Compare commits

..

3 commits

Author SHA1 Message Date
efdb2051c5 bump version to: 6.2.3-SNAPSHOT 2024-02-29 09:53:49 +01:00
704b5cdcc8 release: 6.2.2 2024-02-29 09:53:49 +01:00
4fdf7d7de3 fix ratelimit wiring 2024-02-29 09:24:59 +01:00
7 changed files with 21 additions and 15 deletions

View file

@ -1,4 +1,4 @@
(defproject org.domaindrivenarchitecture/c4k-common-cljs "6.2.2-SNAPSHOT"
(defproject org.domaindrivenarchitecture/c4k-common-cljs "6.2.3-SNAPSHOT"
:description "Contains predicates and tools for c4k"
:url "https://domaindrivenarchitecture.org"
:license {:name "Apache License, Version 2.0"

View file

@ -1,4 +1,4 @@
(defproject org.domaindrivenarchitecture/c4k-common-clj "6.2.2-SNAPSHOT"
(defproject org.domaindrivenarchitecture/c4k-common-clj "6.2.3-SNAPSHOT"
:description "Contains predicates and tools for c4k"
:url "https://domaindrivenarchitecture.org"
:license {:name "Apache License, Version 2.0"
@ -26,7 +26,7 @@
:main dda.c4k-common.uberjar
:uberjar-name "c4k-common-standalone.jar"
:dependencies [[org.clojure/tools.cli "1.1.230"]
[ch.qos.logback/logback-classic "1.5.0"
[ch.qos.logback/logback-classic "1.5.1"
:exclusions [com.sun.mail/javax.mail]]
[org.slf4j/jcl-over-slf4j "2.0.12"]]}}
:release-tasks [["test"]
@ -34,8 +34,4 @@
["change" "version" "leiningen.release/bump-version" "release"]
["vcs" "commit"]
["vcs" "tag" "v" "--no-sign"]
["change" "version" "leiningen.release/bump-version"]]
:aliases {"inst" ["shell"
"sh"
"-c"
"lein uberjar && sudo install -m=755 target/uberjar/c4k-common-standalone.jar /usr/local/bin/c4k-common-standalone.jar"]})
["change" "version" "leiningen.release/bump-version"]])

View file

@ -73,6 +73,7 @@
{:keys [average-rate]} final-config]
[(int/generate-certificate final-config)
(int/generate-rate-limit-middleware {:rate-limit-name service-name
:namespace (:namespace final-config)
:average-rate average-rate
:burst-rate average-rate})
(int/generate-ingress final-config)]))

View file

@ -41,7 +41,10 @@
(def certificate? (s/keys :req-un [::fqdns ::app-name ::cert-name ::issuer ::ns/namespace]))
(def rate-limit-config? (s/keys :req-un [::rate-limit-name ::average-rate ::burst-rate]))
(def rate-limit-config? (s/keys :req-un [::rate-limit-name
::ns/namespace
::average-rate
::burst-rate]))
(defn-spec generate-host-rule map?
@ -72,10 +75,11 @@
(defn-spec generate-rate-limit-middleware map?
[config rate-limit-config?]
(let [{:keys [rate-limit-name average-rate burst-rate]} config]
(let [{:keys [rate-limit-name average-rate burst-rate namespace]} config]
(->
(yaml/load-as-edn "ingress/middleware-ratelimit.yaml")
(assoc-in [:metadata :name] (str rate-limit-name "-ratelimit"))
(assoc-in [:metadata :namespace] namespace)
(assoc-in [:spec :rateLimit :average] average-rate)
(assoc-in [:spec :rateLimit :burst] burst-rate))))
@ -94,7 +98,8 @@
"web, websecure"
:traefik.ingress.kubernetes.io/router.middlewares
(if rate-limit-name
(str "default-redirect-https@kubernetescrd, " rate-limit-name "-ratelimit@kubernetescrd")
(str "default-redirect-https@kubernetescrd, "
namespace "-" rate-limit-name "-ratelimit@kubernetescrd")
"default-redirect-https@kubernetescrd")
:metallb.universe.tf/address-pool "public"})
(assoc-in [:spec :tls 0 :secretName] cert-name)

View file

@ -2,6 +2,7 @@ apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: ratelimit
namespace: default
spec:
rateLimit:
average: AVG

View file

@ -62,9 +62,11 @@
(deftest should-generate-middleware-ratelimit
(is (= {:apiVersion "traefik.containo.us/v1alpha1",
:kind "Middleware",
:metadata {:name "normal-ratelimit"},
:metadata {:name "normal-ratelimit"
:namespace "myapp",},
:spec {:rateLimit {:average 10, :burst 5}}}
(cut/generate-rate-limit-middleware {:rate-limit-name "normal"
:namespace "myapp"
:average-rate 10, :burst-rate 5}))))
@ -94,7 +96,7 @@
:annotations {:traefik.ingress.kubernetes.io/router.entrypoints
"web, websecure"
:traefik.ingress.kubernetes.io/router.middlewares
"default-redirect-https@kubernetescrd, normal-ratelimit@kubernetescrd",
"default-redirect-https@kubernetescrd, default-normal-ratelimit@kubernetescrd",
:metallb.universe.tf/address-pool "public"}}
(:metadata (cut/generate-ingress
{

View file

@ -99,7 +99,8 @@
:issuerRef {:name "staging", :kind "ClusterIssuer"}}}
{:apiVersion "traefik.containo.us/v1alpha1",
:kind "Middleware",
:metadata {:name "web-ratelimit"},
:metadata {:name "web-ratelimit"
:namespace "default"},
:spec {:rateLimit {:average 10, :burst 10}}}
{:apiVersion "networking.k8s.io/v1",
:kind "Ingress",
@ -110,7 +111,7 @@
:annotations
{:traefik.ingress.kubernetes.io/router.entrypoints "web, websecure",
:traefik.ingress.kubernetes.io/router.middlewares
"default-redirect-https@kubernetescrd, web-ratelimit@kubernetescrd",
"default-redirect-https@kubernetescrd, default-web-ratelimit@kubernetescrd",
:metallb.universe.tf/address-pool "public"}},
:spec
{:tls [{:hosts ["test.jit.si"], :secretName "web"}],