feature/introduce-redirects (#4)

Reviewed-on: #4
This commit is contained in:
jem 2024-02-28 09:29:10 +00:00
commit ac57564e0f
8 changed files with 223 additions and 153 deletions

View file

@ -27,7 +27,7 @@
"js-yaml": "^4.0.0"
},
"devDependencies": {
"shadow-cljs": "^2.11.18",
"shadow-cljs": "^2.27.4",
"source-map-support": "^0.5.21"
}
}

View file

@ -5,7 +5,7 @@
:url "https://www.apache.org/licenses/LICENSE-2.0.html"}
:dependencies [[org.clojure/clojure "1.11.1"]
[org.clojure/tools.reader "1.4.0"]
[org.domaindrivenarchitecture/c4k-common-clj "6.1.4-SNAPSHOT"]
[org.domaindrivenarchitecture/c4k-common-clj "6.2.1"]
[hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]]
:target-path "target/%s/"
:source-paths ["src/main/cljc"

View file

@ -4,7 +4,7 @@
"src/test/cljc"
"src/test/cljs"
"src/test/resources"]
:dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "6.1.3"]
:dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "6.2.1"]
[hickory "0.7.1"]]
:builds {:frontend {:target :browser
:modules {:main {:init-fn dda.c4k-website.browser/init}}

View file

@ -67,10 +67,10 @@
[(website/generate-nginx-deployment (flatten-and-reduce-config config))
(website/generate-nginx-configmap (flatten-and-reduce-config config))
(website/generate-nginx-service (flatten-and-reduce-config config))
(website/generate-website-content-volume (flatten-and-reduce-config config))
(website/generate-hashfile-volume (flatten-and-reduce-config config))
(website/generate-website-build-cron (flatten-and-reduce-config config))
(website/generate-website-build-secret (flatten-and-reduce-config config)
(website/generate-content-pvc (flatten-and-reduce-config config))
(website/generate-hash-state-pvc (flatten-and-reduce-config config))
(website/generate-build-cron (flatten-and-reduce-config config))
(website/generate-build-secret (flatten-and-reduce-config config)
(flatten-and-reduce-auth auth))]
(website/generate-ingress (flatten-and-reduce-config config))
)))))

View file

@ -40,7 +40,8 @@
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"})
:volume-size "3"
:redirects []})
(defn-spec generate-nginx-deployment map?
[config websiteconfig?]
@ -63,32 +64,32 @@
(int/generate-nginx-service final-config)))
(defn-spec generate-website-content-volume map?
(defn-spec generate-content-pvc map?
[config websiteconfig?]
(let [final-config (merge config-defaults
config)]
(int/generate-website-content-volume final-config)))
(int/generate-content-pvc final-config)))
(defn-spec generate-hashfile-volume map?
(defn-spec generate-hash-state-pvc map?
[config websiteconfig?]
(let [final-config (merge config-defaults
config)]
(int/generate-hashfile-volume final-config)))
(int/generate-hash-state-pvc final-config)))
(defn-spec generate-website-build-cron map?
(defn-spec generate-build-cron map?
[config websiteconfig?]
(let [final-config (merge config-defaults
config)]
(int/generate-website-build-cron final-config)))
(int/generate-build-cron final-config)))
(defn-spec generate-website-build-secret map?
(defn-spec generate-build-secret map?
[config websiteconfig?
auth websiteauth?]
(let [final-config (merge config-defaults
config)]
(int/generate-website-build-secret final-config auth)))
(int/generate-build-secret final-config auth)))
(defn-spec generate-namespcae seq?
[config websiteconfig?]

