altaire-siren 0.1.0 → 0.1.2

data/lib/siren/compose/service.rb

@@ -0,0 +1,321 @@
+require 'shellwords'
+
+
+module Siren
+class Compose
+
+  class Service < Struct.new(:compose, :name, :build, :command, :configs, :container_name, :credential_spec, :deploy, :dns, :dns_search, :entrypoint,
+    :environment, :expose, :extra_hosts, :healthcheck, :image, :init, :labels, :logging, :networks, :pid, :ports, :secrets, :stop_grace_period,
+    :stop_signal, :sysctls, :ulimits, :volumes, :domainname, :hostname, :ipc, :mac_address, :privileged, :read_only, :shm_size, :stdin_open, :tty,
+    :user, :working_dir)
+
+    def initialize (compose, data = {})
+      self.compose = compose
+      data.each do |key, value|
+        self.__send__("#{key}=", value)
+      end
+      self.deploy = deploy ? Deploy.new(deploy) : Deploy.new
+      self.ports ||= []
+      self.volumes ||= []
+      self.name = namify(self.name)
+    end
+
+    def ports= (ports)
+      ports = ports.map do |port|
+        if port.is_a?(String)
+          target, published, protocol = port.match(/^(\d+)?(?::(\d+))?(\/.+)?$/).to_a[1..-1]
+        else
+          target, published, protocol, mode = port.values_at("target", "published", "protocol", "mode")
+        end
+        protocol ||= "tcp"
+        {
+          "target" => target,
+          "published" => published,
+          "protocol" => protocol,
+          "mode" => mode,
+        }
+      end
+      compose.xdomains.each do |xd|
+        next unless xd["service"] == name
+        ports.unshift({
+          "protocol" => "tcp",
+          "target" => xd["port"],
+          "published" => "80",
+        })
+      end
+      compose.xports.each do |xp|
+        next unless xp["service"] == name
+        ports.unshift({
+          "protocol" => xp["protocol"],
+          "target" => xp["inside"],
+          "published" => xp["outside"],
+          "mode" => "ingress",
+        })
+      end
+      ports.uniq!{|p|p.values_at("published", "protocol")}
+      super(ports)
+    end
+
+    def command= (value)
+      value = ["sh", "-c", value] if value.is_a?(String)
+      super(value)
+      # if configs
+    end
+
+    def resolve_environment (env)
+      if env.is_a?(Array)
+        env = env.map do |line|
+          key, value = line.split("=", 2)
+          [key, value || "$#{key}"]
+        end.to_h
+      end
+      env ||= {}
+      env.transform_values! do |value|
+        value.gsub(/\$[\dA-Z_a-z]+/) do |name|
+          compose.xenv[name[1..-1]]
+        end
+      end
+      env.map do |name, value|
+        {
+          name: name,
+          value: value,
+        }
+      end
+    end
+
+    def namify (*items)
+      items.flatten.compact.join("-").downcase.gsub(/[^a-z\d]/, '-').gsub(/-+/, "-")
+    end
+
+    def emit_deployment (stack)
+      stack << {
+        kind: "Deployment",
+        apiVersion: "apps/v1",
+        metadata: {
+          namespace: compose.name,
+          name: name,
+        },
+        spec: {
+          replicas: deploy.replicas,
+          selector: {
+            matchLabels: {
+              stack: compose.name,
+              service: name,
+            },
+          },
+          template: {
+            metadata: {
+              labels: {
+                stack: compose.name,
+                service: name,
+              },
+            },
+            spec: {
+              containers: [
+                command: command,
+                env: resolve_environment(environment),
+                image: image,
+                name: name,
+                volumeMounts: volumes.map do |volume|
+                  name, path = volume.split(":", 2)
+                  {
+                    mountPath: path,
+                    name: name,
+                  }
+                end
+              ],
+              hostname: hostname,
+              imagePullSecrets: [{name: "image-pull-secrets"}],
+              restartPolicy: { "none" => "Never", "on-failure" => "OnFailure" }[deploy.restart_policy&.condition],
+              volumes: volumes.map do |volume|
+                name = volume.split(":")[0]
+                { name: name, persistentVolumeClaim: { claimName: name } }
