Compare commits
8 commits
5d3621f6f8
...
6504668953
Author | SHA1 | Date | |
---|---|---|---|
6504668953 | |||
68c4f02344 | |||
e785833304 | |||
3d5864f944 | |||
740bd021f2 | |||
53fc7a990d | |||
1790487d6e | |||
3257d332dc |
9 changed files with 110 additions and 120 deletions
|
@ -87,7 +87,6 @@
|
|||
name (replace-dots-by-minus unique-name)]
|
||||
(->
|
||||
(yaml/load-as-edn "website/nginx-deployment.yaml")
|
||||
(assoc-in [:metadata :labels :app.kubernetes.part-of] name)
|
||||
(assoc-in [:metadata :namespace] name)
|
||||
(replace-all-matching-substrings-beginning-with "NAME" name)
|
||||
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request)
|
||||
|
@ -102,7 +101,6 @@
|
|||
name (replace-dots-by-minus unique-name)]
|
||||
(->
|
||||
(yaml/load-as-edn "website/nginx-configmap.yaml")
|
||||
(assoc-in [:metadata :labels :app.kubernetes.part-of] name)
|
||||
(assoc-in [:metadata :namespace] name)
|
||||
(replace-all-matching-substrings-beginning-with "NAME" name)
|
||||
(#(assoc-in %
|
||||
|
@ -117,48 +115,24 @@
|
|||
name (replace-dots-by-minus unique-name)]
|
||||
(->
|
||||
(yaml/load-as-edn "website/nginx-service.yaml")
|
||||
(assoc-in [:metadata :labels :app.kubernetes.part-of] name)
|
||||
(assoc-in [:metadata :namespace] name)
|
||||
(replace-all-matching-substrings-beginning-with "NAME" name))))
|
||||
|
||||
|
||||
(defn-spec generate-website-content-volume map?
|
||||
[config websiteconfig?]
|
||||
(let [{:keys [unique-name volume-size]} config
|
||||
name (replace-dots-by-minus unique-name)]
|
||||
(->
|
||||
(yaml/load-as-edn "website/website-content-volume.yaml")
|
||||
(assoc-in [:metadata :labels :app.kubernetes.part-of] name)
|
||||
(replace-all-matching-substrings-beginning-with "NAME" name)
|
||||
(cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi")))))
|
||||
|
||||
|
||||
(defn-spec generate-hashfile-volume map?
|
||||
[config websiteconfig?]
|
||||
(let [{:keys [unique-name]} config
|
||||
name (replace-dots-by-minus unique-name)]
|
||||
(->
|
||||
(yaml/load-as-edn "website/hashfile-volume.yaml")
|
||||
(assoc-in [:metadata :labels :app.kubernetes.part-of] name)
|
||||
(replace-all-matching-substrings-beginning-with "NAME" name))))
|
||||
|
||||
|
||||
(defn-spec generate-website-build-cron map?
|
||||
[config websiteconfig?]
|
||||
(let [{:keys [unique-name build-cpu-request build-cpu-limit build-memory-request
|
||||
build-memory-limit]} config
|
||||
name (replace-dots-by-minus unique-name)]
|
||||
(->
|
||||
(yaml/load-as-edn "website/website-build-cron.yaml")
|
||||
(assoc-in [:metadata :labels :app.kubernetes.part-of] name)
|
||||
(replace-all-matching-substrings-beginning-with "NAME" name)
|
||||
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request)
|
||||
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit)
|
||||
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request)
|
||||
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit))))
|
||||
name (replace-dots-by-minus unique-name)]
|
||||
(->
|
||||
(yaml/load-as-edn "website/build-cron.yaml")
|
||||
(replace-all-matching-substrings-beginning-with "NAME" name)
|
||||
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request)
|
||||
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit)
|
||||
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request)
|
||||
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit))))
|
||||
|
||||
|
||||
; TODO: Non-Secret-Parts should be config map
|
||||
(defn-spec generate-website-build-secret pred/map-or-seq?
|
||||
[config websiteconfig?
|
||||
auth websiteauth?]
