|
|
@ -5,8 +5,8 @@
|
|
|
|
[clojure.spec.test.alpha :as st]
|
|
|
|
[clojure.spec.test.alpha :as st]
|
|
|
|
[dda.c4k-common.test-helper :as th]
|
|
|
|
[dda.c4k-common.test-helper :as th]
|
|
|
|
[dda.c4k-common.base64 :as b64]
|
|
|
|
[dda.c4k-common.base64 :as b64]
|
|
|
|
[dda.c4k-website.website :as cut]
|
|
|
|
[dda.c4k-website.website :as cut]
|
|
|
|
[dda.c4k-website.core :as cutc]))
|
|
|
|
[clojure.spec.alpha :as s]))
|
|
|
|
|
|
|
|
|
|
|
|
(st/instrument `cut/generate-http-ingress)
|
|
|
|
(st/instrument `cut/generate-http-ingress)
|
|
|
|
(st/instrument `cut/generate-https-ingress)
|
|
|
|
(st/instrument `cut/generate-https-ingress)
|
|
|
@ -19,6 +19,29 @@
|
|
|
|
(st/instrument `cut/generate-website-build-deployment)
|
|
|
|
(st/instrument `cut/generate-website-build-deployment)
|
|
|
|
(st/instrument `cut/generate-website-build-secret)
|
|
|
|
(st/instrument `cut/generate-website-build-secret)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(deftest should-be-valid-website-auth-spec
|
|
|
|
|
|
|
|
(is (true? (s/valid? cut/auth? {:auth
|
|
|
|
|
|
|
|
[{:unique-name "test.io"
|
|
|
|
|
|
|
|
:username "someuser"
|
|
|
|
|
|
|
|
:authtoken "abedjgbasdodj"}
|
|
|
|
|
|
|
|
{:unique-name "example.io"
|
|
|
|
|
|
|
|
:username "someuser"
|
|
|
|
|
|
|
|
:authtoken "abedjgbasdodj"}]}))))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(deftest should-be-valid-website-conf-spec
|
|
|
|
|
|
|
|
(is (true? (s/valid? cut/config? {:issuer "staging"
|
|
|
|
|
|
|
|
:websites
|
|
|
|
|
|
|
|
[{:unique-name "test.io" ;
|
|
|
|
|
|
|
|
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"]
|
|
|
|
|
|
|
|
:gitea-host "gitlab.de"
|
|
|
|
|
|
|
|
:gitea-repo "repo"
|
|
|
|
|
|
|
|
:branchname "main"}
|
|
|
|
|
|
|
|
{:unique-name "example.io"
|
|
|
|
|
|
|
|
:fqdns ["example.org", "www.example.com"]
|
|
|
|
|
|
|
|
:gitea-host "finegitehost.net"
|
|
|
|
|
|
|
|
:gitea-repo "repo"
|
|
|
|
|
|
|
|
:branchname "main"}]}))))
|
|
|
|
|
|
|
|
|
|
|
|
(deftest should-generate-http-ingress
|
|
|
|
(deftest should-generate-http-ingress
|
|
|
|
(is (= {:apiVersion "networking.k8s.io/v1",
|
|
|
|
(is (= {:apiVersion "networking.k8s.io/v1",
|
|
|
|
:kind "Ingress",
|
|
|
|
:kind "Ingress",
|
|
|
@ -42,7 +65,11 @@
|
|
|
|
{:host "www.test-it.de",
|
|
|
|
{:host "www.test-it.de",
|
|
|
|
:http
|
|
|
|
:http
|
|
|
|
{:paths [{:pathType "Prefix", :path "/", :backend {:service {:name "test-io-service", :port {:number 80}}}}]}}]}}
|
|
|
|
{:paths [{:pathType "Prefix", :path "/", :backend {:service {:name "test-io-service", :port {:number 80}}}}]}}]}}
|
|
|
|
(cut/generate-website-http-ingress {:uname "test.io"
|
|
|
|
(cut/generate-website-http-ingress {:unique-name "test.io"
|
|
|
|
|
|
|
|
:gitea-host "gitea.evilorg"
|
|
|
|
|
|
|
|
:gitea-repo "none"
|
|
|
|
|
|
|
|
:branchname "mablain"
|
|
|
|
|
|
|
|
:issuer "prod"
|
|
|
|
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))
|
|
|
|
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))
|
|
|
|
|
|
|
|
|
|
|
|
(deftest should-generate-https-ingress
|
|
|
|
(deftest should-generate-https-ingress
|
|
|
@ -67,18 +94,22 @@
|
|
|
|
{:host "www.test-it.de",
|
|
|
|
{:host "www.test-it.de",
|
|
|
|
:http
|
|
|
|
:http
|
|
|
|
{:paths [{:pathType "Prefix", :path "/", :backend {:service {:name "test-io-service", :port {:number 80}}}}]}}]}}
|
|
|
|
{:paths [{:pathType "Prefix", :path "/", :backend {:service {:name "test-io-service", :port {:number 80}}}}]}}]}}
|
|
|
|
(cut/generate-website-https-ingress {:uname "test.io"
|
|
|
|
(cut/generate-website-https-ingress {:unique-name "test.io"
|
|
|
|
|
|
|
|
:gitea-host "gitea.evilorg"
|
|
|
|
|
|
|
|
:gitea-repo "none"
|
|
|
|
|
|
|
|
:branchname "mablain"
|
|
|
|
|
|
|
|
:issuer "prod"
|
|
|
|
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))
|
|
|
|
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))
|
|
|
|
|
|
|
|
|
|
|
