meissa
/
c4k-website
6
5
Fork 0
Code Issues Pull Requests Packages Projects Releases 8 Wiki Activity

Compare commits

base: meissa:v1.1.1
Branches Tags
meissa:main
meissa:docker-test-review
meissa:2.0.3
meissa:2.0.2
meissa:2.0.1
meissa:2.0.0
meissa:1.1.8
meissa:1.1.7
meissa:1.1.6
meissa:1.1.5
meissa:1.1.4
meissa:v1.1.3
meissa:v1.1.2
meissa:v1.1.1
meissa:v1.1.0
meissa:v1.0.0
meissa:v0.2.1
meissa:v0.2.0
meissa:v0.1.3
meissa:v0.1.2
meissa:v0.1.1
meissa:v0.1.0
...
compare: meissa:main
Branches Tags
meissa:main
meissa:docker-test-review
meissa:2.0.3
meissa:2.0.2
meissa:2.0.1
meissa:2.0.0
meissa:1.1.8
meissa:1.1.7
meissa:1.1.6
meissa:1.1.5
meissa:1.1.4
meissa:v1.1.3
meissa:v1.1.2
meissa:v1.1.1
meissa:v1.1.0
meissa:v1.0.0
meissa:v0.2.1
meissa:v0.2.0
meissa:v0.1.3
meissa:v0.1.2
meissa:v0.1.1
meissa:v0.1.0

141 Commits
v1.1.1 ... main

Author SHA1 Message Date
Clemens 9501120d88 removed deprecated todo 3 weeks ago
Clemens 2e7de036a5 resolve todo 4 weeks ago
erik a8e1dae976 Fix tests 4 weeks ago
erik 89cd45fdd3 Merge branch 'main' of ssh://repo.prod.meissa.de:2222/meissa/c4k-website 4 weeks ago
erik b593ac8b7c Add limit on cron job activity 4 weeks ago
bom 87a18c4010 bump version to: 2.0.4-SNAPSHOT 4 weeks ago
bom 84646748f2 release: 2.0.3 4 weeks ago
bom 1f8ced4e6d Add git to image 4 weeks ago
bom 76882ba196 bump version to: 2.0.3-SNAPSHOT 4 weeks ago
bom a84ef439cb release: 2.0.2 4 weeks ago
bom 457b106829 Install go 1.19.13 4 weeks ago
bom f78e089639 bump version to: 2.0.2-SNAPSHOT 4 weeks ago
bom 86f3bd94fb release: 2.0.1 4 weeks ago
bom b07191d9d5 lein ancient upgrade 4 weeks ago
erik 3524b2209e Install hugo from deb 4 weeks ago
bom d43cad692a Update deps to use new inline macro 2 months ago
Michael Jerger 0cd0225918 add review comments 2 months ago
gec 07cea8cfeb add-hugo-build (#5) 
Reviewed-on: #5
 3 months ago
Clemens a1803e79a6 adjust defaults 3 months ago
Clemens e1d43cddc5 added rate limits 3 months ago
Clemens 3944c28562 adjust calling of generate.sh 3 months ago
Clemens 56a08653e9 rename website root envvar 3 months ago
Clemens 889b95f572 revert env var renaming 3 months ago
Clemens 9e8af08ec2 added configMapRef for nginx initContainer 3 months ago
Clemens 26a687c488 fix generation of all build-secrets 3 months ago
Clemens d1764c64ed added lein inst 3 months ago
Clemens 7e146a3463 renamed repo-user and forgejo-repo 3 months ago
Clemens 164f66d4b7 renamed env variables according to convention 3 months ago
Clemens ebca7a3454 added git host as env var 3 months ago
Clemens 548dd14091 Added build-configmap as env to build-cron 3 months ago
Clemens f1e41b3333 added test for generate-build-configmap 3 months ago
Clemens 9e75c22337 added build-configmap generation 3 months ago
Clemens e02f4949fc small adjustments 3 months ago
Clemens e923c9d5c3 moved repo-user from auth to config 3 months ago
Clemens 248c33613a started splitting build-secret and build-configmap 3 months ago
Clemens 600dd1c30a add hugo to image & generate netrc file 3 months ago
Michael Jerger d496ba28f6 add redirects to config 3 months ago
Michael Jerger e69c9e87bd bump version to: 2.0.1-SNAPSHOT 3 months ago
Michael Jerger 2dff50f7b8 release: 2.0.0 3 months ago
Michael Jerger d7be8aa730 refactor alias 3 months ago
Michael Jerger 9efbf4dbc4 refactor website_internal 3 months ago
Michael Jerger 1b1d316653 refactore auth -> websiteauths 3 months ago
Michael Jerger 20401c20b7 refactore websites -> websiteconfigs 3 months ago
Michael Jerger f16ee34782 merge happens in uberjar -> website is obsoloete 3 months ago
Michael Jerger 18ec39549e update deps 3 months ago
Michael Jerger e97fc0d675 fix log 3 months ago
Michael Jerger 800f4e6bb0 fix test compat 3 months ago
Michael Jerger 8b2e14277a imabe listens on 80 // log-files are linked to stdout 3 months ago
Michael Jerger 0d5d10d64c use port 8080 instead of 80 3 months ago
Michael Jerger 2582bcfb10 fix volume name 3 months ago
Michael Jerger 5389003d6b fix defaults in case of cljs 3 months ago
Michael Jerger b4feea06cf minor fixes 3 months ago
jem ac57564e0f feature/introduce-redirects (#4) 
Reviewed-on: #4
 3 months ago
Michael Jerger a0bf9064ed update deps & fix tests 3 months ago
Michael Jerger 3a216d52df name refactorings 3 months ago
Michael Jerger b4ec6d16b3 add redirects to config 3 months ago
Michael Jerger d396e3abae generate redirects 3 months ago
jem 9c5ca90eef feature/introduce-namespaces (#3) 
Reviewed-on: #3
 3 months ago
Michael Jerger 6504668953 renamed resources 3 months ago
Michael Jerger 68c4f02344 fix hash-state-pvc names 3 months ago
Michael Jerger e785833304 fix content-pvc names 3 months ago
Michael Jerger 3d5864f944 fix build-secret names 3 months ago
Michael Jerger 740bd021f2 fix corn-job names 3 months ago
Michael Jerger 53fc7a990d fix service names 3 months ago
Michael Jerger 1790487d6e log should go to console out instead of file! 3 months ago
Michael Jerger 3257d332dc log should go to console out instead of file! 3 months ago
Michael Jerger 5d3621f6f8 start introduce namespace 3 months ago
Michael Jerger 9cb0e50853 use ingress & ns from common 3 months ago
Michael Jerger 0cf35755f9 simplify naming & introduce dedicated internal 3 months ago
jem 93f3618a86 feature/improve-start-script (#2) 
Reviewed-on: #2
 3 months ago
Michael Jerger 4d7928f244 add missing lib 3 months ago
Michael Jerger 375f11c0d9 fix valid config 3 months ago
Michael Jerger cc97cae0d0 remove parameter for pre build script 3 months ago
Michael Jerger 7fc494c1df Merge branch 'feature/improve-start-script' of ssh://repo.prod.meissa.de:2222/meissa/c4k-website into feature/improve-start-script 3 months ago
Michael Jerger 2770883473 rename gitea -> forgejo [BRAKING Change] 3 months ago
erik 8af984c079 Fix title 3 months ago
Michael Jerger 209f1bd9ca rename gitea -> forgejo [BRAKING Change] 3 months ago
Michael Jerger f0ed84822b new way to generate 3 months ago
jerger 04377f0daf update doc 3 months ago
jerger 5d904697c5 add compat & logback to native 3 months ago
Michael Jerger 1cb78ec68b refactor inline-macro to load resources 3 months ago
Michael Jerger a9c9f51fa3 Merge branch 'main' of ssh://repo.prod.meissa.de:2222/meissa/c4k-website 3 months ago
Michael Jerger b0516e1943 update deps 3 months ago
Michael Jerger 0bb8704b0f update readme 3 months ago
jem e295deb0b8 feature/native-image (#1) 
Reviewed-on: #1
 3 months ago
Michael Jerger f323306c9c fix build script 3 months ago
Michael Jerger c5780d04a7 build native image 3 months ago
bom 03ac969aa9 bump version to: 1.1.9-SNAPSHOT 4 months ago
bom c8a86192ca release: 1.1.8 4 months ago
bom e7aed2c4c2 Bump versions 4 months ago
Mirco 9e16cc38e0 bump version to: 1.1.8-SNAPSHOT 5 months ago
Mirco 5a843b9286 release: 1.1.7 5 months ago
Mirco d131b25313 Improvements docker image building 5 months ago
erik 7644e23dd2 Update reqs 6 months ago
erik cce6a55428 Update reqs 7 months ago
erik c3de9f58da Update reqs 7 months ago
erik bddb58e3a8 [Skip-CI] Ignore eastwood file 7 months ago
erik 715cf83561 bump version to: 1.1.7-SNAPSHOT 7 months ago
erik e46fe2f14e release: 1.1.6 7 months ago
erik e8c748ed1e Update c4k-common dep 7 months ago
erik 418a9d75a4 Track errors in install.sh 7 months ago
erik 2b48943dff Update status of discussion 7 months ago
erik bf68eecf93 Update Req Discussion 7 months ago
Michael Jerger 27f6e82aa0 Merge branch 'main' of ssh://repo.prod.meissa.de:2222/meissa/c4k-website 7 months ago
Michael Jerger 3579197850 add discussion 7 months ago
Clemens d461b32bbf Updated dda-devops images version to 4.7.4 8 months ago
Clemens 00b57fe2ce bump version to: 1.1.6-SNAPSHOT 8 months ago
Clemens c551b6f7da release: 1.1.5 8 months ago
Clemens f526fbc3c6 Added curl installation 8 months ago
Clemens f25ed6108d bump version to: 1.1.5-SNAPSHOT 8 months ago
Clemens 114fbea3bc release: 1.1.4 8 months ago
Clemens 1b07e6e5a9 Updated build.py and dependencies 8 months ago
erik ec27a519a1 Format 8 months ago
erik 12b27835e6 Refine data flow diagram 8 months ago
erik 1710771b71 Fix typo 8 months ago
erik 0eddf1a939 Add data flow diagram 8 months ago
Michael Jerger 3250cee849 requirements 10 months ago
erik 774880f26e [Skip-CI] Add Development and mirrors section 10 months ago
erik cd87d00d73 Fix format of text field 12 months ago
erik de41730dad Fix bugs in browser.cljs 
We are not using test as a keyword.
Also add a group for website data.
 12 months ago
erik a0698750e3 Implement function defs for keys 
Using the keys for validation in browser.cljs will convert the map
in the input field to a vector, causing the spec to fail in the browser.
 12 months ago
erik 4d6af0e13f Refactor keys to current mon ns defs 12 months ago
erik d2c9e66717 Bump Dep 12 months ago
Mirco e3777bc6ae [skip-ci] Update README.md 1 year ago
Clemens e3d4e4b2bf update release doc 1 year ago
Clemens 6b318e1b79 version bump 1 year ago
Clemens 99e0b6693c Version 1.1.3 1 year ago
Clemens 765b69e63a Release v1.1.3 1 year ago
Pat Dyn f91269fb94 Merge branch 'split-config-and-auth-input' into 'main' 
Do not merge config and auth

See merge request domaindrivenarchitecture/c4k-website!5
 1 year ago
Pat Dyn c8e4c9acf7 Do not merge config and auth 1 year ago
Clemens a61e3a7a7d Remove LGPL from subcomponent license file 1 year ago
Clemens d02b114ba7 Exclude codox-klipse-theme 1 year ago
Clemens 5f682edf62 Added MPL2 to subcomponent licenses 1 year ago
Clemens dc6e111131 Added subcomponent licenses 1 year ago
erik ecb72bedb1 Add website docker image to CI 
Now creating, testing and publishing the image in our CI.
 1 year ago
jerger bfdd417fff [skip-ci] update doc 1 year ago
jerger 258c7dcf6e [skip-ci] version bump 1 year ago
jerger ddc5063bb8 Version 1.1.2 1 year ago
jerger 4407d25020 prepare release 1 year ago
jerger 58fa7cc5f9 check examples & add monitoring to browser 1 year ago
jerger 656cdeb92e version bump 1 year ago
45 changed files with 2207 additions and 1573 deletions
Show Stats

5
.gitignore vendored
Unescape Escape View File

@ -1,3 +1,5 @@
.eastwood
.clj-kondo/
.lsp/
@ -29,3 +31,6 @@ config.edn
build-and-move-frontend.sh
website.yaml
out.yaml
.eastwood

113
.gitlab-ci.yml
Unescape Escape View File

@ -5,11 +5,18 @@ stages:
- upload
- image
services:
- docker:19.03.12-dind
.img: &img
image: "domaindrivenarchitecture/ddadevops-dind:4.11.4"
services:
- docker:dind
before_script:
- export RELEASE_ARTIFACT_TOKEN=$MEISSA_REPO_BUERO_RW
- export IMAGE_DOCKERHUB_USER=$DOCKERHUB_USER
- export IMAGE_DOCKERHUB_PASSWORD=$DOCKERHUB_PASSWORD
- export IMAGE_TAG=$CI_COMMIT_TAG
.cljs-job: &cljs
image: domaindrivenarchitecture/shadow-cljs
image: "domaindrivenarchitecture/ddadevops-clj-cljs:4.11.4"
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
@ -17,40 +24,45 @@ services:
- .shadow-cljs/
- .m2
before_script:
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc
- npm install
- export RELEASE_ARTIFACT_TOKEN=$MEISSA_REPO_BUERO_RW
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc
- npm install
.clj-uploadjob: &clj
image: domaindrivenarchitecture/lein
.clj-job: &clj
image: "domaindrivenarchitecture/ddadevops-clj:4.11.4"
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- .m2
before_script:
- mkdir -p /root/.lein
- echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_TOKEN_DOMAINDRIVENARCHITECTURE}\" }}}}" > ~/.lein/profiles.clj
- export RELEASE_ARTIFACT_TOKEN=$MEISSA_REPO_BUERO_RW
- mkdir -p /root/.lein
- echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_TOKEN_DOMAINDRIVENARCHITECTURE}\" }}}}" > ~/.lein/profiles.clj
test-cljs:
<<: *cljs
stage: build_and_test
script:
- shadow-cljs compile test
- node target/node-tests.js
.tag_only: &tag_only
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
when: never
- if: '$CI_COMMIT_TAG =~ /^[0-9]+\.[0-9]+\.[0-9]+$/'
test-clj:
<<: *clj
stage: build_and_test
script:
- lein test
- pyb test_clj
test-cljs:
<<: *cljs
stage: build_and_test
script:
- pyb test_cljs
test-schema:
<<: *clj
stage: build_and_test
script:
- lein uberjar
- java -jar target/uberjar/c4k-website-standalone.jar valid-config.edn valid-auth.edn | kubeconform --kubernetes-version 1.23.0 --strict --skip Certificate -
- pyb test_schema
artifacts:
expire_in: 1h
paths:
- target/uberjar
@ -58,10 +70,8 @@ report-frontend:
<<: *cljs
stage: package
script:
- mkdir -p target/frontend-build
- shadow-cljs run shadow.cljs.build-report frontend target/frontend-build/build-report.html
- pyb report_frontend
artifacts:
expire_in: 1h
paths:
- target/frontend-build/build-report.html
@ -69,13 +79,8 @@ package-frontend:
<<: *cljs
stage: package
script:
- mkdir -p target/frontend-build
- shadow-cljs release frontend
- cp public/js/main.js target/frontend-build/c4k-website.js
- sha256sum target/frontend-build/c4k-website.js > target/frontend-build/c4k-website.js.sha256
- sha512sum target/frontend-build/c4k-website.js > target/frontend-build/c4k-website.js.sha512
- pyb package_frontend
artifacts:
expire_in: 1h
paths:
- target/frontend-build
@ -83,39 +88,37 @@ package-uberjar:
<<: *clj
stage: package
script:
- lein uberjar
- sha256sum target/uberjar/c4k-website-standalone.jar > target/uberjar/c4k-website-standalone.jar.sha256
- sha512sum target/uberjar/c4k-website-standalone.jar > target/uberjar/c4k-website-standalone.jar.sha512
- pyb package_uberjar
artifacts:
expire_in: 1h
paths:
- target/uberjar
- target/uberjar
upload-clj-release:
package-native:
<<: *clj
stage: package
script:
- pyb package_native
artifacts:
paths:
- target/graalvm
release-to-clojars:
<<: *clj
<<: *tag_only
stage: upload
rules:
- if: '$CI_COMMIT_TAG != null'
script:
- lein deploy
- pyb upload_clj
release:
image: registry.gitlab.com/gitlab-org/release-cli:latest
release-to-forgejo:
<<: *clj
<<: *tag_only
stage: upload
rules:
- if: '$CI_COMMIT_TAG != null'
artifacts:
expire_in: 24h
paths:
- target/uberjar
- target/frontend-build
script:
- apk --no-cache add curl
- |
release-cli create --name "Release $CI_COMMIT_TAG" --tag-name $CI_COMMIT_TAG \
--assets-link "{\"name\":\"c4k-website-standalone.jar\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-website/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-website-standalone.jar\"}" \
--assets-link "{\"name\":\"c4k-website-standalone.jar.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-website/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-website-standalone.jar.sha256\"}" \
--assets-link "{\"name\":\"c4k-website-standalone.jar.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-website/-/jobs/${CI_JOB_ID}/artifacts/file/target/uberjar/c4k-website-standalone.jar.sha512\"}" \
--assets-link "{\"name\":\"c4k-website.js\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-website/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-website.js\"}" \
--assets-link "{\"name\":\"c4k-website.js.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-website/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-website.js.sha256\"}" \
--assets-link "{\"name\":\"c4k-website.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-website/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-website.js.sha512\"}" \
- pyb publish_artifacts
website-image-publish:
<<: *img
<<: *tag_only
stage: image
script:
- cd infrastructure/build && pyb image publish

