Merge pull request 'Split generation of config- and auth-objects' (#2) from split-config-auth into main
Reviewed-on: #2
This commit is contained in:
commit
3b0e362604
6 changed files with 34 additions and 26 deletions
5
build.py
5
build.py
|
@ -12,13 +12,14 @@ PROJECT_ROOT_PATH = "."
|
||||||
|
|
||||||
@init
|
@init
|
||||||
def initialize(project):
|
def initialize(project):
|
||||||
|
project.build_depends_on("ddadevops>=4.7.0")
|
||||||
|
|
||||||
input = {
|
input = {
|
||||||
"name": name,
|
"name": name,
|
||||||
"module": MODULE,
|
"module": MODULE,
|
||||||
"stage": "notused",
|
"stage": "notused",
|
||||||
"project_root_path": PROJECT_ROOT_PATH,
|
"project_root_path": PROJECT_ROOT_PATH,
|
||||||
"build_types": [],
|
"build_types": [],
|
||||||
"release_artifacts": ["target/uberjar/c4k-shynet-standalone.jar"],
|
|
||||||
"mixin_types": ["RELEASE"],
|
"mixin_types": ["RELEASE"],
|
||||||
"release_primary_build_file": "project.clj",
|
"release_primary_build_file": "project.clj",
|
||||||
"release_secondary_build_files": [
|
"release_secondary_build_files": [
|
||||||
|
@ -62,7 +63,7 @@ def test_schema(project):
|
||||||
"java -jar target/uberjar/c4k-shynet-standalone.jar "
|
"java -jar target/uberjar/c4k-shynet-standalone.jar "
|
||||||
+ "src/test/resources/shynet-test/valid-config.yaml "
|
+ "src/test/resources/shynet-test/valid-config.yaml "
|
||||||
+ "src/test/resources/shynet-test/valid-auth.yaml | "
|
+ "src/test/resources/shynet-test/valid-auth.yaml | "
|
||||||
+ "kubeconform --kubernetes-version 1.23.0 --strict --skip Certificate -",
|
+ """kubeconform --kubernetes-version 1.23.0 --strict --skip "Certificate,Middleware" -""",
|
||||||
shell=True,
|
shell=True,
|
||||||
check=True,
|
check=True,
|
||||||
)
|
)
|
||||||
|
|
|
@ -3,9 +3,9 @@
|
||||||
:url "https://domaindrivenarchitecture.org"
|
:url "https://domaindrivenarchitecture.org"
|
||||||
:license {:name "Apache License, Version 2.0"
|
:license {:name "Apache License, Version 2.0"
|
||||||
:url "https://www.apache.org/licenses/LICENSE-2.0.html"}
|
:url "https://www.apache.org/licenses/LICENSE-2.0.html"}
|
||||||
:dependencies [[org.clojure/clojure "1.11.1"]
|
:dependencies [[org.clojure/clojure "1.11.3"]
|
||||||
[org.clojure/tools.reader "1.4.2"]
|
[org.clojure/tools.reader "1.4.2"]
|
||||||
[org.domaindrivenarchitecture/c4k-common-clj "6.4.0"]
|
[org.domaindrivenarchitecture/c4k-common-clj "7.0.0"]
|
||||||
[hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]]
|
[hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]]
|
||||||
:target-path "target/%s/"
|
:target-path "target/%s/"
|
||||||
:source-paths ["src/main/cljc"
|
:source-paths ["src/main/cljc"
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
"src/test/cljc"
|
"src/test/cljc"
|
||||||
"src/test/cljs"
|
"src/test/cljs"
|
||||||
"src/test/resources"]
|
"src/test/resources"]
|
||||||
:dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "6.4.0"]
|
:dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "7.0.0"]
|
||||||
[hickory "0.7.1"]]
|
[hickory "0.7.1"]]
|
||||||
:builds {:frontend {:target :browser
|
:builds {:frontend {:target :browser
|
||||||
:modules {:main {:init-fn dda.c4k-shynet.browser/init}}
|
:modules {:main {:init-fn dda.c4k-shynet.browser/init}}
|
||||||
|
|
|
@ -1,14 +1,14 @@
|
||||||
(ns dda.c4k-shynet.core
|
(ns dda.c4k-shynet.core
|
||||||
(:require
|
(:require
|
||||||
[clojure.string :as cs]
|
[clojure.string :as cs]
|
||||||
[clojure.spec.alpha :as s]
|
[clojure.spec.alpha :as s]
|
||||||
#?(:clj [orchestra.core :refer [defn-spec]]
|
#?(:clj [orchestra.core :refer [defn-spec]]
|
||||||
:cljs [orchestra.core :refer-macros [defn-spec]])
|
:cljs [orchestra.core :refer-macros [defn-spec]])
|
||||||
[dda.c4k-common.common :as cm]
|
[dda.c4k-common.common :as cm]
|
||||||
[dda.c4k-common.yaml :as yaml]
|
[dda.c4k-common.yaml :as yaml]
|
||||||
