feat: add run-k3d (#5)

Author: ruzickap

.github/workflows/run-tests.yml

@@ -2,6 +2,13 @@ name: run-tests
 
 on:
   workflow_dispatch:
+  push:
+    branches-ignore:
+      - main
+    paths:
+      - ".github/workflows/run-tests.yml"
+      - "**kind**"
+      - "**k3s**"
 
 permissions: read-all
 
@@ -15,16 +22,17 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [ubuntu-24.04, ubuntu-24.04-arm]
-    timeout-minutes: 30
+        # os: [ubuntu-24.04, ubuntu-24.04-arm]
+        os: [ubuntu-24.04]
+    timeout-minutes: 10
     steps:
       - name: 🛠️ Checkout Code
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: 🚀 Run mise
         run: |
           docker run --rm -i \
-            --env SOPS_AGE_KEY --env MISE_SOPS_AGE_KEY \
+            --env SOPS_AGE_KEY --env MISE_SOPS_AGE_KEY --env CLICOLOR_FORCE=1 \
             -v "$PWD:/mnt" \
             -v "/var/run/docker.sock:/var/run/docker.sock" \
             --workdir /mnt \
@@ -40,8 +48,9 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [ubuntu-24.04, ubuntu-24.04-arm]
-    timeout-minutes: 30
+        # os: [ubuntu-24.04, ubuntu-24.04-arm]
+        os: [ubuntu-24.04]
+    timeout-minutes: 10
     steps:
       - name: 🛠️ Checkout Code
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

.jscpd.json

@@ -0,0 +1,3 @@
+{
+  "ignore": ["**/scripts/**", "**/.git/**", ".github/workflows/run-tests.yml"]
+}

README.md

@@ -3,7 +3,25 @@
 Infrastructure as Code for provisioning multiple Kubernetes clusters, managed
 using GitOps with ArgoCD
 
