-
Notifications
You must be signed in to change notification settings - Fork 10
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
131 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| # Using kubetruth to produce file based configmaps | ||
|
|
||
| This example uses kubetruth to create configmaps with structured config files for each project | ||
|
|
||
| Reasons you might want a file based configmap | ||
|
|
||
| * Your components already take files to configure themselves, and you want cloudtruth/kubetruth to be as drop-in as possible | ||
| * You want to take advantage of the in-place updates of ConfigMap/Secret files in a running container without restarts | ||
| * You like having structured config which is prevented by the flat nature of kubernetes ConfigMaps/Secrets | ||
|
|
||
| ## Setup CloudTruth Credentials | ||
|
|
||
| Login to CloudTruth, and create an api key, then add it to your environment | ||
|
|
||
| ``` | ||
| export CLOUDTRUTH_API_KEY=your_api_key | ||
| ``` | ||
|
|
||
| ## Setup a project to configure the deploy | ||
|
|
||
| ``` | ||
| cloudtruth projects set filetest | ||
| cloudtruth --project filetest parameter set --value hi foo.yml/bar | ||
| cloudtruth --project filetest parameter set --value yum foo.yml/baz/boo | ||
| cloudtruth --project filetest parameter set --value fun foo.yml/baz/bum | ||
| cloudtruth --project filetest parameter set --value myval bar.json/other | ||
| ``` | ||
|
|
||
| ## (Optional) Setup [minikube](https://minikube.sigs.k8s.io/docs/start/) to test locally | ||
| ``` | ||
| minikube start | ||
| ``` | ||
|
|
||
| ## Setup kubetruth to apply a deployment resource for that project | ||
|
|
||
| Install kubetruth with the following settings: | ||
| ``` | ||
| helm install --values examples/filebased/values.yaml --set appSettings.apiKey=$CLOUDTRUTH_API_KEY kubetruth cloudtruth/kubetruth | ||
| ``` | ||
|
|
||
| ## Check kubetruth is up | ||
|
|
||
| ``` | ||
| kubectl describe deployment kubetruth | ||
| kubectl logs deployment/kubetruth | ||
| ``` | ||
|
|
||
| ## Check configmap was generated | ||
|
|
||
| ``` | ||
| kubectl describe configmap filetest | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,78 @@ | ||
| # Setup the kubetruth CRD to ignore all projects except for the one named deploytest | ||
| # For the deploytest project, get the resource template from the cloudtruth template named deployment | ||
| projectMappings: | ||
|
|
||
| # Define the root project mapping, skipping all projects except for the | ||
| # example we care about | ||
| root: | ||
| scope: "root" | ||
| environment: default | ||
| skip: true | ||
|
|
||
| # Define an override project mapping to enable processing of a single project | ||
| # for this example. In a real world scenario you would want to add the | ||
| # deployment templates in the root project mapping or in an override that | ||
| # matches multiple projects in order to share its behavior across those | ||
| # projects | ||
| filetest: | ||
| scope: "override" | ||
| skip: false | ||
| project_selector: "^filetest$" | ||
| resource_templates: | ||
| # One could also make Secrets be file-based by copying the template from | ||
| # configmap or, or use the default template by uncommenting below | ||
| # | ||
| # secret: "" | ||
|
|
||
| # Transforms parameters into filebased configmap entries | ||
| # | ||
| configmap: | | ||
| {%- if parameters.size > 0 %} | ||
| {%- comment %} | ||
| Use the inflate filter to convert parameters to a structured form | ||
| based on a slash delimiter | ||
| {%- endcomment %} | ||
| {%- assign inflated_params = parameters | inflate: "/" %} | ||
| apiVersion: v1 | ||
| kind: ConfigMap | ||
| metadata: | ||
| name: "{{ context.resource_name }}" | ||
| namespace: "{{ context.resource_namespace }}" | ||
| labels: | ||
| version: "{{ parameters | sort | to_json | sha256 | slice: 0, 7 }}" | ||
| annotations: | ||
| kubetruth/project_heirarchy: | | ||
| {{ project_heirarchy | to_yaml | indent: 6 | lstrip }} | ||
| kubetruth/parameter_origins: | | ||
| {{ parameter_origins | to_yaml | indent: 6 | lstrip }} | ||
| data: | ||
| {%- comment %} | ||
| Each top level key should be a yaml or json filename, with its value | ||
| being the structured data it contains | ||
| {%- endcomment %} | ||
| {%- for file in inflated_params %} | ||
| {%- assign file_name = file[0] %} | ||
| {%- assign file_type = file[0] | split: "." | last | downcase %} | ||
| {%- assign file_data = file[1] %} | ||
| {%- comment %} | ||
| Keys (filenames) that do not end in .ya?ml or .json will get ignored | ||
| {%- endcomment %} | ||
| {%- case file_type %} | ||
| {%- when "yml", "yaml" %} | ||
| {{ file_name }}: | | ||
| {{- file_data | to_yaml | nindent: 4 }} | ||
| {%- when "json" %} | ||
| {{ file_name }}: | | ||
| {{- file_data | to_json | nindent: 4 }} | ||
| {%- else %} | ||
| {%- continue %} | ||
| {%- endcase %} | ||
| {%- endfor %} | ||
| {%- endif %} |