Merge branch 'split-config-and-auth-input' into 'main'

Do not merge config and auth

See merge request domaindrivenarchitecture/c4k-website!5
This commit is contained in:
Pat Dyn 2023-04-12 14:44:36 +00:00
commit f91269fb94
5 changed files with 169 additions and 161 deletions

View file

@ -67,7 +67,7 @@ git push --follow-tags
Open package.json again, increase version increment by one and add "-SNAPSHOT".
``` bash
git commit -am "version bump"
git commit -am "[Skip-CI] version bump"
git push
```

View file

@ -23,35 +23,45 @@
(def auth? (s/keys :req-un [::website/auth]
:opt-un [::mon-auth]))
(def merged-config-and-auth? (s/and website/config? website/auth?))
(defn-spec sort-config cp/map-or-seq?
[unsorted-config merged-config-and-auth?]
(let [sorted-websites (into [] (sort-by :unique-name (unsorted-config :websites)))
sorted-auth (into [] (sort-by :unique-name (unsorted-config :auth)))]
[unsorted-config config?]
(let [sorted-websites (into [] (sort-by :unique-name (unsorted-config :websites)))]
(-> unsorted-config
(assoc-in [:websites] sorted-websites)
(assoc-in [:websites] sorted-websites))))
(defn-spec sort-auth cp/map-or-seq?
[unsorted-auth auth?]
(let [sorted-auth (into [] (sort-by :unique-name (unsorted-auth :auth)))]
(-> unsorted-auth
(assoc-in [:auth] sorted-auth))))
(defn-spec flatten-and-reduce-config cp/map-or-seq?
[config merged-config-and-auth?]
(merge (-> config :websites first)
(-> config :auth first)
[config config?]
(let
[first-entry (first (:websites config))]
(conj first-entry
(when (contains? config :issuer)
{:issuer (config :issuer)})
(when (contains? config :volume-size)
{:volume-size (config :volume-size)})))
{:volume-size (config :volume-size)}))))
(defn generate-configs [config]
(defn-spec flatten-and-reduce-auth cp/map-or-seq?
[auth auth?]
(-> auth :auth first))
(defn generate-configs [config auth]
(loop [config (sort-config config)
auth (sort-auth auth)
result []]
(if (and (empty? (config :auth)) (empty? (config :websites)))
(if (and (empty? (config :websites)) (empty? (auth :auth)))
result
(recur (->
config
(assoc-in [:websites] (rest (config :websites)))
(assoc-in [:auth] (rest (config :auth))))
(assoc-in [:websites] (rest (config :websites))))
(->
auth
(assoc-in [:auth] (rest (auth :auth))))
(conj result
(website/generate-nginx-deployment (flatten-and-reduce-config config))
(website/generate-nginx-configmap (flatten-and-reduce-config config))
@ -61,7 +71,7 @@
(website/generate-website-ingress (flatten-and-reduce-config config))
(website/generate-website-certificate (flatten-and-reduce-config config))
(website/generate-website-build-cron (flatten-and-reduce-config config))
(website/generate-website-build-secret (flatten-and-reduce-config config)))))))
(website/generate-website-build-secret (flatten-and-reduce-config config) (flatten-and-reduce-auth auth)))))))
(defn-spec k8s-objects cp/map-or-seq?
[config config?
@ -71,6 +81,6 @@
(filter
#(not (nil? %))
(cm/concat-vec
(generate-configs (merge config auth))
(generate-configs config auth)
(when (:contains? config :mon-cfg)
(mon/generate (:mon-cfg config) (:mon-auth auth))))))))

