From 67acfef5638a9ed1832492baa74f8ce02e0fd82b Mon Sep 17 00:00:00 2001
From: Michael Jerger <michael.jerger@meissa-gmbh.de>
Date: Tue, 18 Feb 2025 14:39:09 +0100
Subject: [PATCH] add restart ability - wip
---
src/main/cljc/dda/c4k_jitsi/core.cljc | 1 +
src/main/cljc/dda/c4k_jitsi/jitsi.cljc | 9 ++++++
.../jitsi/restart-config-authorization.yaml | 11 +++++++
.../resources/jitsi/restart-config-cron.yaml | 25 +++++++++++++++
.../jitsi/restart-config-rolebinding.yaml | 13 ++++++++
.../jitsi/restart-config-serviceaccount.yaml | 5 +++
src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc | 32 +++++++++++++++++++
7 files changed, 96 insertions(+)
create mode 100644 src/main/resources/jitsi/restart-config-authorization.yaml
create mode 100644 src/main/resources/jitsi/restart-config-cron.yaml
create mode 100644 src/main/resources/jitsi/restart-config-rolebinding.yaml
create mode 100644 src/main/resources/jitsi/restart-config-serviceaccount.yaml
diff --git a/src/main/cljc/dda/c4k_jitsi/core.cljc b/src/main/cljc/dda/c4k_jitsi/core.cljc
index 5ab6ffb..9eb7149 100644
--- a/src/main/cljc/dda/c4k_jitsi/core.cljc
+++ b/src/main/cljc/dda/c4k_jitsi/core.cljc
@@ -40,6 +40,7 @@
(jitsi/web-config resolved-config)
(jitsi/jvb-config resolved-config)
(jitsi/jibri-config resolved-config)
+ (jitsi/restart-config resolved-config)
(jitsi/etherpad-config resolved-config)
(jitsi/excalidraw-config resolved-config)
(jitsi/moderator-elector-config resolved-config)
diff --git a/src/main/cljc/dda/c4k_jitsi/jitsi.cljc b/src/main/cljc/dda/c4k_jitsi/jitsi.cljc
index 4a12889..bdaba1d 100644
--- a/src/main/cljc/dda/c4k_jitsi/jitsi.cljc
+++ b/src/main/cljc/dda/c4k_jitsi/jitsi.cljc
@@ -117,6 +117,15 @@
(load-and-adjust-namespace "jitsi/jibri-config-service.yaml" namespace)
(load-and-adjust-namespace "jitsi/jibri-config-deployment.yaml" namespace)]))
+(defn-spec restart-config cp/map-or-seq?
+ [config config?]
+ (let [{:keys [namespace]} config]
+ [(load-and-adjust-namespace "jitsi/restart-config-serviceaccount.yaml" namespace)
+ (load-and-adjust-namespace "jitsi/restart-config-rolebinding.yaml" namespace)
+ (->
+ (load-and-adjust-namespace "jitsi/restart-config-authorization.yaml" namespace)
+ (cm/replace-key-value :resourceNames ["etherpad", "excalidraw"]))]))
+
(defn-spec etherpad-config cp/map-or-seq?
[config config?]
(let [{:keys [namespace]} config]
diff --git a/src/main/resources/jitsi/restart-config-authorization.yaml b/src/main/resources/jitsi/restart-config-authorization.yaml
new file mode 100644
index 0000000..e414cef
--- /dev/null
+++ b/src/main/resources/jitsi/restart-config-authorization.yaml
@@ -0,0 +1,11 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: deployment-restart
+ namespace: NAMESPACE
+rules:
+ - apiGroups: ["apps", "extensions"]
+ resources: ["deployments"]
+ resourceNames: REPLACE_ME
+ verbs: ["get", "patch", "list", "watch"] # "list" and "watch" are only needed
+ # if you want to use `rollout status
\ No newline at end of file
diff --git a/src/main/resources/jitsi/restart-config-cron.yaml b/src/main/resources/jitsi/restart-config-cron.yaml
new file mode 100644
index 0000000..a96b3c4
--- /dev/null
+++ b/src/main/resources/jitsi/restart-config-cron.yaml
@@ -0,0 +1,25 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: deployment-restart
+ namespace: NAMESPACE
+spec:
+ concurrencyPolicy: Forbid
+ schedule: SCHEDULE_REPLACE_Me
+ jobTemplate:
+ spec:
+ backoffLimit: 2
+ activeDeadlineSeconds: 600
+ template:
+ spec:
+ serviceAccountName: deployment-restart
+ restartPolicy: Never
+ containers:
+ - name: kubectl
+ image: bitnami/kubectl
+ command:
+ - bash
+ - -c
+ - >-
+ kubectl rollout restart deployment/<YOUR DEPLOYMENT NAME> &&
+ kubectl rollout status deployment/<YOUR DEPLOYMENT NAME>
diff --git a/src/main/resources/jitsi/restart-config-rolebinding.yaml b/src/main/resources/jitsi/restart-config-rolebinding.yaml
new file mode 100644
index 0000000..c02b472
--- /dev/null
+++ b/src/main/resources/jitsi/restart-config-rolebinding.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: deployment-restart
+ namespace: NAMESPACE
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: deployment-restart
+subjects:
+ - kind: ServiceAccount
+ name: deployment-restart
+ namespace: NAMESPACE
\ No newline at end of file
diff --git a/src/main/resources/jitsi/restart-config-serviceaccount.yaml b/src/main/resources/jitsi/restart-config-serviceaccount.yaml
new file mode 100644
index 0000000..2a6c665
--- /dev/null
+++ b/src/main/resources/jitsi/restart-config-serviceaccount.yaml
@@ -0,0 +1,5 @@
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+ name: deployment-restart
+ namespace: NAMESPACE
\ No newline at end of file
diff --git a/src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc b/src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc
index d4dd47f..071e4bc 100644
--- a/src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc
+++ b/src/test/cljc/dda/c4k_jitsi/jitsi_test.cljc
@@ -110,3 +110,35 @@
(count (cut/moderator-elector-config
{:fqdn "xy.xy.xy"
:namespace "jitsi"})))))
+
+(deftest should-generate-restart
+ (is (= {:apiVersion "rbac.authorization.k8s.io/v1",
+ :kind "RoleBinding",
+ :metadata {:name "deployment-restart", :namespace "jitsi"},
+ :roleRef
+ {:apiGroup "rbac.authorization.k8s.io",
+ :kind "Role",
+ :name "deployment-restart"},
+ :subjects
+ [{:kind "ServiceAccount",
+ :name "deployment-restart",
+ :namespace "jitsi"}]}
+ (second (cut/restart-config
+ {:fqdn "xy.xy.xy"
+ :namespace "jitsi"}))))
+ (is (= {:apiVersion "rbac.authorization.k8s.io/v1",
+ :kind "Role",
+ :metadata {:name "deployment-restart", :namespace "jitsi"},
+ :rules
+ [{:apiGroups ["apps" "extensions"],
+ :resources ["deployments"],
+ :resourceNames ["etherpad" "excalidraw"],
+ :verbs ["get" "patch" "list" "watch"]}]}
+ (nth (cut/restart-config
+ {:fqdn "xy.xy.xy"
+ :namespace "jitsi"})
+ 2)))
+ (is (= 3
+ (count (cut/restart-config
+ {:fqdn "xy.xy.xy"
+ :namespace "jitsi"})))))