diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index c55984d98..c7b4a8c27 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -3,7 +3,6 @@ repos: rev: 22.10.0 hooks: - id: black - language_version: python3.8 - repo: https://github.com/igorshubovych/markdownlint-cli rev: v0.32.2 hooks: diff --git a/Dockerfile b/Dockerfile index df138c622..b555844fe 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,6 @@ WORKDIR /kapitan COPY ./kapitan ./kapitan COPY ./MANIFEST.in ./MANIFEST.in -COPY ./requirements.txt ./requirements.txt COPY ./pyproject.toml ./pyproject.toml COPY ./README.md ./README.md diff --git a/LICENSE b/LICENSE new file mode 100644 index 000000000..261eeb9e9 --- /dev/null +++ b/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/LICENSES/Apache-2.0.txt b/LICENSES/Apache-2.0.txt deleted file mode 100644 index 4ed90b952..000000000 --- a/LICENSES/Apache-2.0.txt +++ /dev/null @@ -1,208 +0,0 @@ -Apache License - -Version 2.0, January 2004 - -http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, -AND DISTRIBUTION - - 1. Definitions. - - - -"License" shall mean the terms and conditions for use, reproduction, and distribution -as defined by Sections 1 through 9 of this document. - - - -"Licensor" shall mean the copyright owner or entity authorized by the copyright -owner that is granting the License. - - - -"Legal Entity" shall mean the union of the acting entity and all other entities -that control, are controlled by, or are under common control with that entity. -For the purposes of this definition, "control" means (i) the power, direct -or indirect, to cause the direction or management of such entity, whether -by contract or otherwise, or (ii) ownership of fifty percent (50%) or more -of the outstanding shares, or (iii) beneficial ownership of such entity. - - - -"You" (or "Your") shall mean an individual or Legal Entity exercising permissions -granted by this License. - - - -"Source" form shall mean the preferred form for making modifications, including -but not limited to software source code, documentation source, and configuration -files. - - - -"Object" form shall mean any form resulting from mechanical transformation -or translation of a Source form, including but not limited to compiled object -code, generated documentation, and conversions to other media types. - - - -"Work" shall mean the work of authorship, whether in Source or Object form, -made available under the License, as indicated by a copyright notice that -is included in or attached to the work (an example is provided in the Appendix -below). - - - -"Derivative Works" shall mean any work, whether in Source or Object form, -that is based on (or derived from) the Work and for which the editorial revisions, -annotations, elaborations, or other modifications represent, as a whole, an -original work of authorship. For the purposes of this License, Derivative -Works shall not include works that remain separable from, or merely link (or -bind by name) to the interfaces of, the Work and Derivative Works thereof. - - - -"Contribution" shall mean any work of authorship, including the original version -of the Work and any modifications or additions to that Work or Derivative -Works thereof, that is intentionally submitted to Licensor for inclusion in -the Work by the copyright owner or by an individual or Legal Entity authorized -to submit on behalf of the copyright owner. For the purposes of this definition, -"submitted" means any form of electronic, verbal, or written communication -sent to the Licensor or its representatives, including but not limited to -communication on electronic mailing lists, source code control systems, and -issue tracking systems that are managed by, or on behalf of, the Licensor -for the purpose of discussing and improving the Work, but excluding communication -that is conspicuously marked or otherwise designated in writing by the copyright -owner as "Not a Contribution." - - - -"Contributor" shall mean Licensor and any individual or Legal Entity on behalf -of whom a Contribution has been received by Licensor and subsequently incorporated -within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of this -License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, -no-charge, royalty-free, irrevocable copyright license to reproduce, prepare -Derivative Works of, publicly display, publicly perform, sublicense, and distribute -the Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of this License, -each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, -no-charge, royalty-free, irrevocable (except as stated in this section) patent -license to make, have made, use, offer to sell, sell, import, and otherwise -transfer the Work, where such license applies only to those patent claims -licensable by such Contributor that are necessarily infringed by their Contribution(s) -alone or by combination of their Contribution(s) with the Work to which such -Contribution(s) was submitted. If You institute patent litigation against -any entity (including a cross-claim or counterclaim in a lawsuit) alleging -that the Work or a Contribution incorporated within the Work constitutes direct -or contributory patent infringement, then any patent licenses granted to You -under this License for that Work shall terminate as of the date such litigation -is filed. - -4. Redistribution. You may reproduce and distribute copies of the Work or -Derivative Works thereof in any medium, with or without modifications, and -in Source or Object form, provided that You meet the following conditions: - -(a) You must give any other recipients of the Work or Derivative Works a copy -of this License; and - -(b) You must cause any modified files to carry prominent notices stating that -You changed the files; and - -(c) You must retain, in the Source form of any Derivative Works that You distribute, -all copyright, patent, trademark, and attribution notices from the Source -form of the Work, excluding those notices that do not pertain to any part -of the Derivative Works; and - -(d) If the Work includes a "NOTICE" text file as part of its distribution, -then any Derivative Works that You distribute must include a readable copy -of the attribution notices contained within such NOTICE file, excluding those -notices that do not pertain to any part of the Derivative Works, in at least -one of the following places: within a NOTICE text file distributed as part -of the Derivative Works; within the Source form or documentation, if provided -along with the Derivative Works; or, within a display generated by the Derivative -Works, if and wherever such third-party notices normally appear. The contents -of the NOTICE file are for informational purposes only and do not modify the -License. You may add Your own attribution notices within Derivative Works -that You distribute, alongside or as an addendum to the NOTICE text from the -Work, provided that such additional attribution notices cannot be construed -as modifying the License. - -You may add Your own copyright statement to Your modifications and may provide -additional or different license terms and conditions for use, reproduction, -or distribution of Your modifications, or for any such Derivative Works as -a whole, provided Your use, reproduction, and distribution of the Work otherwise -complies with the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, any -Contribution intentionally submitted for inclusion in the Work by You to the -Licensor shall be under the terms and conditions of this License, without -any additional terms or conditions. Notwithstanding the above, nothing herein -shall supersede or modify the terms of any separate license agreement you -may have executed with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade names, -trademarks, service marks, or product names of the Licensor, except as required -for reasonable and customary use in describing the origin of the Work and -reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or agreed to -in writing, Licensor provides the Work (and each Contributor provides its -Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied, including, without limitation, any warranties -or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR -A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness -of using or redistributing the Work and assume any risks associated with Your -exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, whether -in tort (including negligence), contract, or otherwise, unless required by -applicable law (such as deliberate and grossly negligent acts) or agreed to -in writing, shall any Contributor be liable to You for damages, including -any direct, indirect, special, incidental, or consequential damages of any -character arising as a result of this License or out of the use or inability -to use the Work (including but not limited to damages for loss of goodwill, -work stoppage, computer failure or malfunction, or any and all other commercial -damages or losses), even if such Contributor has been advised of the possibility -of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing the Work -or Derivative Works thereof, You may choose to offer, and charge a fee for, -acceptance of support, warranty, indemnity, or other liability obligations -and/or rights consistent with this License. However, in accepting such obligations, -You may act only on Your own behalf and on Your sole responsibility, not on -behalf of any other Contributor, and only if You agree to indemnify, defend, -and hold each Contributor harmless for any liability incurred by, or claims -asserted against, such Contributor by reason of your accepting any such warranty -or additional liability. END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - -To apply the Apache License to your work, attach the following boilerplate -notice, with the fields enclosed by brackets "[]" replaced with your own identifying -information. (Don't include the brackets!) The text should be enclosed in -the appropriate comment syntax for the file format. We also recommend that -a file or class name and description of purpose be included on the same "printed -page" as the copyright notice for easier identification within third-party -archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); - -you may not use this file except in compliance with the License. - -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software - -distributed under the License is distributed on an "AS IS" BASIS, - -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - -See the License for the specific language governing permissions and - -limitations under the License. diff --git a/README.md b/README.md index 5c6adeaf0..401cde3ea 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ Join the community [`#kapitan`](https://kubernetes.slack.com/archives/C981W2HD3) ## [**Official site**](https://kapitan.dev) -## [**Quick Start**](https://kapitan.dev/kapitan_overview/#quickstart) +## [**Quick Start**](https://kapitan.dev/getting_started/#quickstart)) ## Install Kapitan diff --git a/docs/README.md b/docs/README.md index 2f9be4d4a..f4638af2c 100644 --- a/docs/README.md +++ b/docs/README.md @@ -6,7 +6,7 @@ **`Kapitan`** aims to be your *one-stop tool* to help you manage the ever growing complexity of your configurations. * :fontawesome-brands-slack: Join the community [`#kapitan`](https://kubernetes.slack.com/archives/C981W2HD3) -* :fontawesome-brands-github: Help us grow: [give us a star](https://github.com/kapicorp/kapitan/stargazers) or even better [sponsor our project](/contributing/#sponsor-kapitan) +* :fontawesome-brands-github: Help us grow: [give us a star](https://github.com/kapicorp/kapitan/stargazers) or even better [sponsor our project](pages/contribute/sponsor/) ## Why do I need **Kapitan**? diff --git a/docs/external_dependencies.md b/docs/external_dependencies.md deleted file mode 100644 index 06ba9d4b7..000000000 --- a/docs/external_dependencies.md +++ /dev/null @@ -1,303 +0,0 @@ -# :kapitan-logo: External dependencies - -Kapitan is capable of fetching components stored in remote locations. This feature can be used by specifying those dependencies in the inventory under `parameters.kapitan.dependencies`. Supported types are: - -- [git type](#git-type) -- [http type](#http-type) -- [helm type](#helm-type) - -Some use cases of this feature may include: - -- using templates/jsonnet libraries hosted remotely -- using values in remote files via `file_read` jsonnet callback - -## Usage - -```yaml -parameters: - kapitan: - dependencies: - - type: - output_path: path/to/file/or/dir - source: - # other type-specific parameters, if any -``` - -Use `--fetch` option to fetch the dependencies: - -```shell -kapitan compile --fetch -``` - -This will download the dependencies and store them at their respective `output_path`. -By