-Tests:
+Create all "kind" clusters:
+
+```bash
+mise task run "create:kind:*"
+mise task run "delete:kind:*"
+```
+
+Create all "k3s" clusters:
+
+```bash
+mise task run "create:k3d:*"
+mise task run "delete:k3d:*"
+```
+
+> Same for eksctl, az, terraform-aws, terraform-az, ... clusters
+
+---
+
+## Tests
 
 ```bash
 SOPS_AGE_KEY="$(grep -v ^# ~/Documents/secrets/age.txt)"
@@ -16,7 +34,7 @@ docker run --rm -it \
   -v "$PWD:/mnt" \
   -v "/var/run/docker.sock:/var/run/docker.sock" \
   --workdir /mnt \
-  bash bash -c 'set -euxo pipefail && \
+  bash bash -c 'set -euo pipefail && \
     apk add docker && \
     wget -q https://mise.run -O - | sh && \
     eval "$(~/.local/bin/mise activate bash)" && \

clusters/k3d01-internal/.env.yaml

@@ -0,0 +1 @@
+# This file should contains the secrets and should be encrypted using SOPS

clusters/k3d01-internal/mise.toml

@@ -0,0 +1,17 @@
+[tools]
+k3d = "5.8.3"
+
+[env]
+_.file = ".env.yaml"
+# keep-sorted start
+CLUSTER_FQDN = "k3d01.internal"
+CLUSTER_NAME = "k3d01"
+# keep-sorted end
+
+[tasks."create:k3d01-internal"]
+description = 'Create K8s cluster'
+run = '${CLUSTERS_RUN_SCRIPT_DIRECTORY}/run-k3d.sh create'
+
+[tasks."delete:k3d01-internal"]
+description = 'Delete K8s cluster'
+run = '${CLUSTERS_RUN_SCRIPT_DIRECTORY}/run-k3d.sh delete'

clusters/k3d02-internal/.env.yaml

@@ -0,0 +1 @@
+# This file should contains the secrets and should be encrypted using SOPS

clusters/k3d02-internal/mise.toml

@@ -0,0 +1,17 @@
+[tools]
+k3d = "5.8.3"
+
+[env]
+_.file = ".env.yaml"
+# keep-sorted start
+CLUSTER_FQDN = "k3d02.internal"
+CLUSTER_NAME = "k3d02"
+# keep-sorted end
+
+[tasks."create:k3d02-internal"]
+description = 'Create K8s cluster'
+run = '${CLUSTERS_RUN_SCRIPT_DIRECTORY}/run-k3d.sh create'
+
+[tasks."delete:k3d02-internal"]
+description = 'Delete K8s cluster'
+run = '${CLUSTERS_RUN_SCRIPT_DIRECTORY}/run-k3d.sh delete'

clusters/kind01-internal/.env.yaml

@@ -1,21 +1 @@
-SECRET: ENC[AES256_GCM,data:QIOd+nLFzAQ=,iv:6o+BhThDyGAQ1jwjG04bS95c55xdUCdB6XhezYrKv90=,tag:tnwKw9zZjc7OLDi7YbiYnw==,type:str]
-sops:
-  kms: []
-  gcp_kms: []
-  azure_kv: []
-  hc_vault: []
-  age:
-    - recipient: age1jjuamrdk3vrk6g8qhrjnqtt4x2yvvxw7fz2nkvf78398dj7vav7s74z4zz
-      enc: |
-        -----BEGIN AGE ENCRYPTED FILE-----
-        YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTNXVyZWd4bTFWekVKbjdn
-        dzlPcWZnWUxsME9UWlN2NjgzMGhoQ1VIV0drCnlScGZTYitqcTYyR291eVArYWVs
-        c1JyU2FTVWJBajdWdFVGRFN5TXFsMWMKLS0tIEt2WjdNN3FWaU5UQnNwRDNseTVy
-        TXhtbU94bVFjOTJiUmQyQ2U5VWU0WlkK5Ur8KSyl5/4/AJrADYLRF/27r7hEZzY1
-        0Qo5LZDZOLXoJ6RBEAYi7WNj/hYbgoBd6maB93fMUaEW6MfC5zK6DA==
-        -----END AGE ENCRYPTED FILE-----
-  lastmodified: "2025-03-14T09:14:06Z"
