From 738765845c74346ec2b5a30b1d3ca15aebcd7927 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Sun, 5 May 2024 17:38:24 +0200
Subject: [PATCH 1/4] Package Kubenix script

---
 pkgs/kubenix.nix | 99 ++++++++++++------------------------------------
 pkgs/kubenix.sh  | 61 +++++++++++++++++++++++++++++
 2 files changed, 85 insertions(+), 75 deletions(-)
 create mode 100644 pkgs/kubenix.sh

diff --git a/pkgs/kubenix.nix b/pkgs/kubenix.nix
index 8cf93d5..5d44aed 100644
--- a/pkgs/kubenix.nix
+++ b/pkgs/kubenix.nix
@@ -2,8 +2,11 @@
 , vals
 , colordiff
 , evalModules
-, runCommand
 , writeShellScript
+, writeScriptBin
+, makeWrapper
+, symlinkJoin
+, lib
 , module ? { }
 , specialArgs ? { }
 }:
@@ -11,85 +14,31 @@ let
   kubernetes = (evalModules {
     inherit module specialArgs;
   }).config.kubernetes or { };
-in
-runCommand "kubenix"
-{
-  kubeconfig = kubernetes.kubeconfig or "";
+
+  kubeconfig = "/home/pim/.kube/config"; # kubernetes.kubeconfig or "";
   result = kubernetes.result or "";
 
   # kubectl does some parsing which removes the -I flag so
   # as workaround, we write to a script and call that
   # https://github.com/kubernetes/kubernetes/pull/108199#issuecomment-1058405404
   diff = writeShellScript "kubenix-diff" ''
-    ${colordiff}/bin/colordiff --nobanner -N -u -I ' kubenix/hash: ' -I ' generation: ' $@
+    ${lib.getExe colordiff} --nobanner -N -u -I ' kubenix/hash: ' -I ' generation: ' $@
   '';
-} ''
-  set -euo pipefail
-  mkdir -p $out/bin
-
-  # write the manifests for use with `nix build`
-  ln -s $result $out/manifest.json
-
-  # create a script for `nix run`
-  cat <<EOF> $out/bin/kubenix
-    set -uo pipefail
-
-    export KUBECONFIG=$kubeconfig
-    export KUBECTL_EXTERNAL_DIFF=$diff
-
-    function _help() {
-      echo "
-      kubenix - Kubernetes management with Nix
-
-      commands:
-        ""          - run diff, prompt for confirmation, then apply
-        apply       - create resources in target cluster
-        diff        - show a diff between configured and live resources
-        render      - print resource manifests to stdout
-
-      options:
-        -h --help   - show this menu
-      "
-    }
-
-    function _kubectl() {
-      ${vals}/bin/vals eval -fail-on-missing-key-in-map < $result | ${kubectl}/bin/kubectl \$@
-    }
-
-    # if no args given, add empty string
-    [ \$# -eq 0 ] && set -- ""
 
