ │ │ ├── clusterrolebinding.yaml │ │ │ ├── rolebinding.yaml │ │ │ ├── headless-svc.yaml │ │ │ ├── pvc.yaml │ │ │ ├── psp.yaml │ │ │ └── ingress.yaml │ │ └── node-exporter │ │ │ ├── serviceaccount.yaml │ │ │ ├── role.yaml │ │ │ ├── rolebinding.yaml │ │ │ └── psp.yaml │ │ └── Chart.yaml ├── merge │ └── config │ │ ├── new.yaml │ │ └── current.yaml ├── repo-alias │ └── component.yaml ├── badjsoncomponent │ └── component.json ├── install │ ├── component.json │ └── infra │ │ └── component.json ├── generate-disabled │ ├── config │ │ └── disabled.yaml │ └── component.yaml ├── install-helm-fix-261-dep-update-bug │ ├── cloud-native │ │ └── component.yaml │ └── component.yaml ├── badyamlconfig │ └── config │ │ └── common.yaml ├── install-hooks │ └── component.json └── install-helm │ └── component.yaml ├── .prettierrc ├── internal ├── helm │ ├── sync.go │ ├── template.go │ └── pull.go ├── core │ ├── pathValuePair.go │ └── generator.go ├── generators │ ├── helm_test.go │ └── static_test.go ├── git │ └── access.go ├── url │ └── core.go └── cmd │ ├── find_test.go │ ├── remove_test.go │ ├── install_test.go │ ├── version.go │ └── remove.go ├── scripts ├── merge-upstream └── test.sh ├── .devcontainer ├── docker-lock.json ├── Dockerfile └── devcontainer.json ├── .editorconfig ├── .gitignore ├── .github └── ISSUE_TEMPLATE │ ├── feature_request.md │ └── bug_report.md ├── cmd └── fab │ └── main.go ├── util ├── map_test.go └── file.go ├── azure-pipelines.yml ├── LICENSE └── go.mod /testdata/write/.keepme: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /testdata/definition/config/common.json: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /testdata/definition/services/component.json: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.prettierrc: -------------------------------------------------------------------------------- 1 | { 2 | "proseWrap": "always" 3 | } 4 | -------------------------------------------------------------------------------- /testdata/badjsonconfig/config/common.json: -------------------------------------------------------------------------------- 1 | THIS IS NOT VALID JSON 2 | -------------------------------------------------------------------------------- /testdata/generate-remote-static/manifests/keyvault-flexvolume.yaml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /testdata/badyamlcomponent/component.yaml: -------------------------------------------------------------------------------- 1 | microservices-workload 2 | subcomponents: 3 | -------------------------------------------------------------------------------- /internal/helm/sync.go: -------------------------------------------------------------------------------- 1 | package helm 2 | 3 | import "sync" 4 | 5 | var lock sync.RWMutex 6 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/dashboards/custom-dashboard.json: -------------------------------------------------------------------------------- 1 | {} -------------------------------------------------------------------------------- /testdata/set/inject.yaml: -------------------------------------------------------------------------------- 1 | this: 2 | is: 3 | a: 4 | nested: map 5 | here: is another map 6 | -------------------------------------------------------------------------------- /testdata/iterator/infra/components/efk/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "efk", 3 | "version": "1.0.0" 4 | } 5 | -------------------------------------------------------------------------------- /scripts/merge-upstream: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | git fetch upstream 4 | git checkout develop 5 | git merge upstream/develop 6 | -------------------------------------------------------------------------------- /testdata/generate-yaml/manifests/grafana-namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: grafana -------------------------------------------------------------------------------- /testdata/install-private/access.yaml: -------------------------------------------------------------------------------- 1 | https://github.com/evanlouie/fabrikate-private-component: personal_access_token 2 | -------------------------------------------------------------------------------- /testdata/install-yaml/manifests/grafana-namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: grafana -------------------------------------------------------------------------------- /testdata/install-yaml/manifests/prometheus-namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: prometheus -------------------------------------------------------------------------------- /testdata/write/config/test.yaml: -------------------------------------------------------------------------------- 1 | config: 2 | foo: bar 3 | subcomponents: 4 | myapp: 5 | config: 6 | zoo: zar 7 | -------------------------------------------------------------------------------- /testdata/generate-yaml/manifests/prometheus-namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: prometheus -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | # OWNERS file for Kubernetes 3 | OWNERS -------------------------------------------------------------------------------- /testdata/disabled/config/default.yaml: -------------------------------------------------------------------------------- 1 | subcomponents: 2 | elasticsearch: 3 | config: 4 | fod: rad 5 | foo: rad 6 | zoo: zaa -------------------------------------------------------------------------------- /testdata/load/config/test.yaml: -------------------------------------------------------------------------------- 1 | namespace: myapp 2 | config: 3 | foo: bar 4 | subcomponents: 5 | myapp: 6 | config: 7 | zoo: zar 8 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - mgoodness 3 | - gianrubio 4 | reviewers: 5 | - mgoodness 6 | - gianrubio 7 | -------------------------------------------------------------------------------- /testdata/generate-hooks/manifests/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | labels: 5 | istio-injection: enabled 6 | name: services -------------------------------------------------------------------------------- /testdata/disabled/config/disabled.yaml: -------------------------------------------------------------------------------- 1 | subcomponents: 2 | cloud-native: 3 | disabled: true 4 | elasticsearch: 5 | disabled: true 6 | config: 7 | fod: bar -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - zanhsieh 3 | - rtluckie 4 | - maorfr 5 | reviewers: 6 | - zanhsieh 7 | - rtluckie 8 | - maorfr 9 | -------------------------------------------------------------------------------- /testdata/add/config/test.yaml: -------------------------------------------------------------------------------- 1 | config: 2 | fod: rad 3 | foo: faa 4 | subcomponents: 5 | myapp: 6 | config: 7 | fod: rad 8 | foo: rad 9 | zoo: zaa 10 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - fiunchinho 3 | - tariq1890 4 | - mrueg 5 | reviewers: 6 | - fiunchinho 7 | - tariq1890 8 | - mrueg 9 | -------------------------------------------------------------------------------- /testdata/set/config/test.yaml: -------------------------------------------------------------------------------- 1 | config: 2 | fod: rad 3 | foo: faa 4 | subcomponents: 5 | myapp: 6 | config: 7 | fod: rad 8 | foo: rad 9 | zoo: zaa 10 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/manifests/jaeger-namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: jaeger 5 | labels: 6 | istio-injection: enabled 7 | -------------------------------------------------------------------------------- /testdata/merge/config/new.yaml: -------------------------------------------------------------------------------- 1 | subcomponents: 2 | jaeger: 3 | config: 4 | provisionDataStore: 5 | cassandra: false 6 | elasticsearch: true 7 | mixed: "2" 8 | -------------------------------------------------------------------------------- /testdata/install-private/component.yaml: -------------------------------------------------------------------------------- 1 | name: foobar 2 | subcomponents: 3 | - name: my-private-repo 4 | source: https://github.com/evanlouie/fabrikate-private-component 5 | method: git 6 | -------------------------------------------------------------------------------- /testdata/repo-alias/component.yaml: -------------------------------------------------------------------------------- 1 | name: repo-alias 2 | subcomponents: 3 | - name: metricbeat 4 | type: helm 5 | source: https://helm.elastic.co 6 | method: helm 7 | path: metricbeat 8 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/code-of-conduct.md: -------------------------------------------------------------------------------- 1 | # Community Code of Conduct 2 | 3 | Helm follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md). 4 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/code-of-conduct.md: -------------------------------------------------------------------------------- 1 | # Community Code of Conduct 2 | 3 | Helm follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md). 4 | -------------------------------------------------------------------------------- /testdata/badjsoncomponent/component.json: -------------------------------------------------------------------------------- 1 | "name": "microservices-workload", 2 | "subcomponents": [ 3 | { 4 | "name": "infra", 5 | "source": "./infra" 6 | } 7 | ] 8 | } 9 | -------------------------------------------------------------------------------- /testdata/write/config/test.json: -------------------------------------------------------------------------------- 1 | { 2 | "config": { 3 | "foo": "bar" 4 | }, 5 | "subcomponents": { 6 | "myapp": { 7 | "config": { 8 | "zoo": "zar" 9 | } 10 | } 11 | } 12 | } -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/cassandra-0.13.4.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/fabrikate/HEAD/testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/cassandra-0.13.4.tgz -------------------------------------------------------------------------------- /testdata/install/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "microservices-workload", 3 | "type": "component", 4 | "subcomponents": [ 5 | { 6 | "name": "infra", 7 | "source": "./infra" 8 | } 9 | ] 10 | } -------------------------------------------------------------------------------- /testdata/definition/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "microservices-workload", 3 | "subcomponents": [ 4 | { 5 | "name": "infra", 6 | "source": "./infra" 7 | } 8 | ] 9 | } 10 | -------------------------------------------------------------------------------- /testdata/generate/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "microservices-workload", 3 | "subcomponents": [ 4 | { 5 | "name": "infra", 6 | "source": "./infra" 7 | } 8 | ] 9 | } 10 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/ci/expose-transport-port-on-service-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Expose transport port on ClusterIP service 3 | 4 | client: 5 | exposeTransportPort: true 6 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | 3 | - name: kube-state-metrics 4 | version: "2.8.*" 5 | repository: https://charts.helm.sh/stable/ 6 | condition: kubeStateMetrics.enabled 7 | 8 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch-1.32.5.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/microsoft/fabrikate/HEAD/testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch-1.32.5.tgz -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/ci/updatestrategy-values.yaml: -------------------------------------------------------------------------------- 1 | data: 2 | updateStrategy: 3 | type: RollingUpdate 4 | 5 | master: 6 | updateStrategy: 7 | type: RollingUpdate 8 | -------------------------------------------------------------------------------- /testdata/definition/infra-single/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "infra-single", 3 | "type": "component", 4 | "method": "git", 5 | "source": "https://github.com/microsoft", 6 | "path": "fabrikate-elasticsearch-fluentd-kibana" 7 | } 8 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - dvonthenen 3 | - mikelorant 4 | - naseemkullah 5 | - pavelnikolov 6 | reviewers: 7 | - dvonthenen 8 | - mikelorant 9 | - naseemkullah 10 | - pavelnikolov 11 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/ci/plugin-initcontainer-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Enable init container for installing plugins 3 | 4 | cluster: 5 | plugins: 6 | - ingest-attachment 7 | - mapper-size 8 | -------------------------------------------------------------------------------- /testdata/iterator/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "microservices-workload", 3 | "version": "1.0.0", 4 | "subcomponents": [ 5 | { 6 | "name": "infra", 7 | "source": "./infra" 8 | } 9 | ] 10 | } 11 | -------------------------------------------------------------------------------- /testdata/generate-disabled/config/disabled.yaml: -------------------------------------------------------------------------------- 1 | subcomponents: 2 | pod-info: 3 | disabled: true 4 | config: 5 | env: local 6 | mysql: 7 | disabled: true 8 | config: 9 | env: local 10 | bookinfo: 11 | disabled: true 12 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/cassandra/sample/create-storage-gce.yaml: -------------------------------------------------------------------------------- 1 | kind: StorageClass 2 | apiVersion: storage.k8s.io/v1 3 | metadata: 4 | name: generic 5 | provisioner: kubernetes.io/gce-pd 6 | parameters: 7 | type: pd-ssd 8 | -------------------------------------------------------------------------------- /testdata/generate/infra/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "infra", 3 | "subcomponents": [ 4 | { 5 | "name": "fabrikate-jaeger", 6 | "type": "component", 7 | "source": "./fabrikate-jaeger" 8 | } 9 | ] 10 | } 11 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/config/common.yaml: -------------------------------------------------------------------------------- 1 | config: 2 | subcomponents: 3 | jaeger: 4 | namespace: "jaeger" 5 | injectNamespace: true 6 | config: 7 | collector: 8 | annotations: 9 | sidecar.istio.io/inject: "false" 10 | -------------------------------------------------------------------------------- /.devcontainer/docker-lock.json: -------------------------------------------------------------------------------- 1 | { 2 | "dockerfiles": { 3 | "Dockerfile": [ 4 | { 5 | "name": "ubuntu", 6 | "tag": "bionic", 7 | "digest": "b58746c8a89938b8c9f5b77de3b8cf1fe78210c696ab03a1442e235eea65d84f" 8 | } 9 | ] 10 | }, 11 | "composefiles": {} 12 | } -------------------------------------------------------------------------------- /testdata/install-helm-fix-261-dep-update-bug/cloud-native/component.yaml: -------------------------------------------------------------------------------- 1 | name: cloud-native 2 | subcomponents: 3 | - name: cloud-native-impl 4 | source: "https://github.com/timfpark/fabrikate-definitions" 5 | method: "git" 6 | path: "definitions/fabrikate-cloud-native" 7 | -------------------------------------------------------------------------------- /scripts/test.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # Due to some tests fetching helm repos with nested Go tests in them, we 3 | # need to specifiy to only test `core` and `cmd` to exclude `test` (which only 4 | # contains fixtures) 5 | go get -v -t ./core/... ./cmd/... 6 | go test -v -race ./... 7 | -------------------------------------------------------------------------------- /testdata/load/config/test.json: -------------------------------------------------------------------------------- 1 | { 2 | "config": { 3 | "foo": "bar" 4 | }, 5 | "subcomponents": { 6 | "myapp": { 7 | "namespace": "myapp", 8 | "config": { 9 | "zoo": "zar" 10 | } 11 | } 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: kube-state-metrics 3 | repository: https://charts.helm.sh/stable/ 4 | version: 2.8.14 5 | digest: sha256:67c51ddbb467a21d3848cf065afa3dad2c1b5bc0d9d50fc778cc4950ff59e2eb 6 | generated: "2020-10-31T22:24:57.310850353Z" 7 | -------------------------------------------------------------------------------- /internal/core/pathValuePair.go: -------------------------------------------------------------------------------- 1 | package core 2 | 3 | // PathValuePair encapsulates a config path (eg. data.storageClass) and the value that it has. 4 | // Used during the 'set' command to store parsed config paths and values. 5 | type PathValuePair struct { 6 | Path []string 7 | Value string 8 | } 9 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - lachie83 3 | - mgoodness 4 | - prydonius 5 | - sameersbn 6 | - seanknox 7 | - viglesiasce 8 | - foxish 9 | - unguiculus 10 | - scottrigby 11 | - mattfarina 12 | - davidkarlsen 13 | - paulczar 14 | - cpanato 15 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - lachie83 3 | - mgoodness 4 | - prydonius 5 | - sameersbn 6 | - seanknox 7 | - viglesiasce 8 | - foxish 9 | - unguiculus 10 | - scottrigby 11 | - mattfarina 12 | - davidkarlsen 13 | - paulczar 14 | - cpanato 15 | -------------------------------------------------------------------------------- /testdata/generate-hooks/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "generate-hooks", 3 | "generator": "static", 4 | "path": "./manifests", 5 | "hooks": { 6 | "before-generate": ["touch before-generate"], 7 | "after-generate": ["rm before-generate"] 8 | }, 9 | "subcomponents": [] 10 | } 11 | -------------------------------------------------------------------------------- /internal/core/generator.go: -------------------------------------------------------------------------------- 1 | package core 2 | 3 | // The Generator interface defines the interface for generator tools (like Helm or Static) 4 | // to install and generate resource manifests. 5 | type Generator interface { 6 | Generate(component *Component) (manifest string, err error) 7 | Install(component *Component) (err error) 8 | } 9 | -------------------------------------------------------------------------------- /testdata/definition/infra/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "infra", 3 | "type": "component", 4 | "subcomponents": [ 5 | { 6 | "name": "efk", 7 | "method": "git", 8 | "source": "https://github.com/microsoft/fabrikate-elasticsearch-fluentd-kibana" 9 | } 10 | ] 11 | } 12 | -------------------------------------------------------------------------------- /testdata/iterator/infra/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "infra", 3 | "version": "1.0.0", 4 | "subcomponents": [ 5 | { 6 | "name": "efk", 7 | "method": "git", 8 | "source": "https://github.com/microsoft/fabrikate-elasticsearch-fluentd-kibana" 9 | } 10 | ] 11 | } 12 | -------------------------------------------------------------------------------- /testdata/set/config/new.yaml: -------------------------------------------------------------------------------- 1 | subcomponents: 2 | myapp: 3 | config: 4 | zoo: 5 | zii: zbb 6 | myservice: 7 | subcomponents: 8 | mysubservice: 9 | config: 10 | foo: 11 | bar: 12 | k8.beta.io/load-balancer-group: foo-bar-updated 13 | line: solid 14 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/ci/nonroot-deployment-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Deploy Chart as non-root and unprivileged 3 | 4 | chownInitContainer: 5 | enabled: false 6 | 7 | securityContext: 8 | enabled: true 9 | runAsUser: 1000 10 | 11 | sysctlInitContainer: 12 | enabled: false 13 | -------------------------------------------------------------------------------- /testdata/generate-remote-static/component.yaml: -------------------------------------------------------------------------------- 1 | name: keyvault-flexvolume 2 | type: static 3 | path: ./manifests 4 | subcomponents: 5 | - name: "keyvault-sub" 6 | source: https://raw.githubusercontent.com/Azure/kubernetes-keyvault-flexvol/master/deployment/kv-flexvol-installer.yaml 7 | method: http 8 | type: static 9 | path: "./tmp/keyvault-sub" -------------------------------------------------------------------------------- /testdata/merge/config/current.yaml: -------------------------------------------------------------------------------- 1 | subcomponents: 2 | jaeger: 3 | config: 4 | provisionDataStore: 5 | elasticsearch: false 6 | mixed: 1 7 | slice: 8 | - "astring" 9 | - 1 10 | - 1.0 11 | - foo: 1 12 | bar: 13 | - "bstring" 14 | - 1 15 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/server-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccounts.server.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | {{- include "prometheus.server.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.serviceAccountName.server" . }} 8 | {{- end }} 9 | -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- 1 | # EditorConfig is awesome: https://EditorConfig.org 2 | 3 | # top-most EditorConfig file 4 | root = true 5 | 6 | [*] 7 | charset = utf-8 8 | end_of_line = lf 9 | insert_final_newline = true 10 | trim_trailing_whitespace = true 11 | 12 | [*.go] 13 | indent_style = tab 14 | tab_width = 2 15 | 16 | [*.{json,yaml,yml}] 17 | indent_style = space 18 | indent_size = 2 19 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.exe 3 | *.exe~ 4 | *.dll 5 | *.so 6 | *.dylib 7 | 8 | # Test binary, build with `go test -c` 9 | *.test 10 | 11 | # Output of the go coverage tool, specifically when used with LiteIDE 12 | *.out 13 | 14 | generated 15 | components 16 | releases 17 | helm_repos 18 | .DS_Store 19 | .idea 20 | .vscode 21 | /fab 22 | /fabrikate 23 | -------------------------------------------------------------------------------- /testdata/generate-yaml/component.yaml: -------------------------------------------------------------------------------- 1 | name: "prometheus-grafana" 2 | generator: "static" 3 | path: "./manifests" 4 | subcomponents: 5 | - name: "grafana" 6 | generator: "helm" 7 | source: "https://github.com/helm/charts" 8 | method: "git" 9 | path: "stable/grafana" 10 | - name: "prometheus" 11 | type: "helm" 12 | method: "local" 13 | path: "../local-charts/prometheus" 14 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: "" 5 | labels: enhancement 6 | assignees: "" 7 | --- 8 | 9 | **As a:** 10 | 11 | **I want:** 12 | 13 | **So that:** 14 | 15 | **Describe the solution you'd like:** 16 | 17 | **Describe alternatives you've considered:** 18 | 19 | **Additional context:** 20 | -------------------------------------------------------------------------------- /cmd/fab/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "reflect" 5 | 6 | "github.com/microsoft/fabrikate/internal/cmd" 7 | "github.com/timfpark/yaml" 8 | ) 9 | 10 | func main() { 11 | // modify the DefaultMapType of yaml to map[string]interface{} instead of map[interface]interface{} 12 | *yaml.DefaultMapType = reflect.TypeOf(map[string]interface{}{}) 13 | 14 | cmd.Execute() 15 | } 16 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "fabrikate-jaeger", 3 | "type": "static", 4 | "path": "./manifests", 5 | "subcomponents": [ 6 | { 7 | "name": "jaeger", 8 | "type": "helm", 9 | "method": "helm", 10 | "source": "https://kubernetes-charts-incubator.storage.googleapis.com/", 11 | "path": "jaeger" 12 | } 13 | ] 14 | } 15 | -------------------------------------------------------------------------------- /testdata/add/component.yaml: -------------------------------------------------------------------------------- 1 | name: add 2 | type: component 3 | subcomponents: 4 | - name: cloud-native 5 | type: component 6 | source: https://github.com/timfpark/fabrikate-cloud-native 7 | method: git 8 | version: 8ad79e73e0665e347e1553ad7ca32b6e590e007a 9 | - name: elasticsearch 10 | type: helm 11 | source: https://github.com/helm/charts 12 | method: git 13 | path: stable/elasticsearch 14 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/pushgateway-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.pushgateway.enabled .Values.serviceAccounts.pushgateway.