Important
Transpire is a work in progress. See the roadmap for more details.
Transpire is a Kubernetes configuration management framework for Nix. It brings the flexibility of the NixOS module system to Kubernetes, enabling version-controlled, reproducible, and scalable infrastructure management.
This project is designed with everything I learned building and running transpire v1 with my friends at the UC Berkeley Open Computing Facility. Transpire for Nix aims to supersede transpire v1 at the OCF, while also being flexible enough to use anywhere.
For now, only flakes are supported. Transpire exports a function lib.<system>.build.cluster which generates a derivation that builds a folder of YAML manifests for each namespace based on your modules:
{
inputs.transpire.url = "github:oliver-ni/transpire";
outputs = { transpire, ... }: {
packages.x86_64-linux.default = transpire.lib.x86_64-linux.build.cluster {
modules = [ ./cluster.nix ];
openApiSpec = transpire.packages.x86_64-linux."openapi-v1.30.1";
};
};
}Also, see lib.<system>.evalModules, lib.<system>.build, and lib.<system>.build.clusterFile.
See the example for a more complex configuration.
Transpire is a work in progress! Here's what I'm working on:
- Basic options for directly converting Nix manifests to YAML
- Fetching and templating Helm charts
- Generating typed options based on Kubernetes OpenAPI spec
- Converting between lists indexed by
nameand attribute sets - Built-in modules and functions for simple use cases
- A better secrets story
- Sort of done. In my use, I transform all secrets to vault secrets, so no secret data needs to be in git, or end up in the Nix store. (Except those generated by Helm charts...)
- Version marker and automatic update checker