2022-09-08 13:04:17 +00:00
|
|
|
(ns dda.c4k-website.website
|
|
|
|
|
(:require
|
2022-10-28 11:48:11 +00:00
|
|
|
[clojure.spec.alpha :as s]
|
2022-09-08 13:04:17 +00:00
|
|
|
#?(:clj [orchestra.core :refer [defn-spec]]
|
|
|
|
|
:cljs [orchestra.core :refer-macros [defn-spec]])
|
2024-02-21 10:02:18 +00:00
|
|
|
#?(:cljs [dda.c4k-common.macros :refer-macros [inline-resources]])
|
2022-09-08 13:04:17 +00:00
|
|
|
[dda.c4k-common.yaml :as yaml]
|
2022-09-27 11:53:04 +00:00
|
|
|
[dda.c4k-common.common :as cm]
|
2022-09-27 13:45:13 +00:00
|
|
|
[dda.c4k-common.base64 :as b64]
|
2022-09-30 15:54:26 +00:00
|
|
|
[dda.c4k-common.predicate :as pred]
|
2022-12-27 20:24:20 +00:00
|
|
|
[dda.c4k-common.ingress :as ing]
|
2022-11-18 09:02:12 +00:00
|
|
|
[clojure.string :as str]))
|
2022-09-30 15:54:26 +00:00
|
|
|
|
2022-10-13 14:39:55 +00:00
|
|
|
(defn fqdn-list?
|
2022-09-30 15:54:26 +00:00
|
|
|
[input]
|
2022-10-13 14:39:55 +00:00
|
|
|
(every? true? (map pred/fqdn-string? input)))
|
2022-09-30 15:54:26 +00:00
|
|
|
|
2022-10-18 09:31:47 +00:00
|
|
|
(s/def ::unique-name string?)
|
2022-11-11 12:08:55 +00:00
|
|
|
(s/def ::sha256sum-output string?)
|
2022-10-13 14:39:55 +00:00
|
|
|
(s/def ::issuer pred/letsencrypt-issuer?)
|
2022-10-28 11:48:11 +00:00
|
|
|
(s/def ::volume-size pred/integer-string?)
|
2022-10-13 14:39:55 +00:00
|
|
|
(s/def ::authtoken pred/bash-env-string?)
|
2022-10-18 11:09:13 +00:00
|
|
|
(s/def ::fqdns (s/coll-of pred/fqdn-string?))
|
2022-10-13 14:39:55 +00:00
|
|
|
(s/def ::gitea-host pred/fqdn-string?)
|
|
|
|
|
(s/def ::gitea-repo string?)
|
|
|
|
|
(s/def ::branchname string?)
|
|
|
|
|
(s/def ::username string?)
|
2022-11-29 13:05:36 +00:00
|
|
|
(s/def ::build-cpu-request string?)
|
|
|
|
|
(s/def ::build-memory-request string?)
|
|
|
|
|
(s/def ::build-cpu-limit string?)
|
|
|
|
|
(s/def ::build-memory-limit string?)
|
|
|
|
|
|
2023-04-12 14:44:36 +00:00
|
|
|
(def websiteconfig? (s/keys :req-un [::unique-name
|
|
|
|
|
::fqdns
|
|
|
|
|
::gitea-host
|
|
|
|
|
::gitea-repo
|
|
|
|
|
::branchname]
|
|
|
|
|
:opt-un [::issuer
|
|
|
|
|
::volume-size
|
|
|
|
|
::sha256sum-output
|
|
|
|
|
::build-cpu-request
|
|
|
|
|
::build-cpu-limit
|
|
|
|
|
::build-memory-request
|
|
|
|
|
::build-memory-limit]))
|
2022-10-13 14:39:55 +00:00
|
|
|
|
2022-10-14 11:41:21 +00:00
|
|
|
(def websiteauth? (s/keys :req-un [::unique-name ::username ::authtoken]))
|
2022-10-13 14:39:55 +00:00
|
|
|
|
2023-04-12 14:44:36 +00:00
|
|
|
(s/def ::websites (s/coll-of websiteconfig?))
|
2022-11-01 12:23:00 +00:00
|
|
|
|
2022-10-14 11:41:21 +00:00
|
|
|
(s/def ::auth (s/coll-of websiteauth?))
|
2022-10-12 11:42:44 +00:00
|
|
|
|
2023-06-14 10:58:10 +00:00
|
|
|
(def websites? (s/keys :req-un [::websites]))
|
|
|
|
|
|
|
|
|
|
(def auth? (s/keys :req-un [::auth]))
|
|
|
|
|
|
2022-11-11 12:08:55 +00:00
|
|
|
(defn-spec get-hash-from-sha256sum-output string?