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.serviceAccountName.pushgateway" . }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /testdata/install-helm-fix-261-dep-update-bug/component.yaml: -------------------------------------------------------------------------------- 1 | # https://github.com/timfpark/fabrikate-dep-update-bug/blob/master/component.yaml 2 | name: repo-bug-repro 3 | subcomponents: 4 | - name: cloud-native 5 | source: "./cloud-native" 6 | - name: kafka 7 | type: "helm" 8 | source: "https://kubernetes-charts-incubator.storage.googleapis.com/" 9 | method: "helm" 10 | path: "kafka" 11 | -------------------------------------------------------------------------------- /testdata/disabled/component.yaml: -------------------------------------------------------------------------------- 1 | name: disabled 2 | type: component 3 | subcomponents: 4 | - name: cloud-native 5 | type: component 6 | source: https://github.com/timfpark/fabrikate-cloud-native 7 | method: git 8 | version: 8ad79e73e0665e347e1553ad7ca32b6e590e007a 9 | - name: elasticsearch 10 | type: helm 11 | source: https://github.com/helm/charts 12 | method: git 13 | path: stable/elasticsearch 14 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/alertmanager-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.serviceAccounts.alertmanager.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.serviceAccountName.alertmanager" . }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/node-exporter-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.nodeExporter.enabled .Values.serviceAccounts.nodeExporter.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.serviceAccountName.nodeExporter" . }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: "" 5 | labels: bug 6 | assignees: "" 7 | --- 8 | 9 | **Describe the bug:** 10 | 11 | **To Reproduce:** 12 | 13 | **Expected behavior:** 14 | 15 | **Screenshots:** 16 | 17 | **Additional context:** 18 | 19 | **Desktop (please complete the following information):** 20 | 21 | - OS: 22 | 23 | **Additional context** 24 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/kube-state-metrics-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.kubeStateMetrics.enabled .Values.serviceAccounts.kubeStateMetrics.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | {{- include "prometheus.kubeStateMetrics.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.serviceAccountName.kubeStateMetrics" . }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: cassandra 3 | version: ^0.13.1 4 | repository: https://kubernetes-charts-incubator.storage.googleapis.com/ 5 | condition: provisionDataStore.cassandra 6 | - name: elasticsearch 7 | version: ^1.19.1 8 | repository: https://kubernetes-charts.storage.googleapis.com/ 9 | condition: provisionDataStore.elasticsearch 10 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/manifests/zipkin-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: jaeger 6 | name: zipkin 7 | namespace: jaeger 8 | spec: 9 | ports: 10 | - name: http 11 | port: 9411 12 | protocol: TCP 13 | targetPort: 9411 14 | selector: 15 | app.kubernetes.io/instance: jaeger 16 | app.kubernetes.io/component: collector 17 | type: ClusterIP 18 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "grafana.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "grafana.serviceAccountName" . }} 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: cassandra 3 | repository: https://kubernetes-charts-incubator.storage.googleapis.com/ 4 | version: 0.13.4 5 | - name: elasticsearch 6 | repository: https://kubernetes-charts.storage.googleapis.com/ 7 | version: 1.32.5 8 | digest: sha256:ee6cbcbe9f9348c0aaca23cbb3972e3a5d222f5ed98140da5047b0285cf8bfbc 9 | generated: "2020-09-02T00:19:54.255673Z" 10 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/cassandra/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | # Common backup files 9 | *.swp 10 | *.bak 11 | *.tmp 12 | *~ 13 | # Various IDEs 14 | .project 15 | .idea/ 16 | *.tmproj 17 | OWNERS 18 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/client-auth.yaml: -------------------------------------------------------------------------------- 1 | {{- if and ( .Values.client.ingress.user ) ( .Values.client.ingress.password ) }} 2 | --- 3 | apiVersion: v1 4 | kind: Secret 5 | metadata: 6 | name: '{{ include "elasticsearch.client.fullname" . }}-auth' 7 | type: Opaque 8 | data: 9 | auth: {{ printf "%s:{PLAIN}%s\n" .Values.client.ingress.user .Values.client.ingress.password | b64enc | quote }} 10 | {{- end }} 11 | 12 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | 23 | OWNERS 24 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | OWNERS 23 | -------------------------------------------------------------------------------- /testdata/install-yaml/component.yaml: -------------------------------------------------------------------------------- 1 | name: "elasticsearch-fluentd-kibana" 2 | generator: "static" 3 | path: "./manifests" 4 | subcomponents: 5 | - name: "grafana" 6 | generator: "helm" 7 | source: "https://github.com/helm/charts" 8 | method: "git" 9 | path: "stable/grafana" 10 | repositories: 11 | incubator: "https://kubernetes-charts-incubator.storage.googleapis.com/" 12 | - name: "prometheus" 13 | type: "helm" 14 | method: "local" 15 | path: "../local-charts/prometheus" 16 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/data-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccounts.data.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "elasticsearch.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | component: "{{ .Values.data.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "elasticsearch.data.fullname" . }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/server/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | {{- if .Values.serviceAccounts.server.create }} 3 | apiVersion: v1 4 | kind: ServiceAccount 5 | metadata: 6 | labels: 7 | {{- include "prometheus.server.labels" . | nindent 4 }} 8 | name: {{ template "prometheus.serviceAccountName.server" . }} 9 | {{ include "prometheus.namespace" . | indent 2 }} 10 | annotations: 11 | {{ toYaml .Values.serviceAccounts.server.annotations | indent 4 }} 12 | {{- end }} 13 | {{- end }} 14 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/pushgateway/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.pushgateway.enabled .Values.serviceAccounts.pushgateway.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.serviceAccountName.pushgateway" . }} 8 | {{ include "prometheus.namespace" . | indent 2 }} 9 | annotations: 10 | {{ toYaml .Values.serviceAccounts.pushgateway.annotations | indent 4 }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/client-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccounts.client.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "elasticsearch.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | component: "{{ .Values.client.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "elasticsearch.client.fullname" . }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/master-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccounts.master.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "elasticsearch.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | component: "{{ .Values.master.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "elasticsearch.master.fullname" . }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/alertmanager/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.serviceAccounts.alertmanager.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.serviceAccountName.alertmanager" . }} 8 | {{ include "prometheus.namespace" . | indent 2 }} 9 | annotations: 10 | {{ toYaml .Values.serviceAccounts.alertmanager.annotations | indent 4 }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/node-exporter/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.nodeExporter.enabled .Values.serviceAccounts.nodeExporter.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.serviceAccountName.nodeExporter" . }} 8 | {{ include "prometheus.namespace" . | indent 2 }} 9 | annotations: 10 | {{ toYaml .Values.serviceAccounts.nodeExporter.annotations | indent 4 }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /testdata/badyamlconfig/config/common.yaml: -------------------------------------------------------------------------------- 1 | subcomponents: 2 | anotherservice: 3 | config: 4 | image: 5 | tag: "744" 6 | replicaCount: 1 7 | screenprofiler: 8 | config: 9 | envVar: 10 | important: true 11 | fabshouldfail: true 12 | is_this_a_bug: definitely 13 | culprit:"this is where it all goes wrong due to the lack of space between key and value" 14 | image: 15 | repository: somewheregood.azurecr.io/screenprofiler 16 | tag: "73" 17 | replicaCount: 1 18 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/cassandra/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.configOverrides }} 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: {{ template "cassandra.name" . }} 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | app: {{ template "cassandra.name" . }} 9 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 10 | release: {{ .Release.Name }} 11 | heritage: {{ .Release.Service }} 12 | data: 13 | {{ toYaml .Values.configOverrides | indent 2 }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/agent-sa.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.agent.enabled .Values.serviceAccounts.agent.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "jaeger.agent.name" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/component: agent 12 | {{- end -}} 13 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/server-networkpolicy.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.networkPolicy.enabled }} 2 | apiVersion: {{ template "prometheus.networkPolicy.apiVersion" . }} 3 | kind: NetworkPolicy 4 | metadata: 5 | name: {{ template "prometheus.server.fullname" . }} 6 | labels: 7 | {{- include "prometheus.server.labels" . | nindent 4 }} 8 | spec: 9 | podSelector: 10 | matchLabels: 11 | {{- include "prometheus.server.matchLabels" . | nindent 6 }} 12 | ingress: 13 | - ports: 14 | - port: 9090 15 | {{- end }} 16 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/query-sa.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.query.enabled .Values.serviceAccounts.query.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "jaeger.query.serviceAccountName" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/component: query 12 | {{- end -}} 13 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/spark-sa.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.spark.enabled .Values.serviceAccounts.spark.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "jaeger.spark.serviceAccountName" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/component: spark 12 | {{- end -}} 13 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/server/pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.podDisruptionBudget.enabled }} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: {{ template "prometheus.server.fullname" . }} 6 | {{ include "prometheus.namespace" . | indent 2 }} 7 | labels: 8 | {{- include "prometheus.server.labels" . | nindent 4 }} 9 | spec: 10 | maxUnavailable: {{ .Values.server.podDisruptionBudget.maxUnavailable }} 11 | selector: 12 | matchLabels: 13 | {{- include "prometheus.server.labels" . | nindent 6 }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/hotrod-sa.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.hotrod.enabled .Values.serviceAccounts.hotrod.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "jaeger.hotrod.serviceAccountName" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/component: hotrod 12 | {{- end -}} 13 | -------------------------------------------------------------------------------- /testdata/generate-disabled/component.yaml: -------------------------------------------------------------------------------- 1 | name: disabled-stack 2 | type: component 3 | subcomponents: 4 | - name: pod-info 5 | type: helm 6 | method: git 7 | source: https://github.com/stefanprodan/podinfo 8 | path: charts/podinfo 9 | - name: mysql 10 | type: helm 11 | method: git 12 | source: https://github.com/helm/charts 13 | path: stable/mysql 14 | - name: bookinfo # Istio BookInfo application - wrapped in Fabrikate component 15 | source: https://github.com/microsoft/fabrikate-definitions.git 16 | path: definitions/fabrikate-bookinfo 17 | method: git 18 | 19 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/collector-sa.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.collector.enabled .Values.serviceAccounts.collector.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "jaeger.collector.serviceAccountName" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/component: collector 12 | {{- end -}} 13 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: 1.15.1 3 | deprecated: true 4 | description: A Jaeger Helm chart for Kubernetes 5 | home: https://jaegertracing.io 6 | icon: https://camo.githubusercontent.com/afa87494e0753b4b1f5719a2f35aa5263859dffb/687474703a2f2f6a61656765722e72656164746865646f63732e696f2f656e2f6c61746573742f696d616765732f6a61656765722d766563746f722e737667 7 | keywords: 8 | - jaeger 9 | - opentracing 10 | - tracing 11 | - instrumentation 12 | name: jaeger 13 | sources: 14 | - https://hub.docker.com/u/jaegertracing/ 15 | version: 0.17.4 16 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/pushgateway/pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.pushgateway.podDisruptionBudget.enabled }} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: {{ template "prometheus.pushgateway.fullname" . }} 6 | {{ include "prometheus.namespace" . | indent 2 }} 7 | labels: 8 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 9 | spec: 10 | maxUnavailable: {{ .Values.pushgateway.podDisruptionBudget.maxUnavailable }} 11 | selector: 12 | matchLabels: 13 | {{- include "prometheus.pushgateway.labels" . | nindent 6 }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/alertmanager/pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.alertmanager.podDisruptionBudget.enabled }} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: {{ template "prometheus.alertmanager.fullname" . }} 6 | {{ include "prometheus.namespace" . | indent 2 }} 7 | labels: 8 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 9 | spec: 10 | maxUnavailable: {{ .Values.alertmanager.podDisruptionBudget.maxUnavailable }} 11 | selector: 12 | matchLabels: 13 | {{- include "prometheus.alertmanager.labels" . | nindent 6 }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/.gitignore: -------------------------------------------------------------------------------- 1 | # General files for the project 2 | pkg/* 3 | *.pyc 4 | bin/* 5 | .project 6 | /.bin 7 | /_test/secrets/*.json 8 | 9 | # OSX leaves these everywhere on SMB shares 10 | ._* 11 | 12 | # OSX trash 13 | .DS_Store 14 | 15 | # Files generated by JetBrains IDEs, e.g. IntelliJ IDEA 16 | .idea/ 17 | *.iml 18 | 19 | # Vscode files 20 | .vscode 21 | 22 | # Emacs save files 23 | *~ 24 | \#*\# 25 | .\#* 26 | 27 | # Vim-related files 28 | [._]*.s[a-w][a-z] 29 | [._]s[a-w][a-z] 30 | *.un~ 31 | Session.vim 32 | .netrwhist 33 | 34 | # Chart dependencies 35 | **/charts/*.tgz 36 | 37 | .history 38 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/ci/extrainitcontainers-values.yaml: -------------------------------------------------------------------------------- 1 | extraInitContainers: | 2 | - name: "plugin-install-ingest-attachment" 3 | image: "docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.1" 4 | command: ["/bin/bash"] 5 | args: ["-c", "yes | /usr/share/elasticsearch/bin/elasticsearch-plugin install ingest-attachment"] 6 | - name: "plugin-install-mapper-size" 7 | image: "docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.1" 8 | command: ["/bin/bash"] 9 | args: ["-c", "yes | /usr/share/elasticsearch/bin/elasticsearch-plugin install mapper-size"] 10 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/cassandra-schema-sa.yaml: -------------------------------------------------------------------------------- 1 | {{- if and (eq .Values.storage.type "cassandra") .Values.serviceAccounts.cassandraSchema.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "jaeger.cassandraSchema.serviceAccountName" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/component: cassandra-schema 12 | {{- end -}} 13 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: 1.9.7 3 | description: Install kube-state-metrics to generate and expose cluster-level metrics 4 | home: https://github.com/kubernetes/kube-state-metrics/ 5 | keywords: 6 | - metric 7 | - monitoring 8 | - prometheus 9 | - kubernetes 10 | maintainers: 11 | - email: jose@armesto.net 12 | name: fiunchinho 13 | - email: tariq.ibrahim@mulesoft.com 14 | name: tariq1890 15 | - email: manuel@rueg.eu 16 | name: mrueg 17 | name: kube-state-metrics 18 | sources: 19 | - https://github.com/kubernetes/kube-state-metrics/ 20 | version: 2.8.14 21 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/.gitignore: -------------------------------------------------------------------------------- 1 | # General files for the project 2 | pkg/* 3 | *.pyc 4 | bin/* 5 | .project 6 | /.bin 7 | /_test/secrets/*.json 8 | 9 | # OSX leaves these everywhere on SMB shares 10 | ._* 11 | 12 | # OSX trash 13 | .DS_Store 14 | 15 | # Files generated by JetBrains IDEs, e.g. IntelliJ IDEA 16 | .idea/ 17 | *.iml 18 | 19 | # Vscode files 20 | .vscode 21 | 22 | # Emacs save files 23 | *~ 24 | \#*\# 25 | .\#* 26 | 27 | # Vim-related files 28 | [._]*.s[a-w][a-z] 29 | [._]s[a-w][a-z] 30 | *.un~ 31 | Session.vim 32 | .netrwhist 33 | 34 | # Chart dependencies 35 | **/charts/*.tgz 36 | 37 | .history 38 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/alertmanager-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled (and (empty .Values.alertmanager.configMapOverrideName) (empty .Values.alertmanager.configFromSecret)) -}} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | labels: 6 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.alertmanager.fullname" . }} 8 | data: 9 | {{- $root := . -}} 10 | {{- range $key, $value := .Values.alertmanagerFiles }} 11 | {{ $key }}: | 12 | {{ toYaml $value | default "{}" | indent 4 }} 13 | {{- end -}} 14 | {{- end -}} 15 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/server/netpol.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | {{- if .Values.networkPolicy.enabled }} 3 | apiVersion: {{ template "prometheus.networkPolicy.apiVersion" . }} 4 | kind: NetworkPolicy 5 | metadata: 6 | name: {{ template "prometheus.server.fullname" . }} 7 | {{ include "prometheus.namespace" . | indent 2 }} 8 | labels: 9 | {{- include "prometheus.server.labels" . | nindent 4 }} 10 | spec: 11 | podSelector: 12 | matchLabels: 13 | {{- include "prometheus.server.matchLabels" . | nindent 6 }} 14 | ingress: 15 | - ports: 16 | - port: 9090 17 | {{- end }} 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: grafana 3 | version: 1.25.1 4 | appVersion: 5.4.3 5 | kubeVersion: "^1.8.0-0" 6 | description: The leading tool for querying and visualizing time series and metrics. 7 | home: https://grafana.net 8 | icon: https://raw.githubusercontent.com/grafana/grafana/master/public/img/logo_transparent_400x.png 9 | sources: 10 | - https://github.com/grafana/grafana 11 | maintainers: 12 | - name: zanhsieh 13 | email: zanhsieh@gmail.com 14 | - name: rtluckie 15 | email: rluckie@cisco.com 16 | - name: maorfr 17 | email: maorfr@gmail.com 18 | engine: gotpl 19 | -------------------------------------------------------------------------------- /testdata/install/infra/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "infra", 3 | "subcomponents": [ 4 | { 5 | "name": "efk", 6 | "method": "git", 7 | "source": "https://github.com/timfpark/fabrikate-elasticsearch-fluentd-kibana", 8 | "branch": "master" 9 | }, 10 | { 11 | "name": "elasticsearch", 12 | "generator": "helm", 13 | "source": "https://github.com/helm/charts", 14 | "method": "git", 15 | "path": "stable/elasticsearch", 16 | "version": "b23ce6af309bfe25d4d485e85b66ce63475070d7" 17 | } 18 | ] 19 | } 20 | -------------------------------------------------------------------------------- /testdata/install-hooks/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "istio", 3 | "generator": "static", 4 | "path": "./manifests", 5 | "hooks": { 6 | "before-install": [ 7 | "wget https://github.com/istio/istio/releases/download/1.0.6/istio-1.0.6-linux.tar.gz", 8 | "tar xvf istio-1.0.6-linux.tar.gz" 9 | ], 10 | "after-install": ["rm istio-1.0.6-linux.tar.gz", "rm -rf istio-1.0.6"] 11 | }, 12 | "subcomponents": [ 13 | { 14 | "name": "istio", 15 | "generator": "helm", 16 | "path": "./istio-1.0.6/install/kubernetes/helm/istio" 17 | } 18 | ] 19 | } 20 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/cassandra/templates/pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.podDisruptionBudget -}} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | labels: 6 | app: {{ template "cassandra.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "cassandra.fullname" . }} 11 | spec: 12 | selector: 13 | matchLabels: 14 | app: {{ template "cassandra.name" . }} 15 | release: {{ .Release.Name }} 16 | {{ toYaml .Values.podDisruptionBudget | indent 2 }} 17 | {{- end -}} 18 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/collector-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.collector.samplingConfig }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ include "jaeger.fullname" . }}-sampling-strategies 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/component: collector 12 | data: 13 | strategies.json: |- 14 | {{ tpl .Values.collector.samplingConfig . | indent 4 }} 15 | {{- end }} 16 | 17 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/server-clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create }} 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | labels: 6 | {{- include "prometheus.server.