c4k-common/README.md

# convention 4 kubernetes: c4k-common
[![Clojars Project](https://img.shields.io/clojars/v/org.domaindrivenarchitecture/c4k-common-clj.svg)](https://clojars.org/org.domaindrivenarchitecture/c4k-common-clj) [![Clojars Project](https://img.shields.io/clojars/v/org.domaindrivenarchitecture/c4k-common-cljs.svg)](https://clojars.org/org.domaindrivenarchitecture/c4k-common-cljs) [![pipeline status](https://gitlab.com/domaindrivenarchitecture/c4k-common/badges/master/pipeline.svg)](https://gitlab.com/domaindrivenarchitecture/c4k-common/-/commits/master) 

[<img src="https://domaindrivenarchitecture.org/img/delta-chat.svg" width=20 alt="DeltaChat"> chat over e-mail](mailto:buero@meissa-gmbh.de?subject=community-chat) | [<img src="https://meissa-gmbh.de/img/community/Mastodon_Logotype.svg" width=20 alt="team@social.meissa-gmbh.de"> team@social.meissa-gmbh.de](https://social.meissa-gmbh.de/@team) | [Website & Blog](https://domaindrivenarchitecture.org)

## Rationale

There are many comparable solutions for creating c4k deployments like `helm` or `kustomize`. 
`kustomize` is great to manage your k8s manifests by splitting huge files into handy parts.
`helm` is great because of its large community.

Why do we need another one? Why do you continue the reading here?

We combine the simplicity of `kustomize` with the ability to do real programming like software developers would do.

Following the principle

    "Use programming language for programming" 

we clearly enjoy writing Kubernetes manifests with Clojure. In comparison to helms templating, things such as business logic, conventions, input validation, versions, dependencies and reuse are much easier and much more reliable to implement with c4k.

By the way, c4k means "convention for kubernetes".

### Features

c4k-common supports the following use cases:

- [convention 4 kubernetes: c4k-common](#convention-4-kubernetes-c4k-common)
  - [Rationale](#rationale)
    - [Features](#features)
      - [Target CLI and Web Frontend](#target-cli-and-web-frontend)
      - [Separate Configuration From Credentials](#separate-configuration-from-credentials)
      - [Input as EDN or Yaml](#input-as-edn-or-yaml)
      - [Inline k8s Resources for Versioning \& Dependencies](#inline-k8s-resources-for-versioning--dependencies)
      - [Work on Structured Data Instead of Flat Templating](#work-on-structured-data-instead-of-flat-templating)
      - [Validate Your Inputs](#validate-your-inputs)
      - [Namespaces](#namespaces)
      - [Ingress](#ingress)
      - [Postgres Database](#postgres-database)
      - [Monitoring With Grafana Cloud](#monitoring-with-grafana-cloud)
  - [Refactoring \& Module Overview](#refactoring--module-overview)
  - [Development \& Mirrors](#development--mirrors)
  - [License](#license)

#### Target CLI and Web Frontend

To create your own c4k module set up your cli analogous to the following:

```clojure
(defn -main [& cmd-args]
  (uberjar/main-common 
   "c4k-forgejo"              ;; name of your app
   core/config?               ;; schema for config validation
   core/auth?                 ;; schema for credential validation
   core/config-defaults       ;; want to set default values?
   core/k8s-objects           ;; the function generate the k8s manifest
   cmd-args                   ;; command line arguments given
   ))                 
```

The full example can be found here: https://repo.prod.meissa.de/meissa/c4k-forgejo/src/branch/main/src/main/clj/dda/c4k_forgejo/uberjar.clj

With c4k instead of using cli to generate manifests, you can also generate your manifests via web-application (using page local js without server interaction)

```html
<html>

<head>
  <link href="bootstrap.min.css" rel="stylesheet" type="text/css" />
</head>

<body>
  <div id="c4k-content"></div>
  <script src="js/main.js"></script>
</body>

</html>
```

[![Try it out](doc/tryItOut.png "Try out yourself")](https://domaindrivenarchitecture.org/pages/dda-provision/c4k-forgejo/)

See: https://repo.prod.meissa.de/meissa/c4k-forgejo/src/branch/main/public/index.html

and: https://repo.prod.meissa.de/meissa/c4k-forgejo/src/branch/main/src/main/cljs/dda/c4k_forgejo/browser.cljs

#### Separate Configuration From Credentials

We think it is a good idea to have credentials separated from configuration. All our functions, cli and frontend are following this principle. Thus, for executing separated config and authentication infos have to be provided.