109
README.md
Unescape Escape View File

@ -6,19 +6,62 @@
## Purpose
Delivering cryogen generated static sites with the push of a few buttons.
**GitOps for static generated Websites.**
c4k-website generates k8s-manifest for a webserver serving static html.
c4k-website is an example how to create k8s manifests for OneShotDeployments with https://repo.prod.meissa.de/meissa/c4k-common.
## Features
- [convention 4 kubernetes: c4k-website](#convention-4-kubernetes-c4k-website)
- [Purpose](#purpose)
- [Features](#features)
- [Serving multiple websites](#serving-multiple-websites)
- [https \& Letsencrypt Certificates](#https--letsencrypt-certificates)
- [Ratelimiting](#ratelimiting)
- [Monitoring](#monitoring)
- [GitOps your Websites](#gitops-your-websites)
- [Support Hugo and Cryogene](#support-hugo-and-cryogene)
- [Try out](#try-out)
- [Usage](#usage)
- [Development \& mirrors](#development--mirrors)
- [License](#license)
### Serving multiple websites
You can serve many websites, each of can listen to a list of domain names. E.g.
```yaml
# Config example
websites:
- unique-name: "test.io"
fqdns: ["test.de", "test.org", "www.test.de", "www.test.org"]
- unique-name: "example.io"
fqdns: ["example.org", "www.example.com"]
```
### https & Letsencrypt Certificates
The domain names listed will get their certificates from letsencrypt out of the box.
### Ratelimiting
There is a Ratelimit included for each website. This makes it harder to DOS one or all websites served.
### Monitoring
Monitoring on GrafanaCloud (or any other grafana) is included out of the box.
### GitOps your Websites
c4k-website generates configuration files for multiple nginx webservers, and
corresponding cryogen static site generator build containers. This automatically downloads a `<branch>.zip` from a specified gitea API url. You need an authorization token to access the specified gitea user account. The build container is based on clojure:lein.
If your repository is on a frogejo or gitea repo, we included GitOps. We ask every ten minutes the repo api for new pushed content.
Following the example in valid-config.edn and valid-auth.edn you can add as many websites as you like (provided you have the DNS Routes set up). One set of configmaps, deployment, services etc will be created for each element in the :websites and :auth list.
If there is new content we generate the new static html & serve it.
Configs generated by c4k-website consists of the following parts:
### Support Hugo and Cryogene
* nginx deployment + configmap + service + ingress + certificate definitions
* nginx deployment has init container, building the website at startup time
* cron job for building and build secret for storing auth data
* respective volume claims
For static html generation we support cryogen & hugo.
## Try out
@ -28,47 +71,35 @@ Click on the image to try out in your browser:
Your input will stay in your browser. No server interaction is required.
## Usage
You need:
* DNS routes matching the fqdns in the lists
* cryogen as a static site generator
* a cryogen project ready to build
* a gitea account which holds the buildable project
* an authorization token for that account
* and a kubernetes cluster provisioned by [provs]
You will also be able to try out on cli:
```
c4k-website src/test/resources/valid-config.yaml src/test/resources/valid-auth.yaml
```
Add a unique identifier for each website to config.edn and auth.edn (e.g. domain-name).
Add the list of fqdns, your gitea host, name of the website repo and the respective branch name (usually "main") to config.edn.
Add auth token and gitea user with access to the website repo to auth.edn.
Let c4k-website generate your .yaml file.
Apply this file on your cluster with `kubectl apply -f yourApp.yaml`.
Done.
## Usage
### Script Execution
Prerequisites:
* DNS routes pointing to your k8s cluster.
* frogejo or gitea instance for your website repo. In doubt use https://codeberg.org
* A git repository with your hugo / cryogene website
* the project provides a `generate.sh` (maybe your generatoin needs some preprocessing)
* `generate.sh` deliver its static generated html to `target/html`
Optionally you can specify a trusted script in your config.edn.
1. `sha256sum` "/path/to/your/script/file"
2. copy the output of this command
3. add the :sha256-output "hash-of-file file.name" :key value pair to the respective collection in :websites.
## Development & mirrors
Also, see the example in valid-config.edn. The script file needs to exist in the `<branch>.zip` and path specification to the script file should be relative to the root of the unzipped folder. Scripts can be of any type - as long as an according shebang exists in the first line.
Development happens at: https://repo.prod.meissa.de/meissa/c4k-website
```bash
sha256sum your-script-file # use output of this call
sha256sum scripts/your-script-file # or this
sha256sum scripts/foo/bar/your-script-file # or this
```
Mirrors are:
### resource requests and limits
* https://gitlab.com/domaindrivenarchitecture/c4k-website (issues and PR, CI)
* https://github.com/DomainDrivenArchitecture/c4k-website
You may want to adjust the resource requests and limits of the build and init containers to your specific scenario.
For more details about our repository model see: https://repo.prod.meissa.de/meissa/federate-your-repos
## License
Copyright © 2022 meissa GmbH
Copyright © 2022, 2023, 2024 meissa GmbH
Licensed under the [Apache License, Version 2.0](LICENSE) (the "License")
Pls. find licenses of our subcomponents [here](doc/SUBCOMPONENT_LICENSE)

233
build.py
Unescape Escape View File

@ -0,0 +1,233 @@
from os import environ
from subprocess import run
from pybuilder.core import init, task
from ddadevops import *
default_task = "dev"
name = "c4k-website"
MODULE = "not-used"
PROJECT_ROOT_PATH = "."
@init
def initialize(project):
input = {
"name": name,
"module": MODULE,
"stage": "notused",
"project_root_path": PROJECT_ROOT_PATH,
"build_types": [],
"mixin_types": ["RELEASE"],
"release_primary_build_file": "project.clj",
"release_secondary_build_files": [
"package.json",
"infrastructure/build/build.py",
],
"release_artifact_server_url": "https://repo.prod.meissa.de",
"release_organisation": "meissa",
"release_repository_name": name,
"release_artifacts": [
"target/graalvm/" + name,
"target/uberjar/" + name + "-standalone.jar",
"target/frontend-build/" + name + ".js"
],
}
build = ReleaseMixin(project, input)
build.initialize_build_dir()
@task
def test_clj(project):
run("lein test", shell=True, check=True)
@task
def test_cljs(project):
run("shadow-cljs compile test", shell=True, check=True)
run("node target/node-tests.js", shell=True, check=True)
@task
def test_schema(project):
run("lein uberjar", shell=True, check=True)
run(
"java -jar target/uberjar/c4k-website-standalone.jar "
+ "src/test/resources/website-test/valid-config.yaml "
+ "src/test/resources/website-test/valid-auth.yaml | "
+ """kubeconform --kubernetes-version 1.23.0 --strict --skip "Certificate,Middleware" -""",
shell=True,
check=True,
)
@task
def report_frontend(project):
run("mkdir -p target/frontend-build", shell=True, check=True)
run(
"shadow-cljs run shadow.cljs.build-report frontend target/frontend-build/build-report.html",
shell=True,
check=True,
)
@task
def package_frontend(project):
run("mkdir -p target/frontend-build", shell=True, check=True)
run("shadow-cljs release frontend", shell=True, check=True)
run(
"cp public/js/main.js target/frontend-build/c4k-website.js",
shell=True,
check=True,
)
run(
"sha256sum target/frontend-build/c4k-website.js > target/frontend-build/c4k-website.js.sha256",
shell=True,
check=True,
)
run(
"sha512sum target/frontend-build/c4k-website.js > target/frontend-build/c4k-website.js.sha512",
shell=True,
check=True,
)
@task
def package_uberjar(project):
run(
"sha256sum target/uberjar/c4k-website-standalone.jar > target/uberjar/c4k-website-standalone.jar.sha256",
shell=True,
check=True,
)
run(
"sha512sum target/uberjar/c4k-website-standalone.jar > target/uberjar/c4k-website-standalone.jar.sha512",
shell=True,
check=True,
)
@task
def package_native(project):
run(
"mkdir -p target/graalvm",
shell=True,
check=True,
)
run(
"native-image " +
"--native-image-info " +
"--report-unsupported-elements-at-runtime " +
"--no-server " +
"--no-fallback " +
"--features=clj_easy.graal_build_time.InitClojureClasses " +
"-jar target/uberjar/" + project.name + "-standalone.jar " +
"-march=compatibility " +
"-H:IncludeResources=.*.yaml " +
"-H:IncludeResources=logback.xml " +
"-H:Log=registerResource:verbose " +
"-H:Name=target/graalvm/" + project.name + "",
shell=True,
check=True,
)
run(
"sha256sum target/graalvm/" + project.name + " > target/graalvm/" + project.name + ".sha256",
shell=True,
check=True,
)
run(
"sha512sum target/graalvm/" + project.name + " > target/graalvm/" + project.name + ".sha512",
shell=True,
check=True,
)
@task
def inst(project):
run(
"lein uberjar",
shell=True,
check=True,
)
package_native(project)
run(
"sudo install -m=755 target/uberjar/" + project.name + "-standalone.jar /usr/local/bin/" + project.name + "-standalone.jar",
shell=True,
check=True,
)
run(
"sudo install -m=755 target/graalvm/" + project.name + " /usr/local/bin/" + project.name + "",
shell=True,
check=True,
)
@task
def upload_clj(project):
run("lein deploy", shell=True, check=True)
@task
def lint(project):
run(
"lein eastwood",
shell=True,
check=True,
)
run(
"lein ancient check",
shell=True,
check=True,
)
@task
def patch(project):
linttest(project, "PATCH")
release(project)
@task
def minor(project):
linttest(project, "MINOR")
release(project)
@task
def major(project):
linttest(project, "MAJOR")
release(project)
@task
def dev(project):
linttest(project, "NONE")
@task
def prepare(project):
build = get_devops_build(project)
build.prepare_release()
@task
def tag(project):
build = get_devops_build(project)
build.tag_bump_and_push_release()
@task
def publish_artifacts(project):
build = get_devops_build(project)
build.publish_artifacts()
def release(project):
prepare(project)
tag(project)
def linttest(project, release_type):
build = get_devops_build(project)
build.update_release_type(release_type)
test_clj(project)
test_cljs(project)
test_schema(project)
lint(project)

74
doc/Releasing.md
Unescape Escape View File

@ -1,74 +0,0 @@
# Release process
## ... for testing (snapshots)
Make sure your clojars.org credentials are correctly set in your ~/.lein/profiles.clj file.
``` bash
git add .
git commit
```
``` bash
lein deploy # or lein deploy clojars
```
## ... for stable release patch version
Make sure tags are protected in gitlab:
Repository Settings -> Protected Tags -> set \*.\*.\* as tag and save.
``` bash
git checkout main # for old projects replace main with master
git add .
git commit
```
Open package.json, find ":version" keyword and remove "-SNAPSHOT" from version number.
``` bash
git add .
git commit -m "Release [version]"
lein release
git push --follow-tags
```
Open package.json again, increase version increment by one and add "-SNAPSHOT".
``` bash
git commit -am "version bump"
git push
```
## ... for stable release minor version
Make sure tags are protected in gitlab:
Repository Settings -> Protected Tags -> set \*.\*.\* as tag and save.
``` bash
git checkout main # for old projects replace main with master
git add .
git commit
```
In package.json, find ":version" keyword and remove "-SNAPSHOT" from version number.
Increment minor version by one, set patch version to zero.
Open project.clj, find ":version" keyword, increment minor version by one, set patch version to zero.
Leave "-SNAPSHOT" be.
``` bash
git add .
git commit -m "Release [version]"
lein release
git push --follow-tags
```
Open package.json again, increase version increment by one and add "-SNAPSHOT".
``` bash
git commit -am "version bump"
git push
```
Done.

499
doc/SUBCOMPONENT_LICENSE
Unescape Escape View File

@ -0,0 +1,499 @@
SUBCOMPONENTS:
This Software includes a number of subcomponents with
separate copyright notices and license terms. Your use of the source
code for the these subcomponents is subject to the terms and
conditions of the following licenses.
lein with-profile uberjar licenses
...
Eclipse Public License, Version 1.0 (EPL-1.0)
THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
1. DEFINITIONS
"Contribution" means:
a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
b) in the case of each subsequent Contributor:
i) changes to the Program, and
ii) additions to the Program;
where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
"Contributor" means any person or entity that distributes the Program.
"Licensed Patents" mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
"Program" means the Contributions distributed in accordance with this Agreement.
"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
2. GRANT OF RIGHTS
a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
3. REQUIREMENTS
A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
a) it complies with the terms and conditions of this Agreement; and
b) its license agreement:
i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
When the Program is made available in source code form:
a) it must be made available under this Agreement; and
b) a copy of this Agreement must be included with each copy of the Program.
Contributors may not remove or alter any copyright notices contained within the Program.
Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
4. COMMERCIAL DISTRIBUTION
Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
5. NO WARRANTY
EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement , including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
6. DISCLAIMER OF LIABILITY
EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
7. GENERAL
If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
-------------------------------------------------------------------------------
The MIT License (MIT)
Copyright © 2015 Stuart Sierra
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-------------------------------------------------------------------------------
The BSD 3-Clause License The following is a BSD 3-Clause ("BSD New" or "BSD Simplified") license template. To generate your own license, change the values of OWNER, ORGANIZATION and YEAR from their original values as given here, and substitute your own.
Note: You may omit clause 3 and still be OSD-conformant. Despite its colloquial name "BSD New", this is not the newest version of the BSD license; it was followed by the even newer BSD-2-Clause version, sometimes known as the "Simplified BSD License". On January 9th, 2008 the OSI Board approved BSD-2-Clause, which is used by FreeBSD and others. It omits the final "no-endorsement" clause and is thus roughly equivalent to the MIT License.
Historical Background: The original license used on BSD Unix had four clauses. The advertising clause (the third of four clauses) required you to acknowledge use of U.C. Berkeley code in your advertising of any product using that code. It was officially rescinded by the Director of the Office of Technology Licensing of the University of California on July 22nd, 1999. He states that clause 3 is "hereby deleted in its entirety." The four clause license has not been approved by OSI. The license below does not contain the advertising clause.
This prelude is not part of the license.
OWNER = Regents of the University of California
ORGANIZATION = University of California, Berkeley
YEAR = 1998
In the original BSD license, both occurrences of the phrase "COPYRIGHT HOLDERS AND CONTRIBUTORS" in the disclaimer read "REGENTS AND CONTRIBUTORS".
License template
Copyright (c) $YEAR $OWNER, All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
------------------------------------------------------------------------------
License
Copyright (c) 2000 - 2018 The Legion of the Bouncy Castle Inc. (https://www.bouncycastle.org)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
------------------------------------------------------------------------------
Mozilla Public License Version 2.0
==================================
1. Definitions
1.1. "Contributor"
means each individual or legal entity that creates, contributes to
the creation of, or owns Covered Software.
1.2. "Contributor Version"
means the combination of the Contributions of others (if any) used
by a Contributor and that particular Contributor's Contribution.
1.3. "Contribution"
means Covered Software of a particular Contributor.
1.4. "Covered Software"
means Source Code Form to which the initial Contributor has attached
the notice in Exhibit A, the Executable Form of such Source Code
Form, and Modifications of such Source Code Form, in each case
including portions thereof.
1.5. "Incompatible With Secondary Licenses"
means
(a) that the initial Contributor has attached the notice described
in Exhibit B to the Covered Software; or
(b) that the Covered Software was made available under the terms of
version 1.1 or earlier of the License, but not also under the
terms of a Secondary License.
1.6. "Executable Form"
means any form of the work other than Source Code Form.
1.7. "Larger Work"
means a work that combines Covered Software with other material, in
a separate file or files, that is not Covered Software.
1.8. "License"
means this document.
1.9. "Licensable"
means having the right to grant, to the maximum extent possible,
whether at the time of the initial grant or subsequently, any and
all of the rights conveyed by this License.
1.10. "Modifications"
means any of the following:
(a) any file in Source Code Form that results from an addition to,
deletion from, or modification of the contents of Covered
Software; or
(b) any new file in Source Code Form that contains any Covered
Software.
1.11. "Patent Claims" of a Contributor
means any patent claim(s), including without limitation, method,
process, and apparatus claims, in any patent Licensable by such
Contributor that would be infringed, but for the grant of the
License, by the making, using, selling, offering for sale, having
made, import, or transfer of either its Contributions or its
Contributor Version.
1.12. "Secondary License"
means either the GNU General Public License, Version 2.0, the GNU
Lesser General Public License, Version 2.1, the GNU Affero General
Public License, Version 3.0, or any later versions of those
licenses.
1.13. "Source Code Form"
means the form of the work preferred for making modifications.
1.14. "You" (or "Your")
means an individual or a legal entity exercising rights under this
License. For legal entities, "You" includes any entity that
controls, is controlled by, or is under common control with You. For
purposes of this definition, "control" means (a) the power, direct
or indirect, to cause the direction or management of such entity,
whether by contract or otherwise, or (b) ownership of more than
fifty percent (50%) of the outstanding shares or beneficial
ownership of such entity.
2. License Grants and Conditions
2.1. Grants
Each Contributor hereby grants You a world-wide, royalty-free,
non-exclusive license:
(a) under intellectual property rights (other than patent or trademark)
Licensable by such Contributor to use, reproduce, make available,
modify, display, perform, distribute, and otherwise exploit its
Contributions, either on an unmodified basis, with Modifications, or
as part of a Larger Work; and
(b) under Patent Claims of such Contributor to make, use, sell, offer
for sale, have made, import, and otherwise transfer either its
Contributions or its Contributor Version.
2.2. Effective Date
The licenses granted in Section 2.1 with respect to any Contribution
become effective for each Contribution on the date the Contributor first
distributes such Contribution.
2.3. Limitations on Grant Scope
The licenses granted in this Section 2 are the only rights granted under
this License. No additional rights or licenses will be implied from the
distribution or licensing of Covered Software under this License.
Notwithstanding Section 2.1(b) above, no patent license is granted by a
Contributor:
(a) for any code that a Contributor has removed from Covered Software;
or
(b) for infringements caused by: (i) Your and any other third party's
modifications of Covered Software, or (ii) the combination of its
Contributions with other software (except as part of its Contributor
Version); or
(c) under Patent Claims infringed by Covered Software in the absence of
its Contributions.
This License does not grant any rights in the trademarks, service marks,
or logos of any Contributor (except as may be necessary to comply with
the notice requirements in Section 3.4).
2.4. Subsequent Licenses
No Contributor makes additional grants as a result of Your choice to
distribute the Covered Software under a subsequent version of this
License (see Section 10.2) or under the terms of a Secondary License (if
permitted under the terms of Section 3.3).
2.5. Representation
Each Contributor represents that the Contributor believes its
Contributions are its original creation(s) or it has sufficient rights
to grant the rights to its Contributions conveyed by this License.
2.6. Fair Use
This License is not intended to limit any rights You have under
applicable copyright doctrines of fair use, fair dealing, or other
equivalents.
2.7. Conditions
Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted
in Section 2.1.
3. Responsibilities
3.1. Distribution of Source Form
All distribution of Covered Software in Source Code Form, including any
Modifications that You create or to which You contribute, must be under
the terms of this License. You must inform recipients that the Source
Code Form of the Covered Software is governed by the terms of this
License, and how they can obtain a copy of this License. You may not
attempt to alter or restrict the recipients' rights in the Source Code
Form.
3.2. Distribution of Executable Form
If You distribute Covered Software in Executable Form then:
(a) such Covered Software must also be made available in Source Code
Form, as described in Section 3.1, and You must inform recipients of
the Executable Form how they can obtain a copy of such Source Code
Form by reasonable means in a timely manner, at a charge no more
than the cost of distribution to the recipient; and
(b) You may distribute such Executable Form under the terms of this
License, or sublicense it under different terms, provided that the
license for the Executable Form does not attempt to limit or alter
the recipients' rights in the Source Code Form under this License.
3.3. Distribution of a Larger Work
You may create and distribute a Larger Work under terms of Your choice,
provided that You also comply with the requirements of this License for
the Covered Software. If the Larger Work is a combination of Covered
Software with a work governed by one or more Secondary Licenses, and the
Covered Software is not Incompatible With Secondary Licenses, this
License permits You to additionally distribute such Covered Software
under the terms of such Secondary License(s), so that the recipient of
the Larger Work may, at their option, further distribute the Covered
Software under the terms of either this License or such Secondary
License(s).
3.4. Notices
You may not remove or alter the substance of any license notices
(including copyright notices, patent notices, disclaimers of warranty,
or limitations of liability) contained within the Source Code Form of
the Covered Software, except that You may alter any license notices to
the extent required to remedy known factual inaccuracies.
3.5. Application of Additional Terms
You may choose to offer, and to charge a fee for, warranty, support,
indemnity or liability obligations to one or more recipients of Covered
Software. However, You may do so only on Your own behalf, and not on
behalf of any Contributor. You must make it absolutely clear that any
such warranty, support, indemnity, or liability obligation is offered by
You alone, and You hereby agree to indemnify every Contributor for any
liability incurred by such Contributor as a result of warranty, support,
indemnity or liability terms You offer. You may include additional
disclaimers of warranty and limitations of liability specific to any
jurisdiction.
4. Inability to Comply Due to Statute or Regulation
If it is impossible for You to comply with any of the terms of this
License with respect to some or all of the Covered Software due to
statute, judicial order, or regulation then You must: (a) comply with
the terms of this License to the maximum extent possible; and (b)
describe the limitations and the code they affect. Such description must
be placed in a text file included with all distributions of the Covered
Software under this License. Except to the extent prohibited by statute
or regulation, such description must be sufficiently detailed for a
recipient of ordinary skill to be able to understand it.
5. Termination
5.1. The rights granted under this License will terminate automatically
if You fail to comply with any of its terms. However, if You become
compliant, then the rights granted under this License from a particular
Contributor are reinstated (a) provisionally, unless and until such
Contributor explicitly and finally terminates Your grants, and (b) on an
ongoing basis, if such Contributor fails to notify You of the
non-compliance by some reasonable means prior to 60 days after You have
come back into compliance. Moreover, Your grants from a particular
Contributor are reinstated on an ongoing basis if such Contributor
notifies You of the non-compliance by some reasonable means, this is the
first time You have received notice of non-compliance with this License
from such Contributor, and You become compliant prior to 30 days after
Your receipt of the notice.
5.2. If You initiate litigation against any entity by asserting a patent
infringement claim (excluding declaratory judgment actions,
counter-claims, and cross-claims) alleging that a Contributor Version
directly or indirectly infringes any patent, then the rights granted to
You by any and all Contributors for the Covered Software under Section
2.1 of this License shall terminate.
5.3. In the event of termination under Sections 5.1 or 5.2 above, all
end user license agreements (excluding distributors and resellers) which
have been validly granted by You or Your distributors under this License
prior to termination shall survive termination.
************************************************************************
* *
* 6. Disclaimer of Warranty *
* *
* Covered Software is provided under this License on an "as is" *
* basis, without warranty of any kind, either expressed, implied, or *
* statutory, including, without limitation, warranties that the *
* Covered Software is free of defects, merchantable, fit for a *
* particular purpose or non-infringing. The entire risk as to the *
* quality and performance of the Covered Software is with You. *
* Should any Covered Software prove defective in any respect, You *
* (not any Contributor) assume the cost of any necessary servicing, *
* repair, or correction. This disclaimer of warranty constitutes an *
* essential part of this License. No use of any Covered Software is *
* authorized under this License except under this disclaimer. *
* *
************************************************************************
************************************************************************
* *
* 7. Limitation of Liability *
* *
* Under no circumstances and under no legal theory, whether tort *
* (including negligence), contract, or otherwise, shall any *
* Contributor, or anyone who distributes Covered Software as *
* permitted above, be liable to You for any direct, indirect, *
* special, incidental, or consequential damages of any character *
* including, without limitation, damages for lost profits, loss of *
* goodwill, work stoppage, computer failure or malfunction, or any *
* and all other commercial damages or losses, even if such party *
* shall have been informed of the possibility of such damages. This *
* limitation of liability shall not apply to liability for death or *
* personal injury resulting from such party's negligence to the *
* extent applicable law prohibits such limitation. Some *
* jurisdictions do not allow the exclusion or limitation of *
* incidental or consequential damages, so this exclusion and *
* limitation may not apply to You. *
* *
************************************************************************
8. Litigation
Any litigation relating to this License may be brought only in the
courts of a jurisdiction where the defendant maintains its principal
place of business and such litigation shall be governed by laws of that
jurisdiction, without reference to its conflict-of-law provisions.
Nothing in this Section shall prevent a party's ability to bring
cross-claims or counter-claims.
9. Miscellaneous
This License represents the complete agreement concerning the subject
matter hereof. If any provision of this License is held to be
unenforceable, such provision shall be reformed only to the extent
necessary to make it enforceable. Any law or regulation which provides
that the language of a contract shall be construed against the drafter
shall not be used to construe this License against a Contributor.
10. Versions of the License
10.1. New Versions
Mozilla Foundation is the license steward. Except as provided in Section
10.3, no one other than the license steward has the right to modify or
publish new versions of this License. Each version will be given a
distinguishing version number.
10.2. Effect of New Versions
You may distribute the Covered Software under the terms of the version
of the License under which You originally received the Covered Software,
or under the terms of any subsequent version published by the license
steward.
10.3. Modified Versions
If you create software not governed by this License, and you want to
create a new license for such software, you may create and use a
modified version of this License if you rename the license and remove
any references to the name of the license steward (except to note that
such modified license differs from this License).
10.4. Distributing Source Code Form that is Incompatible With Secondary
Licenses
If You choose to distribute Source Code Form that is Incompatible With
Secondary Licenses under the terms of this version of the License, the
notice described in Exhibit B of this License must be attached.
Exhibit A - Source Code Form License Notice
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, You can obtain one at http://mozilla.org/MPL/2.0/.
If it is not possible or desirable to put the notice in a particular
file, then You may include the notice in a location (such as a LICENSE
file in a relevant directory) where a recipient would be likely to look
for such a notice.
You may add additional accurate notices of copyright ownership.
Exhibit B - "Incompatible With Secondary Licenses" Notice
This Source Code Form is "Incompatible With Secondary Licenses", as
defined by the Mozilla Public License, v. 2.0.

