diff options
Diffstat (limited to 'samples/services/modsecurity/yaml')
4 files changed, 133 insertions, 0 deletions
diff --git a/samples/services/modsecurity/yaml/manifest.template b/samples/services/modsecurity/yaml/manifest.template new file mode 100644 index 0000000..afeb9dc --- /dev/null +++ b/samples/services/modsecurity/yaml/manifest.template @@ -0,0 +1,38 @@ +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ deploy_name }} + labels: + app: {{ deploy_name }} +spec: + replicas: 1 + template: + metadata: + labels: + app: {{ deploy_name }} + spec: + containers: + - name: {{ deploy_name }} + image: {{ image_path }}/{{ image_name }}:{{ image_tag }} + ports: + - containerPort: {{ http_port }} + env: + - name: PARANOIA + value: {{ paranoia_level }} + +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ deploy_name }} + labels: + app: {{ deploy_name }} +spec: + ports: + - port: {{ http_port }} + name: http-modsecurity-crs + targetPort: {{ http_port }} + selector: + app: {{ deploy_name }} +--- diff --git a/samples/services/modsecurity/yaml/modsecurity-deployment.yaml b/samples/services/modsecurity/yaml/modsecurity-deployment.yaml new file mode 100644 index 0000000..450ede5 --- /dev/null +++ b/samples/services/modsecurity/yaml/modsecurity-deployment.yaml @@ -0,0 +1,22 @@ +apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: modsecurity-crs
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: modsecurity-crs
+ template:
+ metadata:
+ labels:
+ app: modsecurity-crs
+ spec:
+ containers:
+ - name: modsecurity-crs
+ image: clover/clover-ns-modsecurity-crs
+ ports:
+ - containerPort: 80
+ env:
+ - name: PARANOIA
+ value: '1'
diff --git a/samples/services/modsecurity/yaml/modsecurity-service.yaml b/samples/services/modsecurity/yaml/modsecurity-service.yaml new file mode 100644 index 0000000..8548dca --- /dev/null +++ b/samples/services/modsecurity/yaml/modsecurity-service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1
+kind: Service
+metadata:
+ name: modsecurity-crs
+spec:
+ type: NodePort
+ ports:
+ - port: 80
+ name: http-modsecurity-crs
+ protocol: TCP
+ targetPort: 80
+ selector:
+ app: modsecurity-crs
diff --git a/samples/services/modsecurity/yaml/render_yaml.py b/samples/services/modsecurity/yaml/render_yaml.py new file mode 100644 index 0000000..54f8069 --- /dev/null +++ b/samples/services/modsecurity/yaml/render_yaml.py @@ -0,0 +1,60 @@ +# Copyright (c) Authors of Clover +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 + +import argparse + +from jinja2 import Template + + +def render_yaml(args): + template_file = 'manifest.template' + out_file = 'modsecurity.yaml' + + try: + with open(template_file) as f: + tmpl = Template(f.read()) + output = tmpl.render( + image_path=args['image_path'], + image_name=args['image_name'], + image_tag=args['image_tag'], + deploy_name=args['deploy_name'], + http_port=args['http_port'], + paranoia_level=args['paranoia_level'] + ) + with open(out_file, "wb") as fh: + fh.write(output) + return "Generated manifest for {}".format(args['deploy_name']) + except Exception as e: + print(e) + return "Unable to generate manifest for {}".format( + args['deploy_name']) + + +if __name__ == '__main__': + parser = argparse.ArgumentParser() + parser.add_argument( + '--image_name', default='clover-ns-modsecurity-crs', + help='The image name to use') + parser.add_argument( + '--image_path', default='localhost:5000', + help='The path to the image to use') + parser.add_argument( + '--image_tag', default='latest', + help='The image tag to use') + parser.add_argument( + '--deploy_name', default='modsecurity-crs', + help='The k8s deploy name to use') + parser.add_argument( + '--http_port', default='80', + help='Analyze http traffic on this port') + parser.add_argument( + '--paranoia_level', default='1', + help='The modsecurity paranoia level') + + args = parser.parse_args() + print(render_yaml(vars(args))) + |