diff --git a/cmd/template_lagoonservices.go b/cmd/template_lagoonservices.go index ca0e6d34..4582ff10 100644 --- a/cmd/template_lagoonservices.go +++ b/cmd/template_lagoonservices.go @@ -159,6 +159,20 @@ func LagoonServiceTemplateGeneration(g generator.GeneratorInput) error { } helpers.WriteTemplateFile(fmt.Sprintf("%s/networkpolicy-%s.yaml", savedTemplates, serviceNetPol.Name), templateBytes) } + middlewares, err := servicestemplates.GenerateMiddleware(*lagoonBuild.BuildValues) + if err != nil { + return fmt.Errorf("couldn't generate template: %v", err) + } + for _, middleware := range middlewares { + templateBytes, err := servicestemplates.TemplateMiddleware(&middleware) + if err != nil { + return fmt.Errorf("couldn't generate template: %v", err) + } + if g.Debug { + fmt.Printf("Templating middleware manifests %s\n", fmt.Sprintf("%s/middleware-%s.yaml", savedTemplates, middleware.Name)) + } + helpers.WriteTemplateFile(fmt.Sprintf("%s/middleware-%s.yaml", savedTemplates, middleware.Name), templateBytes) + } return nil } diff --git a/go.mod b/go.mod index 0f78d455..406729ad 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,8 @@ require ( github.com/k8up-io/k8up/v2 v2.13.1 github.com/robfig/cron/v3 v3.0.1 github.com/spf13/cobra v1.10.0 - github.com/uselagoon/machinery v0.0.34 + github.com/traefik/traefik/v2 v2.9.10 + github.com/uselagoon/machinery v0.0.35 github.com/vshn/k8up v1.99.99 gopkg.in/yaml.v2 v2.4.0 gopkg.in/yaml.v3 v3.0.1 @@ -31,6 +32,7 @@ require ( ) require ( + github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/distribution/distribution/v3 v3.0.0-20210316161203-a01c71e2477e // indirect github.com/docker/docker-credential-helpers v0.8.2 // indirect @@ -39,12 +41,15 @@ require ( github.com/emicklei/go-restful/v3 v3.12.2 // indirect github.com/evanphx/json-patch/v5 v5.9.11 // indirect github.com/fxamacker/cbor/v2 v2.9.0 // indirect + github.com/go-acme/lego/v4 v4.10.2 // indirect + github.com/go-jose/go-jose/v3 v3.0.0 // indirect github.com/go-logr/logr v1.4.3 // indirect github.com/go-openapi/jsonpointer v0.21.0 // indirect github.com/go-openapi/jsonreference v0.21.0 // indirect github.com/go-openapi/swag v0.23.0 // indirect github.com/google/gnostic-models v0.7.0 // indirect github.com/google/uuid v1.6.0 // indirect + github.com/gorilla/mux v1.8.0 // indirect github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/imdario/mergo v1.0.1 // indirect @@ -53,6 +58,7 @@ require ( github.com/json-iterator/go v1.1.12 // indirect github.com/mailru/easyjson v0.9.0 // indirect github.com/mattn/go-shellwords v1.0.12 // indirect + github.com/miekg/dns v1.1.50 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/moby/spdystream v0.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect @@ -60,27 +66,33 @@ require ( github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect github.com/opencontainers/go-digest v1.0.0 // indirect + github.com/patrickmn/go-cache v2.1.0+incompatible // indirect github.com/pkg/errors v0.9.1 // indirect github.com/sergi/go-diff v1.1.0 // indirect github.com/shopspring/decimal v1.4.0 // indirect github.com/sirupsen/logrus v1.9.3 // indirect github.com/spf13/pflag v1.0.9 // indirect + github.com/traefik/paerser v0.2.0 // indirect github.com/x448/float16 v0.8.4 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect go.yaml.in/yaml/v2 v2.4.3 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/net v0.47.0 // indirect - golang.org/x/oauth2 v0.30.0 // indirect - golang.org/x/sync v0.18.0 // indirect - golang.org/x/sys v0.38.0 // indirect - golang.org/x/term v0.37.0 // indirect - golang.org/x/text v0.31.0 // indirect + golang.org/x/crypto v0.47.0 // indirect + golang.org/x/mod v0.31.0 // indirect + golang.org/x/net v0.48.0 // indirect + golang.org/x/oauth2 v0.34.0 // indirect + golang.org/x/sync v0.19.0 // indirect + golang.org/x/sys v0.40.0 // indirect + golang.org/x/term v0.39.0 // indirect + golang.org/x/text v0.33.0 // indirect golang.org/x/time v0.9.0 // indirect + golang.org/x/tools v0.40.0 // indirect google.golang.org/protobuf v1.36.8 // indirect gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect + k8s.io/apiextensions-apiserver v0.35.0 // indirect k8s.io/klog/v2 v2.130.1 // indirect k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect diff --git a/go.sum b/go.sum index ea190891..c61ac364 100644 --- a/go.sum +++ b/go.sum @@ -46,6 +46,8 @@ github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZ github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak= +github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= @@ -109,6 +111,8 @@ github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= +github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= +github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= @@ -213,12 +217,16 @@ github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2H github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= +github.com/go-acme/lego/v4 v4.10.2 h1:5eW3qmda5v/LP21v1Hj70edKY1jeFZQwO617tdkwp6Q= +github.com/go-acme/lego/v4 v4.10.2/go.mod h1:EMbf0Jmqwv94nJ5WL9qWnSXIBZnvsS9gNypansHGc6U= github.com/go-critic/go-critic v0.3.5-0.20190904082202-d79a9f0c64db/go.mod h1:+sE8vrLDS2M0pZkBk0wy6+nLdKexVDrl/jBqQOTDThA= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-ini/ini v1.62.