fix

apps/dolibarr/backups.tf

@@ -6,7 +6,7 @@ resource "kubectl_manifest" "backup_schedule" {
     metadata:
       name: "${var.instance}-backup"
       namespace: "${var.namespace}"
-      labels: ${jsonencode(local.common-labels)}
+      labels: ${jsonencode(local.common_labels)}
     spec:
       backend:
         repoPasswordSecretRef:

apps/dolibarr/check.rhai

@@ -0,0 +1,17 @@
+const DOMAIN = config.domain;
+fn check_domain() {
+    assert(have_namespace(`${global::DOMAIN}`),                         `There is no ${global::DOMAIN} namespace`);
+}
+fn check_authentik() {
+    assert(have_namespace(`${global::DOMAIN}-auth`),                    `There is no ${global::DOMAIN}-auth namespace`);
+    assert(have_install(`${global::DOMAIN}-auth`, "authentik"),         `No authentik installation in ${global::DOMAIN}-auth`);
+    assert(have_secret(`${global::DOMAIN}-auth`, "authentik"),          `No authentik secret in ${global::DOMAIN}-auth`);
+}
+fn check_authentik_ldap() {
+    assert(have_install(`${global::DOMAIN}-auth`, "authentik-ldap"), `No authentik-forward installation in ${global::DOMAIN}-auth`);
+}
+fn pre_check() {
+    check_domain();
+    check_authentik();
+    check_authentik_ldap();
+}

apps/dolibarr/common.tf

@@ -0,0 +1,12 @@
+
+locals {
+  common-labels = {
+    "vynil.solidite.fr/owner-name" = var.instance
+    "vynil.solidite.fr/owner-namespace" = var.namespace
+    "vynil.solidite.fr/owner-category" = var.category
+    "vynil.solidite.fr/owner-component" = var.component
+    "app.kubernetes.io/managed-by" = "vynil"
+    "app.kubernetes.io/name" = var.component
+    "app.kubernetes.io/instance" = var.instance
+  }
+}

apps/dolibarr/configmap.tf

@@ -79,7 +79,7 @@ resource "kubectl_manifest" "config-json" {
     metadata:
       name: "${var.instance}-json"
       namespace: "${var.namespace}"
-      labels: ${jsonencode(local.common-labels)}
+      labels: ${jsonencode(local.common_labels)}
     data:
       "docker-php-ext-redis.ini": |-
         extension = redis.so
@@ -157,7 +157,7 @@ resource "kubectl_manifest" "config" {
     metadata:
       name: "${var.instance}"
       namespace: "${var.namespace}"
-      labels: ${jsonencode(local.common-labels)}
+      labels: ${jsonencode(local.common_labels)}
     data:
       DOLI_DB_HOST: "${var.instance}-${var.component}-pg-rw.${var.namespace}.svc"
       DOLI_DB_USER: "${var.component}"

apps/dolibarr/deploy.tf

@@ -1,5 +1,5 @@
 locals {
-  deploy-labels = merge(local.common-labels, {
+  deploy-labels = merge(local.common_labels, {
     "app.kubernetes.io/component" = "dolibarr"
   })
 }

apps/dolibarr/ingress.tf

@@ -28,7 +28,7 @@ resource "kubectl_manifest" "prj_certificate" {
     metadata:
       name: "${var.instance}"
       namespace: "${var.namespace}"
-      labels: ${jsonencode(local.common-labels)}
+      labels: ${jsonencode(local.common_labels)}
     spec:
         secretName: "${var.instance}-cert"
         dnsNames: ${jsonencode(local.dns_names)}
@@ -46,7 +46,7 @@ resource "kubectl_manifest" "prj_https_redirect" {
     metadata:
       name: "${var.instance}-https"
       namespace: "${var.namespace}"
-      labels: ${jsonencode(local.common-labels)}
+      labels: ${jsonencode(local.common_labels)}
     spec:
       redirectScheme:
         scheme: "https"
@@ -62,7 +62,7 @@ resource "kubectl_manifest" "prj_ingress" {
     metadata:
       name: "${var.instance}"
       namespace: "${var.namespace}"
-      labels: ${jsonencode(local.common-labels)}
+      labels: ${jsonencode(local.common_labels)}
       annotations:
         "traefik.ingress.kubernetes.io/router.middlewares": "${join(",", [for m in local.middlewares : format("%s-%s@kubernetescrd", var.namespace, m)])}"
     spec:

apps/dolibarr/ldap.tf

@@ -26,7 +26,7 @@ resource "kubectl_manifest" "dolibarr_ldap" {
     metadata:
       name: "${var.instance}-${var.component}"
       namespace: "${var.namespace}"
-      labels: ${jsonencode(local.common-labels)}
+      labels: ${jsonencode(local.common_labels)}
     spec:
       forceRegenerate: false
       fields:

apps/dolibarr/nginx-config.tf

@@ -6,7 +6,7 @@ apiVersion: v1
 metadata:
   name: ${var.instance}-nginx
   namespace: "${var.namespace}"
-  labels: ${jsonencode(local.common-labels)}
+  labels: ${jsonencode(local.common_labels)}
 data:
   nginx.conf: |
     worker_processes  5;

apps/dolibarr/postgresql.tf

@@ -1,5 +1,5 @@
 locals {
-  pg-labels = merge(local.common-labels, {
+  pg-labels = merge(local.common_labels, {
     "app.kubernetes.io/component" = "pg"
   })
 }

apps/dolibarr/pvc.tf

@@ -20,7 +20,7 @@ resource "kubectl_manifest" "pvc" {
       namespace: "${var.namespace}"
       annotations:
         k8up.io/backup: "true"
-      labels: ${jsonencode(local.common-labels)}
+      labels: ${jsonencode(local.common_labels)}
     spec: ${jsonencode(local.pvc_spec)}
   EOF
 }

apps/dolibarr/redis.tf

@@ -1,5 +1,5 @@
 locals {
-  redis-labels = merge(local.common-labels, {
+  redis-labels = merge(local.common_labels, {
     "app.kubernetes.io/component" = "redis"
   })
 }

apps/dolibarr/saml.tf

@@ -32,7 +32,7 @@ resource "kubectl_manifest" "saml_certificate" {
     metadata:
       name: "${var.instance}-${var.component}-saml"
       namespace: "${var.namespace}"
-      labels: ${jsonencode(local.common-labels)}
+      labels: ${jsonencode(local.common_labels)}
     spec:
         secretName: "${var.instance}-${var.component}-saml"
         dnsNames: ${jsonencode(local.dns_names)}