The following command line yields the resulting k8s manifests in `k8s-manifest.yaml`:
```bash
java -jar c4k-common.jar config.edn auth.edn > k8s-manifest.yaml
```

Using the tool `jarwrapper` the command line can even be shortened to:
```bash
c4k-common config.edn auth.edn > k8s-manifest.yaml
```

#### Input as EDN or Yaml

c4k-common supports yaml and edn as format for all of its resources (input and output).
Hence, the following command line will also work:

```bash
c4k-common config.yaml auth.yaml > k8s-manifest.yaml
```

#### Inline k8s Resources for Versioning & Dependencies

We inline all resources used in our libraries & applications. You can generate k8s manifests everywhere without additional external dependencies.

In case of
* java: Resources are included in the jar-file out of the box (see https://repo.prod.meissa.de/meissa/c4k-forgejo/src/branch/main/project.clj#L13).
* js: With a slim macro call we inline resources to the resulting js file (see https://repo.prod.meissa.de/meissa/c4k-forgejo/src/branch/main/src/main/cljc/dda/c4k_forgejo/forgejo.cljc#L72-L74)
* native: On native builds we also inline resources (see https://repo.prod.meissa.de/meissa/c4k-forgejo/src/branch/main/build.py#L126)

#### Work on Structured Data Instead of Flat Templating

To keep things simple, we also do templating. But we convert given k8s resources to structured data.
This allows us to have more control and do unit tests:

k8s-resource:

```yaml
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: ratelimit
spec:
  rateLimit:
    average: AVG
    burst: BRS
```

Replace values:

```clojure
(defn-spec generate-rate-limit-middleware pred/map-or-seq?
  [config rate-limit-config?]
  (let [{:keys [max-rate max-concurrent-requests]} config]
  (->
   (yaml/load-as-edn "forgejo/middleware-ratelimit.yaml")
   (cm/replace-key-value :average max-rate)
   (cm/replace-key-value :burst max-concurrent-requests))))                
```

Have a unit-test:

```clojure
(deftest should-generate-middleware-ratelimit
  (is (= {:apiVersion "traefik.containo.us/v1alpha1",
          :kind "Middleware",
          :metadata {:name "ratelimit"},
          :spec {:rateLimit {:average 10, :burst 5}}}
         (cut/generate-rate-limit-middleware {:max-rate 10, :max-concurrent-requests 5}))))
```

#### Validate Your Inputs

Have you recognized the `defn-spec` macro above? We use allover validation, e.g.

```clojure
(def rate-limit-config? (s/keys :req-un [::max-rate
                                         ::max-concurrent-requests]))

(defn-spec generate-rate-limit-middleware pred/map-or-seq?
    [config rate-limit-config?]
    ...)
```

#### Namespaces

We support namespaces for ingress & postgres (monitoring lives in it's own namespace `monitoring`).

```clojure
(dda.c4k-common.namespace/generate {:namespace "myapp"})
```

yields:

```clojure
[{:apiVersion "v1"
  :kind "Namespace"
  :metadata {:name "myapp"}}]
```

which renders to:

```yaml
apiVersion: v1
kind: Namespace
metadata:
  name: myapp
```

#### Ingress

In most cases we use `generate-ingress-and-cert` which generates an ingress in combination with letsencrypt cert for a named service.

```clojure
(dda.c4k-common.ingress/generate-ingress-and-cert 
  {:fqdns ["test.jit.si"]
   :service-name "web"
   :service-port 80})
```

yields:

```clojure
[{:apiVersion "cert-manager.io/v1",
  :kind "Certificate",
  ...
  :spec
  {:secretName "web",
   :commonName "test.jit.si",
   :duration "2160h",
   :renewBefore "720h",
   :dnsNames ["test.jit.si"],
   :issuerRef {:name "staging", :kind "ClusterIssuer"}}}
 {:apiVersion "networking.k8s.io/v1",
  :kind "Ingress",
  ...
  :spec
  {:tls [{:hosts ["test.jit.si"], :secretName "web"}],
   :rules
    [{:host "test.jit.si",
      :http {:paths [{:path "/",
                      :pathType "Prefix",
                      :backend
                      {:service {:name "web",
                                  :port {:number 80}}}}]}}]}}]
```

which renders to:

```yaml
apiVersion: cert-manager.io/v1
kind: Certificate
...
spec:
  secretName: web
  commonName: test.jit.si
  duration: 2160h
  renewBefore: 720h
  dnsNames:
    - test.jit.si
  issuerRef:
    name: staging
    kind: ClusterIssuer

---

apiVersion: networking.k8s.io/v1
kind: Ingress
...
spec:
  tls:
    - hosts:
        - test.jit.si
      secretName: web
  rules:
    - host: test.jit.si
      http:
        paths:
          - pathType: Prefix
            path: /
            backend:
              service:
                name: web
                port:
                  number: 80
```

