[Skip-CI] WIP Working Yaml Generation

This commit is contained in:
erik 2022-10-12 13:42:44 +02:00
parent b6e500da3b
commit 31f490e286
7 changed files with 137 additions and 136 deletions

View file

@ -7,56 +7,62 @@
(def config-defaults {:issuer "staging"})
(def config? (s/keys :req-un [::website/fqdn
::website/single
::website/multi
::website/fqdn1
::website/fqdn2]
(s/def ::websites vector?)
(s/def ::auth vector?)
(def config? (s/keys :req-un [::websites]
:opt-un [::website/issuer]))
(def auth? (s/keys :req-un [::website/authtoken
::website/gitrepourl]))
(defn set-single-repo-url
(def auth? (s/keys :req-un [::auth]))
(defn flatten-and-reduce-config
[config]
(assoc config :gitrepourl (:singlegitrepourl config)))
(merge (-> config :websites first) (-> config :auth first) {:issuer (config :issuer)}))
(defn set-multi-fqdn ; Sets the first value of :multi to be the name giving fqdn
[config]
(assoc config :fqdn (keyword ((keyword (first (:multi config))) config))) config)
(defn find-needle [needle haystack]
;loop binds initial values once,
;then binds values from each recursion call
(loop [needle needle
maybe-here haystack
not-here '()]
(defn set-single-fqdn ; Sets the value of :single to be the name giving fqdn
[config]
(assoc config :fqdn ((keyword (:single config)) config)))
(let [needle? (first maybe-here)]
;test for return or recur
(if (or (= (str needle?) (str needle))
(empty? maybe-here))
;return results
[needle? maybe-here not-here]
;recur calls loop with new values
(recur needle
(rest maybe-here)
(concat not-here (list (first maybe-here))))))))
(defn generate-configs [config]
(loop [config config
result []]
(if (and (empty? (config :auth)) (empty? (config :websites)))
result
(recur (->
config
(assoc-in [:websites] (rest (config :websites)))
(assoc-in [:auth] (rest (config :auth))))
(merge result
(website/generate-nginx-deployment (flatten-and-reduce-config config))
(website/generate-nginx-configmap (flatten-and-reduce-config config))
(website/generate-nginx-service (flatten-and-reduce-config config))
(website/generate-website-content-volume (flatten-and-reduce-config config))
(website/generate-website-http-ingress (flatten-and-reduce-config config))
(website/generate-website-https-ingress (flatten-and-reduce-config config))
(website/generate-website-certificate (flatten-and-reduce-config config))
(website/generate-website-build-cron (flatten-and-reduce-config config))
(website/generate-website-build-secret (flatten-and-reduce-config config)))))))
(defn k8s-objects [config]
(cm/concat-vec
(map yaml/to-string
(filter #(not (nil? %))
[; multi-case
(website/generate-nginx-deployment (set-multi-fqdn config))
(website/generate-multi-nginx-configmap config)
(website/generate-nginx-service (set-multi-fqdn config))
(website/generate-website-content-volume (set-multi-fqdn config))
(website/generate-multi-ingress config)
(website/generate-multi-certificate config)
(website/generate-website-build-cron (set-multi-fqdn config))
(website/generate-website-build-secret (set-multi-fqdn config))
; single case
(website/generate-nginx-deployment (set-single-fqdn config))
(website/generate-single-nginx-configmap config)
(website/generate-nginx-service (set-single-fqdn config))
(website/generate-website-content-volume (set-single-fqdn config))
(website/generate-single-ingress config)
(website/generate-single-certificate config)
(website/generate-website-build-cron (set-single-repo-url (set-single-fqdn config)))
(website/generate-website-build-secret (set-single-repo-url (set-single-fqdn config)))]))))
; read config,
;
; when multi not empty
; call multi-functions and set value of key :fqdn to first value of key of list of :multi
; then call general functions with modified input
; if single empty, return nil for any single function
; else call single-functions and set value of key :fqdn to value of key of key :single
; then call general functions with modified input
[(generate-configs config)]))))