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.server.fullname" . }} 8 | subjects: 9 | - kind: ServiceAccount 10 | name: {{ template "prometheus.serviceAccountName.server" . }} 11 | namespace: {{ .Release.Namespace }} 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: ClusterRole 15 | name: {{ template "prometheus.server.fullname" . }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/templates/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | kind: RoleBinding 4 | metadata: 5 | name: {{ template "grafana.fullname" . }} 6 | labels: 7 | app: {{ template "grafana.name" . }} 8 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: Role 14 | name: {{ template "grafana.fullname" . }} 15 | subjects: 16 | - kind: ServiceAccount 17 | name: {{ template "grafana.serviceAccountName" . }} 18 | {{- end -}} 19 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/role.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.podSecurityPolicy.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | kind: Role 4 | metadata: 5 | name: {{ template "elasticsearch.fullname" . }} 6 | labels: 7 | app: {{ template "elasticsearch.name" . }} 8 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | rules: 12 | - apiGroups: ['extensions'] 13 | resources: ['podsecuritypolicies'] 14 | verbs: ['use'] 15 | resourceNames: 16 | - {{ template "elasticsearch.fullname" . }} 17 | {{- end }} 18 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/templates/role.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create }} 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | kind: Role 4 | metadata: 5 | name: {{ template "grafana.fullname" . }} 6 | labels: 7 | app: {{ template "grafana.name" . }} 8 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | {{- if .Values.rbac.pspEnabled }} 12 | rules: 13 | - apiGroups: ['extensions'] 14 | resources: ['podsecuritypolicies'] 15 | verbs: ['use'] 16 | resourceNames: [{{ template "grafana.fullname" . }}] 17 | {{- end }} 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/pushgateway/clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.pushgateway.enabled .Values.rbac.create -}} 2 | apiVersion: {{ template "rbac.apiVersion" . }} 3 | kind: ClusterRole 4 | metadata: 5 | labels: 6 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.pushgateway.fullname" . }} 8 | rules: 9 | {{- if .Values.podSecurityPolicy.enabled }} 10 | - apiGroups: 11 | - extensions 12 | resources: 13 | - podsecuritypolicies 14 | verbs: 15 | - use 16 | resourceNames: 17 | - {{ template "prometheus.pushgateway.fullname" . }} 18 | {{- else }} 19 | [] 20 | {{- end }} 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/cassandra-secret.yaml: -------------------------------------------------------------------------------- 1 | {{ if and (eq .Values.storage.type "cassandra") .Values.storage.cassandra.usePassword (not .Values.storage.cassandra.existingSecret) -}} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ include "jaeger.fullname" . }}-cassandra 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | app.kubernetes.io/instance: {{ .Release.Name }} 11 | type: Opaque 12 | data: 13 | password: {{ .Values.storage.cassandra.password | b64enc | quote }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/tests/test-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ template "elasticsearch.fullname" . }}-test 5 | labels: 6 | app: {{ template "elasticsearch.fullname" . }} 7 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 8 | heritage: "{{ .Release.Service }}" 9 | release: "{{ .Release.Name }}" 10 | data: 11 | run.sh: |- 12 | @test "Test Access and Health" { 13 | curl -D - http://{{ template "elasticsearch.client.fullname" . }}:9200 14 | curl -D - http://{{ template "elasticsearch.client.fullname" . }}:9200/_cluster/health?wait_for_status=green 15 | } 16 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/node-exporter-role.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.nodeExporter.enabled .Values.rbac.create }} 2 | {{- if .Values.nodeExporter.podSecurityPolicy.enabled }} 3 | apiVersion: rbac.authorization.k8s.io/v1beta1 4 | kind: Role 5 | metadata: 6 | name: {{ template "prometheus.nodeExporter.fullname" . }} 7 | labels: 8 | {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} 9 | namespace: {{ .Release.Namespace }} 10 | rules: 11 | - apiGroups: ['extensions'] 12 | resources: ['podsecuritypolicies'] 13 | verbs: ['use'] 14 | resourceNames: 15 | - {{ template "prometheus.nodeExporter.fullname" . }} 16 | {{- end }} 17 | {{- end }} 18 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/master-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: {{ template "elasticsearch.name" . }} 6 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 7 | component: "{{ .Values.master.name }}" 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "elasticsearch.fullname" . }}-discovery 11 | spec: 12 | clusterIP: None 13 | ports: 14 | - port: 9300 15 | targetPort: transport 16 | selector: 17 | app: {{ template "elasticsearch.name" . }} 18 | component: "{{ .Values.master.name }}" 19 | release: {{ .Release.Name }} 20 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/pushgateway/clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.pushgateway.enabled .Values.rbac.create -}} 2 | apiVersion: {{ template "rbac.apiVersion" . }} 3 | kind: ClusterRoleBinding 4 | metadata: 5 | labels: 6 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.pushgateway.fullname" . }} 8 | subjects: 9 | - kind: ServiceAccount 10 | name: {{ template "prometheus.serviceAccountName.pushgateway" . }} 11 | {{ include "prometheus.namespace" . | indent 4 }} 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: ClusterRole 15 | name: {{ template "prometheus.pushgateway.fullname" . }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /internal/generators/helm_test.go: -------------------------------------------------------------------------------- 1 | package generators 2 | 3 | import ( 4 | "strings" 5 | "testing" 6 | 7 | "github.com/stretchr/testify/assert" 8 | ) 9 | 10 | func TestCleanK8sManifest(t *testing.T) { 11 | manifest := ` 12 | --- 13 | this should be removed 14 | --- 15 | this: is a valid map and should stay 16 | another: 17 | entry: in the map 18 | --- 19 | this should be removed as well 20 | --- 21 | # This should be removed 22 | --- 23 | --- 24 | this is another: valid map 25 | should: not be removed 26 | --- 27 | # Another to be removed 28 | ` 29 | cleaned, err := cleanK8sManifest(manifest) 30 | assert.Nil(t, err) 31 | entries := strings.Split(cleaned, "\n---") 32 | assert.Equal(t, 2, len(entries)) 33 | } 34 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/elasticsearch-secret.yaml: -------------------------------------------------------------------------------- 1 | {{ if and (eq .Values.storage.type "elasticsearch") .Values.storage.elasticsearch.usePassword (not .Values.storage.elasticsearch.existingSecret) -}} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ include "jaeger.fullname" . }}-elasticsearch 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | app.kubernetes.io/instance: {{ .Release.Name }} 11 | type: Opaque 12 | data: 13 | password: {{ .Values.storage.elasticsearch.password | b64enc | quote }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/config/prod.json: -------------------------------------------------------------------------------- 1 | { 2 | "config": {}, 3 | "subcomponents": { 4 | "jaeger": { 5 | "config": { 6 | "provisionDataStore": { 7 | "cassandra": false, 8 | "elasticsearch": true 9 | }, 10 | "storage": { 11 | "type": "elasticsearch" 12 | }, 13 | "elasticsearch": { 14 | "rbac": { 15 | "create": true 16 | } 17 | }, 18 | "spark": { 19 | "enabled": true 20 | }, 21 | "collector": { 22 | "replicaCount": 5 23 | }, 24 | "query": { 25 | "replicaCount": 2 26 | } 27 | } 28 | } 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /testdata/install-helm/component.yaml: -------------------------------------------------------------------------------- 1 | name: prometheus 2 | type: helm 3 | method: helm 4 | source: https://prometheus-community.github.io/helm-charts 5 | path: prometheus 6 | subcomponents: 7 | - name: grafana 8 | type: helm 9 | method: helm 10 | source: https://grafana.github.io/helm-charts 11 | path: grafana 12 | version: 3.7.0 13 | subcomponents: 14 | - name: strimzi-kafka-operator 15 | type: helm 16 | method: helm 17 | source: https://strimzi.io/charts/ 18 | path: strimzi-kafka-operator 19 | - name: strimzi-kafka-operator2 20 | type: helm 21 | method: helm 22 | source: https://strimzi.io/charts/ 23 | path: strimzi-kafka-operator 24 | 25 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/node-exporter/role.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.nodeExporter.enabled .Values.rbac.create }} 2 | {{- if or (default .Values.nodeExporter.podSecurityPolicy.enabled false) (.Values.podSecurityPolicy.enabled) }} 3 | apiVersion: {{ template "rbac.apiVersion" . }} 4 | kind: Role 5 | metadata: 6 | name: {{ template "prometheus.nodeExporter.fullname" . }} 7 | labels: 8 | {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} 9 | {{ include "prometheus.namespace" . | indent 2 }} 10 | rules: 11 | - apiGroups: ['extensions'] 12 | resources: ['podsecuritypolicies'] 13 | verbs: ['use'] 14 | resourceNames: 15 | - {{ template "prometheus.nodeExporter.fullname" . }} 16 | {{- end }} 17 | {{- end }} 18 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/kube-state-metrics-clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.kubeStateMetrics.enabled .Values.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | labels: 6 | {{- include "prometheus.kubeStateMetrics.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.kubeStateMetrics.fullname" . }} 8 | subjects: 9 | - kind: ServiceAccount 10 | name: {{ template "prometheus.serviceAccountName.kubeStateMetrics" . }} 11 | namespace: {{ .Release.Namespace }} 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: ClusterRole 15 | name: {{ template "prometheus.kubeStateMetrics.fullname" . }} 16 | {{- end -}} 17 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/cassandra/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: 3.11.6 3 | description: Apache Cassandra is a free and open-source distributed database management 4 | system designed to handle large amounts of data across many commodity servers, providing 5 | high availability with no single point of failure. 6 | engine: gotpl 7 | home: http://cassandra.apache.org 8 | icon: https://upload.wikimedia.org/wikipedia/commons/thumb/5/5e/Cassandra_logo.svg/330px-Cassandra_logo.svg.png 9 | keywords: 10 | - cassandra 11 | - database 12 | - nosql 13 | maintainers: 14 | - email: goonohc@gmail.com 15 | name: KongZ 16 | - email: maor.friedman@redhat.com 17 | name: maorfr 18 | name: cassandra 19 | version: 0.15.2 20 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/server/clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.server.enabled .Values.rbac.create (empty .Values.server.namespaces) (empty .Values.server.useExistingClusterRoleName) -}} 2 | apiVersion: {{ template "rbac.apiVersion" . }} 3 | kind: ClusterRoleBinding 4 | metadata: 5 | labels: 6 | {{- include "prometheus.server.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.server.fullname" . }} 8 | subjects: 9 | - kind: ServiceAccount 10 | name: {{ template "prometheus.serviceAccountName.server" . }} 11 | {{ include "prometheus.namespace" . | indent 4 }} 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: ClusterRole 15 | name: {{ template "prometheus.server.fullname" . }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/alertmanager/clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.rbac.create .Values.alertmanager.useClusterRole (not .Values.alertmanager.useExistingRole) -}} 2 | apiVersion: {{ template "rbac.apiVersion" . }} 3 | kind: ClusterRole 4 | metadata: 5 | labels: 6 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.alertmanager.fullname" . }} 8 | rules: 9 | {{- if .Values.podSecurityPolicy.enabled }} 10 | - apiGroups: 11 | - extensions 12 | resources: 13 | - podsecuritypolicies 14 | verbs: 15 | - use 16 | resourceNames: 17 | - {{ template "prometheus.alertmanager.fullname" . }} 18 | {{- else }} 19 | [] 20 | {{- end }} 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/alertmanager-networkpolicy.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.networkPolicy.enabled -}} 2 | apiVersion: {{ template "prometheus.networkPolicy.apiVersion" . }} 3 | kind: NetworkPolicy 4 | metadata: 5 | name: {{ template "prometheus.alertmanager.fullname" . }} 6 | labels: 7 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 8 | spec: 9 | podSelector: 10 | matchLabels: 11 | {{- include "prometheus.alertmanager.matchLabels" . | nindent 6 }} 12 | ingress: 13 | - from: 14 | - podSelector: 15 | matchLabels: 16 | {{- include "prometheus.server.matchLabels" . | nindent 12 }} 17 | - ports: 18 | - port: 9093 19 | {{- end -}} 20 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/templates/pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.podDisruptionBudget -}} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: {{ template "kube-state-metrics.fullname" . }} 6 | namespace: {{ template "kube-state-metrics.namespace" . }} 7 | labels: 8 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 9 | helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 10 | app.kubernetes.io/instance: "{{ .Release.Name }}" 11 | app.kubernetes.io/managed-by: "{{ .Release.Service }}" 12 | spec: 13 | selector: 14 | matchLabels: 15 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 16 | {{ toYaml .Values.podDisruptionBudget | indent 2 }} 17 | {{- end -}} -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/kube-state-metrics-networkpolicy.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.kubeStateMetrics.enabled .Values.networkPolicy.enabled -}} 2 | apiVersion: {{ template "prometheus.networkPolicy.apiVersion" . }} 3 | kind: NetworkPolicy 4 | metadata: 5 | name: {{ template "prometheus.kubeStateMetrics.fullname" . }} 6 | labels: 7 | {{- include "prometheus.kubeStateMetrics.labels" . | nindent 4 }} 8 | spec: 9 | podSelector: 10 | matchLabels: 11 | {{- include "prometheus.kubeStateMetrics.matchLabels" . | nindent 6 }} 12 | ingress: 13 | - from: 14 | - podSelector: 15 | matchLabels: 16 | {{- include "prometheus.server.matchLabels" . | nindent 10 }} 17 | - ports: 18 | - port: 8080 19 | {{- end -}} 20 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/alertmanager/cm.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled (and (empty .Values.alertmanager.configMapOverrideName) (empty .Values.alertmanager.configFromSecret)) -}} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | labels: 6 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.alertmanager.fullname" . }} 8 | {{ include "prometheus.namespace" . | indent 2 }} 9 | data: 10 | {{- $root := . -}} 11 | {{- range $key, $value := .Values.alertmanagerFiles }} 12 | {{- if $key | regexMatch ".*\\.ya?ml$" }} 13 | {{ $key }}: | 14 | {{ toYaml $value | default "{}" | indent 4 }} 15 | {{- else }} 16 | {{ $key }}: {{ toYaml $value | indent 4 }} 17 | {{- end }} 18 | {{- end -}} 19 | {{- end -}} 20 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/pushgateway/netpol.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.pushgateway.enabled .Values.networkPolicy.enabled -}} 2 | apiVersion: {{ template "prometheus.networkPolicy.apiVersion" . }} 3 | kind: NetworkPolicy 4 | metadata: 5 | name: {{ template "prometheus.pushgateway.fullname" . }} 6 | {{ include "prometheus.namespace" . | indent 2 }} 7 | labels: 8 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 9 | spec: 10 | podSelector: 11 | matchLabels: 12 | {{- include "prometheus.pushgateway.matchLabels" . | nindent 6 }} 13 | ingress: 14 | - from: 15 | - podSelector: 16 | matchLabels: 17 | {{- include "prometheus.server.matchLabels" . | nindent 12 }} 18 | - ports: 19 | - port: 9091 20 | {{- end -}} 21 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/alertmanager/netpol.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.networkPolicy.enabled -}} 2 | apiVersion: {{ template "prometheus.networkPolicy.apiVersion" . }} 3 | kind: NetworkPolicy 4 | metadata: 5 | name: {{ template "prometheus.alertmanager.fullname" . }} 6 | {{ include "prometheus.namespace" . | indent 2 }} 7 | labels: 8 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 9 | spec: 10 | podSelector: 11 | matchLabels: 12 | {{- include "prometheus.alertmanager.matchLabels" . | nindent 6 }} 13 | ingress: 14 | - from: 15 | - podSelector: 16 | matchLabels: 17 | {{- include "prometheus.server.matchLabels" . | nindent 12 }} 18 | - ports: 19 | - port: 9093 20 | {{- end -}} 21 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/node-exporter/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.nodeExporter.enabled .Values.rbac.create }} 2 | {{- if .Values.podSecurityPolicy.enabled }} 3 | apiVersion: {{ template "rbac.apiVersion" . }} 4 | kind: RoleBinding 5 | metadata: 6 | name: {{ template "prometheus.nodeExporter.fullname" . }} 7 | labels: 8 | {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} 9 | {{ include "prometheus.namespace" . | indent 2 }} 10 | roleRef: 11 | kind: Role 12 | name: {{ template "prometheus.nodeExporter.fullname" . }} 13 | apiGroup: rbac.authorization.k8s.io 14 | subjects: 15 | - kind: ServiceAccount 16 | name: {{ template "prometheus.serviceAccountName.nodeExporter" . }} 17 | {{ include "prometheus.namespace" . | indent 2 }} 18 | {{- end }} 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/Chart.yaml: -------------------------------------------------------------------------------- 1 | name: prometheus 2 | version: 8.4.5 3 | appVersion: 2.6.1 4 | description: Prometheus is a monitoring system and time series database. 5 | home: https://prometheus.io/ 6 | icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png 7 | sources: 8 | - https://github.com/prometheus/alertmanager 9 | - https://github.com/prometheus/prometheus 10 | - https://github.com/prometheus/pushgateway 11 | - https://github.com/prometheus/node_exporter 12 | - https://github.com/kubernetes/kube-state-metrics 13 | maintainers: 14 | - name: mgoodness 15 | email: mgoodness@gmail.com 16 | - name: gianrubio 17 | email: gianrubio@gmail.com 18 | engine: gotpl 19 | tillerVersion: ">=2.8.0" 20 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/node-exporter-rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.nodeExporter.enabled .Values.rbac.create }} 2 | {{- if .Values.nodeExporter.podSecurityPolicy.enabled }} 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | kind: RoleBinding 5 | metadata: 6 | name: {{ template "prometheus.nodeExporter.fullname" . }} 7 | labels: 8 | {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} 9 | namespace: {{ .Release.Namespace }} 10 | roleRef: 11 | kind: Role 12 | name: {{ template "prometheus.nodeExporter.fullname" . }} 13 | apiGroup: rbac.authorization.k8s.io 14 | subjects: 15 | - kind: ServiceAccount 16 | name: {{ template "prometheus.serviceAccountName.nodeExporter" . }} 17 | namespace: {{ .Release.Namespace }} 18 | {{- end }} 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/templates/clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create }} 2 | kind: ClusterRole 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | metadata: 5 | labels: 6 | app: {{ template "grafana.name" . }} 7 | chart: {{ template "grafana.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | {{- with .Values.annotations }} 11 | annotations: 12 | {{ toYaml . | indent 4 }} 13 | {{- end }} 14 | name: {{ template "grafana.fullname" . }}-clusterrole 15 | {{- if or .Values.sidecar.dashboards.enabled .Values.sidecar.datasources.enabled }} 16 | rules: 17 | - apiGroups: [""] # "" indicates the core API group 18 | resources: ["configmaps"] 19 | verbs: ["get", "watch", "list"] 20 | {{- else }} 21 | rules: [] 22 | {{- end}} 23 | {{- end}} 24 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/templates/dashboards-json-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.dashboards }} 2 | {{ $files := .Files }} 3 | {{- range $provider, $dashboards := .Values.dashboards }} 4 | --- 5 | apiVersion: v1 6 | kind: ConfigMap 7 | metadata: 8 | name: {{ template "grafana.fullname" $ }}-dashboards-{{ $provider }} 9 | labels: 10 | app: {{ template "grafana.name" $ }} 11 | chart: {{ template "grafana.chart" $ }} 12 | release: {{ $.Release.Name }} 13 | heritage: {{ $.Release.Service }} 14 | dashboard-provider: {{ $provider }} 15 | data: 16 | {{- range $key, $value := $dashboards }} 17 | {{- if hasKey $value "json" }} 18 | {{ print $key | indent 2 }}.json: 19 | {{ toYaml ( $files.Get $value.json ) | indent 4}} 20 | {{- end }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} 24 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.admin.existingSecret }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ template "grafana.fullname" . }} 6 | labels: 7 | app: {{ template "grafana.name" . }} 8 | chart: {{ template "grafana.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | type: Opaque 12 | data: 13 | admin-user: {{ .Values.adminUser | b64enc | quote }} 14 | {{- if .Values.adminPassword }} 15 | admin-password: {{ .Values.adminPassword | b64enc | quote }} 16 | {{- else }} 17 | admin-password: {{ randAlphaNum 40 | b64enc | quote }} 18 | {{- end }} 19 | {{- if not .Values.ldap.existingSecret }} 20 | ldap-toml: {{ .Values.ldap.config | b64enc | quote }} 21 | {{- end }} 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: 6.8.6 3 | deprecated: true 4 | description: DEPRECATED Flexible and powerful open source, distributed real-time search 5 | and analytics engine. 6 | home: https://www.elastic.co/products/elasticsearch 7 | icon: https://static-www.elastic.co/assets/blteb1c97719574938d/logo-elastic-elasticsearch-lt.svg 8 | name: elasticsearch 9 | sources: 10 | - https://www.elastic.co/products/elasticsearch 11 | - https://github.com/jetstack/elasticsearch-pet 12 | - https://github.com/giantswarm/kubernetes-elastic-stack 13 | - https://github.com/GoogleCloudPlatform/elasticsearch-docker 14 | - https://github.com/clockworksoul/helm-elasticsearch 15 | - https://github.com/pires/kubernetes-elasticsearch-cluster 16 | version: 1.32.5 17 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | kube-state-metrics is a simple service that listens to the Kubernetes API server and generates metrics about the state of the objects. 2 | The exposed metrics can be found here: 3 | https://github.com/kubernetes/kube-state-metrics/blob/master/docs/README.md#exposed-metrics 4 | 5 | The metrics are exported on the HTTP endpoint /metrics on the listening port. 6 | In your case, {{ template "kube-state-metrics.fullname" . }}.{{ template "kube-state-metrics.namespace" . }}.svc.cluster.local:{{ .Values.service.port }}/metrics 7 | 8 | They are served either as plaintext or protobuf depending on the Accept header. 9 | They are designed to be consumed either by Prometheus itself or by a scraper that is compatible with scraping a Prometheus client endpoint. 