commit 9cad55858c0db445154a707035924afd40210f5e Author: Madis Mägi Date: Wed Aug 16 19:47:48 2023 +0300 Initial commit diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..8793167 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,18 @@ +.kpt-pipeline/ +.git/ +.gitignore +deployment.yaml +LICENSE +README.md +skaffold.yaml + +# Editor directories and files +.vscode/* +!.vscode/extensions.json +.idea +**/*.suo +**/*.ntvs* +**/*.njsproj +**/*.sln +**/*.sw? +**/*.kpt-pipeline diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..2ef9cab --- /dev/null +++ b/Dockerfile @@ -0,0 +1,4 @@ +FROM codemowers/microservice-base +RUN pip3 install kopf +ADD /app /app +ENTRYPOINT /app/app.py diff --git a/app/app.py b/app/app.py new file mode 100755 index 0000000..e8b87a5 --- /dev/null +++ b/app/app.py @@ -0,0 +1,67 @@ +#!/usr/bin/env python3 +import os +import kopf +import prometheus_async +from sanic import Sanic, response +from sanic import exceptions + +app = Sanic("users-proxy") +devenv = bool(os.getenv("DEV_ENV", False)) +users_lookup = {} + +@app.route("/", methods=["GET"]) +async def get_index(request): + return response.text("hello") + +@app.route("/users", methods=["GET"]) +async def get_users(request): + return response.json(list(users_lookup.values())) + +@app.route("/users/", methods=["GET"]) +async def get_single_user(request, username: str): + user = users_lookup.get(username) + if user: + return response.json(user) + else: + raise exceptions.NotFound() + +@kopf.on.startup() +async def configure(settings: kopf.OperatorSettings, **_): + settings.scanning.disabled = True + settings.posting.enabled = False + settings.persistence.finalizer = "users-proxy" + print("Kopf operator starting up") + + +@kopf.on.resume('oidcgatewayusers') +@kopf.on.create('oidcgatewayusers') +@kopf.on.update('oidcgatewayusers') +async def save_handler(body, **_): + username = body['metadata']['name'] + groups = [] + for group in body.get("status", {}).get("groups", []): + groups.append(f"{group['prefix']}:{group['name']}") + + user = { + "username": username, + "display_name": body.get("spec", {}).get("customProfile", {}).get("name", None), + "slack_id": body.get("status", {}).get("slackId", None), + "groups": groups + } + print(f"Saving {username}") + users_lookup[username] = user + +@kopf.on.delete('oidcgatewayusers') +async def delete_handler(body, **_): + username = body['metadata']['name'] + print(f"Deleting {username}") + del users_lookup[username] + +@app.listener("before_server_start") +async def do_setup(app, loop): + print("Setting up") + app.add_task(kopf.operator(clusterwide=True)) + app.add_task(prometheus_async.aio.web.start_http_server(port=5000)) + +if __name__ == "__main__": + app.run(host="0.0.0.0", port=3001, single_process=False, motd=False, dev=devenv) diff --git a/deployment.yaml b/deployment.yaml new file mode 100644 index 0000000..d9185b0 --- /dev/null +++ b/deployment.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: users-proxy +spec: + replicas: 1 + selector: + matchLabels: + app: users-proxy + template: + metadata: + labels: + app: users-proxy + spec: + enableServiceLinks: false + imagePullSecrets: + - name: regcred + serviceAccountName: oidc-gateway + containers: + - name: users-proxy + image: users-proxy + env: + - name: DEV_ENV + value: 'true' + ports: + - containerPort: 5000 + name: metrics +--- +apiVersion: v1 +kind: Service +metadata: + name: users-proxy + labels: + app: users-proxy +spec: + selector: + app: users-proxy + ports: + - protocol: TCP + port: 3001 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: users-proxy + annotations: + kubernetes.io/ingress.class: shared + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" + external-dns.alpha.kubernetes.io/target: traefik.codemowers.ee +spec: + rules: + - host: users-proxy-72zn4.codemowers.ee + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: users-proxy + port: + number: 3001 + tls: + - hosts: + - "*.codemowers.ee" diff --git a/skaffold.yaml b/skaffold.yaml new file mode 100644 index 0000000..b330149 --- /dev/null +++ b/skaffold.yaml @@ -0,0 +1,19 @@ +apiVersion: skaffold/v3 +kind: Config +metadata: + name: users-proxy + +deploy: + kubectl: {} + +manifests: + rawYaml: + - deployment.yaml + +build: + artifacts: + - image: users-proxy + sync: + manual: + - src: "app/**/*.py" + dest: .