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= +github.com/go-jose/go-jose/v3 v3.0.0 h1:s6rrhirfEP/CGIoc6p+PZAeogN2SxKav6Wp7+dyMWVo= +github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= @@ -429,6 +437,7 @@ github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97Dwqy github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q= +github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= @@ -585,6 +594,8 @@ github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpe github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= +github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA= +github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/minio/minio-go v6.0.14+incompatible/go.mod h1:7guKYtitv8dktvNUGrhzmNlA5wrAABTQXCoesZdFQO8= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= @@ -666,6 +677,8 @@ github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3I github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= +github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc= +github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ= github.com/paulmach/orb v0.1.3/go.mod h1:VFlX/8C+IQ1p6FTRRKzKoOPJnvEtA5G0Veuqwbu//Vk= github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= @@ -809,6 +822,10 @@ github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhV github.com/timakin/bodyclose v0.0.0-20190930140734-f7f2e9bca95e/go.mod h1:Qimiffbc6q9tBWlVV6x0P9sat/ao1xEkREYPPj9hphk= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= +github.com/traefik/paerser v0.2.0 h1:zqCLGSXoNlcBd+mzqSCLjon/I6phqIjeJL2xFB2ysgQ= +github.com/traefik/paerser v0.2.0/go.mod h1:afzaVcgF8A+MpTnPG4wBr4whjanCSYA6vK5RwaYVtRc= +github.com/traefik/traefik/v2 v2.9.10 h1:lnUb167XG/2hbVMYi3YyI8dkm4PZ1NrttPq2R2lLbsc= +github.com/traefik/traefik/v2 v2.9.10/go.mod h1:V1Xf/2ht2NyeYXEPWaA/5C+up4aPYxxcU4ajIyhzERU= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= github.com/ulikunitz/xz v0.5.5/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= @@ -816,8 +833,8 @@ github.com/ultraware/funlen v0.0.2/go.mod h1:Dp4UiAus7Wdb9KUZsYWZEWiRzGuM2kXM1lP github.com/ultraware/whitespace v0.0.4/go.mod h1:aVMh/gQve5Maj9hQ/hg+F75lr/X5A89uZnzAmWSineA= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= -github.com/uselagoon/machinery v0.0.34 h1:5DsvXEyMeXmzQhjt11YH7+kZJueabovrwKTv0x7jQV8= -github.com/uselagoon/machinery v0.0.34/go.mod h1:G0ujppuNR0BrtAnlmH8xDb9TDfayb4A36aeo0DYg7fQ= +github.com/uselagoon/machinery v0.0.35 h1:j4prhAVEh/xssvhzYv9MIoxsDZcJfSY3APt2fmeaE4o= +github.com/uselagoon/machinery v0.0.35/go.mod h1:UVqIxwF/Q9xO3LQMkQhWeuegpuKcsrxmBa4LE52SiWQ= github.com/uudashr/gocognit v0.0.0-20190926065955-1655d0de0517/go.mod h1:j44Ayx2KW4+oB6SWMv8KsmHzZrOInQav7D3cQMJ5JUM= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= github.com/valyala/fasthttp v1.2.0/go.mod h1:4vX61m6KN+xDduDNwXrhIAVZaZaZiQ1luJk8LWSxF3s= @@ -843,6 +860,7 @@ github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca/go.mod h1:ce1O1j6Ut github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yujunz/go-getter v1.4.1-lite/go.mod h1:sbmqxXjyLunH1PkF3n7zSlnVeMvmYUuIl9ZVs/7NyCc= github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= @@ -901,6 +919,7 @@ golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200128174031-69ecbb4d6d5d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -908,6 +927,8 @@ golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8= +golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -941,8 +962,9 @@ golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzB golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.1-0.20200828183125-ce943fd02449/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= -golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.31.0 h1:HaW9xtz0+kOcWKwli0ZXy79Ix+UW/vOfmWI5QVd2tgI= +golang.org/x/mod v0.31.0/go.mod h1:43JraMp9cGx1Rx3AqioxrbrhNsLl2l/iNAvuBkrezpg= golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -984,16 +1006,18 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210224082022-3d97a244fca7/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= -golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY= -golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU= +golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU= +golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= -golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= +golang.org/x/oauth2 v0.34.0 h1:hqK/t4AKgbqWkdkcAeI8XLmbK+4m4G5YeQRrmiotGlw= +golang.org/x/oauth2 v0.34.