10 | 11 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 7 | helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | app.kubernetes.io/managed-by: {{ .Release.Service }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | name: {{ template "kube-state-metrics.fullname" . }} 11 | namespace: {{ template "kube-state-metrics.namespace" . }} 12 | {{- if .Values.serviceAccount.annotations }} 13 | annotations: 14 | {{ toYaml .Values.serviceAccount.annotations | indent 4 }} 15 | {{- end }} 16 | imagePullSecrets: 17 | {{ toYaml .Values.serviceAccount.imagePullSecrets | indent 2 }} 18 | {{- end -}} 19 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/server/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.server.enabled .Values.rbac.create .Values.server.useExistingClusterRoleName .Values.server.namespaces -}} 2 | {{ range $.Values.server.namespaces -}} 3 | --- 4 | apiVersion: {{ template "rbac.apiVersion" $ }} 5 | kind: RoleBinding 6 | metadata: 7 | labels: 8 | {{- include "prometheus.server.labels" $ | nindent 4 }} 9 | name: {{ template "prometheus.server.fullname" $ }} 10 | namespace: {{ . }} 11 | subjects: 12 | - kind: ServiceAccount 13 | name: {{ template "prometheus.serviceAccountName.server" $ }} 14 | {{ include "prometheus.namespace" $ | indent 4 }} 15 | roleRef: 16 | apiGroup: rbac.authorization.k8s.io 17 | kind: ClusterRole 18 | name: {{ $.Values.server.useExistingClusterRoleName }} 19 | {{ end -}} 20 | {{ end -}} 21 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/templates/configmap-dashboard-provider.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.sidecar.dashboards.enabled }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | labels: 6 | app: {{ template "grafana.name" . }} 7 | chart: {{ template "grafana.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | {{- with .Values.annotations }} 11 | annotations: 12 | {{ toYaml . | indent 4 }} 13 | {{- end }} 14 | name: {{ template "grafana.fullname" . }}-config-dashboards 15 | data: 16 | provider.yaml: |- 17 | apiVersion: 1 18 | providers: 19 | - name: 'default' 20 | orgId: 1 21 | folder: '' 22 | type: file 23 | disableDeletion: false 24 | options: 25 | path: {{ .Values.sidecar.dashboards.folder }} 26 | {{- end}} 27 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/templates/clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create }} 2 | kind: ClusterRoleBinding 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | metadata: 5 | name: {{ template "grafana.fullname" . }}-clusterrolebinding 6 | labels: 7 | app: {{ template "grafana.name" . }} 8 | chart: {{ template "grafana.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | {{- with .Values.annotations }} 12 | annotations: 13 | {{ toYaml . | indent 4 }} 14 | {{- end }} 15 | subjects: 16 | - kind: ServiceAccount 17 | name: {{ template "grafana.serviceAccountName" . }} 18 | namespace: {{ .Release.Namespace }} 19 | roleRef: 20 | kind: ClusterRole 21 | name: {{ template "grafana.fullname" . }}-clusterrole 22 | apiGroup: rbac.authorization.k8s.io 23 | {{- end}} 24 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/templates/clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 7 | helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | app.kubernetes.io/managed-by: {{ .Release.Service }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | name: {{ template "kube-state-metrics.fullname" . }} 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: ClusterRole 14 | name: {{ template "kube-state-metrics.fullname" . }} 15 | subjects: 16 | - kind: ServiceAccount 17 | name: {{ template "kube-state-metrics.fullname" . }} 18 | namespace: {{ template "kube-state-metrics.namespace" . }} 19 | {{- end -}} 20 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/alertmanager/role.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.rbac.create (eq .Values.alertmanager.useClusterRole false) (not .Values.alertmanager.useExistingRole) -}} 2 | {{- range $.Values.alertmanager.namespaces }} 3 | apiVersion: {{ template "rbac.apiVersion" . }} 4 | kind: Role 5 | metadata: 6 | labels: 7 | {{- include "prometheus.alertmanager.labels" $ | nindent 4 }} 8 | name: {{ template "prometheus.alertmanager.fullname" $ }} 9 | namespace: {{ . }} 10 | rules: 11 | {{- if $.Values.podSecurityPolicy.enabled }} 12 | - apiGroups: 13 | - extensions 14 | resources: 15 | - podsecuritypolicies 16 | verbs: 17 | - use 18 | resourceNames: 19 | - {{ template "prometheus.alertmanager.fullname" $ }} 20 | {{- else }} 21 | [] 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/templates/pvc.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: {{ template "grafana.fullname" . }} 6 | labels: 7 | app: {{ template "grafana.name" . }} 8 | chart: {{ template "grafana.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | {{- with .Values.persistence.annotations }} 12 | annotations: 13 | {{ toYaml . | indent 4 }} 14 | {{- end }} 15 | spec: 16 | accessModes: 17 | {{- range .Values.persistence.accessModes }} 18 | - {{ . | quote }} 19 | {{- end }} 20 | resources: 21 | requests: 22 | storage: {{ .Values.persistence.size | quote }} 23 | storageClassName: {{ .Values.persistence.storageClassName }} 24 | {{- end -}} 25 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/alertmanager/clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.rbac.create .Values.alertmanager.useClusterRole -}} 2 | apiVersion: {{ template "rbac.apiVersion" . }} 3 | kind: ClusterRoleBinding 4 | metadata: 5 | labels: 6 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.alertmanager.fullname" . }} 8 | subjects: 9 | - kind: ServiceAccount 10 | name: {{ template "prometheus.serviceAccountName.alertmanager" . }} 11 | {{ include "prometheus.namespace" . | indent 4 }} 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: ClusterRole 15 | {{- if (not .Values.alertmanager.useExistingRole) }} 16 | name: {{ template "prometheus.alertmanager.fullname" . }} 17 | {{- else }} 18 | name: {{ .Values.alertmanager.useExistingRole }} 19 | {{- end }} 20 | {{- end }} 21 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/.github/stale.yml: -------------------------------------------------------------------------------- 1 | # Number of days of inactivity before an issue becomes stale 2 | daysUntilStale: 30 3 | # Number of days of inactivity before a stale issue is closed 4 | daysUntilClose: 14 5 | # Issues with these labels will never be considered stale 6 | exemptLabels: 7 | - lifecycle/frozen 8 | staleLabel: lifecycle/stale 9 | # Comment to post when marking an issue as stale. Set to `false` to disable 10 | markComment: > 11 | This issue has been automatically marked as stale because it has not had 12 | recent activity. It will be closed if no further activity occurs. Any further update will 13 | cause the issue/pull request to no longer be considered stale. Thank you for your contributions. 14 | # Comment to post when closing a stale issue. Set to `false` to disable 15 | closeComment: > 16 | This issue is being automatically closed due to inactivity. 17 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/.github/stale.yml: -------------------------------------------------------------------------------- 1 | # Number of days of inactivity before an issue becomes stale 2 | daysUntilStale: 30 3 | # Number of days of inactivity before a stale issue is closed 4 | daysUntilClose: 14 5 | # Issues with these labels will never be considered stale 6 | exemptLabels: 7 | - lifecycle/frozen 8 | staleLabel: lifecycle/stale 9 | # Comment to post when marking an issue as stale. Set to `false` to disable 10 | markComment: > 11 | This issue has been automatically marked as stale because it has not had 12 | recent activity. It will be closed if no further activity occurs. Any further update will 13 | cause the issue/pull request to no longer be considered stale. Thank you for your contributions. 14 | # Comment to post when closing a stale issue. Set to `false` to disable 15 | closeComment: > 16 | This issue is being automatically closed due to inactivity. 17 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.podSecurityPolicy.enabled .Values.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 7 | helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | app.kubernetes.io/managed-by: {{ .Release.Service }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | name: psp-{{ template "kube-state-metrics.fullname" . }} 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: ClusterRole 14 | name: psp-{{ template "kube-state-metrics.fullname" . }} 15 | subjects: 16 | - kind: ServiceAccount 17 | name: {{ template "kube-state-metrics.fullname" . }} 18 | namespace: {{ template "kube-state-metrics.namespace" . }} 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /internal/git/access.go: -------------------------------------------------------------------------------- 1 | package git 2 | 3 | import "sync" 4 | 5 | // Thread safe store of {[gitRepo]: token} 6 | type accessTokenMap struct { 7 | mu sync.RWMutex 8 | tokens map[string]string 9 | } 10 | 11 | // Get is a thread safe getter to do a map lookup in a getAccessTokens 12 | func (t *accessTokenMap) Get(repo string) (string, bool) { 13 | t.mu.RLock() 14 | token, exists := t.tokens[repo] 15 | t.mu.RUnlock() 16 | return token, exists 17 | } 18 | 19 | // Set is a thread safe setter method to modify a gitAccessTokenMap 20 | func (t *accessTokenMap) Set(repo, token string) { 21 | t.mu.Lock() 22 | t.tokens[repo] = token 23 | t.mu.Unlock() 24 | } 25 | 26 | // AccessTokens is a thread-safe global store of Personal Access Tokens which 27 | // is used to store PATs as they are discovered throughout the Install lifecycle 28 | var AccessTokens = accessTokenMap{ 29 | tokens: map[string]string{}, 30 | } 31 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: 2.21.0 3 | description: Prometheus is a monitoring system and time series database. 4 | home: https://prometheus.io/ 5 | icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png 6 | maintainers: 7 | - email: gianrubio@gmail.com 8 | name: gianrubio 9 | - email: zanhsieh@gmail.com 10 | name: zanhsieh 11 | - email: miroslav.hadzhiev@gmail.com 12 | name: Xtigyro 13 | - email: monotek23@gmail.com 14 | name: monotek 15 | - email: naseem@transit.app 16 | name: naseemkullah 17 | name: prometheus 18 | sources: 19 | - https://github.com/prometheus/alertmanager 20 | - https://github.com/prometheus/prometheus 21 | - https://github.com/prometheus/pushgateway 22 | - https://github.com/prometheus/node_exporter 23 | - https://github.com/kubernetes/kube-state-metrics 24 | version: 11.16.7 25 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/cassandra/templates/servicemonitor.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.exporter.enabled .Values.exporter.serviceMonitor.enabled }} 2 | apiVersion: monitoring.coreos.com/v1 3 | kind: ServiceMonitor 4 | metadata: 5 | name: {{ template "cassandra.fullname" . }} 6 | labels: 7 | app: {{ template "cassandra.name" . }} 8 | chart: {{ template "cassandra.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | {{- if .Values.exporter.serviceMonitor.additionalLabels }} 12 | {{ toYaml .Values.exporter.serviceMonitor.additionalLabels | indent 4 }} 13 | {{- end }} 14 | spec: 15 | jobLabel: {{ template "cassandra.name" . }} 16 | endpoints: 17 | - port: metrics 18 | interval: 10s 19 | selector: 20 | matchLabels: 21 | app: {{ template "cassandra.name" . }} 22 | namespaceSelector: 23 | any: true 24 | {{- end }} 25 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/templates/stsdiscovery-role.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.autosharding.enabled .Values.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }} 6 | namespace: {{ template "kube-state-metrics.namespace" . }} 7 | labels: 8 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 9 | helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/instance: {{ .Release.Name }} 12 | rules: 13 | - apiGroups: 14 | - "" 15 | resources: 16 | - pods 17 | verbs: 18 | - get 19 | - apiGroups: 20 | - apps 21 | resourceNames: 22 | - {{ template "kube-state-metrics.fullname" . }} 23 | resources: 24 | - statefulsets 25 | verbs: 26 | - get 27 | - list 28 | - watch 29 | {{- end }} 30 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/server-service-headless.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.statefulSet.enabled -}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | {{- if .Values.server.statefulSet.headless.annotations }} 6 | annotations: 7 | {{ toYaml .Values.server.statefulSet.headless.annotations | indent 4 }} 8 | {{- end }} 9 | labels: 10 | {{- include "prometheus.server.labels" . | nindent 4 }} 11 | {{- if .Values.server.statefulSet.headless.labels }} 12 | {{ toYaml .Values.server.statefulSet.headless.labels | indent 4 }} 13 | {{- end }} 14 | name: {{ template "prometheus.server.fullname" . }}-headless 15 | spec: 16 | clusterIP: None 17 | ports: 18 | - name: http 19 | port: {{ .Values.server.statefulSet.headless.servicePort }} 20 | protocol: TCP 21 | targetPort: 9090 22 | selector: 23 | {{- include "prometheus.server.matchLabels" . | nindent 4 }} 24 | {{- end -}} 25 | -------------------------------------------------------------------------------- /internal/url/core.go: -------------------------------------------------------------------------------- 1 | package url 2 | 3 | import ( 4 | "net/url" 5 | "path" 6 | "strings" 7 | ) 8 | 9 | // ToPath converts a url to a path like string. 10 | func ToPath(u string) (string, error) { 11 | noProtocol, err := removeProtocol(u) 12 | if err != nil { 13 | return "", err 14 | } 15 | 16 | var pathSegments []string 17 | for _, v := range strings.Split(noProtocol, "/") { 18 | if v != "" { 19 | pathSegments = append(pathSegments, v) 20 | } 21 | } 22 | 23 | return path.Join(pathSegments...), nil 24 | } 25 | 26 | func removeProtocol(repoURL string) (string, error) { 27 | // Return the original URL if it does not start with a protocol 28 | if !strings.Contains(repoURL, "://") { 29 | return repoURL, nil 30 | } 31 | 32 | // Parse the URL, remove the Scheme and leading "/" 33 | u, err := url.Parse(repoURL) 34 | if err != nil { 35 | return "", err 36 | } 37 | u.Scheme = "" 38 | 39 | return strings.TrimLeft(u.String(), "/"), nil 40 | } 41 | -------------------------------------------------------------------------------- /util/map_test.go: -------------------------------------------------------------------------------- 1 | package util 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/stretchr/testify/assert" 7 | ) 8 | 9 | func TestFlattenMap(t *testing.T) { 10 | nestedMap := map[string]interface{}{ 11 | "foo": "bar", 12 | "im": map[string]interface{}{ 13 | "a": map[string]interface{}{ 14 | "really": map[string]interface{}{ 15 | "nested": "map", 16 | }, 17 | "list": []int{1, 2, 3}, 18 | }}, 19 | } 20 | 21 | flattenedWithDots := FlattenMap(nestedMap, ".", []string{}) 22 | assert.EqualValues(t, map[string]interface{}{ 23 | "foo": "bar", 24 | "im.a.really.nested": "map", 25 | "im.a.list": []int{1, 2, 3}, 26 | }, flattenedWithDots) 27 | 28 | flattenedWithDashes := FlattenMap(nestedMap, "-", []string{}) 29 | assert.EqualValues(t, map[string]interface{}{ 30 | "foo": "bar", 31 | "im-a-really-nested": "map", 32 | "im-a-list": []int{1, 2, 3}, 33 | }, flattenedWithDashes) 34 | } 35 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.autosharding.enabled .Values.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }} 6 | namespace: {{ template "kube-state-metrics.namespace" . }} 7 | labels: 8 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 9 | helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/instance: {{ .Release.Name }} 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: Role 15 | name: stsdiscovery-{{ template "kube-state-metrics.fullname" . }} 16 | subjects: 17 | - kind: ServiceAccount 18 | name: {{ template "kube-state-metrics.fullname" . }} 19 | namespace: {{ template "kube-state-metrics.namespace" . }} 20 | {{- end }} 21 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/alertmanager/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.rbac.create (eq .Values.alertmanager.useClusterRole false) -}} 2 | {{ range $.Values.alertmanager.namespaces }} 3 | apiVersion: {{ template "rbac.apiVersion" . }} 4 | kind: RoleBinding 5 | metadata: 6 | labels: 7 | {{- include "prometheus.alertmanager.labels" $ | nindent 4 }} 8 | name: {{ template "prometheus.alertmanager.fullname" $ }} 9 | namespace: {{ . }} 10 | subjects: 11 | - kind: ServiceAccount 12 | name: {{ template "prometheus.serviceAccountName.alertmanager" $ }} 13 | {{ include "prometheus.namespace" $ | indent 4 }} 14 | roleRef: 15 | apiGroup: rbac.authorization.k8s.io 16 | kind: Role 17 | {{- if (not $.Values.alertmanager.useExistingRole) }} 18 | name: {{ template "prometheus.alertmanager.fullname" $ }} 19 | {{- else }} 20 | name: {{ $.Values.alertmanager.useExistingRole }} 21 | {{- end }} 22 | {{- end }} 23 | {{ end }} 24 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/templates/psp-clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.podSecurityPolicy.enabled .Values.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 7 | helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | app.kubernetes.io/managed-by: {{ .Release.Service }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | name: psp-{{ template "kube-state-metrics.fullname" . }} 11 | rules: 12 | {{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} 13 | {{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }} 14 | - apiGroups: ['policy'] 15 | {{- else }} 16 | - apiGroups: ['extensions'] 17 | {{- end }} 18 | resources: ['podsecuritypolicies'] 19 | verbs: ['use'] 20 | resourceNames: 21 | - {{ template "kube-state-metrics.fullname" . }} 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/server-clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.create }} 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | kind: ClusterRole 4 | metadata: 5 | labels: 6 | {{- include "prometheus.server.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.server.fullname" . }} 8 | rules: 9 | - apiGroups: 10 | - "" 11 | resources: 12 | - nodes 13 | - nodes/proxy 14 | - services 15 | - endpoints 16 | - pods 17 | - ingresses 18 | verbs: 19 | - get 20 | - list 21 | - watch 22 | - apiGroups: 23 | - "" 24 | resources: 25 | - configmaps 26 | verbs: 27 | - get 28 | - apiGroups: 29 | - "extensions" 30 | resources: 31 | - ingresses/status 32 | - ingresses 33 | verbs: 34 | - get 35 | - list 36 | - watch 37 | - nonResourceURLs: 38 | - "/metrics" 39 | verbs: 40 | - get 41 | {{- end }} 42 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/data-pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.data.podDisruptionBudget.enabled }} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | labels: 6 | app: {{ template "elasticsearch.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | component: "{{ .Values.data.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "elasticsearch.data.fullname" . }} 12 | spec: 13 | {{- if .Values.data.podDisruptionBudget.minAvailable }} 14 | minAvailable: {{ .Values.data.podDisruptionBudget.minAvailable }} 15 | {{- end }} 16 | {{- if .Values.data.podDisruptionBudget.maxUnavailable }} 17 | maxUnavailable: {{ .Values.data.podDisruptionBudget.maxUnavailable }} 18 | {{- end }} 19 | selector: 20 | matchLabels: 21 | app: {{ template "elasticsearch.name" . }} 22 | component: "{{ .Values.data.name }}" 23 | release: {{ .Release.Name }} 24 | {{- end }} 25 | -------------------------------------------------------------------------------- /internal/generators/static_test.go: -------------------------------------------------------------------------------- 1 | package generators 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/microsoft/fabrikate/internal/core" 7 | "github.com/stretchr/testify/assert" 8 | ) 9 | 10 | func TestStaticGenerator_Generate(t *testing.T) { 11 | component := core.Component{ 12 | Name: "foo", 13 | Path: "", 14 | PhysicalPath: "../../testdata/invaliddir", 15 | } 16 | 17 | generator := &StaticGenerator{} 18 | _, err := generator.Generate(&component) 19 | assert.NotNil(t, err) 20 | } 21 | 22 | func TestGetStaticComponentPath(t *testing.T) { 23 | component := core.Component{ 24 | Name: "kv-flexvol", 25 | ComponentType: "static", 26 | Method: "http", 27 | Source: "https://raw.githubusercontent.com/Azure/kubernetes-keyvault-flexvol/master/deployment/kv-flexvol-installer.yaml", 28 | } 29 | 30 | expectedComponentPath := "components/kv-flexvol" 31 | componentPath := GetStaticManifestsPath(component) 32 | 33 | assert.Equal(t, expectedComponentPath, componentPath) 34 | } 35 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/client-pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.client.podDisruptionBudget.enabled }} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | labels: 6 | app: {{ template "elasticsearch.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | component: "{{ .Values.client.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "elasticsearch.client.fullname" . }} 12 | spec: 13 | {{- if .Values.client.podDisruptionBudget.minAvailable }} 14 | minAvailable: {{ .Values.client.podDisruptionBudget.minAvailable }} 15 | {{- end }} 16 | {{- if .Values.client.podDisruptionBudget.maxUnavailable }} 17 | maxUnavailable: {{ .Values.client.podDisruptionBudget.maxUnavailable }} 18 | {{- end }} 19 | selector: 20 | matchLabels: 21 | app: {{ template "elasticsearch.name" . }} 22 | component: "{{ .Values.client.name }}" 23 | release: {{ .Release.Name }} 24 | {{- end }} 25 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/master-pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.master.podDisruptionBudget.enabled }} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | labels: 6 | app: {{ template "elasticsearch.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | component: "{{ .Values.master.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "elasticsearch.master.fullname" . }} 12 | spec: 13 | {{- if .Values.master.podDisruptionBudget.minAvailable }} 14 | minAvailable: {{ .Values.master.podDisruptionBudget.minAvailable }} 15 | {{- end }} 16 | {{- if .Values.master.podDisruptionBudget.maxUnavailable }} 17 | maxUnavailable: {{ .Values.master.podDisruptionBudget.maxUnavailable }} 18 | {{- end }} 19 | selector: 20 | matchLabels: 21 | app: {{ template "elasticsearch.name" . }} 22 | component: "{{ .Values.master.name }}" 23 | release: {{ .Release.Name }} 24 | {{- end }} 25 | -------------------------------------------------------------------------------- /internal/cmd/find_test.go: -------------------------------------------------------------------------------- 1 | package cmd 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/google/go-github/v28/github" 7 | "github.com/stretchr/testify/assert" 8 | ) 9 | 10 | func TestGetFabrikateComponents(t *testing.T) { 11 | githubCodeResults := []github.CodeResult{} 12 | paths := []string{ 13 | "definitions/fabrikate-prometheus-grafana/README.md", 14 | "samples/kafka-strimzi-portworx/config/README.md", 15 | "definitions/linkerd/README.md", 16 | "definitions/linkerd/component.yaml", 17 | "samples/kafka-strimzi-portworx/config/common.yaml", 18 | } 19 | 20 | for _, path := range paths { 21 | var p = path 22 | githubCodeResults = append(githubCodeResults, github.CodeResult{Path: &p}) 23 | } 24 | 25 | components := GetFabrikateComponents(githubCodeResults) 26 | assert.Equal(t, 2, len(components)) 27 | } 28 | 29 | func TestGetFabrikateComponentsEmpty(t *testing.T) { 30 | githubCodeResults := []github.CodeResult{} 31 | 32 | components := GetFabrikateComponents(githubCodeResults) 33 | assert.Equal(t, 0, len(components)) 34 | } 35 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.podSecurityPolicy.