#### Postgres Database

If your application needs a database, we often use postgres:

```clojure
(cut/generate-deployment {:postgres-image "postgres:16"})
```

yields:

```clojure
{:apiVersion "apps/v1",
 :kind "Deployment",
 ...
 :spec
 {:selector {:matchLabels {:app "postgresql"}},
  :strategy {:type "Recreate"},
  :template
  {:metadata {:labels {:app "postgresql"}},
   :spec
   {:containers
    [{:image "postgres:16",
      :name "postgresql",
      :env
      [{:name "POSTGRES_USER", :valueFrom {:secretKeyRef {:name "postgres-secret", :key "postgres-user"}}}
       {:name "POSTGRES_PASSWORD", :valueFrom {:secretKeyRef {:name "postgres-secret", :key "postgres-password"}}}
       {:name "POSTGRES_DB", :valueFrom {:configMapKeyRef {:name "postgres-config", :key "postgres-db"}}}],
      :ports [{:containerPort 5432, :name "postgresql"}],
      :volumeMounts
      [...],
    :volumes
    [...]}}}}
```

which renders to:

```yaml
apiVersion: apps/v1
kind: Deployment
...
spec:
  selector:
    matchLabels:
      app: postgresql
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: postgresql
    spec:
      containers:
        - image: postgres:16
          name: postgresql
          env:
            - name: POSTGRES_USER
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: postgres-user
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: postgres-password
            - name: POSTGRES_DB
              valueFrom:
                configMapKeyRef:
                  name: postgres-config
                  key: postgres-db
          ports:
            - containerPort: 5432
              name: postgresql
          volumeMounts:
            ...
      volumes:
        ...
```

We optimized our db installation to run between 2Gb anf 16Gb Ram usage.

#### Monitoring With Grafana Cloud

With minimal config of

```clojure
(def conf 
    {:k3s-cluster-name "your-cluster-name"
     :k3s-cluster-stage :prod
     :grafana-cloud-url "your-url"})

(def auth 
    {:grafana-cloud-user "user"
     :grafana-cloud-password "password"})

 (monitoring/generate conf auth)
```

You can connect your application to grafana cloud.

## Refactoring & Module Overview

| Module        | Version | [common load-as-edn][edn1] | [groups for webview][bgrp1] | [use common ingress][ing1] | [use common monitoring][mon1] | [validate examples][val1] | [ci with pyb][cipyb] | [inline-macro to load resources][macro] | [native build][native] | namespaces |
| ------------- |---------|:--------------------------:|:---------------------------:|:--------------------------:|:-----------------------------:|:-------------------------:|:--------------------:|:---------------------------------------:|:----------------------:|:----------:|
| c4k-keycloak  | 0.2     |             x              |              x              |             x              |               x               |             x             |                      |                                         |                        |            |
| c4k-taiga     | 0.1     |             x              |              x              |             x              |               x               |             x             |          x           |                    x                    |           x            |            |
| c4k-nextcloud | 10.2    |             x              |              x              |             x              |               x               |             x             |          x           |                    x                    |           x            |     x      |
| c4k-jitsi     | 2.1     |             x              |              x              |             x              |               x               |             x             |          x           |                    x                    |           x            |            |
| c4k-forgejo   | 3.0     |             x              |              x              |             x              |               x               |             x             |          x           |                    x                    |           x            |            |
| c4k-shynet    | 1.0     |                            |                             |                            |                               |                           |                      |                                         |                        |            |
| c4k-website   | 2.0     |             x              |              x              |             x              |               x               |             x             |          x           |                    x                    |           x            |            |

[edn1]: https://gitlab.com/domaindrivenarchitecture/c4k-website/-/merge_requests/1
[ing1]:  https://repo.prod.meissa.de/meissa/c4k-jitsi/commit/214aa41c28662fbf7a49998e17404e7ac9216430
[bgrp1]: https://repo.prod.meissa.de/meissa/c4k-jitsi/commit/7ea442adaef727d5b48b242fd0baaaf51902d06e
[mon1]:  https://repo.prod.meissa.de/meissa/c4k-jitsi/commit/19e580188ea56ea26ff3a0bfb08ca428b881ad9a
[val1]:  https://repo.prod.meissa.de/meissa/c4k-jitsi/commit/5f08a108072569473463fb8f19150a12e564e54f
[repo1]: https://repo.prod.meissa.de/meissa/c4k-forgejo/commit/e9ee6136f3347d5fccefa6b5b4a02d30c4dc42e1
[cipyb]: https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/merge_requests/1
[macro]: https://repo.prod.meissa.de/meissa/c4k-jitsi/commit/61d05ceedb6dcbc6bb96b96fe6f03598e2878195
[native]: https://repo.prod.meissa.de/meissa/c4k-forgejo/pulls/4/files

