introduce certmgm & apple

This commit is contained in:
gittestuser 2022-02-03 23:21:27 +01:00
parent 4c578bcf81
commit 5b3a4ea4ac
13 changed files with 101 additions and 28 deletions

View file

@ -0,0 +1,5 @@
package org.domaindrivenarchitecture.provs.configuration.domain
typealias Ipv6 = String
typealias Ipv4 = String
typealias Fqdn = String

View file

@ -1,6 +0,0 @@
package org.domaindrivenarchitecture.provs.server.domain.k3s
typealias Ipv6 = String
typealias Ipv4 = String
typealias Fqdn = String
typealias Reprovision = Boolean

View file

@ -0,0 +1,5 @@
package org.domaindrivenarchitecture.provs.server.domain
enum class CertmanagerEndpoint {
STAGING, PROD
}

View file

@ -0,0 +1,10 @@
package org.domaindrivenarchitecture.provs.server.domain.k3s
import kotlinx.serialization.Serializable
import org.domaindrivenarchitecture.provs.server.domain.CertmanagerEndpoint
@Serializable
data class Certmanager(
val email: Email,
val letsencryptEndpoint: CertmanagerEndpoint
)

View file

@ -1,14 +1,21 @@
package org.domaindrivenarchitecture.provs.server.domain.k3s
import kotlinx.serialization.Serializable
import org.domaindrivenarchitecture.provs.server.infrastructure.CertManagerEndPoint
import org.domaindrivenarchitecture.provs.configuration.domain.Fqdn
@Serializable
data class K3sConfig(
val fqdn: Fqdn,
val node: Node,
val loopback: Loopback = Loopback(ipv4 = "192.168.5.1", ipv6 = "fc00::5:1"),
val reprovision: Reprovision = false,
val letsencryptEndpoint: CertManagerEndPoint = CertManagerEndPoint.STAGING
val certmanager: Certmanager? = null,
val apple: Apple? = null,
val reprovision: Reprovision = false
) {
// valid only if: apple != null >> certmanager != null
fun isDualStack(): Boolean {
return node.ipv6 != null && loopback.ipv6 != null
}
}

View file

@ -1,8 +1,10 @@
package org.domaindrivenarchitecture.provs.server.domain.k3s
import kotlinx.serialization.Serializable
import org.domaindrivenarchitecture.provs.configuration.domain.Ipv4
import org.domaindrivenarchitecture.provs.configuration.domain.Ipv6
@Serializable
data class Loopback(
val ipv4: Ipv4,
val ipv6: Ipv6?)
val ipv6: Ipv6? = null)

View file

@ -1,8 +1,10 @@
package org.domaindrivenarchitecture.provs.server.domain.k3s
import kotlinx.serialization.Serializable
import org.domaindrivenarchitecture.provs.configuration.domain.Ipv4
import org.domaindrivenarchitecture.provs.configuration.domain.Ipv6
@Serializable
data class Node(
val ipv4: Ipv4,
val ipv6: Ipv6?)
val ipv6: Ipv6? = null)

View file

@ -0,0 +1,5 @@
package org.domaindrivenarchitecture.provs.server.domain.k3s
typealias Reprovision = Boolean
typealias Apple = Boolean
typealias Email = String

View file

@ -4,6 +4,7 @@ import org.domaindrivenarchitecture.provs.framework.core.Prov
import org.domaindrivenarchitecture.provs.framework.core.ProvResult
import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.createFileFromResourceTemplate
import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.fileExists
import org.domaindrivenarchitecture.provs.server.domain.k3s.K3sConfig
val loopbackFile = "/etc/netplan/99-loopback.yaml"
val resourcePath = "org/domaindrivenarchitecture/provs/infrastructure/network/"
@ -12,20 +13,26 @@ fun Prov.testNetworkExists(): Boolean {
return fileExists(loopbackFile)
}
fun Prov.provisionNetwork(loopbackIpv4: String, loopbackIpv6: String?) = task {
val isDualStack = loopbackIpv6?.isNotEmpty() ?: false
fun Prov.provisionNetwork(k3sConfig: K3sConfig) = task {
if(!testNetworkExists()) {
if(isDualStack) {
if(k3sConfig.isDualStack()) {
createFileFromResourceTemplate(
loopbackFile,
"99-loopback.yaml.template",
"99-loopback.dual.template.yaml",
resourcePath,
mapOf("loopback_ipv4" to loopbackIpv4, "loopback_ipv6" to loopbackIpv6!!),
mapOf("loopback_ipv4" to k3sConfig.loopback.ipv4, "loopback_ipv6" to k3sConfig.loopback.ipv6!!),
"644",
sudo = true
)
} else {
createFileFromResourceTemplate(
loopbackFile,
"99-loopback.ipv4.template.yaml",
resourcePath,
mapOf("loopback_ipv4" to k3sConfig.loopback.ipv4),
"644",
sudo = true
)
}
cmd("netplan apply", sudo = true)
} else {

