From fa891f60bb6ca6405e0bdb3ebc05d8eb6a02568e Mon Sep 17 00:00:00 2001 From: winston Date: Tue, 29 Nov 2022 05:09:05 +0100 Subject: [PATCH] feat: nvim overhaul, k8s completions and snippets --- dot_config/nvim/lua/config/catppuccin.lua | 39 +- dot_config/nvim/lua/config/colorizer.lua | 2 +- dot_config/nvim/lua/lsp.lua | 55 +- dot_config/nvim/lua/plugins.lua | 96 ++-- dot_config/nvim/snippets/yaml.json | 611 ++++++++++++++++++++++ 5 files changed, 741 insertions(+), 62 deletions(-) create mode 100644 dot_config/nvim/snippets/yaml.json diff --git a/dot_config/nvim/lua/config/catppuccin.lua b/dot_config/nvim/lua/config/catppuccin.lua index be516a0..e9e3497 100644 --- a/dot_config/nvim/lua/config/catppuccin.lua +++ b/dot_config/nvim/lua/config/catppuccin.lua @@ -46,7 +46,7 @@ require("catppuccin").setup({ }, barbar = false, bufferline = true, - dashboard = true, + dashboard = false, fern = false, gitgutter = false, gitsigns = true, @@ -64,25 +64,44 @@ require("catppuccin").setup({ vimwiki = true, }, highlight_overrides = { + all = function(colors) + return { + DashboardCenter = { fg = colors.peach }, + DashboardFooter = { fg = colors.maroon }, + DashboardHeader = { fg = colors.pink }, + DashboardShortCut = { fg = colors.yellow }, + -- custom selection highlight + Selection = { bg = colors.surface1, fg = colors.text }, + -- borders + FloatBorder = { fg = colors.overlay0 }, + LspInfoBorder = { link = "FloatBorder" }, + NvimTreeWinSeparator = { link = "FloatBorder" }, + WhichKeyBorder = { link = "FloatBorder" }, + -- telescope + TelescopeBorder = { link = "FloatBorder" }, + TelescopeTitle = { fg = colors.text }, + TelescopeSelection = { link = "Selection" }, + TelescopeSelectionCaret = { link = "Selection" }, + -- pmenu + PmenuSel = { link = "Selection" }, + } + end, mocha = function(colors) return { - DashboardHeader = { fg = colors.pink }, - DashboardCenter = { fg = colors.peach }, - DashboardShortCut = { fg = colors.yellow }, - DashboardFooter = { fg = colors.maroon }, - ["InlayHint"] = { fg = colors.surface0, style = { "italic" } }, - FloatBorder = { fg = colors.overlay0 }, - TelescopeBorder = { link = "FloatBorder" }, + Selection = { bg = "#121212", fg = colors.text }, + Comment = { fg = colors.surface2, style = { "italic" } }, + InlayHint = { fg = colors.surface0, style = { "italic" } }, } end, }, color_overrides = { mocha = { base = "#000000", - crust = "#000000", - mantle = "#000000", + crust = "#010101", + mantle = "#020202", }, }, + transparent_background = true, }) vim.api.nvim_command("colorscheme catppuccin") diff --git a/dot_config/nvim/lua/config/colorizer.lua b/dot_config/nvim/lua/config/colorizer.lua index 57ea485..52118ee 100644 --- a/dot_config/nvim/lua/config/colorizer.lua +++ b/dot_config/nvim/lua/config/colorizer.lua @@ -10,7 +10,7 @@ require("colorizer").setup({ css = false, css_fn = false, mode = "background", - tailwind = true, + tailwind = "both", sass = { enable = true }, virtualtext = " ", }, diff --git a/dot_config/nvim/lua/lsp.lua b/dot_config/nvim/lua/lsp.lua index 1c0b7ed..3919e89 100644 --- a/dot_config/nvim/lua/lsp.lua +++ b/dot_config/nvim/lua/lsp.lua @@ -1,7 +1,7 @@ -- vim:fdm=marker require("mason").setup({ ui = { - border = "none", + border = "double", icons = { package_installed = " ", package_pending = " ", @@ -12,6 +12,8 @@ require("mason").setup({ require("mason-lspconfig").setup({ automatic_installation = true }) vim.opt.completeopt = "menu,menuone,noselect" +vim.g.vsnip_snippet_dir = vim.fn.stdpath("config") .. "/snippets" +vim.lsp.set_log_level("error") -- cmp {{{ local present, cmp = pcall(require, "cmp") @@ -23,10 +25,10 @@ local has_words_before = function() ---@diagnostic disable-next-line: deprecated local line, col = unpack(vim.api.nvim_win_get_cursor(0)) return col ~= 0 - and vim.api - .nvim_buf_get_lines(0, line - 1, line, true)[1] - :sub(col, col) - :match("%s") + and vim.api + .nvim_buf_get_lines(0, line - 1, line, true)[1] + :sub(col, col) + :match("%s") == nil end @@ -157,6 +159,7 @@ local on_attach = function(client, bufnr) vim.keymap.set("n", "[d", vim.diagnostic.goto_prev, bufopts) end local lspconfig = require("lspconfig") +require("lspconfig.ui.windows").default_options.border = "double" -- lua {{{ lspconfig.sumneko_lua.setup({ @@ -202,6 +205,16 @@ lspconfig.emmet_ls.setup({ "scss", }, }) +lspconfig.tailwindcss.setup({ + capabilities = capabilities, + on_attach = on_attach, + filetypes = { + "javascriptreact", + "typescriptreact", + "html", + "css", + }, +}) -- attach tsserver only when there's a 'package.json' file in the CWD lspconfig.tsserver.setup({ capabilities = capabilities, @@ -315,7 +328,7 @@ require("rust-tools").setup({ }, }) -lspconfig.pyright.setup({ +require("py_lsp").setup({ capabilities = capabilities, on_attach = on_attach, }) @@ -350,8 +363,34 @@ lspconfig.yamlls.setup({ on_attach = on_attach, settings = { yaml = { + completion = true, + validate = true, + suggest = { + parentSkeletonSelectedFirst = true, + }, + schemaStore = { + enable = true, + url = "https://www.schemastore.org/api/json/catalog.json", + }, schemas = { - ["https://json.schemastore.org/github-workflow.json"] = "/.github/workflows/*", + ["https://json.schemastore.org/github-action"] = ".github/action.{yaml,yml}", + ["https://json.schemastore.org/github-workflow"] = ".github/workflows/*", + ["https://json.schemastore.org/gitlab-ci"] = "*lab-ci.{yaml,yml}", + ["https://json.schemastore.org/helmfile"] = "helmfile.{yaml,yml}", + ["https://raw.githubusercontent.com/compose-spec/compose-spec/master/schema/compose-spec.json"] = "docker-compose.yml.{yml,yaml}", + -- stylua: ignore + kubernetes = { + '*-deployment.yaml', '*-deployment.yml', '*-service.yaml', '*-service.yml', 'clusterrole-contour.yaml', + 'clusterrole-contour.yml', 'clusterrole.yaml', 'clusterrole.yml', 'clusterrolebinding.yaml', + 'clusterrolebinding.yml', 'configmap.yaml', 'configmap.yml', 'cronjob.yaml', 'cronjob.yml', 'daemonset.yaml', + 'daemonset.yml', 'deployment-*.yaml', 'deployment-*.yml', 'deployment.yaml', 'deployment.yml', 'hpa.yaml', + 'hpa.yml', 'ingress.yaml', 'ingress.yml', 'job.yaml', 'job.yml', 'kubectl-edit-*.yaml', 'namespace.yaml', + 'namespace.yml', 'pvc.yaml', 'pvc.yml', 'rbac.yaml', 'rbac.yml', 'replicaset.yaml', 'replicaset.yml', + 'role.yaml', 'role.yml', 'rolebinding.yaml', 'rolebinding.yml', 'sa.yaml', 'sa.yml', 'secret.yaml', + 'secret.yml', 'service-*.yaml', 'service-*.yml', 'service-account.yaml', 'service-account.yml', 'service.yaml', + 'service.yml', 'serviceaccount.yaml', 'serviceaccount.yml', 'serviceaccounts.yaml', 'serviceaccounts.yml', + 'statefulset.yaml', 'statefulset.yml' + }, }, }, }, @@ -377,7 +416,7 @@ local augroup = vim.api.nvim_create_augroup("LspFormatting", {}) null.setup({ sources = { - null.builtins.formatting.autopep8, + null.builtins.formatting.black, null.builtins.formatting.deno_fmt, null.builtins.formatting.gofmt, null.builtins.formatting.isort, diff --git a/dot_config/nvim/lua/plugins.lua b/dot_config/nvim/lua/plugins.lua index 672ae1a..e0f3eba 100644 --- a/dot_config/nvim/lua/plugins.lua +++ b/dot_config/nvim/lua/plugins.lua @@ -56,8 +56,8 @@ return packer.startup({ config = function() require("indent_blankline").setup({ space_char_blankline = " ", - show_current_context = true, - show_current_context_start = true, + -- show_current_context = true, + -- show_current_context_start = true, }) vim.g.indent_blankline_filetype_exclude = { "dashboard", @@ -78,20 +78,6 @@ return packer.startup({ end, }) - use({ - "nvim-lualine/lualine.nvim", - requires = { "kyazdani42/nvim-web-devicons", opt = true }, - config = function() - require("lualine").setup({ - options = { - theme = "catppuccin", - component_separators = { left = "", right = "" }, - section_separators = { left = "", right = "" }, - }, - }) - end, - }) - -- DJI Osmo use({ "luukvbaal/stabilize.nvim", @@ -121,7 +107,18 @@ return packer.startup({ use({ "folke/which-key.nvim", config = function() - require("which-key").setup({}) + require("which-key").setup({ + key_labels = { + [""] = "SPC", + [""] = "SPC", + [""] = " ", + [""] = " ", + }, + window = { + border = "double", + margin = { 0, 0, 0, 0 }, + }, + }) end, }) @@ -214,14 +211,36 @@ return packer.startup({ require("telescope").setup({ defaults = { borderchars = { - "═", - "║", - "═", - "║", - "╔", - "╗", - "╝", - "╚", + results = { + "═", + "│", + " ", + "║", + "╔", + "╤", + "│", + "║", + }, + prompt = { + "─", + "│", + "═", + "║", + "╟", + "┤", + "╧", + "╚", + }, + preview = { + "═", + "║", + "═", + " ", + "═", + "╗", + "╝", + "═", + }, }, }, }) @@ -278,12 +297,12 @@ return packer.startup({ end, }) - -- use({ - -- "andweeb/presence.nvim", - -- config = function() - -- require("config/presence") - -- end, - -- }) + use({ + "andweeb/presence.nvim", + config = function() + require("config/presence") + end, + }) use({ "iamcco/markdown-preview.nvim", run = "cd app && yarn install" }) -- LSP @@ -304,6 +323,7 @@ return packer.startup({ "ray-x/go.nvim", requires = "ray-x/guihua.lua", }) + use("HallerPatrick/py_lsp.nvim") use("simrat39/rust-tools.nvim") use("rafamadriz/friendly-snippets") use("jose-elias-alvarez/null-ls.nvim") @@ -322,11 +342,9 @@ return packer.startup({ use("b0o/schemastore.nvim") use({ - "github/copilot.vim", + "zbirenbaum/copilot.lua", config = function() - local opt = { noremap = true, silent = true, expr = true } - Map("i", "", 'copilot#Accept("\\")', opt) - vim.g.copilot_no_tab_map = true + require("config/copilot") end, }) @@ -367,14 +385,6 @@ return packer.startup({ require("telescope").load_extension("asynctasks") end, }) - - -- startup - use({ - "glepnir/dashboard-nvim", - config = function() - require("config/dashboard") - end, - }) end, config = { display = { diff --git a/dot_config/nvim/snippets/yaml.json b/dot_config/nvim/snippets/yaml.json new file mode 100644 index 0000000..1efae79 --- /dev/null +++ b/dot_config/nvim/snippets/yaml.json @@ -0,0 +1,611 @@ +{ + "k8s Ingress with TLS": { + "prefix": "k-ingress-tls", + "description": "k8s Ingress with TLS", + "body": [ + "# https://kubernetes.io/docs/concepts/services-networking/ingress/#tls", + "apiVersion: v1", + "kind: Secret", + "metadata:", + " name: ${1:testsecret-tls}", + " namespace: ${2:default}", + "type: kubernetes.io/tls", + "# The TLS secret must contain keys named 'tls.crt' and 'tls.key' that contain the certificate and private key to use for TLS.", + "data:", + " tls.crt: base64 encoded cert", + " tls.key: base64 encoded key", + "", + "---", + "apiVersion: networking.k8s.io/v1", + "kind: Ingress", + "metadata:", + " name: ${3:tls-example-ingress}", + " namespace: ${2:default}", + "spec:", + " tls:", + " - hosts:", + " - ${4:https-example.foo.com}", + " secretName: ${1:testsecret-tls}", + " rules:", + " - host: ${4:https-example.foo.com}", + " http:", + " paths:", + " - path: /${5}", + " pathType: Prefix", + " backend:", + " service:", + " name: ${6:service1}", + " port:", + " number: ${7:80}", + "---", + "$0" + ] + }, + "k8s Ingress": { + "prefix": "k-ingress", + "description": "k8s Ingress", + "body": [ + "# https://kubernetes.io/docs/concepts/services-networking/ingress/", + "apiVersion: networking.k8s.io/v1", + "kind: Ingress", + "metadata:", + " name: ${1:example-ingress}", + " namespace: ${2:default}", + "spec:", + " rules:", + " - host: ${3:example.foo.com}", + " http:", + " paths:", + " - path: /${4}", + " pathType: ${5|Prefix,Exact|}", + " backend:", + " service:", + " name: ${6:service1}", + " port:", + " number: ${7:80}", + "---", + "$0" + ] + }, + "k8s Ingress with Rewrite rule": { + "prefix": "k-ingress-rewrite", + "description": "k8s Ingress with Rewrite rule", + "body": [ + "# https://kubernetes.io/docs/concepts/services-networking/ingress/", + "apiVersion: networking.k8s.io/v1", + "kind: Ingress", + "metadata:", + " name: ${1:example-ingress}", + " namespace: ${2:default}", + " # https://kubernetes.github.io/ingress-nginx/examples/rewrite/", + " annotations:", + " nginx.ingress.kubernetes.io/rewrite-target: /\\$1", + "spec:", + " rules:", + " - host: ${3:example.foo.com}", + " http:", + " paths:", + " - path: ${4:/api/(.*)}", + " pathType: Prefix", + " backend:", + " service:", + " name: ${5:service1}", + " port:", + " number: ${6:80}", + "---", + "$0" + ] + }, + "k8s Deployment": { + "prefix": "k-deploymment", + "description": "k8s Deployment", + "body": [ + "# https://kubernetes.io/docs/concepts/workloads/controllers/deployment/", + "apiVersion: apps/v1", + "kind: Deployment", + "metadata:", + " name: ${1:myjob}", + " namespace: ${2:default}", + " labels:", + " app: ${1:myjob}", + "spec:", + " selector:", + " matchLabels:", + " app: ${1:myjob}", + " replicas: 1", + " strategy:", + " rollingUpdate:", + " maxSurge: 25%", + " maxUnavailable: 25%", + " type: RollingUpdate", + " template:", + " metadata:", + " labels:", + " app: ${1:myjob}", + " spec:", + " # initContainers:", + " # Init containers are exactly like regular containers, except:", + " # - Init containers always run to completion.", + " # - Each init container must complete successfully before the next one starts.", + " containers:", + " - name: ${1:myjob}", + " image: ${3:myjob:latest}", + " imagePullPolicy: ${4|IfNotPresent,Always,Never|}", + " resources:", + " requests:", + " cpu: 100m", + " memory: 100Mi", + " limits:", + " cpu: 100m", + " memory: 100Mi", + " livenessProbe:", + " tcpSocket:", + " port: ${5:80}", + " initialDelaySeconds: 5", + " timeoutSeconds: 5", + " successThreshold: 1", + " failureThreshold: 3", + " periodSeconds: 10", + " readinessProbe:", + " httpGet:", + " path: /_status/healthz", + " port: ${5:80}", + " initialDelaySeconds: 5", + " timeoutSeconds: 2", + " successThreshold: 1", + " failureThreshold: 3", + " periodSeconds: 10", + " env:", + " - name: ACCEPT_EULA", + " value: \"Y\"", + " - name: DB_HOST", + " valueFrom:", + " configMapKeyRef:", + " name: ${1:myjob}", + " key: DB_HOST", + " - name: DB_HOST", + " valueFrom:", + " secretKeyRef:", + " name: ${1:mysecret}", + " key: MSSQL_SA_PASSWORD", + " ports:", + " - containerPort: ${5:80}", + " name: ${1:myjob}", + " volumeMounts:", + " - name: localtime", + " mountPath: /etc/localtime", + " volumes:", + " - name: localtime", + " hostPath:", + " path: /usr/share/zoneinfo/Asia/Taipei", + " restartPolicy: Always", + "---", + "$0" + ] + }, + "k8s Service": { + "prefix": "k-service", + "description": "k8s Service", + "body": [ + "# https://kubernetes.io/docs/concepts/services-networking/service/", + "apiVersion: v1", + "kind: Service", + "metadata:", + " name: ${1:myjob}", + " namespace: ${2:default}", + "spec:", + " selector:", + " app: ${1:myjob}", + " type: ${3|ClusterIP,NodePort,LoadBalancer|}", + " ports:", + " - name: ${1:myjob}", + " protocol: ${4|TCP,UDP|}", + " port: ${5:80}", + " targetPort: ${6:5000}", + " nodePort: ${7:30001}", + "---", + "$0" + ] + }, + "k8s ConfigMap": { + "prefix": "k-configmap", + "description": "k8s ConfigMap", + "body": [ + "# https://kubernetes.io/docs/concepts/configuration/configmap/", + "kind: ConfigMap", + "apiVersion: v1", + "metadata:", + " name: ${1:myconfig}", + " namespace: ${2:default}", + "data:", + " ${3:key}: ${4:value}", + "---", + "$0" + ] + }, + "k8s Secret": { + "prefix": "k-secret", + "description": "k8s Secret", + "body": [ + "# https://kubernetes.io/docs/concepts/configuration/secret/", + "apiVersion: v1", + "kind: Secret", + "metadata:", + " name: ${1:mysecret}", + " namespace: ${2:default}", + "type: ${3|Opaque,kubernetes.io/dockerconfigjson,kubernetes.io/dockercfg,kubernetes.io/basic-auth,kubernetes.io/ssh-auth,kubernetes.io/tls,kubernetes.io/service-account-token,bootstrap.kubernetes.io/token|}", + "data:", + " # Example:", + " # password: {{ .Values.password | b64enc }}", + "# stringData:", + "# username: admin # required field for kubernetes.io/basic-auth", + "# password: t0p-Secret # required field for kubernetes.io/basic-auth", + "# immutable: true", + "---", + "$0" + ] + }, + "k8s Job": { + "prefix": "k-job", + "description": "k8s Job", + "body": [ + "# https://kubernetes.io/docs/concepts/workloads/controllers/job/", + "apiVersion: batch/v1", + "kind: Job", + "metadata:", + " name: ${1:myjob}", + " namespace: ${2:default}", + " labels:", + " app: ${1:myjob}", + "spec:", + " template:", + " metadata:", + " name: ${1:myjob}", + " labels:", + " app: ${1:myjob}", + " spec:", + " containers:", + " - name: ${1:myjob}", + " image: ${3:python:3.7.6-alpine3.10}", + " command: ['sh', '-c', '${4:python3 manage.py makemigrations && python3 manage.py migrate}']", + " env:", + " - name: ENV_NAME", + " value: ENV_VALUE", + " volumeMounts:", + " - name: localtime", + " mountPath: /etc/localtime", + " volumes:", + " - name: localtime", + " hostPath:", + " path: /usr/share/zoneinfo/Asia/Taipei", + " restartPolicy: OnFailure", + " dnsPolicy: ClusterFirst", + "---", + "$0" + ] + }, + "k8s CronJob": { + "prefix": "k-cronjob", + "description": "k8s CronJob", + "body": [ + "# https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/", + "apiVersion: batch/v1beta1", + "kind: CronJob", + "metadata:", + " name: ${1:cronjobname}", + " namespace: ${2:default}", + "spec:", + " schedule: \"${3:*/1 * * * *}\"", + " jobTemplate:", + " spec:", + " template:", + " spec:", + " containers:", + " - name: ${4:jobname}", + " image: ${5:busybox}", + " args: ['/bin/sh', '-c', '${6:date; echo Hello from the Kubernetes cluster}']", + " restartPolicy: OnFailure", + "---", + "$0" + ] + }, + "k8s Pod": { + "prefix": "k-pod", + "description": "k8s Pod", + "body": [ + "# https://kubernetes.io/docs/concepts/workloads/pods/", + "apiVersion: v1", + "kind: Pod", + "metadata:", + " name: \"${1:myapp}\"", + " namespace: ${2:default}", + " labels:", + " app: \"${1:myapp}\"", + "spec:", + " containers:", + " - name: ${1:myapp}", + " image: \"${3:debian-slim:latest}\"", + " resources:", + " limits:", + " cpu: 200m", + " memory: 500Mi", + " requests:", + " cpu: 100m", + " memory: 200Mi", + " env:", + " - name: DB_HOST", + " valueFrom:", + " configMapKeyRef:", + " name: myapp", + " key: DB_HOST", + " ports:", + " - containerPort: ${4:80}", + " name: http", + " volumeMounts:", + " - name: localtime", + " mountPath: /etc/localtime", + " volumes:", + " - name: localtime", + " hostPath:", + " path: /usr/share/zoneinfo/Asia/Taipei", + " restartPolicy: Always", + "---", + "$0" + ] + }, + "k8s PersistentVolumeClaim": { + "prefix": "k-pvc", + "description": "k8s PersistentVolumeClaim", + "body": [ + "# https://kubernetes.io/docs/concepts/storage/persistent-volumes/", + "apiVersion: v1", + "kind: PersistentVolumeClaim", + "metadata:", + " name: ${1:myapp}", + " namespace: ${2:default}", + " labels:", + " app: ${1:myapp}", + "spec:", + " # AKS: default,managed-premium", + " # GKE: standard", + " # EKS: gp2 (custom)", + " # Rook: rook-ceph-block,rook-ceph-fs", + " storageClassName: ${3|default,managed-premium,standard,gp2,rook-ceph-block,rook-ceph-fs|}", + " accessModes:", + " - ${4|ReadWriteOnce,ReadWriteMany,ReadOnlyMany|}", + " resources:", + " requests:", + " storage: ${5:2Gi}", + "---", + "$0" + ] + }, + "k8s DaemonSet": { + "prefix": "k-daemonset", + "description": "k8s DaemonSet", + "body": [ + "# https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", + "apiVersion: apps/v1", + "kind: DaemonSet", + "metadata:", + " name: ${1:myapp}", + " namespace: ${2:default}", + " labels:", + " app: ${1:myapp}", + "spec:", + " selector:", + " matchLabels:", + " app: ${1:myapp}", + " template:", + " metadata:", + " labels:", + " app: ${1:myapp}", + " spec:", + " tolerations:", + " # this toleration is to have the daemonset runnable on master nodes", + " # remove it if your masters can't run pods", + " - key: node-role.kubernetes.io/master", + " effect: NoSchedule", + " containers:", + " - name: ${1:myapp}", + " image: ${3:debian}", + " resources:", + " limits:", + " memory: 200Mi", + " requests:", + " cpu: 100m", + " memory: 200Mi", + " volumeMounts:", + " - name: localtime", + " mountPath: /etc/localtime", + " terminationGracePeriodSeconds: 30", + " volumes:", + " - name: localtime", + " hostPath:", + " path: /usr/share/zoneinfo/Asia/Taipei", + "---", + "$0" + ] + }, + "k8s StatefulSet": { + "prefix": "k-statefulset", + "description": "k8s StatefulSet", + "body": [ + "# https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/", + "apiVersion: apps/v1", + "kind: StatefulSet", + "metadata:", + " name: ${1:myapp}", + " namespace: ${2:default}", + "spec:", + " selector:", + " matchLabels:", + " app: ${1:myapp} # has to match .spec.template.metadata.labels", + " serviceName: \"${1:myapp}\"", + " replicas: ${3:3} # by default is 1", + " template:", + " metadata:", + " labels:", + " app: ${1:myapp} # has to match .spec.selector.matchLabels", + " spec:", + " terminationGracePeriodSeconds: 10", + " containers:", + " - name: ${1:myapp}", + " image: ${4:${1:myapp}-slim:1.16.1}", + " ports:", + " - containerPort: ${5:80}", + " name: ${1:myapp}", + " volumeMounts:", + " - name: ${6:www}", + " mountPath: /usr/share/nginx/html", + " volumeClaimTemplates:", + " - metadata:", + " name: ${6:www}", + " spec:", + " storageClassName: ${7:my-storage-class}", + " accessModes:", + " - ${8|ReadWriteOnce,ReadWriteMany,ReadOnlyMany|}", + " resources:", + " requests:", + " storage: ${9:1Gi}", + "---", + "$0" + ] + }, + "k8s