|
||||
|
@ -170,8 +144,7 @@
|
|||
username]} auth
|
||||
name (replace-dots-by-minus unique-name)]
|
||||
(->
|
||||
(yaml/load-as-edn "website/website-build-secret.yaml")
|
||||
(assoc-in [:metadata :labels :app.kubernetes.part-of] name)
|
||||
(yaml/load-as-edn "website/build-secret.yaml")
|
||||
(replace-all-matching-substrings-beginning-with "NAME" name)
|
||||
(cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken))
|
||||
(cm/replace-all-matching-values-by-new-value "REPOURL" (b64/encode
|
||||
|
@ -187,6 +160,26 @@
|
|||
username))))))
|
||||
|
||||
|
||||
(defn-spec generate-website-content-volume map?
|
||||
[config websiteconfig?]
|
||||
(let [{:keys [unique-name volume-size]} config
|
||||
name (replace-dots-by-minus unique-name)]
|
||||
(->
|
||||
(yaml/load-as-edn "website/content-pvc.yaml")
|
||||
(replace-all-matching-substrings-beginning-with "NAME" name)
|
||||
(cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi")))))
|
||||
|
||||
|
||||
; TODO: Non-Secret-Parts should be config map
|
||||
(defn-spec generate-hashfile-volume map?
|
||||
[config websiteconfig?]
|
||||
(let [{:keys [unique-name]} config
|
||||
name (replace-dots-by-minus unique-name)]
|
||||
(->
|
||||
(yaml/load-as-edn "website/hash-state-pvc.yaml")
|
||||
(replace-all-matching-substrings-beginning-with "NAME" name))))
|
||||
|
||||
|
||||
#?(:cljs
|
||||
(defmethod yaml/load-resource :website [resource-name]
|
||||
(get (inline-resources "website") resource-name)))
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
apiVersion: batch/v1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: NAME-build-cron
|
||||
name: build-cron
|
||||
namespace: NAME
|
||||
labels:
|
||||
app.kubernetes.part-of: NAME-website
|
||||
spec:
|
||||
|
@ -11,10 +12,15 @@ spec:
|
|||
jobTemplate:
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
namespace: NAME
|
||||
labels:
|
||||
app: build-cron
|
||||
app.kubernetes.part-of: NAME-website
|
||||
spec:
|
||||
containers:
|
||||
- image: domaindrivenarchitecture/c4k-website-build
|
||||
name: NAME-build-app
|
||||
name: build-cron-container
|
||||
imagePullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
|
@ -26,18 +32,18 @@ spec:
|
|||
command: ["/entrypoint.sh"]
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: NAME-secret
|
||||
name: build-secret
|
||||
volumeMounts:
|
||||
- name: content-volume
|
||||
mountPath: /var/www/html/website
|
||||
- name: hashfile-volume
|
||||
- name: hash-state-volume
|
||||
mountPath: /var/hashfile.d
|
||||
volumes:
|
||||
- name: content-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: NAME-content-volume
|
||||
- name: hashfile-volume
|
||||
claimName: content-volume
|
||||
- name: hash-state-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: NAME-hashfile-volume
|
||||
claimName: hash-state-volume
|
||||
restartPolicy: OnFailure
|
||||
|
|
@ -1,7 +1,8 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: NAME-secret
|
||||
name: build-secret
|
||||
namespace: NAME
|
||||
labels:
|
||||
app.kubernetes.part-of: NAME-website
|
||||
data:
|
|
@ -1,10 +1,9 @@
|
|||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: NAME-content-volume
|
||||
namespace: default
|
||||
name: content-volume
|
||||
namespace: NAME
|
||||
labels:
|
||||
app: NAME-nginx
|
||||
app.kubernetes.part-of: NAME-website
|
||||
spec:
|
||||
storageClassName: local-path
|
|
@ -1,10 +1,9 @@
|
|||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: NAME-hashfile-volume
