split auth and config

This commit is contained in:
Clemens 2024-07-17 14:18:08 +02:00
parent d5d4dd5b43
commit d3dd3ca5ef
4 changed files with 55 additions and 39 deletions

View file

@ -5,7 +5,7 @@
:url "https://www.apache.org/licenses/LICENSE-2.0.html"} :url "https://www.apache.org/licenses/LICENSE-2.0.html"}
:dependencies [[org.clojure/clojure "1.11.3" :scope "provided"] :dependencies [[org.clojure/clojure "1.11.3" :scope "provided"]
[org.clojure/tools.reader "1.4.2"] [org.clojure/tools.reader "1.4.2"]
[org.domaindrivenarchitecture/c4k-common-clj "6.4.1"] [org.domaindrivenarchitecture/c4k-common-clj "6.4.2-SNAPSHOT"] ; TODO: Release version with refactorings and update here
[hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]] [hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]]
:target-path "target/%s/" :target-path "target/%s/"
:source-paths ["src/main/cljc" :source-paths ["src/main/cljc"

View file

@ -7,10 +7,11 @@
(set! *warn-on-reflection* true) (set! *warn-on-reflection* true)
(defn -main [& cmd-args] (defn -main [& cmd-args]
(uberjar/main-common (uberjar/main-cm
"c4k-forgejo" "c4k-forgejo"
core/config? core/config?
core/auth? core/auth?
core/config-defaults core/config-defaults
core/k8s-objects core/config-objects
core/auth-objects
cmd-args)) cmd-args))

View file

@ -1,25 +1,25 @@
(ns dda.c4k-forgejo.core (ns dda.c4k-forgejo.core
(:require (:require
[clojure.spec.alpha :as s] [clojure.spec.alpha :as s]
[dda.c4k-common.yaml :as yaml] [dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm] [dda.c4k-common.common :as cm]
[dda.c4k-common.monitoring :as mon] [dda.c4k-common.monitoring :as mon]
[dda.c4k-forgejo.forgejo :as forgejo] [dda.c4k-forgejo.forgejo :as forgejo]
[dda.c4k-forgejo.backup :as backup] [dda.c4k-forgejo.backup :as backup]
[dda.c4k-common.postgres :as postgres] [dda.c4k-common.postgres :as postgres]
[dda.c4k-common.namespace :as ns])) [dda.c4k-common.namespace :as ns]))
(def config-defaults {:issuer "staging", :deploy-federated "false"}) (def config-defaults {:issuer "staging", :deploy-federated "false"})
(def rate-limit-defaults {:max-rate 10, :max-concurrent-requests 5}) (def rate-limit-defaults {:max-rate 10, :max-concurrent-requests 5})
(def config? (s/keys :req-un [::forgejo/fqdn (def config? (s/keys :req-un [::forgejo/fqdn
::forgejo/mailer-from ::forgejo/mailer-from
::forgejo/mailer-host ::forgejo/mailer-host
::forgejo/mailer-port ::forgejo/mailer-port
::forgejo/service-noreply-address] ::forgejo/service-noreply-address]
:opt-un [::forgejo/issuer :opt-un [::forgejo/issuer
::forgejo/deploy-federated ::forgejo/deploy-federated
::forgejo/default-app-name ::forgejo/default-app-name
::forgejo/service-domain-whitelist ::forgejo/service-domain-whitelist
::forgejo/forgejo-image-version-overwrite ::forgejo/forgejo-image-version-overwrite
::backup/restic-repository ::backup/restic-repository
@ -39,7 +39,7 @@
:postgres-image "postgres:14" :postgres-image "postgres:14"
:postgres-size :2gb}) :postgres-size :2gb})
(defn k8s-objects [config auth] ; ToDo: ADR for generate functions - vector or no vector? (defn config-objects [config] ; ToDo: ADR for generate functions - vector or no vector?
(let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path) (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)
resolved-config (merge {:namespace "forgejo"} postgres-config config)] resolved-config (merge {:namespace "forgejo"} postgres-config config)]
(map yaml/to-string (map yaml/to-string
@ -47,7 +47,6 @@
(cm/concat-vec (cm/concat-vec
(ns/generate resolved-config) (ns/generate resolved-config)
[(postgres/generate-config resolved-config) [(postgres/generate-config resolved-config)
(postgres/generate-secret {:namespace "forgejo"} auth)
(when (contains? resolved-config :postgres-data-volume-path) (when (contains? resolved-config :postgres-data-volume-path)
(postgres/generate-persistent-volume (select-keys resolved-config [:postgres-data-volume-path :pv-storage-size-gb]))) (postgres/generate-persistent-volume (select-keys resolved-config [:postgres-data-volume-path :pv-storage-size-gb])))
(postgres/generate-pvc (merge resolved-config {:pvc-storage-class-name storage-class})) (postgres/generate-pvc (merge resolved-config {:pvc-storage-class-name storage-class}))
@ -57,13 +56,25 @@
(forgejo/generate-service) (forgejo/generate-service)
(forgejo/generate-service-ssh) (forgejo/generate-service-ssh)
(forgejo/generate-data-volume resolved-config) (forgejo/generate-data-volume resolved-config)
(forgejo/generate-appini-env resolved-config) (forgejo/generate-appini-env resolved-config)]
(forgejo/generate-secrets auth)] ; this does not have a vector as output
(forgejo/generate-ratelimit-ingress-and-cert resolved-config) ; this function has a vector as output (forgejo/generate-ratelimit-ingress-and-cert resolved-config) ; this function has a vector as output
(when (contains? resolved-config :restic-repository) (when (contains? resolved-config :restic-repository)
[(backup/generate-config resolved-config) [(backup/generate-config resolved-config)
(backup/generate-secret auth)
(backup/generate-cron) (backup/generate-cron)
(backup/generate-backup-restore-deployment resolved-config)]) (backup/generate-backup-restore-deployment resolved-config)])
(when (:contains? resolved-config :mon-cfg) (when (:contains? resolved-config :mon-cfg)
(mon/generate (:mon-cfg resolved-config) (:mon-auth auth)))))))) (mon/generate-config)))))))
(defn auth-objects [config auth] ; ToDo: ADR for generate functions - vector or no vector?
(let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)
resolved-config (merge {:namespace "forgejo"} postgres-config config)]
(map yaml/to-string
(filter #(not (nil? %))
(cm/concat-vec
(ns/generate resolved-config)
[(postgres/generate-secret {:namespace "forgejo"} auth)
(forgejo/generate-secrets auth)]
(when (contains? resolved-config :restic-repository)
[(backup/generate-secret auth)])
(when (:contains? resolved-config :mon-cfg)
(mon/generate-auth (:mon-cfg resolved-config) (:mon-auth auth))))))))

View file

@ -4,7 +4,7 @@
[clojure.tools.reader.edn :as edn] [clojure.tools.reader.edn :as edn]
[dda.c4k-forgejo.core :as core] [dda.c4k-forgejo.core :as core]
[dda.c4k-forgejo.forgejo :as forgejo] [dda.c4k-forgejo.forgejo :as forgejo]
[dda.c4k-common.browser :as br] [dda.c4k-common.browser :as br]
[dda.c4k-common.common :as cm])) [dda.c4k-common.common :as cm]))
(defn generate-group (defn generate-group
@ -73,14 +73,13 @@
:mailer-host (br/get-content-from-element "mailer-host") :mailer-host (br/get-content-from-element "mailer-host")
:mailer-port (br/get-content-from-element "mailer-port") :mailer-port (br/get-content-from-element "mailer-port")
:service-noreply-address (br/get-content-from-element "service-noreply-address") :service-noreply-address (br/get-content-from-element "service-noreply-address")
:volume-total-storage-size (br/get-content-from-element "volume-total-storage-size" :deserializer js/parseInt)} :volume-total-storage-size (br/get-content-from-element "volume-total-storage-size" :deserializer js/parseInt)}
(when (not (st/blank? issuer)) (when (not (st/blank? issuer))
{:issuer issuer}) {:issuer issuer})
(when (not (st/blank? app-name)) (when (not (st/blank? app-name))
{:default-app-name app-name}) {:default-app-name app-name})
(when (not (st/blank? domain-whitelist)) (when (not (st/blank? domain-whitelist))
{:service-domain-whitelist domain-whitelist}) {:service-domain-whitelist domain-whitelist}))))
)))
(defn validate-all! [] (defn validate-all! []
(br/validate! "fqdn" ::forgejo/fqdn) (br/validate! "fqdn" ::forgejo/fqdn)
@ -91,7 +90,7 @@
(br/validate! "deploy-federated" ::forgejo/deploy-federated :optional true) (br/validate! "deploy-federated" ::forgejo/deploy-federated :optional true)
(br/validate! "issuer" ::forgejo/issuer :optional true) (br/validate! "issuer" ::forgejo/issuer :optional true)
(br/validate! "app-name" ::forgejo/default-app-name :optional true) (br/validate! "app-name" ::forgejo/default-app-name :optional true)
(br/validate! "domain-whitelist" ::forgejo/service-domain-whitelist :optional true) (br/validate! "domain-whitelist" ::forgejo/service-domain-whitelist :optional true)
(br/validate! "volume-total-storage-size" ::forgejo/volume-total-storage-size :deserializer js/parseInt) (br/validate! "volume-total-storage-size" ::forgejo/volume-total-storage-size :deserializer js/parseInt)
(br/validate! "auth" forgejo/auth? :deserializer edn/read-string) (br/validate! "auth" forgejo/auth? :deserializer edn/read-string)
(br/set-form-validated!)) (br/set-form-validated!))
@ -103,16 +102,21 @@
(defn init [] (defn init []
(br/append-hickory (generate-content-div)) (br/append-hickory (generate-content-div))
(-> js/document (let [config-only false
(.getElementById "generate-button") auth-only false]
(.addEventListener "click" (-> js/document
#(do (validate-all!) (.getElementById "generate-button")
(-> (cm/generate-common (.addEventListener "click"
(config-from-document) #(do (validate-all!)
(br/get-content-from-element "auth" :deserializer edn/read-string) (-> (cm/generate-cm
core/config-defaults (config-from-document)
core/k8s-objects) (br/get-content-from-element "auth" :deserializer edn/read-string)
(br/set-output!))))) core/config-defaults
core/config-objects
core/auth-objects
config-only
auth-only)
(br/set-output!))))))
(add-validate-listener "fqdn") (add-validate-listener "fqdn")
(add-validate-listener "deploy-federated") (add-validate-listener "deploy-federated")
(add-validate-listener "mailer-from") (add-validate-listener "mailer-from")
@ -120,7 +124,7 @@
(add-validate-listener "mailer-port") (add-validate-listener "mailer-port")
(add-validate-listener "service-noreply-address") (add-validate-listener "service-noreply-address")
(add-validate-listener "app-name") (add-validate-listener "app-name")
(add-validate-listener "domain-whitelist") (add-validate-listener "domain-whitelist")
(add-validate-listener "volume-total-storage-size") (add-validate-listener "volume-total-storage-size")
(add-validate-listener "issuer") (add-validate-listener "issuer")
(add-validate-listener "auth")) (add-validate-listener "auth"))