Using KCL as a "cheap" templating system #71
Description
General Question
I want to write a bit of templating using KCL to avoid having to copy-paste a good 30 deployments.
Basically, I have a list of hosts whose credentials are stored in Bitwarden and I want to create a set of Secret, Deployment and Service where the Deployment contains an initContainer that brings up a VPN connection depending on the configured type, and then a container to expose a SSH endpoint - which is picked up by the service, so I can access that host via $(hostname)-ssh.namespacename.svc.cluster.local.
The slightly longer version: We manage a fleet of Raspberry Pis and I would love to create an in-cluster jumphost. Our clients use a mixture of VPNs, for which I need to use the InitContainers to set up the credentials and connection, to then bring that remote node in via it's SSH port being forwarded.
Thing is, I can't find any documentation on how I should structure my KCL file to use it with the kubectl plugin. Ideally, I would like to just kubectl kcl apply -f raspis.k, whereby raspis.k is evaluated and returns a manifest.yaml_stream(...) of all the generated resources, which are then deployed to the cluster, finally resulting in a good 30x3 objects being created (secret with credentials, deployment with the connection, service with the exposure). I will be either using ExternalSecrets or an initContainer with the Bitwarden CLI to talk to our Vaultwarden instance.
The question is, how would I realize that? I've been playing around with the standalone kcl cli and have a general idea of what I want/need to do - but I am missing a few details.
Thank you!