View file

@ -32,7 +32,7 @@
(s/def ::build-cpu-limit string?)
(s/def ::build-memory-limit string?)
(def websitedata? (s/keys :req-un [::unique-name
(def websiteconfig? (s/keys :req-un [::unique-name
::fqdns
::gitea-host
::gitea-repo
@ -47,17 +47,10 @@
(def websiteauth? (s/keys :req-un [::unique-name ::username ::authtoken]))
(def flattened-and-reduced-config? (s/and websitedata? websiteauth?))
(s/def ::websites (s/coll-of websiteconfig?))
(s/def ::auth (s/coll-of websiteauth?))
(s/def ::websites (s/coll-of websitedata?))
(def auth? (s/keys :req-un [::auth]))
(def config? (s/keys :req-un [::websites]
:opt-un [::issuer ::volume-size]))
(defn-spec get-hash-from-sha256sum-output string?
[sha256sum-output string?]
(if (nil? sha256sum-output)
@ -116,7 +109,7 @@
(defn-spec replace-common-data pred/map-or-seq?
[resource-file string?
config flattened-and-reduced-config?]
config websiteconfig?]
(let [{:keys [unique-name]} config]
(->
(yaml/load-as-edn resource-file)
@ -125,7 +118,7 @@
(defn-spec replace-build-data pred/map-or-seq?
[resource-file string?
config flattened-and-reduced-config?]
config websiteconfig?]
(let [{:keys [sha256sum-output build-cpu-request build-cpu-limit build-memory-request build-memory-limit]
:or {build-cpu-request "500m" build-cpu-limit "1700m" build-memory-request "256Mi" build-memory-limit "512Mi"}} config]
(->
@ -149,26 +142,12 @@
"website/hashfile-volume.yaml" (rc/inline "website/hashfile-volume.yaml")
(throw (js/Error. "Undefined Resource!")))))
(defn-spec generate-website-ingress pred/map-or-seq?
[config flattened-and-reduced-config?]
(let [{:keys [unique-name fqdns]} config]
(ing/generate-ingress {:fqdns fqdns
:app-name (generate-app-name unique-name)
:ingress-name (generate-ingress-name unique-name)
:service-name (generate-service-name unique-name)
:service-port 80})))
(defn-spec generate-website-certificate pred/map-or-seq?
[config flattened-and-reduced-config?]
(let [{:keys [unique-name issuer fqdns]
:or {issuer "staging"}} config]
(ing/generate-certificate {:fqdns fqdns
:app-name (generate-app-name unique-name)
:cert-name (generate-cert-name unique-name)
:issuer issuer})))
(defn-spec generate-nginx-deployment pred/map-or-seq?
[config websiteconfig?]
(replace-build-data "website/nginx-deployment.yaml" config))
(defn-spec generate-nginx-configmap pred/map-or-seq?
[config flattened-and-reduced-config?]
[config websiteconfig?]
(let [{:keys [fqdns]} config]
(->
(replace-common-data "website/nginx-configmap.yaml" config)
@ -177,16 +156,12 @@
(str/replace
(-> % :data :website.conf) #"FQDN" (str (str/join " " fqdns) ";")))))))
(defn-spec generate-nginx-deployment pred/map-or-seq?
[config flattened-and-reduced-config?]
(replace-build-data "website/nginx-deployment.yaml" config))
(defn-spec generate-nginx-service pred/map-or-seq?
[config flattened-and-reduced-config?]
[config websiteconfig?]
(replace-common-data "website/nginx-service.yaml" config))
(defn-spec generate-website-content-volume pred/map-or-seq?
[config flattened-and-reduced-config?]
[config websiteconfig?]
(let [{:keys [volume-size]
:or {volume-size "3"}} config]
(->
@ -194,22 +169,42 @@
(cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi")))))
(defn-spec generate-hashfile-volume pred/map-or-seq?
[config flattened-and-reduced-config?]
[config websiteconfig?]
(replace-common-data "website/hashfile-volume.yaml" config))
(defn-spec generate-website-ingress pred/map-or-seq?
[config websiteconfig?]
(let [{:keys [unique-name fqdns]} config]
(ing/generate-ingress {:fqdns fqdns
:app-name (generate-app-name unique-name)
:ingress-name (generate-ingress-name unique-name)
:service-name (generate-service-name unique-name)
:service-port 80})))
(defn-spec generate-website-certificate pred/map-or-seq?
[config websiteconfig?]
(let [{:keys [unique-name issuer fqdns]
:or {issuer "staging"}} config]
(ing/generate-certificate {:fqdns fqdns
:app-name (generate-app-name unique-name)
:cert-name (generate-cert-name unique-name)
:issuer issuer})))
(defn-spec generate-website-build-cron pred/map-or-seq?
[config flattened-and-reduced-config?]
[config websiteconfig?]
(replace-build-data "website/website-build-cron.yaml" config))
(defn-spec generate-website-build-secret pred/map-or-seq?
[auth flattened-and-reduced-config?]
(let [{:keys [authtoken
gitea-host
[config websiteconfig?
auth websiteauth?]
(let [{:keys [gitea-host
gitea-repo
username
branchname]} auth]
branchname]} config
{:keys [authtoken
username]} auth]
(->
(replace-common-data "website/website-build-secret.yaml" auth)
(replace-common-data "website/website-build-secret.yaml" config)
(cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken))
(cm/replace-all-matching-values-by-new-value "REPOURL" (b64/encode
(generate-gitrepourl

View file

@ -19,7 +19,7 @@
(is (s/valid? cut/config? (yaml/load-as-edn "website-test/valid-config.yaml")))
(is (s/valid? cut/auth? (yaml/load-as-edn "website-test/valid-auth.yaml"))))
(def websites
(def websites1
{:websites
[{:unique-name "example.io"
:fqdns ["example.org", "www.example.com"]
@ -32,6 +32,19 @@
:gitea-repo "repo"
:branchname "main"}]})
(def websites2
{:websites
[{:unique-name "test.io"
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"]
:gitea-host "gitlab.de"
:gitea-repo "repo"
:branchname "main"}
{:unique-name "example.io"
:fqdns ["example.org", "www.example.com"]
:gitea-host "finegitehost.net"
:gitea-repo "repo"
:branchname "main"}]})
(def auth1
{:auth
[{:unique-name "example.io"
@ -55,14 +68,54 @@
:fqdns ["example.org" "www.example.com"],
:gitea-host "finegitehost.net",
:gitea-repo "repo",
:branchname "main",
:branchname "main"})
(def flattened-and-reduced-auth
{:unique-name "example.io",
:username "someuser",
:authtoken "abedjgbasdodj"})
(deftest sorts-config
(is (= {:issuer "staging",
:websites
[{:unique-name "example.io",
:fqdns ["example.org" "www.example.com"],
:gitea-host "finegitehost.net",
:gitea-repo "repo",
:branchname "main"},
{:unique-name "test.io",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:gitea-host "gitlab.de",
:gitea-repo "repo",
:branchname "main",
:sha256sum-output "123456789ab123cd345de script-file-name.sh"}],
:mon-cfg {:grafana-cloud-url "url-for-your-prom-remote-write-endpoint", :cluster-name "jitsi", :cluster-stage "test"}}
(cut/sort-config
{:issuer "staging",
:websites
[{:unique-name "test.io",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:gitea-host "gitlab.de",
:gitea-repo "repo",
:branchname "main",
:sha256sum-output "123456789ab123cd345de script-file-name.sh"}
{:unique-name "example.io",
:fqdns ["example.org" "www.example.com"],
:gitea-host "finegitehost.net",
:gitea-repo "repo",
:branchname "main"}],
:mon-cfg {:grafana-cloud-url "url-for-your-prom-remote-write-endpoint", :cluster-name "jitsi", :cluster-stage "test"}}))))
(deftest test-flatten-and-reduce-config
(is (=
(cut/flatten-and-reduce-config (cut/sort-config (merge websites auth1)))
flattened-and-reduced-config))
flattened-and-reduced-config
(cut/flatten-and-reduce-config (cut/sort-config websites1))))
(is (=
(cut/flatten-and-reduce-config (cut/sort-config (merge websites auth2)))
flattened-and-reduced-config)))
flattened-and-reduced-config
(cut/flatten-and-reduce-config (cut/sort-config websites2)))))
(deftest test-flatten-and-reduce-auth
(is (= flattened-and-reduced-auth
(cut/flatten-and-reduce-auth (cut/sort-auth auth1))))
(is (= flattened-and-reduced-auth
(cut/flatten-and-reduce-auth (cut/sort-auth auth2)))))