## Development & Mirrors

Development happens at: https://repo.prod.meissa.de/meissa/c4k-common

Mirrors are:

* https://gitlab.com/domaindrivenarchitecture/c4k-common (issues and PR)
* https://github.com/DomainDrivenArchitecture/c4k-common

For more details about our repository model see: https://repo.prod.meissa.de/meissa/federate-your-repos

## License

Copyright © 2022, 2023, 2024 meissa GmbH
Licensed under the [Apache License, Version 2.0](LICENSE) (the "License")
Pls. find licenses of our subcomponents [here](doc/SUBCOMPONENT_LICENSE)
initial commit 2021-06-18 13:34:01 +00:00			`# convention 4 kubernetes: c4k-common`
adjust batches 2021-06-18 14:58:06 +00:00			[![Clojars Project](https://img.shields.io/clojars/v/org.domaindrivenarchitecture/c4k-common-clj.svg)](https://clojars.org/org.domaindrivenarchitecture/c4k-common-clj) [![Clojars Project](https://img.shields.io/clojars/v/org.domaindrivenarchitecture/c4k-common-cljs.svg)](https://clojars.org/org.domaindrivenarchitecture/c4k-common-cljs) [![pipeline status](https://gitlab.com/domaindrivenarchitecture/c4k-common/badges/master/pipeline.svg)](https://gitlab.com/domaindrivenarchitecture/c4k-common/-/commits/master)
initial commit 2021-06-18 13:34:01 +00:00
			`[<img src="https://domaindrivenarchitecture.org/img/delta-chat.svg" width=20 alt="DeltaChat"> chat over e-mail](mailto:buero@meissa-gmbh.de?subject=community-chat) \| [<img src="https://meissa-gmbh.de/img/community/Mastodon_Logotype.svg" width=20 alt="team@social.meissa-gmbh.de"> team@social.meissa-gmbh.de](https://social.meissa-gmbh.de/@team) \| [Website & Blog](https://domaindrivenarchitecture.org)`

fix doc 2024-02-17 13:39:20 +00:00			`## Rationale`
initial commit 2021-06-18 13:34:01 +00:00
fix doc 2024-02-17 13:39:20 +00:00			There are many comparable solutions for creating c4k deployments like `helm` or `kustomize`.
			`kustomize` is great to manage your k8s manifests by splitting huge files into handy parts.
			`helm` is great because of its large community.
[Skip-CI] Update Readme 2022-12-23 15:02:30 +00:00
fix doc 2024-02-17 13:39:20 +00:00			`Why do we need another one? Why do you continue the reading here?`
[Skip-CI] Update Readme 2022-12-23 15:02:30 +00:00
minor revision of readme 2024-02-26 14:37:25 +00:00			We combine the simplicity of `kustomize` with the ability to do real programming like software developers would do.
[Skip-CI] Update Readme 2022-12-23 15:02:30 +00:00
fix doc 2024-02-17 13:39:20 +00:00			`Following the principle`

			`"Use programming language for programming"`

minor revision of readme 2024-02-26 14:37:25 +00:00			`we clearly enjoy writing Kubernetes manifests with Clojure. In comparison to helms templating, things such as business logic, conventions, input validation, versions, dependencies and reuse are much easier and much more reliable to implement with c4k.`
fix doc 2024-02-17 13:39:20 +00:00
			`By the way, c4k means "convention for kubernetes".`

			`### Features`

			`c4k-common supports the following use cases:`

update doc 2024-02-20 17:15:17 +00:00			`- [convention 4 kubernetes: c4k-common](#convention-4-kubernetes-c4k-common)`
			`- [Rationale](#rationale)`
			`- [Features](#features)`
reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			`- [Target CLI and Web Frontend](#target-cli-and-web-frontend)`
			`- [Separate Configuration From Credentials](#separate-configuration-from-credentials)`
update doc 2024-02-20 17:15:17 +00:00			`- [Input as EDN or Yaml](#input-as-edn-or-yaml)`
reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			`- [Inline k8s Resources for Versioning \& Dependencies](#inline-k8s-resources-for-versioning--dependencies)`
update version in refactoring overview 2024-03-06 09:39:40 +00:00			`- [Work on Structured Data Instead of Flat Templating](#work-on-structured-data-instead-of-flat-templating)`
reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			`- [Validate Your Inputs](#validate-your-inputs)`
update doc 2024-02-20 17:15:17 +00:00			`- [Namespaces](#namespaces)`
			`- [Ingress](#ingress)`
			`- [Postgres Database](#postgres-database)`
reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			`- [Monitoring With Grafana Cloud](#monitoring-with-grafana-cloud)`
update doc 2024-02-20 17:15:17 +00:00			`- [Refactoring \& Module Overview](#refactoring--module-overview)`
reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			`- [Development \& Mirrors](#development--mirrors)`
update doc 2024-02-20 17:15:17 +00:00			`- [License](#license)`

reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			`#### Target CLI and Web Frontend`
[Skip-CI] Update Readme 2022-12-23 15:02:30 +00:00
adjust doc 2024-02-27 11:08:21 +00:00			`To create your own c4k module set up your cli analogous to the following:`
[Skip-CI] Update Readme 2022-12-23 15:02:30 +00:00
			```clojure
fix doc 2024-02-17 13:39:20 +00:00			`(defn -main [& cmd-args]`
			`(uberjar/main-common`
			`"c4k-forgejo" ;; name of your app`
			`core/config? ;; schema for config validation`
			`core/auth? ;; schema for credential validation`
			`core/config-defaults ;; want to set default values?`
			`core/k8s-objects ;; the function generate the k8s manifest`
			`cmd-args ;; command line arguments given`
			`))`
			```

			`The full example can be found here: https://repo.prod.meissa.de/meissa/c4k-forgejo/src/branch/main/src/main/clj/dda/c4k_forgejo/uberjar.clj`

adjust doc 2024-02-27 11:08:21 +00:00			`With c4k instead of using cli to generate manifests, you can also generate your manifests via web-application (using page local js without server interaction)`
fix doc 2024-02-17 13:39:20 +00:00
			```html
minor revision of readme 2024-02-26 14:37:25 +00:00			`<html>`
fix doc 2024-02-17 13:39:20 +00:00
			`<head>`
small adjustment in readme 2024-02-26 14:50:44 +00:00			`<link href="bootstrap.min.css" rel="stylesheet" type="text/css" />`
fix doc 2024-02-17 13:39:20 +00:00			`</head>`

			`<body>`
			`<div id="c4k-content"></div>`
			`<script src="js/main.js"></script>`
			`</body>`

			`</html>`
			```

			`[![Try it out](doc/tryItOut.png "Try out yourself")](https://domaindrivenarchitecture.org/pages/dda-provision/c4k-forgejo/)`

			`See: https://repo.prod.meissa.de/meissa/c4k-forgejo/src/branch/main/public/index.html`

			`and: https://repo.prod.meissa.de/meissa/c4k-forgejo/src/branch/main/src/main/cljs/dda/c4k_forgejo/browser.cljs`
[Skip-CI] Update Readme 2022-12-23 15:02:30 +00:00
reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			`#### Separate Configuration From Credentials`
fix doc 2024-02-17 13:39:20 +00:00
adjust doc 2024-02-27 11:08:21 +00:00			`We think it is a good idea to have credentials separated from configuration. All our functions, cli and frontend are following this principle. Thus, for executing separated config and authentication infos have to be provided.`
[Skip-CI] Update Readme 2022-12-23 15:02:30 +00:00
reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			The following command line yields the resulting k8s manifests in `k8s-manifest.yaml`:
			```bash
			`java -jar c4k-common.jar config.edn auth.edn > k8s-manifest.yaml`
			```

			Using the tool `jarwrapper` the command line can even be shortened to:
[Skip-CI] Update Readme 2022-12-23 15:02:30 +00:00			```bash
fix doc 2024-02-17 13:39:20 +00:00			`c4k-common config.edn auth.edn > k8s-manifest.yaml`
[Skip-CI] Update Readme 2022-12-23 15:02:30 +00:00			```

fix doc 2024-02-17 13:39:20 +00:00			`#### Input as EDN or Yaml`
initial commit 2021-06-18 13:34:01 +00:00
minor revision of readme 2024-02-26 14:37:25 +00:00			`c4k-common supports yaml and edn as format for all of its resources (input and output).`
			`Hence, the following command line will also work:`
fix doc 2024-02-17 13:39:20 +00:00
			```bash
			`c4k-common config.yaml auth.yaml > k8s-manifest.yaml`
			```
initial commit 2021-06-18 13:34:01 +00:00
reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			`#### Inline k8s Resources for Versioning & Dependencies`
initial commit 2021-06-18 13:34:01 +00:00
fix doc 2024-02-17 13:39:20 +00:00			`We inline all resources used in our libraries & applications. You can generate k8s manifests everywhere without additional external dependencies.`
initial commit 2021-06-18 13:34:01 +00:00
fix doc 2024-02-17 13:39:20 +00:00			`In case of`
			`* java: Resources are included in the jar-file out of the box (see https://repo.prod.meissa.de/meissa/c4k-forgejo/src/branch/main/project.clj#L13).`
			`* js: With a slim macro call we inline resources to the resulting js file (see https://repo.prod.meissa.de/meissa/c4k-forgejo/src/branch/main/src/main/cljc/dda/c4k_forgejo/forgejo.cljc#L72-L74)`
minor revision of readme 2024-02-26 14:37:25 +00:00			`* native: On native builds we also inline resources (see https://repo.prod.meissa.de/meissa/c4k-forgejo/src/branch/main/build.py#L126)`
mob 2021-07-09 14:39:36 +00:00
reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			`#### Work on Structured Data Instead of Flat Templating`
mob 2021-07-09 14:39:36 +00:00
minor revision of readme 2024-02-26 14:37:25 +00:00			`To keep things simple, we also do templating. But we convert given k8s resources to structured data.`
fix doc 2024-02-17 13:39:20 +00:00			`This allows us to have more control and do unit tests:`

