meissa/dda-build
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add provs infra

Browse source
This commit is contained in:
bom 2024-09-27 17:33:04 +02:00
parent 3c7b60de2e
commit bd2683b722
3 changed files with 94 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/dda/build/c4k/domain.clj
View file

@ -62,7 +62,7 @@
executable-name (str "c4k-" module)] executable-name (str "c4k-" module)]
[["bash" "-c" (str executable-name " " (config-path config) " " (auth-path config) " > " (output-path config))]])) [["bash" "-c" (str executable-name " " (config-path config) " " (auth-path config) " > " (output-path config))]]))
(defn-spec create-c4k-config (defn-spec create-c4k-config map?
[config ::config [config ::config
tf-out ::tf-out] tf-out ::tf-out]
(let [{:keys [stage]} config (let [{:keys [stage]} config

40
src/dda/build/provs.clj Normal file
View file

@ -0,0 +1,40 @@
(ns dda.build.provs
(:require [orchestra.core :refer [defn-spec]]
[clojure.spec.test.alpha :as st]
[cheshire.core :refer [generate-string]]
[dda.build.devops :as d]
[dda.build.provs.domain :as domain]
[dda.build.c4k.domain :as c4k-d]
[dda.build.infrastructure :as i]))
(def default
(merge d/default {:k3s-output-filename "out_k3sServerConfig.yaml"
:k3s-provision-user "root"
:c4k-output-filename "c4k-app.yaml"
:email "default@email.rep"
:echo false}))
(defn-spec run-provs-server! nil?
[devops ::d/devops
tf-out ::c4k-d/tf-out]
(let [config (merge default devops)]
(doseq [c (domain/provs-server-command config tf-out)]
(i/execute! c config))))
(defn-spec write-k3s-config! nil?
"Create a server config for provs using tf-out and write it to a file
Requires ':email' to be set, otherwise certs will not work
Default: out_k3sServerConfig.yaml
can be changed by adding another value for ':k3s-output-filename'
"
[devops ::d/devops
tf-out ::c4k-d/tf-out]
(let [config (merge default devops)
tf-out-k3s-config (domain/create-k3s-config config tf-out)]
(->> tf-out-k3s-config
(generate-string)
(spit (domain/output-path config)))))
(st/instrument `run-provs-server!)
(st/instrument `write-k3s-config!)

53
src/dda/build/provs/domain.clj Normal file
View file

@ -0,0 +1,53 @@
(ns dda.build.provs.domain
(:require [clojure.spec.alpha :as s]
[orchestra.core :refer [defn-spec]]
[dda.build.devops.domain :as d]
[dda.c4k-common.predicate :as pred]
[dda.build.c4k.domain :as c4k-d]))
; TODO: Use a better spec for emails
; should be added to c4k-common, it seems common enough
(s/def ::email pred/bash-env-string?)
(s/def ::fqdn pred/fqdn-string?)
(s/def ::ipv4 pred/ipv4-string?)
(s/def ::ipv6 pred/ipv6-string?)
(s/def ::echo boolean?)
(s/def ::k3s-output-filename string?)
(s/def ::k3s-provision-user pred/bash-env-string?)
(s/def ::config
(s/keys :req-un [::d/name ::d/stage ::d/project-root-path ::d/build-dir-name ::d/debug
::d/dry-run ::d/module ::c4k-d/c4k-output-filenname
::email ::echo ::k3s-output-filename ::k3s-provision-user]))
(s/def ::node
(s/keys :req-un [::ipv4 ::ipv6]))
(s/def ::letsencryptEndpoint pred/letsencrypt-issuer?)
(s/def ::certmanager
(s/keys :req-un [::email ::letsencryptEndpoint]))
(s/def ::server-config
(s/keys :req-un [::fqdn ::node ::certmanager ::echo]))
(defn-spec output-path string?
[config ::config]
(let [{:keys [k3s-output-filename]} config]
(str (d/build-path config) "/" k3s-output-filename)))
(defn-spec provs-server-command seq?
[config ::config
tf-out ::c4k-d/tf-out]
(let [{:keys [k3s-output-filename k3s-provision-user]} config
fqdn (get-in tf-out [:out :value :fqdn])]
[["provs-server.jar" "k3s" (str k3s-provision-user "@" fqdn) "-c" (output-path config) "-a" (c4k-d/output-path config)]]))
(defn-spec create-k3s-config map?
[config ::config
tf-out ::c4k-d/tf-out]
(let [{:keys [stage email echo]} config
letsencrypt-endpoint (if (= stage "prod") "prod" "staging")
values (:value (:out tf-out))
{:keys [fqdn ipv4 ipv6]} values]
{:fqdn fqdn
:node {:ipv4 ipv4
:ipv6 ipv6}
:certmanager {:email email
:letsencryptEndpoint letsencrypt-endpoint}
:echo echo}))