hyperi-rustlib 2.8.6

There's plenty of sage advice out there about how to run Rust services in production at scale — config cascades, structured logging, masking secrets, multi-backend secrets management, Prometheus, OpenTelemetry, Kafka transports, tiered disk-spillover sinks, adaptive worker pools, graceful shutdown — but almost none of it as code you can just install and use. This is that code. Opinionated, drop-in, working out of the box. The patterns from blog posts, watercooler chats and beers with your Google mates as actual library — not a framework you assemble from twenty crates and 8 weeks of munging.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199

// Project:   hyperi-rustlib
// File:      src/deployment/generate/argocd.rs
// Purpose:   ArgoCD Application generation
// Language:  Rust
//
// License:   BUSL-1.1
// Copyright: (c) 2026 HYPERI PTY LIMITED

#![allow(clippy::format_push_string)]

use crate::deployment::contract::DeploymentContract;

// ============================================================================
// ArgoCD Application
// ============================================================================

/// Configuration for ArgoCD `Application` generation.
///
/// All fields have sensible defaults. The Helm chart that the Application
/// points at is the one [`generate_chart`](crate::deployment::generate_chart)
/// writes to a repo path.
#[derive(Debug, Clone)]
pub struct ArgocdConfig {
    /// ArgoCD namespace (where the Application CR lives). Default: `argocd`.
    pub argocd_namespace: String,
    /// Destination namespace for the deployed app. Default: `dfe`.
    pub dest_namespace: String,
    /// Destination cluster (`server` field). Default: `https://kubernetes.default.svc`.
    pub dest_server: String,
    /// Source git repo URL (where the Helm chart lives). Required.
    pub repo_url: String,
    /// Source git revision (branch/tag). Default: `main`.
    pub target_revision: String,
    /// Path within the repo to the Helm chart. Default: `chart`.
    pub chart_path: String,
    /// ArgoCD project. Default: `default`.
    pub project: String,
    /// Sync wave (lower runs first). Default: [`crate::deployment::WAVE_APPS`].
    pub sync_wave: i32,
    /// Additional `ignoreDifferences` entries appended to the canonical
    /// defaults (HPA replicas, ClusterIP, webhook caBundle). Each entry
    /// is a raw YAML fragment matching the ArgoCD `ignoreDifferences` item
    /// shape. The fragment must start with `- group:` and use two-space
    /// indentation internally (the generator indents each line by four
    /// spaces to nest under `ignoreDifferences:`).
    ///
    /// Example:
    /// ```text
    /// "- group: apps\n  kind: Deployment\n  jsonPointers:\n    - /spec/template/spec/containers/0/image"
    /// ```
    ///
    /// Defaults to empty (no extra entries beyond the canonical defaults).
    pub extra_ignore_differences: Vec<String>,
}

impl Default for ArgocdConfig {
    fn default() -> Self {
        Self {
            argocd_namespace: "argocd".into(),
            dest_namespace: "dfe".into(),
            dest_server: "https://kubernetes.default.svc".into(),
            repo_url: String::new(),
            target_revision: "main".into(),
            chart_path: "chart".into(),
            project: "default".into(),
            sync_wave: crate::deployment::WAVE_APPS,
            extra_ignore_differences: Vec::new(),
        }
    }
}

/// Generate an ArgoCD `Application` custom-resource YAML from the deployment
/// contract.
///
/// The CR points at a Helm chart in a git repo (typically the chart that
/// [`generate_chart`](crate::deployment::generate_chart) produces). Apply with:
///
/// ```bash
/// kubectl apply -n argocd -f application.yaml
/// ```
///
/// # Example
///
/// ```rust,no_run
/// use hyperi_rustlib::deployment::{ArgocdConfig, generate_argocd_application};
/// # use hyperi_rustlib::deployment::DeploymentContract;
/// # let contract: DeploymentContract = unimplemented!();
/// let argo = ArgocdConfig {
///     repo_url: "https://github.com/hyperi-io/dfe-loader".into(),
///     ..Default::default()
/// };
/// let yaml = generate_argocd_application(&contract, &argo, None);
/// ```
#[must_use]
pub fn generate_argocd_application(
    contract: &DeploymentContract,
    argo: &ArgocdConfig,
    identity: Option<&crate::deployment::ContractIdentity>,
) -> String {
    // Contract Identity Annotation Scheme v1 -- three extra annotations
    // alongside the existing sync-wave entry. Indented to match the
    // 4-space `metadata.annotations:` block below.
    let identity_block = identity
        .map(|id| format!("\n{ann}", ann = id.as_yaml_annotations(4)))
        .unwrap_or_default();

    // Build the extras block: each entry is a raw YAML fragment starting with
    // `- group: ...`. Indent every line by 4 spaces to nest under
    // `ignoreDifferences:`.
    let extras_block = if argo.extra_ignore_differences.is_empty() {
        String::new()
    } else {
        let mut buf = String::new();
        for entry in &argo.extra_ignore_differences {
            for line in entry.lines() {
                buf.push_str("    ");
                buf.push_str(line);
                buf.push('\n');
            }
        }
        buf
    };

    format!(
        r#"# AUTOGENERATED -- do not edit by hand.
# Generated by hyperi-rustlib::deployment::generate_argocd_application()
# Schema version: {schema_version}
# Source contract: {app_name}::deployment::contract()
# Regenerate with: `{binary} emit-argocd > application.yaml`
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: {app_name}
  namespace: {argocd_namespace}
  annotations:
    argocd.argoproj.io/sync-wave: "{sync_wave}"{identity_block}
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  project: {project}

  source:
    repoURL: {repo_url}
    targetRevision: {target_revision}
    path: {chart_path}
    helm:
      releaseName: {app_name}

  destination:
    server: {dest_server}
    namespace: {dest_namespace}

  syncPolicy:
    automated:
      prune: true
      selfHeal: true
      allowEmpty: false
    syncOptions:
      - CreateNamespace=true
      - PrunePropagationPolicy=foreground
      - PruneLast=true
      - ServerSideApply=true
    retry:
      limit: 5
      backoff:
        duration: 5s
        factor: 2
        maxDuration: 3m

  ignoreDifferences:
    - group: apps
      kind: Deployment
      jsonPointers:
        - /spec/replicas
    - group: ""
      kind: Service
      jsonPointers:
        - /spec/clusterIP
        - /spec/clusterIPs
    - group: admissionregistration.k8s.io
      kind: ValidatingWebhookConfiguration
      jqPathExpressions:
        - .webhooks[].clientConfig.caBundle
{extras_block}"#,
        schema_version = contract.schema_version,
        app_name = contract.app_name,
        binary = contract.binary(),
        argocd_namespace = argo.argocd_namespace,
        sync_wave = argo.sync_wave,
        project = argo.project,
        repo_url = argo.repo_url,
        target_revision = argo.target_revision,
        chart_path = argo.chart_path,
        dest_server = argo.dest_server,
        dest_namespace = argo.dest_namespace,
        extras_block = extras_block,
        identity_block = identity_block,
    )
}