|
|
|
|
|
[sha256sum-output string?]
|
2022-11-11 14:10:47 +00:00
|
|
|
(if (nil? sha256sum-output)
|
|
|
|
|
nil
|
2022-11-18 09:02:12 +00:00
|
|
|
(first (str/split sha256sum-output #"\ +"))))
|
2022-11-11 12:08:55 +00:00
|
|
|
|
|
|
|
|
(defn-spec get-file-name-from-sha256sum-output string?
|
|
|
|
|
[sha256sum-output string?]
|
2022-11-11 14:10:47 +00:00
|
|
|
(if (nil? sha256sum-output)
|
|
|
|
|
nil
|
2022-11-18 09:02:12 +00:00
|
|
|
(second (str/split (str/trim sha256sum-output) #"\ +"))))
|
2022-11-11 12:08:55 +00:00
|
|
|
|
2022-10-28 09:28:37 +00:00
|
|
|
(defn-spec replace-dots-by-minus string?
|
|
|
|
|
[fqdn pred/fqdn-string?]
|
2022-10-12 08:56:12 +00:00
|
|
|
(str/replace fqdn #"\." "-"))
|
2022-09-27 11:53:04 +00:00
|
|
|
|
2022-11-01 14:05:59 +00:00
|
|
|
(defn-spec generate-app-name string?
|
|
|
|
|
[unique-name pred/fqdn-string?]
|
|
|
|
|
(str (replace-dots-by-minus unique-name) "-website"))
|
|
|
|
|
|
2022-10-28 09:28:37 +00:00
|
|
|
(defn-spec generate-service-name string?
|
|
|
|
|
[unique-name pred/fqdn-string?]
|
2022-10-18 08:30:51 +00:00
|
|
|
(str (replace-dots-by-minus unique-name) "-service"))
|
2022-10-11 16:07:01 +00:00
|
|
|
|
2022-10-28 09:28:37 +00:00
|
|
|
(defn-spec generate-cert-name string?
|
|
|
|
|
[unique-name pred/fqdn-string?]
|
2022-10-18 08:30:51 +00:00
|
|
|
(str (replace-dots-by-minus unique-name) "-cert"))
|
2022-10-11 16:07:01 +00:00
|
|
|
|
2022-11-18 09:02:12 +00:00
|
|
|
(defn-spec generate-ingress-name string?
|
2022-10-28 09:28:37 +00:00
|
|
|
[unique-name pred/fqdn-string?]
|
2022-11-18 09:02:12 +00:00
|
|
|
(str (replace-dots-by-minus unique-name) "-ingress"))
|
2022-10-13 14:39:55 +00:00
|
|
|
|
2022-11-23 10:43:19 +00:00
|
|
|
; https://your.gitea.host/api/v1/repos/<owner>/<repo>/archive/<branch>.zip
|
2022-11-23 10:14:46 +00:00
|
|
|
(defn-spec generate-gitrepourl string?
|
2022-10-28 09:28:37 +00:00
|
|
|
[host pred/fqdn-string?
|
|
|
|
|
repo string?
|
|
|
|
|
user string?
|
|
|
|
|
branch string?]
|
2022-10-12 11:42:44 +00:00
|
|
|
(str "https://" host "/api/v1/repos/" user "/" repo "/archive/" branch ".zip"))
|
2022-10-12 08:56:12 +00:00
|
|
|
|
2022-12-09 08:23:01 +00:00
|
|
|
; https://your.gitea.host/api/v1/repos/<owner>/<repo>/git/commits/HEAD
|
|
|
|
|
(defn-spec generate-gitcommiturl string?
|
|
|
|
|
[host pred/fqdn-string?
|
|
|
|
|
repo string?
|
|
|
|
|
user string?]
|
|
|
|
|
(str "https://" host "/api/v1/repos/" user "/" repo "/git/" "commits/" "HEAD"))
|
|
|
|
|
|
2022-12-02 11:03:48 +00:00
|
|
|
(defn-spec replace-all-matching-substrings-beginning-with pred/map-or-seq?
|
2022-11-01 12:23:00 +00:00
|
|
|
[col pred/map-or-seq?
|
|
|
|
|
value-to-partly-match string?
|
|
|
|
|
value-to-inplace string?]
