introduce certmgm & apple

2022-02-03 23:21:27 +01:00 · 2022-02-03 23:21:27 +01:00 · 5b3a4ea4ac
commit 5b3a4ea4ac
parent 4c578bcf81
13 changed files with 101 additions and 28 deletions
--- a/src/main/kotlin/org/domaindrivenarchitecture/provs/configuration/domain/ConfigurationTypes.kt
+++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/configuration/domain/ConfigurationTypes.kt
@ -0,0 +1,5 @@
+package org.domaindrivenarchitecture.provs.configuration.domain
+
+typealias Ipv6 = String
+typealias Ipv4 = String
+typealias Fqdn = String
--- a/src/main/kotlin/org/domaindrivenarchitecture/provs/configuration/domain/Types.kt
+++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/configuration/domain/Types.kt
@ -1,6 +0,0 @@
-package org.domaindrivenarchitecture.provs.server.domain.k3s
-
-typealias Ipv6 = String
-typealias Ipv4 = String
-typealias Fqdn = String
-typealias Reprovision = Boolean
--- a/src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/CertmanagerEndpoint.kt
+++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/CertmanagerEndpoint.kt
@ -0,0 +1,5 @@
+package org.domaindrivenarchitecture.provs.server.domain
+
+enum class CertmanagerEndpoint {
+    STAGING, PROD
+}
--- a/src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/Certmanager.kt
+++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/Certmanager.kt
@ -0,0 +1,10 @@
+package org.domaindrivenarchitecture.provs.server.domain.k3s
+
+import kotlinx.serialization.Serializable
+import org.domaindrivenarchitecture.provs.server.domain.CertmanagerEndpoint
+
+@Serializable
+data class Certmanager(
+    val email: Email,
+    val letsencryptEndpoint: CertmanagerEndpoint
+)
--- a/src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/K3sConfig.kt
+++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/K3sConfig.kt
@ -1,14 +1,21 @@
 package org.domaindrivenarchitecture.provs.server.domain.k3s

 import kotlinx.serialization.Serializable
-import org.domaindrivenarchitecture.provs.server.infrastructure.CertManagerEndPoint
+import org.domaindrivenarchitecture.provs.configuration.domain.Fqdn

@Serializable
 data class K3sConfig(
    val fqdn: Fqdn,
    val node: Node,
    val loopback: Loopback = Loopback(ipv4 = "192.168.5.1", ipv6 = "fc00::5:1"),
-    val reprovision: Reprovision = false,
-    val letsencryptEndpoint: CertManagerEndPoint = CertManagerEndPoint.STAGING
+    val certmanager: Certmanager? = null,
+    val apple: Apple? = null,
+    val reprovision: Reprovision = false
 ) {
+
+    // valid only if: apple != null >> certmanager != null
+
+    fun isDualStack(): Boolean {
+      return node.ipv6 != null && loopback.ipv6 != null
+    }
 }
--- a/src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/Loopback.kt
+++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/Loopback.kt
@ -1,8 +1,10 @@
 package org.domaindrivenarchitecture.provs.server.domain.k3s

 import kotlinx.serialization.Serializable
+import org.domaindrivenarchitecture.provs.configuration.domain.Ipv4
+import org.domaindrivenarchitecture.provs.configuration.domain.Ipv6

@Serializable
 data class Loopback(
    val ipv4: Ipv4,
-    val ipv6: Ipv6?)
+    val ipv6: Ipv6? = null)
--- a/src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/Node.kt
+++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/Node.kt
@ -1,8 +1,10 @@
 package org.domaindrivenarchitecture.provs.server.domain.k3s

 import kotlinx.serialization.Serializable
+import org.domaindrivenarchitecture.provs.configuration.domain.Ipv4
+import org.domaindrivenarchitecture.provs.configuration.domain.Ipv6