|
(deftest should-generate-website-certificate
|
|
|
|
(deftest should-generate-website-certificate
|
|
|
|
(is (= {:name-c1 "prod", :name-c2 "staging"}
|
|
|
|
(is (= {:name-c1 "prod", :name-c2 "staging"}
|
|
|
|
(th/map-diff (cut/generate-website-certificate {:uname "test.io"
|
|
|
|
(th/map-diff (cut/generate-website-certificate {:unique-name "test.io"
|
|
|
|
:gitea-host "gitea.evilorg"
|
|
|
|
:gitea-host "gitea.evilorg"
|
|
|
|
:gitea-repo "none"
|
|
|
|
:gitea-repo "none"
|
|
|
|
:branchname "mablain"
|
|
|
|
:branchname "mablain"
|
|
|
|
:issuer "prod"
|
|
|
|
:issuer "prod"
|
|
|
|
:fqdns ["test.org" "test.de"]})
|
|
|
|
:fqdns ["test.org" "test.de"]})
|
|
|
|
(cut/generate-website-certificate {:uname "test.io"
|
|
|
|
(cut/generate-website-certificate {:unique-name "test.io"
|
|
|
|
:gitea-host "gitea.evilorg"
|
|
|
|
:gitea-host "gitea.evilorg"
|
|
|
|
:gitea-repo "none"
|
|
|
|
:gitea-repo "none"
|
|
|
|
:branchname "mablain"
|
|
|
|
:branchname "mablain"
|
|
|
@ -90,12 +121,12 @@
|
|
|
|
:website.conf-c2 "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n listen 443 ssl;\n ssl_certificate /etc/certs/tls.crt;\n ssl_certificate_key /etc/certs/tls.key;\n server_name example.de www.example.de example-by.de www.example-by.de; \n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';\n add_header Content-Security-Policy \"default-src 'self'; font-src *;img-src * data:; script-src *; style-src *\";\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n}\n",
|
|
|
|
:website.conf-c2 "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n listen 443 ssl;\n ssl_certificate /etc/certs/tls.crt;\n ssl_certificate_key /etc/certs/tls.key;\n server_name example.de www.example.de example-by.de www.example-by.de; \n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';\n add_header Content-Security-Policy \"default-src 'self'; font-src *;img-src * data:; script-src *; style-src *\";\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n}\n",
|
|
|
|
:name-c1 "test-io-configmap",
|
|
|
|
:name-c1 "test-io-configmap",
|
|
|
|
:name-c2 "example-io-configmap"}
|
|
|
|
:name-c2 "example-io-configmap"}
|
|
|
|
(th/map-diff (cut/generate-nginx-configmap {:uname "test.io",
|
|
|
|
(th/map-diff (cut/generate-nginx-configmap {:unique-name "test.io",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:branchname "mablain",
|
|
|
|
:branchname "mablain",
|
|
|
|
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})
|
|
|
|
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})
|
|
|
|
(cut/generate-nginx-configmap {:uname "example.io",
|
|
|
|
(cut/generate-nginx-configmap {:unique-name "example.io",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:branchname "mablain",
|
|
|
|
:branchname "mablain",
|
|
|
@ -134,7 +165,7 @@
|
|
|
|
{:name "website-cert",
|
|
|
|
{:name "website-cert",
|
|
|
|
:secret
|
|
|
|
:secret
|
|
|
|
{:secretName "test-io-cert", :items [{:key "tls.crt", :path "tls.crt"} {:key "tls.key", :path "tls.key"}]}}]}}}}
|
|
|
|
{:secretName "test-io-cert", :items [{:key "tls.crt", :path "tls.crt"} {:key "tls.key", :path "tls.key"}]}}]}}}}
|
|
|
|
(cut/generate-nginx-deployment {:uname "test.io",
|
|
|
|
(cut/generate-nginx-deployment {:unique-name "test.io",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:branchname "mablain",
|
|
|
|
:branchname "mablain",
|
|
|
@ -145,12 +176,12 @@
|
|
|
|
:name-c2 "test-org-service",
|
|
|
|
:name-c2 "test-org-service",
|
|
|
|
:app-c1 "test-io-nginx",
|
|
|
|
:app-c1 "test-io-nginx",
|
|
|
|
:app-c2 "test-org-nginx"}
|
|
|
|
:app-c2 "test-org-nginx"}
|
|
|
|
(th/map-diff (cut/generate-nginx-service {:uname "test.io",
|
|
|
|
(th/map-diff (cut/generate-nginx-service {:unique-name "test.io",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:branchname "mablain",
|
|
|
|
:branchname "mablain",
|
|
|
|
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})
|
|
|
|