default, kapitan does not overwrite existing items with the same name as that of the fetched dependencies. - -Use the `--force-fetch` flag to force fetch (update cache with freshly fetched dependencies) and overwrite any existing item sharing the same name in the `output_path`. - - -```shell -kapitan compile --force-fetch -``` - -Use the `--cache` flag to cache the fetched items in the `.dependency_cache` directory in the root project directory. - -```shell -kapitan compile --cache --fetch -``` - -## Git type - -Git types can fetch external dependencies available via HTTP/HTTPS or SSH URLs. This is useful for fetching repositories or their sub-directories, as well as accessing them in specific commits and branches (refs). - -**Note**: git types require git binary on your system. - -### Usage - -```yaml -parameters: - kapitan: - dependencies: - - type: git - output_path: path/to/dir - source: git_url - subdir: relative/path/from/repo/root (optional) - ref: tag, commit, branch etc. (optional) -``` - -### Example - -Say we want to fetch the source code from our kapitan repository, specifically, `kapicorp/kapitan/kapitan/version.py`. Let's create a very simple target file `inventory/targets/kapitan-example.yml`. - -```yaml -parameters: - kapitan: - vars: - target: kapitan-example - dependencies: - - type: git - output_path: source/kapitan - source: git@github.com:kapicorp/kapitan.git - subdir: kapitan - ref: master - compile: - - input_paths: - - source/kapitan/version.py - input_type: jinja2 # just to copy the file over to target - output_path: . -``` - -Then run: - -```shell -$ kapitan compile --fetch -t kapitan-example -Dependency git@github.com:kapicorp/kapitan.git : fetching now -Dependency git@github.com:kapicorp/kapitan.git : successfully fetched -Dependency git@github.com:kapicorp/kapitan.git : saved to source/kapitan -Compiled kapitan-example (0.02s) - -$ ls source -kapitan -``` - -This will download the kapitan repository (kapicorp/kapitan), copy the sub-directory `kapitan` and save it to `source/kapitan`. Therefore, `kapicorp/kapitan/kapitan` corresponds to `source/kapitan` locally. - -Note that even if you are not using `subdir` parameter, you can and should specify the repository name in the `output_path` parameter. If you only specify `source` as the `output_path`, then all the kapitan files will be under `source` and not `source/kapitan`. - -## HTTP type - -http[s] types can fetch external dependencies available at `http://` or `https://` URL. - -### Usage - -```yaml -parameters: - kapitan: - dependencies: - - type: http | https - output_path: path/to/file - source: http[s]:// - unpack: True | False -``` - -`output_path` must fully specify the file name. For example: - -```yaml -parameters: - kapitan: - dependencies: - - type: https - output_path: foo.txt - source: https://example.com/foo.txt -``` - -### Example - -Say we want to download kapitan README.md file. Since it's on Github, we can access it as . Using the following inventory, we can copy this to our target folder: - -```yaml -parameters: - kapitan: - vars: - target: kapitan-example - dependencies: - - type: https - output_path: README.md - source: https://raw.githubusercontent.com/kapicorp/kapitan/master/README.md - compile: - - input_paths: - - README.md - input_type: jinja2 - output_path: . -``` - -Then run: - -```shell -$ kapitan compile --fetch -t kapitan-example -Dependency https://raw.githubusercontent.com/kapicorp/kapitan/master/README.md : fetching now -Dependency https://raw.githubusercontent.com/kapicorp/kapitan/master/README.md : successfully fetched -Dependency https://raw.githubusercontent.com/kapicorp/kapitan/master/README.md : saved to README.md -Compiled kapitan-example (0.02s) - -$ ls -compiled inventory README.md -``` - -This fetches the README.md file from the URL and save it locally. - -Another use case for http types is when we want to download an archive file, such as helm packages, and extract its content. -Setting `unpack: True` will unpack zip or tar files onto the `output_path`. In such cases, set `output_path` to a folder where you extract the content, and not the file name. You can refer to [here](/pages/input_types/helm.md) for the example. - -## Helm type - -Fetches helm charts and any specific subcharts in the `requirements.yaml` file. - -`helm_path` can be used to specify where the `helm` binary name or path. -It defaults to the value of the `KAPITAN_HELM_PATH` environment var or simply to `helm` if neither is set. -You should specify only if you don't want the default behavior. - -`source` can be either the URL to a chart repository, or the URL to a chart on an OCI registry (supported since Helm 3.8.0). - -### Usage - -```yaml -parameters: - kapitan: - dependencies: - - type: helm - output_path: path/to/chart - source: http[s]|oci:// - version: - chart_name: - helm_path: -``` - -### Example - -If we want to download the prometheus helm chart we simply add the dependency to the monitoring target. -We want a specific version `11.3.0` so we put that in. - -```yaml -parameters: - kapitan: - vars: - target: monitoring - dependencies: - - type: helm - output_path: charts/prometheus - source: https://kubernetes-charts.storage.googleapis.com - version: 11.3.0 - chart_name: prometheus - compile: - - input_type: helm - output_path: . - input_paths: - - charts/prometheus - helm_values: - alertmanager: - enabled: false - helm_params: - namespace: monitoring - name: prometheus -``` - -Then run: - -```shell -$ kapitan compile --fetch -t monitoring -Dependency helm chart prometheus and version 11.3.0: fetching now -Dependency helm chart prometheus and version 11.3.0: successfully fetched -Dependency helm chart prometheus and version 11.3.0: saved to charts/prometheus -Compiled monitoring (1.48s) - -$ tree -L 3 -├── charts -│ └── prometheus -│ ├── Chart.yaml -│ ├── README.md -│ ├── charts -│ ├── requirements.lock -│ ├── requirements.yaml -│ ├── templates -│ └── values.yaml -├── compiled -│ ├── monitoring -├── inventory - ├── classes - ├── common.yml - ├── component -``` - -If you simply want the latest chart available, either don't include the `version` key or specify an empty string. - -```yaml -parameters: - kapitan: - vars: - target: monitoring - dependencies: - - type: helm - output_path: charts/prometheus - source: https://kubernetes-charts.storage.googleapis.com - version: "" - chart_name: prometheus - compile: - - input_type: helm - output_path: . - input_paths: - - charts/prometheus - helm_values: - alertmanager: - enabled: false - helm_params: - namespace: monitoring - name: prometheus -``` - -Then run: - -```shell -$ kapitan compile --fetch -t monitoring -Dependency helm chart prometheus being fetch with using latest version available -Dependency helm chart prometheus and version : fetching now -Dependency helm chart prometheus and version : successfully fetched -Dependency helm chart prometheus and version : saved to charts/prometheus -Compiled monitoring (1.58s) - -$ tree -L 3 -├── charts -│ └── prometheus -│ ├── Chart.yaml -│ ├── README.md -│ ├── charts -│ ├── requirements.lock -│ ├── requirements.yaml -│ ├── templates -│ └── values.yaml -├── compiled -│ ├── monitoring -├── inventory - ├── classes - ├── common.yml - ├── component -``` diff --git a/docs/getting_started.md b/docs/getting_started.md new file mode 100644 index 000000000..3907abd1f --- /dev/null +++ b/docs/getting_started.md @@ -0,0 +1,70 @@ +# :kapitan-logo: **Kapitan Overview** + +## Setup your repository + +!!! note + We are currently working on improving the experience to give you an even quicker experience with Kapitan + +### Quickstart + +[kapicorp/kapitan-reference](https://github.com/kapicorp/kapitan-reference) repository is meant to be a way to bootstrap your **Kapitan** setup to get you up and running. + +It is meant to help you make use of best practices and libraries that can make Kapitan the ultimate tool for all your configuration needs. + +``` +$ git clone git@github.com:kapicorp/kapitan-reference.git kapitan-templates +$ cd kapitan-templates + +$ ./kapitan compile +Compiled postgres-proxy (1.51s) +Compiled tesoro (1.70s) +Compiled echo-server (1.64s) +Compiled mysql (1.67s) +Compiled gke-pvm-killer (1.17s) +Compiled prod-sockshop (4.74s) +Compiled dev-sockshop (4.74s) +Compiled tutorial (1.68s) +Compiled global (0.76s) +Compiled examples (2.60s) +Compiled pritunl (2.03s) +Compiled sock-shop (4.36s) +``` + +### From Scratch (Advanced) + +!!! warning + + the `kapitan init` command leaves you with a bare configuration. Setting up Kapitan might require time. + + Please use the [**Quickstart**](#quickstart) setup if you want to get started quicker. + +If you want to start off with a clean **kapitan** project, you can run `kapitan init --directory ` to populate a new directory with the recommended kapitan folder structure. + +The bare minimum structure that makes use of kapitan features may look as follows: + +```text +. +├── components +│ ├── mycomponent.jsonnet +├── templates +├── ├── README.md +├── inventory +│ ├── classes +│ │ ├── common.yml +│ └── targets +│ ├── dev.yml +│ ├── staging.yml +│ └── prod.yml +├── refs +│ ├── targets +│ │ ├── prod +│ │ │ └── password +└───├── common + └── example-com-tls.key +``` + +* `components`: template files for kadet, jsonnet and helm +* `templates`: stores Jinja2 templates for scripts and documentation +* `inventory/targets`: target files +* `inventory/classes`: inventory classes to be inherited by targets +* `refs`: references files diff --git a/docs/inventory.md b/docs/inventory.md deleted file mode 100644 index c24d11c26..000000000 --- a/docs/inventory.md +++ /dev/null @@ -1,316 +0,0 @@ -# :kapitan-logo: **Inventory** - -## Overview - -The **Inventory** is a core component of Kapitan: this section aims to explain how it works and how to best take advantage of it. - -The **Inventory** is a hierarchical `YAML` based structure which you use to capture anything that you want to make available to **Kapitan**, so that it can be passed on to its templating engines. - -The first concept to learn about the **Inventory** is the [**target**](#targets). A target is a file, found under the [`inventory/targets`](#targets) substructure, that tells Kapitan what you want to compile. It will usually map to something you want to do with **Kapitan**. - -For instance, you might want to define a [**target**](#targets) for each environment that you want to deploy using **Kapitan**. - -The **Inventory** lets you also define and reuse common configurations through YAML files that are referred to as [**classes**](#classes): by listing classes into [**target**](#targets), their content gets merged together and allows you to compose complex configurations without repetitions. - -By combining [**target**](#targets) and [**classes**](#classes), the **Inventory** becomes the SSOT for your whole configuration, and learning how to use it will unleash the real power of **Kapitan**. - -!!! info - The **Kapitan** **Inventory** is based on an open source project called [reclass](https://github.com/kapicorp/reclass) and you can find the full documentation on our Github clone. However we discourage you to look directly at the reclass documentation before you learn more about **Kapitan**, because **Kapitan** uses a fork of reclass and greatly simplifies the reclass experience. - -!!! note - Kapitan enforces very little structure for the **Inventory**, so that you can adapt it to your specific needs: this might be overwhelming at the beginning: don’t worry, we will explain best practice and give guidelines soon. - -By default, Kapitan will search for its **Inventory** under [`inventory/classes`](#classes) and [`inventory/targets`](#targets). - -``` -inventory/ -├── classes -│ ├── applications -│ ├── components -│ ├── features -│ ├── kapitan -│ ├── projects -│ └── terraform -└── targets - ├── examples - ├── kapicorp - └── terraform -``` - -## Targets - -### Usage - -A target is a file that lives under the [`inventory/targets`](#targets) subdirectory, and that tells **Kapitan** what you want it to do for you. - - **Kapitan** will recognise all YAML files in the [`inventory/targets`](#targets) subtree as targets. - -!!! note - Only use **`.yml`** as extension for **Inventory** files. `.yaml` will not be recognised as a valid **Inventory** file. - -What you do with a [**target**](#targets) is largely up to you and your setup. Common examples: - -* **clusters**: Map each [**target**](#targets) to a cluster, capturing all configurations needed for a given cluster. For instance: `targets/clusters/production-cluster1.yml` -* **applications**: When using **Kapitan** to manage **Kubernetes** applications, you might define a [**target**](#targets) for everything that you would normally deploy in a single namespace, including all its resources, scripts, secrets and