@Serializable
 data class Node(
    val ipv4: Ipv4,
-    val ipv6: Ipv6?)
+    val ipv6: Ipv6? = null)
--- a/src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/Types.kt
+++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/server/domain/k3s/Types.kt
@ -0,0 +1,5 @@
+package org.domaindrivenarchitecture.provs.server.domain.k3s
+
+typealias Reprovision = Boolean
+typealias Apple = Boolean
+typealias Email = String
--- a/src/main/kotlin/org/domaindrivenarchitecture/provs/server/infrastructure/network.kt
+++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/server/infrastructure/network.kt
@ -4,6 +4,7 @@ import org.domaindrivenarchitecture.provs.framework.core.Prov
 import org.domaindrivenarchitecture.provs.framework.core.ProvResult
 import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.createFileFromResourceTemplate
 import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.fileExists
+import org.domaindrivenarchitecture.provs.server.domain.k3s.K3sConfig

 val loopbackFile = "/etc/netplan/99-loopback.yaml"
 val resourcePath = "org/domaindrivenarchitecture/provs/infrastructure/network/"
@ -12,20 +13,26 @@ fun Prov.testNetworkExists(): Boolean {
    return fileExists(loopbackFile)
 }

-fun Prov.provisionNetwork(loopbackIpv4: String, loopbackIpv6: String?) = task {
-    val isDualStack = loopbackIpv6?.isNotEmpty() ?: false
+fun Prov.provisionNetwork(k3sConfig: K3sConfig) = task {
    if(!testNetworkExists()) {
-        if(isDualStack) {
+        if(k3sConfig.isDualStack()) {
            createFileFromResourceTemplate(
                loopbackFile,
-                "99-loopback.yaml.template",
+                "99-loopback.dual.template.yaml",
                resourcePath,
-                mapOf("loopback_ipv4" to loopbackIpv4, "loopback_ipv6" to loopbackIpv6!!),
+                mapOf("loopback_ipv4" to k3sConfig.loopback.ipv4, "loopback_ipv6" to k3sConfig.loopback.ipv6!!),
                "644",
                sudo = true
            )
        } else {
-
+            createFileFromResourceTemplate(
+                loopbackFile,
+                "99-loopback.ipv4.template.yaml",
+                resourcePath,
+                mapOf("loopback_ipv4" to k3sConfig.loopback.ipv4),
+                "644",
+                sudo = true
+            )
        }
        cmd("netplan apply", sudo = true)
    } else {
--- a/src/test/kotlin/org/domaindrivenarchitecture/provs/framework/extensions/workplace/ProvisionWorkplaceKtTest.kt
+++ b/src/test/kotlin/org/domaindrivenarchitecture/provs/framework/extensions/workplace/ProvisionWorkplaceKtTest.kt
@ -1,5 +1,8 @@
 package org.domaindrivenarchitecture.provs.framework.extensions.workplace

+import org.domaindrivenarchitecture.provs.configuration.domain.ConfigFileName
+import org.domaindrivenarchitecture.provs.configuration.domain.TargetCliCommand
+import org.domaindrivenarchitecture.provs.desktop.application.DesktopCliCommand
 import org.domaindrivenarchitecture.provs.test.defaultTestContainer
 import org.domaindrivenarchitecture.provs.test.tags.ContainerTest
 import org.domaindrivenarchitecture.provs.desktop.domain.WorkplaceType
@ -10,6 +13,12 @@ import org.junit.jupiter.api.Test

 internal class ProvisionWorkplaceKtTest {

+    val cmd = DesktopCliCommand(
+        ConfigFileName("bla"),
+        listOf(),
+        TargetCliCommand(null, null, null, false, null, false)
+    )
+
    @Test
    @ContainerTest
    fun provisionWorkplace() {
--- a/src/test/kotlin/org/domaindrivenarchitecture/provs/server/infrastructure/NetworkKtTest.kt
+++ b/src/test/kotlin/org/domaindrivenarchitecture/provs/server/infrastructure/NetworkKtTest.kt
@ -3,6 +3,11 @@ package org.domaindrivenarchitecture.provs.server.infrastructure
 import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.createDirs
 import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.fileContainsText
 import org.domaindrivenarchitecture.provs.framework.ubuntu.install.base.aptInstall
+import org.domaindrivenarchitecture.provs.server.domain.CertmanagerEndpoint
+import org.domaindrivenarchitecture.provs.server.domain.k3s.Certmanager
+import org.domaindrivenarchitecture.provs.server.domain.k3s.K3sConfig
+import org.domaindrivenarchitecture.provs.server.domain.k3s.Loopback
+import org.domaindrivenarchitecture.provs.server.domain.k3s.Node
 import org.domaindrivenarchitecture.provs.test.defaultTestContainer
 import org.domaindrivenarchitecture.provs.test.tags.ContainerTest
 import org.junit.jupiter.api.Assertions.assertTrue
@ -23,7 +28,19 @@ internal class NetworkKtTest {

