openfaas
diff --git a/‎cmd/apply.go
+73-46 b/‎cmd/apply.go
+73-46
diff --git a/‎example.init.yaml
+4 b/‎example.init.yaml
+4
diff --git a/‎pkg/ingress/ingress.go
-98 b/‎pkg/ingress/ingress.go
-98
diff --git a/‎pkg/ingress/ingress_test.go
-29 b/‎pkg/ingress/ingress_test.go
-29
diff --git a/‎pkg/stack/stack.go
-28 b/‎pkg/stack/stack.go
-28
@@ -4,7 +4,9 @@
 package cmd
 
 import (
+	"errors"
 	"fmt"
+	"github.com/openfaas-incubator/ofc-bootstrap/pkg/stack"
 	"io/ioutil"
 	"log"
 	"os"
@@ -18,13 +20,10 @@ import (
 	execute "github.com/alexellis/go-execute/pkg/v1"
 	"github.com/alexellis/k3sup/pkg/config"
 	"github.com/alexellis/k3sup/pkg/env"
-	"github.com/openfaas-incubator/ofc-bootstrap/pkg/ingress"
-	"github.com/openfaas-incubator/ofc-bootstrap/pkg/stack"
-	"github.com/openfaas-incubator/ofc-bootstrap/pkg/tls"
 	"github.com/openfaas-incubator/ofc-bootstrap/pkg/validators"
 
 	"github.com/openfaas-incubator/ofc-bootstrap/pkg/types"
-	yaml "gopkg.in/yaml.v2"
+	"gopkg.in/yaml.v2"
 )
 
 func init() {
@@ -141,7 +140,7 @@ func runApplyCommandE(command *cobra.Command, _ []string) error {
 		"faas-cli version",
 	}
 
-	validateToolsErr := validateTools(tools, additionalPaths)
+	validateToolsErr := validateTools(tools)
 
 	if validateToolsErr != nil {
 		panic(validateToolsErr)
@@ -184,7 +183,7 @@ type Vars struct {
 	YamlFile string
 }
 
-func taskGivesStdout(tool string, additionalPaths []string) error {
+func taskGivesStdout(tool string) error {
 
 	parts := strings.Split(tool, " ")
 
@@ -210,10 +209,10 @@ func taskGivesStdout(tool string, additionalPaths []string) error {
 	return nil
 }
 
-func validateTools(tools []string, additionalPaths []string) error {
+func validateTools(tools []string) error {
 
 	for _, tool := range tools {
-		err := taskGivesStdout(tool, additionalPaths)
+		err := taskGivesStdout(tool)
 		if err != nil {
 			return err
 		}
@@ -350,23 +349,12 @@ func process(plan types.Plan, prefs InstallPreferences, additionalPaths []string
 		}
 	}
 
-	ingressErr := ingress.Apply(plan)
-	if ingressErr != nil {
-		log.Println(ingressErr)
-	}
-
-	if plan.TLS {
-		tlsErr := tls.Apply(plan)
-		if tlsErr != nil {
-			log.Println(tlsErr)
-		}
-	}
-
 	fmt.Println("Creating stack.yml")
 
 	planErr := stack.Apply(plan)
 	if planErr != nil {
 		log.Println(planErr)
+		return planErr
 	}
 
 	if !prefs.SkipSealedSecrets {
@@ -389,6 +377,11 @@ func process(plan types.Plan, prefs InstallPreferences, additionalPaths []string
 		return cloneErr
 	}
 
+	ofcValuesErr := writeOFCValuesYaml(plan)
+	if ofcValuesErr != nil {
+		return ofcValuesErr
+	}
+
 	deployErr := deployCloudComponents(plan, additionalPaths)
 	if deployErr != nil {
 		return deployErr
@@ -397,33 +390,80 @@ func process(plan types.Plan, prefs InstallPreferences, additionalPaths []string
 	return nil
 }
 
-func helmRepoAdd(name, repo string) error {
-	log.Printf("Adding %s helm repo\n", name)
+func writeOFCValuesYaml(plan types.Plan) error {
+	ofcOptions := &types.OFCValues{}
 
-	task := execute.ExecTask{
-		Command:     "helm",
-		Args:        []string{"repo", "add", name, repo},
-		StreamStdio: true,
+	ofcOptions.NetworkPolicies.Enabled = plan.NetworkPolicies
+
+	if plan.EnableOAuth {
+		ofcOptions.EdgeAuth.EnableOauth2 = true
+		ofcOptions.EdgeAuth.OauthProvider = plan.SCM
+		ofcOptions.EdgeAuth.ClientID = plan.OAuth.ClientId
+		ofcOptions.EdgeAuth.OauthProviderBaseURL = plan.OAuth.OAuthProviderBaseURL
+	} else {
+		ofcOptions.EdgeAuth.EnableOauth2 = false
 	}
 
-	taskRes, taskErr := task.Execute()
+	ofcOptions.NetworkPolicies.Enabled = plan.NetworkPolicies
+	ofcOptions.Global.EnableECR = plan.EnableECR
 