			`k8s-resource:`

			```yaml
			`apiVersion: traefik.containo.us/v1alpha1`
			`kind: Middleware`
			`metadata:`
			`name: ratelimit`
			`spec:`
			`rateLimit:`
			`average: AVG`
			`burst: BRS`
			```

			`Replace values:`
add refactoring overview 2021-09-08 11:03:43 +00:00
fix doc 2024-02-17 13:39:20 +00:00			```clojure
			`(defn-spec generate-rate-limit-middleware pred/map-or-seq?`
			`[config rate-limit-config?]`
			`(let [{:keys [max-rate max-concurrent-requests]} config]`
			`(->`
			`(yaml/load-as-edn "forgejo/middleware-ratelimit.yaml")`
			`(cm/replace-key-value :average max-rate)`
			`(cm/replace-key-value :burst max-concurrent-requests))))`
			```

			`Have a unit-test:`

			```clojure
			`(deftest should-generate-middleware-ratelimit`
			`(is (= {:apiVersion "traefik.containo.us/v1alpha1",`
			`:kind "Middleware",`
			`:metadata {:name "ratelimit"},`
			`:spec {:rateLimit {:average 10, :burst 5}}}`
			`(cut/generate-rate-limit-middleware {:max-rate 10, :max-concurrent-requests 5}))))`
			```

reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			`#### Validate Your Inputs`
fix doc 2024-02-17 13:39:20 +00:00
minor revision of readme 2024-02-26 14:37:25 +00:00			Have you recognized the `defn-spec` macro above? We use allover validation, e.g.
fix doc 2024-02-17 13:39:20 +00:00
			```clojure
			`(def rate-limit-config? (s/keys :req-un [::max-rate`
			`::max-concurrent-requests]))`

			`(defn-spec generate-rate-limit-middleware pred/map-or-seq?`
			`[config rate-limit-config?]`
			`...)`
			```

update doc 2024-02-20 17:15:17 +00:00			`#### Namespaces`

			We support namespaces for ingress & postgres (monitoring lives in it's own namespace `monitoring`).

			```clojure
revise namespaces and ingress in docs 2024-02-27 10:09:51 +00:00			`(dda.c4k-common.namespace/generate {:namespace "myapp"})`
			```

			`yields:`

			```clojure
			`[{:apiVersion "v1"`
			`:kind "Namespace"`
			`:metadata {:name "myapp"}}]`
			```

small reformulation 2024-02-27 10:59:00 +00:00			`which renders to:`
revise namespaces and ingress in docs 2024-02-27 10:09:51 +00:00
			```yaml
			`apiVersion: v1`
			`kind: Namespace`
			`metadata:`
			`name: myapp`
update doc 2024-02-20 17:15:17 +00:00			```

fix doc 2024-02-17 13:39:20 +00:00			`#### Ingress`

minor revision of readme 2024-02-26 14:37:25 +00:00			In most cases we use `generate-ingress-and-cert` which generates an ingress in combination with letsencrypt cert for a named service.
fix doc 2024-02-17 13:39:20 +00:00
			```clojure
revise namespaces and ingress in docs 2024-02-27 10:09:51 +00:00			`(dda.c4k-common.ingress/generate-ingress-and-cert`
			`{:fqdns ["test.jit.si"]`
			`:service-name "web"`
			`:service-port 80})`
			```

