diff --git a/src/main/cljc/dda/k8s_keycloak/common.cljc b/src/main/cljc/dda/k8s_keycloak/common.cljc new file mode 100644 index 0000000..56a2b9b --- /dev/null +++ b/src/main/cljc/dda/k8s_keycloak/common.cljc @@ -0,0 +1,31 @@ +(ns dda.k8s-keycloak.common + (:require + [clojure.walk])) + +(defn bash-env-string? + [input] + (and (string? input) + (not (re-matches #".*['\"\$]+.*" input)))) + +(defn fqdn-string? + [input] + (and (string? input) + (not (nil? (re-matches #"(?=^.{4,253}\.?$)(^((?!-)[a-zA-Z0-9-]{1,63}(? @@ -50,25 +25,15 @@ (assoc-in [:data :config.edn] (str my-config)) (assoc-in [:data :credentials.edn] (str my-auth)))) -(defn generate-postgres-config [] - (yaml/from-string (yaml/load-resource "postgres/config.yaml"))) - (defn generate-deployment [my-auth] (let [{:keys [postgres-db-user postgres-db-password keycloak-admin-user keycloak-admin-password]} my-auth] (-> (yaml/from-string (yaml/load-resource "keycloak/deployment.yaml")) - (replace-named-value "KEYCLOAK_USER" keycloak-admin-user) - (replace-named-value "DB_USER" postgres-db-user) - (replace-named-value "DB_PASSWORD" postgres-db-password) - (replace-named-value "KEYCLOAK_PASSWORD" keycloak-admin-password)))) - -(defn generate-postgres-deployment [my-auth] - (let [{:keys [postgres-db-user postgres-db-password]} my-auth] - (-> - (yaml/from-string (yaml/load-resource "postgres/deployment.yaml")) - (replace-named-value "POSTGRES_USER" postgres-db-user) - (replace-named-value "POSTGRES_PASSWORD" postgres-db-password)))) + (cm/replace-named-value "KEYCLOAK_USER" keycloak-admin-user) + (cm/replace-named-value "DB_USER" postgres-db-user) + (cm/replace-named-value "DB_PASSWORD" postgres-db-password) + (cm/replace-named-value "KEYCLOAK_PASSWORD" keycloak-admin-password)))) (defn generate-certificate [config] (let [{:keys [fqdn issuer] @@ -87,23 +52,20 @@ (-> (yaml/from-string (yaml/load-resource "keycloak/ingress.yaml")) (assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer) - (replace-all-matching-values-by-new-value "fqdn" fqdn)))) + (cm/replace-all-matching-values-by-new-value "fqdn" fqdn)))) (defn generate-service [] (yaml/from-string (yaml/load-resource "keycloak/service.yaml"))) -(defn generate-postgres-service [] - (yaml/from-string (yaml/load-resource "postgres/service.yaml"))) - (defn-spec generate any? [my-config config? my-auth auth?] (cs/join "\n" - [(yaml/to-string (generate-postgres-config)) + [(yaml/to-string (pg/generate-config)) "---" - (yaml/to-string (generate-postgres-service)) + (yaml/to-string (pg/generate-service)) "---" - (yaml/to-string (generate-postgres-deployment my-auth)) + (yaml/to-string (pg/generate-deployment my-auth)) "---" (yaml/to-string (generate-config my-config my-auth)) "---" diff --git a/src/main/cljc/dda/k8s_keycloak/postgres.cljc b/src/main/cljc/dda/k8s_keycloak/postgres.cljc new file mode 100644 index 0000000..dd9d797 --- /dev/null +++ b/src/main/cljc/dda/k8s_keycloak/postgres.cljc @@ -0,0 +1,21 @@ +(ns dda.k8s-keycloak.postgres + (:require + [clojure.spec.alpha :as s] + [dda.k8s-keycloak.yaml :as yaml] + [dda.k8s-keycloak.common :as cm])) + +(s/def ::postgres-db-user cm/bash-env-string?) +(s/def ::postgres-db-password cm/bash-env-string?) + +(defn