|
||||
namespace: default
|
||||
name: hash-state-volume
|
||||
namespace: NAME
|
||||
labels:
|
||||
app: NAME-nginx
|
||||
app.kubernetes.part-of: NAME-website
|
||||
spec:
|
||||
storageClassName: local-path
|
|
@ -9,7 +9,7 @@ data:
|
|||
nginx.conf: |
|
||||
user nginx;
|
||||
worker_processes 3;
|
||||
error_log /var/log/nginx/error.log;
|
||||
error_log stdout info;
|
||||
pid /var/log/nginx/nginx.pid;
|
||||
worker_rlimit_nofile 8192;
|
||||
events {
|
||||
|
@ -21,7 +21,7 @@ data:
|
|||
log_format main '$remote_addr - $remote_user [$time_local] $status'
|
||||
'"$request" $body_bytes_sent "$http_referer"'
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
access_log /var/log/nginx/access.log main;
|
||||
access_log stdout main;
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
keepalive_timeout 65;
|
||||
|
|
|
@ -46,7 +46,7 @@ spec:
|
|||
command: ["/entrypoint.sh"]
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: secret
|
||||
name: build-secret
|
||||
volumeMounts:
|
||||
- name: content-volume
|
||||
mountPath: /var/www/html/website
|
||||
|
|
|
@ -5,10 +5,10 @@ metadata:
|
|||
namespace: default
|
||||
labels:
|
||||
app: NAME
|
||||
app.kubernetes.part-of: NAME
|
||||
app.kubernetes.part-of: NAME-website
|
||||
spec:
|
||||
selector:
|
||||
app: NAME
|
||||
app: nginx
|
||||
ports:
|
||||
- name: nginx-http
|
||||
port: 80
|
||||
|
|
|
@ -3,7 +3,6 @@
|
|||
#?(:clj [clojure.test :refer [deftest is are testing run-tests]]
|
||||
:cljs [cljs.test :refer-macros [deftest is are testing run-tests]])
|
||||
[clojure.spec.test.alpha :as st]
|
||||
[dda.c4k-common.test-helper :as th]
|
||||
[dda.c4k-website.website.website-internal :as cut]))
|
||||
|
||||
(st/instrument `cut/generate-nginx-configmap)
|
||||
|
@ -69,7 +68,7 @@
|
|||
:forgejo-repo "none",
|
||||
:branchname "mablain",
|
||||
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))))
|
||||
(is (= "user nginx;\nworker_processes 3;\nerror_log /var/log/nginx/error.log;\npid /var/log/nginx/nginx.pid;\nworker_rlimit_nofile 8192;\nevents {\n worker_connections 4096;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n log_format main '$remote_addr - $remote_user [$time_local] $status'\n '\"$request\" $body_bytes_sent \"$http_referer\"'\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n access_log /var/log/nginx/access.log main;\n sendfile on;\n tcp_nopush on;\n keepalive_timeout 65;\n server_names_hash_bucket_size 128;\n include /etc/nginx/conf.d/website.conf;\n}\n"
|
||||
(is (= "user nginx;\nworker_processes 3;\nerror_log stdout info;\npid /var/log/nginx/nginx.pid;\nworker_rlimit_nofile 8192;\nevents {\n worker_connections 4096;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n log_format main '$remote_addr - $remote_user [$time_local] $status'\n '\"$request\" $body_bytes_sent \"$http_referer\"'\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n access_log stdout main;\n sendfile on;\n tcp_nopush on;\n keepalive_timeout 65;\n server_names_hash_bucket_size 128;\n include /etc/nginx/conf.d/website.conf;\n}\n"
|
||||
(:nginx.conf (:data (cut/generate-nginx-configmap {:issuer "staging"
|
||||
:build-cpu-request "500m"
|
||||
:build-cpu-limit "1700m"
|
||||
|
@ -83,9 +82,9 @@
|
|||
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))))
|
||||
(is (= {:apiVersion "v1",
|
||||
:kind "ConfigMap",
|
||||
:metadata {:labels {:app.kubernetes.part-of "test-io"},
|
||||
:metadata {:labels {:app.kubernetes.part-of "test-io-website"},
|
||||
:namespace "test-io",
|
||||
:name "etc-ngingx"}}
|
||||
:name "etc-nginx"}}
|
||||
(dissoc (cut/generate-nginx-configmap {:issuer "staging"
|
||||
:build-cpu-request "500m"
|
||||
:build-cpu-limit "1700m"
|
||||
|
@ -99,15 +98,15 @@
|
|||
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}) :data))))
|
||||
|
||||
(deftest should-generate-nginx-service
|
||||
(is (= {:name-c1 "test-io",
|
||||
:name-c2 "test-org",
|
||||
:app-c1 "test-io",
|
||||
:app-c2 "test-org",
|
||||
:app.kubernetes.part-of-c1 "test-io",
|
||||
:app.kubernetes.part-of-c2 "test-org"
|
||||
:namespace-c1 "test-io",
|
||||
:namespace-c2 "test-org"}
|
||||
(th/map-diff (cut/generate-nginx-service {:issuer "staging"
|
||||
(is (= {:kind "Service",
|
||||
:apiVersion "v1",
|
||||
:metadata
|
||||
{:name "test-io",
|
||||
:namespace "test-io",
|
||||
:labels {:app "test-io", :app.kubernetes.part-of "test-io-website"}},
|
||||
:spec
|
||||
{:selector {:app "nginx"}, :ports [{:name "nginx-http", :port 80}]}}
|
||||
(cut/generate-nginx-service {:issuer "staging"
|
||||
:build-cpu-request "500m"
|
||||
:build-cpu-limit "1700m"
|
||||
:build-memory-request "256Mi"
|
||||
|
@ -118,23 +117,14 @@
|
|||
:forgejo-repo "none",
|
||||
:branchname "mablain",
|
||||
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})
|
||||
(cut/generate-nginx-service {:issuer "staging"
|
||||
:build-cpu-request "500m"
|
||||
:build-cpu-limit "1700m"
|
||||
:build-memory-request "256Mi"
|
||||
:build-memory-limit "512Mi"
|
||||
:volume-size "3"
|
||||
:unique-name "test.org",
|
||||
:forgejo-host "gitea.evilorg",
|
||||
:forgejo-repo "none",
|
||||
:branchname "mablain",
|
||||
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))))
|
||||
)))
|
||||
|
||||
(deftest should-generate-website-build-cron
|
||||
(is (= {:apiVersion "batch/v1",
|
||||
:kind "CronJob",
|
||||
:metadata {:name "test-io-build-cron",
|
||||
:labels {:app.kubernetes.part-of "test-io"}},
|
||||
:metadata {:name "build-cron",
|
||||
:namespace "test-io",
|
||||
:labels {:app.kubernetes.part-of "test-io-website"}},
|
||||
:spec
|
||||
{:schedule "0/7 * * * *",
|
||||
:successfulJobsHistoryLimit 1,
|
||||
|
@ -142,18 +132,22 @@
|
|||
:jobTemplate
|
||||
{:spec
|
||||
{:template
|
||||
{:spec
|
||||
{:metadata
|
||||
{:namespace "test-io",
|
||||
:labels
|
||||
{:app "build-cron", :app.kubernetes.part-of "test-io-website"}}
|
||||
:spec
|
||||
{:containers
|
||||
[{:image "domaindrivenarchitecture/c4k-website-build",
|
||||
:name "test-io-build-app",
|
||||
:name "build-cron-container",
|
||||
:imagePullPolicy "IfNotPresent",
|
||||
:resources {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}},
|
||||
:command ["/entrypoint.sh"],
|
||||
:envFrom [{:secretRef {:name "test-io-secret"}}],
|
||||
:envFrom [{:secretRef {:name "build-secret"}}],
|
||||
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}
|
||||
{:name "hashfile-volume", :mountPath "/var/hashfile.d"}]}],
|
||||
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}}
|
||||
{:name "hashfile-volume", :persistentVolumeClaim {:claimName "test-io-hashfile-volume"}}],
|
||||
{:name "hash-state-volume", :mountPath "/var/hashfile.d"}]}],
|
||||
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "content-volume"}}
|
||||
{:name "hash-state-volume", :persistentVolumeClaim {:claimName "hash-state-volume"}}],
|
||||
:restartPolicy "OnFailure"}}}}}}
|
||||
(cut/generate-website-build-cron {:issuer "staging"
