From 0cf35755f9911fd3ad5d3962b95e6de783d564a4 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Mon, 26 Feb 2024 13:55:33 +0100 Subject: [PATCH 01/11] simplify naming & introduce dedicated internal --- doc/architecture.md | 62 +++++ src/main/cljc/dda/c4k_website/core.cljc | 24 +- src/main/cljc/dda/c4k_website/website.cljc | 213 ++-------------- .../c4k_website/website/website_internal.cljc | 235 ++++++++++++++++++ .../resources/website/nginx-configmap.yaml | 2 +- .../resources/website/nginx-deployment.yaml | 8 +- src/main/resources/website/nginx-service.yaml | 10 +- .../website/website_internal_test.cljc | 228 +++++++++++++++++ .../cljc/dda/c4k_website/website_test.cljc | 178 +------------ 9 files changed, 583 insertions(+), 377 deletions(-) create mode 100644 src/main/cljc/dda/c4k_website/website/website_internal.cljc create mode 100644 src/test/cljc/dda/c4k_website/website/website_internal_test.cljc diff --git a/doc/architecture.md b/doc/architecture.md index 741b82e..d3b551e 100644 --- a/doc/architecture.md +++ b/doc/architecture.md @@ -17,3 +17,65 @@ sequenceDiagram j ->> j: cp /target/html to website deactivate j ``` + +# Runtime view + +For the example configuration + +```yaml +issuer: "staging" +websites: +- unique-name: "test.io" + fqdns: ["test.de", "test.org", "www.test.de", "www.test.org"] + forgejo-host: "codeberg.org" + forgejo-repo: "repo" + branchname: "main" +- unique-name: "example.io" + fqdns: ["example.org", "www.example.com"] + forgejo-host: "fineForgejoHost.net" + forgejo-repo: "repo" + branchname: "main" +mon-cfg: + grafana-cloud-url: "url-for-your-prom-remote-write-endpoint" + cluster-name: "website" + cluster-stage: "test" +``` + +the website runtime looks like: + +```mermaid +C4Context + title c4k-webserver + Boundary(k8s, "cluster") { + Boundary(test_io, "namespace test-io"){ + System(website_ingt, "ingress f. test.de") + Boundary(test_de_srv_t, "webserver") { + System(wst, "webserver") + SystemDb(file_htmlt, "static html") + Rel(wst, file_htmlt, "file ro") + } + Boundary(aab, "cron generate website") { + System(git_clonet, "git clone/pull & generate.sh & copy to static html") + SystemDb(file_gitt, "git repo for test.io") + Rel(git_clonet, file_gitt, "file rw") + Rel(file_gitt, file_htmlt, "file rw") + } + } + Rel(website_ingt, wst, "http") + Boundary(example_io, "namespace example-io"){ + System(website_inge, "ingress f. example.org") + Boundary(test_de_srv_e, "webserver") { + System(wse, "webserver") + SystemDb(file_htmle, "static html") + Rel(wse, file_htmle, "file ro") + } + Boundary(aeb, "cron generate website") { + System(git_clonee, "git clone/pull & generate.sh & copy to static html") + SystemDb(file_gite, "git repo for example.io") + Rel(git_clonee, file_gite, "file rw") + Rel(file_gite, file_htmle, "file rw") + } + } + Rel(website_inge, wse, "http") + } +``` diff --git a/src/main/cljc/dda/c4k_website/core.cljc b/src/main/cljc/dda/c4k_website/core.cljc index 2a155b6..6cf1b10 100644 --- a/src/main/cljc/dda/c4k_website/core.cljc +++ b/src/main/cljc/dda/c4k_website/core.cljc @@ -49,7 +49,9 @@ [auth auth?] (-> auth :auth first)) -(defn generate-configs [config auth] +(defn-spec generate seq? + [config config? + auth auth?] (loop [config (sort-config config) auth (sort-auth auth) result []] @@ -64,14 +66,16 @@ (assoc-in [:auth] (rest (auth :auth)))) (conj result (website/generate-nginx-deployment (flatten-and-reduce-config config)) - (website/generate-nginx-configmap (flatten-and-reduce-config config)) - (website/generate-nginx-service (flatten-and-reduce-config config)) - (website/generate-website-content-volume (flatten-and-reduce-config config)) - (website/generate-hashfile-volume (flatten-and-reduce-config config)) - (website/generate-website-ingress (flatten-and-reduce-config config)) - (website/generate-website-certificate (flatten-and-reduce-config config)) - (website/generate-website-build-cron (flatten-and-reduce-config config)) - (website/generate-website-build-secret (flatten-and-reduce-config config) (flatten-and-reduce-auth auth))))))) + ;(website/generate-nginx-configmap (flatten-and-reduce-config config)) + ;(website/generate-nginx-service (flatten-and-reduce-config config)) + ;(website/generate-website-content-volume (flatten-and-reduce-config config)) + ;(website/generate-hashfile-volume (flatten-and-reduce-config config)) + ;(website/generate-website-ingress (flatten-and-reduce-config config)) + ;(website/generate-website-certificate (flatten-and-reduce-config config)) + ;(website/generate-website-build-cron (flatten-and-reduce-config config)) + ;(website/generate-website-build-secret (flatten-and-reduce-config config) + ; (flatten-and-reduce-auth auth)) + ))))) (defn-spec k8s-objects cp/map-or-seq? [config config? @@ -81,6 +85,6 @@ (filter #(not (nil? %)) (cm/concat-vec - (generate-configs config auth) + (generate config auth) (when (:contains? config :mon-cfg) (mon/generate (:mon-cfg config) (:mon-auth auth)))))))) diff --git a/src/main/cljc/dda/c4k_website/website.cljc b/src/main/cljc/dda/c4k_website/website.cljc index baaaae1..77e3ba0 100644 --- a/src/main/cljc/dda/c4k_website/website.cljc +++ b/src/main/cljc/dda/c4k_website/website.cljc @@ -3,32 +3,21 @@ [clojure.spec.alpha :as s] #?(:clj [orchestra.core :refer [defn-spec]] :cljs [orchestra.core :refer-macros [defn-spec]]) - #?(:cljs [dda.c4k-common.macros :refer-macros [inline-resources]]) - [dda.c4k-common.yaml :as yaml] - [dda.c4k-common.common :as cm] - [dda.c4k-common.base64 :as b64] - [dda.c4k-common.predicate :as pred] - [dda.c4k-common.ingress :as ing] - [clojure.string :as str])) + [dda.c4k-website.website.website-internal :as int])) -(defn fqdn-list? - [input] - (every? true? (map pred/fqdn-string? input))) - -(s/def ::unique-name string?) -(s/def ::sha256sum-output string?) -(s/def ::issuer pred/letsencrypt-issuer?) -(s/def ::volume-size pred/integer-string?) -(s/def ::authtoken pred/bash-env-string?) -(s/def ::fqdns (s/coll-of pred/fqdn-string?)) -(s/def ::forgejo-host pred/fqdn-string?) -(s/def ::forgejo-repo string?) -(s/def ::branchname string?) -(s/def ::username string?) -(s/def ::build-cpu-request string?) -(s/def ::build-memory-request string?) -(s/def ::build-cpu-limit string?) -(s/def ::build-memory-limit string?) +(s/def ::unique-name ::int/unique-name) +(s/def ::issuer ::int/issuer) +(s/def ::volume-size ::int/volume-size) +(s/def ::authtoken ::int/authtoken) +(s/def ::fqdns ::int/fqdns) +(s/def ::forgejo-host ::int/forgejo-host) +(s/def ::forgejo-repo ::int/forgejo-repo) +(s/def ::branchname ::int/branchname) +(s/def ::username ::int/username) +(s/def ::build-cpu-request ::int/build-cpu-request) +(s/def ::build-memory-request ::int/build-memory-request) +(s/def ::build-cpu-limit ::int/build-cpu-limit) +(s/def ::build-memory-limit ::int/build-memory-limit) (def websiteconfig? (s/keys :req-un [::unique-name ::fqdns @@ -44,169 +33,15 @@ (def websiteauth? (s/keys :req-un [::unique-name ::username ::authtoken])) -(s/def ::websites (s/coll-of websiteconfig?)) +(def config-defaults {:issuer "staging" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3"}) -(s/def ::auth (s/coll-of websiteauth?)) - -(def websites? (s/keys :req-un [::websites])) - -(def auth? (s/keys :req-un [::auth])) - -(defn-spec get-hash-from-sha256sum-output string? - [sha256sum-output string?] - (if (nil? sha256sum-output) - nil - (first (str/split sha256sum-output #"\ +")))) - -(defn-spec get-file-name-from-sha256sum-output string? - [sha256sum-output string?] - (if (nil? sha256sum-output) - nil - (second (str/split (str/trim sha256sum-output) #"\ +")))) - -(defn-spec replace-dots-by-minus string? - [fqdn pred/fqdn-string?] - (str/replace fqdn #"\." "-")) - -(defn-spec generate-app-name string? - [unique-name pred/fqdn-string?] - (str (replace-dots-by-minus unique-name) "-website")) - -(defn-spec generate-service-name string? - [unique-name pred/fqdn-string?] - (str (replace-dots-by-minus unique-name) "-service")) - -(defn-spec generate-cert-name string? - [unique-name pred/fqdn-string?] - (str (replace-dots-by-minus unique-name) "-cert")) - -(defn-spec generate-ingress-name string? - [unique-name pred/fqdn-string?] - (str (replace-dots-by-minus unique-name) "-ingress")) - -; https://your.gitea.host/api/v1/repos///archive/.zip -(defn-spec generate-gitrepourl string? - [host pred/fqdn-string? - repo string? - user string? - branch string?] - (str "https://" host "/api/v1/repos/" user "/" repo "/archive/" branch ".zip")) - -; https://your.gitea.host/api/v1/repos///git/commits/HEAD -(defn-spec generate-gitcommiturl string? - [host pred/fqdn-string? - repo string? - user string?] - (str "https://" host "/api/v1/repos/" user "/" repo "/git/" "commits/" "HEAD")) - -(defn-spec replace-all-matching-substrings-beginning-with pred/map-or-seq? - [col pred/map-or-seq? - value-to-partly-match string? - value-to-inplace string?] - (clojure.walk/postwalk #(if (and (= (type value-to-partly-match) (type %)) - (re-matches (re-pattern (str value-to-partly-match ".*")) %)) - (str/replace % value-to-partly-match value-to-inplace) %) - col)) - -(defn-spec replace-common-data pred/map-or-seq? - [resource-file string? - config websiteconfig?] - (let [{:keys [unique-name]} config] - (-> - (yaml/load-as-edn resource-file) - (assoc-in [:metadata :labels :app.kubernetes.part-of] (generate-app-name unique-name)) - (replace-all-matching-substrings-beginning-with "NAME" (replace-dots-by-minus unique-name))))) - -(defn-spec replace-build-data pred/map-or-seq? - [resource-file string? - config websiteconfig?] - (let [{:keys [build-cpu-request build-cpu-limit build-memory-request build-memory-limit] - :or {build-cpu-request "500m" build-cpu-limit "1700m" build-memory-request "256Mi" build-memory-limit "512Mi"}} config] - (-> - (replace-common-data resource-file config) - (cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request) - (cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit) - (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request) - (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit)))) - -#?