generate-config [] + (yaml/from-string (yaml/load-resource "postgres/config.yaml"))) + +(defn generate-deployment [my-auth] + (let [{:keys [postgres-db-user postgres-db-password]} my-auth] + (-> + (yaml/from-string (yaml/load-resource "postgres/deployment.yaml")) + (cm/replace-named-value "POSTGRES_USER" postgres-db-user) + (cm/replace-named-value "POSTGRES_PASSWORD" postgres-db-password)))) + +(defn generate-service [] + (yaml/from-string (yaml/load-resource "postgres/service.yaml"))) diff --git a/src/test/cljc/dda/k8s_keycloak/core_test.cljc b/src/test/cljc/dda/k8s_keycloak/core_test.cljc index 1ccd9ff..18bb71c 100644 --- a/src/test/cljc/dda/k8s_keycloak/core_test.cljc +++ b/src/test/cljc/dda/k8s_keycloak/core_test.cljc @@ -90,30 +90,3 @@ :readinessProbe {:httpGet {:path "/auth/realms/master", :port 8080}}}]}}}} (cut/generate-deployment {:keycloak-admin-user "testuser" :keycloak-admin-password "test1234" :postgres-db-user "db-user" :postgres-db-password "db-password"})))) - -(deftest should-generate-postgres-deployment - (is (= {:apiVersion "apps/v1" - :kind "Deployment" - :metadata {:name "postgresql"} - :spec - {:selector {:matchLabels {:app "postgresql"}} - :strategy {:type "Recreate"} - :template - {:metadata {:labels {:app "postgresql"}} - :spec - {:containers - [{:image "postgres" - :name "postgresql" - :env - [{:name "POSTGRES_USER", :value "psqluser"} - {:name "POSTGRES_DB", :value "keycloak"} - {:name "POSTGRES_PASSWORD", :value "test1234"}] - :ports [{:containerPort 5432, :name "postgresql"}] - :cmd nil - :volumeMounts - [{:name "postgres-config-volume" - :mountPath "/etc/postgresql/postgresql.conf" - :subPath "postgresql.conf" - :readOnly true}]}] - :volumes [{:name "postgres-config-volume", :configMap {:name "postgres-config"}}]}}}} - (cut/generate-postgres-deployment {:postgres-db-user "psqluser" :postgres-db-password "test1234"})))) diff --git a/src/test/cljc/dda/k8s_keycloak/postgres_test.cljc b/src/test/cljc/dda/k8s_keycloak/postgres_test.cljc new file mode 100644 index 0000000..26e8e83 --- /dev/null +++ b/src/test/cljc/dda/k8s_keycloak/postgres_test.cljc @@ -0,0 +1,32 @@ +(ns dda.k8s-keycloak.postgres-test + (:require + #?(:clj [clojure.test :refer [deftest is are testing run-tests]] + :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) + [dda.k8s-keycloak.postgres :as cut])) + +(deftest should-generate-postgres-deployment + (is (= {:apiVersion "apps/v1" + :kind "Deployment" + :metadata {:name "postgresql"} + :spec + {:selector {:matchLabels {:app "postgresql"}} + :strategy {:type "Recreate"} + :template + {:metadata {:labels {:app "postgresql"}} + :spec + {:containers + [{:image "postgres" + :name "postgresql" + :env + [{:name "POSTGRES_USER", :value "psqluser"} + {:name "POSTGRES_DB", :value "keycloak"} + {:name "POSTGRES_PASSWORD", :value "test1234"}] + :ports [{:containerPort 5432, :name "postgresql"}] + :cmd nil + :volumeMounts + [{:name "postgres-config-volume" + :mountPath "/etc/postgresql/postgresql.conf" + :subPath "postgresql.conf" + :readOnly true}]}] + :volumes [{:name "postgres-config-volume", :configMap {:name "postgres-config"}}]}}}} + (cut/generate-deployment {:postgres-db-user "psqluser" :postgres-db-password "test1234"}))))