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1003,8 +1027,9 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I= -golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4= +golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1066,18 +1091,20 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc= -golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ= +golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU= -golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254= +golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY= +golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1087,8 +1114,8 @@ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM= -golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM= +golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE= +golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1162,8 +1189,9 @@ golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= -golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ= -golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs= +golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.40.0 h1:yLkxfA+Qnul4cs9QA3KnlFu0lVmd8JJfoq+E41uSutA= +golang.org/x/tools v0.40.0/go.mod h1:Ik/tzLRlbscWpqqMRjyWYDisX8bG13FrdXp3o4Sr9lc= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/internal/generator/buildvalues.go b/internal/generator/buildvalues.go index aff14d22..02f59062 100644 --- a/internal/generator/buildvalues.go +++ b/internal/generator/buildvalues.go @@ -2,6 +2,7 @@ package generator import ( composetypes "github.com/compose-spec/compose-go/types" + traefik "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/traefik/v1alpha1" "github.com/uselagoon/build-deploy-tool/internal/dbaasclient" "github.com/uselagoon/build-deploy-tool/internal/lagoon" corev1 "k8s.io/api/core/v1" @@ -13,86 +14,87 @@ const ( // BuildValues is the values file data generated by the lagoon build type BuildValues struct { - SourceRepository string `json:"sourceRepository" description:"the source repository for the project"` - BuildName string `json:"buildName" description:"the name of the build"` - Project string `json:"project" description:"the name of the project"` - Environment string `json:"environment" description:"the name of the environment, this is the safe version and may differ from the branch name"` - EnvironmentType string `json:"environmentType" description:"the type of the environment, production or development"` - Namespace string `json:"namespace" description:"the kubernetes namespace that this environment is built in"` - GitSHA string `json:"gitSha" description:"the git sha of this particular build"` - BuildType string `json:"buildType" description:"the type of build this is, branch, pullrequest, or promote"` - Kubernetes string `json:"kubernetes" description:"the name of the cluster that this hosts this environment"` - LagoonVersion string `json:"lagoonVersion" description:"the version of lagoon that started this build"` - ActiveEnvironment string `json:"activeEnvironment" activestandby:"true" description:"the current active environment"` - StandbyEnvironment string `json:"standbyEnvironment" activestandby:"true" description:"the current standby environment"` - IsActiveEnvironment bool `json:"isActiveEnvironment" activestandby:"true" description:"flag to determine if this environment is currently an active environment"` - IsStandbyEnvironment bool `json:"isStandbyEnvironment" activestandby:"true" description:"flag to determine if this environment is currently a standby environment"` - PodSecurityContext PodSecurityContext `json:"podSecurityContext" description:"stores the podsecuritycontext overrides"` - Branch string `json:"branch" buildtype:"branch" description:"the branch used for this environment"` - PRNumber string `json:"prNumber" buildtype:"pullrequest" description:"pullrequest number"` - PRTitle string `json:"prTitle" buildtype:"pullrequest" description:"title of the pullrequest"` - PRHeadBranch string `json:"prHeadBranch" buildtype:"pullrequest" description:"head branch of the pullrequest"` - PRBaseBranch string `json:"prBaseBranch" buildtype:"pullrequest" description:"base branch of the pullrequest"` - PRHeadSHA string `json:"prHeadSHA" buildtype:"pullrequest" description:"head sha of the pullrequest"` - PRBaseSHA string `json:"prBaseSHA" buildtype:"pullrequest" description:"base sha of the pullrequest"` - PrivateRegistryURLS []string `json:"privateRegistryURLS" description:"this stores all the private registry urls used by this environment"` - Fastly Fastly `json:"fastly" deprecated:"true" description:"this is the configuration of fastly for this environment"` - FastlyCacheNoCache string `json:"fastlyCacheNoCache" deprecated:"true" description:"this is the service id of a fastly cache-no-cache service"` - ConfigMapSha string `json:"configMapSha" description:"this is the computed sha of the lagoon-env configmap, it is used to determine if changes are required to deployments"` - Route string `json:"route" description:"this stores the primary determined route