[dda.c4k-common.postgres :as postgres]
|
[dda.c4k-common.postgres :as postgres]
|
||||||
[dda.c4k-common.monitoring :as mon]
|
[dda.c4k-common.monitoring :as mon]
|
||||||
[dda.c4k-shynet.shynet :as shynet]))
|
[dda.c4k-shynet.shynet :as shynet]))
|
||||||
|
|
||||||
(def config-defaults {:issuer :staging})
|
(def config-defaults {:issuer :staging})
|
||||||
|
|
||||||
|
@ -21,8 +21,8 @@
|
||||||
::mon-cfg]))
|
::mon-cfg]))
|
||||||
|
|
||||||
(def auth? (s/keys :req-un [::shynet/django-secret-key
|
(def auth? (s/keys :req-un [::shynet/django-secret-key
|
||||||
::postgres/postgres-db-user ::postgres/postgres-db-password
|
::postgres/postgres-db-user ::postgres/postgres-db-password]
|
||||||
::mon-auth]))
|
:opt-un [::mon-auth]))
|
||||||
|
|
||||||
(defn config-objects [config]
|
(defn config-objects [config]
|
||||||
(let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)]
|
(let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)]
|
||||||
|
@ -30,7 +30,7 @@
|
||||||
(filter
|
(filter
|
||||||
#(not (nil? %))
|
#(not (nil? %))
|
||||||
(cm/concat-vec
|
(cm/concat-vec
|
||||||
[(postgres/generate-config {:postgres-size :2gb :db-name "shynet"})
|
[(postgres/generate-configmap {:postgres-size :2gb :db-name "shynet"})
|
||||||
(when (contains? config :postgres-data-volume-path)
|
(when (contains? config :postgres-data-volume-path)
|
||||||
(postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb])))
|
(postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb])))
|
||||||
(postgres/generate-pvc {:pv-storage-size-gb 20
|
(postgres/generate-pvc {:pv-storage-size-gb 20
|
||||||
|
@ -44,10 +44,15 @@
|
||||||
(shynet/generate-service-webserver)
|
(shynet/generate-service-webserver)
|
||||||
(shynet/generate-statefulset)]
|
(shynet/generate-statefulset)]
|
||||||
(shynet/generate-ingress-and-cert config)
|
(shynet/generate-ingress-and-cert config)
|
||||||
(when (:contains? config :mon-cfg)
|
(when (contains? config :mon-cfg)
|
||||||
(mon/generate (:mon-cfg config) (:mon-auth config))))))))
|
(mon/generate-config)))))))
|
||||||
|
|
||||||
(defn auth-objects [config]
|
(defn auth-objects [config auth]
|
||||||
(map yaml/to-string
|
(map yaml/to-string
|
||||||
[(postgres/generate-secret config)
|
(filter
|
||||||
(shynet/generate-secret config)]))
|
#(not (nil? %))
|
||||||
|
(cm/concat-vec
|
||||||
|
[(postgres/generate-secret config auth)
|
||||||
|
(shynet/generate-secret config auth)]
|
||||||
|
(when (contains? config :mon-cfg)
|
||||||
|
(mon/generate-auth (:mon-cfg config) (:mon-auth auth)))))))
|
|
@ -15,8 +15,9 @@
|
||||||
(defmethod yaml/load-resource :shynet [resource-name]
|
(defmethod yaml/load-resource :shynet [resource-name]
|
||||||
(get (inline-resources "shynet") resource-name)))
|
(get (inline-resources "shynet") resource-name)))
|
||||||
|
|
||||||
(defn generate-secret [config]
|
(defn generate-secret [config auth]
|
||||||
(let [{:keys [fqdn django-secret-key postgres-db-user postgres-db-password]} config]
|
(let [{:keys [fqdn]} config
|
||||||
|
{:keys [django-secret-key postgres-db-user postgres-db-password]} auth]
|
||||||
(->
|
(->
|
||||||
(yaml/load-as-edn "shynet/secret.yaml")
|
(yaml/load-as-edn "shynet/secret.yaml")
|
||||||
; TODO: See comment in secret.yaml
|
; TODO: See comment in secret.yaml
|
||||||
|
|
|
@ -100,5 +100,6 @@
|
||||||
:EMAIL_HOST_PASSWORD ""
|
:EMAIL_HOST_PASSWORD ""
|
||||||
:EMAIL_HOST ""
|
:EMAIL_HOST ""
|
||||||
:SERVER_EMAIL "Shynet <noreply@shynet.example.com>"}}
|
:SERVER_EMAIL "Shynet <noreply@shynet.example.com>"}}
|
||||||
(cut/generate-secret {:fqdn "test.com" :django-secret-key "django-pw"
|
(cut/generate-secret {:fqdn "test.com"}
|
||||||
|
{:django-secret-key "django-pw"
|
||||||
:postgres-db-user "postgres-user" :postgres-db-password "postgres-pw"}))))
|
:postgres-db-user "postgres-user" :postgres-db-password "postgres-pw"}))))
|
Loading…
Reference in a new issue