View file

@ -8,8 +8,7 @@
[dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm]
[dda.c4k-common.base64 :as b64]
[dda.c4k-common.predicate :as pred]
[dda.c4k-common.ingress :as ing]))
[dda.c4k-common.predicate :as pred]))
(defn fqdn-list?
[input]
@ -28,6 +27,9 @@
(s/def ::build-memory-request string?)
(s/def ::build-cpu-limit string?)
(s/def ::build-memory-limit string?)
(s/def ::redirect (s/tuple string? string?))
(s/def ::redirects (s/coll-of ::redirect))
(def websiteconfig? (s/keys :req-un [::unique-name
::fqdns
@ -39,7 +41,8 @@
::build-cpu-request
::build-cpu-limit
::build-memory-request
::build-memory-limit]))
::build-memory-limit
::redirects]))
(def websiteauth? (s/keys :req-un [::unique-name ::username ::authtoken]))
@ -70,8 +73,9 @@
user string?]
(str "https://" host "/api/v1/repos/" user "/" repo "/git/" "commits/" "HEAD"))
(defn-spec replace-all-matching-substrings-beginning-with pred/map-or-seq?
[col pred/map-or-seq?
(defn-spec replace-all-matching-prefixes map?
[col map?
value-to-partly-match string?
value-to-inplace string?]
(clojure.walk/postwalk #(if (and (= (type value-to-partly-match) (type %))
@ -80,19 +84,15 @@
col))
(defn-spec generate-nginx-deployment map?
[config websiteconfig?]
(let [{:keys [unique-name build-cpu-request build-cpu-limit
build-memory-request build-memory-limit]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/nginx-deployment.yaml")
(assoc-in [:metadata :namespace] name)
(replace-all-matching-substrings-beginning-with "NAME" name)
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request)
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit)
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request)
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit))))
(defn-spec generate-redirects string?
[config websiteconfig?
indent (s/or :pos pos-int? :zero zero?)]
(let [{:keys [redirects]} config]
(str/join
(str "\n" (str/join (take indent (repeat " "))))
(map
#(str "rewrite ^" (first %1) "\\$ " (second %1) " permanent;")
redirects))))
(defn-spec generate-nginx-configmap map?
@ -101,39 +101,20 @@
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/nginx-configmap.yaml")
(assoc-in [:metadata :namespace] name)
(replace-all-matching-substrings-beginning-with "NAME" name)
(#(assoc-in %
[:data :website.conf]
(replace-all-matching-prefixes "NAME" name)
(#(assoc-in % [:data :website.conf]
(str/replace
(-> % :data :website.conf) #"FQDN" (str (str/join " " fqdns) ";")))))))
(-> % :data :website.conf)
#"FQDN"
(str (str/join " " fqdns) ";"))))
(#(assoc-in % [:data :website.conf]
(str/replace
(-> % :data :website.conf)
#"REDIRECTS"
(generate-redirects config 2)))))))
(defn-spec generate-nginx-service map?
[config websiteconfig?]
(let [{:keys [unique-name]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/nginx-service.yaml")
(assoc-in [:metadata :namespace] name)
(replace-all-matching-substrings-beginning-with "NAME" name))))
(defn-spec generate-website-build-cron map?
[config websiteconfig?]
(let [{:keys [unique-name build-cpu-request build-cpu-limit build-memory-request
build-memory-limit]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/build-cron.yaml")
(replace-all-matching-substrings-beginning-with "NAME" name)
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request)
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit)
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request)
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit))))
(defn-spec generate-website-build-secret pred/map-or-seq?
(defn-spec generate-build-secret pred/map-or-seq?
[config websiteconfig?
auth websiteauth?]
(let [{:keys [unique-name
@ -145,7 +126,7 @@
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/build-secret.yaml")
(replace-all-matching-substrings-beginning-with "NAME" name)
(replace-all-matching-prefixes "NAME" name)
(cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken))
(cm/replace-all-matching-values-by-new-value "REPOURL" (b64/encode
(generate-gitrepourl
@ -160,24 +141,63 @@
username))))))
(defn-spec generate-website-content-volume map?
(defn-spec generate-content-pvc map?
[config websiteconfig?]
(let [{:keys [unique-name volume-size]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/content-pvc.yaml")
(replace-all-matching-substrings-beginning-with "NAME" name)
(replace-all-matching-prefixes "NAME" name)
(cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi")))))
; TODO: Non-Secret-Parts should be config map
(defn-spec generate-hashfile-volume map?
(defn-spec generate-hash-state-pvc map?
[config websiteconfig?]
(let [{:keys [unique-name]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/hash-state-pvc.yaml")
(replace-all-matching-substrings-beginning-with "NAME" name))))
(replace-all-matching-prefixes "NAME" name))))
(defn-spec generate-nginx-deployment map?
[config websiteconfig?]
(let [{:keys [unique-name build-cpu-request build-cpu-limit
build-memory-request build-memory-limit]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/nginx-deployment.yaml")
(assoc-in [:metadata :namespace] name)
(replace-all-matching-prefixes "NAME" name)
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request)
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit)
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request)
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit))))
(defn-spec generate-build-cron map?
[config websiteconfig?]
(let [{:keys [unique-name build-cpu-request build-cpu-limit build-memory-request
build-memory-limit]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/build-cron.yaml")
(replace-all-matching-prefixes "NAME" name)
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request)
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit)
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request)
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit))))
(defn-spec generate-nginx-service map?
[config websiteconfig?]
(let [{:keys [unique-name]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/nginx-service.yaml")
(assoc-in [:metadata :namespace] name)
(replace-all-matching-prefixes "NAME" name))))
#?(:cljs

