From 01374f14da44c4acc2d35fd39b7f128eed82da69 Mon Sep 17 00:00:00 2001 From: Michael Jerger <michael.jerger@meissa-gmbh.de> Date: Mon, 13 Jan 2025 16:56:30 +0100 Subject: [PATCH] remove dependencies & improve testing --- src/main/cljc/dda/c4k_forgejo/backup.cljc | 24 ++++--- src/main/cljc/dda/c4k_forgejo/core.cljc | 20 ++++-- src/main/cljc/dda/c4k_forgejo/forgejo.cljc | 66 +++++++++---------- .../cljc/dda/c4k_forgejo/backup_test.cljc | 14 ++++ .../cljc/dda/c4k_forgejo/forgejo_test.cljc | 16 ++--- 5 files changed, 83 insertions(+), 57 deletions(-) diff --git a/src/main/cljc/dda/c4k_forgejo/backup.cljc b/src/main/cljc/dda/c4k_forgejo/backup.cljc index 19e22be..e52f04b 100644 --- a/src/main/cljc/dda/c4k_forgejo/backup.cljc +++ b/src/main/cljc/dda/c4k_forgejo/backup.cljc @@ -1,6 +1,8 @@ (ns dda.c4k-forgejo.backup (:require [clojure.spec.alpha :as s] + #?(:clj [orchestra.core :refer [defn-spec]] + :cljs [orchestra.core :refer-macros [defn-spec]]) [dda.c4k-common.yaml :as yaml] [dda.c4k-common.base64 :as b64] [dda.c4k-common.common :as cm] @@ -12,26 +14,32 @@ (s/def ::restic-password p/bash-env-string?) (s/def ::restic-repository p/bash-env-string?) +(s/def ::config (s/keys :req-un [::restic-repository])) + +(s/def ::auth (s/keys :req-un [::restic-password ::aws-access-key-id ::aws-secret-access-key] + :opt-un [::restic-new-password])) + #?(:cljs (defmethod yaml/load-resource :backup [resource-name] (get (inline-resources "backup") resource-name))) -(defn generate-config [my-conf] +(defn-spec generate-config p/map-or-seq? + [my-conf ::config] (let [{:keys [restic-repository]} my-conf] (-> (yaml/from-string (yaml/load-resource "backup/config.yaml")) (cm/replace-key-value :restic-repository restic-repository)))) -(defn generate-cron [] +(defn-spec generate-cron p/map-or-seq? + [] (yaml/from-string (yaml/load-resource "backup/cron.yaml"))) -(defn generate-backup-restore-deployment [my-conf] - (let [backup-restore-yaml (yaml/from-string (yaml/load-resource "backup/backup-restore-deployment.yaml"))] - (if (and (contains? my-conf :local-integration-test) (= true (:local-integration-test my-conf))) - (cm/replace-named-value backup-restore-yaml "CERTIFICATE_FILE" "/var/run/secrets/localstack-secrets/ca.crt") - backup-restore-yaml))) +(defn-spec generate-backup-restore-deployment p/map-or-seq? + [my-conf ::config] + (yaml/from-string (yaml/load-resource "backup/backup-restore-deployment.yaml"))) -(defn generate-secret [my-auth] +(defn-spec generate-secret p/map-or-seq? + [my-auth ::auth] (let [{:keys [aws-access-key-id aws-secret-access-key restic-password]} my-auth] (-> (yaml/from-string (yaml/load-resource "backup/secret.yaml")) diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc index 303cbc3..acfa473 100644 --- a/src/main/cljc/dda/c4k_forgejo/core.cljc +++ b/src/main/cljc/dda/c4k_forgejo/core.cljc @@ -1,8 +1,11 @@ (ns dda.c4k-forgejo.core (:require [clojure.spec.alpha :as s] + #?(:clj [orchestra.core :refer [defn-spec]] + :cljs [orchestra.core :refer-macros [defn-spec]]) [dda.c4k-common.yaml :as yaml] [dda.c4k-common.common :as cm] + [dda.c4k-common.predicate :as p] [dda.c4k-common.monitoring :as mon] [dda.c4k-forgejo.forgejo :as forgejo] [dda.c4k-forgejo.backup :as backup] @@ -18,8 +21,10 @@ :pvc-storage-class-name "" :postgres-image "postgres:14" :postgres-size :2gb}) + (def rate-limit-defaults {:max-rate 10, :max-concurrent-requests 5}) + (def config? (s/keys :req-un [::forgejo/fqdn ::forgejo/mailer-from ::forgejo/mailer-host @@ -28,7 +33,7 @@ :opt-un [::forgejo/issuer ::forgejo/deploy-federated ::forgejo/federation-enabled - ::forgejo/default-app-name + ::forgejo/default-app-name ::forgejo/service-domain-whitelist ::forgejo/forgejo-image-version-overwrite ::backup/restic-repository @@ -37,12 +42,11 @@ (def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password ::forgejo/mailer-user ::forgejo/mailer-pw ::backup/aws-access-key-id ::backup/aws-secret-access-key] - :opt-un [::backup/restic-password ; TODO gec: Is restic password opt or req? - ::mon/mon-cfg])) + :opt-un [::backup/restic-password + ::mon/mon-auth])) -(def vol? (s/keys :req-un [::forgejo/volume-total-storage-size])) - -(defn config-objects [config] ; ToDo: ADR for generate functions - vector or no vector? +(defn-spec config-objects p/map-or-seq? + [config config?] (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)] (map yaml/to-string (filter #(not (nil? %)) @@ -67,7 +71,9 @@ (when (contains? config :mon-cfg) (mon/generate-config))))))) -(defn auth-objects [config auth] +(defn-spec auth-objects p/map-or-seq? + [config config? + auth auth?] (map yaml/to-string (filter #(not (nil? %)) (cm/concat-vec diff --git a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc index 8e56b35..357f3cb 100644 --- a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc +++ b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc @@ -44,27 +44,25 @@ (s/def ::mailer-pw pred/bash-env-string?) (s/def ::issuer pred/letsencrypt-issuer?) (s/def ::volume-total-storage-size (partial pred/int-gt-n? 5)) -(s/def ::max-rate int?) +(s/def ::max-rate int?) (s/def ::max-concurrent-requests int?) -(def config? (s/keys :req-un [::fqdn - ::mailer-from - ::mailer-host - ::mailer-port - ::service-noreply-address] - :opt-un [::issuer - ::deploy-federated - ::federation-enabled - ::default-app-name - ::service-domain-whitelist - ::forgejo-image-version-overwrite])) +(s/def ::config (s/keys :req-un [::fqdn + ::mailer-from + ::mailer-host + ::mailer-port + ::service-noreply-address + ::volume-total-storage-size + ::max-rate + ::max-concurrent-requests] + :opt-un [::issuer + ::deploy-federated + ::federation-enabled + ::default-app-name + ::service-domain-whitelist + ::forgejo-image-version-overwrite])) -(def rate-limit-config? (s/keys :req-un [::max-rate - ::max-concurrent-requests])) - -(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password ::mailer-user ::mailer-pw])) - -(def vol? (s/keys :req-un [::volume-total-storage-size])) +(s/def ::auth (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password ::mailer-user ::mailer-pw])) (defn data-storage-by-volume-size [total] @@ -76,7 +74,7 @@ (def non-federated-image-version "8.0.3") (defn-spec generate-image-str string? - [config config?] + [config ::config] (let [{:keys [deploy-federated forgejo-image-version-overwrite]} config deploy-federated-bool (boolean-from-string deploy-federated)] (if deploy-federated-bool @@ -110,16 +108,16 @@ (cm/replace-all-matching-values-by-new-value "MAILERPORT" mailer-port) (cm/replace-all-matching-values-by-new-value "WHITELISTDOMAINS" service-domain-whitelist) (cm/replace-all-matching-values-by-new-value "NOREPLY" service-noreply-address) - (cm/replace-all-matching-values-by-new-value "IS_FEDERATED" + (cm/replace-all-matching-values-by-new-value "IS_FEDERATED" (if federation-enabled-bool "true" "false"))))) -(defn generate-secrets - [auth] - (let [{:keys [postgres-db-user - postgres-db-password - mailer-user +(defn-spec generate-secrets pred/map-or-seq? + [auth ::auth] + (let [{:keys [postgres-db-user + postgres-db-password + mailer-user mailer-pw]} auth] (-> (yaml/load-as-edn "forgejo/secrets.yaml") @@ -128,8 +126,8 @@ (cm/replace-all-matching "MAILERUSER" (b64/encode mailer-user)) (cm/replace-all-matching "MAILERPW" (b64/encode mailer-pw))))) -(defn-spec generate-ratelimit-ingress-and-cert seq? - [config config?] +(defn-spec generate-ratelimit-ingress-and-cert pred/map-or-seq? + [config ::config] (let [{:keys [fqdn max-rate max-concurrent-requests namespace]} config] (ing/generate-simple-ingress (merge {:service-name "forgejo-service" @@ -141,18 +139,18 @@ config)))) (defn-spec generate-data-volume pred/map-or-seq? - [config vol?] - (let [{:keys [volume-total-storage-size]} config + [config ::config] + (let [{:keys [volume-total-storage-size]} config data-storage-size (data-storage-by-volume-size volume-total-storage-size)] - (-> + (-> (yaml/load-as-edn "forgejo/datavolume.yaml") (cm/replace-all-matching "DATASTORAGESIZE" (str (str data-storage-size) "Gi"))))) (defn-spec generate-deployment pred/map-or-seq? - [config config?] - (-> - (yaml/load-as-edn "forgejo/deployment.yaml") - (cm/replace-all-matching "IMAGE_NAME" (generate-image-str config)))) + [config ::config] + (-> + (yaml/load-as-edn "forgejo/deployment.yaml") + (cm/replace-all-matching "IMAGE_NAME" (generate-image-str config)))) (defn generate-service [] diff --git a/src/test/cljc/dda/c4k_forgejo/backup_test.cljc b/src/test/cljc/dda/c4k_forgejo/backup_test.cljc index c30f8bb..876614a 100644 --- a/src/test/cljc/dda/c4k_forgejo/backup_test.cljc +++ b/src/test/cljc/dda/c4k_forgejo/backup_test.cljc @@ -5,8 +5,22 @@ [clojure.spec.test.alpha :as st] [dda.c4k-forgejo.backup :as cut])) +(st/instrument `cut/generate-secret) (st/instrument `cut/generate-config) +(deftest should-generate-secret + (is (= {:apiVersion "v1", + :kind "Secret", + :metadata {:name "backup-secret", :namespace "forgejo"}, + :type "Opaque", + :data + {:aws-access-key-id "YXdzLWlk", + :aws-secret-access-key "YXdzLXNlY3JldA==", + :restic-password "cmVzdGljLXB3"}} + (cut/generate-secret {:aws-access-key-id "aws-id" + :aws-secret-access-key "aws-secret" + :restic-password "restic-pw"})))) + (deftest should-generate-backup-config (testing "federated" (is (= {:apiVersion "v1", diff --git a/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc b/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc index a7c03b6..f7b388d 100644 --- a/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc +++ b/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc @@ -111,7 +111,10 @@ :mailer-host "m.t.de" :mailer-port "123" :service-domain-whitelist "adb.de" - :service-noreply-address ""})))) + :service-noreply-address "" + :volume-total-storage-size 10 + :max-rate 10 + :max-concurrent-requests 1})))) (testing "federated-deployment" (is (= {:apiVersion "apps/v1", :kind "Deployment", @@ -138,7 +141,10 @@ :mailer-host "m.t.de" :mailer-port "123" :service-domain-whitelist "adb.de" - :service-noreply-address ""}))))) + :service-noreply-address "" + :volume-total-storage-size 10 + :max-rate 10 + :max-concurrent-requests 1}))))) (deftest should-generate-secret (is (= {:FORGEJO__database__USER-c1 "", @@ -157,9 +163,3 @@ :postgres-db-password "pg-pw" :mailer-user "maileruser" :mailer-pw "mailerpw"}))))) - -(deftest should-generate-data-volume - (is (= {:storage-c1 "1Gi", - :storage-c2 "15Gi"} - (th/map-diff (cut/generate-data-volume {:volume-total-storage-size 1}) - (cut/generate-data-volume {:volume-total-storage-size 15})))))