93
doc/architecture.md
Unescape Escape View File

@ -1,26 +1,81 @@
# GitOps for Websites
```mermaid
sequenceDiagram
Actor a as Website Author
participant j as Job triggerd by Cron
participant f as Forgejo Instance
participant g as Your Git Repo for Website
a ->> g: commit & push some new content
j ->> f: check repo hash for new commits
activate j
f ->> g: get lates commit hash
f -->> j:
j ->> f: download repo
j ->> j: generate.sh
j ->> j: cp /target/html to website
deactivate j
```
# Runtime view
For the example configuration
```yaml
issuer: "staging"
websiteconfigs:
- unique-name: "test.io"
fqdns: ["test.de", "test.org", "www.test.de", "www.test.org"]
forgejo-host: "codeberg.org"
repo-name: "repo"
branchname: "main"
- unique-name: "example.io"
fqdns: ["example.org", "www.example.com"]
forgejo-host: "fineForgejoHost.net"
repo-name: "repo"
branchname: "main"
mon-cfg:
grafana-cloud-url: "url-for-your-prom-remote-write-endpoint"
cluster-name: "website"
cluster-stage: "test"
```
the website runtime looks like:
```mermaid
C4Context
title c4k-webserver
Boundary(website, "website") {
System(website_ing1, "ingress f. host meissa-gmbh.de")
System(website_ing2, "ingress f. host meissa.de")
Boundary(website_pod, "website pod"){
Boundary(aaa, "website container") {
System(ws, "webserver")
SystemDb(file_html, "static html")
Rel(ws, file_html, "file ro")
Boundary(k8s, "cluster") {
Boundary(test_io, "namespace test-io"){
System(website_ingt, "ingress f. test.de")
Boundary(test_de_srv_t, "webserver") {
System(wst, "webserver")
SystemDb(file_htmlt, "static html")
Rel(wst, file_htmlt, "file ro")
}
Boundary(aab, "cron generate website") {
System(git_clonet, "git clone/pull & generate.sh & copy to static html")
SystemDb(file_gitt, "git repo for test.io")
Rel(git_clonet, file_gitt, "file rw")
Rel(file_gitt, file_htmlt, "file rw")
}
}
Boundary(aab, "cron build website") {
System(git_clone, "git clone/pull & lein ring server & copy to static html")
SystemDb(file_git, "git repo")
Rel(git_clone, file_git, "file rw")
Rel(git_clone, file_html, "file rw")
}
Rel(website_ingt, wst, "http")
Boundary(example_io, "namespace example-io"){
System(website_inge, "ingress f. example.org")
Boundary(test_de_srv_e, "webserver") {
System(wse, "webserver")
SystemDb(file_htmle, "static html")
Rel(wse, file_htmle, "file ro")
}
Boundary(aeb, "cron generate website") {
System(git_clonee, "git clone/pull & generate.sh & copy to static html")
SystemDb(file_gite, "git repo for example.io")
Rel(git_clonee, file_gite, "file rw")
Rel(file_gite, file_htmle, "file rw")
}
}
Rel(website_inge, wse, "http")
}
Rel(website_ing1, ws, "http")
Rel(website_ing2, ws, "http")
}
```
[![](https://mermaid.ink/img/pako:eNqNU8tugzAQ_JWVD1UqJaka5cSxSX-guSIhgxewamxkL01RxL_XQFExSdr6gtee2ccMvrDMCGQRO-wPRhN-UqzBL5KkELL9--aMqUP7gXa8eDGNFty2q_5cEq4hZt_bmD3CZUT169Q6wmrCJVIXzz3Yfy06B_kWSuMIKpTO8U1RpeVW9Dl-y7C7n2FJXjaa1EbMmgUfevys34DEOZ-DM68Nl9qLEM647NRNpFGxeT8h9JiucqkwKalSPccRJ5lBH95kvaEasgekPgBrrgjd3aHSnpZZoyFtpBJw27nFVIWkJFNGD177AIbgqW6UggdQKDVY7wmMQ_ujzNQtkIG_hgql8JmnAhZrc1eGWTtz3ijG-d-0UMRrXjfb_9zMpB0sCX7u0f6SqA6yLYC7BTAs4guwNavQVlwK_y4HW2JGJVbepshvBea8URSzWHce2tSCE74KScayKOfK4Zrxhsyp1RmLyDY4gY6SF5ZX42H3BTITMPU)](https://mermaid.live/edit#pako:eNqNU8tugzAQ_JWVD1UqJaka5cSxSX-guSIhgxewamxkL01RxL_XQFExSdr6gtee2ccMvrDMCGQRO-wPRhN-UqzBL5KkELL9--aMqUP7gXa8eDGNFty2q_5cEq4hZt_bmD3CZUT169Q6wmrCJVIXzz3Yfy06B_kWSuMIKpTO8U1RpeVW9Dl-y7C7n2FJXjaa1EbMmgUfevys34DEOZ-DM68Nl9qLEM647NRNpFGxeT8h9JiucqkwKalSPccRJ5lBH95kvaEasgekPgBrrgjd3aHSnpZZoyFtpBJw27nFVIWkJFNGD177AIbgqW6UggdQKDVY7wmMQ_ujzNQtkIG_hgql8JmnAhZrc1eGWTtz3ijG-d-0UMRrXjfb_9zMpB0sCX7u0f6SqA6yLYC7BTAs4guwNavQVlwK_y4HW2JGJVbepshvBea8URSzWHce2tSCE74KScayKOfK4Zrxhsyp1RmLyDY4gY6SF5ZX42H3BTITMPU)