-  mac: ENC[AES256_GCM,data:kDFNXFwtCNtUISMdYQG0yu38ORYdwsp5v02KrzFZS/zj3mPSNU71RGRPn44Vp9noztBRzz0C6kwql7BaWC2twDVAlR9FIrQDl+jf9PQiO9kBmrQo60TJq4gFe0jesWaBFyKDAG3ffi/oELJs8NZVkbBXwpshNoLs0C06nwc989g=,iv:fPVkLhox+xd5KXFmC6t+CJJ8c4Nsjh8u0DSCvnanYKM=,tag:2isNCgC8yxDaZOojyqgEjA==,type:str]
-  pgp: []
-  unencrypted_suffix: _unencrypted
-  version: 3.9.4
+# This file should contains the secrets and should be encrypted using SOPS

clusters/kind01-internal/mise.toml

@@ -1,14 +1,17 @@
+[tools]
+kind = "0.27.0"
+
 [env]
 _.file = ".env.yaml"
 # keep-sorted start
 CLUSTER_FQDN = "kind01.internal"
 CLUSTER_NAME = "kind01"
 # keep-sorted end
 
-[tasks."create"]
+[tasks."create:kind01-internal"]
 description = 'Create K8s cluster'
 run = '${CLUSTERS_RUN_SCRIPT_DIRECTORY}/run-kind.sh create'
 
-[tasks."delete"]
+[tasks."delete:kind01-internal"]
 description = 'Delete K8s cluster'
 run = '${CLUSTERS_RUN_SCRIPT_DIRECTORY}/run-kind.sh delete'

clusters/kind02-internal/.env.yaml

@@ -1,21 +1 @@
-SECRET: ENC[AES256_GCM,data:QIOd+nLFzAQ=,iv:6o+BhThDyGAQ1jwjG04bS95c55xdUCdB6XhezYrKv90=,tag:tnwKw9zZjc7OLDi7YbiYnw==,type:str]
-sops:
-  kms: []
-  gcp_kms: []
-  azure_kv: []
-  hc_vault: []
-  age:
-    - recipient: age1jjuamrdk3vrk6g8qhrjnqtt4x2yvvxw7fz2nkvf78398dj7vav7s74z4zz
-      enc: |
-        -----BEGIN AGE ENCRYPTED FILE-----
-        YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTNXVyZWd4bTFWekVKbjdn
-        dzlPcWZnWUxsME9UWlN2NjgzMGhoQ1VIV0drCnlScGZTYitqcTYyR291eVArYWVs
-        c1JyU2FTVWJBajdWdFVGRFN5TXFsMWMKLS0tIEt2WjdNN3FWaU5UQnNwRDNseTVy
-        TXhtbU94bVFjOTJiUmQyQ2U5VWU0WlkK5Ur8KSyl5/4/AJrADYLRF/27r7hEZzY1
-        0Qo5LZDZOLXoJ6RBEAYi7WNj/hYbgoBd6maB93fMUaEW6MfC5zK6DA==
-        -----END AGE ENCRYPTED FILE-----
-  lastmodified: "2025-03-14T09:14:06Z"
-  mac: ENC[AES256_GCM,data:kDFNXFwtCNtUISMdYQG0yu38ORYdwsp5v02KrzFZS/zj3mPSNU71RGRPn44Vp9noztBRzz0C6kwql7BaWC2twDVAlR9FIrQDl+jf9PQiO9kBmrQo60TJq4gFe0jesWaBFyKDAG3ffi/oELJs8NZVkbBXwpshNoLs0C06nwc989g=,iv:fPVkLhox+xd5KXFmC6t+CJJ8c4Nsjh8u0DSCvnanYKM=,tag:2isNCgC8yxDaZOojyqgEjA==,type:str]
-  pgp: []
-  unencrypted_suffix: _unencrypted
-  version: 3.9.4
+# This file should contains the secrets and should be encrypted using SOPS

clusters/kind02-internal/mise.toml

@@ -1,14 +1,17 @@
+[tools]
+kind = "0.27.0"
+
 [env]
 _.file = ".env.yaml"
 # keep-sorted start
 CLUSTER_FQDN = "kind02.internal"
 CLUSTER_NAME = "kind02"
 # keep-sorted end
 
-[tasks."create"]
+[tasks."create:kind02-internal"]
 description = 'Create K8s cluster'
 run = '${CLUSTERS_RUN_SCRIPT_DIRECTORY}/run-kind.sh create'
 
-[tasks."delete"]
+[tasks."delete:kind02-internal"]
 description = 'Delete K8s cluster'
 run = '${CLUSTERS_RUN_SCRIPT_DIRECTORY}/run-kind.sh delete'

mise.toml

@@ -1,9 +1,7 @@
 [tools]
 # keep-sorted start
-eksctl = "0.205.0"
+k3d = "5.8.3"
 kind = "0.27.0"
-kubectl = "1.32.3"
-opentofu = "1.9.0"
 sops = "3.9.4"
