kube: standardize on a `local ns` convention
A convention is introduced to specify the kube.Namespace object in a deployment as a `local ns` instead of an `ns:` or a `namespace:` for these reasons:
- non-cluster admins cannot create new namespaces, and we've been moving in the direction of specifying objects that require cluster admin permissions to apply (policies, role bindings) in //cluster/kube/k0 instead of in the app jsonnet
- namespace admins CAN delete the namespace, making `kubecfg delete` unexpectedly dangerous (especially if a namespace contains more than just the contents of the file being applied - common with personal namespaces)
- `.Contain()` is a common operation, and it shows up in lines that are pretty long, so `ns.Contain()` is preferable to `app.ns.Contain()` or `service.namespace.Contain()`
Change-Id: Ie4ea825376dbf6faa175179054f3ee3de2253ae0
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1804
Reviewed-by: q3k <q3k@hackerspace.pl>
diff --git a/app/walne/prod.jsonnet b/app/walne/prod.jsonnet
index 0a23d96..70dae12 100644
--- a/app/walne/prod.jsonnet
+++ b/app/walne/prod.jsonnet
@@ -19,8 +19,9 @@
nextAuth: { secretKeyRef: { name: cfg.name, key: 'next_auth_secret' } },
},
- ns: kube.Namespace(cfg.namespace),
- deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
+ local ns = kube.Namespace(cfg.namespace),
+
+ deployment: ns.Contain(kube.Deployment(cfg.name)) {
spec+: {
template+: {
spec+: {
@@ -46,11 +47,11 @@
},
},
- service: top.ns.Contain(kube.Service(cfg.name)) {
+ service: ns.Contain(kube.Service(cfg.name)) {
target:: top.deployment,
},
- ingress: top.ns.Contain(kube.SimpleIngress(cfg.name)) {
+ ingress: ns.Contain(kube.SimpleIngress(cfg.name)) {
hosts:: [cfg.domain],
target_service:: top.service,
},