diff --git a/src/main/cljc/dda/c4k_keycloak/core.cljc b/src/main/cljc/dda/c4k_keycloak/core.cljc index ce1c22b..3e1a02c 100644 --- a/src/main/cljc/dda/c4k_keycloak/core.cljc +++ b/src/main/cljc/dda/c4k_keycloak/core.cljc @@ -13,11 +13,18 @@ (def default-storage-class :local-path) -(def config-defaults {:issuer "staging"}) +(def config-defaults {:issuer "staging", + :namespace "keycloak" + :postgres-image "postgres:14" + :postgres-size :2gb + :db-name "keycloak" + :pv-storage-size-gb 30 + :pvc-storage-class-name default-storage-class}) (def config? (s/keys :req-un [::kc/fqdn] :opt-un [::kc/issuer - ::mon/mon-cfg])) + ::mon/mon-cfg + ::kc/namespace])) (def auth? (s/keys :req-un [::kc/keycloak-admin-user ::kc/keycloak-admin-password ::postgres/postgres-db-user ::postgres/postgres-db-password] @@ -30,17 +37,11 @@ (filter #(not (nil? %)) (cm/concat-vec - (ns/generate (merge {:namespace "keycloak"} config)) - (postgres/generate (merge {:postgres-image "postgres:14" - :postgres-size :2gb - :db-name "keycloak" - :pv-storage-size-gb 30 - :pvc-storage-class-name default-storage-class - :namespace "keycloak"}) - auth) - [(kc/generate-secret auth) - (kc/generate-service) + (ns/generate config) + (postgres/generate config auth) + [(kc/generate-secret config auth) + (kc/generate-service config) (kc/generate-deployment config)] - (kc/generate-ingress (merge {:namespace "keycloak"} config)) + (kc/generate-ingress config) (when (:contains? config :mon-cfg) (mon/generate (:mon-cfg config) (:mon-auth auth))))))) diff --git a/src/main/cljc/dda/c4k_keycloak/keycloak.cljc b/src/main/cljc/dda/c4k_keycloak/keycloak.cljc index 3378846..2c7b962 100644 --- a/src/main/cljc/dda/c4k_keycloak/keycloak.cljc +++ b/src/main/cljc/dda/c4k_keycloak/keycloak.cljc @@ -11,12 +11,14 @@ [dda.c4k-common.predicate :as cp])) (s/def ::fqdn cp/fqdn-string?) +(s/def ::namespace string?) (s/def ::issuer cp/letsencrypt-issuer?) (s/def ::keycloak-admin-user cp/bash-env-string?) (s/def ::keycloak-admin-password cp/bash-env-string?) (def config? (s/keys :req-un [::fqdn] - :opt-un [::issuer])) + :opt-un [::issuer + ::namespace])) (def auth? (s/keys :req-un [::keycloak-admin-user ::keycloak-admin-password])) @@ -35,20 +37,28 @@ config))) (defn-spec generate-secret cp/map-or-seq? - [auth auth?] - (let [{:keys [keycloak-admin-user keycloak-admin-password]} auth] + [config config? + auth auth?] + (let [{:keys [namespace]} config + {:keys [keycloak-admin-user keycloak-admin-password]} auth] (-> (yaml/load-as-edn "keycloak/secret.yaml") + (cm/replace-all-matching "NAMESPACE" namespace) (cm/replace-key-value :keycloak-user (b64/encode keycloak-admin-user)) (cm/replace-key-value :keycloak-password (b64/encode keycloak-admin-password))))) -(defn-spec generate-service cp/map-or-seq? [] - (yaml/load-as-edn "keycloak/service.yaml")) +(defn-spec generate-service cp/map-or-seq? + [config config?] + (let [{:keys [namespace]} config] + (-> + (yaml/load-as-edn "keycloak/service.yaml") + (cm/replace-all-matching "NAMESPACE" namespace)))) (defn-spec generate-deployment cp/map-or-seq? [config config?] - (let [{:keys [fqdn]} config] + (let [{:keys [fqdn namespace]} config] (-> (yaml/load-as-edn "keycloak/deployment.yaml") + (cm/replace-all-matching "NAMESPACE" namespace) (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) diff --git a/src/main/resources/keycloak/deployment.yaml b/src/main/resources/keycloak/deployment.yaml index f662cc2..5fc1ae0 100644 --- a/src/main/resources/keycloak/deployment.yaml +++ b/src/main/resources/keycloak/deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: keycloak - namespace: keycloak + namespace: NAMESPACE labels: app: keycloak spec: diff --git a/src/main/resources/keycloak/secret.yaml b/src/main/resources/keycloak/secret.yaml index a58bb8a..b214355 100644 --- a/src/main/resources/keycloak/secret.yaml +++ b/src/main/resources/keycloak/secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: keycloak-secret - namespace: keycloak + namespace: NAMESPACE type: Opaque data: keycloak-user: admin diff --git a/src/main/resources/keycloak/service.yaml b/src/main/resources/keycloak/service.yaml index 5926555..8a1b4d1 100644 --- a/src/main/resources/keycloak/service.yaml +++ b/src/main/resources/keycloak/service.yaml @@ -4,7 +4,7 @@ metadata: name: keycloak labels: service: keycloak - namespace: keycloak + namespace: NAMESPACE spec: ports: - name: "http" diff --git a/src/test/cljc/dda/c4k_keycloak/keycloak_test.cljc b/src/test/cljc/dda/c4k_keycloak/keycloak_test.cljc index d47adc1..8c9d17e 100644 --- a/src/test/cljc/dda/c4k_keycloak/keycloak_test.cljc +++ b/src/test/cljc/dda/c4k_keycloak/keycloak_test.cljc @@ -15,7 +15,7 @@ :data {:keycloak-user "dXNlcg==" :keycloak-password "cGFzc3dvcmQ="}} - (cut/generate-secret {:keycloak-admin-user "user" :keycloak-admin-password "password"})))) + (cut/generate-secret {:namespace "keycloak" :fqdn "test.de"} {:keycloak-admin-user "user" :keycloak-admin-password "password"})))) (deftest should-generate-deployment (is (= {:apiVersion "apps/v1", @@ -75,4 +75,4 @@ :items [{:key "tls.crt", :path "tls.crt"} {:key "tls.key", :path "tls.key"}]}}]}}}} - (cut/generate-deployment {:fqdn "test.de"})))) + (cut/generate-deployment {:fqdn "test.de" :namespace "keycloak"}))))