diff --git a/doc/Releasing.md b/doc/Releasing.md index e3aa755..e8980b0 100644 --- a/doc/Releasing.md +++ b/doc/Releasing.md @@ -1,14 +1,21 @@ -# stable release (should be done from master) +# Release process for stable release +``` bash +git checkout main # for old projects replace main with master ``` -#adjust [version] -vi package.json +Open package.json, find ":version" keyword and remove "-SNAPSHOT" from version number. + +``` bash lein release git push --follow-tags +``` -# bump version - increase version and add -SNAPSHOT -vi package.json +Open package.json again, increase version increment by one and add "-SNAPSHOT". + +``` bash git commit -am "version bump" git push -``` \ No newline at end of file +``` + +Done. \ No newline at end of file diff --git a/src/main/cljc/dda/c4k_website/website.cljc b/src/main/cljc/dda/c4k_website/website.cljc index 47eb265..f8f3b7f 100644 --- a/src/main/cljc/dda/c4k_website/website.cljc +++ b/src/main/cljc/dda/c4k_website/website.cljc @@ -41,6 +41,14 @@ [fqdn] (st/replace fqdn #"\." "-")) +(defn generate-service-name + [name] + (str (unique-name-from-fqdn name) "-service")) + +(defn generate-cert-name + [name] + (str (unique-name-from-fqdn name) "-cert")) + ; ToDo: Move to common? (defn-spec replace-all-matching-subvalues-in-string-start pred/map-or-seq? [col string? ;ToDo richtig spec-en @@ -72,6 +80,103 @@ (defmethod yaml/load-as-edn :website [resource-name] (yaml/from-string (yaml/load-resource resource-name)))) +; ability extend input map (e.g. ingress or cert) with additional values (e.g. FQDNs) +; use for website-ingress generation +(defn add-to-col-within-map [inmap keywordlist value] + (-> inmap + (get-in keywordlist) + (conj value) + (#(assoc-in inmap keywordlist %)))) + +; generate a list of host-rules from a list of fqdns +(defn make-host-rules-from-fqdns + [rule fqdns] + ;function that creates a rule from host names + (map #(assoc-in rule [:host] %) fqdns)) + +;create working ingress +(defn generate-common-http-ingress [config] + (let [{:keys [fqdn service-name]} config] + (-> + (yaml/load-as-edn "website/http-ingress.yaml") + (cm/replace-all-matching-values-by-new-value "SERVICENAME" service-name) + (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) + +(defn generate-website-http-ingress [config] + (let [{:keys [uname fqdns]} config + fqdn (first fqdns) + spec-rules [:spec :rules] + service-name (generate-service-name uname)] + (-> + (generate-common-http-ingress + {:fqdn fqdn :service-name service-name}) + (assoc-in + [:metadata :name] + (str (unique-name-from-fqdn uname) "-http-ingress")) + (#(assoc-in % + spec-rules + (make-host-rules-from-fqdns + (-> % :spec :rules first) ;get first ingress rule + fqdns)))))) + +;create working ingress +(defn generate-common-https-ingress [config] + (let [{:keys [fqdn service-name cert-name]} config] + (-> + (yaml/load-as-edn "website/https-ingress.yaml") + (cm/replace-all-matching-values-by-new-value "SERVICENAME" service-name) + (cm/replace-all-matching-values-by-new-value "CERTNAME" cert-name) + (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) + +(defn generate-website-https-ingress [config] + (let [{:keys [uname fqdns]} config + fqdn (first fqdns) + spec-rules [:spec :rules] + spec-tls-hosts [:spec :tls 0 :hosts] + service-name (generate-service-name uname) + cert-name (generate-cert-name uname)] + (-> + (generate-common-https-ingress + {:fqdn fqdn :service-name service-name :cert-name cert-name}) + (assoc-in + [:metadata :name] + (str (unique-name-from-fqdn uname) "-https-ingress")) + (#(assoc-in % + spec-tls-hosts + fqdns)) + (#(add-to-col-within-map % + spec-rules + (make-host-rules-from-fqdns + (-> % :spec :rules first) ;get first ingress rule + fqdns)))))) + +(defn generate-common-certificate + [config] + (let [{:keys [uname fqdns issuer] + :or {issuer "staging"}} config + fqdn (first fqdns) + letsencrypt-issuer (name issuer) + cert-name (generate-cert-name uname)] + (-> + (yaml/load-as-edn "website/certificate.yaml") + (assoc-in [:spec :issuerRef :name] letsencrypt-issuer) + (cm/replace-all-matching-values-by-new-value "CERTNAME" cert-name) + (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) + +(defn generate-website-certificate + [config] + (let [{:keys [uname fqdns issuer] + :or {issuer "staging"}} config + fqdn (first fqdns) + spec-dnsNames [:spec :dnsNames] + letsencrypt-issuer (name issuer) + cert-name (generate-cert-name uname)] + (-> + (yaml/load-as-edn "website/certificate.yaml") + (assoc-in [:spec :issuerRef :name] letsencrypt-issuer) + (cm/replace-all-matching-values-by-new-value "CERTNAME" cert-name) + (cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) + (defn-spec generate-single-certificate pred/map-or-seq? [config config?] (let [{:keys [issuer single] diff --git a/src/main/resources/website/http-ingress.yaml b/src/main/resources/website/http-ingress.yaml new file mode 100644 index 0000000..be0b862 --- /dev/null +++ b/src/main/resources/website/http-ingress.yaml @@ -0,0 +1,20 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: http-ingress + namespace: default + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: web + traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd +spec: + rules: + - host: FQDN + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: SERVICENAME + port: + number: 80 diff --git a/src/main/resources/website/https-ingress.yaml b/src/main/resources/website/https-ingress.yaml new file mode 100644 index 0000000..4daf1e3 --- /dev/null +++ b/src/main/resources/website/https-ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: https-ingress-gitea + namespace: default + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" +spec: + tls: + - hosts: + - FQDN + secretName: CERTNAME + rules: + - host: FQDN + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: SERVICENAME + port: + number: 80 diff --git a/valid-auth.edn b/valid-auth.edn index 24174e6..b9b499e 100644 --- a/valid-auth.edn +++ b/valid-auth.edn @@ -2,4 +2,10 @@ :gitrepourl "https://some.de/path/to/repo.zip" :singlegitrepourl "https://someother.de/path/to/repo.zip"} -{:auth [{:name "meissa.io" :username "" :auth-token ""}]} +{:auth + [{:name "meissa.io" + :username "" + :authtoken ""} + {:name "dda.io" + :username "" + :authtoken ""}]} diff --git a/valid-config.edn b/valid-config.edn index 17c37a9..905e23b 100644 --- a/valid-config.edn +++ b/valid-config.edn @@ -1,20 +1,20 @@ {:fqdn "meissa.de" :fqdn1 "meissa-gmbh.de" :fqdn2 "domaindrivenarchitecture.org" - :multi ["fqdn", "fqdn1"] + :multi ["fqdn" "fqdn1"] :single "fqdn2" :issuer "staging"} {:issuer "staging" :websites [{:name "meissa.io" - :fqdns ["meissa.de", "meissa-gmbh.de", "www.meissa-gmbh.de", - "www.meissa.de", "www.prod.meissa-gmbh.de", "www.prod.meissa.de"] + :fqdns ["meissa.de" "meissa-gmbh.de" "www.meissa-gmbh.de" + "www.meissa.de" "www.prod.meissa-gmbh.de" "www.prod.meissa.de"] :gitea-host "repo.prod.meissa.de" :gitea-repo "repo"} ; -> "https://" + git-host + "/api/v1/" + user + "/" + git-repo - {:fqdns ["domaindrivenarchitecture.org", "www.domaindrivenarchitecture.org", + {:name "dda.io" + :fqdns ["domaindrivenarchitecture.org", "www.domaindrivenarchitecture.org", "www.prod.domaindrivenarchitecture.org"] - :git-url ""} - ] - } \ No newline at end of file + :gitea-host "repo.prod.meissa.de" + :gitea-repo "repo"}]}