ingress for each project

ed3dce58 · Andri Joos · 878a4510 · ed3dce58 · 878a4510
Commit ed3dce58 authored 1 year ago by Andri Joos
--- a/deploy/generate_scripts/generate_deployment_from_middle.py
+++ b/deploy/generate_scripts/generate_deployment_from_middle.py
@@ -18,7 +18,6 @@ TESTCLUSTER_DEVICE_IP = None
 BUILD_DIR = 'deploy'
 EXTERNAL_PATH = f'{BUILD_DIR}/external.json'
-SIDELOADED_PATH = f'{BUILD_DIR}/sideloaded.json'
 INGRESS_DIR = 'ingress'
 INGRESS_TEMPLATE_PATH = f'{INGRESS_DIR}/nginx-ingress-v1.1.0.yaml'
 INGRESS_CONFIG_FILENAME = f'nginx.tmpl'
@@ -126,21 +125,27 @@ def make_deployment_scripts(middle_deployment_scripts: list, middle_deployments:
  nginx_bridges = []
  if middle_deployment_scripts is not None:
    for middle_deployment_script in middle_deployment_scripts:
-      project_name, deployment_file_content, persistent_volumes_file_content, service_account_file_content, current_nginx_bridges = make_deployment_script_from_script(middle_deployment_script)
+      project_name, namespace, deployment_file_content, persistent_volumes_file_content, service_account_file_content, current_nginx_bridges = make_deployment_script_from_script(middle_deployment_script)
-      nginx_bridges.extend(current_nginx_bridges)
+      if current_nginx_bridges:
+        nginx_bridges.append((project_name, namespace, current_nginx_bridges))
      dump_files(project_name, deployment_file_content, persistent_volumes_file_content, service_account_file_content)
  for middle_deployment in middle_deployments:
-    project_name, deployment_file_content, persistent_volumes_file_content, service_account_file_content, current_nginx_bridges = make_deployment_script_from_object(middle_deployment)
+    project_name, namespace, deployment_file_content, persistent_volumes_file_content, service_account_file_content, current_nginx_bridges = make_deployment_script_from_object(middle_deployment)
-    nginx_bridges.extend(current_nginx_bridges)
+    if current_nginx_bridges:
+      nginx_bridges.append((project_name, namespace, current_nginx_bridges))
    dump_files(project_name, deployment_file_content, persistent_volumes_file_content, service_account_file_content)
-  prod_ingress, test_ingress, distribution_ingress, ingress_deployment_template, endpoints, prod_issuer, staging_issuer = make_ingresses(nginx_bridges)
+  prod_ingresses, test_ingresses, distribution_ingress, ingress_deployment_template, endpoints, prod_issuer, staging_issuer = make_ingresses(nginx_bridges)
+  for project_name, prod_ingress in prod_ingresses:
+    dump_file([prod_ingress], project_name + "_ingress")
+  for project_name, test_ingress in test_ingresses:
+    dump_file([test_ingress], project_name + "_testingress")
-  dump_file([prod_ingress], PROD_INGRESS_DEPLOY_FILENAME)
-  dump_file([test_ingress], TEST_INGRESS_DEPLOY_FILENAME)
  dump_file([distribution_ingress], DISTRIBUTION_INGRESS_DEPLOY_FILENAME)
  dump_file(endpoints, ENDPOINTS_FILENAME)
  dump_file([prod_issuer], PROD_ISSUER_FILENAME)
@@ -177,18 +182,18 @@ def make_deployment_script(middle_deployment: dict):
  service_account_file_content.append(ns)
  for deployment in deployments:
-    deployment_name, bridge_service, http_service, env_config_map, cluster_ip_service, lb_services, node_port_service, kubernetes_volumes, config_map_volumes, service_account, role, role_binding, uris, max_upload_size = make_deployment_components(ns_name, deployment)
+    deployment_name, _, http_service, env_config_map, cluster_ip_service, lb_services, node_port_service, kubernetes_volumes, config_map_volumes, service_account, role, role_binding, uris, max_upload_size = make_deployment_components(ns_name, deployment)
    kubernetes_deployment = make_deployment(deployment_name, ns_name, deployment, kubernetes_volumes, config_map_volumes, service_account, env_config_map)
    persistent_volumes = [pv for pv, pvc, volume_name in kubernetes_volumes]
    persistent_volume_claims = [pvc for pv, pvc, volume_name in kubernetes_volumes]
    config_map_volumes = [volume for volume, volume_name in config_map_volumes]
-    deployment_file_content.extend(make_deployment_file_content(bridge_service, http_service, env_config_map, cluster_ip_service, lb_services, node_port_service, config_map_volumes, kubernetes_deployment))
+    deployment_file_content.extend(make_deployment_file_content(http_service, env_config_map, cluster_ip_service, lb_services, node_port_service, config_map_volumes, kubernetes_deployment))
    persistent_volumes_file_content.extend(make_persistent_volumes_file_content(persistent_volumes, persistent_volume_claims))
    service_account_file_content.extend(make_service_account_file_content(service_account, role, role_binding))
-    if bridge_service or http_service or uris != []:
+    if http_service or uris != []:
-      nginx_bridges.append((bridge_service, http_service, uris, max_upload_size))
+      nginx_bridges.append((http_service, uris, max_upload_size))
    # image_pull_secrets ugly workaround
    image_pull_secret_names = deployment.get(IMAGE_PULL_SECRETS_FIELD, None)
@@ -209,7 +214,7 @@ def make_deployment_script(middle_deployment: dict):
    deployment_file_content.extend(image_pull_secrets)
-  return project_name, deployment_file_content, persistent_volumes_file_content, service_account_file_content, nginx_bridges
+  return project_name, ns, deployment_file_content, persistent_volumes_file_content, service_account_file_content, nginx_bridges
 def make_deployment_components(ns_name, deployment: dict):
  deployment_name = deployment[NAME_FIELD]
@@ -890,10 +895,10 @@ def make_node_port_service(deployment_name: str, ns_name: str, ports):
 def make_env_config_map(specs: dict, deployment_name: str, ns_name: str):
  return make_config_map('env', specs, ns_name, deployment_name)
-def make_deployment_file_content(bridge_service: dict, http_service: dict, env: dict, cluster_ip_service: dict, 
+def make_deployment_file_content(http_service: dict, env: dict, cluster_ip_service: dict, 
                                  lb_services: list, node_port_service: list, config_map_volumes: list, deployment: dict):
-  return make_file_content(bridge_service, http_service, env, cluster_ip_service, lb_services, node_port_service, config_map_volumes, deployment)
+  return make_file_content(http_service, env, cluster_ip_service, lb_services, node_port_service, config_map_volumes, deployment)
 def make_persistent_volumes_file_content(pvs: list, pvcs: list):
@@ -1124,7 +1129,7 @@ def make_ingress_rule(uri: str, service_name: str, service_port: int):
  return rule
-def make_ingress(name: str, hosts: list, rules: list, certificate_name: str, secretName: str = SECRETNAME_DEFAULT, redirect_https: bool=False):
+def make_ingress(name: str, hosts: list, rules: list, certificate_name: str, secretName: str = SECRETNAME_DEFAULT, redirect_https: bool=False, namespace=KUBERNETES_NAMESPACE_DEFAULT):
  annotations = {
    "cert-manager.io/cluster-issuer": certificate_name,
    "kubernetes.io/ingress.class": "nginx",
@@ -1147,7 +1152,7 @@ def make_ingress(name: str, hosts: list, rules: list, certificate_name: str, sec
    KUBERNETES_API_VERSION_KEY: KUBERNETES_API_VERSION_INGRESS_CONFIG_DEFAULT_VALUE,
    KUBERNETES_KIND_KEY: KUBERNETES_KIND_VALUE_INGRESS,
    KUBERNETES_METADATA_KEY: {
-      KUBERNETES_NAMESPACE_KEY: KUBERNETES_NAMESPACE_DEFAULT,
+      KUBERNETES_NAMESPACE_KEY: namespace,
      KUBERNETES_NAME_KEY: name,
      KUBERNETES_ANNOTATIONS_KEY: annotations,
    },
@@ -1187,41 +1192,34 @@ def make_ingress_entry_rules(uri: str, endpoint_name: str, service_port: int, cr
  return (prod_rule, uri), (test_rule, test_uri)
-def make_prod_test_ingress(ingress_bridges: list, sideloaded: dict):
+def make_prod_test_ingress(ingress_bridges: list):
-  prod_hosts = []
+  prod_configs = []
-  prod_rules = []
+  test_configs = []
-  test_hosts = []
-  test_rules = []
  upload_size_configs = []
-  for bridge_service, http_service, uris, max_upload_size in ingress_bridges:
+  for project_name, namespace, ingress_config in ingress_bridges:
-    bridge_name = bridge_service[KUBERNETES_METADATA_KEY][KUBERNETES_NAME_KEY]
+    ns_name = namespace[KUBERNETES_METADATA_KEY][KUBERNETES_NAME_KEY]
-    service_port = http_service[KUBERNETES_SPEC_KEY][KUBERNETES_PORTS_KEY][0][KUBERNETES_PORT_KEY]
+    prod_rules = []
+    prod_hosts = []
-    for uri in uris:
+    test_hosts = []
-      (prod_rule, prod_uri), (test_rule, test_uri) = make_ingress_entry_rules(uri, bridge_name, service_port)
+    test_rules = []
+    for http_service, uris, max_upload_size in ingress_config:
-      prod_hosts.append(prod_uri)
+      service_name = http_service[KUBERNETES_METADATA_KEY][KUBERNETES_NAME_KEY]
-      prod_rules.append(prod_rule)
+      service_port = http_service[KUBERNETES_SPEC_KEY][KUBERNETES_PORTS_KEY][0][KUBERNETES_PORT_KEY]    
-      test_hosts.append(test_uri)
-      test_rules.append(test_rule)
-    upload_size_configs.append((bridge_name, max_upload_size))
+      for uri in uris:
+        (prod_rule, prod_uri), (test_rule, test_uri) = make_ingress_entry_rules(uri, service_name, service_port)
+        prod_hosts.append(prod_uri)
+        prod_rules.append(prod_rule)
-  for uri, sideload_config in sideloaded.items():
+        test_hosts.append(test_uri)
-    bridge_name = sideload_config[EXTERNALS_ENDPOINT_FIELD]
+        test_rules.append(test_rule)
-    max_upload_size = sideload_config[MAX_UPLOAD_SIZE_FIELD]
-    (prod_rule, uri), (test_rule, test_uri) = make_ingress_entry_rules(uri, bridge_name, service_port)
-    upload_size_configs.append((bridge_name, max_upload_size))
+    prod_configs.append((project_name, ns_name, prod_hosts, prod_rules))
+    test_configs.append((project_name, ns_name, test_hosts, test_rules))
-    prod_hosts.append(uri)
+    upload_size_configs.append((service_name, max_upload_size))
-    prod_rules.append(prod_rule)
-    test_hosts.append(test_uri)
+  return prod_configs, test_configs, upload_size_configs
-    test_rules.append(test_rule)
-  return (prod_hosts, prod_rules), (test_hosts, test_rules), upload_size_configs
 def make_distribution_ingress(externals: dict, external_endpoints: dict, test_hosts: list, test_rules: list, test_service: dict, test_max_upload_size: str):
  external_hosts = []
@@ -1266,10 +1264,8 @@ def make_distribution_ingress(externals: dict, external_endpoints: dict, test_ho
 def make_ingresses(ingress_bridges: list):
-  sideloaded = {}
+  prod_ingresses = []
-  with open(SIDELOADED_PATH, 'r', encoding='utf-8') as f:
+  test_ingresses = []
-    sideloaded = json.load(f)
  externals = {}
  with open(EXTERNAL_PATH, 'r', encoding='utf-8') as f:
    externals = json.load(f)
@@ -1285,14 +1281,27 @@ def make_ingresses(ingress_bridges: list):
    external_endpoint, external_service, external_max_upload_size = external_endpoint_config
    endpoints.extend([external_endpoint, external_service])
-  (prod_hosts, prod_rules), (test_hosts, test_rules), prod_test_upload_size_configs = make_prod_test_ingress(ingress_bridges, sideloaded)
+  prod_configs, test_configs, prod_test_upload_size_configs = make_prod_test_ingress(ingress_bridges)
+  test_hosts = []
+  test_rules = []
+  for _, _, hosts, rules in test_configs:
+    test_hosts.extend(hosts)
+    test_rules.extend(rules)
  distribution_hosts, distribution_rules, distribution_upload_size_configs = make_distribution_ingress(externals[EXTERNALS_REDIRECTS_FIELD], externals[EXTERNALS_ENDPOINTS_FIELD],  test_hosts, test_rules, test_service, test_max_upload_size)
  upload_size_configs = prod_test_upload_size_configs
  upload_size_configs.extend(distribution_upload_size_configs)
-  prod_ingress = make_ingress(DEFAULT_INGRESS_NAME, prod_hosts, prod_rules, INGRESS_CERTIFICATE_PROD, INGRESS_SECRETNAME_PROD, redirect_https=False)
+  for project_name, project_namespace, prod_hosts, prod_rules in prod_configs:
-  test_ingress = make_ingress(TEST_INGRESS_NAME, test_hosts, test_rules, INGRESS_CERTIFICATE_STAGING, INGRESS_SECRETNAME_TEST, redirect_https=False) # when here prod, https should work / test, distribution ingress separate
+    prod_ingress = make_ingress(project_name, prod_hosts, prod_rules, INGRESS_CERTIFICATE_PROD, INGRESS_SECRETNAME_PROD, redirect_https=False, namespace=project_namespace)
+    prod_ingresses.append((project_name, prod_ingress))
+  for project_name, project_namespace, test_hosts, test_rules in test_configs:
+    test_ingress = make_ingress(project_name, test_hosts, test_rules, INGRESS_CERTIFICATE_STAGING, INGRESS_SECRETNAME_TEST, redirect_https=False, namespace=project_namespace)
+    test_ingresses.append((project_name, test_ingress))
+  # test_ingress = make_ingress(TEST_INGRESS_NAME, test_hosts, test_rules, INGRESS_CERTIFICATE_STAGING, INGRESS_SECRETNAME_TEST, redirect_https=False) # when here prod, https should work / test, distribution ingress separate
  distribution_ingress = make_ingress(DISTRIBUTION_INGRESS_NAME, distribution_hosts, distribution_rules, INGRESS_CERTIFICATE_PROD, INGRESS_SECRETNAME_DISTRIBUTION, redirect_https=True)
  upload_size_config = make_upload_size_config(upload_size_configs)
@@ -1336,7 +1345,7 @@ def make_ingresses(ingress_bridges: list):
  ingress_deployment_content.append(nginx_config_config_map)
-  return prod_ingress, test_ingress, distribution_ingress, ingress_deployment_content, endpoints, prod_issuer, staging_issuer
+  return prod_ingresses, test_ingresses, distribution_ingress, ingress_deployment_content, endpoints, prod_issuer, staging_issuer
 def make_testenv_uri(original_uri: str):

--- a/deploy/sideloaded.json
+++ b/deploy/sideloaded.json
-{
-}
\ No newline at end of file