(:cljs - (defmethod yaml/load-resource :website [resource-name] - (get (inline-resources "website") resource-name))) - -(defn-spec generate-nginx-deployment pred/map-or-seq? +(defn-spec generate-nginx-deployment map? [config websiteconfig?] - (replace-build-data "website/nginx-deployment.yaml" config)) - -(defn-spec generate-nginx-configmap pred/map-or-seq? - [config websiteconfig?] - (let [{:keys [fqdns]} config] - (-> - (replace-common-data "website/nginx-configmap.yaml" config) - (#(assoc-in % - [:data :website.conf] - (str/replace - (-> % :data :website.conf) #"FQDN" (str (str/join " " fqdns) ";"))))))) - -(defn-spec generate-nginx-service pred/map-or-seq? - [config websiteconfig?] - (replace-common-data "website/nginx-service.yaml" config)) - -(defn-spec generate-website-content-volume pred/map-or-seq? - [config websiteconfig?] - (let [{:keys [volume-size] - :or {volume-size "3"}} config] - (-> - (replace-common-data "website/website-content-volume.yaml" config) - (cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi"))))) - -(defn-spec generate-hashfile-volume pred/map-or-seq? - [config websiteconfig?] - (replace-common-data "website/hashfile-volume.yaml" config)) - -; using simple ingress instead removes the need of cert handling -(defn-spec generate-website-ingress pred/map-or-seq? - [config websiteconfig?] - (let [{:keys [unique-name fqdns]} config] - (ing/generate-ingress {:fqdns fqdns - :app-name (generate-app-name unique-name) - :ingress-name (generate-ingress-name unique-name) - :service-name (generate-service-name unique-name) - :service-port 80}))) - -(defn-spec generate-website-certificate pred/map-or-seq? - [config websiteconfig?] - (let [{:keys [unique-name issuer fqdns] - :or {issuer "staging"}} config] - (ing/generate-certificate {:fqdns fqdns - :app-name (generate-app-name unique-name) - :cert-name (generate-cert-name unique-name) - :issuer issuer}))) - -(defn-spec generate-website-build-cron pred/map-or-seq? - [config websiteconfig?] - (replace-build-data "website/website-build-cron.yaml" config)) - -; TODO: repo & commit-url sounds more like config map? -(defn-spec generate-website-build-secret pred/map-or-seq? - [config websiteconfig? - auth websiteauth?] - (let [{:keys [forgejo-host - forgejo-repo - branchname]} config - {:keys [authtoken - username]} auth] - (-> - (replace-common-data "website/website-build-secret.yaml" config) - (cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken)) - (cm/replace-all-matching-values-by-new-value "REPOURL" (b64/encode - (generate-gitrepourl - forgejo-host - forgejo-repo - username - branchname))) - (cm/replace-all-matching-values-by-new-value "COMMITURL" (b64/encode - (generate-gitcommiturl - forgejo-host - forgejo-repo - username)))))) - + (let [final-config (merge config-defaults + config)] + (int/generate-nginx-deployment final-config))) diff --git a/src/main/cljc/dda/c4k_website/website/website_internal.cljc b/src/main/cljc/dda/c4k_website/website/website_internal.cljc new file mode 100644 index 0000000..d483f27 --- /dev/null +++ b/src/main/cljc/dda/c4k_website/website/website_internal.cljc @@ -0,0 +1,235 @@ +(ns dda.c4k-website.website.website-internal + (:require + [clojure.spec.alpha :as s] + [clojure.string :as str] + #?(:clj [orchestra.core :refer [defn-spec]] + :cljs [orchestra.core :refer-macros [defn-spec]]) + #?(:cljs [dda.c4k-common.macros :refer-macros [inline-resources]]) + [dda.c4k-common.yaml :as yaml] + [dda.c4k-common.common :as cm] + [dda.c4k-common.base64 :as b64] + [dda.c4k-common.predicate :as pred] + [dda.c4k-common.ingress :as ing])) + +(defn fqdn-list? + [input] + (every? true? (map pred/fqdn-string? input))) + +(s/def ::unique-name string?) +(s/def ::issuer pred/letsencrypt-issuer?) +(s/def ::volume-size pred/integer-string?) +(s/def ::authtoken pred/bash-env-string?) +(s/def ::fqdns (s/coll-of pred/fqdn-string?)) +(s/def ::forgejo-host pred/fqdn-string?) +(s/def ::forgejo-repo string?) +(s/def ::branchname string?) +(s/def ::username string?) +(s/def ::build-cpu-request string?) +(s/def ::build-memory-request string?) +(s/def ::build-cpu-limit string?) +(s/def ::build-memory-limit string?) + +(def websiteconfig? (s/keys :req-un [::unique-name + ::fqdns + ::forgejo-host + ::forgejo-repo + ::branchname + ::issuer + ::volume-size + ::build-cpu-request + ::build-cpu-limit + ::build-memory-request + ::build-memory-limit])) + +(def websiteauth? (s/keys :req-un [::unique-name ::username ::authtoken])) + +(s/def ::websites (s/coll-of websiteconfig?)) + +(s/def ::auth (s/coll-of websiteauth?)) + +(def websites? (s/keys :req-un [::websites])) + +(def auth? (s/keys :req-un [::auth])) + +(defn-spec replace-dots-by-minus string? + [fqdn pred/fqdn-string?] + (str/replace fqdn #"\." "-")) + +; TODO: remove +(defn-spec generate-app-name string? + [unique-name pred/fqdn-string?] + (str (replace-dots-by-minus unique-name) "-website")) + +; TODO: remove +(defn-spec generate-service-name string? + [unique-name pred/fqdn-string?] + (str (replace-dots-by-minus unique-name) "-service")) + +; TODO: remove +(defn-spec generate-cert-name string? + [unique-name pred/fqdn-string?] + (str (replace-dots-by-minus unique-name) "-cert")) + +; TODO: remove +(defn-spec generate-ingress-name string? + [unique-name pred/fqdn-string?] + (str (replace-dots-by-minus unique-name) "-ingress")) + +; https://your.gitea.host/api/v1/repos///archive/.zip +(defn-spec generate-gitrepourl string? + [host pred/fqdn-string? + repo string? + user string? + branch string?] + (str "https://" host "/api/v1/repos/" user "/" repo "/archive/" branch ".zip")) + +; https://your.gitea.host/api/v1/repos///git/commits/HEAD +(defn-spec generate-gitcommiturl string? + [host pred/fqdn-string? + repo string? + user string?] + (str "https://" host "/api/v1/repos/" user "/" repo "/git/" "commits/" "HEAD")) + +(defn-spec replace-all-matching-substrings-beginning-with pred/map-or-seq? + [col pred/map-or-seq? + value-to-partly-match string? + value-to-inplace string?] + (clojure.walk/postwalk #(if (and (= (type value-to-partly-match) (type %)) + (re-matches (re-pattern (str value-to-partly-match ".*")) %)) + (str/replace % value-to-partly-match value-to-inplace) %) + col)) + + +(defn-spec generate-nginx-deployment map? + [config websiteconfig?] + (let [{:keys [unique-name build-cpu-request build-cpu-limit + build-memory-request build-memory-limit]} config + name (replace-dots-by-minus unique-name)] + (-> + (yaml/load-as-edn "website/nginx-deployment.yaml") + (assoc-in [:metadata :labels :app.kubernetes.part-of] name) + (assoc-in [:metadata :namespace] name) + (replace-all-matching-substrings-beginning-with "NAME" name) + (cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request) + (cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit) + (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request) + (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit) + ))) + + +(defn-spec generate-nginx-configmap map? + [config websiteconfig?] + (let [{:keys [fqdns unique-name]} config + name (replace-dots-by-minus unique-name)] + (-> + (yaml/load-as-edn "website/nginx-configmap.yaml") + (assoc-in [:metadata :labels :app.kubernetes.part-of] name) + (assoc-in [:metadata :namespace] name) + (replace-all-matching-substrings-beginning-with "NAME" name) + (#(assoc-in % + [:data :website.conf] + (str/replace + (-> % :data :website.conf) #"FQDN" (str (str/join " " fqdns) ";"))))))) + + +(defn-spec generate-nginx-service map? + [config websiteconfig?] + (let [{:keys [unique-name]} config + name (replace-dots-by-minus unique-name)] + (-> + (yaml/load-as-edn "website/nginx-service.yaml") + (assoc-in [:metadata :labels :app.kubernetes.part-of] name) + (assoc-in [:metadata :namespace] name) + (replace-all-matching-substrings-beginning-with "NAME" name)))) + + +(defn-spec generate-website-content-volume map? + [config websiteconfig?] + (let [{:keys [unique-name volume-size]} config + name (replace-dots-by-minus unique-name)] + (-> + (yaml/load-as-edn "website/website-content-volume.yaml") + (assoc-in [:metadata :labels :app.kubernetes.part-of] name) + (replace-all-matching-substrings-beginning-with "NAME" name) + (cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi"))))) + + +(defn-spec generate-hashfile-volume map? + [config websiteconfig?] + (let [{:keys [unique-name]} config + name (replace-dots-by-minus unique-name)] + (-> + (yaml/load-as-edn "website/hashfile-volume.yaml") + (assoc-in [:metadata :labels :app.kubernetes.part-of] name) + (replace-all-matching-substrings-beginning-with "NAME" name)))) + + +; TODO: remove +(defn-spec generate-website-ingress pred/map-or-seq? + [config websiteconfig?] + (let [{:keys [unique-name fqdns]} config] + (ing/generate-ingress {:fqdns fqdns + :app-name (generate-app-name unique-name) + :ingress-name (generate-ingress-name unique-name) + :service-name (generate-service-name unique-name) + :service-port 80}))) + +; TODO: remove - using simple ingress instead removes the need of cert handling +(defn-spec generate-website-certificate pred/map-or-seq? + [config websiteconfig?] + (let [{:keys [unique-name issuer fqdns] + :or {issuer "staging"}} config] + (ing/generate-certificate {:fqdns fqdns + :app-name (generate-app-name unique-name) + :cert-name (generate-cert-name unique-name) + :issuer issuer}))) + + +(defn-spec generate-website-build-cron map? + [config websiteconfig?] + (let [{:keys [unique-name build-cpu-request build-cpu-limit build-memory-request + build-memory-limit]} config + name (replace-dots-by-minus unique-name)] + (-> + (yaml/load-as-edn "website/website-build-cron.yaml") + (assoc-in [:metadata :labels :app.kubernetes.part-of] name) + (replace-all-matching-substrings-beginning-with "NAME" name) + (cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request) + (cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit) + (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request) + (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit)))) + + +; TODO: Non-Secret-Parts should be config map +(defn-spec generate-website-build-secret pred/map-or-seq? + [config websiteconfig? + auth websiteauth?] + (let [{:keys [unique-name + forgejo-host + forgejo-repo + branchname]} config + {:keys [authtoken + username]} auth + name (replace-dots-by-minus unique-name)] + (-> + (yaml/load-as-edn "website/website-build-secret.yaml") + (assoc-in [:metadata :labels :app.kubernetes.part-of] name) + (replace-all-matching-substrings-beginning-with "NAME" name) + (cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken)) + (cm/replace-all-matching-values-by-new-value "REPOURL" (b64/encode + (generate-gitrepourl + forgejo-host + forgejo-repo + username + branchname))) + (cm/replace-all-matching-values-by-new-value "COMMITURL" (b64/encode + (generate-gitcommiturl + forgejo-host + forgejo-repo + username)))))) + + +#?(:cljs + (defmethod yaml/load-resource :website [resource-name] + (get (inline-resources "website") resource-name))) + diff --git a/src/main/resources/website/nginx-configmap.yaml b/src/main/resources/website/nginx-configmap.yaml index cd9a1dc..bec0bdc 100644 --- a/src/main/resources/website/nginx-configmap.yaml +++ b/src/main/resources/website/nginx-configmap.