|
||||
:build-cpu-request "500m"
|
||||
|
@ -167,10 +161,13 @@
|
|||
:branchname "main",
|
||||
:unique-name "test.io"}))))
|
||||
|
||||
|
||||
(deftest should-generate-website-build-secret
|
||||
(is (= {:apiVersion "v1",
|
||||
:kind "Secret",
|
||||
:metadata {:name "test-io-secret", :labels {:app.kubernetes.part-of "test-io"}},
|
||||
:metadata {:name "build-secret",
|
||||
:namespace "test-io",
|
||||
:labels {:app.kubernetes.part-of "test-io-website"}},
|
||||
:data
|
||||
{:AUTHTOKEN "YWJlZGpnYmFzZG9kag==",
|
||||
:GITREPOURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vYXJjaGl2ZS9tYWluLnppcA==",
|
||||
|
@ -191,43 +188,38 @@
|
|||
:username "someuser"}))))
|
||||
|
||||
(deftest should-generate-website-content-volume
|
||||
(is (= {:name-c1 "test-io-content-volume",
|
||||
:name-c2 "test-org-content-volume",
|
||||
:app-c1 "test-io-nginx",
|
||||
:app-c2 "test-org-nginx",
|
||||
:app.kubernetes.part-of-c1 "test-io",
|
||||
:app.kubernetes.part-of-c2 "test-org"}
|
||||
(th/map-diff (cut/generate-website-content-volume {:issuer "staging"
|
||||
:build-cpu-request "500m"
|
||||
:build-cpu-limit "1700m"
|
||||
:build-memory-request "256Mi"
|
||||
:build-memory-limit "512Mi"
|
||||
:volume-size "3"
|
||||
:unique-name "test.io",
|
||||
:forgejo-host "gitea.evilorg",
|
||||
:forgejo-repo "none",
|
||||
:branchname "mablain",
|
||||
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})
|
||||
(cut/generate-website-content-volume {:issuer "staging"
|
||||
:build-cpu-request "500m"
|
||||
:build-cpu-limit "1700m"
|
||||
:build-memory-request "256Mi"
|
||||
:build-memory-limit "512Mi"
|
||||
:volume-size "3"
|
||||
:unique-name "test.org",
|
||||
:forgejo-host "gitea.evilorg",
|
||||
:forgejo-repo "none",
|
||||
:branchname "mablain",
|
||||
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))))
|
||||
(is (= {:apiVersion "v1",
|
||||
:kind "PersistentVolumeClaim",
|
||||
:metadata
|
||||
{:name "content-volume",
|
||||
:namespace "test-io",
|
||||
:labels {:app.kubernetes.part-of "test-io-website"}},
|
||||
:spec
|
||||
{:storageClassName "local-path",
|
||||
:accessModes ["ReadWriteOnce"],
|
||||
:resources {:requests {:storage "3Gi"}}}}
|
||||
(cut/generate-website-content-volume {:issuer "staging"
|
||||
:build-cpu-request "500m"
|
||||
:build-cpu-limit "1700m"
|
||||
:build-memory-request "256Mi"
|
||||
:build-memory-limit "512Mi"
|
||||
:volume-size "3"
|
||||
:unique-name "test.io",
|
||||
:forgejo-host "gitea.evilorg",
|
||||
:forgejo-repo "none",
|
||||
:branchname "mablain",
|
||||
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))
|
||||
|
||||
(deftest should-generate-hashfile-volume
|
||||
(is (= {:apiVersion "v1",
|
||||
:kind "PersistentVolumeClaim",
|
||||
:metadata
|
||||
{:name "test-io-hashfile-volume",
|
||||
:namespace "default",
|
||||
:labels {:app "test-io-nginx", :app.kubernetes.part-of "test-io"}},
|
||||
:spec {:storageClassName "local-path", :accessModes ["ReadWriteOnce"], :resources {:requests {:storage "16Mi"}}}}
|
||||
{:name "hash-state-volume",
|
||||
:namespace "test-io",
|
||||
:labels {:app.kubernetes.part-of "test-io-website"}},
|
||||
:spec {:storageClassName "local-path",
|
||||
:accessModes ["ReadWriteOnce"],
|
||||
:resources {:requests {:storage "16Mi"}}}}
|
||||
(cut/generate-hashfile-volume {:issuer "staging"
|
||||
:build-cpu-request "500m"
|
||||
:build-cpu-limit "1700m"
|
||||
|
|
Loading…
Reference in a new issue