hswaw/teleimg: migrate away from mirko.libsonnet
Change-Id: I173b48832ebb1cc187ff2020c78d4ec0748e3a98
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1794
Reviewed-by: q3k <q3k@hackerspace.pl>
diff --git a/hswaw/kube/hswaw.jsonnet b/hswaw/kube/hswaw.jsonnet
index ae9728d..fb4353d 100644
--- a/hswaw/kube/hswaw.jsonnet
+++ b/hswaw/kube/hswaw.jsonnet
@@ -1,7 +1,6 @@
local mirko = import "../../kube/mirko.libsonnet";
local kube = import "../../kube/kube.libsonnet";
-local teleimg = import "teleimg.libsonnet";
local pretalx = import "pretalx.libsonnet";
{
@@ -10,12 +9,10 @@
local cfg = self.cfg,
cfg+: {
- teleimg: teleimg.cfg,
pretalx: pretalx.cfg,
},
components: {
- teleimg: teleimg.teleimg(cfg.teleimg, env),
pretalx: pretalx.component(cfg.pretalx, env) {
cronjob: null,
},
@@ -24,12 +21,6 @@
prod: self.hswaw("hswaw-prod") {
cfg+: {
- teleimg+: {
- webFQDN: "teleimg.hswaw.net",
- secret+: {
- telegram_token: std.base64(std.split(importstr "secrets/plain/prod-telegram-token", "\n")[0]),
- },
- },
pretalx+: {
storageClassName: "waw-hdd-redundant-3",
webFQDN: "cfp.cebula.camp",
diff --git a/hswaw/kube/teleimg.libsonnet b/hswaw/kube/teleimg.libsonnet
deleted file mode 100644
index 83857ec..0000000
--- a/hswaw/kube/teleimg.libsonnet
+++ /dev/null
@@ -1,43 +0,0 @@
-local mirko = import "../../kube/mirko.libsonnet";
-local kube = import "../../kube/kube.libsonnet";
-
-{
- cfg:: {
- secret: {
- telegram_token: error "telegram_token must be set",
- },
- image: {
- teleimg: "registry.k0.hswaw.net/q3k/teleimg:1578259776-a07688fe74efe1e190d58092a9f50d4275a15e3d",
- },
- webFQDN: error "webFQDN must be set!",
- },
-
- teleimg(cfg, env):: mirko.Component(env, "teleimg") {
- local teleimg = self,
- cfg+: {
- image: cfg.image.teleimg,
- container: teleimg.GoContainer("main", "/teleimg/teleimg") {
- env_: {
- TELEGRAM_TOKEN: kube.SecretKeyRef(teleimg.secret, "telegram_token"),
- },
- command+: [
- "-public_listen", "0.0.0.0:5000",
- "-telegram_token", "$(TELEGRAM_TOKEN)",
- ],
- },
- ports+: {
- publicHTTP: {
- public: {
- port: 5000,
- dns: cfg.webFQDN,
- },
- },
- },
- },
-
- secret: kube.Secret("teleimg") {
- metadata+: teleimg.metadata,
- data: cfg.secret,
- },
- },
-}
diff --git a/personal/q3k/teleimg/BUILD b/hswaw/teleimg/BUILD
similarity index 94%
rename from personal/q3k/teleimg/BUILD
rename to hswaw/teleimg/BUILD
index f2e3ba8..4119e96 100644
--- a/personal/q3k/teleimg/BUILD
+++ b/hswaw/teleimg/BUILD
@@ -4,7 +4,7 @@
go_library(
name = "teleimg_lib",
srcs = ["main.go"],
- importpath = "code.hackerspace.pl/hscloud/personal/q3k/teleimg",
+ importpath = "code.hackerspace.pl/hscloud/hswaw/teleimg",
visibility = ["//visibility:private"],
deps = [
"//go/mirko",
diff --git a/personal/q3k/teleimg/README.md b/hswaw/teleimg/README.md
similarity index 100%
rename from personal/q3k/teleimg/README.md
rename to hswaw/teleimg/README.md
diff --git a/personal/q3k/teleimg/main.go b/hswaw/teleimg/main.go
similarity index 100%
rename from personal/q3k/teleimg/main.go
rename to hswaw/teleimg/main.go
diff --git a/hswaw/teleimg/prod.jsonnet b/hswaw/teleimg/prod.jsonnet
new file mode 100644
index 0000000..fda5650
--- /dev/null
+++ b/hswaw/teleimg/prod.jsonnet
@@ -0,0 +1,68 @@
+local kube = import "../../kube/hscloud.libsonnet";
+local hspki = import "../../kube/hspki.libsonnet";
+
+{
+ local top = self,
+ local cfg = self.cfg,
+
+ cfg:: {
+ name: 'teleimg',
+ namespace: 'teleimg',
+ domain: 'teleimg.hswaw.net',
+ image: 'registry.k0.hswaw.net/q3k/teleimg:1578259776-a07688fe74efe1e190d58092a9f50d4275a15e3d',
+ },
+
+ // kubectl -n teleimg create secret generic teleimg --from-literal=telegram_token=xxxx
+ // original: std.base64(std.split(importstr "secrets/plain/prod-telegram-token", "\n")[0])
+ secretRefs:: {
+ telegram_token: { secretKeyRef: { name: cfg.name, key: 'telegram_token' } },
+ },
+
+ local ns = kube.Namespace(cfg.namespace),
+
+ deployment: ns.Contain(kube.Deployment(cfg.name)) {
+ spec+: {
+ replicas: 1,
+ template+: {
+ spec+: top.pki.PodSpec {
+ containers_: {
+ default: top.pki.GoContainer("default") {
+ image: cfg.image,
+ executable_: "/teleimg/teleimg",
+ command+: [
+ "-public_listen", "0.0.0.0:8080",
+ "-telegram_token", "$(TELEGRAM_TOKEN)",
+ ],
+ env_: {
+ TELEGRAM_TOKEN: top.secretRefs.telegram_token,
+ },
+ resources: {
+ requests: { cpu: "25m", memory: "64Mi" },
+ limits: { cpu: "500m", memory: "128Mi" },
+ },
+ ports_: {
+ http: { containerPort: 8080 },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+
+ service: ns.Contain(kube.Service(cfg.name)) {
+ target:: top.deployment,
+ },
+
+ ingress: ns.Contain(kube.SimpleIngress(cfg.name)) {
+ hosts:: [cfg.domain],
+ target:: top.service,
+ },
+
+ pki: ns.Contain(hspki) {
+ cfg+: {
+ name: cfg.name,
+ namespace: cfg.namespace,
+ }
+ },
+}
diff --git a/hswaw/teleimg/secrets/.gitignore b/hswaw/teleimg/secrets/.gitignore
new file mode 100644
index 0000000..b9bca01
--- /dev/null
+++ b/hswaw/teleimg/secrets/.gitignore
@@ -0,0 +1 @@
+plain
diff --git a/hswaw/kube/secrets/cipher/prod-telegram-token b/hswaw/teleimg/secrets/cipher/prod-telegram-token
similarity index 100%
rename from hswaw/kube/secrets/cipher/prod-telegram-token
rename to hswaw/teleimg/secrets/cipher/prod-telegram-token