diff --git a/app/inventory/prod.jsonnet b/app/inventory/prod.jsonnet index 4b9a1502..080b9318 100644 --- a/app/inventory/prod.jsonnet +++ b/app/inventory/prod.jsonnet @@ -29,7 +29,7 @@ local postgres = import '../../kube/postgres_v.libsonnet'; template+: { spec+: { volumes_: { - media: kube.PersistentVolumeClaimVolume(top.media), + media: top.media.volume, }, containers_: { default: kube.Container('default') { diff --git a/app/matrix/lib/appservice-irc.libsonnet b/app/matrix/lib/appservice-irc.libsonnet index 33fa5e12..d196ead0 100644 --- a/app/matrix/lib/appservice-irc.libsonnet +++ b/app/matrix/lib/appservice-irc.libsonnet @@ -87,7 +87,7 @@ local kube = import "../../../kube/kube.libsonnet"; spec+: { volumes_: { config: kube.SecretVolume(bridge.config), - data: kube.PersistentVolumeClaimVolume(bridge.dataVolume), + data: bridge.dataVolume.volume, registration: { secret: { secretName: "appservice-irc-%s-registration" % [name] } }, } + (if cfg.passwordEncryptionKeySecret != null then { key: { secret: { secretName: cfg.passwordEncryptionKeySecret } }, diff --git a/app/matrix/lib/appservice-telegram.libsonnet b/app/matrix/lib/appservice-telegram.libsonnet index 77eac1df..0d5341b2 100644 --- a/app/matrix/lib/appservice-telegram.libsonnet +++ b/app/matrix/lib/appservice-telegram.libsonnet @@ -99,7 +99,7 @@ local kube = import "../../../kube/kube.libsonnet"; spec+: { volumes_: { config: kube.SecretVolume(bridge.config), - data: kube.PersistentVolumeClaimVolume(bridge.dataVolume), + data: bridge.dataVolume.volume, registration: { secret: { secretName: "appservice-telegram-%s-registration" % [name] } }, }, initContainers: [ diff --git a/app/matrix/lib/coturn.libsonnet b/app/matrix/lib/coturn.libsonnet index 4d1c3341..2006de42 100644 --- a/app/matrix/lib/coturn.libsonnet +++ b/app/matrix/lib/coturn.libsonnet @@ -71,8 +71,8 @@ local kube = import "../../../kube/kube.libsonnet"; template+: { spec+: { volumes_: { - config: kube.ConfigMapVolume(top.configMap), - data: kube.PersistentVolumeClaimVolume(top.dataVolume), + config: top.configMap.volume, + data: top.dataVolume.volume, }, containers_: { coturn: kube.Container("coturn") { diff --git a/app/matrix/lib/matrix.libsonnet b/app/matrix/lib/matrix.libsonnet index 875cd425..dbf27d9e 100644 --- a/app/matrix/lib/matrix.libsonnet +++ b/app/matrix/lib/matrix.libsonnet @@ -170,8 +170,8 @@ local postgres = import "../../../kube/postgres.libsonnet"; template+: { spec+: { volumes_: { - data: kube.PersistentVolumeClaimVolume(top.dataVolume), - config: kube.ConfigMapVolume(top.synapseConfigMap), + data: top.dataVolume.volume, + config: top.synapseConfigMap.volume, } + { [k]: { secret: { secretName: "appservice-%s-registration" % [k] } } for k in std.objectFields(top.appservices) @@ -309,7 +309,7 @@ local postgres = import "../../../kube/postgres.libsonnet"; template+: { spec+: { volumes_: { - config: kube.ConfigMapVolume(top.riotConfigMap), + config: top.riotConfigMap.volume, }, containers_: { web: kube.Container("riot-web") { diff --git a/app/matrix/lib/riot.libsonnet b/app/matrix/lib/riot.libsonnet index 0aa95741..20b439e2 100644 --- a/app/matrix/lib/riot.libsonnet +++ b/app/matrix/lib/riot.libsonnet @@ -58,7 +58,7 @@ local kube = import "../../../kube/kube.libsonnet"; template+: { spec+: { volumes_: { - config: kube.ConfigMapVolume(top.configMap), + config: top.configMap.volume, }, containers_: { web: kube.Container("riot-web") { diff --git a/app/matrix/lib/synapse.libsonnet b/app/matrix/lib/synapse.libsonnet index a6cf9dd9..6c301950 100644 --- a/app/matrix/lib/synapse.libsonnet +++ b/app/matrix/lib/synapse.libsonnet @@ -121,13 +121,13 @@ local kube = import "../../../kube/kube.libsonnet"; template+: { spec+: { volumes_: { - config: kube.ConfigMapVolume(top.configMap), + config: top.configMap.volume, secrets: { secret: { secretName: "synapse" } }, } + { [k]: { secret: { secretName: "appservice-%s-registration" % [k] } } for k in std.objectFields(top.appservices) } + if worker.cfg.mountData then { - data: kube.PersistentVolumeClaimVolume(top.dataVolume), + data: top.dataVolume.volume, } else {}, containers_: { web: kube.Container("synapse") { diff --git a/app/onlyoffice/prod.jsonnet b/app/onlyoffice/prod.jsonnet index 3d492b0a..cbfd8a6a 100644 --- a/app/onlyoffice/prod.jsonnet +++ b/app/onlyoffice/prod.jsonnet @@ -61,7 +61,7 @@ local kube = import "../../kube/hscloud.libsonnet"; }, }, volumes_: { - data: kube.PersistentVolumeClaimVolume(top.pvc), + data: top.pvc.volume, }, }, }, diff --git a/app/radio/kube/radio.libsonnet b/app/radio/kube/radio.libsonnet index 8f944053..e9513024 100644 --- a/app/radio/kube/radio.libsonnet +++ b/app/radio/kube/radio.libsonnet @@ -152,7 +152,7 @@ local kube = import "../../../kube/kube.libsonnet"; template+: { spec+: { volumes_: { - config: kube.ConfigMapVolume(radio.configMap), + config: radio.configMap.volume, }, containers_: { radio: kube.Container(radio.makeName("radio")) { diff --git a/bgpwtf/cccampix/kube/ix.libsonnet b/bgpwtf/cccampix/kube/ix.libsonnet index 4e2d6101..295cc3d4 100644 --- a/bgpwtf/cccampix/kube/ix.libsonnet +++ b/bgpwtf/cccampix/kube/ix.libsonnet @@ -92,7 +92,7 @@ local kube = import "../../../kube/hscloud.libsonnet"; template+: { spec+: { volumes_: { - cache: kube.PersistentVolumeClaimVolume(ix.octorpki.cache), + cache: ix.octorpki.cache.volume, }, containers_: { octorpki: kube.Container(ix.name("octorpki")){ @@ -241,8 +241,8 @@ local kube = import "../../../kube/hscloud.libsonnet"; alice: ix.component("alice") { port: 7340, volumes: { - config: kube.ConfigMapVolume(ix.alice.configMap), - theme: kube.ConfigMapVolume(ix.alice.themeMap), + config: ix.alice.configMap.volume, + theme: ix.alice.themeMap.volume, }, volumeMounts: { config: { diff --git a/cluster/kube/lib/admitomatic.libsonnet b/cluster/kube/lib/admitomatic.libsonnet index 70a24aa0..12056cf1 100644 --- a/cluster/kube/lib/admitomatic.libsonnet +++ b/cluster/kube/lib/admitomatic.libsonnet @@ -79,7 +79,7 @@ local prototext = import "../../../kube/prototext.libsonnet"; }, }, volumes_: { - config: kube.ConfigMapVolume(env.config), + config: env.config.volume, secret: kube.SecretVolume(env.secret), }, }, diff --git a/cluster/kube/lib/calico.libsonnet b/cluster/kube/lib/calico.libsonnet index 0c3673f3..43b56161 100644 --- a/cluster/kube/lib/calico.libsonnet +++ b/cluster/kube/lib/calico.libsonnet @@ -315,7 +315,7 @@ local