You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
c4k-website/src/main/cljc/dda/c4k_website/website.cljc

194 lines
7.9 KiB
Clojure

(ns dda.c4k-website.website
(:require
[clojure.spec.alpha :as s]
#?(:cljs [shadow.resource :as rc])
#?(:clj [orchestra.core :refer [defn-spec]]
:cljs [orchestra.core :refer-macros [defn-spec]])
#?(:clj [clojure.edn :as edn]
:cljs [cljs.reader :as edn])
[dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm]
[dda.c4k-common.base64 :as b64]
[dda.c4k-common.predicate :as pred]
[dda.c4k-website.ingress :as ing]
[clojure.string :as str]))
(defn fqdn-list?
[input]
(every? true? (map pred/fqdn-string? input)))
(s/def ::unique-name string?)
(s/def ::issuer pred/letsencrypt-issuer?)
(s/def ::volume-size pred/integer-string?)
(s/def ::authtoken pred/bash-env-string?)
(s/def ::fqdns (s/coll-of pred/fqdn-string?))
(s/def ::gitea-host pred/fqdn-string?)
(s/def ::gitea-repo string?)
(s/def ::branchname string?)
(s/def ::username string?)
(def websitedata? (s/keys :req-un [::unique-name ::fqdns ::gitea-host ::gitea-repo ::branchname]
:opt-un [::issuer]))
(def websiteauth? (s/keys :req-un [::unique-name ::username ::authtoken]))
(s/def ::auth (s/coll-of websiteauth?))
(s/def ::websites (s/coll-of websitedata?))
(def auth? (s/keys :req-un [::auth]))
(def config? (s/keys :req-un [::websites]
:opt-un [::issuer ::volume-size]))
(defn-spec replace-dots-by-minus string?
[fqdn pred/fqdn-string?]
(str/replace fqdn #"\." "-"))
(defn-spec generate-service-name string?
[unique-name pred/fqdn-string?]
(str (replace-dots-by-minus unique-name) "-service"))
(defn-spec generate-cert-name string?
[unique-name pred/fqdn-string?]
(str (replace-dots-by-minus unique-name) "-cert"))
(defn-spec generate-http-ingress-name string?
[unique-name pred/fqdn-string?]
(str (replace-dots-by-minus unique-name) "-http-ingress"))
(defn-spec generate-https-ingress-name string?
[unique-name pred/fqdn-string?]
(str (replace-dots-by-minus unique-name) "-https-ingress"))
; https://your.gitea.host/api/v1/repos/<owner>/<repo>/archive/main.zip
(defn-spec make-gitrepourl string?
[host pred/fqdn-string?
repo string?
user string?
branch string?]
(str "https://" host "/api/v1/repos/" user "/" repo "/archive/" branch ".zip"))
; ToDo: Move to common?
; ToDo richtig spec-en
(defn replace-all-matching-subvalues-in-string-start
[col
value-to-partly-match
value-to-inplace]
(clojure.walk/postwalk #(if (and (= (type value-to-partly-match) (type %))
(re-matches (re-pattern (str value-to-partly-match ".*")) %))
(str/replace % value-to-partly-match value-to-inplace) %)
col))
#?(:cljs
(defmethod yaml/load-resource :website [resource-name]
(case resource-name
"website/nginx-configmap.yaml" (rc/inline "website/nginx-configmap.yaml")
"website/nginx-deployment.yaml" (rc/inline "website/nginx-deployment.yaml")
"website/nginx-service.yaml" (rc/inline "website/nginx-service.yaml")
"website/website-build-cron.yaml" (rc/inline "website/website-build-cron.yaml")
"website/website-build-deployment.yaml" (rc/inline "website/website-build-deployment.yaml")
"website/website-build-secret.yaml" (rc/inline "website/website-build-secret.yaml")
"website/website-content-volume.yaml" (rc/inline "website/website-content-volume.yaml")
(throw (js/Error. "Undefined Resource!")))))
; TODO: Review jem 2022/10/26: move this fkt. to a more general place
#?(:cljs
(defmethod yaml/load-as-edn :website [resource-name]
(yaml/from-string (yaml/load-resource resource-name))))
; TODO: gec 2022/10/28: The specs for config in the following functions are not correct,
; since config is the result of "flatten-and-reduce-config".
; Use correct specs!
(defn-spec generate-website-http-ingress pred/map-or-seq?
[config websitedata?]
(let [{:keys [unique-name fqdns]} config]
(ing/generate-http-ingress {:fqdns fqdns
:ingress-name (generate-http-ingress-name unique-name)
:service-name (generate-service-name unique-name)
:service-port 80})))
(defn-spec generate-website-https-ingress pred/map-or-seq?
[config websitedata?]
(let [{:keys [unique-name fqdns]} config]
(ing/generate-https-ingress {:fqdns fqdns
:cert-name (generate-cert-name unique-name)
:ingress-name (generate-https-ingress-name unique-name)
:service-name (generate-service-name unique-name)
:service-port 80})))
(defn-spec generate-website-certificate pred/map-or-seq?
[config websitedata?]
(let [{:keys [unique-name issuer fqdns]
:or {issuer "staging"}} config]
(ing/generate-certificate {:fqdns fqdns
:cert-name (generate-cert-name unique-name)
:issuer issuer})))
(defn-spec generate-nginx-configmap pred/map-or-seq?
[config websitedata?]
(let [{:keys [unique-name fqdns]} config]
(->
(yaml/load-as-edn "website/nginx-configmap.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (replace-dots-by-minus unique-name))
(#(assoc-in %
[:data :website.conf]
(str/replace
(-> % :data :website.conf) #"FQDN" (str (str/join " " fqdns) ";")))))))
(defn-spec generate-nginx-deployment pred/map-or-seq?
[config websitedata?]
(let [{:keys [unique-name]} config]
(->
(yaml/load-as-edn "website/nginx-deployment.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (replace-dots-by-minus unique-name)))))
(defn-spec generate-nginx-service pred/map-or-seq?
[config websitedata?]
(let [{:keys [unique-name]} config]
(->
(yaml/load-as-edn "website/nginx-service.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (replace-dots-by-minus unique-name)))))
(defn-spec generate-website-content-volume pred/map-or-seq?
[config websitedata?]
(let [{:keys [unique-name volume-size]
:or {volume-size "3"}} config]
(->
(yaml/load-as-edn "website/website-content-volume.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (replace-dots-by-minus unique-name))
(cm/replace-all-matching-values-by-new-value "WEBSITESTORAGESIZE" (str volume-size "Gi")))))
(defn-spec generate-website-build-cron pred/map-or-seq?
[config websitedata?]
(let [{:keys [unique-name]} config]
(->
(yaml/load-as-edn "website/website-build-cron.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (replace-dots-by-minus unique-name)))))
(defn-spec generate-website-build-deployment pred/map-or-seq?
[config websitedata?]
(let [{:keys [unique-name]} config]
(->
(yaml/load-as-edn "website/website-build-deployment.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (replace-dots-by-minus unique-name)))))
; TODO: gec 2022/10/28: gitea-host, gitea-repo, branchname are not in "websiteauth?"
(defn-spec generate-website-build-secret pred/map-or-seq?
[auth websiteauth?]
(let [{:keys [unique-name
authtoken
gitea-host
gitea-repo
username
branchname]} auth]
(->
(yaml/load-as-edn "website/website-build-secret.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (replace-dots-by-minus unique-name))
(cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode authtoken))
(cm/replace-all-matching-values-by-new-value "URL" (b64/encode
(make-gitrepourl
gitea-host
gitea-repo
username
branchname))))))