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: NAME-configmap + name: etc-ngingx namespace: default labels: app.kubernetes.part-of: NAME-website diff --git a/src/main/resources/website/nginx-deployment.yaml b/src/main/resources/website/nginx-deployment.yaml index 1e2a66b..0e84a63 100644 --- a/src/main/resources/website/nginx-deployment.yaml +++ b/src/main/resources/website/nginx-deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: NAME-deployment + namespace: webserver labels: app.kubernetes.part-of: NAME-website spec: @@ -11,6 +12,7 @@ spec: app: NAME-nginx template: metadata: + namespace: webserver labels: app: NAME-nginx spec: @@ -23,7 +25,7 @@ spec: volumeMounts: - mountPath: /etc/nginx readOnly: true - name: nginx-config-volume + name: etc-ngingx - mountPath: /var/log/nginx name: log - mountPath: /var/www/html/website @@ -50,9 +52,9 @@ spec: - name: hashfile-volume mountPath: /var/hashfile.d volumes: - - name: nginx-config-volume + - name: etc-ngingx configMap: - name: NAME-configmap + name: etc-ngingx items: - key: nginx.conf path: nginx.conf diff --git a/src/main/resources/website/nginx-service.yaml b/src/main/resources/website/nginx-service.yaml index 36ab954..361b5c6 100644 --- a/src/main/resources/website/nginx-service.yaml +++ b/src/main/resources/website/nginx-service.yaml @@ -1,14 +1,14 @@ kind: Service apiVersion: v1 metadata: - name: NAME-service - labels: - app: NAME-nginx - app.kubernetes.part-of: NAME-website + name: NAME namespace: default + labels: + app: NAME + app.kubernetes.part-of: NAME spec: selector: - app: NAME-nginx + app: NAME ports: - name: nginx-http port: 80 diff --git a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc new file mode 100644 index 0000000..26431bb --- /dev/null +++ b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc @@ -0,0 +1,228 @@ +(ns dda.c4k-website.website.website-internal-test + (:require + #?(:clj [clojure.test :refer [deftest is are testing run-tests]] + :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) + [clojure.spec.test.alpha :as st] + [dda.c4k-common.test-helper :as th] + [dda.c4k-website.website.website-internal :as cut])) + +(st/instrument `cut/generate-nginx-configmap) +(st/instrument `cut/generate-nginx-service) +(st/instrument `cut/generate-website-content-volume) +(st/instrument `cut/generate-hashfile-volume) +(st/instrument `cut/generate-website-ingress) +(st/instrument `cut/generate-website-certificate) +(st/instrument `cut/generate-website-build-cron) +(st/instrument `cut/generate-website-build-secret) + +(deftest should-generate-resource-requests + (is (= {:requests {:cpu "1500m", :memory "512Mi"}, :limits {:cpu "3000m", :memory "1024Mi"}} + (-> (cut/generate-nginx-deployment {:forgejo-host "gitlab.de", + :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], + :forgejo-repo "repo", + :issuer "staging", + :branchname "main", + :unique-name "test.io" + :build-cpu-request "1500m" + :build-cpu-limit "3000m" + :build-memory-request "512Mi" + :build-memory-limit "1024Mi" + :volume-size 3}) + :spec :template :spec :initContainers first :resources)))) + + +(deftest should-generate-nginx-configmap-website + (is (= "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n server_name test.de www.test.de test-it.de www.test-it.de;\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; \n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n}\n" + (:website.conf (:data (cut/generate-nginx-configmap {:issuer "staging" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3" + :unique-name "test.io", + :forgejo-host "gitea.evilorg", + :forgejo-repo "none", + :branchname "mablain", + :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) + (is (= "types {\n text/html html htm shtml;\n text/css css;\n text/xml xml rss;\n image/gif gif;\n image/jpeg jpeg jpg;\n application/x-javascript js;\n text/plain txt;\n text/x-component htc;\n text/mathml mml;\n image/svg+xml svg svgz;\n image/png png;\n image/x-icon ico;\n image/x-jng jng;\n image/vnd.wap.wbmp wbmp;\n application/java-archive jar war ear;\n application/mac-binhex40 hqx;\n application/pdf pdf;\n application/x-cocoa cco;\n application/x-java-archive-diff jardiff;\n application/x-java-jnlp-file jnlp;\n application/x-makeself run;\n application/x-perl pl pm;\n application/x-pilot prc pdb;\n application/x-rar-compressed rar;\n application/x-redhat-package-manager rpm;\n application/x-sea sea;\n application/x-shockwave-flash swf;\n application/x-stuffit sit;\n application/x-tcl tcl tk;\n application/x-x509-ca-cert der pem crt;\n application/x-xpinstall xpi;\n application/zip zip;\n application/octet-stream deb;\n application/octet-stream bin exe dll;\n application/octet-stream dmg;\n application/octet-stream eot;\n application/octet-stream iso img;\n application/octet-stream msi msp msm;\n audio/mpeg mp3;\n audio/x-realaudio ra;\n video/mpeg mpeg mpg;\n video/quicktime mov;\n video/x-flv flv;\n video/x-msvideo avi;\n video/x-ms-wmv wmv;\n video/x-ms-asf asx asf;\n video/x-mng mng;\n}\n" + (:mime.types (:data (cut/generate-nginx-configmap {:issuer "staging" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3" + :unique-name "test.io", + :forgejo-host "gitea.evilorg", + :forgejo-repo "none", + :branchname "mablain", + :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) + (is (= "user nginx;\nworker_processes 3;\nerror_log /var/log/nginx/error.log;\npid /var/log/nginx/nginx.pid;\nworker_rlimit_nofile 8192;\nevents {\n worker_connections 4096;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n log_format main '$remote_addr - $remote_user [$time_local] $status'\n '\"$request\" $body_bytes_sent \"$http_referer\"'\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n access_log /var/log/nginx/access.log main;\n sendfile on;\n tcp_nopush on;\n keepalive_timeout 65;\n server_names_hash_bucket_size 128;\n include /etc/nginx/conf.d/website.conf;\n}\n" + (:nginx.conf (:data (cut/generate-nginx-configmap {:issuer "staging" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3" + :unique-name "test.io", + :forgejo-host "gitea.evilorg", + :forgejo-repo "none", + :branchname "mablain", + :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) + (is (= {:apiVersion "v1", + :kind "ConfigMap", + :metadata {:labels {:app.kubernetes.part-of "test-io"}, + :namespace "test-io", + :name "etc-ngingx"}} + (dissoc (cut/generate-nginx-configmap {:issuer "staging" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3" + :unique-name "test.io", + :forgejo-host "gitea.evilorg", + :forgejo-repo "none", + :branchname "mablain", + :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) :data)))) + +(deftest should-generate-nginx-service + (is (= {:name-c1 "test-io", + :name-c2 "test-org", + :app-c1 "test-io", + :app-c2 "test-org", + :app.kubernetes.part-of-c1 "test-io", + :app.kubernetes.part-of-c2 "test-org" + :namespace-c1 "test-io", + :namespace-c2 "test-org"} + (th/map-diff (cut/generate-nginx-service {:issuer "staging" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3" + :unique-name "test.io", + :forgejo-host "gitea.evilorg", + :forgejo-repo "none", + :branchname "mablain", + :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) + (cut/generate-nginx-service {:issuer "staging" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3" + :unique-name "test.org", + :forgejo-host "gitea.evilorg", + :forgejo-repo "none", + :branchname "mablain", + :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) + +(deftest should-generate-website-build-cron + (is (= {:apiVersion "batch/v1", + :kind "CronJob", + :metadata {:name "test-io-build-cron", + :labels {:app.kubernetes.part-of "test-io"}}, + :spec + {:schedule "0/7 * * * *", + :successfulJobsHistoryLimit 1, + :failedJobsHistoryLimit 1, + :jobTemplate + {:spec + {:template + {:spec + {:containers + [{:image "domaindrivenarchitecture/c4k-website-build", + :name "test-io-build-app", + :imagePullPolicy "IfNotPresent", + :resources {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}}, + :command ["/entrypoint.sh"], + :envFrom [{:secretRef {:name "test-io-secret"}}], + :volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"} + {:name "hashfile-volume", :mountPath "/var/hashfile.d"}]}], + :volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}} + {:name "hashfile-volume", :persistentVolumeClaim {:claimName "test-io-hashfile-volume"}}], + :restartPolicy "OnFailure"}}}}}} + (cut/generate-website-build-cron {:issuer "staging" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3" + :forgejo-host "gitlab.de", + :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], + :forgejo-repo "repo", + :branchname "main", + :unique-name "test.io"})))) + +(deftest should-generate-website-build-secret + (is (= {:apiVersion "v1", + :kind "Secret", + :metadata {:name "test-io-secret", :labels {:app.kubernetes.part-of "test-io"}}, + :data + {:AUTHTOKEN "YWJlZGpnYmFzZG9kag==", + :GITREPOURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vYXJjaGl2ZS9tYWluLnppcA==", + :GITCOMMITURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vZ2l0L2NvbW1pdHMvSEVBRA=="}} + (cut/generate-website-build-secret {:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], + :forgejo-repo "repo", + :issuer "staging", + :branchname "main", + :unique-name "test.io", + :forgejo-host "gitlab.de" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3"} + {:unique-name "test.io", + :authtoken "abedjgbasdodj", + :username "someuser"})))) + +(deftest should-generate-website-content-volume + (is (= {:name-c1 "test-io-content-volume", + :name-c2 "test-org-content-volume", + :app-c1 "test-io-nginx", + :app-c2 "test-org-nginx", + :app.kubernetes.part-of-c1 "test-io", + :app.kubernetes.part-of-c2 "test-org"} + (th/map-diff (cut/generate-website-content-volume {:issuer "staging" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3" + :unique-name "test.io", + :forgejo-host "gitea.evilorg", + :forgejo-repo "none", + :branchname "mablain", + :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) + (cut/generate-website-content-volume {:issuer "staging" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3" + :unique-name "test.org", + :forgejo-host "gitea.evilorg", + :forgejo-repo "none", + :branchname "mablain", + :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) + +(deftest should-generate-hashfile-volume + (is (= {:apiVersion "v1", + :kind "PersistentVolumeClaim", + :metadata + {:name "test-io-hashfile-volume", + :namespace "default", + :labels {:app "test-io-nginx", :app.kubernetes.part-of "test-io"}}, + :spec {:storageClassName "local-path", :accessModes ["ReadWriteOnce"], :resources {:requests {:storage "16Mi"}}}} + (cut/generate-hashfile-volume {:issuer "staging" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3" + :unique-name "test.io", + :forgejo-host "gitea.evilorg", + :forgejo-repo "none", + :branchname "mablain", + :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))) diff --git a/src/test/cljc/dda/c4k_website/website_test.cljc b/src/test/cljc/dda/c4k_website/website_test.cljc index 797cab7..6eeb2ab 100644 --- a/src/test/cljc/dda/c4k_website/website_test.cljc +++ b/src/test/cljc/dda/c4k_website/website_test.cljc @@ -6,55 +6,18 @@ [dda.c4k-common.test-helper :as th] [dda.c4k-website.website :as cut])) -(st/instrument `cut/generate-nginx-configmap) -(st/instrument `cut/generate-nginx-deployment) -(st/instrument `cut/generate-nginx-service) -(st/instrument `cut/generate-website-content-volume) -(st/instrument `cut/generate-hashfile-volume) -(st/instrument `cut/generate-website-ingress) -(st/instrument `cut/generate-website-certificate) -(st/instrument `cut/generate-website-build-cron) -(st/instrument `cut/generate-website-build-secret) - -(deftest should-generate-nginx-configmap-website - (is (= "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n server_name test.de www.test.de test-it.de www.test-it.de;\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; \n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n}\n" - (:website.conf (:data (cut/generate-nginx-configmap {:unique-name "test.io", - :forgejo-host "gitea.evilorg", - :forgejo-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) - (is (= "types {\n text/html html htm shtml;\n text/css css;\n text/xml xml rss;\n image/gif gif;\n image/jpeg jpeg jpg;\n application/x-javascript js;\n text/plain txt;\n text/x-component htc;\n text/mathml mml;\n image/svg+xml svg svgz;\n image/png png;\n image/x-icon ico;\n image/x-jng jng;\n image/vnd.wap.wbmp wbmp;\n application/java-archive jar war ear;\n application/mac-binhex40 hqx;\n application/pdf pdf;\n application/x-cocoa cco;\n application/x-java-archive-diff jardiff;\n application/x-java-jnlp-file jnlp;\n application/x-makeself run;\n application/x-perl pl pm;\n application/x-pilot prc pdb;\n application/x-rar-compressed rar;\n application/x-redhat-package-manager rpm;\n application/x-sea sea;\n application/x-shockwave-flash swf;\n application/x-stuffit sit;\n application/x-tcl tcl tk;\n application/x-x509-ca-cert der pem crt;\n application/x-xpinstall xpi;\n application/zip zip;\n application/octet-stream deb;\n application/octet-stream bin exe dll;\n application/octet-stream dmg;\n application/octet-stream eot;\n application/octet-stream iso img;\n application/octet-stream msi msp msm;\n audio/mpeg mp3;\n audio/x-realaudio ra;\n video/mpeg mpeg mpg;\n video/quicktime mov;\n video/x-flv flv;\n video/x-msvideo avi;\n video/x-ms-wmv wmv;\n video/x-ms-asf asx asf;\n video/x-mng mng;\n}\n" - (:mime.types (:data (cut/generate-nginx-configmap {:unique-name "test.io", - :forgejo-host "gitea.evilorg", - :forgejo-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) - (is (= "user nginx;\nworker_processes 3;\nerror_log /var/log/nginx/error.log;\npid /var/log/nginx/nginx.pid;\nworker_rlimit_nofile 8192;\nevents {\n worker_connections 4096;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n log_format main '$remote_addr - $remote_user [$time_local] $status'\n '\"$request\" $body_bytes_sent \"$http_referer\"'\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n access_log /var/log/nginx/access.log main;\n sendfile on;\n tcp_nopush on;\n keepalive_timeout 65;\n server_names_hash_bucket_size 128;\n include /etc/nginx/conf.d/website.conf;\n}\n" - (:nginx.conf (:data (cut/generate-nginx-configmap {:unique-name "test.io", - :forgejo-host "gitea.evilorg", - :forgejo-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) - (is (= {:apiVersion "v1", - :kind "ConfigMap", - :metadata {:name "test-io-configmap", - :labels {:app.kubernetes.part-of "test-io-website"}, - :namespace "default"}} - (dissoc (cut/generate-nginx-configmap {:unique-name "test.io", - :forgejo-host "gitea.evilorg", - :forgejo-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) :data)))) - (deftest should-generate-nginx-deployment (is (= {:apiVersion "apps/v1", :kind "Deployment", - :metadata {:name "test-io-deployment", :labels {:app.kubernetes.part-of "test-io-website"}}, + :metadata {:name "test-io-deployment", + :namespace "test-io" + :labels {:app.kubernetes.part-of "test-io"}}, :spec {:replicas 1, :selector {:matchLabels {:app "test-io-nginx"}}, :template - {:metadata {:labels {:app "test-io-nginx"}}, + {:metadata {:namespace "webserver" + :labels {:app "test-io-nginx"}}, :spec {:containers [{:name "test-io-nginx", @@ -62,7 +25,7 @@ :imagePullPolicy "IfNotPresent", :ports [{:containerPort 80}], :volumeMounts - [{:mountPath "/etc/nginx", :readOnly true, :name "nginx-config-volume"} + [{:mountPath "/etc/nginx", :readOnly true, :name "etc-ngingx"} {:mountPath "/var/log/nginx", :name "log"} {:mountPath "/var/www/html/website", :name "content-volume", :readOnly true}]}], :initContainers @@ -75,9 +38,9 @@ :volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"} {:name "hashfile-volume", :mountPath "/var/hashfile.d"}]}], :volumes - [{:name "nginx-config-volume", + [{:name "etc-ngingx", :configMap - {:name "test-io-configmap", + {:name "etc-ngingx", :items [{:key "nginx.conf", :path "nginx.conf"} {:key "website.conf", :path "conf.d/website.conf"} @@ -91,127 +54,4 @@ :sha256sum-output "123456789ab123cd345de script-file-name.sh", :issuer "staging", :branchname "main", - :unique-name "test.io"})))) - -(deftest should-generate-resource-requests - (is (= {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}} - (-> (cut/generate-nginx-deployment {:forgejo-host "gitlab.de", - :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], - :forgejo-repo "repo", - :sha256sum-output "123456789ab123cd345de script-file-name.sh", - :issuer "staging", - :branchname "main", - :unique-name "test.io"}) - :spec :template :spec :initContainers first :resources ))) - (is (= {:requests {:cpu "1500m", :memory "512Mi"}, :limits {:cpu "3000m", :memory "1024Mi"}} - (-> (cut/generate-nginx-deployment {:forgejo-host "gitlab.de", - :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], - :forgejo-repo "repo", - :sha256sum-output "123456789ab123cd345de script-file-name.sh", - :issuer "staging", - :branchname "main", - :unique-name "test.io" - :build-cpu-request "1500m" - :build-cpu-limit "3000m" - :build-memory-request "512Mi" - :build-memory-limit "1024Mi"}) - :spec :template :spec :initContainers first :resources)))) - -(deftest should-generate-nginx-service - (is (= {:name-c1 "test-io-service", - :name-c2 "test-org-service", - :app-c1 "test-io-nginx", - :app-c2 "test-org-nginx", - :app.kubernetes.part-of-c1 "test-io-website", - :app.kubernetes.part-of-c2 "test-org-website"} - (th/map-diff (cut/generate-nginx-service {:unique-name "test.io", - :forgejo-host "gitea.evilorg", - :forgejo-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) - (cut/generate-nginx-service {:unique-name "test.org", - :forgejo-host "gitea.evilorg", - :forgejo-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) - -(deftest should-generate-website-build-cron - (is (= {:apiVersion "batch/v1", - :kind "CronJob", - :metadata {:name "test-io-build-cron", :labels {:app.kubernetes.part-of "test-io-website"}}, - :spec - {:schedule "0/7 * * * *", - :successfulJobsHistoryLimit 1, - :failedJobsHistoryLimit 1, - :jobTemplate - {:spec - {:template - {:spec - {:containers - [{:image "domaindrivenarchitecture/c4k-website-build", - :name "test-io-build-app", - :imagePullPolicy "IfNotPresent", - :resources {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}}, - :command ["/entrypoint.sh"], - :envFrom [{:secretRef {:name "test-io-secret"}}], - :volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"} - {:name "hashfile-volume", :mountPath "/var/hashfile.d"}]}], - :volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}} - {:name "hashfile-volume", :persistentVolumeClaim {:claimName "test-io-hashfile-volume"}}], - :restartPolicy "OnFailure"}}}}}} - (cut/generate-website-build-cron {:forgejo-host "gitlab.de", - :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], - :forgejo-repo "repo", - :issuer "staging", - :branchname "main", - :unique-name "test.io"})))) - -(deftest should-generate-website-build-secret - (is (= {:apiVersion "v1", - :kind "Secret", - :metadata {:name "test-io-secret", :labels {:app.kubernetes.part-of "test-io-website"}}, - :data - {:AUTHTOKEN "YWJlZGpnYmFzZG9kag==", - :GITREPOURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vYXJjaGl2ZS9tYWluLnppcA==", - :GITCOMMITURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vZ2l0L2NvbW1pdHMvSEVBRA=="}} - (cut/generate-website-build-secret {:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], - :forgejo-repo "repo", - :issuer "staging", - :branchname "main", - :unique-name "test.io", - :forgejo-host "gitlab.de"} - {:unique-name "test.io", - :authtoken "abedjgbasdodj", - :username "someuser"})))) - -(deftest should-generate-website-content-volume - (is (= {:name-c1 "test-io-content-volume", - :name-c2 "test-org-content-volume", - :app-c1 "test-io-nginx", - :app-c2 "test-org-nginx", - :app.kubernetes.part-of-c1 "test-io-website", - :app.kubernetes.part-of-c2 "test-org-website"} - (th/map-diff (cut/generate-website-content-volume {:unique-name "test.io", - :forgejo-host "gitea.evilorg", - :forgejo-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) - (cut/generate-website-content-volume {:unique-name "test.org", - :forgejo-host "gitea.evilorg", - :forgejo-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) - -(deftest should-generate-hashfile-volume - (is (= {:apiVersion "v1", - :kind "PersistentVolumeClaim", - :metadata - {:name "test-io-hashfile-volume", - :namespace "default", - :labels {:app "test-io-nginx", :app.kubernetes.part-of "test-io-website"}}, - :spec {:storageClassName "local-path", :accessModes ["ReadWriteOnce"], :resources {:requests {:storage "16Mi"}}}} - (cut/generate-hashfile-volume {:unique-name "test.io", - :forgejo-host "gitea.evilorg", - :forgejo-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))) + :unique-name "test.io"})))) \ No newline at end of file From 9cb0e50853a68d869d471edcafc3d70c2e104162 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Mon, 26 Feb 2024 16:12:01 +0100 Subject: [PATCH 02/11] use ingress & ns from common --- src/main/cljc/dda/c4k_website/core.cljc | 28 +++--- src/main/cljc/dda/c4k_website/website.cljc | 64 ++++++++++++- .../c4k_website/website/website_internal.cljc | 46 +-------- src/test/cljc/dda/c4k_website/core_test.cljc | 5 + .../cljc/dda/c4k_website/website_test.cljc | 93 +++++++++---------- 5 files changed, 127 insertions(+), 109 deletions(-) diff --git a/src/main/cljc/dda/c4k_website/core.cljc b/src/main/cljc/dda/c4k_website/core.cljc index 6cf1b10..d967453 100644 --- a/src/main/cljc/dda/c4k_website/core.cljc +++ b/src/main/cljc/dda/c4k_website/core.cljc @@ -9,9 +9,6 @@ [dda.c4k-common.monitoring :as mon] [dda.c4k-website.website :as website])) -(def config-defaults {:issuer "staging" - :volume-size "3"}) - (s/def ::mon-cfg ::mon/mon-cfg) (s/def ::mon-auth ::mon/mon-auth) @@ -64,18 +61,19 @@ (-> auth (assoc-in [:auth] (rest (auth :auth)))) - (conj result - (website/generate-nginx-deployment (flatten-and-reduce-config