Skip to content

Timoni apply

timoni apply

Install or upgrade a module instance

Synopsis

The apply command installs or upgrades a module instance on the Kubernetes cluster.

The apply command performs the following steps:

  • Pulls the module version from the specified container registry.
  • If the registry is private, uses the credentials found in '~/.docker/config.json'.
  • If the registry credentials are specified with '--creds', these take priority over the docker ones.
  • Creates the specified '--namespace' if it doesn't exist.
  • Merges all the values supplied with '--values' on top of the default values found in the module.
  • Builds the module by passing the instance name, namespace and values.
  • Labels the resulting Kubernetes resources with the instance name and namespace.
  • Applies the Kubernetes resources on the cluster.
  • Creates or updates the instance inventory with the last applied resources IDs (stored in a secret named timoni.).
  • Recreates the resources annotated with 'action.timoni.sh/force: "enabled"' if they contain changes to immutable fields.
  • Waits for the applied resources to become ready.
  • Deletes the resources which were previously applied but are missing from the current instance.
  • Skips the resources annotated with 'action.timoni.sh/prune: "disabled"' from deletion.
  • Waits for the deleted resources to be finalised.
timoni apply [INSTANCE NAME] [MODULE URL] [flags]

Examples

  # Install a module instance and create the namespace if it doesn't exists
  timoni apply -n apps app oci://docker.io/org/module -v 1.0.0

  # Do a dry-run upgrade and print the diff
  timoni apply -n apps app oci://docker.io/org/module -v 1.0.0 \
  --values ./values-1.cue \
  --dry-run --diff

  # Install or upgrade an instance with custom values by merging them in the specified order
  timoni apply -n apps app oci://docker.io/org/module -v 1.0.0 \
  --values ./values-1.cue \
  --values ./values-2.cue

  # Upgrade an instance and recreate immutable Kubernetes resources such as Jobs
  timoni apply -n apps app oci://docker.io/org/module -v 2.0.0 \
  --values ./values-1.cue \
  --force

  # Install or upgrade an instance with custom values from stdin
  echo "values: replicas: 2" | timoni apply -n apps app oci://docker.io/org/module --values -

  # Install or upgrade an instance with values in YAML and JSON format
  timoni apply -n apps app oci://docker.io/org/module \
  --values ./values-1.yaml \
  --values ./values-2.json

Options

      --creds creds           The credentials for the container registry in the format '<username>[:<password>]'.
      --diff                  Perform a server-side apply dry run and prints the diff.
  -d, --digest digest         The digest of the module e.g. sha256:3f29e1b2b05f8371595dc761fed8e8b37544b38d56dfce81a551b46c82f2f56b.
      --dry-run               Perform a server-side apply dry run.
      --force                 Recreate immutable Kubernetes resources.
  -h, --help                  help for apply
      --overwrite-ownership   Overwrite instance ownership, if the instance is owned by a Bundle.
  -p, --package package       The name of the module's package used for building the templates. (default main)
  -f, --values strings        The local path to values files (cue, yaml or json format).
  -v, --version version       The version of the module e.g. '1.0.0' or '1.0.0-rc.1'.
      --wait                  Wait for the applied Kubernetes objects to become ready. (default true)

Options inherited from parent commands

      --cache-dir string                    Artifacts cache dir, can be disable with 'TIMONI_CACHING=false' env var. (defaults to "$HOME/.timoni/cache")
      --kube-as string                      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.
      --kube-as-group stringArray           Group to impersonate for the operation, this flag can be repeated to specify multiple groups.
      --kube-as-uid string                  UID to impersonate for the operation.
      --kube-certificate-authority string   Path to a cert file for the certificate authority.
      --kube-client-certificate string      Path to a client certificate file for TLS.
      --kube-client-key string              Path to a client key file for TLS.
      --kube-context string                 The name of the kubeconfig context to use.
      --kube-insecure-skip-tls-verify       if true, the Kubernetes API server's certificate will not be checked for validity. This will make your HTTPS connections insecure.
      --kube-server string                  The address and port of the Kubernetes API server.
      --kube-tls-server-name string         Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used.
      --kube-token string                   Bearer token for authentication to the API server.
      --kubeconfig string                   Path to the kubeconfig file.
      --log-color                           Adds colorized output to the logs. (defaults to false when no tty)
      --log-pretty                          Adds timestamps to the logs. (default true)
  -n, --namespace string                    The the namespace scope for the operation. (default "default")
      --registry-insecure                   If true, allows connecting to a container registry without TLS or with a self-signed certificate.
      --timeout duration                    The length of time to wait before giving up on the current operation. (default 5m0s)

SEE ALSO

  • timoni - A package manager for Kubernetes powered by CUE.