after all have been calculated"` - Routes []string `json:"routes" description:"this stores all routes after they are calculated"` - AutogeneratedRoutes []string `json:"autogeneratedRoutes" description:"this stores autogenerated routes after they are calculated"` - AutogeneratedRoutesFastly bool `json:"autogeneratedRoutesFastly" deprecated:"true" description:"the flag to determine if autogenerated routes should receive fastly annotations"` - Services []ServiceValues `json:"services" description:"stores all the computed values for all docker-compose services for this environment"` - Backup BackupConfiguration `json:"backup" description:"stores backup configuration"` - Monitoring MonitoringConfig `json:"monitoring" deprecated:"true" description:"stores monitoring configuration"` - DBaaSOperatorEndpoint string `json:"dbaasOperatorEndpoint" description:"the dbaas operator to use for provisioning a consumer"` - ServiceTypeOverrides *lagoon.EnvironmentVariable `json:"serviceTypeOverrides" description:"stores any service type overrides"` - DBaaSEnvironmentTypeOverrides *lagoon.EnvironmentVariable `json:"dbaasEnvironmentTypeOverrides" description:"stores any dbaas type overrides"` - DBaaSFallbackSingle bool `json:"dbaasFallbackSingle" description:"the fallback flag to define if a single pod should be used if no provider is found"` - IngressClass string `json:"ingressClass" description:"the ingress class used for this environment"` - TaskScaleMaxIterations int `json:"taskScaleMaxIterations" description:"the number of attempts to wait for pods to scale for pre and post rollout tasks"` - TaskScaleWaitTime int `json:"taskScaleWaitTime" description:"the time to wait for pods to scale for pre and post rollout tasks"` - DynamicSecretMounts []DynamicSecretMounts `json:"dynamicSecretMounts" description:"stores any dynamic secret mount definitions"` - DynamicSecretVolumes []DynamicSecretVolumes `json:"dynamicSecretVolumes" description:"stores any dynamic secret volume definitions"` - DynamicDBaaSSecrets []string `json:"dynamicDBaaSSecrets" description:"stores any dynamic dbaas secret definitions"` - ImageCache string `json:"imageCache" description:"if an imagecache has been provided for images outside of the imageregistry"` - DefaultBackupSchedule string `json:"defaultBackupSchedule" description:"the default backup scheduled"` - DBaaSClient *dbaasclient.Client `json:"-" description:"used to store connection information for the dbaas operator endpoint"` - ImageReferences map[string]string `json:"imageReferences" description:"the post image build phase storage location of images for this build"` - Resources Resources `json:"resources" description:"this stores resource overrides for this environment"` - CronjobsDisabled bool `json:"cronjobsDisabled" description:"this controls whether cronjobs are enabled for this environment or not"` - FeatureFlags map[string]bool `json:"-" description:"these are used by templating systems to turn on or off certain functionality based on if feature flags are defined"` - ImageRegistry string `json:"imageRegistry" description:"the image registry in use for this environment, usually harbor"` - DockerBuildKit *bool `json:"dockerBuildKit" description:"the flag to determine if docker buildkit is used"` - ImageBuildArguments map[string]string `json:"imageBuildArguments" description:"where the calculated image build arguments are stored"` - EnvironmentVariables []lagoon.EnvironmentVariable `json:"environmentVariables" description:"the merged project and environment variables for this environment"` - LagoonYAML lagoon.YAML `json:"lagoonYAML" description:"the unmarshalled lagoon yaml file"` - LagoonYAMLFile string `json:"lagoonYAMLFile"` - PromotionSourceEnvironment string `json:"promotionSourceEnvironment" buildtype:"promote" description:"the promotion source environment to pull images from"` - IsCI bool `json:"isCI" description:"this controls aspects of the environment or build depending on if a CI job"` - RWX2RWO bool `json:"RWX2RWO" description:"this controls whether the ReadWriteMany to ReadWriteOnce override should be used"` - IsolationNetworkPolicy bool `json:"isolationNetworkPolicy" description:"this controls whether isolation network policies should be enabled"` - ContainerRegistry []ContainerRegistry `json:"containerRegistry" description:"this contains any private container registries that may exist within the environment that need to be logged into"` - RoutesAutogeneratePrefixes []string `json:"routesAutogeneratePrefixes"` - BackupsEnabled bool `json:"backupsEnabled"` - RouteQuota *int `json:"routeQuota"` - ImageCacheBuildArguments []ImageCacheBuildArguments `json:"imageCacheBuildArgs"` - IgnoreImageCache bool `json:"ignoreImageCache"` - SSHPrivateKey string `json:"sshPrivateKey"` - ForcePullImages []string `json:"forcePullImages"` - Volumes []ComposeVolume `json:"volumes,omitempty" description:"stores any additional persistent volume