diff --git a/src/main/clj/dda/c4k_common/yaml.clj b/src/main/clj/dda/c4k_common/yaml.clj index 56c01fe..7a4221f 100644 --- a/src/main/clj/dda/c4k_common/yaml.clj +++ b/src/main/clj/dda/c4k_common/yaml.clj @@ -10,11 +10,16 @@ (into [] %) %) lazy-seq)) -(defn load-resource [resource-name] +(defmethod load-resource :clj [resource-name] (slurp (io/resource resource-name))) (defn from-string [input] (cast-lazy-seq-to-vec (yaml/parse-string input))) (defn to-string [edn] - (yaml/generate-string edn :dumper-options {:flow-style :block})) \ No newline at end of file + (yaml/generate-string edn :dumper-options {:flow-style :block})) + +(defn dispatch-by-resource-name + [resource]) + +(defmulti load-resource dispatch-by-resource-name) \ No newline at end of file diff --git a/src/main/cljc/dda/c4k_common/common.cljc b/src/main/cljc/dda/c4k_common/common.cljc index d60ed4b..500b8f5 100644 --- a/src/main/cljc/dda/c4k_common/common.cljc +++ b/src/main/cljc/dda/c4k_common/common.cljc @@ -2,17 +2,18 @@ (:require [clojure.walk])) -(defn bash-env-string? + +(defn ^{:deprecated "0.1"} bash-env-string? [input] (and (string? input) (not (re-matches #".*['\"\$]+.*" input)))) -(defn fqdn-string? +(defn ^{:deprecated "0.1"} fqdn-string? [input] (and (string? input) (some? (re-matches #"(?=^.{4,253}$)(^((?!-)[a-zA-Z0-9-]{0,62}[a-zA-Z0-9]\.)+[a-zA-Z]{2,63}$)" input)))) -(defn letsencrypt-issuer? +(defn ^{:deprecated "0.1"} letsencrypt-issuer? [input] (contains? #{:prod :staging} input)) diff --git a/src/main/cljc/dda/c4k_common/postgres.cljc b/src/main/cljc/dda/c4k_common/postgres.cljc new file mode 100644 index 0000000..d284030 --- /dev/null +++ b/src/main/cljc/dda/c4k_common/postgres.cljc @@ -0,0 +1,35 @@ +(ns dda.c4k-common.postgres + (:require + [clojure.spec.alpha :as s] + [dda.c4k-common.yaml :as yaml] + [dda.c4k-common.base64 :as b64] + [dda.c4k-common.common :as cm])) + +(s/def ::postgres-db-user cm/bash-env-string?) +(s/def ::postgres-db-password cm/bash-env-string?) +(s/def ::postgres-data-volume-path string?) + +(defn generate-config [] + (yaml/from-string (yaml/load-resource "postgres/config.yaml"))) + +(defn generate-deployment [] + (yaml/from-string (yaml/load-resource "postgres/deployment.yaml"))) + +(defn generate-persistent-volume [config] + (let [{:keys [postgres-data-volume-path]} config] + (-> + (yaml/from-string (yaml/load-resource "postgres/persistent-volume.yaml")) + (assoc-in [:spec :hostPath :path] postgres-data-volume-path)))) + +(defn generate-pvc [] + (yaml/from-string (yaml/load-resource "postgres/pvc.yaml"))) + +(defn generate-secret [my-auth] + (let [{:keys [postgres-db-user postgres-db-password]} my-auth] + (-> + (yaml/from-string (yaml/load-resource "postgres/secret.yaml")) + (cm/replace-key-value :postgres-user (b64/encode postgres-db-user)) + (cm/replace-key-value :postgres-password (b64/encode postgres-db-password))))) + +(defn generate-service [] + (yaml/from-string (yaml/load-resource "postgres/service.yaml"))) diff --git a/src/main/cljc/dda/c4k_common/prefixes.cljc b/src/main/cljc/dda/c4k_common/prefixes.cljc new file mode 100644 index 0000000..1dd4b17 --- /dev/null +++ b/src/main/cljc/dda/c4k_common/prefixes.cljc @@ -0,0 +1,15 @@ +(ns dda.c4k-common.prefixes) + +(defn bash-env-string? + [input] + (and (string? input) + (not (re-matches #".*['\"\$]+.*" input)))) + +(defn fqdn-string? + [input] + (and (string? input) + (some? (re-matches #"(?=^.{4,253}$)(^((?!-)[a-zA-Z0-9-]{0,62}[a-zA-Z0-9]\.)+[a-zA-Z]{2,63}$)" input)))) + +(defn letsencrypt-issuer? + [input] + (contains? #{:prod :staging} input)) \ No newline at end of file diff --git a/src/main/resources/postgres/config.yaml b/src/main/resources/postgres/config.yaml new file mode 100644 index 0000000..e2c62d5 --- /dev/null +++ b/src/main/resources/postgres/config.