config)) - ;(website/generate-nginx-configmap (flatten-and-reduce-config config)) - ;(website/generate-nginx-service (flatten-and-reduce-config config)) - ;(website/generate-website-content-volume (flatten-and-reduce-config config)) - ;(website/generate-hashfile-volume (flatten-and-reduce-config config)) - ;(website/generate-website-ingress (flatten-and-reduce-config config)) - ;(website/generate-website-certificate (flatten-and-reduce-config config)) - ;(website/generate-website-build-cron (flatten-and-reduce-config config)) - ;(website/generate-website-build-secret (flatten-and-reduce-config config) - ; (flatten-and-reduce-auth auth)) - ))))) + (cm/concat-vec + result + (website/generate-namespcae (flatten-and-reduce-config config)) + [(website/generate-nginx-deployment (flatten-and-reduce-config config)) + (website/generate-nginx-configmap (flatten-and-reduce-config config)) + (website/generate-nginx-service (flatten-and-reduce-config config)) + (website/generate-website-content-volume (flatten-and-reduce-config config)) + (website/generate-hashfile-volume (flatten-and-reduce-config config)) + (website/generate-website-build-cron (flatten-and-reduce-config config)) + (website/generate-website-build-secret (flatten-and-reduce-config config) + (flatten-and-reduce-auth auth))] + (website/generate-ingress (flatten-and-reduce-config config)) + ))))) (defn-spec k8s-objects cp/map-or-seq? [config config? diff --git a/src/main/cljc/dda/c4k_website/website.cljc b/src/main/cljc/dda/c4k_website/website.cljc index 77e3ba0..8c9b906 100644 --- a/src/main/cljc/dda/c4k_website/website.cljc +++ b/src/main/cljc/dda/c4k_website/website.cljc @@ -2,7 +2,9 @@ (:require [clojure.spec.alpha :as s] #?(:clj [orchestra.core :refer [defn-spec]] - :cljs [orchestra.core :refer-macros [defn-spec]]) + :cljs [orchestra.core :refer-macros [defn-spec]]) + [dda.c4k-common.ingress :as ing] + [dda.c4k-common.namespace :as ns] [dda.c4k-website.website.website-internal :as int])) (s/def ::unique-name ::int/unique-name) @@ -45,3 +47,63 @@ (let [final-config (merge config-defaults config)] (int/generate-nginx-deployment final-config))) + + +(defn-spec generate-nginx-configmap map? + [config websiteconfig?] + (let [final-config (merge config-defaults + config)] + (int/generate-nginx-configmap final-config))) + + +(defn-spec generate-nginx-service map? + [config websiteconfig?] + (let [final-config (merge config-defaults + config)] + (int/generate-nginx-service final-config))) + + +(defn-spec generate-website-content-volume map? + [config websiteconfig?] + (let [final-config (merge config-defaults + config)] + (int/generate-website-content-volume final-config))) + + +(defn-spec generate-hashfile-volume map? + [config websiteconfig?] + (let [final-config (merge config-defaults + config)] + (int/generate-hashfile-volume final-config))) + +(defn-spec generate-website-build-cron map? + [config websiteconfig?] + (let [final-config (merge config-defaults + config)] + (int/generate-website-build-cron final-config))) + + +(defn-spec generate-website-build-secret map? + [config websiteconfig? + auth websiteauth?] + (let [final-config (merge config-defaults + config)] + (int/generate-website-build-secret final-config auth))) + +(defn-spec generate-namespcae seq? + [config websiteconfig?] + (let [name (int/replace-dots-by-minus (:unique-name config)) + final-config (merge config-defaults + {:namespace name} + config)] + (ns/generate final-config))) + +(defn-spec generate-ingress seq? + [config websiteconfig?] + (let [name (int/replace-dots-by-minus (:unique-name config)) + final-config (merge config-defaults + {:service-name name + :service-port 80 + :namespace name} + config)] + (ing/generate-simple-ingress final-config))) \ No newline at end of file diff --git a/src/main/cljc/dda/c4k_website/website/website_internal.cljc b/src/main/cljc/dda/c4k_website/website/website_internal.cljc index d483f27..a28414d 100644 --- a/src/main/cljc/dda/c4k_website/website/website_internal.cljc +++ b/src/main/cljc/dda/c4k_website/website/website_internal.cljc @@ -55,26 +55,6 @@ [fqdn pred/fqdn-string?] (str/replace fqdn #"\." "-")) -; TODO: remove -(defn-spec generate-app-name string? - [unique-name pred/fqdn-string?] - (str (replace-dots-by-minus unique-name) "-website")) - -; TODO: remove -(defn-spec generate-service-name string? - [unique-name pred/fqdn-string?] - (str (replace-dots-by-minus unique-name) "-service")) - -; TODO: remove -(defn-spec generate-cert-name string? - [unique-name pred/fqdn-string?] - (str (replace-dots-by-minus unique-name) "-cert")) - -; TODO: remove -(defn-spec generate-ingress-name string? - [unique-name pred/fqdn-string?] - (str (replace-dots-by-minus unique-name) "-ingress")) - ; https://your.gitea.host/api/v1/repos///archive/.zip (defn-spec generate-gitrepourl string? [host pred/fqdn-string? @@ -105,7 +85,7 @@ (let [{:keys [unique-name build-cpu-request build-cpu-limit build-memory-request build-memory-limit]} config name (replace-dots-by-minus unique-name)] - (-> + (-> (yaml/load-as-edn "website/nginx-deployment.yaml") (assoc-in [:metadata :labels :app.kubernetes.part-of] name) (assoc-in [:metadata :namespace] name) @@ -113,8 +93,7 @@ (cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request) (cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit) (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request) - (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit) - ))) + (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit)))) (defn-spec generate-nginx-configmap map? @@ -164,27 +143,6 @@ (replace-all-matching-substrings-beginning-with "NAME" name)))) -; TODO: remove -(defn-spec generate-website-ingress pred/map-or-seq? - [config websiteconfig?] - (let [{:keys [unique-name fqdns]} config] - (ing/generate-ingress {:fqdns fqdns - :app-name (generate-app-name unique-name) - :ingress-name (generate-ingress-name unique-name) - :service-name (generate-service-name unique-name) - :service-port 80}))) - -; TODO: remove - using simple ingress instead removes the need of cert handling -(defn-spec generate-website-certificate pred/map-or-seq? - [config websiteconfig?] - (let [{:keys [unique-name issuer fqdns] - :or {issuer "staging"}} config] - (ing/generate-certificate {:fqdns fqdns - :app-name (generate-app-name unique-name) - :cert-name (generate-cert-name unique-name) - :issuer issuer}))) - - (defn-spec generate-website-build-cron map? [config websiteconfig?] (let [{:keys [unique-name build-cpu-request build-cpu-limit build-memory-request diff --git a/src/test/cljc/dda/c4k_website/core_test.cljc b/src/test/cljc/dda/c4k_website/core_test.cljc index 8cf4ad3..2ae324f 100644 --- a/src/test/cljc/dda/c4k_website/core_test.cljc +++ b/src/test/cljc/dda/c4k_website/core_test.cljc @@ -118,3 +118,8 @@ (cut/flatten-and-reduce-auth (cut/sort-auth auth1)))) (is (= flattened-and-reduced-auth (cut/flatten-and-reduce-auth (cut/sort-auth auth2))))) + +(deftest test-generate + (is (= 22 + (count (cut/generate (yaml/load-as-edn "website-test/valid-config.yaml") + (yaml/load-as-edn "website-test/valid-auth.yaml")))))) diff --git a/src/test/cljc/dda/c4k_website/website_test.cljc b/src/test/cljc/dda/c4k_website/website_test.cljc index 6eeb2ab..1d555db 100644 --- a/src/test/cljc/dda/c4k_website/website_test.cljc +++ b/src/test/cljc/dda/c4k_website/website_test.cljc @@ -6,52 +6,47 @@ [dda.c4k-common.test-helper :as th] [dda.c4k-website.website :as cut])) -(deftest should-generate-nginx-deployment - (is (= {:apiVersion "apps/v1", - :kind "Deployment", - :metadata {:name "test-io-deployment", - :namespace "test-io" - :labels {:app.kubernetes.part-of "test-io"}}, - :spec - {:replicas 1, - :selector {:matchLabels {:app "test-io-nginx"}}, - :template - {:metadata {:namespace "webserver" - :labels {:app "test-io-nginx"}}, - :spec - {:containers - [{:name "test-io-nginx", - :image "nginx:latest", - :imagePullPolicy "IfNotPresent", - :ports [{:containerPort 80}], - :volumeMounts - [{:mountPath "/etc/nginx", :readOnly true, :name "etc-ngingx"} - {:mountPath "/var/log/nginx", :name "log"} - {:mountPath "/var/www/html/website", :name "content-volume", :readOnly true}]}], - :initContainers - [{:image "domaindrivenarchitecture/c4k-website-build", - :name "test-io-init-build-container", - :imagePullPolicy "IfNotPresent", - :resources {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}}, - :command ["/entrypoint.sh"], - :envFrom [{:secretRef {:name "test-io-secret"}}], - :volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"} - {:name "hashfile-volume", :mountPath "/var/hashfile.d"}]}], - :volumes - [{:name "etc-ngingx", - :configMap - {:name "etc-ngingx", - :items - [{:key "nginx.conf", :path "nginx.conf"} - {:key "website.conf", :path "conf.d/website.conf"} - {:key "mime.types", :path "mime.types"}]}} - {:name "log", :emptyDir {}} - {:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}} - {:name "hashfile-volume", :persistentVolumeClaim {:claimName "test-io-hashfile-volume"}}]}}}} - (cut/generate-nginx-deployment {:forgejo-host "gitlab.de", - :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], - :forgejo-repo "repo", - :sha256sum-output "123456789ab123cd345de script-file-name.sh", - :issuer "staging", - :branchname "main", - :unique-name "test.io"})))) \ No newline at end of file +(deftest should-generate-ingress + (is (= [{:host "test.de", + :http + {:paths + [{:pathType "Prefix", + :path "/", + :backend {:service {:name "test-io", :port {:number 80}}}}]}} + {:host "test.org", + :http + {:paths + [{:pathType "Prefix", + :path "/", + :backend {:service {:name "test-io", :port {:number 80}}}}]}} + {:host "www.test.de", + :http + {:paths + [{:pathType "Prefix", + :path "/", + :backend {:service {:name "test-io", :port {:number 80}}}}]}} + {:host "www.test.org", + :http + {:paths + [{:pathType "Prefix", + :path "/", + :backend {:service {:name "test-io", :port {:number 80}}}}]}}] + (get-in + (cut/generate-ingress {:forgejo-host "gitlab.de", + :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], + :forgejo-repo "repo", + :sha256sum-output "123456789ab123cd345de script-file-name.sh", + :issuer "staging", + :branchname "main", + :unique-name "test.io"}) + [2 :spec :rules]))) + (is (= "test-io" + (get-in + (cut/generate-ingress {:forgejo-host "gitlab.de", + :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], + :forgejo-repo "repo", + :sha256sum-output "123456789ab123cd345de script-file-name.sh", + :issuer "staging", + :branchname "main", + :unique-name "test.io"}) + [2 :metadata :namespace])))) \ No newline at end of file From 5d3621f6f82047434adfd4c0eefa23411628417b Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Tue, 27 Feb 2024 09:27:22 +0100 Subject: [PATCH 03/11] start introduce namespace --- src/main/cljc/dda/c4k_website/core.cljc | 8 ++--- .../resources/website/nginx-configmap.yaml | 2 +- .../resources/website/nginx-deployment.yaml | 29 ++++++++++--------- src/test/cljc/dda/c4k_website/core_test.cljc | 6 ++++ .../website/website_internal_test.cljc | 15 +++++++++- .../cljc/dda/c4k_website/website_test.cljc | 3 +- 6 files changed, 42 insertions(+), 21 deletions(-) diff --git a/src/main/cljc/dda/c4k_website/core.cljc b/src/main/cljc/dda/c4k_website/core.cljc index d967453..e1ddffd 100644 --- a/src/main/cljc/dda/c4k_website/core.cljc +++ b/src/main/cljc/dda/c4k_website/core.cljc @@ -20,19 +20,19 @@ (def auth? (s/keys :req-un [::website/auth] :opt-un [::mon-auth])) -(defn-spec sort-config cp/map-or-seq? +(defn-spec sort-config map? [unsorted-config config?] (let [sorted-websites (into [] (sort-by :unique-name (unsorted-config :websites)))] (-> unsorted-config (assoc-in [:websites] sorted-websites)))) -(defn-spec sort-auth cp/map-or-seq? +(defn-spec sort-auth map? [unsorted-auth auth?] (let [sorted-auth (into [] (sort-by :unique-name (unsorted-auth :auth)))] (-> unsorted-auth (assoc-in [:auth] sorted-auth)))) -(defn-spec flatten-and-reduce-config cp/map-or-seq? +(defn-spec flatten-and-reduce-config map? [config config?] (let [first-entry (first (:websites config))] @@ -42,7 +42,7 @@ (when (contains? config :volume-size) {:volume-size (config :volume-size)})))) -(defn-spec flatten-and-reduce-auth cp/map-or-seq? +(defn-spec flatten-and-reduce-auth map? [auth auth?] (-> auth :auth first)) diff --git a/src/main/resources/website/nginx-configmap.yaml b/src/main/resources/website/nginx-configmap.yaml index bec0bdc..4c4be79 100644 --- a/src/main/resources/website/nginx-configmap.yaml +++ b/src/main/resources/website/nginx-configmap.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: etc-ngingx + name: etc-nginx namespace: default labels: app.kubernetes.part-of: NAME-website diff --git a/src/main/resources/website/nginx-deployment.yaml b/src/main/resources/website/nginx-deployment.yaml index 0e84a63..640b156 100644 --- a/src/main/resources/website/nginx-deployment.yaml +++ b/src/main/resources/website/nginx-deployment.yaml @@ -1,23 +1,24 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: NAME-deployment - namespace: webserver + name: nginx + namespace: NAME labels: app.kubernetes.part-of: NAME-website spec: replicas: 1 selector: matchLabels: - app: NAME-nginx + app: nginx template: metadata: - namespace: webserver + namespace: NAME labels: - app: NAME-nginx + app: nginx + app.kubernetes.part-of: NAME-website spec: containers: - - name: NAME-nginx + - name: nginx image: nginx:latest imagePullPolicy: IfNotPresent ports: @@ -33,7 +34,7 @@ spec: readOnly: true initContainers: - image: domaindrivenarchitecture/c4k-website-build - name: NAME-init-build-container + name: init-build-container imagePullPolicy: IfNotPresent resources: requests: @@ -45,16 +46,16 @@ spec: command: ["/entrypoint.sh"] envFrom: - secretRef: - name: NAME-secret + name: secret volumeMounts: - name: content-volume mountPath: /var/www/html/website - - name: hashfile-volume + - name: hash-state-volume mountPath: /var/hashfile.d volumes: - - name: etc-ngingx + - name: etc-nginx configMap: - name: etc-ngingx + name: etc-nginx items: - key: nginx.conf path: nginx.conf @@ -66,8 +67,8 @@ spec: emptyDir: {} - name: content-volume persistentVolumeClaim: - claimName: NAME-content-volume - - name: hashfile-volume + claimName: content-volume + - name: hash-state-volume persistentVolumeClaim: - claimName: NAME-hashfile-volume + claimName: hash-state-volume \ No newline at end of file diff --git a/src/test/cljc/dda/c4k_website/core_test.cljc b/src/test/cljc/dda/c4k_website/core_test.cljc index 2ae324f..c549b64 100644 --- a/src/test/cljc/dda/c4k_website/core_test.cljc +++ b/src/test/cljc/dda/c4k_website/core_test.cljc @@ -4,9 +4,15 @@ #?(:clj [clojure.test :refer [deftest is are testing run-tests]] :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) [clojure.spec.alpha :as s] + [clojure.spec.test.alpha :as st] [dda.c4k-common.yaml :as yaml] [dda.c4k-website.core :as cut])) +(st/instrument `cut/sort-config) +(st/instrument `cut/flattened-and-reduced-config) +(st/instrument `cut/flatten-and-reduce-auth) +(st/instrument `cut/generate) + #?(:cljs (defmethod yaml/load-resource :website-test [resource-name] (case resource-name diff --git a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc index 26431bb..7a37247 100644 --- a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc +++ b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc @@ -28,7 +28,20 @@ :build-memory-request "512Mi" :build-memory-limit "1024Mi" :volume-size 3}) - :spec :template :spec :initContainers first :resources)))) + :spec :template :spec :initContainers first :resources))) + (is (= "test-io" + (-> (cut/generate-nginx-deployment {:forgejo-host "gitlab.de", + :fqdns ["test.de" "test.org" "www.test.de" "www.test.org"], + :forgejo-repo "repo", + :issuer "staging", + :branchname "main", + :unique-name "test.io" + :build-cpu-request "1500m" + :build-cpu-limit "3000m" + :build-memory-request "512Mi" + :build-memory-limit "1024Mi" + :volume-size 3}) + :metadata :namespace)))) (deftest should-generate-nginx-configmap-website diff --git a/src/test/cljc/dda/c4k_website/website_test.cljc b/src/test/cljc/dda/c4k_website/website_test.cljc index 1d555db..2f49669 100644 --- a/src/test/cljc/dda/c4k_website/website_test.cljc +++ b/src/test/cljc/dda/c4k_website/website_test.cljc @@ -3,9 +3,10 @@ #?(:clj [clojure.test :refer [deftest is are testing run-tests]] :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) [clojure.spec.test.alpha :as st] - [dda.c4k-common.test-helper :as th] [dda.c4k-website.website :as cut])) +(st/instrument `cut/generate-ingress) + (deftest should-generate-ingress (is (= [{:host "test.de", :http From 3257d332dc5c5efb6dcccde90d09bc83edbcf13e Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Tue, 27 Feb 2024 10:00:09 +0100 Subject: [PATCH 04/11] log should go to console out instead of file! --- src/main/resources/website/nginx-configmap.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/resources/website/nginx-configmap.yaml b/src/main/resources/website/nginx-configmap.yaml index 4c4be79..8b1e9bd 100644 --- a/src/main/resources/website/nginx-configmap.yaml +++ b/src/main/resources/website/nginx-configmap.yaml @@ -9,7 +9,7 @@ data: nginx.conf: | user nginx; worker_processes 3; - error_log /var/log/nginx/error.log; + error_log stdout info; pid /var/log/nginx/nginx.pid; worker_rlimit_nofile 8192; events { @@ -21,7 +21,7 @@ data: log_format main '$remote_addr - $remote_user [$time_local] $status' '"$request" $body_bytes_sent "$http_referer"' '"$http_user_agent" "$http_x_forwarded_for"'; - access_log /var/log/nginx/access.log main; + access_log stdout main; sendfile on; tcp_nopush on; keepalive_timeout 65; From 1790487d6e6bd87e8b788d5eae64b71a3f7d784b Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Tue, 27 Feb 2024 10:04:02 +0100 Subject: [PATCH 05/11] log should go to console out instead of file! --- .../cljc/dda/c4k_website/website/website_internal_test.cljc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc index 7a37247..25b1c61 100644 --- a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc +++ b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc @@ -69,7 +69,7 @@ :forgejo-repo "none", :branchname "mablain", :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) - (is (= "user nginx;\nworker_processes 3;\nerror_log /var/log/nginx/error.log;\npid /var/log/nginx/nginx.pid;\nworker_rlimit_nofile 8192;\nevents {\n worker_connections 4096;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n log_format main '$remote_addr - $remote_user [$time_local] $status'\n '\"$request\" $body_bytes_sent \"$http_referer\"'\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n access_log /var/log/nginx/access.log main;\n sendfile on;\n tcp_nopush on;\n keepalive_timeout 65;\n server_names_hash_bucket_size 128;\n include /etc/nginx/conf.d/website.conf;\n}\n" + (is (= "user nginx;\nworker_processes 3;\nerror_log stdout info;\npid /var/log/nginx/nginx.pid;\nworker_rlimit_nofile 8192;\nevents {\n worker_connections 4096;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n log_format main '$remote_addr - $remote_user [$time_local] $status'\n '\"$request\" $body_bytes_sent \"$http_referer\"'\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n access_log stdout main;\n sendfile on;\n tcp_nopush on;\n keepalive_timeout 65;\n server_names_hash_bucket_size 128;\n include /etc/nginx/conf.d/website.conf;\n}\n" (:nginx.conf (:data (cut/generate-nginx-configmap {:issuer "staging" :build-cpu-request "500m" :build-cpu-limit "1700m" @@ -85,7 +85,7 @@ :kind "ConfigMap", :metadata {:labels {:app.kubernetes.part-of "test-io"}, :namespace "test-io", - :name "etc-ngingx"}} + :name "etc-nginx"}} (dissoc (cut/generate-nginx-configmap {:issuer "staging" :build-cpu-request "500m" :build-cpu-limit "1700m" From 53fc7a990d0967a1db95dfd66d2ec2847768e531 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Tue, 27 Feb 2024 10:09:47 +0100 Subject: [PATCH 06/11] fix service names --- .../c4k_website/website/website_internal.cljc | 2 -- src/main/resources/website/nginx-service.yaml | 4 +-- .../website/website_internal_test.cljc | 32 +++++++------------ 3 files changed, 13 insertions(+), 25 deletions(-) diff --git a/src/main/cljc/dda/c4k_website/website/website_internal.cljc b/src/main/cljc/dda/c4k_website/website/website_internal.cljc index a28414d..4297b6f 100644 --- a/src/main/cljc/dda/c4k_website/website/website_internal.cljc +++ b/src/main/cljc/dda/c4k_website/website/website_internal.cljc @@ -102,7 +102,6 @@ name (replace-dots-by-minus unique-name)] (-> (yaml/load-as-edn "website/nginx-configmap.yaml") - (assoc-in [:metadata :labels :app.kubernetes.part-of] name) (assoc-in [:metadata :namespace] name) (replace-all-matching-substrings-beginning-with "NAME" name) (#(assoc-in % @@ -117,7 +116,6 @@ name (replace-dots-by-minus unique-name)] (-> (yaml/load-as-edn "website/nginx-service.yaml") - (assoc-in [:metadata :labels :app.kubernetes.part-of] name) (assoc-in [:metadata :namespace] name) (replace-all-matching-substrings-beginning-with "NAME" name)))) diff --git a/src/main/resources/website/nginx-service.yaml b/src/main/resources/website/nginx-service.yaml index 361b5c6..e72704d 100644 --- a/src/main/resources/website/nginx-service.yaml +++ b/src/main/resources/website/nginx-service.yaml @@ -5,10 +5,10 @@ metadata: namespace: default labels: app: NAME - app.kubernetes.part-of: NAME + app.kubernetes.part-of: NAME-website spec: selector: - app: NAME + app: nginx ports: - name: nginx-http port: 80 diff --git a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc index 25b1c61..307ec29 100644 --- a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc +++ b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc @@ -83,7 +83,7 @@ :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) (is (= {:apiVersion "v1", :kind "ConfigMap", - :metadata {:labels {:app.kubernetes.part-of "test-io"}, + :metadata {:labels {:app.kubernetes.part-of "test-io-website"}, :namespace "test-io", :name "etc-nginx"}} (dissoc (cut/generate-nginx-configmap {:issuer "staging" @@ -99,15 +99,15 @@ :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) :data)))) (deftest should-generate-nginx-service - (is (= {:name-c1 "test-io", - :name-c2 "test-org", - :app-c1 "test-io", - :app-c2 "test-org", - :app.kubernetes.part-of-c1 "test-io", - :app.kubernetes.part-of-c2 "test-org" - :namespace-c1 "test-io", - :namespace-c2 "test-org"} - (th/map-diff (cut/generate-nginx-service {:issuer "staging" + (is (= {:kind "Service", + :apiVersion "v1", + :metadata + {:name "test-io", + :namespace "test-io", + :labels {:app "test-io", :app.kubernetes.part-of "test-io-website"}}, + :spec + {:selector {:app "nginx"}, :ports [{:name "nginx-http", :port 80}]}} + (cut/generate-nginx-service {:issuer "staging" :build-cpu-request "500m" :build-cpu-limit "1700m" :build-memory-request "256Mi" @@ -118,17 +118,7 @@ :forgejo-repo "none", :branchname "mablain", :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) - (cut/generate-nginx-service {:issuer "staging" - :build-cpu-request "500m" - :build-cpu-limit "1700m" - :build-memory-request "256Mi" - :build-memory-limit "512Mi" - :volume-size "3" - :unique-name "test.org", - :forgejo-host "gitea.evilorg", - :forgejo-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) +))) (deftest should-generate-website-build-cron (is (= {:apiVersion "batch/v1", From 740bd021f2585be3938b1f8eebe96106c87484e2 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Tue, 27 Feb 2024 10:32:32 +0100 Subject: [PATCH 07/11] fix corn-job names --- .../c4k_website/website/website_internal.cljc | 30 +++++++++---------- .../resources/website/website-build-cron.yaml | 18 +++++++---- .../website/website_internal_test.cljc | 19 +++++++----- 3 files changed, 38 insertions(+), 29 deletions(-) diff --git a/src/main/cljc/dda/c4k_website/website/website_internal.cljc b/src/main/cljc/dda/c4k_website/website/website_internal.cljc index 4297b6f..3bf99cf 100644 --- a/src/main/cljc/dda/c4k_website/website/website_internal.cljc +++ b/src/main/cljc/dda/c4k_website/website/website_internal.cljc @@ -87,7 +87,6 @@ name (replace-dots-by-minus unique-name)] (-> (yaml/load-as-edn "website/nginx-deployment.yaml") - (assoc-in [:metadata :labels :app.kubernetes.part-of] name) (assoc-in [:metadata :namespace] name) (replace-all-matching-substrings-beginning-with "NAME" name) (cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request) @@ -120,6 +119,20 @@ (replace-all-matching-substrings-beginning-with "NAME" name)))) +(defn-spec generate-website-build-cron map? + [config websiteconfig?] + (let [{:keys [unique-name build-cpu-request build-cpu-limit build-memory-request + build-memory-limit]} config + name (replace-dots-by-minus unique-name)] + (-> + (yaml/load-as-edn "website/website-build-cron.yaml") + (replace-all-matching-substrings-beginning-with "NAME" name) + (cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request) + (cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit) + (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request) + (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit)))) + + (defn-spec generate-website-content-volume map? [config websiteconfig?] (let [{:keys [unique-name volume-size]} config @@ -141,21 +154,6 @@ (replace-all-matching-substrings-beginning-with "NAME" name)))) -(defn-spec generate-website-build-cron map? - [config websiteconfig?] - (let [{:keys [unique-name build-cpu-request build-cpu-limit build-memory-request - build-memory-limit]} config - name (replace-dots-by-minus unique-name)] - (-> - (yaml/load-as-edn "website/website-build-cron.yaml") - (assoc-in [:metadata :labels :app.kubernetes.part-of] name) - (replace-all-matching-substrings-beginning-with "NAME" name) - (cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request) - (cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit) - (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request) - (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit)))) - - ; TODO: Non-Secret-Parts should be config map (defn-spec generate-website-build-secret pred/map-or-seq? [config websiteconfig? diff --git a/src/main/resources/website/website-build-cron.yaml b/src/main/resources/website/website-build-cron.yaml index a811e19..ea26b3f 100644 --- a/src/main/resources/website/website-build-cron.yaml +++ b/src/main/resources/website/website-build-cron.yaml @@ -1,7 +1,8 @@ apiVersion: batch/v1 kind: CronJob metadata: - name: NAME-build-cron + name: build-cron + namespace: NAME labels: app.kubernetes.part-of: NAME-website spec: @@ -11,10 +12,15 @@ spec: jobTemplate: spec: template: + metadata: + namespace: NAME + labels: + app: build-cron + app.kubernetes.part-of: NAME-website spec: containers: - image: domaindrivenarchitecture/c4k-website-build - name: NAME-build-app + name: build-cron-container imagePullPolicy: IfNotPresent resources: requests: @@ -30,14 +36,14 @@ spec: volumeMounts: - name: content-volume mountPath: /var/www/html/website - - name: hashfile-volume + - name: hash-state-volume mountPath: /var/hashfile.d volumes: - name: content-volume persistentVolumeClaim: - claimName: NAME-content-volume - - name: hashfile-volume + claimName: content-volume + - name: hash-state-volume persistentVolumeClaim: - claimName: NAME-hashfile-volume + claimName: hash-state-volume restartPolicy: OnFailure \ No newline at end of file diff --git a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc index 307ec29..24a0414 100644 --- a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc +++ b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc @@ -123,8 +123,9 @@ (deftest should-generate-website-build-cron (is (= {:apiVersion "batch/v1", :kind "CronJob", - :metadata {:name "test-io-build-cron", - :labels {:app.kubernetes.part-of "test-io"}}, + :metadata {:name "build-cron", + :namespace "test-io", + :labels {:app.kubernetes.part-of "test-io-website"}}, :spec {:schedule "0/7 * * * *", :successfulJobsHistoryLimit 1, @@ -132,18 +133,22 @@ :jobTemplate {:spec {:template - {:spec + {:metadata + {:namespace "test-io", + :labels + {:app "build-cron", :app.kubernetes.part-of "test-io-website"}} + :spec {:containers [{:image "domaindrivenarchitecture/c4k-website-build", - :name "test-io-build-app", + :name "build-cron-container", :imagePullPolicy "IfNotPresent", :resources {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}}, :command ["/entrypoint.sh"], :envFrom [{:secretRef {:name "test-io-secret"}}], :volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"} - {:name "hashfile-volume", :mountPath "/var/hashfile.d"}]}], - :volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}} - {:name "hashfile-volume", :persistentVolumeClaim {:claimName "test-io-hashfile-volume"}}], + {:name "hash-state-volume", :mountPath "/var/hashfile.d"}]}], + :volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "content-volume"}} + {:name "hash-state-volume", :persistentVolumeClaim {:claimName "hash-state-volume"}}], :restartPolicy "OnFailure"}}}}}} (cut/generate-website-build-cron {:issuer "staging" :build-cpu-request "500m" From 3d5864f94472c454366ee9befa6f60eafeab52a0 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Tue, 27 Feb 2024 10:42:36 +0100 Subject: [PATCH 08/11] fix build-secret names --- .../c4k_website/website/website_internal.cljc | 45 ++++++++------- .../resources/website/nginx-deployment.yaml | 2 +- .../resources/website/website-build-cron.yaml | 2 +- .../website/website-build-secret.yaml | 3 +- .../website/website_internal_test.cljc | 56 +++++++++---------- 5 files changed, 52 insertions(+), 56 deletions(-) diff --git a/src/main/cljc/dda/c4k_website/website/website_internal.cljc b/src/main/cljc/dda/c4k_website/website/website_internal.cljc index 3bf99cf..2becb51 100644 --- a/src/main/cljc/dda/c4k_website/website/website_internal.cljc +++ b/src/main/cljc/dda/c4k_website/website/website_internal.cljc @@ -133,28 +133,6 @@ (cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit)))) -(defn-spec generate-website-content-volume map? - [config websiteconfig?] - (let [{:keys [unique-name volume-size]} config - name (replace-dots-by-minus unique-name)] - (-> - (yaml/load-as-edn "website/website-content-volume.yaml") - (assoc-in [:metadata :labels :app.kubernetes.part-of] name) - (replace-all-matching-substrings-beginning-with "NAME" name) - (cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi"))))) - - -(defn-spec generate-hashfile-volume map? - [config websiteconfig?] - (let [{:keys [unique-name]} config - name (replace-dots-by-minus unique-name)] - (-> - (yaml/load-as-edn "website/hashfile-volume.yaml") - (assoc-in [:metadata :labels :app.kubernetes.part-of] name) - (replace-all-matching-substrings-beginning-with "NAME" name)))) - - -; TODO: Non-Secret-Parts should be config map (defn-spec generate-website-build-secret pred/map-or-seq? [config websiteconfig? auth websiteauth?] @@ -167,7 +145,6 @@ name (replace-dots-by-minus unique-name)] (-> (yaml/load-as-edn "website/website-build-secret.yaml") - (assoc-in [:metadata :labels :app.kubernetes.part-of] name) (replace-all-matching-substrings-beginning-with "NAME" name) (cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken)) (cm/replace-all-matching-values-by-new-value "REPOURL" (b64/encode @@ -183,6 +160,28 @@ username)))))) +(defn-spec generate-website-content-volume map? + [config websiteconfig?] + (let [{:keys [unique-name volume-size]} config + name (replace-dots-by-minus unique-name)] + (-> + (yaml/load-as-edn "website/website-content-volume.yaml") + (assoc-in [:metadata :labels :app.kubernetes.part-of] name) + (replace-all-matching-substrings-beginning-with "NAME" name) + (cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi"))))) + + +; TODO: Non-Secret-Parts should be config map +(defn-spec generate-hashfile-volume map? + [config websiteconfig?] + (let [{:keys [unique-name]} config + name (replace-dots-by-minus unique-name)] + (-> + (yaml/load-as-edn "website/hashfile-volume.yaml") + (assoc-in [:metadata :labels :app.kubernetes.part-of] name) + (replace-all-matching-substrings-beginning-with "NAME" name)))) + + #?(:cljs (defmethod yaml/load-resource :website [resource-name] (get (inline-resources "website") resource-name))) diff --git a/src/main/resources/website/nginx-deployment.yaml b/src/main/resources/website/nginx-deployment.yaml index 640b156..03ae90d 100644 --- a/src/main/resources/website/nginx-deployment.yaml +++ b/src/main/resources/website/nginx-deployment.yaml @@ -46,7 +46,7 @@ spec: command: ["/entrypoint.sh"] envFrom: - secretRef: - name: secret + name: build-secret volumeMounts: - name: content-volume mountPath: /var/www/html/website diff --git a/src/main/resources/website/website-build-cron.yaml b/src/main/resources/website/website-build-cron.yaml index ea26b3f..afb5622 100644 --- a/src/main/resources/website/website-build-cron.yaml +++ b/src/main/resources/website/website-build-cron.yaml @@ -32,7 +32,7 @@ spec: command: ["/entrypoint.sh"] envFrom: - secretRef: - name: NAME-secret + name: build-secret volumeMounts: - name: content-volume mountPath: /var/www/html/website diff --git a/src/main/resources/website/website-build-secret.yaml b/src/main/resources/website/website-build-secret.yaml index f173d46..6bf7946 100644 --- a/src/main/resources/website/website-build-secret.yaml +++ b/src/main/resources/website/website-build-secret.yaml @@ -1,7 +1,8 @@ apiVersion: v1 kind: Secret metadata: - name: NAME-secret + name: build-secret + namespace: NAME labels: app.kubernetes.part-of: NAME-website data: diff --git a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc index 24a0414..b062915 100644 --- a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc +++ b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc @@ -144,7 +144,7 @@ :imagePullPolicy "IfNotPresent", :resources {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}}, :command ["/entrypoint.sh"], - :envFrom [{:secretRef {:name "test-io-secret"}}], + :envFrom [{:secretRef {:name "build-secret"}}], :volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"} {:name "hash-state-volume", :mountPath "/var/hashfile.d"}]}], :volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "content-volume"}} @@ -162,10 +162,13 @@ :branchname "main", :unique-name "test.io"})))) + (deftest should-generate-website-build-secret (is (= {:apiVersion "v1", :kind "Secret", - :metadata {:name "test-io-secret", :labels {:app.kubernetes.part-of "test-io"}}, + :metadata {:name "build-secret", + :namespace "test-io", + :labels {:app.kubernetes.part-of "test-io-website"}}, :data {:AUTHTOKEN "YWJlZGpnYmFzZG9kag==", :GITREPOURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vYXJjaGl2ZS9tYWluLnppcA==", @@ -186,34 +189,27 @@ :username "someuser"})))) (deftest should-generate-website-content-volume - (is (= {:name-c1 "test-io-content-volume", - :name-c2 "test-org-content-volume", - :app-c1 "test-io-nginx", - :app-c2 "test-org-nginx", - :app.kubernetes.part-of-c1 "test-io", - :app.kubernetes.part-of-c2 "test-org"} - (th/map-diff (cut/generate-website-content-volume {:issuer "staging" - :build-cpu-request "500m" - :build-cpu-limit "1700m" - :build-memory-request "256Mi" - :build-memory-limit "512Mi" - :volume-size "3" - :unique-name "test.io", - :forgejo-host "gitea.evilorg", - :forgejo-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) - (cut/generate-website-content-volume {:issuer "staging" - :build-cpu-request "500m" - :build-cpu-limit "1700m" - :build-memory-request "256Mi" - :build-memory-limit "512Mi" - :volume-size "3" - :unique-name "test.org", - :forgejo-host "gitea.evilorg", - :forgejo-repo "none", - :branchname "mablain", - :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))) + (is (= {:apiVersion "v1", + :kind "PersistentVolumeClaim", + :metadata + {:name "content-volume", + :namespace "test-io", + :labels {:app.kubernetes.part-of "test-io-website"}}, + :spec + {:storageClassName "local-path", + :accessModes ["ReadWriteOnce"], + :resources {:requests {:storage "3Gi"}}}} + (cut/generate-website-content-volume {:issuer "staging" + :build-cpu-request "500m" + :build-cpu-limit "1700m" + :build-memory-request "256Mi" + :build-memory-limit "512Mi" + :volume-size "3" + :unique-name "test.io", + :forgejo-host "gitea.evilorg", + :forgejo-repo "none", + :branchname "mablain", + :fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))) (deftest should-generate-hashfile-volume (is (= {:apiVersion "v1", From e785833304c09b45ab78c87a8b25273759203871 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Tue, 27 Feb 2024 10:45:36 +0100 Subject: [PATCH 09/11] fix content-pvc names --- src/main/cljc/dda/c4k_website/website/website_internal.cljc | 3 +-- .../{website-content-volume.yaml => content-pvc.yaml} | 5 ++--- 2 files changed, 3 insertions(+), 5 deletions(-) rename src/main/resources/website/{website-content-volume.yaml => content-pvc.yaml} (76%) diff --git a/src/main/cljc/dda/c4k_website/website/website_internal.cljc b/src/main/cljc/dda/c4k_website/website/website_internal.cljc index 2becb51..40a2ac5 100644 --- a/src/main/cljc/dda/c4k_website/website/website_internal.cljc +++ b/src/main/cljc/dda/c4k_website/website/website_internal.cljc @@ -165,8 +165,7 @@ (let [{:keys [unique-name volume-size]} config name (replace-dots-by-minus unique-name)] (-> - (yaml/load-as-edn "website/website-content-volume.yaml") - (assoc-in [:metadata :labels :app.kubernetes.part-of] name) + (yaml/load-as-edn "website/content-pvc.yaml") (replace-all-matching-substrings-beginning-with "NAME" name) (cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi"))))) diff --git a/src/main/resources/website/website-content-volume.yaml b/src/main/resources/website/content-pvc.yaml similarity index 76% rename from src/main/resources/website/website-content-volume.yaml rename to src/main/resources/website/content-pvc.yaml index 4e6f130..a524974 100644 --- a/src/main/resources/website/website-content-volume.yaml +++ b/src/main/resources/website/content-pvc.yaml @@ -1,10 +1,9 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: NAME-content-volume - namespace: default + name: content-volume + namespace: NAME labels: - app: NAME-nginx app.kubernetes.part-of: NAME-website spec: storageClassName: local-path From 68c4f02344af8060e8b3a9c8e68f14fcc51c7a05 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Tue, 27 Feb 2024 10:50:56 +0100 Subject: [PATCH 10/11] fix hash-state-pvc names --- .../dda/c4k_website/website/website_internal.cljc | 3 +-- .../{hashfile-volume.yaml => hash-state-pvc.yaml} | 5 ++--- .../c4k_website/website/website_internal_test.cljc | 11 ++++++----- 3 files changed, 9 insertions(+), 10 deletions(-) rename src/main/resources/website/{hashfile-volume.yaml => hash-state-pvc.yaml} (75%) diff --git a/src/main/cljc/dda/c4k_website/website/website_internal.cljc b/src/main/cljc/dda/c4k_website/website/website_internal.cljc index 40a2ac5..a4ee3bb 100644 --- a/src/main/cljc/dda/c4k_website/website/website_internal.cljc +++ b/src/main/cljc/dda/c4k_website/website/website_internal.cljc @@ -176,8 +176,7 @@ (let [{:keys [unique-name]} config name (replace-dots-by-minus unique-name)] (-> - (yaml/load-as-edn "website/hashfile-volume.yaml") - (assoc-in [:metadata :labels :app.kubernetes.part-of] name) + (yaml/load-as-edn "website/hash-state-pvc.yaml") (replace-all-matching-substrings-beginning-with "NAME" name)))) diff --git a/src/main/resources/website/hashfile-volume.yaml b/src/main/resources/website/hash-state-pvc.yaml similarity index 75% rename from src/main/resources/website/hashfile-volume.yaml rename to src/main/resources/website/hash-state-pvc.yaml index 99f35db..b0d3ecd 100644 --- a/src/main/resources/website/hashfile-volume.yaml +++ b/src/main/resources/website/hash-state-pvc.yaml @@ -1,10 +1,9 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: NAME-hashfile-volume - namespace: default + name: hash-state-volume + namespace: NAME labels: - app: NAME-nginx app.kubernetes.part-of: NAME-website spec: storageClassName: local-path diff --git a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc index b062915..f883a02 100644 --- a/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc +++ b/src/test/cljc/dda/c4k_website/website/website_internal_test.cljc @@ -3,7 +3,6 @@ #?(:clj [clojure.test :refer [deftest is are testing run-tests]] :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) [clojure.spec.test.alpha :as st] - [dda.c4k-common.test-helper :as th] [dda.c4k-website.website.website-internal :as cut])) (st/instrument `cut/generate-nginx-configmap) @@ -215,10 +214,12 @@ (is (= {:apiVersion "v1", :kind "PersistentVolumeClaim", :metadata - {:name "test-io-hashfile-volume", - :namespace "default", - :labels {:app "test-io-nginx", :app.kubernetes.part-of "test-io"}}, - :spec {:storageClassName "local-path", :accessModes ["ReadWriteOnce"], :resources {:requests {:storage "16Mi"}}}} + {:name "hash-state-volume", + :namespace "test-io", + :labels {:app.kubernetes.part-of "test-io-website"}}, + :spec {:storageClassName "local-path", + :accessModes ["ReadWriteOnce"], + :resources {:requests {:storage "16Mi"}}}} (cut/generate-hashfile-volume {:issuer "staging" :build-cpu-request "500m" :build-cpu-limit "1700m" From 6504668953629d69102630f250f7fed59e8335c7 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Tue, 27 Feb 2024 10:52:19 +0100 Subject: [PATCH 11/11] renamed resources --- src/main/cljc/dda/c4k_website/website/website_internal.cljc | 4 ++-- .../website/{website-build-cron.yaml => build-cron.yaml} | 0 .../website/{website-build-secret.yaml => build-secret.yaml} | 0 3 files changed, 2 insertions(+), 2 deletions(-) rename src/main/resources/website/{website-build-cron.yaml => build-cron.yaml} (100%) rename src/main/resources/website/{website-build-secret.yaml => build-secret.yaml} (100%) diff --git a/src/main/cljc/dda/c4k_website/website/website_internal.cljc b/src/main/cljc/dda/c4k_website/website/website_internal.cljc index a4ee3bb..6ee91f9 100644 --- a/src/main/cljc/dda/c4k_website/website/website_internal.cljc +++ b/src/main/cljc/dda/c4k_website/website/website_internal.cljc @@ -125,7 +125,7 @@ build-memory-limit]} config name (replace-dots-by-minus unique-name)] (-> - (yaml/load-as-edn "website/website-build-cron.yaml") + (yaml/load-as-edn "website/build-cron.yaml") (replace-all-matching-substrings-beginning-with "NAME" name) (cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request) (cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit) @@ -144,7 +144,7 @@ username]} auth name (replace-dots-by-minus unique-name)] (-> - (yaml/load-as-edn "website/website-build-secret.yaml") + (yaml/load-as-edn "website/build-secret.yaml") (replace-all-matching-substrings-beginning-with "NAME" name) (cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken)) (cm/replace-all-matching-values-by-new-value "REPOURL" (b64/encode diff --git a/src/main/resources/website/website-build-cron.yaml b/src/main/resources/website/build-cron.yaml similarity index 100% rename from src/main/resources/website/website-build-cron.yaml rename to src/main/resources/website/build-cron.yaml diff --git a/src/main/resources/website/website-build-secret.yaml b/src/main/resources/website/build-secret.yaml similarity index 100% rename from src/main/resources/website/website-build-secret.yaml rename to src/main/resources/website/build-secret.yaml