Skip to content

Instantly share code, notes, and snippets.

@yujunz

yujunz/3489.cue

Created October 11, 2024 14:47
Show Gist options
  • Save yujunz/310b4e462432b63faf9c4ce1dca06534 to your computer and use it in GitHub Desktop.
Save yujunz/310b4e462432b63faf9c4ce1dca06534 to your computer and use it in GitHub Desktop.
Download ZIP
cue-issues
Raw
3489.cue
#Kubernetes: {
// `cluster: server: _` in `~/.kube/config`
server: _
// `kubectl version`
version?: _
// desired manifests as `kubectl get -o yaml` in yaml stream form
manifests: yaml.MarshalStream([for _, r in #resources for _, n in r {n}])
// resources definition in tree form to be provided by user
// "RESOURCE NAME": "SPECIFIC NAME": _
// Resource names are case-insensitive, shortname supported.
// e.g. `#resources: deploy: dp: _`
#resources: [R=_]: [N=_]: AR[strings.ToLower(R)] & {
metadata: {
name: string | *N
...
}
...
}
// api-resources in flat map form for `#resources` lookup
// [NAME | PLURAL | SHORTNAME]: {kind: KIND, apiVersion: APIVERSION, ...}
AR="api-resources": {
for v, vv in #gvk {for k, kv in vv {
// TODO(yujunz): union constraints from `cue get go k8s.io/api/core/v1`
R=(kv.name): {
kind: k
apiVersion: v
if kv.spec != _|_ {
spec: kv.spec
}
}
(strings.ToLower(k)): R
if (kv.shortnames != _|_) {
for sn in kv.shortnames {(sn): R}
}
}}
}
// GroupVersionKind from `kubectl api-resources` in tree form
#gvk: {
// APIVERSION: KIND: {SHORTNAMES: _, NAME: _}
[_]: [K=_]: name: _ | *"\(strings.ToLower(K))s"
// configmaps cm v1 true ConfigMap
// endpoints ep v1 true Endpoints
// events ev v1 true Event
// limitranges limits v1 true LimitRange
// namespaces ns v1 false Namespace
// nodes no v1 false Node
// persistentvolumeclaims pvc v1 true PersistentVolumeClaim
// persistentvolumes pv v1 false PersistentVolume
// pods po v1 true Pod
// podtemplates v1 true PodTemplate
// replicationcontrollers rc v1 true ReplicationController
// resourcequotas quota v1 true ResourceQuota
// secrets v1 true Secret
// serviceaccounts sa v1 true ServiceAccount
// services svc v1 true Service
v1: {
ConfigMap: shortnames: ["cm"]
Namespace: shortnames: ["ns"]
PersistentVolumeClaim: shortname: ["pvc"]
Pod: shortname: ["po"]
Secret: _
ServiceAccount: shortnames: ["sa"]
Service: shortnames: ["svc"]
PersistentVolume: shortname: ["pv"]
}
// controllerrevisions apps/v1 true ControllerRevision
// daemonsets ds apps/v1 true DaemonSet
// deployments deploy apps/v1 true Deployment
// replicasets rs apps/v1 true ReplicaSet
// statefulsets sts apps/v1 true StatefulSet
"apps/v1": {
Deployment: shortnames: ["deploy"]
}
// applications app,apps argoproj.io/v1alpha1 true Application
// applicationsets appset,appsets argoproj.io/v1alpha1 true ApplicationSet
// appprojects appproj,appprojs argoproj.io/v1alpha1 true AppProject
"argoproj.io/v1alpha1": {
Application: shortnames: ["app", "apps"]
ApplicationSet: shortnames: ["appset", "appsets"]
AppProject: {
shortnames: ["appproj", "appprojs"]
spec: appproject.#AppProjectSpec
}
}
// authservices getambassador.io/v2 true AuthService
// consulresolvers getambassador.io/v2 true ConsulResolver
// devportals getambassador.io/v2 true DevPortal
// hosts getambassador.io/v2 true Host
// kubernetesendpointresolvers getambassador.io/v2 true KubernetesEndpointResolver
// kubernetesserviceresolvers getambassador.io/v2 true KubernetesServiceResolver
// logservices getambassador.io/v2 true LogService
// mappings getambassador.io/v2 true Mapping
// modules getambassador.io/v2 true Module
// ratelimitservices getambassador.io/v2 true RateLimitService
// tcpmappings getambassador.io/v2 true TCPMapping
// tlscontexts getambassador.io/v2 true TLSContext
// tracingservices getambassador.io/v2 true TracingService
"getambassador.io/v2": {
Mapping: _
TCPMapping: _
TLSContext: _
}
// alertmanagers am monitoring.coreos.com/v1 true Alertmanager
// podmonitors pmon monitoring.coreos.com/v1 true PodMonitor
// probes prb monitoring.coreos.com/v1 true Probe
// prometheuses prom monitoring.coreos.com/v1 true Prometheus
// prometheusrules promrule monitoring.coreos.com/v1 true PrometheusRule
// servicemonitors smon monitoring.coreos.com/v1 true ServiceMonitor
// thanosrulers ruler monitoring.coreos.com/v1 true ThanosRuler
"monitoring.coreos.com/v1": {
ServiceMonitor: shortnames: ["smon"]
PrometheusRule: shortnames: ["promrule"]
}
// clusterrolebindings rbac.authorization.k8s.io/v1 false ClusterRoleBinding
// clusterroles rbac.authorization.k8s.io/v1 false ClusterRole
// rolebindings rbac.authorization.k8s.io/v1 true RoleBinding
// roles rbac.authorization.k8s.io/v1 true Role
"rbac.authorization.k8s.io/v1": {
ClusterRoleBinding: _
ClusterRole: _
RoleBinding: _
Roles: _
}
// priorityclasses pc scheduling.k8s.io/v1 false PriorityClass
"scheduling.k8s.io/v1": {
PriorityClass: {
name: "priorityclasses"
shortnames: ["pc"]
}
}
// temporalclusterclients temporal.io/v1beta1 true TemporalClusterClient
// temporalclusters temporal.io/v1beta1 true TemporalCluster
// temporalnamespaces temporal.io/v1beta1 true TemporalNamespace
// temporalworkerprocesses temporal.io/v1beta1 true TemporalWorkerProcess
"temporal.io/v1beta1": {
TemporalCluster: _
TemporalNamespace: _
}
// certificaterequests cr,crs cert-manager.io/v1 true CertificateRequest
// certificates cert,certs cert-manager.io/v1 true Certificate
// clusterissuers cert-manager.io/v1 false ClusterIssuer
// issuers cert-manager.io/v1 true Issuer
"cert-manager.io/v1": {
ClusterIssuer: _
Certificate: _
}
// pdb
"policy/v1": {
PodDisruptionBudget: _
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment