From b7daf7bdc9cdf007b410380369602733f2873368 Mon Sep 17 00:00:00 2001
From: Roi Vazquez <roivazquez@gmail.com>
Date: Thu, 2 May 2024 16:45:54 +0200
Subject: [PATCH] Simplify domain config for local-setup

---
 .../local-setup/env-inputs/configuration.yaml |  19 +--
 config/local-setup/workloads/apicast.yaml     |   4 +-
 config/local-setup/workloads/autossl.yaml     |   4 +-
 config/local-setup/workloads/backend.yaml     |   2 +-
 .../local-setup/workloads/mappingservice.yaml |   2 +-
 config/local-setup/workloads/mt-ingress.yaml  |   4 +-
 .../workloads/replacements/domains.yaml       | 143 +++++++-----------
 config/local-setup/workloads/system.yaml      |   6 +-
 8 files changed, 71 insertions(+), 113 deletions(-)

diff --git a/config/local-setup/env-inputs/configuration.yaml b/config/local-setup/env-inputs/configuration.yaml
index 6b7a998a..445321d3 100644
--- a/config/local-setup/env-inputs/configuration.yaml
+++ b/config/local-setup/env-inputs/configuration.yaml
@@ -43,23 +43,12 @@ data:
   ENVOY_IMAGE: envoyproxy/envoy:v1.22.11
 
   # DOMAIN CONFIGURATION
-  SYSTEM_ENDPOINT: https://multitenant-admin.system-172-27-27-105.nip.io
-  AUTOSSL_VERIFICATION_ENDPOINT: https://multitenant-admin.system-172-27-27-105.nip.io/swagger/spec.json
-  SYSTEM_EVENTS_URL: https://system-172-27-27-105.nip.io/master/events/import
-  SYSTEM_SUPERDOMAIN: system-172-27-27-105.nip.io
-  BACKEND_EXTERNAL_ENDPOINT: http://backend-172-27-27-100.nip.io
+  SYSTEM_ENDPOINT: multitenant-admin.system-172-27-27-105.nip.io
+  BACKEND_ENDPOINT: backend-172-27-27-100.nip.io
   APICAST_STAGING_DOMAIN: staging-172-27-27-102.nip.io
   APICAST_PRODUCTION_DOMAIN: production-172-27-27-101.nip.io
-  APICAST_CLOUD_HOSTED_REGISTRY_URL: http://apicast-staging-management:8090/policies
-  APICAST_SELF_MANAGED_REGISTRY_URL: http://policies.apicast.io/latest/policies.json
-
-  # DNS CONFIG
-  APICAST_STAGING_DNS: '*.staging-172-27-27-102.nip.io'
-  APICAST_PRODUCTION_DNS: '*.production-172-27-27-101.nip.io'
-  AUTOSSL_DNS: autossl-172-27-27-104.nip.io
-  BACKEND_DNS: backend-172-27-27-100.nip.io
-  ECHOAPI_DNS: echo-api-172-27-27-103.nip.io
-  SYSTEM_DNS: '*.system-172-27-27-105.nip.io'
+  AUTOSSL_ENDPOINT: autossl-172-27-27-104.nip.io
+  ECHOAPI_ENDPOINT: echo-api-172-27-27-103.nip.io
 