+              end
+            },
+          },
+        },
+      }
+    end
+
+    def emit_services (stack)
+      ports.group_by{|port|port["mode"]}.each do |mode, ports|
+        stack << {
+          kind: "Service",
+          apiVersion: "v1",
+          metadata: {
+            namespace: compose.name,
+            name: mode == "ingress" ? "#{name}-nodeport" : name,
+          },
+          spec: {
+            ports: ports.map do |port|
+              {
+                name: ports.length == 1 ? nil : port["published"],
+                port: port["published"].to_i,
+                targetPort: port["target"] != port["published"] ? port["target"].to_i : nil,
+                protocol: port["protocol"] == "udp" ? "UDP" : nil
+              }
+            end,
+            selector: {
+              stack: compose.name,
+              service: name,
+            },
+            type: mode == "ingress" ? "NodePort" : nil,
+          }
+        }
+      end
+    end
+
+    def emit_auth_middleware (stack)
+      return if @did_emit_auth_middleware
+      did_emit_auth_middleware = true
+      stack << {
+        kind: "Middleware",
+        apiVersion: "traefik.containo.us/v1alpha1",
+        metadata: {
+          namespace: compose.name,
+          name: "altaire-auth",
+        },
+        spec: {
+          forwardAuth: {
+            address: "http://auth-server.default.svc.cluster.local/auth",
+          },
+        },
+      }
+    end
+
+    def emit_middlewares (stack)
+      compose.xdomains.each do |xd|
+        next unless xd["service"] == name
+        next if xd["path"] == nil
+        stack << {
+          kind: "Middleware",
+          apiVersion: "traefik.containo.us/v1alpha1",
+          metadata: {
+            namespace: compose.name,
+            name: namify(xd["name"], xd["path"], "strip-prefix"),
+          },
+          spec: {
+            stripPrefix: {
+              prefixes: ["/#{xd["path"]}"],
+            },
+          },
+        }
+      end
+    end
+
+    def emit_ingress_routes (stack)
+      compose.xdomains.each do |xd|
+        next unless xd["service"] == name
+        emit_auth_middleware stack if xd["auth"]
+        stack << {
+          kind: "IngressRoute",
+          apiVersion: "traefik.containo.us/v1alpha1",
+          metadata: {
+            namespace: compose.name,
+            name: namify(xd["name"], xd["path"]),
+          },
+          spec: {
+            tls: {
+              secretName: namify(xd["name"]),
+            },
+            routes: [{
+              kind: "Rule",
+              match: nil,
+              middlewares: [
+                xd["auth"] ? { name: "altaire-auth" } : nil,
+                xd["path"] ? { name: namify(xd["name"], xd["path"], "strip-prefix") } : nil,
+              ],
+              services: [{
+                name: name,
+                port: 80
+              }],
+            }.merge(
+              if xd["path"]
+                {match: "Host(`#{xd["name"]}`) && PathPrefix(`#{xd["path"]}`)"}
+              else
+                {match: "Host(`#{xd["name"]}`)"}
+              end
+            )],
+          },
+        }
+      end
+    end
+
+    def emit_domains (stack)
+      compose.xdomains.each do |xd|
+        stack << {
+          kind: "Domain",
+          apiVersion: "altaire.com/v1alpha1",
+          metadata: {
+            namespace: compose.name,
+            name: namify(xd["name"]),
+          },
+          spec: {
+            domain: xd["name"],
+            service: "traefik",
+          },
+        }
+      end
+    end
+
+    def emit_certificates (stack)
+      compose.xdomains.each do |xd|
+        stack << {
+          kind: "Certificate",
+          apiVersion: "cert-manager.io/v1alpha2",
+          metadata: {
+            namespace: compose.name,
+            name: namify(xd["name"]),
+          },
+          spec: {
+            commonName: xd["name"],
+            dnsNames: [xd["name"]],
+            duration: "2160h0m0s",
+            renewBefore: "360h0m0s",
+            issuerRef: {
+              kind: "ClusterIssuer",
+              name: "letsencrypt-production",
+            },
+            secretName: namify(xd["name"]),
+          },
+        }
+      end
+    end
+    
+    def emit_volumes (stack)
+      volumes.each do |volume|
+        name, path = volume.split(":", 2)
+        stack << {
+          kind: "PersistentVolumeClaim",
+          apiVersion: "v1",
+          metadata: {
+            namespace: compose.name,
+            name: name,
+          },
+          spec: {
+            accessModes: ["ReadWriteOnce"],
+            resources: {
+              requests: {
+                storage: "1Gi",
+              },
+            },
+            storageClassName: "do-block-storage",
+          },
+        }
+      end
+    end
+
+    def to_stack (stack)
+      emit_deployment stack
+      emit_services stack
+      emit_middlewares stack
+      emit_ingress_routes stack
+      # emit_domains stack
+      emit_certificates stack
+      emit_volumes stack
+    end
+
+  end
+
+end
+end

data/lib/siren/compose/types.rb

@@ -0,0 +1,230 @@
+require 'shellwords'
+
+class Array
+  def deep_compact
+    map do |value|
+      value = value.deep_compact if value.respond_to?(:deep_compact)
+      value
+    end.compact.yield_self do |x|
+      x.empty? ? nil : x
+    end
+  end
+end
+
+class Hash
+  def deep_compact
+    transform_values do |value|
+      value = value.deep_compact if value.respond_to?(:deep_compact)
+      value
+    end.compact.yield_self do |x|
+      x.empty? ? nil : x
+    end
+  end
+end
+
+module Siren
+class Compose
+  module HashInitialize
+    def initialize (data = {})
+      data.each do |key, value|
+        self.__send__("#{key}=", value)
+      end
+    end
+  end
+end
+end
+
+require_relative "service"
+
+module Siren
+class Compose
+
+  class RestartPolicy < Struct.new(:condition, :delay, :max_attempts, :window)
+    include HashInitialize
+  end
+
+  class RollbackConfig < Struct.new(:parallelism, :delay, :failure_action, :monitor, :max_failure_ratio, :order)
+    include HashInitialize
+  end
+
+  class UpdateConfig < Struct.new(:parallelism, :delay, :failure_action, :monitor, :max_failure_ratio, :order)
+    include HashInitialize
+  end
+  
+  class Deploy < Struct.new(:endpoint_mode, :labels, :mode, :placement, :replicas, :resources, :restart_policy, :rollback_config, :update_config)
+    include HashInitialize
+    def restart_policy= (data)
+      data = RestartPolicy.new(data)
+    end
+    def rollback_config= (data)
+      data = RollbackConfig.new(data)
+    end
+    def update_config= (data)
+      data = UpdateConfig.new(data)
+    end
+  end
+
+#       restart_policy: object(
+#         condition: string(["none", "on-failure", "any"]),
+#         delay: duration,
+#         max_attemtps: integer,
+#         window: duration,
+#       ),
+#       rollback_config: object(
+#         parallelism: integer,
+#         delay: duration,
+#         failure_action: string(["continue", "pause"]),
+#         monitor: duration,
+#         max_failure_ratio: number,
+#         order: string(["stop-first", "start-first"]),
+#       ),
+#       update_config: object(
+#         parallelism: integer,
+#         delay: duration,
+#         failure_action: string(["continue", "pause", "rollback"]),
+#         monitor: duration,
+#         max_failure_ratio: number,
+#         order: string(["stop-first", "start-first"]),
+#       ),
+
+#     deploy: object(
+#       endpoint_mode: string(["vip", "dnsrr"]),
+#       labels: hashlike,
+#       mode: string(["global", "replicated"]),
+#       placement: object(
+#         constraints: array(string),
+#         preferences: array(object(spread: string)),
+#       ),
+#       replicas: integer,
+#       resources: object(
+#       limits: resources,
+#       reservations: resources,
+#     ),
+
+  Volume = Struct.new(:compose, :driver, :driver_opts, :external, :labels, :name)
+
+  Network = Struct.new(:compose, :driver, :driver_opts, :external, :labels, :name, :attachable, :ipam, :internal)
+
+  Config = Struct.new(:compose, :file, :external, :name)
+
+  Secret = Struct.new(:compose, :file, :external, :name)
+
+end
+end
+
+# version: string(/[0-9]+(\.[0-9]+)?/),
+# services: hash(
+#   build: any(string, object(
+#     context: string,
+#     dockerfile: string,
+#     args: hashlike,
+#     cache_from: array(string),
+#     labels: hashlike,
+#     shm_size: string,
+#     target: string)
+#   ),
+#   command: any(string, array(string)),
+#   configs: array(any(string, object(
+#     source: string, target: string, uid: any(string, integer), gid: any(string, integer), mode: any(string, integer)
+#     ))),
+#     container_name: string,
+#     credential_spec: any(object(file: string), object(registry: string), object(config: string)),
+#     deploy: object(
+#       endpoint_mode: string(["vip", "dnsrr"]),
+#       labels: hashlike,
+#       mode: string(["global", "replicated"]),
+#       placement: object(
+#         constraints: array(string),
+#         preferences: array(object(spread: string)),
+#       ),
+#       replicas: integer,
+#       resources: object(
+#         limits: resources,
+#         reservations: resources,
+#       ),
+#       restart_policy: object(
+#         condition: string(["none", "on-failure", "any"]),
+#         delay: duration,
+#         max_attemtps: integer,
+#         window: duration,
+#       ),
+#       rollback_config: object(
+#         parallelism: integer,
+#         delay: duration,
+#         failure_action: string(["continue", "pause"]),
+#         monitor: duration,
+#         max_failure_ratio: number,
+#         order: string(["stop-first", "start-first"]),
+#       ),
+#       update_config: object(
+#         parallelism: integer,
+#         delay: duration,
+#         failure_action: string(["continue", "pause", "rollback"]),
+#         monitor: duration,
+#         max_failure_ratio: number,
+#         order: string(["stop-first", "start-first"]),
+#       ),
+#     ),
+#     dns: any(string, array(string)),
+#     dns_search: any(string, array(string)),
+#     entrypoint: any(string, array(string)),
+#     environment: hashlike,
+#     expose: array(string),
+#     extra_hosts: array(string),
+#     healthcheck: object(
+#       test: any(string, array(string)),
+#       interval: duration,
+#       timeout: duration,
+#       retries: integer,
+#       start_period: duration,
+#     ),
+#     image: string,
+#     init: bool,
+#     labels: hashlike,
+#     logging: object(
+#       driver: string,
+#       options: hash(string),
+#     ),
+#     networks: any(array(string), hash(object(aliases: array(string), ipv4_address: string, ipv6_address: string))),
+#     pid: string("host"),
+#     ports: array(any(string, object(target: integer, published: integer, protocol: string(["tcp", "udp"]), mode: string(["host", "ingress"])))),
+#     secrets: array(any(string, object(source: string, target: string, uid: integer, gid: integer, mode: integer))),
+#     stop_grace_period: duration,
+#     stop_signal: string(/^SIG/),
+#     sysctls: hashlike,
+#     ulimits: hash(any(integer, object(soft: integer, hard: integer))),
+#     volumes: array(any(string,
+#       object(type: string(["volume", "bind", "tmpfs", "npipe"]),
+#              source: string, target: string, read_only: boolean,
+#              consistency: string(["consistent", "cached", "delegated"]),
+#              volume: object(nocopy: boolean), bind: object(propagation: string),
+#              tmpfs: object(size: bytesize)),
+#     )),
+#   domainname: string,
+#   hostname: string,
+#   ipc: string,
+#   mac_address: string,
+#   privileged: boolean,
+#   read_only: boolean,
+#   shm_size: bytesize,
+#   stdin_open: boolean,
+#   tty: boolean,
+#   user: any(string, integer),
+#   working_dir: string,
+# ),
+# volumes: hash(any(null, object(driver: string, driver_opts: hash(string), external: boolean, labels: hashlike, name: string))),
+# networks: hash(any(null, object(
+#   driver: string,
+#   driver_opts: hash(string),
+#   external: any(boolean, object(name: string)),
+#   attachable: boolean,
+#   ipam: object(
+#     driver: string,
+#     config: array(object(subnet: string))
+#   ),
+#   internal: boolean,
+#   labels: hashlike,
+#   name: string,
+# ))),
+# configs: hash(object(file: string, external: any(boolean, object(name: string)))),
+# secrets: hash(object(file: string, external: boolean, name: string)),