svn-operator

command module
v0.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 8, 2021 License: Apache-2.0 Imports: 14 Imported by: 0

README

svn-operator

ci status Go Reference

The svn-operator is a simple, opinionated operator that has following features:

  • Does not guarantee extremely high availability. (if an SVN server crashes, just wait for a second and retry.)
  • Only basic authentication is allowed.
  • Can manage users and repositories declaratively.
  • Does not provide path-based authorization.

Installation

$ kubectl apply -f https://github.com/genkami/svn-operator/releases/download/v0.2.0/svn-operator.crds.yaml
$ kubectl apply -f https://github.com/genkami/svn-operator/releases/download/v0.2.0/svn-operator.yaml

Examples

The following example creates following resources:

  • An SVN server svnserver-sample.
  • A single SVN repository named svnrepository-sample whcih belongs to svnserver-sample.
  • Two groups named svngroup-sample-reader and svngroup-sample-writer.
    The former group has only read permission to the repository and the latter has full access to the repository.
  • Two users svnuser-sample-reader who belongs to svngroup-sample-reader, and svnuser-sample-writer who belongs to svngroup-sample-writer.
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNServer
metadata:
  name: svnserver-sample
spec:
  volumeClaimTemplate:
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 512M
---
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNRepository
metadata:
  name: svnrepository-sample
spec:
  svnServer: svnserver-sample
---
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNGroup
metadata:
  name: svngroup-sample-reader
spec:
  svnServer: svnserver-sample
  permissions:
  - repository: svnrepository-sample
    permission: r
---
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNGroup
metadata:
  name: svngroup-sample-writer
spec:
  svnServer: svnserver-sample
  permissions:
  - repository: svnrepository-sample
    permission: rw
---
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNUser
metadata:
  name: svnuser-sample-reader
spec:
  svnServer: svnserver-sample
  groups:
    - name: svngroup-sample-reader
  # The password is 'foobar'
  encryptedPassword: $2y$05$lHorekjyyp9w2fXD/ppQLOJ2N1KmY.9yiJ0mZQlkIeUpUg8enPN4e
---
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNUser
metadata:
  name: svnuser-sample-writer
spec:
  svnServer: svnserver-sample
  groups:
    - name: svngroup-sample-writer
  # The password is 'quux'
  encryptedPassword: $2y$05$skzShfjCsTKCYcvr55ByIO5G7icGU8Lofs2CpmR5AoGho9OzBLb4O

Additionally, if you want to expose SVN server to the internet, you have to set up ingress (or LoadBalancer, etc.) like this:

apiVersion: v1
kind: Service
metadata:
  name: svnserver-sample-lb
spec:
  type: NodePort
  ports:
  - name: http
    port: 80
    targetPort: 80
    protocol: TCP
  selector:
    # These two labels are generated by svn-operator
    app: subversion
    svn.k8s.oyasumi.club/name: svnserver-sample
---
# WARNING: This configuration is INSECURE since svn-operator uses basic auth.
# You must use HTTPS in production environments.
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: svnserver-sample-lb
spec:
  backend:
    serviceName: svnserver-sample-lb
    servicePort: 80

Then you can checkout repositories served under http://<INGRESS_IP_ADDRESS>/repos/.

$ svn checkout http://<INGRESS_IP_ADDRESS>/repos/svnrepository-sample

Authentication realm: <http://<INGRESS_IP_ADDRESS>:80> SVN Server
Username: svnuser-sample-writer
Password for 'svnuser-sample-writer': ****

Checked out revision 0.

Password Encryption

The EncryptedPassword field can be generated by using htpasswd command:

$ htpasswd -nB john | cut -d : -f 2-
New password: 
Re-type new password: 
$2y$05$sZw4te5XgfiRjNVNhLRVuO7cgiqbTAcdPRvzRog0r8Tj.lNAnpKyi

Or dedicated CLI tool that we provide:

$ go get github.com/genkami/svn-operator/cmd/svn-user-gen
$ svn-user-gen -user john
Password: 
Re-type Password: 
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNUser
metadata:
  name: john
spec:
  svnServer: TYPE_THE_SERVER_NAME_HERE
  encryptedPassword: $2a$10$teGKPe/vdxOvSRwpCN7iH.Neu.KH8sc.33ylcNSO3bDriKbua/48u

License

Distributed under the Apache License Version 2.0. See LICENSE for more information.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
api
v1alpha1
Package v1alpha1 contains API Schema definitions for the svn v1alpha1 API group +kubebuilder:object:generate=true +groupName=svn.k8s.oyasumi.club
 Package v1alpha1 contains API Schema definitions for the svn v1alpha1 API group +kubebuilder:object:generate=true +groupName=svn.k8s.oyasumi.club
cmd
server-updater
svn-user-gen
pkg
serverupdater
Package serverupdater contains functions to update internal state of SVN servers.
 Package serverupdater contains functions to update internal state of SVN servers.
svnconfig
Package svnconfig generates config files for SVN server.
 Package svnconfig generates config files for SVN server.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.