   # CERTIFICATE CONFIG
   CERT_MANAGER_ISSUER: selfsigned-cluster-issuer
\ No newline at end of file
diff --git a/config/local-setup/workloads/apicast.yaml b/config/local-setup/workloads/apicast.yaml
index a90c00fa..029caf89 100644
--- a/config/local-setup/workloads/apicast.yaml
+++ b/config/local-setup/workloads/apicast.yaml
@@ -12,7 +12,7 @@ spec:
     config:
       configurationCache: 300
       threescalePortalEndpoint: "http://mapping-service/config"
-    endpoint: {dns: [REPLACE]}
+    endpoint: {dns: ['*.REPLACE']}
     hpa: {}
     loadBalancer:
       proxyProtocol: false
@@ -62,7 +62,7 @@ spec:
     config:
       configurationCache: 60
       threescalePortalEndpoint: "http://mapping-service/config"
-    endpoint: {dns: [REPLACE]}
+    endpoint: {dns: ['*.REPLACE']}
     hpa: {}
     loadBalancer:
       proxyProtocol: false
diff --git a/config/local-setup/workloads/autossl.yaml b/config/local-setup/workloads/autossl.yaml
index a86476a0..9961ee2a 100644
--- a/config/local-setup/workloads/autossl.yaml
+++ b/config/local-setup/workloads/autossl.yaml
@@ -12,9 +12,9 @@ spec:
     contactEmail: 3scale-operations@redhat.com
     domainWhitelist: []
     logLevel: debug
-    proxyEndpoint: REPLACE
+    proxyEndpoint: https://REPLACE
     redisHost: autossl-redis
-    verificationEndpoint: REPLACE
+    verificationEndpoint: https://REPLACE/swagger/spec.json
   endpoint: {dns: [REPLACE]}
   hpa: {}
   pdb: {}
diff --git a/config/local-setup/workloads/backend.yaml b/config/local-setup/workloads/backend.yaml
index 572ad559..bc311b1b 100644
--- a/config/local-setup/workloads/backend.yaml
+++ b/config/local-setup/workloads/backend.yaml
@@ -17,7 +17,7 @@ spec:
     redisQueuesDSN: "redis://backend-redis:6379/1"
     redisStorageDSN: "redis://backend-redis:6379/0"
     systemEventsHookPassword: {}
-    systemEventsHookURL: {override: REPLACE }
+    systemEventsHookURL: {override: https://REPLACE/master/events/import }
   listener:
     config:
       listenerWorkers: 1
diff --git a/config/local-setup/workloads/mappingservice.yaml b/config/local-setup/workloads/mappingservice.yaml
index 32b4dce0..2db2f553 100644
--- a/config/local-setup/workloads/mappingservice.yaml
+++ b/config/local-setup/workloads/mappingservice.yaml
@@ -4,7 +4,7 @@ metadata:
   name: mapping-service
 spec:
   config:
-    apiHost: REPLACE
+    apiHost: https://REPLACE
     systemAdminToken: {fromSeed: {}}
   image:
     name: REPLACE
diff --git a/config/local-setup/workloads/mt-ingress.yaml b/config/local-setup/workloads/mt-ingress.yaml
index bfea4cdf..ca256c95 100644
--- a/config/local-setup/workloads/mt-ingress.yaml
+++ b/config/local-setup/workloads/mt-ingress.yaml
@@ -3,7 +3,7 @@ kind: Certificate
 metadata:
   name: mt-ingress-cert
 spec:
-  dnsNames: [REPLACE]
+  dnsNames: ['*.REPLACE']
   issuerRef:
     kind: ClusterIssuer
     name: selfsigned-cluster-issuer
@@ -36,7 +36,7 @@ apiVersion: v1
 kind: Service
 metadata:
   annotations:
-    external-dns.alpha.kubernetes.io/hostname: REPLACE
+    external-dns.alpha.kubernetes.io/hostname: '*.REPLACE'
     service.beta.kubernetes.io/aws-load-balancer-connection-draining-enabled: "true"
     service.beta.kubernetes.io/aws-load-balancer-connection-draining-timeout: "60"
     service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
diff --git a/config/local-setup/workloads/replacements/domains.yaml b/config/local-setup/workloads/replacements/domains.yaml
index 45110b3a..e6f2cad2 100644
--- a/config/local-setup/workloads/replacements/domains.yaml
+++ b/config/local-setup/workloads/replacements/domains.yaml
@@ -1,24 +1,38 @@
-# APICAST
+# CONFIGURE APICAST ENDPOINTS
 - source:
     kind: ConfigMap
     name: config
-    fieldPath: data.APICAST_STAGING_DNS
+    fieldPath: data.APICAST_STAGING_DOMAIN
   targets:
     - select:
         kind: Apicast
       fieldPaths:
         - spec.staging.endpoint.dns.0
+      options:
+        delimiter: "."
+        index: 1
+    - select:
+        kind: System
+      fieldPaths:
+        - spec.config.apicast.stagingDomain
 - source:
     kind: ConfigMap
     name: config
-    fieldPath: data.APICAST_PRODUCTION_DNS
+    fieldPath: data.APICAST_PRODUCTION_DOMAIN
   targets:
     - select:
         kind: Apicast
       fieldPaths:
         - spec.production.endpoint.dns.0
+      options:
+        delimiter: "."
+        index: 1
+    - select:
+        kind: System
+      fieldPaths:
+        - spec.config.apicast.productionDomain
 
-# AUTOSSL
+# CONFIGURE AUTOSSL ENDPOINT
 - source:
     kind: ConfigMap
     name: config
@@ -28,142 +42,97 @@
         kind: AutoSSL
       fieldPaths:
         - spec.config.proxyEndpoint
-- source:
-    kind: ConfigMap
-    name: config
-    fieldPath: data.AUTOSSL_VERIFICATION_ENDPOINT
-  targets:
-    - select:
-        kind: AutoSSL
-      fieldPaths:
         - spec.config.verificationEndpoint
+      options:
+        delimiter: "/"
+        index: 2
 - source:
     kind: ConfigMap
     name: config
-    fieldPath: data.AUTOSSL_DNS
+    fieldPath: data.AUTOSSL_ENDPOINT
   targets:
     - select:
         kind: AutoSSL
       fieldPaths:
         - spec.endpoint.dns.0
 