View file

@ -20,19 +20,31 @@
[input]
(every? true? (map keyword-string? input)))
(s/def ::fqdn pred/fqdn-string?)
(s/def ::fqdn1 pred/fqdn-string?)
(s/def ::fqdn2 pred/fqdn-string?)
(s/def ::single keyword-string?)
(s/def ::multi keyword-string-list?)
(s/def ::issuer pred/letsencrypt-issuer?)
(s/def ::authtoken pred/bash-env-string?)
(s/def ::gitrepourl pred/bash-env-string?)
(defn fqdn-list?
[input]
(every? true? (map pred/fqdn-string? input)))
(def config? (s/keys :req-un [::fqdn ::single ::multi ::fqdn1 ::fqdn2]
;(s/def ::uname pred/fqdn-string?)
;(s/def ::issuer pred/letsencrypt-issuer?)
;(s/def ::authtoken pred/bash-env-string?)
;(s/def ::fqdns fqdn-list?)
;(s/def ::gitea-host pred/fqdn-string?)
;(s/def ::gitea-repo string?)
;(s/def ::branchname string?)
;(s/def ::username string?)
;(def config? (s/keys :req-un [::uname ::fqdns ::gitea-host ::gitea-repo ::branchname]
; :opt-un [::issuer]))
;(def auth? (s/keys :req-un [::authtoken ::username]))
(s/def ::websites vector?)
(s/def ::auth vector?)
(def config? (s/keys :req-un [::websites]
:opt-un [::issuer]))
(def auth? (s/keys :req-un [::authtoken ::gitrepourl ::singlegitrepourl]))
(def auth? (s/keys :req-un [::auth]))
(def volume-size 3)
@ -48,15 +60,16 @@
[uname]
(str (unique-name-from-fqdn uname) "-cert"))
(defn generate-configmap-name
[uname]
(str (unique-name-from-fqdn uname) "-configmap"))
; https://your.gitea.host/api/v1/repos/<owner>/<repo>/archive/main.zip
(defn make-gitrepourl
[host repo user branch]
(str "https://" host "/api/v1/repos/" user "/" repo "/archive/" branch ".zip"))
; ToDo: Move to common?
(defn-spec replace-all-matching-subvalues-in-string-start pred/map-or-seq?
[col string? ;ToDo richtig spec-en
value-to-partly-match string?
value-to-inplace string?]
(defn replace-all-matching-subvalues-in-string-start
[col ;ToDo richtig spec-en
value-to-partly-match
value-to-inplace]
(clojure.walk/postwalk #(if (and (= (type value-to-partly-match) (type %))
(re-matches (re-pattern (str value-to-partly-match ".*")) %))
(str/replace % value-to-partly-match value-to-inplace) %)
@ -65,12 +78,10 @@
#?(:cljs
(defmethod yaml/load-resource :website [resource-name]
(case resource-name
"website/single-certificate.yaml" (rc/inline "website/single-certificate.yaml")
"website/multi-certificate.yaml" (rc/inline "website/multi-certificate.yaml")
"website/single-ingress.yaml" (rc/inline "website/single-ingress.yaml")
"website/multi-ingress.yaml" (rc/inline "website/multi-ingress.yaml")
"website/single-nginx-configmap.yaml" (rc/inline "website/single-nginx-configmap.yaml")
"website/multi-nginx-configmap.yaml" (rc/inline "website/multi-nginx-configmap.yaml")
"website/certificate.yaml" (rc/inline "website/certificate.yaml")
"website/http-ingress.yaml" (rc/inline "website/http-ingress.yaml")
"website/https-ingress.yaml" (rc/inline "website/https-ingress.yaml")
"website/nginx-configmap.yaml" (rc/inline "website/nginx-configmap.yaml")
"website/nginx-deployment.yaml" (rc/inline "website/nginx-deployment.yaml")
"website/nginx-service.yaml" (rc/inline "website/nginx-service.yaml")
"website/website-content-volume.yaml" (rc/inline "website/website-content-volume.yaml")
@ -83,29 +94,23 @@
(defmethod yaml/load-as-edn :website [resource-name]
(yaml/from-string (yaml/load-resource resource-name))))
; ability extend input map (e.g. ingress or cert) with additional values (e.g. FQDNs)
; use for website-ingress generation
(defn add-to-col-within-map [inmap keywordlist value]
(-> inmap
(get-in keywordlist)
(conj value)
(#(assoc-in inmap keywordlist %))))
; generate a list of host-rules from a list of fqdns
(defn make-host-rules-from-fqdns
[rule fqdns]
;function that creates a rule from host names
(map #(assoc-in rule [:host] %) fqdns))
(mapv #(assoc-in rule [:host] %) fqdns))
;create working ingress
(defn generate-common-http-ingress [config]
(defn-spec generate-common-http-ingress pred/map-or-seq?
[config config?]
(let [{:keys [fqdn service-name]} config]
(->
(yaml/load-as-edn "website/http-ingress.yaml")
