From 4ac3f4ca495f6a676534cdc53834b673eb2ade1b Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Fri, 2 Aug 2024 15:05:04 +0200 Subject: [PATCH] refactored deployment & secret --- src/main/cljc/dda/c4k_jitsi/jitsi.cljc | 14 +++++++--- src/main/resources/jitsi/deployment.yaml | 1 + src/main/resources/jitsi/secret.yaml | 1 + src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc | 30 ++++++++++++++------- 4 files changed, 32 insertions(+), 14 deletions(-) diff --git a/src/main/cljc/dda/c4k_jitsi/jitsi.cljc b/src/main/cljc/dda/c4k_jitsi/jitsi.cljc index f4bb238..8b77405 100644 --- a/src/main/cljc/dda/c4k_jitsi/jitsi.cljc +++ b/src/main/cljc/dda/c4k_jitsi/jitsi.cljc @@ -12,12 +12,14 @@ (s/def ::fqdn cp/fqdn-string?) (s/def ::issuer cp/letsencrypt-issuer?) +(s/def ::namespace string?) (s/def ::jvb-auth-password cp/bash-env-string?) (s/def ::jicofo-auth-password cp/bash-env-string?) (s/def ::jicofo-component-secret cp/bash-env-string?) (def config? (s/keys :req-un [::fqdn] - :opt-un [::issuer])) + :opt-un [::issuer + ::namespace])) (def auth? (s/keys :req-un [::jvb-auth-password ::jicofo-auth-password @@ -63,10 +65,13 @@ config))) (defn-spec generate-secret-jitsi cp/map-or-seq? - [auth auth?] - (let [{:keys [jvb-auth-password jicofo-auth-password jicofo-component-secret]} auth] + [config config? + auth auth?] + (let [{:keys [namespace]} config + {:keys [jvb-auth-password jicofo-auth-password jicofo-component-secret]} auth] (-> (yaml/from-string (yaml/load-resource "jitsi/secret.yaml")) + (cm/replace-all-matching "NAMESPACE" namespace) (cm/replace-key-value :JVB_AUTH_PASSWORD (b64/encode jvb-auth-password)) (cm/replace-key-value :JICOFO_AUTH_PASSWORD (b64/encode jicofo-auth-password)) (cm/replace-key-value :JICOFO_COMPONENT_SECRET (b64/encode jicofo-component-secret))))) @@ -88,10 +93,11 @@ (defn-spec generate-deployment cp/map-or-seq? [config config?] - (let [{:keys [fqdn]} config] + (let [{:keys [fqdn namespace]} config] (-> (yaml/load-as-edn "jitsi/deployment.yaml") (cm/replace-all-matching "REPLACE_JITSI_FQDN" fqdn) + (cm/replace-all-matching "NAMESPACE" namespace) (cm/replace-all-matching "REPLACE_ETHERPAD_URL" (str "https://etherpad." fqdn "/p/")) diff --git a/src/main/resources/jitsi/deployment.yaml b/src/main/resources/jitsi/deployment.yaml index d704a4a..1c70eb8 100644 --- a/src/main/resources/jitsi/deployment.yaml +++ b/src/main/resources/jitsi/deployment.yaml @@ -4,6 +4,7 @@ metadata: labels: app: jitsi name: jitsi + namespace: NAMESPACE spec: strategy: type: Recreate diff --git a/src/main/resources/jitsi/secret.yaml b/src/main/resources/jitsi/secret.yaml index 205a20e..771b05a 100644 --- a/src/main/resources/jitsi/secret.yaml +++ b/src/main/resources/jitsi/secret.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: jitsi-config + namespace: NAMESPACE type: Opaque data: JVB_AUTH_PASSWORD: "jvb-auth" diff --git a/src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc b/src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc index 8066c4a..422cdee 100644 --- a/src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc +++ b/src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc @@ -5,12 +5,16 @@ [clojure.spec.test.alpha :as st] [dda.c4k-jitsi.jitsi :as cut])) -(st/instrument) +(st/instrument `cut/generate-deployment) +(st/instrument `cut/generate-secret-jitsi) (deftest should-generate-deployment (is (= {:apiVersion "apps/v1", :kind "Deployment", - :metadata {:labels {:app "jitsi"}, :name "jitsi"}, + :metadata + {:labels {:app "jitsi"}, + :name "jitsi" + :namespace "jitsi"}, :spec {:strategy {:type "Recreate"}, :selector {:matchLabels {:app "jitsi"}}, @@ -19,7 +23,7 @@ :spec {:containers [{:name "jicofo", - :image "jitsi/jicofo:stable-9457-2", + :image "jitsi/jicofo:stable-9584-1", :imagePullPolicy "IfNotPresent", :env [{:name "XMPP_SERVER", :value "localhost"} @@ -29,7 +33,7 @@ {:name "JICOFO_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_AUTH_PASSWORD"}}} {:name "TZ", :value "Europe/Berlin"}]} {:name "prosody", - :image "jitsi/prosody:stable-9457-2", + :image "jitsi/prosody:stable-9584-1", :imagePullPolicy "IfNotPresent", :env [{:name "PUBLIC_URL", :value "xy.xy.xy"} @@ -63,7 +67,7 @@ {:name "WHITEBOARD_COLLAB_SERVER_PUBLIC_URL", :value "https://excalidraw-backend.xy.xy.xy"} {:name "COLIBRI_WEBSOCKET_REGEX", :value "127.0.0.1"}]} {:name "jvb", - :image "jitsi/jvb:stable-9457-2", + :image "jitsi/jvb:stable-9584-1", :imagePullPolicy "IfNotPresent", :env [{:name "PUBLIC_URL", :value "xy.xy.xy"} @@ -85,17 +89,23 @@ {:name "JICOFO_AUTH_USER", :value "focus"} {:name "JICOFO_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_AUTH_PASSWORD"}}} {:name "TZ", :value "Europe/Berlin"}]}]}}}} - (cut/generate-deployment {:fqdn "xy.xy.xy"})))) + (cut/generate-deployment {:fqdn "xy.xy.xy" + :namespace "jitsi"})))) (deftest should-generate-secret (is (= {:apiVersion "v1", :kind "Secret", - :metadata {:name "jitsi-config"}, + :metadata + {:name "jitsi-config" + :namespace "jitsi"}, :type "Opaque", :data {:JVB_AUTH_PASSWORD "anZiLWF1dGg=", :JICOFO_AUTH_PASSWORD "amljb2ZvLWF1dGg=", :JICOFO_COMPONENT_SECRET "amljb2ZvLWNvbXA="}} - (cut/generate-secret-jitsi {:jvb-auth-password "jvb-auth" - :jicofo-auth-password "jicofo-auth" - :jicofo-component-secret "jicofo-comp"})))) + (cut/generate-secret-jitsi + {:fqdn "xy.xy.xy" + :namespace "jitsi"} + {:jvb-auth-password "jvb-auth" + :jicofo-auth-password "jicofo-auth" + :jicofo-component-secret "jicofo-comp"}))))