bindServiceAccountClusterRole(sa, cr) = kube.ClusterRoleBinding(cr.metadat cni_bin: kube.HostPathVolume("/opt/cni/bin"), cni_config: kube.HostPathVolume("/opt/cni/conf"), secrets: kube.SecretVolume(env.secrets), - bird_cfg_template: kube.ConfigMapVolume(env.calicoMetallbBird), + bird_cfg_template: env.calicoMetallbBird.volume, # TODO flexvol-driver-host, policysync }, initContainers_: { diff --git a/cluster/kube/lib/registry.libsonnet b/cluster/kube/lib/registry.libsonnet index 0e4ebb1c..7cb6ec1b 100644 --- a/cluster/kube/lib/registry.libsonnet +++ b/cluster/kube/lib/registry.libsonnet @@ -191,8 +191,8 @@ local kube = import "../../../kube/kube.libsonnet"; template+: { spec+: { volumes_: { - data: kube.PersistentVolumeClaimVolume(env.authVolumeClaim), - config: kube.ConfigMapVolume(env.authConfig), + data: env.authVolumeClaim.volume, + config: env.authConfig.volume, certs: { secret: { secretName: env.authCertificate.spec.secretName }, }, @@ -232,7 +232,7 @@ local kube = import "../../../kube/kube.libsonnet"; template+: { spec+: { volumes_: { - config: kube.ConfigMapVolume(env.registryConfig), + config: env.registryConfig.volume, certs: { secret: { secretName: env.registryCertificate.spec.secretName }, }, diff --git a/cluster/kube/lib/rook.libsonnet b/cluster/kube/lib/rook.libsonnet index 4a689396..ba981b0a 100644 --- a/cluster/kube/lib/rook.libsonnet +++ b/cluster/kube/lib/rook.libsonnet @@ -980,9 +980,9 @@ local oa = kube.OpenAPI; }, }, volumes_: { - data: kube.PersistentVolumeClaimVolume(cluster.benji.data), + data: cluster.benji.data.volume, benjiconfig: kube.SecretVolume(cluster.benji.config), - extrabins: kube.ConfigMapVolume(cluster.benji.extrabins), + extrabins: cluster.benji.extrabins.volume, monendpoints: { configMap: { name: "rook-ceph-mon-endpoints", diff --git a/devtools/gerrit/kube/gerrit.libsonnet b/devtools/gerrit/kube/gerrit.libsonnet index c05a51e6..2c1600f1 100644 --- a/devtools/gerrit/kube/gerrit.libsonnet +++ b/devtools/gerrit/kube/gerrit.libsonnet @@ -176,7 +176,7 @@ local kube = import "../../../kube/hscloud.libsonnet"; fsGroup: 1000, # gerrit uid }, volumes_: { - config: kube.ConfigMapVolume(top.configmap), + config: top.configmap.volume, secure: { secret: { secretName: cfg.secureSecret} }, } { [name]: kube.PersistentVolumeClaimVolume(top.volumes[name]) diff --git a/devtools/kube/sourcegraph.libsonnet b/devtools/kube/sourcegraph.libsonnet index 651bfc40..b0280d87 100644 --- a/devtools/kube/sourcegraph.libsonnet +++ b/devtools/kube/sourcegraph.libsonnet @@ -16,8 +16,8 @@ local kube = import "../../kube/kube.libsonnet"; cfg+: { image: cfg.image, volumes+: { - data: kube.PersistentVolumeClaimVolume(sourcegraph.pvc.data), - etc: kube.PersistentVolumeClaimVolume(sourcegraph.pvc.etc), + data: sourcegraph.pvc.data.volume, + etc: sourcegraph.pvc.etc.volume, }, securityContext: { runAsUser: 0, diff --git a/games/factorio/kube/factorio.libsonnet b/games/factorio/kube/factorio.libsonnet index 28e486e1..914a41cc 100644 --- a/games/factorio/kube/factorio.libsonnet +++ b/games/factorio/kube/factorio.libsonnet @@ -113,9 +113,9 @@ local proxy = import "proxy.libsonnet"; template+: { spec+: { volumes_: { - data: kube.PersistentVolumeClaimVolume(top.volumeClaimData), - mods: kube.PersistentVolumeClaimVolume(top.volumeClaimMods), - config: kube.ConfigMapVolume(top.configMap), + data: top.volumeClaimData.volume, + mods: top.volumeClaimMods.volume, + config: top.configMap.volume, }, initContainers_: { modproxy: kube.Container("modproxy") { diff --git a/games/factorio/kube/proxy.libsonnet b/games/factorio/kube/proxy.libsonnet index 6fbebda8..0b10a03d 100644 --- a/games/factorio/kube/proxy.libsonnet +++ b/games/factorio/kube/proxy.libsonnet @@ -20,7 +20,7 @@ local kube = import "../../../kube/kube.libsonnet"; template+: { spec+: { volumes_: { - cas: kube.PersistentVolumeClaimVolume(top.pvc), + cas: top.pvc.volume, }, containers_: { proxy: kube.Container("proxy") { diff --git a/games/valheim/prod.jsonnet b/games/valheim/prod.jsonnet index 0793e510..d87ad6cb 100644 --- a/games/valheim/prod.jsonnet +++ b/games/valheim/prod.jsonnet @@ -162,10 +162,10 @@ local kube = import "../../kube/kube.libsonnet"; fsGroup: 1000, }, volumes_: { - backups: kube.PersistentVolumeClaimVolume(game.pvcs.backups), - saves: kube.PersistentVolumeClaimVolume(game.pvcs.saves), - server: kube.PersistentVolumeClaimVolume(game.pvcs.server), - scripts: kube.ConfigMapVolume(game.scripts), + backups: game.pvcs.backups.volume, + saves: game.pvcs.saves.volume, + server: game.pvcs.server.volume, + scripts: game.scripts.volume, }, }, }, diff --git a/hswaw/kube/pretalx.libsonnet b/hswaw/kube/pretalx.libsonnet index 1e340b02..9025a9e0 100644 --- a/hswaw/kube/pretalx.libsonnet +++ b/hswaw/kube/pretalx.libsonnet @@ -38,7 +38,7 @@ local redis = import "../../kube/redis.libsonnet"; cfg+: { image: cfg.image, volumes+: { - data: kube.PersistentVolumeClaimVolume(pretalx.volumeData), + data: pretalx.volumeData.volume, config: kube.SecretVolume(pretalx.config), }, diff --git a/hswaw/paperless/paperless.libsonnet b/hswaw/paperless/paperless.libsonnet index c2bc1082..2605d37a 100644 --- a/hswaw/paperless/paperless.libsonnet +++ b/hswaw/paperless/paperless.libsonnet @@ -78,7 +78,7 @@ local redis = import "../../kube/redis.libsonnet"; template+: { spec+: { volumes_: { - data: kube.PersistentVolumeClaimVolume(top.dataVolume), + data: top.dataVolume.volume, }, securityContext: { diff --git a/kube/kube.libsonnet b/kube/kube.libsonnet index ac96451a..001cfdbd 100644 --- a/kube/kube.libsonnet +++ b/kube/kube.libsonnet @@ -32,11 +32,19 @@ kube { }, }, - // Remove deprecated `volume.beta.kubernetes.io/storage-class` annotation PersistentVolumeClaim(name): kube.PersistentVolumeClaim(name) { + // Convenience for creating a volume from a PVC + volume:: kube.PersistentVolumeClaimVolume(self), + + // Remove deprecated `volume.beta.kubernetes.io/storage-class` annotation metadata+: { annotations: {} }, }, + ConfigMap(name): kube.ConfigMap(name) { + // Convenience for creating a volume from a ConfigMap + volume:: kube.ConfigMapVolume(self), + }, + // Add `target` field Service(name): kube.Service(name) { // Deployment, Pod, DaemonSet, etc. that this Service is targeting. diff --git a/kube/postgres.libsonnet b/kube/postgres.libsonnet index d5ffad4e..40f43dc9 100644 --- a/kube/postgres.libsonnet +++ b/kube/postgres.libsonnet @@ -78,7 +78,7 @@ local kube = import "kube.libsonnet"; template+: { spec+: { volumes_: { - data: kube.PersistentVolumeClaimVolume(postgres.volumeClaim), + data: postgres.volumeClaim.volume, }, containers_: { postgres: kube.Container(postgres.makeName("postgres")) { diff --git a/kube/postgres_v.libsonnet b/kube/postgres_v.libsonnet index ec7a7b80..695422c9 100644 --- a/kube/postgres_v.libsonnet +++ b/kube/postgres_v.libsonnet @@ -57,7 +57,7 @@ local kube = import "kube.libsonnet"; template+: { spec+: { volumes_: { - data: kube.PersistentVolumeClaimVolume(postgres.volumeClaim), + data: postgres.volumeClaim.volume, }, containers_: { postgres: kube.Container(postgres.makeName("postgres")) { diff --git a/kube/redis.libsonnet b/kube/redis.libsonnet index 1464e7ad..5d84f66e 100644 --- a/kube/redis.libsonnet +++ b/kube/redis.libsonnet @@ -54,7 +54,7 @@ local kube = import "kube.libsonnet"; template+: { spec+: { volumes_: { - data: kube.PersistentVolumeClaimVolume(redis.volumeClaim), + data: redis.volumeClaim.volume, }, containers_: { redis: kube.Container(redis.makeName("redis")) { diff --git a/ops/monitoring/lib/cluster.libsonnet b/ops/monitoring/lib/cluster.libsonnet index f7508ce3..6c0c36e6 100644 --- a/ops/monitoring/lib/cluster.libsonnet +++ b/ops/monitoring/lib/cluster.libsonnet @@ -246,8 +246,8 @@ local kube = import "../../../kube/kube.libsonnet"; { key: "CriticalAddonsOnly", operator: "Exists" }, ], volumes_: { - data: kube.PersistentVolumeClaimVolume(prometheus.pvc), - configmap: kube.ConfigMapVolume(prometheus.configmap), + data: prometheus.pvc.volume, + configmap: prometheus.configmap.volume, }, }, }, diff --git a/ops/monitoring/lib/global.libsonnet b/ops/monitoring/lib/global.libsonnet index 3b642903..8d409471 100644 --- a/ops/monitoring/lib/global.libsonnet +++ b/ops/monitoring/lib/global.libsonnet @@ -110,7 +110,7 @@ local kube = import "../../../kube/hscloud.libsonnet"; } }, volumes_: { - data: kube.PersistentVolumeClaimVolume(victoria.pvc), + data: victoria.pvc.volume, secret: kube.SecretVolume(victoria.authSecret), }, }, @@ -219,7 +219,7 @@ local kube = import "../../../kube/hscloud.libsonnet"; }, }, volumes_: { - data: kube.PersistentVolumeClaimVolume(grafana.pvc), + data: grafana.pvc.volume, config: kube.SecretVolume(grafana.config) { secret+: { items: [ diff --git a/personal/radex/demo-next/prod.jsonnet b/personal/radex/demo-next/prod.jsonnet index 2135bfe2..e743a960 100644 --- a/personal/radex/demo-next/prod.jsonnet +++ b/personal/radex/demo-next/prod.jsonnet @@ -18,7 +18,7 @@ local kube = import "../../../kube/hscloud.libsonnet"; template+: { spec+: { volumes_: { - data: kube.PersistentVolumeClaimVolume(top.data), + data: top.data.volume, }, containers_: { default: kube.Container("default") { diff --git a/personal/radex/wordpress/prod.jsonnet b/personal/radex/wordpress/prod.jsonnet index 2282d284..39a65e70 100644 --- a/personal/radex/wordpress/prod.jsonnet +++ b/personal/radex/wordpress/prod.jsonnet @@ -73,7 +73,7 @@ local kube = import "../../../kube/hscloud.libsonnet"; template+: { spec+: { volumes_: { - data: kube.PersistentVolumeClaimVolume(mysql.volume), + data: mysql.volume.volume, }, containers_: { default: kube.Container("default") {