summaryrefslogtreecommitdiffstats
path: root/samples/services/modsecurity/yaml
diff options
context:
space:
mode:
Diffstat (limited to 'samples/services/modsecurity/yaml')
-rw-r--r--samples/services/modsecurity/yaml/manifest.template38
-rw-r--r--samples/services/modsecurity/yaml/modsecurity-deployment.yaml22
-rw-r--r--samples/services/modsecurity/yaml/modsecurity-service.yaml13
-rw-r--r--samples/services/modsecurity/yaml/render_yaml.py60
4 files changed, 133 insertions, 0 deletions
diff --git a/samples/services/modsecurity/yaml/manifest.template b/samples/services/modsecurity/yaml/manifest.template
new file mode 100644
index 0000000..afeb9dc
--- /dev/null
+++ b/samples/services/modsecurity/yaml/manifest.template
@@ -0,0 +1,38 @@
+---
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ deploy_name }}
+ labels:
+ app: {{ deploy_name }}
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: {{ deploy_name }}
+ spec:
+ containers:
+ - name: {{ deploy_name }}
+ image: {{ image_path }}/{{ image_name }}:{{ image_tag }}
+ ports:
+ - containerPort: {{ http_port }}
+ env:
+ - name: PARANOIA
+ value: {{ paranoia_level }}
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ deploy_name }}
+ labels:
+ app: {{ deploy_name }}
+spec:
+ ports:
+ - port: {{ http_port }}
+ name: http-modsecurity-crs
+ targetPort: {{ http_port }}
+ selector:
+ app: {{ deploy_name }}
+---
diff --git a/samples/services/modsecurity/yaml/modsecurity-deployment.yaml b/samples/services/modsecurity/yaml/modsecurity-deployment.yaml
new file mode 100644
index 0000000..450ede5
--- /dev/null
+++ b/samples/services/modsecurity/yaml/modsecurity-deployment.yaml
@@ -0,0 +1,22 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: modsecurity-crs
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: modsecurity-crs
+ template:
+ metadata:
+ labels:
+ app: modsecurity-crs
+ spec:
+ containers:
+ - name: modsecurity-crs
+ image: clover/clover-ns-modsecurity-crs
+ ports:
+ - containerPort: 80
+ env:
+ - name: PARANOIA
+ value: '1'
diff --git a/samples/services/modsecurity/yaml/modsecurity-service.yaml b/samples/services/modsecurity/yaml/modsecurity-service.yaml
new file mode 100644
index 0000000..8548dca
--- /dev/null
+++ b/samples/services/modsecurity/yaml/modsecurity-service.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: modsecurity-crs
+spec:
+ type: NodePort
+ ports:
+ - port: 80
+ name: http-modsecurity-crs
+ protocol: TCP
+ targetPort: 80
+ selector:
+ app: modsecurity-crs
diff --git a/samples/services/modsecurity/yaml/render_yaml.py b/samples/services/modsecurity/yaml/render_yaml.py
new file mode 100644
index 0000000..54f8069
--- /dev/null
+++ b/samples/services/modsecurity/yaml/render_yaml.py
@@ -0,0 +1,60 @@
+# Copyright (c) Authors of Clover
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+
+import argparse
+
+from jinja2 import Template
+
+
+def render_yaml(args):
+ template_file = 'manifest.template'
+ out_file = 'modsecurity.yaml'
+
+ try:
+ with open(template_file) as f:
+ tmpl = Template(f.read())
+ output = tmpl.render(
+ image_path=args['image_path'],
+ image_name=args['image_name'],
+ image_tag=args['image_tag'],
+ deploy_name=args['deploy_name'],
+ http_port=args['http_port'],
+ paranoia_level=args['paranoia_level']
+ )
+ with open(out_file, "wb") as fh:
+ fh.write(output)
+ return "Generated manifest for {}".format(args['deploy_name'])
+ except Exception as e:
+ print(e)
+ return "Unable to generate manifest for {}".format(
+ args['deploy_name'])
+
+
+if __name__ == '__main__':
+ parser = argparse.ArgumentParser()
+ parser.add_argument(
+ '--image_name', default='clover-ns-modsecurity-crs',
+ help='The image name to use')
+ parser.add_argument(
+ '--image_path', default='localhost:5000',
+ help='The path to the image to use')
+ parser.add_argument(
+ '--image_tag', default='latest',
+ help='The image tag to use')
+ parser.add_argument(
+ '--deploy_name', default='modsecurity-crs',
+ help='The k8s deploy name to use')
+ parser.add_argument(
+ '--http_port', default='80',
+ help='Analyze http traffic on this port')
+ parser.add_argument(
+ '--paranoia_level', default='1',
+ help='The modsecurity paranoia level')
+
+ args = parser.parse_args()
+ print(render_yaml(vars(args)))
+