definitions"` - PodSpreadConstraints bool `json:"podSpreadConstraints"` - PodAntiAffinity bool `json:"podAntiAffinity"` - ConfigAPIHost string `json:"configAPIHost"` - ConfigTokenHost string `json:"configTokenHost"` - ConfigTokenPort string `json:"configTokenPort"` - ConfigSSHHost string `json:"configSSHHost"` - ConfigSSHPort string `json:"configSSHPort"` - LagoonEnvVariables map[string]string `json:"lagoonEnvVariables" description:"map of variables that will be saved into the lagoon-env secret"` - LagoonPlatformEnvVariables map[string]string `json:"lagoonPlatformEnvVariables" description:"map of variables that will be saved into the lagoon-platform-env secret"` - AutoMountServiceAccountToken bool `json:"autoMountServiceAccountToken" description:"flag to enable automounting the service account token"` - DeploymentRevisionHistory *int32 `json:"deploymentRevisionHistory" description:"how many replicasets to retain"` + SourceRepository string `json:"sourceRepository" description:"the source repository for the project"` + BuildName string `json:"buildName" description:"the name of the build"` + Project string `json:"project" description:"the name of the project"` + Environment string `json:"environment" description:"the name of the environment, this is the safe version and may differ from the branch name"` + EnvironmentType string `json:"environmentType" description:"the type of the environment, production or development"` + Namespace string `json:"namespace" description:"the kubernetes namespace that this environment is built in"` + GitSHA string `json:"gitSha" description:"the git sha of this particular build"` + BuildType string `json:"buildType" description:"the type of build this is, branch, pullrequest, or promote"` + Kubernetes string `json:"kubernetes" description:"the name of the cluster that this hosts this environment"` + LagoonVersion string `json:"lagoonVersion" description:"the version of lagoon that started this build"` + ActiveEnvironment string `json:"activeEnvironment" activestandby:"true" description:"the current active environment"` + StandbyEnvironment string `json:"standbyEnvironment" activestandby:"true" description:"the current standby environment"` + IsActiveEnvironment bool `json:"isActiveEnvironment" activestandby:"true" description:"flag to determine if this environment is currently an active environment"` + IsStandbyEnvironment bool `json:"isStandbyEnvironment" activestandby:"true" description:"flag to determine if this environment is currently a standby environment"` + PodSecurityContext PodSecurityContext `json:"podSecurityContext" description:"stores the podsecuritycontext overrides"` + Branch string `json:"branch" buildtype:"branch" description:"the branch used for this environment"` + PRNumber string `json:"prNumber" buildtype:"pullrequest" description:"pullrequest number"` + PRTitle string `json:"prTitle" buildtype:"pullrequest" description:"title of the pullrequest"` + PRHeadBranch string `json:"prHeadBranch" buildtype:"pullrequest" description:"head branch of the pullrequest"` + PRBaseBranch string `json:"prBaseBranch" buildtype:"pullrequest" description:"base branch of the pullrequest"` + PRHeadSHA string `json:"prHeadSHA" buildtype:"pullrequest" description:"head sha of the pullrequest"` + PRBaseSHA string `json:"prBaseSHA" buildtype:"pullrequest" description:"base sha of the pullrequest"` + PrivateRegistryURLS []string `json:"privateRegistryURLS" description:"this stores all the private registry urls used by this environment"` + Fastly Fastly `json:"fastly" deprecated:"true" description:"this is the configuration of fastly for this environment"` + FastlyCacheNoCache string `json:"fastlyCacheNoCache" deprecated:"true" description:"this is the service id of a fastly cache-no-cache service"` + ConfigMapSha string `json:"configMapSha" description:"this is the computed sha of the lagoon-env configmap, it is used to determine if changes are required to deployments"` + Route string `json:"route" description:"this stores the primary determined route after all have been calculated"` + Routes []string `json:"routes" description:"this stores all routes after they are calculated"` + AutogeneratedRoutes []string `json:"autogeneratedRoutes" description:"this stores autogenerated routes after they are calculated"` + AutogeneratedRoutesFastly bool `json:"autogeneratedRoutesFastly" deprecated:"true" description:"the flag to determine if autogenerated routes should receive fastly annotations"` + Services []ServiceValues `json:"services" description:"stores all the computed values for all docker-compose services for this environment"` + Backup BackupConfiguration `json:"backup" description:"stores backup configuration"` + Monitoring MonitoringConfig `json:"monitoring" deprecated:"true" description:"stores monitoring configuration"` + DBaaSOperatorEndpoint string `json:"dbaasOperatorEndpoint" description:"the dbaas operator to use for provisioning a consumer"` + ServiceTypeOverrides *lagoon.EnvironmentVariable `json:"serviceTypeOverrides" description:"stores any service type overrides"` + DBaaSEnvironmentTypeOverrides *lagoon.EnvironmentVariable `json:"dbaasEnvironmentTypeOverrides" description:"stores any dbaas type overrides"` + DBaaSFallbackSingle bool `json:"dbaasFallbackSingle" description:"the fallback flag to define if a single pod should be used if no provider is found"` + IngressClass string `json:"ingressClass" description:"the ingress class used for this environment"` + TaskScaleMaxIterations int `json:"taskScaleMaxIterations" description:"the number of attempts to wait for pods to scale for pre and post rollout tasks"` + TaskScaleWaitTime int `json:"taskScaleWaitTime" description:"the time to wait for pods to scale for pre and post rollout tasks"` + DynamicSecretMounts []DynamicSecretMounts `json:"dynamicSecretMounts" description:"stores any dynamic secret mount definitions"` + DynamicSecretVolumes []DynamicSecretVolumes `json:"dynamicSecretVolumes" description:"stores any dynamic secret volume definitions"` + DynamicDBaaSSecrets []string `json:"dynamicDBaaSSecrets" description:"stores any dynamic dbaas secret definitions"` + ImageCache string `json:"imageCache" description:"if an imagecache has been provided for images outside of the imageregistry"` + DefaultBackupSchedule string `json:"defaultBackupSchedule" description:"the default backup scheduled"` + DBaaSClient *dbaasclient.Client `json:"-" description:"used to store connection information for the dbaas operator endpoint"` + ImageReferences map[string]string `json:"imageReferences" description:"the post image build phase storage location of images for this build"` + Resources Resources `json:"resources" description:"this stores resource overrides for this environment"` + CronjobsDisabled bool `json:"cronjobsDisabled" description:"this controls whether cronjobs are enabled for this environment or not"` + FeatureFlags map[string]bool `json:"-" description:"these are used by templating systems to turn on or off certain functionality based on if feature flags are defined"` + ImageRegistry string `json:"imageRegistry" description:"the image registry in use for this environment, usually harbor"` + DockerBuildKit *bool `json:"dockerBuildKit" description:"the flag to determine if docker buildkit is used"` + ImageBuildArguments map[string]string `json:"imageBuildArguments" description:"where the calculated image build arguments are stored"` + EnvironmentVariables []lagoon.EnvironmentVariable `json:"environmentVariables" description:"the merged project and environment variables for this environment"` + LagoonYAML lagoon.YAML `json:"lagoonYAML" description:"the unmarshalled lagoon yaml file"` + LagoonYAMLFile string `json:"lagoonYAMLFile"` + PromotionSourceEnvironment string `json:"promotionSourceEnvironment" buildtype:"promote" description:"the promotion source environment to pull images from"` + IsCI bool `json:"isCI" description:"this controls aspects of the environment or build depending on if a CI job"` + RWX2RWO bool `json:"RWX2RWO" description:"this controls whether the ReadWriteMany to ReadWriteOnce override should be used"` + IsolationNetworkPolicy bool `json:"isolationNetworkPolicy" description:"this controls whether isolation network policies should be enabled"` + ContainerRegistry []ContainerRegistry `json:"containerRegistry" description:"this contains any private container registries that may exist within the environment that need to be logged into"` + RoutesAutogeneratePrefixes []string `json:"routesAutogeneratePrefixes"` + BackupsEnabled bool `json:"backupsEnabled"` + RouteQuota *int `json:"routeQuota"` + ImageCacheBuildArguments []ImageCacheBuildArguments `json:"imageCacheBuildArgs"` + IgnoreImageCache bool `json:"ignoreImageCache"` + SSHPrivateKey string `json:"sshPrivateKey"` + ForcePullImages []string `json:"forcePullImages"` + Volumes []ComposeVolume `json:"volumes,omitempty" description:"stores any additional persistent volume definitions"` + PodSpreadConstraints bool `json:"podSpreadConstraints"` + PodAntiAffinity bool `json:"podAntiAffinity"` + ConfigAPIHost string `json:"configAPIHost"` + ConfigTokenHost string `json:"configTokenHost"` + ConfigTokenPort string `json:"configTokenPort"` + ConfigSSHHost string `json:"configSSHHost"` + ConfigSSHPort string `json:"configSSHPort"` + LagoonEnvVariables map[string]string `json:"lagoonEnvVariables" description:"map of variables that will be saved into the lagoon-env secret"` + LagoonPlatformEnvVariables map[string]string `json:"lagoonPlatformEnvVariables" description:"map of variables that will be saved into the lagoon-platform-env secret"` + AutoMountServiceAccountToken bool `json:"autoMountServiceAccountToken" description:"flag to enable automounting the service account token"` + DeploymentRevisionHistory *int32 `json:"deploymentRevisionHistory" description:"how