632
doc/architekturbild-c4k-website.graphml
Unescape Escape View File

@ -1,632 +0,0 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
<!--Created by yEd 3.22-->
<key attr.name="Description" attr.type="string" for="graph" id="d0"/>
<key for="port" id="d1" yfiles.type="portgraphics"/>
<key for="port" id="d2" yfiles.type="portgeometry"/>
<key for="port" id="d3" yfiles.type="portuserdata"/>
<key attr.name="url" attr.type="string" for="node" id="d4"/>
<key attr.name="description" attr.type="string" for="node" id="d5"/>
<key for="node" id="d6" yfiles.type="nodegraphics"/>
<key for="graphml" id="d7" yfiles.type="resources"/>
<key attr.name="url" attr.type="string" for="edge" id="d8"/>
<key attr.name="description" attr.type="string" for="edge" id="d9"/>
<key for="edge" id="d10" yfiles.type="edgegraphics"/>
<graph edgedefault="directed" id="G">
<data key="d0" xml:space="preserve"/>
<node id="n0">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="154.25" width="221.25" x="674.8125" y="-212.076171875"/>
<y:Fill color="#C0C0C0" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="20.344114303588867" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" textColor="#000000" verticalTextPosition="bottom" visible="true" width="36.292236328125" x="4.0" xml:space="preserve" y="4.0">Client</y:NodeLabel>
<y:Shape type="roundrectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n1">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="514.0" width="1041.25" x="-97.5625" y="-35.638671875"/>
<y:Fill color="#3366FF" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="18" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="28.515846252441406" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" textColor="#000000" verticalTextPosition="bottom" visible="true" width="131.1511993408203" x="4.0" xml:space="preserve" y="4.0">Hetzner-Server</y:NodeLabel>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" hasText="false" height="4.0" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="4.0" x="518.625" y="266.69427546920065">
<y:LabelModel>
<y:SmartNodeLabelModel distance="4.0"/>
</y:LabelModel>
<y:ModelParameter>
<y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.022751508694942912" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
</y:ModelParameter>
</y:NodeLabel>
<y:Shape type="rectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n2">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="426.5" width="691.75" x="-57.5" y="10.111328125"/>
<y:Fill color="#33CCCC" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" textColor="#000000" verticalTextPosition="bottom" visible="true" width="39.61585998535156" x="4.0" xml:space="preserve" y="4.0">Node</y:NodeLabel>
<y:Shape type="roundrectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n3">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="85.0" width="93.75" x="290.0" y="60.548828125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="86.34767150878906" x="3.7011642456054688" xml:space="preserve" y="30.966041564941406">Webserver 1<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="octagon"/>
</y:ShapeNode>
</data>
</node>
<node id="n4">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="98.75" width="78.75" x="128.9375" y="53.673828125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="61.10578918457031" x="8.822105407714844" xml:space="preserve" y="37.841041564941406">Ingress1<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="fatarrow2"/>
</y:ShapeNode>
</data>
</node>
<node id="n5">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="98.75" width="78.75" x="128.9375" y="182.423828125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="61.10578918457031" x="8.822105407714844" xml:space="preserve" y="37.841041564941406">Ingress2<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="fatarrow2"/>
</y:ShapeNode>
</data>
</node>
<node id="n6">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="85.0" width="93.75" x="290.0" y="189.298828125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="86.34767150878906" x="3.7011642456054688" xml:space="preserve" y="30.966041564941406">Webserver 2<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="octagon"/>
</y:ShapeNode>
</data>
</node>
<node id="n7">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="112.5" width="123.75" x="-47.5" y="175.548828125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="53.3358154296875" x="35.20709228515625" xml:space="preserve" y="44.716041564941406">Metallb<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="octagon"/>
</y:ShapeNode>
</data>
</node>
<node id="n8">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="153.75" width="148.75" x="-1048.8125" y="-1.1875"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="18" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="28.515846252441406" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="84.38749694824219" x="32.181251525878906" xml:space="preserve" y="62.6170768737793">pybuilder<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="rectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n9">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="160.0" width="148.75" x="-680.0625" y="266.25"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="18" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="28.515846252441406" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="51.15971374511719" x="48.795143127441406" xml:space="preserve" y="65.7420768737793">provs<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="rectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n10">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="160.0" width="148.75" x="-1048.8125" y="266.25"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="18" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="28.515846252441406" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="32.547821044921875" x="58.10108947753906" xml:space="preserve" y="65.7420768737793">c4k<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="rectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n11">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="153.75" width="148.75" x="-680.0625" y="-1.1875"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="18" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="28.515846252441406" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="86.96148681640625" x="30.894256591796875" xml:space="preserve" y="62.6170768737793">terraform<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="rectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n12">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="75.0" width="75.0" x="-643.1875" y="-173.138671875"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="16" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="25.792043685913086" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="37.8880615234375" x="18.55596923828125" xml:space="preserve" y="24.603978157043457">AWS<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="rectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n13">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="75.0" width="75.0" x="-331.90625" y="38.1875"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="16" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="25.792043685913086" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="63.69612121582031" x="5.651939392089844" xml:space="preserve" y="24.603978157043457">Hetzner<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="rectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n14">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="75.0" width="141.25" x="714.8125" y="-172.451171875"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="20.344114303588867" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="61.432403564453125" x="39.90879821777344" xml:space="preserve" y="27.327942848205566">local build<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="roundrectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n15">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="63.75" width="118.75" x="456.5" y="71.173828125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="47.52583312988281" x="35.612083435058594" xml:space="preserve" y="20.341041564941406">Mount<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="20.344114303588867" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="111.3167724609375" x="4.0" xml:space="preserve" y="39.40588569641113">Holds website data
<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="-0.5" labelRatioY="0.5" nodeRatioX="-0.5" nodeRatioY="0.5" offsetX="4.0" offsetY="-4.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="roundrectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n16">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="63.75" width="118.75" x="456.5" y="199.923828125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="47.52583312988281" x="35.612083435058594" xml:space="preserve" y="20.341041564941406">Mount<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="20.344114303588867" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="111.3167724609375" x="4.0" xml:space="preserve" y="39.40588569641113">Holds website data
<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="-0.5" labelRatioY="0.5" nodeRatioX="-0.5" nodeRatioY="0.5" offsetX="4.0" offsetY="-4.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="roundrectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n17">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="98.75" width="78.75" x="128.9375" y="311.173828125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="15.255950927734375" x="31.747024536132812" xml:space="preserve" y="37.841041564941406">...<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="fatarrow2"/>
</y:ShapeNode>
</data>
</node>
<node id="n18">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="85.0" width="93.75" x="290.0" y="318.048828125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="15.255950927734375" x="39.24702453613281" xml:space="preserve" y="30.966041564941406">...<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="octagon"/>
</y:ShapeNode>
</data>
</node>
<node id="n19">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="63.75" width="118.75" x="456.5" y="328.673828125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="15.255950927734375" x="51.74702453613281" xml:space="preserve" y="20.341041564941406">...<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="20.344114303588867" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="111.3167724609375" x="4.0" xml:space="preserve" y="39.40588569641113">Holds website data
<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="-0.5" labelRatioY="0.5" nodeRatioX="-0.5" nodeRatioY="0.5" offsetX="4.0" offsetY="-4.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="roundrectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n20">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="74.375" width="255.5" x="657.6875" y="65.861328125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="250.9450225830078" x="2.2774887084960938" xml:space="preserve" y="25.653541564941406">Folder in /var/www/fqdn-folder-name<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="roundrectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n21">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="74.375" width="255.5" x="657.6875" y="194.611328125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="250.9450225830078" x="2.2774887084960938" xml:space="preserve" y="25.653541564941406">Folder in /var/www/fqdn-folder-name<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="roundrectangle"/>
</y:ShapeNode>
</data>
</node>
<node id="n22">
<data key="d6">
<y:ShapeNode>
<y:Geometry height="74.375" width="255.5" x="657.6875" y="323.361328125"/>
<y:Fill color="#FFCC00" transparent="false"/>
<y:BorderStyle color="#000000" raised="false" type="line" width="1.0"/>
<y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="14" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="23.067916870117188" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="250.9450225830078" x="2.2774887084960938" xml:space="preserve" y="25.653541564941406">Folder in /var/www/fqdn-folder-name<y:LabelModel><y:SmartNodeLabelModel distance="4.0"/></y:LabelModel><y:ModelParameter><y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/></y:ModelParameter></y:NodeLabel>
<y:Shape type="roundrectangle"/>
</y:ShapeNode>
</data>
</node>
<edge id="e0" source="n7" target="n7">
<data key="d10">
<y:ArcEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
<y:Point x="14.375" y="231.798828125"/>
</y:Path>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:Arc height="0.0" ratio="1.0" type="fixedRatio"/>
</y:ArcEdge>
</data>
</edge>
<edge id="e1" source="n7" target="n4">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e2" source="n7" target="n5">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e3" source="n4" target="n2">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e4" source="n8" target="n11">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:EdgeLabel alignment="left" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="13" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="39.41203308105469" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="85.26309204101562" x="67.36845397949219" xml:space="preserve" y="10.293983459472656">out_conf.edn
out_auth.edn<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e5" source="n11" target="n9">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:EdgeLabel alignment="left" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="13" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="39.41203308105469" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="40.27003479003906" x="8.364982604980469" xml:space="preserve" y="31.418983459472656">IP
FQDN<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e6" source="n11" target="n12">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
<y:Point x="-625.0275" y="-58.35633333333334"/>
</y:Path>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:EdgeLabel alignment="left" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="13" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="21.706016540527344" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="65.841064453125" x="-76.92666845703047" xml:space="preserve" y="-69.5675916035971">DNS Entry<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e7" source="n11" target="n13">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
<y:Point x="-441.69499999999994" y="98.875"/>
</y:Path>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:EdgeLabel alignment="left" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="13" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="39.41203308105469" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="68.63603210449219" x="65.34923394775524" xml:space="preserve" y="18.702248697916332">ssh keys
server size<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e8" source="n13" target="n1">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:EdgeLabel alignment="left" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="13" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="57.11804962158203" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="108.4290771484375" x="11.446461425783014" xml:space="preserve" y="19.35144684855112">spin up server
of requested size
with ssh keys<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e9" source="n9" target="n1">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e10" source="n9" target="n1">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e11" source="n9" target="n1">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:EdgeLabel alignment="left" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="13" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="39.41203308105469" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="95.46807861328125" x="124.88346069335978" xml:space="preserve" y="-5.053327657063903">k3s and
c4k application<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e12" source="n9" target="n10">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
<y:Point x="-787.3125" y="291.125"/>
</y:Path>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:EdgeLabel alignment="left" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="13" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="39.41203308105469" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="85.26309204101562" x="-102.75654602050781" xml:space="preserve" y="-76.6949691772461">out_conf.edn
out_auth.edn<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e13" source="n10" target="n9">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
<y:Point x="-793.8125" y="404.125"/>
</y:Path>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:EdgeLabel alignment="left" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="13" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="21.706016540527344" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="132.40110778808594" x="18.766946105956777" xml:space="preserve" y="44.647786814371784">application yaml files<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e14" source="n4" target="n3">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e15" source="n5" target="n6">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e16" source="n6" target="n2">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e17" source="n17" target="n18">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e18" source="n15" target="n3">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e19" source="n20" target="n15">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e20" source="n16" target="n6">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e21" source="n19" target="n18">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e22" source="n4" target="n2">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e23" source="n2" target="n1">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e24" source="n7" target="n17">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e25" source="n6" target="n2">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e26" source="n22" target="n19">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e27" source="n21" target="n16">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e28" source="n14" target="n20">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:EdgeLabel alignment="left" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="36.688228607177734" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="76.39651489257812" x="4.9553675537108575" xml:space="preserve" y="75.47775874328613">copy to
via scp/rsync<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e29" source="n13" target="n11">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
<y:Point x="-438.44499999999994" y="62.251666666666665"/>
</y:Path>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:EdgeLabel alignment="left" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="13" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="39.41203308105469" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="30.31201171875" x="-116.9447558593746" xml:space="preserve" y="-49.27187929280607">IPv4
IPv6<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
<edge id="e30" source="n12" target="n11">
<data key="d10">
<y:PolyLineEdge>
<y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
<y:Point x="-588.3494999999999" y="-62.498333333333335"/>
</y:Path>
<y:LineStyle color="#000000" type="line" width="1.0"/>
<y:Arrows source="none" target="standard"/>
<y:EdgeLabel alignment="left" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="13" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="21.706016540527344" horizontalTextPosition="center" iconTextGap="4" modelName="free" modelPosition="anywhere" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="54.99903869628906" x="13.953326354981414" xml:space="preserve" y="25.047580271402865">ssh keys<y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/></y:EdgeLabel>
<y:BendStyle smoothed="false"/>
</y:PolyLineEdge>
</data>
</edge>
</graph>
<data key="d7">
<y:Resources/>
</data>
</graphml>

BIN
doc/architekturbild-c4k-website.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 104 KiB

49
doc/data-flow.md
Unescape Escape View File

@ -0,0 +1,49 @@
# Data Flow from config & auth to final website
```mermaid
flowchart TB
conf(config)
auth(auth)
c4k(c4k-website)
sec(website-build-secret)
depl(nginx-deployment\ninitContainer)
cron(website-build-cron)
repo(repo.prod.meissa.de)
vol[(content-volume)]
nginx(nginx)
serve((serve website))
user(website-user)
generate((Generation))
app(application.yaml)
build((build website))
pull((pull website repo))
unpack((unpack website data))
exec((execute scripts))
if0{scripts exist}
subgraph dockerImage
pull -- zip file --> unpack
unpack -- website data --> if0
if0 -- yes --> exec
exec -- modified\n website data--> build
if0 -- no\n unmodified website data --> build
end
conf -- configuration data --> c4k
auth -- authorization data --> c4k
c4k -- auth & conf data --> generate
generate -- correctly placed auth & conf data --> app
subgraph cluster
app -- container specific config &\n build specific env vars--> depl & cron
app -- build specific secret env vars --> sec
sec -- secret env vars --> depl & cron
depl & cron -- environment vars\n from secret and c4k-website --> dockerImage
dockerImage -- website files --> vol
vol -- website files --> nginx
nginx -- website files --> serve
end
repo -- build repo --> dockerImage
serve -- rendered page --> user
```

BIN
doc/meissa-website-arch.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 70 KiB

171
doc/requirements.md
Unescape Escape View File

@ -0,0 +1,171 @@
# Aktoren
## A1: Der Website-Konsument
## A2: Der Website-Pfleger
## A3: Der Website-Entwickler
## A4: Der Website Betreiber
# Requirements - Website Redesign - Brainstorming
## 001
### Modularisierung von Templates
Als Website-Pfleger möchte ich Templates versioniert verwenden können. Damit kann ich entscheiden, wann ich Template Weiterentwicklungen folgen möchte.
Bei hugo:
wird typischerweise mit git submodule umgesetzt
=> Micha meint, dass dann der Entwicklungsroundtrip um 1 bis 2 Schritte größer wird.
(git pull im submodul ordner & keine sprechende versionsnumme).
Addendum: Es gibt hugo modules, die Versionsverwaltung und Modularisierung einfach machen: https://www.nickgracilla.com/posts/master-hugo-modules-managing-themes-as-modules/
bei cryogen:
modularisierung über jar-file => im kombinierten Entwicklungszyklus wird mit snapshot ein Schritt weniger gebraucht.
## 002
### Websitestruktur ist einfach zu lernen
Die fertige Websitestruktur soll möglichst unkompliziert und somit einfach für den Website-Pfleger zu lernen sein.
These: Damit jemand die Website-Struktur lernen kann, muss klar sein, wie das Theme funktionieert und wir wir unsere Inhalte strukturieren.
Theme: Setzt sich aus der Menge der Layouts, CSS und JS zusammen
Layout: Besteht aus einem oder mehreren Partials und repräsentiert einen Seitentyp im Theme
Partials: sind HTML und Template Elemente, die in Layouts enthalten sein können.
Asset:
Hugo: Erlaubt Trennung von Inhalt und Theme, relativ viel Freiheit bei Folder-Structure (Erik sucht evtl. noch Details raus)
Cryogen: Hat Inhalte und Theme gemischt, Folder sind teilweise fest im Code verdrahtet
Die Doku muss auf Theme-Ebene gemacht werden.
## 003
### Responsive Design
Als Website-Konsument möchte ich die Website auf Smartphon, Tablet oder auf dem 4K-Sreen konsumieren können.
Große Auswahl an Themes bei Hugo, Auswahl bei reinen Bootstrap-themes (noch) unklar.
Zeit in Recherche von Themes investieren (2h) mit Fokus auf Aussehen, interne Struktur und Erweiterbarkeit.
## 004
### Inhalte ohne Layout
Der Website-Pfleger soll Inhalte möglichst einfach verändern können, ohne dass er sich um das Layout kümmern muss (evtl Markdown oder Asciidoc ?).
Michael und Ansgar wollen Seiten mit Markdown machen können.
Erik findet Markdown auf den LandingPages nicht wichtig und in manchen Fällen kontraproduktiv.
## 005
### Website muss keine Inhalte von extern downloaden (müssen) - z.B. Fonts, css etc
Als Website-Konsument möchte ich nur der besuchten Seite meine Daten zugestehen - und nicht der gesamten tracking-Welt.
Geht bei beiden.
## 007
### Rückwärtskompatibilität
Als Website-Betreiber möchte ich, dass alte Websites (bspw Informatikbüro Jerger) mit c4k-website weiterhin funktionieren, ohne bei ihnen Anpassungen machen zu müssen (wir brauchen eine Wartungsperspektive für 3 weitere bestehende Websites).
Todos sind:
* lein als build-aufruf muss einheitlicher werden
* c4k-website müsste evtl. mit einem weitern flavor "hugo" umgehen können
* Migrationspfad für bestehende Websites (Anleitung für Navigation / bisherige Content-Struktur)
* POC: der die wesentlichen Features für dda.io abbildet (Navigation, Migration für Seiten&Bilder, Blog, partials)
## 008
### Website soll statisch sein
Als Website-Betreiber möchte ich eine statische Website ausliefern, damit der Website Betrieb nicht so komplex wird. Der Website betreiber muss sich zudem bei statischen Websites nicht so sehr um die Sicherheit von Credentials, Assets und ähnliches kümmern.
Geht bei beiden.
## 009
### Einfache und Zugängliche Technologie
a) Die Technologie, die der Theme-Entwickler zum Bau der WS verwendet (mit Technik drumherum), soll gut dokumentiert und zugänglich sein. Damit ist es für den Website-Entwickler einfach, Änderungen im technischen Kontext der Website umzusetzen.
Beim Generator stehen da so Fragen an wie:
* Lookup-Order in der Dir-Struktur
* Modul-Frage
* Content Organisation (Page-Bundles bei hugo)
* Debug-Möglichkeiten
Community (Hugo) <-> Wissen in der Firma (Micha hat das Zeugs in Cryogen eingebaut)
(Ausführliche) Dokumentation
b) Die Technologie, die der Content-Entwickler verwendet, soll gut dokumentiert und zugänglich sein. Damit ist es für den Website-Entwickler einfach, Änderungen im Inhalt umzusetzen.
Beim Theme stehen da so Fragen an wie:
* Wie stelle ich navigation her
* Link in texts
* Welche Layouts existieren
* Bilder
* Meta-Infos
* Muss ich Graph Head bedienen?
## 010
### Spass bei Entwicklung und Pflege
Website-Entwickler und Website-Pfleger sollten Spaß haben bei Website redesignen und Pflege (techn. und inhaltliche Pflege)
Spassfaktoren:
* Startgeschwindigkeit des Tools
* Hugo startet schnell, ohne JDK
* Cryogen braucht länger, kann evtl mit GraalVM beschleunigt werden
* Buildzeit
* Hugo kommt and WYSIWYG feeling heran, buildzeit zur Vorschau bei <1s
* Cryogen builds brauchen ca +-10s
* Entwicklungsflow
* Instantane Anzeige von Änderungen auf der Site bei Hugo
* Editor-Freiheit
* Markdown hat schon im Editor ein PreView
* Markdown erlaubt kleine Freiheiten, ohne immer gleich am Theme ändern zu müssen.
* Bild-Nachbearbeitungspipeline
* Mehr Automatisierung bei Bild-Metainfos, Sizing, Dimensionierung
* Spassbremse: Hugo erinnert mich an Helm - und das hat Brechreitzfaktor für Micha
* Hugo wäre Investierung in die Zukunft
* Hugo-Wissen kann auf dem Lebenslauf evtl. nützlich sein.
## 011
### Wohlfühlen mit schönem und funktionierendem Design
Der Website-Konsument soll sich bei dem Besuch der WS wohlfühlen und schnell erfassen können worum es geht.
Geht bei beiden.
## 012
### OpenSource
Der Entwickler und Betreiber möchte Tools und Layouts mit OS-Lizenz, da das unkomplizierter ist.
Geht bei beiden.
## 013
### Leichtgewichtiger Buildprozess
Die Website-Betreiber sollen keine hohen Kosten beim Betreiben der Website haben.
Geht bei beiden.
Cryogen brauch evtl. GraalVM, aber tendenziell sind beide tools gleichwertig in Gewichtigkeit des Bau-Prozesses.
## 015
### Template-Eigenschaften sind überschreibbar
Als Website-Entwickler möchte ich Template Eigenschaften auf Ebene von Website oder Seite überschreiben können, damit ich kleine Änderungen schnell umsetzen kann.
Lokales überschreiben von Themes funktioniert:
Hugo:
* Entweder über go modules
* Oder lokale theme ordner
Cryogen:
* Ebenfalls über lokale theme ordner
## 016
### Unser theme / layout soll privat bleiben können
Als meissa Mitglied wollen wir verhindern, dass jemand einfach unsere Website clonen kann.
Funktioniert bei beiden: Via git repo.
## 017
### URL-Redirects
Als Website-Pfleger möchte ich Redirects definieren können um eingägnge und stabile alternativ URLs zu einer Seite definieren zu können.
Kann cryogen nicht.
Unklar bei Hugo - Aliases?
Resourcen: https://gohugo.io/content-management/urls/
## 018
### Domain-Logik ist in Programiersprache beschreibbar.
Als Theme-Entwickler möchte ich möglichst wenig Logik in Templating haben müssen.

