refactored deployment & secret

2024-08-02 15:05:04 +02:00 · 2024-08-02 15:05:04 +02:00 · 4ac3f4ca49
commit 4ac3f4ca49
parent 89cb9f8223
4 changed files with 32 additions and 14 deletions
--- a/src/main/cljc/dda/c4k_jitsi/jitsi.cljc
+++ b/src/main/cljc/dda/c4k_jitsi/jitsi.cljc
@ -12,12 +12,14 @@

 (s/def ::fqdn cp/fqdn-string?)
 (s/def ::issuer cp/letsencrypt-issuer?)
+(s/def ::namespace string?)
 (s/def ::jvb-auth-password cp/bash-env-string?)
 (s/def ::jicofo-auth-password cp/bash-env-string?)
 (s/def ::jicofo-component-secret cp/bash-env-string?)

 (def config? (s/keys :req-un [::fqdn]
-                     :opt-un [::issuer]))
+                     :opt-un [::issuer
+                              ::namespace]))

 (def auth? (s/keys :req-un [::jvb-auth-password
                            ::jicofo-auth-password
@ -63,10 +65,13 @@
    config)))

 (defn-spec generate-secret-jitsi cp/map-or-seq?
-  [auth auth?]
-  (let [{:keys [jvb-auth-password jicofo-auth-password jicofo-component-secret]} auth]
+  [config config?
+   auth auth?]
+  (let [{:keys [namespace]} config
+        {:keys [jvb-auth-password jicofo-auth-password jicofo-component-secret]} auth]
    (->
     (yaml/from-string (yaml/load-resource "jitsi/secret.yaml"))
+     (cm/replace-all-matching "NAMESPACE" namespace)
     (cm/replace-key-value :JVB_AUTH_PASSWORD (b64/encode jvb-auth-password))
     (cm/replace-key-value :JICOFO_AUTH_PASSWORD (b64/encode jicofo-auth-password))
     (cm/replace-key-value :JICOFO_COMPONENT_SECRET (b64/encode jicofo-component-secret)))))
@ -88,10 +93,11 @@

 (defn-spec generate-deployment cp/map-or-seq?
  [config config?]
-  (let [{:keys [fqdn]} config]
+  (let [{:keys [fqdn namespace]} config]
    (->
     (yaml/load-as-edn "jitsi/deployment.yaml")
     (cm/replace-all-matching "REPLACE_JITSI_FQDN" fqdn)
+     (cm/replace-all-matching "NAMESPACE" namespace)
     (cm/replace-all-matching "REPLACE_ETHERPAD_URL"
                              (str "https://etherpad." fqdn "/p/"))
     
--- a/src/main/resources/jitsi/deployment.yaml
+++ b/src/main/resources/jitsi/deployment.yaml
@ -4,6 +4,7 @@ metadata:
  labels:
    app: jitsi
  name: jitsi
+  namespace: NAMESPACE
 spec:
  strategy:
    type: Recreate
--- a/src/main/resources/jitsi/secret.yaml
+++ b/src/main/resources/jitsi/secret.yaml
@ -2,6 +2,7 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: jitsi-config
+  namespace: NAMESPACE
 type: Opaque
 data:
  JVB_AUTH_PASSWORD: "jvb-auth"
--- a/src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc
+++ b/src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc
@ -5,12 +5,16 @@
   [clojure.spec.test.alpha :as st]
   [dda.c4k-jitsi.jitsi :as cut]))

-(st/instrument)
+(st/instrument `cut/generate-deployment)
+(st/instrument `cut/generate-secret-jitsi)

 (deftest should-generate-deployment
  (is (= {:apiVersion "apps/v1",
          :kind "Deployment",
-          :metadata {:labels {:app "jitsi"}, :name "jitsi"},
+          :metadata
+          {:labels {:app "jitsi"},
+           :name "jitsi"
+           :namespace "jitsi"},
          :spec
          {:strategy {:type "Recreate"},
           :selector {:matchLabels {:app "jitsi"}},
@ -19,7 +23,7 @@
            :spec
            {:containers
             [{:name "jicofo",
-               :image "jitsi/jicofo:stable-9457-2",
+               :image "jitsi/jicofo:stable-9584-1",
               :imagePullPolicy "IfNotPresent",
               :env
               [{:name "XMPP_SERVER", :value "localhost"}
@ -29,7 +33,7 @@
                {:name "JICOFO_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_AUTH_PASSWORD"}}}
                {:name "TZ", :value "Europe/Berlin"}]}
              {:name "prosody",
-               :image "jitsi/prosody:stable-9457-2",
+               :image "jitsi/prosody:stable-9584-1",
               :imagePullPolicy "IfNotPresent",
               :env
               [{:name "PUBLIC_URL", :value "xy.xy.xy"}
@ -63,7 +67,7 @@
                {:name "WHITEBOARD_COLLAB_SERVER_PUBLIC_URL", :value "https://excalidraw-backend.xy.xy.xy"}
                {:name "COLIBRI_WEBSOCKET_REGEX", :value "127.0.0.1"}]}
              {:name "jvb",
-               :image "jitsi/jvb:stable-9457-2",
+               :image "jitsi/jvb:stable-9584-1",
               :imagePullPolicy "IfNotPresent",
               :env
               [{:name "PUBLIC_URL", :value "xy.xy.xy"}
@ -85,17 +89,23 @@
                {:name "JICOFO_AUTH_USER", :value "focus"}
                {:name "JICOFO_AUTH_PASSWORD", :valueFrom {:secretKeyRef {:name "jitsi-config", :key "JICOFO_AUTH_PASSWORD"}}}
                {:name "TZ", :value "Europe/Berlin"}]}]}}}}
-         (cut/generate-deployment {:fqdn "xy.xy.xy"}))))
+         (cut/generate-deployment {:fqdn "xy.xy.xy"
+                                   :namespace "jitsi"}))))

 (deftest should-generate-secret
  (is (= {:apiVersion "v1",
          :kind "Secret",
-          :metadata {:name "jitsi-config"},
+          :metadata 
+          {:name "jitsi-config"
+           :namespace "jitsi"},
          :type "Opaque",
          :data
          {:JVB_AUTH_PASSWORD "anZiLWF1dGg=",
           :JICOFO_AUTH_PASSWORD "amljb2ZvLWF1dGg=",
           :JICOFO_COMPONENT_SECRET "amljb2ZvLWNvbXA="}}
-         (cut/generate-secret-jitsi {:jvb-auth-password "jvb-auth"
+         (cut/generate-secret-jitsi 
+          {:fqdn "xy.xy.xy"
+           :namespace "jitsi"}
+          {:jvb-auth-password "jvb-auth"
           :jicofo-auth-password "jicofo-auth"
           :jicofo-component-secret "jicofo-comp"}))))