From 1e7b71884d4609f2514d9206e412b53576df58c6 Mon Sep 17 00:00:00 2001 From: erik Date: Tue, 18 Oct 2022 10:30:51 +0200 Subject: [PATCH] Integrate ingress-ns in website --- src/main/cljc/dda/c4k_website/ingress.cljc | 32 ++----- src/main/cljc/dda/c4k_website/website.cljc | 84 +++++-------------- src/main/resources/ingress/rule.yaml | 10 --- .../cljc/dda/c4k_website/ingress_test.cljc | 4 +- 4 files changed, 32 insertions(+), 98 deletions(-) delete mode 100644 src/main/resources/ingress/rule.yaml diff --git a/src/main/cljc/dda/c4k_website/ingress.cljc b/src/main/cljc/dda/c4k_website/ingress.cljc index 338b90c..ff658a1 100644 --- a/src/main/cljc/dda/c4k_website/ingress.cljc +++ b/src/main/cljc/dda/c4k_website/ingress.cljc @@ -24,49 +24,33 @@ (def certificate? (s/keys :req-un [::fqdns ::cert-name] :opt-un [::issuer])) -(defn replace-dots-by-minus - [fqdn] - (str/replace fqdn #"\." "-")) - -(defn generate-cert-name - [unique-name] - (str (replace-dots-by-minus unique-name) "-cert")) - -(defn generate-http-ingress-name - [unique-name] - (str (replace-dots-by-minus unique-name) "-http-ingress")) - -(defn generate-https-ingress-name - [unique-name] - (str (replace-dots-by-minus unique-name) "-https-ingress")) - -(defn-spec generate-rule pred/map-or-seq? +(defn-spec generate-host-rule pred/map-or-seq? [service-name ::service-name service-port ::service-port fqdn pred/fqdn-string?] (-> - (yaml/load-as-edn "ingress/rule.yaml") + (yaml/load-as-edn "ingress/host-rule.yaml") (cm/replace-all-matching-values-by-new-value "FQDN" fqdn) (cm/replace-all-matching-values-by-new-value "SERVICE_PORT" service-port) (cm/replace-all-matching-values-by-new-value "SERVICE_NAME" service-name))) (defn-spec generate-http-ingress pred/map-or-seq? [config ingress?] - (let [{:keys [ingress-name service-name service-port fqdns]} config] + (let [{:keys [http-ingress-name service-name service-port fqdns]} config] (-> (yaml/load-as-edn "ingress/http-ingress.yaml") - (assoc-in [:metadata :name] ingress-name) - (assoc-in [:spec :rules] (mapv (partial generate-rule service-name service-port) fqdns))))) + (assoc-in [:metadata :name] http-ingress-name) + (assoc-in [:spec :rules] (mapv (partial generate-host-rule service-name service-port) fqdns))))) (defn-spec generate-https-ingress pred/map-or-seq? [config ingress?] - (let [{:keys [ingress-name cert-name service-name service-port fqdns]} config] + (let [{:keys [https-ingress-name cert-name service-name service-port fqdns]} config] (-> (yaml/load-as-edn "ingress/https-ingress.yaml") - (assoc-in [:metadata :name] ingress-name) + (assoc-in [:metadata :name] https-ingress-name) (assoc-in [:spec :tls 0 :secretName] cert-name) (assoc-in [:spec :tls 0 :hosts] fqdns) - (assoc-in [:spec :rules] (mapv (partial generate-rule service-name service-port) fqdns))))) + (assoc-in [:spec :rules] (mapv (partial generate-host-rule service-name service-port) fqdns))))) (defn-spec generate-certificate pred/map-or-seq? [config certificate?] diff --git a/src/main/cljc/dda/c4k_website/website.cljc b/src/main/cljc/dda/c4k_website/website.cljc index 9d1fd83..ad8ca75 100644 --- a/src/main/cljc/dda/c4k_website/website.cljc +++ b/src/main/cljc/dda/c4k_website/website.cljc @@ -10,6 +10,7 @@ [dda.c4k-common.common :as cm] [dda.c4k-common.base64 :as b64] [dda.c4k-common.predicate :as pred] + [dda.c4k-website.ingress :as ing] [clojure.string :as str])) (defn fqdn-list? @@ -41,25 +42,25 @@ (def volume-size 3) -(defn unique-name-from-fqdn +(defn replace-dots-by-minus [fqdn] (str/replace fqdn #"\." "-")) (defn generate-service-name [unique-name] - (str (unique-name-from-fqdn unique-name) "-service")) + (str (replace-dots-by-minus unique-name) "-service")) (defn generate-cert-name [unique-name] - (str (unique-name-from-fqdn unique-name) "-cert")) + (str (replace-dots-by-minus unique-name) "-cert")) (defn generate-http-ingress-name [unique-name] - (str (unique-name-from-fqdn unique-name) "-http-ingress")) + (str (replace-dots-by-minus unique-name) "-http-ingress")) (defn generate-https-ingress-name [unique-name] - (str (unique-name-from-fqdn unique-name) "-https-ingress")) + (str (replace-dots-by-minus unique-name) "-https-ingress")) ; https://your.gitea.host/api/v1/repos///archive/main.zip (defn make-gitrepourl @@ -107,71 +108,30 @@ ;function that creates a rule from host names (mapv #(assoc-in rule [:host] %) fqdns)) -;create working ingress -; todo: move to common/ingress -(defn generate-common-http-ingress - [config] - (let [{:keys [fqdn service-name]} config] - (-> - (yaml/load-as-edn "website/http-ingress.yaml") - (cm/replace-all-matching-values-by-new-value "SERVICENAME" service-name) - (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) - (defn-spec generate-website-http-ingress pred/map-or-seq? [config websitedata?] - (let [{:keys [unique-name fqdns]} config - spec-rules [:spec :rules]] - (-> - (generate-common-http-ingress - {:fqdn (first fqdns) :service-name (generate-service-name unique-name)}) - (cm/replace-all-matching-values-by-new-value "c4k-common-http-ingress" (generate-http-ingress-name unique-name)) - (#(assoc-in % - spec-rules - (make-host-rules-from-fqdns - (-> % :spec :rules first) ;get first ingress rule - fqdns)))))) - -;create working ingress -(defn generate-common-https-ingress - [config] - (let [{:keys [fqdn service-name]} config] - (-> - (yaml/load-as-edn "website/https-ingress.yaml") - (cm/replace-all-matching-values-by-new-value "SERVICENAME" service-name) - (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) + (let [{:keys [unique-name fqdns]} config] + (ing/generate-http-ingress {:fqdns fqdns + :ingress-name (generate-http-ingress-name unique-name) + :service-name (generate-service-name unique-name) + :service-port 80}))) (defn-spec generate-website-https-ingress pred/map-or-seq? [config websitedata?] - (let [{:keys [unique-name fqdns]} config - spec-rules [:spec :rules] - spec-tls-hosts [:spec :tls 0 :hosts]] - (-> - (generate-common-https-ingress - {:fqdn (first fqdns) :service-name (generate-service-name unique-name)}) - (cm/replace-all-matching-values-by-new-value "c4k-common-https-ingress" (generate-https-ingress-name unique-name)) - (cm/replace-all-matching-values-by-new-value "c4k-common-cert" (generate-cert-name unique-name)) - (#(assoc-in % spec-tls-hosts fqdns)) - (#(assoc-in % spec-rules (make-host-rules-from-fqdns (-> % :spec :rules first) fqdns)))))) - -(defn generate-common-certificate - [config] - (let [{:keys [fqdn issuer] - :or {issuer "staging"}} config - letsencrypt-issuer (name issuer)] - (-> - (yaml/load-as-edn "website/certificate.yaml") - (assoc-in [:spec :issuerRef :name] letsencrypt-issuer) - (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) + (let [{:keys [unique-name fqdns]} config] + (ing/generate-https-ingress {:fqdns fqdns + :cert-name (generate-cert-name unique-name) + :ingress-name (generate-http-ingress-name unique-name) + :service-name (generate-service-name unique-name) + :service-port 80}))) (defn-spec generate-website-certificate pred/map-or-seq? [config websitedata?] - (let [{:keys [unique-name issuer fqdns]} config - spec-dnsNames [:spec :dnsNames]] - (-> - (generate-common-certificate - {:issuer issuer, :fqdn (first fqdns)}) - (cm/replace-all-matching-values-by-new-value "c4k-common-cert" (generate-cert-name unique-name)) - (assoc-in spec-dnsNames fqdns)))) + (let [{:keys [unique-name issuer fqdns] + :or {issuer "staging"}} config] + (ing/generate-https-ingress {:fqdns fqdns + :cert-name (generate-cert-name unique-name) + :issuer issuer}))) (defn-spec generate-nginx-configmap pred/map-or-seq? [config websitedata?] diff --git a/src/main/resources/ingress/rule.yaml b/src/main/resources/ingress/rule.yaml deleted file mode 100644 index 73d0e9f..0000000 --- a/src/main/resources/ingress/rule.yaml +++ /dev/null @@ -1,10 +0,0 @@ -host: FQDN -http: - paths: - - pathType: Prefix - path: "/" - backend: - service: - name: SERVICE_NAME - port: - number: SERVICE_PORT diff --git a/src/test/cljc/dda/c4k_website/ingress_test.cljc b/src/test/cljc/dda/c4k_website/ingress_test.cljc index 0b2b0f6..b104b6e 100644 --- a/src/test/cljc/dda/c4k_website/ingress_test.cljc +++ b/src/test/cljc/dda/c4k_website/ingress_test.cljc @@ -8,7 +8,7 @@ [dda.c4k-website.ingress :as cut] [clojure.spec.alpha :as s])) -(st/instrument `cut/generate-rule) +(st/instrument `cut/generate-host-rule) (st/instrument `cut/generate-http-ingress) (st/instrument `cut/generate-https-ingress) (st/instrument `cut/generate-certificate) @@ -23,7 +23,7 @@ :backend {:service {:name "myservice", :port {:number 3000}}}}]}} - (cut/generate-rule "myservice" 3000 "test.com")))) + (cut/generate-host-rule "myservice" 3000 "test.com")))) (deftest should-generate-http-ingress