many replicasets to retain"` + TraefikMiddlewares map[string]traefik.MiddlewareSpec `json:"traefikMiddlewares"` } type Resources struct { diff --git a/internal/generator/generator.go b/internal/generator/generator.go index d7734f1b..f07403e7 100644 --- a/internal/generator/generator.go +++ b/internal/generator/generator.go @@ -8,9 +8,12 @@ import ( "strconv" "strings" + "github.com/traefik/traefik/v2/pkg/config/dynamic" + traefik "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/traefik/v1alpha1" "github.com/uselagoon/build-deploy-tool/internal/dbaasclient" "github.com/uselagoon/build-deploy-tool/internal/helpers" "github.com/uselagoon/build-deploy-tool/internal/lagoon" + "k8s.io/apimachinery/pkg/util/intstr" ) type Generator struct { @@ -520,6 +523,65 @@ func NewGenerator( } /* end route generation configuration */ + // traefik middlewares + if ingressClass == "traefik" { + buildValues.TraefikMiddlewares = make(map[string]traefik.MiddlewareSpec) + // add the aergia idling middleware for traefik + buildValues.TraefikMiddlewares["aergia"] = traefik.MiddlewareSpec{ + Errors: &traefik.ErrorPage{ + Status: []string{"503"}, + Query: fmt.Sprintf("/?namespace=%s&url={url}", namespace), + Service: traefik.Service{ + LoadBalancerSpec: traefik.LoadBalancerSpec{ + Name: "aergia-backend", + Namespace: "aergia", + Port: intstr.IntOrString{ + IntVal: 80, + }, + }, + }, + }, + } + buildValues.TraefikMiddlewares["https-redirect"] = traefik.MiddlewareSpec{ + RedirectScheme: &dynamic.RedirectScheme{ + Scheme: "https", + }, + } + buildValues.TraefikMiddlewares["x-robots"] = traefik.MiddlewareSpec{ + Headers: &dynamic.Headers{ + CustomResponseHeaders: map[string]string{ + "X-Robots-Tag": "noindex, nofollow", + }, + }, + } + for _, route := range mainRoutes.Routes { + if route.HSTSEnabled != nil && *route.HSTSEnabled { + stsHeader := &dynamic.Headers{} + if route.HSTSIncludeSubdomains != nil { + stsHeader.STSIncludeSubdomains = *route.HSTSIncludeSubdomains + } + if route.HSTSMaxAge != 0 { + stsHeader.STSSeconds = int64(route.HSTSMaxAge) + } + if route.HSTSPreload != nil { + stsHeader.STSPreload = *route.HSTSPreload + } + buildValues.TraefikMiddlewares[fmt.Sprintf("%s-hsts", helpers.GetBase32EncodedLowercase(helpers.GetSha256Hash(route.IngressName))[:8])] = traefik.MiddlewareSpec{ + Headers: stsHeader, + } + } + if value, ok := route.Annotations["nginx.ingress.kubernetes.io/permanent-redirect"]; ok { + buildValues.TraefikMiddlewares[fmt.Sprintf("%s-redirect", helpers.GetBase32EncodedLowercase(helpers.GetSha256Hash(route.IngressName))[:8])] = traefik.MiddlewareSpec{ + RedirectRegex: &dynamic.RedirectRegex{ + Regex: fmt.Sprintf("^https?://%s/(.*)", route.Domain), + Replacement: strings.ReplaceAll(value, "$request_uri", "/${1}"), + Permanent: true, + }, + } + } + } + } + // collect a bunch of the default LAGOON_X based build variables that are injected into `lagoon-env` and make them available configVars := collectLagoonEnvConfigmapVariables(buildValues) diff --git a/internal/templating/template_middleware.go b/internal/templating/template_middleware.go new file mode 100644 index 00000000..64944927 --- /dev/null +++ b/internal/templating/template_middleware.go @@ -0,0 +1,112 @@ +package templating + +import ( + "fmt" + + "github.com/uselagoon/build-deploy-tool/internal/generator" + "github.com/uselagoon/build-deploy-tool/internal/helpers" + apivalidation "k8s.io/apimachinery/pkg/api/validation" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + metavalidation "k8s.io/apimachinery/pkg/apis/meta/v1/validation" + "sigs.k8s.io/yaml" + + traefik "github.com/traefik/traefik/v2/pkg/provider/kubernetes/crd/traefik/v1alpha1" +) + +// GenerateRegistrySecretTemplate generates the lagoon template to apply. +func GenerateMiddleware( + buildValues generator.BuildValues, +) ([]traefik.Middleware, error) { + var result []traefik.Middleware + + // add the default labels + labels := map[string]string{ + "app.kubernetes.io/managed-by": "build-deploy-tool", + "lagoon.sh/project": buildValues.Project, + "lagoon.sh/environment": buildValues.Environment, + "lagoon.sh/environmentType": buildValues.EnvironmentType, + "lagoon.sh/buildType": buildValues.BuildType, + } + + // add the default annotations + annotations := map[string]string{ + "lagoon.sh/version": buildValues.LagoonVersion, + } + + // add any additional labels + if buildValues.BuildType == "branch" { + annotations["lagoon.sh/branch"] = buildValues.Branch + } else if buildValues.BuildType == "pullrequest" { + annotations["lagoon.sh/prNumber"] = buildValues.PRNumber + annotations["lagoon.sh/prHeadBranch"] = buildValues.PRHeadBranch + annotations["lagoon.sh/prBaseBranch"] = buildValues.PRBaseBranch + } + // iterate over the container registries and generate any kubernetes secrets + for name, middleware := range buildValues.TraefikMiddlewares { + additionalLabels := map[string]string{} + additionalAnnotations := map[string]string{} + + additionalLabels["app.kubernetes.io/name"] = name + additionalLabels["app.kubernetes.io/instance"] = "traefik-middleware" + additionalLabels["lagoon.sh/template"] = fmt.Sprintf("traefik-middleware-%s", "0.1.0") + + irs := &traefik.Middleware{ + TypeMeta: metav1.TypeMeta{ + Kind: "Middleware", + APIVersion: "traefik.io/v1alpha1", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + Spec: middleware, + } + + labelsCopy := &map[string]string{} + helpers.DeepCopy(labels, labelsCopy) + annotationsCopy := &map[string]string{} + helpers.DeepCopy(annotations, annotationsCopy) + + for key, value := range additionalLabels { + (*labelsCopy)[key] = value + } + // add any additional annotations + for key, value := range additionalAnnotations { + (*annotationsCopy)[key] = value + } + irs.ObjectMeta.Labels = *labelsCopy + irs.ObjectMeta.Annotations = *annotationsCopy + // validate any annotations + if err := apivalidation.ValidateAnnotations(irs.ObjectMeta.Annotations, nil); err != nil { + if len(err) != 0 { + return nil, fmt.Errorf("the annotations for %s are not valid: %v", name, err) + } + } + // validate any labels + if err := metavalidation.ValidateLabels(irs.ObjectMeta.Labels, nil); err != nil { + if len(err) != 0 { + return nil, fmt.Errorf("the labels for %s are not valid: %v", name, err) + } + } + // check length of labels + err := helpers.CheckLabelLength(irs.ObjectMeta.Labels) + if err != nil { + return nil, err + } + + // end middleware templates + result = append(result, *irs) + } + return result, nil +} + +func TemplateMiddleware(middleware *traefik.Middleware) ([]byte, error) { + separator := []byte("---\n") + var templateYAML []byte + iBytes, err := yaml.Marshal(middleware) + if err != nil { + return nil, fmt.Errorf("couldn't generate template: %v", err) + } + restoreResult := append(separator[:], iBytes[:]...) + templateYAML = append(templateYAML, restoreResult[:]...) + return templateYAML, nil +} diff --git a/internal/templating/templates_ingress.go b/internal/templating/templates_ingress.go index 26d9a4c6..2b9dc38e 100644 --- a/internal/templating/templates_ingress.go +++ b/internal/templating/templates_ingress.go @@ -133,11 +133,20 @@ func GenerateIngressTemplate( case "Redirect", "None": additionalAnnotations["nginx.ingress.kubernetes.io/ssl-redirect"] = "true" additionalAnnotations["ingress.kubernetes.io/ssl-redirect"] = "true" - + if route.IngressClass == "traefik" { + additionalAnnotations["traefik.ingress.kubernetes.io/router.middlewares"] = addMiddleware( + additionalAnnotations["traefik.ingress.kubernetes.io/router.middlewares"], fmt.Sprintf("%s-https-redirect@kubernetescrd", lValues.Namespace), + ) + } } if lValues.EnvironmentType == "development" || route.Autogenerated { additionalAnnotations["nginx.ingress.kubernetes.io/server-snippet"] = "add_header X-Robots-Tag \"noindex, nofollow\";\n" + if route.IngressClass == "traefik" { + additionalAnnotations["traefik.ingress.kubernetes.io/router.middlewares"] = addMiddleware( + additionalAnnotations["traefik.ingress.kubernetes.io/router.middlewares"], fmt.Sprintf("%s-x-robots@kubernetescrd", lValues.Namespace), + ) + } } switch route.Source { @@ -184,6 +193,11 @@ func GenerateIngressTemplate( hstsHeader, ) } + if route.IngressClass == "traefik" { + additionalAnnotations["traefik.ingress.kubernetes.io/router.middlewares"] = addMiddleware( + additionalAnnotations["traefik.ingress.kubernetes.io/router.middlewares"], fmt.Sprintf("%s-%s-hsts@kubernetescrd", lValues.Namespace, helpers.GetBase32EncodedLowercase(helpers.GetSha256Hash(route.IngressName))[:8]), + ) + } } // add ingressclass support to ingress template generation @@ -193,6 +207,14 @@ func GenerateIngressTemplate( additionalAnnotations["acme.cert-manager.io/http01-ingress-class"] = route.IngressClass } + // add any annotations that the route had to overwrite any previous annotations + for key := range route.Annotations { + if route.IngressClass == "traefik" && key == "nginx.ingress.kubernetes.io/permanent-redirect" { + additionalAnnotations["traefik.ingress.kubernetes.io/router.middlewares"] = addMiddleware( + additionalAnnotations["traefik.ingress.kubernetes.io/router.middlewares"], fmt.Sprintf("%s-%s-redirect@kubernetescrd", lValues.Namespace, helpers.GetBase32EncodedLowercase(helpers.GetSha256Hash(route.IngressName))[:8]), + ) + } + } // add any additional labels for key, value := range additionalLabels { ingress.ObjectMeta.Labels[key] = value @@ -384,3 +406,17 @@ func TemplateIngress(ingress *networkv1.Ingress) ([]byte, error) { templateYAML = append(templateYAML, restoreResult[:]...) return templateYAML, nil } + +func addMiddleware(middlewares string, middleware string) string { + if middlewares == "" { + return middleware + } + parts := strings.Split(middlewares, ",") + for _, c := range parts { + if c == middleware { + return middlewares + } + } + newMiddlewares := middlewares + "," + middleware + return newMiddlewares +}