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | kind: RoleBinding 4 | metadata: 5 | name: {{ template "elasticsearch.fullname" . }} 6 | labels: 7 | app: {{ template "elasticsearch.name" . }} 8 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | roleRef: 12 | kind: Role 13 | name: {{ template "elasticsearch.fullname" . }} 14 | apiGroup: rbac.authorization.k8s.io 15 | subjects: 16 | - kind: ServiceAccount 17 | name: {{ template "elasticsearch.serviceAccountName.client" . }} 18 | namespace: {{ .Release.Namespace }} 19 | - kind: ServiceAccount 20 | name: {{ template "elasticsearch.serviceAccountName.data" . }} 21 | namespace: {{ .Release.Namespace }} 22 | - kind: ServiceAccount 23 | name: {{ template "elasticsearch.serviceAccountName.master" . }} 24 | namespace: {{ .Release.Namespace }} 25 | {{- end }} 26 | 27 | -------------------------------------------------------------------------------- /internal/cmd/remove_test.go: -------------------------------------------------------------------------------- 1 | package cmd 2 | 3 | import ( 4 | "testing" 5 | 6 | "github.com/microsoft/fabrikate/internal/core" 7 | "github.com/stretchr/testify/assert" 8 | ) 9 | 10 | func TestRemove(t *testing.T) { 11 | root := core.Component{ 12 | Name: "root", 13 | } 14 | subcomponentC := core.Component{ 15 | Name: "subcomponentC", 16 | } 17 | subcomponentA := core.Component{ 18 | Name: "subcomponentA", 19 | } 20 | subcomponentB := core.Component{ 21 | Name: "subcomponentB", 22 | } 23 | 24 | assert.Nil(t, root.AddSubcomponent(subcomponentC, subcomponentA, subcomponentB)) 25 | assert.True(t, len(root.Subcomponents) == 3) // There should be 3 subcomponents 26 | 27 | assert.Nil(t, root.RemoveSubcomponent(subcomponentB)) 28 | assert.True(t, len(root.Subcomponents) == 2) // There should be 2 subcomponents 29 | assert.True(t, root.Subcomponents[0].Name == "subcomponentA") // "subcomponentA" should be first after sorting 30 | assert.True(t, root.Subcomponents[1].Name == "subcomponentC") // "subcomponentC" should be second after sorting 31 | } 32 | -------------------------------------------------------------------------------- /testdata/definition/infra-single/components/infra-single/fabrikate-elasticsearch-fluentd-kibana/component.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "elasticsearch-fluentd-kibana", 3 | "type": "static", 4 | "path": "./manifests", 5 | "subcomponents": [ 6 | { 7 | "name": "elasticsearch", 8 | "type": "helm", 9 | "source": "https://github.com/helm/charts", 10 | "method": "git", 11 | "path": "stable/elasticsearch" 12 | }, 13 | { 14 | "name": "elasticsearch-curator", 15 | "type": "helm", 16 | "source": "https://github.com/helm/charts", 17 | "method": "git", 18 | "path": "stable/elasticsearch-curator" 19 | }, 20 | { 21 | "name": "fluentd-elasticsearch", 22 | "type": "helm", 23 | "source": "https://github.com/helm/charts", 24 | "method": "git", 25 | "path": "stable/fluentd-elasticsearch" 26 | }, 27 | { 28 | "name": "kibana", 29 | "type": "helm", 30 | "source": "https://github.com/helm/charts", 31 | "method": "git", 32 | "path": "stable/kibana" 33 | } 34 | ] 35 | } 36 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/query-svc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.query.enabled -}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ template "jaeger.query.name" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/component: query 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/instance: {{ .Release.Name }} 12 | {{- if .Values.query.service.annotations }} 13 | annotations: 14 | {{ toYaml .Values.query.service.annotations | indent 4 }} 15 | {{- end }} 16 | spec: 17 | ports: 18 | - name: query 19 | port: {{ .Values.query.service.port }} 20 | protocol: TCP 21 | targetPort: query 22 | selector: 23 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 24 | app.kubernetes.io/component: query 25 | app.kubernetes.io/instance: {{ .Release.Name }} 26 | type: {{ .Values.query.service.type }} 27 | {{- template "loadBalancerSourceRanges" .Values.query }} 28 | {{- end -}} 29 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright 2019 Bhargav Nookala 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 4 | 5 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 6 | 7 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/ci/hooks-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Enable custom lifecycle hooks for client, data and master pods 3 | 4 | client: 5 | hooks: 6 | preStop: |- 7 | #!/bin/bash 8 | echo "Node {{ template "elasticsearch.client.fullname" . }} is shutting down" 9 | postStart: |- 10 | #!/bin/bash 11 | echo "Node {{ template "elasticsearch.client.fullname" . }} is ready to be used" 12 | 13 | data: 14 | hooks: 15 | drain: 16 | enabled: false 17 | preStop: |- 18 | #!/bin/bash 19 | echo "Node {{ template "elasticsearch.data.fullname" . }} is shutting down" 20 | postStart: |- 21 | #!/bin/bash 22 | echo "Node {{ template "elasticsearch.data.fullname" . }} is ready to be used" 23 | 24 | master: 25 | hooks: 26 | preStop: |- 27 | #!/bin/bash 28 | echo "Node {{ template "elasticsearch.master.fullname" . }} is shutting down" 29 | postStart: |- 30 | #!/bin/bash 31 | echo "Node {{ template "elasticsearch.master.fullname" . }} is ready to be used" 32 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/templates/servicemonitor.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.prometheus.monitor.enabled }} 2 | apiVersion: monitoring.coreos.com/v1 3 | kind: ServiceMonitor 4 | metadata: 5 | name: {{ template "kube-state-metrics.fullname" . }} 6 | namespace: {{ template "kube-state-metrics.namespace" . }} 7 | labels: 8 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 9 | helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 10 | app.kubernetes.io/instance: "{{ .Release.Name }}" 11 | app.kubernetes.io/managed-by: "{{ .Release.Service }}" 12 | {{- if .Values.prometheus.monitor.additionalLabels }} 13 | {{ toYaml .Values.prometheus.monitor.additionalLabels | indent 4 }} 14 | {{- end }} 15 | spec: 16 | selector: 17 | matchLabels: 18 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 19 | app.kubernetes.io/instance: {{ .Release.Name }} 20 | endpoints: 21 | - port: http 22 | {{- if .Values.prometheus.monitor.honorLabels }} 23 | honorLabels: true 24 | {{- end }} 25 | {{- end }} 26 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/server/vpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | {{- if .Values.server.verticalAutoscaler.enabled -}} 3 | apiVersion: autoscaling.k8s.io/v1beta2 4 | kind: VerticalPodAutoscaler 5 | metadata: 6 | labels: 7 | {{- include "prometheus.server.labels" . | nindent 4 }} 8 | name: {{ template "prometheus.server.fullname" . }}-vpa 9 | {{ include "prometheus.namespace" . | indent 2 }} 10 | spec: 11 | targetRef: 12 | {{- if .Values.server.statefulSet.enabled }} 13 | apiVersion: "apps/v1" 14 | kind: StatefulSet 15 | {{- else }} 16 | apiVersion: "extensions/v1beta1" 17 | kind: Deployment 18 | {{- end }} 19 | name: {{ template "prometheus.server.fullname" . }} 20 | updatePolicy: 21 | updateMode: {{ .Values.server.verticalAutoscaler.updateMode | default "Off" | quote }} 22 | resourcePolicy: 23 | containerPolicies: {{ .Values.server.verticalAutoscaler.containerPolicies | default list | toYaml | trim | nindent 4 }} 24 | {{- end -}} {{/* if .Values.server.verticalAutoscaler.enabled */}} 25 | {{- end -}} {{/* .Values.server.enabled */}} 26 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/hotrod-svc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.hotrod.enabled -}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ include "jaeger.fullname" . }}-hotrod 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/component: hotrod 10 | app.kubernetes.io/instance: {{ .Release.Name }} 11 | app.kubernetes.io/managed-by: {{ .Release.Service }} 12 | {{- if .Values.hotrod.service.annotations }} 13 | annotations: 14 | {{ toYaml .Values.hotrod.service.annotations | indent 4 }} 15 | {{- end }} 16 | spec: 17 | type: {{ .Values.hotrod.service.type }} 18 | ports: 19 | - name: http 20 | port: {{ .Values.hotrod.service.port }} 21 | protocol: TCP 22 | targetPort: http 23 | selector: 24 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 25 | app.kubernetes.io/component: hotrod 26 | app.kubernetes.io/instance: {{ .Release.Name }} 27 | {{- template "loadBalancerSourceRanges" .Values.hotrod }} 28 | {{- end -}} 29 | -------------------------------------------------------------------------------- /internal/helm/template.go: -------------------------------------------------------------------------------- 1 | package helm 2 | 3 | import ( 4 | "bytes" 5 | "fmt" 6 | "os/exec" 7 | ) 8 | 9 | // TemplateOptions encapsulate the options for `helm template` 10 | type TemplateOptions struct { 11 | Release string 12 | RepoURL string 13 | Chart string 14 | Version string 15 | Namespace string 16 | Values []string 17 | } 18 | 19 | // Template is a command for `helm template` 20 | func Template(opts TemplateOptions) (string, error) { 21 | templateArgs := []string{"template", opts.Release, opts.Chart, 22 | "--repo", opts.RepoURL, 23 | "--dependency-update", 24 | "--create-namespace", 25 | "--namespace", opts.Namespace} 26 | 27 | for _, yamlPath := range opts.Values { 28 | templateArgs = append(templateArgs, "--values", yamlPath) 29 | } 30 | 31 | templateCmd := exec.Command("helm", templateArgs...) 32 | var stdout, stderr bytes.Buffer 33 | templateCmd.Stdout = &stdout 34 | templateCmd.Stderr = &stderr 35 | 36 | if err := templateCmd.Run(); err != nil { 37 | return "", fmt.Errorf("%v: %v", err, stderr.String()) 38 | } 39 | 40 | return stdout.String(), nil 41 | } 42 | -------------------------------------------------------------------------------- /azure-pipelines.yml: -------------------------------------------------------------------------------- 1 | schedules: 2 | - cron: "0 0 * * *" 3 | displayName: "Daily midnight build" 4 | branches: 5 | include: 6 | - master 7 | always: true 8 | 9 | pool: 10 | vmImage: "Ubuntu-16.04" 11 | 12 | variables: 13 | linterTimeout: "5m" 14 | 15 | steps: 16 | # https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/tool/go-tool 17 | - task: GoTool@0 18 | inputs: 19 | version: "1.15" 20 | 21 | - script: | 22 | curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.30.0 23 | ./bin/golangci-lint run --timeout $(linterTimeout) 24 | displayName: "Lint" 25 | 26 | - script: | 27 | scripts/build clean 28 | displayName: "Clean" 29 | 30 | - script: | 31 | HELM_URL=https://get.helm.sh 32 | HELM_TGZ=helm-v3.1.2-linux-amd64.tar.gz 33 | wget -q ${HELM_URL}/${HELM_TGZ} 34 | tar xzfv ${HELM_TGZ} 35 | PATH=`pwd`/linux-amd64/:$PATH 36 | displayName: "Install helm" 37 | 38 | - task: Go@0 39 | displayName: Test 40 | inputs: 41 | command: test 42 | arguments: -v -race ./... 43 | -------------------------------------------------------------------------------- /internal/helm/pull.go: -------------------------------------------------------------------------------- 1 | package helm 2 | 3 | import ( 4 | "bytes" 5 | "fmt" 6 | "os/exec" 7 | ) 8 | 9 | // Pull will do a `helm pull` for the target chart and extract the chart to 10 | // `into`. 11 | // Note that the directory structure will look like: //Chart.yaml 12 | func Pull(repoURL string, chart string, version string, into string) error { 13 | // check if existing repo with same URL in host client 14 | existingRepo, _ := FindRepoNameByURL(repoURL) 15 | if len(existingRepo) > 0 { 16 | chart = existingRepo + "/" + chart 17 | } 18 | 19 | // arguments don't include --repo by default 20 | pullArgs := []string{"pull", chart, 21 | "--version", version, 22 | "--untar", 23 | "--untardir", into} 24 | 25 | // use the --repo option to pull directly from URL if repo not on host Helm 26 | if len(existingRepo) == 0 { 27 | pullArgs = append(pullArgs, "--repo", repoURL) 28 | } 29 | 30 | cmd := exec.Command("helm", pullArgs...) 31 | var stderr bytes.Buffer 32 | cmd.Stderr = &stderr 33 | 34 | if err := cmd.Run(); err != nil { 35 | return fmt.Errorf("%w: %v", err, stderr.String()) 36 | } 37 | 38 | return nil 39 | } 40 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/server-pvc.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.server.statefulSet.enabled -}} 2 | {{- if .Values.server.persistentVolume.enabled -}} 3 | {{- if not .Values.server.persistentVolume.existingClaim -}} 4 | apiVersion: v1 5 | kind: PersistentVolumeClaim 6 | metadata: 7 | {{- if .Values.server.persistentVolume.annotations }} 8 | annotations: 9 | {{ toYaml .Values.server.persistentVolume.annotations | indent 4 }} 10 | {{- end }} 11 | labels: 12 | {{- include "prometheus.server.labels" . | nindent 4 }} 13 | name: {{ template "prometheus.server.fullname" . }} 14 | spec: 15 | accessModes: 16 | {{ toYaml .Values.server.persistentVolume.accessModes | indent 4 }} 17 | {{- if .Values.server.persistentVolume.storageClass }} 18 | {{- if (eq "-" .Values.server.persistentVolume.storageClass) }} 19 | storageClassName: "" 20 | {{- else }} 21 | storageClassName: "{{ .Values.server.persistentVolume.storageClass }}" 22 | {{- end }} 23 | {{- end }} 24 | resources: 25 | requests: 26 | storage: "{{ .Values.server.persistentVolume.size }}" 27 | {{- end -}} 28 | {{- end -}} 29 | {{- end -}} 30 | -------------------------------------------------------------------------------- /internal/cmd/install_test.go: -------------------------------------------------------------------------------- 1 | package cmd 2 | 3 | import ( 4 | "testing" 5 | ) 6 | 7 | func TestInstall(t *testing.T) { 8 | type args struct { 9 | path string 10 | } 11 | tests := []struct { 12 | name string 13 | args args 14 | wantErr bool 15 | }{ 16 | { 17 | "json", 18 | args{"../../testdata/install"}, 19 | false, 20 | }, 21 | 22 | { 23 | "yaml", 24 | args{"../../testdata/install-yaml"}, 25 | false, 26 | }, 27 | 28 | { 29 | "hooks", 30 | args{"../../testdata/install-hooks"}, 31 | false, 32 | }, 33 | 34 | { 35 | "private git", 36 | args{"../../testdata/install-private"}, 37 | true, 38 | }, 39 | 40 | { 41 | "helm", 42 | args{"../../testdata/install-helm"}, 43 | false, 44 | }, 45 | 46 | { 47 | "repo-alias", 48 | args{"../../testdata/repo-alias"}, 49 | false, 50 | }, 51 | } 52 | 53 | for _, tt := range tests { 54 | defer func() { 55 | // _ = util.UninstallComponents(tt.args.path) 56 | }() 57 | 58 | t.Run(tt.name, func(t *testing.T) { 59 | if err := Install(tt.args.path); (err != nil) != tt.wantErr { 60 | t.Errorf("Install() error = %v, wantErr %v", err, tt.wantErr) 61 | } 62 | }) 63 | } 64 | } 65 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/alertmanager-service-headless.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.alertmanager.statefulSet.enabled -}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | {{- if .Values.alertmanager.statefulSet.headless.annotations }} 6 | annotations: 7 | {{ toYaml .Values.alertmanager.statefulSet.headless.annotations | indent 4 }} 8 | {{- end }} 9 | labels: 10 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 11 | {{- if .Values.alertmanager.statefulSet.headless.labels }} 12 | {{ toYaml .Values.alertmanager.statefulSet.headless.labels | indent 4 }} 13 | {{- end }} 14 | name: {{ template "prometheus.alertmanager.fullname" . }}-headless 15 | spec: 16 | clusterIP: None 17 | ports: 18 | - name: http 19 | port: {{ .Values.alertmanager.statefulSet.headless.servicePort }} 20 | protocol: TCP 21 | targetPort: 9093 22 | {{- if .Values.alertmanager.statefulSet.headless.enableMeshPeer }} 23 | - name: meshpeer 24 | port: 6783 25 | protocol: TCP 26 | targetPort: 6783 27 | {{- end }} 28 | selector: 29 | {{- include "prometheus.alertmanager.matchLabels" . | nindent 4 }} 30 | {{- end }} 31 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) Microsoft Corporation. All rights reserved. 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE 22 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/alertmanager/headless-svc.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.alertmanager.statefulSet.enabled -}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | {{- if .Values.alertmanager.statefulSet.headless.annotations }} 6 | annotations: 7 | {{ toYaml .Values.alertmanager.statefulSet.headless.annotations | indent 4 }} 8 | {{- end }} 9 | labels: 10 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 11 | {{- if .Values.alertmanager.statefulSet.headless.labels }} 12 | {{ toYaml .Values.alertmanager.statefulSet.headless.labels | indent 4 }} 13 | {{- end }} 14 | name: {{ template "prometheus.alertmanager.fullname" . }}-headless 15 | {{ include "prometheus.namespace" . | indent 2 }} 16 | spec: 17 | clusterIP: None 18 | ports: 19 | - name: http 20 | port: {{ .Values.alertmanager.statefulSet.headless.servicePort }} 21 | protocol: TCP 22 | targetPort: 9093 23 | {{- if .Values.alertmanager.statefulSet.headless.enableMeshPeer }} 24 | - name: meshpeer 25 | port: 6783 26 | protocol: TCP 27 | targetPort: 6783 28 | {{- end }} 29 | selector: 30 | {{- include "prometheus.alertmanager.matchLabels" . | nindent 4 }} 31 | {{- end }} 32 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/pushgateway-ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.pushgateway.enabled .Values.pushgateway.ingress.enabled -}} 2 | {{- $releaseName := .Release.Name -}} 3 | {{- $serviceName := include "prometheus.pushgateway.fullname" . }} 4 | {{- $servicePort := .Values.pushgateway.service.servicePort -}} 5 | apiVersion: extensions/v1beta1 6 | kind: Ingress 7 | metadata: 8 | {{- if .Values.pushgateway.ingress.annotations }} 9 | annotations: 10 | {{ toYaml .Values.pushgateway.ingress.annotations | indent 4}} 11 | {{- end }} 12 | labels: 13 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 14 | name: {{ template "prometheus.pushgateway.fullname" . }} 15 | spec: 16 | rules: 17 | {{- range .Values.pushgateway.ingress.hosts }} 18 | {{- $url := splitList "/" . }} 19 | - host: {{ first $url }} 20 | http: 21 | paths: 22 | - path: /{{ rest $url | join "/" }} 23 | backend: 24 | serviceName: {{ $serviceName }} 25 | servicePort: {{ $servicePort }} 26 | {{- end -}} 27 | {{- if .Values.pushgateway.ingress.tls }} 28 | tls: 29 | {{ toYaml .Values.pushgateway.ingress.tls | indent 4 }} 30 | {{- end -}} 31 | {{- end -}} 32 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/alertmanager-pvc.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.alertmanager.statefulSet.enabled -}} 2 | {{- if and .Values.alertmanager.enabled .Values.alertmanager.persistentVolume.enabled -}} 3 | {{- if not .Values.alertmanager.persistentVolume.existingClaim -}} 4 | apiVersion: v1 5 | kind: PersistentVolumeClaim 6 | metadata: 7 | {{- if .Values.alertmanager.persistentVolume.annotations }} 8 | annotations: 9 | {{ toYaml .Values.alertmanager.persistentVolume.annotations | indent 4 }} 10 | {{- end }} 11 | labels: 12 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 13 | name: {{ template "prometheus.alertmanager.fullname" . }} 14 | spec: 15 | accessModes: 16 | {{ toYaml .Values.alertmanager.persistentVolume.accessModes | indent 4 }} 17 | {{- if .Values.alertmanager.persistentVolume.storageClass }} 18 | {{- if (eq "-" .Values.alertmanager.persistentVolume.storageClass) }} 19 | storageClassName: "" 20 | {{- else }} 21 | storageClassName: "{{ .Values.alertmanager.persistentVolume.storageClass }}" 22 | {{- end }} 23 | {{- end }} 24 | resources: 25 | requests: 26 | storage: "{{ .Values.alertmanager.persistentVolume.size }}" 27 | {{- end -}} 28 | {{- end -}} 29 | {{- end -}} 30 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/query-ing.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.query.ingress.enabled -}} 2 | {{- $servicePort := .Values.query.service.port -}} 3 | {{- $basePath := .Values.query.basePath -}} 4 | apiVersion: extensions/v1beta1 5 | kind: Ingress 6 | metadata: 7 | name: {{ template "jaeger.query.name" . }} 8 | labels: 9 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 10 | helm.sh/chart: {{ include "jaeger.chart" . }} 11 | app.kubernetes.io/component: query 12 | app.kubernetes.io/managed-by: {{ .Release.Service }} 13 | app.kubernetes.io/instance: {{ .Release.Name }} 14 | {{- if .Values.query.ingress.annotations }} 15 | annotations: 16 | {{ toYaml .Values.query.ingress.annotations | indent 4 }} 17 | {{- end }} 18 | spec: 19 | rules: 20 | {{- range $host := .Values.query.ingress.hosts }} 21 | - host: {{ $host }} 22 | http: 23 | paths: 24 | - path: {{ $basePath }} 25 | backend: 26 | serviceName: {{ template "jaeger.query.name" $ }} 27 | servicePort: {{ $servicePort }} 28 | {{- end -}} 29 | {{- if .Values.query.ingress.tls }} 30 | tls: 31 | {{ toYaml .Values.query.ingress.tls | indent 4 }} 32 | {{- end -}} 33 | {{- end -}} 34 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/podsecuritypolicy.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.podSecurityPolicy.enabled }} 2 | apiVersion: policy/v1beta1 3 | kind: PodSecurityPolicy 4 | metadata: 5 | name: {{ template "elasticsearch.fullname" . }} 6 | labels: 7 | app: {{ template "elasticsearch.name" . }} 8 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | annotations: 12 | {{- if .Values.podSecurityPolicy.annotations }} 13 | {{ toYaml .Values.podSecurityPolicy.annotations | indent 4 }} 14 | {{- end }} 15 | spec: 16 | privileged: true 17 | allowPrivilegeEscalation: true 18 | volumes: 19 | - 'configMap' 20 | - 'secret' 21 | - 'emptyDir' 22 | - 'persistentVolumeClaim' 23 | hostNetwork: false 24 | hostPID: false 25 | hostIPC: false 26 | runAsUser: 27 | rule: 'RunAsAny' 28 | runAsGroup: 29 | rule: 'RunAsAny' 30 | seLinux: 31 | rule: 'RunAsAny' 32 | supplementalGroups: 33 | rule: 'RunAsAny' 34 | fsGroup: 35 | rule: 'MustRunAs' 36 | ranges: 37 | - min: 1000 38 | max: 1000 39 | readOnlyRootFilesystem: false 40 | hostPorts: 41 | - min: 1 42 | max: 65535 43 | {{- end }} 44 | -------------------------------------------------------------------------------- /util/file.go: -------------------------------------------------------------------------------- 1 | package util 2 | 3 | import ( 4 | "os" 5 | "path/filepath" 6 | "regexp" 7 | ) 8 | 9 | // ListComponentInstallDirectories returns all subdirectories in `directory` which have have the name 10 | // "components" or "helm_repos"; this is mainly used as a helper function for cleaning up test `Install`s 11 | func ListComponentInstallDirectories(directory string) (componentDirs []string, err error) { 12 | err = filepath.Walk(directory, func(path string, file os.FileInfo, err error) error { 13 | if err != nil { 14 | return err 15 | } 16 | if file.IsDir() { 17 | if match, err := regexp.MatchString("/(components|helm_repos)$", path); match && err == nil { 18 | componentDirs = append(componentDirs, path) 19 | } 20 | } 21 | return nil 22 | }) 23 | 24 | return componentDirs, err 25 | } 26 | 27 | // UninstallComponents uninstalls any components in any subdirectory under `path`. 