diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..0b8bd92 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,4 @@ +/.git +/example +/scripts +/glide.lock diff --git a/Dockerfile b/Dockerfile index 3af2dac..8b69c47 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,4 +18,6 @@ RUN go build -o /kubehook ./cmd/kubehook FROM alpine:3.7 MAINTAINER Nic Cope RUN apk --no-cache add ca-certificates -COPY --from=golang /kubehook / \ No newline at end of file +COPY --from=golang /kubehook / +ENTRYPOINT [ "/kubehook" ] +CMD [ "--help" ] diff --git a/example/backend/kubecfg.conf b/example/backend/kubecfg.conf new file mode 100644 index 0000000..0c2c303 --- /dev/null +++ b/example/backend/kubecfg.conf @@ -0,0 +1,37 @@ +--- + +apiVersion: v1 +kind: Config +preferences: {} +current-context: "" + +clusters: + - name: development + cluster: {} + - name: staging + cluster: {} + - name: production + cluster: {} + +users: + - name: developer + user: {} + - name: admin + user: {} + +contexts: + - name: dev-system + context: + cluster: development + namespace: system + user: developer + - name: staging-system + context: + cluster: staging + namespace: system + user: admin + - name: production-system + context: + cluster: production + namespace: system + user: admin diff --git a/example/docker-compose.yml b/example/docker-compose.yml new file mode 100644 index 0000000..ed3a657 --- /dev/null +++ b/example/docker-compose.yml @@ -0,0 +1,27 @@ +--- + +version: '2.4' + +services: + frontend: + image: nginx:alpine + volumes: + - type: bind + source: ./frontend + target: /etc/nginx/conf.d + read_only: true + ports: + - "127.0.0.1:8080:80" + + backend: + image: localhost/kubehook + build: .. + command: + - '--kubecfg-template' + - '/etc/kubehook/kubecfg.conf' + - 'example-secret' + volumes: + - type: bind + source: ./backend + target: /etc/kubehook + read_only: true diff --git a/example/frontend/example.conf b/example/frontend/example.conf new file mode 100644 index 0000000..3728ba8 --- /dev/null +++ b/example/frontend/example.conf @@ -0,0 +1,35 @@ +server { + listen 80; + server_name localhost; + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + location / { + auth_basic "Example"; + auth_basic_user_file /etc/nginx/conf.d/htpasswd.txt; + sendfile off; + + proxy_pass http://backend:10003; + proxy_redirect default; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-User $remote_user; + proxy_set_header X-Forwarded-Groups "local;example"; + proxy_max_temp_file_size 0; + + client_max_body_size 10m; + client_body_buffer_size 128k; + + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffer_size 4k; + proxy_buffers 4 32k; + proxy_busy_buffers_size 64k; + proxy_temp_file_write_size 64k; + } +} diff --git a/example/frontend/htpasswd.txt b/example/frontend/htpasswd.txt new file mode 100644 index 0000000..97ac52a --- /dev/null +++ b/example/frontend/htpasswd.txt @@ -0,0 +1,4 @@ +# Password01 +user01:$2y$10$UnLAqXHOX7j28CZQH5HI8uOXPMw6unOjbSIZdBcGM/fySunBY8ls2 +# Password02 +user02:$2y$10$Zx7sCpBg0owPuB5mzw6yeeOHaaWbD3Va42AXU7j97o6fAZC5VJ2zW