Use common ingress

src/main/cljc/dda/c4k_shynet/core.cljc

@@ -30,7 +30,6 @@
           (shynet/generate-webserver-deployment)
           (shynet/generate-celeryworker-deployment)
           (shynet/generate-ingress config)
-          (shynet/generate-certificate config)
           (shynet/generate-service-redis)
           (shynet/generate-service-webserver)
           (shynet/generate-statefulset)])))

src/main/cljc/dda/c4k_shynet/shynet.cljc

@@ -4,7 +4,8 @@
   #?(:cljs [shadow.resource :as rc])
   [dda.c4k-common.yaml :as yaml]
   [dda.c4k-common.common :as cm]
-  [dda.c4k-common.predicate :as pred]))
+  [dda.c4k-common.predicate :as pred]
+  [dda.c4k-common.ingress :as ing]))
 
 (s/def ::fqdn pred/fqdn-string?)
 (s/def ::issuer pred/letsencrypt-issuer?)
@@ -16,7 +17,6 @@
        "shynet/secret.yaml" (rc/inline "shynet/secret.yaml")
        "shynet/certificate.yaml" (rc/inline "shynet/certificate.yaml")
        "shynet/deployments.yaml" (rc/inline "shynet/deployments.yaml")
-       "shynet/ingress.yaml" (rc/inline "shynet/ingress.yaml")  
        "shynet/service-redis.yaml" (rc/inline "shynet/service-redis.yaml")
        "shynet/service-webserver.yaml" (rc/inline "shynet/service-webserver.yaml")
        "shynet/statefulset.yaml" (rc/inline "shynet/statefulset.yaml")
@@ -32,15 +32,6 @@
      (assoc-in [:stringData :DB_USER] postgres-db-user)
      (assoc-in [:stringData :DB_PASSWORD] postgres-db-password))))
 
-(defn generate-certificate [config]
-  (let [{:keys [fqdn issuer]} config
-        letsencrypt-issuer (name issuer)]
-    (->
-     (yaml/load-as-edn "shynet/certificate.yaml")
-     (assoc-in [:spec :commonName] fqdn)
-     (assoc-in [:spec :dnsNames] [fqdn])
-     (assoc-in [:spec :issuerRef :name] letsencrypt-issuer))))
-
 (defn generate-webserver-deployment []
   (let [shynet-application "shynet-webserver"]
     (-> (yaml/load-as-edn "shynet/deployments.yaml")
@@ -53,13 +44,7 @@
         (cm/replace-all-matching "shynet-application" shynet-application))))
 
 (defn generate-ingress [config]
-  (let [{:keys [fqdn issuer]
-         :or {issuer :staging}} config
-        letsencrypt-issuer (name issuer)]
-    (->
-     (yaml/load-as-edn "shynet/ingress.yaml")
-     (assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
-     (cm/replace-all-matching "fqdn" fqdn))))
+  (ing/generate-ingress-and-cert config))
 
 (defn generate-statefulset []
   (yaml/load-as-edn "shynet/statefulset.yaml"))

src/main/resources/shynet/certificate.yaml

@@ -1,15 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: shynet-cert
-  namespace: default
-spec:
-  secretName: shynet-cert
-  commonName: fqdn
-  duration: 2160h # 90d
-  renewBefore: 360h # 15d
-  dnsNames:
-  - fqdn
-  issuerRef:
-    name: REPLACEME
-    kind: ClusterIssuer

src/main/resources/shynet/ingress.yaml

@@ -1,24 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: shynet-webserver-ingress
-  annotations:
-    ingress.kubernetes.io/force-ssl-redirect: "true"
-    ingress.kubernetes.io/ssl-redirect: "true"
-    cert-manager.io/cluster-issuer: letsencrypt-staging-issuer
-spec:
-  tls:
-  - hosts:
-    - fqdn
-    secretName: shynet-cert
-  rules:
-  - host: fqdn
-    http:
-      paths:
-      - backend:
-          service:
-            name: shynet-webserver-service
-            port:
-              number: 8080
-        path: /
-        pathType: Prefix