BIN
doc/tryItOut.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 85 KiB

After

Width:  |  Height:  |  Size: 149 KiB

58
infrastructure/build/build.py
Unescape Escape View File

@ -0,0 +1,58 @@
from os import environ
from datetime import datetime
from pybuilder.core import task, init
from ddadevops import *
import logging
name = 'c4k-website'
MODULE = 'build'
PROJECT_ROOT_PATH = '../..'
version = "2.0.4-dev"
@init
def initialize(project):
image_tag = version
if "dev" in image_tag:
image_tag += datetime.now().strftime("%Y-%m-%d-%H-%M-%S")
input = {
"name": name,
"module": MODULE,
"stage": "notused",
"project_root_path": PROJECT_ROOT_PATH,
"build_types": ["IMAGE"],
"mixin_types": [],
"image_naming": "NAME_AND_MODULE",
"image_tag": f"{image_tag}",
}
project.build_depends_on("ddadevops>=4.7.0")
build = DevopsImageBuild(project, input)
build.initialize_build_dir()
@task
def image(project):
build = get_devops_build(project)
build.image()
@task
def drun(project):
build = get_devops_build(project)
build.drun()
@task
def test(project):
build = get_devops_build(project)
build.test()
@task
def publish(project):
build = get_devops_build(project)
build.dockerhub_login()
build.dockerhub_publish()

3
infrastructure/c4k-website-build/image/Dockerfile → infrastructure/build/image/Dockerfile
Unescape Escape View File

@ -3,9 +3,12 @@ FROM clojure:lein
# Prepare Entrypoint Script
ADD resources /tmp
ENV HUGO_VERSION="0.125.5"
ENV GO_VERSION="1.19.13"
ENV BUILDDIR="/etc/website"
ENV SOURCEDIR="/etc/websitesource"
ENV WEBSITEROOT="/var/www/html/website/"
ENV HASHFILEDIR="/var/hashfile.d"
ENV PATH="${PATH}:/usr/local/go/bin"
RUN /tmp/install.sh

8
infrastructure/c4k-website-build/image/resources/entrypoint.sh → infrastructure/build/image/resources/entrypoint.sh
Unescape Escape View File

@ -20,17 +20,13 @@ if [[ $currentHash == $newHash ]]
echo "Nothing to do"
else
echo $currentHash > $HASHFILEDIR/$hashfilename
echo "Generate .netrc file"
generate-netrc-file
echo "Downloading website data"
get-website-data $filename
unzip-website-data $filename
echo "Executing Custom Scripts, if applicable"
execute-scripts-when-existing
echo "Building website"
build-website
echo "Moving files"
move-website-files-to-target
fi

0
infrastructure/c4k-website-build/image/resources/exclude.pattern → infrastructure/build/image/resources/exclude.pattern
Unescape Escape View File

69
infrastructure/build/image/resources/functions.sh
Unescape Escape View File

@ -0,0 +1,69 @@
#!/bin/bash
function generate-netrc-file() {
echo "machine $GITHOST password $AUTHTOKEN" > ~/.netrc
}
function get-website-data() {
curl -H "Authorization: token $AUTHTOKEN" -o $SOURCEDIR/$1 $GITREPOURL
}
function get-hash-data() {
curl -s -H "Authorization: token $AUTHTOKEN" $GITCOMMITURL | jq '.sha'
}
function write-hash-data() {
echo $1 > $HASHFILEDIR/$2
}
function unzip-website-data() {
unzip $SOURCEDIR/$1 -d $BUILDDIR
}
function build-website() {
(cd $BUILDDIR; dir=$(ls); cd $dir; bash generate.sh;)
}
function move-website-files-to-target() {
(cd $BUILDDIR; dir=$(ls); cd $dir; rsync -ru --exclude-from "/etc/exclude.pattern" --delete target/html/* $WEBSITEROOT;)
}
function install-hugo-from-deb() {
curl -L "https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_linux-amd64.deb" -o hugo_extended_${HUGO_VERSION}_linux-amd64.deb
curl -L "https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_${HUGO_VERSION}_checksums.txt" -o checksums.txt
EXPECTED_CHECKSUM="$(sha256sum hugo_extended_${HUGO_VERSION}_linux-amd64.deb)"
ACTUAL_CHECKSUM="$(grep hugo_extended_${HUGO_VERSION}_linux-amd64.deb checksums.txt)"
if [ "$EXPECTED_CHECKSUM" != "$ACTUAL_CHECKSUM" ]
then
>&2 echo 'ERROR: Invalid installer checksum'
rm hugo.deb
exit 1
fi
echo "Installing hugo"
echo
dpkg -i hugo_extended_${HUGO_VERSION}_linux-amd64.deb
echo "Clean up"
rm hugo_extended_${HUGO_VERSION}_linux-amd64.deb
rm checksums.txt
}
function install-go-from-tar() {
curl -L "https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" -o go_linux-amd64.tar.gz
EXPECTED_CHECKSUM="4643d4c29c55f53fa0349367d7f1bb5ca554ea6ef528c146825b0f8464e2e668 go_linux-amd64.tar.gz"
ACTUAL_CHECKSUM="$(sha256sum go_linux-amd64.tar.gz)"
if [ "$EXPECTED_CHECKSUM" != "$ACTUAL_CHECKSUM" ]
then
>&2 echo 'ERROR: Invalid installer checksum'
rm go_linux-amd64.tar.gz
exit 1
fi
echo "Installing go"
echo
tar -C /usr/local -xzf go_linux-amd64.tar.gz
echo "Clean up"
rm go_linux-amd64.tar.gz
}

28
infrastructure/build/image/resources/install.sh
Unescape Escape View File

@ -0,0 +1,28 @@
#!/bin/bash
set -exo pipefail
function main()
{
{
upgradeSystem
apt-get install -qqy unzip rsync jq imagemagick curl git
install-hugo-from-deb
install-go-from-tar
install -d /etc/lein/
install -m 0700 /tmp/entrypoint.sh /
install -m 0700 /tmp/functions.sh /usr/local/bin/
install -m 0700 /tmp/exclude.pattern /etc/
install -m 0700 /tmp/project.clj /etc/lein/
cd /etc/lein
lein deps
cleanupDocker
} > /dev/null
}
source /tmp/install_functions_debian.sh
source /tmp/functions.sh
DEBIAN_FRONTEND=noninteractive DEBCONF_NOWARNINGS=yes main

0
infrastructure/c4k-website-build/image/resources/project.clj → infrastructure/build/image/resources/project.clj
Unescape Escape View File

0
infrastructure/c4k-website-build/test/serverspec.edn → infrastructure/build/test/serverspec.edn
Unescape Escape View File

51
infrastructure/c4k-website-build/build.py
Unescape Escape View File

@ -1,51 +0,0 @@
from os import environ
from pybuilder.core import task, init
from ddadevops import *
import logging
name = 'c4k-website-build'
MODULE = 'docker'
PROJECT_ROOT_PATH = '../..'
class MyBuild(DevopsDockerBuild):
pass
@init
def initialize(project):
project.build_depends_on('ddadevops>=0.12.4')
stage = 'prod'
dockerhub_user = environ.get('DOCKERHUB_USER')
if not dockerhub_user:
dockerhub_user = gopass_field_from_path('meissa/web/docker.com', 'login')
dockerhub_password = environ.get('DOCKERHUB_PASSWORD')
if not dockerhub_password:
dockerhub_password = gopass_password_from_path('meissa/web/docker.com')
tag = environ.get('CI_COMMIT_TAG')
if not tag:
tag = get_tag_from_latest_commit()
config = create_devops_docker_build_config(
stage, PROJECT_ROOT_PATH, MODULE, dockerhub_user, dockerhub_password, docker_publish_tag=tag)
build = MyBuild(project, config)
build.initialize_build_dir()
@task
def image(project):
build = get_devops_build(project)
build.image()
@task
def drun(project):
build = get_devops_build(project)
build.drun()
@task
def publish(project):
build = get_devops_build(project)
build.dockerhub_login()
build.dockerhub_publish()
@task
def test(project):
build = get_devops_build(project)
build.test()

45
infrastructure/c4k-website-build/image/resources/functions.sh
Unescape Escape View File

@ -1,45 +0,0 @@
#!/bin/bash
function get-website-data() {
curl -H "Authorization: token $AUTHTOKEN" -o $SOURCEDIR/$1 $GITREPOURL
}
function get-hash-data() {
curl -s -H "Authorization: token $AUTHTOKEN" $GITCOMMITURL | jq '.sha'
}
function write-hash-data() {
echo $1 > $HASHFILEDIR/$2
}
function unzip-website-data() {
unzip $SOURCEDIR/$1 -d $BUILDDIR
}
function execute-scripts-when-existing() {
websitedir=$(ls $BUILDDIR)
if [[ -f $BUILDDIR/$websitedir/$SCRIPTFILE ]]
then
checksum="$(sha256sum $BUILDDIR/$websitedir/$SCRIPTFILE | grep -oE "^[a-z0-9]+")"
if [[ "$SHA256SUM" == "$checksum" ]]
then
chmod +x $BUILDDIR/$websitedir/$SCRIPTFILE
(cd $BUILDDIR; dir=$(ls); cd $dir; ./$SCRIPTFILE) #make sure paths defined in scriptfile are relative to $dir
else
printf "Provided SHA256 Sum does not match calculated sum. Exiting."
printf "Calculated SHA256: $checksum"
printf "Given SHA256: $SHA256SUM"
exit 1
fi
else
printf "No script file provided."
fi
}
function build-website() {
(cd $BUILDDIR; dir=$(ls); cd $dir; lein run;)
}
function move-website-files-to-target() {
(cd $BUILDDIR; dir=$(ls); cd $dir; rsync -ru --exclude-from "/etc/exclude.pattern" --delete resources/public/* $WEBSITEROOT;)
}

14
infrastructure/c4k-website-build/image/resources/install.sh
Unescape Escape View File

@ -1,14 +0,0 @@
#!/bin/bash
apt update > /dev/null;
apt install -y unzip rsync jq imagemagick
mkdir /etc/lein/
install -m 0700 /tmp/entrypoint.sh /
install -m 0700 /tmp/functions.sh /usr/local/bin/
install -m 0700 /tmp/exclude.pattern /etc/
install -m 0700 /tmp/project.clj /etc/lein/
cd /etc/lein;
lein deps;

11
infrastructure/c4k-website-build/test/Dockerfile
Unescape Escape View File

@ -1,11 +0,0 @@
FROM c4k-website-build
RUN apt update
RUN apt -yqq --no-install-recommends --yes install curl default-jre-headless
RUN curl -L -o /tmp/serverspec.jar \
https://github.com/DomainDrivenArchitecture/dda-serverspec-crate/releases/download/2.0.0/dda-serverspec-standalone.jar
COPY serverspec.edn /tmp/serverspec.edn
RUN java -jar /tmp/serverspec.jar /tmp/serverspec.edn -v

6
package.json
Unescape Escape View File

@ -2,7 +2,7 @@
"name": "c4k-website",
"description": "Generate c4k yaml for a website deployment.",
"author": "meissa GmbH",
"version": "1.1.1",
"version": "2.0.4-SNAPSHOT",
"homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-website#readme",
"repository": "https://www.npmjs.com/package/c4k-website",
"license": "APACHE2",
@ -27,7 +27,7 @@
"js-yaml": "^4.0.0"
},
"devDependencies": {
"shadow-cljs": "^2.11.18",
"source-map-support": "^0.5.19"
"shadow-cljs": "^2.27.4",
"source-map-support": "^0.5.21"
}
}

30
project.clj
Unescape Escape View File

@ -1,12 +1,12 @@
(defproject org.domaindrivenarchitecture/c4k-website "1.1.1"
(defproject org.domaindrivenarchitecture/c4k-website "2.0.4-SNAPSHOT"
:description "website c4k-installation package"
:url "https://domaindrivenarchitecture.org"
:license {:name "Apache License, Version 2.0"
:url "https://www.apache.org/licenses/LICENSE-2.0.html"}
:dependencies [[org.clojure/clojure "1.11.1"]
[org.clojure/tools.reader "1.3.6"]
[org.domaindrivenarchitecture/c4k-common-clj "4.0.0"]
[hickory "0.7.1"]]
:dependencies [[org.clojure/clojure "1.11.3"]
[org.clojure/tools.reader "1.4.2"]
[org.domaindrivenarchitecture/c4k-common-clj "6.2.3"]
[hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]]
:target-path "target/%s/"
:source-paths ["src/main/cljc"
"src/main/clj"]
@ -22,25 +22,15 @@
:uberjar {:aot :all
:main dda.c4k-website.uberjar
:uberjar-name "c4k-website-standalone.jar"
:dependencies [[org.clojure/tools.cli "1.0.214"]
[ch.qos.logback/logback-classic "1.4.5"
:dependencies [[org.clojure/tools.cli "1.1.230"]
[ch.qos.logback/logback-classic "1.5.6"
:exclusions [com.sun.mail/javax.mail]]
[org.slf4j/jcl-over-slf4j "2.0.6"]]}}
[org.slf4j/jcl-over-slf4j "2.0.13"]
[com.github.clj-easy/graal-build-time "1.0.5"]]}}
:release-tasks [["test"]
["vcs" "assert-committed"]
["change" "version" "leiningen.release/bump-version" "release"]
["vcs" "commit"]
["vcs" "tag" "v" "--no-sign"]
["change" "version" "leiningen.release/bump-version"]]
:aliases {"native" ["shell"
"native-image"
"--report-unsupported-elements-at-runtime"
"--initialize-at-build-time"
"-jar" "target/uberjar/c4k-website-standalone.jar"
"-H:ResourceConfigurationFiles=graalvm-resource-config.json"
"-H:Log=registerResource"
"-H:Name=target/graalvm/${:name}"]
"inst" ["shell"
"sh"
"-c"
"lein uberjar && sudo install -m=755 target/uberjar/c4k-website-standalone.jar /usr/local/bin/c4k-website-standalone.jar"]})
)

2
shadow-cljs.edn
Unescape Escape View File

@ -4,7 +4,7 @@
"src/test/cljc"
"src/test/cljs"
"src/test/resources"]
:dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "4.0.0"]
:dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "6.2.3"]
[hickory "0.7.1"]]
:builds {:frontend {:target :browser
:modules {:main {:init-fn dda.c4k-website.browser/init}}

172
src/main/cljc/dda/c4k_website/core.cljc
Unescape Escape View File

@ -7,70 +7,152 @@
[dda.c4k-common.common :as cm]
[dda.c4k-common.predicate :as cp]
[dda.c4k-common.monitoring :as mon]
[dda.c4k-website.website :as website]))
[dda.c4k-common.namespace :as ns]
[dda.c4k-common.ingress :as ing]
[dda.c4k-website.website :as web]))
(def config-defaults {:issuer "staging"
:volume-size "3"})
(s/def ::mon-cfg ::mon/mon-cfg)
(s/def ::mon-auth ::mon/mon-auth)
(s/def ::unique-name ::web/unique-name)
(s/def ::issuer ::web/issuer)
(s/def ::volume-size ::web/volume-size)
(s/def ::average-rate ::ing/average-rate)
(s/def ::burst-rate ::ing/burst-rate)
(s/def ::mon-cfg mon/config?)
(s/def ::mon-auth mon/auth?)
(s/def ::authtoken ::web/authtoken)
(s/def ::fqdns ::web/fqdns)
(s/def ::forgejo-host ::web/forgejo-host)
(s/def ::repo-owner ::web/repo-owner)
(s/def ::repo-name ::web/repo-name)
(s/def ::branchname ::web/branchname)
(s/def ::build-cpu-request ::web/build-cpu-request)
(s/def ::build-memory-request ::web/build-memory-request)
(s/def ::build-cpu-limit ::web/build-cpu-limit)
(s/def ::build-memory-limit ::web/build-memory-limit)
(s/def ::redirects ::web/redirects)
(def config? (s/keys :req-un [::website/websites]
:opt-un [::website/issuer
::website/volume-size
::mon-cfg]))
(def websiteconfig? (s/keys :req-un [::unique-name
::fqdns
::forgejo-host
::repo-owner
::repo-name
::branchname]
:opt-un [::issuer
::volume-size
::build-cpu-request
::build-cpu-limit
::build-memory-request
::build-memory-limit
::redirects]))
(def websiteauth? web/websiteauth?)
(def websiteauths? (s/keys :req-un [::websiteauths]))
(def auth? (s/keys :req-un [::website/auth]
(s/def ::websiteconfigs (s/coll-of websiteconfig?))
(s/def ::websiteauths (s/coll-of websiteauth?))
(def config? (s/keys :req-un [::websiteconfigs]
:opt-un [::issuer
::volume-size
::mon-cfg
::average-rate
::burst-rate]))
(def auth? (s/keys :req-un [::websiteauths]
:opt-un [::mon-auth]))
(def merged-config-and-auth? (s/and website/config? website/auth?))
(def config-defaults {:issuer "staging"})
(defn-spec sort-config cp/map-or-seq?
[unsorted-config merged-config-and-auth?]
(let [sorted-websites (into [] (sort-by :unique-name (unsorted-config :websites)))
sorted-auth (into [] (sort-by :unique-name (unsorted-config :auth)))]
(def website-config-defaults {:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:redirects []
:average-rate 20
:burst-rate 40})
(defn-spec sort-config map?
[unsorted-config config?]
(let [sorted-websiteconfigs (into [] (sort-by :unique-name (unsorted-config :websiteconfigs)))]
(-> unsorted-config
(assoc-in [:websites] sorted-websites)
(assoc-in [:auth] sorted-auth))))
(defn-spec flatten-and-reduce-config cp/map-or-seq?
[config merged-config-and-auth?]
(merge (-> config :websites first)
(-> config :auth first)
(when (contains? config :issuer)
{:issuer (config :issuer)})
(when (contains? config :volume-size)
{:volume-size (config :volume-size)})))
(defn generate-configs [config]
(loop [config (sort-config config)
(assoc-in [:websiteconfigs] sorted-websiteconfigs))))
(defn-spec sort-auth map?
[unsorted-auth auth?]
(let [sorted-auth (into [] (sort-by :unique-name (unsorted-auth :websiteauths)))]
(-> unsorted-auth
(assoc-in [:websiteauths] sorted-auth))))
(defn-spec flatten-and-reduce-config map?
[config config?]
(let
[first-entry (first (:websiteconfigs config))]
(conj first-entry
(when (contains? config :issuer)
{:issuer (config :issuer)})
(when (contains? config :volume-size)
{:volume-size (config :volume-size)})
(when (contains? config :average-rate)
{:average-rate (config :average-rate)})
(when (contains? config :burst-rate)
{:burst-rate (config :burst-rate)}))))
(defn-spec flatten-and-reduce-auth map?
[auth auth?]
(-> auth :websiteauths first))
(defn-spec generate-ingress seq?
[config websiteconfig?]
(let [name (web/replace-dots-by-minus (:unique-name config))
final-config (merge website-config-defaults
{:service-name name
:service-port 80
:namespace name}
config)]
(ing/generate-simple-ingress final-config)))
(defn-spec generate seq?
[config config?
auth auth?]
(loop [sorted-config (sort-config config)
sorted-auth (sort-auth auth)
result []]
(if (and (empty? (config :auth)) (empty? (config :websites)))
(if (and (empty? (sorted-config :websiteconfigs)) (empty? (sorted-auth :websiteauths)))
result
(recur (->
config
(assoc-in [:websites] (rest (config :websites)))
(assoc-in [:auth] (rest (config :auth))))
(conj result
(website/generate-nginx-deployment (flatten-and-reduce-config config))
(website/generate-nginx-configmap (flatten-and-reduce-config config))
(website/generate-nginx-service (flatten-and-reduce-config config))
(website/generate-website-content-volume (flatten-and-reduce-config config))
(website/generate-hashfile-volume (flatten-and-reduce-config config))
(website/generate-website-ingress (flatten-and-reduce-config config))
(website/generate-website-certificate (flatten-and-reduce-config config))
(website/generate-website-build-cron (flatten-and-reduce-config config))
(website/generate-website-build-secret (flatten-and-reduce-config config)))))))
sorted-config
(assoc-in [:websiteconfigs] (rest (sorted-config :websiteconfigs))))
(->
sorted-auth
(assoc-in [:websiteauths] (rest (sorted-auth :websiteauths))))
(let [curr-flat-websiteconfig
(merge
website-config-defaults
(flatten-and-reduce-config sorted-config))
name (web/replace-dots-by-minus (:unique-name curr-flat-websiteconfig))]
(cm/concat-vec
result
(ns/generate (merge {:namespace name} curr-flat-websiteconfig))
[(web/generate-nginx-deployment curr-flat-websiteconfig)
(web/generate-nginx-configmap curr-flat-websiteconfig)
(web/generate-nginx-service curr-flat-websiteconfig)
(web/generate-content-pvc curr-flat-websiteconfig)
(web/generate-hash-state-pvc curr-flat-websiteconfig)
(web/generate-build-cron curr-flat-websiteconfig)
(web/generate-build-configmap curr-flat-websiteconfig)
(web/generate-build-secret (flatten-and-reduce-auth sorted-auth))]
(generate-ingress curr-flat-websiteconfig)))))))
(defn-spec k8s-objects cp/map-or-seq?
[config config?
auth auth?]
auth auth?]
(cm/concat-vec
(map yaml/to-string
(filter
#(not (nil? %))
(cm/concat-vec
(generate-configs (merge config auth))
(generate config auth)
(when (:contains? config :mon-cfg)
(mon/generate (:mon-cfg config) (:mon-auth auth))))))))

311
src/main/cljc/dda/c4k_website/website.cljc
Unescape Escape View File

@ -1,112 +1,73 @@
(ns dda.c4k-website.website
(:require
[clojure.spec.alpha :as s]
#?(:cljs [shadow.resource :as rc])
[clojure.string :as str]
#?(:clj [orchestra.core :refer [defn-spec]]
:cljs [orchestra.core :refer-macros [defn-spec]])
#?(:clj [clojure.edn :as edn]
:cljs [cljs.reader :as edn])
#?(:cljs [dda.c4k-common.macros :refer-macros [inline-resources]])
[dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm]
[dda.c4k-common.base64 :as b64]
[dda.c4k-common.predicate :as pred]
[dda.c4k-common.ingress :as ing]
[clojure.string :as str]))
[dda.c4k-common.predicate :as pred]))
(defn fqdn-list?
[input]
(every? true? (map pred/fqdn-string? input)))
(s/def ::unique-name string?)
(s/def ::sha256sum-output string?)
(s/def ::issuer pred/letsencrypt-issuer?)
(s/def ::volume-size pred/integer-string?)
(s/def ::authtoken pred/bash-env-string?)
(s/def ::fqdns (s/coll-of pred/fqdn-string?))
(s/def ::gitea-host pred/fqdn-string?)
(s/def ::gitea-repo string?)
(s/def ::forgejo-host pred/fqdn-string?)
(s/def ::repo-name string?)
(s/def ::branchname string?)
(s/def ::username string?)
(s/def ::repo-owner string?)
(s/def ::build-cpu-request string?)
(s/def ::build-memory-request string?)
(s/def ::build-cpu-limit string?)
(s/def ::build-memory-limit string?)
(def websitedata? (s/keys :req-un [::unique-name
::fqdns
::gitea-host
::gitea-repo
::branchname]
:opt-un [::issuer
::volume-size
::sha256sum-output
::build-cpu-request
::build-cpu-limit
::build-memory-request
::build-memory-limit]))
(def websiteauth? (s/keys :req-un [::unique-name ::username ::authtoken]))
(def flattened-and-reduced-config? (s/and websitedata? websiteauth?))
(s/def ::auth (s/coll-of websiteauth?))
(s/def ::websites (s/coll-of websitedata?))
(def auth? (s/keys :req-un [::auth]))
(def config? (s/keys :req-un [::websites]
:opt-un [::issuer ::volume-size]))
(defn-spec get-hash-from-sha256sum-output string?
[sha256sum-output string?]
(if (nil? sha256sum-output)
nil
(first (str/split sha256sum-output #"\ +"))))
(defn-spec get-file-name-from-sha256sum-output string?
[sha256sum-output string?]
(if (nil? sha256sum-output)
nil
(second (str/split (str/trim sha256sum-output) #"\ +"))))
(s/def ::redirect (s/tuple string? string?))
(s/def ::redirects (s/coll-of ::redirect))
(def websiteconfig? (s/keys :req-un [::unique-name
::fqdns
::forgejo-host
::repo-owner
::repo-name
::branchname
::build-cpu-request
::build-cpu-limit
::build-memory-request
::build-memory-limit
::issuer
::volume-size
::redirects]))
(def websiteauth? (s/keys :req-un [::unique-name ::authtoken]))
(defn-spec replace-dots-by-minus string?
[fqdn pred/fqdn-string?]
(str/replace fqdn #"\." "-"))
(defn-spec generate-app-name string?
[unique-name pred/fqdn-string?]
(str (replace-dots-by-minus unique-name) "-website"))
(defn-spec generate-service-name string?
[unique-name pred/fqdn-string?]
(str (replace-dots-by-minus unique-name) "-service"))
(defn-spec generate-cert-name string?
[unique-name pred/fqdn-string?]
(str (replace-dots-by-minus unique-name) "-cert"))
(defn-spec generate-ingress-name string?
[unique-name pred/fqdn-string?]
(str (replace-dots-by-minus unique-name) "-ingress"))
; https://your.gitea.host/api/v1/repos/<owner>/<repo>/archive/<branch>.zip
(defn-spec generate-gitrepourl string?
[host pred/fqdn-string?
owner string?
repo string?
user string?
branch string?]
(str "https://" host "/api/v1/repos/" user "/" repo "/archive/" branch ".zip"))
(str "https://" host "/api/v1/repos/" owner "/" repo "/archive/" branch ".zip"))
; https://your.gitea.host/api/v1/repos/<owner>/<repo>/git/commits/HEAD
(defn-spec generate-gitcommiturl string?
[host pred/fqdn-string?
repo string?
user string?]
(str "https://" host "/api/v1/repos/" user "/" repo "/git/" "commits/" "HEAD"))
owner string?
repo string?]
(str "https://" host "/api/v1/repos/" owner "/" repo "/git/" "commits/" "HEAD"))
(defn-spec replace-all-matching-substrings-beginning-with pred/map-or-seq?
[col pred/map-or-seq?
(defn-spec replace-all-matching-prefixes map?
[col map?
value-to-partly-match string?
value-to-inplace string?]
(clojure.walk/postwalk #(if (and (= (type value-to-partly-match) (type %))
@ -114,112 +75,128 @@
(str/replace % value-to-partly-match value-to-inplace) %)
col))
(defn-spec replace-common-data pred/map-or-seq?
[resource-file string?
config flattened-and-reduced-config?]
(let [{:keys [unique-name]} config]
(defn-spec generate-redirects string?
[config websiteconfig?
indent (s/or :pos pos-int? :zero zero?)]
(let [{:keys [redirects]} config]
(str/join
(str "\n" (str/join (take indent (repeat " "))))
(map
#(str "rewrite ^" (first %1) "\\$ " (second %1) " permanent;")
redirects))))
(defn-spec generate-nginx-configmap map?
[config websiteconfig?]
(let [{:keys [fqdns unique-name]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn resource-file)
(assoc-in [:metadata :labels :app.kubernetes.part-of] (generate-app-name unique-name))
(replace-all-matching-substrings-beginning-with "NAME" (replace-dots-by-minus unique-name)))))
(defn-spec replace-build-data pred/map-or-seq?
[resource-file string?
config flattened-and-reduced-config?]
(let [{:keys [sha256sum-output build-cpu-request build-cpu-limit build-memory-request build-memory-limit]
:or {build-cpu-request "500m" build-cpu-limit "1700m" build-memory-request "256Mi" build-memory-limit "512Mi"}} config]
(yaml/load-as-edn "website/nginx-configmap.yaml")
(replace-all-matching-prefixes "NAME" name)
(#(assoc-in % [:data :website.conf]
(str/replace
(-> % :data :website.conf)
#"FQDN"
(str (str/join " " fqdns) ";"))))
(#(assoc-in % [:data :website.conf]
(str/replace
(-> % :data :website.conf)
#"REDIRECTS"
(generate-redirects config 2)))))))
(defn-spec generate-build-configmap pred/map-or-seq?
[config websiteconfig?]
(let [{:keys [unique-name
forgejo-host
repo-owner
repo-name
branchname]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/build-configmap.yaml")
(replace-all-matching-prefixes "NAME" name)
(cm/replace-all-matching-values-by-new-value "GITHOST" forgejo-host)
(cm/replace-all-matching-values-by-new-value "REPOURL" (generate-gitrepourl
forgejo-host
repo-owner
repo-name
branchname))
(cm/replace-all-matching-values-by-new-value "COMMITURL" (generate-gitcommiturl
forgejo-host
repo-owner
repo-name)))))
(defn-spec generate-build-secret pred/map-or-seq?
[auth websiteauth?]
(let [{:keys [unique-name
authtoken]} auth
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/build-secret.yaml")
(replace-all-matching-prefixes "NAME" name)
(cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken)))))
(defn-spec generate-content-pvc map?
[config websiteconfig?]
(let [{:keys [unique-name volume-size]} config
name (replace-dots-by-minus unique-name)]
(->
(replace-common-data resource-file config)
(cm/replace-all-matching-values-by-new-value "CHECK_SUM" (get-hash-from-sha256sum-output sha256sum-output))
(cm/replace-all-matching-values-by-new-value "SCRIPT_FILE" (get-file-name-from-sha256sum-output sha256sum-output))
(yaml/load-as-edn "website/content-pvc.yaml")
(replace-all-matching-prefixes "NAME" name)
(cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi")))))
; TODO: Non-Secret-Parts should be config map
(defn-spec generate-hash-state-pvc map?
[config websiteconfig?]
(let [{:keys [unique-name]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/hash-state-pvc.yaml")
(replace-all-matching-prefixes "NAME" name))))
(defn-spec generate-nginx-deployment map?
[config websiteconfig?]
(let [{:keys [unique-name build-cpu-request build-cpu-limit
build-memory-request build-memory-limit]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/nginx-deployment.yaml")
(assoc-in [:metadata :namespace] name)
(replace-all-matching-prefixes "NAME" name)
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request)
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit)
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request)
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit))))
#?(:cljs
(defmethod yaml/load-resource :website [resource-name]
(case resource-name
"website/nginx-configmap.yaml" (rc/inline "website/nginx-configmap.yaml")
"website/nginx-deployment.yaml" (rc/inline "website/nginx-deployment.yaml")
"website/nginx-service.yaml" (rc/inline "website/nginx-service.yaml")
"website/website-build-cron.yaml" (rc/inline "website/website-build-cron.yaml")
"website/website-build-secret.yaml" (rc/inline "website/website-build-secret.yaml")
"website/website-content-volume.yaml" (rc/inline "website/website-content-volume.yaml")
"website/hashfile-volume.yaml" (rc/inline "website/hashfile-volume.yaml")
(throw (js/Error. "Undefined Resource!")))))
(defn-spec generate-website-ingress pred/map-or-seq?
[config flattened-and-reduced-config?]
(let [{:keys [unique-name fqdns]} config]
(ing/generate-ingress {:fqdns fqdns
:app-name (generate-app-name unique-name)
:ingress-name (generate-ingress-name unique-name)
:service-name (generate-service-name unique-name)
:service-port 80})))
(defn-spec generate-website-certificate pred/map-or-seq?
[config flattened-and-reduced-config?]
(let [{:keys [unique-name issuer fqdns]
:or {issuer "staging"}} config]
(ing/generate-certificate {:fqdns fqdns
:app-name (generate-app-name unique-name)
:cert-name (generate-cert-name unique-name)
:issuer issuer})))
(defn-spec generate-nginx-configmap pred/map-or-seq?
[config flattened-and-reduced-config?]
(let [{:keys [fqdns]} config]
(->
(replace-common-data "website/nginx-configmap.yaml" config)
(#(assoc-in %
[:data :website.conf]
(str/replace
(-> % :data :website.conf) #"FQDN" (str (str/join " " fqdns) ";")))))))
(defn-spec generate-nginx-deployment pred/map-or-seq?
[config flattened-and-reduced-config?]
(replace-build-data "website/nginx-deployment.yaml" config))
(defn-spec generate-build-cron map?
[config websiteconfig?]
(let [{:keys [unique-name build-cpu-request build-cpu-limit build-memory-request
build-memory-limit]} config
name (replace-dots-by-minus unique-name)]
(->
(yaml/load-as-edn "website/build-cron.yaml")
(replace-all-matching-prefixes "NAME" name)
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_REQUEST" build-cpu-request)
(cm/replace-all-matching-values-by-new-value "BUILD_CPU_LIMIT" build-cpu-limit)
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_REQUEST" build-memory-request)
(cm/replace-all-matching-values-by-new-value "BUILD_MEMORY_LIMIT" build-memory-limit))))
(defn-spec generate-nginx-service pred/map-or-seq?
[config flattened-and-reduced-config?]
(replace-common-data "website/nginx-service.yaml" config))
(defn-spec generate-website-content-volume pred/map-or-seq?
[config flattened-and-reduced-config?]
(let [{:keys [volume-size]
:or {volume-size "3"}} config]
(defn-spec generate-nginx-service map?
[config websiteconfig?]
(let [{:keys [unique-name]} config
name (replace-dots-by-minus unique-name)]
(->
(replace-common-data "website/website-content-volume.yaml" config)
(cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi")))))
(yaml/load-as-edn "website/nginx-service.yaml")
(assoc-in [:metadata :namespace] name)
(replace-all-matching-prefixes "NAME" name))))
(defn-spec generate-hashfile-volume pred/map-or-seq?
[config flattened-and-reduced-config?]
(replace-common-data "website/hashfile-volume.yaml" config))
(defn-spec generate-website-build-cron pred/map-or-seq?
[config flattened-and-reduced-config?]
(replace-build-data "website/website-build-cron.yaml" config))
(defn-spec generate-website-build-secret pred/map-or-seq?
[auth flattened-and-reduced-config?]
(let [{:keys [authtoken
gitea-host
gitea-repo
username
branchname]} auth]
(->
(replace-common-data "website/website-build-secret.yaml" auth)
(cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken))
(cm/replace-all-matching-values-by-new-value "REPOURL" (b64/encode
(generate-gitrepourl
gitea-host
gitea-repo
username
branchname)))
(cm/replace-all-matching-values-by-new-value "COMMITURL" (b64/encode
(generate-gitcommiturl
gitea-host
gitea-repo
username))))))
#?(:cljs
(defmethod yaml/load-resource :website [resource-name]
(get (inline-resources "website") resource-name)))

92
src/main/cljs/dda/c4k_website/browser.cljs
Unescape Escape View File

@ -2,64 +2,60 @@
(:require
[clojure.string :as st]
[clojure.tools.reader.edn :as edn]
[dda.c4k-common.monitoring :as mon]
[dda.c4k-website.core :as core]
[dda.c4k-website.website :as website]
[dda.c4k-common.browser :as br]
[dda.c4k-common.common :as cm]))
(defn generate-group
[name
content]
[{:type :element
:tag :div
:attrs {:class "rounded border border-3 m-3 p-2"}
:content [{:type :element
:tag :b
:attrs {:style "z-index: 1; position: relative; top: -1.3rem;"}
:content name}
{:type :element
:tag :fieldset
:content content}]}])
[dda.c4k-common.common :as cm]
[dda.c4k-common.browser :as br]
))
(defn generate-content []
(cm/concat-vec
[(assoc
(br/generate-needs-validation) :content
(cm/concat-vec
(generate-group
(br/generate-group
"domain"
(cm/concat-vec
(br/generate-input-field "issuer" "(Optional) Your issuer prod/staging:" "")
(br/generate-input-field "issuer" "(Optional) Your issuer prod/staging:" "staging")
(br/generate-input-field "mon-cluster-name" "(Optional) monitoring cluster name:" "website")
(br/generate-input-field "mon-cluster-stage" "(Optional) monitoring cluster stage:" "test")
(br/generate-input-field "mon-cloud-url" "(Optional) grafana cloud url:" "https://prometheus-prod-01-eu-west-0.grafana.net/api/prom/push")))
(br/generate-group
"website-data"
(br/generate-text-area
"websites" "Contains fqdns, repo infos, an optional sha256sum-output for script execution for each website:"
"{:websites
"websiteconfigs" "Contains fqdns, repo infos, an optional sha256sum-output for script execution for each website:"
"{ :websiteconfigs
[{:unique-name \"test.io\",
:fqdns [\"test.de\" \"www.test.de\"],
:gitea-host \"githost.de\",
:gitea-repo \"repo\",
:forgejo-host \"githost.de\",
:repo-owner \"someuser\",
:repo-name \"repo\",
:branchname \"main\",
:sha256sum-output \"123456789ab123cd345de script-file-name.sh\"}
{:unique-name \"example.io \",
:fqdns [\"example.org\" \"www.example.org\"],
:gitea-host \"githost.org\",
:gitea-repo \"repo\",
:forgejo-host \"githost.org\",
:repo-owner \"someuser\",
:repo-name \"repo\",
:branchname \"main\",
:build-cpu-request \"1500m\",
:build-cpu-limit \"3000m\",
:build-memory-request \"512Mi\",
:build-memory-limit \"1024Mi\"}]}"
"16")))
(generate-group
:build-memory-limit \"1024Mi\"}] }"
"16"))
(br/generate-group
"credentials"
(br/generate-text-area
"auth" "Your authentication data for each website or git repo:"
"{:auth
[{:unique-name \"test.io\",
:username \"someuser\",
:authtoken \"abedjgbasdodj\"}
{:unique-name \"example.io\",
:username \"someuser\",
:authtoken \"abedjgbasdodj\"}]}"
"{:mon-auth
{:grafana-cloud-user \"your-user-id\"
:grafana-cloud-password \"your-cloud-password\"}
:websiteauths
[{:unique-name \"test.io\",
:authtoken \"abedjgbasdodj\"}
{:unique-name \"example.io\",
:authtoken \"abedjgbasdodj\"}]}"
"7"))
[(br/generate-br)]
(br/generate-button "generate-button" "Generate c4k yaml")))]
@ -73,16 +69,27 @@
(generate-content)})
(defn config-from-document []
(let [issuer (br/get-content-from-element "issuer" :optional true)]
(let [issuer (br/get-content-from-element "issuer" :optional true)
websiteconfigs (br/get-content-from-element "websiteconfigs" :deserializer edn/read-string)
mon-cluster-name (br/get-content-from-element "mon-cluster-name" :optional true)
mon-cluster-stage (br/get-content-from-element "mon-cluster-stage" :optional true)
mon-cloud-url (br/get-content-from-element "mon-cloud-url" :optional true)]
(merge
(br/get-content-from-element "websites" :deserializer edn/read-string)
{:websiteconfigs websiteconfigs}
(when (not (st/blank? issuer))
{:issuer issuer}))))
{:issuer issuer})
(when (some? mon-cluster-name)
{:mon-cfg {:cluster-name mon-cluster-name
:cluster-stage (keyword mon-cluster-stage)
:grafana-cloud-url mon-cloud-url}}))))
(defn validate-all! []
(br/validate! "websites" website/config? :deserializer edn/read-string)
(br/validate! "issuer" ::website/issuer :optional true)
(br/validate! "auth" website/auth? :deserializer edn/read-string)
(br/validate! "websiteconfigs" core/websiteconfigs? :deserializer edn/read-string)
(br/validate! "issuer" ::core/issuer :optional true)
(br/validate! "mon-cluster-name" ::mon/cluster-name :optional true)
(br/validate! "mon-cluster-stage" ::mon/cluster-stage :optional true)
(br/validate! "mon-cloud-url" ::mon/grafana-cloud-url :optional true)
(br/validate! "auth" core/websiteauths? :deserializer edn/read-string)
(br/set-form-validated!))
(defn add-validate-listener [name]
@ -101,6 +108,9 @@
core/config-defaults
core/k8s-objects)
(br/set-output!)))))
(add-validate-listener "websites")
(add-validate-listener "websiteconfigs")
(add-validate-listener "issuer")
(add-validate-listener "mon-cluster-name")
(add-validate-listener "mon-cluster-stage")
(add-validate-listener "mon-cloud-url")
(add-validate-listener "auth"))