View file

@ -2,7 +2,7 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: etc-nginx
namespace: default
namespace: NAME
labels:
app.kubernetes.part-of: NAME-website
data:
@ -93,5 +93,7 @@ data:
location / {
try_files $uri $uri/ /index.html =404;
}
# redirects
REDIRECTS
}

View file

@ -5,14 +5,49 @@
[clojure.spec.test.alpha :as st]
[dda.c4k-website.website.website-internal :as cut]))
(st/instrument `cut/replace-dots-by-minus)
(st/instrument `cut/generate-gitrepourl)
(st/instrument `cut/generate-gitcommiturl)
(st/instrument `cut/replace-all-matching-prefixes)
(st/instrument `cut/generate-redirects)
(st/instrument `cut/generate-nginx-configmap)
(st/instrument `cut/generate-build-secret)
(st/instrument `cut/generate-content-pvc)
(st/instrument `cut/generate-hash-state-pvc)
(st/instrument `cut/generate-build-cron)
(st/instrument `cut/generate-nginx-service)
(st/instrument `cut/generate-website-content-volume)
(st/instrument `cut/generate-hashfile-volume)
(st/instrument `cut/generate-website-ingress)
(st/instrument `cut/generate-website-certificate)
(st/instrument `cut/generate-website-build-cron)
(st/instrument `cut/generate-website-build-secret)
(deftest should-generate-redirects
(is (= "rewrite ^/products.html\\$ /offer.html permanent;\n rewrite ^/one-more\\$ /redirect permanent;"
(cut/generate-redirects {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [["/products.html", "/offer.html"]
["/one-more", "/redirect"]]
:forgejo-host "gitea.evilorg",
:forgejo-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}
2)))
(is (= ""
(cut/generate-redirects {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects []
:forgejo-host "gitea.evilorg",
:forgejo-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}
0))))
(deftest should-generate-resource-requests
(is (= {:requests {:cpu "1500m", :memory "512Mi"}, :limits {:cpu "3000m", :memory "1024Mi"}}
@ -21,7 +56,8 @@
:forgejo-repo "repo",
:issuer "staging",
:branchname "main",
:unique-name "test.io"
:unique-name "test.io",
:redirects [],
:build-cpu-request "1500m"
:build-cpu-limit "3000m"
:build-memory-request "512Mi"
@ -34,7 +70,8 @@
:forgejo-repo "repo",
:issuer "staging",
:branchname "main",
:unique-name "test.io"
:unique-name "test.io",
:redirects [],
:build-cpu-request "1500m"
:build-cpu-limit "3000m"
:build-memory-request "512Mi"
@ -42,9 +79,8 @@
:volume-size 3})
:metadata :namespace))))
(deftest should-generate-nginx-configmap-website
(is (= "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n server_name test.de www.test.de test-it.de www.test-it.de;\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; \n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n}\n"
#?(:clj (deftest should-generate-nginx-configmap-website
(is (= "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n server_name test.de www.test.de test-it.de www.test-it.de;\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; \n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n # redirects\n rewrite ^/products.html$ /offer.html permanent;\n rewrite ^/one-more$ /redirect permanent;\n}\n"
(:website.conf (:data (cut/generate-nginx-configmap {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
@ -52,6 +88,8 @@
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [["/products.html", "/offer.html"]
["/one-more", "/redirect"]]
:forgejo-host "gitea.evilorg",
:forgejo-repo "none",