-# BACKEND
+# CONFIGURE ECHOAPI ENDPOINT
 - source:
     kind: ConfigMap
     name: config
-    fieldPath: data.SYSTEM_EVENTS_URL
-  targets:
-    - select:
-        kind: Backend
-      fieldPaths:
-        - spec.config.systemEventsHookURL.override
-- source:
-    kind: ConfigMap
-    name: config
-    fieldPath: data.BACKEND_DNS
-  targets:
-    - select:
-        kind: Backend
-      fieldPaths:
-        - spec.listener.endpoint.dns.0
-
-# ECHOAPI
-- source:
-    kind: ConfigMap
-    name: config
-    fieldPath: data.ECHOAPI_DNS
+    fieldPath: data.ECHOAPI_ENDPOINT
   targets:
     - select:
         kind: EchoAPI
       fieldPaths:
         - spec.endpoint.dns.0
 
-# MAPPINGSERVICE
+# CONFIGURE BACKEND ENDPOINT
 - source:
     kind: ConfigMap
     name: config
-    fieldPath: data.SYSTEM_ENDPOINT
+    fieldPath: data.BACKEND_ENDPOINT
   targets:
     - select:
-        kind: MappingService
-      fieldPaths:
-        - spec.config.apiHost
-
-# SYSTEM
-- source:
-    kind: ConfigMap
-    name: config
-    fieldPath: data.SYSTEM_SUPERDOMAIN
-  targets:
-    - select:
-        kind: System
+        kind: Backend
       fieldPaths:
-        - spec.config.threescaleSuperdomain
-- source:
-    kind: ConfigMap
-    name: config
-    fieldPath: data.BACKEND_EXTERNAL_ENDPOINT
-  targets:
+        - spec.listener.endpoint.dns.0
     - select:
         kind: System
       fieldPaths:
         - spec.config.backend.externalEndpoint
+      options:
+        delimiter: "/"
+        index: 2
+
+# CONFIGURE SYSTEM ENDPOINT
 - source:
     kind: ConfigMap
     name: config
-    fieldPath: data.APICAST_STAGING_DOMAIN
-  targets:
-    - select:
-        kind: System
-      fieldPaths:
-        - spec.config.apicast.stagingDomain
-- source:
-    kind: ConfigMap
-    name: config
-    fieldPath: data.APICAST_PRODUCTION_DOMAIN
+    fieldPath: data.SYSTEM_ENDPOINT
   targets:
     - select:
-        kind: System
+        kind: Backend
       fieldPaths:
-        - spec.config.apicast.productionDomain
-- source:
-    kind: ConfigMap
-    name: config
-    fieldPath: data.APICAST_CLOUD_HOSTED_REGISTRY_URL
-  targets:
+        - spec.config.systemEventsHookURL.override
+      options:
+        delimiter: "/"
+        index: 2
     - select:
-        kind: System
+        kind: MappingService
       fieldPaths:
-        - spec.config.apicast.cloudHostedRegistryURL
+        - spec.config.apiHost
+      options:
+        delimiter: "/"
+        index: 2
 - source:
     kind: ConfigMap
     name: config
-    fieldPath: data.APICAST_SELF_MANAGED_REGISTRY_URL
+    fieldPath: data.SYSTEM_ENDPOINT
+    options:
+      delimiter: "multitenant-admin."
+      index: 1
   targets:
     - select:
         kind: System
       fieldPaths:
-        - spec.config.apicast.selfManagedRegistryURL
-- source:
-    kind: ConfigMap
-    name: config
-    fieldPath: data.SYSTEM_DNS
-  targets:
+        - spec.config.threescaleSuperdomain
     - select:
         kind: Service
         name: mt-ingress
       fieldPaths:
         - metadata.annotations.[external-dns.alpha.kubernetes.io/hostname]
-- source:
-    kind: ConfigMap
-    name: config
-    fieldPath: data.SYSTEM_DNS
-  targets:
+      options:
+        delimiter: "."
+        index: 1
     - select:
         kind: Certificate
         name: mt-ingress-cert
       fieldPaths:
         - spec.dnsNames.0
+      options:
+        delimiter: "."
+        index: 1
 
 # CERT-MANAGER
 - source:
@@ -174,4 +143,4 @@
     - select:
         kind: Certificate
       fieldPaths:
-        - spec.issuerRef.name
\ No newline at end of file
+        - spec.issuerRef.name
diff --git a/config/local-setup/workloads/system.yaml b/config/local-setup/workloads/system.yaml
index 24e44811..98191d91 100644
--- a/config/local-setup/workloads/system.yaml
+++ b/config/local-setup/workloads/system.yaml
@@ -18,7 +18,7 @@ spec:
     redis:
       queuesDSN: "redis://system-redis:6379"
     backend:
-      externalEndpoint: REPLACE
+      externalEndpoint: http://REPLACE
       internalAPIPassword: {fromSeed: {}}
       internalAPIUser: {fromSeed: {}}
       internalEndpoint: "http://backend-listener-internal"
@@ -66,8 +66,8 @@ spec:
     apicast:
       stagingDomain: REPLACE
       productionDomain: REPLACE
-      cloudHostedRegistryURL: REPLACE
-      selfManagedRegistryURL: REPLACE
+      cloudHostedRegistryURL: http://apicast-staging-management:8090/policies
+      selfManagedRegistryURL: https://policies.apicast.io/latest/policies.json
   app:
     hpa: {}
     pdb: {}