[Skip-CI] WIP Working Yaml Generation

This commit is contained in:
erik 2022-10-12 13:42:44 +02:00
parent b6e500da3b
commit 31f490e286
7 changed files with 137 additions and 136 deletions

View file

@ -7,56 +7,62 @@
(def config-defaults {:issuer "staging"}) (def config-defaults {:issuer "staging"})
(def config? (s/keys :req-un [::website/fqdn (s/def ::websites vector?)
::website/single (s/def ::auth vector?)
::website/multi
::website/fqdn1 (def config? (s/keys :req-un [::websites]
::website/fqdn2]
:opt-un [::website/issuer])) :opt-un [::website/issuer]))
(def auth? (s/keys :req-un [::website/authtoken (def auth? (s/keys :req-un [::auth]))
::website/gitrepourl]))
(defn set-single-repo-url
[config]
(assoc config :gitrepourl (:singlegitrepourl config)))
(defn set-multi-fqdn ; Sets the first value of :multi to be the name giving fqdn (defn flatten-and-reduce-config
[config] [config]
(assoc config :fqdn (keyword ((keyword (first (:multi config))) config))) config) (merge (-> config :websites first) (-> config :auth first) {:issuer (config :issuer)}))
(defn set-single-fqdn ; Sets the value of :single to be the name giving fqdn (defn find-needle [needle haystack]
[config] ;loop binds initial values once,
(assoc config :fqdn ((keyword (:single config)) config))) ;then binds values from each recursion call
(loop [needle needle
maybe-here haystack
not-here '()]
(let [needle? (first maybe-here)]
;test for return or recur
(if (or (= (str needle?) (str needle))
(empty? maybe-here))
;return results
[needle? maybe-here not-here]
;recur calls loop with new values
(recur needle
(rest maybe-here)
(concat not-here (list (first maybe-here))))))))
(defn generate-configs [config]
(loop [config config
result []]
(if (and (empty? (config :auth)) (empty? (config :websites)))
result
(recur (->
config
(assoc-in [:websites] (rest (config :websites)))
(assoc-in [:auth] (rest (config :auth))))
(merge result
(website/generate-nginx-deployment (flatten-and-reduce-config config))
(website/generate-nginx-configmap (flatten-and-reduce-config config))
(website/generate-nginx-service (flatten-and-reduce-config config))
(website/generate-website-content-volume (flatten-and-reduce-config config))
(website/generate-website-http-ingress (flatten-and-reduce-config config))
(website/generate-website-https-ingress (flatten-and-reduce-config config))
(website/generate-website-certificate (flatten-and-reduce-config config))
(website/generate-website-build-cron (flatten-and-reduce-config config))
(website/generate-website-build-secret (flatten-and-reduce-config config)))))))
(defn k8s-objects [config] (defn k8s-objects [config]
(cm/concat-vec (cm/concat-vec
(map yaml/to-string (map yaml/to-string
(filter #(not (nil? %)) (filter #(not (nil? %))
[; multi-case [(generate-configs config)]))))
(website/generate-nginx-deployment (set-multi-fqdn config))
(website/generate-multi-nginx-configmap config)
(website/generate-nginx-service (set-multi-fqdn config))
(website/generate-website-content-volume (set-multi-fqdn config))
(website/generate-multi-ingress config)
(website/generate-multi-certificate config)
(website/generate-website-build-cron (set-multi-fqdn config))
(website/generate-website-build-secret (set-multi-fqdn config))
; single case
(website/generate-nginx-deployment (set-single-fqdn config))
(website/generate-single-nginx-configmap config)
(website/generate-nginx-service (set-single-fqdn config))
(website/generate-website-content-volume (set-single-fqdn config))
(website/generate-single-ingress config)
(website/generate-single-certificate config)
(website/generate-website-build-cron (set-single-repo-url (set-single-fqdn config)))
(website/generate-website-build-secret (set-single-repo-url (set-single-fqdn config)))]))))
; read config,
;
; when multi not empty
; call multi-functions and set value of key :fqdn to first value of key of list of :multi
; then call general functions with modified input
; if single empty, return nil for any single function
; else call single-functions and set value of key :fqdn to value of key of key :single
; then call general functions with modified input