View file

@ -18,54 +18,25 @@
(st/instrument `cut/generate-website-build-cron)
(st/instrument `cut/generate-website-build-secret)
(deftest should-be-valid-website-auth-spec
(is (true? (s/valid? cut/auth? {:auth
[{:unique-name "test.io"
:username "someuser"
:authtoken "abedjgbasdodj"}
{:unique-name "example.io"
:username "someuser"
:authtoken "abedjgbasdodj"}]}))))
(deftest should-be-valid-website-conf-spec
(is (true? (s/valid? cut/config? {:issuer "staging"
:websites
[{:unique-name "test.io" ;
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"]
:gitea-host "gitlab.de"
:gitea-repo "repo"
:branchname "main"}
{:unique-name "example.io"
:fqdns ["example.org", "www.example.com"]
:gitea-host "finegitehost.net"
:gitea-repo "repo"
:branchname "main"}]}))))
(deftest should-generate-nginx-configmap-website
(is (= "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n server_name test.de www.test.de test-it.de www.test-it.de;\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; \n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n}\n"
(:website.conf (:data (cut/generate-nginx-configmap {:unique-name "test.io",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})))))
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))))
(is (= "types {\n text/html html htm shtml;\n text/css css;\n text/xml xml rss;\n image/gif gif;\n image/jpeg jpeg jpg;\n application/x-javascript js;\n text/plain txt;\n text/x-component htc;\n text/mathml mml;\n image/svg+xml svg svgz;\n image/png png;\n image/x-icon ico;\n image/x-jng jng;\n image/vnd.wap.wbmp wbmp;\n application/java-archive jar war ear;\n application/mac-binhex40 hqx;\n application/pdf pdf;\n application/x-cocoa cco;\n application/x-java-archive-diff jardiff;\n application/x-java-jnlp-file jnlp;\n application/x-makeself run;\n application/x-perl pl pm;\n application/x-pilot prc pdb;\n application/x-rar-compressed rar;\n application/x-redhat-package-manager rpm;\n application/x-sea sea;\n application/x-shockwave-flash swf;\n application/x-stuffit sit;\n application/x-tcl tcl tk;\n application/x-x509-ca-cert der pem crt;\n application/x-xpinstall xpi;\n application/zip zip;\n application/octet-stream deb;\n application/octet-stream bin exe dll;\n application/octet-stream dmg;\n application/octet-stream eot;\n application/octet-stream iso img;\n application/octet-stream msi msp msm;\n audio/mpeg mp3;\n audio/x-realaudio ra;\n video/mpeg mpeg mpg;\n video/quicktime mov;\n video/x-flv flv;\n video/x-msvideo avi;\n video/x-ms-wmv wmv;\n video/x-ms-asf asx asf;\n video/x-mng mng;\n}\n"
(:mime.types (:data (cut/generate-nginx-configmap {:unique-name "test.io",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})))))
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))))
(is (= "user nginx;\nworker_processes 3;\nerror_log /var/log/nginx/error.log;\npid /var/log/nginx/nginx.pid;\nworker_rlimit_nofile 8192;\nevents {\n worker_connections 4096;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n log_format main '$remote_addr - $remote_user [$time_local] $status'\n '\"$request\" $body_bytes_sent \"$http_referer\"'\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n access_log /var/log/nginx/access.log main;\n sendfile on;\n tcp_nopush on;\n keepalive_timeout 65;\n server_names_hash_bucket_size 128;\n include /etc/nginx/conf.d/website.conf;\n}\n"
(:nginx.conf (:data (cut/generate-nginx-configmap {:unique-name "test.io",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})))))
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))))
(is (= {:apiVersion "v1",
:kind "ConfigMap",
:metadata {:name "test-io-configmap",
@ -75,9 +46,7 @@
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"}) :data))))
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) :data))))