:branchname "mablain",
@ -64,6 +102,7 @@
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [],
:forgejo-host "gitea.evilorg",
:forgejo-repo "none",
:branchname "mablain",
@ -76,6 +115,7 @@
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [],
:forgejo-host "gitea.evilorg",
:forgejo-repo "none",
:branchname "mablain",
@ -92,10 +132,11 @@
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [],
:forgejo-host "gitea.evilorg",
:forgejo-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) :data))))
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) :data)))))
(deftest should-generate-nginx-service
(is (= {:kind "Service",
@ -113,13 +154,15 @@
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [],
:forgejo-host "gitea.evilorg",
:forgejo-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})
)))
(deftest should-generate-website-build-cron
(deftest should-generate-build-cron
(is (= {:apiVersion "batch/v1",
:kind "CronJob",
:metadata {:name "build-cron",
@ -149,7 +192,7 @@
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "content-volume"}}
{:name "hash-state-volume", :persistentVolumeClaim {:claimName "hash-state-volume"}}],
:restartPolicy "OnFailure"}}}}}}
(cut/generate-website-build-cron {:issuer "staging"
(cut/generate-build-cron {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
@ -159,10 +202,10 @@
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:forgejo-repo "repo",
:branchname "main",
:unique-name "test.io"}))))
:unique-name "test.io",
:redirects [],}))))
(deftest should-generate-website-build-secret
(deftest should-generate-build-secret
(is (= {:apiVersion "v1",
:kind "Secret",
:metadata {:name "build-secret",
@ -172,11 +215,12 @@
{:AUTHTOKEN "YWJlZGpnYmFzZG9kag==",
:GITREPOURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vYXJjaGl2ZS9tYWluLnppcA==",
:GITCOMMITURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vZ2l0L2NvbW1pdHMvSEVBRA=="}}
(cut/generate-website-build-secret {:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
(cut/generate-build-secret {:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:forgejo-repo "repo",
:issuer "staging",
:branchname "main",
:unique-name "test.io",
:redirects [],
:forgejo-host "gitlab.de"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
@ -187,7 +231,7 @@
:authtoken "abedjgbasdodj",
:username "someuser"}))))
(deftest should-generate-website-content-volume
(deftest should-generate-content-pvc
(is (= {:apiVersion "v1",
:kind "PersistentVolumeClaim",
:metadata
@ -198,19 +242,21 @@
{:storageClassName "local-path",
:accessModes ["ReadWriteOnce"],
:resources {:requests {:storage "3Gi"}}}}
(cut/generate-website-content-volume {:issuer "staging"
(cut/generate-content-pvc {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [],
:forgejo-host "gitea.evilorg",
:forgejo-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))
(deftest should-generate-hashfile-volume
(deftest should-generate-hash-state-pvc
(is (= {:apiVersion "v1",
:kind "PersistentVolumeClaim",
:metadata
@ -220,13 +266,14 @@
:spec {:storageClassName "local-path",
:accessModes ["ReadWriteOnce"],
:resources {:requests {:storage "16Mi"}}}}
(cut/generate-hashfile-volume {:issuer "staging"
(cut/generate-hash-state-pvc {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [],
:forgejo-host "gitea.evilorg",
:forgejo-repo "none",
:branchname "mablain",