			`yields:`

			```clojure
			`[{:apiVersion "cert-manager.io/v1",`
			`:kind "Certificate",`
			`...`
			`:spec`
			`{:secretName "web",`
			`:commonName "test.jit.si",`
			`:duration "2160h",`
			`:renewBefore "720h",`
			`:dnsNames ["test.jit.si"],`
			`:issuerRef {:name "staging", :kind "ClusterIssuer"}}}`
			`{:apiVersion "networking.k8s.io/v1",`
			`:kind "Ingress",`
			`...`
			`:spec`
			`{:tls [{:hosts ["test.jit.si"], :secretName "web"}],`
			`:rules`
			`[{:host "test.jit.si",`
			`:http {:paths [{:path "/",`
			`:pathType "Prefix",`
			`:backend`
			`{:service {:name "web",`
			`:port {:number 80}}}}]}}]}}]`
			```

small reformulation 2024-02-27 10:59:00 +00:00			`which renders to:`
revise namespaces and ingress in docs 2024-02-27 10:09:51 +00:00
			```yaml
			`apiVersion: cert-manager.io/v1`
			`kind: Certificate`
			`...`
			`spec:`
			`secretName: web`
			`commonName: test.jit.si`
			`duration: 2160h`
			`renewBefore: 720h`
			`dnsNames:`
			`- test.jit.si`
			`issuerRef:`
			`name: staging`
			`kind: ClusterIssuer`

			`---`

			`apiVersion: networking.k8s.io/v1`
			`kind: Ingress`
			`...`
			`spec:`
			`tls:`
			`- hosts:`
			`- test.jit.si`
			`secretName: web`
			`rules:`
			`- host: test.jit.si`
			`http:`
			`paths:`
			`- pathType: Prefix`
			`path: /`
			`backend:`
			`service:`
			`name: web`
			`port:`
			`number: 80`
fix doc 2024-02-17 13:39:20 +00:00			```

			`#### Postgres Database`

			`If your application needs a database, we often use postgres:`

			```clojure
revised postgres db doc 2024-02-27 10:32:17 +00:00			`(cut/generate-deployment {:postgres-image "postgres:16"})`
			```

			`yields:`

			```clojure
			`{:apiVersion "apps/v1",`
			`:kind "Deployment",`
			`...`
			`:spec`
			`{:selector {:matchLabels {:app "postgresql"}},`
			`:strategy {:type "Recreate"},`
			`:template`
			`{:metadata {:labels {:app "postgresql"}},`
			`:spec`
			`{:containers`
			`[{:image "postgres:16",`
			`:name "postgresql",`
			`:env`
			`[{:name "POSTGRES_USER", :valueFrom {:secretKeyRef {:name "postgres-secret", :key "postgres-user"}}}`
			`{:name "POSTGRES_PASSWORD", :valueFrom {:secretKeyRef {:name "postgres-secret", :key "postgres-password"}}}`
			`{:name "POSTGRES_DB", :valueFrom {:configMapKeyRef {:name "postgres-config", :key "postgres-db"}}}],`
			`:ports [{:containerPort 5432, :name "postgresql"}],`
			`:volumeMounts`
			`[...],`
			`:volumes`
			`[...]}}}}`
			```

small reformulation 2024-02-27 10:59:00 +00:00			`which renders to:`
revised postgres db doc 2024-02-27 10:32:17 +00:00
			```yaml
			`apiVersion: apps/v1`
			`kind: Deployment`
			`...`
			`spec:`
			`selector:`
			`matchLabels:`
			`app: postgresql`
			`strategy:`
			`type: Recreate`
			`template:`
			`metadata:`
			`labels:`
			`app: postgresql`
			`spec:`
			`containers:`
			`- image: postgres:16`
			`name: postgresql`
			`env:`
			`- name: POSTGRES_USER`
			`valueFrom:`
			`secretKeyRef:`
			`name: postgres-secret`
			`key: postgres-user`
			`- name: POSTGRES_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: postgres-secret`
			`key: postgres-password`
			`- name: POSTGRES_DB`
			`valueFrom:`
			`configMapKeyRef:`
			`name: postgres-config`
			`key: postgres-db`
			`ports:`
			`- containerPort: 5432`
			`name: postgresql`
			`volumeMounts:`
			`...`
			`volumes:`
			`...`
fix doc 2024-02-17 13:39:20 +00:00			```

			`We optimized our db installation to run between 2Gb anf 16Gb Ram usage.`

reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			`#### Monitoring With Grafana Cloud`
fix doc 2024-02-17 13:39:20 +00:00
			`With minimal config of`

			```clojure
			`(def conf`
			`{:k3s-cluster-name "your-cluster-name"`
			`:k3s-cluster-stage :prod`
			`:grafana-cloud-url "your-url"})`

			`(def auth`
			`{:grafana-cloud-user "user"`
			`:grafana-cloud-password "password"})`

			`(monitoring/generate conf auth)`
			```