-    # parse arguments
-    while test \$# -gt 0; do
-      case "\$1" in
-
-        -h|--help)
-          _help
-        exit 0;;
-
-        "")
-          _kubectl diff -f - --prune
-          if [[ "\$?" -eq 1 ]]; then
-            read -p 'apply? [y/N]: ' response
-            [[ \$response == "y" ]] && _kubectl apply -f - --prune --all
-          fi
-         shift;;
-
-        render)
-          ${vals}/bin/vals eval < $result
-        shift;;
-
-        apply|diff)
-          _kubectl \$@ -f - --prune
-        shift;;
-
-        *)
-          _kubectl \$@
-        shift;;
-
-      esac
-    done
-
-  EOF
-  chmod +x $out/bin/kubenix
-''
+  script = (writeScriptBin "kubenix" (builtins.readFile ./kubenix.sh)).overrideAttrs (old: {
+    buildCommand = "${old.buildCommand}\npatchShebangs $out";
+  });
+in
+symlinkJoin {
+  name = "kubenix";
+  paths = [ script vals kubectl ];
+  buildInputs = [ makeWrapper ];
+  postBuild = ''
+    export DIFF="${diff}"
+    wrapProgram $out/bin/kubenix \
+      --set PATH "$out/bin" \
+      --set KUBECONFIG "${kubeconfig}" \
+      --set KUBECTL_EXTERNAL_DIFF "''${DIFF}" \
+      --set MANIFEST "${result}"
+  '';
+}
diff --git a/pkgs/kubenix.sh b/pkgs/kubenix.sh
new file mode 100644
index 0000000..9f9e3a3
--- /dev/null
+++ b/pkgs/kubenix.sh
@@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+
+set -uo pipefail
+
+function _help() {
+  echo "
+  kubenix - Kubernetes management with Nix
+
+  commands:
+    ""          - run diff, prompt for confirmation, then apply
+    apply       - create resources in target cluster
+    diff        - show a diff between configured and live resources
+    render      - print resource manifests to stdout
+
+  options:
+    -h --help   - show this menu
+  "
+}
+
+function _kubectl() {
+  vals eval -fail-on-missing-key-in-map <$MANIFEST | kubectl $@
+}
+
+# if no args given, add empty string
+[ $# -eq 0 ] && set -- ""
+
+# parse arguments
+while test $# -gt 0; do
+  case "$1" in
+
+  -h | --help)
+    _help
+    exit 0
+    ;;
+
+  "")
+    _kubectl diff -f - --prune
+    if [[ $? -eq 1 ]]; then
+      read -p 'apply? [y/N]: ' response
+      [[ $response == "y" ]] && _kubectl apply -f - --prune --all
+    fi
+    shift
+    ;;
+
+  render)
+    vals eval <$MANIFEST
+    shift
+    ;;
+
+  apply | diff)
+    _kubectl $@ -f - --prune
+    shift
+    ;;
+
+  *)
+    _kubectl $@
+    shift
+    ;;
+
+  esac
+done

From d29d242c04eeb75597c01e72be4b3d57deb7ecc7 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Sun, 5 May 2024 19:05:55 +0200
Subject: [PATCH 2/4] Update changelog

---
 CHANGELOG.md | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9279f54..428fabd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,7 +5,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [Unreleased]
+## [0.3.0] - 2024-05-05
+
+### Breaking
+
+- removed generated Kubernetes manifest file (`manifest.json`) from default flake package
+
+  See the [documentation](https://kubenix.org/#usage) how to access the generated Kubernetes manifest file
 
 ### Added
 
@@ -14,6 +20,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Changed
 
 - removed local `kubectl` and `kubernetes` packages in lieu of those from nixpkgs
+- pin Bash version of Kubenix CLI script
 
 ## [0.2.0] - 2023-07-07
 

From f649d0b17f498d8644c88c58cf870d0afe4604e8 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Sun, 5 May 2024 19:48:20 +0200
Subject: [PATCH 3/4] Fix hardcoded kubeconfig

---
 pkgs/kubenix.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkgs/kubenix.nix b/pkgs/kubenix.nix
index 5d44aed..9a4c7ea 100644
--- a/pkgs/kubenix.nix
+++ b/pkgs/kubenix.nix
@@ -15,7 +15,7 @@ let
     inherit module specialArgs;
   }).config.kubernetes or { };
 
-  kubeconfig = "/home/pim/.kube/config"; # kubernetes.kubeconfig or "";
+  kubeconfig = kubernetes.kubeconfig or "";
   result = kubernetes.result or "";
 
   # kubectl does some parsing which removes the -I flag so

From 8f7aa3957a3b51a2fbe176884ce0fe99a928d768 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Sun, 5 May 2024 21:20:37 +0200
Subject: [PATCH 4/4] Expose generated manifest with Kubenix CLI derivation
 passthru

---
 pkgs/kubenix.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pkgs/kubenix.nix b/pkgs/kubenix.nix
index 9a4c7ea..88555ca 100644
--- a/pkgs/kubenix.nix
+++ b/pkgs/kubenix.nix
@@ -33,6 +33,8 @@ symlinkJoin {
   name = "kubenix";
   paths = [ script vals kubectl ];
   buildInputs = [ makeWrapper ];
+  passthru.manifest = result;
+
   postBuild = ''
     export DIFF="${diff}"
     wrapProgram $out/bin/kubenix \