28 | // Equivalent to `rm -rf **/components **/helm_repos` 29 | func UninstallComponents(path string) (err error) { 30 | dirsToClean, err := ListComponentInstallDirectories(path) 31 | if err != nil { 32 | return err 33 | } 34 | for _, dir := range dirsToClean { 35 | if err = os.RemoveAll(dir); err != nil { 36 | return err 37 | } 38 | } 39 | return err 40 | } 41 | -------------------------------------------------------------------------------- /internal/cmd/version.go: -------------------------------------------------------------------------------- 1 | // Copyright © 2018 NAME HERE 2 | // 3 | // Licensed under the Apache License, Version 2.0 (the "License"); 4 | // you may not use this file except in compliance with the License. 5 | // You may obtain a copy of the License at 6 | // 7 | // http://www.apache.org/licenses/LICENSE-2.0 8 | // 9 | // Unless required by applicable law or agreed to in writing, software 10 | // distributed under the License is distributed on an "AS IS" BASIS, 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | // See the License for the specific language governing permissions and 13 | // limitations under the License. 14 | 15 | package cmd 16 | 17 | import ( 18 | "github.com/microsoft/fabrikate/internal/logger" 19 | "github.com/spf13/cobra" 20 | ) 21 | 22 | var versionCmd = &cobra.Command{ 23 | Use: "version", 24 | Short: "The version of Fabrikate being used", 25 | Long: "The version of Fabrikate being used", 26 | Run: func(cmd *cobra.Command, args []string) { 27 | PrintVersion() 28 | }, 29 | } 30 | 31 | // PrintVersion prints the current version of Fabrikate being used. 32 | func PrintVersion() { 33 | logger.Info("fab version 1.0.0-alpha1") 34 | } 35 | 36 | func init() { 37 | rootCmd.AddCommand(versionCmd) 38 | } 39 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/server-ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.ingress.enabled -}} 2 | {{- $releaseName := .Release.Name -}} 3 | {{- $serviceName := include "prometheus.server.fullname" . }} 4 | {{- $servicePort := .Values.server.service.servicePort -}} 5 | apiVersion: extensions/v1beta1 6 | kind: Ingress 7 | metadata: 8 | {{- if .Values.server.ingress.annotations }} 9 | annotations: 10 | {{ toYaml .Values.server.ingress.annotations | indent 4 }} 11 | {{- end }} 12 | labels: 13 | {{- include "prometheus.server.labels" . | nindent 4 }} 14 | {{- range $key, $value := .Values.server.ingress.extraLabels }} 15 | {{ $key }}: {{ $value }} 16 | {{- end }} 17 | name: {{ template "prometheus.server.fullname" . }} 18 | spec: 19 | rules: 20 | {{- range .Values.server.ingress.hosts }} 21 | {{- $url := splitList "/" . }} 22 | - host: {{ first $url }} 23 | http: 24 | paths: 25 | - path: /{{ rest $url | join "/" }} 26 | backend: 27 | serviceName: {{ $serviceName }} 28 | servicePort: {{ $servicePort }} 29 | {{- end -}} 30 | {{- if .Values.server.ingress.tls }} 31 | tls: 32 | {{ toYaml .Values.server.ingress.tls | indent 4 }} 33 | {{- end -}} 34 | {{- end -}} 35 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/server/clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.server.enabled .Values.rbac.create (empty .Values.server.useExistingClusterRoleName) -}} 2 | apiVersion: {{ template "rbac.apiVersion" . }} 3 | kind: ClusterRole 4 | metadata: 5 | labels: 6 | {{- include "prometheus.server.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.server.fullname" . }} 8 | rules: 9 | {{- if .Values.podSecurityPolicy.enabled }} 10 | - apiGroups: 11 | - extensions 12 | resources: 13 | - podsecuritypolicies 14 | verbs: 15 | - use 16 | resourceNames: 17 | - {{ template "prometheus.server.fullname" . }} 18 | {{- end }} 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - nodes 23 | - nodes/proxy 24 | - nodes/metrics 25 | - services 26 | - endpoints 27 | - pods 28 | - ingresses 29 | - configmaps 30 | verbs: 31 | - get 32 | - list 33 | - watch 34 | - apiGroups: 35 | - "extensions" 36 | - "networking.k8s.io" 37 | resources: 38 | - ingresses/status 39 | - ingresses 40 | verbs: 41 | - get 42 | - list 43 | - watch 44 | - nonResourceURLs: 45 | - "/metrics" 46 | verbs: 47 | - get 48 | {{- end }} 49 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/microsoft/fabrikate 2 | 3 | go 1.15 4 | 5 | require ( 6 | github.com/golang/protobuf v1.3.2 // indirect 7 | github.com/google/go-github/v28 v28.0.1 8 | github.com/google/uuid v1.1.1 9 | github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect 10 | github.com/kyokomi/emoji v2.1.0+incompatible 11 | github.com/onsi/ginkgo v1.11.0 // indirect 12 | github.com/onsi/gomega v1.7.0 // indirect 13 | github.com/otiai10/copy v1.0.1 14 | github.com/otiai10/curr v0.0.0-20190513014714-f5a3d24e5776 // indirect 15 | github.com/sirupsen/logrus v1.4.2 16 | github.com/spf13/afero v1.2.2 // indirect 17 | github.com/spf13/cast v1.3.1 // indirect 18 | github.com/spf13/cobra v1.0.0 19 | github.com/spf13/pflag v1.0.5 // indirect 20 | github.com/spf13/viper v1.4.0 21 | github.com/stretchr/testify v1.5.1 22 | github.com/timfpark/conjungo v1.0.1 23 | github.com/timfpark/yaml v0.0.0-20190612232118-2e9e29c9df01 24 | golang.org/x/crypto v0.0.0-20200414173820-0848c9571904 // indirect 25 | golang.org/x/net v0.0.0-20191004110552-13f9640d40b9 // indirect 26 | golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7 // indirect 27 | golang.org/x/text v0.3.2 // indirect 28 | gopkg.in/yaml.v2 v2.2.8 // indirect 29 | gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 30 | ) 31 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/job.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.cluster.bootstrapShellCommand }} 2 | apiVersion: batch/v1 3 | kind: Job 4 | metadata: 5 | name: {{ template "elasticsearch.fullname" . }}-bootstrap 6 | labels: 7 | app: {{ template "elasticsearch.name" . }} 8 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | annotations: 12 | "helm.sh/hook": post-install,post-upgrade 13 | "helm.sh/hook-weight": "10" 14 | "helm.sh/hook-delete-policy": hook-succeeded 15 | spec: 16 | template: 17 | metadata: 18 | name: {{ template "elasticsearch.fullname" . }}-bootstrap 19 | labels: 20 | app: {{ template "elasticsearch.name" . }} 21 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 22 | release: {{ .Release.Name }} 23 | heritage: {{ .Release.Service }} 24 | spec: 25 | containers: 26 | - name: bootstrap-elasticsearch 27 | image: byrnedo/alpine-curl 28 | command: 29 | - "sh" 30 | - "-c" 31 | - {{ .Values.cluster.bootstrapShellCommand | quote }} 32 | restartPolicy: Never 33 | backoffLimit: 20 34 | {{- end }} 35 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/hotrod-ing.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.hotrod.enabled -}} 2 | {{- if .Values.hotrod.ingress.enabled -}} 3 | {{- $serviceName := include "jaeger.fullname" . -}} 4 | {{- $servicePort := .Values.hotrod.service.port -}} 5 | apiVersion: extensions/v1beta1 6 | kind: Ingress 7 | metadata: 8 | name: {{ include "jaeger.fullname" . }}-hotrod 9 | labels: 10 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 11 | helm.sh/chart: {{ include "jaeger.chart" . }} 12 | app.kubernetes.io/component: hotrod 13 | app.kubernetes.io/instance: {{ .Release.Name }} 14 | app.kubernetes.io/managed-by: {{ .Release.Service }} 15 | {{- if .Values.hotrod.ingress.annotations }} 16 | annotations: 17 | {{ toYaml .Values.hotrod.ingress.annotations | indent 4 }} 18 | {{- end }} 19 | spec: 20 | rules: 21 | {{- range $host := .Values.hotrod.ingress.hosts }} 22 | - host: {{ $host }} 23 | http: 24 | paths: 25 | - path: / 26 | backend: 27 | serviceName: {{ $serviceName }}-hotrod 28 | servicePort: {{ $servicePort }} 29 | {{- end -}} 30 | {{- if .Values.hotrod.ingress.tls }} 31 | tls: 32 | {{ toYaml .Values.hotrod.ingress.tls | indent 4 }} 33 | {{- end -}} 34 | {{- end -}} 35 | {{- end -}} 36 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/.github/ISSUE_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | **Is this a request for help?**: 4 | 5 | --- 6 | 7 | **Is this a BUG REPORT or FEATURE REQUEST?** (choose one): 8 | 9 | 22 | 23 | **Version of Helm and Kubernetes**: 24 | 25 | 26 | **Which chart**: 27 | 28 | 29 | **What happened**: 30 | 31 | 32 | **What you expected to happen**: 33 | 34 | 35 | **How to reproduce it** (as minimally and precisely as possible): 36 | 37 | 38 | **Anything else we need to know**: 39 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/.github/ISSUE_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | **Is this a request for help?**: 4 | 5 | --- 6 | 7 | **Is this a BUG REPORT or FEATURE REQUEST?** (choose one): 8 | 9 | 22 | 23 | **Version of Helm and Kubernetes**: 24 | 25 | 26 | **Which chart**: 27 | 28 | 29 | **What happened**: 30 | 31 | 32 | **What you expected to happen**: 33 | 34 | 35 | **How to reproduce it** (as minimally and precisely as possible): 36 | 37 | 38 | **Anything else we need to know**: 39 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/collector-hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.collector.autoscaling.enabled }} 2 | apiVersion: autoscaling/v2beta1 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ template "jaeger.collector.name" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/component: collector 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/instance: {{ .Release.Name }} 12 | spec: 13 | scaleTargetRef: 14 | apiVersion: apps/v1 15 | kind: Deployment 16 | name: {{ template "jaeger.collector.name" . }} 17 | minReplicas: {{ .Values.collector.autoscaling.minReplicas }} 18 | maxReplicas: {{ .Values.collector.autoscaling.maxReplicas }} 19 | metrics: 20 | - type: Resource 21 | resource: 22 | name: cpu 23 | targetAverageUtilization: {{ .Values.collector.autoscaling.targetCPUUtilizationPercentage | default 80 }} 24 | {{- if .Values.collector.autoscaling.targetMemoryUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: memory 28 | targetAverageUtilization: {{ .Values.collector.autoscaling.targetMemoryUtilizationPercentage }} 29 | {{- end }} 30 | {{- end }} 31 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/.circleci/config.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | jobs: 3 | lint-scripts: 4 | docker: 5 | - image: koalaman/shellcheck-alpine 6 | steps: 7 | - checkout 8 | - run: 9 | name: lint 10 | command: | 11 | shellcheck -x test/build.sh 12 | shellcheck -x test/e2e.sh 13 | shellcheck -x test/helm-test-e2e.sh 14 | shellcheck -x test/repo-sync.sh 15 | lint-charts: 16 | docker: 17 | - image: gcr.io/kubernetes-charts-ci/test-image:v3.1.0 18 | steps: 19 | - checkout 20 | - run: 21 | name: lint 22 | command: | 23 | git remote add k8s https://github.com/helm/charts 24 | git fetch k8s master 25 | ct lint --config test/ct.yaml 26 | sync: 27 | docker: 28 | - image: google/cloud-sdk 29 | steps: 30 | - checkout 31 | - run: 32 | name: sync 33 | command: test/repo-sync.sh 34 | workflows: 35 | version: 2 36 | lint: 37 | jobs: 38 | - lint-scripts 39 | - lint-charts 40 | sync: 41 | triggers: 42 | - schedule: 43 | cron: "23,53 * * * *" 44 | filters: 45 | branches: 46 | only: 47 | - master 48 | jobs: 49 | - sync 50 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "grafana.fullname" . -}} 3 | {{- $servicePort := .Values.service.port -}} 4 | {{- $ingressPath := .Values.ingress.path -}} 5 | apiVersion: extensions/v1beta1 6 | kind: Ingress 7 | metadata: 8 | name: {{ $fullName }} 9 | labels: 10 | app: {{ template "grafana.name" . }} 11 | chart: {{ template "grafana.chart" . }} 12 | release: {{ .Release.Name }} 13 | heritage: {{ .Release.Service }} 14 | {{- if .Values.ingress.labels }} 15 | {{ toYaml .Values.ingress.labels | indent 4 }} 16 | {{- end }} 17 | {{- with .Values.ingress.annotations }} 18 | annotations: 19 | {{ toYaml . | indent 4 }} 20 | {{- end }} 21 | spec: 22 | {{- if .Values.ingress.tls }} 23 | tls: 24 | {{- range .Values.ingress.tls }} 25 | - hosts: 26 | {{- range .hosts }} 27 | - {{ . | quote }} 28 | {{- end }} 29 | secretName: {{ .secretName }} 30 | {{- end }} 31 | {{- end }} 32 | rules: 33 | {{- range .Values.ingress.hosts }} 34 | - host: {{ . }} 35 | http: 36 | paths: 37 | - path: {{ $ingressPath }} 38 | backend: 39 | serviceName: {{ $fullName }} 40 | servicePort: {{ $servicePort }} 41 | {{- end }} 42 | {{- end }} 43 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/.circleci/config.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | jobs: 3 | lint-scripts: 4 | docker: 5 | - image: koalaman/shellcheck-alpine 6 | steps: 7 | - checkout 8 | - run: 9 | name: lint 10 | command: | 11 | shellcheck -x test/build.sh 12 | shellcheck -x test/e2e.sh 13 | shellcheck -x test/helm-test-e2e.sh 14 | shellcheck -x test/repo-sync.sh 15 | lint-charts: 16 | docker: 17 | - image: gcr.io/kubernetes-charts-ci/test-image:v3.1.0 18 | steps: 19 | - checkout 20 | - run: 21 | name: lint 22 | command: | 23 | git remote add k8s https://github.com/helm/charts 24 | git fetch k8s master 25 | ct lint --config test/ct.yaml 26 | sync: 27 | docker: 28 | - image: google/cloud-sdk 29 | steps: 30 | - checkout 31 | - run: 32 | name: sync 33 | command: test/repo-sync.sh 34 | workflows: 35 | version: 2 36 | lint: 37 | jobs: 38 | - lint-scripts 39 | - lint-charts 40 | sync: 41 | triggers: 42 | - schedule: 43 | cron: "23,53 * * * *" 44 | filters: 45 | branches: 46 | only: 47 | - master 48 | jobs: 49 | - sync 50 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/pushgateway/pvc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.pushgateway.persistentVolume.enabled -}} 2 | {{- if not .Values.pushgateway.persistentVolume.existingClaim -}} 3 | apiVersion: v1 4 | kind: PersistentVolumeClaim 5 | metadata: 6 | {{- if .Values.pushgateway.persistentVolume.annotations }} 7 | annotations: 8 | {{ toYaml .Values.pushgateway.persistentVolume.annotations | indent 4 }} 9 | {{- end }} 10 | labels: 11 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 12 | name: {{ template "prometheus.pushgateway.fullname" . }} 13 | {{ include "prometheus.namespace" . | indent 2 }} 14 | spec: 15 | accessModes: 16 | {{ toYaml .Values.pushgateway.persistentVolume.accessModes | indent 4 }} 17 | {{- if .Values.pushgateway.persistentVolume.storageClass }} 18 | {{- if (eq "-" .Values.pushgateway.persistentVolume.storageClass) }} 19 | storageClassName: "" 20 | {{- else }} 21 | storageClassName: "{{ .Values.pushgateway.persistentVolume.storageClass }}" 22 | {{- end }} 23 | {{- end }} 24 | {{- if .Values.pushgateway.persistentVolume.volumeBindingMode }} 25 | volumeBindingModeName: "{{ .Values.pushgateway.persistentVolume.volumeBindingMode }}" 26 | {{- end }} 27 | resources: 28 | requests: 29 | storage: "{{ .Values.pushgateway.persistentVolume.size }}" 30 | {{- end -}} 31 | {{- end -}} 32 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/pushgateway/psp.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.pushgateway.enabled .Values.rbac.create .Values.podSecurityPolicy.enabled }} 2 | apiVersion: {{ template "prometheus.podSecurityPolicy.apiVersion" . }} 3 | kind: PodSecurityPolicy 4 | metadata: 5 | name: {{ template "prometheus.pushgateway.fullname" . }} 6 | labels: 7 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 8 | annotations: 9 | {{- if .Values.pushgateway.podSecurityPolicy.annotations }} 10 | {{ toYaml .Values.pushgateway.podSecurityPolicy.annotations | indent 4 }} 11 | {{- end }} 12 | spec: 13 | privileged: false 14 | allowPrivilegeEscalation: false 15 | requiredDropCapabilities: 16 | - ALL 17 | volumes: 18 | - 'persistentVolumeClaim' 19 | - 'secret' 20 | allowedHostPaths: 21 | - pathPrefix: {{ .Values.pushgateway.persistentVolume.mountPath }} 22 | hostNetwork: false 23 | hostPID: false 24 | hostIPC: false 25 | runAsUser: 26 | rule: 'RunAsAny' 27 | seLinux: 28 | rule: 'RunAsAny' 29 | supplementalGroups: 30 | rule: 'MustRunAs' 31 | ranges: 32 | # Forbid adding the root group. 33 | - min: 1 34 | max: 65535 35 | fsGroup: 36 | rule: 'MustRunAs' 37 | ranges: 38 | # Forbid adding the root group. 39 | - min: 1 40 | max: 65535 41 | readOnlyRootFilesystem: true 42 | {{- end }} 43 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/alertmanager-ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.alertmanager.ingress.enabled -}} 2 | {{- $releaseName := .Release.Name -}} 3 | {{- $serviceName := include "prometheus.alertmanager.fullname" . }} 4 | {{- $servicePort := .Values.alertmanager.service.servicePort -}} 5 | apiVersion: extensions/v1beta1 6 | kind: Ingress 7 | metadata: 8 | {{- if .Values.alertmanager.ingress.annotations }} 9 | annotations: 10 | {{ toYaml .Values.alertmanager.ingress.annotations | indent 4 }} 11 | {{- end }} 12 | labels: 13 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 14 | {{- range $key, $value := .Values.alertmanager.ingress.extraLabels }} 15 | {{ $key }}: {{ $value }} 16 | {{- end }} 17 | name: {{ template "prometheus.alertmanager.fullname" . }} 18 | spec: 19 | rules: 20 | {{- range .Values.alertmanager.ingress.hosts }} 21 | {{- $url := splitList "/" . }} 22 | - host: {{ first $url }} 23 | http: 24 | paths: 25 | - path: /{{ rest $url | join "/" }} 26 | backend: 27 | serviceName: {{ $serviceName }} 28 | servicePort: {{ $servicePort }} 29 | {{- end -}} 30 | {{- if .Values.alertmanager.ingress.tls }} 31 | tls: 32 | {{ toYaml .Values.alertmanager.ingress.tls | indent 4 }} 33 | {{- end -}} 34 | {{- end -}} 35 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/server/pvc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | {{- if not .Values.server.statefulSet.enabled -}} 3 | {{- if .Values.server.persistentVolume.enabled -}} 4 | {{- if not .Values.server.persistentVolume.existingClaim -}} 5 | apiVersion: v1 6 | kind: PersistentVolumeClaim 7 | metadata: 8 | {{- if .Values.server.persistentVolume.annotations }} 9 | annotations: 10 | {{ toYaml .Values.server.persistentVolume.annotations | indent 4 }} 11 | {{- end }} 12 | labels: 13 | {{- include "prometheus.server.labels" . | nindent 4 }} 14 | name: {{ template "prometheus.server.fullname" . }} 15 | {{ include "prometheus.namespace" . | indent 2 }} 16 | spec: 17 | accessModes: 18 | {{ toYaml .Values.server.persistentVolume.accessModes | indent 4 }} 19 | {{- if .Values.server.persistentVolume.storageClass }} 20 | {{- if (eq "-" .Values.server.persistentVolume.storageClass) }} 21 | storageClassName: "" 22 | {{- else }} 23 | storageClassName: "{{ .Values.server.persistentVolume.storageClass }}" 24 | {{- end }} 25 | {{- end }} 26 | {{- if .Values.server.persistentVolume.volumeBindingMode }} 27 | volumeBindingModeName: "{{ .Values.server.persistentVolume.volumeBindingMode }}" 28 | {{- end }} 29 | resources: 30 | requests: 31 | storage: "{{ .Values.server.persistentVolume.size }}" 32 | {{- end -}} 33 | {{- end -}} 34 | {{- end -}} 35 | {{- end -}} 36 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/templates/podsecuritypolicy.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.podSecurityPolicy.enabled }} 2 | apiVersion: policy/v1beta1 3 | kind: PodSecurityPolicy 4 | metadata: 5 | name: {{ template "kube-state-metrics.fullname" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 8 | helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | app.kubernetes.io/instance: {{ .Release.Name }} 11 | {{- if .Values.podSecurityPolicy.annotations }} 12 | annotations: 13 | {{ toYaml .Values.podSecurityPolicy.annotations | indent 4 }} 14 | {{- end }} 15 | spec: 16 | privileged: false 17 | volumes: 18 | - 'secret' 19 | {{- if .Values.podSecurityPolicy.additionalVolumes }} 20 | {{ toYaml .Values.podSecurityPolicy.additionalVolumes | indent 4 }} 21 | {{- end }} 22 | hostNetwork: false 23 | hostIPC: false 24 | hostPID: false 25 | runAsUser: 26 | rule: 'MustRunAsNonRoot' 27 | seLinux: 28 | rule: 'RunAsAny' 29 | supplementalGroups: 30 | rule: 'MustRunAs' 31 | ranges: 32 | # Forbid adding the root group. 33 | - min: 1 34 | max: 65535 35 | fsGroup: 36 | rule: 'MustRunAs' 37 | ranges: 38 | # Forbid adding the root group. 39 | - min: 1 40 | max: 65535 41 | readOnlyRootFilesystem: false 42 | {{- end }} 43 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | You can log into the Jaeger Query UI here: 2 | 3 | {{- if contains "NodePort" .Values.query.service.type }} 4 | 5 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "jaeger.fullname" . }}-query) 6 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 7 | echo http://$NODE_IP:$NODE_PORT/ 8 | 9 | {{- else if contains "LoadBalancer" .Values.query.service.type }} 10 | 11 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 12 | Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "jaeger.fullname" . }}-query' 13 | 14 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "jaeger.fullname" . }}-query -o jsonpath='{.status.loadBalancer.ingress[0].ip}') 15 | echo http://$SERVICE_IP/ 16 | {{- else if contains "ClusterIP" .Values.query.service.type }} 17 | 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=query" -o jsonpath="{.items[0].metadata.name}") 19 | echo http://127.0.0.1:8080/ 20 | kubectl port-forward --namespace {{ .Release.Namespace }} $POD_NAME 8080:16686 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/server/headless-svc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | {{- if .Values.server.statefulSet.enabled -}} 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | {{- if .Values.server.statefulSet.headless.annotations }} 7 | annotations: 8 | {{ toYaml .Values.server.statefulSet.headless.annotations | indent 4 }} 9 | {{- end }} 10 | labels: 11 | {{- include "prometheus.server.labels" . | nindent 4 }} 12 | {{- if .Values.server.statefulSet.headless.labels }} 13 | {{ toYaml .Values.server.statefulSet.headless.labels | indent 4 }} 14 | {{- end }} 15 | name: {{ template "prometheus.server.fullname" . }}-headless 16 | {{ include "prometheus.namespace" . | indent 2 }} 17 | spec: 18 | clusterIP: None 19 | ports: 20 | - name: http 21 | port: {{ .Values.server.statefulSet.headless.servicePort }} 22 | protocol: TCP 23 | targetPort: 9090 24 | {{- if .Values.server.statefulSet.headless.gRPC.enabled }} 25 | - name: grpc 26 | port: {{ .Values.server.statefulSet.headless.gRPC.servicePort }} 27 | protocol: TCP 28 | targetPort: 10901 29 | {{- if .Values.server.statefulSet.headless.gRPC.nodePort }} 30 | nodePort: {{ .Values.server.statefulSet.headless.gRPC.nodePort }} 31 | {{- end }} 32 | {{- end }} 33 | 34 | selector: 35 | {{- include "prometheus.server.matchLabels" . | nindent 4 }} 36 | {{- end -}} 37 | {{- end -}} 38 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/charts/kube-state-metrics/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "kube-state-metrics.fullname" . }} 5 | namespace: {{ template "kube-state-metrics.namespace" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 8 | helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 9 | app.kubernetes.io/instance: "{{ .Release.Name }}" 10 | app.kubernetes.io/managed-by: "{{ .Release.Service }}" 11 | {{- if .Values.customLabels }} 12 | {{ toYaml .Values.customLabels | indent 4 }} 13 | {{- end }} 14 | annotations: 15 | {{- if .Values.prometheusScrape }} 16 | prometheus.io/scrape: '{{ .Values.prometheusScrape }}' 17 | {{- end }} 18 | {{- if .Values.service.annotations }} 19 | {{- toYaml .Values.service.annotations | nindent 4 }} 20 | {{- end }} 21 | spec: 22 | type: "{{ .Values.service.type }}" 23 | ports: 24 | - name: "http" 25 | protocol: TCP 26 | port: {{ .Values.service.port }} 27 | {{- if .Values.service.nodePort }} 28 | nodePort: {{ .Values.service.nodePort }} 29 | {{- end }} 30 | targetPort: 8080 31 | {{- if .Values.service.loadBalancerIP }} 32 | loadBalancerIP: "{{ .Values.service.loadBalancerIP }}" 33 | {{- end }} 34 | selector: 35 | app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} 36 | app.kubernetes.io/instance: {{ .Release.Name }} 37 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/alertmanager/pvc.