(cm/replace-all-matching-values-by-new-value "SERVICENAME" service-name)
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn generate-website-http-ingress [config]
(defn-spec generate-website-http-ingress pred/map-or-seq?
[config config?]
(let [{:keys [uname fqdns]} config
fqdn (first fqdns)
spec-rules [:spec :rules]
@ -123,7 +128,8 @@
fqdns))))))
;create working ingress
(defn generate-common-https-ingress [config]
(defn-spec generate-common-https-ingress pred/map-or-seq?
[config config?]
(let [{:keys [fqdn service-name cert-name]} config]
(->
(yaml/load-as-edn "website/https-ingress.yaml")
@ -131,7 +137,8 @@
(cm/replace-all-matching-values-by-new-value "CERTNAME" cert-name)
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn generate-website-https-ingress [config]
(defn-spec generate-website-https-ingress pred/map-or-seq?
[config config?]
(let [{:keys [uname fqdns]} config
fqdn (first fqdns)
spec-rules [:spec :rules]
@ -147,14 +154,14 @@
(#(assoc-in %
spec-tls-hosts
fqdns))
(#(add-to-col-within-map %
spec-rules
(make-host-rules-from-fqdns
(-> % :spec :rules first) ;get first ingress rule
fqdns))))))
(#(assoc-in %
spec-rules
(make-host-rules-from-fqdns
(-> % :spec :rules first) ;get first ingress rule
fqdns))))))
(defn generate-common-certificate
[config]
(defn-spec generate-common-certificate pred/map-or-seq?
[config config?]
(let [{:keys [uname fqdns issuer]
:or {issuer "staging"}} config
fqdn (first fqdns)
@ -166,8 +173,8 @@
(cm/replace-all-matching-values-by-new-value "CERTNAME" cert-name)
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn generate-website-certificate
[config]
(defn-spec generate-website-certificate pred/map-or-seq?
[config config?]
(let [{:keys [fqdns]} config
spec-dnsNames [:spec :dnsNames]]
(->
@ -187,49 +194,55 @@
(defn-spec generate-nginx-deployment pred/map-or-seq?
[config config?]
(let [{:keys [fqdn]} config]
(let [{:keys [uname]} config]
(->
(yaml/load-as-edn "website/nginx-deployment.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn)))))
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn uname)))))
(defn-spec generate-nginx-service pred/map-or-seq?
[config config?]
(let [{:keys [fqdn]} config]
(let [{:keys [uname]} config]
(->
(yaml/load-as-edn "website/nginx-service.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn)))))
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn uname)))))
(defn-spec generate-website-content-volume pred/map-or-seq?
[config config?]
(let [{:keys [fqdn]} config]
(let [{:keys [uname]} config]
(->
(yaml/load-as-edn "website/website-content-volume.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn))
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn uname))
(cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str (str volume-size) "Gi")))))
(defn-spec generate-website-build-cron pred/map-or-seq?
[config config?]
(let [{:keys [fqdn]} config]
(let [{:keys [uname]} config]
(->
(yaml/load-as-edn "website/website-build-cron.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn))
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn uname)))))
(defn-spec generate-website-build-deployment pred/map-or-seq?
[config config?]
(let [{:keys [fqdn]} config]
(let [{:keys [uname]} config]
(->
(yaml/load-as-edn "website/website-build-deployment.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn))
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn uname)))))
(defn-spec generate-website-build-secret pred/map-or-seq?
[auth auth?]
(let [{:keys [fqdn
(let [{:keys [uname
authtoken
gitrepourl]} auth]
gitea-host
gitea-repo
username
branchname]} auth]
(->
(yaml/load-as-edn "website/website-build-secret.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn))
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn uname))
(cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken))
(cm/replace-all-matching-values-by-new-value "URL" (b64/encode gitrepourl)))))
(cm/replace-all-matching-values-by-new-value "URL" (b64/encode
(make-gitrepourl
gitea-host
gitea-repo
username
branchname))))))

View file

@ -16,10 +16,7 @@ spec:
- image: domaindrivenarchitecture/c4k-website-build
name: NAME-build-app
imagePullPolicy: IfNotPresent
command: ["/entrypoint.sh"]
env:
- name: HOSTADRESS
value: FQDN
command: ["/entrypoint.sh"]
envFrom:
- secretRef:
name: NAME-secret

View file

@ -20,10 +20,7 @@ spec:
- image: domaindrivenarchitecture/c4k-website-build
name: NAME-build-app
imagePullPolicy: IfNotPresent
command: ["/entrypoint.sh"]
env:
- name: HOSTADRESS
value: FQDN
command: ["/entrypoint.sh"]
envFrom:
- secretRef:
name: NAME-secret

View file

@ -229,8 +229,7 @@
[{:image "domaindrivenarchitecture/c4k-website-build",
:name "test-de-build-app",
:imagePullPolicy "IfNotPresent",
:command ["/entrypoint.sh"],
:env [{:name "HOSTADRESS", :value "test.de"}],
:command ["/entrypoint.sh"],
:envFrom [{:secretRef {:name "test-de-secret"}}],
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}],
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-de-content-volume"}}],
@ -257,8 +256,7 @@
[{:image "domaindrivenarchitecture/c4k-website-build",
:name "test-de-build-app",
:imagePullPolicy "IfNotPresent",
:command ["/entrypoint.sh"],
:env [{:name "HOSTADRESS", :value "test.de"}],
:command ["/entrypoint.sh"],
:envFrom [{:secretRef {:name "test-de-secret"}}],
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}],
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-de-content-volume"}}]}}}}

View file

@ -1,11 +1,7 @@
{:authtoken "asdfasdfe"
:gitrepourl "https://some.de/path/to/repo.zip"
:singlegitrepourl "https://someother.de/path/to/repo.zip"}
{:auth
[{:name "meissa.io"
:username ""
:authtoken ""}
{:name "dda.io"
:username ""
:authtoken ""}]}
[{:uname "meissa.io"
:username "someuser"
:authtoken "abedjgbasdodj"}
{:uname "dda.io"
:username "someuser"
:authtoken "abedjgbasdodj"}]}

View file

@ -1,20 +1,14 @@
{:fqdn "meissa.de"
:fqdn1 "meissa-gmbh.de"
:fqdn2 "domaindrivenarchitecture.org"
:multi ["fqdn" "fqdn1"]
:single "fqdn2"
:issuer "staging"}
{:issuer "staging"
:websites
[{:uname "meissa.io"
:fqdns ["meissa.de" "meissa-gmbh.de" "www.meissa-gmbh.de"
"www.meissa.de" "www.prod.meissa-gmbh.de" "www.prod.meissa.de"]
:gitea-host "repo.prod.meissa.de"
:gitea-repo "repo"}
; -> "https://" + git-host + "/api/v1/" + user + "/" + git-repo
{:name "dda.io"
:gitea-repo "repo"
:branchname "main"}
{:uname "dda.io"
:fqdns ["domaindrivenarchitecture.org", "www.domaindrivenarchitecture.org",
"www.prod.domaindrivenarchitecture.org"]
:gitea-host "repo.prod.meissa.de"
:gitea-repo "repo"}]}
:gitea-repo "repo"
:branchname "main"}]}