NetworkPolicy": { + "prefix": "k-networkpolicy", + "description": "k8s NetworkPolicy", + "body": [ + "# https://kubernetes.io/docs/concepts/services-networking/network-policies/", + "apiVersion: networking.k8s.io/v1", + "kind: NetworkPolicy", + "metadata:", + " name: ${1:mypolicy}", + " namespace: ${2:default}", + "spec:", + " podSelector:", + " matchLabels:", + " app: ${1:myapp}", + " policyTypes:", + " - Ingress", + " ingress:", + " - from:", + " - podSelector:", + " matchLabels:", + " ${3:access}: ${4:granted}", + " ports:", + " - protocol: TCP", + " port: ${5:8080}", + "---", + "$0" + ] + }, + "k8s Role": { + "prefix": "k-role", + "description": "k8s Role", + "body": [ + "# https://kubernetes.io/docs/reference/access-authn-authz/rbac/", + "apiVersion: rbac.authorization.k8s.io/v1", + "kind: Role", + "metadata:", + " name: ${1:role}", + " namespace: ${2:default}", + "rules:", + "- apiGroups: [${3:\"\"}] # \"\" indicates the core API group", + " resources: [${4:\"pods\"}]", + " verbs: [${5:\"get\", \"watch\", \"list\"}]", + "---", + "$0" + ] + }, + "k8s ClusterRole": { + "prefix": "k-clusterrole", + "description": "k8s ClusterRole", + "body": [ + "# https://kubernetes.io/docs/reference/access-authn-authz/rbac/", + "apiVersion: rbac.authorization.k8s.io/v1", + "kind: ClusterRole", + "metadata:", + " name: ${1:clusterrole}", + "rules:", + "- apiGroups: [${3:\"\"}] # \"\" indicates the core API group", + " resources: [${4:\"secrets\"}]", + " verbs: [${5:\"get\", \"watch\", \"list\"}]", + "---", + "$0" + ] + }, + "k8s RoleBinding": { + "prefix": "k-rolebinding", + "description": "k8s RoleBinding", + "body": [ + "# https://kubernetes.io/docs/reference/access-authn-authz/rbac/", + "apiVersion: rbac.authorization.k8s.io/v1", + "kind: RoleBinding", + "metadata:", + " name: ${1:rolebinding}", + " namespace: ${2:default}", + "subjects:", + "- kind: ${3|User,Group,ServiceAccount|}", + " name: ${4:name} # Name is case sensitive", + " apiGroup: rbac.authorization.k8s.io", + "roleRef:", + " kind: ${5:Role}", + " name: ${6:RoleName}", + " apiGroup: rbac.authorization.k8s.io", + "---", + "$0" + ] + }, + "k8s ClusterRoleBinding": { + "prefix": "k-clusterrolebinding", + "description": "k8s ClusterRoleBinding", + "body": [ + "# https://kubernetes.io/docs/reference/access-authn-authz/rbac/", + "apiVersion: rbac.authorization.k8s.io/v1", + "kind: ClusterRoleBinding", + "metadata:", + " name: ${1:clusterrolebinding}", + "subjects:", + "- kind: ${2|User,Group,ServiceAccount|}", + " name: ${3:name} # Name is case sensitive", + " apiGroup: rbac.authorization.k8s.io", + "roleRef:", + " kind: ${4:ClusterRole}", + " name: ${5:RoleName}", + " apiGroup: rbac.authorization.k8s.io", + "---", + "$0" + ] + }, + "k8s ServiceAccount": { + "prefix": "k-serviceaccount", + "description": "k8s ServiceAccount", + "body": [ + "# https://kubernetes.io/docs/reference/access-authn-authz/rbac/", + "apiVersion: rbac.authorization.k8s.io/v1", + "kind: ServiceAccount", + "metadata:", + " name: ${1:serviceaccount}", + " namespace: ${2:default}", + "---", + "$0" + ] + }, + "k8s ServiceAccount-ImagePullSecrets": { + "prefix": "k-serviceaccount-imagepullsecrets", + "description": "k8s ServiceAccount with ImagePullSecrets", + "body": [ + "# https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account", + "apiVersion: rbac.authorization.k8s.io/v1", + "kind: ServiceAccount", + "metadata:", + " name: ${1:serviceaccount}", + " namespace: ${2:default}", + "imagePullSecrets:", + " - name: ${3:myregistrykey}", + "---", + "$0" + ] + } +}