|
2022-09-27 11:53:04 +00:00
|
|
|
(clojure.walk/postwalk #(if (and (= (type value-to-partly-match) (type %))
|
|
|
|
|
(re-matches (re-pattern (str value-to-partly-match ".*")) %))
|
2022-10-12 08:56:12 +00:00
|
|
|
(str/replace % value-to-partly-match value-to-inplace) %)
|
2022-09-27 11:53:04 +00:00
|
|
|
col))
|
|
|
|
|
|
2022-11-23 10:14:46 +00:00
|
|
|
(defn-spec replace-common-data pred/map-or-seq?
|
|
|
|
|
[resource-file string?
|
2023-04-12 14:44:36 +00:00
|
|
|
config websiteconfig?]
|
2022-11-23 10:43:19 +00:00
|
|
|
(let [{:keys [unique-name]} config]
|
2022-11-23 10:14:46 +00:00
|
|
|
(->
|
|
|
|
|
(yaml/load-as-edn resource-file)
|
|
|
|
|
(assoc-in [:metadata :labels :app.kubernetes.part-of] (generate-app-name unique-name))
|
2022-12-02 11:03:48 +00:00
|
|
|
(replace-all-matching-substrings-beginning-with "NAME" (replace-dots-by-minus unique-name)))))
|
2022-11-23 10:14:46 +00:00
|
|
|
|
|
|
|
|
(defn-spec replace-build-data pred/map-or-seq?
|
|
|
|
|
[resource-file string?
|
2023-04-12 14:44:36 +00:00
|
|
|
config websiteconfig?]
|
2022-11-29 13:05:36 +00:00
|
|
|
(let [{:keys [sha256sum-output build-cpu-request build-cpu-limit build-memory-request build-memory-limit]
|
2022-12-01 15:38:03 +00:00
|
|
|
:or {build-cpu-request "500m" build-cpu-limit "1700m" build-memory-request "256Mi" build-memory-limit "512Mi"}} config]
|
2022-11-23 10:14:46 +00:00
|
|
|
(->
|
2022-11-29 13:05:36 +00:00
|
|
|
(replace-common-data resource-file config)
|
2022-11-23 10:14:46 +00:00
|
|
|
(cm/replace-all-matching-values-by-new-value "CHECK_SUM" (get-hash-from-sha256sum-output sha256sum-output))
|
2022-11-29 13:05:36 +00:00
|
|
|
(cm/replace-all-matching-values-by-new-value "SCRIPT_FILE" (get-file-name-from-sha256sum-output sha256sum-output))
|
|
|
|
|
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request)
|
|
|
|
|
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit)
|
|
|
|
|
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request)
|
|
|
|
|
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit))))
|
2022-11-23 10:14:46 +00:00
|
|
|
|
2022-09-08 13:04:17 +00:00
|
|
|
#?(:cljs
|
|
|
|
|
(defmethod yaml/load-resource :website [resource-name]
|
2024-02-21 10:02:18 +00:00
|
|
|
(get (inline-resources "website") resource-name)))
|
2022-09-08 13:04:17 +00:00
|
|
|
|
2023-04-12 14:44:36 +00:00
|
|
|
(defn-spec generate-nginx-deployment pred/map-or-seq?
|
|
|
|
|
[config websiteconfig?]
|
|
|
|
|
(replace-build-data "website/nginx-deployment.yaml" config))
|
2022-10-11 16:07:01 +00:00
|
|
|
|
2022-10-12 08:56:12 +00:00
|
|
|
(defn-spec generate-nginx-configmap pred/map-or-seq?
|
2023-04-12 14:44:36 +00:00
|
|
|
[config websiteconfig?]
|
2022-11-23 10:14:46 +00:00
|
|
|
(let [{:keys [fqdns]} config]
|
2022-09-27 11:53:04 +00:00
|
|
|
(->
|
2022-11-23 10:14:46 +00:00
|
|
|
(replace-common-data "website/nginx-configmap.yaml" config)
|
2022-10-12 08:56:12 +00:00
|
|
|
(#(assoc-in %
|
|
|
|
|
[:data :website.conf]
|
|
|
|
|
(str/replace
|
|
|
|
|
(-> % :data :website.conf) #"FQDN" (str (str/join " " fqdns) ";")))))))
|
2022-09-08 13:04:17 +00:00
|
|
|
|
2022-09-21 12:40:34 +00:00
|
|
|
(defn-spec generate-nginx-service pred/map-or-seq?
|
2023-04-12 14:44:36 +00:00
|
|
|
[config websiteconfig?]
