mob

src/main/cljc/dda/k8s_keycloak/core.cljc

@@ -20,8 +20,8 @@
 (defn generate-deployment []
   (yaml/from-string (yaml/load-resource "deployment.yaml")))
 
-(defn generate-cron []
+(defn generate-ingress [fqdn string?]
-  (yaml/from-string (yaml/load-resource "cron.yaml")))
+  (yaml/from-string (yaml/load-resource "ingress.yaml")))
 
 (defn-spec generate any?
   [my-config string?
@@ -29,4 +29,6 @@
   (cs/join "\n" 
            [(yaml/to-string (generate-config my-config my-auth))
             "---"
-            (yaml/to-string (generate-cron))]))
+            (yaml/to-string (generate-ingress))
+            "---"
+            (yaml/to-string (generate-deployment))]))

src/main/resources/certificate.yaml

@@ -0,0 +1,13 @@
+apiVersion: cert-manager.io/v1alpha2
+kind: Certificate
+metadata:
+  name: keycloak-cert
+  namespace: default
+spec:
+  secretName: keycloak-secret
+  commonName: fqdn
+  dnsNames:
+  - fqdn
+  issuerRef:
+    name: letsencrypt-staging-issuer
+    kind: ClusterIssuer

src/main/resources/ingress.yaml

@@ -1,17 +1,3 @@
-apiVersion: cert-manager.io/v1alpha2
-kind: Certificate
-metadata:
-  name: keycloak-cert
-  namespace: default
-spec:
-  secretName: keycloak-secret
-  commonName: fqdn
-  dnsNames:
-  - fqdn
-  issuerRef:
-    name: letsencrypt-staging-issuer
-    kind: ClusterIssuer
----
 apiVersion: networking.k8s.io/v1beta1
 kind: Ingress
 metadata:

src/test/cljc/dda/k8s_keycloak/core_test.cljc

@@ -11,3 +11,42 @@
            :data {:config.edn "some-config-value\n", 
                   :credentials.edn "some-credentials-value\n"}}
           (cut/generate-config "some-config-value\n" "some-credentials-value\n"))))
+
+(deftest should-generate-ingress-yaml-with-default-issuer
+  (is (= {:apiVersion "networking.k8s.io/v1beta1"
+           :kind "Ingress"
+           :metadata
+           {:name "ingress-cloud"
+            :annotations
+            {:cert-manager.io/cluster-issuer "letsencrypt-staging-issuer"
+             :nginx.ingress.kubernetes.io/proxy-body-size "256m"
+             :nginx.ingress.kubernetes.io/ssl-redirect "true"
+             :nginx.ingress.kubernetes.io/rewrite-target "/"
+             :nginx.ingress.kubernetes.io/proxy-connect-timeout "300"
+             :nginx.ingress.kubernetes.io/proxy-send-timeout "300"
+             :nginx.ingress.kubernetes.io/proxy-read-timeout "300"}
+            :namespace "default"}
+           :spec
+           {:tls ({:hosts ("test.de"), :secretName "keycloak-secret"})
+            :rules ({:host "test.de", :http {:paths ({:backend {:serviceName "keycloak", :servicePort 8080}})}})}}
+          (cut/generate-ingress {:fqdn "test.de"}))))
+
+(deftest should-generate-ingress-yaml-with-prod-issuer
+  (is (= {:apiVersion "networking.k8s.io/v1beta1"
+          :kind "Ingress"
+          :metadata
+          {:name "ingress-cloud"
+           :annotations
+           {:cert-manager.io/cluster-issuer "letsencrypt-prod-issuer"
+            :nginx.ingress.kubernetes.io/proxy-body-size "256m"
+            :nginx.ingress.kubernetes.io/ssl-redirect "true"
+            :nginx.ingress.kubernetes.io/rewrite-target "/"
+            :nginx.ingress.kubernetes.io/proxy-connect-timeout "300"
+            :nginx.ingress.kubernetes.io/proxy-send-timeout "300"
+            :nginx.ingress.kubernetes.io/proxy-read-timeout "300"}
+           :namespace "default"}
+          :spec
+          {:tls ({:hosts ("test.de"), :secretName "keycloak-secret"})
+           :rules ({:host "test.de", :http {:paths ({:backend {:serviceName "keycloak", :servicePort 8080}})}})}}
+         (cut/generate-ingress {:fqdn "test.de"
+                                :issuer :prod}))))