View file

@ -20,19 +20,31 @@
[input] [input]
(every? true? (map keyword-string? input))) (every? true? (map keyword-string? input)))
(s/def ::fqdn pred/fqdn-string?) (defn fqdn-list?
(s/def ::fqdn1 pred/fqdn-string?) [input]
(s/def ::fqdn2 pred/fqdn-string?) (every? true? (map pred/fqdn-string? input)))
(s/def ::single keyword-string?)
(s/def ::multi keyword-string-list?)
(s/def ::issuer pred/letsencrypt-issuer?)
(s/def ::authtoken pred/bash-env-string?)
(s/def ::gitrepourl pred/bash-env-string?)
(def config? (s/keys :req-un [::fqdn ::single ::multi ::fqdn1 ::fqdn2] ;(s/def ::uname pred/fqdn-string?)
;(s/def ::issuer pred/letsencrypt-issuer?)
;(s/def ::authtoken pred/bash-env-string?)
;(s/def ::fqdns fqdn-list?)
;(s/def ::gitea-host pred/fqdn-string?)
;(s/def ::gitea-repo string?)
;(s/def ::branchname string?)
;(s/def ::username string?)
;(def config? (s/keys :req-un [::uname ::fqdns ::gitea-host ::gitea-repo ::branchname]
; :opt-un [::issuer]))
;(def auth? (s/keys :req-un [::authtoken ::username]))
(s/def ::websites vector?)
(s/def ::auth vector?)
(def config? (s/keys :req-un [::websites]
:opt-un [::issuer])) :opt-un [::issuer]))
(def auth? (s/keys :req-un [::authtoken ::gitrepourl ::singlegitrepourl])) (def auth? (s/keys :req-un [::auth]))
(def volume-size 3) (def volume-size 3)
@ -48,15 +60,16 @@
[uname] [uname]
(str (unique-name-from-fqdn uname) "-cert")) (str (unique-name-from-fqdn uname) "-cert"))
(defn generate-configmap-name ; https://your.gitea.host/api/v1/repos/<owner>/<repo>/archive/main.zip
[uname] (defn make-gitrepourl
(str (unique-name-from-fqdn uname) "-configmap")) [host repo user branch]
(str "https://" host "/api/v1/repos/" user "/" repo "/archive/" branch ".zip"))
; ToDo: Move to common? ; ToDo: Move to common?
(defn-spec replace-all-matching-subvalues-in-string-start pred/map-or-seq? (defn replace-all-matching-subvalues-in-string-start
[col string? ;ToDo richtig spec-en [col ;ToDo richtig spec-en
value-to-partly-match string? value-to-partly-match
value-to-inplace string?] value-to-inplace]
(clojure.walk/postwalk #(if (and (= (type value-to-partly-match) (type %)) (clojure.walk/postwalk #(if (and (= (type value-to-partly-match) (type %))
(re-matches (re-pattern (str value-to-partly-match ".*")) %)) (re-matches (re-pattern (str value-to-partly-match ".*")) %))
(str/replace % value-to-partly-match value-to-inplace) %) (str/replace % value-to-partly-match value-to-inplace) %)
@ -65,12 +78,10 @@
#?(:cljs #?(:cljs
(defmethod yaml/load-resource :website [resource-name] (defmethod yaml/load-resource :website [resource-name]
(case resource-name (case resource-name
"website/single-certificate.yaml" (rc/inline "website/single-certificate.yaml") "website/certificate.yaml" (rc/inline "website/certificate.yaml")
"website/multi-certificate.yaml" (rc/inline "website/multi-certificate.yaml") "website/http-ingress.yaml" (rc/inline "website/http-ingress.yaml")
"website/single-ingress.yaml" (rc/inline "website/single-ingress.yaml") "website/https-ingress.yaml" (rc/inline "website/https-ingress.yaml")
"website/multi-ingress.yaml" (rc/inline "website/multi-ingress.yaml") "website/nginx-configmap.yaml" (rc/inline "website/nginx-configmap.yaml")
"website/single-nginx-configmap.yaml" (rc/inline "website/single-nginx-configmap.yaml")
"website/multi-nginx-configmap.yaml" (rc/inline "website/multi-nginx-configmap.yaml")
"website/nginx-deployment.yaml" (rc/inline "website/nginx-deployment.yaml") "website/nginx-deployment.yaml" (rc/inline "website/nginx-deployment.yaml")
"website/nginx-service.yaml" (rc/inline "website/nginx-service.yaml") "website/nginx-service.yaml" (rc/inline "website/nginx-service.yaml")
"website/website-content-volume.yaml" (rc/inline "website/website-content-volume.yaml") "website/website-content-volume.yaml" (rc/inline "website/website-content-volume.yaml")
@ -83,29 +94,23 @@
(defmethod yaml/load-as-edn :website [resource-name] (defmethod yaml/load-as-edn :website [resource-name]
(yaml/from-string (yaml/load-resource resource-name)))) (yaml/from-string (yaml/load-resource resource-name))))
; ability extend input map (e.g. ingress or cert) with additional values (e.g. FQDNs)
; use for website-ingress generation
(defn add-to-col-within-map [inmap keywordlist value]
(-> inmap
(get-in keywordlist)
(conj value)
(#(assoc-in inmap keywordlist %))))
; generate a list of host-rules from a list of fqdns ; generate a list of host-rules from a list of fqdns
(defn make-host-rules-from-fqdns (defn make-host-rules-from-fqdns
[rule fqdns] [rule fqdns]
;function that creates a rule from host names ;function that creates a rule from host names
(map #(assoc-in rule [:host] %) fqdns)) (mapv #(assoc-in rule [:host] %) fqdns))
;create working ingress ;create working ingress
(defn generate-common-http-ingress [config] (defn-spec generate-common-http-ingress pred/map-or-seq?
[config config?]
(let [{:keys [fqdn service-name]} config] (let [{:keys [fqdn service-name]} config]
(-> (->
(yaml/load-as-edn "website/http-ingress.yaml") (yaml/load-as-edn "website/http-ingress.yaml")
(cm/replace-all-matching-values-by-new-value "SERVICENAME" service-name) (cm/replace-all-matching-values-by-new-value "SERVICENAME" service-name)
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn generate-website-http-ingress [config] (defn-spec generate-website-http-ingress pred/map-or-seq?
[config config?]
(let [{:keys [uname fqdns]} config (let [{:keys [uname fqdns]} config
fqdn (first fqdns) fqdn (first fqdns)
spec-rules [:spec :rules] spec-rules [:spec :rules]
@ -123,7 +128,8 @@
fqdns)))))) fqdns))))))
;create working ingress ;create working ingress
(defn generate-common-https-ingress [config] (defn-spec generate-common-https-ingress pred/map-or-seq?
[config config?]
(let [{:keys [fqdn service-name cert-name]} config] (let [{:keys [fqdn service-name cert-name]} config]
(-> (->
(yaml/load-as-edn "website/https-ingress.yaml") (yaml/load-as-edn "website/https-ingress.yaml")
@ -131,7 +137,8 @@
(cm/replace-all-matching-values-by-new-value "CERTNAME" cert-name) (cm/replace-all-matching-values-by-new-value "CERTNAME" cert-name)
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn generate-website-https-ingress [config] (defn-spec generate-website-https-ingress pred/map-or-seq?
[config config?]
(let [{:keys [uname fqdns]} config (let [{:keys [uname fqdns]} config
fqdn (first fqdns) fqdn (first fqdns)
spec-rules [:spec :rules] spec-rules [:spec :rules]
@ -147,14 +154,14 @@
(#(assoc-in % (#(assoc-in %
spec-tls-hosts spec-tls-hosts
fqdns)) fqdns))
(#(add-to-col-within-map % (#(assoc-in %
spec-rules spec-rules
(make-host-rules-from-fqdns (make-host-rules-from-fqdns
(-> % :spec :rules first) ;get first ingress rule (-> % :spec :rules first) ;get first ingress rule
fqdns)))))) fqdns))))))
(defn generate-common-certificate (defn-spec generate-common-certificate pred/map-or-seq?
[config] [config config?]
(let [{:keys [uname fqdns issuer] (let [{:keys [uname fqdns issuer]
:or {issuer "staging"}} config :or {issuer "staging"}} config
fqdn (first fqdns) fqdn (first fqdns)
@ -166,8 +173,8 @@
(cm/replace-all-matching-values-by-new-value "CERTNAME" cert-name) (cm/replace-all-matching-values-by-new-value "CERTNAME" cert-name)
