svn-operator

command module

v0.2.1 Latest Latest Go to latest Published: Mar 8, 2021 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/genkami/svn-operator

Links

Open Source Insights

README ¶

svn-operator

The svn-operator is a simple, opinionated operator that has following features:

Does not guarantee extremely high availability. (if an SVN server crashes, just wait for a second and retry.)
Only basic authentication is allowed.
Can manage users and repositories declaratively.
Does not provide path-based authorization.

Installation

$ kubectl apply -f https://github.com/genkami/svn-operator/releases/download/v0.2.0/svn-operator.crds.yaml
$ kubectl apply -f https://github.com/genkami/svn-operator/releases/download/v0.2.0/svn-operator.yaml

Examples

The following example creates following resources:

An SVN server svnserver-sample.
A single SVN repository named svnrepository-sample whcih belongs to svnserver-sample.
Two groups named svngroup-sample-reader and svngroup-sample-writer.
The former group has only read permission to the repository and the latter has full access to the repository.
Two users svnuser-sample-reader who belongs to svngroup-sample-reader, and svnuser-sample-writer who belongs to svngroup-sample-writer.

apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNServer
metadata:
  name: svnserver-sample
spec:
  volumeClaimTemplate:
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 512M
---
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNRepository
metadata:
  name: svnrepository-sample
spec:
  svnServer: svnserver-sample
---
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNGroup
metadata:
  name: svngroup-sample-reader
spec:
  svnServer: svnserver-sample
  permissions:
  - repository: svnrepository-sample
    permission: r
---
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNGroup
metadata:
  name: svngroup-sample-writer
spec:
  svnServer: svnserver-sample
  permissions:
  - repository: svnrepository-sample
    permission: rw
---
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNUser
metadata:
  name: svnuser-sample-reader
spec:
  svnServer: svnserver-sample
  groups:
    - name: svngroup-sample-reader
  # The password is 'foobar'
  encryptedPassword: $2y$05$lHorekjyyp9w2fXD/ppQLOJ2N1KmY.9yiJ0mZQlkIeUpUg8enPN4e
---
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNUser
metadata:
  name: svnuser-sample-writer
spec:
  svnServer: svnserver-sample
  groups:
    - name: svngroup-sample-writer
  # The password is 'quux'
  encryptedPassword: $2y$05$skzShfjCsTKCYcvr55ByIO5G7icGU8Lofs2CpmR5AoGho9OzBLb4O

Additionally, if you want to expose SVN server to the internet, you have to set up ingress (or LoadBalancer, etc.) like this:

apiVersion: v1
kind: Service
metadata:
  name: svnserver-sample-lb
spec:
  type: NodePort
  ports:
  - name: http
    port: 80
    targetPort: 80
    protocol: TCP
  selector:
    # These two labels are generated by svn-operator
    app: subversion
    svn.k8s.oyasumi.club/name: svnserver-sample
---
# WARNING: This configuration is INSECURE since svn-operator uses basic auth.
# You must use HTTPS in production environments.
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: svnserver-sample-lb
spec:
  backend:
    serviceName: svnserver-sample-lb
    servicePort: 80

Then you can checkout repositories served under http://<INGRESS_IP_ADDRESS>/repos/.

$ svn checkout http://<INGRESS_IP_ADDRESS>/repos/svnrepository-sample

Authentication realm: <http://<INGRESS_IP_ADDRESS>:80> SVN Server
Username: svnuser-sample-writer
Password for 'svnuser-sample-writer': ****

Checked out revision 0.

Password Encryption

The EncryptedPassword field can be generated by using htpasswd command:

$ htpasswd -nB john | cut -d : -f 2-
New password: 
Re-type new password: 
$2y$05$sZw4te5XgfiRjNVNhLRVuO7cgiqbTAcdPRvzRog0r8Tj.lNAnpKyi

Or dedicated CLI tool that we provide:

$ go get github.com/genkami/svn-operator/cmd/svn-user-gen
$ svn-user-gen -user john
Password: 
Re-type Password: 
apiVersion: svn.k8s.oyasumi.club/v1alpha1
kind: SVNUser
metadata:
  name: john
spec:
  svnServer: TYPE_THE_SERVER_NAME_HERE
  encryptedPassword: $2a$10$teGKPe/vdxOvSRwpCN7iH.Neu.KH8sc.33ylcNSO3bDriKbua/48u

License

Distributed under the Apache License Version 2.0. See LICENSE for more information.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
api
v1alpha1 Package v1alpha1 contains API Schema definitions for the svn v1alpha1 API group +kubebuilder:object:generate=true +groupName=svn.k8s.oyasumi.club	Package v1alpha1 contains API Schema definitions for the svn v1alpha1 API group +kubebuilder:object:generate=true +groupName=svn.k8s.oyasumi.club
cmd
server-updater
svn-user-gen
controllers
pkg
serverupdater Package serverupdater contains functions to update internal state of SVN servers.	Package serverupdater contains functions to update internal state of SVN servers.
svnconfig Package svnconfig generates config files for SVN server.	Package svnconfig generates config files for SVN server.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL