📝 documentation of the add features

tests/.gitignore

@@ -0,0 +1 @@
+applications/

tests/multi-replacement/expected/sish-client.yaml

@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sish-client
+  namespace: traefik
+  labels:
+    app.kubernetes.io/name: "sish-client"
+    app.kubernetes.io/component: edge
+    app.kubernetes.io/part-of: autocloud
+data:
+  config: |
+    PubkeyAcceptedKeyTypes +ssh-rsa
+    Host sishserver
+      HostName target.link
+      Port 2222
+      BatchMode yes
+      IdentityFile ~/.ssh_keys/id_rsa
+      IdentitiesOnly yes
+      LogLevel ERROR
+      ServerAliveInterval 10
+      ServerAliveCountMax 2
+      RemoteCommand sni-proxy=true
+      RemoteForward myhost.target.link:443 traefik.traefik.svc:443
+  known_hosts: |
+    [target.link]:2222 ssh-ed25519 AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAID+4/eqtPTLC18TE8ZP7NeF4ZP68/wnY2d7mhH/KVs79AAAABHNzaDo=

tests/multi-replacement/expected/traefik.yaml

@@ -0,0 +1,62 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: traefik
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    namespace: traefik
+    server: https://kubernetes.default.svc
+  project: default
+  source:
+    chart: traefik
+    helm:
+      parameters: []
+      values: |
+        ingressClass:
+          enabled: true
+          isDefaultClass: true
+        ingressRoute:
+          dashboard:
+            enabled: true
+        providers:
+          kubernetesCRD:
+            allowCrossNamespace: true
+            allowExternalNameServices: true
+          kubernetesIngress:
+            allowExternalNameServices: true
+            publishedService:
+              enabled: true
+        logs:
+          general:
+            level: ERROR
+          access:
+            enabled: true
+        tracing:
+          instana: false
+        gobalArguments: {}
+        # BEWARE: use only for debugging
+        additionalArguments:
+        - --api.insecure=false
+        ports:
+          # BEWARE: use only for debugging
+          # traefik:
+          #   expose: false
+          web:
+            redirectTo: websecure
+          websecure:
+            tls:
+              enabled: true
+          traefik:
+            expose: true
+    repoURL: https://helm.traefik.io/traefik
+    targetRevision: "10.19.5"
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+  ignoreDifferences: []

tests/multi-replacement/functions/multi-transformation.yaml

@@ -0,0 +1,74 @@
+apiVersion: builtin
+kind: LocalConfiguration
+metadata:
+  name: configuration-map
+  annotations:
+    config.kaweezle.com/inject-local: "true"
+    config.kubernetes.io/function: |
+      exec:
+        path: ../../krmfnbuiltin
+data:
+  sish:
+    server: target.link
+    hostname: myhost.target.link
+    host_key: AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAID+4/eqtPTLC18TE8ZP7NeF4ZP68/wnY2d7mhH/KVs79AAAABHNzaDo=
+  traefik:
+    dashboard_enabled: true
+    expose: true
+---
+apiVersion: builtin
+kind: ReplacementTransformer
+metadata:
+  name: replacement-transformer
+  annotations:
+    config.kubernetes.io/prune-local: "true"
+    config.kubernetes.io/function: |
+      exec:
+        path: ../../krmfnbuiltin
+replacements:
+  - source:
+      kind: LocalConfiguration
+      fieldPath: data.sish.server
+    targets:
+      - select:
+          kind: ConfigMap
+          name: sish-client
+        fieldPaths:
+          - data.config.!!regex.^\s+HostName\s+(\S+)\s*$.1
+          - data.known_hosts.!!regex.^\[(\S+)\].1
+  - source:
+      kind: LocalConfiguration
+      fieldPath: data.sish.hostname
+    targets:
+      - select:
+          kind: ConfigMap
+          name: sish-client
+        fieldPaths:
+          - data.config.!!regex.^\s+RemoteForward\s+(\S+):.1
+  - source:
+      kind: LocalConfiguration
+      fieldPath: data.sish.host_key
+    targets:
+      - select:
+          kind: ConfigMap
+          name: sish-client
+        fieldPaths:
+          - data.known_hosts.!!regex.ssh-ed25519\s(\S+).1
+  - source:
+      kind: LocalConfiguration
+      fieldPath: data.traefik.dashboard_enabled
+    targets:
+      - select:
+          kind: Application
+          name: traefik
+        fieldPaths:
+          - spec.source.helm.values.!!yaml.ingressRoute.dashboard.enabled
+  - source:
+      kind: LocalConfiguration
+      fieldPath: data.traefik.expose
+    targets:
+      - select:
+          kind: Application
+          name: traefik
+        fieldPaths:
+          - spec.source.helm.values.!!yaml.ports.traefik.expose

tests/multi-replacement/original/sish-client.yaml

@@ -0,0 +1,26 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sish-client
+  namespace: traefik
+  labels:
+    app.kubernetes.io/name: "sish-client"
+    app.kubernetes.io/component: edge
+    app.kubernetes.io/part-of: autocloud
+data:
+  config: |
+    PubkeyAcceptedKeyTypes +ssh-rsa
+    Host sishserver
+      HostName holepunch.in
+      Port 2222
+      BatchMode yes
+      IdentityFile ~/.ssh_keys/id_rsa
+      IdentitiesOnly yes
+      LogLevel ERROR
+      ServerAliveInterval 10
+      ServerAliveCountMax 2
+      RemoteCommand sni-proxy=true
+      RemoteForward citest.holepunch.in:443 traefik.traefik.svc:443
+  known_hosts: |
+    [holepunch.in]:2222 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID+3abW2y3T5dodnI5O1Z/2KlIdH3bwnbGDvCFf13zlh

tests/multi-replacement/original/traefik.yaml

@@ -0,0 +1,60 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: traefik
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    namespace: traefik
+    server: https://kubernetes.default.svc
+  project: default
+  source:
+    chart: traefik
+    helm:
+      parameters: []
+      values: |-
+        ingressClass:
+          enabled: true
+          isDefaultClass: true
+        ingressRoute:
+          dashboard:
+            enabled: false
+        providers:
+          kubernetesCRD:
+            allowCrossNamespace: true
+            allowExternalNameServices: true
+          kubernetesIngress:
+            allowExternalNameServices: true
+            publishedService:
+              enabled: true
+        logs:
+          general:
+            level: ERROR
+          access:
+            enabled: true
+        tracing:
+          instana: false
+        gobalArguments: {}
+        # BEWARE: use only for debugging
+        additionalArguments:
+         - --api.insecure=false
+        ports:
+          # BEWARE: use only for debugging
+          # traefik:
+          #   expose: false
+          web:
+            redirectTo: websecure
+          websecure:
+            tls:
+              enabled: true
+    repoURL: https://helm.traefik.io/traefik
+    targetRevision: "10.19.5"
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+  ignoreDifferences: []

tests/replacement/functions/02_replacement-transformer.yaml

@@ -4,7 +4,7 @@ metadata:
   name: replacement-transformer
   namespace: argocd
   annotations:
-    config.kubernetes.io/prune-local: "true"
+    config.kaweezle.com/prune-local: "true"
     config.kubernetes.io/function: |
       exec:
         path: ../../krmfnbuiltin

tests/test_krmfnbuiltin.sh

@@ -7,16 +7,20 @@
 #set -uexo pipefail
 set -e pipefail
 
-trap "rm -rf {patch,replacement}/applications" EXIT
+trap "find . -type d -name 'applications' -exec rm -rf {} +" EXIT
 
 
-for d in patch replacement; do
+for d in $(ls -d */); do
     echo "Running Test in $d..."
     cd $d
-    rm -rf appllications
+    rm -rf applications
     cp -r original applications
+    echo "  > Performing kustomizations..."
     kustomize fn run --enable-exec --fn-path functions applications
-    diff <(yq eval -P expected/argocd.yaml) <(yq eval -P applications/argocd.yaml)
+    for f in $(ls -1 expected); do
+        echo "  > Checking $f..."
+        diff <(yq eval -P expected/$f) <(yq eval -P applications/$f)
+    done
     cd ..
 done
 echo "Done ok 🎉"