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn generate-website-certificate (defn-spec generate-website-certificate pred/map-or-seq?
[config] [config config?]
(let [{:keys [fqdns]} config (let [{:keys [fqdns]} config
spec-dnsNames [:spec :dnsNames]] spec-dnsNames [:spec :dnsNames]]
(-> (->
@ -187,49 +194,55 @@
(defn-spec generate-nginx-deployment pred/map-or-seq? (defn-spec generate-nginx-deployment pred/map-or-seq?
[config config?] [config config?]
(let [{:keys [fqdn]} config] (let [{:keys [uname]} config]
(-> (->
(yaml/load-as-edn "website/nginx-deployment.yaml") (yaml/load-as-edn "website/nginx-deployment.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn))))) (replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn uname)))))
(defn-spec generate-nginx-service pred/map-or-seq? (defn-spec generate-nginx-service pred/map-or-seq?
[config config?] [config config?]
(let [{:keys [fqdn]} config] (let [{:keys [uname]} config]
(-> (->
(yaml/load-as-edn "website/nginx-service.yaml") (yaml/load-as-edn "website/nginx-service.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn))))) (replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn uname)))))
(defn-spec generate-website-content-volume pred/map-or-seq? (defn-spec generate-website-content-volume pred/map-or-seq?
[config config?] [config config?]
(let [{:keys [fqdn]} config] (let [{:keys [uname]} config]
(-> (->
(yaml/load-as-edn "website/website-content-volume.yaml") (yaml/load-as-edn "website/website-content-volume.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn)) (replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn uname))
(cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str (str volume-size) "Gi"))))) (cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str (str volume-size) "Gi")))))
(defn-spec generate-website-build-cron pred/map-or-seq? (defn-spec generate-website-build-cron pred/map-or-seq?
[config config?] [config config?]
(let [{:keys [fqdn]} config] (let [{:keys [uname]} config]
(-> (->
(yaml/load-as-edn "website/website-build-cron.yaml") (yaml/load-as-edn "website/website-build-cron.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn)) (replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn uname)))))
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn-spec generate-website-build-deployment pred/map-or-seq? (defn-spec generate-website-build-deployment pred/map-or-seq?
[config config?] [config config?]
(let [{:keys [fqdn]} config] (let [{:keys [uname]} config]
(-> (->
(yaml/load-as-edn "website/website-build-deployment.yaml") (yaml/load-as-edn "website/website-build-deployment.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn)) (replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn uname)))))
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn-spec generate-website-build-secret pred/map-or-seq? (defn-spec generate-website-build-secret pred/map-or-seq?
[auth auth?] [auth auth?]
(let [{:keys [fqdn (let [{:keys [uname
authtoken authtoken
gitrepourl]} auth] gitea-host
gitea-repo
username
branchname]} auth]
(-> (->
(yaml/load-as-edn "website/website-build-secret.yaml") (yaml/load-as-edn "website/website-build-secret.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn)) (replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn uname))
(cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken)) (cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken))
(cm/replace-all-matching-values-by-new-value "URL" (b64/encode gitrepourl))))) (cm/replace-all-matching-values-by-new-value "URL" (b64/encode
(make-gitrepourl
gitea-host
gitea-repo
username
branchname))))))