 # keep-sorted end
 
@@ -22,19 +20,44 @@ CLUSTERS_KUBECONFIG_DIRECTORY = "{{ config_root }}/clusters/.kubeconfig"
 # Directory which contains the scripts to create and delete the clusters
 CLUSTERS_RUN_SCRIPT_DIRECTORY = "{{ config_root }}/scripts"
 
+#######################################
+# Kind
+#######################################
+
 [tasks."create:kind:kind01-internal"]
 description = 'Create kind01.internal K8s cluster'
 # Run mise again due to missing support for SOPS-encrypted environment variables in tasks: https://github.com/jdx/mise/discussions/4593
-run = 'cd "${CLUSTERS_DIRECTORY}/${MISE_TASK_NAME##*:}" && mise run create'
+run = 'cd "${CLUSTERS_DIRECTORY}/${MISE_TASK_NAME##*:}" && mise run create:kind01-internal'
 
 [tasks."delete:kind:kind01-internal"]
 description = 'Delete kind01.internal K8s cluster'
-run = 'cd "${CLUSTERS_DIRECTORY}/${MISE_TASK_NAME##*:}" && mise run delete'
+run = 'cd "${CLUSTERS_DIRECTORY}/${MISE_TASK_NAME##*:}" && mise run delete:kind01-internal'
 
 [tasks."create:kind:kind02-internal"]
 description = 'Create kind02.internal K8s cluster'
-run = 'cd "${CLUSTERS_DIRECTORY}/${MISE_TASK_NAME##*:}" && mise run create'
+run = 'cd "${CLUSTERS_DIRECTORY}/${MISE_TASK_NAME##*:}" && mise run create:kind02-internal'
 
 [tasks."delete:kind:kind02-internal"]
 description = 'Delete kind02.internal K8s cluster'
-run = 'cd "${CLUSTERS_DIRECTORY}/${MISE_TASK_NAME##*:}" && mise run delete'
+run = 'cd "${CLUSTERS_DIRECTORY}/${MISE_TASK_NAME##*:}" && mise run delete:kind02-internal'
+
+#######################################
+# K3d
+#######################################
+
+[tasks."create:k3d:k3d01-internal"]
+description = 'Create k3d01.internal K8s cluster'
+# Run mise again due to missing support for SOPS-encrypted environment variables in tasks: https://github.com/jdx/mise/discussions/4593
+run = 'cd "${CLUSTERS_DIRECTORY}/${MISE_TASK_NAME##*:}" && mise run create:k3d01-internal'
+
+[tasks."delete:k3d:k3d01-internal"]
+description = 'Delete k3d01.internal K8s cluster'
+run = 'cd "${CLUSTERS_DIRECTORY}/${MISE_TASK_NAME##*:}" && mise run delete:k3d01-internal'
+
+[tasks."create:k3d:k3d02-internal"]
+description = 'Create k3d02.internal K8s cluster'
+run = 'cd "${CLUSTERS_DIRECTORY}/${MISE_TASK_NAME##*:}" && mise run create:k3d02-internal'
+
+[tasks."delete:k3d:k3d02-internal"]
+description = 'Delete k3d02.internal K8s cluster'
+run = 'cd "${CLUSTERS_DIRECTORY}/${MISE_TASK_NAME##*:}" && mise run delete:k3d02-internal'

scripts/run-k3d.sh

@@ -0,0 +1,57 @@
+#!/usr/bin/env bash
+
+# The "create" needs to be idempotent !
+create() {
+  if k3d cluster list --no-headers | grep -q "^${CLUSTER_FQDN} "; then
+    echo "*** Cluster \"${CLUSTER_FQDN}\" already exists...."
+  else
+    mkdir -p "${CLUSTERS_KUBECONFIG_DIRECTORY}"
+    k3d cluster create "${CLUSTER_FQDN}" --kubeconfig-update-default=false \
