Merge pull request 'Split generation of config- and auth-objects' (#2) from split-config-auth into main

Reviewed-on: #2
This commit is contained in:
gec 2024-07-19 09:18:26 +00:00
commit 3b0e362604
6 changed files with 34 additions and 26 deletions

View file

@ -12,13 +12,14 @@ PROJECT_ROOT_PATH = "."
@init @init
def initialize(project): def initialize(project):
project.build_depends_on("ddadevops>=4.7.0")
input = { input = {
"name": name, "name": name,
"module": MODULE, "module": MODULE,
"stage": "notused", "stage": "notused",
"project_root_path": PROJECT_ROOT_PATH, "project_root_path": PROJECT_ROOT_PATH,
"build_types": [], "build_types": [],
"release_artifacts": ["target/uberjar/c4k-shynet-standalone.jar"],
"mixin_types": ["RELEASE"], "mixin_types": ["RELEASE"],
"release_primary_build_file": "project.clj", "release_primary_build_file": "project.clj",
"release_secondary_build_files": [ "release_secondary_build_files": [
@ -62,7 +63,7 @@ def test_schema(project):
"java -jar target/uberjar/c4k-shynet-standalone.jar " "java -jar target/uberjar/c4k-shynet-standalone.jar "
+ "src/test/resources/shynet-test/valid-config.yaml " + "src/test/resources/shynet-test/valid-config.yaml "
+ "src/test/resources/shynet-test/valid-auth.yaml | " + "src/test/resources/shynet-test/valid-auth.yaml | "
+ "kubeconform --kubernetes-version 1.23.0 --strict --skip Certificate -", + """kubeconform --kubernetes-version 1.23.0 --strict --skip "Certificate,Middleware" -""",
shell=True, shell=True,
check=True, check=True,
) )

View file

@ -3,9 +3,9 @@
:url "https://domaindrivenarchitecture.org" :url "https://domaindrivenarchitecture.org"
:license {:name "Apache License, Version 2.0" :license {:name "Apache License, Version 2.0"
:url "https://www.apache.org/licenses/LICENSE-2.0.html"} :url "https://www.apache.org/licenses/LICENSE-2.0.html"}
:dependencies [[org.clojure/clojure "1.11.1"] :dependencies [[org.clojure/clojure "1.11.3"]
[org.clojure/tools.reader "1.4.2"] [org.clojure/tools.reader "1.4.2"]
[org.domaindrivenarchitecture/c4k-common-clj "6.4.0"] [org.domaindrivenarchitecture/c4k-common-clj "7.0.0"]
[hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]] [hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]]
:target-path "target/%s/" :target-path "target/%s/"
:source-paths ["src/main/cljc" :source-paths ["src/main/cljc"

View file

@ -4,7 +4,7 @@
"src/test/cljc" "src/test/cljc"
"src/test/cljs" "src/test/cljs"
"src/test/resources"] "src/test/resources"]
:dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "6.4.0"] :dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "7.0.0"]
[hickory "0.7.1"]] [hickory "0.7.1"]]
:builds {:frontend {:target :browser :builds {:frontend {:target :browser
:modules {:main {:init-fn dda.c4k-shynet.browser/init}} :modules {:main {:init-fn dda.c4k-shynet.browser/init}}

