Skip to content

Instantly share code, notes, and snippets.

@arianvp
Created February 22, 2022 19:18
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save arianvp/5609c7e97a49f46fbb9a1f53f62a3b31 to your computer and use it in GitHub Desktop.
A flake to deploy app to kubernetes
{
description = "A flake that builds a go app and deploys to kubernetes";
inputs = {
utils.url = "github:numtide/flake-utils";
nixpkgs.url = "nixpkgs/nixpkgs-unstable";
};
outputs = { self, nixpkgs, utils }: utils.lib.eachDefaultSystem (system:
let
pkgs = nixpkgs.legacyPackages.${system};
selfPackages = self.packages.${system};
container = selfPackages.container;
in
{
packages.deploy =
let
manifestFile = pkgs.writeText "manifests.json" (builtins.toJSON {
apiVersion = "apps/v1";
kind = "Deployment";
metadata = { name = "network-policy-controller"; labels."kubernetes.io/managed-by" = "nix"; };
spec = {
selector.matchLabels.app = "network-policy-controller";
template.metadata.labels.app = "network-policy-controller";
template.spec.containers = [{
name = "network-policy-controller";
image = "${container.imageName}:${container.imageTag}";
}];
};
}
);
in
pkgs.writeScriptBin "deploy" ''
${selfPackages.push-container}/bin/push-container
${pkgs.kubectl}/bin/kubectl apply --prune -l=kubernetes.io/managed-by=nix --server-side -f ${manifestFile}
'';
packages.push-container = pkgs.writeScriptBin "push-container" ''
${container} \
| ${pkgs.gzip}/bin/gzip -3 \
| ${pkgs.skopeo}/bin/skopeo copy docker-archive:/dev/stdin docker://${container.imageName}:${container.imageTag} --insecure-policy
'';
packages.container = pkgs.dockerTools.streamLayeredImage {
name = "quay.io/arianvp/network-policy-controller";
config.Cmd = [ "${self.packages.x86_64-linux.network-policy-controller}/bin/network-policy-controller" "-node-name" "$NODE_NAME" ];
};
packages.network-policy-controller = pkgs.buildGoModule {
name = "network-policy-controller";
version = "0.0.0";
subpackages = [ "./cmd/network-policy-controller" ];
src = ./network-policy-controller;
vendorSha256 = "sha256-yA8V9F+Cm3RfowYIMu0LI/KLMqChFSr21yITvJ/eECI=";
CGO_ENABLED = "0";
};
});
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment