jaggar/iac-cljs-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove old execution and deployment mechanisms and move towards unified config schema deployment

Browse Source
This commit is contained in:
GigiaJ
2025-11-14 21:40:09 -06:00
parent e0643136ce
commit 83af3899ae
1 changed files with 44 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

115
iac/src/main/base.cljs
View File

@@ -2,98 +2,65 @@
(:require (:require
["@pulumi/pulumi" :as pulumi] ["@pulumi/pulumi" :as pulumi]
["@pulumi/vault" :as vault] ["@pulumi/vault" :as vault]
["@pulumiverse/harbor" :as harbor]
["@pulumi/kubernetes" :as k8s] ["@pulumi/kubernetes" :as k8s]
[utils.general :as general]
[utils.providers :refer [provider-apply]]
[infra.init :as infra] [infra.init :as infra]
[service-registries :refer [base-service-registry shared-service-registry prepare-service-registry deployment-service-registry]] [service-registries :refer [base-service-registry shared-service-registry prepare-service-registry deployment-service-registry]]
[utils.k8s :refer [create-resource deploy-stack default-namespace]])) )
(:require-macros [utils.general :refer [p->]]))
(defn deploy! [{:keys [provider vault-provider pulumi-cfg service-registry namespaces?]}]
(let [namespaces (->> service-registry (remove #(contains? % :no-namespace)) (map :app-namespace) (remove nil?) (set))
_ (when namespaces? (doseq [namespace namespaces] (create-resource :namespace provider namespace nil (default-namespace {:app-namespace namespace}))))
deployment-results
(into
{}
(for [config service-registry]
(let [{:keys [stack app-name]} config]
[app-name (apply deploy-stack (conj (vec stack) (merge config {:provider provider
:vault-provider vault-provider
:pulumi-cfg pulumi-cfg})))])))]
(clj->js deployment-results)))
(defn apps [stack-ref pulumi-cfg provider service-registry]
(let [vault-output (pulumi/output
(clj->js {:address (.getOutput stack-ref "vaultAddress")
:token (.getOutput stack-ref "vaultToken")}))
vault-provider (new vault/Provider
"vault-provider"
(clj->js vault-output))]
(deploy! {:provider provider
:vault-provider vault-provider
:pulumi-cfg pulumi-cfg
:service-registry service-registry
:namespaces? true})))
(defn if-no-configs [configs then-fn & [else-fn]]
(if (nil? configs)
(then-fn)
(if else-fn (else-fn) nil)))
(defn initialize [configs]
(let [pulumi-cfg (pulumi/Config.)
stack-ref (new pulumi/StackReference "init")
kubeconfig (if-no-configs configs #(infra/create-cluster pulumi-cfg) #(.getOutput stack-ref "kubeconfig"))
setup (.apply kubeconfig
(fn [kc]
(js/Promise.
(fn [resolve _reject]
(let [provider (new k8s/Provider
"k8s-dynamic-provider"
(clj->js {:kubeconfig kc}))]
(resolve
(if-no-configs
configs
#(deploy! {:provider provider
:vault-provider nil
:pulumi-cfg pulumi-cfg
:service-registry base-service-registry
:namespaces? false})
#(apps stack-ref pulumi-cfg provider configs)
)))))))]
{:kubeconfig kubeconfig :setup setup}))
(defn build-exports [init]
(let [kubeconfig (get init :kubeconfig)
app-outputs (get init :setup)]
{:kubeconfig kubeconfig
:vaultAddress (.apply app-outputs #(-> % .-openbao .-execute .-address))
:vaultToken (.apply app-outputs #(aget (-> % .-openbao .-execute) "root-token"))}))
(defn extended-exports [init] (defn extended-exports [init]
(let [;;exports (base.build-exports init) (let [;;exports (base.build-exports init)
app-outputs (get init :setup)] app-outputs (get init :setup)]
#_(assoc exports :nextcloudUrl (.apply app-outputs #(get-in % [:nextcloud :nextcloud-url]))))) #_(assoc exports :nextcloudUrl (.apply app-outputs #(get-in % [:nextcloud :nextcloud-url])))))
(defn quick-deploy [configs exports] (defn mod-apps [pulumi-cfg service-registry]
"Scans the registry, builds all needed providers, and calls deploy."
(provider-apply service-registry pulumi-cfg))
(defn mod-init [configs]
(let [pulumi-cfg (pulumi/Config.)]
(mod-apps pulumi-cfg configs)))
(defn mod-quick-deploy [configs exports]
(-> (->
(initialize configs) (mod-init configs)
(exports) (exports)
(clj->js))) (clj->js)))
(defn quick-deploy-base [] (defn quick-deploy-base []
(quick-deploy nil build-exports)) (base/mod-quick-deploy
base-service-registry
(fn [init]
(let [kcfg (p-> init .-cluster "generic:execute" .-kubeconfig)
vaultToken (p-> init .-openbao "generic:execute" "root-token")
vaultAddress (p-> init .-openbao "generic:execute" .-address)]
#js {:kubeconfig kcfg
:vaultAddress vaultAddress
:vaultToken vaultToken}))))
(defn quick-deploy-shared [] (defn quick-deploy-shared []
(base/quick-deploy (base/mod-quick-deploy
shared-service-registry shared-service-registry
(fn [init] (let [app-outputs (get init :setup)] (fn [init]
{:url (.apply app-outputs #(-> % .-harbor (aget "vault-secrets") .-secrets .-host)) (let [app-outputs (get init :setup)]
:username (.apply app-outputs #(-> % .-harbor (aget "vault-secrets") .-secrets .-username)) {}
:password (.apply app-outputs #(-> % .-harbor (aget "vault-secrets") .-secrets .-password)) #_{:url (.apply app-outputs
})))) (fn [%]
(let [host-output (-> % .-harbor (aget "vault-secrets") .-secrets .-host)]
(.apply host-output #(str "https://" %)))))
:username (.apply app-outputs #(-> % .-harbor (aget "vault-secrets") .-secrets .-username))
:password (.apply app-outputs #(-> % .-harbor (aget "vault-secrets") .-secrets .-password))}))))
(defn quick-deploy-prepare [] (defn quick-deploy-prepare []
(base/quick-deploy prepare-service-registry extended-exports)) (base/mod-quick-deploy prepare-service-registry extended-exports))
(defn quick-deploy-services [] (defn quick-deploy-services []
(base/quick-deploy deployment-service-registry extended-exports)) (base/mod-quick-deploy deployment-service-registry extended-exports))