|
2022-11-23 10:14:46 +00:00
|
|
|
(replace-common-data "website/nginx-service.yaml" config))
|
2022-09-08 13:04:17 +00:00
|
|
|
|
2022-09-21 12:40:34 +00:00
|
|
|
(defn-spec generate-website-content-volume pred/map-or-seq?
|
2023-04-12 14:44:36 +00:00
|
|
|
[config websiteconfig?]
|
2022-11-23 10:14:46 +00:00
|
|
|
(let [{:keys [volume-size]
|
2022-11-01 11:25:31 +00:00
|
|
|
:or {volume-size "3"}} config]
|
2022-09-21 12:40:34 +00:00
|
|
|
(->
|
2022-11-23 10:14:46 +00:00
|
|
|
(replace-common-data "website/website-content-volume.yaml" config)
|
2022-10-28 11:48:11 +00:00
|
|
|
(cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi")))))
|
2022-09-27 11:53:04 +00:00
|
|
|
|
2022-12-02 10:56:21 +00:00
|
|
|
(defn-spec generate-hashfile-volume pred/map-or-seq?
|
2023-04-12 14:44:36 +00:00
|
|
|
[config websiteconfig?]
|
2022-12-02 11:33:45 +00:00
|
|
|
(replace-common-data "website/hashfile-volume.yaml" config))
|
2022-12-02 10:56:21 +00:00
|
|
|
|
2023-04-12 14:44:36 +00:00
|
|
|
|
|
|
|
|
(defn-spec generate-website-ingress pred/map-or-seq?
|
|
|
|
|
[config websiteconfig?]
|
|
|
|
|
(let [{:keys [unique-name fqdns]} config]
|
|
|
|
|
(ing/generate-ingress {:fqdns fqdns
|
|
|
|
|
:app-name (generate-app-name unique-name)
|
|
|
|
|
:ingress-name (generate-ingress-name unique-name)
|
|
|
|
|
:service-name (generate-service-name unique-name)
|
|
|
|
|
:service-port 80})))
|
|
|
|
|
|
|
|
|
|
(defn-spec generate-website-certificate pred/map-or-seq?
|
|
|
|
|
[config websiteconfig?]
|
|
|
|
|
(let [{:keys [unique-name issuer fqdns]
|
|
|
|
|
:or {issuer "staging"}} config]
|
|
|
|
|
(ing/generate-certificate {:fqdns fqdns
|
|
|
|
|
:app-name (generate-app-name unique-name)
|
|
|
|
|
:cert-name (generate-cert-name unique-name)
|
|
|
|
|
:issuer issuer})))
|
|
|
|
|
|
2022-11-11 12:08:55 +00:00
|
|
|
(defn-spec generate-website-build-cron pred/map-or-seq?
|
2023-04-12 14:44:36 +00:00
|
|
|
[config websiteconfig?]
|
2022-11-11 12:08:55 +00:00
|
|
|
(replace-build-data "website/website-build-cron.yaml" config))
|
|
|
|
|
|
2022-09-27 11:53:04 +00:00
|
|
|
(defn-spec generate-website-build-secret pred/map-or-seq?
|
2023-04-12 14:44:36 +00:00
|
|
|
[config websiteconfig?
|
|
|
|
|
auth websiteauth?]
|
|
|
|
|
(let [{:keys [gitea-host
|
2022-10-12 11:42:44 +00:00
|
|
|
gitea-repo
|
2023-04-12 14:44:36 +00:00
|
|
|
branchname]} config
|
|
|
|
|
{:keys [authtoken
|
|
|
|
|
username]} auth]
|
2022-09-27 11:53:04 +00:00
|
|
|
(->
|
2023-04-12 14:44:36 +00:00
|
|
|
(replace-common-data "website/website-build-secret.yaml" config)
|
2022-09-28 08:26:50 +00:00
|
|
|
(cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken))
|
2022-12-09 08:23:01 +00:00
|
|
|
(cm/replace-all-matching-values-by-new-value "REPOURL" (b64/encode
|
2023-04-12 14:44:36 +00:00
|
|
|
(generate-gitrepourl
|
|
|
|
|
gitea-host
|
|
|
|
|
gitea-repo
|
|
|
|
|
username
|
|
|
|
|
branchname)))
|
2022-12-09 08:23:01 +00:00
|
|
|
(cm/replace-all-matching-values-by-new-value "COMMITURL" (b64/encode
|
2023-04-12 14:44:36 +00:00
|
|
|
(generate-gitcommiturl
|
|
|
|
|
gitea-host
|
|
|
|
|
gitea-repo
|
|
|
|
|
username))))))
|
2022-12-02 10:56:21 +00:00
|
|
|
|