View file

@ -1,14 +1,14 @@
(ns dda.c4k-shynet.core (ns dda.c4k-shynet.core
(:require (:require
[clojure.string :as cs] [clojure.string :as cs]
[clojure.spec.alpha :as s] [clojure.spec.alpha :as s]
#?(:clj [orchestra.core :refer [defn-spec]] #?(:clj [orchestra.core :refer [defn-spec]]
:cljs [orchestra.core :refer-macros [defn-spec]]) :cljs [orchestra.core :refer-macros [defn-spec]])
[dda.c4k-common.common :as cm] [dda.c4k-common.common :as cm]
[dda.c4k-common.yaml :as yaml] [dda.c4k-common.yaml :as yaml]
[dda.c4k-common.postgres :as postgres] [dda.c4k-common.postgres :as postgres]
[dda.c4k-common.monitoring :as mon] [dda.c4k-common.monitoring :as mon]
[dda.c4k-shynet.shynet :as shynet])) [dda.c4k-shynet.shynet :as shynet]))
(def config-defaults {:issuer :staging}) (def config-defaults {:issuer :staging})
@ -21,8 +21,8 @@
::mon-cfg])) ::mon-cfg]))
(def auth? (s/keys :req-un [::shynet/django-secret-key (def auth? (s/keys :req-un [::shynet/django-secret-key
::postgres/postgres-db-user ::postgres/postgres-db-password ::postgres/postgres-db-user ::postgres/postgres-db-password]
::mon-auth])) :opt-un [::mon-auth]))
(defn config-objects [config] (defn config-objects [config]
(let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)] (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)]
@ -30,7 +30,7 @@
(filter (filter
#(not (nil? %)) #(not (nil? %))
(cm/concat-vec (cm/concat-vec
[(postgres/generate-config {:postgres-size :2gb :db-name "shynet"}) [(postgres/generate-configmap {:postgres-size :2gb :db-name "shynet"})
(when (contains? config :postgres-data-volume-path) (when (contains? config :postgres-data-volume-path)
(postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb]))) (postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb])))
(postgres/generate-pvc {:pv-storage-size-gb 20 (postgres/generate-pvc {:pv-storage-size-gb 20
@ -44,10 +44,15 @@
(shynet/generate-service-webserver) (shynet/generate-service-webserver)
(shynet/generate-statefulset)] (shynet/generate-statefulset)]
(shynet/generate-ingress-and-cert config) (shynet/generate-ingress-and-cert config)
(when (:contains? config :mon-cfg) (when (contains? config :mon-cfg)
(mon/generate (:mon-cfg config) (:mon-auth config)))))))) (mon/generate-config)))))))
(defn auth-objects [config] (defn auth-objects [config auth]
(map yaml/to-string (map yaml/to-string
[(postgres/generate-secret config) (filter
(shynet/generate-secret config)])) #(not (nil? %))
(cm/concat-vec
[(postgres/generate-secret config auth)
(shynet/generate-secret config auth)]
(when (contains? config :mon-cfg)
(mon/generate-auth (:mon-cfg config) (:mon-auth auth)))))))

View file

@ -15,8 +15,9 @@
(defmethod yaml/load-resource :shynet [resource-name] (defmethod yaml/load-resource :shynet [resource-name]
(get (inline-resources "shynet") resource-name))) (get (inline-resources "shynet") resource-name)))
(defn generate-secret [config] (defn generate-secret [config auth]
(let [{:keys [fqdn django-secret-key postgres-db-user postgres-db-password]} config] (let [{:keys [fqdn]} config
{:keys [django-secret-key postgres-db-user postgres-db-password]} auth]
(-> (->
(yaml/load-as-edn "shynet/secret.yaml") (yaml/load-as-edn "shynet/secret.yaml")
; TODO: See comment in secret.yaml ; TODO: See comment in secret.yaml

View file

@ -100,5 +100,6 @@
:EMAIL_HOST_PASSWORD "" :EMAIL_HOST_PASSWORD ""
:EMAIL_HOST "" :EMAIL_HOST ""
:SERVER_EMAIL "Shynet <noreply@shynet.example.com>"}} :SERVER_EMAIL "Shynet <noreply@shynet.example.com>"}}
(cut/generate-secret {:fqdn "test.com" :django-secret-key "django-pw" (cut/generate-secret {:fqdn "test.com"}
{:django-secret-key "django-pw"
:postgres-db-user "postgres-user" :postgres-db-password "postgres-pw"})))) :postgres-db-user "postgres-user" :postgres-db-password "postgres-pw"}))))