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: postgres-config + labels: + app: postgres +data: + postgres-db: jira + postgresql.conf: | + max_connections = 1000 + shared_buffers = 512MB diff --git a/src/main/resources/postgres/deployment.yaml b/src/main/resources/postgres/deployment.yaml new file mode 100644 index 0000000..5b4bb4d --- /dev/null +++ b/src/main/resources/postgres/deployment.yaml @@ -0,0 +1,51 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgresql +spec: + selector: + matchLabels: + app: postgresql + strategy: + type: Recreate + template: + metadata: + labels: + app: postgresql + spec: + containers: + - image: postgres + name: postgresql + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: postgres-secret + key: postgres-user + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-secret + key: postgres-password + - name: POSTGRES_DB + valueFrom: + configMapKeyRef: + name: postgres-config + key: postgres-db + ports: + - containerPort: 5432 + name: postgresql + volumeMounts: + - name: postgres-config-volume + mountPath: /etc/postgresql/postgresql.conf + subPath: postgresql.conf + readOnly: true + - name: postgre-data-volume + mountPath: /var/lib/postgresql/data + volumes: + - name: postgres-config-volume + configMap: + name: postgres-config + - name: postgre-data-volume + persistentVolumeClaim: + claimName: postgres-claim diff --git a/src/main/resources/postgres/persistent-volume.yaml b/src/main/resources/postgres/persistent-volume.yaml new file mode 100644 index 0000000..acc9b9d --- /dev/null +++ b/src/main/resources/postgres/persistent-volume.yaml @@ -0,0 +1,14 @@ +kind: PersistentVolume +apiVersion: v1 +metadata: + name: postgres-pv-volume + labels: + type: local +spec: + storageClassName: manual + accessModes: + - ReadWriteOnce + capacity: + storage: 10Gi + hostPath: + path: "/var/postgres" \ No newline at end of file diff --git a/src/main/resources/postgres/pvc.yaml b/src/main/resources/postgres/pvc.yaml new file mode 100644 index 0000000..3a127c7 --- /dev/null +++ b/src/main/resources/postgres/pvc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgres-claim + labels: + app: postgres +spec: + storageClassName: manual + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi \ No newline at end of file diff --git a/src/main/resources/postgres/secret.yaml b/src/main/resources/postgres/secret.yaml new file mode 100644 index 0000000..ebf2b69 --- /dev/null +++ b/src/main/resources/postgres/secret.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: postgres-secret +type: Opaque +data: + postgres-user: "psql-user" + postgres-password: "psql-pw" diff --git a/src/main/resources/postgres/service.yaml b/src/main/resources/postgres/service.yaml new file mode 100644 index 0000000..d67fea1 --- /dev/null +++ b/src/main/resources/postgres/service.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Service +metadata: + name: postgresql-service +spec: + selector: + app: postgresql + ports: + - port: 5432 diff --git a/src/test/cljc/dda/c4k_common/postgres_test.cljc b/src/test/cljc/dda/c4k_common/postgres_test.cljc new file mode 100644 index 0000000..de5f0f1 --- /dev/null +++ b/src/test/cljc/dda/c4k_common/postgres_test.cljc @@ -0,0 +1,26 @@ +(ns dda.c4k-common.postgres-test + (:require + #?(:clj [clojure.test :refer [deftest is are testing run-tests]] + :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) + [dda.c4k-common.postgres :as cut])) + +(deftest should-generate-persistent-volume + (is (= {:kind "PersistentVolume" + :apiVersion "v1" + :metadata + {:name "postgres-pv-volume", :labels {:type "local"}} + :spec + {:storageClassName "manual" + :accessModes ["ReadWriteOnce"] + :capacity {:storage "10Gi"} + :hostPath {:path "xx"}}} + (cut/generate-persistent-volume {:postgres-data-volume-path "xx"})))) + +(deftest should-generate-secret + (is (= {:apiVersion "v1" + :kind "Secret" + :metadata {:name "postgres-secret"} + :type "Opaque" + :data + {:postgres-user "eHgtdXM=", :postgres-password "eHgtcHc="}} + (cut/generate-secret {:postgres-db-user "xx-us" :postgres-db-password "xx-pw"}))))