11
src/main/resources/website/build-configmap.yaml
Unescape Escape View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: build-configmap
namespace: NAME
labels:
app.kubernetes.part-of: NAME-website
data:
GITHOST: GITHOST
GITREPOURL: REPOURL
GITCOMMITURL: COMMITURL

28
src/main/resources/website/website-build-cron.yaml → src/main/resources/website/build-cron.yaml
Unescape Escape View File

@ -1,7 +1,8 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: NAME-build-cron
name: build-cron
namespace: NAME
labels:
app.kubernetes.part-of: NAME-website
spec:
@ -10,11 +11,17 @@ spec:
failedJobsHistoryLimit: 1
jobTemplate:
spec:
activeDeadlineSeconds: 415
template:
metadata:
namespace: NAME
labels:
app: build-cron
app.kubernetes.part-of: NAME-website
spec:
containers:
- image: domaindrivenarchitecture/c4k-website-build
name: NAME-build-app
name: build-cron-container
imagePullPolicy: IfNotPresent
resources:
requests:
@ -25,24 +32,21 @@ spec:
memory: BUILD_MEMORY_LIMIT
command: ["/entrypoint.sh"]
envFrom:
- configMapRef:
name: build-configmap
- secretRef:
name: NAME-secret
env:
- name: SHA256SUM
value: CHECK_SUM
- name: SCRIPTFILE
value: SCRIPT_FILE
name: build-secret
volumeMounts:
- name: content-volume
mountPath: /var/www/html/website
- name: hashfile-volume
- name: hash-state-volume
mountPath: /var/hashfile.d
volumes:
- name: content-volume
persistentVolumeClaim:
claimName: NAME-content-volume
- name: hashfile-volume
claimName: content-volume
- name: hash-state-volume
persistentVolumeClaim:
claimName: NAME-hashfile-volume
claimName: hash-state-volume
restartPolicy: OnFailure

7
src/main/resources/website/website-build-secret.yaml → src/main/resources/website/build-secret.yaml
Unescape Escape View File

@ -1,10 +1,9 @@
apiVersion: v1
kind: Secret
metadata:
name: NAME-secret
name: build-secret
namespace: NAME
labels:
app.kubernetes.part-of: NAME-website
data:
AUTHTOKEN: TOKEN
GITREPOURL: REPOURL
GITCOMMITURL: COMMITURL
AUTHTOKEN: TOKEN

6
src/main/resources/website/website-content-volume.yaml → src/main/resources/website/content-pvc.yaml
Unescape Escape View File

@ -1,10 +1,9 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: NAME-content-volume
namespace: default
name: content-volume
namespace: NAME
labels:
app: NAME-nginx
app.kubernetes.part-of: NAME-website
spec:
storageClassName: local-path
@ -13,4 +12,3 @@ spec:
resources:
requests:
storage: WEBSITESTORAGESIZE

6
src/main/resources/website/hashfile-volume.yaml → src/main/resources/website/hash-state-pvc.yaml
Unescape Escape View File

@ -1,10 +1,9 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: NAME-hashfile-volume
namespace: default
name: hash-state-volume
namespace: NAME
labels:
app: NAME-nginx
app.kubernetes.part-of: NAME-website
spec:
storageClassName: local-path
@ -13,4 +12,3 @@ spec:
resources:
requests:
storage: 16Mi

9
src/main/resources/website/nginx-configmap.yaml
Unescape Escape View File

@ -1,15 +1,15 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: NAME-configmap
namespace: default
name: etc-nginx
namespace: NAME
labels:
app.kubernetes.part-of: NAME-website
data:
nginx.conf: |
user nginx;
worker_processes 3;
error_log /var/log/nginx/error.log;
error_log /var/log/nginx/error.log info;
pid /var/log/nginx/nginx.pid;
worker_rlimit_nofile 8192;
events {
@ -93,5 +93,6 @@ data:
location / {
try_files $uri $uri/ /index.html =404;
}
# redirects
REDIRECTS
}

98
src/main/resources/website/nginx-deployment.yaml
Unescape Escape View File

@ -1,76 +1,76 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: NAME-deployment
name: nginx
namespace: NAME
labels:
app.kubernetes.part-of: NAME-website
spec:
replicas: 1
selector:
matchLabels:
app: NAME-nginx
app: nginx
template:
metadata:
namespace: NAME
labels:
app: NAME-nginx
app: nginx
app.kubernetes.part-of: NAME-website
spec:
containers:
- name: NAME-nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
volumeMounts:
- mountPath: /etc/nginx
readOnly: true
name: nginx-config-volume
- mountPath: /var/log/nginx
name: log
- mountPath: /var/www/html/website
name: content-volume
readOnly: true
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
command: [ "/bin/bash", "-c", "nginx -g 'daemon off;'" ]
volumeMounts:
- mountPath: /etc/nginx
readOnly: true
name: etc-nginx
- mountPath: /tmp
name: tmp
- mountPath: /var/www/html/website
name: content-volume
readOnly: true
initContainers:
- image: domaindrivenarchitecture/c4k-website-build
name: NAME-init-build-container
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: BUILD_CPU_REQUEST
memory: BUILD_MEMORY_REQUEST
limits:
cpu: BUILD_CPU_LIMIT
memory: BUILD_MEMORY_LIMIT
command: ["/entrypoint.sh"]
envFrom:
- secretRef:
name: NAME-secret
env:
- name: SHA256SUM
value: CHECK_SUM
- name: SCRIPTFILE
value: SCRIPT_FILE
volumeMounts:
- name: content-volume
mountPath: /var/www/html/website
- name: hashfile-volume
mountPath: /var/hashfile.d
- image: domaindrivenarchitecture/c4k-website-build
name: init-build-container
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: BUILD_CPU_REQUEST
memory: BUILD_MEMORY_REQUEST
limits:
cpu: BUILD_CPU_LIMIT
memory: BUILD_MEMORY_LIMIT
command: ["/entrypoint.sh"]
envFrom:
- configMapRef:
name: build-configmap
- secretRef:
name: build-secret
volumeMounts:
- name: content-volume
mountPath: /var/www/html/website
- name: hash-state-volume
mountPath: /var/hashfile.d
volumes:
- name: nginx-config-volume
- name: etc-nginx
configMap:
name: NAME-configmap
name: etc-nginx
items:
- key: nginx.conf
path: nginx.conf
- key: website.conf
path: conf.d/website.conf
- key: mime.types
path: mime.types
- name: log
path: mime.types
- name: tmp
emptyDir: {}
- name: content-volume
persistentVolumeClaim:
claimName: NAME-content-volume
- name: hashfile-volume
claimName: content-volume
- name: hash-state-volume
persistentVolumeClaim:
claimName: NAME-hashfile-volume
claimName: hash-state-volume

13
src/main/resources/website/nginx-service.yaml
Unescape Escape View File

@ -1,15 +1,14 @@
kind: Service
apiVersion: v1
metadata:
name: NAME-service
name: NAME
namespace: default
labels:
app: NAME-nginx
app: NAME
app.kubernetes.part-of: NAME-website
namespace: default
spec:
spec:
selector:
app: NAME-nginx
app: nginx
ports:
- name: nginx-http
port: 80
port: 80

187
src/test/cljc/dda/c4k_website/core_test.cljc
Unescape Escape View File

@ -1,57 +1,196 @@
(ns dda.c4k-website.core-test
(:require
#?(:cljs [shadow.resource :as rc])
#?(:clj [clojure.test :refer [deftest is are testing run-tests]]
:cljs [cljs.test :refer-macros [deftest is are testing run-tests]])
[clojure.spec.alpha :as s]
[clojure.spec.test.alpha :as st]
[dda.c4k-common.test-helper :as th]
[dda.c4k-common.base64 :as b64]
[dda.c4k-website.core :as cut]
[clojure.spec.alpha :as s]))
[dda.c4k-common.yaml :as yaml]
[dda.c4k-website.core :as cut]))
(def websites
{:websites
(st/instrument `cut/sort-config)
(st/instrument `cut/flattened-and-reduced-config)
(st/instrument `cut/flatten-and-reduce-auth)
(st/instrument `cut/generate-ingress)
(st/instrument `cut/generate)
#?(:cljs
(defmethod yaml/load-resource :website-test [resource-name]
(case resource-name
"website-test/valid-auth.yaml" (rc/inline "website-test/valid-auth.yaml")
"website-test/valid-config.yaml" (rc/inline "website-test/valid-config.yaml")
(throw (js/Error. "Undefined Resource!")))))
(deftest validate-valid-resources
(is (s/valid? cut/config? (yaml/load-as-edn "website-test/valid-config.yaml")))
(is (s/valid? cut/auth? (yaml/load-as-edn "website-test/valid-auth.yaml"))))
(def websites1
{:websiteconfigs
[{:unique-name "example.io"
:fqdns ["example.org", "www.example.com"]
:gitea-host "finegitehost.net"
:gitea-repo "repo"
:forgejo-host "finegitehost.net"
:repo-owner "someuser"
:repo-name "repo"
:branchname "main"}
{:unique-name "test.io"
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"]
:gitea-host "gitlab.de"
:gitea-repo "repo"
:forgejo-host "gitlab.de"
:repo-owner "someuser"
:repo-name "repo"
:branchname "main"}]})
(def websites2
{:websiteconfigs
[{:unique-name "test.io"
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"]
:forgejo-host "gitlab.de"
:repo-owner "someuser"
:repo-name "repo"
:branchname "main"}
{:unique-name "example.io"
:fqdns ["example.org", "www.example.com"]
:forgejo-host "finegitehost.net"
:repo-owner "someuser"
:repo-name "repo"
:branchname "main"}]})
(def auth1
{:auth
{:websiteauths
[{:unique-name "example.io"
:username "someuser"
:authtoken "abedjgbasdodj"}
{:unique-name "test.io"
:username "someuser"
:authtoken "abedjgbasdodj"}]})
(def auth2
{:auth
{:websiteauths
[{:unique-name "test.io"
:username "someuser"
:authtoken "abedjgbasdodj"}
{:unique-name "example.io"
:username "someuser"
:authtoken "abedjgbasdodj"}]})
(def flattened-and-reduced-config
{:unique-name "example.io",
:fqdns ["example.org" "www.example.com"],
:gitea-host "finegitehost.net",
:gitea-repo "repo",
:branchname "main",
:username "someuser",
:forgejo-host "finegitehost.net",
:repo-owner "someuser",
:repo-name "repo",
:branchname "main"})
(def flattened-and-reduced-auth
{:unique-name "example.io",
:authtoken "abedjgbasdodj"})
(deftest sorts-config
(is (= {:issuer "staging",
:websiteconfigs
[{:unique-name "example.io",
:fqdns ["example.org" "www.example.com"],
:forgejo-host "finegitehost.net",
:repo-owner "someuser",
:repo-name "repo",
:branchname "main"},
{:unique-name "test.io",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:forgejo-host "gitlab.de",
:repo-owner "someuser",
:repo-name "repo",
:branchname "main",
:sha256sum-output "123456789ab123cd345de script-file-name.sh"}],
:mon-cfg {:grafana-cloud-url "url-for-your-prom-remote-write-endpoint", :cluster-name "jitsi", :cluster-stage "test"}}
(cut/sort-config
{:issuer "staging",
:websiteconfigs
[{:unique-name "test.io",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:forgejo-host "gitlab.de",
:repo-owner "someuser",
:repo-name "repo",
:branchname "main",
:sha256sum-output "123456789ab123cd345de script-file-name.sh"}
{:unique-name "example.io",
:fqdns ["example.org" "www.example.com"],
:forgejo-host "finegitehost.net",
:repo-owner "someuser",
:repo-name "repo",
:branchname "main"}],
:mon-cfg {:grafana-cloud-url "url-for-your-prom-remote-write-endpoint", :cluster-name "jitsi", :cluster-stage "test"}}))))
(deftest test-flatten-and-reduce-config
(is (=
(cut/flatten-and-reduce-config (cut/sort-config (merge websites auth1)))
flattened-and-reduced-config))
flattened-and-reduced-config
(cut/flatten-and-reduce-config (cut/sort-config websites1))))
(is (=
(cut/flatten-and-reduce-config (cut/sort-config (merge websites auth2)))
flattened-and-reduced-config)))
flattened-and-reduced-config
(cut/flatten-and-reduce-config (cut/sort-config websites2)))))
(deftest test-flatten-and-reduce-auth
(is (= flattened-and-reduced-auth
(cut/flatten-and-reduce-auth (cut/sort-auth auth1))))
(is (= flattened-and-reduced-auth
(cut/flatten-and-reduce-auth (cut/sort-auth auth2)))))
(deftest test-generate
(is (= 24
(count (cut/generate
(yaml/load-as-edn "website-test/valid-config.yaml")
(yaml/load-as-edn "website-test/valid-auth.yaml"))))))
(deftest should-generate-ingress
(is (= [{:host "test.de",
:http
{:paths
[{:pathType "Prefix",
:path "/",
:backend {:service {:name "test-io", :port {:number 80}}}}]}}
{:host "test.org",
:http
{:paths
[{:pathType "Prefix",
:path "/",
:backend {:service {:name "test-io", :port {:number 80}}}}]}}
{:host "www.test.de",
:http
{:paths
[{:pathType "Prefix",
:path "/",
:backend {:service {:name "test-io", :port {:number 80}}}}]}}
{:host "www.test.org",
:http
{:paths
[{:pathType "Prefix",
:path "/",
:backend {:service {:name "test-io", :port {:number 80}}}}]}}]
(get-in
(cut/generate-ingress {:unique-name "test.io",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:forgejo-host "gitlab.de",
:repo-owner "someuser",
:repo-name "repo",
:sha256sum-output "123456789ab123cd345de script-file-name.sh",
:issuer "staging",
:branchname "main",
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:redirects []})
[2 :spec :rules])))
(is (= "test-io"
(get-in
(cut/generate-ingress {:unique-name "test.io",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:forgejo-host "gitlab.de",
:repo-owner "someuser",
:repo-name "repo",
:sha256sum-output "123456789ab123cd345de script-file-name.sh",
:issuer "staging",
:branchname "main",
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:redirects []})
[2 :metadata :namespace]))))