documentation. For instance: `targets/mysql.yml` -* **environments**: You might have want to define a different [**target**](#targets) for each environment you have, like `dev.yml`, `test.yml` and `prod.yml` -* **cloud projects**: When working with **Terraform**, it may be convenient to group [**target**](#targets) by cloud project. For instance: `targets/gcp/projects/engineering-prod.yml`. -* **single tenancy**: When deploying a single-tenancy application, you might combine the approaches above, and have a [**target**](#targets) `acme.yml` that is used to define both **Terraform** and **Kubernetes** resources for a given tenant, perhaps also with some **ArgoCD** or **Spinnaker** pipelines to go with it. - - -!!! example - - If you have configured your kapitan repository like in [Quick Start](/kapitan_overview/#setup-your-repository) instructions, you can run the commands we give during the course of this documentation. - - !!! quote "" - - `kapitan compile` - - ```shell - Compiled gke-pvm-killer (0.09s) - Compiled vault (0.18s) - Compiled pritunl (0.17s) - Compiled mysql (0.07s) - Compiled examples (0.25s) - Compiled postgres-proxy (0.06s) - Compiled echo-server (0.08s) - Compiled global (0.05s) - Compiled tutorial (0.09s) - Compiled guestbook-argocd (0.08s) - Compiled sock-shop (0.30s) - Compiled kapicorp-demo-march (0.04s) - Compiled kapicorp-project-123 (0.03s) - Compiled kapicorp-terraform-admin (0.08s) - Compiled tesoro (0.09s) - Compiled prod-sockshop (0.34s) - Compiled dev-sockshop (0.41s) - Compiled argocd (2.53s) - ``` - - When you run `kapitan compile`, you instruct **Kapitan** to generate for each given [**target**](#targets) a directory under `compiled` with the same name. Under this directory you will find all the files that have been generated by **Kapitan** for that target. - - !!! quote "" - - `tree compiled/mysql/` - - ```shell - compiled/mysql/ - ├── argocd - ├── docs - │ ├── mysql-readme.md - │ └── README.md - ├── manifests - │ ├── mysql-bundle.yml - │ ├── mysql-config.yml - │ ├── mysql-namespace.yml - │ └── mysql-secret.yml - ├── pre-deploy - ├── rabbitmq - ├── scripts - └── terraform - - 7 directories, 6 files - ``` - -### Definition - -A typical [**target**](#targets) might look like this: - -!!! example "`inventory/targets/acme/dev.yaml`" - - ```yaml - classes: - - common - - components.acme.frontend - - components.acme.backend - - parameters: - target_name: dev - ``` - -Note that it is made of 2 sections: - -* `classes` is a list of class files you will want to import. -* `parameters` allows for local override of what is unique to this target. - -!!! info - - the `kapitan` key under the root `parameters` is reserved for kapitan usage. Some examples: - - ```yaml - parameters: - kapitan: - compile: # input types configuration section - dependencies: # dependencies configuration section to download resources - secrets: # secret encryption/decryption configuration section - validate: # items which indicate which compiled output to validate - vars: # which are also passed down to input types as context - ``` - - -## Classes - -### Usage - -The next thing you want to learn about the inventory are [**classes**](#classes). A class is a yaml file containing a fragment of yaml that we want to import and merge into the inventory. - -[**Classes**](#classes) are *fragments* of yaml: feature sets, commonalities between targets. [**Classes**](#classes) let you compose your [**Inventory**](/inventory/) from smaller bits, eliminating duplication and exposing all important parameters from a single, logically organised place. As the [**Inventory**](#inventory) lets you reference other parameters in the hierarchy, [**classes**](#classes) become places where you can define something that will then get referenced from another section of the inventory, allowing for composition. - -[**Classes**](#classes) are organised under the [`inventory/classes`](#classes) directory substructure. -They are organised hierarchically in subfolders, and the way they can be imported into a [**target**](#targets) or other [**classes**](#classes) depends on their location relative to the [`inventory/classes`](#classes) directory. - - -### Importing classes - -To import a class from within another file of the [**Inventory**](#inventory), you can follow these instructions: - -* take the file path relative to the `inventory/classes/` directory -* remove the `.yml` file extension -* replace `/` with `.` - -For example, this will import the class `inventory/classes/applications/sock-shop.yaml` - -```yaml -classes: -- applications.sock-shop -``` - -### Definition - -Let's take a look at the `common` class which appears in the example above: - -As explained, because the **`common.yaml`** is directly under the **`inventory/classes`** subdirectory, it can be imported directly into a target with: - -```yaml -classes: -- common -``` - -If we open the file, we find another familiar yaml fragment. - -!!! example "`inventory/classes/common.yml`" - - ```yaml - classes: - - kapitan.common - - parameters: - namespace: ${target_name} - target_name: ${_reclass_:name:short} - ``` - -Notice that this class includes an import definition for another class, `kapitan.common`. We've already learned this means that kapitan will import a file on disk called `inventory/classes/kapitan/common.yml` - -You can also see that in the `parameters` section we now encounter a new syntax which unlocks another powerful inventory feature: *parameters interpolation*! - -## Parameters Interpolation - -!!! note - - as a shorthand, when we encounter deep yaml structures like the following: - - ```yaml - parameters: - components: - nginx: - image: nginx:latest - ``` - - Usually when we want to talk about the `image` subkey, we normally use either of the following: - - * `parameters.components.nginx.image` - * `components.nginx.image` - - However, when used in parameter expansion, remember to: - - * replace the `.` with `:` - * omit the `parameters` initial key which is implied - * wrap it into the `${}` variable interpolation syntax - - The correct way to reference `parameters.nginx.image` then becomes `${components:nginx:image}`. - -The [**Inventory**](#inventory) allows you to refer to other values defined elsewhere in the structure, using parameter interpolation. - -Given the example: - -```yaml - -parameters: - cluster: - location: europe - - application: - location: ${cluster:location} - - namespace: ${target_name} - target_name: dev -``` - - - -Here we tell **Kapitan** that: - -* `namespace` should take the same value defined in `target_name` -* `target_name` should take the literal string `dev` -* `application.location` should take the same value as defined in `cluster.location` - -It is important to notice that the inventory can refer to values defined in other classes, as long as they are imported by the target. So for instance with the following example - -```yaml - -classes: - - project.production - - parameters: - application: - location: ${cluster.location} -``` - -Here in this case `application.location` refers to a value `location` which has been defined elsewhere, perhaps (but not necessarily) in the `project.production` class. - -Also notice that the class name (`project.production`) is not in any ways influencing the name or the structed of the yaml it imports into the file - -## Advanced Inventory Features - - -### Target labels - -Kapitan allows you to define labels in your inventory, which can then be used to group together targets with similar labels. - -For instance you could define the following: - -!!! example "" - - Defines a class to add the `customer` label to selected targets - - !!! example "`inventory/classes/type/customer_project.yml`" - ```yaml - parameters: - customer_name: ${target_name} # Defaults to the target_name - kapitan: - labels: - customer: ${customer_name} - ``` - - Apply the class to the target for customer `acme` - !!! example "`inventory/targets/customers/acme.yml`" - - ```yaml - classes: - ... - - type.customer_project - - parameters: - ... - ``` - - You can now selectively compile targets for customer `acme` using the following (see see [**Labels**](/website/commands/kapitan_compile/#using-labels) for more details ) - - !!! example "" - - ```shell - kapitan compile -l customer=acme - Compiled acme (0.06s) - Compiled acme-documentation (0.09s) - ``` - -*[SSOT]: Single Source Of Truth diff --git a/docs/pages/blog/2023-01-16.md b/docs/pages/blog/2023-01-16.md index 0277f910f..e24bed6ad 100644 --- a/docs/pages/blog/2023-01-16.md +++ b/docs/pages/blog/2023-01-16.md @@ -15,4 +15,4 @@ Head over our [release page](https://github.com/kapicorp/kapitan/releases/tag/v0 If you missed it, have a look at our latest blog post here [5 years of Kapitan](2022-12-04.md) -Please help us by visiting our [Sponsor Kapitan](../contribute/sponsor.md) page. \ No newline at end of file +Please help us by visiting our [Sponsor Kapitan](../contribute/sponsor.md) page. diff --git a/docs/pages/blog/2023-06-01.md b/docs/pages/blog/2023-06-01.md new file mode 100644 index 000000000..fdd0748ad --- /dev/null +++ b/docs/pages/blog/2023-06-01.md @@ -0,0 +1,16 @@ +--- +author: Luis Buriola +author_gh_user: gburiola +read_time: 2m +publish_date: 01/06/2023 +--- + +# :kapitan-logo: New **Kapitan** release v0.32.0 + +The **Kapicorp** team is happy to to announce a new release of **Kapitan**. + +This release contains loads of improvements for the past 6 months, the majority of which have been contributions from our community! + +Head over our [release page](https://github.com/kapicorp/kapitan/releases/tag/v0.32.0) on GitHub for a full list of features and contributors. + +Please help us by visiting our [Sponsor Kapitan](../contribute/sponsor.md) page. diff --git a/docs/pages/contribute/talk.md b/docs/pages/contribute/talk.md index 17c0e31d7..84e06bc11 100644 --- a/docs/pages/contribute/talk.md +++ b/docs/pages/contribute/talk.md @@ -3,7 +3,7 @@ Our project needs your support to get noticed! Please let everyone know that you are using **Kapitan** * :fontawesome-brands-github: Help us grow: [give us a star](https://github.com/kapicorp/kapitan/stargazers) -* Join us on **kubernetes.slack.com** [`#kapitan`](https://kubernetes.slack.com/archives/C981W2HD3)([**Get invited**](https://kubernetes.slack.com)) +* Join us on **kubernetes.slack.com** [`#kapitan`](https://kubernetes.slack.com/archives/C981W2HD3)([**Get invited**](https://slack.k8s.io/)) * **Tweet about us on Twitter** . Remember to add [@kapitandev](https://twitter.com/kapitandev/) to your tweets * **Share our website** [**`https://kapitan.dev`**](https://kapitan.dev) * **Write tutorials and blog posts** and join the many who have done it already! Get published on the [Kapitan Blog](https://medium.com/kapitan-blog) diff --git a/docs/pages/external_dependencies.md b/docs/pages/external_dependencies.md new file mode 100644 index 000000000..5a11eefac --- /dev/null +++ b/docs/pages/external_dependencies.md @@ -0,0 +1,217 @@ +# :kapitan-logo: External dependencies + +**Kapitan** has the functionality to fetch external dependencies from remote locations. + +Supported dependencies types are: + +- [git](#defining-dependencies) +- [http](#defining-dependencies) +- [helm](#defining-dependencies) + + +## Usage + +*Kapitan* by default will not attempt to download any dependency, and rely on what is already available. + +### Basic fetching + +You can use the `fetch` option to explicitly fetch the dependencies: + +=== "cli" + + ```shell + kapitan compile --fetch + ``` + +=== "dotfile" + + !!! code "`.kapitan`" + to make it default, then simply use `kapitan compile` + + ```yaml + ... + compile: + fetch: true + ``` + + +This will download the dependencies and store them at their respective `output_path`. + +### Overwrite local changes + +When fetching a dependency, **Kapitan** will refuse to overwrite existing files to preserve your local modifications. + +Use the `force-fetch` option to force overwrite your local files in the `output_path`. + + +=== "cli" + + ```shell + kapitan compile --force-fetch + ``` + +=== "dotfile" + + !!! code "`.kapitan`" + to make it default, then simply use `kapitan compile` + + ```yaml + ... + compile: + force-fetch: true + ``` + +### Caching + +Kapitan also supports caching Use the `--cache` flag to cache the fetched items in the `.dependency_cache` directory in the root project directory. + + ```shell + kapitan compile --cache --fetch + ``` + +### Defining dependencies + +=== "git" + + ### Syntax + + ```yaml + parameters: + kapitan: + dependencies: + - type: git + output_path: path/to/dir + source: git_url # mkdocs (1)! + subdir: relative/path/from/repo/root (optional) # mkdocs (2)! + ref: tag, commit, branch etc. (optional) # mkdocs (3)! + submodules: true/false (optional) # mkdocs (4)! + ``` + + 1. Git types can fetch external `git` repositories through either HTTP/HTTPS or SSH URLs. + 2. Optional supports for cloning just a sub-directory + 3. Optional support for accessing them in specific commits and branches (refs). + 4. Optional support to disable fetching the submodules of a repo. + + !!! note + + This type depends on the `git` binary installed on your system and available to **Kapitan**. + + ### Example + + Say we want to fetch the source code from our kapitan repository, specifically, `kapicorp/kapitan/kapitan/version.py`. Let's create a very simple target file `inventory/targets/kapitan-example.yml`. + + ```yaml + parameters: + kapitan: + vars: + target: kapitan-example + dependencies: + - type: git + output_path: source/kapitan + source: git@github.com:kapicorp/kapitan.git + subdir: kapitan + ref: master + submodules: true + compile: + - input_paths: + - source/kapitan/version.py + input_type: jinja2 # just to copy the file over to target + output_path: . + ``` + +=== "http" + + ### Syntax + + ```yaml + parameters: + kapitan: + dependencies: + - type: http | https # mkdocs (2)! + output_path: path/to/file # mkdocs (1)! + source: http[s]:// # mkdocs (2)! + unpack: True | False # mkdocs (3)! + ``` + + 1. `output_path` must fully specify the file name. For example: + 2. http[s] types can fetch external dependencies available at `http://` or `https://` URL. + 3. archive mode: download and unpack + + ### Example + + === "Single file" + + + === "Archive" + + Say we want to download kapitan README.md file. Since it's on Github, we can access it as . Using the following inventory, we can copy this to our target folder: + + ```yaml + parameters: + kapitan: + vars: + target: kapitan-example + dependencies: + - type: https + output_path: README.md + source: https://raw.githubusercontent.com/kapicorp/kapitan/master/README.md + compile: + - input_paths: + - README.md + input_type: jinja2 + output_path: . + ``` + +=== "helm" + + ### Syntax + + ```yaml + parameters: + kapitan: + dependencies: + - type: helm + output_path: path/to/chart + source: http[s]|oci:// + version: + chart_name: + helm_path: + ``` + + Fetches helm charts and any specific subcharts in the `requirements.yaml` file. + + `helm_path` can be used to specify where the `helm` binary name or path. + It defaults to the value of the `KAPITAN_HELM_PATH` environment var or simply to `helm` if neither is set. + You should specify only if you don't want the default behavior. + + `source` can be either the URL to a chart repository, or the URL to a chart on an OCI registry (supported since Helm 3.8.0). + + ### Example + + If we want to download the prometheus helm chart we simply add the dependency to the monitoring target. + We want a specific version `11.3.0` so we put that in. + + ```yaml + parameters: + kapitan: + vars: + target: monitoring + dependencies: + - type: helm + output_path: charts/prometheus + source: https://kubernetes-charts.storage.googleapis.com + version: 11.3.0 + chart_name: prometheus + compile: + - input_type: helm + output_path: . + input_paths: + - charts/prometheus + helm_values: + alertmanager: + enabled: false + helm_params: + namespace: monitoring + name: prometheus + ``` + diff --git a/docs/pages/input_types/introduction.md b/docs/pages/input_types/introduction.md index 2436f1af6..f42cd2e50 100644 --- a/docs/pages/input_types/introduction.md +++ b/docs/pages/input_types/introduction.md @@ -1,4 +1,4 @@ -# :kapitan-logo: **Input Types | Introduction** +# Introduction **Note:** make sure to read up on [inventory](/inventory.md) before moving on. diff --git a/docs/pages/inventory/advanced.md b/docs/pages/inventory/advanced.md new file mode 100644 index 000000000..ef70fdbab --- /dev/null +++ b/docs/pages/inventory/advanced.md @@ -0,0 +1,44 @@ +# Advanced Inventory Features + +## Target labels + +Kapitan allows you to define labels in your inventory, which can then be used to group together targets with similar labels. + +For instance you could define the following: + +!!! example "" + + Defines a class to add the `customer` label to selected targets + + !!! example "`inventory/classes/type/customer_project.yml`" + ```yaml + parameters: + customer_name: ${target_name} # Defaults to the target_name + kapitan: + labels: + customer: ${customer_name} + ``` + + Apply the class to the target for customer `acme` + !!! example "`inventory/targets/customers/acme.yml`" + + ```yaml + classes: + ... + - type.customer_project + + parameters: + ... + ``` + + You can now selectively compile targets for customer `acme` using the following (see see [**Labels**](/website/commands/kapitan_compile/#using-labels) for more details ) + + !!! example "" + + ```shell + kapitan compile -l customer=acme + Compiled acme (0.06s) + Compiled acme-documentation (0.09s) + ``` + + diff --git a/docs/pages/inventory/classes.md b/docs/pages/inventory/classes.md new file mode 100644 index 000000000..72a8c404b --- /dev/null +++ b/docs/pages/inventory/classes.md @@ -0,0 +1,55 @@ +# Classes + +## Usage + +The next thing you want to learn about the inventory are [**classes**](#classes). A class is a yaml file containing a fragment of yaml that we want to import and merge into the inventory. + +[**Classes**](#classes) are *fragments* of yaml: feature sets, commonalities between targets. [**Classes**](#classes) let you compose your [**Inventory**](/inventory/) from smaller bits, eliminating duplication and exposing all important parameters from a single, logically organised place. As the [**Inventory**](#inventory) lets you reference other parameters in the hierarchy, [**classes**](#classes) become places where you can define something that will then get referenced from another section of the inventory, allowing for composition. + +[**Classes**](#classes) are organised under the [`inventory/classes`](#classes) directory substructure. +They are organised hierarchically in subfolders, and the way they can be imported into a [**target**](#targets) or other [**classes**](#classes) depends on their location relative to the [`inventory/classes`](#classes) directory. + + +### Importing classes + +To import a class from within another file of the [**Inventory**](#inventory), you can follow these instructions: + +* take the file path relative to the `inventory/classes/` directory +* remove the `.yml` file extension +* replace `/` with `.` + +For example, this will import the class `inventory/classes/applications/sock-shop.yaml` + +```yaml +classes: +- applications.sock-shop +``` + +## Definition + +Let's take a look at the `common` class which appears in the example above: + +As explained, because the **`common.yaml`** is directly under the **`inventory/classes`** subdirectory, it can be imported directly into a target with: + +```yaml +classes: +- common +``` + +If we open the file, we find another familiar yaml fragment. + +!!! example "`inventory/classes/common.yml`" + + ```yaml + classes: + - kapitan.common + + parameters: + namespace: ${target_name} + target_name: ${_reclass_:name:short} + ``` + +Notice that this class includes an import definition for another class, `kapitan.common`. We've already learned this means that kapitan will import a file on disk called `inventory/classes/kapitan/common.yml` + +You can also see that in the `parameters` section we now encounter a new syntax which unlocks another powerful inventory feature: *parameters interpolation*! + diff --git a/docs/pages/inventory/introduction.md b/docs/pages/inventory/introduction.md new file mode 100644 index 000000000..608a33bb9 --- /dev/null +++ b/docs/pages/inventory/introduction.md @@ -0,0 +1,36 @@ +## Overview + +The **Inventory** is a core component of Kapitan: this section aims to explain how it works and how to best take advantage of it. + +The **Inventory** is a hierarchical `YAML` based structure which you use to capture anything that you want to make available to **Kapitan**, so that it can be passed on to its templating engines. + +The first concept to learn about the **Inventory** is the [**target**](#targets). A target is a file, found under the [`inventory/targets`](#targets) substructure, that tells Kapitan what you want to compile. It will usually map to something you want to do with **Kapitan**. + +For instance, you might want to define a [**target**](#targets) for each environment that you want to deploy using **Kapitan**. + +The **Inventory** lets you also define and reuse common configurations through YAML files that are referred to as [**classes**](#classes): by listing classes into [**target**](#targets), their content gets merged together and allows you to compose complex configurations without repetitions. + +By combining [**target**](#targets) and [**classes**](#classes), the **Inventory** becomes the SSOT for your whole configuration, and learning how to use it will unleash the real power of **Kapitan**. + +!!! info + The **Kapitan** **Inventory** is based on an open source project called [reclass](https://github.com/kapicorp/reclass) and you can find the full documentation on our Github clone. However we discourage you to look directly at the reclass documentation before you learn more about **Kapitan**, because **Kapitan** uses a fork of reclass and greatly simplifies the reclass experience. + +!!! note + Kapitan enforces very little structure for the **Inventory**, so that you can adapt it to your specific needs: this might be overwhelming at the beginning: don’t worry, we will explain best practice and give guidelines soon. + +By default, Kapitan will search for its **Inventory** under [`inventory/classes`](#classes) and [`inventory/targets`](#targets). + +``` +inventory/ +├── classes +│ ├── applications +│ ├── components +│ ├── features +│ ├── kapitan +│ ├── projects +│ └── terraform +└── targets + ├── examples + ├── kapicorp + └── terraform +``` diff --git a/docs/pages/inventory/parameters_interpolation.md b/docs/pages/inventory/parameters_interpolation.md new file mode 100644 index 000000000..04bc273b5 --- /dev/null +++ b/docs/pages/inventory/parameters_interpolation.md @@ -0,0 +1,67 @@ +# Parameters Interpolation + +!!! note + + as a shorthand, when we encounter deep yaml structures like the following: + + ```yaml + parameters: + components: + nginx: + image: nginx:latest + ``` + + Usually when we want to talk about the `image` subkey, we normally use either of the following: + + * `parameters.components.nginx.image` + * `components.nginx.image` + + However, when used in parameter expansion, remember to: + + * replace the `.` with `:` + * omit the `parameters` initial key which is implied + * wrap it into the `${}` variable interpolation syntax + + The correct way to reference `parameters.nginx.image` then becomes `${components:nginx:image}`. + +The [**Inventory**](#inventory) allows you to refer to other values defined elsewhere in the structure, using parameter interpolation. + +Given the example: + +```yaml + +parameters: + cluster: + location: europe + + application: + location: ${cluster:location} + + namespace: ${target_name} + target_name: dev +``` + + + +Here we tell **Kapitan** that: + +* `namespace` should take the same value defined in `target_name` +* `target_name` should take the literal string `dev` +* `application.location` should take the same value as defined in `cluster.location` + +It is important to notice that the inventory can refer to values defined in other classes, as long as they are imported by the target. So for instance with the following example + +```yaml + +classes: + - project.production + + parameters: + application: + location: ${cluster.location} +``` + +Here in this case `application.location` refers to a value `location` which has been defined elsewhere, perhaps (but not necessarily) in the `project.production` class. + +Also notice that the class name (`project.production`) is not in any ways influencing the name or the structed of the yaml it imports into the file + diff --git a/docs/pages/inventory/targets.md b/docs/pages/inventory/targets.md new file mode 100644 index 000000000..48da8a0f5 --- /dev/null +++ b/docs/pages/inventory/targets.md @@ -0,0 +1,111 @@ + +# Targets + +## Usage + +A target is a file that lives under the [`inventory/targets`](#targets) subdirectory, and that tells **Kapitan** what you want it to do for you. + + **Kapitan** will recognise all YAML files in the [`inventory/targets`](#targets) subtree as targets. + +!!! note + Only use **`.yml`** as extension for **Inventory** files. `.yaml` will not be recognised as a valid **Inventory** file. + +What you do with a [**target**](#targets) is largely up to you and your setup. Common examples: + +* **clusters**: Map each [**target**](#targets) to a cluster, capturing all configurations needed for a given cluster. For instance: `targets/clusters/production-cluster1.yml` +* **applications**: When using **Kapitan** to manage **Kubernetes** applications, you might define a [**target**](#targets) for everything that you would normally deploy in a single namespace, including all its resources, scripts, secrets and documentation. For instance: `targets/mysql.yml` +* **environments**: You might have want to define a different [**target**](#targets) for each environment you have, like `dev.yml`, `test.yml` and `prod.yml` +* **cloud projects**: When working with **Terraform**, it may be convenient to group [**target**](#targets) by cloud project. For instance: `targets/gcp/projects/engineering-prod.yml`. +* **single tenancy**: When deploying a single-tenancy application, you might combine the approaches above, and have a [**target**](#targets) `acme.yml` that is used to define both **Terraform** and **Kubernetes** resources for a given tenant, perhaps also with some **ArgoCD** or **Spinnaker** pipelines to go with it. + + +!!! example + + If you have configured your kapitan repository like in [Quick Start](/kapitan_overview/#setup-your-repository) instructions, you can run the commands we give during the course of this documentation. + + !!! quote "" + + `kapitan compile` + + ```shell + Compiled gke-pvm-killer (0.09s) + Compiled vault (0.18s) + Compiled pritunl (0.17s) + Compiled mysql (0.07s) + Compiled examples (0.25s) + Compiled postgres-proxy (0.06s) + Compiled echo-server (0.08s) + Compiled global (0.05s) + Compiled tutorial (0.09s) + Compiled guestbook-argocd (0.08s) + Compiled sock-shop (0.30s) + Compiled kapicorp-demo-march (0.04s) + Compiled kapicorp-project-123 (0.03s) + Compiled kapicorp-terraform-admin (0.08s) + Compiled tesoro (0.09s) + Compiled prod-sockshop (0.34s) + Compiled dev-sockshop (0.41s) + Compiled argocd (2.53s) + ``` + + When you run `kapitan compile`, you instruct **Kapitan** to generate for each given [**target**](#targets) a directory under `compiled` with the same name. Under this directory you will find all the files that have been generated by **Kapitan** for that target. + + !!! quote "" + + `tree compiled/mysql/` + + ```shell + compiled/mysql/ + ├── argocd + ├── docs + │ ├── mysql-readme.md + │ └── README.md + ├── manifests + │ ├── mysql-bundle.yml + │ ├── mysql-config.yml + │ ├── mysql-namespace.yml + │ └── mysql-secret.yml + ├── pre-deploy + ├── rabbitmq + ├── scripts + └── terraform + + 7 directories, 6 files + ``` + +## Definition + +A typical [**target**](#targets) might look like this: + +!!! example "`inventory/targets/acme/dev.yaml`" + + ```yaml + classes: + - common + - components.acme.frontend + - components.acme.backend + + parameters: + target_name: dev + ``` + +Note that it is made of 2 sections: + +* `classes` is a list of class files you will want to import. +* `parameters` allows for local override of what is unique to this target. + +!!! info + + the `kapitan` key under the root `parameters` is reserved for kapitan usage. Some examples: + + ```yaml + parameters: + kapitan: + compile: # input types configuration section + dependencies: # dependencies configuration section to download resources + secrets: # secret encryption/decryption configuration section + validate: # items which indicate which compiled output to validate + vars: # which are also passed down to input types as context + ``` + +*[SSOT]: Single Source Of Truth diff --git a/docs/kapitan_overview.md b/docs/pages/kapitan_overview.md similarity index 75% rename from docs/kapitan_overview.md rename to docs/pages/kapitan_overview.md index b1166e53d..86cff2692 100644 --- a/docs/kapitan_overview.md +++ b/docs/pages/kapitan_overview.md @@ -105,7 +105,7 @@ everything that matters in your setup, for instance you can define: After defining it, you can make this data available to the various templating engines [***Input types***](#input-types) offered by Kapitan, allowing you to reuse it. -Find more detaled explanation in the [inventory](inventory.md) section of the documentation. +Find more detaled explanation in the [inventory](inventory/introduction.md) section of the documentation. ### Input types @@ -195,75 +195,6 @@ Use Kapitan to securely generate and manage secrets with GPG, AWS KMS, gCloud KM Use [Tesoro](https://github.com/kapicorp/tesoro), our **Kubernetes Admission Controller**, to complete your integration with Kubernetes for secure secret decryption on-the-fly. -## Setup your repository - -!!! note - We are currently working on improving the experience to give you an even quicker experience with Kapitan - -### Quickstart - -[kapicorp/kapitan-reference](https://github.com/kapicorp/kapitan-reference) repository is meant to be a way to bootstrap your **Kapitan** setup to get you up and running. - -It is meant to help you make use of best practices and libraries that can make Kapitan the ultimate tool for all your configuration needs. - -``` -$ git clone git@github.com:kapicorp/kapitan-reference.git kapitan-templates -$ cd kapitan-templates - -$ ./kapitan compile -Compiled postgres-proxy (1.51s) -Compiled tesoro (1.70s) -Compiled echo-server (1.64s) -Compiled mysql (1.67s) -Compiled gke-pvm-killer (1.17s) -Compiled prod-sockshop (4.74s) -Compiled dev-sockshop (4.74s) -Compiled tutorial (1.68s) -Compiled global (0.76s) -Compiled examples (2.60s) -Compiled pritunl (2.03s) -Compiled sock-shop (4.36s) -``` - -### From Scratch (Advanced) - -!!! warning - - the `kapitan init` command leaves you with a bare configuration. Setting up Kapitan might require time. - - Please use the [**Quickstart**](#quickstart) setup if you want to get started quicker. - -If you want to start off with a clean **kapitan** project, you can run `kapitan init --directory ` to populate a new directory with the recommended kapitan folder structure. - -The bare minimum structure that makes use of kapitan features may look as follows: - -```text -. -├── components -│ ├── mycomponent.jsonnet -├── templates -├── ├── README.md -├── inventory -│ ├── classes -│ │ ├── common.yml -│ └── targets -│ ├── dev.yml -│ ├── staging.yml -│ └── prod.yml -├── refs -│ ├── targets -│ │ ├── prod -│ │ │ └── password -└───├── common - └── example-com-tls.key -``` - -* `components`: template files for kadet, jsonnet and helm -* `templates`: stores Jinja2 templates for scripts and documentation -* `inventory/targets`: target files -* `inventory/classes`: inventory classes to be inherited by targets -* `refs`: references files - ## Credits * [Jsonnet](https://github.com/google/jsonnet) diff --git a/docs/remote_repositories.md b/docs/pages/remote_repositories.md similarity index 100% rename from docs/remote_repositories.md rename to docs/pages/remote_repositories.md diff --git a/docs/support.md b/docs/support.md index 9f9e03704..68a217115 100644 --- a/docs/support.md +++ b/docs/support.md @@ -2,7 +2,7 @@ ## Community -* Join us on **kubernetes.slack.com** [`#kapitan`](https://kubernetes.slack.com/archives/C981W2HD3)([**Get invited**](https://kubernetes.slack.com)) +* Join us on **kubernetes.slack.com** [`#kapitan`](https://kubernetes.slack.com/archives/C981W2HD3)([**Get invited**](https://slack.k8s.io/)) * **Follow us on Twitter** [@kapitandev](https://twitter.com/kapitandev/). * **Website** [**`https://kapitan.dev`**](https://kapitan.dev) * **Mailing List** [kapitan-discuss@googlegroups.com](mailto:kapitan-discuss@googlegroups.com)([**Subscribe**](https://groups.google.com/g/kapitan-discuss)) diff --git a/examples/terraform/inventory/classes/type/terraform.yml b/examples/terraform/inventory/classes/type/terraform.yml index 790896b02..65de9ff56 100644 --- a/examples/terraform/inventory/classes/type/terraform.yml +++ b/examples/terraform/inventory/classes/type/terraform.yml @@ -4,7 +4,7 @@ parameters: kapitan: vars: - target: ${name} + target: ${_reclass_:name:full} compile: diff --git a/kapitan/dependency_manager/base.py b/kapitan/dependency_manager/base.py index 4a74d28c0..52c9fc698 100644 --- a/kapitan/dependency_manager/base.py +++ b/kapitan/dependency_manager/base.py @@ -59,7 +59,7 @@ def fetch_dependencies(output_path, target_objs, save_dir, force, pool): if full_output_path in deps_output_paths[source_uri]: # if the output_path is duplicated for the same source_uri - logger.warning("Skipping duplicate output path for uri %s", source_uri) + logger.debug("Skipping duplicate output path for uri %s", source_uri) continue else: deps_output_paths[source_uri].add(full_output_path) @@ -114,6 +114,11 @@ def fetch_git_dependency(dep_mapping, save_dir, force, item_type="Dependency"): else: repo.git.checkout("master") # default ref + # initialising submodules + if "submodules" not in dep or dep["submodules"]: + for submodule in repo.submodules: + submodule.update(init=True) + if "subdir" in dep: sub_dir = dep["subdir"] full_subdir = os.path.join(cached_repo_path, sub_dir) @@ -124,10 +129,11 @@ def fetch_git_dependency(dep_mapping, save_dir, force, item_type="Dependency"): "{} {}: subdir {} not found in repo".format(item_type, source, sub_dir) ) if force: - copy_tree(copy_src_path, output_path) + copied = copy_tree(copy_src_path, output_path, verbose=0) else: - safe_copy_tree(copy_src_path, output_path) - logger.info("%s %s: saved to %s", item_type, source, output_path) + copied = safe_copy_tree(copy_src_path, output_path) + if copied: + logger.info("%s %s: saved to %s", item_type, source, output_path) def fetch_git_source(source, save_dir, item_type): @@ -136,10 +142,10 @@ def fetch_git_source(source, save_dir, item_type): if os.path.exists(save_dir): rmtree(save_dir) logger.debug("Removed %s", save_dir) - logger.info("%s %s: fetching now", item_type, source) + logger.debug("%s %s: fetching now", item_type, source) try: Repo.clone_from(source, save_dir) - logger.info("%s %s: successfully fetched", item_type, source) + logger.debug("%s %s: successfully fetched", item_type, source) logger.debug("Git clone cached to %s", save_dir) except GitCommandError as e: logger.error(e) @@ -194,7 +200,7 @@ def fetch_http_dependency(dep_mapping, save_dir, force, item_type="Dependency"): copyfile(cached_source_path, output_path) else: safe_copy_file(cached_source_path, output_path) - logger.info("%s %s: saved to %s", item_type, source, output_path) + logger.debug("%s %s: saved to %s", item_type, source, output_path) def fetch_http_source(source, save_path, item_type): @@ -203,9 +209,9 @@ def fetch_http_source(source, save_path, item_type): if os.path.exists(save_path): os.remove(save_path) logger.debug("Removed %s", save_path) - logger.info("%s %s: fetching now", item_type, source) + logger.debug("%s %s: fetching now", item_type, source) content, content_type = make_request(source) - logger.info("%s %s: successfully fetched", item_type, source) + logger.debug("%s %s: successfully fetched", item_type, source) if content is not None: with open(save_path, "wb") as f: f.write(content) @@ -237,15 +243,18 @@ def fetch_helm_chart(dep_mapping, save_dir, force): parent_dir = os.path.dirname(output_path) if parent_dir != "": os.makedirs(parent_dir, exist_ok=True) + if force: - copy_tree(cached_repo_path, output_path) + copied = copy_tree(cached_repo_path, output_path, verbose=0) else: - safe_copy_tree(cached_repo_path, output_path) - logger.info("Dependency %s: saved to %s", source.chart_name, output_path) + copied = safe_copy_tree(cached_repo_path, output_path) + + if copied: + logger.info("Dependency %s: saved to %s", source.chart_name, output_path) def fetch_helm_archive(helm_path, repo, chart_name, version, save_path): - logger.info("Dependency helm chart %s and version %s: fetching now", chart_name, version or "latest") + logger.debug("Dependency helm chart %s and version %s: fetching now", chart_name, version or "latest") # Fetch archive and untar it into parent dir save_dir = os.path.dirname(save_path) args = ["pull", "--destination", save_dir, "--untar"] @@ -268,8 +277,8 @@ def fetch_helm_archive(helm_path, repo, chart_name, version, save_path): else: # rename chart to requested name os.rename(os.path.join(save_dir, chart_name), save_path) - logger.info("Dependency helm chart %s and version %s: successfully fetched", chart_name, version) - logger.info("Dependency helm chart %s and version %s: saved to %s", chart_name, version, save_path) + logger.debug("Dependency helm chart %s and version %s: successfully fetched", chart_name, version) + logger.debug("Dependency helm chart %s and version %s: saved to %s", chart_name, version, save_path) def exists_in_cache(item_path): diff --git a/kapitan/inputs/jsonnet.py b/kapitan/inputs/jsonnet.py index f6bdd8d98..cc101ef15 100644 --- a/kapitan/inputs/jsonnet.py +++ b/kapitan/inputs/jsonnet.py @@ -70,7 +70,7 @@ def compile_file(self, file_path, compile_path, ext_vars, **kwargs): ext_vars will be passed as parameters to jsonnet_file() kwargs: output: default 'yaml', accepts 'json' - prune: default False, accepts True + prune_output: default False, accepts True reveal: default False, set to reveal refs on