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.alertmanager.statefulSet.enabled -}} 2 | {{- if and .Values.alertmanager.enabled .Values.alertmanager.persistentVolume.enabled -}} 3 | {{- if not .Values.alertmanager.persistentVolume.existingClaim -}} 4 | apiVersion: v1 5 | kind: PersistentVolumeClaim 6 | metadata: 7 | {{- if .Values.alertmanager.persistentVolume.annotations }} 8 | annotations: 9 | {{ toYaml .Values.alertmanager.persistentVolume.annotations | indent 4 }} 10 | {{- end }} 11 | labels: 12 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 13 | name: {{ template "prometheus.alertmanager.fullname" . }} 14 | {{ include "prometheus.namespace" . | indent 2 }} 15 | spec: 16 | accessModes: 17 | {{ toYaml .Values.alertmanager.persistentVolume.accessModes | indent 4 }} 18 | {{- if .Values.alertmanager.persistentVolume.storageClass }} 19 | {{- if (eq "-" .Values.alertmanager.persistentVolume.storageClass) }} 20 | storageClassName: "" 21 | {{- else }} 22 | storageClassName: "{{ .Values.alertmanager.persistentVolume.storageClass }}" 23 | {{- end }} 24 | {{- end }} 25 | {{- if .Values.alertmanager.persistentVolume.volumeBindingMode }} 26 | volumeBindingModeName: "{{ .Values.alertmanager.persistentVolume.volumeBindingMode }}" 27 | {{- end }} 28 | resources: 29 | requests: 30 | storage: "{{ .Values.alertmanager.persistentVolume.size }}" 31 | {{- end -}} 32 | {{- end -}} 33 | {{- end -}} 34 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/alertmanager/psp.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.rbac.create .Values.podSecurityPolicy.enabled }} 2 | apiVersion: {{ template "prometheus.podSecurityPolicy.apiVersion" . }} 3 | kind: PodSecurityPolicy 4 | metadata: 5 | name: {{ template "prometheus.alertmanager.fullname" . }} 6 | labels: 7 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 8 | annotations: 9 | {{- if .Values.alertmanager.podSecurityPolicy.annotations }} 10 | {{ toYaml .Values.alertmanager.podSecurityPolicy.annotations | indent 4 }} 11 | {{- end }} 12 | spec: 13 | privileged: false 14 | allowPrivilegeEscalation: false 15 | requiredDropCapabilities: 16 | - ALL 17 | volumes: 18 | - 'configMap' 19 | - 'persistentVolumeClaim' 20 | - 'emptyDir' 21 | - 'secret' 22 | allowedHostPaths: 23 | - pathPrefix: /etc 24 | readOnly: true 25 | - pathPrefix: {{ .Values.alertmanager.persistentVolume.mountPath }} 26 | hostNetwork: false 27 | hostPID: false 28 | hostIPC: false 29 | runAsUser: 30 | rule: 'RunAsAny' 31 | seLinux: 32 | rule: 'RunAsAny' 33 | supplementalGroups: 34 | rule: 'MustRunAs' 35 | ranges: 36 | # Forbid adding the root group. 37 | - min: 1 38 | max: 65535 39 | fsGroup: 40 | rule: 'MustRunAs' 41 | ranges: 42 | # Forbid adding the root group. 43 | - min: 1 44 | max: 65535 45 | readOnlyRootFilesystem: true 46 | {{- end }} 47 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/cassandra/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "cassandra.fullname" . }} 5 | labels: 6 | app: {{ template "cassandra.name" . }} 7 | chart: {{ template "cassandra.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | {{- with .Values.service.annotations }} 11 | annotations: 12 | {{- toYaml . | nindent 4 }} 13 | {{- end }} 14 | spec: 15 | clusterIP: None 16 | type: {{ .Values.service.type }} 17 | ports: 18 | {{- if .Values.exporter.enabled }} 19 | - name: metrics 20 | port: 5556 21 | targetPort: {{ .Values.exporter.port }} 22 | {{- end }} 23 | - name: intra 24 | port: 7000 25 | targetPort: 7000 26 | - name: tls 27 | port: 7001 28 | targetPort: 7001 29 | - name: jmx 30 | port: 7199 31 | targetPort: 7199 32 | - name: cql 33 | port: {{ default 9042 .Values.config.ports.cql }} 34 | targetPort: {{ default 9042 .Values.config.ports.cql }} 35 | - name: thrift 36 | port: {{ default 9160 .Values.config.ports.thrift }} 37 | targetPort: {{ default 9160 .Values.config.ports.thrift }} 38 | {{- if .Values.config.ports.agent }} 39 | - name: agent 40 | port: {{ .Values.config.ports.agent }} 41 | targetPort: {{ .Values.config.ports.agent }} 42 | {{- end }} 43 | selector: 44 | app: {{ template "cassandra.name" . }} 45 | release: {{ .Release.Name }} 46 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/collector-svc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.collector.enabled -}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ template "jaeger.collector.name" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/component: collector 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/instance: {{ .Release.Name }} 12 | {{- if .Values.collector.service.annotations }} 13 | annotations: 14 | {{ toYaml .Values.collector.service.annotations | indent 4 }} 15 | {{- end }} 16 | spec: 17 | ports: 18 | - name: grpc 19 | port: {{ .Values.collector.service.grpcPort }} 20 | protocol: TCP 21 | targetPort: grpc 22 | - name: tchannel 23 | port: {{ .Values.collector.service.tchannelPort }} 24 | protocol: TCP 25 | targetPort: tchannel 26 | - name: http 27 | port: {{ .Values.collector.service.httpPort }} 28 | protocol: TCP 29 | targetPort: http 30 | - name: zipkin 31 | port: {{ .Values.collector.service.zipkinPort }} 32 | protocol: TCP 33 | targetPort: zipkin 34 | selector: 35 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 36 | app.kubernetes.io/component: collector 37 | app.kubernetes.io/instance: {{ .Release.Name }} 38 | type: {{ .Values.collector.service.type }} 39 | {{- template "loadBalancerSourceRanges" .Values.collector }} 40 | {{- end -}} 41 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/templates/agent-svc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.agent.enabled -}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ template "jaeger.agent.name" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 8 | helm.sh/chart: {{ include "jaeger.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | app.kubernetes.io/component: agent 12 | {{- if .Values.agent.service.annotations }} 13 | annotations: 14 | {{ toYaml .Values.agent.service.annotations | indent 4 }} 15 | {{- end }} 16 | spec: 17 | ports: 18 | - name: zipkin-compact 19 | port: {{ .Values.agent.service.zipkinThriftPort }} 20 | protocol: UDP 21 | targetPort: zipkin-compact 22 | - name: jaeger-compact 23 | port: {{ .Values.agent.service.compactPort }} 24 | protocol: UDP 25 | targetPort: jaeger-compact 26 | - name: jaeger-binary 27 | port: {{ .Values.agent.service.binaryPort }} 28 | protocol: UDP 29 | targetPort: jaeger-binary 30 | - name: http 31 | port: {{ .Values.agent.service.samplingPort }} 32 | protocol: TCP 33 | targetPort: http 34 | type: {{ .Values.agent.service.type }} 35 | selector: 36 | app.kubernetes.io/name: {{ include "jaeger.name" . }} 37 | app.kubernetes.io/component: agent 38 | app.kubernetes.io/instance: {{ .Release.Name }} 39 | {{- template "loadBalancerSourceRanges" .Values.agent }} 40 | {{- end -}} 41 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/client-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: {{ template "elasticsearch.name" . }} 6 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 7 | component: "{{ .Values.client.name }}" 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "elasticsearch.client.fullname" . }} 11 | {{- if .Values.client.serviceAnnotations }} 12 | annotations: 13 | {{ toYaml .Values.client.serviceAnnotations | indent 4 }} 14 | {{- end }} 15 | 16 | spec: 17 | ports: 18 | - name: http 19 | port: 9200 20 | {{- if and .Values.client.httpNodePort (eq .Values.client.serviceType "NodePort") }} 21 | nodePort: {{ .Values.client.httpNodePort }} 22 | {{- end }} 23 | targetPort: http 24 | {{- if .Values.client.exposeTransportPort }} 25 | - name: transport 26 | port: 9300 27 | targetPort: transport 28 | {{- end }} 29 | selector: 30 | app: {{ template "elasticsearch.name" . }} 31 | component: "{{ .Values.client.name }}" 32 | release: {{ .Release.Name }} 33 | type: {{ .Values.client.serviceType }} 34 | {{- if .Values.client.loadBalancerIP }} 35 | loadBalancerIP: "{{ .Values.client.loadBalancerIP }}" 36 | {{- end }} 37 | {{if .Values.client.loadBalancerSourceRanges}} 38 | loadBalancerSourceRanges: 39 | {{range $rangeList := .Values.client.loadBalancerSourceRanges}} 40 | - {{ $rangeList }} 41 | {{end}} 42 | {{end}} -------------------------------------------------------------------------------- /.devcontainer/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:bionic 2 | 3 | SHELL ["/bin/bash", "-o", "pipefail", "-c"] 4 | 5 | ARG GO_VERSION=1.14.2 6 | ARG GOLANGCI_LINT_VERSION=1.25.0 7 | ARG HELM_VERSION=3.1.2 8 | ARG DOCKER_VERSION=19.03.8 9 | ARG DOCKER_LOCK_VERSION=0.2.0 10 | 11 | RUN apt-get update && \ 12 | apt-get -y install vim curl wget gcc software-properties-common && \ 13 | add-apt-repository ppa:git-core/ppa -y && \ 14 | apt-get update && \ 15 | apt-get install git -y && \ 16 | curl -fsSL "https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz" | tar -xz && \ 17 | mv linux-amd64/helm /usr/local/bin && \ 18 | rm -rf linux-amd64 && \ 19 | curl -fsSL "https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VERSION}.tgz" | tar -xz -C /usr/local docker/docker && \ 20 | mkdir -p "${HOME}/.docker/cli-plugins" && \ 21 | curl -fsSL "https://github.com/michaelperel/docker-lock/releases/download/v${DOCKER_LOCK_VERSION}/docker-lock-linux" -o "${HOME}/.docker/cli-plugins/docker-lock" && \ 22 | chmod +x "${HOME}/.docker/cli-plugins/docker-lock" && \ 23 | curl -fsSL "https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz" | tar -xz -C /usr/local && \ 24 | curl -fsSL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | bash -s -- -b "${HOME}/go/bin" "v${GOLANGCI_LINT_VERSION}" && \ 25 | echo "export PATH=/usr/local/go/bin:${HOME}/go/bin:/usr/local/docker:${PATH}" >> "${HOME}/.bashrc" && \ 26 | apt-get clean && \ 27 | rm -rf /var/lib/apt/lists/* 28 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/pushgateway/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.pushgateway.enabled .Values.pushgateway.ingress.enabled -}} 2 | {{- $releaseName := .Release.Name -}} 3 | {{- $serviceName := include "prometheus.pushgateway.fullname" . }} 4 | {{- $servicePort := .Values.pushgateway.service.servicePort -}} 5 | {{- $extraPaths := .Values.pushgateway.ingress.extraPaths -}} 6 | {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} 7 | apiVersion: networking.k8s.io/v1beta1 8 | {{ else }} 9 | apiVersion: extensions/v1beta1 10 | {{ end -}} 11 | kind: Ingress 12 | metadata: 13 | {{- if .Values.pushgateway.ingress.annotations }} 14 | annotations: 15 | {{ toYaml .Values.pushgateway.ingress.annotations | indent 4}} 16 | {{- end }} 17 | labels: 18 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 19 | name: {{ template "prometheus.pushgateway.fullname" . }} 20 | {{ include "prometheus.namespace" . | indent 2 }} 21 | spec: 22 | rules: 23 | {{- range .Values.pushgateway.ingress.hosts }} 24 | {{- $url := splitList "/" . }} 25 | - host: {{ first $url }} 26 | http: 27 | paths: 28 | {{ if $extraPaths }} 29 | {{ toYaml $extraPaths | indent 10 }} 30 | {{- end }} 31 | - path: /{{ rest $url | join "/" }} 32 | backend: 33 | serviceName: {{ $serviceName }} 34 | servicePort: {{ $servicePort }} 35 | {{- end -}} 36 | {{- if .Values.pushgateway.ingress.tls }} 37 | tls: 38 | {{ toYaml .Values.pushgateway.ingress.tls | indent 4 }} 39 | {{- end -}} 40 | {{- end -}} 41 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/server-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | {{- if .Values.server.service.annotations }} 5 | annotations: 6 | {{ toYaml .Values.server.service.annotations | indent 4 }} 7 | {{- end }} 8 | labels: 9 | {{- include "prometheus.server.labels" . | nindent 4 }} 10 | {{- if .Values.server.service.labels }} 11 | {{ toYaml .Values.server.service.labels | indent 4 }} 12 | {{- end }} 13 | name: {{ template "prometheus.server.fullname" . }} 14 | spec: 15 | {{- if .Values.server.service.clusterIP }} 16 | clusterIP: {{ .Values.server.service.clusterIP }} 17 | {{- end }} 18 | {{- if .Values.server.service.externalIPs }} 19 | externalIPs: 20 | {{ toYaml .Values.server.service.externalIPs | indent 4 }} 21 | {{- end }} 22 | {{- if .Values.server.service.loadBalancerIP }} 23 | loadBalancerIP: {{ .Values.server.service.loadBalancerIP }} 24 | {{- end }} 25 | {{- if .Values.server.service.loadBalancerSourceRanges }} 26 | loadBalancerSourceRanges: 27 | {{- range $cidr := .Values.server.service.loadBalancerSourceRanges }} 28 | - {{ $cidr }} 29 | {{- end }} 30 | {{- end }} 31 | ports: 32 | - name: http 33 | port: {{ .Values.server.service.servicePort }} 34 | protocol: TCP 35 | targetPort: 9090 36 | {{- if .Values.server.service.nodePort }} 37 | nodePort: {{ .Values.server.service.nodePort }} 38 | {{- end }} 39 | selector: 40 | {{- include "prometheus.server.matchLabels" . | nindent 4 }} 41 | type: "{{ .Values.server.service.type }}" 42 | -------------------------------------------------------------------------------- /testdata/install-yaml/config/common.yaml: -------------------------------------------------------------------------------- 1 | config: 2 | subcomponents: 3 | prometheus: 4 | config: 5 | namespace: "prometheus" 6 | adminUser: "ops" 7 | alertmanager: 8 | persistentVolume: 9 | storageClass: "default" 10 | server: 11 | persistentVolume: 12 | storageClass": "default" 13 | grafana: 14 | config: 15 | namespace: "grafana" 16 | datasources: 17 | datasources.yaml: 18 | apiVersion: 1 19 | datasources: 20 | - name: Prometheus 21 | type: prometheus 22 | url: http://prometheus-server.prometheus.svc.cluster.local 23 | access: proxy 24 | isDefault: true 25 | dashboardProviders: 26 | dashboardproviders.yaml: 27 | apiVersion: 1 28 | providers: 29 | - name: default 30 | orgId: 1 31 | folder: 32 | type: file 33 | disableDeletion: false 34 | editable: true 35 | options: 36 | path: /var/lib/grafana/dashboards/default 37 | dashboards: 38 | default: 39 | cluster-metrics: 40 | gnetId: 6417 41 | revision: 1 42 | datasource: Prometheus 43 | persistent-volumes: 44 | gnetId: 6739 45 | revision: 1 46 | datasource: Prometheus 47 | persistence: 48 | enabled: true 49 | storageClassName: default 50 | accessModes: 51 | - ReadWriteOnce 52 | size: 4Gi 53 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/pushgateway-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.pushgateway.enabled -}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | {{- if .Values.pushgateway.service.annotations }} 6 | annotations: 7 | {{ toYaml .Values.pushgateway.service.annotations | indent 4}} 8 | {{- end }} 9 | labels: 10 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 11 | {{- if .Values.pushgateway.service.labels }} 12 | {{ toYaml .Values.pushgateway.service.labels | indent 4}} 13 | {{- end }} 14 | name: {{ template "prometheus.pushgateway.fullname" . }} 15 | spec: 16 | {{- if .Values.pushgateway.service.clusterIP }} 17 | clusterIP: {{ .Values.pushgateway.service.clusterIP }} 18 | {{- end }} 19 | {{- if .Values.pushgateway.service.externalIPs }} 20 | externalIPs: 21 | {{ toYaml .Values.pushgateway.service.externalIPs | indent 4 }} 22 | {{- end }} 23 | {{- if .Values.pushgateway.service.loadBalancerIP }} 24 | loadBalancerIP: {{ .Values.pushgateway.service.loadBalancerIP }} 25 | {{- end }} 26 | {{- if .Values.pushgateway.service.loadBalancerSourceRanges }} 27 | loadBalancerSourceRanges: 28 | {{- range $cidr := .Values.pushgateway.service.loadBalancerSourceRanges }} 29 | - {{ $cidr }} 30 | {{- end }} 31 | {{- end }} 32 | ports: 33 | - name: http 34 | port: {{ .Values.pushgateway.service.servicePort }} 35 | protocol: TCP 36 | targetPort: 9091 37 | selector: 38 | {{- include "prometheus.pushgateway.matchLabels" . | nindent 4 }} 39 | type: "{{ .Values.pushgateway.service.type }}" 40 | {{- end }} 41 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "grafana.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "grafana.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "grafana.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Create the name of the service account 36 | */}} 37 | {{- define "grafana.serviceAccountName" -}} 38 | {{- if .Values.serviceAccount.create -}} 39 | {{ default (include "grafana.fullname" .) .Values.serviceAccount.name }} 40 | {{- else -}} 41 | {{ default "default" .Values.serviceAccount.name }} 42 | {{- end -}} 43 | {{- end -}} 44 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/server/psp.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.server.enabled .Values.rbac.create .Values.podSecurityPolicy.enabled }} 2 | apiVersion: {{ template "prometheus.podSecurityPolicy.apiVersion" . }} 3 | kind: PodSecurityPolicy 4 | metadata: 5 | name: {{ template "prometheus.server.fullname" . }} 6 | labels: 7 | {{- include "prometheus.server.labels" . | nindent 4 }} 8 | annotations: 9 | {{- if .Values.server.podSecurityPolicy.annotations }} 10 | {{ toYaml .Values.server.podSecurityPolicy.annotations | indent 4 }} 11 | {{- end }} 12 | spec: 13 | privileged: false 14 | allowPrivilegeEscalation: false 15 | allowedCapabilities: 16 | - 'CHOWN' 17 | volumes: 18 | - 'configMap' 19 | - 'persistentVolumeClaim' 20 | - 'emptyDir' 21 | - 'secret' 22 | - 'hostPath' 23 | allowedHostPaths: 24 | - pathPrefix: /etc 25 | readOnly: true 26 | - pathPrefix: {{ .Values.server.persistentVolume.mountPath }} 27 | {{- range .Values.server.extraHostPathMounts }} 28 | - pathPrefix: {{ .hostPath }} 29 | readOnly: {{ .readOnly }} 30 | {{- end }} 31 | hostNetwork: false 32 | hostPID: false 33 | hostIPC: false 34 | runAsUser: 35 | rule: 'RunAsAny' 36 | seLinux: 37 | rule: 'RunAsAny' 38 | supplementalGroups: 39 | rule: 'MustRunAs' 40 | ranges: 41 | # Forbid adding the root group. 42 | - min: 1 43 | max: 65535 44 | fsGroup: 45 | rule: 'MustRunAs' 46 | ranges: 47 | # Forbid adding the root group. 48 | - min: 1 49 | max: 65535 50 | readOnlyRootFilesystem: false 51 | {{- end }} 52 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/node-exporter-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.nodeExporter.enabled -}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | {{- if .Values.nodeExporter.service.annotations }} 6 | annotations: 7 | {{ toYaml .Values.nodeExporter.service.annotations | indent 4 }} 8 | {{- end }} 9 | labels: 10 | {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} 11 | {{- if .Values.nodeExporter.service.labels }} 12 | {{ toYaml .Values.nodeExporter.service.labels | indent 4 }} 13 | {{- end }} 14 | name: {{ template "prometheus.nodeExporter.fullname" . }} 15 | spec: 16 | {{- if .Values.nodeExporter.service.clusterIP }} 17 | clusterIP: {{ .Values.nodeExporter.service.clusterIP }} 18 | {{- end }} 19 | {{- if .Values.nodeExporter.service.externalIPs }} 20 | externalIPs: 21 | {{ toYaml .Values.nodeExporter.service.externalIPs | indent 4 }} 22 | {{- end }} 23 | {{- if .Values.nodeExporter.service.loadBalancerIP }} 24 | loadBalancerIP: {{ .Values.nodeExporter.service.loadBalancerIP }} 25 | {{- end }} 26 | {{- if .Values.nodeExporter.service.loadBalancerSourceRanges }} 27 | loadBalancerSourceRanges: 28 | {{- range $cidr := .Values.nodeExporter.service.loadBalancerSourceRanges }} 29 | - {{ $cidr }} 30 | {{- end }} 31 | {{- end }} 32 | ports: 33 | - name: metrics 34 | port: {{ .Values.nodeExporter.service.servicePort }} 35 | protocol: TCP 36 | targetPort: 9100 37 | selector: 38 | {{- include "prometheus.nodeExporter.matchLabels" . | nindent 4 }} 39 | type: "{{ .Values.nodeExporter.service.type }}" 40 | {{- end -}} 41 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/pushgateway/service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.pushgateway.enabled -}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | {{- if .Values.pushgateway.service.annotations }} 6 | annotations: 7 | {{ toYaml .Values.pushgateway.service.annotations | indent 4}} 8 | {{- end }} 9 | labels: 10 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 11 | {{- if .Values.pushgateway.service.labels }} 12 | {{ toYaml .Values.pushgateway.service.labels | indent 4}} 13 | {{- end }} 14 | name: {{ template "prometheus.pushgateway.fullname" . }} 15 | {{ include "prometheus.namespace" . | indent 2 }} 16 | spec: 17 | {{- if .Values.pushgateway.service.clusterIP }} 18 | clusterIP: {{ .Values.pushgateway.service.clusterIP }} 19 | {{- end }} 20 | {{- if .Values.pushgateway.service.externalIPs }} 21 | externalIPs: 22 | {{ toYaml .Values.pushgateway.service.externalIPs | indent 4 }} 23 | {{- end }} 24 | {{- if .Values.pushgateway.service.loadBalancerIP }} 25 | loadBalancerIP: {{ .Values.pushgateway.service.loadBalancerIP }} 26 | {{- end }} 27 | {{- if .Values.pushgateway.service.loadBalancerSourceRanges }} 28 | loadBalancerSourceRanges: 29 | {{- range $cidr := .Values.pushgateway.service.loadBalancerSourceRanges }} 30 | - {{ $cidr }} 31 | {{- end }} 32 | {{- end }} 33 | ports: 34 | - name: http 35 | port: {{ .Values.pushgateway.service.servicePort }} 36 | protocol: TCP 37 | targetPort: 9091 38 | selector: 39 | {{- include "prometheus.pushgateway.matchLabels" . | nindent 4 }} 40 | type: "{{ .Values.pushgateway.service.type }}" 41 | {{- end }} 42 | -------------------------------------------------------------------------------- /.devcontainer/devcontainer.json: -------------------------------------------------------------------------------- 1 | // For format details, see https://aka.ms/vscode-remote/devcontainer.json or the definition README at 2 | // https://github.com/microsoft/vscode-dev-containers/tree/master/containers/docker-existing-dockerfile 3 | { 4 | "name": "Dev Dockerfile", 5 | "dockerFile": "Dockerfile", 6 | // The optional 'runArgs' property can be used to specify additional runtime arguments. 7 | "runArgs": [ 8 | // Enable go debugger 9 | "--cap-add=SYS_PTRACE", 10 | "--security-opt", 11 | "seccomp=unconfined", 12 | // map host docker daemon into container for sibling containers 13 | "-v", 14 | "/var/run/docker.sock:/var/run/docker.sock" 15 | ], 16 | "settings": { 17 | "files.eol": "\n", 18 | "terminal.integrated.shell.linux": "/bin/bash", 19 | // Go recommended settings with modules: https://github.com/golang/tools/blob/master/gopls/doc/vscode.md#vscode 20 | "go.useLanguageServer": true, 21 | "go.lintTool": "golangci-lint", 22 | "go.lintFlags": [ 23 | "--fast" 24 | ], 25 | "[go]": { 26 | "editor.formatOnSave": true, 27 | "editor.codeActionsOnSave": { 28 | "source.organizeImports": true 29 | }, 30 | // Optional: Disable snippets, as they conflict with completion ranking. 31 | "editor.snippetSuggestions": "none" 32 | }, 33 | "[go.mod]": { 34 | "editor.formatOnSave": true, 35 | "editor.codeActionsOnSave": { 36 | "source.organizeImports": true 37 | } 38 | }, 39 | "gopls": { 40 | // Add parameter placeholders when completing a function. 