View file

@ -1,5 +1,8 @@
package org.domaindrivenarchitecture.provs.framework.extensions.workplace
import org.domaindrivenarchitecture.provs.configuration.domain.ConfigFileName
import org.domaindrivenarchitecture.provs.configuration.domain.TargetCliCommand
import org.domaindrivenarchitecture.provs.desktop.application.DesktopCliCommand
import org.domaindrivenarchitecture.provs.test.defaultTestContainer
import org.domaindrivenarchitecture.provs.test.tags.ContainerTest
import org.domaindrivenarchitecture.provs.desktop.domain.WorkplaceType
@ -10,6 +13,12 @@ import org.junit.jupiter.api.Test
internal class ProvisionWorkplaceKtTest {
val cmd = DesktopCliCommand(
ConfigFileName("bla"),
listOf(),
TargetCliCommand(null, null, null, false, null, false)
)
@Test
@ContainerTest
fun provisionWorkplace() {

View file

@ -3,6 +3,11 @@ package org.domaindrivenarchitecture.provs.server.infrastructure
import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.createDirs
import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.fileContainsText
import org.domaindrivenarchitecture.provs.framework.ubuntu.install.base.aptInstall
import org.domaindrivenarchitecture.provs.server.domain.CertmanagerEndpoint
import org.domaindrivenarchitecture.provs.server.domain.k3s.Certmanager
import org.domaindrivenarchitecture.provs.server.domain.k3s.K3sConfig
import org.domaindrivenarchitecture.provs.server.domain.k3s.Loopback
import org.domaindrivenarchitecture.provs.server.domain.k3s.Node
import org.domaindrivenarchitecture.provs.test.defaultTestContainer
import org.domaindrivenarchitecture.provs.test.tags.ContainerTest
import org.junit.jupiter.api.Assertions.assertTrue
@ -23,7 +28,19 @@ internal class NetworkKtTest {
// when
@Suppress("UNUSED_VARIABLE") // see comments below: about netplan not working in unprivileged container++++
val res = p.provisionNetwork( "192.168.5.1", loopbackIpv6 = "fc00::5:1")
val res = p.provisionNetwork(
K3sConfig(
fqdn = "statistics.test.meissa-gmbh.de",
node = Node("162.55.164.138", "2a01:4f8:c010:672f::1"),
loopback = Loopback("192.168.5.1", "fc00::5:1"),
certmanager = Certmanager(
email = "admin@meissa-gmbh.de",
letsencryptEndpoint = CertmanagerEndpoint.PROD
),
apple = true,
reprovision = true
)
)
// then
// assertTrue(res.success) -- netplan is not working in an unprivileged container - see also https://askubuntu.com/questions/813588/systemctl-failed-to-connect-to-bus-docker-ubuntu16-04-container

View file

@ -3,7 +3,7 @@ package org.domaindrivenarchitecture.provs.server.infrastructure.k3s
import com.charleskorn.kaml.UnknownPropertyException
import org.domaindrivenarchitecture.provs.configuration.domain.ConfigFileName
import org.domaindrivenarchitecture.provs.server.domain.k3s.*
import org.domaindrivenarchitecture.provs.server.infrastructure.CertManagerEndPoint
import org.domaindrivenarchitecture.provs.server.domain.CertmanagerEndpoint
import org.junit.jupiter.api.Assertions.assertEquals
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.assertThrows
@ -17,12 +17,19 @@ internal class ConfigRepositoryTest {
val config = getK3sConfig(ConfigFileName("src/test/resources/k3sServerConfig.yaml"))
// then
assertEquals(K3sConfig(
"statistics.test.meissa-gmbh.de",
Node("159.69.176.151", "2a01:4f8:c010:672f::1"),
Loopback("192.168.5.1", "fc00::5:1"),
true,
CertManagerEndPoint.PROD), config)
assertEquals(
K3sConfig(
fqdn = "statistics.test.meissa-gmbh.de",
node = Node("162.55.164.138", "2a01:4f8:c010:672f::1"),
loopback = Loopback("192.168.5.1", "fc00::5:1"),
certmanager = Certmanager(
email = "admin@meissa-gmbh.de",
letsencryptEndpoint = CertmanagerEndpoint.PROD
),
apple = true,
reprovision = true
), config
)
}
@Test

View file

@ -1,6 +1,9 @@
fqdn: statistics.test.meissa-gmbh.de
node:
ipv4: 159.69.176.151
ipv4: 162.55.164.138
ipv6: 2a01:4f8:c010:672f::1
reprovision: true
letsencryptEndpoint: PROD
certmanager:
email: admin@meissa-gmbh.de
letsencryptEndpoint: PROD
apple: true
reprovision: true