introduce certmgm & apple

This commit is contained in:
gittestuser 2022-02-03 23:21:27 +01:00
parent 4c578bcf81
commit 5b3a4ea4ac
13 changed files with 101 additions and 28 deletions

View file

@ -0,0 +1,5 @@
package org.domaindrivenarchitecture.provs.configuration.domain
typealias Ipv6 = String
typealias Ipv4 = String
typealias Fqdn = String

View file

@ -1,6 +0,0 @@
package org.domaindrivenarchitecture.provs.server.domain.k3s
typealias Ipv6 = String
typealias Ipv4 = String
typealias Fqdn = String
typealias Reprovision = Boolean

View file

@ -0,0 +1,5 @@
package org.domaindrivenarchitecture.provs.server.domain
enum class CertmanagerEndpoint {
STAGING, PROD
}

View file

@ -0,0 +1,10 @@
package org.domaindrivenarchitecture.provs.server.domain.k3s
import kotlinx.serialization.Serializable
import org.domaindrivenarchitecture.provs.server.domain.CertmanagerEndpoint
@Serializable
data class Certmanager(
val email: Email,
val letsencryptEndpoint: CertmanagerEndpoint
)

View file

@ -1,14 +1,21 @@
package org.domaindrivenarchitecture.provs.server.domain.k3s package org.domaindrivenarchitecture.provs.server.domain.k3s
import kotlinx.serialization.Serializable import kotlinx.serialization.Serializable
import org.domaindrivenarchitecture.provs.server.infrastructure.CertManagerEndPoint import org.domaindrivenarchitecture.provs.configuration.domain.Fqdn
@Serializable @Serializable
data class K3sConfig( data class K3sConfig(
val fqdn: Fqdn, val fqdn: Fqdn,
val node: Node, val node: Node,
val loopback: Loopback = Loopback(ipv4 = "192.168.5.1", ipv6 = "fc00::5:1"), val loopback: Loopback = Loopback(ipv4 = "192.168.5.1", ipv6 = "fc00::5:1"),
val reprovision: Reprovision = false, val certmanager: Certmanager? = null,
val letsencryptEndpoint: CertManagerEndPoint = CertManagerEndPoint.STAGING val apple: Apple? = null,
val reprovision: Reprovision = false
) { ) {
// valid only if: apple != null >> certmanager != null
fun isDualStack(): Boolean {
return node.ipv6 != null && loopback.ipv6 != null
}
} }

View file

@ -1,8 +1,10 @@
package org.domaindrivenarchitecture.provs.server.domain.k3s package org.domaindrivenarchitecture.provs.server.domain.k3s
import kotlinx.serialization.Serializable import kotlinx.serialization.Serializable
import org.domaindrivenarchitecture.provs.configuration.domain.Ipv4
import org.domaindrivenarchitecture.provs.configuration.domain.Ipv6
@Serializable @Serializable
data class Loopback( data class Loopback(
val ipv4: Ipv4, val ipv4: Ipv4,
val ipv6: Ipv6?) val ipv6: Ipv6? = null)

View file

@ -1,8 +1,10 @@
package org.domaindrivenarchitecture.provs.server.domain.k3s package org.domaindrivenarchitecture.provs.server.domain.k3s
import kotlinx.serialization.Serializable import kotlinx.serialization.Serializable
import org.domaindrivenarchitecture.provs.configuration.domain.Ipv4
import org.domaindrivenarchitecture.provs.configuration.domain.Ipv6
@Serializable @Serializable
data class Node( data class Node(
val ipv4: Ipv4, val ipv4: Ipv4,
val ipv6: Ipv6?) val ipv6: Ipv6? = null)

View file

@ -0,0 +1,5 @@
package org.domaindrivenarchitecture.provs.server.domain.k3s
typealias Reprovision = Boolean
typealias Apple = Boolean
typealias Email = String