487
src/test/cljc/dda/c4k_website/website_test.cljc
Unescape Escape View File

@ -1,273 +1,316 @@
(ns dda.c4k-website.website-test
(:require
[clojure.string :as str]
#?(:clj [clojure.test :refer [deftest is are testing run-tests]]
:cljs [cljs.test :refer-macros [deftest is are testing run-tests]])
[clojure.spec.test.alpha :as st]
[dda.c4k-common.test-helper :as th]
[dda.c4k-common.base64 :as b64]
[dda.c4k-website.website :as cut]
[clojure.spec.alpha :as s]))
[dda.c4k-website.website :as cut]))
(st/instrument `cut/replace-dots-by-minus)
(st/instrument `cut/generate-gitrepourl)
(st/instrument `cut/generate-gitcommiturl)
(st/instrument `cut/replace-all-matching-prefixes)
(st/instrument `cut/generate-redirects)
(st/instrument `cut/generate-nginx-configmap)
(st/instrument `cut/generate-nginx-deployment)
(st/instrument `cut/generate-build-secret)
(st/instrument `cut/generate-content-pvc)
(st/instrument `cut/generate-hash-state-pvc)
(st/instrument `cut/generate-build-cron)
(st/instrument `cut/generate-nginx-service)
(st/instrument `cut/generate-website-content-volume)
(st/instrument `cut/generate-hashfile-volume)
(st/instrument `cut/generate-website-ingress)
(st/instrument `cut/generate-website-certificate)
(st/instrument `cut/generate-website-build-cron)
(st/instrument `cut/generate-website-build-secret)
(deftest should-be-valid-website-auth-spec
(is (true? (s/valid? cut/auth? {:auth
[{:unique-name "test.io"
:username "someuser"
:authtoken "abedjgbasdodj"}
{:unique-name "example.io"
:username "someuser"
:authtoken "abedjgbasdodj"}]}))))
(deftest should-be-valid-website-conf-spec
(is (true? (s/valid? cut/config? {:issuer "staging"
:websites
[{:unique-name "test.io" ;
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"]
:gitea-host "gitlab.de"
:gitea-repo "repo"
:branchname "main"}
{:unique-name "example.io"
:fqdns ["example.org", "www.example.com"]
:gitea-host "finegitehost.net"
:gitea-repo "repo"
:branchname "main"}]}))))
(deftest should-generate-gitrepourl
(is (= "https://mygit.de/api/v1/repos/someuser/repo/archive/main.zip"
(cut/generate-gitrepourl "mygit.de" "someuser" "repo" "main"))))
(deftest should-generate-nginx-configmap-website
(is (= "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n server_name test.de www.test.de test-it.de www.test-it.de;\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; \n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n index index.html;\n location / {\n try_files $uri $uri/ /index.html =404;\n }\n}\n"
(:website.conf (:data (cut/generate-nginx-configmap {:unique-name "test.io",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})))))
(is (= "types {\n text/html html htm shtml;\n text/css css;\n text/xml xml rss;\n image/gif gif;\n image/jpeg jpeg jpg;\n application/x-javascript js;\n text/plain txt;\n text/x-component htc;\n text/mathml mml;\n image/svg+xml svg svgz;\n image/png png;\n image/x-icon ico;\n image/x-jng jng;\n image/vnd.wap.wbmp wbmp;\n application/java-archive jar war ear;\n application/mac-binhex40 hqx;\n application/pdf pdf;\n application/x-cocoa cco;\n application/x-java-archive-diff jardiff;\n application/x-java-jnlp-file jnlp;\n application/x-makeself run;\n application/x-perl pl pm;\n application/x-pilot prc pdb;\n application/x-rar-compressed rar;\n application/x-redhat-package-manager rpm;\n application/x-sea sea;\n application/x-shockwave-flash swf;\n application/x-stuffit sit;\n application/x-tcl tcl tk;\n application/x-x509-ca-cert der pem crt;\n application/x-xpinstall xpi;\n application/zip zip;\n application/octet-stream deb;\n application/octet-stream bin exe dll;\n application/octet-stream dmg;\n application/octet-stream eot;\n application/octet-stream iso img;\n application/octet-stream msi msp msm;\n audio/mpeg mp3;\n audio/x-realaudio ra;\n video/mpeg mpeg mpg;\n video/quicktime mov;\n video/x-flv flv;\n video/x-msvideo avi;\n video/x-ms-wmv wmv;\n video/x-ms-asf asx asf;\n video/x-mng mng;\n}\n"
(:mime.types (:data (cut/generate-nginx-configmap {:unique-name "test.io",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})))))
(is (= "user nginx;\nworker_processes 3;\nerror_log /var/log/nginx/error.log;\npid /var/log/nginx/nginx.pid;\nworker_rlimit_nofile 8192;\nevents {\n worker_connections 4096;\n}\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n log_format main '$remote_addr - $remote_user [$time_local] $status'\n '\"$request\" $body_bytes_sent \"$http_referer\"'\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n access_log /var/log/nginx/access.log main;\n sendfile on;\n tcp_nopush on;\n keepalive_timeout 65;\n server_names_hash_bucket_size 128;\n include /etc/nginx/conf.d/website.conf;\n}\n"
(:nginx.conf (:data (cut/generate-nginx-configmap {:unique-name "test.io",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})))))
(is (= {:apiVersion "v1",
:kind "ConfigMap",
:metadata {:name "test-io-configmap",
:labels {:app.kubernetes.part-of "test-io-website"},
:namespace "default"}}
(dissoc (cut/generate-nginx-configmap {:unique-name "test.io",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"}) :data))))
(deftest should-generate-gitcommiturl
(is (= "https://mygit.de/api/v1/repos/someuser/repo/git/commits/HEAD"
(cut/generate-gitcommiturl "mygit.de" "someuser" "repo"))))
(deftest should-generate-redirects
(is (= "rewrite ^/products.html\\$ /offer.html permanent;\n rewrite ^/one-more\\$ /redirect permanent;"
(cut/generate-redirects {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [["/products.html", "/offer.html"]
["/one-more", "/redirect"]]
:forgejo-host "gitea.evilorg",
:repo-owner "someuser",
:repo-name "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}
2)))
(is (= ""
(cut/generate-redirects {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects []
:forgejo-host "gitea.evilorg",
:repo-owner "someuser",
:repo-name "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}
0))))
(deftest should-generate-nginx-deployment
(is (= {:apiVersion "apps/v1",
:kind "Deployment",
:metadata {:name "test-io-deployment", :labels {:app.kubernetes.part-of "test-io-website"}},
:spec
{:replicas 1,
:selector {:matchLabels {:app "test-io-nginx"}},
:template
{:metadata {:labels {:app "test-io-nginx"}},
:spec
{:containers
[{:name "test-io-nginx",
:image "nginx:latest",
:imagePullPolicy "IfNotPresent",
:ports [{:containerPort 80}],
:volumeMounts
[{:mountPath "/etc/nginx", :readOnly true, :name "nginx-config-volume"}
{:mountPath "/var/log/nginx", :name "log"}
{:mountPath "/var/www/html/website", :name "content-volume", :readOnly true}]}],
:initContainers
[{:image "domaindrivenarchitecture/c4k-website-build",
:name "test-io-init-build-container",
:imagePullPolicy "IfNotPresent",
:resources {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}},
:command ["/entrypoint.sh"],
:envFrom [{:secretRef {:name "test-io-secret"}}],
:env [{:name "SHA256SUM", :value "123456789ab123cd345de"} {:name "SCRIPTFILE", :value "script-file-name.sh"}],
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}
{:name "hashfile-volume", :mountPath "/var/hashfile.d"}]}],
:volumes
[{:name "nginx-config-volume",
:configMap
{:name "test-io-configmap",
:items
[{:key "nginx.conf", :path "nginx.conf"}
{:key "website.conf", :path "conf.d/website.conf"}
{:key "mime.types", :path "mime.types"}]}}
{:name "log", :emptyDir {}}
{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}}
{:name "hashfile-volume", :persistentVolumeClaim {:claimName "test-io-hashfile-volume"}}]}}}}
(cut/generate-nginx-deployment {:authtoken "abedjgbasdodj",
:gitea-host "gitlab.de",
:username "someuser",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:gitea-repo "repo",
:sha256sum-output "123456789ab123cd345de script-file-name.sh",
:issuer "staging",
:branchname "main",
:unique-name "test.io"}))))
(deftest should-generate-resource-requests
(is (= {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}}
(-> (cut/generate-nginx-deployment {:authtoken "abedjgbasdodj",
:gitea-host "gitlab.de",
:username "someuser",
(is (= {:requests {:cpu "1500m", :memory "512Mi"}, :limits {:cpu "3000m", :memory "1024Mi"}}
(-> (cut/generate-nginx-deployment {:forgejo-host "gitlab.de",
:repo-owner "someuser",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:gitea-repo "repo",
:sha256sum-output "123456789ab123cd345de script-file-name.sh",
:repo-name "repo",
:issuer "staging",
:branchname "main",
:unique-name "test.io"})
:spec :template :spec :initContainers first :resources )))
(is (= {:requests {:cpu "1500m", :memory "512Mi"}, :limits {:cpu "3000m", :memory "1024Mi"}}
(-> (cut/generate-nginx-deployment {:authtoken "abedjgbasdodj",
:gitea-host "gitlab.de",
:username "someuser",
:unique-name "test.io",
:redirects [],
:build-cpu-request "1500m"
:build-cpu-limit "3000m"
:build-memory-request "512Mi"
:build-memory-limit "1024Mi"
:volume-size 3})
:spec :template :spec :initContainers first :resources)))
(is (= "test-io"
(-> (cut/generate-nginx-deployment {:forgejo-host "gitlab.de",
:repo-owner "someuser",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:gitea-repo "repo",
:sha256sum-output "123456789ab123cd345de script-file-name.sh",
:repo-name "repo",
:issuer "staging",
:branchname "main",
:unique-name "test.io"
:unique-name "test.io",
:redirects [],
:build-cpu-request "1500m"
:build-cpu-limit "3000m"
:build-memory-request "512Mi"
:build-memory-limit "1024Mi"})
:spec :template :spec :initContainers first :resources))))
:build-memory-limit "1024Mi"
:volume-size 3})
:metadata :namespace))))
(deftest should-generate-nginx-configmap-website
(is (str/includes?
(:website.conf (:data (cut/generate-nginx-configmap {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [["/products.html", "/offer.html"]
["/one-more", "/redirect"]]
:forgejo-host "gitea.evilorg",
:repo-owner "someuser",
:repo-name "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))
" /offer.html permanent;\n"))
(is (str/includes?
(:website.conf (:data (cut/generate-nginx-configmap {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [["/products.html", "/offer.html"]
["/one-more", "/redirect"]]
:forgejo-host "gitea.evilorg",
:repo-owner "someuser",
:repo-name "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))
" /redirect permanent;\n"))
(is (str/includes?
(:website.conf (:data (cut/generate-nginx-configmap {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [],
:forgejo-host "gitea.evilorg",
:repo-owner "someuser",
:repo-name "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})))
"server_name test.de www.test.de test-it.de www.test-it.de;"))
(is (= {:apiVersion "v1",
:kind "ConfigMap",
:metadata {:labels {:app.kubernetes.part-of "test-io-website"},
:namespace "test-io",
:name "etc-nginx"}}
(dissoc (cut/generate-nginx-configmap {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [],
:forgejo-host "gitea.evilorg",
:repo-owner "someuser",
:repo-name "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]})
:data))))
(deftest should-generate-nginx-service
(is (= {:name-c1 "test-io-service",
:name-c2 "test-org-service",
:app-c1 "test-io-nginx",
:app-c2 "test-org-nginx",
:app.kubernetes.part-of-c1 "test-io-website",
:app.kubernetes.part-of-c2 "test-org-website"}
(th/map-diff (cut/generate-nginx-service {:unique-name "test.io",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})
(cut/generate-nginx-service {:unique-name "test.org",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})))))
(is (= {:kind "Service",
:apiVersion "v1",
:metadata
{:name "test-io",
:namespace "test-io",
:labels {:app "test-io", :app.kubernetes.part-of "test-io-website"}},
:spec
{:selector {:app "nginx"}, :ports [{:name "nginx-http", :port 80}]}}
(cut/generate-nginx-service {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [],
:forgejo-host "gitea.evilorg",
:repo-owner "someuser",
:repo-name "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))
(deftest should-generate-website-build-cron
(deftest should-generate-build-cron
(is (= {:apiVersion "batch/v1",
:kind "CronJob",
:metadata {:name "test-io-build-cron", :labels {:app.kubernetes.part-of "test-io-website"}},
:metadata {:name "build-cron",
:namespace "test-io",
:labels {:app.kubernetes.part-of "test-io-website"}},
:spec
{:schedule "0/7 * * * *",
:successfulJobsHistoryLimit 1,
:failedJobsHistoryLimit 1,
:jobTemplate
{:spec
{:template
{:spec
{:activeDeadlineSeconds 415,
:template
{:metadata
{:namespace "test-io",
:labels
{:app "build-cron", :app.kubernetes.part-of "test-io-website"}}
:spec
{:containers
[{:image "domaindrivenarchitecture/c4k-website-build",
:name "test-io-build-app",
:name "build-cron-container",
:imagePullPolicy "IfNotPresent",
:resources {:requests {:cpu "500m", :memory "256Mi"}, :limits {:cpu "1700m", :memory "512Mi"}},
:command ["/entrypoint.sh"],
:envFrom [{:secretRef {:name "test-io-secret"}}],
:env [{:name "SHA256SUM", :value "123456789ab123cd345de"} {:name "SCRIPTFILE", :value "script-file-name.sh"}],
:envFrom [{:configMapRef {:name "build-configmap"}}
{:secretRef {:name "build-secret"}}],
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}
{:name "hashfile-volume", :mountPath "/var/hashfile.d"}]}],
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-io-content-volume"}}
{:name "hashfile-volume", :persistentVolumeClaim {:claimName "test-io-hashfile-volume"}}],
{:name "hash-state-volume", :mountPath "/var/hashfile.d"}]}],
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "content-volume"}}
{:name "hash-state-volume", :persistentVolumeClaim {:claimName "hash-state-volume"}}],
:restartPolicy "OnFailure"}}}}}}
(cut/generate-website-build-cron {:authtoken "abedjgbasdodj",
:gitea-host "gitlab.de",
:username "someuser",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:gitea-repo "repo",
:sha256sum-output "123456789ab123cd345de script-file-name.sh",
:issuer "staging",
:branchname "main",
:unique-name "test.io"}))))
(cut/generate-build-cron {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:forgejo-host "gitlab.de",
:repo-owner "someuser",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:repo-name "repo",
:branchname "main",
:unique-name "test.io",
:redirects []}))))
(deftest should-generate-build-configmap
(is (= {:apiVersion "v1",
:kind "ConfigMap",
:metadata {:name "build-configmap",
:namespace "test-io",
:labels {:app.kubernetes.part-of "test-io-website"}},
:data
{:GITHOST "mygit.de"
:GITREPOURL "https://mygit.de/api/v1/repos/someuser/repo/archive/main.zip"
:GITCOMMITURL "https://mygit.de/api/v1/repos/someuser/repo/git/commits/HEAD"}}
(cut/generate-build-configmap {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:forgejo-host "mygit.de",
:repo-owner "someuser",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:repo-name "repo",
:branchname "main",
:unique-name "test.io",
:redirects []}))))
(deftest should-generate-website-build-secret
(deftest should-generate-build-secret
(is (= {:apiVersion "v1",
:kind "Secret",
:metadata {:name "test-io-secret", :labels {:app.kubernetes.part-of "test-io-website"}},
:metadata {:name "build-secret",
:namespace "test-io",
:labels {:app.kubernetes.part-of "test-io-website"}},
:data
{:AUTHTOKEN "YWJlZGpnYmFzZG9kag==",
:GITREPOURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vYXJjaGl2ZS9tYWluLnppcA==",
:GITCOMMITURL "aHR0cHM6Ly9naXRsYWIuZGUvYXBpL3YxL3JlcG9zL3NvbWV1c2VyL3JlcG8vZ2l0L2NvbW1pdHMvSEVBRA=="}}
(cut/generate-website-build-secret {:authtoken "abedjgbasdodj",
:gitea-host "gitlab.de",
:username "someuser",
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"],
:gitea-repo "repo",
:sha256sum-output "123456789ab123cd345de script-file-name.sh",
:issuer "staging",
:branchname "main",
:unique-name "test.io"}))))
{:AUTHTOKEN "YWJlZGpnYmFzZG9kag=="}}
(cut/generate-build-secret {:unique-name "test.io",
:authtoken "abedjgbasdodj"}))))
(deftest should-generate-content-pvc
(is (= {:apiVersion "v1",
:kind "PersistentVolumeClaim",
:metadata
{:name "content-volume",
:namespace "test-io",
:labels {:app.kubernetes.part-of "test-io-website"}},
:spec
{:storageClassName "local-path",
:accessModes ["ReadWriteOnce"],
:resources {:requests {:storage "3Gi"}}}}
(cut/generate-content-pvc {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [],
:forgejo-host "gitea.evilorg",
:repo-owner "someuser",
:repo-name "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))
(deftest should-generate-website-content-volume
(is (= {:name-c1 "test-io-content-volume",
:name-c2 "test-org-content-volume",
:app-c1 "test-io-nginx",
:app-c2 "test-org-nginx",
:app.kubernetes.part-of-c1 "test-io-website",
:app.kubernetes.part-of-c2 "test-org-website"}
(th/map-diff (cut/generate-website-content-volume {:unique-name "test.io",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})
(cut/generate-website-content-volume {:unique-name "test.org",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"})))))
(deftest should-generate-hashfile-volume
(deftest should-generate-hash-state-pvc
(is (= {:apiVersion "v1",
:kind "PersistentVolumeClaim",
:metadata
{:name "test-io-hashfile-volume",
:namespace "default",
:labels {:app "test-io-nginx", :app.kubernetes.part-of "test-io-website"}},
:spec {:storageClassName "local-path", :accessModes ["ReadWriteOnce"], :resources {:requests {:storage "16Mi"}}}}
(cut/generate-hashfile-volume {:unique-name "test.io",
:gitea-host "gitea.evilorg",
:gitea-repo "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]
:username "someuser"
:authtoken "abedjgbasdodj"}))))
{:name "hash-state-volume",
:namespace "test-io",
:labels {:app.kubernetes.part-of "test-io-website"}},
:spec {:storageClassName "local-path",
:accessModes ["ReadWriteOnce"],
:resources {:requests {:storage "16Mi"}}}}
(cut/generate-hash-state-pvc {:issuer "staging"
:build-cpu-request "500m"
:build-cpu-limit "1700m"
:build-memory-request "256Mi"
:build-memory-limit "512Mi"
:volume-size "3"
:unique-name "test.io",
:redirects [],
:forgejo-host "gitea.evilorg",
:repo-owner "someuser",
:repo-name "none",
:branchname "mablain",
:fqdns ["test.de" "www.test.de" "test-it.de" "www.test-it.de"]}))))

8
src/test/resources/website-test/valid-auth.yaml
Unescape Escape View File

@ -0,0 +1,8 @@
websiteauths:
- unique-name: "test.io"
authtoken: "abedjgbasdodj"
- unique-name: "example.io"
authtoken: "abedjgbasdodj"
mon-auth:
grafana-cloud-user: "user"
grafana-cloud-password: "password"

22
src/test/resources/website-test/valid-config.yaml
Unescape Escape View File

@ -0,0 +1,22 @@
issuer: "staging"
websiteconfigs:
- unique-name: "test.io"
fqdns: ["test.de", "test.org", "www.test.de", "www.test.org"]
forgejo-host: "codeberg.org"
repo-owner: "someuser"
repo-name: "repo"
branchname: "main"
redirects:
- ["/products.html", "/offer.html"]
- ["/one-more", "/redirect"]
- unique-name: "example.io"
fqdns: ["example.org", "www.example.com"]
forgejo-host: "fineForgejoHost.net"
repo-owner: "someotheruser"
repo-name: "repo"
branchname: "main"
mon-cfg:
grafana-cloud-url: "url-for-your-prom-remote-write-endpoint"
cluster-name: "website"
cluster-stage: "test"
average-rate: 50

7
valid-auth.edn
Unescape Escape View File

@ -1,7 +0,0 @@
{:auth
[{:unique-name "test.io"
:username "someuser"
:authtoken "abedjgbasdodj"}
{:unique-name "example.io"
:username "someuser"
:authtoken "abedjgbasdodj"}]}

13
valid-config.edn
Unescape Escape View File

@ -1,13 +0,0 @@
{:issuer "staging"
:websites
[{:unique-name "test.io"
:fqdns ["test.de" "test.org" "www.test.de" "www.test.org"]
:gitea-host "gitlab.de"
:gitea-repo "repo"
:branchname "main"
:sha256sum-output "123456789ab123cd345de script-file-name.sh"}
{:unique-name "example.io"
:fqdns ["example.org", "www.example.com"]
:gitea-host "finegitehost.net"
:gitea-repo "repo"
:branchname "main"}]}
Write Preview
Loading…
Cancel
Save