kryptonian.dev / k8s-cluster
this repo has no description
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

k8s-cluster / scripts / app-template-convert.pl
at main 100 lines 3.2 kB view raw
Skyler Mäntysaari Steal vaskozl's experimental script
7f63ef43
1use strict; 2use warnings; 3 4use feature qw(say); 5 6use YAML::XS qw(LoadFile Dump DumpFile); 7 8my $h = LoadFile($ARGV[0]); 9my $name = $h->{metadata}{name}; 10 11my $o = $h->{spec}{values}; 12 13$o->{defaultPodOptions}{securityContext} = delete $o->{podSecurityContext} if $o->{podSecurityContext}; 14$o->{defaultPodOptions}{nodeSelector}= delete $o->{nodeSelector} if $o->{nodeSelector}; 15 16$o->{controllers}{$name}{containers}{app}{image} = delete $o->{image}; 17$o->{controllers}{$name}{containers}{app}{args} = delete $o->{args} if $o->{args}; 18$o->{controllers}{$name}{containers}{app}{command} = delete $o->{command} if $o->{command}; 19$o->{controllers}{$name}{containers}{app}{env} = delete $o->{env} if $o->{env}; 20$o->{controllers}{$name}{containers}{app}{resources} = delete $o->{resources} if $o->{resources}; 21 22$o->{ingress}{main}{className} = delete $o->{ingress}{main}{ingressClassName} if $o->{ingress}{main}{ingressClassName}; 23delete $o->{ingress}{main}{enabled}; 24 25my $hosts = $o->{ingress}{main}{hosts}; 26for my $host (@$hosts) { 27 $host->{paths}->[0]->{service}{identifier} = 'app'; 28 $host->{paths}->[0]->{service}{port} = 'http'; 29} 30 31my $persistence = $o->{persistence} || {}; 32for (keys %$persistence) { 33 delete $o->{persistence}{$_}{enabled}; 34 if ($o->{persistence}{$_}{mountPath}) { 35 $o->{persistence}{$_}{globalMounts} = [ { path => delete $o->{persistence}{$_}{mountPath} }]; 36 if ($o->{persistence}{$_}{subPath}) { 37 $o->{persistence}{$_}{globalMounts}->[0]->{subPath} = delete $o->{persistence}{$_}{subPath}; 38 } 39 } 40} 41 42 43$o->{controllers}{$name}{containers}{app}{probes} = delete $o->{probes} if $o->{probes}; 44 45if ($o->{volumeClaimTemplates}) { 46 $o->{controllers}{$name}{type} = 'statefulset'; 47 $o->{controllers}{$name}{statefulset}{podManagementPolicy} = 'Parallel'; 48 $o->{controllers}{$name}{statefulset}{volumeClaimTemplates} = delete $o->{volumeClaimTemplates}; 49 my $vc = $o->{controllers}{$name}{statefulset}{volumeClaimTemplates}; 50 $vc->[0]->{globalMounts} = [ 51 { path => delete $vc->[0]->{mountPath} } 52 ]; 53} 54 55if (delete $o->{hostNetwork}) { 56 $o->{defaultPodOptions}{hostNetwork} = builtin::true; 57} 58 59$h->{spec}{chart}{spec}{version} = '3.0.4'; 60 61 62$o->{controllers}{$name}{containers}{app}{securityContext} = delete $o->{securityContext} if $o->{securityContext}; 63if ($h->{metadata}{annotations}{'patch.sko.ai/app-security'}) { 64 $o->{controllers}{$name}{containers}{app}{securityContext} = { 65 allowPrivilegeEscalation => builtin::false, 66 readOnlyRootFilesystem => builtin::true, 67 capabilities => { 68 drop => ["ALL"], 69 } 70 #add => ["NET_BIND_SERVICE"] 71 }; 72 73 $o->{defaultPodOptions}{securityContext} = { 74 runAsNonRoot => builtin::true, 75 runAsUser => 568, 76 runAsGroup => 568, 77 fsGroup => 568, 78 seccompProfile => { 79 type => 'RuntimeDefault' 80 } 81 }; 82} 83 84delete $h->{metadata}{annotations}; 85 86 87$o->{controllers}{$name}{containers}{app}{probes} = { 88 liveness => { enabled => builtin::true }, 89 readiness => { enabled => builtin::true }, 90}; 91 92$o->{ingress}{app} = delete $o->{ingress}{main}; 93$o->{service}{app} = delete $o->{service}{main}; 94$o->{service}{app}{controller} = $name; 95 96if ($ARGV[1] eq 'write') { 97 DumpFile($ARGV[0], $h); 98} else { 99 print Dump $h; 100}