View file

@ -4,6 +4,7 @@ import org.domaindrivenarchitecture.provs.framework.core.Prov
import org.domaindrivenarchitecture.provs.framework.core.ProvResult import org.domaindrivenarchitecture.provs.framework.core.ProvResult
import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.createFileFromResourceTemplate import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.createFileFromResourceTemplate
import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.fileExists import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.fileExists
import org.domaindrivenarchitecture.provs.server.domain.k3s.K3sConfig
val loopbackFile = "/etc/netplan/99-loopback.yaml" val loopbackFile = "/etc/netplan/99-loopback.yaml"
val resourcePath = "org/domaindrivenarchitecture/provs/infrastructure/network/" val resourcePath = "org/domaindrivenarchitecture/provs/infrastructure/network/"
@ -12,20 +13,26 @@ fun Prov.testNetworkExists(): Boolean {
return fileExists(loopbackFile) return fileExists(loopbackFile)
} }
fun Prov.provisionNetwork(loopbackIpv4: String, loopbackIpv6: String?) = task { fun Prov.provisionNetwork(k3sConfig: K3sConfig) = task {
val isDualStack = loopbackIpv6?.isNotEmpty() ?: false
if(!testNetworkExists()) { if(!testNetworkExists()) {
if(isDualStack) { if(k3sConfig.isDualStack()) {
createFileFromResourceTemplate( createFileFromResourceTemplate(
loopbackFile, loopbackFile,
"99-loopback.yaml.template", "99-loopback.dual.template.yaml",
resourcePath, resourcePath,
mapOf("loopback_ipv4" to loopbackIpv4, "loopback_ipv6" to loopbackIpv6!!), mapOf("loopback_ipv4" to k3sConfig.loopback.ipv4, "loopback_ipv6" to k3sConfig.loopback.ipv6!!),
"644", "644",
sudo = true sudo = true
) )
} else { } else {
createFileFromResourceTemplate(
loopbackFile,
"99-loopback.ipv4.template.yaml",
resourcePath,
mapOf("loopback_ipv4" to k3sConfig.loopback.ipv4),
"644",
sudo = true
)
} }
cmd("netplan apply", sudo = true) cmd("netplan apply", sudo = true)
} else { } else {

View file

@ -1,5 +1,8 @@
package org.domaindrivenarchitecture.provs.framework.extensions.workplace package org.domaindrivenarchitecture.provs.framework.extensions.workplace
import org.domaindrivenarchitecture.provs.configuration.domain.ConfigFileName
import org.domaindrivenarchitecture.provs.configuration.domain.TargetCliCommand
import org.domaindrivenarchitecture.provs.desktop.application.DesktopCliCommand
import org.domaindrivenarchitecture.provs.test.defaultTestContainer import org.domaindrivenarchitecture.provs.test.defaultTestContainer
import org.domaindrivenarchitecture.provs.test.tags.ContainerTest import org.domaindrivenarchitecture.provs.test.tags.ContainerTest
import org.domaindrivenarchitecture.provs.desktop.domain.WorkplaceType import org.domaindrivenarchitecture.provs.desktop.domain.WorkplaceType
@ -10,6 +13,12 @@ import org.junit.jupiter.api.Test
internal class ProvisionWorkplaceKtTest { internal class ProvisionWorkplaceKtTest {
val cmd = DesktopCliCommand(
ConfigFileName("bla"),
listOf(),
TargetCliCommand(null, null, null, false, null, false)
)
@Test @Test
@ContainerTest @ContainerTest
fun provisionWorkplace() { fun provisionWorkplace() {

View file

@ -3,6 +3,11 @@ package org.domaindrivenarchitecture.provs.server.infrastructure
import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.createDirs import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.createDirs
import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.fileContainsText import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.fileContainsText
import org.domaindrivenarchitecture.provs.framework.ubuntu.install.base.aptInstall import org.domaindrivenarchitecture.provs.framework.ubuntu.install.base.aptInstall
import org.domaindrivenarchitecture.provs.server.domain.CertmanagerEndpoint
import org.domaindrivenarchitecture.provs.server.domain.k3s.Certmanager
import org.domaindrivenarchitecture.provs.server.domain.k3s.K3sConfig
import org.domaindrivenarchitecture.provs.server.domain.k3s.Loopback
import org.domaindrivenarchitecture.provs.server.domain.k3s.Node
import org.domaindrivenarchitecture.provs.test.defaultTestContainer import org.domaindrivenarchitecture.provs.test.defaultTestContainer
import org.domaindrivenarchitecture.provs.test.tags.ContainerTest import org.domaindrivenarchitecture.provs.test.tags.ContainerTest
import org.junit.jupiter.api.Assertions.assertTrue import org.junit.jupiter.api.Assertions.assertTrue
@ -23,7 +28,19 @@ internal class NetworkKtTest {
// when // when
@Suppress("UNUSED_VARIABLE") // see comments below: about netplan not working in unprivileged container++++ @Suppress("UNUSED_VARIABLE") // see comments below: about netplan not working in unprivileged container++++
val res = p.provisionNetwork( "192.168.5.1", loopbackIpv6 = "fc00::5:1") val res = p.provisionNetwork(
K3sConfig(
fqdn = "statistics.test.meissa-gmbh.de",
node = Node("162.55.164.138", "2a01:4f8:c010:672f::1"),
loopback = Loopback("192.168.5.1", "fc00::5:1"),
certmanager = Certmanager(
email = "admin@meissa-gmbh.de",
letsencryptEndpoint = CertmanagerEndpoint.PROD
),
apple = true,
reprovision = true
)
)
// then // then
// assertTrue(res.success) -- netplan is not working in an unprivileged container - see also https://askubuntu.com/questions/813588/systemctl-failed-to-connect-to-bus-docker-ubuntu16-04-container // assertTrue(res.success) -- netplan is not working in an unprivileged container - see also https://askubuntu.com/questions/813588/systemctl-failed-to-connect-to-bus-docker-ubuntu16-04-container

View file

@ -3,7 +3,7 @@ package org.domaindrivenarchitecture.provs.server.infrastructure.k3s
import com.charleskorn.kaml.UnknownPropertyException import com.charleskorn.kaml.UnknownPropertyException
import org.domaindrivenarchitecture.provs.configuration.domain.ConfigFileName import org.domaindrivenarchitecture.provs.configuration.domain.ConfigFileName
import org.domaindrivenarchitecture.provs.server.domain.k3s.* import org.domaindrivenarchitecture.provs.server.domain.k3s.*
import org.domaindrivenarchitecture.provs.server.infrastructure.CertManagerEndPoint import org.domaindrivenarchitecture.provs.server.domain.CertmanagerEndpoint
import org.junit.jupiter.api.Assertions.assertEquals import org.junit.jupiter.api.Assertions.assertEquals
import org.junit.jupiter.api.Test import org.junit.jupiter.api.Test
import org.junit.jupiter.api.assertThrows import org.junit.jupiter.api.assertThrows
@ -17,12 +17,19 @@ internal class ConfigRepositoryTest {
val config = getK3sConfig(ConfigFileName("src/test/resources/k3sServerConfig.yaml")) val config = getK3sConfig(ConfigFileName("src/test/resources/k3sServerConfig.yaml"))
// then // then
assertEquals(K3sConfig( assertEquals(
"statistics.test.meissa-gmbh.de", K3sConfig(
Node("159.69.176.151", "2a01:4f8:c010:672f::1"), fqdn = "statistics.test.meissa-gmbh.de",
Loopback("192.168.5.1", "fc00::5:1"), node = Node("162.55.164.138", "2a01:4f8:c010:672f::1"),
true, loopback = Loopback("192.168.5.1", "fc00::5:1"),
CertManagerEndPoint.PROD), config) certmanager = Certmanager(
email = "admin@meissa-gmbh.de",
letsencryptEndpoint = CertmanagerEndpoint.PROD
),
apple = true,
reprovision = true
), config
)
} }
@Test @Test

View file

@ -1,6 +1,9 @@
fqdn: statistics.test.meissa-gmbh.de fqdn: statistics.test.meissa-gmbh.de
node: node:
ipv4: 159.69.176.151 ipv4: 162.55.164.138
ipv6: 2a01:4f8:c010:672f::1 ipv6: 2a01:4f8:c010:672f::1
reprovision: true certmanager:
email: admin@meissa-gmbh.de
letsencryptEndpoint: PROD letsencryptEndpoint: PROD
apple: true
reprovision: true