Initial commit

This commit is contained in:
Madis Mägi 2023-08-16 19:47:48 +03:00
commit 9cad55858c
5 changed files with 174 additions and 0 deletions

18
.dockerignore Normal file
View File

@ -0,0 +1,18 @@
.kpt-pipeline/
.git/
.gitignore
deployment.yaml
LICENSE
README.md
skaffold.yaml
# Editor directories and files
.vscode/*
!.vscode/extensions.json
.idea
**/*.suo
**/*.ntvs*
**/*.njsproj
**/*.sln
**/*.sw?
**/*.kpt-pipeline

4
Dockerfile Normal file
View File

@ -0,0 +1,4 @@
FROM codemowers/microservice-base
RUN pip3 install kopf
ADD /app /app
ENTRYPOINT /app/app.py

67
app/app.py Executable file
View File

@ -0,0 +1,67 @@
#!/usr/bin/env python3
import os
import kopf
import prometheus_async
from sanic import Sanic, response
from sanic import exceptions
app = Sanic("users-proxy")
devenv = bool(os.getenv("DEV_ENV", False))
users_lookup = {}
@app.route("/", methods=["GET"])
async def get_index(request):
return response.text("hello")
@app.route("/users", methods=["GET"])
async def get_users(request):
return response.json(list(users_lookup.values()))
@app.route("/users/<username:str>", methods=["GET"])
async def get_single_user(request, username: str):
user = users_lookup.get(username)
if user:
return response.json(user)
else:
raise exceptions.NotFound()
@kopf.on.startup()
async def configure(settings: kopf.OperatorSettings, **_):
settings.scanning.disabled = True
settings.posting.enabled = False
settings.persistence.finalizer = "users-proxy"
print("Kopf operator starting up")
@kopf.on.resume('oidcgatewayusers')
@kopf.on.create('oidcgatewayusers')
@kopf.on.update('oidcgatewayusers')
async def save_handler(body, **_):
username = body['metadata']['name']
groups = []
for group in body.get("status", {}).get("groups", []):
groups.append(f"{group['prefix']}:{group['name']}")
user = {
"username": username,
"display_name": body.get("spec", {}).get("customProfile", {}).get("name", None),
"slack_id": body.get("status", {}).get("slackId", None),
"groups": groups
}
print(f"Saving {username}")
users_lookup[username] = user
@kopf.on.delete('oidcgatewayusers')
async def delete_handler(body, **_):
username = body['metadata']['name']
print(f"Deleting {username}")
del users_lookup[username]
@app.listener("before_server_start")
async def do_setup(app, loop):
print("Setting up")
app.add_task(kopf.operator(clusterwide=True))
app.add_task(prometheus_async.aio.web.start_http_server(port=5000))
if __name__ == "__main__":
app.run(host="0.0.0.0", port=3001, single_process=False, motd=False, dev=devenv)

66
deployment.yaml Normal file
View File

@ -0,0 +1,66 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: users-proxy
spec:
replicas: 1
selector:
matchLabels:
app: users-proxy
template:
metadata:
labels:
app: users-proxy
spec:
enableServiceLinks: false
imagePullSecrets:
- name: regcred
serviceAccountName: oidc-gateway
containers:
- name: users-proxy
image: users-proxy
env:
- name: DEV_ENV
value: 'true'
ports:
- containerPort: 5000
name: metrics
---
apiVersion: v1
kind: Service
metadata:
name: users-proxy
labels:
app: users-proxy
spec:
selector:
app: users-proxy
ports:
- protocol: TCP
port: 3001
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: users-proxy
annotations:
kubernetes.io/ingress.class: shared
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns.alpha.kubernetes.io/target: traefik.codemowers.ee
spec:
rules:
- host: users-proxy-72zn4.codemowers.ee
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: users-proxy
port:
number: 3001
tls:
- hosts:
- "*.codemowers.ee"

19
skaffold.yaml Normal file
View File

@ -0,0 +1,19 @@
apiVersion: skaffold/v3
kind: Config
metadata:
name: users-proxy
deploy:
kubectl: {}
manifests:
rawYaml:
- deployment.yaml
build:
artifacts:
- image: users-proxy
sync:
manual:
- src: "app/**/*.py"
dest: .