-	if taskErr != nil {
-		return taskErr
+	if plan.TLS {
+		ofcOptions.TLS.IssuerType = plan.TLSConfig.IssuerType
+		ofcOptions.TLS.Enabled = true
+		ofcOptions.TLS.Email = plan.TLSConfig.Email
+		ofcOptions.TLS.DNSService = plan.TLSConfig.DNSService
+		switch ofcOptions.TLS.DNSService {
+		case types.CloudDNS:
+			ofcOptions.TLS.CloudDNS.ProjectID = plan.TLSConfig.ProjectID
+		case types.Cloudflare:
+			ofcOptions.TLS.Cloudflare.Email = plan.TLSConfig.Email
+			ofcOptions.TLS.Cloudflare.ProjectID = plan.TLSConfig.ProjectID
+		case types.Route53:
+			ofcOptions.TLS.Route53.AccessKeyID = plan.TLSConfig.AccessKeyID
+			ofcOptions.TLS.Route53.Region = plan.TLSConfig.Region
+		case types.DigitalOcean:
+			// No special config for DO DNS
+		default:
+			log.Fatalf("dns service not recognised: %s", ofcOptions.TLS.DNSService)
+		}
+
+	} else {
+		ofcOptions.TLS.Enabled = false
 	}
 
-	if len(taskRes.Stderr) > 0 {
-		log.Println(taskRes.Stderr)
+	if plan.CustomersSecret {
+		ofcOptions.Customers.CustomersSecret = true
+	} else {
+		if len(plan.CustomersURL) == 0 {
+			return errors.New("unable to continue without a customers secret or url")
+		}
+		ofcOptions.Customers.URL = plan.CustomersURL
+	}
+
+	ofcOptions.Global.EnableECR = plan.EnableECR
+	ofcOptions.Global.RootDomain = plan.RootDomain
+
+	ofcOptions.Ingress.MaxConnections = plan.IngressConfig.MaxConnections
+	ofcOptions.Ingress.RequestsPerMinute = plan.IngressConfig.RequestsPerMinute
+	yamlBytes, err := yaml.Marshal(&ofcOptions)
+	if err != nil {
+		log.Fatalf("error: %v", err)
+	}
+	filePath := "./tmp/ofc-values.yaml"
+	fileErr := ioutil.WriteFile(filePath, yamlBytes, 0644)
+	if fileErr != nil {
+		return fileErr
 	}
 
 	return nil
 }
 
-func helmRepoAddStable() error {
-	log.Println("Adding stable helm repo")
+func helmRepoAdd(name, repo string) error {
+	log.Printf("Adding %s helm repo\n", name)
 
 	task := execute.ExecTask{
 		Command:     "helm",
+		Args:        []string{"repo", "add", name, repo},
 		StreamStdio: true,
 	}
 
@@ -660,19 +700,6 @@ func createSecrets(plan types.Plan) error {
 	return nil
 }
 
-func sealedSecretsReady() bool {
-
-	task := execute.ExecTask{
-		Command:     "./scripts/get-sealedsecretscontroller.sh",
-		Shell:       true,
-		StreamStdio: true,
-	}
-
-	res, err := task.Execute()
-	fmt.Println("sealedsecretscontroller", res.ExitCode, res.Stdout, res.Stderr, err)
-	return res.Stdout == "1"
-}
-
 func exportSealedSecretPubCert() string {
 
 	task := execute.ExecTask{
 
@@ -333,3 +333,7 @@ enable_ingress_operator: false
 ### Usage: release tag, a SHA or branch name
 openfaas_cloud_version: 0.14.2
 
+## Settings for the ingress records
+ingress_config:
+  max_connections: 20
+  requests_per_minute: 600
@@ -50,7 +50,6 @@ type awsConfig struct {
 	ECRRegion string
 }
 
-// Apply creates `templates/gateway_config.yml` to be referenced by stack.yml
 func Apply(plan types.Plan) error {
 	scheme := "http"
 	if plan.TLS {
@@ -67,7 +66,6 @@ func Apply(plan types.Plan) error {
 		Registry:             plan.Registry,
 		RootDomain:           plan.RootDomain,
 		CustomersURL:         plan.CustomersURL,
-		Scheme:               scheme,
 		S3:                   plan.S3,
 		CustomTemplates:      plan.Deployment.FormatCustomTemplates(),
 		EnableDockerfileLang: plan.EnableDockerfileLang,
@@ -105,26 +103,6 @@ func Apply(plan types.Plan) error {
 		return dashboardConfigErr
 	}
 
-	if plan.EnableOAuth {
-		ofCustomersSecretPath := ""
-		if plan.CustomersSecret {
-			ofCustomersSecretPath = "/var/secrets/of-customers/of-customers"
-		}
-
-		if ofAuthDepErr := generateTemplate("edge-auth-dep", plan, authConfig{
-			RootDomain:            plan.RootDomain,
-			ClientId:              plan.OAuth.ClientId,
-			CustomersURL:          plan.CustomersURL,
-			Scheme:                scheme,
-			OAuthProvider:         plan.SCM,
-			OAuthProviderBaseURL:  plan.OAuth.OAuthProviderBaseURL,
-			OFCustomersSecretPath: ofCustomersSecretPath,
-			TLSEnabled:            plan.TLS,
-		}); ofAuthDepErr != nil {
-			return ofAuthDepErr
-		}
-	}
-
 	isGitHub := plan.SCM == "github"
 	if stackErr := generateTemplate("stack", plan, stackConfig{
 		GitHub:              isGitHub,
@@ -133,12 +111,6 @@ func Apply(plan types.Plan) error {
 		return stackErr
 	}
 
-	if builderErr := generateTemplate("of-builder-dep", plan, builderConfig{
-		ECR: plan.EnableECR,
-	}); builderErr != nil {
-		return builderErr
-	}
-
 	if ecrErr := generateTemplate("aws", plan, awsConfig{
 		ECRRegion: plan.ECRConfig.ECRRegion,
 	}); ecrErr != nil {