        // when
        @Suppress("UNUSED_VARIABLE")  // see comments below: about netplan not working in unprivileged container++++
-        val res = p.provisionNetwork( "192.168.5.1", loopbackIpv6 = "fc00::5:1")
+        val res = p.provisionNetwork(
+            K3sConfig(
+                fqdn = "statistics.test.meissa-gmbh.de",
+                node = Node("162.55.164.138", "2a01:4f8:c010:672f::1"),
+                loopback = Loopback("192.168.5.1", "fc00::5:1"),
+                certmanager = Certmanager(
+                    email = "admin@meissa-gmbh.de",
+                    letsencryptEndpoint = CertmanagerEndpoint.PROD
+                ),
+                apple = true,
+                reprovision = true
+            )
+        )

        // then
        // assertTrue(res.success) -- netplan is not working in an unprivileged container - see also https://askubuntu.com/questions/813588/systemctl-failed-to-connect-to-bus-docker-ubuntu16-04-container
--- a/src/test/kotlin/org/domaindrivenarchitecture/provs/server/infrastructure/k3s/ConfigRepositoryTest.kt
+++ b/src/test/kotlin/org/domaindrivenarchitecture/provs/server/infrastructure/k3s/ConfigRepositoryTest.kt
@ -3,7 +3,7 @@ package org.domaindrivenarchitecture.provs.server.infrastructure.k3s
 import com.charleskorn.kaml.UnknownPropertyException
 import org.domaindrivenarchitecture.provs.configuration.domain.ConfigFileName
 import org.domaindrivenarchitecture.provs.server.domain.k3s.*
-import org.domaindrivenarchitecture.provs.server.infrastructure.CertManagerEndPoint
+import org.domaindrivenarchitecture.provs.server.domain.CertmanagerEndpoint
 import org.junit.jupiter.api.Assertions.assertEquals
 import org.junit.jupiter.api.Test
 import org.junit.jupiter.api.assertThrows
@ -17,12 +17,19 @@ internal class ConfigRepositoryTest {
        val config = getK3sConfig(ConfigFileName("src/test/resources/k3sServerConfig.yaml"))

        // then
-        assertEquals(K3sConfig(
-            "statistics.test.meissa-gmbh.de",
-            Node("159.69.176.151", "2a01:4f8:c010:672f::1"),
-            Loopback("192.168.5.1", "fc00::5:1"),
-            true,
-            CertManagerEndPoint.PROD), config)
+        assertEquals(
+            K3sConfig(
+                fqdn = "statistics.test.meissa-gmbh.de",
+                node = Node("162.55.164.138", "2a01:4f8:c010:672f::1"),
+                loopback = Loopback("192.168.5.1", "fc00::5:1"),
+                certmanager = Certmanager(
+                    email = "admin@meissa-gmbh.de",
+                    letsencryptEndpoint = CertmanagerEndpoint.PROD
+                ),
+                apple = true,
+                reprovision = true
+            ), config
+        )
    }

    @Test
--- a/src/test/resources/k3sServerConfig.yaml
+++ b/src/test/resources/k3sServerConfig.yaml
@ -1,6 +1,9 @@
 fqdn: statistics.test.meissa-gmbh.de
 node:
-  ipv4: 159.69.176.151
+  ipv4: 162.55.164.138
  ipv6: 2a01:4f8:c010:672f::1
-reprovision: true
+certmanager:
+  email: admin@meissa-gmbh.de
  letsencryptEndpoint: PROD
+apple: true
+reprovision: true