compile target_name: default None, set to current target being compiled indent: default 2 @@ -97,12 +97,12 @@ def _search_imports(cwd, imp): output_obj = json.loads(json_output) output = kwargs.get("output", "yaml") - prune = kwargs.get("prune_output", False) + prune_output = kwargs.get("prune_output", False) reveal = kwargs.get("reveal", False) target_name = kwargs.get("target_name", None) indent = kwargs.get("indent", 2) - if prune: + if prune_output: output_obj = prune_empty(output_obj) logger.debug("Pruned output for: %s", file_path) diff --git a/kapitan/reclass b/kapitan/reclass index 856b34cb7..d220e896a 160000 --- a/kapitan/reclass +++ b/kapitan/reclass @@ -1 +1 @@ -Subproject commit 856b34cb77811d665c6346883238d436ac5c4924 +Subproject commit d220e896a2465783abf298d71eb927de1f53a0ac diff --git a/kapitan/remoteinventory/fetch.py b/kapitan/remoteinventory/fetch.py index d51530e01..38569eba5 100644 --- a/kapitan/remoteinventory/fetch.py +++ b/kapitan/remoteinventory/fetch.py @@ -54,7 +54,7 @@ def fetch_inventories(inventory_path, target_objs, save_dir, force, pool): if output_path in inv_output_path[source_uri]: # if the output_path is duplicated for the same source_uri - logger.warning("Skipping duplicate output path for uri %s", source_uri) + logger.debug("Skipping duplicate output path for uri %s", source_uri) continue else: inv_output_path[source_uri].add(output_path) diff --git a/kapitan/resources.py b/kapitan/resources.py index e77f4c885..e568d6618 100644 --- a/kapitan/resources.py +++ b/kapitan/resources.py @@ -210,12 +210,14 @@ def search_imports(cwd, import_str, search_paths): - search_paths is the location where to look for import_str if not in cwd The only supported parameters are cwd and import_str, so search_paths needs to be closured. + This function returns a tuple[str, bytes] since jsonnet 0.19.0 require the + content of the file to be provided as a bytes type instead of a str. """ basename = os.path.basename(import_str) full_import_path = os.path.normpath(os.path.join(cwd, import_str)) if full_import_path in JSONNET_CACHE: - return full_import_path, JSONNET_CACHE[full_import_path] + return full_import_path, JSONNET_CACHE[full_import_path].encode() if not os.path.exists(full_import_path): # if import_str not found, search in install_path @@ -246,7 +248,7 @@ def search_imports(cwd, import_str, search_paths): normalised_path_content = f.read() JSONNET_CACHE[normalised_path] = normalised_path_content - return normalised_path, normalised_path_content + return normalised_path, normalised_path_content.encode() def inventory(search_paths, target, inventory_path=None): diff --git a/kapitan/targets.py b/kapitan/targets.py index 26da45f54..471e6709a 100644 --- a/kapitan/targets.py +++ b/kapitan/targets.py @@ -677,6 +677,7 @@ def valid_target_obj(target_obj, require_compile=True): "unpack": {"type": "boolean"}, "version": {"type": "string"}, "force_fetch": {"type": "boolean"}, + "submodules": {"type": "boolean"}, }, "required": ["type", "output_path", "source"], "additionalProperties": False, diff --git a/kapitan/utils.py b/kapitan/utils.py index 90699d59e..bf53588ab 100644 --- a/kapitan/utils.py +++ b/kapitan/utils.py @@ -589,7 +589,7 @@ def safe_copy_file(src, dst): dir = os.path.dirname(dst) if os.path.isfile(dst): - logger.warning("Not updating %s (file already exists)", dst) + logger.debug("Not updating %s (file already exists)", dst) return (dst, 0) _copy_file_contents(src, dst) logger.debug("Copied %s to %s", src, dir) @@ -627,7 +627,8 @@ def safe_copy_tree(src, dst): outputs.extend(safe_copy_tree(src_name, dst_name)) else: - safe_copy_file(src_name, dst_name) - outputs.append(dst_name) + _, value = safe_copy_file(src_name, dst_name) + if value: + outputs.append(dst_name) return outputs diff --git a/kapitan/version.py b/kapitan/version.py index 6f79a37a3..037407c5f 100644 --- a/kapitan/version.py +++ b/kapitan/version.py @@ -8,7 +8,7 @@ """Project description variables.""" PROJECT_NAME = "kapitan" -VERSION = "0.31.1rc3" +VERSION = "0.32.0" DESCRIPTION = "Generic templated configuration management for Kubernetes, Terraform and other things" AUTHOR = "Ricardo Amaro" AUTHOR_EMAIL = "ramaro@kapicorp.com" diff --git a/mkdocs.yml b/mkdocs.yml index 17dd9a493..0019fa242 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -18,8 +18,8 @@ theme: - announce.dismiss - content.code.annotate - content.tabs.link + - navigation.instant - navigation.indexes - - navigation.sections - navigation.tabs - navigation.tabs.sticky - navigation.top @@ -81,24 +81,18 @@ extra: use_directory_urls: true nav: - Home: README.md - - Getting started: - - Kapitan Overview: kapitan_overview.md - - Support: - - Ask for support: support.md - - Related Projects: related.md - - Contribute: - - Sponsor Us: pages/contribute/sponsor.md - - Talk about Kapitan: pages/contribute/talk.md - - Active contributions: - - Documentation: pages/contribute/documentation.md - - Kapitan Code: pages/contribute/code.md - - Blog: - - 2023: - - New Kapitan release: pages/blog/2023-01-16.md - - 2022: - - 5 years of Kapitan: pages/blog/2022-12-04.md + - Getting started: getting_started.md + + - Documentation: - - Inventory: inventory.md + - Overview: pages/kapitan_overview.md + - Inventory: + - Introduction: pages/inventory/introduction.md + - Targets: pages/inventory/targets.md + - Classes: pages/inventory/classes.md + - Parameters Interpolation: pages/inventory/parameters_interpolation.md + - Advanced: pages/inventory/advanced.md + - Input Types: - Introduction: pages/input_types/introduction.md - Kadet: pages/input_types/kadet.md @@ -110,19 +104,33 @@ nav: - Remove: pages/input_types/remove.md - References: references.md - Advanced Kapitan: - - Remote repositories: remote_repositories.md - - External dependencies: external_dependencies.md - - Proposals: proposals.md - - CLI reference: - - compile: pages/commands/kapitan_compile.md - - inventory: pages/commands/kapitan_inventory.md - - lint: pages/commands/kapitan_lint.md - - searchvar: pages/commands/kapitan_searchvar.md - - validate: pages/commands/kapitan_validate.md - - kapitan dotfile: pages/commands/kapitan_dotfile.md + - Remote repositories: pages/remote_repositories.md + - External dependencies: pages/external_dependencies.md + - CLI reference: + - compile: pages/commands/kapitan_compile.md + - inventory: pages/commands/kapitan_inventory.md + - lint: pages/commands/kapitan_lint.md + - searchvar: pages/commands/kapitan_searchvar.md + - validate: pages/commands/kapitan_validate.md + - kapitan dotfile: pages/commands/kapitan_dotfile.md - Examples: - Kubernetes: pages/examples/kubernetes.md - Terraform: pages/examples/terraform.md + - Blog: + - 2023: + - New Kapitan release: pages/blog/2023-01-16.md + - 2022: + - 5 years of Kapitan: pages/blog/2022-12-04.md + - Support: + - Ask for support: support.md + - Related Projects: related.md + - Contribute: + - Sponsor Us: pages/contribute/sponsor.md + - Talk about Kapitan: pages/contribute/talk.md + - Active contributions: + - Documentation: pages/contribute/documentation.md + - Kapitan Code: pages/contribute/code.md + - Proposals: proposals.md - FAQ: FAQ.md markdown_extensions: diff --git a/overrides/main.html b/overrides/main.html index 3963b90ee..ec77a8f94 100644 --- a/overrides/main.html +++ b/overrides/main.html @@ -1,7 +1,7 @@ {% extends "base.html" %} {% block announce %} -

New kapitan release v0.31.0 now available!

+

New kapitan release v0.32.0 now available!

{% endblock %} @@ -29,7 +29,7 @@

{{ page.title | d(config.site_name, true)}}

@{{ page.meta.author_gh_user }}

- + {{ page.meta.author }} · @{{ page.meta.author_gh_user }} diff --git a/poetry.lock b/poetry.lock index 5a8e6a21c..747a8f2b8 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,10 +1,9 @@ -# This file is automatically @generated by Poetry and should not be changed by hand. +# This file is automatically @generated by Poetry 1.5.1 and should not be changed by hand. [[package]] name = "addict" version = "2.4.0" description = "Addict is a dictionary whose items can be set using both attribute and item syntax." -category = "main" optional = false python-versions = "*" files = [ @@ -16,7 +15,6 @@ files = [ name = "attrs" version = "22.2.0" description = "Classes Without Boilerplate" -category = "main" optional = false python-versions = ">=3.6" files = [ @@ -35,7 +33,6 @@ tests-no-zope = ["cloudpickle", "cloudpickle", "hypothesis", "hypothesis", "mypy name = "azure-common" version = "1.1.28" description = "Microsoft Azure Client Library for Python (Common)" -category = "main" optional = false python-versions = "*" files = [ @@ -47,7 +44,6 @@ files = [ name = "azure-core" version = "1.26.3" description = "Microsoft Azure Core Library for Python" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -67,7 +63,6 @@ aio = ["aiohttp (>=3.0)"] name = "azure-identity" version = "1.12.0" description = "Microsoft Azure Identity Library for Python" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -86,7 +81,6 @@ six = ">=1.12.0" name = "azure-keyvault-keys" version = "4.8.0" description = "Microsoft Azure Key Vault Keys Client Library for Python" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -105,7 +99,6 @@ typing-extensions = ">=4.0.1" name = "boto3" version = "1.26.94" description = "The AWS SDK for Python" -category = "main" optional = false python-versions = ">= 3.7" files = [ @@ -125,7 +118,6 @@ crt = ["botocore[crt] (>=1.21.0,<2.0a0)"] name = "botocore" version = "1.29.94" description = "Low-level, data-driven core of boto 3." -category = "main" optional = false python-versions = ">= 3.7" files = [ @@ -145,7 +137,6 @@ crt = ["awscrt (==0.16.9)"] name = "cachetools" version = "5.3.0" description = "Extensible memoizing collections and decorators" -category = "main" optional = false python-versions = "~=3.7" files = [ @@ -155,21 +146,19 @@ files = [ [[package]] name = "certifi" -version = "2022.12.7" +version = "2023.7.22" description = "Python package for providing Mozilla's CA Bundle." -category = "main" optional = false python-versions = ">=3.6" files = [ - {file = "certifi-2022.12.7-py3-none-any.whl", hash = "sha256:4ad3232f5e926d6718ec31cfc1fcadfde020920e278684144551c91769c7bc18"}, - {file = "certifi-2022.12.7.tar.gz", hash = "sha256:35824b4c3a97115964b408844d64aa14db1cc518f6562e8d7261699d1350a9e3"}, + {file = "certifi-2023.7.22-py3-none-any.whl", hash = "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9"}, + {file = "certifi-2023.7.22.tar.gz", hash = "sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082"}, ] [[package]] name = "cffi" version = "1.15.1" description = "Foreign Function Interface for Python calling C code." -category = "main" optional = false python-versions = "*" files = [ @@ -246,7 +235,6 @@ pycparser = "*" name = "charset-normalizer" version = "3.1.0" description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet." -category = "main" optional = false python-versions = ">=3.7.0" files = [ @@ -329,35 +317,34 @@ files = [ [[package]] name = "cryptography" -version = "39.0.1" +version = "41.0.2" description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." -category = "main" optional = false -python-versions = ">=3.6" +python-versions = ">=3.7" files = [ - {file = "cryptography-39.0.1-cp36-abi3-macosx_10_12_universal2.whl", hash = "sha256:6687ef6d0a6497e2b58e7c5b852b53f62142cfa7cd1555795758934da363a965"}, - {file = "cryptography-39.0.1-cp36-abi3-macosx_10_12_x86_64.whl", hash = "sha256:706843b48f9a3f9b9911979761c91541e3d90db1ca905fd63fee540a217698bc"}, - {file = "cryptography-39.0.1-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:5d2d8b87a490bfcd407ed9d49093793d0f75198a35e6eb1a923ce1ee86c62b41"}, - {file = "cryptography-39.0.1-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:83e17b26de248c33f3acffb922748151d71827d6021d98c70e6c1a25ddd78505"}, - {file = "cryptography-39.0.1-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e124352fd3db36a9d4a21c1aa27fd5d051e621845cb87fb851c08f4f75ce8be6"}, - {file = "cryptography-39.0.1-cp36-abi3-manylinux_2_24_x86_64.whl", hash = "sha256:5aa67414fcdfa22cf052e640cb5ddc461924a045cacf325cd164e65312d99502"}, - {file = "cryptography-39.0.1-cp36-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:35f7c7d015d474f4011e859e93e789c87d21f6f4880ebdc29896a60403328f1f"}, - {file = "cryptography-39.0.1-cp36-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:f24077a3b5298a5a06a8e0536e3ea9ec60e4c7ac486755e5fb6e6ea9b3500106"}, - {file = "cryptography-39.0.1-cp36-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:f0c64d1bd842ca2633e74a1a28033d139368ad959872533b1bab8c80e8240a0c"}, - {file = "cryptography-39.0.1-cp36-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:0f8da300b5c8af9f98111ffd512910bc792b4c77392a9523624680f7956a99d4"}, - {file = "cryptography-39.0.1-cp36-abi3-win32.whl", hash = "sha256:fe913f20024eb2cb2f323e42a64bdf2911bb9738a15dba7d3cce48151034e3a8"}, - {file = "cryptography-39.0.1-cp36-abi3-win_amd64.whl", hash = "sha256:ced4e447ae29ca194449a3f1ce132ded8fcab06971ef5f618605aacaa612beac"}, - {file = "cryptography-39.0.1-pp38-pypy38_pp73-macosx_10_12_x86_64.whl", hash = "sha256:807ce09d4434881ca3a7594733669bd834f5b2c6d5c7e36f8c00f691887042ad"}, - {file = "cryptography-39.0.1-pp38-pypy38_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:c5caeb8188c24888c90b5108a441c106f7faa4c4c075a2bcae438c6e8ca73cef"}, - {file = "cryptography-39.0.1-pp38-pypy38_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:4789d1e3e257965e960232345002262ede4d094d1a19f4d3b52e48d4d8f3b885"}, - {file = "cryptography-39.0.1-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:96f1157a7c08b5b189b16b47bc9db2332269d6680a196341bf30046330d15388"}, - {file = "cryptography-39.0.1-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:e422abdec8b5fa8462aa016786680720d78bdce7a30c652b7fadf83a4ba35336"}, - {file = "cryptography-39.0.1-pp39-pypy39_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:b0afd054cd42f3d213bf82c629efb1ee5f22eba35bf0eec88ea9ea7304f511a2"}, - {file = "cryptography-39.0.1-pp39-pypy39_pp73-manylinux_2_24_x86_64.whl", hash = "sha256:6f8ba7f0328b79f08bdacc3e4e66fb4d7aab0c3584e0bd41328dce5262e26b2e"}, - {file = "cryptography-39.0.1-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:ef8b72fa70b348724ff1218267e7f7375b8de4e8194d1636ee60510aae104cd0"}, - {file = "cryptography-39.0.1-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:aec5a6c9864be7df2240c382740fcf3b96928c46604eaa7f3091f58b878c0bb6"}, - {file = "cryptography-39.0.1-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:fdd188c8a6ef8769f148f88f859884507b954cc64db6b52f66ef199bb9ad660a"}, - {file = "cryptography-39.0.1.tar.gz", hash = "sha256:d1f6198ee6d9148405e49887803907fe8962a23e6c6f83ea7d98f1c0de375695"}, + {file = "cryptography-41.0.2-cp37-abi3-macosx_10_12_universal2.whl", hash = "sha256:01f1d9e537f9a15b037d5d9ee442b8c22e3ae11ce65ea1f3316a41c78756b711"}, + {file = "cryptography-41.0.2-cp37-abi3-macosx_10_12_x86_64.whl", hash = "sha256:079347de771f9282fbfe0e0236c716686950c19dee1b76240ab09ce1624d76d7"}, + {file = "cryptography-41.0.2-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:439c3cc4c0d42fa999b83ded80a9a1fb54d53c58d6e59234cfe97f241e6c781d"}, + {file = "cryptography-41.0.2-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f14ad275364c8b4e525d018f6716537ae7b6d369c094805cae45300847e0894f"}, + {file = "cryptography-41.0.2-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:84609ade00a6ec59a89729e87a503c6e36af98ddcd566d5f3be52e29ba993182"}, + {file = "cryptography-41.0.2-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:49c3222bb8f8e800aead2e376cbef687bc9e3cb9b58b29a261210456a7783d83"}, + {file = "cryptography-41.0.2-cp37-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:d73f419a56d74fef257955f51b18d046f3506270a5fd2ac5febbfa259d6c0fa5"}, + {file = "cryptography-41.0.2-cp37-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:2a034bf7d9ca894720f2ec1d8b7b5832d7e363571828037f9e0c4f18c1b58a58"}, + {file = "cryptography-41.0.2-cp37-abi3-win32.whl", hash = "sha256:d124682c7a23c9764e54ca9ab5b308b14b18eba02722b8659fb238546de83a76"}, + {file = "cryptography-41.0.2-cp37-abi3-win_amd64.whl", hash = "sha256:9c3fe6534d59d071ee82081ca3d71eed3210f76ebd0361798c74abc2bcf347d4"}, + {file = "cryptography-41.0.2-pp310-pypy310_pp73-macosx_10_12_x86_64.whl", hash = "sha256:a719399b99377b218dac6cf547b6ec54e6ef20207b6165126a280b0ce97e0d2a"}, + {file = "cryptography-41.0.2-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:182be4171f9332b6741ee818ec27daff9fb00349f706629f5cbf417bd50e66fd"}, + {file = "cryptography-41.0.2-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:7a9a3bced53b7f09da251685224d6a260c3cb291768f54954e28f03ef14e3766"}, + {file = "cryptography-41.0.2-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:f0dc40e6f7aa37af01aba07277d3d64d5a03dc66d682097541ec4da03cc140ee"}, + {file = "cryptography-41.0.2-pp38-pypy38_pp73-macosx_10_12_x86_64.whl", hash = "sha256:674b669d5daa64206c38e507808aae49904c988fa0a71c935e7006a3e1e83831"}, + {file = "cryptography-41.0.2-pp38-pypy38_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:7af244b012711a26196450d34f483357e42aeddb04128885d95a69bd8b14b69b"}, + {file = "cryptography-41.0.2-pp38-pypy38_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:9b6d717393dbae53d4e52684ef4f022444fc1cce3c48c38cb74fca29e1f08eaa"}, + {file = "cryptography-41.0.2-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:192255f539d7a89f2102d07d7375b1e0a81f7478925b3bc2e0549ebf739dae0e"}, + {file = "cryptography-41.0.2-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:f772610fe364372de33d76edcd313636a25684edb94cee53fd790195f5989d14"}, + {file = "cryptography-41.0.2-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:b332cba64d99a70c1e0836902720887fb4529ea49ea7f5462cf6640e095e11d2"}, + {file = "cryptography-41.0.2-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:9a6673c1828db6270b76b22cc696f40cde9043eb90373da5c2f8f2158957f42f"}, + {file = "cryptography-41.0.2-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:342f3767e25876751e14f8459ad85e77e660537ca0a066e10e75df9c9e9099f0"}, + {file = "cryptography-41.0.2.tar.gz", hash = "sha256:7d230bf856164de164ecb615ccc14c7fc6de6906ddd5b491f3af90d3514c925c"}, ] [package.dependencies] @@ -366,18 +353,17 @@ cffi = ">=1.12" [package.extras] docs = ["sphinx (>=5.3.0)", "sphinx-rtd-theme (>=1.1.1)"] docstest = ["pyenchant (>=1.6.11)", "sphinxcontrib-spelling (>=4.0.1)", "twine (>=1.12.0)"] -pep8test = ["black", "check-manifest", "mypy", "ruff", "types-pytz", "types-requests"] -sdist = ["setuptools-rust (>=0.11.4)"] +nox = ["nox"] +pep8test = ["black", "check-sdist", "mypy", "ruff"] +sdist = ["build"] ssh = ["bcrypt (>=3.1.5)"] -test = ["hypothesis (>=1.11.4,!=3.79.2)", "iso8601", "pretend", "pytest (>=6.2.0)", "pytest-benchmark", "pytest-cov", "pytest-shard (>=0.1.2)", "pytest-subtests", "pytest-xdist", "pytz"] +test = ["pretend", "pytest (>=6.2.0)", "pytest-benchmark", "pytest-cov", "pytest-xdist"] test-randomorder = ["pytest-randomly"] -tox = ["tox"] [[package]] name = "docker" version = "5.0.3" description = "A Python library for the Docker Engine API." -category = "main" optional = true python-versions = ">=3.6" files = [ @@ -398,7 +384,6 @@ tls = ["cryptography (>=3.4.7)", "idna (>=2.0.0)", "pyOpenSSL (>=17.5.0)"] name = "gitdb" version = "4.0.10" description = "Git Object Database" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -413,7 +398,6 @@ smmap = ">=3.0.1,<6" name = "gitpython" version = "3.1.31" description = "GitPython is a Python library used to interact with Git repositories" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -426,20 +410,18 @@ gitdb = ">=4.0.1,<5" [[package]] name = "gojsonnet" -version = "0.17.0" +version = "0.20.0" description = "Python bindings for Jsonnet - The data templating language" -category = "main" optional = true python-versions = "*" files = [ - {file = "gojsonnet-0.17.0.tar.gz", hash = "sha256:f6fc47d9b1dd0099158978216880c86cb0fcae866b4ca54a5e42e7416bec3b98"}, + {file = "gojsonnet-0.20.0.tar.gz", hash = "sha256:9aede3b5734dee1c99dbec75dee3b086baaae92bd262d93f9217e21bf19c9682"}, ] [[package]] name = "google-api-core" version = "2.11.0" description = "Google API client core library" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -462,7 +444,6 @@ grpcio-gcp = ["grpcio-gcp (>=0.2.2,<1.0dev)"] name = "google-api-python-client" version = "2.81.0" description = "Google API Client Library for Python" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -471,7 +452,7 @@ files = [ ] [package.dependencies] -google-api-core = ">=1.31.5,<2.0.0 || >2.3.0,<3.0.0dev" +google-api-core = ">=1.31.5,<2.0.dev0 || >2.3.0,<3.0.0dev" google-auth = ">=1.19.0,<3.0.0dev" google-auth-httplib2 = ">=0.1.0" httplib2 = ">=0.15.0,<1dev" @@ -481,7 +462,6 @@ uritemplate = ">=3.0.1,<5" name = "google-auth" version = "2.16.2" description = "Google Authentication Library" -category = "main" optional = false python-versions = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*" files = [ @@ -506,7 +486,6 @@ requests = ["requests (>=2.20.0,<3.0.0dev)"] name = "google-auth-httplib2" version = "0.1.0" description = "Google Authentication Library: httplib2 transport" -category = "main" optional = false python-versions = "*" files = [ @@ -523,7 +502,6 @@ six = "*" name = "googleapis-common-protos" version = "1.58.0" description = "Common protobufs used in Google APIs" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -541,7 +519,6 @@ grpc = ["grpcio (>=1.44.0,<2.0.0dev)"] name = "httplib2" version = "0.21.0" description = "A comprehensive HTTP client library." -category = "main" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" files = [ @@ -556,7 +533,6 @@ pyparsing = {version = ">=2.4.2,<3.0.0 || >3.0.0,<3.0.1 || >3.0.1,<3.0.2 || >3.0 name = "hvac" version = "0.11.2" description = "HashiCorp Vault API client" -category = "main" optional = false python-versions = ">=2.7" files = [ @@ -575,7 +551,6 @@ parser = ["pyhcl (>=0.3.10)"] name = "idna" version = "3.4" description = "Internationalized Domain Names in Applications (IDNA)" -category = "main" optional = false python-versions = ">=3.5" files = [ @@ -587,7 +562,6 @@ files = [ name = "importlib-metadata" version = "6.1.0" description = "Read metadata from Python packages" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -607,7 +581,6 @@ testing = ["flake8 (<5)", "flufl.flake8", "importlib-resources (>=1.3)", "packag name = "importlib-resources" version = "5.12.0" description = "Read resources from Python packages" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -626,7 +599,6 @@ testing = ["flake8 (<5)", "pytest (>=6)", "pytest-black (>=0.3.7)", "pytest-chec name = "isodate" version = "0.6.1" description = "An ISO 8601 date/time/duration parser and formatter" -category = "main" optional = false python-versions = "*" files = [ @@ -641,7 +613,6 @@ six = "*" name = "jinja2" version = "3.1.2" description = "A very fast and expressive template engine." -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -659,7 +630,6 @@ i18n = ["Babel (>=2.7)"] name = "jmespath" version = "1.0.1" description = "JSON Matching Expressions" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -669,20 +639,18 @@ files = [ [[package]] name = "jsonnet" -version = "0.18.0" +version = "0.20.0" description = "Python bindings for Jsonnet - The data templating language" -category = "main" optional = false python-versions = "*" files = [ - {file = "jsonnet-0.18.0.tar.gz", hash = "sha256:4ccd13427e9097b6b7d6d38f78f638a55ab8b452a257639e8e9af2178ec235d4"}, + {file = "jsonnet-0.20.0.tar.gz", hash = "sha256:7e770c7bf3a366b97b650a39430450f77612e74406731eb75c5bd59f3f104d4f"}, ] [[package]] name = "jsonschema" version = "4.17.3" description = "An implementation of JSON Schema validation for Python" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -704,7 +672,6 @@ format-nongpl = ["fqdn", "idna", "isoduration", "jsonpointer (>1.13)", "rfc3339- name = "kadet" version = "0.2.2" description = "Easily define and reuse complex Python objects that serialize into JSON or YAML." -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -722,7 +689,6 @@ typeguard = ">=2.12.1" name = "markupsafe" version = "2.1.2" description = "Safely add untrusted strings to HTML/XML markup." -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -780,18 +746,17 @@ files = [ [[package]] name = "msal" -version = "1.21.0" +version = "1.22.0" description = "The Microsoft Authentication Library (MSAL) for Python library enables your app to access the Microsoft Cloud by supporting authentication of users with Microsoft Azure Active Directory accounts (AAD) and Microsoft Accounts (MSA) using industry standard OAuth2 and OpenID Connect." -category = "main" optional = false python-versions = "*" files = [ - {file = "msal-1.21.0-py2.py3-none-any.whl", hash = "sha256:e8444617c1eccdff7bb73f5d4f94036002accea4a2c05f8f39c9efb5bd2b0c6a"}, - {file = "msal-1.21.0.tar.gz", hash = "sha256:96b5c867830fd116e5f7d0ec8ef1b238b4cda4d1aea86d8fecf518260e136fbf"}, + {file = "msal-1.22.0-py2.py3-none-any.whl", hash = "sha256:9120b7eafdf061c92f7b3d744e5f325fca35873445fa8ffebb40b1086a13dd58"}, + {file = "msal-1.22.0.tar.gz", hash = "sha256:8a82f5375642c1625c89058018430294c109440dce42ea667d466c2cab520acd"}, ] [package.dependencies] -cryptography = ">=0.6,<41" +cryptography = ">=0.6,<43" PyJWT = {version = ">=1.0.0,<3", extras = ["crypto"]} requests = ">=2.0.0,<3" @@ -802,7 +767,6 @@ broker = ["pymsalruntime (>=0.13.2,<0.14)"] name = "msal-extensions" version = "1.0.0" description = "Microsoft Authentication Library extensions (MSAL EX) provides a persistence API that can save your data on disk, encrypted on Windows, macOS and Linux. Concurrent data access