meissa/c4k-keycloak
6
0
Fork 0
Code Issues Pull requests Projects Releases 3 Packages Wiki Activity

mob

Browse source
This commit is contained in:
bom 2021-05-21 17:29:24 +02:00
parent 4b30021201
commit a98aae76bf
3 changed files with 52 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
src/main/cljc/dda/k8s_keycloak/core.cljc
View file

@ -6,19 +6,46 @@
:cljs [orchestra.core :refer-macros [defn-spec]]) :cljs [orchestra.core :refer-macros [defn-spec]])
[dda.k8s-keycloak.yaml :as yaml])) [dda.k8s-keycloak.yaml :as yaml]))
(def config? any?) (defn bash-env-string?
[input]
(and (string? input)
(not (re-matches #".*['\"\$]+.*" input))))
(defn fqdn-string?
[input]
(and (string? input)
(not (nil? (re-matches #"(?=^.{4,253}\.?$)(^((?!-)[a-zA-Z0-9-]{1,63}(?<!-)\.)+[a-zA-Z]{2,63}\.?$)" input)))))
(s/def ::user-name bash-env-string?)
(s/def ::user-password string?)
(s/def ::fqdn fqdn-string?)
(def config? (s/keys :req-un [::user-name ::user-password ::fqdn]
:opt-un [::issuer]))
(def auth? any?) (def auth? any?)
(def config? config?)
(defn generate-config [my-config my-auth] (defn generate-config [my-config my-auth]
(-> (->
(yaml/from-string (yaml/load-resource "config.yaml")) (yaml/from-string (yaml/load-resource "config.yaml"))
(assoc-in [:data :config.edn] (str my-config)) (assoc-in [:data :config.edn] (str my-config))
(assoc-in [ :data :credentials.edn] (str my-auth)) (assoc-in [ :data :credentials.edn] (str my-auth))))
))
(defn generate-deployment [] (defn generate-deployment [config]
(yaml/from-string (yaml/load-resource "deployment.yaml"))) (let [user (:user config)
password (:password config)]
(->
(yaml/from-string (yaml/load-resource "deployment.yaml"))
(assoc-in [:spec :template :spec :containers]
[{:name "keycloak"
:image "quay.io/keycloak/keycloak:13.0.0"
:env
[{:name "KEYCLOAK_USER", :value user}
{:name "KEYCLOAK_PASSWORD", :value password}
{:name "PROXY_ADDRESS_FORWARDING", :value "true"}]
:ports [{:name "http", :containerPort 8080}]
:readinessProbe {:httpGet {:path "/auth/realms/master", :port 8080}}}]))))
(defn generate-certificate [config] (defn generate-certificate [config]
(let [{:keys [fqdn issuer] (let [{:keys [fqdn issuer]
@ -41,12 +68,20 @@
(assoc-in [:spec :rules] [{:host fqdn (assoc-in [:spec :rules] [{:host fqdn
:http {:paths [{:backend {:serviceName "keycloak" :http {:paths [{:backend {:serviceName "keycloak"
:servicePort 8080}}]}}])))) :servicePort 8080}}]}}]))))
(defn generate-service []
(yaml/from-string (yaml/load-resource "service.yaml")))
(defn-spec generate any? (defn-spec generate any?
[my-config string? [my-config string?
my-auth string?] my-auth string?]
(cs/join "\n" (cs/join "\n"
[(yaml/to-string (generate-config my-config my-auth)) [(yaml/to-string (generate-config my-config my-auth))
"---"
(yaml/to-string (generate-config))
"---" "---"
(yaml/to-string (generate-ingress)) (yaml/to-string (generate-ingress))
"---" "---"
(yaml/to-string (generate-service))
"---"
(yaml/to-string (generate-deployment))])) (yaml/to-string (generate-deployment))]))

16
src/test/cljc/dda/k8s_keycloak/core_test.cljc
View file

@ -63,7 +63,7 @@
:issuer :prod})))) :issuer :prod}))))
(deftest should-generate-deployment (deftest should-generate-deployment
(is (= {{:apiVersion "apps/v1" (is (= {:apiVersion "apps/v1"
:kind "Deployment" :kind "Deployment"
:metadata {:name "keycloak", :namespace "default", :labels {:app "keycloak"}} :metadata {:name "keycloak", :namespace "default", :labels {:app "keycloak"}}
:spec :spec
@ -73,12 +73,12 @@
{:metadata {:labels {:app "keycloak"}} {:metadata {:labels {:app "keycloak"}}
:spec :spec
{:containers {:containers
[({:name "keycloak" [{:name "keycloak"
:image "quay.io/keycloak/keycloak:13.0.0" :image "quay.io/keycloak/keycloak:13.0.0"
:env :env
({:name "KEYCLOAK_USER", :value "admin"} [{:name "KEYCLOAK_USER", :value "testuser"}
{:name "KEYCLOAK_PASSWORD", :value "admin"} {:name "KEYCLOAK_PASSWORD", :value "test1234"}
{:name "PROXY_ADDRESS_FORWARDING", :value "true"}) {:name "PROXY_ADDRESS_FORWARDING", :value "true"}]
:ports ({:name "http", :containerPort 8080}) :ports [{:name "http", :containerPort 8080}]
:readinessProbe {:httpGet {:path "/auth/realms/master", :port 8080}}})]}}}}} :readinessProbe {:httpGet {:path "/auth/realms/master", :port 8080}}}]}}}}
(cut/generate-deployment)))) (cut/generate-deployment {:user "testuser" :password "test1234"}))))

5
valid-config.edn
View file

@ -1 +1,4 @@
{} {:fqdn "test.de"
:user-name "testuser"
:user-password "test1234"
:issuer :prod}