(deftest should-generate-nginx-deployment
(is (= {:apiVersion "apps/v1",
@ -119,9 +88,7 @@
{:name "log", :emptyDir {}}
{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}}
{:name "hashfile-volume", :persistentVolumeClaim {:claimName "test-io-hashfile-volume"}}]}}}}
(cut/generate-nginx-deployment {:authtoken "abedjgbasdodj",
:gitea-host "gitlab.de",
:username "someuser",
(cut/generate-nginx-deployment {:gitea-host "gitlab.de",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:gitea-repo "repo",
:sha256sum-output "123456789ab123cd345de script-file-name.sh",
@ -131,9 +98,7 @@
(deftest should-generate-resource-requests
(is (= {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}}
(-> (cut/generate-nginx-deployment {:authtoken "abedjgbasdodj",
:gitea-host "gitlab.de",
:username "someuser",
(-> (cut/generate-nginx-deployment {:gitea-host "gitlab.de",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:gitea-repo "repo",
:sha256sum-output "123456789ab123cd345de script-file-name.sh",
@ -142,9 +107,7 @@
:unique-name "test.io"})
:spec :template :spec :initContainers first :resources )))
(is (= {:requests {:cpu "1500m", :memory "512Mi"}, :limits {:cpu "3000m", :memory "1024Mi"}}
(-> (cut/generate-nginx-deployment {:authtoken "abedjgbasdodj",
:gitea-host "gitlab.de",
:username "someuser",
(-> (cut/generate-nginx-deployment {:gitea-host "gitlab.de",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:gitea-repo "repo",
:sha256sum-output "123456789ab123cd345de script-file-name.sh",
@ -168,16 +131,12 @@
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})
(cut/generate-nginx-service {:unique-name "test.org",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})))))
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))))
(deftest should-generate-website-build-cron
(is (= {:apiVersion "batch/v1",
@ -204,9 +163,7 @@
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}}
{:name "hashfile-volume", :persistentVolumeClaim {:claimName "test-io-hashfile-volume"}}],
:restartPolicy "OnFailure"}}}}}}
(cut/generate-website-build-cron {:authtoken "abedjgbasdodj",
:gitea-host "gitlab.de",
:username "someuser",
(cut/generate-website-build-cron {:gitea-host "gitlab.de",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:gitea-repo "repo",
:sha256sum-output "123456789ab123cd345de script-file-name.sh",
@ -214,8 +171,6 @@
:branchname "main",
:unique-name "test.io"}))))
(deftest should-generate-website-build-secret
(is (= {:apiVersion "v1",
:kind "Secret",
@ -224,15 +179,16 @@
{:AUTHTOKEN "YWJlZGpnYmFzZG9kag==",
:GITREPOURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vYXJjaGl2ZS9tYWluLnppcA==",
:GITCOMMITURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vZ2l0L2NvbW1pdHMvSEVBRA=="}}
(cut/generate-website-build-secret {:authtoken "abedjgbasdodj",
:gitea-host "gitlab.de",
:username "someuser",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
(cut/generate-website-build-secret {:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:gitea-repo "repo",
:sha256sum-output "123456789ab123cd345de script-file-name.sh",
:issuer "staging",
:branchname "main",
:unique-name "test.io"}))))
:unique-name "test.io",
:gitea-host "gitlab.de"}
{:unique-name "test.io",
:authtoken "abedjgbasdodj",
:username "someuser"}))))
(deftest should-generate-website-content-volume
(is (= {:name-c1 "test-io-content-volume",
@ -245,16 +201,12 @@
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})
(cut/generate-website-content-volume {:unique-name "test.org",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})))))
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))))
(deftest should-generate-hashfile-volume
(is (= {:apiVersion "v1",
@ -268,6 +220,4 @@
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"}))))
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))