minor revision of readme 2024-02-26 14:37:25 +00:00			`You can connect your application to grafana cloud.`
fix doc 2024-02-17 13:39:20 +00:00
			`## Refactoring & Module Overview`
Update status of refactorings 2022-11-18 11:18:26 +00:00
update refactoring state 2024-02-21 10:02:39 +00:00			`\| Module \| Version \| [common load-as-edn][edn1] \| [groups for webview][bgrp1] \| [use common ingress][ing1] \| [use common monitoring][mon1] \| [validate examples][val1] \| [ci with pyb][cipyb] \| [inline-macro to load resources][macro] \| [native build][native] \| namespaces \|`
Update refactoring table Add c4k-taiga changes 2024-02-23 15:48:30 +00:00			`\| ------------- \|---------\|:--------------------------:\|:---------------------------:\|:--------------------------:\|:-----------------------------:\|:-------------------------:\|:--------------------:\|:---------------------------------------:\|:----------------------:\|:----------:\|`
update refactoring state 2024-02-21 10:02:39 +00:00			`\| c4k-keycloak \| 0.2 \| x \| x \| x \| x \| x \| \| \| \| \|`
Update refactoring table Add c4k-taiga changes 2024-02-23 15:48:30 +00:00			`\| c4k-taiga \| 0.1 \| x \| x \| x \| x \| x \| x \| x \| x \| \|`
update refactorings 2024-05-31 15:06:56 +00:00			`\| c4k-nextcloud \| 10.2 \| x \| x \| x \| x \| x \| x \| x \| x \| x \|`
update refactoring state 2024-06-07 16:07:53 +00:00			`\| c4k-jitsi \| 2.1 \| x \| x \| x \| x \| x \| x \| x \| x \| \|`
update refactoring state 2024-02-21 10:02:39 +00:00			`\| c4k-forgejo \| 3.0 \| x \| x \| x \| x \| x \| x \| x \| x \| \|`
			`\| c4k-shynet \| 1.0 \| \| \| \| \| \| \| \| \| \|`
update version in refactoring overview 2024-03-06 09:39:40 +00:00			`\| c4k-website \| 2.0 \| x \| x \| x \| x \| x \| x \| x \| x \| \|`
update refactoring state 2023-07-22 08:47:01 +00:00
Update Refactorings 2022-11-09 10:46:22 +00:00			`[edn1]: https://gitlab.com/domaindrivenarchitecture/c4k-website/-/merge_requests/1`
[skip-ci] updated refactoring state 2022-12-28 19:15:20 +00:00			`[ing1]: https://repo.prod.meissa.de/meissa/c4k-jitsi/commit/214aa41c28662fbf7a49998e17404e7ac9216430`
			`[bgrp1]: https://repo.prod.meissa.de/meissa/c4k-jitsi/commit/7ea442adaef727d5b48b242fd0baaaf51902d06e`
			`[mon1]: https://repo.prod.meissa.de/meissa/c4k-jitsi/commit/19e580188ea56ea26ff3a0bfb08ca428b881ad9a`
			`[val1]: https://repo.prod.meissa.de/meissa/c4k-jitsi/commit/5f08a108072569473463fb8f19150a12e564e54f`
update refactoring state 2023-07-22 08:47:01 +00:00			`[repo1]: https://repo.prod.meissa.de/meissa/c4k-forgejo/commit/e9ee6136f3347d5fccefa6b5b4a02d30c4dc42e1`
			`[cipyb]: https://gitlab.com/domaindrivenarchitecture/c4k-jitsi/-/merge_requests/1`
Added resource-load-macro as refactoring 2023-11-10 12:30:18 +00:00			`[macro]: https://repo.prod.meissa.de/meissa/c4k-jitsi/commit/61d05ceedb6dcbc6bb96b96fe6f03598e2878195`
added native image build refactoring 2024-02-17 11:18:10 +00:00			`[native]: https://repo.prod.meissa.de/meissa/c4k-forgejo/pulls/4/files`
pin postgres to version 13 2021-10-08 09:41:46 +00:00
reformat titles and describe cmd lines in more detail 2024-02-27 08:58:31 +00:00			`## Development & Mirrors`
[Skip-CI] Add Development and mirrors section 2023-07-28 11:55:55 +00:00
			`Development happens at: https://repo.prod.meissa.de/meissa/c4k-common`

			`Mirrors are:`

			`* https://gitlab.com/domaindrivenarchitecture/c4k-common (issues and PR)`
			`* https://github.com/DomainDrivenArchitecture/c4k-common`

			`For more details about our repository model see: https://repo.prod.meissa.de/meissa/federate-your-repos`

initial commit 2021-06-18 13:34:01 +00:00			`## License`

fix doc 2024-02-17 13:39:20 +00:00			`Copyright © 2022, 2023, 2024 meissa GmbH`
initial commit 2021-06-18 13:34:01 +00:00			`Licensed under the [Apache License, Version 2.0](LICENSE) (the "License")`
[Skip-CI] Add Development and mirrors section 2023-07-28 11:55:55 +00:00			`Pls. find licenses of our subcomponents [here](doc/SUBCOMPONENT_LICENSE)`