41 | "usePlaceholders": true 42 | } 43 | }, 44 | "extensions": [ 45 | "ms-vscode.go" 46 | ] 47 | } 48 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/tests/test.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: {{ template "elasticsearch.fullname" . }}-test 5 | labels: 6 | app: {{ template "elasticsearch.fullname" . }} 7 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 8 | heritage: "{{ .Release.Service }}" 9 | release: "{{ .Release.Name }}" 10 | annotations: 11 | "helm.sh/hook": test-success 12 | spec: 13 | {{- if .Values.image.pullSecrets }} 14 | imagePullSecrets: 15 | {{- range $pullSecret := .Values.image.pullSecrets }} 16 | - name: {{ $pullSecret }} 17 | {{- end }} 18 | {{- end }} 19 | initContainers: 20 | - name: test-framework 21 | image: "{{ .Values.testFramework.image}}:{{ .Values.testFramework.tag }}" 22 | command: 23 | - "bash" 24 | - "-c" 25 | - | 26 | set -ex 27 | # copy bats to tools dir 28 | cp -R /usr/local/libexec/ /tools/bats/ 29 | volumeMounts: 30 | - mountPath: /tools 31 | name: tools 32 | containers: 33 | - name: {{ .Release.Name }}-test 34 | image: "{{ .Values.testFramework.image}}:{{ .Values.testFramework.tag }}" 35 | command: ["/tools/bats/bats", "-t", "/tests/run.sh"] 36 | volumeMounts: 37 | - mountPath: /tests 38 | name: tests 39 | readOnly: true 40 | - mountPath: /tools 41 | name: tools 42 | volumes: 43 | - name: tests 44 | configMap: 45 | name: {{ template "elasticsearch.fullname" . }}-test 46 | - name: tools 47 | emptyDir: {} 48 | restartPolicy: Never 49 | -------------------------------------------------------------------------------- /testdata/generate-yaml/config/common.yaml: -------------------------------------------------------------------------------- 1 | config: 2 | subcomponents: 3 | prometheus: 4 | namespace: "prometheus" 5 | injectNamespace: true 6 | config: 7 | adminUser: "ops" 8 | alertmanager: 9 | persistentVolume: 10 | storageClass: "default" 11 | server: 12 | persistentVolume: 13 | storageClass": "default" 14 | grafana: 15 | namespace: "grafana" 16 | injectNamespace: true 17 | config: 18 | datasources: 19 | datasources.yaml: 20 | apiVersion: 1 21 | datasources: 22 | - name: Prometheus 23 | type: prometheus 24 | url: http://prometheus-server.prometheus.svc.cluster.local 25 | access: proxy 26 | isDefault: true 27 | dashboardProviders: 28 | dashboardproviders.yaml: 29 | apiVersion: 1 30 | providers: 31 | - name: default 32 | orgId: 1 33 | folder: 34 | type: file 35 | disableDeletion: false 36 | editable: true 37 | options: 38 | path: /var/lib/grafana/dashboards/default 39 | dashboards: 40 | default: 41 | cluster-metrics: 42 | gnetId: 6417 43 | revision: 1 44 | datasource: Prometheus 45 | persistent-volumes: 46 | gnetId: 6739 47 | revision: 1 48 | datasource: Prometheus 49 | persistence: 50 | enabled: true 51 | storageClassName: default 52 | accessModes: 53 | - ReadWriteOnce 54 | size: 4Gi 55 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/cassandra/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "cassandra.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "cassandra.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "cassandra.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Create the name of the service account to use 36 | */}} 37 | {{- define "cassandra.serviceAccountName" -}} 38 | {{- if .Values.serviceAccount.create -}} 39 | {{ default (include "cassandra.fullname" .) .Values.serviceAccount.name }} 40 | {{- else -}} 41 | {{ default "default" .Values.serviceAccount.name }} 42 | {{- end -}} 43 | {{- end -}} 44 | -------------------------------------------------------------------------------- /testdata/generate-remote-static/components/keyvault-sub/keyvault-sub.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: kv 5 | --- 6 | apiVersion: extensions/v1beta1 7 | kind: DaemonSet 8 | metadata: 9 | labels: 10 | app: keyvault-flexvolume 11 | name: keyvault-flexvolume 12 | namespace: kv 13 | spec: 14 | updateStrategy: 15 | type: RollingUpdate 16 | template: 17 | metadata: 18 | labels: 19 | app: keyvault-flexvolume 20 | spec: 21 | tolerations: 22 | containers: 23 | - name: flexvol-driver-installer 24 | image: "mcr.microsoft.com/k8s/flexvolume/keyvault-flexvolume:v0.0.13" 25 | imagePullPolicy: Always 26 | resources: 27 | requests: 28 | cpu: 50m 29 | memory: 100Mi 30 | limits: 31 | cpu: 50m 32 | memory: 100Mi 33 | env: 34 | # if you have used flex before on your cluster, use same directory 35 | # set TARGET_DIR env var and mount the same directory to to the container 36 | - name: TARGET_DIR 37 | value: "/etc/kubernetes/volumeplugins" 38 | volumeMounts: 39 | - mountPath: "/etc/kubernetes/volumeplugins" 40 | name: volplugins 41 | volumes: 42 | - hostPath: 43 | # Modify this directory if your nodes are using a different one 44 | # default is "/usr/libexec/kubernetes/kubelet-plugins/volume/exec" 45 | # below is Azure default 46 | path: "/etc/kubernetes/volumeplugins" 47 | name: volplugins 48 | nodeSelector: 49 | beta.kubernetes.io/os: linux 50 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/elasticsearch/templates/client-ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.client.ingress.enabled -}} 2 | {{- $fullName := include "elasticsearch.client.fullname" . -}} 3 | {{- $ingressPath := .Values.client.ingress.path -}} 4 | apiVersion: extensions/v1beta1 5 | kind: Ingress 6 | metadata: 7 | name: {{ $fullName }} 8 | labels: 9 | app: {{ template "elasticsearch.name" . }} 10 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 11 | component: "{{ .Values.client.name }}" 12 | heritage: {{ .Release.Service }} 13 | release: {{ .Release.Name }} 14 | annotations: 15 | {{- with .Values.client.ingress.annotations }} 16 | {{ toYaml . | indent 4 }} 17 | {{- end }} 18 | {{- if and ( .Values.client.ingress.user ) ( .Values.client.ingress.password ) }} 19 | nginx.ingress.kubernetes.io/auth-type: basic 20 | nginx.ingress.kubernetes.io/auth-secret: '{{ include "elasticsearch.client.fullname" . }}-auth' 21 | nginx.ingress.kubernetes.io/auth-realm: "Authentication-Required" 22 | {{- end }} 23 | spec: 24 | {{- if .Values.client.ingress.tls }} 25 | tls: 26 | {{- range .Values.client.ingress.tls }} 27 | - hosts: 28 | {{- range .hosts }} 29 | - {{ . | quote }} 30 | {{- end }} 31 | secretName: {{ .secretName }} 32 | {{- end }} 33 | {{- end }} 34 | rules: 35 | {{- range .Values.client.ingress.hosts }} 36 | - host: {{ . | quote }} 37 | http: 38 | paths: 39 | - path: {{ $ingressPath }} 40 | backend: 41 | serviceName: {{ $fullName }} 42 | servicePort: http 43 | {{- end }} 44 | {{- end }} 45 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/server/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | {{- if .Values.server.ingress.enabled -}} 3 | {{- $releaseName := .Release.Name -}} 4 | {{- $serviceName := include "prometheus.server.fullname" . }} 5 | {{- $servicePort := .Values.server.service.servicePort -}} 6 | {{- $extraPaths := .Values.server.ingress.extraPaths -}} 7 | {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} 8 | apiVersion: networking.k8s.io/v1beta1 9 | {{ else }} 10 | apiVersion: extensions/v1beta1 11 | {{ end -}} 12 | kind: Ingress 13 | metadata: 14 | {{- if .Values.server.ingress.annotations }} 15 | annotations: 16 | {{ toYaml .Values.server.ingress.annotations | indent 4 }} 17 | {{- end }} 18 | labels: 19 | {{- include "prometheus.server.labels" . | nindent 4 }} 20 | {{- range $key, $value := .Values.server.ingress.extraLabels }} 21 | {{ $key }}: {{ $value }} 22 | {{- end }} 23 | name: {{ template "prometheus.server.fullname" . }} 24 | {{ include "prometheus.namespace" . | indent 2 }} 25 | spec: 26 | rules: 27 | {{- range .Values.server.ingress.hosts }} 28 | {{- $url := splitList "/" . }} 29 | - host: {{ first $url }} 30 | http: 31 | paths: 32 | {{ if $extraPaths }} 33 | {{ toYaml $extraPaths | indent 10 }} 34 | {{- end }} 35 | - path: /{{ rest $url | join "/" }} 36 | backend: 37 | serviceName: {{ $serviceName }} 38 | servicePort: {{ $servicePort }} 39 | {{- end -}} 40 | {{- if .Values.server.ingress.tls }} 41 | tls: 42 | {{ toYaml .Values.server.ingress.tls | indent 4 }} 43 | {{- end -}} 44 | {{- end -}} 45 | {{- end -}} 46 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/kube-state-metrics-clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.kubeStateMetrics.enabled .Values.rbac.create -}} 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | kind: ClusterRole 4 | metadata: 5 | labels: 6 | {{- include "prometheus.kubeStateMetrics.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.kubeStateMetrics.fullname" . }} 8 | rules: 9 | - apiGroups: 10 | - "" 11 | resources: 12 | - namespaces 13 | - nodes 14 | - persistentvolumeclaims 15 | - pods 16 | - services 17 | - resourcequotas 18 | - replicationcontrollers 19 | - limitranges 20 | - persistentvolumeclaims 21 | - persistentvolumes 22 | - endpoints 23 | - secrets 24 | - configmaps 25 | verbs: 26 | - list 27 | - watch 28 | - apiGroups: 29 | - extensions 30 | resources: 31 | - daemonsets 32 | - deployments 33 | - replicasets 34 | verbs: 35 | - list 36 | - watch 37 | - apiGroups: 38 | - apps 39 | resources: 40 | - statefulsets 41 | verbs: 42 | - get 43 | - list 44 | - watch 45 | - apiGroups: 46 | - batch 47 | resources: 48 | - cronjobs 49 | - jobs 50 | verbs: 51 | - list 52 | - watch 53 | - apiGroups: 54 | - autoscaling 55 | resources: 56 | - horizontalpodautoscalers 57 | verbs: 58 | - list 59 | - watch 60 | - apiGroups: 61 | - policy 62 | resources: 63 | - poddisruptionbudgets 64 | verbs: 65 | - list 66 | - watch 67 | {{- end }} 68 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/README.md: -------------------------------------------------------------------------------- 1 | # Fabrikate-Jaeger 2 | 3 | This [fabrikate](http://github.com/microsoft/fabrikate) stack installs Jaeger on your cluster, with a provided "production" configuration. 4 | 5 | ### Requirements 6 | 7 | - The [fabrikate 0.2.3](http://github.com/microsoft/fabrikate/releases) cli tool installed locally 8 | - The [helm](https://github.com/helm/helm/releases) cli tool installed locally 9 | - The kubectl cli tool installed locally 10 | 11 | ### Setup 12 | 13 | Make sure your helm incubator repository is pointed at https://kubernetes-charts-incubator.storage.googleapis.com/. Older versions of Helm will have the incubator repository configured to a different location. 14 | 15 | Run the following in a terminal/shell: 16 | 17 | ``` 18 | helm repo remove incubator && helm repo add incubator https://kubernetes-charts-incubator.storage.googleapis.com/ 19 | ``` 20 | 21 | ### Installing fabrikate-jaeger 22 | 23 | 1. In your stack's `component.json`, include `fabrikate-jaeger`: 24 | 25 | ```json 26 | { 27 | "name": "my-cool-stack", 28 | "subcomponents": [ 29 | { 30 | "name": "fabrikate-jaeger", 31 | "source": "https://github.com/microsoft/fabrikate-definitions", 32 | "path": "definitions/fabrikate-jaeger", 33 | "method": "git" 34 | } 35 | ] 36 | } 37 | ``` 38 | 39 | 2. In a terminal window, install the stack dependencies: 40 | 41 | ``` 42 | fab install 43 | ``` 44 | 45 | 3. In a terminal window, generate the stack: 46 | 47 | ``` 48 | fab generate prod 49 | ``` 50 | 51 | 4. Apply the generated stack manifests: 52 | 53 | ``` 54 | kubectl apply -f ./generated/prod/ --recursive 55 | ``` 56 | 57 | ### License 58 | 59 | MIT 60 | -------------------------------------------------------------------------------- /testdata/generate/infra/fabrikate-jaeger/helm_repos/jaeger/charts/cassandra/templates/backup/rbac.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.backup.enabled }} 2 | {{- if .Values.serviceAccount.create }} 3 | apiVersion: v1 4 | kind: ServiceAccount 5 | metadata: 6 | name: {{ template "cassandra.serviceAccountName" . }} 7 | labels: 8 | app: {{ template "cassandra.name" . }} 9 | chart: {{ template "cassandra.chart" . }} 10 | release: "{{ .Release.Name }}" 11 | heritage: "{{ .Release.Service }}" 12 | --- 13 | {{- end }} 14 | {{- if .Values.rbac.create }} 15 | apiVersion: rbac.authorization.k8s.io/v1 16 | kind: Role 17 | metadata: 18 | name: {{ template "cassandra.fullname" . }}-backup 19 | labels: 20 | app: {{ template "cassandra.name" . }} 21 | chart: {{ template "cassandra.chart" . }} 22 | release: "{{ .Release.Name }}" 23 | heritage: "{{ .Release.Service }}" 24 | rules: 25 | - apiGroups: [""] 26 | resources: ["pods", "pods/log"] 27 | verbs: ["get", "list"] 28 | - apiGroups: [""] 29 | resources: ["pods/exec"] 30 | verbs: ["create"] 31 | --- 32 | apiVersion: rbac.authorization.k8s.io/v1 33 | kind: RoleBinding 34 | metadata: 35 | name: {{ template "cassandra.fullname" . }}-backup 36 | labels: 37 | app: {{ template "cassandra.name" . }} 38 | chart: {{ template "cassandra.chart" . }} 39 | release: "{{ .Release.Name }}" 40 | heritage: "{{ .Release.Service }}" 41 | roleRef: 42 | apiGroup: rbac.authorization.k8s.io 43 | kind: Role 44 | name: {{ template "cassandra.fullname" . }}-backup 45 | subjects: 46 | - kind: ServiceAccount 47 | name: {{ template "cassandra.serviceAccountName" . }} 48 | namespace: {{ .Release.Namespace }} 49 | {{- end }} 50 | {{- end }} 51 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/node-exporter/psp.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.nodeExporter.enabled .Values.rbac.create .Values.podSecurityPolicy.enabled }} 2 | apiVersion: {{ template "prometheus.podSecurityPolicy.apiVersion" . }} 3 | kind: PodSecurityPolicy 4 | metadata: 5 | name: {{ template "prometheus.nodeExporter.fullname" . }} 6 | labels: 7 | {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} 8 | annotations: 9 | {{- if .Values.nodeExporter.podSecurityPolicy.annotations }} 10 | {{ toYaml .Values.nodeExporter.podSecurityPolicy.annotations | indent 4 }} 11 | {{- end }} 12 | spec: 13 | privileged: false 14 | allowPrivilegeEscalation: false 15 | requiredDropCapabilities: 16 | - ALL 17 | volumes: 18 | - 'configMap' 19 | - 'hostPath' 20 | - 'secret' 21 | allowedHostPaths: 22 | - pathPrefix: /proc 23 | readOnly: true 24 | - pathPrefix: /sys 25 | readOnly: true 26 | {{- range .Values.nodeExporter.extraHostPathMounts }} 27 | - pathPrefix: {{ .hostPath }} 28 | readOnly: {{ .readOnly }} 29 | {{- end }} 30 | hostNetwork: {{ .Values.nodeExporter.hostNetwork }} 31 | hostPID: {{ .Values.nodeExporter.hostPID }} 32 | hostIPC: false 33 | runAsUser: 34 | rule: 'RunAsAny' 35 | seLinux: 36 | rule: 'RunAsAny' 37 | supplementalGroups: 38 | rule: 'MustRunAs' 39 | ranges: 40 | # Forbid adding the root group. 41 | - min: 1 42 | max: 65535 43 | fsGroup: 44 | rule: 'MustRunAs' 45 | ranges: 46 | # Forbid adding the root group. 47 | - min: 1 48 | max: 65535 49 | readOnlyRootFilesystem: false 50 | hostPorts: 51 | - min: 1 52 | max: 65535 53 | {{- end }} 54 | -------------------------------------------------------------------------------- /internal/cmd/remove.go: -------------------------------------------------------------------------------- 1 | package cmd 2 | 3 | import ( 4 | "errors" 5 | "os" 6 | "strings" 7 | 8 | "github.com/microsoft/fabrikate/internal/core" 9 | "github.com/spf13/cobra" 10 | ) 11 | 12 | // Remove implements the `remove` command. Taking in a list of subcomponent names, this function 13 | // will load the root component and attempt to remove any subcomponents with names matching 14 | // those provided. 15 | func Remove(subcomponent core.Component) (err error) { 16 | component := core.Component{ 17 | PhysicalPath: "./", 18 | LogicalPath: "", 19 | } 20 | 21 | component, err = component.LoadComponent() 22 | if err != nil { 23 | path, err := os.Getwd() 24 | if err != nil { 25 | return err 26 | } 27 | 28 | pathParts := strings.Split(path, "/") 29 | 30 | component = core.Component{ 31 | Name: pathParts[len(pathParts)-1], 32 | Serialization: "yaml", 33 | } 34 | } 35 | 36 | err = component.RemoveSubcomponent(subcomponent) 37 | if err != nil { 38 | return err 39 | } 40 | 41 | return component.Write() 42 | } 43 | 44 | var removeCmd = &cobra.Command{ 45 | Use: "remove ", 46 | Short: "Removes a subcomponent from the current component.", 47 | Long: `Removes a subcomponent from the current component. 48 | 49 | example: 50 | 51 | $ fab remove fabrikate-cloud-native 52 | `, 53 | RunE: func(cmd *cobra.Command, args []string) error { 54 | if len(args) <= 0 { 55 | return errors.New("'remove' takes one or more component-name arguments") 56 | } 57 | 58 | component := core.Component{ 59 | Name: args[0], 60 | } 61 | 62 | return Remove(component) 63 | }, 64 | } 65 | 66 | func init() { 67 | rootCmd.AddCommand(removeCmd) 68 | } 69 | -------------------------------------------------------------------------------- /testdata/local-charts/prometheus/templates/alertmanager/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.alertmanager.ingress.enabled -}} 2 | {{- $releaseName := .Release.Name -}} 3 | {{- $serviceName := include "prometheus.alertmanager.fullname" . }} 4 | {{- $servicePort := .Values.alertmanager.service.servicePort -}} 5 | {{- $extraPaths := .Values.alertmanager.ingress.extraPaths -}} 6 | {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} 7 | apiVersion: networking.k8s.io/v1beta1 8 | {{ else }} 9 | apiVersion: extensions/v1beta1 10 | {{ end -}} 11 | kind: Ingress 12 | metadata: 13 | {{- if .Values.alertmanager.ingress.annotations }} 14 | annotations: 15 | {{ toYaml .Values.alertmanager.ingress.annotations | indent 4 }} 16 | {{- end }} 17 | labels: 18 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 19 | {{- range $key, $value := .Values.alertmanager.ingress.extraLabels }} 20 | {{ $key }}: {{ $value }} 21 | {{- end }} 22 | name: {{ template "prometheus.alertmanager.fullname" . }} 23 | {{ include "prometheus.namespace" . | indent 2 }} 24 | spec: 25 | rules: 26 | {{- range .Values.alertmanager.ingress.hosts }} 27 | {{- $url := splitList "/" . }} 28 | - host: {{ first $url }} 29 | http: 30 | paths: 31 | {{ if $extraPaths }} 32 | {{ toYaml $extraPaths | indent 10 }} 33 | {{- end }} 34 | - path: /{{ rest $url | join "/" }} 35 | backend: 36 | serviceName: {{ $serviceName }} 37 | servicePort: {{ $servicePort }} 38 | {{- end -}} 39 | {{- if .Values.alertmanager.ingress.tls }} 40 | tls: 41 | {{ toYaml .Values.alertmanager.ingress.tls | indent 4 }} 42 | {{- end -}} 43 | {{- end -}} 44 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/grafana/stable/grafana/templates/podsecuritypolicy.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbac.pspEnabled }} 2 | apiVersion: extensions/v1beta1 3 | kind: PodSecurityPolicy 4 | metadata: 5 | name: {{ template "grafana.fullname" . }} 6 | labels: 7 | app: {{ template "grafana.name" . }} 8 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | annotations: 12 | seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' 13 | seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' 14 | {{- if .Values.rbac.pspUseAppArmor }} 15 | apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' 16 | apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' 17 | {{- end }} 18 | spec: 19 | privileged: false 20 | allowPrivilegeEscalation: false 21 | requiredDropCapabilities: 22 | # Default set from Docker, without DAC_OVERRIDE or CHOWN 23 | - FOWNER 24 | - FSETID 25 | - KILL 26 | - SETGID 27 | - SETUID 28 | - SETPCAP 29 | - NET_BIND_SERVICE 30 | - NET_RAW 31 | - SYS_CHROOT 32 | - MKNOD 33 | - AUDIT_WRITE 34 | - SETFCAP 35 | volumes: 36 | - 'configMap' 37 | - 'emptyDir' 38 | - 'projected' 39 | - 'secret' 40 | - 'downwardAPI' 41 | - 'persistentVolumeClaim' 42 | hostNetwork: false 43 | hostIPC: false 44 | hostPID: false 45 | runAsUser: 46 | rule: 'RunAsAny' 47 | seLinux: 48 | rule: 'RunAsAny' 49 | supplementalGroups: 50 | rule: 'RunAsAny' 51 | fsGroup: 52 | rule: 'RunAsAny' 53 | readOnlyRootFilesystem: false 54 | {{- end }} 55 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/kube-state-metrics-svc.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.kubeStateMetrics.enabled .Values.kubeStateMetrics.enabled -}} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | {{- if .Values.kubeStateMetrics.service.annotations }} 6 | annotations: 7 | {{ toYaml .Values.kubeStateMetrics.service.annotations | indent 4 }} 8 | {{- end }} 9 | labels: 10 | {{- include "prometheus.kubeStateMetrics.labels" . | nindent 4 }} 11 | {{- if .Values.kubeStateMetrics.service.labels }} 12 | {{ toYaml .Values.kubeStateMetrics.service.labels | indent 4 }} 13 | {{- end }} 14 | name: {{ template "prometheus.kubeStateMetrics.fullname" . }} 15 | spec: 16 | {{- if .Values.kubeStateMetrics.service.clusterIP }} 17 | clusterIP: {{ .Values.kubeStateMetrics.service.clusterIP }} 18 | {{- end }} 19 | {{- if .Values.kubeStateMetrics.service.externalIPs }} 20 | externalIPs: 21 | {{ toYaml .Values.kubeStateMetrics.service.externalIPs | indent 4 }} 22 | {{- end }} 23 | {{- if .Values.kubeStateMetrics.service.loadBalancerIP }} 24 | loadBalancerIP: {{ .Values.kubeStateMetrics.service.loadBalancerIP }} 25 | {{- end }} 26 | {{- if .Values.kubeStateMetrics.service.loadBalancerSourceRanges }} 27 | loadBalancerSourceRanges: 28 | {{- range $cidr := .Values.kubeStateMetrics.service.loadBalancerSourceRanges }} 29 | - {{ $cidr }} 30 | {{- end }} 31 | {{- end }} 32 | ports: 33 | - name: http 34 | port: {{ .Values.kubeStateMetrics.service.servicePort }} 35 | protocol: TCP 36 | targetPort: 8080 37 | selector: 38 | {{- include "prometheus.kubeStateMetrics.matchLabels" . | nindent 4 }} 39 | type: "{{ .Values.kubeStateMetrics.service.type }}" 40 | {{- end }} 41 | -------------------------------------------------------------------------------- /testdata/generate-yaml/helm_repos/prometheus/stable/prometheus/templates/node-exporter-podsecuritypolicy.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.nodeExporter.enabled .Values.rbac.create }} 2 | {{- if .Values.nodeExporter.podSecurityPolicy.enabled }} 3 | apiVersion: extensions/v1beta1 4 | kind: PodSecurityPolicy 5 | metadata: 6 | name: {{ template "prometheus.nodeExporter.fullname" . }} 7 | labels: 8 | {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} 9 | annotations: 10 | {{- if .Values.nodeExporter.podSecurityPolicy.annotations }} 11 | {{ toYaml .Values.nodeExporter.podSecurityPolicy.annotations | indent 4 }} 12 | {{- end }} 13 | spec: 14 | privileged: false 15 | allowPrivilegeEscalation: false 16 | requiredDropCapabilities: 17 | - ALL 18 | volumes: 19 | - 'configMap' 20 | - 'hostPath' 21 | - 'secret' 22 | AllowedHostPaths: 23 | - pathPrefix: /proc 24 | readOnly: true 25 | - pathPrefix: /sys 26 | readOnly: true 27 | {{- range .Values.nodeExporter.extraHostPathMounts }} 28 | - pathPrefix: {{ .hostPath }} 29 | readOnly: {{ .readOnly }} 30 | {{- end }} 31 | hostNetwork: {{ .Values.nodeExporter.hostNetwork }} 32 | hostPID: {{ .Values.nodeExporter.hostPID }} 33 | hostIPC: false 34 | runAsUser: 35 | rule: 'RunAsAny' 36 | seLinux: 37 | rule: 'RunAsAny' 38 | supplementalGroups: 39 | rule: 'MustRunAs' 40 | ranges: 41 | # Forbid adding the root group. 42 | - min: 1 43 | max: 65535 44 | fsGroup: 45 | rule: 'MustRunAs' 46 | ranges: 47 | # Forbid adding the root group. 48 | - min: 1 49 | max: 65535 50 | readOnlyRootFilesystem: false 51 | hostPorts: 52 | - min: 1 53 | max: 65535 54 | {{- end }} 55 | {{- end }} 56 | --------------------------------------------------------------------------------