View file

@ -17,9 +17,6 @@ spec:
name: NAME-build-app name: NAME-build-app
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
command: ["/entrypoint.sh"] command: ["/entrypoint.sh"]
env:
- name: HOSTADRESS
value: FQDN
envFrom: envFrom:
- secretRef: - secretRef:
name: NAME-secret name: NAME-secret

View file

@ -21,9 +21,6 @@ spec:
name: NAME-build-app name: NAME-build-app
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
command: ["/entrypoint.sh"] command: ["/entrypoint.sh"]
env:
- name: HOSTADRESS
value: FQDN
envFrom: envFrom:
- secretRef: - secretRef:
name: NAME-secret name: NAME-secret

View file

@ -230,7 +230,6 @@
:name "test-de-build-app", :name "test-de-build-app",
:imagePullPolicy "IfNotPresent", :imagePullPolicy "IfNotPresent",
:command ["/entrypoint.sh"], :command ["/entrypoint.sh"],
:env [{:name "HOSTADRESS", :value "test.de"}],
:envFrom [{:secretRef {:name "test-de-secret"}}], :envFrom [{:secretRef {:name "test-de-secret"}}],
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}], :volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}],
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-de-content-volume"}}], :volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-de-content-volume"}}],
@ -258,7 +257,6 @@
:name "test-de-build-app", :name "test-de-build-app",
:imagePullPolicy "IfNotPresent", :imagePullPolicy "IfNotPresent",
:command ["/entrypoint.sh"], :command ["/entrypoint.sh"],
:env [{:name "HOSTADRESS", :value "test.de"}],
:envFrom [{:secretRef {:name "test-de-secret"}}], :envFrom [{:secretRef {:name "test-de-secret"}}],
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}], :volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}],
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-de-content-volume"}}]}}}} :volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-de-content-volume"}}]}}}}

View file

@ -1,11 +1,7 @@
{:authtoken "asdfasdfe"
:gitrepourl "https://some.de/path/to/repo.zip"
:singlegitrepourl "https://someother.de/path/to/repo.zip"}
{:auth {:auth
[{:name "meissa.io" [{:uname "meissa.io"
:username "" :username "someuser"
:authtoken ""} :authtoken "abedjgbasdodj"}
{:name "dda.io" {:uname "dda.io"
:username "" :username "someuser"
:authtoken ""}]} :authtoken "abedjgbasdodj"}]}

View file

@ -1,20 +1,14 @@
{:fqdn "meissa.de"
:fqdn1 "meissa-gmbh.de"
:fqdn2 "domaindrivenarchitecture.org"
:multi ["fqdn" "fqdn1"]
:single "fqdn2"
:issuer "staging"}
{:issuer "staging" {:issuer "staging"
:websites :websites
[{:uname "meissa.io" [{:uname "meissa.io"
:fqdns ["meissa.de" "meissa-gmbh.de" "www.meissa-gmbh.de" :fqdns ["meissa.de" "meissa-gmbh.de" "www.meissa-gmbh.de"
"www.meissa.de" "www.prod.meissa-gmbh.de" "www.prod.meissa.de"] "www.meissa.de" "www.prod.meissa-gmbh.de" "www.prod.meissa.de"]
:gitea-host "repo.prod.meissa.de" :gitea-host "repo.prod.meissa.de"
:gitea-repo "repo"} :gitea-repo "repo"
; -> "https://" + git-host + "/api/v1/" + user + "/" + git-repo :branchname "main"}
{:name "dda.io" {:uname "dda.io"
:fqdns ["domaindrivenarchitecture.org", "www.domaindrivenarchitecture.org", :fqdns ["domaindrivenarchitecture.org", "www.domaindrivenarchitecture.org",
"www.prod.domaindrivenarchitecture.org"] "www.prod.domaindrivenarchitecture.org"]
:gitea-host "repo.prod.meissa.de" :gitea-host "repo.prod.meissa.de"
:gitea-repo "repo"}]} :gitea-repo "repo"
:branchname "main"}]}