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})
|
|
|
|
(cut/generate-nginx-service {:uname "test.org",
|
|
|
|
(cut/generate-nginx-service {:unique-name "test.org",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:branchname "mablain",
|
|
|
|
:branchname "mablain",
|
|
|
@ -177,7 +208,7 @@
|
|
|
|
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}],
|
|
|
|
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}],
|
|
|
|
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}}],
|
|
|
|
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}}],
|
|
|
|
:restartPolicy "OnFailure"}}}}}}
|
|
|
|
:restartPolicy "OnFailure"}}}}}}
|
|
|
|
(cut/generate-website-build-cron {:uname "test.io",
|
|
|
|
(cut/generate-website-build-cron {:unique-name "test.io",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:branchname "mablain",
|
|
|
|
:branchname "mablain",
|
|
|
@ -203,7 +234,7 @@
|
|
|
|
:envFrom [{:secretRef {:name "test-io-secret"}}],
|
|
|
|
:envFrom [{:secretRef {:name "test-io-secret"}}],
|
|
|
|
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}],
|
|
|
|
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}],
|
|
|
|
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}}]}}}}
|
|
|
|
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}}]}}}}
|
|
|
|
(cut/generate-website-build-deployment {:uname "test.io",
|
|
|
|
(cut/generate-website-build-deployment {:unique-name "test.io",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:branchname "mablain",
|
|
|
|
:branchname "mablain",
|
|
|
@ -216,13 +247,13 @@
|
|
|
|
:AUTHTOKEN-c2 (b64/encode "token2"),
|
|
|
|
:AUTHTOKEN-c2 (b64/encode "token2"),
|
|
|
|
:GITREPOURL-c1 (b64/encode "https://gitlab.org/api/v1/repos/dumpty/websitebau/archive/testname.zip"),
|
|
|
|
:GITREPOURL-c1 (b64/encode "https://gitlab.org/api/v1/repos/dumpty/websitebau/archive/testname.zip"),
|
|
|
|
:GITREPOURL-c2 (b64/encode "https://github.com/api/v1/repos/humpty/websitedachs/archive/testname.zip")}
|
|
|
|
:GITREPOURL-c2 (b64/encode "https://github.com/api/v1/repos/humpty/websitedachs/archive/testname.zip")}
|
|
|
|
(th/map-diff (cut/generate-website-build-secret {:uname "test.io",
|
|
|
|
(th/map-diff (cut/generate-website-build-secret {:unique-name "test.io",
|
|
|
|
:authtoken "token1",
|
|
|
|
:authtoken "token1",
|
|
|
|
:gitea-host "gitlab.org",
|
|
|
|
:gitea-host "gitlab.org",
|
|
|
|
:gitea-repo "websitebau",
|
|
|
|
:gitea-repo "websitebau",
|
|
|
|
:username "dumpty",
|
|
|
|
:username "dumpty",
|
|
|
|
:branchname "testname"})
|
|
|
|
:branchname "testname"})
|
|
|
|
(cut/generate-website-build-secret {:uname "test.org",
|
|
|
|
(cut/generate-website-build-secret {:unique-name "test.org",
|
|
|
|
:authtoken "token2",
|
|
|
|
:authtoken "token2",
|
|
|
|
:gitea-host "github.com",
|
|
|
|
:gitea-host "github.com",
|
|
|
|
:gitea-repo "websitedachs",
|
|
|
|
:gitea-repo "websitedachs",
|
|
|
@ -234,12 +265,12 @@
|
|
|
|
:name-c2 "test-org-content-volume",
|
|
|
|
:name-c2 "test-org-content-volume",
|
|
|
|
:app-c1 "test-io-nginx",
|
|
|
|
:app-c1 "test-io-nginx",
|
|
|
|
:app-c2 "test-org-nginx"}
|
|
|
|
:app-c2 "test-org-nginx"}
|
|
|
|
(th/map-diff (cut/generate-website-content-volume {:uname "test.io",
|
|
|
|
(th/map-diff (cut/generate-website-content-volume {:unique-name "test.io",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:branchname "mablain",
|
|
|
|
:branchname "mablain",
|
|
|
|
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})
|
|
|
|
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})
|
|
|
|
(cut/generate-website-content-volume {:uname "test.org",
|
|
|
|
(cut/generate-website-content-volume {:unique-name "test.org",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-host "gitea.evilorg",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:gitea-repo "none",
|
|
|
|
:branchname "mablain",
|
|
|
|
:branchname "mablain",
|
|
|
|