will be coordinated by a file lock mechanism." -category = "main" optional = false python-versions = "*" files = [ @@ -821,7 +785,6 @@ portalocker = [ name = "packaging" version = "23.0" description = "Core utilities for Python packages" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -833,7 +796,6 @@ files = [ name = "pathspec" version = "0.11.1" description = "Utility library for gitignore style pattern matching of file paths." -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -845,7 +807,6 @@ files = [ name = "pkgutil-resolve-name" version = "1.3.10" description = "Resolve a name to an object." -category = "main" optional = false python-versions = ">=3.6" files = [ @@ -857,7 +818,6 @@ files = [ name = "portalocker" version = "2.7.0" description = "Wraps the portalocker recipe for easy usage" -category = "main" optional = false python-versions = ">=3.5" files = [ @@ -877,7 +837,6 @@ tests = ["pytest (>=5.4.1)", "pytest-cov (>=2.8.1)", "pytest-mypy (>=0.8.0)", "p name = "protobuf" version = "4.22.1" description = "" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -900,7 +859,6 @@ files = [ name = "pyasn1" version = "0.4.8" description = "ASN.1 types and codecs" -category = "main" optional = false python-versions = "*" files = [ @@ -912,7 +870,6 @@ files = [ name = "pyasn1-modules" version = "0.2.8" description = "A collection of ASN.1-based protocols modules." -category = "main" optional = false python-versions = "*" files = [ @@ -927,7 +884,6 @@ pyasn1 = ">=0.4.6,<0.5.0" name = "pycparser" version = "2.21" description = "C parser in Python" -category = "main" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" files = [ @@ -939,7 +895,6 @@ files = [ name = "pydantic" version = "1.10.6" description = "Data validation and settings management using python type hints" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -992,7 +947,6 @@ email = ["email-validator (>=1.0.3)"] name = "pyjwt" version = "2.6.0" description = "JSON Web Token implementation in Python" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -1013,7 +967,6 @@ tests = ["coverage[toml] (==5.0.4)", "pytest (>=6.0.0,<7.0.0)"] name = "pyparsing" version = "3.0.9" description = "pyparsing module - Classes and methods to define and execute parsing grammars" -category = "main" optional = false python-versions = ">=3.6.8" files = [ @@ -1028,7 +981,6 @@ diagrams = ["jinja2", "railroad-diagrams"] name = "pyrsistent" version = "0.19.3" description = "Persistent/Functional/Immutable data structures" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -1065,7 +1017,6 @@ files = [ name = "python-box" version = "6.0.2" description = "Advanced Python dictionaries with dot notation access" -category = "main" optional = false python-versions = ">=3.6" files = [ @@ -1097,7 +1048,6 @@ yaml = ["ruamel.yaml (>=0.17)"] name = "python-dateutil" version = "2.8.2" description = "Extensions to the standard Python datetime module" -category = "main" optional = false python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" files = [ @@ -1112,7 +1062,6 @@ six = ">=1.5" name = "python-gnupg" version = "0.4.9" description = "A wrapper for the Gnu Privacy Guard (GPG or GnuPG)" -category = "main" optional = false python-versions = "*" files = [ @@ -1124,7 +1073,6 @@ files = [ name = "python-magic" version = "0.4.27" description = "File type identification using libmagic" -category = "main" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" files = [ @@ -1136,7 +1084,6 @@ files = [ name = "pywin32" version = "227" description = "Python for Window Extensions" -category = "main" optional = true python-versions = "*" files = [ @@ -1158,7 +1105,6 @@ files = [ name = "pyyaml" version = "6.0" description = "YAML parser and emitter for Python" -category = "main" optional = false python-versions = ">=3.6" files = [ @@ -1206,21 +1152,20 @@ files = [ [[package]] name = "requests" -version = "2.28.2" +version = "2.31.0" description = "Python HTTP for Humans." -category = "main" optional = false -python-versions = ">=3.7, <4" +python-versions = ">=3.7" files = [ - {file = "requests-2.28.2-py3-none-any.whl", hash = "sha256:64299f4909223da747622c030b781c0d7811e359c37124b4bd368fb8c6518baa"}, - {file = "requests-2.28.2.tar.gz", hash = "sha256:98b1b2782e3c6c4904938b84c0eb932721069dfdb9134313beff7c83c2df24bf"}, + {file = "requests-2.31.0-py3-none-any.whl", hash = "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f"}, + {file = "requests-2.31.0.tar.gz", hash = "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1"}, ] [package.dependencies] certifi = ">=2017.4.17" charset-normalizer = ">=2,<4" idna = ">=2.5,<4" -urllib3 = ">=1.21.1,<1.27" +urllib3 = ">=1.21.1,<3" [package.extras] socks = ["PySocks (>=1.5.6,!=1.5.7)"] @@ -1230,7 +1175,6 @@ use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"] name = "rsa" version = "4.9" description = "Pure-Python RSA implementation" -category = "main" optional = false python-versions = ">=3.6,<4" files = [ @@ -1245,7 +1189,6 @@ pyasn1 = ">=0.1.3" name = "s3transfer" version = "0.6.0" description = "An Amazon S3 Transfer Manager" -category = "main" optional = false python-versions = ">= 3.7" files = [ @@ -1263,7 +1206,6 @@ crt = ["botocore[crt] (>=1.20.29,<2.0a.0)"] name = "setuptools" version = "67.6.0" description = "Easily download, build, install, upgrade, and uninstall Python packages" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -1280,7 +1222,6 @@ testing-integration = ["build[virtualenv]", "filelock (>=3.4.0)", "jaraco.envs ( name = "six" version = "1.16.0" description = "Python 2 and 3 compatibility utilities" -category = "main" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*" files = [ @@ -1292,7 +1233,6 @@ files = [ name = "smmap" version = "5.0.0" description = "A pure Python implementation of a sliding window memory map manager" -category = "main" optional = false python-versions = ">=3.6" files = [ @@ -1304,7 +1244,6 @@ files = [ name = "toml" version = "0.10.2" description = "Python Library for Tom's Obvious, Minimal Language" -category = "main" optional = false python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*" files = [ @@ -1316,7 +1255,6 @@ files = [ name = "typeguard" version = "3.0.1" description = "Run-time type checker for Python" -category = "main" optional = false python-versions = ">=3.7.4" files = [ @@ -1336,7 +1274,6 @@ test = ["mypy (>=0.991)", "pytest (>=7)"] name = "typing-extensions" version = "4.5.0" description = "Backported and Experimental Type Hints for Python 3.7+" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -1348,7 +1285,6 @@ files = [ name = "uritemplate" version = "4.1.1" description = "Implementation of RFC 6570 URI Templates" -category = "main" optional = false python-versions = ">=3.6" files = [ @@ -1360,7 +1296,6 @@ files = [ name = "urllib3" version = "1.26.15" description = "HTTP library with thread-safe connection pooling, file post, and more." -category = "main" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" files = [ @@ -1377,7 +1312,6 @@ socks = ["PySocks (>=1.5.6,!=1.5.7,<2.0)"] name = "websocket-client" version = "1.5.1" description = "WebSocket client for Python with low level API options" -category = "main" optional = true python-versions = ">=3.7" files = [ @@ -1394,7 +1328,6 @@ test = ["websockets"] name = "yamllint" version = "1.29.0" description = "A linter for YAML files." -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -1411,7 +1344,6 @@ setuptools = "*" name = "zipp" version = "3.15.0" description = "Backport of pathlib-compatible object wrapper for zip files" -category = "main" optional = false python-versions = ">=3.7" files = [ @@ -1430,4 +1362,4 @@ test = ["docker"] [metadata] lock-version = "2.0" python-versions = "^3.8" -content-hash = "290a88e4534ce117f650cde4054b67ea83ab345e8256c7dcd40ee3dc9b88781a" +content-hash = "705734ada27559c4ecbd058884e639fff92deaae1154b6b9ac900d2487fc24cb" diff --git a/pyproject.toml b/pyproject.toml index 8329fbffb..00a37e32b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -24,7 +24,7 @@ classifiers = [ "Programming Language :: Python :: 3.9", ] license = "Apache-2.0" -version = "0.31.1rc3" +version = "0.32.0" packages = [ { include = "kapitan" }, { include = "kapitan/reclass" }, @@ -41,12 +41,12 @@ python = "^3.8" addict = "^2.4.0" azure-keyvault-keys = "^4.7.0" boto3 = "^1.18.17" -cryptography = ">=3.4.7,<40.0.0" +cryptography = ">=3.4.7,<42.0.0" gitpython = "^3.1.30" google-api-python-client = "^2.15.0" hvac = "^0.11.0" jinja2 = "^3.0.1" -jsonnet = "^0.18.0" +jsonnet = "^0.20.0" jsonschema = "^4.17.3" kadet = "^0.2.2" python-gnupg = "^0.4.7" @@ -61,7 +61,7 @@ certifi = "*" gitdb = "^4.0.10" packaging = "^23.0" typing-extensions = "^4.0.0" -gojsonnet = { version = "^0.17.0", optional = true } +gojsonnet = { version = "^0.20.0", optional = true } docker = { version = "^5.0.0", optional = true } [tool.poetry.extras] diff --git a/requirements.docs.txt b/requirements.docs.txt index ba893d38b..15aa0a92a 100644 --- a/requirements.docs.txt +++ b/requirements.docs.txt @@ -2,4 +2,4 @@ markdown-include==0.7.0 mkdocs-material-extensions==1.1 mkdocs-material==8.5.10 mkdocs==1.4.2 -pymdown-extensions==9.8 \ No newline at end of file +pymdown-extensions==10.0 \ No newline at end of file diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index e69de29bb..000000000 diff --git a/tests/test_dependency_manager.py b/tests/test_dependency_manager.py index a66869826..afc9d02ae 100644 --- a/tests/test_dependency_manager.py +++ b/tests/test_dependency_manager.py @@ -51,7 +51,7 @@ def test_fetch_http_sources(self): rmtree(temp_dir) def test_fetch_git_sources(self): - "Tests clonning git repo" + "Tests cloning git repo" temp_dir = tempfile.mkdtemp() repo_dir = os.path.join(temp_dir, "7a8f3940kapitan.git") # TODO: also test git ssh urls @@ -62,7 +62,7 @@ def test_fetch_git_sources(self): def test_clone_repo_subdir(self): """ - Tests clonning git repo and copy its' subdir + Tests cloning git repo and copy its' subdir """ temp_dir = tempfile.mkdtemp() output_dir = tempfile.mkdtemp() @@ -79,6 +79,80 @@ def test_clone_repo_subdir(self): rmtree(temp_dir) rmtree(output_dir) + def test_clone_repo_submodules_false(self): + """ + Tests cloning git repo and check that submodule folder is empty + """ + temp_dir = tempfile.mkdtemp() + output_dir = tempfile.mkdtemp() + source = "https://github.com/kapicorp/kapitan.git" + dep = [ + { + "output_path": output_dir, + "ref": "master", + "submodules": False, + } + ] + fetch_git_dependency((source, dep), temp_dir, force=False) + self.assertEqual(os.listdir(os.path.join(output_dir, "kapitan", "reclass")), []) + rmtree(temp_dir) + rmtree(output_dir) + + def test_clone_repo_without_submodules(self): + """ + Tests cloning a git repo without any submodules + """ + temp_dir = tempfile.mkdtemp() + output_dir = tempfile.mkdtemp() + source = "https://github.com/kapicorp/reclass.git" + dep = [ + { + "output_path": output_dir, + "ref": "master", + } + ] + fetch_git_dependency((source, dep), temp_dir, force=False) + self.assertTrue(os.path.isdir(os.path.join(output_dir, "reclass"))) + rmtree(temp_dir) + rmtree(output_dir) + + def test_clone_repo_with_submodules(self): + """ + Tests cloning git repo and initialize its' submodule + """ + temp_dir = tempfile.mkdtemp() + output_dir = tempfile.mkdtemp() + source = "https://github.com/kapicorp/kapitan.git" + dep = [ + { + "output_path": output_dir, + "ref": "master", + } + ] + fetch_git_dependency((source, dep), temp_dir, force=False) + self.assertTrue(os.listdir(os.path.join(output_dir, "kapitan", "reclass"))) + rmtree(temp_dir) + rmtree(output_dir) + + def test_clone_repo_with_submodule_subdir(self): + """ + Tests cloning subdir in a git repo and initialize its' submodule + """ + temp_dir = tempfile.mkdtemp() + output_dir = tempfile.mkdtemp() + source = "https://github.com/kapicorp/kapitan.git" + dep = [ + { + "output_path": output_dir, + "ref": "master", + "subdir": "kapitan", + } + ] + fetch_git_dependency((source, dep), temp_dir, force=False) + self.assertTrue(os.listdir(os.path.join(output_dir, "reclass"))) + rmtree(temp_dir) + rmtree(output_dir) + def test_fetch_helm_chart(self): """ Tests fetching helm chart diff --git a/tests/test_vault.py b/tests/test_vault.py index d059969e9..4b51623e9 100644 --- a/tests/test_vault.py +++ b/tests/test_vault.py @@ -30,7 +30,7 @@ } vault_container = client.containers.run( - image="vault", + image="hashicorp/vault", cap_add=["IPC_LOCK"], ports={"8200": "8200"}, environment=env, diff --git a/tests/test_vault_transit.py b/tests/test_vault_transit.py index ab11e6696..225aa11e1 100644 --- a/tests/test_vault_transit.py +++ b/tests/test_vault_transit.py @@ -37,7 +37,7 @@ def find_free_port(): } vault_container = client.containers.run( - image="vault", + image="hashicorp/vault", cap_add=["IPC_LOCK"], ports={8200: DOCKER_PORT}, environment=env,