+      --k3s-arg "--disable=traefik@all" \
+      --k3s-arg "--disable=local-storage@all" \
+      --k3s-arg "--disable=metrics-server@all"
+    k3d kubeconfig write "${CLUSTER_FQDN}" --overwrite --output "${CLUSTERS_KUBECONFIG_DIRECTORY}/kubeconfig_${CLUSTER_FQDN}.yml"
+  fi
+}
+
+delete() {
+  if k3d cluster list --no-headers | grep -q "^${CLUSTER_FQDN} "; then
+    k3d cluster delete "${CLUSTER_FQDN}"
+    if [[ -f "${CLUSTERS_KUBECONFIG_DIRECTORY}/kubeconfig_${CLUSTER_FQDN}.yml" ]]; then
+      echo "*** Deleting \"${CLUSTERS_KUBECONFIG_DIRECTORY}/kubeconfig_${CLUSTER_FQDN}.yml\" ..."
+      rm "${CLUSTERS_KUBECONFIG_DIRECTORY}/kubeconfig_${CLUSTER_FQDN}.yml"
+    fi
+    if [[ -d "${CLUSTERS_KUBECONFIG_DIRECTORY}" && -z "$(ls -A "${CLUSTERS_KUBECONFIG_DIRECTORY}")" ]]; then
+      echo "*** Deleting empty \"${CLUSTERS_KUBECONFIG_DIRECTORY}\" ..."
+      rmdir "${CLUSTERS_KUBECONFIG_DIRECTORY}" || true
+    fi
+  else
+    echo "*** Cluster \"${CLUSTER_FQDN}\" does not exist..."
+  fi
+}
+
+usage() {
+  echo "*** Usage: $0 {create|delete}"
+  exit 1
+}
+
+: "${CLUSTER_FQDN:?Error: CLUSTER_FQDN environment variable is not set!}"
+: "${CLUSTERS_KUBECONFIG_DIRECTORY:?Error: CLUSTERS_KUBECONFIG_DIRECTORY environment variable is not set!}"
+
+if [[ $# -ne 1 ]]; then
+  usage
+fi
+
+case "$1" in
+  create)
+    echo "*** Creating K8s cluster..."
+    create
+    ;;
+  delete)
+    echo "*** Deleting K8s cluster..."
+    delete
+    ;;
+  *)
+    usage
+    ;;
+esac

scripts/run-kind.sh

@@ -20,15 +20,15 @@ delete() {
   if kind get clusters | grep -q "^${CLUSTER_FQDN}$"; then
     kind delete cluster --name "${CLUSTER_FQDN}" --kubeconfig "${CLUSTERS_KUBECONFIG_DIRECTORY}/kubeconfig_${CLUSTER_FQDN}.yml"
     if [[ -f "${CLUSTERS_KUBECONFIG_DIRECTORY}/kubeconfig_${CLUSTER_FQDN}.yml" ]]; then
-      echo "*** Deleting \"${CLUSTERS_KUBECONFIG_DIRECTORY}/kubeconfig_${CLUSTER_FQDN}.yml\" ..."
+      echo "*** Deleting \"${CLUSTERS_KUBECONFIG_DIRECTORY}/kubeconfig_${CLUSTER_FQDN}.yml\""
       rm "${CLUSTERS_KUBECONFIG_DIRECTORY}/kubeconfig_${CLUSTER_FQDN}.yml"
     fi
     if [[ -d "${CLUSTERS_KUBECONFIG_DIRECTORY}" && -z "$(ls -A "${CLUSTERS_KUBECONFIG_DIRECTORY}")" ]]; then
-      echo "*** Deleting empty \"${CLUSTERS_KUBECONFIG_DIRECTORY}\" ..."
-      rmdir "${CLUSTERS_KUBECONFIG_DIRECTORY}"
+      echo "*** Deleting empty \"${CLUSTERS_KUBECONFIG_DIRECTORY}\""
+      rmdir "${CLUSTERS_KUBECONFIG_DIRECTORY}" || true
     fi
   else
-    echo "*** Cluster \"${CLUSTER_FQDN}\" does not exist..."
+    echo "*** Cluster \"${CLUSTER_FQDN}\" does not exist"
   fi
 }
 
@@ -46,11 +46,11 @@ fi
 
 case "$1" in
   create)
-    echo "*** Creating K8s cluster..."
+    echo "*** Creating K8s cluster"
     create
     ;;
   delete)
-    echo "*** Deleting K8s cluster..."
+    echo "*** Deleting K8s cluster"
     delete
     ;;
   *)