KCL 社区开源双周报和 v0.5.5 版本发布!

2023-08-23 18:08:35 +08:00
 peefy

KCL 是一个开源的基于约束的记录及函数语言并通过成熟的编程语言技术和实践来改进对大量繁杂配置比如云原生 Kubernetes 配置场景的编写,致力于构建围绕配置的更好的模块化、扩展性和稳定性,更简单的逻辑编写,以及更简单的自动化和生态工具集成。

本栏目将会双周更新 KCL 语言社区最新动态,包括功能、官网更新和最新的社区动态等,帮助大家更好地了解 KCL 社区!

KCL 官网:https://kcl-lang.io

内容概述

感谢所有贡献者过去两周 (2023 08.10 - 08.23) 的杰出工作,以下是重点合并内容概述

特别鸣谢

以下排名不分先后

精选更新

KCL Import 工具更新

KCL Import 工具在 Protobuf, JsonSchema OpenAPI 模型和 Go 结构体转换为 KCL Schema 的基础上,新增 Terraform Provider Schema 到 KCL Schema 的转换支持,比如对于如下的 Terraform Provider Json (通过 terraform providers schema -json > provider.json 命令获得,详情请参考 https://developer.hashicorp.com/terraform/cli/commands/providers/schema)

{
    "format_version": "0.2",
    "provider_schemas": {
        "registry.terraform.io/aliyun/alicloud": {
            "provider": {
                "version": 0,
                "block": {
                    "attributes": {},
                    "block_types": {},
                    "description_kind": "plain"
                }
            },
            "resource_schemas": {
                "alicloud_db_instance": {
                    "version": 0,
                    "block": {
                        "attributes": {
                            "db_instance_type": {
                                "type": "string",
                                "description_kind": "plain",
                                "computed": true
                            },
                            "engine": {
                                "type": "string",
                                "description_kind": "plain",
                                "required": true
                            },
                            "security_group_ids": {
                                "type": [
                                    "set",
                                    "string"
                                ],
                                "description_kind": "plain",
                                "optional": true,
                                "computed": true
                            },
                            "security_ips": {
                                "type": [
                                    "set",
                                    "string"
                                ],
                                "description_kind": "plain",
                                "optional": true,
                                "computed": true
                            },
                            "tags": {
                                "type": [
                                    "map",
                                    "string"
                                ],
                                "description_kind": "plain",
                                "optional": true
                            }
                        },
                        "block_types": {},
                        "description_kind": "plain"
                    }
                },
                "alicloud_config_rule": {
                    "version": 0,
                    "block": {
                        "attributes": {
                            "compliance": {
                                "type": [
                                    "list",
                                    [
                                        "object",
                                        {
                                            "compliance_type": "string",
                                            "count": "number"
                                        }
                                    ]
                                ],
                                "description_kind": "plain",
                                "computed": true
                            },
                            "resource_types_scope": {
                                "type": [
                                    "list",
                                    "string"
                                ],
                                "description_kind": "plain",
                                "optional": true,
                                "computed": true
                            }
                        }
                    }
                }
            },
            "data_source_schemas": {}
        }
    }
}

经过 KCL Import 工具可以输出为如下 KCL 代码

"""
This file was generated by the KCL auto-gen tool. DO NOT EDIT.
Editing this file might prove futile when you re-run the KCL auto-gen generate command.
"""

schema AlicloudConfigRule:
    """
    AlicloudConfigRule

    Attributes
    ----------
    compliance: [ComplianceObject], optional
    resource_types_scope: [str], optional
    """

    compliance?: [ComplianceObject]
    resource_types_scope?: [str]

schema ComplianceObject:
    """
    ComplianceObject

    Attributes
    ----------
    compliance_type: str, optional
    count: int, optional
    """

    compliance_type?: str
    count?: int

schema AlicloudDbInstance:
    """
    AlicloudDbInstance

    Attributes
    ----------
    db_instance_type: str, optional
    engine: str, required
    security_group_ids: [str], optional
    security_ips: [str], optional
    tags: {str:str}, optional
    """

    db_instance_type?: str
    engine: str
    security_group_ids?: [str]
    security_ips?: [str]
    tags?: {str:str}

    check:
        isunique(security_group_ids)
        isunique(security_ips)

KCL Vault 集成

仅需三步,我们就可以使用 Vault 来存储并管理敏感信息并在 KCL 中使用。

首先我们安装并使用 Vault 存储 foo 和 bar 信息

vault kv put secret/foo foo=foo
vault kv put secret/bar bar=bar

然后编写如下 KCL 代码 (main.k)

apiVersion = "apps/v1"
kind = "Deployment"
metadata = {
    name = "nginx"
    labels.app = "nginx"
    annotations: {
        "secret-store": "vault"
        # Valid format:
        #  "ref+vault://PATH/TO/KV_BACKEND#/KEY"
        "foo": "ref+vault://secret/foo#/foo"
        "bar": "ref+vault://secret/bar#/bar"
    }
}
spec = {
    replicas = 3
    selector.matchLabels = metadata.labels
    template.metadata.labels = metadata.labels
    template.spec.containers = [
        {
            name = metadata.name
            image = "${metadata.name}:1.14.2"
            ports = [{ containerPort = 80 }]
        }
    ]
}

最后可以通过 Vals 命令行工具获得解密后的配置

kcl main.k | vals eval -f -

更多详情和用例可以参考 https://kcl-lang.io/docs/user_docs/guides/secret-management/vault

社区动态

其他资源

❤️ 感谢所有 KCL 用户和社区小伙伴在社区中提出的宝贵反馈与建议。后续我们会撰写更多 KCL v0.5.x 新版本功能解读系列文章,敬请期待!

更多其他资源请参考:

575 次点击
所在节点    推广
0 条回复

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/967726

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX